last executing test programs: 5.931552099s ago: executing program 3 (id=180): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="850000005f0000006a0a007f000000005500000000000000950000000000000018100000", @ANYRES32=r1, @ANYBLOB="000000000000000005000000000000009500000000000000"], &(0x7f0000000400)='syzkaller\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="1c002380080009000000000005001f000100000005001100"], 0x38}}, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) mlockall(0x3) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r4) io_setup(0x2, &(0x7f0000000080)) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x0, 0x0) read$FUSE(r5, &(0x7f0000001f80)={0x2020}, 0x2020) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000c00000000000000", @ANYRES32, @ANYBLOB="0000003d2a41ead19060f0000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r6 = socket(0x1, 0x803, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000000)={'veth0_vlan\x00', 0x400}) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e751d"], 0x24) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="b70000000000000007000000000000009500000000000000a9171809f8dcf159569d5475991f7de1a0d0c119cfcf6b98741c23fb7f8d3002ec85db75af955427e91496087a51a0a78f269a9e216a0d0177c4fe3552396a180330807a5b6e8c79aa92038c78d1f16c1323f0e0c8d45c641a21757847cb22230e4321cc3581e40c62c4defee8cffe359cfeef7f58fffdb48647d28ae810f6d22d20271e9e88e94aa6982bf48356652b08e2fbd404e41e0058aae0478fbe542b648421d1b4486a542a7d478fbe6b5e000000293853f9c68e235184b7ad5b6c4fe70ec8320500db0db7fda3da6171a05509ffecef2cb9802d4f36c9a1ce46d3b355fec188ccfc2f0fc89e164561fb06ee9a0153981a47b5de9edd3536d5534f9a699f73b2c9341d2d05043748ce1f4577ed76cdf5b3c697089daa4abda69a8c0c992404610a6be9e103c972459065dec0488e85a6a0418fc87dd8019ef7bb4ef4fa6ee08d81797570578f2e8198e687012f25a69a90e7515e35f8abbddfa96c3f0485f01f0e9e144a2bd31c1b594c50de7c9efd826f1e19b7bd89ca4052b1985287bd13957a48467e0eeddf564d175bf4340885b63976df609806c3b2a3667539dfd66a7400000000003be6026e60205f761ce85cdf75cdb95ca5d32b5bf87eed4184d49f8f48181ef2419efe82ebb18ee55772d562b3b49551714e805a5211a3f4e8e703c03e23b2074bc573dbb66d59e269b722637c4a2efb5241cae2f14774609ad91d66724c438455dc4fcf0b4c8fc235f6c190b4c82bb2556d1fbcd4468369e98e900c743162ce2c7e60610acf0c8e4ba94a7e7127c7de0e6c35acecee1b8434fdca4579f9ebc6a515f7d910b466eb583fb0a7e65fbecb2b8ee0e9da33afb88aa5da8da3a5e0e58fcb48de6f165826b046a8951a47e040bd419d0efa0f54e8e3694085a7bde6f6494968d8200000000000"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x9, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r8 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r8, 0x1, 0x1000000000000f, &(0x7f0000000080)=0x7fffffff, 0x4) setsockopt$sock_attach_bpf(r8, 0x1, 0x34, &(0x7f0000000040)=r7, 0x4) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="b7000000ecffffff0c0000000000000095000000000000005e0c83dfb64a3eb1cdfa541cd3957aa8a96b9fa4591c1eb556e38defc504b011face5a06294c2115a9ad943bac350e8d7961537181f79ead9176dc7c3ed2d45004deb987fa0d"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff37, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r10 = dup2(r9, r7) setsockopt$sock_attach_bpf(r8, 0x1, 0x34, &(0x7f00000000c0)=r10, 0x4) socket(0x28, 0x5, 0x0) r11 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r11, 0x6, 0x0, 0x0, 0x0) fsmount(r11, 0x0, 0x0) 5.559489868s ago: executing program 0 (id=182): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000eea9eb87eb8780000066bac0000f3066b808008ed0660f38806f008ee0", 0x39}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000100)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = eventfd2(0x44, 0x80001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r3, 0x3, 0x2, r3}) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x52, 0x1, 0x0, 0x0, {0x2}, [@typed={0xc, 0x1, 0x0, 0x0, @u64}]}, 0x20}}, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x6b2e}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x7}]}) r5 = socket$inet6(0xa, 0x80003, 0xff) setsockopt$inet6_int(r5, 0x29, 0x16, &(0x7f0000fcb000), 0x4) setsockopt$inet6_int(r5, 0x29, 0x16, &(0x7f0000000000)=0x7, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2004cb], 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.199768626s ago: executing program 3 (id=184): timerfd_create(0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000080)=0x7f) r2 = socket(0x10, 0x803, 0x0) r3 = syz_create_resource$binfmt(&(0x7f0000000e40)='./file0\x00') r4 = openat$binfmt(0xffffff9c, r3, 0x41, 0x1ff) write$binfmt_script(r4, &(0x7f0000001140)={'#! ', './file0', [{0x20, '@]!+\x00]!\b\x00\x00\x00\x00\x00\x00\x00[)\\#.'}]}, 0x20) execve(&(0x7f0000001040)='./file0\x00', 0x0, &(0x7f0000000040)={[&(0x7f0000000080)='#! ']}) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x8, &(0x7f0000006680)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) setitimer(0x1, 0x0, 0x0) sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0)) 4.422294954s ago: executing program 0 (id=186): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io$hid(r1, &(0x7f0000001540)={0x14, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220f00000003a840"], 0x0}, 0x0) r2 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0) r3 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0) ioctl$HIDIOCSREPORT(r3, 0x81044804, &(0x7f0000000400)={0x1}) ioctl$HIDIOCGUSAGE(r2, 0x40184810, 0x0) 3.94808498s ago: executing program 2 (id=189): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000001c0)={0x81, 0x8, 0xffff}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x80, 0x2, 0x3}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x202, 0x80000020, 0xedb}) r3 = socket$can_raw(0x1d, 0x3, 0x1) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) sendto$inet6(r5, 0x0, 0x0, 0x4c004, &(0x7f0000002880)={0xa, 0x4e24, 0x11b4, @mcast2}, 0x1c) sendmmsg$inet6(r5, &(0x7f0000000fc0)=[{{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000640)="383cd9cbce39f8c83f86c16cba3abbe0a1cc0ad921451ad90d20c72eb63222a37aae8f91c29a66efc1105e7f0b06d2d7d1f876c12c8b973ed6d1cc7e50c655a261d38303a2a8207b93fdf1c3119793fde070c8b352da2b29dc1881854b3c4e3fee5c11fb47c67ad456420760e853740c170a0a959fb04834d318beb94d0f919978e7735438d039dc81547bd691dc26888535a0af6262f7aee3fcde21e4e51474c1154f91dd642c1523f08a194491fbb33e25fe4f566802650ed77497cef0b0ce59681befc62a0c1e9b5899567715c0824463466d6d948a059962e44407245258ba2e6d02affafb03fcfdcecb5691e97fa7f332a35ff0c8e379a5f91e01302be79027b1f342614b0c616786ee8fc05d1ff275918e487ee241ae9759a500137bb7e63f65ec7969cff76b97e14dd7a7de48e37584ba66da992e3674d3f8a0788c6e72b0a736b8da9c6087090fcd5c0e3aefb88b39c8892becf8760560b16a45cfee5304f4d6c228772200d4fe48be3b4ed570c85f7b09c94210375e7263dc1119bf9aef972f32cbb6d70b427bb3c3fe211353d210eb27a757bc592b268d92c8e3c8632467f93c9a5a0cf90d0f8e0c6480b512e70828c5e2b53ed5d5f4b9f1d84477c209886aa095a77087d93c166797ec3282daf2f8e18d9944b4b9a13bb391b312fea26301ce18952204d4552bcc707112cb10d18df37379961ba957caf4bfaf4c48f0573ef237fb1f1cd0310a39d55f5def3da37e2e8a0f5573a2268ba74afb62f681f4bd02c9f250b3ff01388e59f69d9d651506561dfd901aa56129b8474afec21fc1115a38198fd0047e132cf879fb1dcf374eff81e5f079493d55a70014722b9157080281f42c7f37711aec262670ba5ddd151bdd018542c803b47be1dfc884ff5a22156fb9032095de7e69afe9eab810b0c3bac90a8ca8d8c1cb7919a082e7d6d5b2944822ebba4aef382525c5c3382bd8b9d368c337247b935aca5aa46e1124e350ef3fb60b80dd35dc0c65e45c81cd9f271be8c97b8845928926f931641af62f2bc81a6a1a982f8f3318da1a38489f51c564c6c7791fe2f63a10e0e432271aa1aff11f899c87a5c29c5bef73ed72473fada6f49d0af7916800fae9a4b8c60a2c69a93ba9abad0df99ea168cd40c63dee61518dcf8bb29743085de0b2b0cc0a68c4005120fa8ee871b8baa2c6f2f2f4c22002231c9334ca23804457df0922cfc37aaf4b8e4757ff37cd16052006e8bd20a086e4c2a2c3d8dd722e67dd0cb0204a577febd46d1c2315db5c5929c23d08b9c0fcaf9eef78f48d7ef6f51e5b9a6046699d572a9195b8a61ddab408580e209f5fdd804099f01afb597ef41419c82d029be14b8ac40c23c4519619301536709fed1a3150ed69f34012ee25257f4b19fcd1f3d1bfd5be03f85587470c85372ae257d220d7c346bfbd22fbfba27d5daf988e5fbed3c1872e70039f9196f61a30436791a65d5f727b5eb375a06735f7fab2e0434e6424e333a8d098e61c2793b9030df7427f5d654f48ac2f547acce2293fbc7ae6afd36008c31078cef27ec19e975b387ae73ba3e5b3657869ee0fe24a33b558fe42386466d55c56a3b5ce46c54df104bfa002e97e8bde1811681687dc7a2269783476a2c4106bcb25057a72c527a0747d7bef127e4dcd22a658ebe1ff79a77cd887734621b2fc9c4336c5ddc1fb49812b869c13453680e041bc2212f17550fc8d2c70c82452ef6b288985b7cbf53bb35b56a4b53e51dd112e1577", 0x4e0}], 0x1}}], 0x1, 0x0) sendmsg$netlink(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002b00010a"], 0x114}], 0x1}, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000440)={&(0x7f0000000340)=[0x0, 0x0], &(0x7f0000000380)=[0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0], 0x2, 0x1, 0x7, 0x2}) ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06464ce, &(0x7f0000000480)={r6, 0xbd43cd9c, 0xfffffffd, 0xfffffffb, 0x3, [], [0x1, 0x9, 0x1, 0xffff], [0x400, 0x8, 0x2, 0x101], [0x8, 0x1, 0x7, 0x5]}) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000002c0)={'vxcan1\x00', 0x0}) sendmsg$can_raw(r3, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r7}, 0x10, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "f00000000800"}, 0x10}}, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x43b, 0x7fff, 0x2}) r8 = syz_open_dev$dri(&(0x7f00000008c0), 0xd1f, 0xc4801) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r8, 0xc02064b2, &(0x7f0000000200)={0x10001, 0x401f, 0x3}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r9 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013070000000000000000e0000001000000000000000000000000fc00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000072c42572f64a264410b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbc18c8582fc7800000000000000000000000050019000000000028001a"], 0x120}}, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000280)={0x5, 0x1, 0x971}) r10 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$nfc_llcp(r10, &(0x7f0000000080)={0x27, 0x0, 0x0, 0x2, 0x9, 0x0, "35e16d6b23a53f34206d974d5772913702dd5cef3d32edb403c348232f0085384137e1a055c23f3554f01f5c29a579853ef9278d34442c4e6de614a78d57b3", 0x20}, 0x58) r11 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000b80)='/proc/bus/input/handlers\x00', 0x0, 0x0) preadv(r11, &(0x7f0000000300)=[{&(0x7f0000000000)=""/137, 0x89}], 0x1, 0x4, 0xf5) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000600)={&(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000580), &(0x7f00000005c0), 0x9, 0x5}) read$fb(r11, &(0x7f00000000c0)=""/81, 0x51) close_range(r0, 0xffffffffffffffff, 0x0) 3.81087579s ago: executing program 2 (id=190): getpid() ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000140)={0x8d, 0x2, 0x1}) openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'}) r3 = syz_io_uring_setup(0x3b, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f0000000100)=0x0) r6 = socket$inet_smc(0x2b, 0x1, 0x0) syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r6, 0x0}) listen(r6, 0x0) io_uring_enter(r3, 0x92, 0x0, 0x0, 0x0, 0x0) socket$nl_rdma(0x10, 0x3, 0x14) r7 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r7, 0x8922, &(0x7f0000000240)={'veth1_vlan\x00', 0xef}) 3.181506824s ago: executing program 3 (id=191): openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x20}}, 0x0) setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x7, &(0x7f00000001c0)=0x44, 0x4) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x9, 0x0, 0x0, 0xfffffffffffffffe]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x2, 0x3, 0x0, 0x4, 0x0, 0x0, 0xeffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff], 0x0, 0x1000}) ioctl$KVM_RUN(r2, 0xae80, 0x700) 2.671400632s ago: executing program 1 (id=193): capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0xc4, 0x0, 0x0, 0x81, 0xfffffffb, 0x3}) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x48802, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000280)=[{0x0}], 0x1) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001f00)={0x11, 0x12, &(0x7f0000001fc0)=ANY=[@ANYBLOB="180000000200000000000000000800008510000008000000c5a70c000800000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000008510000000000000f92207005d00000085100000f9ffffff85100000faffffff18130000", @ANYRES32=r0, @ANYBLOB="0000000000000000186a00000b0000000000000080000000950020000000000076fe36f3f0f1e0280fc75b8b4e130adc002319780bbc8aa2069f9ae8c2209bbe2aec48ad71dce8f737ab8c54f51d610fd0eaba0f651c43e4766bfdab1c28a98bdd0523dbc52710fb039750065a6354387071ecc692e4bc563d8c85706fcb13c0df045c9611751b9803863e979710326549e712f651cfd53b4a43ade46742889b4b555146bda14f7cf781268543b810d796c9a69a3c09c41eb4636462731ca66d48edd63c7fb20b468096226b43249d6a072fa3bae54733a1aff1d342868666641a650adf1a21fc495352a52c963eac1d2de07a3582fdc27bcab5f8983f7f3098fcd518f2cd0e2c5b1a46f4afe103b03db58a1698392a68b4d077f6a147793498de651adfe1707feb6660eec5fe98ff4c8bdb48b85f2fa45c431aeb5d60e39694c766e4b048a2052fe960789b0bcb2fdb26cb6c364e"], &(0x7f0000001d80)='GPL\x00', 0x4, 0x2, &(0x7f0000001dc0)=""/2, 0x41100, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000001e00)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000001e40)={0x5, 0x2, 0x7fffffff, 0xa48}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000001e80)=[r0, r0], &(0x7f0000001ec0)=[{0x2, 0x4, 0xa, 0x7}], 0x10, 0xffff, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0xffffffffffffff4d, &(0x7f0000000000)='\x00', 0x0}, 0x4c) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYRESOCT], 0x26}}, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00') r4 = socket$inet6(0xa, 0x1, 0x0) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x50, &(0x7f0000000000)={0x0, 0x0}, 0x10) writev(r3, &(0x7f00000002c0)=[{&(0x7f0000000280)='2', 0x1}, {&(0x7f0000000080)='-6', 0x3f}], 0x2) prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffc000/0x4000)=nil) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil) r5 = inotify_init1(0x0) ioctl$INOTIFY_IOC_SETNEXTWD(r5, 0x40044900, 0x4) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000600)=ANY=[@ANYRES16=r1, @ANYRESHEX, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b704000005000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r7, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8a}, 0x50) brk(0x20ffc000) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000001d00)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000001cc0), 0x13f, 0x8}}, 0x20) r8 = socket$inet6_sctp(0xa, 0x1, 0x84) io_setup(0x2, &(0x7f0000000180)=0x0) r10 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r11 = fcntl$dupfd(r10, 0x0, r10) write$tun(r11, &(0x7f0000000280)=ANY=[@ANYRES64=r10], 0x42) read$dsp(r11, 0x0, 0x0) io_submit(r9, 0x2, &(0x7f0000000380)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x6, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x8, r8, &(0x7f0000000300)="caf10e8881f62315dfd671e1bf70015b42c149188f8155116914d126eba7d3565668bc33367a8f075662f0a0c72ec3ee64f952917fac9baaa6a191d8eab98d5a839c01484a22f2955271b44968f6f0cc49609e5b48", 0x55, 0xfffffffffffff001, 0x0, 0x1, r11}]) bind$inet6(r8, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 2.669538306s ago: executing program 1 (id=194): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000eea9eb87eb8780000066bac0000f3066b808008ed0660f38806f008ee0", 0x39}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000100)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = eventfd2(0x44, 0x80001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r3, 0x3, 0x2, r3}) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x6b2e}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x7}]}) r4 = socket$inet6(0xa, 0x80003, 0xff) setsockopt$inet6_int(r4, 0x29, 0x4d, &(0x7f0000fcb000), 0x4) setsockopt$inet6_int(r4, 0x29, 0x16, &(0x7f0000000000)=0x7, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2004cb], 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.469274367s ago: executing program 1 (id=195): r0 = socket$inet6(0xa, 0x3, 0x8000000003c) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_S390_VCPU_FAULT(r1, 0x4004ae52, &(0x7f0000000000)=0xfc9a) (async, rerun: 64) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c) (rerun: 64) write$binfmt_script(r0, 0x0, 0x60) 2.468896433s ago: executing program 3 (id=196): r0 = socket$inet6_sctp(0xa, 0x3674d97b618847f8, 0x84) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x4, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, 0x0, 0x0) 2.468307869s ago: executing program 2 (id=197): openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x20}}, 0x0) setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x7, &(0x7f00000001c0)=0x44, 0x4) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001) r4 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r4, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff810500000200000058000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1) ioctl$KVM_NMI(r2, 0xae9a) r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x50323234, 0x0, 0x0, [{}, {}, {}, {}, {}, {0x0, 0x3}], 0x91, 0xf6, 0x6}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r6 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) write$FUSE_NOTIFY_INVAL_ENTRY(r6, &(0x7f0000000440)=ANY=[@ANYBLOB="22000000030000000000000000000000000000000000000001000000000000005e003ae1a70d1f17e47e8eafec5df56aa16c5b70ad7a886f3840547324616a9078baefcf33e97811a3d344e3504a8ca0e8a26b6f8c04bff125f8e16bec6dc43c6f98398579c1d843f1055f189e644a3fa876bed8bf75"], 0x22) sched_setaffinity(0x0, 0x0, 0x0) r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8) socket$inet(0x2, 0x4000000000000001, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$EXT4_IOC_GROUP_ADD(r6, 0x40246608, &(0x7f0000000500)={0x8, 0x4, 0x9, 0x5, 0x9, 0x2}) sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="64000000020601080000000000000000000a000014000780080012400003000008001140000000000500010006000000050005000a00000005000400000000000900020073797a310000000015000300686173683a69702c706f72742c"], 0x64}}, 0x0) r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0) ioctl$TIOCSETD(r9, 0x5423, &(0x7f0000000040)=0x11) 2.468049394s ago: executing program 3 (id=198): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000001c0)={0x81, 0x8, 0xffff}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x80, 0x2, 0x3}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x202, 0x80000020, 0xedb}) r3 = socket$can_raw(0x1d, 0x3, 0x1) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) sendto$inet6(r5, 0x0, 0x0, 0x4c004, &(0x7f0000002880)={0xa, 0x4e24, 0x11b4, @mcast2}, 0x1c) sendmmsg$inet6(r5, &(0x7f0000000fc0)=[{{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000640)="383cd9cbce39f8c83f86c16cba3abbe0a1cc0ad921451ad90d20c72eb63222a37aae8f91c29a66efc1105e7f0b06d2d7d1f876c12c8b973ed6d1cc7e50c655a261d38303a2a8207b93fdf1c3119793fde070c8b352da2b29dc1881854b3c4e3fee5c11fb47c67ad456420760e853740c170a0a959fb04834d318beb94d0f919978e7735438d039dc81547bd691dc26888535a0af6262f7aee3fcde21e4e51474c1154f91dd642c1523f08a194491fbb33e25fe4f566802650ed77497cef0b0ce59681befc62a0c1e9b5899567715c0824463466d6d948a059962e44407245258ba2e6d02affafb03fcfdcecb5691e97fa7f332a35ff0c8e379a5f91e01302be79027b1f342614b0c616786ee8fc05d1ff275918e487ee241ae9759a500137bb7e63f65ec7969cff76b97e14dd7a7de48e37584ba66da992e3674d3f8a0788c6e72b0a736b8da9c6087090fcd5c0e3aefb88b39c8892becf8760560b16a45cfee5304f4d6c228772200d4fe48be3b4ed570c85f7b09c94210375e7263dc1119bf9aef972f32cbb6d70b427bb3c3fe211353d210eb27a757bc592b268d92c8e3c8632467f93c9a5a0cf90d0f8e0c6480b512e70828c5e2b53ed5d5f4b9f1d84477c209886aa095a77087d93c166797ec3282daf2f8e18d9944b4b9a13bb391b312fea26301ce18952204d4552bcc707112cb10d18df37379961ba957caf4bfaf4c48f0573ef237fb1f1cd0310a39d55f5def3da37e2e8a0f5573a2268ba74afb62f681f4bd02c9f250b3ff01388e59f69d9d651506561dfd901aa56129b8474afec21fc1115a38198fd0047e132cf879fb1dcf374eff81e5f079493d55a70014722b9157080281f42c7f37711aec262670ba5ddd151bdd018542c803b47be1dfc884ff5a22156fb9032095de7e69afe9eab810b0c3bac90a8ca8d8c1cb7919a082e7d6d5b2944822ebba4aef382525c5c3382bd8b9d368c337247b935aca5aa46e1124e350ef3fb60b80dd35dc0c65e45c81cd9f271be8c97b8845928926f931641af62f2bc81a6a1a982f8f3318da1a38489f51c564c6c7791fe2f63a10e0e432271aa1aff11f899c87a5c29c5bef73ed72473fada6f49d0af7916800fae9a4b8c60a2c69a93ba9abad0df99ea168cd40c63dee61518dcf8bb29743085de0b2b0cc0a68c4005120fa8ee871b8baa2c6f2f2f4c22002231c9334ca23804457df0922cfc37aaf4b8e4757ff37cd16052006e8bd20a086e4c2a2c3d8dd722e67dd0cb0204a577febd46d1c2315db5c5929c23d08b9c0fcaf9eef78f48d7ef6f51e5b9a6046699d572a9195b8a61ddab408580e209f5fdd804099f01afb597ef41419c82d029be14b8ac40c23c4519619301536709fed1a3150ed69f34012ee25257f4b19fcd1f3d1bfd5be03f85587470c85372ae257d220d7c346bfbd22fbfba27d5daf988e5fbed3c1872e70039f9196f61a30436791a65d5f727b5eb375a06735f7fab2e0434e6424e333a8d098e61c2793b9030df7427f5d654f48ac2f547acce2293fbc7ae6afd36008c31078cef27ec19e975b387ae73ba3e5b3657869ee0fe24a33b558fe42386466d55c56a3b5ce46c54df104bfa002e97e8bde1811681687dc7a2269783476a2c4106bcb25057a72c527a0747d7bef127e4dcd22a658ebe1ff79a77cd887734621b2fc9c4336c5ddc1fb49812b869c13453680e041bc2212f17550fc8d2c70c82452ef6b288985b7cbf53bb35b56a4b53e51dd112e1577", 0x4e0}], 0x1}}], 0x1, 0x0) sendmsg$netlink(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002b00010a"], 0x114}], 0x1}, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000440)={&(0x7f0000000340)=[0x0, 0x0], &(0x7f0000000380)=[0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0], 0x2, 0x1, 0x7, 0x2}) ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06464ce, &(0x7f0000000480)={r6, 0xbd43cd9c, 0xfffffffd, 0xfffffffb, 0x3, [], [0x1, 0x9, 0x1, 0xffff], [0x400, 0x8, 0x2, 0x101], [0x8, 0x1, 0x7, 0x5]}) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000002c0)={'vxcan1\x00', 0x0}) sendmsg$can_raw(r3, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r7}, 0x10, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "f00000000800"}, 0x10}}, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x43b, 0x7fff, 0x2}) r8 = syz_open_dev$dri(&(0x7f00000008c0), 0xd1f, 0xc4801) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r8, 0xc02064b2, &(0x7f0000000200)={0x10001, 0x401f, 0x3}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r9 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013070000000000000000e0000001000000000000000000000000fc00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000072c42572f64a264410b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbc18c8582fc7800000000000000000000000050019000000000028001a"], 0x120}}, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000280)={0x5, 0x1, 0x971}) r10 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$nfc_llcp(r10, &(0x7f0000000080)={0x27, 0x0, 0x0, 0x2, 0x9, 0x0, "35e16d6b23a53f34206d974d5772913702dd5cef3d32edb403c348232f0085384137e1a055c23f3554f01f5c29a579853ef9278d34442c4e6de614a78d57b3", 0x20}, 0x58) r11 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000b80)='/proc/bus/input/handlers\x00', 0x0, 0x0) preadv(r11, &(0x7f0000000300)=[{&(0x7f0000000000)=""/137, 0x89}], 0x1, 0x4, 0xf5) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000600)={&(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000580), &(0x7f00000005c0), 0x9, 0x5}) read$fb(r11, &(0x7f00000000c0)=""/81, 0x51) close_range(r0, 0xffffffffffffffff, 0x0) 2.467918127s ago: executing program 1 (id=199): timerfd_create(0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000080)=0x7f) r2 = socket(0x10, 0x803, 0x0) r3 = syz_create_resource$binfmt(&(0x7f0000000e40)='./file0\x00') r4 = openat$binfmt(0xffffff9c, r3, 0x41, 0x1ff) write$binfmt_script(r4, &(0x7f0000001140)={'#! ', './file0', [{0x20, '@]!+\x00]!\b\x00\x00\x00\x00\x00\x00\x00[)\\#.'}]}, 0x20) execve(&(0x7f0000001040)='./file0\x00', 0x0, &(0x7f0000000040)={[&(0x7f0000000080)='#! ']}) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x8, &(0x7f0000006680)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) setitimer(0x1, 0x0, 0x0) sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0)) 2.315292557s ago: executing program 3 (id=200): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io$hid(r1, &(0x7f0000001540)={0x14, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220f0000"], 0x0}, 0x0) r2 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0) r3 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0) ioctl$HIDIOCSREPORT(r3, 0x81044804, &(0x7f0000000400)={0x1}) ioctl$HIDIOCGUSAGE(r2, 0x40184810, 0x0) 1.801362719s ago: executing program 2 (id=201): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0) pipe(&(0x7f0000000300)) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x0, &(0x7f0000000280)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r3}}) 1.575511867s ago: executing program 0 (id=202): r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/fib_triestat\x00') read$FUSE(r0, &(0x7f0000000240)={0x2020}, 0x2020) 1.461666219s ago: executing program 0 (id=203): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000eea9eb87eb8780000066bac0000f3066b808008ed0660f38806f008ee0", 0x39}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000100)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = eventfd2(0x44, 0x80001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r3, 0x3, 0x2, r3}) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x6b2e}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x7}]}) r4 = socket$inet6(0xa, 0x80003, 0x3a) setsockopt$inet6_int(r4, 0x29, 0x16, &(0x7f0000fcb000), 0x4) setsockopt$inet6_int(r4, 0x29, 0x16, &(0x7f0000000000)=0x7, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2004cb], 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.461327743s ago: executing program 2 (id=204): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) dup(r0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x4, 0x4, 0x3ec, 0x104, 0x0, 0x104, 0x30c, 0x30c, 0x30c, 0x4, 0x0, {[{{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_to_bridge\x00', 'ip_vti0\x00'}, 0xbc, 0x11c, 0x340, {0x30030000, 0x4}}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x7fff, 'syz0\x00'}}}, {{@uncond, 0xbc, 0x104, 0x0, {0x7800}}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x28, 'syz1\x00'}}}, {{@uncond, 0xbc, 0x104}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x3a, 'syz0\x00'}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x438) syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b7080000000200007b8af0ff00000000bfa100000000000007010000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r1 = socket(0x10, 0x80003, 0x0) pidfd_getfd(0xffffffffffffffff, r1, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, 0x0, 0x0) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, 0x0, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$kcm(0x2, 0x922000000001, 0x106) socket$kcm(0x2, 0x1000000000000002, 0x0) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001400) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0xfffffffc, 0x0, 0x2, 0x2, 0x9, 0x80000001, 0xffffffff}, 0x0) r4 = socket(0x10, 0x3, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000580)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0xd0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}, 0x1, 0x8100000000000000}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r7 = getpid() sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4) openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) 941.466864ms ago: executing program 1 (id=205): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000eea9eb87eb8780000066bac0000f3066b808008ed0660f38806f008ee0", 0x39}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000100)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = eventfd2(0x44, 0x80001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r3, 0x3, 0x2, r3}) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x6b2e}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x7}]}) r4 = socket$inet6(0xa, 0x80003, 0xff) setsockopt$inet6_int(r4, 0x29, 0x16, &(0x7f0000fcb000), 0x4) setsockopt$inet6_int(r4, 0x29, 0x16, &(0x7f0000000000)=0x7, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2004cb], 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 521.740084ms ago: executing program 0 (id=206): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) renameat2(r1, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000001c0)='./file1/../file0\x00', 0x0) chdir(&(0x7f00000003c0)='./bus\x00') r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r2, 0x0, 0x0) (fail_nth: 4) 457.376702ms ago: executing program 0 (id=207): getpid() ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000140)={0x8d, 0x2, 0x1}) openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'}) r3 = syz_io_uring_setup(0x3b, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f0000000100)=0x0) r6 = socket$inet_smc(0x2b, 0x1, 0x0) syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r6, 0x0}) listen(r6, 0x0) io_uring_enter(r3, 0x92, 0x0, 0x0, 0x0, 0x0) socket$nl_rdma(0x10, 0x3, 0x14) r7 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r7, 0x8922, &(0x7f0000000240)={'veth1_vlan\x00', 0xef}) 1.582826ms ago: executing program 2 (id=208): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000001c0)={0x81, 0x8, 0xffff}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x80, 0x2, 0x3}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x202, 0x80000020, 0xedb}) r3 = socket$can_raw(0x1d, 0x3, 0x1) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) sendto$inet6(r5, 0x0, 0x0, 0x4c004, &(0x7f0000002880)={0xa, 0x4e24, 0x11b4, @mcast2}, 0x1c) sendmmsg$inet6(r5, &(0x7f0000000fc0)=[{{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000640)="383cd9cbce39f8c83f86c16cba3abbe0a1cc0ad921451ad90d20c72eb63222a37aae8f91c29a66efc1105e7f0b06d2d7d1f876c12c8b973ed6d1cc7e50c655a261d38303a2a8207b93fdf1c3119793fde070c8b352da2b29dc1881854b3c4e3fee5c11fb47c67ad456420760e853740c170a0a959fb04834d318beb94d0f919978e7735438d039dc81547bd691dc26888535a0af6262f7aee3fcde21e4e51474c1154f91dd642c1523f08a194491fbb33e25fe4f566802650ed77497cef0b0ce59681befc62a0c1e9b5899567715c0824463466d6d948a059962e44407245258ba2e6d02affafb03fcfdcecb5691e97fa7f332a35ff0c8e379a5f91e01302be79027b1f342614b0c616786ee8fc05d1ff275918e487ee241ae9759a500137bb7e63f65ec7969cff76b97e14dd7a7de48e37584ba66da992e3674d3f8a0788c6e72b0a736b8da9c6087090fcd5c0e3aefb88b39c8892becf8760560b16a45cfee5304f4d6c228772200d4fe48be3b4ed570c85f7b09c94210375e7263dc1119bf9aef972f32cbb6d70b427bb3c3fe211353d210eb27a757bc592b268d92c8e3c8632467f93c9a5a0cf90d0f8e0c6480b512e70828c5e2b53ed5d5f4b9f1d84477c209886aa095a77087d93c166797ec3282daf2f8e18d9944b4b9a13bb391b312fea26301ce18952204d4552bcc707112cb10d18df37379961ba957caf4bfaf4c48f0573ef237fb1f1cd0310a39d55f5def3da37e2e8a0f5573a2268ba74afb62f681f4bd02c9f250b3ff01388e59f69d9d651506561dfd901aa56129b8474afec21fc1115a38198fd0047e132cf879fb1dcf374eff81e5f079493d55a70014722b9157080281f42c7f37711aec262670ba5ddd151bdd018542c803b47be1dfc884ff5a22156fb9032095de7e69afe9eab810b0c3bac90a8ca8d8c1cb7919a082e7d6d5b2944822ebba4aef382525c5c3382bd8b9d368c337247b935aca5aa46e1124e350ef3fb60b80dd35dc0c65e45c81cd9f271be8c97b8845928926f931641af62f2bc81a6a1a982f8f3318da1a38489f51c564c6c7791fe2f63a10e0e432271aa1aff11f899c87a5c29c5bef73ed72473fada6f49d0af7916800fae9a4b8c60a2c69a93ba9abad0df99ea168cd40c63dee61518dcf8bb29743085de0b2b0cc0a68c4005120fa8ee871b8baa2c6f2f2f4c22002231c9334ca23804457df0922cfc37aaf4b8e4757ff37cd16052006e8bd20a086e4c2a2c3d8dd722e67dd0cb0204a577febd46d1c2315db5c5929c23d08b9c0fcaf9eef78f48d7ef6f51e5b9a6046699d572a9195b8a61ddab408580e209f5fdd804099f01afb597ef41419c82d029be14b8ac40c23c4519619301536709fed1a3150ed69f34012ee25257f4b19fcd1f3d1bfd5be03f85587470c85372ae257d220d7c346bfbd22fbfba27d5daf988e5fbed3c1872e70039f9196f61a30436791a65d5f727b5eb375a06735f7fab2e0434e6424e333a8d098e61c2793b9030df7427f5d654f48ac2f547acce2293fbc7ae6afd36008c31078cef27ec19e975b387ae73ba3e5b3657869ee0fe24a33b558fe42386466d55c56a3b5ce46c54df104bfa002e97e8bde1811681687dc7a2269783476a2c4106bcb25057a72c527a0747d7bef127e4dcd22a658ebe1ff79a77cd887734621b2fc9c4336c5ddc1fb49812b869c13453680e041bc2212f17550fc8d2c70c82452ef6b288985b7cbf53bb35b56a4b53e51dd112e1577", 0x4e0}], 0x1}}], 0x1, 0x0) sendmsg$netlink(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002b00010a"], 0x114}], 0x1}, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000440)={&(0x7f0000000340)=[0x0, 0x0], &(0x7f0000000380)=[0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0], 0x2, 0x1, 0x7, 0x2}) ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06464ce, &(0x7f0000000480)={r6, 0xbd43cd9c, 0xfffffffd, 0xfffffffb, 0x3, [], [0x1, 0x9, 0x1, 0xffff], [0x400, 0x8, 0x2, 0x101], [0x8, 0x1, 0x7, 0x5]}) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000002c0)={'vxcan1\x00', 0x0}) sendmsg$can_raw(r3, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r7}, 0x10, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "f00000000800"}, 0x10}}, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x43b, 0x7fff, 0x2}) r8 = syz_open_dev$dri(&(0x7f00000008c0), 0xd1f, 0xc4801) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r8, 0xc02064b2, &(0x7f0000000200)={0x10001, 0x401f, 0x3}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r9 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013070000000000000000e0000001000000000000000000000000fc00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000072c42572f64a264410b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbc18c8582fc7800000000000000000000000050019000000000028001a"], 0x120}}, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000280)={0x5, 0x1, 0x971}) r10 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$nfc_llcp(r10, &(0x7f0000000080)={0x27, 0x0, 0x0, 0x2, 0x9, 0x0, "35e16d6b23a53f34206d974d5772913702dd5cef3d32edb403c348232f0085384137e1a055c23f3554f01f5c29a579853ef9278d34442c4e6de614a78d57b3", 0x20}, 0x58) r11 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000b80)='/proc/bus/input/handlers\x00', 0x0, 0x0) preadv(r11, &(0x7f0000000300)=[{&(0x7f0000000000)=""/137, 0x89}], 0x1, 0x4, 0xf5) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000600)={&(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000580), &(0x7f00000005c0), 0x9, 0x5}) read$fb(r11, &(0x7f00000000c0)=""/81, 0x51) close_range(r0, 0xffffffffffffffff, 0x0) 0s ago: executing program 1 (id=209): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101) r1 = dup(r0) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7}) ioctl$sock_netdev_private(r2, 0x8949, &(0x7f0000000000)) (fail_nth: 6) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_submit(0x0, 0x0, 0x0) r3 = socket$inet(0x2, 0x3, 0x1) getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000240)={0x0, @local, @local}, &(0x7f0000000140)=0xc) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0x27}, 0x78, r4}) r5 = socket(0xa, 0x1, 0x0) ioctl(r5, 0x8916, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:47216' (ED25519) to the list of known hosts. [ 34.528341][ T5891] cgroup: Unknown subsys name 'net' [ 34.676612][ T5891] cgroup: Unknown subsys name 'cpuset' [ 34.679882][ T5891] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 35.518897][ T5891] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 37.531985][ T5958] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 37.535007][ T5961] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 37.535210][ T5958] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 37.539889][ T5962] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 37.540372][ T5958] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 37.542181][ T5962] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 37.545686][ T5962] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 37.548687][ T5962] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 37.549344][ T5965] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 37.551157][ T5962] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 37.553347][ T5965] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 37.554401][ T5962] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 37.556833][ T5965] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 37.558591][ T5962] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 37.560672][ T5965] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 37.563178][ T5962] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 37.564855][ T5965] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 37.566087][ T5962] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 37.569148][ T5965] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 37.570549][ T5962] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 37.572444][ T5965] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 37.577199][ T5962] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 37.577472][ T5965] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 37.582375][ T5965] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 37.781074][ T5955] chnl_net:caif_netlink_parms(): no params data found [ 37.821948][ T5956] chnl_net:caif_netlink_parms(): no params data found [ 37.826474][ T5967] chnl_net:caif_netlink_parms(): no params data found [ 37.831195][ T5963] chnl_net:caif_netlink_parms(): no params data found [ 37.888059][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.890877][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.892921][ T5955] bridge_slave_0: entered allmulticast mode [ 37.895102][ T5955] bridge_slave_0: entered promiscuous mode [ 37.951582][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.953481][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.955556][ T5955] bridge_slave_1: entered allmulticast mode [ 37.957717][ T5955] bridge_slave_1: entered promiscuous mode [ 38.048959][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.052352][ T5967] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.055124][ T5967] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.057717][ T5967] bridge_slave_0: entered allmulticast mode [ 38.060633][ T5967] bridge_slave_0: entered promiscuous mode [ 38.078039][ T5956] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.080691][ T5956] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.083335][ T5956] bridge_slave_0: entered allmulticast mode [ 38.086418][ T5956] bridge_slave_0: entered promiscuous mode [ 38.090101][ T5963] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.092661][ T5963] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.095452][ T5963] bridge_slave_0: entered allmulticast mode [ 38.097464][ T5963] bridge_slave_0: entered promiscuous mode [ 38.101712][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.104345][ T5967] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.106175][ T5967] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.108718][ T5967] bridge_slave_1: entered allmulticast mode [ 38.111552][ T5967] bridge_slave_1: entered promiscuous mode [ 38.122311][ T5956] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.124849][ T5956] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.127209][ T5956] bridge_slave_1: entered allmulticast mode [ 38.129320][ T5956] bridge_slave_1: entered promiscuous mode [ 38.139562][ T5963] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.141703][ T5963] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.143635][ T5963] bridge_slave_1: entered allmulticast mode [ 38.145854][ T5963] bridge_slave_1: entered promiscuous mode [ 38.200332][ T5955] team0: Port device team_slave_0 added [ 38.203642][ T5967] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.209404][ T5956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.213530][ T5963] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.217467][ T5955] team0: Port device team_slave_1 added [ 38.220499][ T5967] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.224850][ T5956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.228033][ T5963] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.301113][ T5967] team0: Port device team_slave_0 added [ 38.306106][ T5956] team0: Port device team_slave_0 added [ 38.320480][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.322646][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.331271][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.337757][ T5967] team0: Port device team_slave_1 added [ 38.342041][ T5956] team0: Port device team_slave_1 added [ 38.355620][ T5963] team0: Port device team_slave_0 added [ 38.357949][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.359760][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.365943][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.386612][ T5963] team0: Port device team_slave_1 added [ 38.411220][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.412969][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.419304][ T5956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.423095][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.425186][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.431767][ T5956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.442780][ T5967] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.445581][ T5967] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.451706][ T5967] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.473656][ T5955] hsr_slave_0: entered promiscuous mode [ 38.475685][ T5955] hsr_slave_1: entered promiscuous mode [ 38.478395][ T5963] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.480141][ T5963] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.486298][ T5963] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.489996][ T5967] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.491716][ T5967] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.499962][ T5967] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.515453][ T5963] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.517644][ T5963] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.524173][ T5963] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.556860][ T5967] hsr_slave_0: entered promiscuous mode [ 38.559043][ T5967] hsr_slave_1: entered promiscuous mode [ 38.560837][ T5967] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.562837][ T5967] Cannot create hsr debugfs directory [ 38.575527][ T5956] hsr_slave_0: entered promiscuous mode [ 38.577292][ T5956] hsr_slave_1: entered promiscuous mode [ 38.578896][ T5956] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.580711][ T5956] Cannot create hsr debugfs directory [ 38.635382][ T5963] hsr_slave_0: entered promiscuous mode [ 38.637442][ T5963] hsr_slave_1: entered promiscuous mode [ 38.639411][ T5963] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.641261][ T5963] Cannot create hsr debugfs directory [ 38.816722][ T5967] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 38.824590][ T5967] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 38.828904][ T5967] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 38.833356][ T5967] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 38.854944][ T5955] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 38.864196][ T5955] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 38.867577][ T5955] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 38.872134][ T5955] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 38.885378][ T5956] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 38.889497][ T5956] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 38.903569][ T5956] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 38.906912][ T5956] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 38.940193][ T5963] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 38.945473][ T5963] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 38.948876][ T5963] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 38.951872][ T5963] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 38.984780][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.988673][ T5967] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.006226][ T5967] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.014963][ T1129] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.016985][ T1129] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.020502][ T5955] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.031851][ T1129] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.033838][ T1129] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.042998][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.045409][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.055033][ T5956] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.059162][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.061538][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.093626][ T5955] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 39.096829][ T5955] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 39.101044][ T5956] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.116440][ T1231] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.118888][ T1231] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.124460][ T5963] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.136902][ T1231] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.139523][ T1231] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.161225][ T5963] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.174928][ T1231] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.176940][ T1231] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.186566][ T1138] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.189059][ T1138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.224985][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.266597][ T5967] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.275503][ T5955] veth0_vlan: entered promiscuous mode [ 39.283398][ T5956] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.291114][ T5955] veth1_vlan: entered promiscuous mode [ 39.331327][ T5967] veth0_vlan: entered promiscuous mode [ 39.339572][ T5963] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.342318][ T5956] veth0_vlan: entered promiscuous mode [ 39.345584][ T5955] veth0_macvtap: entered promiscuous mode [ 39.354524][ T5967] veth1_vlan: entered promiscuous mode [ 39.358147][ T5956] veth1_vlan: entered promiscuous mode [ 39.360778][ T5955] veth1_macvtap: entered promiscuous mode [ 39.385678][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.390382][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.398890][ T5967] veth0_macvtap: entered promiscuous mode [ 39.402101][ T5955] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.406353][ T5955] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.409352][ T5955] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.412307][ T5955] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.420063][ T5967] veth1_macvtap: entered promiscuous mode [ 39.427564][ T5963] veth0_vlan: entered promiscuous mode [ 39.431113][ T5956] veth0_macvtap: entered promiscuous mode [ 39.441214][ T5956] veth1_macvtap: entered promiscuous mode [ 39.453327][ T5963] veth1_vlan: entered promiscuous mode [ 39.456434][ T5967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.459844][ T5967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.463059][ T5967] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.469222][ T5967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.471939][ T5967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.475281][ T5967] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.483595][ T5967] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.486342][ T5967] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.488613][ T5967] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.490872][ T5967] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.508232][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.511783][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.515327][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.519099][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.522594][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.530839][ T1231] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.534922][ T1231] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.555714][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.559443][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.562645][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.567285][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.572219][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.587482][ T5956] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.587546][ T1129] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.589792][ T5956] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.591840][ T1129] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.595209][ T5956] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.598805][ T5956] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.603507][ T5963] veth0_macvtap: entered promiscuous mode [ 39.609835][ T1129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.611891][ T1129] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.615287][ T5963] veth1_macvtap: entered promiscuous mode [ 39.635665][ T64] Bluetooth: hci2: command tx timeout [ 39.635672][ T5970] Bluetooth: hci1: command tx timeout [ 39.641738][ T1138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.642654][ T5955] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 39.643918][ T5970] Bluetooth: hci0: command tx timeout [ 39.643980][ T64] Bluetooth: hci3: command tx timeout [ 39.644375][ T1138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.646935][ T5963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.646954][ T5963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.646959][ T5963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.646966][ T5963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.646970][ T5963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.646977][ T5963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.647672][ T5963] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.676404][ T5963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.679444][ T5963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.681945][ T5963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.684978][ T5963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.687520][ T5963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.690375][ T5963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.693825][ T5963] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.696982][ T5963] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.699261][ T5963] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.701609][ T5963] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.704380][ T5963] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.732860][ T1231] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.735458][ T1231] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.761894][ T1231] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.763328][ T6020] random: crng reseeded on system resumption [ 39.764589][ T1231] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.784961][ T6020] loop9: detected capacity change from 0 to 6 [ 39.788520][ T6020] Dev loop9: unable to read RDB block 6 [ 39.790150][ T6020] loop9: unable to read partition table [ 39.791687][ T6020] loop9: partition table beyond EOD, truncated [ 39.793320][ T6020] loop_reread_partitions: partition scan of loop9 (被xڬdƤݡ [ 39.793320][ T6020] ) failed (rc=-5) [ 39.794202][ T1231] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.795299][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 39.804905][ T1231] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.815128][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.818286][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.854966][ T6020] Dev loop9: unable to read RDB block 6 [ 39.856456][ T6020] loop9: unable to read partition table [ 39.857989][ T6020] loop9: partition table beyond EOD, truncated [ 39.859611][ T6020] loop_reread_partitions: partition scan of loop9 (被xڬdƤݡ [ 39.859611][ T6020] ) failed (rc=-5) [ 39.871163][ T6026] process 'syz.1.2' launched './file0' with NULL argv: empty string added [ 40.094393][ T6025] syz.2.3 uses obsolete (PF_INET,SOCK_PACKET) [ 40.166577][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 40.274214][ T6032] syz.3.5 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 40.434063][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 40.437331][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 40.934317][ T0] NOHZ tick-stop error: local softirq work is pending, handler #248!!! [ 40.938446][ T0] NOHZ tick-stop error: local softirq work is pending, handler #248!!! [ 40.941398][ T0] NOHZ tick-stop error: local softirq work is pending, handler #248!!! [ 41.523995][ T829] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 41.673960][ T829] usb 5-1: Using ep0 maxpacket: 8 [ 41.680692][ T829] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 41.686815][ T829] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 41.692520][ T829] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 41.701163][ T829] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 41.709875][ T829] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 41.713952][ T5970] Bluetooth: hci0: command tx timeout [ 41.714050][ T64] Bluetooth: hci3: command tx timeout [ 41.714202][ T5311] Bluetooth: hci1: command tx timeout [ 41.714234][ T5311] Bluetooth: hci2: command tx timeout [ 41.717775][ T829] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 41.886538][ T6053] netlink: 60 bytes leftover after parsing attributes in process `syz.1.10'. [ 42.141429][ T829] usb 5-1: usb_control_msg returned -32 [ 42.143351][ T829] usbtmc 5-1:16.0: can't read capabilities [ 42.159778][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 42.162093][ T829] usb 5-1: USB disconnect, device number 2 [ 42.615537][ T6072] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 42.719318][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 42.724141][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 42.748632][ T6074] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 42.808222][ T6077] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14'. [ 42.999895][ T6084] netlink: 176 bytes leftover after parsing attributes in process `syz.2.16'. [ 43.007217][ T6084] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 43.047421][ T39] audit: type=1326 audit(1732121559.975:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.0.18" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 43.053534][ T39] audit: type=1326 audit(1732121559.975:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.0.18" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 43.059444][ T39] audit: type=1326 audit(1732121559.975:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.0.18" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 43.066219][ T39] audit: type=1326 audit(1732121559.975:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.0.18" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 43.072297][ T39] audit: type=1326 audit(1732121559.975:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.0.18" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 43.072373][ T39] audit: type=1326 audit(1732121559.975:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.0.18" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 43.072390][ T39] audit: type=1326 audit(1732121559.975:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.0.18" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 43.072405][ T39] audit: type=1326 audit(1732121559.975:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.0.18" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 43.072421][ T39] audit: type=1326 audit(1732121559.975:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.0.18" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 43.072435][ T39] audit: type=1326 audit(1732121559.975:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.0.18" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 43.403400][ T6091] netlink: 32 bytes leftover after parsing attributes in process `syz.0.19'. [ 43.411015][ T6091] netlink: 32 bytes leftover after parsing attributes in process `syz.0.19'. [ 43.541943][ T6091] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 43.794199][ T64] Bluetooth: hci0: command tx timeout [ 43.796718][ T64] Bluetooth: hci3: command tx timeout [ 43.798502][ T64] Bluetooth: hci2: command tx timeout [ 43.800158][ T64] Bluetooth: hci1: command tx timeout [ 44.674009][ T1316] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 44.764330][ T6104] netlink: 8 bytes leftover after parsing attributes in process `syz.1.23'. [ 44.845636][ T1316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 44.848522][ T1316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 44.851218][ T1316] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 44.858581][ T1316] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 44.862884][ T1316] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 44.868718][ T1316] usb 5-1: config 0 descriptor?? [ 45.342502][ T1316] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 45.347251][ T1316] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 45.356945][ T1316] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 45.883885][ T5961] Bluetooth: hci1: command tx timeout [ 45.883949][ T64] Bluetooth: hci2: command tx timeout [ 45.883994][ T5311] Bluetooth: hci0: command tx timeout [ 45.884052][ T5970] Bluetooth: hci3: command tx timeout [ 46.158735][ T6122] netlink: 60 bytes leftover after parsing attributes in process `syz.2.26'. [ 46.656262][ T6097] usb 5-1: string descriptor 0 read error: -71 [ 47.341422][ T6142] Zero length message leads to an empty skb [ 47.350381][ T6142] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 47.450690][ T5324] usb 5-1: USB disconnect, device number 3 [ 47.954343][ T64] Bluetooth: hci1: command tx timeout [ 47.954366][ T5961] Bluetooth: hci0: command tx timeout [ 48.065759][ T6153] netlink: 60 bytes leftover after parsing attributes in process `syz.2.33'. [ 48.398097][ T6163] netlink: 8 bytes leftover after parsing attributes in process `syz.3.35'. [ 48.518146][ T6169] netlink: 60 bytes leftover after parsing attributes in process `syz.0.34'. [ 48.853033][ T6182] capability: warning: `syz.2.38' uses deprecated v2 capabilities in a way that may be insecure [ 49.025145][ T1109] sr 2:0:0:0: [sr0] tag#6 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 49.027728][ T1109] sr 2:0:0:0: [sr0] tag#6 Sense Key : Illegal Request [current] [ 49.029744][ T1109] sr 2:0:0:0: [sr0] tag#6 Add. Sense: Invalid command operation code [ 49.031870][ T1109] sr 2:0:0:0: [sr0] tag#6 CDB: Write(10) 2a 00 00 00 00 00 00 00 02 00 [ 49.034260][ T1109] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 49.037189][ T1109] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 50.034933][ T64] Bluetooth: hci0: command tx timeout [ 50.340328][ T6209] netlink: 8 bytes leftover after parsing attributes in process `syz.2.44'. [ 50.726735][ T39] kauditd_printk_skb: 40 callbacks suppressed [ 50.726747][ T39] audit: type=1326 audit(1732121567.655:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6222 comm="syz.3.48" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 50.734698][ T39] audit: type=1326 audit(1732121567.655:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6222 comm="syz.3.48" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 50.740518][ T39] audit: type=1326 audit(1732121567.655:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6222 comm="syz.3.48" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 50.746278][ T39] audit: type=1326 audit(1732121567.655:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6222 comm="syz.3.48" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 50.752202][ T39] audit: type=1326 audit(1732121567.655:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6222 comm="syz.3.48" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 50.759340][ T39] audit: type=1326 audit(1732121567.655:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6222 comm="syz.3.48" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 50.768632][ T39] audit: type=1326 audit(1732121567.665:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6222 comm="syz.3.48" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 50.774626][ T39] audit: type=1326 audit(1732121567.665:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6222 comm="syz.3.48" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 50.780465][ T39] audit: type=1326 audit(1732121567.665:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6222 comm="syz.3.48" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 50.786507][ T39] audit: type=1326 audit(1732121567.665:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6222 comm="syz.3.48" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 50.913798][ T64] Bluetooth: hci3: command tx timeout [ 50.976916][ T6229] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 51.713284][ T6232] netlink: 32 bytes leftover after parsing attributes in process `syz.1.50'. [ 51.716550][ T6232] netlink: 32 bytes leftover after parsing attributes in process `syz.1.50'. [ 52.440728][ T6242] ebtables: wrong size: *len 264, entries_size 144, replsz 144 [ 52.524776][ T1445] IPVS: starting estimator thread 0... [ 52.534767][ T6243] IPVS: rr: TCP 172.20.20.170:0 - no destination available [ 52.591034][ T6247] netlink: 32 bytes leftover after parsing attributes in process `syz.1.54'. [ 52.594194][ T6247] netlink: 32 bytes leftover after parsing attributes in process `syz.1.54'. [ 52.606206][ T6247] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 52.624323][ T6246] IPVS: using max 38 ests per chain, 91200 per kthread [ 52.994500][ T64] Bluetooth: hci3: command tx timeout [ 53.088384][ T6251] netlink: 60 bytes leftover after parsing attributes in process `syz.0.55'. [ 53.982642][ T6270] netlink: 8 bytes leftover after parsing attributes in process `syz.0.58'. [ 54.574332][ T25] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 55.123790][ T6300] netlink: 32 bytes leftover after parsing attributes in process `syz.1.62'. [ 55.127446][ T6300] netlink: 32 bytes leftover after parsing attributes in process `syz.1.62'. [ 56.044278][ T6322] netlink: 32 bytes leftover after parsing attributes in process `syz.1.66'. [ 56.046537][ T6322] netlink: 32 bytes leftover after parsing attributes in process `syz.1.66'. [ 56.766903][ T6335] netlink: 8 bytes leftover after parsing attributes in process `syz.0.69'. [ 57.794549][ T64] Bluetooth: hci1: command tx timeout [ 58.753892][ T64] Bluetooth: hci0: command tx timeout [ 61.657221][ T6357] netlink: 32 bytes leftover after parsing attributes in process `syz.0.70'. [ 61.662773][ T6357] netlink: 32 bytes leftover after parsing attributes in process `syz.0.70'. [ 63.845935][ T1316] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 64.003492][ T1316] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 64.006077][ T1316] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 64.008160][ T1316] usb 8-1: Product: syz [ 64.009256][ T1316] usb 8-1: Manufacturer: syz [ 64.010488][ T1316] usb 8-1: SerialNumber: syz [ 64.027584][ T1316] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 64.058364][ T1316] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 64.378642][ T1487] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 64.678287][ T8] usb 8-1: USB disconnect, device number 2 [ 64.963822][ T1445] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 65.317629][ T1316] usb 8-1: Service connection timeout for: 256 [ 65.319296][ T1316] ath9k_htc 8-1:1.0: ath9k_htc: Unable to initialize HTC services [ 65.322496][ T1316] ath9k_htc: Failed to initialize the device [ 65.324844][ T8] usb 8-1: ath9k_htc: USB layer deinitialized [ 65.326736][ T1445] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 65.329694][ T1445] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 65.332166][ T1445] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 65.336150][ T1445] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 65.338697][ T1445] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.342036][ T1445] usb 6-1: config 0 descriptor?? [ 65.754741][ T1445] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 65.764563][ T1445] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 65.770108][ T1445] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 67.749298][ T62] usb 6-1: USB disconnect, device number 2 [ 67.954011][ T64] Bluetooth: hci2: command tx timeout [ 70.678134][ T1408] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.680611][ T1408] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.540252][ T39] kauditd_printk_skb: 17 callbacks suppressed [ 72.540282][ T39] audit: type=1326 audit(1732121589.465:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.1.95" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 72.558510][ T39] audit: type=1326 audit(1732121589.465:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.1.95" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 72.572809][ T39] audit: type=1326 audit(1732121589.475:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.1.95" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 72.581774][ T39] audit: type=1326 audit(1732121589.475:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.1.95" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 72.600656][ T39] audit: type=1326 audit(1732121589.475:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.1.95" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 72.606973][ T39] audit: type=1326 audit(1732121589.475:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.1.95" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 72.616115][ T39] audit: type=1326 audit(1732121589.475:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.1.95" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 72.621805][ T39] audit: type=1326 audit(1732121589.475:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.1.95" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 72.628923][ T39] audit: type=1326 audit(1732121589.475:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.1.95" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 72.643638][ T39] audit: type=1326 audit(1732121589.475:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.1.95" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 72.983825][ T5324] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 73.145289][ T5324] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 73.148735][ T5324] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 73.151847][ T5324] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 73.156662][ T5324] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 73.159647][ T5324] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.164095][ T5324] usb 6-1: config 0 descriptor?? [ 73.590498][ T5324] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 73.593362][ T5324] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving [ 73.597872][ T5324] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 73.900540][ T1487] usb 6-1: USB disconnect, device number 3 [ 74.121915][ T6496] netlink: 32 bytes leftover after parsing attributes in process `syz.3.101'. [ 74.125467][ T6496] netlink: 32 bytes leftover after parsing attributes in process `syz.3.101'. [ 75.208031][ T6512] netlink: 32 bytes leftover after parsing attributes in process `syz.2.106'. [ 75.210649][ T6512] netlink: 32 bytes leftover after parsing attributes in process `syz.2.106'. [ 75.856721][ T9] cfg80211: failed to load regulatory.db [ 76.468120][ T6528] netlink: 176 bytes leftover after parsing attributes in process `syz.0.111'. [ 77.153885][ T64] Bluetooth: hci0: command tx timeout [ 77.829672][ C0] Unknown status report in ack skb [ 78.369334][ T6556] netlink: 4 bytes leftover after parsing attributes in process `syz.0.119'. [ 78.376685][ T6556] netlink: 4 bytes leftover after parsing attributes in process `syz.0.119'. [ 78.631796][ T6559] netlink: 60 bytes leftover after parsing attributes in process `syz.1.120'. [ 78.796799][ T6583] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 78.914573][ T6592] FAULT_INJECTION: forcing a failure. [ 78.914573][ T6592] name failslab, interval 1, probability 0, space 0, times 1 [ 78.918120][ T6592] CPU: 1 UID: 0 PID: 6592 Comm: syz.0.129 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 78.920765][ T6592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 78.923549][ T6592] Call Trace: [ 78.924451][ T6592] [ 78.925353][ T6592] dump_stack_lvl+0x16c/0x1f0 [ 78.926623][ T6592] should_fail_ex+0x497/0x5b0 [ 78.927864][ T6592] ? fs_reclaim_acquire+0xae/0x150 [ 78.929214][ T6592] should_failslab+0xc2/0x120 [ 78.930462][ T6592] __kmalloc_noprof+0xcb/0x410 [ 78.931733][ T6592] ? lockdep_hardirqs_on+0x7c/0x110 [ 78.933114][ T6592] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 78.935147][ T6592] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 78.936598][ T6592] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 78.938210][ T6592] ? bpf_lsm_capable+0x9/0x10 [ 78.939460][ T6592] ? security_capable+0x7e/0x260 [ 78.940777][ T6592] ? ns_capable+0xd7/0x110 [ 78.941973][ T6592] genl_rcv_msg+0x565/0x800 [ 78.943181][ T6592] ? __pfx_genl_rcv_msg+0x10/0x10 [ 78.944519][ T6592] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 78.945947][ T6592] ? __pfx_nl80211_set_cqm+0x10/0x10 [ 78.947335][ T6592] ? __pfx_nl80211_post_doit+0x10/0x10 [ 78.948780][ T6592] netlink_rcv_skb+0x165/0x410 [ 78.950052][ T6592] ? __pfx_genl_rcv_msg+0x10/0x10 [ 78.951383][ T6592] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 78.952779][ T6592] ? down_read+0xc9/0x330 [ 78.953940][ T6592] ? __pfx_down_read+0x10/0x10 [ 78.955232][ T6592] ? netlink_deliver_tap+0x1ae/0xcf0 [ 78.956635][ T6592] genl_rcv+0x28/0x40 [ 78.957699][ T6592] netlink_unicast+0x53c/0x7f0 [ 78.958998][ T6592] ? __pfx_netlink_unicast+0x10/0x10 [ 78.960394][ T6592] ? __phys_addr_symbol+0x30/0x80 [ 78.961728][ T6592] ? __check_object_size+0x488/0x710 [ 78.963147][ T6592] netlink_sendmsg+0x8b8/0xd70 [ 78.964422][ T6592] ? __pfx_netlink_sendmsg+0x10/0x10 [ 78.965837][ T6592] ____sys_sendmsg+0x9ae/0xb40 [ 78.967120][ T6592] ? __pfx_____sys_sendmsg+0x10/0x10 [ 78.968558][ T6592] ? get_compat_msghdr+0x11b/0x170 [ 78.969929][ T6592] ___sys_sendmsg+0x135/0x1e0 [ 78.971175][ T6592] ? __pfx____sys_sendmsg+0x10/0x10 [ 78.973257][ T6592] ? __pfx_lock_release+0x10/0x10 [ 78.974956][ T6592] ? trace_lock_acquire+0x14a/0x1d0 [ 78.976811][ T6592] ? __fget_files+0x206/0x3a0 [ 78.978555][ T6592] __sys_sendmsg+0x16e/0x220 [ 78.980214][ T6592] ? __pfx___sys_sendmsg+0x10/0x10 [ 78.981877][ T6592] __do_fast_syscall_32+0x73/0x120 [ 78.983608][ T6592] do_fast_syscall_32+0x32/0x80 [ 78.984897][ T6592] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 78.986711][ T6592] RIP: 0023:0xf7f04579 [ 78.987962][ T6592] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 78.992998][ T6592] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 78.995178][ T6592] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200 [ 78.997262][ T6592] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 78.999367][ T6592] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 79.001451][ T6592] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 79.003518][ T6592] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 79.005584][ T6592] [ 79.062464][ T6600] netlink: 40 bytes leftover after parsing attributes in process `syz.0.133'. [ 79.202801][ T6613] netlink: 60 bytes leftover after parsing attributes in process `syz.0.135'. [ 79.600374][ T6643] FAULT_INJECTION: forcing a failure. [ 79.600374][ T6643] name failslab, interval 1, probability 0, space 0, times 0 [ 79.604267][ T6643] CPU: 3 UID: 0 PID: 6643 Comm: syz.1.142 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 79.606944][ T6643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 79.609719][ T6643] Call Trace: [ 79.610617][ T6643] [ 79.611375][ T6643] dump_stack_lvl+0x16c/0x1f0 [ 79.612600][ T6643] should_fail_ex+0x497/0x5b0 [ 79.613807][ T6643] ? fs_reclaim_acquire+0xae/0x150 [ 79.615132][ T6643] should_failslab+0xc2/0x120 [ 79.616347][ T6643] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 79.617752][ T6643] ? security_inode_alloc+0x3b/0x2b0 [ 79.619149][ T6643] security_inode_alloc+0x3b/0x2b0 [ 79.620499][ T6643] inode_init_always_gfp+0xce4/0x1030 [ 79.621906][ T6643] alloc_inode+0x82/0x230 [ 79.623061][ T6643] new_inode+0x22/0x210 [ 79.624157][ T6643] proc_get_inode+0x1d/0x7d0 [ 79.625506][ T6643] proc_lookup_de+0x13e/0x220 [ 79.626789][ T6643] proc_tgid_net_lookup+0x75/0x120 [ 79.628038][ T6643] lookup_one_qstr_excl+0x11d/0x190 [ 79.629310][ T6643] ? mnt_want_write+0x161/0x450 [ 79.630603][ T6643] filename_create+0x1ed/0x530 [ 79.631847][ T6643] ? __pfx_filename_create+0x10/0x10 [ 79.633227][ T6643] ? __pfx_lock_release+0x10/0x10 [ 79.633954][ T64] Bluetooth: hci3: command tx timeout [ 79.634571][ T6643] ? trace_lock_acquire+0x14a/0x1d0 [ 79.637792][ T6643] ? lock_acquire+0x2f/0xb0 [ 79.639006][ T6643] ? __might_fault+0xe3/0x190 [ 79.640248][ T6643] do_mknodat+0x18e/0x5d0 [ 79.641391][ T6643] ? __pfx_do_mknodat+0x10/0x10 [ 79.642691][ T6643] ? getname_flags.part.0+0x1c5/0x550 [ 79.644099][ T6643] ? __pfx_ksys_write+0x10/0x10 [ 79.645390][ T6643] __ia32_sys_mknodat+0xaa/0xe0 [ 79.646692][ T6643] __do_fast_syscall_32+0x73/0x120 [ 79.648040][ T6643] do_fast_syscall_32+0x32/0x80 [ 79.649319][ T6643] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 79.650839][ T6643] RIP: 0023:0xf7f01579 [ 79.651872][ T6643] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 79.656696][ T6643] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000129 [ 79.658872][ T6643] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000040 [ 79.660936][ T6643] RDX: 00000000b1cd2fdb RSI: 0000000000000103 RDI: 0000000000000000 [ 79.662984][ T6643] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 79.663790][ T5998] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 79.665012][ T6643] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 79.665021][ T6643] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 79.665035][ T6643] [ 79.715462][ T6645] AppArmor: change_hat: Invalid input '*' [ 79.730225][ T6647] input: syz0 as /devices/virtual/input/input5 [ 79.802948][ T6657] FAULT_INJECTION: forcing a failure. [ 79.802948][ T6657] name failslab, interval 1, probability 0, space 0, times 0 [ 79.806276][ T6657] CPU: 3 UID: 0 PID: 6657 Comm: syz.0.147 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 79.808667][ T6657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 79.811166][ T6657] Call Trace: [ 79.811954][ T6657] [ 79.812658][ T6657] dump_stack_lvl+0x16c/0x1f0 [ 79.813822][ T6657] should_fail_ex+0x497/0x5b0 [ 79.814943][ T6657] ? fs_reclaim_acquire+0xae/0x150 [ 79.816149][ T6657] should_failslab+0xc2/0x120 [ 79.817278][ T6657] __kmalloc_node_noprof+0xd1/0x440 [ 79.818670][ T6657] ? __vmalloc_node_range_noprof+0x3d8/0x15a0 [ 79.820126][ T6657] __vmalloc_node_range_noprof+0x3d8/0x15a0 [ 79.821539][ T6657] ? kvm_dev_ioctl+0x151/0x1ab0 [ 79.822731][ T6657] ? do_raw_spin_lock+0x12d/0x2c0 [ 79.823993][ T6657] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 79.824513][ T5998] usb 8-1: Using ep0 maxpacket: 32 [ 79.825479][ T6657] ? __pfx_snprintf+0x10/0x10 [ 79.825500][ T6657] ? _raw_spin_unlock+0x28/0x50 [ 79.829089][ T5998] usb 8-1: config index 0 descriptor too short (expected 156, got 27) [ 79.829203][ T6657] ? alloc_fd+0x41f/0x760 [ 79.831346][ T5998] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 79.832366][ T6657] ? kvm_dev_ioctl+0x151/0x1ab0 [ 79.835298][ T5998] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 79.836346][ T6657] __vmalloc_noprof+0x6d/0x90 [ 79.839344][ T5998] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 79.840439][ T6657] ? kvm_dev_ioctl+0x151/0x1ab0 [ 79.843938][ T5998] usb 8-1: config 0 interface 0 has no altsetting 0 [ 79.845096][ T6657] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 79.848077][ T6657] kvm_dev_ioctl+0x151/0x1ab0 [ 79.848358][ T5998] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 79.849197][ T6657] ? __pfx_lock_release+0x10/0x10 [ 79.851650][ T5998] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 79.852735][ T6657] ? trace_lock_acquire+0x14a/0x1d0 [ 79.855230][ T5998] usb 8-1: Product: syz [ 79.856490][ T6657] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 79.857587][ T5998] usb 8-1: Manufacturer: syz [ 79.858788][ T6657] ? __fget_files+0x206/0x3a0 [ 79.859994][ T5998] usb 8-1: SerialNumber: syz [ 79.861085][ T6657] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 79.863641][ T6657] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 79.864901][ T6657] __do_fast_syscall_32+0x73/0x120 [ 79.866174][ T6657] do_fast_syscall_32+0x32/0x80 [ 79.867448][ T6657] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 79.868937][ T6657] RIP: 0023:0xf7f04579 [ 79.869906][ T6657] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 79.874436][ T6657] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 79.876422][ T6657] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000ae01 [ 79.878663][ T6657] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 79.880645][ T6657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 79.882513][ T6657] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 79.884374][ T6657] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 79.886392][ T6657] [ 79.889206][ T5998] usb 8-1: config 0 descriptor?? [ 79.890832][ T6657] syz.0.147: vmalloc error: size 40960, failed to allocated page array size 80, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 79.891823][ T5998] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 79.895859][ T6657] CPU: 3 UID: 0 PID: 6657 Comm: syz.0.147 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 79.900231][ T6657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 79.902741][ T6657] Call Trace: [ 79.903535][ T6657] [ 79.904239][ T6657] dump_stack_lvl+0x16c/0x1f0 [ 79.905371][ T6657] warn_alloc+0x24d/0x3a0 [ 79.906406][ T6657] ? __pfx_warn_alloc+0x10/0x10 [ 79.907570][ T6657] ? dump_stack_lvl+0x197/0x1f0 [ 79.908749][ T6657] ? dump_stack_lvl+0x1a1/0x1f0 [ 79.909956][ T6657] ? should_fail_ex+0x2de/0x5b0 [ 79.911114][ T6657] ? rcu_is_watching+0x12/0xc0 [ 79.912263][ T6657] ? trace_kmalloc+0x2d/0xe0 [ 79.913358][ T6657] ? __kmalloc_node_noprof+0x22f/0x440 [ 79.914661][ T6657] __vmalloc_node_range_noprof+0x114a/0x15a0 [ 79.915960][ T5998] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 79.916073][ T6657] ? kvm_dev_ioctl+0x151/0x1ab0 [ 79.919378][ T6657] ? do_raw_spin_lock+0x12d/0x2c0 [ 79.920578][ T6657] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 79.922069][ T6657] ? __pfx_snprintf+0x10/0x10 [ 79.923195][ T6657] ? _raw_spin_unlock+0x28/0x50 [ 79.924353][ T6657] ? alloc_fd+0x41f/0x760 [ 79.925931][ T6657] ? kvm_dev_ioctl+0x151/0x1ab0 [ 79.925951][ T6657] __vmalloc_noprof+0x6d/0x90 [ 79.928480][ T6657] ? kvm_dev_ioctl+0x151/0x1ab0 [ 79.929645][ T6657] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 79.930930][ T6657] kvm_dev_ioctl+0x151/0x1ab0 [ 79.932156][ T6657] ? __pfx_lock_release+0x10/0x10 [ 79.933346][ T6657] ? trace_lock_acquire+0x14a/0x1d0 [ 79.934586][ T6657] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 79.935802][ T6657] ? __fget_files+0x206/0x3a0 [ 79.936933][ T6657] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 79.938153][ T6657] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 79.939414][ T6657] __do_fast_syscall_32+0x73/0x120 [ 79.940656][ T6657] do_fast_syscall_32+0x32/0x80 [ 79.941853][ T6657] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 79.943342][ T6657] RIP: 0023:0xf7f04579 [ 79.944306][ T6657] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 79.948790][ T6657] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 79.950753][ T6657] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000ae01 [ 79.952598][ T6657] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 79.954446][ T6657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 79.956280][ T6657] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 79.958137][ T6657] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 79.959974][ T6657] [ 79.961492][ T6657] Mem-Info: [ 79.962615][ T6657] active_anon:10712 inactive_anon:0 isolated_anon:0 [ 79.962615][ T6657] active_file:1405 inactive_file:38091 isolated_file:0 [ 79.962615][ T6657] unevictable:768 dirty:165 writeback:0 [ 79.962615][ T6657] slab_reclaimable:9852 slab_unreclaimable:54106 [ 79.962615][ T6657] mapped:29982 shmem:7205 pagetables:666 [ 79.962615][ T6657] sec_pagetables:306 bounce:0 [ 79.962615][ T6657] kernel_misc_reclaimable:0 [ 79.962615][ T6657] free:65489 free_pcp:1895 free_cma:0 [ 79.974407][ T6657] Node 0 active_anon:2756kB inactive_anon:0kB active_file:0kB inactive_file:14320kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:6088kB dirty:0kB writeback:0kB shmem:2364kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9360kB pagetables:548kB sec_pagetables:1152kB all_unreclaimable? yes [ 79.982672][ T6657] Node 1 active_anon:36092kB inactive_anon:0kB active_file:5620kB inactive_file:138044kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:101040kB dirty:660kB writeback:0kB shmem:22556kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2616kB pagetables:2116kB sec_pagetables:72kB all_unreclaimable? no [ 79.991042][ T6657] Node 0 DMA free:2940kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:148kB inactive_anon:0kB active_file:0kB inactive_file:2580kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:436kB local_pcp:148kB free_cma:0kB [ 79.998738][ T6657] lowmem_reserve[]: 0 273 0 0 0 [ 80.000368][ T6657] Node 0 DMA32 free:26948kB boost:8192kB min:22096kB low:25572kB high:29048kB reserved_highatomic:4096KB active_anon:2608kB inactive_anon:0kB active_file:0kB inactive_file:11740kB unevictable:1536kB writepending:0kB present:1032196kB managed:306296kB mlocked:0kB bounce:0kB free_pcp:2900kB local_pcp:112kB free_cma:0kB [ 80.008437][ T6657] lowmem_reserve[]: 0 0 0 0 0 [ 80.010813][ T6657] Node 1 DMA32 free:232744kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:28592kB inactive_anon:0kB active_file:5620kB inactive_file:138044kB unevictable:1536kB writepending:636kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:15028kB local_pcp:1148kB free_cma:0kB [ 80.031589][ T6657] lowmem_reserve[]: 0 0 0 0 0 [ 80.033190][ T6657] Node 0 DMA: 1*4kB (U) 29*8kB (U) 57*16kB (U) 56*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2940kB [ 80.038056][ T6657] Node 0 DMA32: 614*4kB (UEH) 280*8kB (UMEH) 65*16kB (UMEH) 243*32kB (UMEH) 69*64kB (UME) 18*128kB (UME) 8*256kB (UME) 5*512kB (UE) 2*1024kB (UM) 0*2048kB 0*4096kB = 26888kB [ 80.043005][ T6657] Node 1 DMA32: 0*4kB 47*8kB (UE) 46*16kB (UME) 97*32kB (UE) 116*64kB (UE) 90*128kB (UME) 40*256kB (UME) 17*512kB (ME) 7*1024kB (ME) 3*2048kB (UME) 43*4096kB (M) = 231544kB [ 80.049561][ T6657] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 80.052127][ T6657] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 80.054810][ T6657] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 80.057514][ T6657] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 80.059982][ T6657] 43874 total pagecache pages [ 80.061305][ T6657] 0 pages in swap cache [ 80.062575][ T6657] Free swap = 124204kB [ 80.063957][ T6657] Total swap = 124996kB [ 80.065117][ T6657] 524155 pages RAM [ 80.066248][ T6657] 0 pages HighMem/MovableOnly [ 80.067832][ T6657] 206678 pages reserved [ 80.069328][ T6657] 0 pages cma reserved [ 80.086697][ T6674] loop9: detected capacity change from 0 to 6 [ 80.088506][ T6674] Dev loop9: unable to read RDB block 6 [ 80.089846][ T6674] loop9: unable to read partition table [ 80.091668][ T6674] loop9: partition table beyond EOD, truncated [ 80.093207][ T6674] loop_reread_partitions: partition scan of loop9 (被xڬdƤݡ [ 80.093207][ T6674] ) failed (rc=-5) [ 80.152202][ T6678] usb 8-1: USB disconnect, device number 3 [ 80.154226][ T6674] Dev loop9: unable to read RDB block 6 [ 80.155592][ T6674] loop9: unable to read partition table [ 80.157000][ T6674] loop9: partition table beyond EOD, truncated [ 80.159072][ T6674] loop_reread_partitions: partition scan of loop9 (被xڬdƤݡ [ 80.159072][ T6674] ) failed (rc=-5) [ 80.170486][ T6681] FAULT_INJECTION: forcing a failure. [ 80.170486][ T6681] name failslab, interval 1, probability 0, space 0, times 0 [ 80.175520][ T6681] CPU: 2 UID: 0 PID: 6681 Comm: syz.0.149 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 80.178285][ T6681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.181070][ T6681] Call Trace: [ 80.181979][ T6681] [ 80.182770][ T6681] dump_stack_lvl+0x16c/0x1f0 [ 80.184012][ T6681] should_fail_ex+0x497/0x5b0 [ 80.185244][ T6681] ? fs_reclaim_acquire+0xae/0x150 [ 80.186589][ T6681] should_failslab+0xc2/0x120 [ 80.187842][ T6681] kmem_cache_alloc_lru_noprof+0x72/0x2f0 [ 80.189334][ T6681] ? __d_alloc+0x35/0x8c0 [ 80.190497][ T6681] ? map_id_up+0x290/0x370 [ 80.191675][ T6681] __d_alloc+0x35/0x8c0 [ 80.192784][ T6681] d_alloc+0x4a/0x1e0 [ 80.193846][ T6681] d_alloc_parallel+0xe9/0x12b0 [ 80.195145][ T6681] ? bpf_lsm_capable+0x9/0x10 [ 80.196391][ T6681] ? __pfx_d_alloc_parallel+0x10/0x10 [ 80.197801][ T6681] ? lockdep_init_map_type+0x16d/0x7d0 [ 80.199256][ T6681] ? lock_acquire.part.0+0x11b/0x380 [ 80.200661][ T6681] ? lockdep_init_map_type+0x16d/0x7d0 [ 80.202108][ T6681] __lookup_slow+0x194/0x460 [ 80.203313][ T6681] ? __pfx___lookup_slow+0x10/0x10 [ 80.204634][ T6681] ? walk_component+0x342/0x5b0 [ 80.205894][ T6681] ? lookup_fast+0x155/0x540 [ 80.207124][ T6681] walk_component+0x350/0x5b0 [ 80.208343][ T6681] path_lookupat+0x17f/0x770 [ 80.209543][ T6681] filename_lookup+0x221/0x5f0 [ 80.210803][ T6681] ? __pfx_filename_lookup+0x10/0x10 [ 80.212163][ T6681] ? lock_acquire+0x2f/0xb0 [ 80.213341][ T6681] ? __might_fault+0xe3/0x190 [ 80.214570][ T6681] ? __might_fault+0xe3/0x190 [ 80.215790][ T6681] filename_setxattr+0x9e/0x1d0 [ 80.217092][ T6681] ? __pfx_filename_setxattr+0x10/0x10 [ 80.218552][ T6681] ? getname_flags.part.0+0x1c5/0x550 [ 80.219943][ T6681] path_setxattrat+0x1e0/0x290 [ 80.221160][ T6681] ? __pfx_path_setxattrat+0x10/0x10 [ 80.222531][ T6681] ? fput+0x67/0x440 [ 80.223561][ T6681] ? ksys_write+0x1ba/0x250 [ 80.224735][ T6681] ? __pfx_ksys_write+0x10/0x10 [ 80.225980][ T6681] __ia32_sys_setxattr+0xc4/0x140 [ 80.227219][ T6681] ? lockdep_hardirqs_on+0x7c/0x110 [ 80.228553][ T6681] __do_fast_syscall_32+0x73/0x120 [ 80.229932][ T6681] do_fast_syscall_32+0x32/0x80 [ 80.231210][ T6681] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.232880][ T6681] RIP: 0023:0xf7f04579 [ 80.233970][ T6681] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 80.238624][ T6681] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 00000000000000e2 [ 80.240767][ T6681] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 00000000200001c0 [ 80.242795][ T6681] RDX: 0000000020000280 RSI: 0000000000000024 RDI: 0000000000000001 [ 80.244829][ T6681] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 80.246889][ T6681] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 80.248958][ T6681] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 80.251055][ T6681] [ 80.254117][ T6679] ldusb 8-1:0.0: Couldn't submit HID_REQ_SET_REPORT -19 [ 80.256334][ T6678] ldusb 8-1:0.0: LD USB Device #0 now disconnected [ 80.296905][ T39] kauditd_printk_skb: 89 callbacks suppressed [ 80.296914][ T39] audit: type=1326 audit(1732121598.217:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.0.150" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 80.304393][ T39] audit: type=1326 audit(1732121598.227:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.0.150" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 80.310013][ T39] audit: type=1326 audit(1732121598.227:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.0.150" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 80.316729][ T39] audit: type=1326 audit(1732121598.227:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.0.150" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 80.322288][ T39] audit: type=1326 audit(1732121598.227:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.0.150" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 80.329729][ T39] audit: type=1326 audit(1732121598.227:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.0.150" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 80.335576][ T39] audit: type=1326 audit(1732121598.227:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.0.150" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 80.341093][ T39] audit: type=1326 audit(1732121598.227:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.0.150" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 80.346643][ T39] audit: type=1326 audit(1732121598.227:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.0.150" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 80.352101][ T39] audit: type=1326 audit(1732121598.227:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.0.150" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 80.702618][ T6704] netlink: get zone limit has 4 unknown bytes [ 81.129747][ T6723] netlink: 32 bytes leftover after parsing attributes in process `syz.1.157'. [ 81.132463][ T6723] netlink: 32 bytes leftover after parsing attributes in process `syz.1.157'. [ 81.393753][ T6726] netlink: 176 bytes leftover after parsing attributes in process `syz.3.158'. [ 81.793975][ T5324] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 81.796233][ T5324] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 81.799080][ T64] Bluetooth: hci0: command 0x0c1a tx timeout [ 81.836274][ T6736] netlink: 8 bytes leftover after parsing attributes in process `syz.2.160'. [ 81.981798][ T6741] FAULT_INJECTION: forcing a failure. [ 81.981798][ T6741] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 81.985414][ T6741] CPU: 3 UID: 0 PID: 6741 Comm: syz.2.162 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 81.988126][ T6741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.990940][ T6741] Call Trace: [ 81.991827][ T6741] [ 81.992623][ T6741] dump_stack_lvl+0x16c/0x1f0 [ 81.993925][ T6741] should_fail_ex+0x497/0x5b0 [ 81.995288][ T6741] _copy_from_user+0x2e/0xd0 [ 81.996619][ T6741] bpf_prog_load+0x1bdd/0x2670 [ 81.997946][ T6741] ? __pfx_bpf_prog_load+0x10/0x10 [ 81.999310][ T6741] ? find_held_lock+0x2d/0x110 [ 82.000585][ T6741] ? __might_fault+0x13b/0x190 [ 82.001868][ T6741] ? __might_fault+0xe3/0x190 [ 82.003141][ T6741] __sys_bpf+0x4c8c/0x5780 [ 82.004350][ T6741] ? __pfx_lock_release+0x10/0x10 [ 82.005684][ T6741] ? __pfx___sys_bpf+0x10/0x10 [ 82.006975][ T6741] ? vfs_write+0x306/0x1150 [ 82.008200][ T6741] ? __mutex_unlock_slowpath+0x164/0x690 [ 82.009684][ T6741] ? fput+0x67/0x440 [ 82.010752][ T6741] ? ksys_write+0x1ba/0x250 [ 82.011968][ T6741] ? __pfx_ksys_write+0x10/0x10 [ 82.013297][ T6741] __ia32_sys_bpf+0x76/0xe0 [ 82.014553][ T6741] __do_fast_syscall_32+0x73/0x120 [ 82.015916][ T6741] do_fast_syscall_32+0x32/0x80 [ 82.017217][ T6741] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 82.018886][ T6741] RIP: 0023:0xf7fe8579 [ 82.019990][ T6741] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 82.025044][ T6741] RSP: 002b:00000000f516655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 82.027240][ T6741] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200000c0 [ 82.029336][ T6741] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000 [ 82.031439][ T6741] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 82.033497][ T6741] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 82.035567][ T6741] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 82.037657][ T6741] [ 83.287540][ T62] IPVS: starting estimator thread 0... [ 83.383869][ T6770] IPVS: using max 38 ests per chain, 91200 per kthread [ 83.439250][ T6773] netlink: 8 bytes leftover after parsing attributes in process `syz.0.170'. [ 83.555377][ T6778] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 83.873849][ T5324] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 83.873902][ T64] Bluetooth: hci1: command 0x0c1a tx timeout [ 83.875348][ T5324] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 84.619723][ T6807] netlink: 8 bytes leftover after parsing attributes in process `syz.3.179'. [ 85.333250][ T6819] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 85.336827][ T6824] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 85.358580][ T6819] kvm: pic: level sensitive irq not supported [ 85.362886][ T6819] kvm: pic: level sensitive irq not supported [ 85.367809][ T6819] kvm: pic: level sensitive irq not supported [ 85.371225][ T6819] kvm: pic: level sensitive irq not supported [ 85.371981][ T6824] kvm: pic: level sensitive irq not supported [ 85.373575][ T6819] kvm: pic: level sensitive irq not supported [ 85.376507][ T6824] kvm: pic: level sensitive irq not supported [ 85.377617][ T6819] kvm: pic: level sensitive irq not supported [ 85.380280][ T6824] kvm: pic: level sensitive irq not supported [ 85.381517][ T6819] kvm: pic: level sensitive irq not supported [ 85.824248][ T6831] vivid-007: disconnect [ 85.952474][ T6832] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 85.963819][ T64] Bluetooth: hci2: command 0x0c1a tx timeout [ 85.964027][ T5324] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 85.967724][ T5324] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 86.115393][ T64] Bluetooth: hci3: command tx timeout [ 86.529951][ T6830] vivid-007: reconnect [ 86.645942][ T6837] input: syz0 as /devices/virtual/input/input6 [ 86.653913][ T1487] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 86.654161][ T39] kauditd_printk_skb: 116 callbacks suppressed [ 86.654170][ T39] audit: type=1326 audit(1732121604.577:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6836 comm="syz.2.187" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 86.664663][ T39] audit: type=1326 audit(1732121604.577:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6836 comm="syz.2.187" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 86.670247][ T39] audit: type=1326 audit(1732121604.577:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6836 comm="syz.2.187" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 86.677073][ T39] audit: type=1326 audit(1732121604.577:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6836 comm="syz.2.187" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 86.687316][ T39] audit: type=1326 audit(1732121604.577:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6836 comm="syz.2.187" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 86.692871][ T39] audit: type=1326 audit(1732121604.587:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6836 comm="syz.2.187" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 86.698685][ T39] audit: type=1326 audit(1732121604.587:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6836 comm="syz.2.187" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 86.704334][ T39] audit: type=1326 audit(1732121604.587:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6836 comm="syz.2.187" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 86.710117][ T39] audit: type=1326 audit(1732121604.587:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6836 comm="syz.2.187" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 86.715840][ T39] audit: type=1326 audit(1732121604.587:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6836 comm="syz.2.187" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 86.789197][ T6839] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 86.815327][ T1487] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 86.815919][ T6842] netlink: 8 bytes leftover after parsing attributes in process `syz.2.189'. [ 86.818185][ T1487] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 86.818199][ T1487] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 86.818218][ T1487] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 86.818229][ T1487] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.821072][ T1487] usb 5-1: config 0 descriptor?? [ 87.272116][ T1487] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 87.274417][ T1487] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 87.276376][ T1487] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 87.278512][ T1487] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 87.280432][ T1487] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 87.282392][ T1487] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 87.284416][ T1487] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 87.286355][ T1487] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 87.288467][ T1487] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 87.290458][ T1487] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 87.292391][ T1487] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 87.294664][ T1487] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving [ 87.299939][ T1487] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 88.113956][ T5324] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 88.116277][ T5324] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 88.286716][ T6874] netlink: 8 bytes leftover after parsing attributes in process `syz.3.198'. [ 88.343129][ T6879] can0: slcan on ttyS3. [ 88.574443][ T6834] usb 5-1: string descriptor 0 read error: -2 [ 88.764527][ T6870] can0 (unregistered): slcan off ttyS3. [ 89.258884][ T6903] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 89.373241][ T56] usb 5-1: USB disconnect, device number 4 [ 89.783366][ T6912] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 90.164758][ T6916] FAULT_INJECTION: forcing a failure. [ 90.164758][ T6916] name failslab, interval 1, probability 0, space 0, times 0 [ 90.168751][ T6916] CPU: 2 UID: 0 PID: 6916 Comm: syz.0.206 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 90.171479][ T6916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.174257][ T6916] Call Trace: [ 90.175171][ T6916] [ 90.175990][ T6916] dump_stack_lvl+0x16c/0x1f0 [ 90.177422][ T6916] should_fail_ex+0x497/0x5b0 [ 90.178751][ T6916] ? fs_reclaim_acquire+0xae/0x150 [ 90.180221][ T6916] should_failslab+0xc2/0x120 [ 90.181744][ T6916] __kmalloc_noprof+0xcb/0x410 [ 90.183069][ T6916] tomoyo_realpath_from_path+0xbf/0x710 [ 90.184554][ T6916] tomoyo_check_open_permission+0x2ad/0x3c0 [ 90.186137][ T6916] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 90.187848][ T6916] ? __pfx___lock_acquire+0x10/0x10 [ 90.189245][ T6916] ? __pfx_hook_file_open+0x10/0x10 [ 90.190642][ T6916] ? path_get+0x61/0x80 [ 90.191773][ T6916] tomoyo_file_open+0x6b/0x90 [ 90.193043][ T6916] security_file_open+0x64c/0x9d0 [ 90.194606][ T6916] do_dentry_open+0x57c/0x1530 [ 90.195894][ T6916] vfs_open+0x82/0x3f0 [ 90.197050][ T6916] dentry_open+0x71/0xd0 [ 90.198197][ T6916] ovl_path_open+0x198/0x1f0 [ 90.199446][ T6916] ovl_dir_read_merged+0x185/0x5d0 [ 90.200800][ T6916] ? __pfx_ovl_dir_read_merged+0x10/0x10 [ 90.202291][ T6916] ? __pfx_ovl_fill_merge+0x10/0x10 [ 90.203680][ T6916] ? kasan_save_track+0x14/0x30 [ 90.204979][ T6916] ovl_iterate+0x865/0xe40 [ 90.206212][ T6916] ? down_read_killable+0xcc/0x380 [ 90.207739][ T6916] ? __pfx_down_read_killable+0x10/0x10 [ 90.209194][ T6916] ? __pfx_ovl_iterate+0x10/0x10 [ 90.210526][ T6916] wrap_directory_iterator+0x9f/0xe0 [ 90.211916][ T6916] iterate_dir+0x52f/0xb40 [ 90.213101][ T6916] __ia32_compat_sys_getdents+0x148/0x2c0 [ 90.214607][ T6916] ? __pfx___ia32_compat_sys_getdents+0x10/0x10 [ 90.216262][ T6916] ? __pfx_compat_filldir+0x10/0x10 [ 90.217804][ T6916] __do_fast_syscall_32+0x73/0x120 [ 90.219177][ T6916] do_fast_syscall_32+0x32/0x80 [ 90.220467][ T6916] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 90.222135][ T6916] RIP: 0023:0xf7f04579 [ 90.223214][ T6916] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 90.228435][ T6916] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 000000000000008d [ 90.230616][ T6916] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000000 [ 90.232671][ T6916] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 90.234742][ T6916] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 90.236867][ T6916] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 90.238963][ T6916] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 90.241047][ T6916] [ 90.243351][ T6916] ERROR: Out of memory at tomoyo_realpath_from_path. [ 90.364057][ T6912] pic_ioport_write: 4226 callbacks suppressed [ 90.364070][ T6912] kvm: pic: level sensitive irq not supported [ 90.366350][ T6912] kvm: pic: level sensitive irq not supported [ 90.368619][ T6912] kvm: pic: level sensitive irq not supported [ 90.370752][ T6912] kvm: pic: level sensitive irq not supported [ 90.373350][ T6912] kvm: pic: level sensitive irq not supported [ 90.375860][ T6912] kvm: pic: level sensitive irq not supported [ 90.378117][ T6912] kvm: pic: level sensitive irq not supported [ 90.380472][ T6912] kvm: pic: level sensitive irq not supported [ 90.382678][ T6912] kvm: pic: level sensitive irq not supported [ 90.385056][ T6912] kvm: pic: level sensitive irq not supported [ 90.700925][ T6922] netlink: 8 bytes leftover after parsing attributes in process `syz.2.208'. [ 90.817433][ T6928] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 90.844225][ T1487] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 90.874525][ T111] [ 90.875208][ T111] ====================================================== [ 90.877204][ T111] WARNING: possible circular locking dependency detected [ 90.879033][ T111] 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 Not tainted [ 90.881663][ T111] ------------------------------------------------------ [ 90.884090][ T111] kswapd0/111 is trying to acquire lock: [ 90.885712][ T111] ffff88801edb8a70 (&q->q_usage_counter(io)#68){++++}-{0:0}, at: __submit_bio+0x384/0x540 [ 90.888270][ T111] [ 90.888270][ T111] but task is already holding lock: [ 90.890165][ T111] ffffffff8df492e0 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat+0xcd9/0x18f0 [ 90.892429][ T111] [ 90.892429][ T111] which lock already depends on the new lock. [ 90.892429][ T111] [ 90.895129][ T111] [ 90.895129][ T111] the existing dependency chain (in reverse order) is: [ 90.897432][ T111] [ 90.897432][ T111] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 90.899278][ T111] fs_reclaim_acquire+0x102/0x150 [ 90.900704][ T111] __kmalloc_node_noprof+0xb7/0x440 [ 90.902192][ T111] __kvmalloc_node_noprof+0xad/0x1a0 [ 90.903696][ T111] sbitmap_init_node+0x1ca/0x770 [ 90.905139][ T111] scsi_realloc_sdev_budget_map+0x2c7/0x610 [ 90.906791][ T111] scsi_add_lun+0x11b4/0x1fd0 [ 90.908135][ T111] scsi_probe_and_add_lun+0x4fa/0xda0 [ 90.909624][ T111] __scsi_add_device+0x24b/0x290 [ 90.911045][ T111] ata_scsi_scan_host+0x215/0x780 [ 90.912517][ T111] async_run_entry_fn+0x9c/0x530 [ 90.913945][ T111] process_one_work+0x958/0x1b30 [ 90.915895][ T111] worker_thread+0x6c8/0xf00 [ 90.917896][ T111] kthread+0x2c1/0x3a0 [ 90.919389][ T111] ret_from_fork+0x45/0x80 [ 90.920701][ T111] ret_from_fork_asm+0x1a/0x30 [ 90.922131][ T111] [ 90.922131][ T111] -> #0 (&q->q_usage_counter(io)#68){++++}-{0:0}: [ 90.924487][ T111] __lock_acquire+0x249e/0x3c40 [ 90.925890][ T111] lock_acquire.part.0+0x11b/0x380 [ 90.927336][ T111] blk_mq_submit_bio+0x1fc4/0x24c0 [ 90.928782][ T111] __submit_bio+0x384/0x540 [ 90.930113][ T111] submit_bio_noacct_nocheck+0x6fb/0xd70 [ 90.931695][ T111] submit_bio_noacct+0x93a/0x1e10 [ 90.933154][ T111] __swap_writepage+0x3a3/0xf50 [ 90.934788][ T111] swap_writepage+0x403/0x1040 [ 90.936702][ T111] pageout+0x3b2/0xaa0 [ 90.938341][ T111] shrink_folio_list+0x3025/0x42d0 [ 90.940389][ T111] evict_folios+0x6d6/0x1970 [ 90.942260][ T111] try_to_shrink_lruvec+0x612/0x9b0 [ 90.944251][ T111] shrink_one+0x3e3/0x7b0 [ 90.946040][ T111] shrink_node+0xbbc/0x3ed0 [ 90.947598][ T111] balance_pgdat+0xc1f/0x18f0 [ 90.948934][ T111] kswapd+0x5ea/0xbf0 [ 90.950120][ T111] kthread+0x2c1/0x3a0 [ 90.951549][ T111] ret_from_fork+0x45/0x80 [ 90.952820][ T111] ret_from_fork_asm+0x1a/0x30 [ 90.954175][ T111] [ 90.954175][ T111] other info that might help us debug this: [ 90.954175][ T111] [ 90.956762][ T111] Possible unsafe locking scenario: [ 90.956762][ T111] [ 90.958655][ T111] CPU0 CPU1 [ 90.960026][ T111] ---- ---- [ 90.961391][ T111] lock(fs_reclaim); [ 90.962375][ T111] lock(&q->q_usage_counter(io)#68); [ 90.964457][ T111] lock(fs_reclaim); [ 90.966751][ T111] rlock(&q->q_usage_counter(io)#68); [ 90.968622][ T111] [ 90.968622][ T111] *** DEADLOCK *** [ 90.968622][ T111] [ 90.971350][ T111] 1 lock held by kswapd0/111: [ 90.972927][ T111] #0: ffffffff8df492e0 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat+0xcd9/0x18f0 [ 90.975756][ T111] [ 90.975756][ T111] stack backtrace: [ 90.977300][ T111] CPU: 1 UID: 0 PID: 111 Comm: kswapd0 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 90.979842][ T111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.982575][ T111] Call Trace: [ 90.983430][ T111] [ 90.984299][ T111] dump_stack_lvl+0x116/0x1f0 [ 90.985981][ T111] print_circular_bug+0x41c/0x610 [ 90.987621][ T111] check_noncircular+0x31a/0x400 [ 90.988901][ T111] ? __pfx_check_noncircular+0x10/0x10 [ 90.990315][ T111] ? hlock_class+0x4e/0x130 [ 90.991495][ T111] ? mark_lock+0xb5/0xc60 [ 90.992623][ T111] ? __pfx___lock_acquire+0x10/0x10 [ 90.993991][ T111] ? lockdep_lock+0xc6/0x200 [ 90.995593][ T111] ? __pfx_lockdep_lock+0x10/0x10 [ 90.997011][ T111] ? __pfx_usage_accumulate+0x10/0x10 [ 90.998435][ T111] __lock_acquire+0x249e/0x3c40 [ 90.999698][ T111] ? __pfx___lock_acquire+0x10/0x10 [ 91.001043][ T111] ? hlock_class+0x4e/0x130 [ 91.002229][ T111] ? mark_lock+0xb5/0xc60 [ 91.003307][ T111] lock_acquire.part.0+0x11b/0x380 [ 91.004909][ T111] ? __submit_bio+0x384/0x540 [ 91.006645][ T111] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 91.008184][ T111] ? rcu_is_watching+0x12/0xc0 [ 91.009432][ T111] ? trace_lock_acquire+0x14a/0x1d0 [ 91.010794][ T111] ? __submit_bio+0x384/0x540 [ 91.012020][ T111] ? lock_acquire+0x2f/0xb0 [ 91.013205][ T111] ? __submit_bio+0x384/0x540 [ 91.014605][ T111] blk_mq_submit_bio+0x1fc4/0x24c0 [ 91.015938][ T111] ? __submit_bio+0x384/0x540 [ 91.017183][ T111] ? __pfx_blk_mq_submit_bio+0x10/0x10 [ 91.018664][ T111] ? __pfx_mark_lock+0x10/0x10 [ 91.019909][ T111] ? __pfx___lock_acquire+0x10/0x10 [ 91.021250][ T111] __submit_bio+0x384/0x540 [ 91.022441][ T111] ? __pfx___submit_bio+0x10/0x10 [ 91.023754][ T111] ? trace_lock_acquire+0x14a/0x1d0 [ 91.025572][ T111] ? ktime_get+0x206/0x300 [ 91.027101][ T111] ? lockdep_hardirqs_on+0x7c/0x110 [ 91.028476][ T111] ? submit_bio_noacct_nocheck+0x6fb/0xd70 [ 91.030000][ T111] submit_bio_noacct_nocheck+0x6fb/0xd70 [ 91.031443][ T111] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 91.033028][ T111] ? __pfx___might_resched+0x10/0x10 [ 91.034430][ T111] ? __pfx___folio_start_writeback+0x10/0x10 [ 91.036272][ T111] submit_bio_noacct+0x93a/0x1e10 [ 91.037576][ T111] __swap_writepage+0x3a3/0xf50 [ 91.038896][ T111] swap_writepage+0x403/0x1040 [ 91.040137][ T111] ? folio_clear_dirty_for_io+0x112/0x800 [ 91.041600][ T111] pageout+0x3b2/0xaa0 [ 91.042671][ T111] ? __pfx_pageout+0x10/0x10 [ 91.043867][ T111] ? __pfx_try_to_unmap_one+0x10/0x10 [ 91.045771][ T111] ? __pfx_folio_not_mapped+0x10/0x10 [ 91.047474][ T111] ? __pfx_folio_lock_anon_vma_read+0x10/0x10 [ 91.049065][ T111] ? folio_mark_dirty+0xd8/0x150 [ 91.050350][ T111] shrink_folio_list+0x3025/0x42d0 [ 91.051677][ T111] ? __pfx_shrink_folio_list+0x10/0x10 [ 91.053280][ T111] ? isolate_folios+0x1c4b/0x35f0 [ 91.054659][ T111] ? hlock_class+0x4e/0x130 [ 91.055843][ T111] ? mark_lock+0xb5/0xc60 [ 91.056991][ T111] ? mark_held_locks+0x9f/0xe0 [ 91.058288][ T111] evict_folios+0x6d6/0x1970 [ 91.059498][ T111] ? __pfx_evict_folios+0x10/0x10 [ 91.060803][ T111] ? __pfx___might_resched+0x10/0x10 [ 91.062173][ T111] try_to_shrink_lruvec+0x612/0x9b0 [ 91.063519][ T111] ? find_held_lock+0x2d/0x110 [ 91.065041][ T111] ? __pfx_try_to_shrink_lruvec+0x10/0x10 [ 91.066969][ T111] ? shrink_node+0xb9c/0x3ed0 [ 91.068128][ T111] shrink_one+0x3e3/0x7b0 [ 91.069276][ T111] ? shrink_node+0xb9c/0x3ed0 [ 91.070503][ T111] shrink_node+0xbbc/0x3ed0 [ 91.071690][ T111] ? shrink_node+0x90a/0x3ed0 [ 91.072913][ T111] ? __pfx_shrink_node+0x10/0x10 [ 91.074294][ T111] ? percpu_ref_put_many.constprop.0+0x1b/0x150 [ 91.075966][ T111] ? balance_pgdat+0xc1f/0x18f0 [ 91.077241][ T111] balance_pgdat+0xc1f/0x18f0 [ 91.078519][ T111] ? __pfx_balance_pgdat+0x10/0x10 [ 91.079885][ T111] ? __pfx___lock_acquire+0x10/0x10 [ 91.081254][ T111] ? __pfx_debug_object_free+0x10/0x10 [ 91.082679][ T111] ? lock_acquire.part.0+0x11b/0x380 [ 91.084092][ T111] ? __pfx___might_resched+0x10/0x10 [ 91.086018][ T111] kswapd+0x5ea/0xbf0 [ 91.087486][ T111] ? __pfx_kswapd+0x10/0x10 [ 91.089159][ T111] ? __pfx_autoremove_wake_function+0x10/0x10 [ 91.091402][ T111] ? lockdep_hardirqs_on+0x7c/0x110 [ 91.093297][ T111] ? __kthread_parkme+0x148/0x220 [ 91.094908][ T111] ? __pfx_kswapd+0x10/0x10 [ 91.096114][ T111] kthread+0x2c1/0x3a0 [ 91.097218][ T111] ? _raw_spin_unlock_irq+0x23/0x50 [ 91.098627][ T111] ? __pfx_kthread+0x10/0x10 [ 91.099883][ T111] ret_from_fork+0x45/0x80 [ 91.101090][ T111] ? __pfx_kthread+0x10/0x10 [ 91.102363][ T111] ret_from_fork_asm+0x1a/0x30 [ 91.103747][ T111] [ 91.135248][ T6944] netlink: 56 bytes leftover after parsing attributes in process `syz.1.212'. [ 91.155673][ T1487] kernel write not supported for file /snd/seq (pid: 1487 comm: kworker/2:2) [ 91.533823][ T8] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 91.713768][ T8] usb 6-1: Using ep0 maxpacket: 32 [ 91.716638][ T8] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 91.719375][ T8] usb 6-1: config 0 has no interfaces? [ 91.722161][ T8] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 91.724752][ T8] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 91.726929][ T8] usb 6-1: Product: syz [ 91.728077][ T8] usb 6-1: Manufacturer: syz [ 91.729391][ T8] usb 6-1: SerialNumber: syz [ 91.731401][ T8] usb 6-1: config 0 descriptor?? [ 91.935284][ T8] usb 6-1: USB disconnect, device number 4 VM DIAGNOSIS: 16:53:27 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000812 RBX=ffff88806d3a5000 RCX=ffffc9000cc43000 RDX=0000000000080000 RSI=ffffffff8125b0b5 RDI=0000000000000001 RBP=00000000000001ff RSP=ffffc90002df7998 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=ffff88806d3a5038 R13=0000000000000001 R14=ffff88806d3a5298 R15=ffff88806d3a5000 RIP=ffffffff8125b0bd RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=0000000000e7c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000051000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff85062780 RDI=ffffffff9a65aae0 RBP=ffffffff9a65aaa0 RSP=ffffc90001f862d8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=732d302e32312e36 R12=0000000000000000 R13=0000000000000020 R14=fffffbfff34cb5ae R15=dffffc0000000000 RIP=ffffffff850627a7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fd967a07ff8 CR3=000000004c8b0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000051000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000002582e4 RBX=0000000000000002 RCX=ffffffff8b177d19 RDX=ffffed10056c7026 RSI=ffffffff8bb15ca0 RDI=ffffffff81642a69 RBP=ffffed1003774000 RSP=ffffc90000487e08 R8 =0000000000000000 R9 =ffffed10056c7025 R10=ffff88802b63812b R11=0000000000000001 R12=0000000000000002 R13=ffff88801bba0000 R14=ffffffff901d8d90 R15=0000000000000000 RIP=ffffffff8b1790ff RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005644a44ec950 CR3=0000000029642000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000010 RCX=0000000000000000 RDX=0000000000000000 RSI=00005644a44fc3da RDI=00005644a44fde30 RBP=0000000000000001 RSP=00007ffdf89158b0 R8 =00005644a44fde20 R9 =3c00000000001001 R10=0000000000000000 R11=0000000000000007 R12=00005644a44fae98 R13=00005644a44fde18 R14=0000000000000000 R15=0000000000000000 RIP=00007f60884b9d9d RFL=00000246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA] SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f6088237500 ffffffff 00c00000 GS =0000 0000000000000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005644a44ee048 CR3=0000000025a56000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002000000 Opmask01=000000000000001c Opmask02=000000000000001f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a002075676f0087 868a898482818388 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000005d ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a002075676f0087 868a898482818388 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6666666666666666 6666666666666666 6666666666666666 6666666666666666 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 828183883a3d007e 7d7c605d5c5b3f3e 3d3c3b3a2d2a2928 2726242221200a09 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 828183883a3d0018 1b1a063b3a3d3f3e 3d3c3b3a2d2a2928 2726242221200a09 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000