last executing test programs: 4m1.969101445s ago: executing program 2 (id=756): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r1 = gettid() r2 = openat$audio(0xffffffffffffff9c, &(0x7f00000004c0), 0x40081, 0x0) ioctl$SNDCTL_DSP_GETTRIGGER(r2, 0x80045010, &(0x7f0000000500)) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) tkill(r1, 0x2f) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000440)={0x53, 0x0, 0x10, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000380)="851666ce20db", 0x0, 0x10, 0x39, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900}) 4m1.968857196s ago: executing program 2 (id=757): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r1) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) setsockopt$TIPC_IMPORTANCE(r2, 0x10f, 0x7f, &(0x7f0000000140)=0xfffffff9, 0x4) sendmsg$TIPC_NL_SOCK_GET(r1, 0x0, 0x20000844) r3 = socket(0x10, 0x803, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x10) r5 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x110, 0x24, 0xd0f, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0xa, 0xc}}, [@TCA_STAB={0xec, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0x10, 0x3f, 0x916, 0x0, 0x6, 0x0, 0x3}}, {0xa, 0x2, [0x271a, 0x600, 0x3]}}, {{0x1c, 0x1, {0x7, 0xe, 0x7, 0x11, 0x2, 0x80000001, 0xb1d, 0x2}}, {0x8, 0x2, [0x2, 0xfe00]}}, {{0x1c, 0x1, {0x8a, 0x80, 0x6, 0xe0, 0x2, 0x1, 0x100, 0x1}}, {0x6, 0x2, [0x5]}}, {{0x1c, 0x1, {0x19, 0x0, 0x98d7, 0x7, 0x1, 0x10d, 0x8001, 0x2}}, {0x8, 0x2, [0xfffd, 0xb3d7]}}, {{0x1c, 0x1, {0x6, 0xfb, 0xfffe, 0x9, 0x1, 0x1, 0xfffffffc, 0x2}}, {0x8, 0x2, [0x3, 0xf23d]}}, {{0x1c, 0x1, {0x3, 0x9, 0xfffb, 0xd, 0x1, 0x0, 0x527a1f67, 0x7}}, {0x12, 0x2, [0xfc00, 0x3, 0xfff, 0x100, 0xff7a, 0x9, 0x8]}}]}]}, 0x110}}, 0x0) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040020000010000000", @ANYRES32=r8, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3c0000001800010000000000000000000a00000000000000000000000c00090008000000", @ANYRES32=r8, @ANYBLOB="14000500fe800099"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="3c0000001800010045f40000000000000a00000000000000000000000c00090008000000", @ANYRES32=r8, @ANYBLOB="14000500fe8000"], 0x3c}}, 0x0) 4m1.897897612s ago: executing program 2 (id=760): syz_emit_ethernet(0x0, 0x0, 0x0) 4m1.840781663s ago: executing program 2 (id=761): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000140)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x5b81, 0x0, 0x0, 0x9, 0x9, 0x0, 0x0, 0xde}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000740), 0xfffffd9d) r2 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x1810c0, 0x0) fchown(r2, 0xee01, 0x0) r3 = socket$phonet_pipe(0x23, 0x5, 0x2) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) connect$phonet_pipe(r3, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x1}, 0x10) 4m1.703009633s ago: executing program 2 (id=767): r0 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xc0081, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000080)=0x14) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000100)=0x14) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4) ioctl$KVM_GET_FPU(r3, 0x81a0ae8c, &(0x7f0000000180)) 4m1.401058974s ago: executing program 2 (id=772): userfaultfd(0x80801) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) socket$kcm(0xa, 0x2, 0x73) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r1 = io_uring_setup(0x3eaf, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x40000}) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) madvise(&(0x7f0000221000/0x4000)=nil, 0x4000, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff}) fanotify_init(0x200, 0x0) syz_open_dev$loop(&(0x7f0000000000), 0x2, 0x8e001) socket$inet_sctp(0x2, 0x5, 0x84) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) sendmsg$nl_generic(r0, &(0x7f0000000400)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)={&(0x7f0000002700)={0x13bc, 0x29, 0x400, 0x70bd2a, 0x25dfdbfd, {0x14}, [@nested={0x11d2, 0x13c, 0x0, 0x1, [@generic="d7e600395150698ec05126273574ceda3f02476a21a47d357f0d5d990e5614f8135fbf5fc8fdb7576b78d832c23850cd5b25e7de35382a61fa3a74521d38271e0a8a29bfc0670649cffb7e8814f08198d42777c21245de18448182363d30fb60d7eb3df424cce688dc6bf863269b340ac78d8f180e557af98be08fc93b277c160614f51fae18ebc93b970a760f7f33f7dc7bf472c9b867507f750092c938bc3b42352b273d1705247e3e8c520c53801c09a028", @nested={0x4, 0x9e}, @generic="537a16b37ed530d882fd4adc2aedc5af9a98795f8a2a3971bfe87fdbf79fb8819bdb7174cd31aab6268746321aa04fdc809d2b6b53e4f83862fc166e5715ebf9a10d18ed728fe450a287e51db30e1b0eafadf2b7b8b71c0874e3362e9acaad0ee6e81e95", @generic="cacfb8633abfe900fa3f234155e7b8fcf4c7b29a1d3309fd0cf93b373f9c02c3b82e03227e9909b3201a94188a238c91d0619df064f76c8caad85f3307f0133e7411f598bcec9bfdc4020e8676ed7c7c148002cf0226c63eee1c68b3da59ab03d54cd19ac2e241c28dcafec88fd5501aa9e9156ac0078bbecb564690df7ce3c5f45227a776e0a3ae5320ff4f1e28000d60a156884efaabb237ac18fcba86507d7ce23f", @nested={0x4, 0x29}, @nested={0x4, 0x71}, @generic="cee03a6d72bcf6618e1bffa5a90e13ac0174a9f16bc99c4d841281414849ac7263a31950446e53bec02d03958165361c31f13d89048a5865ec626e8995511cec0a04e6848d0e40426bae4651a0395a26e4a6b32a768cd5b4dbdd902c0020714338ddfd86905ef0bda7885e2b4a4adf6852182e79782f04ffd5567f0aec716afda74b75b3b805d66bcba3fab3f7cc7ddd6986fe70d883670990d04b5a5d8c00c6dde16554afd7b8539c5e4bae1c24549314d4942055f285f8b9cc6c6a824d3204115ed0cea3bdd99702942e0380de9b25a923fe66fb318322074ecce1a278ece5d8fa94f870863d8a9216883bcb450193f64667df47b70abbbe0865b5eb413d536c8f3848bf0926bf9e567f28ac18ec8d2a4e563a003bf5b39dd1512bcce72619d17fb33543781c1c698db2aa4db27ad961380e818f09bb257dee4e68e8fc7bea9a0622160b01d4348fd9281d242dcb7c76343e5844758d1c3a0a67c8ec7baacff315506951fdd307cf7b2d6cac9d4bdd961cd535e98c745f15bc7358cc5863ccdbe1fc7e1bff1421b2e3718eb9996422b55e687e279b3b04069551099ae0eb12fa802ac93f91e6a2c879d0469980cd55ae96de5a1c6271d686a55b57a7575b942f17984d4e59140492c2808d841666bd279defa03040ae3e8e6f21d9dbdf12a216bd627277f0ca400ea34c90e3b1fe62d25477a97872553fb05854765734f9dbeda1493c2c1952cc9d00cbf37fe909cc28bcaae132d574e7c62a144b7ef2a8cb0a0d134a8d27e36b94407fa44bcc364542d18c13d79a006a171540e95666af3560b1b68a63ceb1bd763ebae18d4fa0cf8bd8501cbd97a84e39c31276524a089a5cb0a2b0143bd71c3739af10d70028ac449c06bc32ed4a571950bc75b5580faf80b06d19a33d4b358c1951f5bd037494be186a000874650084216d07dfd6866f279ce3f58c67dea7b34de6f142f506d0b9adaba0561445c17f59a6d0660bc40632ab1d6eb80c1f185ee4d1a5a287c0aeac5d90107c5358e95a12cc6cffef140d089d50a7a606ac79e2892318a559bc7b29152d3af5dffa5a105afdaa1ce477dc4438a9268031c5f29efb06719bacc70eb082c29e2eb2120b990a6b4d41b1ee1a2bf88b4d9f0b6c777cf42d9529191852ef08740f7c1049ebba6022221c38b10f3fd6c9fd99142493819f510b2f58f9a57bc791fe426d8a6fc6dbf3a622cba20c5ec4211026e45647a5b9ebbe8e3fd832e8b3eba2eb09ee74ee89647cf8fd19f92bf7d24a344e0ab4e5ccfb0928303270e88e31fc225f62c924da813af139ed0f9ae02e7602dda9f5d9ac3f9135ab52fca465f4286a1a8418b11a15d36cedc4f9e50a17fd9e291b143cadc5526eb2e85b2308e006fb2d6b34d5d23c9dfe05539b8fa8dbac1091750bcdcca086066311ca6c701b7743e20bb20f3392bdf9906cb7fc53de6dcbdc81c3d4e0a1972aea3925732292c588f1084b98f953aec9f640f62548cf11f742b6a4ce1997ef64a76e16b71a99bb8d4d4afae69dcd09753bbc2f0f527beb004650588e06f106d31a9a8464b77f426fef54d5ebd516a9402834e747c403be18953a287091cf72902b97cbc909a553e59acb1d71ba0469b1370ae240fbfd78c9cf7482b56d2db0482f435bcab80aa9e535b921ca25b6526fd76592229e1995cbd31cd807dfbc0f8a910979e8eafdeb0daa2ce2b8ec2392db3d45aead461608634137bc51602bedd395990896ecc649eae8813565f9227bab7d61680b902184434663f74d27c7faa1729912b3faa9e4217591f92d3ad4805c8cd239664f65a8df2289be00f625d5b2ff602565a7f43581119d011c7ab108a2eff06cd190904ad2a70a6630699ff53689a5ed54b6594c64502c11b79b8697df79b577b308c23fc23ac72c8409b6736232b6e5443d8d71cbfaa161b38cb00eea4bf7dfbc0dddff7435e1f2d0f246b1550736e469096232702aa1d332dbdf10247e46c2c45556445f511148129f4f2e83ca8afaeab40b7a8912ba2fe3d7904ae8fa3e823294b5a3bd09c83ac11b31e5aa697de05ab39d5b035543e2b4fa86deda2d9e683d09fb24d064f1d19ca4aab2d1b36f2d6299e8021151b62545b6dd23ebed8ec4ff6837fb98f49d660261024aabddee49f73d8c44e4a60f87d2cf61b9348e8234f2e270abc2ca6a6aa66dcb092bae88769e5a77d0c3633a3ad916ca91c277f9462f7ca4925f9d26daafe2cd1fba8a4a1475b2978b783ddcdf396c079dfb892435952f6269ddd95cf9dd57218cfaf04322e7ce800622cdedd65f16c7af03cfe9b33923aa594d4dbe76415423dbf824716a024ed366f17c817aeb24a10fa896fe5c2d381b5a7527cf6fedcaca43b89395fedd5e10e492a94cf8e6dfa8c4693ff99a4c65a00bc1da6b4835d4dd6365837ea239b1d7259311deb40fd8c4710ede50c5a55e72b5f03d7eb374836d170a71f86771e35de0be9c81638ca00e5ceadc96b0296011b1d186d46b93736626532e49597d0a121c315116688cb8b37222117010e810d25818007e16678edeeb4a3d076a1ff0cd7e56eead2356c9ffa747705d36bcb462db12fa208c9b04039d275b7f8f33f6c68f7be0d38bd3d15d789d1cf355a49636dbd2db352a070067a80f949cd82f3e1483df6ed38a33b1d77d18cd29a9714d765f28ab8bedcd84ec7aaf64f44f5b2d592c6aeb4fdbf1f35dc6cae99142fa9299a50efbe3b1e38a1ad8984d83521287857faba138860a7361a9bc6d0a4806a09ed31e59d5d0019c520bf720253ed7dad66b06623b1fd4e6e2c7af5c623ab017b04b5b7504afa756891a7845c3bacf0790e3df9111b18e539391965034bdbdc727bc31d0e49302dbcf912674d6816434da9ac48bb5b74223bd4e2091b07bed32aecf26f98bd784bd9e5edc9ff2cac4856bd5ae5be33211ed6db818e9a544731a149ee247c049c8017cd05ab79ebfcfa5b7742cc82065437828ee8bb5207ff86bf15e841846d6edd61b09568b66eb9231db1a81e16307f968b99b3692c98ebaa0e9d74e49d979f7ffbb032ca044c804e91d3ac363e565039716aef1a8aa23cbffbfb8ca90c5febdbe12175114fd06f4921e11e3eadb1c1eeb281561bd82188275f06259089a16de2cff5c9a008ff11686a6c0a00b3035e7c94c56dae0d35e62823324b8c5d97d73f8c1dbec20c66489847da2c8dcefefd4496632b076a1f1f3ea62050aaf01ff7c59964b242b4f121bcdabba657ec8ca73aba038d1200e23e704409b752fd3eb8c208723d19e34ea2cc45841e105ae9baf492ead3c2c659729373b5c132c0f58b57e04782a11511627d1fad33a64ab4cead65e66acf167c81fe15688fb0134b4d8a99e7b1cd40e9d8a0a8823af9b81d28fa0493d1ac69c4ffb6589f31bfff8ca96d85404d93efce87f881f3fc5fb6d3043f6a6027489d7007d66c43035e3f0806906353d0a7138dd19918f3a989e1c99cf1b37b034446aa29c2b6df0ec1915e21c859338aafe95b25796f8cfd12c92cec8b6a91729c4aa013f8de6cf6b2cf8feb9d343fbbacf2f2e8cbbae9d0f07a0ca70d0be8cc57d63c1f7222a8c9dab8ed37aee21ff8033c9b478786a0ea743350b72dd0353b92f7355b2b9a1c9143b4eca67c6b69759f65fe6fdbe6f46feb04fa8d16fe8377f34d9e402dd10b3b6e5b555f23963a7f200e6349fba1a1bed24dd9dab49109ac95fce0ede4f8d2ca31ff8ad28b96884db8372cbfdfa7b1a14b0b876d896f8bf0dcd50fcd038daae1c3b7305902dfe25dd0c9061d5673b374fff320ab703916ded7e8370029326018786453632bfc701b91349a6a634dbf1f9554933f992f4c0f32af131490bef1453df740970eb248d3b9b30fdd37846efd24f200e4bd621caca748c5052416d4719aba689ce83b9d6b86d8caeeb5dc8a9335091fc95d08134a465f2fb2e4c74792ed5065e8983e80fa1c383585416330d7779c8adbea20483bd024c4b2968dac316425a1438723a9d5449218adc587941d545703593b41c91782d54c16831e2280cd82ec2a0934bd458469963687f7fd890a5d5899e586c131e94f1d91f01c025caef2459f7429435c61871e9dc890af3aa6cea6b58c9f239a5eaa659d03d96f14ae79c45965fb9ca5e41b77dc02979bbb4cbd7224ebfdb3b5242a3ba9810c34e645f57e888bc7cbc7e3e95ab41fd66616633d32f0d902674f220db6887fcbdd6f22d0a22dd970e119501c87b3bd12e9fafd4b103aab9283e53d8ea2b625d6c61efcb1ab7e69fdafa09c65c0cd87181334387dbe98074852d5f8f6e0a15b08dfd8d23d1fb02cb0e8ba5dc430c8dbe860c174b6ed579c1331d540c652083c20720278c5be53351daaf8152b5a4e12238acf0a81122cae28a6462fe4b6018c228e46dce432a09d7b0d760a85ce17d17cff230aca39e935e201051bb089085920c1d841e785078bf58ec47e7496952890f676800fb9637fa964e64396d23a27d531f2ff93752320f614c3004d0a418408495a199906db47e9639fe3726b95bd1dc2fa16a20ca5cb266cd3b39774274b32bb17342fc02319857451b4d4d73fbcf2a0a805ee0fce9761501f765ecd8630317d187aba4e2b8d5561bdee5fd99b316804bdb22da4131a9df064ae43abf939e94bc6121d5d1bb780cc8798c375fa0ff7309ba88bd0da948763f40a836153ef0a28753d657ca8df78b01b6970d8c177dd2daeb8b55dec09d4e6fb884093998c9b1d970489aa6bb541ca5230ea308e54f6952579632dfa683b842d2efac36bde06c5b34ffcad9fa8a0b543c53a48b2df190fdc7360b2c227c6ec1d4d4135da6b9a083964ccb37f37d4215ef943272d22d4d26a9c31433097298ea9785c44a7c1cbf29649f2fcb064ea1d97985c639d5fa68906dd05c3001ff53ef80979a8e39dbaa6cd577f4bf23c8c585622d13964434d8f6a0979bf445c5cd1d5d8d3629fd05c3d4766aca39c5dbb0baeb9ebfbc16f9f462b923f13b42729fb55d9662bec22cd13416b24528000ce43149ee9ed3d057ecf91bb8095d8d37348b070f37795c0760da3c8db8cb9ed0bc69601c11be11fbc795b45df934619c0920037e12495d461c82af9d8f0098e9dca248a3b06c96052ba0a48aff8146964f256c801a7c7a6683acd93280b2542bb118d240f9c2e64bddfa7e05facda40816b1317f5f3149b4fea749350b84ed5699c2cd3af5971faddac70ff231fe89ce2dc368a43814950bd93ecebae5de1593d6fae9e2e5dc0ca4002cf7a8ca38a2b7260282d5664350a4ec993d106ff08f2110a4aa8928202146f82e8b4ec86d7f7bb40d6dab966520549b41f69b2dd3eedb143156cbb1d9a65124f2ceadbcfc492727e0bebc42d7fc9a8e96fc4991a5bad9ac9eec8350be909f5c739e377ca2da67da206ac0311286fc095f3b18bb3af6e47d4fd8548233488611e0381d89a141b3d2b3ce4cf474c129cc4e40583fb20ab8b8e7060118c65fdd91f8a489dfc1a977ef26868263430a2bc18cc27a5cbaf9525ec8b2a3dfba7bee6f3d3597402afacb6bf2c0095537b388d230d0d6d088c4300acd493f0c77ae1c8eea339f14cc223cc65247d7738d60d0874b0faa98ed53a57351d20bac1d64ff5d30d5009a8b62cdd6a8e99619a3bd7900352cc182c4c3ae0c625526619335e1a2b3cf483d916dfde2e479bee6cfd9c2c98f7a5685bbeac290a4a1a01e69926d7a45040bcf374586c6abb71a152ef5657a8992fd79c34beb00a16584f518d2652bfc66597993a40dc82d3587128a993a0c31eb93f7a06aa0ed3c4d7d5776", @nested={0x4, 0x9c}, @nested={0x4, 0x80}]}, @generic="6ebe518e090b6eb68b857231938124a96d157e69c0daf33112a8aaeab2e0cd8ea938152555339bf724dc45ccd8eaf22dde65d7ea1c3bc1dbc8accaed62dffbb734cb0ed2c767337a1d878eca0b3124ce510d4c5b8969bdcb9e3d88c39facb5fede0ef6f7440a928c712cd50f2cdf83a2cbdfd1ec872784e7ac376355b3efb714e5a9e9e258ffee9a737f3b268e26cdda603de2b557aa473388ece9dbcc2ae807c0b01f6e55057db48ad981ac550e8a1886f948d9b4b4746bab4900eaeae4ca1b81af8e9cf722d3f59272315c361b7a71ed8377cbc846bdbffe680cd54909b4b5b272b75ea834d09168977fb300761b1fae", @nested={0x18, 0x147, 0x0, 0x1, [@typed={0x4, 0x1}, @nested={0x4, 0x12e}, @typed={0x7, 0x8a, 0x0, 0x0, @str=',{\x00'}, @nested={0x4, 0x9b}]}, @typed={0xc6, 0x135, 0x0, 0x0, @binary="d3bc01c9548fa492cd6a03180347899000c85ee0cd7c15eaddb5580e6421e9464fc343c767844824a5256591593b4f35541834a632ca2531e16a7d83b0a60215f425e1cea480aeba2306a6b23f1a0b88c1cb44550baf5357d7a7a97dee2c06c7d61ebc8bfea7ef67ae59078893fcb6d604ff9a831a99a8b3fe695804f5f719b3d19c81499a764db1a0c46a45a73fb49cd32bbe33b320f9c986d443a9d85ffd275f73ceb14a67b606979a2c319d2d82f79a21e3ed056feb38acc34ffa074d75e44527"}]}, 0x13bc}, 0x1, 0x0, 0x0, 0x8000}, 0xc000) r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) mmap(&(0x7f00002c0000/0x4000)=nil, 0x4000, 0x3000002, 0x4010, r0, 0x776e2000) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[0x0], 0x1}) socket$phonet_pipe(0x23, 0x5, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) ioctl$KVM_GET_DEBUGREGS(r2, 0x8080aea1, &(0x7f0000000300)) mount$bpf(0x0, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000240), 0x818892, &(0x7f0000000000)={[{@uid={'uid', 0x3d, r5}}]}) open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) syz_emit_ethernet(0x66, &(0x7f0000000c00)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00\x00\b', 0x30, 0x3a, 0xff, @local, @mcast2, {[], @ndisc_redir={0x87, 0x0, 0x0, '\x00', @local, @mcast2={0xe}, [{0x1, 0x1, "2025b07f3c58"}]}}}}}}, 0x0) ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r4], &(0x7f0000000180), &(0x7f0000000200), &(0x7f0000000280)}) 4m1.395511842s ago: executing program 32 (id=772): userfaultfd(0x80801) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) socket$kcm(0xa, 0x2, 0x73) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r1 = io_uring_setup(0x3eaf, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x40000}) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) madvise(&(0x7f0000221000/0x4000)=nil, 0x4000, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff}) fanotify_init(0x200, 0x0) syz_open_dev$loop(&(0x7f0000000000), 0x2, 0x8e001) socket$inet_sctp(0x2, 0x5, 0x84) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) sendmsg$nl_generic(r0, &(0x7f0000000400)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)={&(0x7f0000002700)={0x13bc, 0x29, 0x400, 0x70bd2a, 0x25dfdbfd, {0x14}, [@nested={0x11d2, 0x13c, 0x0, 0x1, [@generic="d7e600395150698ec05126273574ceda3f02476a21a47d357f0d5d990e5614f8135fbf5fc8fdb7576b78d832c23850cd5b25e7de35382a61fa3a74521d38271e0a8a29bfc0670649cffb7e8814f08198d42777c21245de18448182363d30fb60d7eb3df424cce688dc6bf863269b340ac78d8f180e557af98be08fc93b277c160614f51fae18ebc93b970a760f7f33f7dc7bf472c9b867507f750092c938bc3b42352b273d1705247e3e8c520c53801c09a028", @nested={0x4, 0x9e}, @generic="537a16b37ed530d882fd4adc2aedc5af9a98795f8a2a3971bfe87fdbf79fb8819bdb7174cd31aab6268746321aa04fdc809d2b6b53e4f83862fc166e5715ebf9a10d18ed728fe450a287e51db30e1b0eafadf2b7b8b71c0874e3362e9acaad0ee6e81e95", @generic="cacfb8633abfe900fa3f234155e7b8fcf4c7b29a1d3309fd0cf93b373f9c02c3b82e03227e9909b3201a94188a238c91d0619df064f76c8caad85f3307f0133e7411f598bcec9bfdc4020e8676ed7c7c148002cf0226c63eee1c68b3da59ab03d54cd19ac2e241c28dcafec88fd5501aa9e9156ac0078bbecb564690df7ce3c5f45227a776e0a3ae5320ff4f1e28000d60a156884efaabb237ac18fcba86507d7ce23f", @nested={0x4, 0x29}, @nested={0x4, 0x71}, @generic="cee03a6d72bcf6618e1bffa5a90e13ac0174a9f16bc99c4d841281414849ac7263a31950446e53bec02d03958165361c31f13d89048a5865ec626e8995511cec0a04e6848d0e40426bae4651a0395a26e4a6b32a768cd5b4dbdd902c0020714338ddfd86905ef0bda7885e2b4a4adf6852182e79782f04ffd5567f0aec716afda74b75b3b805d66bcba3fab3f7cc7ddd6986fe70d883670990d04b5a5d8c00c6dde16554afd7b8539c5e4bae1c24549314d4942055f285f8b9cc6c6a824d3204115ed0cea3bdd99702942e0380de9b25a923fe66fb318322074ecce1a278ece5d8fa94f870863d8a9216883bcb450193f64667df47b70abbbe0865b5eb413d536c8f3848bf0926bf9e567f28ac18ec8d2a4e563a003bf5b39dd1512bcce72619d17fb33543781c1c698db2aa4db27ad961380e818f09bb257dee4e68e8fc7bea9a0622160b01d4348fd9281d242dcb7c76343e5844758d1c3a0a67c8ec7baacff315506951fdd307cf7b2d6cac9d4bdd961cd535e98c745f15bc7358cc5863ccdbe1fc7e1bff1421b2e3718eb9996422b55e687e279b3b04069551099ae0eb12fa802ac93f91e6a2c879d0469980cd55ae96de5a1c6271d686a55b57a7575b942f17984d4e59140492c2808d841666bd279defa03040ae3e8e6f21d9dbdf12a216bd627277f0ca400ea34c90e3b1fe62d25477a97872553fb05854765734f9dbeda1493c2c1952cc9d00cbf37fe909cc28bcaae132d574e7c62a144b7ef2a8cb0a0d134a8d27e36b94407fa44bcc364542d18c13d79a006a171540e95666af3560b1b68a63ceb1bd763ebae18d4fa0cf8bd8501cbd97a84e39c31276524a089a5cb0a2b0143bd71c3739af10d70028ac449c06bc32ed4a571950bc75b5580faf80b06d19a33d4b358c1951f5bd037494be186a000874650084216d07dfd6866f279ce3f58c67dea7b34de6f142f506d0b9adaba0561445c17f59a6d0660bc40632ab1d6eb80c1f185ee4d1a5a287c0aeac5d90107c5358e95a12cc6cffef140d089d50a7a606ac79e2892318a559bc7b29152d3af5dffa5a105afdaa1ce477dc4438a9268031c5f29efb06719bacc70eb082c29e2eb2120b990a6b4d41b1ee1a2bf88b4d9f0b6c777cf42d9529191852ef08740f7c1049ebba6022221c38b10f3fd6c9fd99142493819f510b2f58f9a57bc791fe426d8a6fc6dbf3a622cba20c5ec4211026e45647a5b9ebbe8e3fd832e8b3eba2eb09ee74ee89647cf8fd19f92bf7d24a344e0ab4e5ccfb0928303270e88e31fc225f62c924da813af139ed0f9ae02e7602dda9f5d9ac3f9135ab52fca465f4286a1a8418b11a15d36cedc4f9e50a17fd9e291b143cadc5526eb2e85b2308e006fb2d6b34d5d23c9dfe05539b8fa8dbac1091750bcdcca086066311ca6c701b7743e20bb20f3392bdf9906cb7fc53de6dcbdc81c3d4e0a1972aea3925732292c588f1084b98f953aec9f640f62548cf11f742b6a4ce1997ef64a76e16b71a99bb8d4d4afae69dcd09753bbc2f0f527beb004650588e06f106d31a9a8464b77f426fef54d5ebd516a9402834e747c403be18953a287091cf72902b97cbc909a553e59acb1d71ba0469b1370ae240fbfd78c9cf7482b56d2db0482f435bcab80aa9e535b921ca25b6526fd76592229e1995cbd31cd807dfbc0f8a910979e8eafdeb0daa2ce2b8ec2392db3d45aead461608634137bc51602bedd395990896ecc649eae8813565f9227bab7d61680b902184434663f74d27c7faa1729912b3faa9e4217591f92d3ad4805c8cd239664f65a8df2289be00f625d5b2ff602565a7f43581119d011c7ab108a2eff06cd190904ad2a70a6630699ff53689a5ed54b6594c64502c11b79b8697df79b577b308c23fc23ac72c8409b6736232b6e5443d8d71cbfaa161b38cb00eea4bf7dfbc0dddff7435e1f2d0f246b1550736e469096232702aa1d332dbdf10247e46c2c45556445f511148129f4f2e83ca8afaeab40b7a8912ba2fe3d7904ae8fa3e823294b5a3bd09c83ac11b31e5aa697de05ab39d5b035543e2b4fa86deda2d9e683d09fb24d064f1d19ca4aab2d1b36f2d6299e8021151b62545b6dd23ebed8ec4ff6837fb98f49d660261024aabddee49f73d8c44e4a60f87d2cf61b9348e8234f2e270abc2ca6a6aa66dcb092bae88769e5a77d0c3633a3ad916ca91c277f9462f7ca4925f9d26daafe2cd1fba8a4a1475b2978b783ddcdf396c079dfb892435952f6269ddd95cf9dd57218cfaf04322e7ce800622cdedd65f16c7af03cfe9b33923aa594d4dbe76415423dbf824716a024ed366f17c817aeb24a10fa896fe5c2d381b5a7527cf6fedcaca43b89395fedd5e10e492a94cf8e6dfa8c4693ff99a4c65a00bc1da6b4835d4dd6365837ea239b1d7259311deb40fd8c4710ede50c5a55e72b5f03d7eb374836d170a71f86771e35de0be9c81638ca00e5ceadc96b0296011b1d186d46b93736626532e49597d0a121c315116688cb8b37222117010e810d25818007e16678edeeb4a3d076a1ff0cd7e56eead2356c9ffa747705d36bcb462db12fa208c9b04039d275b7f8f33f6c68f7be0d38bd3d15d789d1cf355a49636dbd2db352a070067a80f949cd82f3e1483df6ed38a33b1d77d18cd29a9714d765f28ab8bedcd84ec7aaf64f44f5b2d592c6aeb4fdbf1f35dc6cae99142fa9299a50efbe3b1e38a1ad8984d83521287857faba138860a7361a9bc6d0a4806a09ed31e59d5d0019c520bf720253ed7dad66b06623b1fd4e6e2c7af5c623ab017b04b5b7504afa756891a7845c3bacf0790e3df9111b18e539391965034bdbdc727bc31d0e49302dbcf912674d6816434da9ac48bb5b74223bd4e2091b07bed32aecf26f98bd784bd9e5edc9ff2cac4856bd5ae5be33211ed6db818e9a544731a149ee247c049c8017cd05ab79ebfcfa5b7742cc82065437828ee8bb5207ff86bf15e841846d6edd61b09568b66eb9231db1a81e16307f968b99b3692c98ebaa0e9d74e49d979f7ffbb032ca044c804e91d3ac363e565039716aef1a8aa23cbffbfb8ca90c5febdbe12175114fd06f4921e11e3eadb1c1eeb281561bd82188275f06259089a16de2cff5c9a008ff11686a6c0a00b3035e7c94c56dae0d35e62823324b8c5d97d73f8c1dbec20c66489847da2c8dcefefd4496632b076a1f1f3ea62050aaf01ff7c59964b242b4f121bcdabba657ec8ca73aba038d1200e23e704409b752fd3eb8c208723d19e34ea2cc45841e105ae9baf492ead3c2c659729373b5c132c0f58b57e04782a11511627d1fad33a64ab4cead65e66acf167c81fe15688fb0134b4d8a99e7b1cd40e9d8a0a8823af9b81d28fa0493d1ac69c4ffb6589f31bfff8ca96d85404d93efce87f881f3fc5fb6d3043f6a6027489d7007d66c43035e3f0806906353d0a7138dd19918f3a989e1c99cf1b37b034446aa29c2b6df0ec1915e21c859338aafe95b25796f8cfd12c92cec8b6a91729c4aa013f8de6cf6b2cf8feb9d343fbbacf2f2e8cbbae9d0f07a0ca70d0be8cc57d63c1f7222a8c9dab8ed37aee21ff8033c9b478786a0ea743350b72dd0353b92f7355b2b9a1c9143b4eca67c6b69759f65fe6fdbe6f46feb04fa8d16fe8377f34d9e402dd10b3b6e5b555f23963a7f200e6349fba1a1bed24dd9dab49109ac95fce0ede4f8d2ca31ff8ad28b96884db8372cbfdfa7b1a14b0b876d896f8bf0dcd50fcd038daae1c3b7305902dfe25dd0c9061d5673b374fff320ab703916ded7e8370029326018786453632bfc701b91349a6a634dbf1f9554933f992f4c0f32af131490bef1453df740970eb248d3b9b30fdd37846efd24f200e4bd621caca748c5052416d4719aba689ce83b9d6b86d8caeeb5dc8a9335091fc95d08134a465f2fb2e4c74792ed5065e8983e80fa1c383585416330d7779c8adbea20483bd024c4b2968dac316425a1438723a9d5449218adc587941d545703593b41c91782d54c16831e2280cd82ec2a0934bd458469963687f7fd890a5d5899e586c131e94f1d91f01c025caef2459f7429435c61871e9dc890af3aa6cea6b58c9f239a5eaa659d03d96f14ae79c45965fb9ca5e41b77dc02979bbb4cbd7224ebfdb3b5242a3ba9810c34e645f57e888bc7cbc7e3e95ab41fd66616633d32f0d902674f220db6887fcbdd6f22d0a22dd970e119501c87b3bd12e9fafd4b103aab9283e53d8ea2b625d6c61efcb1ab7e69fdafa09c65c0cd87181334387dbe98074852d5f8f6e0a15b08dfd8d23d1fb02cb0e8ba5dc430c8dbe860c174b6ed579c1331d540c652083c20720278c5be53351daaf8152b5a4e12238acf0a81122cae28a6462fe4b6018c228e46dce432a09d7b0d760a85ce17d17cff230aca39e935e201051bb089085920c1d841e785078bf58ec47e7496952890f676800fb9637fa964e64396d23a27d531f2ff93752320f614c3004d0a418408495a199906db47e9639fe3726b95bd1dc2fa16a20ca5cb266cd3b39774274b32bb17342fc02319857451b4d4d73fbcf2a0a805ee0fce9761501f765ecd8630317d187aba4e2b8d5561bdee5fd99b316804bdb22da4131a9df064ae43abf939e94bc6121d5d1bb780cc8798c375fa0ff7309ba88bd0da948763f40a836153ef0a28753d657ca8df78b01b6970d8c177dd2daeb8b55dec09d4e6fb884093998c9b1d970489aa6bb541ca5230ea308e54f6952579632dfa683b842d2efac36bde06c5b34ffcad9fa8a0b543c53a48b2df190fdc7360b2c227c6ec1d4d4135da6b9a083964ccb37f37d4215ef943272d22d4d26a9c31433097298ea9785c44a7c1cbf29649f2fcb064ea1d97985c639d5fa68906dd05c3001ff53ef80979a8e39dbaa6cd577f4bf23c8c585622d13964434d8f6a0979bf445c5cd1d5d8d3629fd05c3d4766aca39c5dbb0baeb9ebfbc16f9f462b923f13b42729fb55d9662bec22cd13416b24528000ce43149ee9ed3d057ecf91bb8095d8d37348b070f37795c0760da3c8db8cb9ed0bc69601c11be11fbc795b45df934619c0920037e12495d461c82af9d8f0098e9dca248a3b06c96052ba0a48aff8146964f256c801a7c7a6683acd93280b2542bb118d240f9c2e64bddfa7e05facda40816b1317f5f3149b4fea749350b84ed5699c2cd3af5971faddac70ff231fe89ce2dc368a43814950bd93ecebae5de1593d6fae9e2e5dc0ca4002cf7a8ca38a2b7260282d5664350a4ec993d106ff08f2110a4aa8928202146f82e8b4ec86d7f7bb40d6dab966520549b41f69b2dd3eedb143156cbb1d9a65124f2ceadbcfc492727e0bebc42d7fc9a8e96fc4991a5bad9ac9eec8350be909f5c739e377ca2da67da206ac0311286fc095f3b18bb3af6e47d4fd8548233488611e0381d89a141b3d2b3ce4cf474c129cc4e40583fb20ab8b8e7060118c65fdd91f8a489dfc1a977ef26868263430a2bc18cc27a5cbaf9525ec8b2a3dfba7bee6f3d3597402afacb6bf2c0095537b388d230d0d6d088c4300acd493f0c77ae1c8eea339f14cc223cc65247d7738d60d0874b0faa98ed53a57351d20bac1d64ff5d30d5009a8b62cdd6a8e99619a3bd7900352cc182c4c3ae0c625526619335e1a2b3cf483d916dfde2e479bee6cfd9c2c98f7a5685bbeac290a4a1a01e69926d7a45040bcf374586c6abb71a152ef5657a8992fd79c34beb00a16584f518d2652bfc66597993a40dc82d3587128a993a0c31eb93f7a06aa0ed3c4d7d5776", @nested={0x4, 0x9c}, @nested={0x4, 0x80}]}, @generic="6ebe518e090b6eb68b857231938124a96d157e69c0daf33112a8aaeab2e0cd8ea938152555339bf724dc45ccd8eaf22dde65d7ea1c3bc1dbc8accaed62dffbb734cb0ed2c767337a1d878eca0b3124ce510d4c5b8969bdcb9e3d88c39facb5fede0ef6f7440a928c712cd50f2cdf83a2cbdfd1ec872784e7ac376355b3efb714e5a9e9e258ffee9a737f3b268e26cdda603de2b557aa473388ece9dbcc2ae807c0b01f6e55057db48ad981ac550e8a1886f948d9b4b4746bab4900eaeae4ca1b81af8e9cf722d3f59272315c361b7a71ed8377cbc846bdbffe680cd54909b4b5b272b75ea834d09168977fb300761b1fae", @nested={0x18, 0x147, 0x0, 0x1, [@typed={0x4, 0x1}, @nested={0x4, 0x12e}, @typed={0x7, 0x8a, 0x0, 0x0, @str=',{\x00'}, @nested={0x4, 0x9b}]}, @typed={0xc6, 0x135, 0x0, 0x0, @binary="d3bc01c9548fa492cd6a03180347899000c85ee0cd7c15eaddb5580e6421e9464fc343c767844824a5256591593b4f35541834a632ca2531e16a7d83b0a60215f425e1cea480aeba2306a6b23f1a0b88c1cb44550baf5357d7a7a97dee2c06c7d61ebc8bfea7ef67ae59078893fcb6d604ff9a831a99a8b3fe695804f5f719b3d19c81499a764db1a0c46a45a73fb49cd32bbe33b320f9c986d443a9d85ffd275f73ceb14a67b606979a2c319d2d82f79a21e3ed056feb38acc34ffa074d75e44527"}]}, 0x13bc}, 0x1, 0x0, 0x0, 0x8000}, 0xc000) r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) mmap(&(0x7f00002c0000/0x4000)=nil, 0x4000, 0x3000002, 0x4010, r0, 0x776e2000) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[0x0], 0x1}) socket$phonet_pipe(0x23, 0x5, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) ioctl$KVM_GET_DEBUGREGS(r2, 0x8080aea1, &(0x7f0000000300)) mount$bpf(0x0, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000240), 0x818892, &(0x7f0000000000)={[{@uid={'uid', 0x3d, r5}}]}) open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) syz_emit_ethernet(0x66, &(0x7f0000000c00)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00\x00\b', 0x30, 0x3a, 0xff, @local, @mcast2, {[], @ndisc_redir={0x87, 0x0, 0x0, '\x00', @local, @mcast2={0xe}, [{0x1, 0x1, "2025b07f3c58"}]}}}}}}, 0x0) ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r4], &(0x7f0000000180), &(0x7f0000000200), &(0x7f0000000280)}) 3m21.150609699s ago: executing program 0 (id=1359): bind$inet6(0xffffffffffffffff, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x54, 0x1, 0xfffe, {0x5, 0x1}, {0x4a, 0x2}, @rumble={0x105, 0xffff}}) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, &(0x7f00000007c0), 0x10, 0x0, @void, @value}, 0x94) r1 = add_key$user(&(0x7f0000000280), &(0x7f0000000000)={'syz', 0x3}, &(0x7f00000000c0)="b8", 0x1, 0xfffffffffffffffe) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000340)={0x1, 0x6, 0x5}) r2 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f0000000340), 0x584, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000080)={r1, r2, r2}, 0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={'crct10dif\x00'}}) ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f00000004c0)={0x8001, r0, 0x80000}) getpeername$packet(r3, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000540)=0x14) setsockopt$inet6_IPV6_PKTINFO(r3, 0x29, 0x32, &(0x7f0000000580)={@private1={0xfc, 0x1, '\x00', 0x1}, r4}, 0x14) r5 = socket$alg(0x26, 0x5, 0x0) prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) sendmsg$NFC_CMD_ENABLE_SE(0xffffffffffffffff, 0x0, 0x20040000) timerfd_create(0x0, 0x0) madvise(&(0x7f0000e95000/0x4000)=nil, 0x4000, 0x12) syz_clone3(&(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) bind$alg(r5, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000a80)="93378e62cf9b48cb59638401fcd1730172853a9fa8952a996042ab60ae29f1c1", 0x20) r6 = accept4(r5, 0x0, 0x0, 0x0) r7 = add_key$keyring(&(0x7f0000000400), &(0x7f0000000480)={'syz', 0x0}, 0x0, 0x0, 0x0) add_key$fscrypt_v1(&(0x7f0000000240), &(0x7f00000002c0)={'fscrypt:', @desc2}, &(0x7f0000000380)={0x0, "a41ed068b606b58854f4651607fed33041f96d43f85a9d802b0af9b8f44698af986dbf02ddefd558ae22d9ee811d7fdfba3d51b9ab2938cc043ef2babc5e4893", 0x15}, 0x48, r7) recvmmsg$unix(r6, &(0x7f0000000d80)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000080)=""/10, 0xa}], 0x1}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000300)=""/17, 0x11}], 0x1}}], 0x2, 0x12161, 0x0) r8 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r8, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001) setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, 0x0, 0x0) r9 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01) ioctl$EVIOCGLED(r9, 0x80404519, &(0x7f0000000140)=""/130) 3m21.06043042s ago: executing program 0 (id=1360): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x48882, 0x0) dup(r0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async) sendfile(r0, r0, 0x0, 0x400000000003f) 3m18.360153483s ago: executing program 0 (id=1394): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) r2 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r2, 0x29, 0x24, &(0x7f0000000000)=0x400, 0x4) write$tun(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="000086dd0000110000000000000060ec970000302c00fe8000000000000000000000000000aaff0200000000000000000000000000013a"], 0xfdef) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x32, 0x1, 0x0, 0x0, "", [@nested={0x102, 0x0, 0x0, 0x1, [@typed={0xc, 0x3ffe, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f"]}]}, 0x114}], 0x1}, 0x0) 3m14.440195302s ago: executing program 0 (id=1396): r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x300000f, 0x12, r0, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000a80)="3dfeb167f3ccc51b8ec0ba896a6d39292279e90f7abfdaee0f52b8a3554c9122ce1f6ed327282ad8c2d74bb1a770183e755b9f37cc301f5392a0e4831635410fe4b2a8e6bdb04d5d", 0x1f00, 0x48) syz_clone(0x8000, &(0x7f0000000040)="992b97d4e6009de59cc445bec44f3a86128d9daa959d8962082c9d012ac0095efb3d831d45fb240a039bcc1683096bedcdd861b8fc24ba2fbcea54149275afe3ed2a42bc16cd966799709a45b74a824b7f9a4696234fe0a63bf05c169de11083dc090c04b7a85f1bbc", 0x69, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)="6c91ef052ba630c62079a85add0b6117a74d01fcc95308ad161556a667f4f2fdf05f72c695094618243ab2273d401fdc4bdf3fca1af7bde763d0deab5c2a5427f4e84c3a1a83a05c2c2107fedf3d6cd0f88684a510a2ebe03b90b78d9c842d93bd4645bf785b079a15c90cc499729268aa62e4237cfd357d6f368ef268c933f8308a975f70018a61e212187618e00daed98bb5d05b04042683438e0fc6e23564f78621605f2b7aa0f90ed9ff8eb25baf9f0098f5b4ab1eb47410cf98f4739a48b9f81cf6e6f427") syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x7080100, 0x0, 0x0, 0x0, 0x0, 0x0) 3m14.293118237s ago: executing program 0 (id=1399): creat(&(0x7f0000000080)='./bus\x00', 0x0) mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r0, &(0x7f0000000180)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0x101000, 0x30, 0x8) 3m14.168766123s ago: executing program 0 (id=1405): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x4000892) mknod$loop(&(0x7f0000000100)='./file0\x00', 0x0, 0x1) mount(&(0x7f0000000080)=@sr0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='efs\x00', 0x483, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002001100000004000100080004"], 0x44}}, 0x8090) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'hsr0\x00', 0x0}) ioperm(0x0, 0x6, 0x10000) symlinkat(0x0, 0xffffffffffffff9c, 0x0) r5 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f00000000c0)={0x1, 0x8, 0x1, 0xfffffffa, @vifc_lcl_ifindex=r4, @local}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r4, @ANYBLOB="000000008a080200f7bcd5453884e28c6fddabcfc86e9d09697d70bc816ab28e8e5a78603a3447ff31e1d033940081cc850b721a0c822661461bbd943ffd7509eff95cff0d580a8f6eb0b2b396c2f43d085d0022a9a50364c8b93e1a68"], 0x20}}, 0x8000) r6 = socket(0x22, 0x3, 0x0) bind$inet(r6, &(0x7f0000000340)={0x22, 0x4e20, @loopback}, 0x57) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, &(0x7f0000000080)={0x0, 0xe0}, &(0x7f0000000180)=0xffffffffffffffc6) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f00000001c0)={r7, 0x200, 0x10}, 0xc) madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1) 2m59.100052292s ago: executing program 33 (id=1405): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x4000892) mknod$loop(&(0x7f0000000100)='./file0\x00', 0x0, 0x1) mount(&(0x7f0000000080)=@sr0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='efs\x00', 0x483, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002001100000004000100080004"], 0x44}}, 0x8090) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'hsr0\x00', 0x0}) ioperm(0x0, 0x6, 0x10000) symlinkat(0x0, 0xffffffffffffff9c, 0x0) r5 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f00000000c0)={0x1, 0x8, 0x1, 0xfffffffa, @vifc_lcl_ifindex=r4, @local}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r4, @ANYBLOB="000000008a080200f7bcd5453884e28c6fddabcfc86e9d09697d70bc816ab28e8e5a78603a3447ff31e1d033940081cc850b721a0c822661461bbd943ffd7509eff95cff0d580a8f6eb0b2b396c2f43d085d0022a9a50364c8b93e1a68"], 0x20}}, 0x8000) r6 = socket(0x22, 0x3, 0x0) bind$inet(r6, &(0x7f0000000340)={0x22, 0x4e20, @loopback}, 0x57) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, &(0x7f0000000080)={0x0, 0xe0}, &(0x7f0000000180)=0xffffffffffffffc6) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f00000001c0)={r7, 0x200, 0x10}, 0xc) madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1) 1m40.021545701s ago: executing program 3 (id=2867): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x1000000, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, 0x0, 0x0) syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0xc2, 0xa}, {0xfff7, 0x9940, 0x0, 0x9, 0xe8df}}}}, 0x17) syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{0x18, 0x17}, {@any, "8bc8c1ffaf5c0d995bac018bb5fe9cf0", 0x7a}}}, 0x1a) openat$vcsu(0xffffff9c, &(0x7f0000000240), 0x401, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0xfffffffffffffdfa) chdir(&(0x7f0000000280)='./file0\x00') 1m39.949913323s ago: executing program 3 (id=2868): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001600), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001640)={0x1c, r1, 0x1, 0x70bd29, 0x25dfdbfb, {0x1, 0x0, 0xffff}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4c080) 1m39.870798461s ago: executing program 3 (id=2870): socket$inet6(0xa, 0x200000000003, 0x87) syz_emit_ethernet(0x3a, &(0x7f0000000040)={@broadcast, @random='\x00\x00\x00\x00\x00,', @val={@void, {0x8100, 0x0, 0x0, 0x4}}, {@ipv6={0x86dd, @generic={0x0, 0x6, "03136c", 0x0, 0x87, 0x0, @private1, @mcast2}}}}, 0x0) 1m39.870508938s ago: executing program 3 (id=2871): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02008000000059a35e320244bcfd6c689418fe122eb3d1855e31937c807d5a022473ae969ad0de3280adb488eecb849a0a9d88565eb002fd5fd13b8effffffff4d6b91be4b13e4903380e005e51bac2e385c2e2bf7dc8524a7384ecfed50422dece7237a0042d114af0a4fef904798f8eae0080ccb5866255f776454b7764c835a01377fb9cac0d065b9238fbb6cc900e76af7771392304ab45728ea19f96b9c1143813081e63b2914dc2af465adfa49552938ef722a7d5aaf58e375e936283c5feaf6519a51603839ce868c7cc4ec54ec0e9243641c136421fb6272f9c0717016a6b0f31b3ab9984c73828e69bf6867366574e81b63684cba9a566082393f7f86857a9bc21252468cff45ea86c7d24e2e355c096cef4a1a448f63a6d66901160a908abd18112db6deba931cf5524e845a008372ebe9fe497bef14c81a02e239a4cb5340d9df2d680d03b75ad632d188f22ee6551783e7b6ff3858dbd605d9f7413bee1f4a6d5454ff53e6c71f775c3915bdf6721e9662fdea3bc1f7e53c22f5675d8f6dc2bbef2c819245e432f4fc30f68e75ac9d995859a8e8ffe14132ec051ff4409e1f", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000052671fe900"/28], 0x48) dup3(r0, r1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES16=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000008000000bf0900000000000055090100000000009500000000000000b7020000000000007b9af8ff00000000b5090c00000000007baaf0ff00000000bc8608000000000027080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018280000", @ANYRES32, @ANYBLOB="0000000000000000b70c0000080000001600000007000000bf9110000000000056080000000000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, r1, 0x0) r2 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x400, 0x1000}) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0), 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000140)=0xfffffffffffffffe, 0xb, 0x3) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='cpuacct.usage_sys\x00', 0x275a, 0x0) r3 = socket$netlink(0x10, 0x3, 0x4) writev(r3, &(0x7f0000000480)=[{&(0x7f0000000180)="480000001400197f09004b0101048c590288ffffff010001000000000028213ee20600d4ff5bffff00c7e5ed5e00000000000000000000eaf60d18125d4b18857a9eace3dbe8b12c", 0xfe0e}], 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000500)={0x0, 0x2, {0x8000000000000000, @struct={0x1, 0x3}, 0x0, 0x4, 0x6, 0xa, 0x0, 0x7fff, 0x1a, @usage=0x6, 0x398ddeaa, 0x82, [0x7, 0x9, 0xffa3, 0x8000000000000000, 0x100, 0x80000000]}, {0x1, @usage=0x3, 0x0, 0x4f5, 0x81, 0xff, 0xfffffffffffffff7, 0x1b, 0x90, @usage=0x3ff, 0x3, 0x3, [0xf44a, 0x9, 0xcf, 0x0, 0x3, 0x6]}, {0x2, @usage=0xe, 0x0, 0xbb, 0x3dc, 0xfffffffffffffff7, 0x2, 0xffffffffffffff67, 0x200, @usage, 0xffffffa8, 0x4, [0x7, 0x100000001, 0xa4, 0x1, 0xffff, 0x241e]}, {0xe, 0x5, 0x800}}) chdir(&(0x7f0000000140)='./bus\x00') r4 = socket$inet(0x2, 0x2, 0x0) set_tid_address(0x0) setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000002700)=@raw={'raw\x00', 0x8, 0x3, 0x210, 0x0, 0x8, 0xfa04, 0x0, 0x6c02, 0x178, 0x194, 0x194, 0x178, 0x194, 0x3, 0x0, {[{{@ip={@empty=0x1e00, @multicast2, 0x0, 0x0, 'veth0_to_hsr\x00', 'veth0_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x98, 0xc0, 0x0, {0x0, 0x74020000}, [@common=@unspec=@addrtype1={{0x28}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ip={@multicast2, @dev, 0x0, 0x0, '\x00', 'tunl0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x270) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000280), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r5, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) ioctl$FS_IOC_SETFLAGS(r5, 0xc0189436, &(0x7f0000000140)) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x82000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) socket(0x15, 0x5, 0x0) 1m39.712198462s ago: executing program 3 (id=2874): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000240), &(0x7f0000000300)='./file0\x00', &(0x7f0000001400), 0x3000000, &(0x7f0000000140)) 1m39.392361809s ago: executing program 3 (id=2878): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x32, 0x1, 0x68, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x3ffe, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0) 1m39.387044965s ago: executing program 34 (id=2878): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x32, 0x1, 0x68, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x3ffe, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0) 1m23.902044404s ago: executing program 6 (id=3256): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="80000000010201386f0000000000000002000000640002a27680369854d968038b340000000008000200ac1414000c000280051b010000"], 0x80}, 0x1, 0x0, 0x0, 0x4000}, 0x4000044) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x1f2f, 0x0, 0x0, &(0x7f00000007c0), 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x50) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff0000056842bb002552d215f6", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e00000018000280140011"], 0x48}}, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmmsg$alg(r3, &(0x7f0000000140), 0x4924b68, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0], 0x0, 0xec, &(0x7f00000002c0)=[{}], 0x8, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xc1, 0x8, 0x8, &(0x7f0000000380)}}, 0x10) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x49, &(0x7f0000000080)=0x474c, 0x4) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000180)) 1m23.901867849s ago: executing program 6 (id=3257): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r1 = dup(r0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r1, 0xc0bc5351, &(0x7f0000000200)={0x98, 0x0, 'client0\x00', 0x0, "3f1af4a740812e3a", "5a79d5ab1a5dc91bdf033940fff4267c71a6349ebc4fb5480bdf6452ae9d2a14"}) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000740)=@framed={{}, [@alu={0x4, 0x1, 0xb, 0x0, 0x0, 0x10}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) ioctl$TIOCMIWAIT(r1, 0x545c, 0x0) 1m23.854875246s ago: executing program 6 (id=3259): socket$inet6_tcp(0xa, 0x1, 0x0) socket$tipc(0x1e, 0x5, 0x0) socket$tipc(0x1e, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r1 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r1, @ANYRES32=r1], 0x44}}, 0x0) 1m23.853603655s ago: executing program 6 (id=3261): r0 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) readv(r0, &(0x7f00000025c0)=[{&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000012c0)=""/239, 0xffffffda}, {&(0x7f00000013c0)=""/195, 0xc3}, {&(0x7f0000000100)=""/62, 0x3e}, {&(0x7f00000014c0)=""/4096, 0x1000}, {&(0x7f0000000140)=""/15, 0xf}, {&(0x7f00000024c0)=""/251, 0xfb}, {&(0x7f00000001c0)=""/6, 0x6}, {&(0x7f0000000240)=""/56, 0x38}], 0x9) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) read$rfkill(r1, &(0x7f00000001c0), 0x8) ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f0000000040)={0xa, 0x755}) 1m22.929313882s ago: executing program 6 (id=3303): socket$inet6_tcp(0xa, 0x1, 0x0) socket$tipc(0x1e, 0x5, 0x0) socket$tipc(0x1e, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'}) r1 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r1, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) 1m22.871439369s ago: executing program 6 (id=3306): mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8001, &(0x7f0000000080)=0x9f0, 0x40, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc) r0 = socket$kcm(0x10, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x6, [@typedef={0xa, 0x0, 0x0, 0x8, 0x3}, @enum={0x8, 0x4, 0x0, 0x6, 0x4, [{0x3, 0xb96}, {0xa, 0x5}, {0x9, 0x6}, {0xf, 0x37a}]}, @decl_tag={0x9, 0x0, 0x0, 0x11, 0x5, 0x9}]}, {0x0, [0x30, 0x5f, 0x30, 0x0]}}, &(0x7f00000004c0)=""/144, 0x66, 0x90, 0x1, 0x78a, 0x10000, @value}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r3}, 0x10) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}}, 0x0) r4 = socket(0x10, 0x803, 0x0) openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000600), 0x20080, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x7545b982bd1b1e1f, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x68}}, 0x0) r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r7, 0xc018643a, &(0x7f0000000080)={0x1, 0x2, 0x3}) r8 = accept4$inet(r4, 0x0, &(0x7f0000000100)=0x8, 0x80000) setsockopt$EBT_SO_SET_ENTRIES(r8, 0x0, 0x80, &(0x7f0000000300)=@nat={'nat\x00', 0x19, 0x3, 0x502, [0x20000700, 0x0, 0x0, 0x20000886, 0x20000af4], 0x0, &(0x7f0000000140), &(0x7f0000000d00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000030000002d000000080574756e6c300000000000000000000000766c616e31000000000000000000000067656e6576653100000000000000000076657468315f746f5f627269646765000180c20000020000ff0000ffffffffffffff000000ffffff6e0000001e010000560100004e464c4f47000000000000000000000000000000000000000000000000000000500000000000000089000000fcffff000000000024df71ca78f00e14bb5ef0fb94226cf206a30f47e4eea4a0dbf30070b0d450f6f2c86d4f3acdd892d0cd9c40058f99b7e6f0e4eab1d8e5e21994a57f688685e6023d78fb573e7345e300000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaffffff00000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000fdffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0100000011000000010000008917736974300000000000000000000000000000000000000000000000000000000076657468305f746f5f7465616d0000006e657470636930000000000000000000aaaaaaaaaabbffffff00ff00aaaaaaaaaaaa00ffff0000ff9e0000000e0100003e0200003830325f330000000000000000000000000000000000000000000000000000000800000000000000ff00fffb04000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000bbbbbbbbbbbb000010000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000ffffffffffff0000fdffffff000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000010000002400000073797374656d5f753a6f626a6563745f723a6472695f6465766963655f743a73300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000feffffff0100000005000000020000000018626f6e645f736c6176655f31000000006261746164765f736c6176655f31000076657468305f746f5f626f6e640000007665746831000000000000000000000063db3357b7b100ff000000ffffffffffffff00fd7effffff6e000000a6000000de000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0d0000fdffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0c0000fcffffff00000000feeaf256999254c0e63a461fa48a6e14d9912df5124021b997056527fbfc793cfea8fc6cad5806baaa3ab73a4d2019c18c90d89b10cd72e794f0b355bc90d8d3ebfc3bbcde312f5d693d997e35878f6e0c89d4671aa6a47425eb9240eb5aec5cd454a17894ae1e8736034a7b906e668dfe7aa6560adea8280c773cf75c8279247407c6895c783431bd1a1d4c23050bd2f558132d57654178236ffa94c320559e182f99951e437dc2552aa3d024e98cf34b7f317859f14a82bb6b25bee690a333860aab6ae70bebf64bd4c27b20054126"]}, 0x64f) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) r9 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r10 = syz_open_dev$tty1(0xc, 0x4, 0x1) r11 = dup(r10) mount$9p_fd(0x20100000, &(0x7f0000000380)='.\x00', &(0x7f00000000c0), 0x0, &(0x7f0000002c00)={'trans=fd,', {'rfdno', 0x3d, r11}, 0x2c, {'wfdno', 0x3d, r9}}) sendmsg$nl_route(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x40d, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_DEFAULT_PVID={0x6, 0x27, 0x5}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0) 1m8.565162498s ago: executing program 35 (id=3306): mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8001, &(0x7f0000000080)=0x9f0, 0x40, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc) r0 = socket$kcm(0x10, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x6, [@typedef={0xa, 0x0, 0x0, 0x8, 0x3}, @enum={0x8, 0x4, 0x0, 0x6, 0x4, [{0x3, 0xb96}, {0xa, 0x5}, {0x9, 0x6}, {0xf, 0x37a}]}, @decl_tag={0x9, 0x0, 0x0, 0x11, 0x5, 0x9}]}, {0x0, [0x30, 0x5f, 0x30, 0x0]}}, &(0x7f00000004c0)=""/144, 0x66, 0x90, 0x1, 0x78a, 0x10000, @value}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r3}, 0x10) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}}, 0x0) r4 = socket(0x10, 0x803, 0x0) openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000600), 0x20080, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x7545b982bd1b1e1f, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x68}}, 0x0) r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r7, 0xc018643a, &(0x7f0000000080)={0x1, 0x2, 0x3}) r8 = accept4$inet(r4, 0x0, &(0x7f0000000100)=0x8, 0x80000) setsockopt$EBT_SO_SET_ENTRIES(r8, 0x0, 0x80, &(0x7f0000000300)=@nat={'nat\x00', 0x19, 0x3, 0x502, [0x20000700, 0x0, 0x0, 0x20000886, 0x20000af4], 0x0, &(0x7f0000000140), &(0x7f0000000d00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000030000002d000000080574756e6c300000000000000000000000766c616e31000000000000000000000067656e6576653100000000000000000076657468315f746f5f627269646765000180c20000020000ff0000ffffffffffffff000000ffffff6e0000001e010000560100004e464c4f47000000000000000000000000000000000000000000000000000000500000000000000089000000fcffff000000000024df71ca78f00e14bb5ef0fb94226cf206a30f47e4eea4a0dbf30070b0d450f6f2c86d4f3acdd892d0cd9c40058f99b7e6f0e4eab1d8e5e21994a57f688685e6023d78fb573e7345e300000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaffffff00000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000fdffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0100000011000000010000008917736974300000000000000000000000000000000000000000000000000000000076657468305f746f5f7465616d0000006e657470636930000000000000000000aaaaaaaaaabbffffff00ff00aaaaaaaaaaaa00ffff0000ff9e0000000e0100003e0200003830325f330000000000000000000000000000000000000000000000000000000800000000000000ff00fffb04000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000bbbbbbbbbbbb000010000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000ffffffffffff0000fdffffff000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000010000002400000073797374656d5f753a6f626a6563745f723a6472695f6465766963655f743a73300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000feffffff0100000005000000020000000018626f6e645f736c6176655f31000000006261746164765f736c6176655f31000076657468305f746f5f626f6e640000007665746831000000000000000000000063db3357b7b100ff000000ffffffffffffff00fd7effffff6e000000a6000000de000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0d0000fdffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0c0000fcffffff00000000feeaf256999254c0e63a461fa48a6e14d9912df5124021b997056527fbfc793cfea8fc6cad5806baaa3ab73a4d2019c18c90d89b10cd72e794f0b355bc90d8d3ebfc3bbcde312f5d693d997e35878f6e0c89d4671aa6a47425eb9240eb5aec5cd454a17894ae1e8736034a7b906e668dfe7aa6560adea8280c773cf75c8279247407c6895c783431bd1a1d4c23050bd2f558132d57654178236ffa94c320559e182f99951e437dc2552aa3d024e98cf34b7f317859f14a82bb6b25bee690a333860aab6ae70bebf64bd4c27b20054126"]}, 0x64f) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) r9 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r10 = syz_open_dev$tty1(0xc, 0x4, 0x1) r11 = dup(r10) mount$9p_fd(0x20100000, &(0x7f0000000380)='.\x00', &(0x7f00000000c0), 0x0, &(0x7f0000002c00)={'trans=fd,', {'rfdno', 0x3d, r11}, 0x2c, {'wfdno', 0x3d, r9}}) sendmsg$nl_route(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x40d, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_DEFAULT_PVID={0x6, 0x27, 0x5}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0) 1.476060311s ago: executing program 5 (id=5539): socket$inet6_tcp(0xa, 0x1, 0x0) syz_usb_connect$uac1(0x6, 0xd2, &(0x7f0000000180)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc0, 0x3, 0x1, 0x4, 0x40, 0x2, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x7, 0x7f}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0xf, 0x24, 0x2, 0x2, 0x5, 0x83, 0x0, "0b0e9e7319c5"}, @format_type_i_discrete={0x11, 0x24, 0x2, 0x1, 0xd6, 0x1, 0x4, 0x5, "19a923ee5f2800a9bf"}, @format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0xb0, 0x1, 0x0, 0x4, "f703"}, @as_header={0x7, 0x24, 0x1, 0x5, 0x4, 0x3}, @format_type_i_discrete={0xd, 0x24, 0x2, 0x1, 0x7, 0x3, 0x2, 0x6, "59d9d7bf3e"}, @format_type_ii_discrete={0x12, 0x24, 0x2, 0x2, 0x6, 0x6, 0x73, "6182bc3f852c8e185f"}]}, {{0x9, 0x5, 0x1, 0x9, 0x8, 0x3, 0xd, 0x5, {0x7, 0x25, 0x1, 0x2, 0x9}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x1, 0x4, 0x72, "1a"}, @as_header={0x7, 0x24, 0x1, 0x36, 0x10}]}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0xff, 0x89, 0x6, {0x7, 0x25, 0x1, 0x0, 0x1, 0xfff7}}}}}}}]}}, &(0x7f0000000700)={0xa, &(0x7f0000000300)={0xa, 0x6, 0x300, 0xf3, 0x5, 0x9, 0x40, 0x2}, 0x8, &(0x7f0000000340)={0x5, 0xf, 0x8, 0x1, [@ptm_cap={0x3}]}, 0x9, [{0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x46c}}, {0x5f, &(0x7f00000003c0)=@string={0x5f, 0x3, "16aed6431f5c4b822f59ea935e3f14eebe66b6a106ef368db371a5e6c4b8e45dbd518099c39d6ac6b8058ba48a9ef2f63c98a5abfa2cb1fb64fd7e6c5decd767122ae4bd5ab5f0d4053eea42cc554eb69a5014c7147aed85e00a5e1a86"}}, {0x23, &(0x7f0000000440)=@string={0x23, 0x3, "db731852b1687c3b5bdb71a754a4ce9ff0b8feb299e58c8dea3f4646a0f0462bbb"}}, {0x63, &(0x7f0000000480)=@string={0x63, 0x3, "a638b50828b4debd83b79f369e689e0ae8233c07a92d831f3572af7ded5d7f493540a4f21a19780f593590636ea765f0e6ea8aaab7043920d47d37739bfabc02b7bb08e432a9b806467a9965b70e1b363526a3d30c8481fb7f3cb39357d21e81c8"}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0x1801}}, {0x40, &(0x7f00000005c0)=@string={0x40, 0x3, "e8cad7f7b7033960b8d87c02d1085095d65ccf9b9a6fb3446d067a03711eaed6feb1d56a4db262d82b19f82116346b7f0637b869e194e6ed3d63668b680d"}}, {0x92, &(0x7f0000000600)=@string={0x92, 0x3, "34c2e05664984f6a946061269a5318ab3523f4a0117788d8b9a6438c07c9c8633838b1ae9e8c0cdcbcbbf291b644fc341c86d608dc872eabee26fde27d5150492febdd7511ad7b556b071c1837d96998201e602e9a682a6f5f979f707b93debd115ee597bbca00b95aa82336763b9cb81a64e7802dc2a5282253279123e8d6fc31031ea190b05567da6b06c34a9f71aa"}}, {0x7, &(0x7f00000006c0)=@string={0x7, 0x3, "9ab25fc12d"}}]}) socket$tipc(0x1e, 0x5, 0x0) r0 = socket$tipc(0x1e, 0x5, 0x0) fgetxattr(r0, &(0x7f0000000000)=@random={'os2.', 'bridge_slave_0\x00'}, &(0x7f0000000040)=""/94, 0x5e) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup(r1) write$UHID_INPUT(r2, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b3d090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f360068090890e0878f0e1ac6e7049b3341959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5f31070d07480936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', 0x0}) r4 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r3, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r4, @ANYRES32=r4], 0x44}}, 0x0) 952.227762ms ago: executing program 4 (id=5546): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="2c0000003d0007010000000000000000017c0000040008800c00018006000600800a00000800028004000c"], 0x76}}, 0xc000) (async) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080), 0x400100, 0x0) write$dsp(r1, &(0x7f00000000c0)="0d34273cca483e184e1e5fb3f4d157a097cf4dc06591d90d026e2735acb8a2840918bbce230b7719fd344bfce45f3c44ff3c04b8fc2e5c4c6aefb05775637123b7c3a6e0ad4f4e643b4d42f92ab31e933996759e7634c18f4f30a182539e3e66b345e7ffd47bdc21c33ae59c7dd681ed1820dedeed9b0225fef264a054bb6eec094b18754ee838d327275de643a0f350259ca5eaae7f95d5", 0x98) (async) r2 = socket(0x10, 0x3, 0x0) (async) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macvlan0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="5400000010000100"/20, @ANYRES32=r4, @ANYBLOB="7240146c00000000340012800c0001006d6163766c616e00240002800800010010000000100009"], 0x54}}, 0x0) 904.431485ms ago: executing program 5 (id=5547): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001200674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00", @ANYRES32=0x0, @ANYRES32=0x0], 0xfc}}, 0x0) 904.243915ms ago: executing program 4 (id=5548): syz_emit_ethernet(0x2e, &(0x7f0000000c00)={@broadcast, @random="2ecafcc67af2", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr, @multicast1}, {0x3200, 0x88be, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0xe000, @void}}}}}}}, 0x0) 904.123371ms ago: executing program 4 (id=5549): socket$nl_route(0x10, 0x3, 0x0) syz_80211_inject_frame(&(0x7f0000000080)=@device_b, &(0x7f00000000c0)=@ctrl_frame=@ack={{}, {0x6}, @device_b}, 0xa) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'veth1_to_batadv\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1159b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PORT={0x6, 0x2, 0x1, 0x0, 0x4e20}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x44}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x1b, 0x10, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x8}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x9}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0) nanosleep(&(0x7f0000000140), 0x0) 903.398953ms ago: executing program 5 (id=5550): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r1) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) setsockopt$TIPC_IMPORTANCE(r3, 0x10f, 0x7f, &(0x7f0000000140)=0xfffffff9, 0x4) sendmsg$TIPC_NL_SOCK_GET(r1, &(0x7f00000004c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f00000005c0)={0xc0, r2, 0x1, 0x70bd27, 0x25dfdbff, {}, [@TIPC_NLA_SOCK={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x10001}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5374}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x101}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xfff}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}]}, @TIPC_NLA_SOCK={0x58, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0xffffffff}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x88d}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9a7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfffff958}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xc6}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x20000085}, 0x20000844) r4 = socket(0x10, 0x803, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x10) r6 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x110, 0x24, 0xd0f, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0xa, 0xc}}, [@TCA_STAB={0xec, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0x10, 0x3f, 0x916, 0x0, 0x6, 0x0, 0x3}}, {0xa, 0x2, [0x271a, 0x600, 0x3]}}, {{0x1c, 0x1, {0x7, 0xe, 0x7, 0x11, 0x2, 0x80000001, 0xb1d, 0x2}}, {0x8, 0x2, [0x2, 0xfe00]}}, {{0x1c, 0x1, {0x8a, 0x80, 0x6, 0xe0, 0x2, 0x1, 0x100, 0x1}}, {0x6, 0x2, [0x5]}}, {{0x1c, 0x1, {0x19, 0x0, 0x98d7, 0x7, 0x1, 0x10d, 0x8001, 0x2}}, {0x8, 0x2, [0xfffd, 0xb3d7]}}, {{0x1c, 0x1, {0x6, 0xfb, 0xfffe, 0x9, 0x1, 0x1, 0xfffffffc, 0x2}}, {0x8, 0x2, [0x3, 0xf23d]}}, {{0x1c, 0x1, {0x3, 0x9, 0xfffb, 0xd, 0x1, 0x0, 0x527a1f67, 0x7}}, {0x12, 0x2, [0xfc00, 0x3, 0xfff, 0x100, 0xff7a, 0x9, 0x8]}}]}]}, 0x110}}, 0x0) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040020000010000000", @ANYRES32=r9, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0) (fail_nth: 12) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3c0000001800010000000000000000000a00000000000000000000000c00090008000000", @ANYRES32=r9, @ANYBLOB="14000500fe800099"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="3c0000001800010045f40000000000000a00000000000000000000000c00090008000000", @ANYRES32=r9, @ANYBLOB="14000500fe8000"], 0x3c}}, 0x0) 733.629337ms ago: executing program 5 (id=5551): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f00000001c0)="3e67430f01d1670f01c566bad104b003eec422793161b7b8010000000f01c1b9010000000f322e670f01df430f781b0f20d835200000000f22d8440f0011", 0xfffffffffffffdac}], 0xaaaaaaaaaaaac6b, 0x13, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0, 0x55}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0xfd7f000000000000) 676.214435ms ago: executing program 1 (id=5553): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount$9p_rdma(&(0x7f0000000240), &(0x7f0000000300)='./file0\x00', &(0x7f0000001400), 0x0, &(0x7f0000000140)={'trans=rdma,', {'port', 0x3d, 0x2010}}) 676.077202ms ago: executing program 1 (id=5554): r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff010000000100000056000000250000001900400004001f0007fd17e5ffff08000400", 0x32}], 0x1) 675.383367ms ago: executing program 1 (id=5555): socket$inet6_tcp(0xa, 0x1, 0x0) syz_usb_connect$uac1(0x6, 0xd2, &(0x7f0000000180)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc0, 0x3, 0x1, 0x4, 0x40, 0x2, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x7, 0x7f}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0xf, 0x24, 0x2, 0x2, 0x5, 0x83, 0x0, "0b0e9e7319c5"}, @format_type_i_discrete={0x11, 0x24, 0x2, 0x1, 0xd6, 0x1, 0x4, 0x5, "19a923ee5f2800a9bf"}, @format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0xb0, 0x1, 0x0, 0x4, "f703"}, @as_header={0x7, 0x24, 0x1, 0x5, 0x4, 0x3}, @format_type_i_discrete={0xd, 0x24, 0x2, 0x1, 0x7, 0x3, 0x2, 0x6, "59d9d7bf3e"}, @format_type_ii_discrete={0x12, 0x24, 0x2, 0x2, 0x6, 0x6, 0x73, "6182bc3f852c8e185f"}]}, {{0x9, 0x5, 0x1, 0x9, 0x8, 0x3, 0xd, 0x5, {0x7, 0x25, 0x1, 0x2, 0x9}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x1, 0x4, 0x72, "1a"}, @as_header={0x7, 0x24, 0x1, 0x36, 0x10}]}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0xff, 0x89, 0x6, {0x7, 0x25, 0x1, 0x0, 0x1, 0xfff7}}}}}}}]}}, &(0x7f0000000700)={0xa, &(0x7f0000000300)={0xa, 0x6, 0x300, 0xf3, 0x5, 0x9, 0x40, 0x2}, 0x8, &(0x7f0000000340)={0x5, 0xf, 0x8, 0x1, [@ptm_cap={0x3}]}, 0x9, [{0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x46c}}, {0x5f, &(0x7f00000003c0)=@string={0x5f, 0x3, "16aed6431f5c4b822f59ea935e3f14eebe66b6a106ef368db371a5e6c4b8e45dbd518099c39d6ac6b8058ba48a9ef2f63c98a5abfa2cb1fb64fd7e6c5decd767122ae4bd5ab5f0d4053eea42cc554eb69a5014c7147aed85e00a5e1a86"}}, {0x23, &(0x7f0000000440)=@string={0x23, 0x3, "db731852b1687c3b5bdb71a754a4ce9ff0b8feb299e58c8dea3f4646a0f0462bbb"}}, {0x63, &(0x7f0000000480)=@string={0x63, 0x3, "a638b50828b4debd83b79f369e689e0ae8233c07a92d831f3572af7ded5d7f493540a4f21a19780f593590636ea765f0e6ea8aaab7043920d47d37739bfabc02b7bb08e432a9b806467a9965b70e1b363526a3d30c8481fb7f3cb39357d21e81c8"}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0x1801}}, {0x40, &(0x7f00000005c0)=@string={0x40, 0x3, "e8cad7f7b7033960b8d87c02d1085095d65ccf9b9a6fb3446d067a03711eaed6feb1d56a4db262d82b19f82116346b7f0637b869e194e6ed3d63668b680d"}}, {0x92, &(0x7f0000000600)=@string={0x92, 0x3, "34c2e05664984f6a946061269a5318ab3523f4a0117788d8b9a6438c07c9c8633838b1ae9e8c0cdcbcbbf291b644fc341c86d608dc872eabee26fde27d5150492febdd7511ad7b556b071c1837d96998201e602e9a682a6f5f979f707b93debd115ee597bbca00b95aa82336763b9cb81a64e7802dc2a5282253279123e8d6fc31031ea190b05567da6b06c34a9f71aa"}}, {0x7, &(0x7f00000006c0)=@string={0x7, 0x3, "9ab25fc12d"}}]}) socket$tipc(0x1e, 0x5, 0x0) r0 = socket$tipc(0x1e, 0x5, 0x0) fgetxattr(r0, &(0x7f0000000000)=@random={'os2.', 'bridge_slave_0\x00'}, &(0x7f0000000040)=""/94, 0x5e) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup(r1) write$UHID_INPUT(r2, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b3d090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f360068090890e0878f0e1ac6e7049b3341959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5f31070d07480936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', 0x0}) r4 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r3, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r4, @ANYRES32=r4], 0x44}}, 0x0) 599.723603ms ago: executing program 5 (id=5556): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$bt_hci(r5, 0x84, 0x1f, &(0x7f0000000080)=""/4057, &(0x7f0000001180)=0xfd9) sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@getchain={0x24, 0x11, 0x1, 0x65580000, 0x0, {0x0, 0x0, 0x0, r3}}, 0x24}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="4800000010003b1500"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012800a000100767863616e000000180002801400010000000000", @ANYRES8=r1], 0x48}}, 0x0) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001540)={0x44, r6, 0x10b, 0x70bd25, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4004811}, 0x0) 542.929803ms ago: executing program 5 (id=5557): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000080)=&(0x7f0000000040)) r1 = dup(r0) faccessat2(r1, &(0x7f00000000c0)='./file0\x00', 0xc3, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a85352, &(0x7f0000000100)={{0x1, 0x7f}, 'port1\x00', 0x80, 0x41400, 0x1, 0xfff, 0x7, 0x3c, 0x73, 0x0, 0x0, 0x2}) ioctl$VT_RELDISP(r1, 0x5605) r2 = open_tree(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x9001) read$FUSE(r1, &(0x7f0000000200)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_INTERRUPT(r2, &(0x7f0000002240)={0x10, 0x0, r3}, 0x10) ioctl$SNDCTL_SEQ_RESET(r2, 0x5100) prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x0, &(0x7f0000002280)) r5 = syz_open_dev$sg(&(0x7f00000022c0), 0x22e2, 0x4c8040) close_range(r2, r5, 0x0) openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000002300)='/proc/asound/card2/oss_mixer\x00', 0x301000, 0x0) r6 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000002340), 0x20000, 0x0) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r6, 0x3309) sendmsg$NFT_MSG_GETFLOWTABLE(r1, &(0x7f0000002440)={&(0x7f0000002380)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000002400)={&(0x7f00000023c0)={0x38, 0x17, 0xa, 0x0, 0x0, 0x0, {0x3, 0x0, 0x6}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x8000) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000002480)={0x0, 0x6, 0x0, 0x80000001, 0xceca, 0x8}, 0x14) ioctl$SNAPSHOT_FREE(r1, 0x3305) r7 = fcntl$dupfd(r2, 0x406, r0) r8 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r8, 0x84, 0x73, &(0x7f00000024c0)={0x0, 0x3, 0x20, 0x3, 0x7}, &(0x7f0000002500)=0x18) recvmmsg(r7, &(0x7f0000005bc0)=[{{&(0x7f0000002540)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @private}}}}, 0x80, &(0x7f00000027c0)=[{&(0x7f00000025c0)=""/245, 0xf5}, {&(0x7f00000026c0)=""/15, 0xf}, {&(0x7f0000002700)=""/180, 0xb4}], 0x3}, 0x5}, {{&(0x7f0000002800)=@ieee802154, 0x80, &(0x7f00000039c0)=[{&(0x7f0000002880)=""/88, 0x58}, {&(0x7f0000002900)=""/105, 0x69}, {&(0x7f0000002980)=""/2, 0x2}, {&(0x7f00000029c0)=""/4096, 0x1000}], 0x4, &(0x7f0000003a00)=""/80, 0x50}, 0xffffffff}, {{&(0x7f0000003a80)=@generic, 0x80, &(0x7f0000003ec0)=[{&(0x7f0000003b00)=""/39, 0x27}, {&(0x7f0000003b40)=""/9, 0x9}, {&(0x7f0000003b80)=""/230, 0xe6}, {&(0x7f0000003c80)=""/48, 0x30}, {&(0x7f0000003cc0)=""/133, 0x85}, {&(0x7f0000003d80)=""/50, 0x32}, {&(0x7f0000003dc0)=""/124, 0x7c}, {&(0x7f0000003e40)=""/112, 0x70}], 0x8, &(0x7f0000003f40)=""/9, 0x9}, 0x6}, {{&(0x7f0000003f80)=@isdn, 0x80, &(0x7f0000004240)=[{&(0x7f0000004000)=""/230, 0xe6}, {&(0x7f0000004100)=""/18, 0x12}, {&(0x7f0000004140)=""/246, 0xf6}], 0x3, &(0x7f0000004280)=""/221, 0xdd}, 0x6}, {{0x0, 0x0, &(0x7f00000055c0)=[{&(0x7f0000004380)=""/91, 0x5b}, {&(0x7f0000004400)=""/98, 0x62}, {&(0x7f0000004480)=""/127, 0x7f}, {&(0x7f0000004500)=""/4096, 0x1000}, {&(0x7f0000005500)=""/133, 0x85}], 0x5, &(0x7f0000005640)=""/195, 0xc3}, 0x7}, {{&(0x7f0000005740)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000005b40)=[{&(0x7f00000057c0)=""/28, 0x1c}, {&(0x7f0000005800)=""/153, 0x99}, {&(0x7f00000058c0)=""/54, 0x36}, {&(0x7f0000005900)=""/33, 0x21}, {&(0x7f0000005940)=""/70, 0x46}, {&(0x7f00000059c0)=""/18, 0x12}, {&(0x7f0000005a00)=""/200, 0xc8}, {&(0x7f0000005b00)=""/42, 0x2a}], 0x8}}], 0x6, 0x41, &(0x7f0000005d40)={0x77359400}) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$batadv(&(0x7f0000005dc0), r1) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r9, &(0x7f0000005e80)={&(0x7f0000005d80)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000005e40)={&(0x7f0000005e00)={0x3c, r10, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8}, 0x0) syz_open_dev$usbfs(&(0x7f0000005ec0), 0xb, 0x400000) r11 = socket$can_bcm(0x1d, 0x2, 0x2) getsockopt$sock_int(r11, 0x1, 0xc, &(0x7f0000005f00), &(0x7f0000005f40)=0x4) utime(&(0x7f0000005f80)='./file0\x00', &(0x7f0000005fc0)={0x28, 0x6}) 352.344542ms ago: executing program 4 (id=5558): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001600), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001640)={0x1c, r1, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0xfffffff0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4c080) 352.115747ms ago: executing program 4 (id=5559): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r1) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) setsockopt$TIPC_IMPORTANCE(r3, 0x10f, 0x7f, &(0x7f0000000140)=0xfffffff9, 0x4) sendmsg$TIPC_NL_SOCK_GET(r1, &(0x7f00000004c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f0000000700)=ANY=[@ANYBLOB="c0004b313e118c74b9a80599bb369b754bddd05d72faa042745ee74885fea8c2efa4b03bf84c1a79671f98993c235c0a38ef541c7beb12e472c85cd89f592628a23af7e1e72a5dfabd9a9cee4269f8533104377641ddbec07e12c39c5145cb0525700fe2bceac6fc68aa45b6bd79a2524947f8fac82e66", @ANYRES16=r2, @ANYBLOB="010027bd7000ffdbdf2506000000540002801c0003800800020004000000080001000400000008000200010001000400040008000200745300001c0003800800010001010000080001000900000008000200ff0f00000400040008000100020000005800028008000200ffffffff040004003400038008000200070000000800020008000000080001008d08000008000100a709000008000100040000000800010001000000040004000800020058f9ffff08000100c6000000"], 0xc0}, 0x1, 0x0, 0x0, 0x20000085}, 0x20000844) r4 = socket(0x10, 0x803, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x10) r6 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x110, 0x24, 0xd0f, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0xa, 0xc}}, [@TCA_STAB={0xec, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0x10, 0x3f, 0x916, 0x0, 0x6, 0x0, 0x3}}, {0xa, 0x2, [0x271a, 0x600, 0x3]}}, {{0x1c, 0x1, {0x7, 0xe, 0x7, 0x11, 0x2, 0x80000001, 0xb1d, 0x2}}, {0x8, 0x2, [0x2, 0xfe00]}}, {{0x1c, 0x1, {0x8a, 0x80, 0x6, 0xe0, 0x2, 0x1, 0x100, 0x1}}, {0x6, 0x2, [0x5]}}, {{0x1c, 0x1, {0x19, 0x0, 0x98d7, 0x7, 0x1, 0x10d, 0x8001, 0x2}}, {0x8, 0x2, [0xfffd, 0xb3d7]}}, {{0x1c, 0x1, {0x6, 0xfb, 0xfffe, 0x9, 0x1, 0x1, 0xfffffffc, 0x2}}, {0x8, 0x2, [0x3, 0xf23d]}}, {{0x1c, 0x1, {0x3, 0x9, 0xfffb, 0xd, 0x0, 0x0, 0x527a1f67, 0x7}}, {0x12, 0x2, [0xfc00, 0x3, 0xfff, 0x100, 0xff7a, 0x9, 0x8]}}]}]}, 0x110}}, 0x0) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040020000010000000", @ANYRES32=r9, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3c0000001800010000000000000000000a00000000000000000000000c00090008000000", @ANYRES32=r9, @ANYBLOB="14000500fe800099"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="3c0000001800010045f40000000000000a00000000000000000000000c00090008000000", @ANYRES32=r9, @ANYBLOB="14000500fe8000"], 0x3c}}, 0x0) 285.551097ms ago: executing program 4 (id=5560): chdir(0x0) ioprio_set$pid(0x2, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x0, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x8, 0x3, &(0x7f0000001300)=ANY=[], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r2, r1, 0x0, 0x0, @val=@tracing={0x0, 0x2}}, 0x40) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={r3, 0x0, 0x0}, 0x10) newfstatat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x800) r6 = socket(0xa, 0x2, 0x0) fcntl$getown(r6, 0x9) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xa) setresgid(0x0, 0xffffffffffffffff, r7) setregid(r5, r7) r8 = syz_open_dev$swradio(&(0x7f0000002440), 0x1, 0x2) ioctl$VIDIOC_S_CTRL(r8, 0xc008561c, &(0x7f0000002680)={0xf0f06e, 0x5}) r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_PMU_CAPABILITY(r9, 0x4068aea3, &(0x7f0000000240)={0xd4, 0x0, 0xffffffffffffff17}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r11 = openat$cgroup_int(r10, &(0x7f0000000080)='hugetlb.2MB.rsvd.max_usage_in_bytes\x00', 0x2, 0x0) openat$cgroup_procs(r10, &(0x7f00000000c0)='cgroup.procs\x00', 0x2, 0x0) r12 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000002800000028009ffaeae50000040000000000000e0300000000000000030000000000000800000000000000000000000000000000000000616100e40b120fe4cd0daaaeb3f87c65c436c9cdb7fc42fdb9701c1d441f6dad14693f5900ef461b04ade272cf9b3232e6c118c8199a4a281a8cfb7e076ad7e2793e563abf426482af5c69570da2b737c4cb7a385bd48bed59eb67c8c06d351a0a65b3eecc90ac27618ae270c2875aa74aa70be2346278f76fbf306a9ba07574b31b28719ee7e427c1a8c0c3a7f19f5e1414417abfef15ba8e3ff37be8baa413d78ab45edaf9119f0cce8f909b18b6c8ea4b917e64852f6c207b6169542390b40013084318caca81ddbd1ff08652770d5501931ea47f2d95a9eedf80e5167087f2e7c9adbb8913872bbe93044bc641e3c9bb9eeabf177c00549aaf19737e10111b10b9d755db51ae4f5461abc18634429ae39ca0b42a933ffe5ea8699c6cd4766e71ff0505b3bfdf0d"], 0x0, 0x46, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000380)={{0x1, 0x1, 0x18, r11, {r4, r5}}, './file0\x00'}) ioctl$SNDCTL_DSP_GETODELAY(r13, 0x80045017, &(0x7f00000003c0)) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0281, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r1, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x900080}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x1c, 0x0, 0x300, 0x70bd2c, 0x25dfdbfc, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x814) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r12, 0xc4c85512, &(0x7f0000000540)={{0x3, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x70a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63ca8286, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x10001, 0xfffffffffffffffc, 0x10006, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xa9d5, 0x0, 0x0, 0x5, 0x0, 0x0, 0xf, 0x0, 0x0, 0xfeb7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x8, 0x0, 0x1000, 0xfffffffffffffff9, 0xc, 0x0, 0x0, 0x1002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x80000001, 0x73fb, 0x0, 0x0, 0x0, 0x2, 0xb7a8, 0xff, 0x0, 0xfffffffffffffffb]}) sendfile(r11, r11, 0x0, 0xff) 209.155167ms ago: executing program 7 (id=5563): r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff010000000100000056000000250000001900400004001f0007fd17e5ffff08000400", 0x32}], 0x1) 133.203397ms ago: executing program 7 (id=5564): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', 0x0}) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_G_SELECTION(0xffffffffffffffff, 0xc040565e, &(0x7f0000001a80)) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000100)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0108000000002c9a4e33453ec5fa08000300", @ANYRES32=r1], 0x30}, 0x1, 0x0, 0x0, 0x881}, 0x24040094) socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000002080), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = fsopen(&(0x7f0000000040)='cifs\x00', 0x0) r6 = syz_open_dev$swradio(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_G_FREQUENCY(r6, 0xc02c5638, &(0x7f0000000080)={0x1, 0x2, 0x40000}) socket$nl_generic(0x10, 0x3, 0x10) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000080)='iocharset', &(0x7f0000000580)='%\x8bR\xafH\xd6e\x11\'\xec\xbb\xcb\xa0/\x1f\x16\xcf\xe2\xb5\xfc\xeb1\x12\xfdC\xb8\xa0\x01\xa3~\x971W\x96\xec\xaf\x1c\x91\xeb\xa8e\xfe\x17\x02xEA\x0f\x14\r\xae\xc1\xfe\x06\x12\beSb{~R\xf0\x06\xfb\x00\x00\xf92\xce\x81p\x1fC\n\x9f(\x00\xc5\x1d\x9c\xccCq\x06\x1b-\f\xc9\xd9+\xa4\x14\xd8\xf4\xef\xf5^\xbb\x06\xc92\x01\xd92\x14\xb8=\x03\x00\xd5M\x04\xf4{H\xd0\xc8v\x10\xe1R \x9a^\xdfqpc\x00\x00\x00\x00\x00\x00&>\x94\x882\x1c_j\x15{ \xf08\xdf\x84\xe64{4\x81\xba\xfc\x93\xf4\xd8\xb5\x04\xcb\x98\xd1QF\xe5\x1b\xb30x/\x86\x02\x1ct\xc7\x88\xd2\xce\xd5\x9e1\xef`\xad\x05\x11\xc9\xd8<\xc6~\x97\xd5\xde\xe3Eh\\\x84\x14\x9e\b\xe1\x9b\x00\'\xe8!\x8c\xc3\x97\x8a\xcf\xfc\x8fe\xa6\x0f\x8b\x912c\x1b>8\xa3=\xab\xf1\xf5\r\xb6\f\xfcS9\xae.\x8b\xf3\xbc,?\xb2\x9aBDPY=r\xfa8I\x16\xa2\x18\xd4\xa5\x8b\xaf\xd1\x8a\xbb\x0e\x15O\xc9p@\xadaw\x84\xc9\xdd\x87a[\xdf\xc2\xa4\xf9@T/', 0x0) mkdir(&(0x7f0000000540)='./file0\x00', 0xd0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x159080, 0x0) rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00') sendmsg$L2TP_CMD_TUNNEL_DELETE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000002140)={&(0x7f0000000140)={0x20, r3, 0x2, 0x70bd2a, 0x25dfdbfe, {}, [@L2TP_ATTR_COOKIE={0xc, 0xf, 0xc4e1}]}, 0x20}, 0x1, 0x0, 0x0, 0x24008055}, 0x4) r7 = socket(0x1e, 0x805, 0x0) connect$tipc(r7, &(0x7f0000000000)=@id, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r7) ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r7, 0x8983, &(0x7f00000000c0)) 133.011276ms ago: executing program 1 (id=5565): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="28fcffff", @ANYRES16=r1, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f0070687930"], 0x28}}, 0x0) 132.943664ms ago: executing program 7 (id=5566): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x3}, 0x6) write(r0, &(0x7f00000000c0)="510003000000", 0x6) 125.205595ms ago: executing program 1 (id=5567): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async) r1 = socket$isdn(0x22, 0x3, 0x1) r2 = dup(r0) (async) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000300)={'#! ', './file0', [], 0xa, "df141c9ae52a99831e1018899b7353570732144e40fc9edd5082f3ea22b30c5b0f60772d00cc9e005742864764d9b97ed0f4f1d7aaf1651d92b7599f01b978f278e7f1a4c715bded21d4a7948eecd49e9300c8334d76aa0d70540969328e0c423d1e19045f1697c87c285539909ce16954785405395821beb0a3ebdf95aada7e53f976fcec728366b7de2997118011afa15c2dbcb0d8434ea3c2efdcd1f39d53d386e01e108b6baccf60cb1eb13ec935ece3b0108f7b95c48662050d556988bc28b24b51fcb5a7ac6c205a29b63da5"}, 0xda) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) (async) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/108, 0x6c}], 0x1, 0x0, 0x0) (async) r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x9, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f0000000200)={0x0, 0x40002, 0x2, {0xd, @pix={0x5, 0x1000000, 0x30395056, 0x6, 0x3, 0x7, 0x5, 0xffff4a34, 0x1, 0x7, 0x0, 0x6}}, 0x27}) (async) unshare(0x22020600) r5 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x5894, 0x400, 0xffffffff}, &(0x7f0000000280)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) (async) ioctl$BTRFS_IOC_RM_DEV(r1, 0x5000940b, &(0x7f0000000580)={{r1}, "5b87cb225c6f61dcec83a498ac2ed5237a63ac51e6337622651c16e6ac9f3f961d07fdaf71200a63aa33da1a735042c5ddc8dbd46199954d29cd58656dd3506e372fbea8b62d1162ca88e9dbb1940e2d3878250956f4c7029d79cd23c6ea241ab4880e72a4f70efdecd7a7d9915418154323bd384d62bbf4e4b2c19ccacf88510dde3f95b5f4232eb954e7b833d0eab350b2961fe133e77f43ed8a8e054e7a60f76cba6b1008945d62525d4f93b4fea71b7eeb135e6591cd6724e5f9f3352bd19956cbb8301785505d9de89ffc54fbcd2030d4b14aa85138e665827e3c19405d8b47a75f3c5c08221072ecf6cc2294eac6d88d3ede286db93738ac9d9f196597fec8d2a296f5542b4155fa6cfab60c288ff68986d18bb2dd0d9f9997fa9c1a8b8c04713555cfb18b031e80571113f87fb6595155c36845b9c8a5f0e283daa37596e2ebbeb746090f3679bb7e97731db56cb4107dca56f01d8de6490cd98ab611ac722e51d84998e9287f609df0a950a5ae598a3ad5b75faaae969655d79ed13183f64d794f4611f3ffaf6291d17ac32b8b8a5d05d782b81fb0c565bdf9a89668187bab8a13758036e38297ecf5063ba7e7f066a9a48f9cc48b26550ff4c64abd2ee7bba3acfbf3f11d75b7925ba97e7896ffa0510f822bb80ce1b3206659a5da70e0dcda2c11e3d80507a6ae5ba03d8390908b5e0575d8e9fb9519a50cf5ddfa865edc176c86392c823b69bb57ee8c8f00ef1d740402dd9344ee44f5e5b9912dc85f1faf4605d35033b32540d8b1c258ec5237dc245ee6e74e234b02feeafe4071daeb9697ba83db48ee7b6912ce04f6a37e5d8a773f9ff254c0e311957b89783d38d66ced2c33dda1317ef53baeae307458c415854e6bfe063e650d3c2f406eadac09fc5ae01b0ade88b00aa51a63affa5fcbae13e4943ac05815cf6522e9fa5b4a331432e9e482a79aa0175107d5cee13e85017eda781dafb0a65dd61920ef30f5630aa0b38d889b33ffe6630ddb8ee1eb1f090568f0d7a3de118162e4fb8b56d695554633b1e50cf499e6f0500cf58d0600bd0e149127c69096abfcd50034ef4afb9c6699d23a3c58e5ac590a9cf87872723b7dfd53a15168345df183c025e5cca74d8b89533a302c8e4149e187b15e9d106a57983eb9b6b6326259180f4e9f94b273392d81f65a3a19182492d4c419fe18c9be0573ba14f48b1a82786502be7521f47fcc6ae0474f2cdec8a2a3186fc6bea8f79f09417c3bc87892553a3b35e68e19e536da6f1d8796772034aff6c7fe01cd649f9ae4afce6a33e5498ffa91e51d83f51cf3cab37bd7ad4283d755ae6bc7fe6b23067268f0a67aa1071881410f8f5d4b17c4a19c104d960727bfcf49ba3039c2ff5d3b1e3288d785343e5f852e656e50175bf0870670e3fc25108716b4db6dd8ff5261aa72b1928e87b92571389013338e4b75a95d7c8bb1387de82555f4a02c025e5d619168da73a4c7cbdf34151e3770ee711609fa90066ffc5725851db7d0b7425f1be44df59aefbbf7923a773c7c3b7044c05c658d02979c9fde2bf2b7e911177c8b73e0260e018d5b22f516844ff831f6f67dafe3090f0766f1dcea25f75d5fafcf8c4412975ad06c778f7505aecbf03df5a27ba12a54ae278d6dc3b378cb1d2892698995611e7521d0b2949987e87be2d22a377d02e9403379ef6f95c2940f488a978d6c28cbfb148e85d7b42a9f00a8a4e7e6e12950388dda062414acb615cadf021d8ac647956c7b52b78a19de0a3bc4cf3c2ef1e9e338bf51dc7952e4521c489cd6d605e5206bd149c80d56bd81f9fc4b89029a64569a63f63a0fedababfa2550bb53a5d128aede88609453b98bf9916078cbe74e33a9b6ff3d1b8627489250278a5c7502fb532dbbdb64ea819d4f54b5ca3e45a7e549fe92f885510e6237d45607616303cc8beadac75951bb4c53d571203a30aafa06ce94319382a399835f2bdaa166ca35ed32992a75af4a9790db5dcd8ef31e0b2f0a87f9cd9dec84a6f32704d5ba3aa34ebb3fe1fce1f9c17763ac81ad2836e38e1fe97c529efba38fd65e45baf568ebffa99ae3ef612c755797b775560ecce46bdb4c2ecf5433e07ce36d607837638b6e74691f094b87253252767a3dbe763d5c6a7c1f1b2ab3c2b9092e03227781e3751dddd4d29646af05981f491859dc3bced7994734305d2feaeaa2c52b0ab3e698a9f3548526b14c480b73e6c27a64a171690ec22394b0f5aa2c1938fe0025aeb9d71b6d8d33e218cf99c00a8782858911070929b3633de347c1054859c5ffcd56828fa52b139c830c9450e2b899e1ebf1e1de7af35baf19ade53d4b93dff875da3ae4b368037114af8c59bce11162215a725051fb2df1aab3742952687eaf159d6a81c475080e30450259b5066d56d98279aef7ca0ef8764deb43d290afb5920684356ecc4bd0f1990c86414fc9fdcfdddb93c0da4dc0db44e4dbc90db0df395bfa5152dc9a4571d51e5f0e8bcde68b18db371c97d468afb89cdb0bdc5c33970e0fff16a603a59594e440ac050bb8b45d648d729767a58e3a9d268c71e455f0c954af4e72d33006d4d2d084ee7b4341c09ece08013c3c7c2c4a28fdac0a10d11cc32099db019eecba7a69472ae7e35d6d0bb495c07285ff616b6f97106ca2f15b5bd0177f71e537df924a08e2bd1c99304cbc9e93d7bf97a85c4fa4878ac18fc97a4173cdade7a9aa0e5e0832e113a12cd978003a904c0365d717b631e30cb64f164db53c7cca40fe683e67981063f81430620715836b45059c09ba190939e2c35c410749855b4c4bbe0b7e033baabc609bb5c9f16fe55450c5e728a819feea027706096f24e451b7a2b26abd2bbc0e43e3f31eefc91feb65fd2234c8c570344658bd34fe9096e013651d8934123fc2b6f88b52b4a1a6356cf22afba16ef6b75ef8477cd3c4dcfd25f2137d9b3ec9c0cc15827ea3a5b3ade9413348bb5206b1b52abdd75388626fcea3c565bb22486c3c99e33bc38ec358f5e97d8bbfabcb587b4adf862b07228b9881b588f0eca771c8f5a20447dda0d0218258761396a3b44324a042c4442407a21b42121fec2b33f8d73c65087ea392d5c3465c085790cd78484706331da81b9c26e29f38b76d1ebd584001187960120204b0972d97deba7aa3d68e1bb10777da567ec254faf52bc4a1d73563f89f083188099e5dfbb185f7444e1dcc628494e0aa81c8390b3a595d53c8013660cf98c5e1f51ae86c415a78c4a76927fef965eebeb329a21f9ff3aef5508743f607e3cb5637ae39e9a54646ec67579d85934042f33479c49f3ed492f1b822c994a021e101bb202e7a7724ba1d675e19e81689cc4850bf15a2dd1f8ded4755acbc381a0baaafa1c2efba577b3baf8a3f6924583d36958396776028bd08bc77edd1955c28bf0d276c45dd70c5774314d878e375a2f20647f156d76452112ca27f00c15052ca18ef1d2fbd47f619701866a66a5d0c3f0b7043ecb5fdd82ddd0879b81d0a870bbdf20bdaa9c9798e6fbf73fdb040a54d0c935549310e0637416965da49afd32afa054c168abea50514a4e34ba249168f913b80709ddd5e704489ae1965e96cf860b3ac45c18970ab08047e01a1cd0003488d2b4c64558adaccbded9243ff01f879cc33db01624feffc990d9e4252a2d7d43be9e4a605e1fcb558c782d9e405291bdc92c28a404b99fb2747aee558c3936c784cea88ba08ae3b572839d37c86ee7d188586d624784b2245e6439d4b7f2933e3b401b27050078d642be69f914b673137f18d2ebe210585903bcacebb4e3b3ca8653505a98648f6e6ba8c26cdb6d63ac29af7088d8f10e9802ae1708ff31730d412659cfae1da5434a729ff60468acacb1c0e453048b8b3080f9b43b58b3c94addfb34c72be1b93b79d13cdd2c2fdc31f2af9fe7433a77906ae89e2ebcb163c19f2784a8296e26a1c2386dd780d5deb9a93103d1625a67678a65634020f4f97996b1a637ee2b0ac207ede13a3d1b19b76250906def86069e76ff40a1e5580bacec62807c50427256091aca674dbac7532379a699d4a301982ba4c17ba8f86f254e7cd1ce794149a31881646ab39b8ae55e48d44007fb0186356229ec23a3a181f3824798519c8d2653ced2669a1b7d76dcd5948f85db75e2be9bf26e1857fe0f6d62f62c1b0d9274f25dcebb0bc0a5c6a22dc5ac0c6eea710cfd115f215069650657717967bd665963c62fc7b39a3b9f2c4ccbc17359064949ecb813c96db0d60437c370238052fa1daa4f76c75986400f3bc2412ea01306b30808970c4c945b476025e50855f49f9076fda35b5e3065948b0c0419b07fad1c38ee4e9b719cd2f87480e164303aeef30c360bb0ecd42a37414e3dd0d51701f1e2f1eb8f0de44f1c056180d153acacec2b8a4de484f8607e450e7accb19cb08ab34f6bd036de8f6a3d477c70d8fb9c79b203584b2ef399f9aa8578c929c1818332ae447af8246daa149e3cfdb4b6d06f59a21a0bab3064bfb3a86c9751661e0037e3fc94076f3c051735f29f5120f26aec2a42c0ba05b73b96070ad5aab016efd0b34ae432883a855ab97636f0246cf49a34d9ce1931f1bd73b9c8fe19e1b4cd9daad7ca46d866df4763d0d1ec3f4907a3d5dcca3c813ffee723b5807be966b6ba85f46a8b141c936f966ab5ae0e8ebf8564d3f47ff8cdfac7f8fed606fdf74da77ffce4de5b819bfe4aaa11bf03ca1fac3ee2b7381e4e93ecc7956cef60cbd8b7479ecf8a27a2157c086a1f9a0080d33ec01e1b6b3fe6eeabeca4bb48f407958a4a36ff58569787f2fd37e8f3636ef8f88ac031aef077b07e1eb9d6e8407601ecf2245d44a89a5b9fe27393d3fbd97f747cdb5f84af96be4a727dc304433ddfb00b876207481cc7402ff8bf09a77f28daaf21b75b6a92a5aba11a95a0f94ca72c57c33b2fdf54341d54704c2f5dd898544b66e67f27d68359aab171388659cf1e86587d6f9b3573f50c1b557b403573900434f347bda53c73c6f9ac47defde4fa11ee24c84bee92f5034eb322f0dbb4756581c51041c64a691ba2d9a02f1b8bc0d486346dd50f157c3150bc3c6051cd6d6f2397106d87ce57cfcdf327f85da6d7c00850781e2286676cfb25cfd97e66283e0ee855ca36ede7cd371a3290b388ebd5cc6abfc687470480f50abfe8847e832da5953fbdfb22840706f858907fa7d7472641ce81f8fc415f72ea11c7438247f8b311316eefdb99ddb348aad5fdbc61500be933d3bb9c2fcb53c16fb13f5959fde00c6a77c661d5bafcba4bca322278368f6885eac4cfed2821f3813d630eaa84a2f23ec9d90ec9862daa1da0d11b4698c66f0adcc1fb1196a8762818e5b3613891f3add44af92c61a36ccb89407d679c983c6273b2cc6266664acd4a39da0f3cd2983a8f8774a9ffd8f97339e0bc77c059c45d4ac720f3ef4292fe0d13a5b0aaa29f766f8272df352f6a9df12def6845396a6f774ccf323891ba3270f0017cb49a34d1a80d09ba1ced770f269028fc2c989a0c626da6744282d528c15038fdcfca3c537db14f300356fbf8b7263bee801273f0b149e97d2e18b60c12b02bd6c9fe6e501d25d5c3d6cc525addaffac9e6b84d48e3845bd403ed4d493ba93c8c8f7b67291ac26778d486acc56746b9a390fd4852f1ffc95f1da3f02dbab32abd48782e58fd9b32de96ff1a34074f5000ded1e79ac91568e14d29f195e720458811f84b0ea19b0c7d8f59acb965e8a5cee89a994bcaab8b291510ad043ab21b1c9943f39"}) syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_MKDIRAT={0x25, 0x18, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000100)='./file0\x00', 0x8}) io_uring_enter(r5, 0x47f6, 0x0, 0x0, 0x0, 0x0) r8 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r8, &(0x7f0000000540)={0x0, 0xc027, &(0x7f0000000340)=[{&(0x7f00000000c0)="97eb000014006bcd9e", 0xeb97}], 0x1, 0x0, 0x0, 0x1f000000}, 0x600) (async) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r9) (async, rerun: 32) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r11, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000e00)={0x24, r10, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x19}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast2}]}, 0x24}, 0x1, 0x0, 0x0, 0x814}, 0x0) (async, rerun: 32) sendfile(r3, r8, &(0x7f0000000200)=0xfff, 0x2) (async, rerun: 32) ioctl$KDGKBMODE(r3, 0x4b44, &(0x7f0000000000)) (async, rerun: 64) write$UHID_INPUT(r2, &(0x7f0000004000)={0xf, {"a2e3ad21ed0d09f91b50090987f70906d038e7ff7fc6e5539b0d3d0e8b089b33396d63060890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) (rerun: 64) 56.856373ms ago: executing program 7 (id=5568): r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190040000400009e07fd17e5ffff0800040000000000000000", 0x39}], 0x1) 56.596333ms ago: executing program 1 (id=5569): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d00090582"], 0x0) syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 56.511092ms ago: executing program 7 (id=5570): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)={0x18, 0x140b, 0xa11, 0x70bd26, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0xf000000}, 0x0) 0s ago: executing program 7 (id=5571): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000500)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0xa}, [@RTA_DPORT={0x6}]}, 0x24}}, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe3000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"]) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) kernel console output (not intermixed with test programs): sg+0x10/0x10 [ 301.439720][T18492] ____sys_sendmsg+0xaaf/0xc90 [ 301.440996][T18492] ? copy_msghdr_from_user+0x10b/0x160 [ 301.442428][T18492] ? __pfx_____sys_sendmsg+0x10/0x10 [ 301.443828][T18492] ___sys_sendmsg+0x135/0x1e0 [ 301.445082][T18492] ? __pfx____sys_sendmsg+0x10/0x10 [ 301.446485][T18492] ? __pfx_lock_release+0x10/0x10 [ 301.447830][T18492] ? trace_lock_acquire+0x14e/0x1f0 [ 301.449195][T18492] ? __fget_files+0x206/0x3a0 [ 301.450440][T18492] __sys_sendmsg+0x16e/0x220 [ 301.451653][T18492] ? __pfx___sys_sendmsg+0x10/0x10 [ 301.453001][T18492] do_syscall_64+0xcd/0x250 [ 301.454205][T18492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.455758][T18492] RIP: 0033:0x7f899bb85d19 [ 301.456942][T18492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.462008][T18492] RSP: 002b:00007f899c929038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 301.464171][T18492] RAX: ffffffffffffffda RBX: 00007f899bd75fa0 RCX: 00007f899bb85d19 [ 301.466240][T18492] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000004 [ 301.468343][T18492] RBP: 00007f899c929090 R08: 0000000000000000 R09: 0000000000000000 [ 301.470412][T18492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 301.472463][T18492] R13: 0000000000000000 R14: 00007f899bd75fa0 R15: 00007fff4cad1868 [ 301.474522][T18492] [ 301.634687][T18486] openvswitch: netlink: IP tunnel dst address not specified [ 301.683517][T18505] bridge0: left allmulticast mode [ 301.813011][T18519] xt_hashlimit: size too large, truncated to 1048576 [ 302.074956][T18537] tipc: Trying to set illegal importance in message [ 302.078005][T18537] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18537 comm=syz.4.4671 [ 302.462761][ T66] Bluetooth: hci4: command tx timeout [ 302.652661][T18550] overlay: Unknown parameter 'volatile:fowner<00000000000000049663' [ 302.706637][T18554] FAULT_INJECTION: forcing a failure. [ 302.706637][T18554] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 302.711444][T18554] CPU: 3 UID: 0 PID: 18554 Comm: syz.4.4679 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 302.714468][T18554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 302.718025][T18554] Call Trace: [ 302.719143][T18554] [ 302.720239][T18554] dump_stack_lvl+0x16c/0x1f0 [ 302.721994][T18554] should_fail_ex+0x497/0x5b0 [ 302.723727][T18554] _copy_from_iter+0x2a1/0x1560 [ 302.725515][T18554] ? trace_lock_acquire+0x14e/0x1f0 [ 302.727422][T18554] ? __alloc_skb+0x1fe/0x380 [ 302.729098][T18554] ? __pfx__copy_from_iter+0x10/0x10 [ 302.731012][T18554] ? __virt_addr_valid+0x1a4/0x590 [ 302.732686][T18554] ? __virt_addr_valid+0x5e/0x590 [ 302.734410][T18554] ? __phys_addr_symbol+0x30/0x80 [ 302.736204][T18554] ? __check_object_size+0x488/0x710 [ 302.738134][T18554] netlink_sendmsg+0x813/0xd70 [ 302.739852][T18554] ? __pfx_netlink_sendmsg+0x10/0x10 [ 302.741685][T18554] ____sys_sendmsg+0xaaf/0xc90 [ 302.743337][T18554] ? copy_msghdr_from_user+0x10b/0x160 [ 302.745204][T18554] ? __pfx_____sys_sendmsg+0x10/0x10 [ 302.747027][T18554] ___sys_sendmsg+0x135/0x1e0 [ 302.748525][T18554] ? __pfx____sys_sendmsg+0x10/0x10 [ 302.749845][T18554] ? __pfx_lock_release+0x10/0x10 [ 302.751216][T18554] ? trace_lock_acquire+0x14e/0x1f0 [ 302.752825][T18554] ? __fget_files+0x206/0x3a0 [ 302.754471][T18554] __sys_sendmsg+0x16e/0x220 [ 302.756162][T18554] ? __pfx___sys_sendmsg+0x10/0x10 [ 302.757985][T18554] do_syscall_64+0xcd/0x250 [ 302.759712][T18554] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 302.761733][T18554] RIP: 0033:0x7fe397f85d19 [ 302.763307][T18554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 302.768806][T18554] RSP: 002b:00007fe398ce7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 302.770814][T18554] RAX: ffffffffffffffda RBX: 00007fe398175fa0 RCX: 00007fe397f85d19 [ 302.772803][T18554] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003 [ 302.775402][T18554] RBP: 00007fe398ce7090 R08: 0000000000000000 R09: 0000000000000000 [ 302.778184][T18554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 302.781006][T18554] R13: 0000000000000000 R14: 00007fe398175fa0 R15: 00007ffccd9480b8 [ 302.783708][T18554] [ 302.838389][T18561] tipc: Trying to set illegal importance in message [ 302.840312][T18561] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18561 comm=syz.4.4682 [ 302.845037][T18561] __nla_validate_parse: 6 callbacks suppressed [ 302.845045][T18561] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4682'. [ 302.854827][T18561] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4682'. [ 302.905644][T18572] tc_dump_action: action bad kind [ 302.923455][T18574] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 302.957319][T18578] netlink: 'syz.7.4690': attribute type 2 has an invalid length. [ 303.129813][ T63] usb 9-1: new high-speed USB device number 24 using dummy_hcd [ 303.238621][T18605] netlink: 'syz.5.4701': attribute type 64 has an invalid length. [ 303.272529][ T63] usb 9-1: device descriptor read/64, error -71 [ 303.510722][ T63] usb 9-1: new high-speed USB device number 25 using dummy_hcd [ 303.524874][ T39] audit: type=1400 audit(2000000109.874:898): avc: denied { setattr } for pid=18610 comm="syz.7.4704" name="hidraw0" dev="devtmpfs" ino=2927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 303.575588][T18629] FAULT_INJECTION: forcing a failure. [ 303.575588][T18629] name failslab, interval 1, probability 0, space 0, times 0 [ 303.581501][T18629] CPU: 2 UID: 0 PID: 18629 Comm: syz.5.4711 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 303.585593][T18629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 303.589465][T18629] Call Trace: [ 303.590704][T18629] [ 303.591789][T18629] dump_stack_lvl+0x16c/0x1f0 [ 303.593530][T18629] should_fail_ex+0x497/0x5b0 [ 303.595266][T18629] should_failslab+0xc2/0x120 [ 303.597003][T18629] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 303.598963][T18629] ? skb_clone+0x190/0x3f0 [ 303.600618][T18629] skb_clone+0x190/0x3f0 [ 303.602178][T18629] netlink_deliver_tap+0xabd/0xd30 [ 303.604034][T18629] netlink_unicast+0x5e1/0x7f0 [ 303.605303][T18629] ? __pfx_netlink_unicast+0x10/0x10 [ 303.606908][T18629] netlink_sendmsg+0x8b8/0xd70 [ 303.608362][T18629] ? __pfx_netlink_sendmsg+0x10/0x10 [ 303.609723][T18629] ____sys_sendmsg+0xaaf/0xc90 [ 303.611033][T18629] ? copy_msghdr_from_user+0x10b/0x160 [ 303.612488][T18629] ? __pfx_____sys_sendmsg+0x10/0x10 [ 303.613877][T18629] ___sys_sendmsg+0x135/0x1e0 [ 303.615117][T18629] ? __pfx____sys_sendmsg+0x10/0x10 [ 303.616578][T18629] ? __pfx_lock_release+0x10/0x10 [ 303.617800][T18629] ? trace_lock_acquire+0x14e/0x1f0 [ 303.619170][T18629] ? __fget_files+0x206/0x3a0 [ 303.620408][T18629] __sys_sendmsg+0x16e/0x220 [ 303.621604][T18629] ? __pfx___sys_sendmsg+0x10/0x10 [ 303.622954][T18629] do_syscall_64+0xcd/0x250 [ 303.624139][T18629] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.625700][T18629] RIP: 0033:0x7f899bb85d19 [ 303.626882][T18629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 303.631775][T18629] RSP: 002b:00007f899c929038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 303.634139][T18629] RAX: ffffffffffffffda RBX: 00007f899bd75fa0 RCX: 00007f899bb85d19 [ 303.636225][T18629] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003 [ 303.638296][T18629] RBP: 00007f899c929090 R08: 0000000000000000 R09: 0000000000000000 [ 303.640344][T18629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 303.642387][T18629] R13: 0000000000000000 R14: 00007f899bd75fa0 R15: 00007fff4cad1868 [ 303.644439][T18629] [ 303.645328][ C2] vkms_vblank_simulate: vblank timer overrun [ 303.649375][ T63] usb 9-1: device descriptor read/64, error -71 [ 303.753503][ T63] usb usb9-port1: attempt power cycle [ 303.947820][T18637] tipc: Trying to set illegal importance in message [ 303.950883][T18637] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18637 comm=syz.5.4714 [ 303.957033][T18637] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4714'. [ 303.967316][T18637] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4714'. [ 304.016964][T18639] netlink: 64 bytes leftover after parsing attributes in process `syz.5.4715'. [ 304.082665][ T63] usb 9-1: new high-speed USB device number 26 using dummy_hcd [ 304.116230][ T63] usb 9-1: device descriptor read/8, error -71 [ 304.228258][T18655] netlink: 'syz.5.4721': attribute type 64 has an invalid length. [ 304.305428][T18666] Cannot find set identified by id 0 to match [ 304.369988][ T63] usb 9-1: new high-speed USB device number 27 using dummy_hcd [ 304.387990][ T63] usb 9-1: device descriptor read/8, error -71 [ 304.477542][T18680] tipc: Trying to set illegal importance in message [ 304.479792][T18680] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18680 comm=syz.5.4729 [ 304.486014][T18680] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4729'. [ 304.493193][ T63] usb usb9-port1: unable to enumerate USB device [ 304.498772][T18680] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4729'. [ 304.519319][T18684] netlink: 'syz.1.4731': attribute type 1 has an invalid length. [ 304.668676][T18699] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4737'. [ 304.671174][T18699] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 304.674895][T18699] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 304.677766][T18699] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 304.679729][T18699] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 304.915792][T18711] tipc: Trying to set illegal importance in message [ 304.917837][T18711] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18711 comm=syz.1.4742 [ 304.924505][T18711] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4742'. [ 304.932451][T18711] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4742'. [ 304.998001][T18722] binder: 18719:18722 ioctl c0306201 200001c0 returned -22 [ 305.078462][T18731] netlink: 'syz.1.4751': attribute type 1 has an invalid length. [ 305.080545][T18731] netlink: 'syz.1.4751': attribute type 3 has an invalid length. [ 305.082858][T18731] NCSI netlink: No device for ifindex 0 [ 305.158639][ T39] audit: type=1400 audit(2000000111.585:899): avc: denied { ioctl } for pid=18736 comm="syz.1.4754" path="socket:[86893]" dev="sockfs" ino=86893 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 305.182458][ T39] audit: type=1400 audit(2000000111.616:900): avc: denied { setopt } for pid=18736 comm="syz.1.4754" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 305.195236][T18743] tipc: Trying to set illegal importance in message [ 305.197796][T18743] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18743 comm=syz.5.4756 [ 305.269903][T18749] qnx4: no qnx4 filesystem (no root dir). [ 305.275775][ T39] audit: type=1400 audit(2000000111.721:901): avc: denied { nlmsg_write } for pid=18748 comm="syz.1.4758" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 305.311539][T18755] bridge0: port 2(bridge_slave_1) entered disabled state [ 305.316637][T18755] bridge0: port 1(bridge_slave_0) entered disabled state [ 305.338123][T18754] nvme_fabrics: missing parameter 'transport=%s' [ 305.340998][T18754] nvme_fabrics: missing parameter 'nqn=%s' [ 305.365462][T18761] netlink: 'syz.1.4764': attribute type 64 has an invalid length. [ 305.483320][T18771] tipc: Trying to set illegal importance in message [ 305.485142][T18771] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18771 comm=syz.1.4768 [ 305.616689][T18779] netlink: 'syz.5.4772': attribute type 10 has an invalid length. [ 305.620184][T18779] syz_tun: entered promiscuous mode [ 305.627984][T18779] rose0: (slave syz_tun): Enslaving as an active interface with an up link [ 305.694125][T18796] IPVS: set_ctl: invalid protocol: 0 10.1.1.1:0 [ 305.697352][T18798] tipc: Trying to set illegal importance in message [ 305.699840][T18798] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18798 comm=syz.7.4779 [ 305.820582][T18812] netlink: 'syz.7.4786': attribute type 1 has an invalid length. [ 305.901133][T18824] tipc: Started in network mode [ 305.904522][T18824] tipc: Node identity 76139d757098, cluster identity 4711 [ 305.906477][T18824] tipc: Enabled bearer , priority 0 [ 305.909132][T18824] syzkaller0: MTU too low for tipc bearer [ 305.910619][T18824] tipc: Disabling bearer [ 305.957179][ T39] audit: type=1400 audit(2000000112.425:902): avc: denied { append } for pid=18835 comm="syz.7.4797" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 305.960652][T18833] tipc: Trying to set illegal importance in message [ 305.966193][T18833] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18833 comm=syz.4.4795 [ 305.969367][ T39] audit: type=1400 audit(2000000112.435:903): avc: denied { setattr } for pid=18835 comm="syz.7.4797" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 306.058176][ T39] audit: type=1400 audit(2000000112.540:904): avc: denied { getopt } for pid=18847 comm="syz.4.4800" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 306.058441][T18849] QAT: Stopping all acceleration devices. [ 306.160859][ T35] usb 10-1: new high-speed USB device number 12 using dummy_hcd [ 306.311392][ T35] usb 10-1: device descriptor read/64, error -71 [ 306.313137][T18860] FAULT_INJECTION: forcing a failure. [ 306.313137][T18860] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 306.316497][T18860] CPU: 0 UID: 0 PID: 18860 Comm: syz.1.4805 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 306.319342][T18860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 306.322014][T18860] Call Trace: [ 306.322847][T18860] [ 306.323594][T18860] dump_stack_lvl+0x16c/0x1f0 [ 306.324800][T18860] should_fail_ex+0x497/0x5b0 [ 306.326013][T18860] _copy_to_user+0x32/0xd0 [ 306.327234][T18860] simple_read_from_buffer+0xd0/0x160 [ 306.328646][T18860] proc_fail_nth_read+0x198/0x270 [ 306.329953][T18860] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 306.331440][T18860] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 306.332980][T18860] vfs_read+0x1df/0xbe0 [ 306.334054][T18860] ? __fget_files+0x1fc/0x3a0 [ 306.335238][T18860] ? __pfx___mutex_lock+0x10/0x10 [ 306.336485][T18860] ? __pfx_vfs_read+0x10/0x10 [ 306.337831][T18860] ? __fget_files+0x206/0x3a0 [ 306.338996][T18860] ksys_read+0x12b/0x250 [ 306.340052][T18860] ? __pfx_ksys_read+0x10/0x10 [ 306.341274][T18860] do_syscall_64+0xcd/0x250 [ 306.342413][T18860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.343892][T18860] RIP: 0033:0x7f8ad0f8472c [ 306.345018][T18860] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 306.349830][T18860] RSP: 002b:00007f8ad1d87030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 306.351864][T18860] RAX: ffffffffffffffda RBX: 00007f8ad1175fa0 RCX: 00007f8ad0f8472c [ 306.353861][T18860] RDX: 000000000000000f RSI: 00007f8ad1d870a0 RDI: 0000000000000003 [ 306.355936][T18860] RBP: 00007f8ad1d87090 R08: 0000000000000000 R09: 0000000000000000 [ 306.358126][T18860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 306.360121][T18860] R13: 0000000000000000 R14: 00007f8ad1175fa0 R15: 00007ffcbf1cdf58 [ 306.362094][T18860] [ 306.409915][ T66] Bluetooth: hci2: unexpected cc 0x0c7b length: 3 < 5 [ 306.512917][T18872] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18872 comm=syz.7.4808 [ 306.518316][T18872] fuse: blksize only supported for fuseblk [ 306.561821][T18874] ./bus: Can't lookup blockdev [ 306.597282][ T35] usb 10-1: new high-speed USB device number 13 using dummy_hcd [ 306.722118][ T35] usb 10-1: device descriptor read/64, error -71 [ 306.770857][T18898] netlink: 'syz.1.4821': attribute type 64 has an invalid length. [ 306.828708][ T35] usb usb10-port1: attempt power cycle [ 306.952612][T18923] binder: 18910:18923 ioctl c0306201 0 returned -14 [ 307.078931][ T39] audit: type=1400 audit(2000000113.611:905): avc: denied { ioctl } for pid=18938 comm="syz.7.4838" path="socket:[89652]" dev="sockfs" ino=89652 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 307.129927][ T39] audit: type=1400 audit(2000000113.653:906): avc: denied { setattr } for pid=18938 comm="syz.7.4838" name="NETLINK" dev="sockfs" ino=89651 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 307.159404][ T35] usb 10-1: new high-speed USB device number 14 using dummy_hcd [ 307.178497][ T35] usb 10-1: device descriptor read/8, error -71 [ 307.417183][ T35] usb 10-1: new high-speed USB device number 15 using dummy_hcd [ 307.435608][ T35] usb 10-1: device descriptor read/8, error -71 [ 307.549931][ T35] usb usb10-port1: unable to enumerate USB device [ 307.843951][ T39] audit: type=1400 audit(2000000114.409:907): avc: denied { lock } for pid=18957 comm="syz.4.4846" path="socket:[91258]" dev="sockfs" ino=91258 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 307.948514][ T39] audit: type=1800 audit(2000000114.514:908): pid=18965 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.7.4849" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 308.001415][T18969] tipc: Trying to set illegal importance in message [ 308.007349][T18968] tipc: Trying to set illegal importance in message [ 308.010224][T18969] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18969 comm=syz.7.4850 [ 308.013625][T18968] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18968 comm=syz.1.4851 [ 308.020925][T18968] FAULT_INJECTION: forcing a failure. [ 308.020925][T18968] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 308.025360][T18968] CPU: 2 UID: 0 PID: 18968 Comm: syz.1.4851 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 308.028719][T18968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 308.032012][T18968] Call Trace: [ 308.032846][T18968] [ 308.033627][T18968] dump_stack_lvl+0x16c/0x1f0 [ 308.035161][T18968] should_fail_ex+0x497/0x5b0 [ 308.036436][T18968] _copy_from_user+0x2e/0xd0 [ 308.037615][T18968] copy_msghdr_from_user+0x99/0x160 [ 308.037836][T18969] __nla_validate_parse: 12 callbacks suppressed [ 308.037846][T18969] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4850'. [ 308.038944][T18968] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 308.044127][T18968] ___sys_sendmsg+0xff/0x1e0 [ 308.045308][T18968] ? __pfx____sys_sendmsg+0x10/0x10 [ 308.046626][T18968] ? __pfx_lock_release+0x10/0x10 [ 308.047878][T18968] ? trace_lock_acquire+0x14e/0x1f0 [ 308.049199][T18968] ? __fget_files+0x206/0x3a0 [ 308.050414][T18968] __sys_sendmsg+0x16e/0x220 [ 308.051585][T18968] ? __pfx___sys_sendmsg+0x10/0x10 [ 308.052611][T18971] bridge0: port 2(bridge_slave_1) entered blocking state [ 308.052894][T18968] do_syscall_64+0xcd/0x250 [ 308.055456][T18971] bridge0: port 2(bridge_slave_1) entered forwarding state [ 308.056508][T18968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.059141][T18971] bridge0: port 1(bridge_slave_0) entered blocking state [ 308.060435][T18968] RIP: 0033:0x7f8ad0f85d19 [ 308.062882][T18971] bridge0: port 1(bridge_slave_0) entered forwarding state [ 308.063915][T18968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 308.071121][T18968] RSP: 002b:00007f8ad1d87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 308.071139][T18968] RAX: ffffffffffffffda RBX: 00007f8ad1175fa0 RCX: 00007f8ad0f85d19 [ 308.076319][T18968] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000008 [ 308.078386][T18968] RBP: 00007f8ad1d87090 R08: 0000000000000000 R09: 0000000000000000 [ 308.080917][T18968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 308.080931][T18968] R13: 0000000000000000 R14: 00007f8ad1175fa0 R15: 00007ffcbf1cdf58 [ 308.085111][T18968] [ 308.086029][ C2] vkms_vblank_simulate: vblank timer overrun [ 308.090155][T18971] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 308.134992][T18974] tipc: Trying to set illegal importance in message [ 308.137281][T18974] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=18974 comm=syz.1.4853 [ 308.172021][T18982] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=18982 comm=syz.4.4856 [ 308.179016][T18977] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4855'. [ 308.183000][T18982] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=18982 comm=syz.4.4856 [ 308.194511][T18983] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4853'. [ 308.211173][T18974] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4853'. [ 308.261209][T18991] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 308.497620][T19013] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4867'. [ 308.672857][T19033] FAULT_INJECTION: forcing a failure. [ 308.672857][T19033] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 308.677542][T19033] CPU: 1 UID: 0 PID: 19033 Comm: syz.7.4874 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 308.681238][T19033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 308.684001][T19033] Call Trace: [ 308.684838][T19033] [ 308.685589][T19033] dump_stack_lvl+0x16c/0x1f0 [ 308.686794][T19033] should_fail_ex+0x497/0x5b0 [ 308.687976][T19033] _copy_from_user+0x2e/0xd0 [ 308.689161][T19033] copy_msghdr_from_user+0x99/0x160 [ 308.690499][T19033] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 308.691962][T19033] ___sys_sendmsg+0xff/0x1e0 [ 308.693153][T19033] ? __pfx____sys_sendmsg+0x10/0x10 [ 308.694486][T19033] ? __pfx_lock_release+0x10/0x10 [ 308.695754][T19033] ? trace_lock_acquire+0x14e/0x1f0 [ 308.697081][T19033] ? __fget_files+0x206/0x3a0 [ 308.698363][T19033] __sys_sendmsg+0x16e/0x220 [ 308.699551][T19033] ? __pfx___sys_sendmsg+0x10/0x10 [ 308.700869][T19033] do_syscall_64+0xcd/0x250 [ 308.702034][T19033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.703540][T19033] RIP: 0033:0x7fe51b385d19 [ 308.704669][T19033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 308.709472][T19033] RSP: 002b:00007fe51c23c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 308.711497][T19033] RAX: ffffffffffffffda RBX: 00007fe51b575fa0 RCX: 00007fe51b385d19 [ 308.713451][T19033] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 308.715426][T19033] RBP: 00007fe51c23c090 R08: 0000000000000000 R09: 0000000000000000 [ 308.717414][T19033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 308.719398][T19033] R13: 0000000000000000 R14: 00007fe51b575fa0 R15: 00007ffe4f780248 [ 308.721353][T19033] [ 308.750159][ T57] usb 9-1: new high-speed USB device number 28 using dummy_hcd [ 308.777925][T19041] validate_nla: 1 callbacks suppressed [ 308.777939][T19041] netlink: 'syz.7.4878': attribute type 64 has an invalid length. [ 308.895105][ T57] usb 9-1: Using ep0 maxpacket: 32 [ 308.897853][ T57] usb 9-1: config index 0 descriptor too short (expected 156, got 27) [ 308.899871][ T57] usb 9-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 308.906176][ T57] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 308.908996][ T57] usb 9-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 308.921435][ T57] usb 9-1: config 0 interface 0 has no altsetting 0 [ 308.924853][ T57] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 308.927157][ T57] usb 9-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 308.929390][ T57] usb 9-1: Product: syz [ 308.930600][ T57] usb 9-1: Manufacturer: syz [ 308.940527][ T57] usb 9-1: SerialNumber: syz [ 308.942945][ T57] usb 9-1: config 0 descriptor?? [ 308.945857][ T57] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 308.947924][T19063] netlink: 'syz.5.4882': attribute type 10 has an invalid length. [ 308.950165][ T57] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 308.958801][T19063] mac80211_hwsim hwsim27 wlan1: entered promiscuous mode [ 308.964908][T19063] mac80211_hwsim hwsim27 wlan1: entered allmulticast mode [ 308.977971][T19063] rose0: (slave wlan1): Enslaving as an active interface with an up link [ 309.200857][ T57] usb 9-1: USB disconnect, device number 28 [ 309.205481][ T57] ldusb 9-1:0.0: LD USB Device #0 now disconnected [ 309.255149][ T9] usb 12-1: new high-speed USB device number 7 using dummy_hcd [ 309.388274][ T9] usb 12-1: device descriptor read/64, error -71 [ 309.626356][ T9] usb 12-1: new high-speed USB device number 8 using dummy_hcd [ 309.770101][ T9] usb 12-1: device descriptor read/64, error -71 [ 309.780537][T19081] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4894'. [ 309.850967][T19087] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4897'. [ 309.860812][T19089] netlink: 'syz.5.4898': attribute type 1 has an invalid length. [ 309.874228][ T9] usb usb12-port1: attempt power cycle [ 310.105737][T19115] tipc: Trying to set illegal importance in message [ 310.112290][T19115] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19115 comm=syz.5.4909 [ 310.134093][T19115] FAULT_INJECTION: forcing a failure. [ 310.134093][T19115] name failslab, interval 1, probability 0, space 0, times 0 [ 310.138047][T19115] CPU: 3 UID: 0 PID: 19115 Comm: syz.5.4909 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 310.140814][T19115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 310.143430][T19115] Call Trace: [ 310.144277][T19115] [ 310.145017][T19115] dump_stack_lvl+0x16c/0x1f0 [ 310.146205][T19115] should_fail_ex+0x497/0x5b0 [ 310.147424][T19115] ? fs_reclaim_acquire+0xae/0x150 [ 310.148721][T19115] should_failslab+0xc2/0x120 [ 310.149913][T19115] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 310.150027][T19118] tipc: Trying to set illegal importance in message [ 310.151422][T19115] ? __alloc_skb+0x2b1/0x380 [ 310.154387][T19115] __alloc_skb+0x2b1/0x380 [ 310.155498][T19115] ? __pfx___alloc_skb+0x10/0x10 [ 310.156759][T19115] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 310.158335][T19115] netlink_alloc_large_skb+0x69/0x130 [ 310.159751][T19115] netlink_sendmsg+0x689/0xd70 [ 310.160034][T19118] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19118 comm=syz.1.4911 [ 310.160997][T19115] ? __pfx_netlink_sendmsg+0x10/0x10 [ 310.165404][T19115] ____sys_sendmsg+0xaaf/0xc90 [ 310.166644][T19115] ? copy_msghdr_from_user+0x10b/0x160 [ 310.168026][T19115] ? __pfx_____sys_sendmsg+0x10/0x10 [ 310.169465][T19115] ___sys_sendmsg+0x135/0x1e0 [ 310.170709][T19115] ? __pfx____sys_sendmsg+0x10/0x10 [ 310.172023][T19115] ? __pfx_lock_release+0x10/0x10 [ 310.173268][T19115] ? trace_lock_acquire+0x14e/0x1f0 [ 310.174642][T19115] ? __fget_files+0x206/0x3a0 [ 310.175880][T19115] __sys_sendmsg+0x16e/0x220 [ 310.177095][T19115] ? __pfx___sys_sendmsg+0x10/0x10 [ 310.178593][T19115] do_syscall_64+0xcd/0x250 [ 310.180183][T19115] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.182212][T19115] RIP: 0033:0x7f899bb85d19 [ 310.183512][T19115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 310.188479][T19115] RSP: 002b:00007f899c929038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 310.190569][T19115] RAX: ffffffffffffffda RBX: 00007f899bd75fa0 RCX: 00007f899bb85d19 [ 310.192529][T19115] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000008 [ 310.194482][T19115] RBP: 00007f899c929090 R08: 0000000000000000 R09: 0000000000000000 [ 310.196411][T19115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 310.198364][T19115] R13: 0000000000000000 R14: 00007f899bd75fa0 R15: 00007fff4cad1868 [ 310.200947][T19115] [ 310.215783][T19118] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4911'. [ 310.217017][ T9] usb 12-1: new high-speed USB device number 9 using dummy_hcd [ 310.246377][ T9] usb 12-1: device descriptor read/8, error -71 [ 310.278684][T19121] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4912'. [ 310.328316][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 310.328333][ T39] audit: type=1400 audit(2000000117.012:911): avc: denied { mounton } for pid=19126 comm="syz.1.4914" path="/92/bus" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ptmx_t tclass=chr_file permissive=1 [ 310.397037][T19129] XFS (nullb0): Invalid superblock magic number [ 310.417755][T19091] syz.4.4899 (19091) used greatest stack depth: 20112 bytes left [ 310.456085][T19143] tipc: Trying to set illegal importance in message [ 310.461629][T19143] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19143 comm=syz.5.4918 [ 310.474412][ T9] usb 12-1: new high-speed USB device number 10 using dummy_hcd [ 310.478067][T19143] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4918'. [ 310.493795][ T9] usb 12-1: device descriptor read/8, error -71 [ 310.610444][ T9] usb usb12-port1: unable to enumerate USB device [ 310.641881][T19158] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 310.818034][T19177] FAULT_INJECTION: forcing a failure. [ 310.818034][T19177] name failslab, interval 1, probability 0, space 0, times 0 [ 310.821689][T19177] CPU: 2 UID: 0 PID: 19177 Comm: syz.5.4933 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 310.824433][T19177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 310.827728][T19177] Call Trace: [ 310.828600][T19177] [ 310.829361][T19177] dump_stack_lvl+0x16c/0x1f0 [ 310.830598][T19177] should_fail_ex+0x497/0x5b0 [ 310.832074][T19177] ? fs_reclaim_acquire+0xae/0x150 [ 310.833640][T19177] should_failslab+0xc2/0x120 [ 310.835250][T19177] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 310.837112][T19177] ? __alloc_skb+0x2b1/0x380 [ 310.838458][T19177] __alloc_skb+0x2b1/0x380 [ 310.839601][T19177] ? __pfx___alloc_skb+0x10/0x10 [ 310.840872][T19177] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 310.842427][T19177] netlink_alloc_large_skb+0x69/0x130 [ 310.843809][T19177] netlink_sendmsg+0x689/0xd70 [ 310.845170][T19177] ? __pfx_netlink_sendmsg+0x10/0x10 [ 310.846888][T19177] ____sys_sendmsg+0xaaf/0xc90 [ 310.848392][T19177] ? copy_msghdr_from_user+0x10b/0x160 [ 310.850121][T19177] ? __pfx_____sys_sendmsg+0x10/0x10 [ 310.851738][T19177] ___sys_sendmsg+0x135/0x1e0 [ 310.853240][T19177] ? __pfx____sys_sendmsg+0x10/0x10 [ 310.854852][T19177] ? __pfx_lock_release+0x10/0x10 [ 310.856377][T19177] ? trace_lock_acquire+0x14e/0x1f0 [ 310.858001][T19177] ? __fget_files+0x206/0x3a0 [ 310.859498][T19177] __sys_sendmsg+0x16e/0x220 [ 310.860782][T19177] ? __pfx___sys_sendmsg+0x10/0x10 [ 310.862421][T19177] do_syscall_64+0xcd/0x250 [ 310.863707][T19177] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.865292][T19177] RIP: 0033:0x7f899bb85d19 [ 310.866438][T19177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 310.871253][T19177] RSP: 002b:00007f899c929038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 310.873366][T19177] RAX: ffffffffffffffda RBX: 00007f899bd75fa0 RCX: 00007f899bb85d19 [ 310.875522][T19177] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 310.877921][T19177] RBP: 00007f899c929090 R08: 0000000000000000 R09: 0000000000000000 [ 310.880348][T19177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 310.882360][T19177] R13: 0000000000000000 R14: 00007f899bd75fa0 R15: 00007fff4cad1868 [ 310.884345][T19177] [ 310.933450][T19184] netlink: 'syz.1.4936': attribute type 64 has an invalid length. [ 311.011866][ T39] audit: type=1400 audit(2000000117.737:912): avc: denied { getopt } for pid=19194 comm="syz.5.4939" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 311.309163][T19235] netlink: 'syz.1.4956': attribute type 1 has an invalid length. [ 311.450588][ T39] audit: type=1400 audit(2000000118.199:913): avc: denied { create } for pid=19249 comm="syz.4.4963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmsvc_socket permissive=1 [ 311.491276][T19255] tipc: Trying to set illegal importance in message [ 311.494718][T19255] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19255 comm=syz.1.4966 [ 311.527576][T19259] tipc: Trying to set illegal importance in message [ 311.530044][T19259] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19259 comm=syz.4.4968 [ 311.672357][T19278] binder: 19277:19278 ioctl c0306201 0 returned -14 [ 311.675717][T19278] No control pipe specified [ 311.727910][T19282] binder: 19277:19282 ioctl 81f8943c 20000200 returned -22 [ 311.870231][T19289] tipc: Trying to set illegal importance in message [ 312.360039][ T35] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 312.490476][T19338] netlink: 'syz.4.4995': attribute type 64 has an invalid length. [ 312.494195][ T35] usb 6-1: device descriptor read/64, error -71 [ 312.554389][T19344] xt_hashlimit: size too large, truncated to 1048576 [ 312.750399][ T35] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 312.840767][T19366] openvswitch: netlink: Flow key attr not present in new flow. [ 312.844223][ T39] audit: type=1400 audit(2000000119.658:914): avc: denied { setopt } for pid=19364 comm="syz.5.5007" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 312.893349][ T35] usb 6-1: device descriptor read/64, error -71 [ 312.986898][T19375] netlink: 'syz.5.5012': attribute type 1 has an invalid length. [ 313.007809][ T35] usb usb6-port1: attempt power cycle [ 313.088314][ T57] hid-generic 0000:0000:0000.000B: collection stack underflow [ 313.090257][ T57] hid-generic 0000:0000:0000.000B: item 0 0 0 12 parsing failed [ 313.092324][ T57] hid-generic 0000:0000:0000.000B: probe with driver hid-generic failed with error -22 [ 313.173051][T19390] VFS: could not find a valid V7 on nullb0. [ 313.179520][ T832] usb 12-1: new high-speed USB device number 11 using dummy_hcd [ 313.223356][T19398] __nla_validate_parse: 6 callbacks suppressed [ 313.223365][T19398] netlink: 228 bytes leftover after parsing attributes in process `syz.4.5021'. [ 313.229223][T19398] netlink: 'syz.4.5021': attribute type 5 has an invalid length. [ 313.273853][T19403] tipc: Trying to set illegal importance in message [ 313.277495][T19403] selinux_netlink_send: 2 callbacks suppressed [ 313.277504][T19403] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19403 comm=syz.4.5022 [ 313.280116][T19405] tipc: Trying to set illegal importance in message [ 313.283352][T19403] FAULT_INJECTION: forcing a failure. [ 313.283352][T19403] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 313.284651][T19405] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19405 comm=syz.5.5023 [ 313.288912][T19403] CPU: 1 UID: 0 PID: 19403 Comm: syz.4.5022 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 313.293391][T19403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 313.294776][T19405] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5023'. [ 313.296272][T19403] Call Trace: [ 313.296279][T19403] [ 313.300296][T19403] dump_stack_lvl+0x16c/0x1f0 [ 313.301516][T19403] should_fail_ex+0x497/0x5b0 [ 313.302702][T19403] _copy_from_iter+0x2a1/0x1560 [ 313.303928][T19403] ? trace_lock_acquire+0x14e/0x1f0 [ 313.305218][T19403] ? __alloc_skb+0x1fe/0x380 [ 313.306439][T19403] ? __pfx__copy_from_iter+0x10/0x10 [ 313.307770][T19403] ? __virt_addr_valid+0x1a4/0x590 [ 313.309074][T19403] ? __virt_addr_valid+0x5e/0x590 [ 313.310368][T19403] ? __phys_addr_symbol+0x30/0x80 [ 313.311639][T19403] ? __check_object_size+0x488/0x710 [ 313.313006][T19403] netlink_sendmsg+0x813/0xd70 [ 313.314233][T19403] ? __pfx_netlink_sendmsg+0x10/0x10 [ 313.315578][T19403] ____sys_sendmsg+0xaaf/0xc90 [ 313.316828][T19403] ? copy_msghdr_from_user+0x10b/0x160 [ 313.318195][T19403] ? __pfx_____sys_sendmsg+0x10/0x10 [ 313.319548][T19403] ___sys_sendmsg+0x135/0x1e0 [ 313.320812][T19403] ? __pfx____sys_sendmsg+0x10/0x10 [ 313.322134][T19403] ? __pfx_lock_release+0x10/0x10 [ 313.323418][T19403] ? trace_lock_acquire+0x14e/0x1f0 [ 313.324746][T19403] ? __fget_files+0x206/0x3a0 [ 313.325960][T19403] __sys_sendmsg+0x16e/0x220 [ 313.327160][T19403] ? __pfx___sys_sendmsg+0x10/0x10 [ 313.328488][T19403] do_syscall_64+0xcd/0x250 [ 313.329670][T19403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.331166][T19403] RIP: 0033:0x7fe397f85d19 [ 313.332292][T19403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 313.332679][ T832] usb 12-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 313.337047][T19403] RSP: 002b:00007fe398ce7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 313.341458][ T35] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 313.342988][T19403] RAX: ffffffffffffffda RBX: 00007fe398175fa0 RCX: 00007fe397f85d19 [ 313.342998][T19403] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000008 [ 313.343005][T19403] RBP: 00007fe398ce7090 R08: 0000000000000000 R09: 0000000000000000 [ 313.343012][T19403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 313.343018][T19403] R13: 0000000000000000 R14: 00007fe398175fa0 R15: 00007ffccd9480b8 [ 313.343031][T19403] [ 313.352385][ T832] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 313.361000][ T832] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 313.369806][ T832] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 313.373280][ T832] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 313.379787][ T35] usb 6-1: device descriptor read/8, error -71 [ 313.380285][ T832] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 313.386936][ T832] usb 12-1: config 0 descriptor?? [ 313.389184][T19373] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22 [ 313.421848][T19413] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5026'. [ 313.504932][ T1416] ieee802154 phy0 wpan0: encryption failed: -22 [ 313.506561][ T1416] ieee802154 phy1 wpan1: encryption failed: -22 [ 313.583036][T19429] random: crng reseeded on system resumption [ 313.617856][ T35] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 313.635620][T19433] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(9) [ 313.637365][T19433] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 313.640358][ T35] usb 6-1: device descriptor read/8, error -71 [ 313.642903][T19433] vhci_hcd vhci_hcd.0: Device attached [ 313.644426][T19435] vhci_hcd: cannot find the pending unlink 5 [ 313.669833][T19435] vhci_hcd: connection closed [ 313.671142][T12242] vhci_hcd: stop threads [ 313.671289][ T832] usbhid 12-1:0.0: can't add hid device: -71 [ 313.672350][T12242] vhci_hcd: release socket [ 313.672361][T12242] vhci_hcd: disconnect device [ 313.673720][ T832] usbhid 12-1:0.0: probe with driver usbhid failed with error -71 [ 313.682796][ T39] audit: type=1400 audit(2000000120.540:915): avc: denied { append } for pid=19441 comm="syz.4.5033" name="pfkey" dev="proc" ino=4026534756 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 313.685338][ T832] usb 12-1: USB disconnect, device number 11 [ 313.693264][T19444] cgroup2: Unknown parameter 'euid' [ 313.701985][T19444] Cannot find del_set index 2 as target [ 313.743095][ T35] usb usb6-port1: unable to enumerate USB device [ 313.762049][T19449] tipc: Trying to set illegal importance in message [ 313.764728][T19449] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19449 comm=syz.4.5035 [ 313.776359][ T39] audit: type=1400 audit(2000000120.634:916): avc: denied { setattr } for pid=19448 comm="syz.4.5035" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 313.795795][T19449] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5035'. [ 313.969217][T19472] FAULT_INJECTION: forcing a failure. [ 313.969217][T19472] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 313.974658][T19472] CPU: 2 UID: 0 PID: 19472 Comm: syz.5.5045 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 313.977355][T19472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 313.980059][T19472] Call Trace: [ 313.981090][T19472] [ 313.981915][T19472] dump_stack_lvl+0x16c/0x1f0 [ 313.983114][T19472] should_fail_ex+0x497/0x5b0 [ 313.984447][T19472] _copy_from_iter+0x2a1/0x1560 [ 313.985894][T19472] ? trace_lock_acquire+0x14e/0x1f0 [ 313.987437][T19472] ? __alloc_skb+0x1fe/0x380 [ 313.988842][T19472] ? __pfx__copy_from_iter+0x10/0x10 [ 313.990427][T19472] ? __virt_addr_valid+0x1a4/0x590 [ 313.991962][T19472] ? __virt_addr_valid+0x5e/0x590 [ 313.993453][T19472] ? __phys_addr_symbol+0x30/0x80 [ 313.994795][T19472] ? __check_object_size+0x488/0x710 [ 313.996106][T19472] netlink_sendmsg+0x813/0xd70 [ 313.997311][T19472] ? __pfx_netlink_sendmsg+0x10/0x10 [ 313.998660][T19472] ____sys_sendmsg+0xaaf/0xc90 [ 313.999863][T19472] ? copy_msghdr_from_user+0x10b/0x160 [ 314.001214][T19472] ? __pfx_____sys_sendmsg+0x10/0x10 [ 314.002542][T19472] ___sys_sendmsg+0x135/0x1e0 [ 314.003732][T19472] ? __pfx____sys_sendmsg+0x10/0x10 [ 314.005021][T19472] ? __pfx_lock_release+0x10/0x10 [ 314.006286][T19472] ? trace_lock_acquire+0x14e/0x1f0 [ 314.007583][T19472] ? __fget_files+0x206/0x3a0 [ 314.008757][T19472] __sys_sendmsg+0x16e/0x220 [ 314.009918][T19472] ? __pfx___sys_sendmsg+0x10/0x10 [ 314.011215][T19472] do_syscall_64+0xcd/0x250 [ 314.012342][T19472] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.013812][T19472] RIP: 0033:0x7f899bb85d19 [ 314.014923][T19472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 314.019658][T19472] RSP: 002b:00007f899c929038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 314.021683][T19472] RAX: ffffffffffffffda RBX: 00007f899bd75fa0 RCX: 00007f899bb85d19 [ 314.023601][T19472] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 314.025554][T19472] RBP: 00007f899c929090 R08: 0000000000000000 R09: 0000000000000000 [ 314.027523][T19472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 314.029404][T19472] R13: 0000000000000000 R14: 00007f899bd75fa0 R15: 00007fff4cad1868 [ 314.031316][T19472] [ 314.297363][T19483] binder: 19482:19483 ioctl c0306201 0 returned -14 [ 314.336796][T19487] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5051'. [ 314.356471][T19490] netlink: 'syz.4.5052': attribute type 64 has an invalid length. [ 314.623322][T19524] syz.4.5061 (19524): drop_caches: 2 [ 314.673777][ T5991] IPVS: starting estimator thread 0... [ 314.690318][T19541] netlink: 'syz.5.5068': attribute type 1 has an invalid length. [ 314.761308][T19537] IPVS: using max 37 ests per chain, 88800 per kthread [ 314.807921][T19565] tipc: Trying to set illegal importance in message [ 314.810703][T19565] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19565 comm=syz.7.5078 [ 314.816467][T19565] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5078'. [ 314.830865][T19567] tipc: Trying to set illegal importance in message [ 314.832668][T19567] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19567 comm=syz.5.5079 [ 314.838194][T19567] FAULT_INJECTION: forcing a failure. [ 314.838194][T19567] name failslab, interval 1, probability 0, space 0, times 0 [ 314.841951][T19567] CPU: 0 UID: 0 PID: 19567 Comm: syz.5.5079 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 314.844541][T19567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 314.847170][T19567] Call Trace: [ 314.848001][T19567] [ 314.848752][T19567] dump_stack_lvl+0x16c/0x1f0 [ 314.849047][T19569] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 314.849933][T19567] should_fail_ex+0x497/0x5b0 [ 314.854617][T19567] should_failslab+0xc2/0x120 [ 314.855811][T19567] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 314.857345][T19567] ? skb_clone+0x190/0x3f0 [ 314.858578][T19567] skb_clone+0x190/0x3f0 [ 314.859869][T19567] netlink_deliver_tap+0xabd/0xd30 [ 314.861236][T19567] netlink_unicast+0x5e1/0x7f0 [ 314.862470][T19567] ? __pfx_netlink_unicast+0x10/0x10 [ 314.863841][T19567] netlink_sendmsg+0x8b8/0xd70 [ 314.865087][T19567] ? __pfx_netlink_sendmsg+0x10/0x10 [ 314.866652][T19567] ____sys_sendmsg+0xaaf/0xc90 [ 314.868223][T19567] ? copy_msghdr_from_user+0x10b/0x160 [ 314.869966][T19567] ? __pfx_____sys_sendmsg+0x10/0x10 [ 314.871682][T19567] ___sys_sendmsg+0x135/0x1e0 [ 314.873218][T19567] ? __pfx____sys_sendmsg+0x10/0x10 [ 314.874838][T19567] ? __pfx_lock_release+0x10/0x10 [ 314.876483][T19567] ? trace_lock_acquire+0x14e/0x1f0 [ 314.877986][T19567] ? __fget_files+0x206/0x3a0 [ 314.879182][T19567] __sys_sendmsg+0x16e/0x220 [ 314.880349][T19567] ? __pfx___sys_sendmsg+0x10/0x10 [ 314.881681][T19567] do_syscall_64+0xcd/0x250 [ 314.882855][T19567] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.884369][T19567] RIP: 0033:0x7f899bb85d19 [ 314.885196][ T66] Bluetooth: Wrong link type (-57) [ 314.885598][T19567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 314.885612][T19567] RSP: 002b:00007f899c929038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 314.894188][T19567] RAX: ffffffffffffffda RBX: 00007f899bd75fa0 RCX: 00007f899bb85d19 [ 314.896181][T19567] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000008 [ 314.898139][T19567] RBP: 00007f899c929090 R08: 0000000000000000 R09: 0000000000000000 [ 314.900124][T19567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 314.902694][T19567] R13: 0000000000000000 R14: 00007f899bd75fa0 R15: 00007fff4cad1868 [ 314.905272][T19567] [ 314.908021][T19567] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5079'. [ 314.936422][T19576] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5082'. [ 315.031983][T19585] hfsplus: unable to find HFS+ superblock [ 315.040605][T19593] dccp_invalid_packet: P.Data Offset(59) too large [ 315.132142][T19598] tipc: Trying to set illegal importance in message [ 315.134500][T19598] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19598 comm=syz.5.5091 [ 315.151419][T19598] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5091'. [ 315.514312][ T5992] usb 10-1: new high-speed USB device number 16 using dummy_hcd [ 315.636894][ T5992] usb 10-1: device descriptor read/64, error -71 [ 315.640018][T19631] FAULT_INJECTION: forcing a failure. [ 315.640018][T19631] name failslab, interval 1, probability 0, space 0, times 0 [ 315.643103][T19631] CPU: 3 UID: 0 PID: 19631 Comm: syz.1.5102 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 315.645674][T19631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 315.648285][T19631] Call Trace: [ 315.649122][T19631] [ 315.649860][T19631] dump_stack_lvl+0x16c/0x1f0 [ 315.651021][T19631] should_fail_ex+0x497/0x5b0 [ 315.652162][T19631] should_failslab+0xc2/0x120 [ 315.653313][T19631] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 315.654643][T19631] ? skb_clone+0x190/0x3f0 [ 315.655739][T19631] skb_clone+0x190/0x3f0 [ 315.656785][T19631] netlink_deliver_tap+0xabd/0xd30 [ 315.658039][T19631] netlink_unicast+0x5e1/0x7f0 [ 315.659221][T19631] ? __pfx_netlink_unicast+0x10/0x10 [ 315.660535][T19631] netlink_sendmsg+0x8b8/0xd70 [ 315.661707][T19631] ? __pfx_netlink_sendmsg+0x10/0x10 [ 315.662993][T19631] ____sys_sendmsg+0xaaf/0xc90 [ 315.664159][T19631] ? copy_msghdr_from_user+0x10b/0x160 [ 315.665496][T19631] ? __pfx_____sys_sendmsg+0x10/0x10 [ 315.666799][T19631] ___sys_sendmsg+0x135/0x1e0 [ 315.667969][T19631] ? __pfx____sys_sendmsg+0x10/0x10 [ 315.669247][T19631] ? __pfx_lock_release+0x10/0x10 [ 315.670512][T19631] ? trace_lock_acquire+0x14e/0x1f0 [ 315.671775][T19631] ? __fget_files+0x206/0x3a0 [ 315.672935][T19631] __sys_sendmsg+0x16e/0x220 [ 315.674077][T19631] ? __pfx___sys_sendmsg+0x10/0x10 [ 315.675428][T19631] do_syscall_64+0xcd/0x250 [ 315.676627][T19631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.678083][T19631] RIP: 0033:0x7f8ad0f85d19 [ 315.679177][T19631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 315.683869][T19631] RSP: 002b:00007f8ad1d87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 315.685854][T19631] RAX: ffffffffffffffda RBX: 00007f8ad1175fa0 RCX: 00007f8ad0f85d19 [ 315.687795][T19631] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 315.689704][T19631] RBP: 00007f8ad1d87090 R08: 0000000000000000 R09: 0000000000000000 [ 315.691613][T19631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 315.693574][T19631] R13: 0000000000000000 R14: 00007f8ad1175fa0 R15: 00007ffcbf1cdf58 [ 315.695537][T19631] [ 315.737106][T19635] netlink: 'syz.7.5104': attribute type 3 has an invalid length. [ 315.739205][T19635] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5104'. [ 315.755633][T19635] team0: Device wg2 is of different type [ 315.865346][ T5992] usb 10-1: new high-speed USB device number 17 using dummy_hcd [ 315.934375][T19648] netlink: 'syz.4.5109': attribute type 64 has an invalid length. [ 315.990096][ T5992] usb 10-1: device descriptor read/64, error -71 [ 316.055897][T19660] erspan1: entered promiscuous mode [ 316.075866][T19666] binder: 19665:19666 ioctl c0306201 0 returned -14 [ 316.077741][T19666] binder: 19665:19666 ioctl c0306201 20000080 returned -11 [ 316.104296][T19670] overlayfs: workdir and upperdir must reside under the same mount [ 316.104432][ T5992] usb usb10-port1: attempt power cycle [ 316.181963][T19686] netlink: 'syz.1.5125': attribute type 1 has an invalid length. [ 316.242632][ T39] audit: type=1400 audit(2000000125.229:917): avc: denied { bind } for pid=19698 comm="syz.7.5129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 316.278559][T19702] trusted_key: encrypted_key: insufficient parameters specified [ 316.281502][T19702] netlink: 'syz.7.5130': attribute type 2 has an invalid length. [ 316.339515][T19713] tipc: Trying to set illegal importance in message [ 316.341427][T19713] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19713 comm=syz.7.5134 [ 316.358280][T19715] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20003 - 0 [ 316.360641][T19715] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20003 - 0 [ 316.362922][T19715] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20003 - 0 [ 316.365056][T19715] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20003 - 0 [ 316.367202][T19715] geneve2: entered promiscuous mode [ 316.368559][T19715] geneve2: entered allmulticast mode [ 316.427627][ T5992] usb 10-1: new high-speed USB device number 18 using dummy_hcd [ 316.432962][T19718] block nbd4: shutting down sockets [ 316.447014][ T5992] usb 10-1: device descriptor read/8, error -71 [ 316.460538][T19723] tipc: Trying to set illegal importance in message [ 316.462292][T19723] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19723 comm=syz.7.5139 [ 316.467111][T19723] FAULT_INJECTION: forcing a failure. [ 316.467111][T19723] name failslab, interval 1, probability 0, space 0, times 0 [ 316.470591][T19723] CPU: 3 UID: 0 PID: 19723 Comm: syz.7.5139 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 316.473143][T19723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 316.475742][T19723] Call Trace: [ 316.476618][T19723] [ 316.477402][T19723] dump_stack_lvl+0x16c/0x1f0 [ 316.478711][T19723] should_fail_ex+0x497/0x5b0 [ 316.479860][T19723] ? fs_reclaim_acquire+0xae/0x150 [ 316.481405][T19723] should_failslab+0xc2/0x120 [ 316.482989][T19723] __kmalloc_cache_noprof+0x68/0x410 [ 316.484756][T19723] ? find_held_lock+0x2d/0x110 [ 316.486448][T19723] rtnl_newlink+0x109/0x1d60 [ 316.487881][T19723] ? hlock_class+0x4e/0x130 [ 316.488978][T19723] ? __lock_acquire+0xcc5/0x3c40 [ 316.490186][T19723] ? __pfx_rtnl_newlink+0x10/0x10 [ 316.491408][T19723] ? __pfx___lock_acquire+0x10/0x10 [ 316.492690][T19723] ? cred_has_capability.isra.0+0x192/0x2f0 [ 316.494217][T19723] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 316.495717][T19723] ? find_held_lock+0x2d/0x110 [ 316.496897][T19723] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 316.498172][T19723] ? __pfx_lock_release+0x10/0x10 [ 316.499416][T19723] ? trace_lock_acquire+0x14e/0x1f0 [ 316.500722][T19723] ? __pfx_rtnl_newlink+0x10/0x10 [ 316.502029][T19723] rtnetlink_rcv_msg+0x95b/0xea0 [ 316.503307][T19723] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 316.504765][T19723] netlink_rcv_skb+0x16b/0x440 [ 316.505954][T19723] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 316.507333][T19723] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 316.508615][T19723] ? netlink_deliver_tap+0x1ae/0xd30 [ 316.509926][T19723] netlink_unicast+0x53c/0x7f0 [ 316.511100][T19723] ? __pfx_netlink_unicast+0x10/0x10 [ 316.512404][T19723] netlink_sendmsg+0x8b8/0xd70 [ 316.513593][T19723] ? __pfx_netlink_sendmsg+0x10/0x10 [ 316.514894][T19723] ____sys_sendmsg+0xaaf/0xc90 [ 316.516048][T19723] ? copy_msghdr_from_user+0x10b/0x160 [ 316.517421][T19723] ? __pfx_____sys_sendmsg+0x10/0x10 [ 316.518748][T19723] ___sys_sendmsg+0x135/0x1e0 [ 316.519905][T19723] ? __pfx____sys_sendmsg+0x10/0x10 [ 316.521197][T19723] ? __pfx_lock_release+0x10/0x10 [ 316.522443][T19723] ? trace_lock_acquire+0x14e/0x1f0 [ 316.523753][T19723] ? __fget_files+0x206/0x3a0 [ 316.524897][T19723] __sys_sendmsg+0x16e/0x220 [ 316.526025][T19723] ? __pfx___sys_sendmsg+0x10/0x10 [ 316.527299][T19723] do_syscall_64+0xcd/0x250 [ 316.528429][T19723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.529873][T19723] RIP: 0033:0x7fe51b385d19 [ 316.530979][T19723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 316.535589][T19723] RSP: 002b:00007fe51c23c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 316.537860][T19723] RAX: ffffffffffffffda RBX: 00007fe51b575fa0 RCX: 00007fe51b385d19 [ 316.539707][T19723] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000008 [ 316.541597][T19723] RBP: 00007fe51c23c090 R08: 0000000000000000 R09: 0000000000000000 [ 316.543535][T19723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 316.545436][T19723] R13: 0000000000000000 R14: 00007fe51b575fa0 R15: 00007ffe4f780248 [ 316.547368][T19723] [ 316.582085][T19730] trusted_key: encrypted_key: insufficient parameters specified [ 316.585265][T19730] netlink: 'syz.4.5141': attribute type 2 has an invalid length. [ 316.592597][T19730] bridge0: port 2(bridge_slave_1) entered disabled state [ 316.594610][T19730] bridge0: port 1(bridge_slave_0) entered disabled state [ 316.684631][ T5992] usb 10-1: new high-speed USB device number 19 using dummy_hcd [ 316.704244][ T5992] usb 10-1: device descriptor read/8, error -71 [ 316.783531][T19755] tipc: Trying to set illegal importance in message [ 316.785365][T19755] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19755 comm=syz.7.5150 [ 316.818050][ T5992] usb usb10-port1: unable to enumerate USB device [ 318.169417][T19766] trusted_key: encrypted_key: insufficient parameters specified [ 318.172813][T19766] netlink: 'syz.5.5153': attribute type 2 has an invalid length. [ 318.218852][ T39] audit: type=1400 audit(2000000127.297:918): avc: denied { audit_write } for pid=19773 comm="syz.5.5158" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 318.224759][ T39] audit: type=1107 audit(2000000127.308:919): pid=19773 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 318.225183][T19775] __nla_validate_parse: 6 callbacks suppressed [ 318.225197][T19775] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5158'. [ 318.245061][T19783] FAULT_INJECTION: forcing a failure. [ 318.245061][T19783] name failslab, interval 1, probability 0, space 0, times 0 [ 318.248388][T19775] netlink: 9 bytes leftover after parsing attributes in process `syz.5.5158'. [ 318.252156][T19783] CPU: 1 UID: 0 PID: 19783 Comm: syz.1.5160 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 318.261333][T19783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 318.264375][T19783] Call Trace: [ 318.265337][T19783] [ 318.266212][T19783] dump_stack_lvl+0x16c/0x1f0 [ 318.267581][T19783] should_fail_ex+0x497/0x5b0 [ 318.268960][T19783] ? fs_reclaim_acquire+0xae/0x150 [ 318.270474][T19783] should_failslab+0xc2/0x120 [ 318.271805][T19783] __kmalloc_noprof+0xcb/0x510 [ 318.273181][T19783] ? __pfx___mutex_lock+0x10/0x10 [ 318.274644][T19783] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 318.276678][T19783] genl_start+0x18e/0x960 [ 318.277942][T19783] __netlink_dump_start+0x607/0x970 [ 318.279413][T19783] genl_family_rcv_msg_dumpit+0x1e1/0x2e0 [ 318.281041][T19783] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 318.282827][T19783] ? __pfx_genl_get_cmd+0x10/0x10 [ 318.284270][T19783] ? __pfx_genl_start+0x10/0x10 [ 318.285678][T19783] ? __pfx_genl_dumpit+0x10/0x10 [ 318.287106][T19783] ? __pfx_genl_done+0x10/0x10 [ 318.288487][T19783] ? __radix_tree_lookup+0x21f/0x2c0 [ 318.289997][T19783] genl_rcv_msg+0x470/0x800 [ 318.291301][T19783] ? __pfx_genl_rcv_msg+0x10/0x10 [ 318.292759][T19783] ? __pfx_smcr_nl_get_device+0x10/0x10 [ 318.294349][T19783] netlink_rcv_skb+0x16b/0x440 [ 318.295727][T19783] ? __pfx_genl_rcv_msg+0x10/0x10 [ 318.297209][T19783] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 318.298721][T19783] ? down_read+0xc9/0x330 [ 318.300005][T19783] ? __pfx_down_read+0x10/0x10 [ 318.301391][T19783] ? netlink_deliver_tap+0x1ae/0xd30 [ 318.302920][T19783] genl_rcv+0x28/0x40 [ 318.304082][T19783] netlink_unicast+0x53c/0x7f0 [ 318.305621][T19783] ? __pfx_netlink_unicast+0x10/0x10 [ 318.307153][T19783] netlink_sendmsg+0x8b8/0xd70 [ 318.308531][T19783] ? __pfx_netlink_sendmsg+0x10/0x10 [ 318.310105][T19783] ____sys_sendmsg+0xaaf/0xc90 [ 318.311464][T19783] ? copy_msghdr_from_user+0x10b/0x160 [ 318.313008][T19783] ? __pfx_____sys_sendmsg+0x10/0x10 [ 318.314562][T19783] ___sys_sendmsg+0x135/0x1e0 [ 318.315918][T19783] ? __pfx____sys_sendmsg+0x10/0x10 [ 318.317451][T19783] ? __pfx_lock_release+0x10/0x10 [ 318.318902][T19783] ? trace_lock_acquire+0x14e/0x1f0 [ 318.320412][T19783] ? __fget_files+0x206/0x3a0 [ 318.321777][T19783] __sys_sendmsg+0x16e/0x220 [ 318.323118][T19783] ? __pfx___sys_sendmsg+0x10/0x10 [ 318.324614][T19783] do_syscall_64+0xcd/0x250 [ 318.325934][T19783] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.327632][T19783] RIP: 0033:0x7f8ad0f85d19 [ 318.328901][T19783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 318.334262][T19783] RSP: 002b:00007f8ad1d87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 318.336613][T19783] RAX: ffffffffffffffda RBX: 00007f8ad1175fa0 RCX: 00007f8ad0f85d19 [ 318.338847][T19783] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 318.341058][T19783] RBP: 00007f8ad1d87090 R08: 0000000000000000 R09: 0000000000000000 [ 318.343306][T19783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 318.345528][T19783] R13: 0000000000000000 R14: 00007f8ad1175fa0 R15: 00007ffcbf1cdf58 [ 318.347748][T19783] [ 318.505889][T19799] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 318.508373][T19799] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 318.541489][T19801] netlink: 'syz.1.5168': attribute type 64 has an invalid length. [ 318.568225][T19803] dlm: no locking on control device [ 318.571543][T19803] netlink: 188 bytes leftover after parsing attributes in process `syz.1.5169'. [ 318.608939][ T5991] usb 10-1: new high-speed USB device number 20 using dummy_hcd [ 318.723393][ T35] usb 12-1: new high-speed USB device number 12 using dummy_hcd [ 318.732608][ T5991] usb 10-1: device descriptor read/64, error -71 [ 318.848172][T19827] binder: 19826:19827 ioctl c0306201 0 returned -14 [ 318.850784][ T39] audit: type=1400 audit(2000000127.969:920): avc: denied { bind } for pid=19826 comm="syz.1.5178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 318.851187][T19827] binder: 19826:19827 ioctl c0306201 20000080 returned -11 [ 318.855382][ T39] audit: type=1400 audit(2000000127.969:921): avc: denied { write } for pid=19826 comm="syz.1.5178" path="socket:[94632]" dev="sockfs" ino=94632 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 318.886504][ T35] usb 12-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 318.888784][ T35] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 318.890725][ T35] usb 12-1: Product: syz [ 318.891760][ T35] usb 12-1: Manufacturer: syz [ 318.892909][ T35] usb 12-1: SerialNumber: syz [ 318.895250][ T35] usb 12-1: config 0 descriptor?? [ 318.961251][ T5991] usb 10-1: new high-speed USB device number 21 using dummy_hcd [ 319.085184][ T5991] usb 10-1: device descriptor read/64, error -71 [ 319.093718][ T35] usb 12-1: USB disconnect, device number 12 [ 319.190399][ T5991] usb usb10-port1: attempt power cycle [ 319.534106][ T5991] usb 10-1: new high-speed USB device number 22 using dummy_hcd [ 319.542984][ T39] audit: type=1400 audit(2000000128.693:922): avc: denied { map } for pid=19835 comm="syz.4.5180" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 319.554788][ T5991] usb 10-1: device descriptor read/8, error -71 [ 319.745572][T19850] netlink: 'syz.4.5189': attribute type 1 has an invalid length. [ 319.791048][ T5991] usb 10-1: new high-speed USB device number 23 using dummy_hcd [ 319.819160][ T5991] usb 10-1: device descriptor read/8, error -71 [ 319.877827][T19870] tipc: Trying to set illegal importance in message [ 319.879758][T19870] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19870 comm=syz.4.5198 [ 319.884549][T19870] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5198'. [ 319.926068][ T5991] usb usb10-port1: unable to enumerate USB device [ 319.966241][ T832] hid (null): invalid report_size 48347 [ 319.970429][ T832] hid-generic 0209:0007:0007.000C: invalid report_size 48347 [ 319.972838][ T832] hid-generic 0209:0007:0007.000C: item 0 2 1 7 parsing failed [ 319.978297][ T832] hid-generic 0209:0007:0007.000C: probe with driver hid-generic failed with error -22 [ 319.981331][ T39] audit: type=1400 audit(2000000129.155:923): avc: denied { ioctl } for pid=19881 comm="syz.1.5203" path="/dev/uhid" dev="devtmpfs" ino=1296 ioctlcmd=0x5332 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 320.045113][T19884] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5204'. [ 320.051816][T19890] tipc: Trying to set illegal importance in message [ 320.054446][T19890] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19890 comm=syz.4.5206 [ 320.060870][T19890] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5206'. [ 320.139594][ T39] audit: type=1400 audit(2000000129.313:924): avc: denied { read } for pid=19897 comm="syz.4.5210" path="socket:[93962]" dev="sockfs" ino=93962 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 320.206152][T19906] tipc: Trying to set illegal importance in message [ 320.211645][T19906] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19906 comm=syz.1.5213 [ 320.216917][T19906] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5213'. [ 320.250289][T19908] binder: 19907:19908 ioctl c0306201 200001c0 returned -22 [ 320.302478][ T39] audit: type=1400 audit(2000000129.491:925): avc: denied { ioctl } for pid=19907 comm="syz.1.5214" path="socket:[93986]" dev="sockfs" ino=93986 ioctlcmd=0x5564 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 321.234942][T19934] FAULT_INJECTION: forcing a failure. [ 321.234942][T19934] name failslab, interval 1, probability 0, space 0, times 0 [ 321.238231][T19934] CPU: 0 UID: 0 PID: 19934 Comm: syz.1.5223 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 321.241094][T19934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 321.243808][T19934] Call Trace: [ 321.244675][T19934] [ 321.245413][T19934] dump_stack_lvl+0x16c/0x1f0 [ 321.246640][T19934] should_fail_ex+0x497/0x5b0 [ 321.247881][T19934] ? fs_reclaim_acquire+0xae/0x150 [ 321.249323][T19934] should_failslab+0xc2/0x120 [ 321.250544][T19934] __kmalloc_cache_noprof+0x68/0x410 [ 321.251882][T19934] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 321.253779][T19934] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 321.255600][T19934] genl_start+0x1e7/0x960 [ 321.256735][T19934] __netlink_dump_start+0x607/0x970 [ 321.258213][T19934] genl_family_rcv_msg_dumpit+0x1e1/0x2e0 [ 321.259679][T19934] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 321.261240][T19934] ? __pfx_genl_get_cmd+0x10/0x10 [ 321.262501][T19934] ? __pfx_genl_start+0x10/0x10 [ 321.263722][T19934] ? __pfx_genl_dumpit+0x10/0x10 [ 321.265016][T19934] ? __pfx_genl_done+0x10/0x10 [ 321.266240][T19934] ? __radix_tree_lookup+0x21f/0x2c0 [ 321.267591][T19934] genl_rcv_msg+0x470/0x800 [ 321.268752][T19934] ? __pfx_genl_rcv_msg+0x10/0x10 [ 321.270050][T19934] ? __pfx_smcr_nl_get_device+0x10/0x10 [ 321.271446][T19934] netlink_rcv_skb+0x16b/0x440 [ 321.272689][T19934] ? __pfx_genl_rcv_msg+0x10/0x10 [ 321.274008][T19934] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 321.275456][T19934] ? down_read+0xc9/0x330 [ 321.276638][T19934] ? __pfx_down_read+0x10/0x10 [ 321.277901][T19934] ? netlink_deliver_tap+0x1ae/0xd30 [ 321.279264][T19934] genl_rcv+0x28/0x40 [ 321.280322][T19934] netlink_unicast+0x53c/0x7f0 [ 321.281569][T19934] ? __pfx_netlink_unicast+0x10/0x10 [ 321.282968][T19934] netlink_sendmsg+0x8b8/0xd70 [ 321.284233][T19934] ? __pfx_netlink_sendmsg+0x10/0x10 [ 321.285739][T19934] ____sys_sendmsg+0xaaf/0xc90 [ 321.287023][T19934] ? copy_msghdr_from_user+0x10b/0x160 [ 321.288800][T19934] ? __pfx_____sys_sendmsg+0x10/0x10 [ 321.290172][T19934] ___sys_sendmsg+0x135/0x1e0 [ 321.291381][T19934] ? __pfx____sys_sendmsg+0x10/0x10 [ 321.292704][T19934] ? __pfx_lock_release+0x10/0x10 [ 321.294021][T19934] ? trace_lock_acquire+0x14e/0x1f0 [ 321.295355][T19934] ? __fget_files+0x206/0x3a0 [ 321.296710][T19934] __sys_sendmsg+0x16e/0x220 [ 321.297896][T19934] ? __pfx___sys_sendmsg+0x10/0x10 [ 321.299185][T19934] do_syscall_64+0xcd/0x250 [ 321.300343][T19934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.301847][T19934] RIP: 0033:0x7f8ad0f85d19 [ 321.302992][T19934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 321.308248][T19934] RSP: 002b:00007f8ad1d87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 321.310305][T19934] RAX: ffffffffffffffda RBX: 00007f8ad1175fa0 RCX: 00007f8ad0f85d19 [ 321.312258][T19934] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 321.314230][T19934] RBP: 00007f8ad1d87090 R08: 0000000000000000 R09: 0000000000000000 [ 321.316225][T19934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 321.318146][T19934] R13: 0000000000000000 R14: 00007f8ad1175fa0 R15: 00007ffcbf1cdf58 [ 321.320106][T19934] [ 321.430221][T19948] input: syz1 as /devices/virtual/input/input30 [ 321.468134][T19954] netlink: 'syz.4.5231': attribute type 64 has an invalid length. [ 321.612799][T19978] binder: 19977:19978 ioctl c0306201 0 returned -14 [ 321.614711][T19978] binder: 19977:19978 ioctl c0306201 20000080 returned -11 [ 321.644560][T19982] overlayfs: failed to resolve './file1': -2 [ 321.686740][ T5990] usb 12-1: new high-speed USB device number 13 using dummy_hcd [ 321.715388][ T39] audit: type=1400 audit(2000000130.982:926): avc: denied { ioctl } for pid=19991 comm="syz.5.5248" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 321.745698][T19999] netlink: 'syz.4.5250': attribute type 1 has an invalid length. [ 321.821713][T20001] could not allocate digest TFM handle ghash-clmulni [ 321.838148][ T5990] usb 12-1: Using ep0 maxpacket: 8 [ 321.841470][ T5990] usb 12-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 321.843953][ T5990] usb 12-1: config 0 has no interfaces? [ 321.845347][ T5990] usb 12-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 321.848532][ T5990] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.852343][ T5990] usb 12-1: config 0 descriptor?? [ 321.920502][T20021] tipc: Trying to set illegal importance in message [ 321.923035][T20021] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20021 comm=syz.4.5258 [ 321.928793][T20021] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5258'. [ 321.996161][T20027] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5261'. [ 322.003407][T20029] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5261'. [ 322.050532][ T5990] usb 12-1: USB disconnect, device number 13 [ 322.055141][T20035] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 322.090803][T20040] tipc: Trying to set illegal importance in message [ 322.092547][T20040] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20040 comm=syz.1.5265 [ 322.210936][T20057] tipc: Trying to set illegal importance in message [ 322.213355][T20057] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20057 comm=syz.1.5272 [ 322.220473][T20057] program syz.1.5272 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 322.449326][T20075] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 322.451377][T20076] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 322.539023][T20091] FAULT_INJECTION: forcing a failure. [ 322.539023][T20091] name failslab, interval 1, probability 0, space 0, times 0 [ 322.553200][T20091] CPU: 3 UID: 0 PID: 20091 Comm: syz.4.5281 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 322.555908][T20091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 322.558566][T20091] Call Trace: [ 322.559439][T20091] [ 322.560202][T20091] dump_stack_lvl+0x16c/0x1f0 [ 322.561454][T20091] should_fail_ex+0x497/0x5b0 [ 322.562671][T20091] ? fs_reclaim_acquire+0xae/0x150 [ 322.563932][T20091] should_failslab+0xc2/0x120 [ 322.565107][T20091] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 322.566652][T20091] ? kasan_save_stack+0x42/0x60 [ 322.567863][T20091] ? __alloc_skb+0x2b1/0x380 [ 322.569171][T20091] __alloc_skb+0x2b1/0x380 [ 322.570454][T20091] ? __pfx___alloc_skb+0x10/0x10 [ 322.571826][T20091] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.573329][T20091] netlink_dump+0x699/0xd00 [ 322.574506][T20091] ? __pfx_netlink_dump+0x10/0x10 [ 322.575773][T20091] ? __asan_memset+0x23/0x50 [ 322.576950][T20091] ? genl_start+0x67d/0x960 [ 322.578106][T20091] __netlink_dump_start+0x6ca/0x970 [ 322.579523][T20091] genl_family_rcv_msg_dumpit+0x1e1/0x2e0 [ 322.580970][T20091] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 322.582600][T20091] ? __pfx_genl_get_cmd+0x10/0x10 [ 322.583894][T20091] ? __pfx_genl_start+0x10/0x10 [ 322.585144][T20091] ? __pfx_genl_dumpit+0x10/0x10 [ 322.586436][T20091] ? __pfx_genl_done+0x10/0x10 [ 322.587657][T20091] ? __radix_tree_lookup+0x21f/0x2c0 [ 322.589114][T20091] genl_rcv_msg+0x470/0x800 [ 322.590373][T20091] ? __pfx_genl_rcv_msg+0x10/0x10 [ 322.591629][T20091] ? __pfx_smcr_nl_get_device+0x10/0x10 [ 322.593012][T20091] netlink_rcv_skb+0x16b/0x440 [ 322.594238][T20091] ? __pfx_genl_rcv_msg+0x10/0x10 [ 322.595481][T20091] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 322.596813][T20091] ? down_read+0xc9/0x330 [ 322.597923][T20091] ? __pfx_down_read+0x10/0x10 [ 322.599179][T20091] ? netlink_deliver_tap+0x1ae/0xd30 [ 322.600539][T20091] genl_rcv+0x28/0x40 [ 322.601552][T20091] netlink_unicast+0x53c/0x7f0 [ 322.602779][T20091] ? __pfx_netlink_unicast+0x10/0x10 [ 322.604230][T20091] netlink_sendmsg+0x8b8/0xd70 [ 322.605440][T20091] ? __pfx_netlink_sendmsg+0x10/0x10 [ 322.606785][T20091] ____sys_sendmsg+0xaaf/0xc90 [ 322.608004][T20091] ? copy_msghdr_from_user+0x10b/0x160 [ 322.609593][T20091] ? __pfx_____sys_sendmsg+0x10/0x10 [ 322.610902][T20091] ___sys_sendmsg+0x135/0x1e0 [ 322.612094][T20091] ? __pfx____sys_sendmsg+0x10/0x10 [ 322.613403][T20091] ? __pfx_lock_release+0x10/0x10 [ 322.614699][T20091] ? trace_lock_acquire+0x14e/0x1f0 [ 322.616006][T20091] ? __fget_files+0x206/0x3a0 [ 322.617224][T20091] __sys_sendmsg+0x16e/0x220 [ 322.618398][T20091] ? __pfx___sys_sendmsg+0x10/0x10 [ 322.619751][T20091] do_syscall_64+0xcd/0x250 [ 322.620925][T20091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.622408][T20091] RIP: 0033:0x7fe397f85d19 [ 322.623519][T20091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 322.628326][T20091] RSP: 002b:00007fe398ce7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 322.630606][T20091] RAX: ffffffffffffffda RBX: 00007fe398175fa0 RCX: 00007fe397f85d19 [ 322.632593][T20091] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 322.634561][T20091] RBP: 00007fe398ce7090 R08: 0000000000000000 R09: 0000000000000000 [ 322.636507][T20091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 322.638491][T20091] R13: 0000000000000000 R14: 00007fe398175fa0 R15: 00007ffccd9480b8 [ 322.640603][T20091] [ 322.788450][T20114] netlink: 'syz.4.5290': attribute type 64 has an invalid length. [ 322.879836][T20121] netlink: 'syz.1.5293': attribute type 4 has an invalid length. [ 323.038554][ T63] usb 9-1: new high-speed USB device number 29 using dummy_hcd [ 323.075837][T20136] binder: 20135:20136 ioctl c0306201 0 returned -14 [ 323.078006][T20136] binder: 20135:20136 ioctl c0306201 20000080 returned -11 [ 323.181033][ T63] usb 9-1: Using ep0 maxpacket: 8 [ 323.183722][ T63] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 323.187264][ T63] usb 9-1: config 0 has no interfaces? [ 323.188847][ T63] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 323.191683][ T63] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 323.195016][ T63] usb 9-1: config 0 descriptor?? [ 323.389417][ T6011] usb 9-1: USB disconnect, device number 29 [ 324.745113][T20161] netlink: 'syz.7.5309': attribute type 1 has an invalid length. [ 325.009963][ T6011] usb 12-1: new high-speed USB device number 14 using dummy_hcd [ 325.044637][T20188] tipc: Trying to set illegal importance in message [ 325.046585][T20188] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20188 comm=syz.4.5318 [ 325.060464][T20188] __nla_validate_parse: 4 callbacks suppressed [ 325.060473][T20188] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5318'. [ 325.094787][T20190] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 325.096595][T20190] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 325.175055][ T6011] usb 12-1: Using ep0 maxpacket: 8 [ 325.181437][ T6011] usb 12-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 325.184072][ T6011] usb 12-1: config 0 has no interfaces? [ 325.185579][ T6011] usb 12-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 325.187956][ T6011] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.190938][ T6011] usb 12-1: config 0 descriptor?? [ 325.251375][T20193] netlink: 'syz.1.5320': attribute type 64 has an invalid length. [ 325.317716][T20199] binder: 20198:20199 ioctl c0306201 0 returned -14 [ 325.323178][T20199] binder: 20198:20199 ioctl c0306201 20000080 returned -11 [ 325.386024][ T6011] usb 12-1: USB disconnect, device number 14 [ 325.469296][T20212] Cannot find del_set index 0 as target [ 325.625963][T20231] tipc: Trying to set illegal importance in message [ 325.628041][T20231] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20231 comm=syz.1.5336 [ 325.635251][T20231] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5336'. [ 325.637632][T20231] FAULT_INJECTION: forcing a failure. [ 325.637632][T20231] name failslab, interval 1, probability 0, space 0, times 0 [ 325.641844][T20231] CPU: 3 UID: 0 PID: 20231 Comm: syz.1.5336 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 325.644644][T20231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 325.647457][T20231] Call Trace: [ 325.648333][T20231] [ 325.649125][T20231] dump_stack_lvl+0x16c/0x1f0 [ 325.650377][T20231] should_fail_ex+0x497/0x5b0 [ 325.651612][T20231] ? fs_reclaim_acquire+0xae/0x150 [ 325.653076][T20231] should_failslab+0xc2/0x120 [ 325.654607][T20231] __kmalloc_node_noprof+0xd1/0x510 [ 325.656076][T20231] ? br_dev_setup+0x93e/0xb30 [ 325.657317][T20231] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 325.658999][T20231] __kvmalloc_node_noprof+0xad/0x1a0 [ 325.660783][T20231] ? __pfx_br_dev_setup+0x10/0x10 [ 325.662401][T20231] alloc_netdev_mqs+0xbbc/0x1510 [ 325.664123][T20231] rtnl_create_link+0xc10/0xfa0 [ 325.665806][T20231] rtnl_newlink+0x14c3/0x1d60 [ 325.667446][T20231] ? __pfx_rtnl_newlink+0x10/0x10 [ 325.668958][T20231] ? __pfx___lock_acquire+0x10/0x10 [ 325.670334][T20231] ? cred_has_capability.isra.0+0x192/0x2f0 [ 325.671910][T20231] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 325.673618][T20231] ? find_held_lock+0x2d/0x110 [ 325.675316][T20231] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 325.677093][T20231] ? __pfx_lock_release+0x10/0x10 [ 325.679059][T20231] ? trace_lock_acquire+0x14e/0x1f0 [ 325.680899][T20231] ? __pfx_rtnl_newlink+0x10/0x10 [ 325.682669][T20231] rtnetlink_rcv_msg+0x95b/0xea0 [ 325.684412][T20231] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 325.686346][T20231] netlink_rcv_skb+0x16b/0x440 [ 325.688027][T20231] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 325.689881][T20231] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 325.691326][T20231] ? netlink_deliver_tap+0x1ae/0xd30 [ 325.692890][T20231] netlink_unicast+0x53c/0x7f0 [ 325.694180][T20231] ? __pfx_netlink_unicast+0x10/0x10 [ 325.695576][T20231] netlink_sendmsg+0x8b8/0xd70 [ 325.696860][T20231] ? __pfx_netlink_sendmsg+0x10/0x10 [ 325.698273][T20231] ____sys_sendmsg+0xaaf/0xc90 [ 325.699541][T20231] ? copy_msghdr_from_user+0x10b/0x160 [ 325.700989][T20231] ? __pfx_____sys_sendmsg+0x10/0x10 [ 325.702402][T20231] ___sys_sendmsg+0x135/0x1e0 [ 325.703806][T20231] ? __pfx____sys_sendmsg+0x10/0x10 [ 325.705184][T20231] ? __pfx_lock_release+0x10/0x10 [ 325.706542][T20231] ? trace_lock_acquire+0x14e/0x1f0 [ 325.707922][T20231] ? __fget_files+0x206/0x3a0 [ 325.709167][T20231] __sys_sendmsg+0x16e/0x220 [ 325.710405][T20231] ? __pfx___sys_sendmsg+0x10/0x10 [ 325.711763][T20231] do_syscall_64+0xcd/0x250 [ 325.712964][T20231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.714536][T20231] RIP: 0033:0x7f8ad0f85d19 [ 325.715736][T20231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 325.720748][T20231] RSP: 002b:00007f8ad1d87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 325.722927][T20231] RAX: ffffffffffffffda RBX: 00007f8ad1175fa0 RCX: 00007f8ad0f85d19 [ 325.724997][T20231] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000008 [ 325.727074][T20231] RBP: 00007f8ad1d87090 R08: 0000000000000000 R09: 0000000000000000 [ 325.729590][T20231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 325.731867][T20231] R13: 0000000000000000 R14: 00007f8ad1175fa0 R15: 00007ffcbf1cdf58 [ 325.734084][T20231] [ 325.772457][ T5963] Bluetooth: hci2: command 0x0406 tx timeout [ 325.929204][T20240] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5338'. [ 326.054532][T20259] netlink: 'syz.7.5345': attribute type 2 has an invalid length. [ 326.056583][T20259] netlink: 'syz.7.5345': attribute type 1 has an invalid length. [ 326.061293][T20259] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5345'. [ 326.106910][ T39] audit: type=1400 audit(2000000135.591:927): avc: denied { getopt } for pid=20262 comm="syz.4.5347" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 326.113289][T20263] tipc: Trying to set illegal importance in message [ 326.115709][T20263] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=20263 comm=syz.4.5347 [ 326.120580][T20263] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5347'. [ 326.212772][ T39] audit: type=1400 audit(2000000135.696:928): avc: denied { remove_name } for pid=20272 comm="syz.4.5352" name="file1" dev="9p" ino=39714866 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 326.219769][ T39] audit: type=1400 audit(2000000135.696:929): avc: denied { unlink } for pid=20272 comm="syz.4.5352" name="file1" dev="9p" ino=39714866 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 326.231932][ T39] audit: type=1400 audit(2000000135.717:930): avc: denied { create } for pid=20272 comm="syz.4.5352" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 326.240916][T20273] netlink: 2 bytes leftover after parsing attributes in process `syz.4.5352'. [ 326.254332][T20183] Unknown options in mask 5 [ 326.334453][T17690] usb 12-1: new high-speed USB device number 15 using dummy_hcd [ 326.488409][T17690] usb 12-1: Using ep0 maxpacket: 8 [ 326.491068][T17690] usb 12-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 326.493729][T17690] usb 12-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 326.497469][T17690] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.500789][T17690] usb 12-1: config 0 descriptor?? [ 326.503218][T17690] iowarrior 12-1:0.0: no interrupt-in endpoint found [ 326.642741][T20299] netlink: 'syz.5.5363': attribute type 64 has an invalid length. [ 326.700321][ T35] usb 12-1: USB disconnect, device number 15 [ 326.901909][T20325] x_tables: duplicate underflow at hook 1 [ 326.902248][T20325] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5373'. [ 327.375151][T20360] netlink: 'syz.7.5388': attribute type 1 has an invalid length. [ 327.418843][T20364] binder: 20363:20364 ioctl c0306201 0 returned -14 [ 327.421008][T20364] binder: 20363:20364 ioctl c0306201 20000080 returned -11 [ 327.428631][T20368] tipc: Trying to set illegal importance in message [ 327.432564][T20368] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20368 comm=syz.1.5392 [ 327.437996][T20368] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5392'. [ 327.524064][T20378] binder: 20377:20378 ioctl c0306201 0 returned -14 [ 327.527681][T20378] binder: 20377:20378 ioctl c0306201 20000080 returned -11 [ 327.668063][ T832] usb 12-1: new high-speed USB device number 16 using dummy_hcd [ 327.820461][ T832] usb 12-1: Using ep0 maxpacket: 8 [ 327.823054][ T832] usb 12-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 327.825723][ T832] usb 12-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 327.828077][ T832] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 327.831677][ T832] usb 12-1: config 0 descriptor?? [ 327.834051][ T832] iowarrior 12-1:0.0: no interrupt-in endpoint found [ 327.936934][T20412] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=15 sclass=netlink_xfrm_socket pid=20412 comm=syz.5.5409 [ 327.973457][T20416] tipc: Trying to set illegal importance in message [ 327.975252][T20416] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20416 comm=syz.5.5411 [ 327.980423][T20416] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5411'. [ 327.983042][T20416] FAULT_INJECTION: forcing a failure. [ 327.983042][T20416] name failslab, interval 1, probability 0, space 0, times 0 [ 327.987028][T20416] CPU: 2 UID: 0 PID: 20416 Comm: syz.5.5411 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 327.990124][T20416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 327.993359][T20416] Call Trace: [ 327.994451][T20416] [ 327.995173][T20416] dump_stack_lvl+0x16c/0x1f0 [ 327.996614][T20416] should_fail_ex+0x497/0x5b0 [ 327.998257][T20416] ? fs_reclaim_acquire+0xae/0x150 [ 327.999588][T20416] should_failslab+0xc2/0x120 [ 328.000825][T20416] __kmalloc_node_noprof+0xd1/0x510 [ 328.002214][T20416] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 328.003632][T20416] __kvmalloc_node_noprof+0xad/0x1a0 [ 328.004988][T20416] alloc_netdev_mqs+0xd57/0x1510 [ 328.006291][T20416] rtnl_create_link+0xc10/0xfa0 [ 328.007554][T20416] rtnl_newlink+0x14c3/0x1d60 [ 328.008785][T20416] ? __pfx_rtnl_newlink+0x10/0x10 [ 328.010247][T20416] ? __pfx___lock_acquire+0x10/0x10 [ 328.011988][T20416] ? cred_has_capability.isra.0+0x192/0x2f0 [ 328.013957][T20416] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 328.016032][T20416] ? find_held_lock+0x2d/0x110 [ 328.017688][T20416] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 328.019215][T20416] ? __pfx_lock_release+0x10/0x10 [ 328.020891][T20416] ? trace_lock_acquire+0x14e/0x1f0 [ 328.022640][T20416] ? __pfx_rtnl_newlink+0x10/0x10 [ 328.024327][T20416] rtnetlink_rcv_msg+0x95b/0xea0 [ 328.025923][T20416] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 328.027764][T20416] netlink_rcv_skb+0x16b/0x440 [ 328.029368][T20416] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 328.031184][T20416] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 328.032811][T20416] ? netlink_deliver_tap+0x1ae/0xd30 [ 328.034250][T20416] netlink_unicast+0x53c/0x7f0 [ 328.035600][T20416] ? __pfx_netlink_unicast+0x10/0x10 [ 328.037258][T20416] netlink_sendmsg+0x8b8/0xd70 [ 328.038529][T20416] ? __pfx_netlink_sendmsg+0x10/0x10 [ 328.040034][T20416] ____sys_sendmsg+0xaaf/0xc90 [ 328.041434][T20416] ? copy_msghdr_from_user+0x10b/0x160 [ 328.043068][T20416] ? __pfx_____sys_sendmsg+0x10/0x10 [ 328.044379][T20416] ___sys_sendmsg+0x135/0x1e0 [ 328.045561][T20416] ? __pfx____sys_sendmsg+0x10/0x10 [ 328.046896][T20416] ? __pfx_lock_release+0x10/0x10 [ 328.048385][T20416] ? trace_lock_acquire+0x14e/0x1f0 [ 328.049937][T20416] ? __fget_files+0x206/0x3a0 [ 328.051325][T20416] __sys_sendmsg+0x16e/0x220 [ 328.052197][ T832] usb 12-1: USB disconnect, device number 16 [ 328.052787][T20416] ? __pfx___sys_sendmsg+0x10/0x10 [ 328.055833][T20416] do_syscall_64+0xcd/0x250 [ 328.057371][T20416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.058881][T20416] RIP: 0033:0x7f899bb85d19 [ 328.059999][T20416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 328.064680][T20416] RSP: 002b:00007f899c929038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 328.066756][T20416] RAX: ffffffffffffffda RBX: 00007f899bd75fa0 RCX: 00007f899bb85d19 [ 328.068888][T20416] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000008 [ 328.071061][T20416] RBP: 00007f899c929090 R08: 0000000000000000 R09: 0000000000000000 [ 328.073256][T20416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 328.075752][T20416] R13: 0000000000000000 R14: 00007f899bd75fa0 R15: 00007fff4cad1868 [ 328.077961][T20416] [ 328.167452][T20428] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5415'. [ 328.261529][T20438] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20438 comm=syz.5.5419 [ 328.459564][T18523] syz_tun (unregistering): left allmulticast mode [ 328.463765][ T5963] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 328.469896][ T5963] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 328.472464][ T5963] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 328.474685][ T5963] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 328.476821][ T5963] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 328.480500][ T5963] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 328.531472][T20452] xt_CT: You must specify a L4 protocol and not use inversions on it [ 328.566514][T20457] FAULT_INJECTION: forcing a failure. [ 328.566514][T20457] name failslab, interval 1, probability 0, space 0, times 0 [ 328.570056][T20457] CPU: 0 UID: 0 PID: 20457 Comm: syz.7.5426 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 328.572818][T20457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 328.575510][T20457] Call Trace: [ 328.576394][T20457] [ 328.577180][T20457] dump_stack_lvl+0x16c/0x1f0 [ 328.578446][T20457] should_fail_ex+0x497/0x5b0 [ 328.579692][T20457] should_failslab+0xc2/0x120 [ 328.580939][T20457] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 328.582348][T20457] ? skb_clone+0x190/0x3f0 [ 328.583526][T20457] skb_clone+0x190/0x3f0 [ 328.584641][T20457] netlink_deliver_tap+0xabd/0xd30 [ 328.585992][T20457] netlink_dump+0x639/0xd00 [ 328.587190][T20457] ? __pfx_netlink_dump+0x10/0x10 [ 328.588526][T20457] ? __asan_memset+0x23/0x50 [ 328.589747][T20457] ? genl_start+0x67d/0x960 [ 328.590953][T20457] __netlink_dump_start+0x6ca/0x970 [ 328.592321][T20457] genl_family_rcv_msg_dumpit+0x1e1/0x2e0 [ 328.593813][T20457] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 328.595436][T20457] ? __pfx_genl_get_cmd+0x10/0x10 [ 328.596736][T20457] ? __pfx_genl_start+0x10/0x10 [ 328.598043][T20457] ? __pfx_genl_dumpit+0x10/0x10 [ 328.599369][T20457] ? __pfx_genl_done+0x10/0x10 [ 328.600653][T20457] ? __radix_tree_lookup+0x21f/0x2c0 [ 328.602049][T20457] genl_rcv_msg+0x470/0x800 [ 328.603216][T20457] ? __pfx_genl_rcv_msg+0x10/0x10 [ 328.604504][T20457] ? __pfx_smcr_nl_get_device+0x10/0x10 [ 328.605945][T20457] netlink_rcv_skb+0x16b/0x440 [ 328.607216][T20457] ? __pfx_genl_rcv_msg+0x10/0x10 [ 328.608492][T20457] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 328.609821][T20457] ? down_read+0xc9/0x330 [ 328.610892][T20457] ? __pfx_down_read+0x10/0x10 [ 328.612292][T20457] ? netlink_deliver_tap+0x1ae/0xd30 [ 328.613633][T20457] genl_rcv+0x28/0x40 [ 328.614610][T20457] netlink_unicast+0x53c/0x7f0 [ 328.615838][T20457] ? __pfx_netlink_unicast+0x10/0x10 [ 328.617180][T20457] netlink_sendmsg+0x8b8/0xd70 [ 328.618424][T20457] ? __pfx_netlink_sendmsg+0x10/0x10 [ 328.619731][T20457] ____sys_sendmsg+0xaaf/0xc90 [ 328.620920][T20457] ? copy_msghdr_from_user+0x10b/0x160 [ 328.622291][T20457] ? __pfx_____sys_sendmsg+0x10/0x10 [ 328.623675][T20457] ___sys_sendmsg+0x135/0x1e0 [ 328.624920][T20457] ? __pfx____sys_sendmsg+0x10/0x10 [ 328.626303][T20457] ? __pfx_lock_release+0x10/0x10 [ 328.627605][T20457] ? trace_lock_acquire+0x14e/0x1f0 [ 328.628925][T20457] ? __fget_files+0x206/0x3a0 [ 328.630147][T20457] __sys_sendmsg+0x16e/0x220 [ 328.631315][T20457] ? __pfx___sys_sendmsg+0x10/0x10 [ 328.632585][T20457] do_syscall_64+0xcd/0x250 [ 328.633726][T20457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.635197][T20457] RIP: 0033:0x7fe51b385d19 [ 328.636336][T20457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 328.641297][T20457] RSP: 002b:00007fe51c23c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 328.643466][T20457] RAX: ffffffffffffffda RBX: 00007fe51b575fa0 RCX: 00007fe51b385d19 [ 328.645543][T20457] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 328.647597][T20457] RBP: 00007fe51c23c090 R08: 0000000000000000 R09: 0000000000000000 [ 328.649671][T20457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 328.651722][T20457] R13: 0000000000000000 R14: 00007fe51b575fa0 R15: 00007ffe4f780248 [ 328.653786][T20457] [ 328.687769][T20463] netlink: 'syz.1.5428': attribute type 1 has an invalid length. [ 328.716729][T20447] chnl_net:caif_netlink_parms(): no params data found [ 328.754684][T20472] 9pnet_virtio: no channels available for device syz [ 328.798709][T20447] bridge0: port 1(bridge_slave_0) entered blocking state [ 328.803143][T20447] bridge0: port 1(bridge_slave_0) entered disabled state [ 328.805920][T20447] bridge_slave_0: entered allmulticast mode [ 328.809026][T20447] bridge_slave_0: entered promiscuous mode [ 328.813085][T20447] bridge0: port 2(bridge_slave_1) entered blocking state [ 328.816432][T20447] bridge0: port 2(bridge_slave_1) entered disabled state [ 328.818932][T20447] bridge_slave_1: entered allmulticast mode [ 328.822115][T20447] bridge_slave_1: entered promiscuous mode [ 328.855590][T20447] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 328.861800][T20447] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 328.889384][T20447] team0: Port device team_slave_0 added [ 328.892332][T20447] team0: Port device team_slave_1 added [ 328.908420][T20483] netlink: 'syz.1.5434': attribute type 64 has an invalid length. [ 328.916826][T20447] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 328.918688][T20447] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 328.926437][T20447] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 328.930197][T20447] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 328.932027][T20447] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 328.938878][T20447] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 328.966178][T20447] hsr_slave_0: entered promiscuous mode [ 328.968156][T20447] hsr_slave_1: entered promiscuous mode [ 328.973234][T20447] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 328.975131][T20447] Cannot create hsr debugfs directory [ 329.090715][T20447] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.090752][T20447] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20003 - 0 [ 329.098223][ T1331] usb 10-1: new high-speed USB device number 24 using dummy_hcd [ 329.162597][T20447] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.166526][T20447] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20003 - 0 [ 329.227186][T20447] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.230045][T20447] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20003 - 0 [ 329.249273][ T1331] usb 10-1: Using ep0 maxpacket: 8 [ 329.251822][ T1331] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 329.254275][ T1331] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 329.256580][ T1331] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 329.259951][ T1331] usb 10-1: config 0 descriptor?? [ 329.262488][ T1331] iowarrior 10-1:0.0: no interrupt-in endpoint found [ 329.294643][T20447] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.298059][T20447] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20003 - 0 [ 329.438240][T20447] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 329.443731][T20447] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 329.446900][T20447] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 329.450039][T20447] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 329.457069][ T1331] usb 10-1: USB disconnect, device number 24 [ 329.485837][T20447] 8021q: adding VLAN 0 to HW filter on device bond0 [ 329.494126][T20447] 8021q: adding VLAN 0 to HW filter on device team0 [ 329.499564][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 329.501473][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 329.504758][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 329.506925][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 329.584471][T20447] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 329.691852][T20447] veth0_vlan: entered promiscuous mode [ 329.698259][T20447] veth1_vlan: entered promiscuous mode [ 329.710307][T20447] veth0_macvtap: entered promiscuous mode [ 329.713598][T20447] veth1_macvtap: entered promiscuous mode [ 329.721675][T20447] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 329.727335][T20447] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 329.732613][T20447] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.735103][T20447] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.737691][T20447] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.740026][T20447] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.778808][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 329.781204][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 329.806500][T11931] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 329.808621][T11931] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 329.959318][T20539] __nla_validate_parse: 2 callbacks suppressed [ 329.959330][T20539] netlink: 352 bytes leftover after parsing attributes in process `syz.4.5451'. [ 329.963228][T20543] netlink: 352 bytes leftover after parsing attributes in process `syz.4.5451'. [ 330.043433][T20557] binder: 20556:20557 ioctl c0306201 0 returned -14 [ 330.055326][T20557] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5459'. [ 330.059101][T20557] netlink: 32 bytes leftover after parsing attributes in process `syz.7.5459'. [ 330.069590][T20560] tipc: Trying to set illegal importance in message [ 330.072203][T20560] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20560 comm=syz.4.5460 [ 330.076631][T20560] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5460'. [ 330.079710][T20562] netlink: 256 bytes leftover after parsing attributes in process `syz.5.5461'. [ 330.134972][T20571] binder: 20569:20571 ioctl c0306201 0 returned -14 [ 330.135716][T20572] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20572 comm=syz.4.5465 [ 330.137449][T20571] binder: 20569:20571 ioctl c0306201 20000080 returned -11 [ 330.238233][T20581] netlink: 'syz.7.5469': attribute type 29 has an invalid length. [ 330.318038][T20585] FAULT_INJECTION: forcing a failure. [ 330.318038][T20585] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 330.321458][T20585] CPU: 3 UID: 0 PID: 20585 Comm: syz.4.5471 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 330.324228][T20585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 330.327081][T20585] Call Trace: [ 330.328208][T20585] [ 330.328987][T20585] dump_stack_lvl+0x16c/0x1f0 [ 330.330257][T20585] should_fail_ex+0x497/0x5b0 [ 330.331503][T20585] ? fs_reclaim_acquire+0xae/0x150 [ 330.332848][T20585] should_fail_alloc_page+0xe7/0x130 [ 330.334311][T20585] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 330.335971][T20585] ? mark_lock+0xb5/0xc60 [ 330.337150][T20585] __alloc_pages_noprof+0x190/0x25b0 [ 330.338532][T20585] ? find_held_lock+0x2d/0x110 [ 330.339783][T20585] ? is_bpf_text_address+0x8a/0x1a0 [ 330.341145][T20585] ? __pfx_lock_release+0x10/0x10 [ 330.342465][T20585] ? trace_lock_acquire+0x14e/0x1f0 [ 330.343803][T20585] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 330.345332][T20585] ? is_bpf_text_address+0x30/0x1a0 [ 330.347045][T20585] ? __pfx_mark_lock+0x10/0x10 [ 330.348294][T20585] ? __lock_acquire+0x15a9/0x3c40 [ 330.349610][T20585] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 330.351147][T20585] ? policy_nodemask+0xea/0x4e0 [ 330.352413][T20585] alloc_pages_mpol_noprof+0x2c9/0x610 [ 330.353811][T20585] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 330.354317][ T73] usb 10-1: new high-speed USB device number 25 using dummy_hcd [ 330.355376][T20585] get_free_pages_noprof+0xc/0x40 [ 330.358694][T20585] vcs_write+0x11b/0xdb0 [ 330.359881][T20585] ? copy_iovec_from_user+0x138/0x170 [ 330.361279][T20585] ? iovec_from_user.part.0+0x7e/0x130 [ 330.362728][T20585] ? inode_security+0x101/0x130 [ 330.363997][T20585] ? __pfx_vcs_write+0x10/0x10 [ 330.365249][T20585] ? bpf_lsm_file_permission+0x9/0x10 [ 330.366873][T20585] ? security_file_permission+0x71/0x210 [ 330.368321][T20585] ? __pfx_vcs_write+0x10/0x10 [ 330.369571][T20585] vfs_writev+0x6da/0xdd0 [ 330.370704][T20585] ? find_held_lock+0x2d/0x110 [ 330.371982][T20585] ? __pfx_vfs_writev+0x10/0x10 [ 330.372000][T20585] ? find_held_lock+0x2d/0x110 [ 330.372017][T20585] ? __pfx_lock_release+0x10/0x10 [ 330.375918][T20585] ? trace_lock_acquire+0x14e/0x1f0 [ 330.377294][T20585] ? __fget_files+0x206/0x3a0 [ 330.378537][T20585] ? do_writev+0x133/0x340 [ 330.379707][T20585] do_writev+0x133/0x340 [ 330.380835][T20585] ? __pfx_do_writev+0x10/0x10 [ 330.382100][T20585] do_syscall_64+0xcd/0x250 [ 330.383292][T20585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.385074][T20585] RIP: 0033:0x7f3a2c185d19 [ 330.386470][T20585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.391460][T20585] RSP: 002b:00007f3a2d040038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 330.393618][T20585] RAX: ffffffffffffffda RBX: 00007f3a2c375fa0 RCX: 00007f3a2c185d19 [ 330.395783][T20585] RDX: 0000000000000004 RSI: 0000000020000a40 RDI: 0000000000000003 [ 330.397948][T20585] RBP: 00007f3a2d040090 R08: 0000000000000000 R09: 0000000000000000 [ 330.399985][T20585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 330.402091][T20585] R13: 0000000000000000 R14: 00007f3a2c375fa0 R15: 00007ffd4071ca58 [ 330.404244][T20585] [ 330.405131][ C3] vkms_vblank_simulate: vblank timer overrun [ 330.431043][ T66] Bluetooth: hci0: command tx timeout [ 330.457592][T20598] Cannot find del_set index 0 as target [ 330.472211][T20600] netlink: 212 bytes leftover after parsing attributes in process `syz.7.5478'. [ 330.499053][ T73] usb 10-1: Using ep0 maxpacket: 8 [ 330.502299][ T73] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 330.505315][ T73] usb 10-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 330.513916][ T73] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 330.516361][T20606] tipc: Trying to set illegal importance in message [ 330.518354][ T73] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 330.519308][ T73] usb 10-1: config 0 descriptor?? [ 330.520807][T20606] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20606 comm=syz.4.5481 [ 330.523542][ T73] iowarrior 10-1:0.0: no interrupt-in endpoint found [ 330.526814][T20606] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5481'. [ 330.529795][T20606] FAULT_INJECTION: forcing a failure. [ 330.529795][T20606] name failslab, interval 1, probability 0, space 0, times 0 [ 330.533165][T20606] CPU: 3 UID: 0 PID: 20606 Comm: syz.4.5481 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 330.536177][T20606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 330.538953][T20606] Call Trace: [ 330.539837][T20606] [ 330.540647][T20606] dump_stack_lvl+0x16c/0x1f0 [ 330.541896][T20606] should_fail_ex+0x497/0x5b0 [ 330.543143][T20606] ? fs_reclaim_acquire+0xae/0x150 [ 330.544496][T20606] should_failslab+0xc2/0x120 [ 330.545882][T20606] __kmalloc_cache_noprof+0x68/0x410 [ 330.547338][T20606] ? __asan_memset+0x23/0x50 [ 330.548544][T20606] alloc_netdev_mqs+0xf25/0x1510 [ 330.549850][T20606] rtnl_create_link+0xc10/0xfa0 [ 330.551133][T20606] rtnl_newlink+0x14c3/0x1d60 [ 330.552371][T20606] ? __pfx_rtnl_newlink+0x10/0x10 [ 330.553701][T20606] ? __pfx___lock_acquire+0x10/0x10 [ 330.554926][T20606] ? cred_has_capability.isra.0+0x192/0x2f0 [ 330.556492][T20606] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 330.558132][T20606] ? find_held_lock+0x2d/0x110 [ 330.559384][T20606] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 330.560724][T20606] ? __pfx_lock_release+0x10/0x10 [ 330.562049][T20606] ? trace_lock_acquire+0x14e/0x1f0 [ 330.563412][T20606] ? __pfx_rtnl_newlink+0x10/0x10 [ 330.564729][T20606] rtnetlink_rcv_msg+0x95b/0xea0 [ 330.566254][T20606] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 330.567676][T20606] netlink_rcv_skb+0x16b/0x440 [ 330.568926][T20606] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 330.570358][T20606] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 330.571743][T20606] ? netlink_deliver_tap+0x1ae/0xd30 [ 330.573120][T20606] netlink_unicast+0x53c/0x7f0 [ 330.574385][T20606] ? __pfx_netlink_unicast+0x10/0x10 [ 330.575787][T20606] netlink_sendmsg+0x8b8/0xd70 [ 330.577043][T20606] ? __pfx_netlink_sendmsg+0x10/0x10 [ 330.578431][T20606] ____sys_sendmsg+0xaaf/0xc90 [ 330.579681][T20606] ? copy_msghdr_from_user+0x10b/0x160 [ 330.581121][T20606] ? __pfx_____sys_sendmsg+0x10/0x10 [ 330.582510][T20606] ___sys_sendmsg+0x135/0x1e0 [ 330.583746][T20606] ? __pfx____sys_sendmsg+0x10/0x10 [ 330.585142][T20606] ? __pfx_lock_release+0x10/0x10 [ 330.586705][T20606] ? trace_lock_acquire+0x14e/0x1f0 [ 330.588055][T20606] ? __fget_files+0x206/0x3a0 [ 330.589281][T20606] __sys_sendmsg+0x16e/0x220 [ 330.590491][T20606] ? __pfx___sys_sendmsg+0x10/0x10 [ 330.591831][T20606] do_syscall_64+0xcd/0x250 [ 330.593016][T20606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.594554][T20606] RIP: 0033:0x7f3a2c185d19 [ 330.595759][T20606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.600737][T20606] RSP: 002b:00007f3a2d040038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 330.602895][T20606] RAX: ffffffffffffffda RBX: 00007f3a2c375fa0 RCX: 00007f3a2c185d19 [ 330.604945][T20606] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000008 [ 330.607208][T20606] RBP: 00007f3a2d040090 R08: 0000000000000000 R09: 0000000000000000 [ 330.609240][T20606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 330.611282][T20606] R13: 0000000000000000 R14: 00007f3a2c375fa0 R15: 00007ffd4071ca58 [ 330.613321][T20606] [ 330.614234][ C3] vkms_vblank_simulate: vblank timer overrun [ 330.715078][ T73] usb 10-1: USB disconnect, device number 25 [ 330.728909][T20620] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5486'. [ 330.814717][T20630] tipc: Trying to set illegal importance in message [ 330.816657][T20630] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=6530 sclass=netlink_route_socket pid=20630 comm=syz.7.5489 [ 330.821473][T20630] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5489'. [ 330.859723][T20631] 9pnet_fd: p9_fd_create_tcp (20631): problem connecting socket to 127.0.0.1 [ 330.876795][T20637] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=123 sclass=netlink_route_socket pid=20637 comm=syz.7.5492 [ 330.928517][T20643] FAULT_INJECTION: forcing a failure. [ 330.928517][T20643] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 330.931940][T20643] CPU: 1 UID: 0 PID: 20643 Comm: syz.7.5495 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 330.934709][T20643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 330.937523][T20643] Call Trace: [ 330.938398][T20643] [ 330.939172][T20643] dump_stack_lvl+0x16c/0x1f0 [ 330.940413][T20643] should_fail_ex+0x497/0x5b0 [ 330.941650][T20643] _copy_to_user+0x32/0xd0 [ 330.942816][T20643] simple_read_from_buffer+0xd0/0x160 [ 330.944215][T20643] proc_fail_nth_read+0x198/0x270 [ 330.945624][T20643] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 330.947336][T20643] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 330.948771][T20643] vfs_read+0x1df/0xbe0 [ 330.949873][T20643] ? __fget_files+0x1fc/0x3a0 [ 330.951095][T20643] ? __pfx___mutex_lock+0x10/0x10 [ 330.952411][T20643] ? __pfx_vfs_read+0x10/0x10 [ 330.953641][T20643] ? __fget_files+0x206/0x3a0 [ 330.954817][T20643] ksys_read+0x12b/0x250 [ 330.955916][T20643] ? __pfx_ksys_read+0x10/0x10 [ 330.957163][T20643] do_syscall_64+0xcd/0x250 [ 330.958349][T20643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.959884][T20643] RIP: 0033:0x7fe51b38472c [ 330.961040][T20643] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 330.966199][T20643] RSP: 002b:00007fe51c23c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 330.968337][T20643] RAX: ffffffffffffffda RBX: 00007fe51b575fa0 RCX: 00007fe51b38472c [ 330.970370][T20643] RDX: 000000000000000f RSI: 00007fe51c23c0a0 RDI: 0000000000000004 [ 330.972383][T20643] RBP: 00007fe51c23c090 R08: 0000000000000000 R09: 0000000000000000 [ 330.974559][T20643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 330.976599][T20643] R13: 0000000000000000 R14: 00007fe51b575fa0 R15: 00007ffe4f780248 [ 330.978555][T20643] [ 330.987503][T20639] limit_mt_check: 23 callbacks suppressed [ 330.987514][T20639] xt_limit: Overflow, try lower: 1207959552/384 [ 331.135113][T12243] Bluetooth: hci5: Frame reassembly failed (-84) [ 331.238456][T20663] netlink: 'syz.4.5501': attribute type 64 has an invalid length. [ 331.297335][ T39] audit: type=1400 audit(2000000141.039:931): avc: denied { write } for pid=20667 comm="syz.4.5504" lport=33499 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 331.346733][ T73] usb 12-1: new high-speed USB device number 17 using dummy_hcd [ 331.487600][ T73] usb 12-1: Using ep0 maxpacket: 32 [ 331.490342][ T73] usb 12-1: config 4 has an invalid interface number: 228 but max is 0 [ 331.492473][ T73] usb 12-1: config 4 has no interface number 0 [ 331.494094][ T73] usb 12-1: config 4 interface 228 altsetting 68 endpoint 0x7 has invalid wMaxPacketSize 0 [ 331.496897][ T73] usb 12-1: config 4 interface 228 has no altsetting 0 [ 331.500542][ T73] usb 12-1: New USB device found, idVendor=0499, idProduct=a9a2, bcdDevice=c4.e8 [ 331.502917][ T73] usb 12-1: New USB device strings: Mfr=1, Product=25, SerialNumber=3 [ 331.504999][ T73] usb 12-1: Product: syz [ 331.506115][ T73] usb 12-1: Manufacturer: syz [ 331.507791][ T73] usb 12-1: SerialNumber: syz [ 331.719919][ T73] usb 12-1: USB disconnect, device number 17 [ 332.145342][ T73] usb 9-1: new high-speed USB device number 30 using dummy_hcd [ 332.287592][ T73] usb 9-1: Using ep0 maxpacket: 8 [ 332.290832][ T73] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 332.294115][ T73] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 332.298280][ T73] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 332.300599][ T73] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 332.303507][ T73] usb 9-1: config 0 descriptor?? [ 332.306000][ T73] iowarrior 9-1:0.0: no interrupt-in endpoint found [ 332.411775][ T5963] Bluetooth: hci0: command tx timeout [ 332.500245][ T832] usb 9-1: USB disconnect, device number 30 [ 333.091340][ T66] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 333.139582][T20722] tipc: Trying to set illegal importance in message [ 333.141828][T20722] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20722 comm=syz.5.5528 [ 333.162500][T20732] binder: 20731:20732 ioctl c0306201 0 returned -14 [ 333.165775][T20732] openvswitch: netlink: Tunnel attr 6 has unexpected len 16 expected 0 [ 333.168942][T20732] binder: 20731:20732 ioctl c0306201 20000000 returned -11 [ 333.211796][T20738] binder: 20737:20738 ioctl c0306201 0 returned -14 [ 333.219156][T20738] binder: 20737:20738 ioctl c0306201 20000080 returned -11 [ 333.631165][ T35] usb 12-1: new high-speed USB device number 18 using dummy_hcd [ 333.674499][T20763] FAULT_INJECTION: forcing a failure. [ 333.674499][T20763] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 333.677865][T20763] CPU: 1 UID: 0 PID: 20763 Comm: syz.4.5543 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 333.680759][T20763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 333.683708][T20763] Call Trace: [ 333.684585][T20763] [ 333.685369][T20763] dump_stack_lvl+0x16c/0x1f0 [ 333.686647][T20763] should_fail_ex+0x497/0x5b0 [ 333.687888][T20763] _copy_from_user+0x2e/0xd0 [ 333.689102][T20763] vcs_write+0x2f2/0xdb0 [ 333.690240][T20763] ? inode_security+0x101/0x130 [ 333.691511][T20763] ? __pfx_vcs_write+0x10/0x10 [ 333.692762][T20763] ? bpf_lsm_file_permission+0x9/0x10 [ 333.694305][T20763] ? security_file_permission+0x71/0x210 [ 333.695767][T20763] ? __pfx_vcs_write+0x10/0x10 [ 333.697044][T20763] vfs_writev+0x6da/0xdd0 [ 333.698194][T20763] ? find_held_lock+0x2d/0x110 [ 333.699452][T20763] ? __pfx_vfs_writev+0x10/0x10 [ 333.700750][T20763] ? find_held_lock+0x2d/0x110 [ 333.702042][T20763] ? __pfx_lock_release+0x10/0x10 [ 333.703336][T20763] ? trace_lock_acquire+0x14e/0x1f0 [ 333.704612][T20763] ? __fget_files+0x206/0x3a0 [ 333.705798][T20763] ? do_writev+0x133/0x340 [ 333.706982][T20763] do_writev+0x133/0x340 [ 333.708092][T20763] ? __pfx_do_writev+0x10/0x10 [ 333.709342][T20763] do_syscall_64+0xcd/0x250 [ 333.710532][T20763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.712056][T20763] RIP: 0033:0x7f3a2c185d19 [ 333.713215][T20763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 333.718094][T20763] RSP: 002b:00007f3a2d040038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 333.720194][T20763] RAX: ffffffffffffffda RBX: 00007f3a2c375fa0 RCX: 00007f3a2c185d19 [ 333.722163][T20763] RDX: 0000000000000004 RSI: 0000000020000a40 RDI: 0000000000000003 [ 333.724194][T20763] RBP: 00007f3a2d040090 R08: 0000000000000000 R09: 0000000000000000 [ 333.726200][T20763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 333.728175][T20763] R13: 0000000000000000 R14: 00007f3a2c375fa0 R15: 00007ffd4071ca58 [ 333.730229][T20763] [ 333.780804][T20767] Cannot find del_set index 0 as target [ 333.805562][T20769] netlink: ct family unspecified [ 333.806904][T20769] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 333.806925][T20770] netlink: 'syz.4.5546': attribute type 9 has an invalid length. [ 333.811569][ T35] usb 12-1: Using ep0 maxpacket: 8 [ 333.814151][ T35] usb 12-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 333.816709][ T35] usb 12-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 333.821324][ T35] usb 12-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 333.823709][ T35] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 333.828577][ T35] usb 12-1: config 0 descriptor?? [ 333.837221][ T35] iowarrior 12-1:0.0: no interrupt-in endpoint found [ 333.885871][T20778] tipc: Trying to set illegal importance in message [ 333.887032][T20779] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 333.889527][T20778] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20778 comm=syz.5.5550 [ 333.895327][T20779] veth1_to_batadv: entered promiscuous mode [ 333.897437][T20779] macsec1: entered promiscuous mode [ 333.900232][T20778] FAULT_INJECTION: forcing a failure. [ 333.900232][T20778] name failslab, interval 1, probability 0, space 0, times 0 [ 333.903680][T20778] CPU: 2 UID: 0 PID: 20778 Comm: syz.5.5550 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 333.906681][T20778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 333.909586][T20778] Call Trace: [ 333.910517][T20778] [ 333.911312][T20778] dump_stack_lvl+0x16c/0x1f0 [ 333.912610][T20778] should_fail_ex+0x497/0x5b0 [ 333.913922][T20778] ? fs_reclaim_acquire+0xae/0x150 [ 333.915303][T20778] should_failslab+0xc2/0x120 [ 333.916598][T20778] __kmalloc_cache_noprof+0x68/0x410 [ 333.918395][T20778] ? __asan_memset+0x23/0x50 [ 333.919993][T20778] alloc_netdev_mqs+0xf25/0x1510 [ 333.921382][T20778] rtnl_create_link+0xc10/0xfa0 [ 333.922713][T20778] rtnl_newlink+0x14c3/0x1d60 [ 333.923965][T20778] ? __pfx_rtnl_newlink+0x10/0x10 [ 333.925286][T20778] ? __pfx___lock_acquire+0x10/0x10 [ 333.926676][T20778] ? cred_has_capability.isra.0+0x192/0x2f0 [ 333.928309][T20778] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 333.929983][T20778] ? find_held_lock+0x2d/0x110 [ 333.931250][T20778] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 333.932604][T20778] ? __pfx_lock_release+0x10/0x10 [ 333.933946][T20778] ? trace_lock_acquire+0x14e/0x1f0 [ 333.935344][T20778] ? __pfx_rtnl_newlink+0x10/0x10 [ 333.936668][T20778] rtnetlink_rcv_msg+0x95b/0xea0 [ 333.937975][T20778] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 333.939404][T20778] netlink_rcv_skb+0x16b/0x440 [ 333.940665][T20778] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 333.942101][T20778] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 333.943499][T20778] ? netlink_deliver_tap+0x1ae/0xd30 [ 333.944884][T20778] netlink_unicast+0x53c/0x7f0 [ 333.946146][T20778] ? __pfx_netlink_unicast+0x10/0x10 [ 333.947535][T20778] netlink_sendmsg+0x8b8/0xd70 [ 333.948793][T20778] ? __pfx_netlink_sendmsg+0x10/0x10 [ 333.950181][T20778] ____sys_sendmsg+0xaaf/0xc90 [ 333.951439][T20778] ? copy_msghdr_from_user+0x10b/0x160 [ 333.952859][T20778] ? __pfx_____sys_sendmsg+0x10/0x10 [ 333.954257][T20778] ___sys_sendmsg+0x135/0x1e0 [ 333.955493][T20778] ? __pfx____sys_sendmsg+0x10/0x10 [ 333.956859][T20778] ? __pfx_lock_release+0x10/0x10 [ 333.958178][T20778] ? trace_lock_acquire+0x14e/0x1f0 [ 333.959540][T20778] ? __fget_files+0x206/0x3a0 [ 333.960788][T20778] __sys_sendmsg+0x16e/0x220 [ 333.962001][T20778] ? __pfx___sys_sendmsg+0x10/0x10 [ 333.963358][T20778] do_syscall_64+0xcd/0x250 [ 333.964547][T20778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.966099][T20778] RIP: 0033:0x7f899bb85d19 [ 333.967263][T20778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 333.972211][T20778] RSP: 002b:00007f899c929038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 333.974393][T20778] RAX: ffffffffffffffda RBX: 00007f899bd75fa0 RCX: 00007f899bb85d19 [ 333.976455][T20778] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000008 [ 333.978510][T20778] RBP: 00007f899c929090 R08: 0000000000000000 R09: 0000000000000000 [ 333.980550][T20778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 333.982596][T20778] R13: 0000000000000000 R14: 00007f899bd75fa0 R15: 00007fff4cad1868 [ 333.984654][T20778] [ 334.022413][ T63] usb 12-1: USB disconnect, device number 18 [ 334.395977][ T66] Bluetooth: hci0: command tx timeout [ 334.440409][T20804] tipc: Trying to set illegal importance in message [ 334.533806][T20809] vxcan1: tx address claim with dest, not broadcast [ 334.694648][T20827] netlink: 'syz.7.5568': attribute type 64 has an invalid length. [ 334.997424][T20799] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 334.999105][T20799] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 335.003542][T20799] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 335.005800][T20799] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 335.007430][T20799] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 335.009496][T20799] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 335.013478][T20799] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 335.015026][T20799] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 335.027415][T20799] ------------[ cut here ]------------ [ 335.029139][T20799] refcount_t: underflow; use-after-free. [ 335.030744][T20799] WARNING: CPU: 1 PID: 20799 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210 [ 335.033288][T20799] Modules linked in: [ 335.034700][T20799] CPU: 1 UID: 0 PID: 20799 Comm: syz.5.5557 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 335.038664][T20799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 335.041528][T20799] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 335.043086][T20799] Code: ff 89 de e8 98 25 fa fc 84 db 0f 85 66 ff ff ff e8 ab 23 fa fc c6 05 46 ea a7 0b 01 90 48 c7 c7 e0 80 d1 8b e8 f7 6e ba fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 88 23 fa fc 0f b6 1d 21 ea a7 0b 31 [ 335.047945][T20799] RSP: 0018:ffffc900042af218 EFLAGS: 00010282 [ 335.049513][T20799] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc90024d71000 [ 335.051604][T20799] RDX: 0000000000080000 RSI: ffffffff815a5086 RDI: 0000000000000001 [ 335.053613][T20799] RBP: ffff8880635a7c78 R08: 0000000000000001 R09: 0000000000000000 [ 335.055634][T20799] R10: 0000000000000000 R11: 0000000000000007 R12: ffff8880572e6400 [ 335.057623][T20799] R13: ffff8880635a7c78 R14: ffffffff85c49f30 R15: dffffc0000000000 [ 335.059632][T20799] FS: 00007f899c9296c0(0000) GS:ffff88806a700000(0000) knlGS:0000000000000000 [ 335.062003][T20799] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 335.063703][T20799] CR2: 00007f0466745100 CR3: 00000000133ac000 CR4: 0000000000352ef0 [ 335.065714][T20799] Call Trace: [ 335.066576][T20799] [ 335.067310][T20799] ? __warn+0xea/0x3c0 [ 335.068360][T20799] ? refcount_warn_saturate+0x14a/0x210 [ 335.070139][T20799] ? report_bug+0x3c0/0x580 [ 335.071323][T20799] ? handle_bug+0x54/0xa0 [ 335.072444][T20799] ? exc_invalid_op+0x17/0x50 [ 335.073657][T20799] ? asm_exc_invalid_op+0x1a/0x20 [ 335.075021][T20799] ? __pfx_klist_children_put+0x10/0x10 [ 335.076451][T20799] ? __warn_printk+0x1a6/0x350 [ 335.077686][T20799] ? refcount_warn_saturate+0x14a/0x210 [ 335.079339][T20799] ? refcount_warn_saturate+0x149/0x210 [ 335.080873][T20799] klist_put+0x11b/0x1b0 [ 335.081982][T20799] klist_remove+0x140/0x2b0 [ 335.083143][T20799] ? __pfx_klist_remove+0x10/0x10 [ 335.084436][T20799] ? get_device_parent+0x1ed/0x4e0 [ 335.085753][T20799] device_move+0x12d/0x10b0 [ 335.086932][T20799] hci_conn_del_sysfs+0x81/0x170 [ 335.088200][T20799] hci_conn_del+0x54e/0xdb0 [ 335.089639][T20799] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 335.091017][T20799] hci_conn_failed+0x2a6/0x3e0 [ 335.092256][T20799] ? __pfx_hci_conn_failed+0x10/0x10 [ 335.093615][T20799] ? lock_acquire+0x2f/0xb0 [ 335.094783][T20799] ? hci_abort_conn_sync+0x170/0xfe0 [ 335.096157][T20799] hci_abort_conn_sync+0x91c/0xfe0 [ 335.097498][T20799] ? __pfx_hci_abort_conn_sync+0x10/0x10 [ 335.099236][T20799] ? hci_disconnect_all_sync.constprop.0+0x77/0x3c0 [ 335.100937][T20799] ? __pfx_lock_release+0x10/0x10 [ 335.102266][T20799] ? trace_lock_acquire+0x14e/0x1f0 [ 335.103603][T20799] ? hci_disconnect_all_sync.constprop.0+0x77/0x3c0 [ 335.105261][T20799] hci_disconnect_all_sync.constprop.0+0x104/0x3c0 [ 335.106938][T20799] hci_suspend_sync+0x772/0xab0 [ 335.108348][T20799] ? __pfx_hci_suspend_sync+0x10/0x10 [ 335.109732][T20799] ? hci_send_monitor_ctrl_event+0x560/0x5b0 [ 335.111274][T20799] ? __pfx_mgmt_suspending+0x10/0x10 [ 335.112632][T20799] hci_suspend_dev+0x30a/0x510 [ 335.113873][T20799] ? __pfx_hci_suspend_dev+0x10/0x10 [ 335.115216][T20799] ? rcu_barrier+0x344/0x700 [ 335.116435][T20799] ? kobject_get+0xbb/0x150 [ 335.117704][T20799] hci_suspend_notifier+0x28d/0x2f0 [ 335.119042][T20799] notifier_call_chain+0xb7/0x410 [ 335.120331][T20799] ? __pfx_hci_suspend_notifier+0x10/0x10 [ 335.121758][T20799] blocking_notifier_call_chain_robust+0xc9/0x170 [ 335.123400][T20799] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 335.125142][T20799] pm_notifier_call_chain_robust+0x27/0x60 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 335.126819][T20799] snapshot_open+0x189/0x2b0 [ 335.128319][T20799] ? __pfx_snapshot_open+0x10/0x10 [ 335.129653][T20799] misc_open+0x35a/0x420 [ 335.130753][T20799] ? __pfx_misc_open+0x10/0x10 [ 335.131995][T20799] chrdev_open+0x237/0x6a0 [ 335.133159][T20799] ? __pfx_chrdev_open+0x10/0x10 [ 335.134489][T20799] do_dentry_open+0xf59/0x1ea0 [ 335.135826][T20799] ? __pfx_chrdev_open+0x10/0x10 [ 335.137207][T20799] ? inode_permission+0xdd/0x5f0 [ 335.139325][T20799] vfs_open+0x82/0x3f0 [ 335.140346][T20799] ? may_open+0x1f2/0x400 [ 335.141436][T20799] path_openat+0x1e6a/0x2d60 [ 335.142599][T20799] ? __pfx_path_openat+0x10/0x10 [ 335.143826][T20799] ? __pfx___lock_acquire+0x10/0x10 [ 335.145157][T20799] ? lock_acquire.part.0+0x11b/0x380 [ 335.146641][T20799] ? find_held_lock+0x2d/0x110 [ 335.147884][T20799] do_filp_open+0x20c/0x470 [ 335.149065][T20799] ? __pfx_do_filp_open+0x10/0x10 [ 335.150375][T20799] ? find_held_lock+0x2d/0x110 [ 335.151620][T20799] ? alloc_fd+0x41f/0x760 [ 335.152745][T20799] do_sys_openat2+0x17a/0x1e0 [ 335.153931][T20799] ? __pfx_do_sys_openat2+0x10/0x10 [ 335.155563][T20799] __x64_sys_openat+0x175/0x210 [ 335.156911][T20799] ? __pfx___x64_sys_openat+0x10/0x10 [ 335.158323][T20799] do_syscall_64+0xcd/0x250 [ 335.159585][T20799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 335.161190][T20799] RIP: 0033:0x7f899bb85d19 [ 335.162392][T20799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 335.167271][T20799] RSP: 002b:00007f899c929038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 335.169385][T20799] RAX: ffffffffffffffda RBX: 00007f899bd75fa0 RCX: 00007f899bb85d19 [ 335.171343][T20799] RDX: 0000000000020000 RSI: 0000000020002340 RDI: ffffffffffffff9c [ 335.173333][T20799] RBP: 00007f899bc01a20 R08: 0000000000000000 R09: 0000000000000000 [ 335.175488][T20799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 335.177484][T20799] R13: 0000000000000000 R14: 00007f899bd75fa0 R15: 00007fff4cad1868 [ 335.179933][T20799] [ 335.180736][T20799] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 335.182595][T20799] CPU: 1 UID: 0 PID: 20799 Comm: syz.5.5557 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 [ 335.185340][T20799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 335.188018][T20799] Call Trace: [ 335.188885][T20799] [ 335.189660][T20799] dump_stack_lvl+0x3d/0x1f0 [ 335.190866][T20799] panic+0x71d/0x800 [ 335.191890][T20799] ? __pfx_panic+0x10/0x10 [ 335.193042][T20799] ? show_trace_log_lvl+0x29d/0x3d0 [ 335.194358][T20799] ? refcount_warn_saturate+0x14a/0x210 [ 335.195736][T20799] check_panic_on_warn+0xab/0xb0 [ 335.197003][T20799] __warn+0xf6/0x3c0 [ 335.197997][T20799] ? refcount_warn_saturate+0x14a/0x210 [ 335.199378][T20799] report_bug+0x3c0/0x580 [ 335.200485][T20799] handle_bug+0x54/0xa0 [ 335.201537][T20799] exc_invalid_op+0x17/0x50 [ 335.202715][T20799] asm_exc_invalid_op+0x1a/0x20 [ 335.203975][T20799] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 335.205534][T20799] Code: ff 89 de e8 98 25 fa fc 84 db 0f 85 66 ff ff ff e8 ab 23 fa fc c6 05 46 ea a7 0b 01 90 48 c7 c7 e0 80 d1 8b e8 f7 6e ba fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 88 23 fa fc 0f b6 1d 21 ea a7 0b 31 [ 335.210367][T20799] RSP: 0018:ffffc900042af218 EFLAGS: 00010282 [ 335.211903][T20799] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc90024d71000 [ 335.213909][T20799] RDX: 0000000000080000 RSI: ffffffff815a5086 RDI: 0000000000000001 [ 335.215922][T20799] RBP: ffff8880635a7c78 R08: 0000000000000001 R09: 0000000000000000 [ 335.217993][T20799] R10: 0000000000000000 R11: 0000000000000007 R12: ffff8880572e6400 [ 335.219971][T20799] R13: ffff8880635a7c78 R14: ffffffff85c49f30 R15: dffffc0000000000 [ 335.221929][T20799] ? __pfx_klist_children_put+0x10/0x10 [ 335.223313][T20799] ? __warn_printk+0x1a6/0x350 [ 335.224523][T20799] ? refcount_warn_saturate+0x149/0x210 [ 335.225911][T20799] klist_put+0x11b/0x1b0 [ 335.226992][T20799] klist_remove+0x140/0x2b0 [ 335.228129][T20799] ? __pfx_klist_remove+0x10/0x10 [ 335.229394][T20799] ? get_device_parent+0x1ed/0x4e0 [ 335.230671][T20799] device_move+0x12d/0x10b0 [ 335.231851][T20799] hci_conn_del_sysfs+0x81/0x170 [ 335.233130][T20799] hci_conn_del+0x54e/0xdb0 [ 335.234305][T20799] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 335.235685][T20799] hci_conn_failed+0x2a6/0x3e0 [ 335.236923][T20799] ? __pfx_hci_conn_failed+0x10/0x10 [ 335.238234][T20799] ? lock_acquire+0x2f/0xb0 [ 335.239386][T20799] ? hci_abort_conn_sync+0x170/0xfe0 [ 335.240746][T20799] hci_abort_conn_sync+0x91c/0xfe0 [ 335.242078][T20799] ? __pfx_hci_abort_conn_sync+0x10/0x10 [ 335.243475][T20799] ? hci_disconnect_all_sync.constprop.0+0x77/0x3c0 [ 335.245147][T20799] ? __pfx_lock_release+0x10/0x10 [ 335.246469][T20799] ? trace_lock_acquire+0x14e/0x1f0 [ 335.247808][T20799] ? hci_disconnect_all_sync.constprop.0+0x77/0x3c0 [ 335.249510][T20799] hci_disconnect_all_sync.constprop.0+0x104/0x3c0 [ 335.251128][T20799] hci_suspend_sync+0x772/0xab0 [ 335.252325][T20799] ? __pfx_hci_suspend_sync+0x10/0x10 [ 335.253658][T20799] ? hci_send_monitor_ctrl_event+0x560/0x5b0 [ 335.255143][T20799] ? __pfx_mgmt_suspending+0x10/0x10 [ 335.256482][T20799] hci_suspend_dev+0x30a/0x510 [ 335.257711][T20799] ? __pfx_hci_suspend_dev+0x10/0x10 [ 335.258995][T20799] ? rcu_barrier+0x344/0x700 [ 335.260166][T20799] ? kobject_get+0xbb/0x150 [ 335.261298][T20799] hci_suspend_notifier+0x28d/0x2f0 [ 335.262591][T20799] notifier_call_chain+0xb7/0x410 [ 335.263823][T20799] ? __pfx_hci_suspend_notifier+0x10/0x10 [ 335.265196][T20799] blocking_notifier_call_chain_robust+0xc9/0x170 [ 335.266831][T20799] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 335.268533][T20799] pm_notifier_call_chain_robust+0x27/0x60 [ 335.269991][T20799] snapshot_open+0x189/0x2b0 [ 335.271128][T20799] ? __pfx_snapshot_open+0x10/0x10 [ 335.272364][T20799] misc_open+0x35a/0x420 [ 335.273447][T20799] ? __pfx_misc_open+0x10/0x10 [ 335.274664][T20799] chrdev_open+0x237/0x6a0 [ 335.275791][T20799] ? __pfx_chrdev_open+0x10/0x10 [ 335.277032][T20799] do_dentry_open+0xf59/0x1ea0 [ 335.278258][T20799] ? __pfx_chrdev_open+0x10/0x10 [ 335.279500][T20799] ? inode_permission+0xdd/0x5f0 [ 335.280713][T20799] vfs_open+0x82/0x3f0 [ 335.281735][T20799] ? may_open+0x1f2/0x400 [ 335.282830][T20799] path_openat+0x1e6a/0x2d60 [ 335.283999][T20799] ? __pfx_path_openat+0x10/0x10 [ 335.285237][T20799] ? __pfx___lock_acquire+0x10/0x10 [ 335.286560][T20799] ? lock_acquire.part.0+0x11b/0x380 [ 335.287879][T20799] ? find_held_lock+0x2d/0x110 [ 335.289073][T20799] do_filp_open+0x20c/0x470 [ 335.290221][T20799] ? __pfx_do_filp_open+0x10/0x10 [ 335.291478][T20799] ? find_held_lock+0x2d/0x110 [ 335.292694][T20799] ? alloc_fd+0x41f/0x760 [ 335.293791][T20799] do_sys_openat2+0x17a/0x1e0 [ 335.294980][T20799] ? __pfx_do_sys_openat2+0x10/0x10 [ 335.296302][T20799] __x64_sys_openat+0x175/0x210 [ 335.297531][T20799] ? __pfx___x64_sys_openat+0x10/0x10 [ 335.298876][T20799] do_syscall_64+0xcd/0x250 [ 335.300059][T20799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 335.301592][T20799] RIP: 0033:0x7f899bb85d19 [ 335.302742][T20799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 335.307657][T20799] RSP: 002b:00007f899c929038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 335.309662][T20799] RAX: ffffffffffffffda RBX: 00007f899bd75fa0 RCX: 00007f899bb85d19 [ 335.311552][T20799] RDX: 0000000000020000 RSI: 0000000020002340 RDI: ffffffffffffff9c [ 335.313504][T20799] RBP: 00007f899bc01a20 R08: 0000000000000000 R09: 0000000000000000 [ 335.315474][T20799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 335.317529][T20799] R13: 0000000000000000 R14: 00007f899bd75fa0 R15: 00007fff4cad1868 [ 335.319526][T20799] [ 335.320727][T20799] Kernel Offset: disabled [ 335.322058][T20799] Rebooting in 86400 seconds.. VM DIAGNOSIS: 08:53:25 Registers: info registers vcpu 0 CPU#0 RAX=00000000002bc5db RBX=0000000000000000 RCX=ffffffff8b293679 RDX=0000000000000000 RSI=ffffffff8b6cd860 RDI=ffffffff8bd1d3e0 RBP=fffffbfff1bd2ef8 RSP=ffffffff8de07e20 R8 =0000000000000001 R9 =ffffed100d4c6fed R10=ffff88806a637f6b R11=0000000000000000 R12=0000000000000000 R13=ffffffff8de977c0 R14=ffffffff905f1a10 R15=0000000000000000 RIP=ffffffff8b294a5f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c34c1ec CR3=000000002c05a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0023436c6f72746e 6f632f646e732f76 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a2c2029b2 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a2c2029bf ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a2c2029b9 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a2c2029cd ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a2c202a53 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a2c202b31 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e580dfeea9952d7f a41e9301550d7752 86f01fbddd81caca 1843081300b49023 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0ddfbfb30505ff71 6e76d46c9c69a85e fe3f932ab4a09ce3 9a423486c1ab6154 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4fae51db55d7b910 1b11107e7319af9a 54007c17bfea9ebb c9e341c64b0493be ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2b871389bbadc9e7 f2877016e580dfee a9952d7fa41e9301 550d775286f01fbd ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 dd81caca18430813 00b490235469617b 206c2f85647e914b eac8b6189b908fce ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff851b94a5 RDI=ffffffff9ab0cc20 RBP=ffffffff9ab0cbe0 RSP=ffffc900042aeb78 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000000000000b R12=0000000000000000 R13=000000000000003a R14=ffffffff851b9440 R15=0000000000000000 RIP=ffffffff851b94cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f899c9296c0 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f0466745100 CR3=00000000133ac000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0023436c6f72746e 6f632f646e732f76 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a2c2029b2 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a2c2029bf ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a2c2029b9 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a2c2029cd ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a2c202a53 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a2c202b31 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e580dfeea9952d7f a41e9301550d7752 86f01fbddd81caca 1843081300b49023 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0ddfbfb30505ff71 6e76d46c9c69a85e fe3f932ab4a09ce3 9a423486c1ab6154 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4fae51db55d7b910 1b11107e7319af9a 54007c17bfea9ebb c9e341c64b0493be ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2b871389bbadc9e7 f2877016e580dfee a9952d7fa41e9301 550d775286f01fbd ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 dd81caca18430813 00b490235469617b 206c2f85647e914b eac8b6189b908fce ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000003 RBX=0000000000080000 RCX=0000000000000001 RDX=0000000000000000 RSI=1ffff11004a13a6b RDI=ffff88802509d3a9 RBP=0000000000000003 RSP=ffffc900066679d0 R8 =0000000000000000 R9 =fffffbfff2dc9db2 R10=ffffffff96e4ed97 R11=0000000000000000 R12=0000000000000000 R13=ffff88802509c880 R14=0000000000000006 R15=ffff88802509d388 RIP=ffffffff81766d0d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fec000c6280 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c3027f6 CR3=000000002275a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000004 Opmask01=0000000000000000 Opmask02=00000000fffffdff Opmask03=0104100080810010 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055da2750a390 000055da27507280 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055da2750a390 000055da27507280 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737373 7373737373737373 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffff00000000ff ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffff00000000ff ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1c1f115c435d4316 10120300161e121d ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5c431d1c1a141601 5c43000611171d5c ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 73202c297325286b 636f6c66206f7420 656c62616e55006e 6f69746974726170 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 302c393230302c38 3230302c37323030 2c36323030003938 3d5145534b534944 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0d11040f0d0d1105 0f0d0d110a0f0d0d 110b0f0d0d000405 005145534b534944 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000031 0000000000000000 37706f6f6c2f6b63 6f6c622f6c617574 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000316573756f00 306d656d702f6b63 6f6c622f302e3065 63617073656d616e ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 584e4c2f73656369 7665642f7379732f 0000000000000071 0000000000007974 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7d7f7f7d7f7f7d7f 7f7f7f763f7f777f 7f7f7f7f7f7f777f 7d7f776f777f793f ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 264c383a3a264f38 3a3a264e383a3a26 49383a3a2648383a 3a2633383a3a2632 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c3031312c313031 2c303030622c002c 332c322c31003039 2d31303030553130 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c00302c2c313030 2c303030302c002c 302c2c2c31002c2c 2c303000302c3130 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 info registers vcpu 3 CPU#3 RAX=000000000026d513 RBX=0000000000000003 RCX=ffffffff8b293679 RDX=0000000000000000 RSI=ffffffff8b6cd860 RDI=ffffffff8bd1d3e0 RBP=ffffed1003ad4488 RSP=ffffc900001a7e08 R8 =0000000000000001 R9 =ffffed100d526fed R10=ffff88806a937f6b R11=0000000000000000 R12=0000000000000003 R13=ffff88801d6a2440 R14=ffffffff905f1a10 R15=0000000000000000 RIP=ffffffff8b294a5f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f8ad1d84f70 CR3=000000004814a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 01000000004b564d 0300000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe51b4029b2 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe51b4029bf ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe51b4029b9 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe51b4029cd ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe51b402a53 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe51b402b31 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe51b54b488 00007fe51b54b480 00007fe51b54b478 00007fe51b54b450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe51c0ad100 00007fe51b54b440 00007fe51b540004 0008000f0010000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe51b54b498 00007fe51b54b490 00007fe51b54b488 00007fe51b54b480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000