last executing test programs: 12.241931861s ago: executing program 3 (id=413): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) socket$inet6(0xa, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = accept4$inet(0xffffffffffffffff, 0x0, 0x0, 0x80000) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000140)={{{@in6=@mcast2, @in=@multicast2}}, {{@in6=@mcast2}, 0x0, @in6=@dev}}, &(0x7f0000000100)=0xfdc2) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r2, 0x40085112, &(0x7f0000000080)=@n={0x3, 0x9, @generic=0x45, 0x8}) openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0) pipe2$9p(0x0, 0x0) r3 = dup(0xffffffffffffffff) write$FUSE_BMAP(r3, 0x0, 0x0) write$FUSE_INIT(r3, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21, 0xfffffffe, 0x400030, 0x81}}, 0x50) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_emit_ethernet(0x6f, &(0x7f00000006c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa000000000000080045000061000000000006907800000000e000000100000000004d9078a1ff628fa288257c560b22b080ba8efeef416a30d916f140ea7ce64e1d31851f9389cb67233cce"], 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000000)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) ioctl$RTC_RD_TIME(r3, 0x80247009, &(0x7f00000002c0)) r7 = dup(r6) ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4400ae8f, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 10.266223796s ago: executing program 3 (id=421): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x50}, 0x9c) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000000)=0x29, 0x4) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000000340)='X', 0x1, 0x4004000, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @mcast1, 0xfffffffe}, 0x1c) r1 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') r2 = socket(0x10, 0x80002, 0x4) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, 0x0) sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB='\fE\x00', @ANYBLOB="9516bc632f8310557febca439db76aa4557214f9d6a50c2a5a5ece88b2322cf6ee5e44d05499343824ab8964d25b83610450dde8940819634bc8a16efc1bb9053e76c13e66398156103011e9cb938ca87692951fbe1f277cf1eb419e548d74801ca03cff30ae683f3b28188e51e7da808477184d", @ANYBLOB], 0x1c}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newtaction={0x14, 0x13, 0x53b}, 0x14}}, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.state\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000100)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r5, 0x0) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$AUTOFS_IOC_CATATONIC(r6, 0x800443d2, 0x20000000) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r1) r7 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC_PROXY(r7, 0x0, 0xd2, &(0x7f0000000000)={@remote, @multicast1, 0x0, "d30f388c52647612d91de4353d68b0fa00"}, 0x3c) setsockopt$MRT_ADD_MFC(r7, 0x0, 0xcc, &(0x7f0000000280)={@remote, @multicast1, 0x2000, "7ea97ddb2ac127ffa5b7216fe75ebaa2855a422a8bf8ec7caf003751804500"}, 0x3c) setsockopt$MRT_ADD_MFC(r7, 0x0, 0xcc, &(0x7f0000000200)={@empty, @private, 0x0, "606b177019716ea6ac38f5bd6e0630e369c7b35d21ff1f4d7ed79c31e2b0f1da"}, 0x3c) r8 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC(r8, 0x0, 0xcc, &(0x7f0000000180)={@private, @multicast2, 0x0, "941621a61c5815f4678d8fd4a8e14b0447113c694d1fd55708018620fd419884"}, 0x3c) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x1, 0x4}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) 10.132590528s ago: executing program 3 (id=422): socket$nl_route(0x10, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000002340)={&(0x7f0000002180), 0xc, &(0x7f0000002300)={0x0, 0x108}, 0x1, 0x0, 0x0, 0x4008000}, 0x4801) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00000000c0)={0x7, 0x0, 0x0, 0x0, 0x0, "4102000000ff000000000006bbff0f00"}) syz_open_pts(0xffffffffffffffff, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f0000001500), 0x0) ioctl$KVM_CAP_HYPERV_SYNIC(0xffffffffffffffff, 0x4068aea3, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r3 = socket$unix(0x1, 0x5, 0x0) r4 = dup2(r3, r2) close_range(r4, 0xffffffffffffffff, 0x0) io_uring_setup(0x500d, &(0x7f0000000440)={0x0, 0x1, 0x0, 0x0, 0x8}) r5 = memfd_secret(0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b863d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91f0eb18e21dfdab3c84ec11377fbbfd1e00"/773], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={r6, r5, 0x2f, 0x4608, @void}, 0x10) read$eventfd(0xffffffffffffffff, &(0x7f0000000080), 0x51) 6.561989912s ago: executing program 3 (id=444): r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000000940)=[{{&(0x7f00000004c0)={0xa, 0x4e1d, 0x30, @mcast2}, 0x1c, 0x0}}, {{&(0x7f00000007c0)={0xa, 0x4e24, 0x0, @mcast1, 0x10001}, 0x1c, 0x0, 0x0, &(0x7f0000000980)=[@dontfrag={{0x10, 0x29, 0x3e, 0xfff}}], 0x10}}], 0x2, 0x0) 6.473556362s ago: executing program 3 (id=445): syz_emit_ethernet(0x6e, &(0x7f0000000440)={@local, @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "a24b9f", 0x38, 0x2b, 0x0, @remote, @local, {[@routing={0x0, 0x2, 0x2, 0x1, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}]}, @srh={0x3a}], {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}}, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x381, 0x0) writev(r0, &(0x7f0000001640)=[{&(0x7f0000000200)="4e9ec680df69864bc6cc487c127bd43fd2058755103c50beda99f640f0c9c292abd372b16fe4fa0ce7f1b67706ad5c7402fed9c2fb998d423900f6c88383895db4bc5fa94052f7abc9b1aa882a073549f2d3053e0d43ef0ae13df79466dde1d1f21b3321b678b2fc9f0b04da0be7da375967eea5d379a9bbbd46bed3587fce2b6d34c6ccf63820940abe3bf2d5e85c8ce1b0c52249b6e1156e2543e9b8ac7b4099323740525772affa48b897391d87676d119e36675ee91a275f8833333bfd2b78dec48c6b0de053643dadbdfec55664a18460cbb2a929aa4783553b7bb1628ef693bea8deef6cdeed6882e27d6a1a11193fe47166715b4eb0b33ee832bfd0e30368ad4c836da659d45cc4536dec68fddeef407fe352e2d9e3a560b6ee0daa3a2186f0b8544e0a354884067cf4ece269fdd11a3b202ab74277c9407c8a916916651d60f3a1bb22da38102e31b30513f2b1a0d4285b89d58a293772d7556975a073b92b0948a940d8e9f52f443ea3569f12c6d0415f061d629f3700bf20b367db40a38170f71fbcb88de56bc6b53383203d7549201fd39ba93e99064f1fde642a4f2ca6203a2a4bca6c4002677602e799579d99fb7cabe8308e2070a652157836150c1339c99cb468c32ac876a0e888407db2a6230475e88d0dcc0e738707ebec1f2104d6d65be61f1934465dee18af50ea895b429a9ea1af10590f32062ad0df8dddcbb8e1b120f63024b194e00f5f60a31439d323557e936d1ad42defa60211d0abada0896d8cac5fa472da7ab46d2e335d04b8a85b5823608ebecf9e4eb41bad3b4b2550f1fbc5010b156b6fef5a274d9697c0476a624018958992ea490e61917720b391e2d59b5772b484522aa848a6fb0f3c4699681a72df35200d00360273857740265a12055355ae076c7c2869d919667d098461f5b883aeee4a3e9037dc9c1e8a73177f655be9223056542757fe556ab46329352c0864d4694558d4d9b58abf50732fa7883b93fa7c8e2d4dd19e03b1e6b2725871ae82fd20f66f14f574447e9c5b2409f34c49bfe45be494cc9de4434e8cb77054445c1dff0a6958488321caad9a0c4e9bf7c8f0494f8d923ef02b143316cbcc4855b858e5d0de3bd83f68a1a4e104a8e3d11ad8d3f3460ba39530765f4ab318d42fb4dfee8cdd4363c2f206e2a81539468be2713c3ab860cd5a92acb197ab40ab793ff3472b3fd35e90fbe21a2eedc3379cdde9f77e5247ec51d2f6040673bbb841b728a292fd65cace97b3638a50cfb19e785b2a0cef6a34d48dc1976bde9c89ce94d13998d6928d87390d07392c5f9905e7b562f45d3042d8b1c57a1349a1a99ccdc0779accf59b112a5eb35da3021e2137a8120d9cf7e79f86cc1e56919146bf3c531a2ff5088d752073a9056f2be5571a48b2547a8f516abe659e70f6cd488c5298dec2c00ee4f843047e79d882dd9447c49402f103b0e61d1d4758833dddbb676f435ec7c4a74a0465ded0cb338f721e2ff8cd581eb88ae58ba51aca91b6afe08e60dbdf332ac59a074cba31d231087612cd063c2d2ded1d34a08049c449a09b1577660a98edab264a8e63b8a170d02ad4d4578aa07772c9cf066fac813151710bd99e81631797fe72807192201a5cb392a357ff2b9928d24f5cbfe3742f3f5d48fa79c00b176f1fb3118866a49d95e4004128f3fee0231efa55729c6d772e8f7a9fab02bec1baf965575ce9e4f81b515213a242149b962066a54cc6be74fe5758b613439e6b6d17c6f3786896e59c6e43c096575fe2a7db9e7d2d6665e469060892f1e5b26cee8948d8b5f05b2832ae83ee33ea170d3963f768a8ae048a4268b009ecd6cbb83aa56d9176000b7971b6e3fd70ac9963abfcea1850283de2126f3f2667e14d93fc0982e6c924bdddff6ec4ea446fabd00f08e894042b85168d26751c365f84b04fb7cacfadcfe4bc1290e46505f9498918bf5a61592f00f7282910a4b39262dfdf136eb10a188f524c2a45fe1fa924f9470d5dbd338a6750cf3ca21e809a63ee8b2eb4f771f82aff12b19982b3d98e65a91bd14abdc8111edd882b2b81fc518edc0639294336d30a551887f9f2f2ee1094b0fd6bca17a226af44f3e410080de2324984f0f61c775dec598264a67d7773f82eae31d115f265796ea7dc9729e5e71cb5e2d7a98cff6bcc1e68fdf022278a1db4035c21569af8f6f2261dbb288629379816550caacc26c2ea7bbea5e4bd6a3e07c3c4220747cbb5c4d013f379390e831fa5ef877c0e95fc5b2294a0f733b85261a7f3dd976c4a30974d87aa5353a4141387616c8709195e51ba770e3a0f6bce6dfe2352ebaca02381d4432dcaa1938d7e9d2a2d8cbf72165821ddfcd24bedc56bb8887c9cce3f32db8a20dd53d4ea934f5a18ee05bb70c6e209a85aaec8500cbfcf35413642ca9a2728008d4bc6398cf4aa34025f38e249b15d83b52173c458ac0da9d5c467257b60f1257a5609860e06316ffeeb32feda42e84be43ca135b582a543d46a4bb7ba3454fb25b195e693ac40379775b387", 0x708}], 0x1) syz_init_net_socket$netrom(0x6, 0x5, 0x18) 6.404327836s ago: executing program 3 (id=447): r0 = fcntl$getown(0xffffffffffffffff, 0x9) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$PPPIOCSFLAGS1(0xffffffffffffffff, 0x40047459, &(0x7f0000000280)=0x100000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) read$alg(r4, &(0x7f0000000080)=""/16, 0x10) recvmmsg(r4, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0) r5 = memfd_create(&(0x7f0000000480)='\xff\x00l\x1e\xa0\x00\x00\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\x04\xcf\x986{E\x913\x99:\x85\xfba\x9c\xc9y\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x03\xe0\xf1\xa0\x15O\xc5\xe8\x96\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8ePH\x19\x00'/315, 0x7) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1046f51d5689e7af, 0x10, r5, 0x0) fcntl$addseals(r5, 0x409, 0xf) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='freezer.self_freezing\x00', 0x275a, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x89f1, &(0x7f00000000c0)={'team0\x00', @remote}) socket(0x22, 0x800, 0x0) r8 = shmget$private(0x0, 0x1000, 0x78000000, &(0x7f0000fff000/0x1000)=nil) shmat(r8, &(0x7f0000ffd000/0x3000)=nil, 0x5000) connect$inet6(r6, &(0x7f0000000100)={0xa, 0x4e21, 0x5, @private2={0xfc, 0x2, '\x00', 0x1}, 0x3ff}, 0x1c) shmctl$IPC_RMID(r8, 0x0) getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000840)={{{@in=@empty, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in6=@remote}}, &(0x7f0000000380)=0xe4) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0, 0x0}, &(0x7f0000000240)=0xc) setresuid(0x0, 0x0, 0x0) shmctl$IPC_SET(r8, 0x1, &(0x7f0000000600)={{0x1, r9, r10, 0x0, 0xee00, 0x7e, 0x3000}, 0x7, 0x7fb8, 0x5, 0x8, 0x0, 0x0, 0x6}) fgetxattr(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="73656375726974792e61656769733132182d67656e6572699862499a11ba56781f9a7c8960b6468175e926c0e50c01f2f7c6615c109a78fcaa7cba71636684b92c1d9061f23741a9fb96499e00"/90], &(0x7f0000000680)=""/134, 0x86) syz_open_procfs(r0, &(0x7f0000000080)='gid_map\x00') 3.412466743s ago: executing program 1 (id=460): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x50}, 0x9c) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000000)=0x29, 0x4) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000000340)='X', 0x1, 0x4004000, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @mcast1, 0xfffffffe}, 0x1c) r1 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') r2 = socket(0x10, 0x80002, 0x4) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, 0x0) sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c00", @ANYRES16=r3, @ANYBLOB='\fE\x00', @ANYBLOB="9516bc632f8310557febca439db76aa4557214f9d6a50c2a5a5ece88b2322cf6ee5e44d05499343824ab8964d25b83610450dde8940819634bc8a16efc1bb9053e76c13e66398156103011e9cb938ca87692951fbe1f277cf1eb419e548d74801ca03cff30ae683f3b28188e51e7da808477184d", @ANYBLOB], 0x1c}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newtaction={0x14, 0x13, 0x53b}, 0x14}}, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.state\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000100)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r5, 0x0) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$AUTOFS_IOC_CATATONIC(r6, 0x800443d2, 0x20000000) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r1) r7 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC_PROXY(r7, 0x0, 0xd2, &(0x7f0000000000)={@remote, @multicast1, 0x0, "d30f388c52647612d91de4353d68b0fa00"}, 0x3c) setsockopt$MRT_ADD_MFC(r7, 0x0, 0xcc, &(0x7f0000000280)={@remote, @multicast1, 0x2000, "7ea97ddb2ac127ffa5b7216fe75ebaa2855a422a8bf8ec7caf003751804500"}, 0x3c) setsockopt$MRT_ADD_MFC(r7, 0x0, 0xcc, &(0x7f0000000200)={@empty, @private, 0x0, "606b177019716ea6ac38f5bd6e0630e369c7b35d21ff1f4d7ed79c31e2b0f1da"}, 0x3c) r8 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC(r8, 0x0, 0xcc, &(0x7f0000000180)={@private, @multicast2, 0x0, "941621a61c5815f4678d8fd4a8e14b0447113c694d1fd55708018620fd419884"}, 0x3c) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x1, 0x4}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) 3.330802279s ago: executing program 1 (id=462): r0 = getpid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000002200)=ANY=[@ANYRESOCT=r0], 0x0, 0x1, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff1e}, 0x90) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000010003f22abb8bfa941360b010000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x49}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x4, 0x7ff, 0x80000001, 0xfffffffe, 0x35b3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe22, 0x0, 0x0, 0x0}, 0x50) bind$alg(0xffffffffffffffff, 0x0, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x40) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) sendfile(r3, r2, 0x0, 0x80009) syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x0) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmallocinfo\x00', 0x0, 0x0) io_setup(0x7, &(0x7f0000000140)=0x0) io_submit(r5, 0x0, &(0x7f0000000a40)) r6 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000001140), 0x20402, 0x0) write$P9_RXATTRCREATE(r6, 0x0, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) read$FUSE(0xffffffffffffffff, &(0x7f0000000180)={0x2020}, 0x2020) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r7 = getpid() process_vm_readv(r7, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, r4, 0x8}, 0x48) io_uring_setup(0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x3a}) 2.251729874s ago: executing program 1 (id=471): r0 = openat$kvm(0xffffff9c, &(0x7f0000000000), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mknodat(0xffffffffffffff9c, &(0x7f00000005c0)='./file5\x00', 0xc000, 0x0) r2 = landlock_create_ruleset(&(0x7f0000000640)={0x840c}, 0x7, 0x0) landlock_restrict_self(r2, 0x0) r3 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) r5 = bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r6 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000040)=[{{&(0x7f0000000480)=@file={0x0, './file1\x00'}, 0x6e, &(0x7f0000001a40)=[{&(0x7f0000000980)="3d96217a84b63f8cb2fdcd9afa6b68901e384930d66b398c3502ac6a8fee93b9efacd9b9a8cdc4d4c5b16648d4f0c72b38a42016e140671bccad6d0a54136bdbf87e31fed61bb8fbb41f07ba50dae29be271e1839cab7dc6caa3c2922ae50722c41b7bd989ec9011a294457fe39775a7d3cf2d29411cc2f2d313a74912bdd242766058a6885ce7d1f4697d47e51538164385fbfbcd99e591dea8fd14f27447d173471714adaf2fe07aab51a2e2864a362c3129ab01564c38fe08d0b6c4483a6f4f2110d819c313303496ad3e16bc6ea1677e6edab7f12facc9e44709afb82367f28b210925d7c5597cfa82681ad74a62b50cea1caeb082f9f7be8cbcd7cfa53cca45a29cb183d81c68da690a716b24da2f957feb335e7224a3ed1b5ab70927b9f78144e427e3429a033b8c19dc361aa1647b4e5a6e7368bb9e89e3900cb395d93a1b52e26d3fb9ae452d827f7d15db02f2e06ed1a7a2ec87beead1601f6f008235fbf9a9fdb7065ace1c4769e99339fae7396480083c58310542aabbeb548bd10c8a9a6e3b04d112a613ba12b2c9f347dd01cc2edd3f0e30d5afb8f516707c74eb19cb49db1f8a01735dbc13e7d80e582674a26c3ba132fb57856159f9cdbf9718cc5ff5cfd3e647e31cf0634c24b469f6313571b3e801a767d86b2f991e4cedfa7f839e044f26edab0d720689505651b81abb4c72899b981fd690a7054a55ffbfec22b8cfb21895181172fe7f2af0ebf9e4f1565aa013287ef901f714e4e089dd46d2976932316b8e07bac41d6290ce3ed1fba580bd95f8bf9df7187fdd103791e45d03f0789118208f5fc3bf3822a4b78abd41296187f4344b26155c00801899145bf287e62e9f858c85cbcc87001fba7f2cd01537443b5c7a86d7577c4c28a6c1f30c4ecd111de26c8a7fabb27fc4762da17baea2209ec0131d0f261ea5ebc60e00a34a963bc34fdc6909d0f80b5ee6cc9c68f559e555a536efe7f8effad374a14e2c58cbb2d5909d0544f06e74926746f5a01292c5ba5b8a6502201f662aca4ed7becd9abaf511e5205145d2349073f67b5137eae00495a921657bd122ca98d02f68fba16a16447179732d50808230e998240f1ceb179de8c83747b99a400d09bd0b196dd148bf2b3818b4828548084c21898999defa50d611697c40c9825960da217c461612f2420512f0c940c5447b000cb3737188d6ad4c36936575ede95a276fc4017defcf9e55978080dab0ad19008e51f90bd18ca0e63cd4f341f7a0ff6353b357d24776e994620e721db0a3f51b6280b789afa7c5fd9733418bbae0c80f0eba675065cc43929b25012198cc34e0a845361ef9ae213c8979d07b415adf769a20fbb3b371ed9fd97a31eae20cd8225668b1fcb8173a58f0997c40811c01b531a5e4a56cce159d18cc1366442c967db5fddcca8fa4cada36c1c1471fa93f3f5770c2ec536251bc093d8929483e3b3c6a0a2e9dc19ba6ca7340ede8994f8fdf67f7f563ce338d4b145cfb229071427b70f41b1439202a5bd237007080c88cea25d9af868a07c2dd9abad391829d14ac4cab18df36e883e90a5c46c900b16734d0becc08899949accb6183506ed2dbb08110d82afce9d0956a7b600ab8f680b069c1826599d94765049f65c17fc89ca4e411495091e46d0113401ea9af9500f80cda11cfaa3e0689bccf55e543449e093970425c85b1f358ef9ca619bbad2727678e74d6a38533ec08117aef36c086af8bd264360f2ef8c4f755c65991a3ffe570247acfdf24a2ba04a21841b6aebd7c63d4c582657fec25c33671ff2d522d3ac74b389f1a6c0ed3ab2fcd1f2dec46a734b05617918a5238b5f8385c9eea8d679536bc042d5ea0ebbbe1b57f4fe04430f1fabdb0be5999906b34c326ecdf4800490bae10261e417ca0a46c91e37643dd2110b9b41c342828586bdd9d2a52cc7da8ed152e24a762f6175bddc8f9e94a8b43eca9e3a6726281f385fbc45e7890e6caefe120e92722e949ed01a91204180a3903a07cb570eab1e24568e71adfa3bd212b285b43d3e97ff2dd80e3ed2a960cac7f4c99a6578a3d1c214543cf9d6c0dce3aee312b23078bd8707656c7d4adb67861994562446c70c1fc5271903524d963e3a4abacf8c25ad2697377fc86bf616528ad2977a42139ed452ed3217ebecc37cb242b4fa812874bc45809cb6133d580fe6a324d3ca9974d7caa0e7a0c62e1c72f630a897e2a2bb3e6e31b69760de3d04732741b68b791843822369c509576d5d69f297ed4f6b15c7e9a0753835cfdfe25d63eb5f0f9783d62eb8b3b23b69a4de4fc0d176ef13265e29525dc658e3788d78ad6caca72d5370443771789c8b1833950781733bd77ddeea88c35a1f300dae5041a411383f4204a5d81719eef3ee4e98a2b84784d856bb5d7ea852f8cef68390b5e44c6bdf4dc39a68095555f66cb7888d533ef03569fa072b315aa4eed1da764ea1bfbb87106397a2e4d48841777fac6331faaaa700f26bdd13a2dd909eaad33358f19fad69bf113220cfd7fcb3b77f757677d2edd09432b7218bf88f73c7927aadc42010223f1de13b7f2889a64f4d40eb78029b1a9c76ce0cf00bcedb32b667338814321817a3f74bf695b7d084a161299be22bc339d79d8e45acdf94a9a5805a96afabae8ce7ec75a80be244937c4f1aac4c4a4a70b81197882caeb4ba4fb8e9869a7a62b9e3f331069cd246d45dbb8356bb62eb7ec8492575cb9b9ab41e90fd1b1c428aba015956b7ea23c0c89f62a38838f24998cdc41f8b57c104e9d9ea660ada0a5f14853013c52ad35dd7d683006a6bdd54fba01a069dfe0a253755c2e489670f6db9b64d12ba59119ddffc84d123de4025e08e38c336553be1a17777ca30a5b8cb5780ed8b1ddeafa34120877097999edb41bd4014da20a2b4b87119daff2bb4aff4e86fa1084cd57312aab52cde4cdd9729a47a6e764a801fbfe3a375323f1eaaefb39fc15f4da20d157d7126cfadc168af4f23cfb7ecbc1a6b5738db6baf70f0162709b56a32705c56fc5a8adbcf2457f41d84a298d563f22b469112d535c1120521afb26da63911bafae840dc2945a8d0ebaa8aa1d4d9d6ba0baf720edfc3a66d92221e3edd38e8f4b6a67e4c86321a746a76818c87ca061e2c7ac1a31fbcd8685181764af50c9f44babb51551df0687876e2f67cb89350c685433fa797bf4d992311929329164dba4ed7462050d4ee5832799721fa66bffe11909619532054dbc8a542b22a337a8a543fcf5f08fc7418c6294083dcd533440714c3dc76d76265a9c6a56ac09d5a4d35d458db2485aeb72029ca45e72ebfe9615c64e8656d413ecc995ef6c7b20fcc2315ae1fd9401116ccd732aeffdc5cd058d672c67d177079d17fe397a4a06389d0ddb0be59800532dd4885bdf9a647eec19a2eaafbe16365e548f3cb227ba33f7c22192560505d88d32e9fce2c817bd8122e60650e315d4cd827911059b55e881b253b542a930d7dfb1077bb1e61d29e85014d1de824bf0250e02e9d7edc5d826d37170ded6a2d9089e90992f9a9b6ef0d9431ebcf80aa4c6ba7f9835eff67ae8208a9eb1a732e15e258976e3eb3da5c4b3bf25262db9eefa199318145cb3f4f50c528df1b9cb9129fe8209a733f2d5464ca3a995968110958e9fe6b573aad19c7077f3fa9cbd3028fb0649374f5d4b0002a5dbfea924f54f442d4235774feac6e427033388b4dcf679fcfb422b9638733fd5643d89497920447e5115e932d8d67c97e0c5548593dc9f65a143a6968e493bbccec62f984fda27e40d2836cc8e293fe687b78831b07e043cf4e5b323b86e2f15458441b300118948ded603996e94938fe1e3676e0ac6097df8dcc7410b5b0f690dad52ab92487b08aaa3b6ac8def90fed0c423018dc86f378f3f16107a423800c5ccf0f7f4f304c46bfdc0b54a1c75e705b31685185f6f659ce6d25b9734e040779beb0d0b047f087749727b88102c98878848d4ff9663315c94b5bd95bca2268488be4051a94062315971283e80fb61f5889c1e087ec4f66b6feb7f12b2cf6bf06eef765062422538db9b2a01387464abe94c8f881ce9b64de9a1773104d045bd3538d571664ba51f9e7ad43b7b7034c6f404cbd6dcb44dbc1f681d724922ba5e4e3c7ae03047f511ab194a69ec8fc86f17201b0b5176cc437f143462a4f08e6ddd8b9c1e7a13f3a96f05afe6eac81112d985521fce85b338db9bd19ffcfbbff6b25a6f0c21c543f843e3ffde19371b4ea6ada5d867d1d6e745073498a6917bad8fda5a5fe158ace9b7fa4a073c63cb57cbd1c88427dd00a733147e376d037c37e9c8eb529bd8816b373cbadd4987958320ccc3edbd0bfbb95e679b64d924fd760ad438fa0d984c09495a8ee4692e12055b2b9748ef39da91ccf5df1817c41a1ded9341e5c3fe5d2b5b66656833b06e1c98a1d0d475ebb808241841efb5f79a8bd8a23b89c1b001cba99c966c3d575d367701caff6fe9554d5291501a871e19ca5d751560647b9a022fc93abae3c115b5fb0c6ca2db36902c6109644b6b926ac7193c156a4f7fb902bbcffffa46cbf3c2f692689397770e36d5053d2225c02d4e9c23fe73644dd7c8220e73a71b93dc854a37ee4bab8767879ed972491ad606e17e3ffd7fff4bdeff1e11965ed88d193236c18bd9641e4c919cdab3b83752a94f987fd2da0e70bbd6abcd8313cafde55f9f57d3b25c19d15e32794716ecb39542d5cc5e0b68c5b69e700af48af5d7f5c29a0c61016944288c1f59d4d01c69f3dff5521f8b4cb4a4d8528140fc8effc9cd3473aca054289a44feb6fd994873270907a6acd4537e62027aa0a1511b4d7f22d4ada1d1ecf30c95806732530f63dbe5f5b7527340d21aafbe7acfd016e814a2667b7d94255be70aedafdc618a4eb284a4715ccee4006f6cc88b0b9dc0d03d5313a8e4325305cca2a3320004ca8c8929fbcb03cede3d96adb1a941b8935a87215367f9da28b109f6314080bdc9d5f22bc1c5181e92a09813a0e9425fd8e3451d01994a4ef6cc8e5e1352743a4f67faf6bdd2df05ed58c8bc974bc19e81486482d5eb9fa05fc2a897727c6c800e8af397b90e64f5779f1114423258614e07013cf07ba4c6dc3fadfca5a5a29b1c7084859cf56c435a162edf8669611034e7c1bfb1bed647684c5bd8ecd1b9ad000a37b2961fc64778d693d280b9934621def748d6ca9369e04e38c06a16047a7619c489f60ca7af6a39fc55ef0f4b9b81226936108dff42ad1a64e6a49e93e79430060135a76040928386427053180f11f86b4a257545d1ba9d099384097bc0955a5c16f64f31a6e255d1753f3a9e3d5b28c2002ac5cb73b7338ae83f01c3c8d7ac24e49668c85e56c2b439bf6cfa647edf8aed372e67f35523cdfa1c0534aef243aa5f5917049acdb0ce492d124dbb064229f0892565767cfc8f9dc1d46ee65eae9701a5d35f03ed368bcaa5e5238714eb0f3dcfa75a0f7cdf26b0edb57b723754e9807bedfba411bb3ecb0d3b047b2835a3ba4627ced061a6a7caba39229862dd375a3e8498e5b7242306a570e483aae569d60a69d122614934c54bc8cf80f9b721cd1535d6fc2f97eca8ca5ea0fa516cdb5f95570e11f393c51cafc4df680575015f8930184bf651f3b668e49b21e65efd3a75e247b4682cc785f96dec6083390273f0d24998501d9f8433255a960e147c30c398211e9aeeeb52dd718daea1370db8b77d380b45d2e249630ed2d9b1eb4f8a5f13fceeb93dcca2e99bcd84b331642f5e93fd4cf4c48f95", 0x1000}, {&(0x7f0000001b40)="f47f3097be073e4958a09953717b2d1718478f415a95b20f25178f6240438a6c24bc8cf444b412aa4146028d0140e6cfea699fae87b5f72dbd0a26a2ed5d0616d103e7c6ecb015f3c7992f1454557d71eb1ac53cf270a019511e827553e2232c6180252cbb2929623e167bd8a3e0c75f0c46dd24f8a760bb958311f0f30e9e7d23e46e5f49c2725d77f8a3291e88fbf31248bafbb23bdc93914d6dfabd6bd5f2785401fbfbaa0f77b67bdd1397e3a8044a070e96ca6b7823555ca8b8b17b69dda24e74926cda18a65439e1b13a912609d86b279ce30971c590185a255f21939e936d813c64ef5a36338caabe599f23980c3772d2b80d0a2a705f33461e8e1ea23747814929ffec08c35965087f52d11b1d86728ba8c163beb0f94126d546d1b2d470df3bf1265f367c5f62b8b0ab7a1589b2", 0x132}, {&(0x7f00000001c0)="60788198522adf8821929b2c1d11945a3b2ac08bfcff473e8db40e3f7a81", 0x1e}, {&(0x7f0000000780)="3c2ae688dd0a9a38a0d1b0d39e723d6a478b589644db61290c0ed00a6d1e45b7bfe525a9b986e8f7f6670ab7ed8432bf548e7140803df501aadf7d1e7c8aa4a365b7e9fd58149e00e8384edb468d0d39e42bad710f92ac1a6a7240098f97e98700ac773efbe9420acb65ae65ca665331fe054a6931ec29058a21cde8f44d006adb1b107e", 0x84}, {&(0x7f0000000840)="cdde0797ffdccb021e6009a23fea46646b3d7b950b13b586f29ca9b8b8c724138562365277c805e0a5e1122f322b607ba69904de1edc4dcb3e7edb29e8234b2c73166172727c6e00445e0c6e7aa7a0cc51e922f20e90389f22d2fc0fceec2c86a7a837f088207237b6452fa5bb59cf506ca53d8195f31cfd2b5e8b0ac0c14a0f0d0daec56047970d14816cc1d331a8693a33f13d8b3234ca4b7b3a1e1eb2f39f40911183d16af74f5d02b5371860226b8318dcc508f163677a74bcbb38c579aae2622d1880916c5dee3cb5d489", 0xcd}, {&(0x7f0000000240)="f997f74dcb0c0a252e587e1a98c3ed0439c80ba94ec147142192457e59875ff814e47c51fdf0297a501fb743160c1a88f78a3d52311752e0fdb7", 0x3a}, {&(0x7f0000001a80)="13953770c25d372ebde4094c7600a3f5b065737b84840bc7de9b0861f8e844fd022fd0427b3750bc62f90d27a086a21d226232a58f2c960a5cef36861e93f70bf4efdf35912b2ff11cb0bc7a41c86bdee45d96343c36cfad490e4bca4b4615671e6f1d5eccdefb26720d03a85e4b89ff509466505baeec906051dce1415fb3dbfeb8d88a5d7520fe6837baee392c96aab872905109c7bc4855657f1663f79ec72f03863565b4a25d91", 0xa9}, {&(0x7f0000000500)="7453e2", 0x3}], 0x8, &(0x7f0000001f40)=ANY=[@ANYBLOB="1c2900000100010001000000", @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r3, @ANYRES32=r5, @ANYBLOB, @ANYRES32=r8, @ANYRES32=r1, @ANYRES64=r3, @ANYRES32, @ANYRES32=r7, @ANYRES32=r4, @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="e7d5ad189766124f97de91ca0e17ec241fe3285d973142998e670bbdf300feecc0997ea6298cb289cb13d266bb3368c0d3ebb5ffe566bdf61207ea292768822b2208c8c12172e6a18a6934db061ed4655d5f15010f9794f00a75edf78d5fdc4497fc1514a69705eec6584d88fb67f580ace0b65e6276f5dde395efee15169f71c45ee179d03199c9f5a997d4390751a8f51f1d57dfb90c6338d0ca069e3a3ddae213c923795e5bad395fb08ec22c95c3b243f80c8ba8b8b0f0509eb13672942ab8b16a", @ANYRES32=r6, @ANYRESHEX=r0, @ANYRES32=0x0, @ANYBLOB="180000000100000002000000", @ANYBLOB="621551cc52965a8f19a1840be9be305656024fdeb58fdbcb927576a8aa985d9705a12778e651b812833143aac4aba1a4b74e3205f9c3779802728d4ae5768c6a5653afc6bfeca0f301d26fb7d3e68314c002ec992227499dbeed889e5c876e80282589d8dd5c185c4824b2f5fec86adb928cf8bf2956c5f13d319508cb5fb003754c08b4c9e4cc4ba909bb05f723a546f0052078bfbf90d516e0bbbea961cfbc808923744b23f767a77604c79e841aec21c96d622fab4939e2331d47ef3de7227122bf7cddcc6d5b8824b937fd33ae40044e207a4bb2d0f5b8f04d0e9040105e5be7d3d0583c9edc508b4ad887bf4d9f6f2d58aa45c2", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="180000000100000002000000", @ANYRES32=r6, @ANYRES32=0x0, @ANYRESDEC=r7, @ANYBLOB="1800090001000000020000e64489a1d6208104bf0634c23f80a352eb28f8fc200aab7b15b2383720a947682b1ebed83dd6dc19d6acbb94c4eb91c9759c1f5dfd81afc55c6e74d6a7584c9e7f8ece7fbf6f47979f9b9333a196ae1bfd01365bbdcfee56f3", @ANYRES32=r6, @ANYRES32=0x0, @ANYRES32=0x0], 0xa8, 0x10002000}}], 0x1, 0x0) recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x35, 0x7, &(0x7f0000000380)=ANY=[@ANYBLOB="388ed476a13736aef91ed96737e472373005a7b43304edb52c272aabb20064c2bfba123d1de6e45b3361579869ece1031151688cb466b91748cf43625ee083668750cebd34273cf0cc62c55d31c3cdb5e99772ed659e890ca1672122998f307225afe5611e0d9034584ccfccfcb5ced79d6273ede7417b619d5c9eff0fd8992637d68addbe26b246922330a1d88dd8202ae77f1c9e32895a9213374ab73740561f8ec6c9e2cea5a123c0040410440e44ce69", @ANYRES32, @ANYRESHEX=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r9}, 0x10) r10 = socket$nl_route(0x10, 0x3, 0x0) prlimit64(r6, 0x0, &(0x7f0000000280)={0x1, 0xf}, &(0x7f0000000300)) openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x40, 0x0) mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000002200)={[{@clone_children}], [{@permit_directio}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xa7'}}, {@fowner_gt={'fowner>', 0xffffffffffffffff}}, {@smackfsroot={'smackfsroot', 0x3d, 'cgroup\x00'}}, {@fowner_gt={'fowner>', 0xee01}}, {@fsuuid={'fsuuid', 0x3d, {[0x55, 0x39, 0x66, 0x61, 0x34, 0x35, 0x7, 0x64], 0x2d, [0x65, 0x62, 0x32, 0x35], 0x2d, [0x31, 0x64, 0x62, 0x34], 0x2d, [0x62, 0x64, 0x63, 0x65], 0x2d, [0x39, 0x61, 0x35, 0x2, 0x30, 0x61, 0x32]}}}, {@smackfsdef={'smackfsdef', 0x3d, 'cgroup\x00'}}, {@smackfsdef={'smackfsdef', 0x3d, '\\}+{^'}}]}) sendmsg$nl_route(r10, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000580)={&(0x7f0000001c80)=ANY=[@ANYBLOB="000000000000c1600a3400"/20, @ANYRES32=r4, @ANYBLOB="a2b8fae520000200840216805400018040000c801400010001000000890000000000000088a800001400010094ffffff23060000070000008100000014000100040000009d0a00000500000088a8000010000a00070000000000000000000000100001800c0005000700000006000000040001804c00018010000b000c0000000400000000000000280001000e000000000000000000000000000000000000000000000000000000000000000000000010000200c94a5850c504000009000000900101800c00090006000000070000000c00050005000000090000000c00040000006a06ff0100002800010003000000ffffffffffff000000000000000000000000000000000000000000000000000090000c8014000100003cffffba0100000300000009a80000140001009b000000b50300000700000088a8000014000100080000005001000009000000810000001400010007000000c90b00000300000088a8000014000100090000004802000009000000810000001400010005000000e7080000f7ffffff88a80000140001000400000029000000020000008100000010000a0002000000060000000000000090000c801400010001000000630b00000000000088a800001400010001000000830300007f000000810000001400010007000000cd0f000002000000000000001400010001040000ec01000000010000810000001400010005000000d70100000100008088a8000014000100000000009e0600000700000088a800001400010068000000f20d00000100000088a8000010000b0002000000ff010000000000003c0001800c0007008df2ffff0500000010000a00ff0f0000080000000000000010000a000d0b0000ff030000000000000c0003000200000007000000"], 0x2a4}, 0x1, 0x0, 0x0, 0x84}, 0x4004000) unshare(0x24020400) r11 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r12 = syz_pidfd_open(r11, 0x0) process_mrelease(r12, 0x0) 1.292224384s ago: executing program 0 (id=476): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat(0xffffffffffffff9c, 0x0, 0x40, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020752d00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000880)='sys_exit\x00', r3}, 0x10) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x1ff002, 0x7f, 0x7f, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x23, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffff3c, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x12, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{}, {}, {0x85, 0x0, 0x0, 0x19}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r5}, 0x10) uname(0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x9, 0x3f, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000500), &(0x7f0000000140), 0x1000, r6}, 0x38) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r7}, 0xc) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_buf(r8, 0x1, 0x3b, 0x0, &(0x7f0000000100)) userfaultfd(0x801) syz_io_uring_setup(0x4f1f, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000040), &(0x7f0000000180)) 1.291587533s ago: executing program 1 (id=477): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000080)="00c304", 0x3}, {&(0x7f0000000040)='&', 0x1}], 0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_emit_ethernet(0x52, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c200000008004c0000440000000000069078ac141400ac1e0001070dbd28e5c47999712b150f08e0000002ac1414bbe00000028907d700000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="020704032a00003da4002cbd7000fbbddf2505001700328000000a004e220000010000000000000000000000000008000900c0010000bafb80f52784af8d9c50250b601940e48db07caeb99e5a79425ae7f2c7ae3206f711b1da99359ac752114b9e92f79e11f536dbebacdcba9502001000000004d3000004d400000000020013000400000029bd7000000000001600080038050000206717d13898891b081faa95e21a75b0a46f2025671101824e8d41749bfcc98cea3287e1010000009d098406482b65d345cd2becbf1ef3ca5caa18419291596a0ed9f93f1d2fcb9fa96e3ee5c6b51dafcbe25e8a1d939295c4c069dcb4d643a25bcef563a69783aaafa58aaa886a921f8950fbc0c4575f36457df43f173e0870888388464fda78591634dba6816aa82ac9a4af3d164347cba92317662a0febf100010016004e1d00"/338], 0x150}}, 0x800) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x20, &(0x7f0000000100), 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000680)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c) ioctl$EVIOCGABS2F(0xffffffffffffffff, 0x8018456f, &(0x7f00000000c0)=""/171) socket$key(0xf, 0x3, 0x2) 1.062270894s ago: executing program 1 (id=478): r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000880)=@newtaction={0x58, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x44, 0x1, [@m_sample={0x40, 0x1, 0x0, 0x0, {{0xb}, {0x14, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x20}]}, {0x4}, {0xc}, {0xc, 0x4}}}]}]}, 0x58}}, 0x0) 951.833872ms ago: executing program 1 (id=479): r0 = socket(0x21, 0x2, 0x2) syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e4001020303090224002af62300000904000002ca744d0009053f034d00ff99090805848f"], &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r1, 0x0, 0x0) close(r1) syz_usb_disconnect(0xffffffffffffffff) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d3000000000000008001b"], 0x34}}, 0x0) r5 = socket$rds(0x15, 0x5, 0x0) bind$rds(r5, &(0x7f0000000380)={0x2, 0x4e21, @local}, 0x10) sendmsg$rds(r5, &(0x7f00000002c0)={&(0x7f0000000600)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r5, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x0, @remote}, 0x10) syz_open_dev$hidraw(0x0, 0x0, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_disconnect(0xffffffffffffffff) socket$nl_xfrm(0x10, 0x3, 0x6) socket$key(0xf, 0x3, 0x2) add_key$user(0x0, &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000540), 0x0, 0xfffffffffffffffe) add_key$user(0x0, &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='I', 0x1, 0xfffffffffffffffd) sendmsg$kcm(r0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe3f}, 0x8000) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$alg(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)="2ca067b7c3313418ae79db4216a0890378e1070598c9738e7f37ccee25d87f70b1267ffd261a5bcaa69810606a5cbf374d4e1d15e5197b27cf9e34f3a8", 0x3d}], 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="20000000170100000200000010000000efae38cbde44a9e8a45811963f51c6868247d73ce589d03e75d6a843e2c0b62c3a9fbbb9dd2b52b9f56a6e161036a61f5f5f9ad3f3192cd6f97012c158020bca09c589e84b23c6ef7810509fb749b744bb4aeb15f80ea190b121d300000000000000800000000000"], 0x20}, 0x4040000) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYRES64=r2], 0x60}}, 0x40804) 841.823782ms ago: executing program 0 (id=480): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xce, 0x0, 0x0) 752.350884ms ago: executing program 0 (id=481): pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f0000001540)={0x0, 0x0, 0x1, 0xa, 0x12}) 661.575583ms ago: executing program 0 (id=484): r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x2, 0x802) r1 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20) syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0) recvfrom$l2tp6(r1, 0x0, 0xc, 0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r7, 0xc08c5335, &(0x7f0000000780)={0x0, 0x80, 0xffffffff}) r8 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') socket$igmp6(0xa, 0x3, 0x2) fchdir(r8) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r8, 0x45, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000400)=[0x0, 0x0], 0x0, 0x75, &(0x7f0000000380)=[{}, {}, {}, {}], 0x20, 0x42, &(0x7f0000000480), &(0x7f00000005c0), 0x8, 0x99, 0x8, 0x8, &(0x7f0000000600)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xe, 0x11, &(0x7f0000000900)=ANY=[@ANYBLOB="1800000003000000000000000200000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000015005509010000000000950000000000000018400000f9ffffff0000000000000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f00000002c0)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, 0x12, r8, 0x8, &(0x7f0000000300)={0x1, 0x1}, 0x8, 0x10, &(0x7f0000000340)={0x5, 0x6, 0x0, 0xb}, 0x10, r9, r8, 0x5, &(0x7f0000000780)=[r8], &(0x7f00000007c0)=[{0x0, 0x1, 0x5, 0x3}, {0x4, 0x1, 0x20, 0x4}, {0x3, 0x3, 0xa, 0x3}, {0x0, 0x1, 0xf, 0xd}, {0x3, 0x3, 0x2, 0x6}], 0x10, 0x7}, 0x90) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000480)=@bpf_lsm={0x1d, 0x16, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xe9c2, 0x0, 0x0, 0x0, 0x3}, [@exit, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @cb_func={0x18, 0x3, 0x4, 0x0, 0x6}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x765534cf}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}]}, &(0x7f0000000180)='syzkaller\x00', 0x5, 0x72, &(0x7f00000001c0)=""/114, 0x40f00, 0x0, '\x00', r5, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x9, 0x5}, 0x8, 0x10, &(0x7f0000000280)={0x5, 0x1, 0xf}, 0x10, r9, 0x0, 0x4, &(0x7f00000002c0)=[r2], &(0x7f0000000300)=[{0x1, 0x2, 0xf, 0x8}, {0x3, 0x5, 0x8, 0x3}, {0x0, 0x1, 0xa, 0x2}, {0x4, 0x4, 0x2, 0x7}], 0x10, 0x6}, 0x90) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000080)={0x0, 0xfff}, 0x8) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@newqdisc={0x70, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x40, 0x2, {{0x0, 0x200000, 0x0, 0x10000, 0xffffffff, 0x3}, [@TCA_NETEM_ECN={0x8}, @TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x7fffffff, 0xa, 0xfffffffd, 0xffffffff}}]}]}}}]}, 0x70}}, 0x0) r10 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r10, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) sendto$inet6(r10, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) futex(&(0x7f0000000080)=0x2, 0x0, 0x2, &(0x7f0000000100)={0x0, 0x3938700}, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x77359400}, {0x77359400}}, 0x0) getgroups(0xfffffdfc, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, 0x0) 661.277699ms ago: executing program 2 (id=485): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0) 580.400333ms ago: executing program 2 (id=486): ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, &(0x7f0000000080)=@n={0x3, 0x9, @generic=0x45, 0x8}) 521.419585ms ago: executing program 2 (id=487): r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000880)=@newtaction={0x68, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x54, 0x1, [@m_sample={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x20}]}, {0x4}, {0xc}, {0xc, 0x4}}}]}]}, 0x68}}, 0x0) 451.058773ms ago: executing program 2 (id=488): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat(0xffffffffffffff9c, 0x0, 0x40, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020752d00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000880)='sys_exit\x00', r3}, 0x10) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x1ff002, 0x7f, 0x7f, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x23, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffff3c, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x12, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{}, {}, {0x85, 0x0, 0x0, 0x19}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r5}, 0x10) uname(0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x9, 0x3f, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000500), &(0x7f0000000140), 0x1000, r6}, 0x38) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r7}, 0xc) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_buf(r8, 0x1, 0x3b, 0x0, &(0x7f0000000100)) userfaultfd(0x801) syz_io_uring_setup(0x4f1f, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000040), &(0x7f0000000180)) 270.968462ms ago: executing program 0 (id=489): r0 = socket(0x2, 0x2, 0x0) r1 = dup(r0) setsockopt$inet_opts(r1, 0x0, 0x1a, &(0x7f0000000040)="fd04c085", 0x4) 101.701291ms ago: executing program 2 (id=490): bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) r0 = openat$sw_sync_info(0xffffff9c, 0x0, 0x44100, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x1c, r2, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0) (fail_nth: 5) sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x44, r2, 0x124, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @broadcast}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x85) 457.694µs ago: executing program 0 (id=491): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x23}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}, {0x85, 0x0, 0x0, 0x2d}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='timer_start\x00', r0}, 0x10) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940)) (fail_nth: 9) 0s ago: executing program 2 (id=492): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x14, 0xe, &(0x7f00000004c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x13, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xd6c5}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) clock_gettime(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001f00)=ANY=[], 0x30}}, 0x0) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x6) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000cc0)=[{{&(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000001c0)=[{&(0x7f0000000340)="8c0698b0ecdca3a19848690455c12d705968bf6117e77270e0a0fd2ccdfb5b14a02bc62b79983570668e84baebbf4c66fffb6538b2e5f599888b4c72a405292cf4839a3d410146986a", 0x49}], 0x1, &(0x7f00000003c0)=[@rights={{0x20, 0x1, 0x1, [r5, r1, 0xffffffffffffffff, r6, r3]}}], 0x20}}, {{&(0x7f0000000400)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000000500)=[{&(0x7f0000000480)="9ec95f306f43fb3845eed16cc21fd53cda02d96de266eb4ef7", 0x19}, {&(0x7f0000000580)="31546e21e27eb292a0ab9b35995bb72bafa0a161b1b868650d7f6a9a7a98294b9460af52dda4127dc9b8abf82a3b6d31d59c89bcca9da373fb98b1366d9ace95fdb2e53c95f05be0951ab9857b53d1d4810cc7b371417b329c9f94e0de7629900a566de23cab032135d0bc24abaa95ddfbf82b5d7856cd8d050851d4132efcff8d3e955be74f0b8e0666b2e7fed7a985654293d35e41302bcffb3fbadc092e66f856702446d6649a475337", 0xab}, {&(0x7f00000004c0)="7034b6c4f6af", 0x6}, {&(0x7f0000000640)="b76a984f8082102156edd2643995cb2ece00cbc39799dafca6617c6449e22009ab455ecfba5f26f8b711cb148308a64c7841ba0b00000007254a86985d211851c7d7068a98247e3e27752b4e4f1fc43e011e767b1d469a749cfa31618d39f81eedcccb0f700a861218ddd7bbb098ae383f62a1647a7ea449926349e15206597a65d56aa90ccf2f853aae2046a9b4f1e19e17a4c85e5cd77bc3cc52d57ad024dba5806b", 0xa3}, {&(0x7f0000000700)="a6e6557dc7f0954ce168d3e9a87d9eca41d0862ca8f9f4d75b8b58fc08e558279698a817dfdd3fbaf87ecd146480e1070086a18a5896e6a77c885fc20aacae205b9d5316a7ff18597c6c8f4703896bc1b6f00e8ea3b13d9aa27b6a8f0e562c798cc4fa050235dc519d8f90830bcd31079cd7755de7b4d35e856d44b9d886a59c192aa2a7ca86b19217bb3488e7f177d6ee296518b73c17c5", 0x98}], 0x5, &(0x7f0000000a40)=[@rights={{0x34, 0x1, 0x1, [r5, r3, r1, r1, r5, 0xffffffffffffffff, 0xffffffffffffffff, r5, r6, r0]}}, @rights={{0x24, 0x1, 0x1, [r6, r5, r6, r3, r1, r1]}}, @rights={{0x24, 0x1, 0x1, [r6, 0xffffffffffffffff, r6, 0xffffffffffffffff, r1, r2]}}, @cred={{0x18, 0x1, 0x2, {r4}}}, @cred={{0x18, 0x1, 0x2, {r4}}}], 0xac, 0x48000}}, {{&(0x7f0000000b00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000980), 0x0, &(0x7f0000000800)=[@cred={{0x18}}, @rights={{0x20, 0x1, 0x1, [r3, r1, 0xffffffffffffffff, r1, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r5, 0xffffffffffffffff, 0xffffffffffffffff, r1, 0xffffffffffffffff, r2, r2, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, r5, r1, r6, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, r0, 0xffffffffffffffff]}}], 0xa0, 0x20040000}}], 0x3, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48) syz_open_dev$evdev(&(0x7f0000001880), 0x0, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x7}, 0x48) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa00080045000018000000000001907800000000ffffffffe000007800000000"], 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10) r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_WAIT_FOR_RESUME(r7, 0x5521) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) kernel console output (not intermixed with test programs): xc2/0x120 [ 80.844724][ T5733] __kmalloc_noprof+0xcb/0x410 [ 80.847004][ T5733] ? __pfx_d_absolute_path+0x10/0x10 [ 80.849508][ T5733] tomoyo_encode2+0x100/0x3e0 [ 80.851767][ T5733] tomoyo_realpath_from_path+0x1a7/0x710 [ 80.854623][ T5733] tomoyo_path_number_perm+0x245/0x5b0 [ 80.857014][ T5733] ? tomoyo_path_number_perm+0x232/0x5b0 [ 80.859370][ T5733] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 80.861912][ T5733] ? __pfx_lock_release+0x10/0x10 [ 80.864114][ T5733] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 80.866854][ T5733] ? __fget_files+0x256/0x400 [ 80.868912][ T5733] security_file_ioctl_compat+0x75/0xc0 [ 80.871355][ T5733] __do_compat_sys_ioctl+0x5d/0x330 [ 80.873755][ T5733] __do_fast_syscall_32+0x73/0x120 [ 80.875998][ T5733] do_fast_syscall_32+0x32/0x80 [ 80.878174][ T5733] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.880847][ T5733] RIP: 0023:0xf7f11579 [ 80.882798][ T5733] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 80.891236][ T5733] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 80.894876][ T5733] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080045503 [ 80.898477][ T5733] RDX: 0000000020000340 RSI: 0000000000000000 RDI: 0000000000000000 [ 80.901933][ T5733] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 80.905292][ T5733] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 80.908699][ T5733] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 80.912123][ T5733] [ 80.914465][ T5733] ERROR: Out of memory at tomoyo_realpath_from_path. [ 80.934834][ T5733] usb usb8: usbfs: process 5733 (syz.1.96) did not claim interface 0 before use [ 81.292896][ T5746] random: crng reseeded on system resumption [ 81.710123][ T5735] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 81.713059][ T5735] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 81.835959][ T5735] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 81.839049][ T5735] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 81.967806][ T5735] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 81.985228][ T5735] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 82.037713][ T5735] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 82.051149][ T5735] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 82.365156][ T5768] usb usb8: usbfs: process 5768 (syz.3.101) did not claim interface 0 before use [ 82.514693][ T5771] netlink: 4 bytes leftover after parsing attributes in process `syz.3.102'. [ 82.642696][ T5776] netlink: 52 bytes leftover after parsing attributes in process `syz.2.103'. [ 83.182898][ T5803] random: crng reseeded on system resumption [ 83.782971][ T5809] netlink: 44 bytes leftover after parsing attributes in process `syz.0.111'. [ 83.855796][ T5811] netlink: 4 bytes leftover after parsing attributes in process `syz.2.112'. [ 84.370010][ T39] audit: type=1804 audit(1723263549.427:5): pid=5821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.115" name="/newroot/38/file0/file1" dev="9p" ino=37617973 res=1 errno=0 [ 84.395127][ T39] audit: type=1804 audit(1723263549.457:6): pid=5821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.115" name="/newroot/38/file0/bus" dev="9p" ino=37617994 res=1 errno=0 [ 84.495143][ T5834] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 86.342181][ T5851] 9pnet_fd: Insufficient options for proto=fd [ 86.464196][ T5859] netlink: 44 bytes leftover after parsing attributes in process `syz.1.128'. [ 86.630527][ T5866] kernel profiling enabled (shift: 0) [ 86.813580][ T832] cfg80211: failed to load regulatory.db [ 87.529390][ T57] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 87.730645][ T57] usb 6-1: Using ep0 maxpacket: 8 [ 87.735021][ T57] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 87.738894][ T57] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 87.743884][ T57] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 87.750736][ T57] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 87.763107][ T57] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 87.779138][ T57] usb 6-1: config 246 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 87.791018][ T57] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 87.794724][ T57] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 87.798593][ T57] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 87.824755][ T57] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 87.841236][ T57] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 87.891991][ T57] usb 6-1: config 246 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 87.927326][ T57] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 87.931295][ T57] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 87.941300][ T57] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 87.952167][ T57] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 87.996810][ T57] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 88.029411][ T57] usb 6-1: config 246 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 88.038490][ T57] usb 6-1: string descriptor 0 read error: -22 [ 88.041679][ T57] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 88.045452][ T57] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 88.066916][ T57] adutux 6-1:246.0: interrupt endpoints not found [ 88.117491][ T5886] 9pnet_fd: Insufficient options for proto=fd [ 88.307824][ T5891] overlay: Bad value for 'workdir' [ 88.514029][ T5879] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 88.517798][ T5879] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 88.739921][ T57] usb 6-1: USB disconnect, device number 2 [ 88.821522][ T5906] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 89.149261][ T5912] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 89.397639][ T5918] netlink: 4 bytes leftover after parsing attributes in process `syz.1.150'. [ 89.658627][ T5925] process 'syz.3.153' launched './file0' with NULL argv: empty string added [ 89.675942][ T5927] 9pnet_fd: Insufficient options for proto=fd [ 89.694906][ T5930] netlink: 8 bytes leftover after parsing attributes in process `syz.1.155'. [ 89.837308][ T5940] FAULT_INJECTION: forcing a failure. [ 89.837308][ T5940] name failslab, interval 1, probability 0, space 0, times 0 [ 89.842864][ T5940] CPU: 1 UID: 0 PID: 5940 Comm: syz.2.160 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 89.847895][ T5940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.852361][ T5940] Call Trace: [ 89.853776][ T5940] [ 89.854984][ T5940] dump_stack_lvl+0x16c/0x1f0 [ 89.856858][ T5940] should_fail_ex+0x497/0x5b0 [ 89.858748][ T5940] should_failslab+0xc2/0x120 [ 89.860673][ T5940] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 89.862796][ T5940] ? dst_alloc+0x99/0x1a0 [ 89.864640][ T5940] ? __pfx_ip6_dst_gc+0x10/0x10 [ 89.866591][ T5940] dst_alloc+0x99/0x1a0 [ 89.871058][ T5940] ip6_dst_alloc+0x2c/0xa0 [ 89.872906][ T5940] ip6_pol_route+0x956/0x1150 [ 89.874856][ T5940] ? __pfx_ip6_pol_route+0x10/0x10 [ 89.876965][ T5940] ? __pfx___nf_nat_alloc_null_binding+0x10/0x10 [ 89.879926][ T5940] ? __pfx_ip6_pol_route_input+0x10/0x10 [ 89.887243][ T5940] fib6_rule_lookup+0x536/0x720 [ 89.889626][ T5940] ? __pfx_fib6_rule_lookup+0x10/0x10 [ 89.893964][ T5940] ? nf_nat_ipv6_fn+0x103/0x2e0 [ 89.896359][ T5940] ? __pfx_nf_nat_ipv6_fn+0x10/0x10 [ 89.898736][ T5940] ip6_route_input+0x60b/0xc10 [ 89.900886][ T5940] ? __pfx_ip6_route_input+0x10/0x10 [ 89.903203][ T5940] ? __pfx_lock_release+0x10/0x10 [ 89.905431][ T5940] ? sock_wfree+0x113/0x850 [ 89.907470][ T5940] ? udp_v6_early_demux+0x2ca/0xf70 [ 89.909500][ T5940] ip6_rcv_finish_core.constprop.0+0x1a0/0x5d0 [ 89.912140][ T5940] ipv6_rcv+0x1e4/0x680 [ 89.914008][ T5940] ? __pfx_ipv6_rcv+0x10/0x10 [ 89.916087][ T5940] __netif_receive_skb_one_core+0x12e/0x1e0 [ 89.918631][ T5940] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 89.921336][ T5940] ? timekeeping_debug_get_ns+0x334/0x5b0 [ 89.923670][ T5940] __netif_receive_skb+0x1d/0x160 [ 89.925830][ T5940] netif_receive_skb+0x13f/0x7b0 [ 89.927978][ T5940] ? __pfx_netif_receive_skb+0x10/0x10 [ 89.930237][ T5940] ? __pfx___lock_acquire+0x10/0x10 [ 89.932494][ T5940] tun_rx_batched+0x429/0x780 [ 89.934572][ T5940] ? __pfx_tun_rx_batched+0x10/0x10 [ 89.936878][ T5940] ? tun_get_user+0x1d66/0x3c20 [ 89.939067][ T5940] tun_get_user+0x2a4b/0x3c20 [ 89.941180][ T5940] ? __pfx_tun_get_user+0x10/0x10 [ 89.943663][ T5940] ? find_held_lock+0x2d/0x110 [ 89.945552][ T5940] ? __pfx_lock_release+0x10/0x10 [ 89.947281][ T5940] tun_chr_write_iter+0xe8/0x210 [ 89.949420][ T5940] vfs_write+0x6b6/0x1140 [ 89.951333][ T5940] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 89.953142][ T5940] ? __pfx_vfs_write+0x10/0x10 [ 89.954867][ T5940] ? __fget_files+0x256/0x400 [ 89.956894][ T5940] ? __fget_light+0x173/0x210 [ 89.959050][ T5940] ksys_write+0x12f/0x260 [ 89.960882][ T5940] ? __pfx_ksys_write+0x10/0x10 [ 89.962927][ T5940] __do_fast_syscall_32+0x73/0x120 [ 89.965137][ T5940] do_fast_syscall_32+0x32/0x80 [ 89.967302][ T5940] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 89.970127][ T5940] RIP: 0023:0xf749e579 [ 89.972062][ T5940] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 89.980775][ T5940] RSP: 002b:00000000f57b6530 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 89.984402][ T5940] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 00000000200002c0 [ 89.987761][ T5940] RDX: 000000000000009a RSI: 00000000f748cff4 RDI: 0000000000000000 [ 89.991181][ T5940] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 89.994225][ T5940] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 89.997459][ T5940] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 90.000709][ T5940] [ 90.240489][ T5950] netlink: 56 bytes leftover after parsing attributes in process `syz.0.165'. [ 90.261504][ T5950] overlay: Bad value for 'workdir' [ 90.294079][ T5954] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 90.302488][ T5954] FAULT_INJECTION: forcing a failure. [ 90.302488][ T5954] name failslab, interval 1, probability 0, space 0, times 0 [ 90.308143][ T5954] CPU: 1 UID: 0 PID: 5954 Comm: syz.3.166 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 90.312885][ T5954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.317579][ T5954] Call Trace: [ 90.319099][ T5954] [ 90.320434][ T5954] dump_stack_lvl+0x16c/0x1f0 [ 90.322581][ T5954] should_fail_ex+0x497/0x5b0 [ 90.324712][ T5954] ? fs_reclaim_acquire+0xae/0x160 [ 90.327016][ T5954] should_failslab+0xc2/0x120 [ 90.329141][ T5954] kmem_cache_alloc_node_noprof+0x71/0x310 [ 90.331736][ T5954] ? __alloc_skb+0x2b3/0x380 [ 90.333813][ T5954] __alloc_skb+0x2b3/0x380 [ 90.335828][ T5954] ? __pfx___alloc_skb+0x10/0x10 [ 90.338052][ T5954] ? module_put+0xd/0x30 [ 90.339953][ T5954] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 90.342283][ T5954] netlink_ack+0x164/0xb20 [ 90.344262][ T5954] netlink_rcv_skb+0x327/0x410 [ 90.346375][ T5954] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 90.348799][ T5954] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 90.351242][ T5954] ? netlink_deliver_tap+0x1ae/0xcf0 [ 90.353550][ T5954] netlink_unicast+0x544/0x830 [ 90.355666][ T5954] ? __pfx_netlink_unicast+0x10/0x10 [ 90.358051][ T5954] ? __phys_addr_symbol+0x30/0x80 [ 90.360296][ T5954] ? __check_object_size+0x497/0x720 [ 90.362655][ T5954] netlink_sendmsg+0x8b8/0xd70 [ 90.364819][ T5954] ? __pfx_netlink_sendmsg+0x10/0x10 [ 90.367176][ T5954] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 90.369540][ T5954] ____sys_sendmsg+0x9b4/0xb50 [ 90.371712][ T5954] ? __pfx_____sys_sendmsg+0x10/0x10 [ 90.374253][ T5954] ? get_compat_msghdr+0x11b/0x170 [ 90.376915][ T5954] ? __pfx___lock_acquire+0x10/0x10 [ 90.379374][ T5954] ___sys_sendmsg+0x135/0x1e0 [ 90.381859][ T5954] ? __pfx____sys_sendmsg+0x10/0x10 [ 90.384637][ T5954] ? ksys_write+0x21c/0x260 [ 90.386804][ T5954] ? __fget_light+0x173/0x210 [ 90.388913][ T5954] __sys_sendmsg+0x117/0x1f0 [ 90.391038][ T5954] ? __pfx___sys_sendmsg+0x10/0x10 [ 90.394268][ T5954] __do_fast_syscall_32+0x73/0x120 [ 90.394306][ T5954] do_fast_syscall_32+0x32/0x80 [ 90.394328][ T5954] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 90.394356][ T5954] RIP: 0023:0xf73de579 [ 90.394371][ T5954] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 90.394388][ T5954] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 90.394407][ T5954] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 0000000020000040 [ 90.394418][ T5954] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 90.394429][ T5954] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 90.394440][ T5954] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 90.394451][ T5954] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 90.394474][ T5954] [ 90.441560][ T5958] netlink: 'syz.3.168': attribute type 4 has an invalid length. [ 90.779647][ T5971] 9pnet_fd: Insufficient options for proto=fd [ 91.595936][ T39] audit: type=1326 audit(1723263556.667:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.1.177" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x0 [ 92.129478][ T6013] FAULT_INJECTION: forcing a failure. [ 92.129478][ T6013] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 92.135386][ T6013] CPU: 1 UID: 0 PID: 6013 Comm: syz.0.188 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 92.140071][ T6013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.144805][ T6013] Call Trace: [ 92.146354][ T6013] [ 92.147679][ T6013] dump_stack_lvl+0x16c/0x1f0 [ 92.149780][ T6013] should_fail_ex+0x497/0x5b0 [ 92.151899][ T6013] _copy_to_user+0x30/0xc0 [ 92.153848][ T6013] snd_seq_ioctl+0x344/0x3f0 [ 92.155887][ T6013] ? __pfx_snd_seq_ioctl+0x10/0x10 [ 92.158244][ T6013] ? __fget_files+0x256/0x400 [ 92.160370][ T6013] snd_seq_ioctl_compat+0xf0/0x310 [ 92.162652][ T6013] ? __pfx_snd_seq_ioctl_compat+0x10/0x10 [ 92.165137][ T6013] __do_compat_sys_ioctl+0x2c3/0x330 [ 92.167508][ T6013] __do_fast_syscall_32+0x73/0x120 [ 92.169880][ T6013] do_fast_syscall_32+0x32/0x80 [ 92.172249][ T6013] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 92.175081][ T6013] RIP: 0023:0xf7fd3579 [ 92.176901][ T6013] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 92.185807][ T6013] RSP: 002b:00000000f576556c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 92.189652][ T6013] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004058534c [ 92.193210][ T6013] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000000000000 [ 92.196602][ T6013] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 92.200101][ T6013] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 92.203439][ T6013] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 92.207167][ T6013] [ 92.215815][ T6018] FAULT_INJECTION: forcing a failure. [ 92.215815][ T6018] name failslab, interval 1, probability 0, space 0, times 0 [ 92.221475][ T6018] CPU: 0 UID: 0 PID: 6018 Comm: syz.2.190 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 92.226045][ T6018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.230610][ T6018] Call Trace: [ 92.232051][ T6018] [ 92.233343][ T6018] dump_stack_lvl+0x16c/0x1f0 [ 92.235632][ T6018] should_fail_ex+0x497/0x5b0 [ 92.237662][ T6018] should_failslab+0xc2/0x120 [ 92.239699][ T6018] __kmalloc_cache_noprof+0x6b/0x310 [ 92.241997][ T6018] ? batadv_bla_get_backbone_gw+0x145/0xdc0 [ 92.244613][ T6018] batadv_bla_get_backbone_gw+0x145/0xdc0 [ 92.247085][ T6018] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 92.249637][ T6018] ? batadv_claim_hash_find.isra.0+0x3e9/0x640 [ 92.252207][ T6018] ? __pfx_batadv_bla_get_backbone_gw+0x10/0x10 [ 92.254545][ T6018] ? batadv_primary_if_get_selected+0x224/0x440 [ 92.256884][ T6018] ? __pfx_batadv_claim_hash_find.isra.0+0x10/0x10 [ 92.259370][ T6018] batadv_bla_update_own_backbone_gw.isra.0+0x4e/0x170 [ 92.262393][ T6018] batadv_bla_tx+0x15d/0x20d0 [ 92.264615][ T6018] ? __lock_acquire+0xbb7/0x3cb0 [ 92.266768][ T6018] ? __pfx_batadv_bla_tx+0x10/0x10 [ 92.269017][ T6018] ? lock_acquire+0x1b1/0x560 [ 92.271059][ T6018] ? find_held_lock+0x2d/0x110 [ 92.273171][ T6018] ? batadv_get_vid+0xc2/0x270 [ 92.275321][ T6018] batadv_interface_tx+0x5b9/0x1bb0 [ 92.277584][ T6018] ? __pfx_batadv_interface_tx+0x10/0x10 [ 92.279996][ T6018] ? dev_queue_xmit_nit+0x87e/0xba0 [ 92.282238][ T6018] dev_hard_start_xmit+0x143/0x790 [ 92.284557][ T6018] __dev_queue_xmit+0x7c7/0x4300 [ 92.286779][ T6018] ? __might_fault+0x13b/0x190 [ 92.288674][ T6018] ? __pfx_lock_release+0x10/0x10 [ 92.290604][ T6018] ? __pfx___dev_queue_xmit+0x10/0x10 [ 92.292670][ T6018] ? __might_fault+0xe3/0x190 [ 92.294507][ T6018] ? _copy_from_iter+0x149/0xfc0 [ 92.296411][ T6018] ? skb_copy_bits+0x4e4/0x7b0 [ 92.298268][ T6018] ? packet_parse_headers+0x71e/0xa40 [ 92.300423][ T6018] ? packet_parse_headers+0x72a/0xa40 [ 92.302757][ T6018] ? packet_parse_headers+0x1fc/0xa40 [ 92.305079][ T6018] ? __pfx_packet_parse_headers+0x10/0x10 [ 92.307503][ T6018] packet_xmit+0x23e/0x360 [ 92.309450][ T6018] packet_sendmsg+0x267f/0x5390 [ 92.311578][ T6018] ? __pfx___might_resched+0x10/0x10 [ 92.313849][ T6018] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 92.316327][ T6018] ? aa_sk_perm+0x2f5/0xb40 [ 92.318099][ T6018] ? __pfx___might_resched+0x10/0x10 [ 92.320328][ T6018] ? __pfx_packet_sendmsg+0x10/0x10 [ 92.322613][ T6018] ? __pfx_aa_sk_perm+0x10/0x10 [ 92.324693][ T6018] ? __might_fault+0xe3/0x190 [ 92.326772][ T6018] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 92.329047][ T6018] __sys_sendto+0x47f/0x4e0 [ 92.331042][ T6018] ? __pfx___sys_sendto+0x10/0x10 [ 92.333015][ T6018] ? ksys_write+0x1ab/0x260 [ 92.334891][ T6018] ? __pfx_ksys_write+0x10/0x10 [ 92.336808][ T6018] __ia32_sys_sendto+0xdd/0x1b0 [ 92.338716][ T6018] ? lockdep_hardirqs_on+0x7c/0x110 [ 92.340810][ T6018] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 92.343547][ T6018] __do_fast_syscall_32+0x73/0x120 [ 92.345510][ T6018] do_fast_syscall_32+0x32/0x80 [ 92.347643][ T6018] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 92.360560][ T6018] RIP: 0023:0xf749e579 [ 92.362333][ T6018] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 92.370669][ T6018] RSP: 002b:00000000f57b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 92.374468][ T6018] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000 [ 92.374484][ T6018] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000020000080 [ 92.374491][ T6018] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000 [ 92.374497][ T6018] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 92.374503][ T6018] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 92.374518][ T6018] [ 92.516745][ T6026] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 92.810781][ T6044] random: crng reseeded on system resumption [ 93.135169][ T6052] tipc: Enabling of bearer rejected, media not registered [ 94.178398][ T6078] FAULT_INJECTION: forcing a failure. [ 94.178398][ T6078] name failslab, interval 1, probability 0, space 0, times 0 [ 94.186074][ T6078] CPU: 1 UID: 0 PID: 6078 Comm: syz.3.211 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 94.191668][ T6078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.196998][ T6078] Call Trace: [ 94.198586][ T6078] [ 94.200103][ T6078] dump_stack_lvl+0x16c/0x1f0 [ 94.202434][ T6078] should_fail_ex+0x497/0x5b0 [ 94.204905][ T6078] ? fs_reclaim_acquire+0xae/0x160 [ 94.207482][ T6078] should_failslab+0xc2/0x120 [ 94.209775][ T6078] __kmalloc_noprof+0xcb/0x410 [ 94.212090][ T6078] ? __pfx_d_absolute_path+0x10/0x10 [ 94.214559][ T6078] tomoyo_encode2+0x100/0x3e0 [ 94.216883][ T6078] tomoyo_realpath_from_path+0x1a7/0x710 [ 94.219382][ T6078] tomoyo_path_number_perm+0x245/0x5b0 [ 94.221447][ T6078] ? tomoyo_path_number_perm+0x232/0x5b0 [ 94.230910][ T6078] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 94.254486][ T6078] ? __pfx_lock_release+0x10/0x10 [ 94.256864][ T6078] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 94.259839][ T6078] ? __fget_files+0x256/0x400 [ 94.262070][ T6078] security_file_ioctl_compat+0x75/0xc0 [ 94.264647][ T6078] __do_compat_sys_ioctl+0x5d/0x330 [ 94.266943][ T6078] __do_fast_syscall_32+0x73/0x120 [ 94.269267][ T6078] do_fast_syscall_32+0x32/0x80 [ 94.271597][ T6078] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 94.274537][ T6078] RIP: 0023:0xf73de579 [ 94.277062][ T6078] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 94.286084][ T6078] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 94.289945][ T6078] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000560a [ 94.293776][ T6078] RDX: 00000000200006c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 94.297538][ T6078] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 94.301086][ T6078] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 94.304624][ T6078] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 94.308392][ T6078] [ 94.313725][ T6078] ERROR: Out of memory at tomoyo_realpath_from_path. [ 94.380239][ T6080] capability: warning: `syz.2.212' uses 32-bit capabilities (legacy support in use) [ 94.584342][ T6087] overlayfs: missing 'lowerdir' [ 95.315713][ T6111] FAULT_INJECTION: forcing a failure. [ 95.315713][ T6111] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 95.322056][ T6111] CPU: 1 UID: 0 PID: 6111 Comm: syz.0.222 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 95.326289][ T6111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.330793][ T6111] Call Trace: [ 95.332137][ T6111] [ 95.333411][ T6111] dump_stack_lvl+0x16c/0x1f0 [ 95.335316][ T6111] should_fail_ex+0x497/0x5b0 [ 95.336269][ T6109] netlink: 4 bytes leftover after parsing attributes in process `syz.1.220'. [ 95.337309][ T6111] _copy_from_iter+0x27a/0xfc0 [ 95.342694][ T6111] ? __pfx__copy_from_iter+0x10/0x10 [ 95.344948][ T6111] ? __virt_addr_valid+0x5e/0x590 [ 95.346900][ T6111] ? __phys_addr_symbol+0x30/0x80 [ 95.349016][ T6111] ? __check_object_size+0x497/0x720 [ 95.351187][ T6111] file_tty_write.constprop.0+0x49f/0x9b0 [ 95.353297][ T6111] vfs_write+0x6b6/0x1140 [ 95.355146][ T6111] ? __pfx_tty_write+0x10/0x10 [ 95.356810][ T6111] ? __pfx_vfs_write+0x10/0x10 [ 95.358629][ T6111] ? __fget_files+0x256/0x400 [ 95.360467][ T6111] ? __fget_light+0x173/0x210 [ 95.362400][ T6111] ksys_write+0x12f/0x260 [ 95.364355][ T6111] ? __pfx_ksys_write+0x10/0x10 [ 95.366560][ T6111] __do_fast_syscall_32+0x73/0x120 [ 95.368723][ T6111] do_fast_syscall_32+0x32/0x80 [ 95.370709][ T6111] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 95.373050][ T6111] RIP: 0023:0xf7fd3579 [ 95.374746][ T6111] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 95.382367][ T6111] RSP: 002b:00000000f578656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 95.385554][ T6111] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020001040 [ 95.388585][ T6111] RDX: 0000000000001006 RSI: 0000000000000000 RDI: 0000000000000000 [ 95.392054][ T6111] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 95.395617][ T6111] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 95.399082][ T6111] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 95.416068][ T6111] [ 95.535253][ T6115] usb usb8: usbfs: process 6115 (syz.0.225) did not claim interface 0 before use [ 95.966901][ T6137] overlayfs: missing 'lowerdir' [ 96.021487][ T6130] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 96.516805][ T6143] veth0_vlan: left promiscuous mode [ 96.520735][ T6143] veth0_vlan: entered promiscuous mode [ 96.626296][ T6144] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9) [ 96.635458][ T6144] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 96.647359][ T6144] vhci_hcd vhci_hcd.0: Device attached [ 96.839440][ T832] vhci_hcd: vhci_device speed not set [ 96.919385][ T832] usb 19-1: new full-speed USB device number 2 using vhci_hcd [ 97.250557][ T6150] vhci_hcd: connection reset by peer [ 97.256148][ T1100] vhci_hcd: stop threads [ 97.258714][ T1100] vhci_hcd: release socket [ 97.261728][ T1100] vhci_hcd: disconnect device [ 98.056142][ T6170] overlayfs: missing 'lowerdir' [ 98.447812][ T6176] FAULT_INJECTION: forcing a failure. [ 98.447812][ T6176] name failslab, interval 1, probability 0, space 0, times 0 [ 98.453201][ T6176] CPU: 2 UID: 0 PID: 6176 Comm: syz.1.244 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 98.457786][ T6176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 98.461937][ T6176] Call Trace: [ 98.463223][ T6176] [ 98.464448][ T6176] dump_stack_lvl+0x16c/0x1f0 [ 98.466420][ T6176] should_fail_ex+0x497/0x5b0 [ 98.468461][ T6176] ? fs_reclaim_acquire+0xae/0x160 [ 98.470742][ T6176] should_failslab+0xc2/0x120 [ 98.472842][ T6176] kmem_cache_alloc_node_noprof+0x71/0x310 [ 98.475458][ T6176] ? __alloc_skb+0x2b3/0x380 [ 98.477553][ T6176] __alloc_skb+0x2b3/0x380 [ 98.479565][ T6176] ? __pfx___alloc_skb+0x10/0x10 [ 98.481743][ T6176] ? __pfx___might_resched+0x10/0x10 [ 98.483852][ T6176] netlink_alloc_large_skb+0x69/0x130 [ 98.485985][ T6176] netlink_sendmsg+0x689/0xd70 [ 98.487951][ T6176] ? __pfx_netlink_sendmsg+0x10/0x10 [ 98.490087][ T6176] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 98.492587][ T6176] ____sys_sendmsg+0x9b4/0xb50 [ 98.494696][ T6176] ? __pfx_____sys_sendmsg+0x10/0x10 [ 98.496962][ T6176] ? get_compat_msghdr+0x11b/0x170 [ 98.499214][ T6176] ? __pfx___lock_acquire+0x10/0x10 [ 98.501553][ T6176] ___sys_sendmsg+0x135/0x1e0 [ 98.503654][ T6176] ? __pfx____sys_sendmsg+0x10/0x10 [ 98.506121][ T6176] ? ksys_write+0x21c/0x260 [ 98.508184][ T6176] ? __fget_light+0x173/0x210 [ 98.510293][ T6176] __sys_sendmsg+0x117/0x1f0 [ 98.512378][ T6176] ? __pfx___sys_sendmsg+0x10/0x10 [ 98.514706][ T6176] __do_fast_syscall_32+0x73/0x120 [ 98.516805][ T6176] do_fast_syscall_32+0x32/0x80 [ 98.518876][ T6176] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 98.521672][ T6176] RIP: 0023:0xf7f11579 [ 98.523622][ T6176] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 98.531974][ T6176] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 98.535725][ T6176] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000500 [ 98.539255][ T6176] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 98.542770][ T6176] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 98.546294][ T6176] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 98.549797][ T6176] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 98.553462][ T6176] [ 98.620157][ T35] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 98.643905][ T6180] FAULT_INJECTION: forcing a failure. [ 98.643905][ T6180] name failslab, interval 1, probability 0, space 0, times 0 [ 98.649609][ T6180] CPU: 3 UID: 0 PID: 6180 Comm: syz.1.246 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 98.654333][ T6180] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 98.659047][ T6180] Call Trace: [ 98.660588][ T6180] [ 98.661898][ T6180] dump_stack_lvl+0x16c/0x1f0 [ 98.664014][ T6180] should_fail_ex+0x497/0x5b0 [ 98.666050][ T6180] ? fs_reclaim_acquire+0xae/0x160 [ 98.668318][ T6180] should_failslab+0xc2/0x120 [ 98.670396][ T6180] kmem_cache_alloc_node_noprof+0x71/0x310 [ 98.673004][ T6180] ? __alloc_skb+0x2b3/0x380 [ 98.675105][ T6180] __alloc_skb+0x2b3/0x380 [ 98.677133][ T6180] ? __pfx___alloc_skb+0x10/0x10 [ 98.679296][ T6180] ? __pfx___might_resched+0x10/0x10 [ 98.681584][ T6180] netlink_alloc_large_skb+0x69/0x130 [ 98.684358][ T6180] netlink_sendmsg+0x689/0xd70 [ 98.686267][ T6180] ? __pfx_netlink_sendmsg+0x10/0x10 [ 98.688625][ T6180] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 98.696136][ T6180] ____sys_sendmsg+0x9b4/0xb50 [ 98.697871][ T6180] ? __pfx_____sys_sendmsg+0x10/0x10 [ 98.700197][ T6180] ? get_compat_msghdr+0x11b/0x170 [ 98.702495][ T6180] ? __pfx___lock_acquire+0x10/0x10 [ 98.704824][ T6180] ___sys_sendmsg+0x135/0x1e0 [ 98.707029][ T6180] ? __pfx____sys_sendmsg+0x10/0x10 [ 98.709332][ T6180] ? ksys_write+0x21c/0x260 [ 98.711351][ T6180] ? __fget_light+0x173/0x210 [ 98.713428][ T6180] __sys_sendmsg+0x117/0x1f0 [ 98.715499][ T6180] ? __pfx___sys_sendmsg+0x10/0x10 [ 98.717758][ T6180] __do_fast_syscall_32+0x73/0x120 [ 98.720067][ T6180] do_fast_syscall_32+0x32/0x80 [ 98.722248][ T6180] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 98.724903][ T6180] RIP: 0023:0xf7f11579 [ 98.727369][ T6180] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 98.736014][ T6180] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 98.739700][ T6180] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080 [ 98.743246][ T6180] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 98.746686][ T6180] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 98.750145][ T6180] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 98.753573][ T6180] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 98.757091][ T6180] [ 98.859436][ T35] usb 7-1: Using ep0 maxpacket: 8 [ 98.864665][ T35] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 98.866756][ T6185] random: crng reseeded on system resumption [ 98.868445][ T35] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 98.868463][ T35] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 98.868503][ T35] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 98.882505][ T35] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 98.889012][ T35] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 98.891925][ T35] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 98.923891][ T35] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 98.926800][ T35] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 98.930651][ T35] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 98.950724][ T35] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 98.954828][ T35] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 98.975109][ T35] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 98.978382][ T35] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 98.981385][ T35] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 98.984948][ T35] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 98.989154][ T35] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 98.999379][ T35] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 99.012455][ T35] usb 7-1: string descriptor 0 read error: -22 [ 99.014833][ T35] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 99.018178][ T35] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 99.035003][ T35] adutux 7-1:246.0: interrupt endpoints not found [ 99.092876][ T6186] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 99.109208][ T6186] gre1: entered allmulticast mode [ 99.486890][ T6174] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 99.518128][ T6174] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 99.732365][ T5121] usb 7-1: USB disconnect, device number 5 [ 99.802902][ T6193] FAULT_INJECTION: forcing a failure. [ 99.802902][ T6193] name failslab, interval 1, probability 0, space 0, times 0 [ 99.808567][ T6193] CPU: 3 UID: 0 PID: 6193 Comm: syz.3.249 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 99.813139][ T6193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 99.817345][ T6193] Call Trace: [ 99.818969][ T6193] [ 99.820295][ T6193] dump_stack_lvl+0x16c/0x1f0 [ 99.822493][ T6193] should_fail_ex+0x497/0x5b0 [ 99.824570][ T6193] ? fs_reclaim_acquire+0xae/0x160 [ 99.826848][ T6193] should_failslab+0xc2/0x120 [ 99.828949][ T6193] __kmalloc_noprof+0xcb/0x410 [ 99.831181][ T6193] process_vm_rw_core.constprop.0+0x1e5/0xa10 [ 99.834025][ T6193] ? rcu_is_watching+0x12/0xc0 [ 99.836025][ T6193] ? trace_kmalloc+0x2d/0xe0 [ 99.837997][ T6193] ? copy_compat_iovec_from_user+0x138/0x180 [ 99.841108][ T6193] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 99.843982][ T6193] ? iovec_from_user.part.0+0x7e/0x130 [ 99.846564][ T6193] process_vm_rw+0x301/0x360 [ 99.848372][ T6193] ? __pfx_process_vm_rw+0x10/0x10 [ 99.850664][ T6193] ? ksys_write+0x21c/0x260 [ 99.853048][ T6193] ? __pfx_lock_release+0x10/0x10 [ 99.855564][ T6193] ? ksys_write+0x1ab/0x260 [ 99.857576][ T6193] ? __pfx_ksys_write+0x10/0x10 [ 99.859992][ T6193] __ia32_sys_process_vm_writev+0xdf/0x1b0 [ 99.862650][ T6193] ? lockdep_hardirqs_on+0x7c/0x110 [ 99.864796][ T6193] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 99.867702][ T6193] __do_fast_syscall_32+0x73/0x120 [ 99.871982][ T6193] do_fast_syscall_32+0x32/0x80 [ 99.874413][ T6193] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 99.877570][ T6193] RIP: 0023:0xf73de579 [ 99.879445][ T6193] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 99.887932][ T6193] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 000000000000015c [ 99.891634][ T6193] RAX: ffffffffffffffda RBX: 00000000000000af RCX: 0000000020c22000 [ 99.894923][ T6193] RDX: 000000000000002b RSI: 0000000020c22fa0 RDI: 0000000000000001 [ 99.898156][ T6193] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 99.901589][ T6193] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 99.904852][ T6193] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 99.908015][ T6193] [ 100.018305][ T6196] netlink: 52 bytes leftover after parsing attributes in process `syz.3.250'. [ 100.060844][ T6198] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 3 [ 100.139689][ T6205] Bluetooth: (null): Invalid header checksum [ 100.300072][ T6212] hpfs: bad mount options. [ 100.865327][ T6234] netlink: 52 bytes leftover after parsing attributes in process `syz.3.260'. [ 100.939669][ T6242] FAULT_INJECTION: forcing a failure. [ 100.939669][ T6242] name failslab, interval 1, probability 0, space 0, times 0 [ 100.944437][ T6242] CPU: 0 UID: 0 PID: 6242 Comm: syz.3.264 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 100.948758][ T6242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 100.953169][ T6242] Call Trace: [ 100.957285][ T6242] [ 100.958703][ T6242] dump_stack_lvl+0x16c/0x1f0 [ 100.960760][ T6242] should_fail_ex+0x497/0x5b0 [ 100.962794][ T6242] ? fs_reclaim_acquire+0xae/0x160 [ 100.965087][ T6242] should_failslab+0xc2/0x120 [ 100.967242][ T6242] kmem_cache_alloc_node_noprof+0x71/0x310 [ 100.969843][ T6242] ? __alloc_skb+0x2b3/0x380 [ 100.971994][ T6242] __alloc_skb+0x2b3/0x380 [ 100.973755][ T6242] ? __pfx___alloc_skb+0x10/0x10 [ 100.975913][ T6242] ? __pfx___might_resched+0x10/0x10 [ 100.978238][ T6242] netlink_alloc_large_skb+0x69/0x130 [ 100.980630][ T6242] netlink_sendmsg+0x689/0xd70 [ 100.982831][ T6242] ? __pfx_netlink_sendmsg+0x10/0x10 [ 100.985210][ T6242] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 100.987600][ T6242] ____sys_sendmsg+0x9b4/0xb50 [ 100.989661][ T6242] ? __pfx_____sys_sendmsg+0x10/0x10 [ 100.991812][ T6242] ? get_compat_msghdr+0x11b/0x170 [ 100.994101][ T6242] ? __pfx___lock_acquire+0x10/0x10 [ 100.996408][ T6242] ___sys_sendmsg+0x135/0x1e0 [ 100.998383][ T6242] ? __pfx____sys_sendmsg+0x10/0x10 [ 101.000665][ T6242] ? ksys_write+0x21c/0x260 [ 101.002559][ T6242] ? __fget_light+0x173/0x210 [ 101.004602][ T6242] __sys_sendmsg+0x117/0x1f0 [ 101.006603][ T6242] ? __pfx___sys_sendmsg+0x10/0x10 [ 101.008800][ T6242] __do_fast_syscall_32+0x73/0x120 [ 101.009470][ C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 101.010783][ T6242] do_fast_syscall_32+0x32/0x80 [ 101.010808][ T6242] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 101.019482][ T6242] RIP: 0023:0xf73de579 [ 101.021059][ T6242] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 101.028660][ T6242] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 101.032226][ T6242] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200003c0 [ 101.038449][ T6242] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000 [ 101.039507][ T6238] netlink: 8 bytes leftover after parsing attributes in process `syz.2.262'. [ 101.041778][ T6242] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 101.041793][ T6242] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 101.041804][ T6242] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 101.041847][ T6242] [ 101.048525][ T6238] netlink: 8 bytes leftover after parsing attributes in process `syz.2.262'. [ 101.199507][ T5823] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 101.321592][ T6254] FAULT_INJECTION: forcing a failure. [ 101.321592][ T6254] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 101.331112][ T6254] CPU: 0 UID: 0 PID: 6254 Comm: syz.3.266 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 101.335736][ T6254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 101.340463][ T6254] Call Trace: [ 101.342002][ T6254] [ 101.343359][ T6254] dump_stack_lvl+0x16c/0x1f0 [ 101.345427][ T6254] should_fail_ex+0x497/0x5b0 [ 101.347515][ T6254] _copy_from_user+0x30/0xf0 [ 101.349543][ T6254] __do_compat_sys_kexec_load+0x246/0x330 [ 101.352028][ T6254] ? __pfx___do_compat_sys_kexec_load+0x10/0x10 [ 101.354498][ T6254] __do_fast_syscall_32+0x73/0x120 [ 101.356622][ T6254] do_fast_syscall_32+0x32/0x80 [ 101.358803][ T6254] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 101.361618][ T6254] RIP: 0023:0xf73de579 [ 101.363423][ T6254] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 101.371666][ T6254] RSP: 002b:00000000f56d556c EFLAGS: 00000296 ORIG_RAX: 000000000000011b [ 101.375190][ T6254] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000001 [ 101.378607][ T6254] RDX: 00000000200012c0 RSI: 0000000000160000 RDI: 0000000000000000 [ 101.379621][ T5823] usb 6-1: Using ep0 maxpacket: 8 [ 101.381967][ T6254] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 101.386444][ T5823] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 101.387448][ T6254] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 101.394448][ T6254] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 101.397910][ T6254] [ 101.401785][ T5823] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 101.406827][ T5823] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 101.411854][ T5823] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 101.417473][ T5823] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 101.421540][ T5823] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.637195][ T5823] usb 6-1: GET_CAPABILITIES returned 0 [ 101.641064][ T5823] usbtmc 6-1:16.0: can't read capabilities [ 101.953963][ T1832] usb 6-1: USB disconnect, device number 3 [ 102.069503][ T832] vhci_hcd: vhci_device speed not set [ 102.671951][ T6265] FAULT_INJECTION: forcing a failure. [ 102.671951][ T6265] name failslab, interval 1, probability 0, space 0, times 0 [ 102.677431][ T6265] CPU: 2 UID: 0 PID: 6265 Comm: syz.1.271 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 102.682345][ T6265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 102.686957][ T6265] Call Trace: [ 102.688564][ T6265] [ 102.689836][ T6265] dump_stack_lvl+0x16c/0x1f0 [ 102.692294][ T6265] should_fail_ex+0x497/0x5b0 [ 102.694333][ T6265] ? fs_reclaim_acquire+0xae/0x160 [ 102.696567][ T6265] should_failslab+0xc2/0x120 [ 102.698553][ T6265] kmem_cache_alloc_node_noprof+0x71/0x310 [ 102.700995][ T6265] ? __alloc_skb+0x2b3/0x380 [ 102.702913][ T6265] __alloc_skb+0x2b3/0x380 [ 102.704917][ T6265] ? __pfx___alloc_skb+0x10/0x10 [ 102.707183][ T6265] ? __pfx___might_resched+0x10/0x10 [ 102.709595][ T6265] netlink_alloc_large_skb+0x69/0x130 [ 102.711852][ T6265] netlink_sendmsg+0x689/0xd70 [ 102.713914][ T6265] ? __pfx_netlink_sendmsg+0x10/0x10 [ 102.716152][ T6265] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 102.718397][ T6265] ____sys_sendmsg+0x9b4/0xb50 [ 102.720436][ T6265] ? __pfx_____sys_sendmsg+0x10/0x10 [ 102.722722][ T6265] ? get_compat_msghdr+0x11b/0x170 [ 102.724995][ T6265] ? __pfx___lock_acquire+0x10/0x10 [ 102.727303][ T6265] ___sys_sendmsg+0x135/0x1e0 [ 102.729282][ T6265] ? __pfx____sys_sendmsg+0x10/0x10 [ 102.731930][ T6265] ? ksys_write+0x21c/0x260 [ 102.733956][ T6265] ? __fget_light+0x173/0x210 [ 102.735805][ T6265] __sys_sendmsg+0x117/0x1f0 [ 102.737244][ T6265] ? __pfx___sys_sendmsg+0x10/0x10 [ 102.738916][ T6265] __do_fast_syscall_32+0x73/0x120 [ 102.740899][ T6265] do_fast_syscall_32+0x32/0x80 [ 102.742771][ T6265] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 102.745204][ T6265] RIP: 0023:0xf7f11579 [ 102.746906][ T6265] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 102.754861][ T6265] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 102.758199][ T6265] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200003c0 [ 102.761464][ T6265] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 102.764843][ T6265] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 102.768161][ T6265] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 102.771456][ T6265] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 102.774685][ T6265] [ 103.519191][ T6275] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 104.569449][ T10] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 104.750355][ T10] usb 7-1: Using ep0 maxpacket: 8 [ 104.754248][ T10] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 104.757681][ T10] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 104.761277][ T10] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 104.764992][ T10] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 104.770216][ T10] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 104.774979][ T10] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 104.780407][ T10] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 104.784521][ T10] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 104.787648][ T10] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 104.792730][ T10] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 104.797564][ T10] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 104.802537][ T10] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 104.807842][ T10] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 104.812759][ T10] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 104.816923][ T10] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 104.821587][ T10] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 104.826776][ T10] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 104.831619][ T10] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 104.838783][ T10] usb 7-1: string descriptor 0 read error: -22 [ 104.842676][ T10] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 104.846566][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.857015][ T10] adutux 7-1:246.0: interrupt endpoints not found [ 105.313575][ T6282] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 105.317485][ T6282] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 105.548945][ T57] usb 7-1: USB disconnect, device number 6 [ 106.592036][ T6307] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12) [ 106.594974][ T6307] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 106.600192][ T6307] vhci_hcd vhci_hcd.0: Device attached [ 106.607128][ T6308] vhci_hcd: connection closed [ 106.608755][ T1100] vhci_hcd: stop threads [ 106.613817][ T1100] vhci_hcd: release socket [ 106.615892][ T1100] vhci_hcd: disconnect device [ 107.595467][ T6300] kexec: Could not allocate control_code_buffer [ 107.676447][ T6326] FAULT_INJECTION: forcing a failure. [ 107.676447][ T6326] name failslab, interval 1, probability 0, space 0, times 0 [ 107.687031][ T6326] CPU: 0 UID: 0 PID: 6326 Comm: syz.2.290 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 107.691711][ T6326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 107.696377][ T6326] Call Trace: [ 107.697825][ T6326] [ 107.699124][ T6326] dump_stack_lvl+0x16c/0x1f0 [ 107.701181][ T6326] should_fail_ex+0x497/0x5b0 [ 107.703261][ T6326] ? fs_reclaim_acquire+0xae/0x160 [ 107.705413][ T6326] should_failslab+0xc2/0x120 [ 107.715227][ T6326] __kmalloc_noprof+0xcb/0x410 [ 107.717253][ T6326] tomoyo_encode2+0x100/0x3e0 [ 107.719333][ T6326] tomoyo_realpath_from_path+0x1a7/0x710 [ 107.721460][ T6326] ? tomoyo_profile+0x47/0x60 [ 107.723470][ T6326] tomoyo_path_number_perm+0x245/0x5b0 [ 107.725786][ T6326] ? tomoyo_path_number_perm+0x232/0x5b0 [ 107.727914][ T6326] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 107.730620][ T6326] ? __pfx_lock_release+0x10/0x10 [ 107.732713][ T6326] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 107.735285][ T6326] ? __fget_files+0x256/0x400 [ 107.737308][ T6326] security_file_ioctl_compat+0x75/0xc0 [ 107.739642][ T6326] __do_compat_sys_ioctl+0x5d/0x330 [ 107.741688][ T6326] __do_fast_syscall_32+0x73/0x120 [ 107.743754][ T6326] do_fast_syscall_32+0x32/0x80 [ 107.745850][ T6326] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 107.748520][ T6326] RIP: 0023:0xf749e579 [ 107.750082][ T6326] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 107.757925][ T6326] RSP: 002b:00000000f57b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 107.761397][ T6326] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000541b [ 107.764751][ T6326] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 107.768069][ T6326] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 107.771422][ T6326] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 107.774802][ T6326] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 107.778102][ T6326] [ 107.780385][ T6326] ERROR: Out of memory at tomoyo_realpath_from_path. [ 108.261787][ T39] audit: type=1326 audit(1723263573.337:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6343 comm="syz.1.294" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7fc00000 [ 108.583345][ T5356] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 108.588153][ T5356] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 108.593351][ T5356] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 108.606722][ T5356] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 108.614527][ T5356] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 108.618897][ T5356] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 108.630119][ T4769] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 108.634118][ T4769] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 108.637718][ T4769] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 108.642162][ T4769] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 108.646665][ T4769] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 108.653604][ T4769] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 108.674486][ T6359] netlink: 12 bytes leftover after parsing attributes in process `syz.2.300'. [ 108.678556][ T6359] tipc: Started in network mode [ 108.681084][ T6359] tipc: Node identity 1, cluster identity 4711 [ 108.683847][ T6359] tipc: Node number set to 1 [ 108.912257][ T1104] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.923146][ T6356] chnl_net:caif_netlink_parms(): no params data found [ 108.933803][ T39] audit: type=1326 audit(1723263574.007:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6343 comm="syz.1.294" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7f11579 code=0x7fc00000 [ 109.039554][ T1104] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.106637][ T6372] netlink: 'syz.2.303': attribute type 2 has an invalid length. [ 109.154905][ T1104] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.163708][ T6356] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.166932][ T6356] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.170689][ T6356] bridge_slave_0: entered allmulticast mode [ 109.174783][ T6356] bridge_slave_0: entered promiscuous mode [ 109.205191][ T6356] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.212348][ T6356] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.215290][ T6356] bridge_slave_1: entered allmulticast mode [ 109.220600][ T6356] bridge_slave_1: entered promiscuous mode [ 109.269166][ T1104] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.279570][ T1832] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 109.363663][ T6356] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 109.381252][ T6356] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 109.452261][ T6356] team0: Port device team_slave_0 added [ 109.471302][ T1832] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 109.476718][ T1832] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 109.477937][ T6356] team0: Port device team_slave_1 added [ 109.499579][ T1832] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 109.503540][ T1832] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.510015][ T6367] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 109.519225][ T1832] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 109.595276][ T1104] bridge_slave_1: left allmulticast mode [ 109.597770][ T1104] bridge_slave_1: left promiscuous mode [ 109.606508][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.635461][ T1104] bridge_slave_0: left allmulticast mode [ 109.638509][ T1104] bridge_slave_0: left promiscuous mode [ 109.643272][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.746111][ T832] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 109.815088][ T1832] usb 6-1: USB disconnect, device number 4 [ 109.953945][ T832] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 109.958264][ T832] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 109.965732][ T832] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 109.969873][ T832] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.976886][ T6382] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22 [ 109.987507][ T832] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 110.153892][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 110.182885][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 110.195514][ T1104] bond0 (unregistering): Released all slaves [ 110.268041][ T6356] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 110.276417][ T6356] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.294447][ T6356] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 110.300656][ T6356] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 110.305368][ T6356] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.322357][ T6356] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 110.464129][ T6356] hsr_slave_0: entered promiscuous mode [ 110.468484][ T6356] hsr_slave_1: entered promiscuous mode [ 110.476917][ T6356] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 110.480538][ T6356] Cannot create hsr debugfs directory [ 110.720924][ T5356] Bluetooth: hci0: command tx timeout [ 110.952292][ T1104] hsr_slave_0: left promiscuous mode [ 110.961381][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 110.966983][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 110.972785][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 110.975492][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 111.008275][ T1104] veth1_macvtap: left promiscuous mode [ 111.012168][ T1104] veth0_macvtap: left promiscuous mode [ 111.015304][ T1104] veth1_vlan: left promiscuous mode [ 111.365474][ T6406] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.310'. [ 111.911732][ T1104] team0 (unregistering): Port device team_slave_1 removed [ 112.075856][ T1104] team0 (unregistering): Port device team_slave_0 removed [ 112.406997][ T6411] FAULT_INJECTION: forcing a failure. [ 112.406997][ T6411] name failslab, interval 1, probability 0, space 0, times 0 [ 112.412880][ T6411] CPU: 1 UID: 0 PID: 6411 Comm: syz.1.311 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 112.417487][ T6411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 112.422188][ T6411] Call Trace: [ 112.423776][ T6411] [ 112.425135][ T6411] dump_stack_lvl+0x16c/0x1f0 [ 112.427263][ T6411] should_fail_ex+0x497/0x5b0 [ 112.429333][ T6411] ? fs_reclaim_acquire+0xae/0x160 [ 112.431669][ T6411] should_failslab+0xc2/0x120 [ 112.433782][ T6411] __kmalloc_noprof+0xcb/0x410 [ 112.435813][ T6411] ? __pfx_d_absolute_path+0x10/0x10 [ 112.438194][ T6411] tomoyo_encode2+0x100/0x3e0 [ 112.440312][ T6411] tomoyo_realpath_from_path+0x1a7/0x710 [ 112.442819][ T6411] tomoyo_path_number_perm+0x245/0x5b0 [ 112.445186][ T6411] ? tomoyo_path_number_perm+0x232/0x5b0 [ 112.447548][ T6411] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 112.450173][ T6411] ? __pfx_lock_release+0x10/0x10 [ 112.452175][ T6411] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 112.454741][ T6411] ? __fget_files+0x256/0x400 [ 112.456613][ T6411] security_file_ioctl_compat+0x75/0xc0 [ 112.458754][ T6411] __do_compat_sys_ioctl+0x5d/0x330 [ 112.460746][ T6411] __do_fast_syscall_32+0x73/0x120 [ 112.462696][ T6411] do_fast_syscall_32+0x32/0x80 [ 112.464611][ T6411] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 112.468453][ T6411] RIP: 0023:0xf7f11579 [ 112.470321][ T6411] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 112.478495][ T6411] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 112.482599][ T6411] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000540b [ 112.485995][ T6411] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 112.489477][ T6411] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 112.492922][ T6411] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 112.496340][ T6411] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 112.499846][ T6411] [ 112.505262][ T6411] ERROR: Out of memory at tomoyo_realpath_from_path. [ 112.706528][ T832] usb 7-1: USB disconnect, device number 7 [ 112.799699][ T4769] Bluetooth: hci0: command tx timeout [ 113.254544][ T6424] team0: entered promiscuous mode [ 113.256760][ T6424] team_slave_0: entered promiscuous mode [ 113.272431][ T6424] team_slave_1: entered promiscuous mode [ 113.291172][ T6423] team0: left promiscuous mode [ 113.293534][ T6423] team_slave_0: left promiscuous mode [ 113.296299][ T6423] team_slave_1: left promiscuous mode [ 113.539510][ T35] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 113.613861][ T6356] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 113.621908][ T6356] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 113.628434][ T6356] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 113.640350][ T6356] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 113.727783][ T35] usb 7-1: Using ep0 maxpacket: 8 [ 113.732179][ T35] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 113.735828][ T35] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 113.739073][ T35] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 113.754016][ T35] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 113.758988][ T35] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 113.778754][ T35] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 113.786096][ T35] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 113.793405][ T35] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 113.798117][ T35] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 113.808646][ T35] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 113.813801][ T35] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 113.826354][ T35] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 113.833577][ T35] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 113.837930][ T35] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 113.844734][ T35] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 113.848602][ T35] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 113.852135][ T35] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 113.855841][ T35] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 113.862200][ T35] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 113.867700][ T35] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 113.872018][ T35] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 113.874934][ T6356] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.878189][ T35] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 113.882522][ T35] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 113.886072][ T35] usb 7-1: Product: syz [ 113.887866][ T35] usb 7-1: Manufacturer: syz [ 113.893112][ T6443] FAULT_INJECTION: forcing a failure. [ 113.893112][ T6443] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 113.900250][ T35] usb 7-1: SerialNumber: syz [ 113.902615][ T6443] CPU: 2 UID: 0 PID: 6443 Comm: syz.3.320 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 113.907355][ T6356] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.907563][ T6443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 113.914953][ T6443] Call Trace: [ 113.916480][ T6443] [ 113.917792][ T6443] dump_stack_lvl+0x16c/0x1f0 [ 113.919734][ T6443] should_fail_ex+0x497/0x5b0 [ 113.921717][ T6443] _copy_from_user+0x30/0xf0 [ 113.923586][ T6443] __do_sys_add_key+0x22d/0x460 [ 113.925440][ T6443] ? __pfx___do_sys_add_key+0x10/0x10 [ 113.927526][ T6443] ? ksys_write+0x1ab/0x260 [ 113.929331][ T6443] __do_fast_syscall_32+0x73/0x120 [ 113.931541][ T6443] do_fast_syscall_32+0x32/0x80 [ 113.934028][ T6443] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 113.936793][ T6443] RIP: 0023:0xf73de579 [ 113.938846][ T6443] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 113.947426][ T6443] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 000000000000011e [ 113.950798][ T6443] RAX: ffffffffffffffda RBX: 00000000200003c0 RCX: 0000000020000440 [ 113.954143][ T6443] RDX: 00000000200000c0 RSI: 00000000000000c9 RDI: 00000000fffffffd [ 113.957372][ T6443] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 113.960633][ T6443] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 113.965115][ T6443] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 113.968832][ T6443] [ 113.981778][ T1104] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.984900][ T1104] bridge0: port 1(bridge_slave_0) entered forwarding state [ 113.999485][ T1209] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.002400][ T1209] bridge0: port 2(bridge_slave_1) entered forwarding state [ 114.324464][ T6426] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 114.328453][ T6426] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 114.341595][ T6356] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 114.436802][ T6356] veth0_vlan: entered promiscuous mode [ 114.452589][ T6356] veth1_vlan: entered promiscuous mode [ 114.479927][ T6356] veth0_macvtap: entered promiscuous mode [ 114.489433][ T6356] veth1_macvtap: entered promiscuous mode [ 114.506178][ T6356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.514359][ T6356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.518650][ T6356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.523133][ T6356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.527143][ T6356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.531874][ T6356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.542157][ T6356] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.554325][ T6356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.557049][ T35] adutux 7-1:246.0: ADU100 now attached to /dev/usb/adutux0 [ 114.558853][ T6356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.558865][ T6356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.558878][ T6356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.558887][ T6356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.558898][ T6356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.563004][ T6356] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.588447][ T35] usb 7-1: USB disconnect, device number 8 [ 114.596791][ T6356] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.601832][ T6356] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.605507][ T6356] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.608274][ T6356] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.640323][ T6418] kexec: Could not allocate control_code_buffer [ 114.676486][ T1104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.680665][ T1104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.712770][ T1104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.716567][ T1104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.870284][ T4769] Bluetooth: hci0: command 0x040f tx timeout [ 115.004599][ T6481] netlink: 8 bytes leftover after parsing attributes in process `syz.0.327'. [ 115.681111][ T6499] FAULT_INJECTION: forcing a failure. [ 115.681111][ T6499] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 115.687459][ T6499] CPU: 2 UID: 0 PID: 6499 Comm: syz.3.333 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 115.692129][ T6499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 115.697043][ T6499] Call Trace: [ 115.698638][ T6499] [ 115.699915][ T6499] dump_stack_lvl+0x16c/0x1f0 [ 115.701810][ T6499] should_fail_ex+0x497/0x5b0 [ 115.703995][ T6499] _copy_to_user+0x30/0xc0 [ 115.706059][ T6499] simple_read_from_buffer+0xd0/0x160 [ 115.708504][ T6499] proc_fail_nth_read+0x1b0/0x290 [ 115.711095][ T6499] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 115.713641][ T6499] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 115.716490][ T6499] vfs_read+0x1d4/0xbd0 [ 115.718486][ T6499] ? __fdget_pos+0xeb/0x180 [ 115.719663][ T832] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 115.720760][ T6499] ? __pfx_vfs_read+0x10/0x10 [ 115.726426][ T6499] ? __pfx___mutex_lock+0x10/0x10 [ 115.728799][ T6499] ? __fget_files+0x256/0x400 [ 115.730919][ T6499] ksys_read+0x12f/0x260 [ 115.732758][ T6499] ? __pfx_ksys_read+0x10/0x10 [ 115.735124][ T6499] __do_fast_syscall_32+0x73/0x120 [ 115.737354][ T6499] do_fast_syscall_32+0x32/0x80 [ 115.739474][ T6499] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 115.742688][ T6499] RIP: 0023:0xf73de579 [ 115.744764][ T6499] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 115.753399][ T6499] RSP: 002b:00000000f56f65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 115.757102][ T6499] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f56f6620 [ 115.760697][ T6499] RDX: 000000000000000f RSI: 00000000f73ccff4 RDI: 0000000000000000 [ 115.764255][ T6499] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 115.767700][ T6499] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 115.770967][ T6499] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 115.774387][ T6499] [ 115.932936][ T832] usb 5-1: Using ep0 maxpacket: 8 [ 115.938680][ T832] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 115.963872][ T832] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 115.968718][ T832] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 115.976732][ T832] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 115.982416][ T832] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 115.998867][ T832] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 116.004042][ T832] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.209488][ T5823] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 116.253218][ T832] usb 5-1: usb_control_msg returned -32 [ 116.255933][ T832] usbtmc 5-1:16.0: can't read capabilities [ 116.399524][ T5823] usb 6-1: Using ep0 maxpacket: 8 [ 116.408571][ T5823] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 116.412997][ T5823] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 116.416269][ T5823] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 116.420477][ T5823] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 116.424820][ T5823] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 116.429094][ T5823] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 116.432365][ T6519] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 3 [ 116.434119][ T5823] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 116.443741][ T5823] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 116.446876][ T5823] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 116.450320][ T5823] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 116.455168][ T5823] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 116.461972][ T5823] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 116.466768][ T5823] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 116.471243][ T5823] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 116.476010][ T5823] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 116.480414][ T5823] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 116.484152][ T5823] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 116.488239][ T5823] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 116.493637][ T5823] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 116.498335][ T5823] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 116.503066][ T5823] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 116.511968][ T5823] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 116.519469][ T5823] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 116.524481][ T5823] usb 6-1: Product: syz [ 116.526286][ T5823] usb 6-1: Manufacturer: syz [ 116.528288][ T5823] usb 6-1: SerialNumber: syz [ 116.628310][ T6529] netlink: 12 bytes leftover after parsing attributes in process `syz.0.330'. [ 116.960247][ T5356] Bluetooth: hci0: command 0x040f tx timeout [ 116.983061][ T6507] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 116.989810][ T6507] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 117.494275][ T5823] adutux 6-1:246.0: ADU100 now attached to /dev/usb/adutux1 [ 117.547152][ T5823] usb 6-1: USB disconnect, device number 5 [ 117.902902][ T10] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 118.080676][ T6582] FAULT_INJECTION: forcing a failure. [ 118.080676][ T6582] name failslab, interval 1, probability 0, space 0, times 0 [ 118.086083][ T6582] CPU: 3 UID: 0 PID: 6582 Comm: syz.1.345 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 118.090431][ T6582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 118.099604][ T10] usb 7-1: Using ep0 maxpacket: 8 [ 118.100669][ T6582] Call Trace: [ 118.100681][ T6582] [ 118.100690][ T6582] dump_stack_lvl+0x16c/0x1f0 [ 118.100723][ T6582] should_fail_ex+0x497/0x5b0 [ 118.108649][ T10] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 118.108704][ T6582] should_failslab+0xc2/0x120 [ 118.111841][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 118.115671][ T6582] __kmalloc_cache_noprof+0x6b/0x310 [ 118.115704][ T6582] ? batadv_bla_get_backbone_gw+0x145/0xdc0 [ 118.115731][ T6582] batadv_bla_get_backbone_gw+0x145/0xdc0 [ 118.115759][ T6582] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 118.115791][ T6582] ? batadv_claim_hash_find.isra.0+0x3e9/0x640 [ 118.117962][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 118.121843][ T6582] ? __pfx_batadv_bla_get_backbone_gw+0x10/0x10 [ 118.121872][ T6582] ? batadv_primary_if_get_selected+0x224/0x440 [ 118.121893][ T6582] ? __pfx_batadv_claim_hash_find.isra.0+0x10/0x10 [ 118.124874][ T10] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 118.127419][ T6582] batadv_bla_update_own_backbone_gw.isra.0+0x4e/0x170 [ 118.127440][ T6582] batadv_bla_tx+0x15d/0x20d0 [ 118.127454][ T6582] ? __lock_acquire+0xbb7/0x3cb0 [ 118.127469][ T6582] ? __pfx_batadv_bla_tx+0x10/0x10 [ 118.127488][ T6582] ? lock_acquire+0x1b1/0x560 [ 118.127507][ T6582] ? find_held_lock+0x2d/0x110 [ 118.127523][ T6582] ? batadv_get_vid+0xc2/0x270 [ 118.127541][ T6582] batadv_interface_tx+0x5b9/0x1bb0 [ 118.127566][ T6582] ? __pfx_batadv_interface_tx+0x10/0x10 [ 118.127588][ T6582] ? dev_queue_xmit_nit+0x87e/0xba0 [ 118.127613][ T6582] dev_hard_start_xmit+0x143/0x790 [ 118.127641][ T6582] __dev_queue_xmit+0x7c7/0x4300 [ 118.127669][ T6582] ? __might_fault+0x13b/0x190 [ 118.127694][ T6582] ? __pfx_lock_release+0x10/0x10 [ 118.127718][ T6582] ? __pfx___dev_queue_xmit+0x10/0x10 [ 118.127743][ T6582] ? __might_fault+0xe3/0x190 [ 118.127770][ T6582] ? _copy_from_iter+0x149/0xfc0 [ 118.127789][ T6582] ? skb_copy_bits+0x4e4/0x7b0 [ 118.127811][ T6582] ? packet_parse_headers+0x71e/0xa40 [ 118.127834][ T6582] ? packet_parse_headers+0x72a/0xa40 [ 118.127853][ T6582] ? packet_parse_headers+0x1fc/0xa40 [ 118.127877][ T6582] ? __pfx_packet_parse_headers+0x10/0x10 [ 118.127902][ T6582] packet_xmit+0x23e/0x360 [ 118.127924][ T6582] packet_sendmsg+0x267f/0x5390 [ 118.127957][ T6582] ? __pfx___might_resched+0x10/0x10 [ 118.127980][ T6582] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 118.128009][ T6582] ? aa_sk_perm+0x2f5/0xb40 [ 118.128025][ T6582] ? __pfx___might_resched+0x10/0x10 [ 118.128050][ T6582] ? __pfx_packet_sendmsg+0x10/0x10 [ 118.128070][ T6582] ? __pfx_aa_sk_perm+0x10/0x10 [ 118.128084][ T6582] ? __might_fault+0xe3/0x190 [ 118.128112][ T6582] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 118.128139][ T6582] __sys_sendto+0x47f/0x4e0 [ 118.128158][ T6582] ? __pfx___sys_sendto+0x10/0x10 [ 118.128203][ T6582] ? ksys_write+0x1ab/0x260 [ 118.128225][ T6582] ? __pfx_ksys_write+0x10/0x10 [ 118.128250][ T6582] __ia32_sys_sendto+0xdd/0x1b0 [ 118.128268][ T6582] ? lockdep_hardirqs_on+0x7c/0x110 [ 118.128285][ T6582] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 118.128303][ T6582] __do_fast_syscall_32+0x73/0x120 [ 118.128325][ T6582] do_fast_syscall_32+0x32/0x80 [ 118.128343][ T6582] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 118.128369][ T6582] RIP: 0023:0xf7f11579 [ 118.128382][ T6582] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 118.128397][ T6582] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 118.128415][ T6582] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000 [ 118.128425][ T6582] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000020000080 [ 118.128435][ T6582] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000 [ 118.128445][ T6582] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 118.128455][ T6582] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 118.128476][ T6582] [ 118.301154][ T10] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 118.311757][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.536777][ T10] usb 7-1: GET_CAPABILITIES returned 0 [ 118.539719][ T10] usbtmc 7-1:16.0: can't read capabilities [ 118.622839][ T10] usb 5-1: USB disconnect, device number 2 [ 118.684517][ T6592] FAULT_INJECTION: forcing a failure. [ 118.684517][ T6592] name failslab, interval 1, probability 0, space 0, times 0 [ 118.692151][ T6592] CPU: 0 UID: 0 PID: 6592 Comm: syz.3.350 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 118.698004][ T6592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 118.703192][ T6592] Call Trace: [ 118.704667][ T6592] [ 118.705809][ T6592] dump_stack_lvl+0x16c/0x1f0 [ 118.707946][ T6592] should_fail_ex+0x497/0x5b0 [ 118.710200][ T6592] ? fs_reclaim_acquire+0xae/0x160 [ 118.712495][ T6592] should_failslab+0xc2/0x120 [ 118.714573][ T6592] __kmalloc_noprof+0xcb/0x410 [ 118.716612][ T6592] nla_strdup+0xc6/0x150 [ 118.718513][ T6592] nf_tables_newtable+0xdfc/0x1b20 [ 118.721969][ T6592] ? net_generic+0xea/0x2a0 [ 118.723999][ T6592] ? __pfx_nf_tables_newtable+0x10/0x10 [ 118.726550][ T6592] ? __nla_parse+0x40/0x60 [ 118.729392][ T6592] nfnetlink_rcv_batch+0x1a19/0x24e0 [ 118.731789][ T6592] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 118.734276][ T6592] ? __pfx_lock_release+0x10/0x10 [ 118.736769][ T6592] ? __local_bh_enable_ip+0xa4/0x120 [ 118.739254][ T6592] ? lockdep_hardirqs_on+0x7c/0x110 [ 118.741461][ T6592] ? __pfx___dev_queue_xmit+0x10/0x10 [ 118.743639][ T6592] ? bpf_lsm_capable+0x9/0x10 [ 118.745590][ T6592] ? __nla_parse+0x40/0x60 [ 118.747547][ T6592] nfnetlink_rcv+0x3c3/0x430 [ 118.749419][ T6592] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 118.751688][ T6592] netlink_unicast+0x544/0x830 [ 118.753815][ T6592] ? __pfx_netlink_unicast+0x10/0x10 [ 118.756210][ T6592] ? __phys_addr_symbol+0x30/0x80 [ 118.758543][ T6592] ? __check_object_size+0x497/0x720 [ 118.760934][ T6592] netlink_sendmsg+0x8b8/0xd70 [ 118.763196][ T6592] ? __pfx_netlink_sendmsg+0x10/0x10 [ 118.765574][ T6592] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 118.768196][ T6592] ____sys_sendmsg+0x9b4/0xb50 [ 118.770534][ T6592] ? __pfx_____sys_sendmsg+0x10/0x10 [ 118.772837][ T6592] ? get_compat_msghdr+0x11b/0x170 [ 118.775102][ T6592] ? __pfx___lock_acquire+0x10/0x10 [ 118.777319][ T6592] ___sys_sendmsg+0x135/0x1e0 [ 118.779822][ T6592] ? __pfx____sys_sendmsg+0x10/0x10 [ 118.782068][ T6592] ? ksys_write+0x21c/0x260 [ 118.784071][ T6592] ? __fget_light+0x173/0x210 [ 118.786321][ T6592] __sys_sendmsg+0x117/0x1f0 [ 118.788370][ T6592] ? __pfx___sys_sendmsg+0x10/0x10 [ 118.790706][ T6592] __do_fast_syscall_32+0x73/0x120 [ 118.793098][ T6592] do_fast_syscall_32+0x32/0x80 [ 118.795221][ T6592] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 118.797993][ T6592] RIP: 0023:0xf73de579 [ 118.799784][ T6592] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 118.808337][ T6592] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 118.811645][ T6592] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000002000c2c0 [ 118.815626][ T6592] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 118.819615][ T6592] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 118.823404][ T6592] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 118.827008][ T6592] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 118.830670][ T6592] [ 118.922852][ T1292] usb 7-1: USB disconnect, device number 9 [ 118.947588][ T6598] netlink: 8 bytes leftover after parsing attributes in process `syz.0.352'. [ 119.031051][ T5356] Bluetooth: hci0: command 0x040f tx timeout [ 119.165910][ T6610] fuse: Bad value for 'rootmode' [ 119.169035][ T6610] FAULT_INJECTION: forcing a failure. [ 119.169035][ T6610] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 119.177020][ T6610] CPU: 3 UID: 0 PID: 6610 Comm: syz.3.355 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 119.185505][ T6610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 119.190263][ T6610] Call Trace: [ 119.191728][ T6610] [ 119.193063][ T6610] dump_stack_lvl+0x16c/0x1f0 [ 119.195080][ T6610] should_fail_ex+0x497/0x5b0 [ 119.197000][ T6610] _copy_from_user+0x30/0xf0 [ 119.198722][ T6610] generic_map_update_batch+0x3ff/0x5f0 [ 119.200613][ T6610] ? __pfx_generic_map_update_batch+0x10/0x10 [ 119.203054][ T6610] ? __pfx_generic_map_update_batch+0x10/0x10 [ 119.205357][ T6610] bpf_map_do_batch+0x615/0x6e0 [ 119.207787][ T6610] __sys_bpf+0x1fad/0x5600 [ 119.209770][ T6610] ? __pfx___sys_bpf+0x10/0x10 [ 119.211846][ T6610] ? ksys_write+0x12f/0x260 [ 119.213801][ T6610] ? find_held_lock+0x2d/0x110 [ 119.215853][ T6610] ? ksys_write+0x21c/0x260 [ 119.217859][ T6610] ? __pfx_lock_release+0x10/0x10 [ 119.220010][ T6610] ? vfs_write+0x14d/0x1140 [ 119.222033][ T6610] ? __mutex_unlock_slowpath+0x164/0x650 [ 119.224530][ T6610] ? fput+0x32/0x390 [ 119.226306][ T6610] ? ksys_write+0x1ab/0x260 [ 119.228515][ T6610] ? __pfx_ksys_write+0x10/0x10 [ 119.246832][ T6610] __ia32_sys_bpf+0x76/0xe0 [ 119.248861][ T6610] __do_fast_syscall_32+0x73/0x120 [ 119.251386][ T6610] do_fast_syscall_32+0x32/0x80 [ 119.253491][ T6610] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 119.256209][ T6610] RIP: 0023:0xf73de579 [ 119.257932][ T6610] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 119.265409][ T6610] RSP: 002b:00000000f56d556c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 119.268491][ T6610] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 00000000200006c0 [ 119.271427][ T6610] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000 [ 119.274530][ T6610] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 119.277827][ T6610] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 119.281158][ T6610] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 119.284473][ T6610] [ 119.863585][ T6625] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 120.189381][ T5823] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 120.209744][ T6629] dccp_xmit_packet: Payload too large (65475) for featneg. [ 120.381040][ T5823] usb 7-1: too many configurations: 84, using maximum allowed: 8 [ 120.391841][ T5823] usb 7-1: unable to read config index 0 descriptor/start: -61 [ 120.394952][ T5823] usb 7-1: can't read configurations, error -61 [ 120.539385][ T5823] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 120.733106][ T5823] usb 7-1: too many configurations: 84, using maximum allowed: 8 [ 120.740796][ T5823] usb 7-1: unable to read config index 0 descriptor/start: -61 [ 120.744646][ T5823] usb 7-1: can't read configurations, error -61 [ 120.750121][ T5823] usb usb7-port1: attempt power cycle [ 121.179468][ T5823] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 121.212030][ T5823] usb 7-1: too many configurations: 84, using maximum allowed: 8 [ 121.220368][ T5823] usb 7-1: unable to read config index 0 descriptor/start: -61 [ 121.224006][ T5823] usb 7-1: can't read configurations, error -61 [ 121.369414][ T5823] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 121.402896][ T5823] usb 7-1: too many configurations: 84, using maximum allowed: 8 [ 121.440299][ T5823] usb 7-1: unable to read config index 0 descriptor/start: -61 [ 121.443557][ T5823] usb 7-1: can't read configurations, error -61 [ 121.447668][ T5823] usb usb7-port1: unable to enumerate USB device [ 121.680527][ T35] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 121.781066][ T6653] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 121.869426][ T35] usb 6-1: Using ep0 maxpacket: 8 [ 121.876722][ T35] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 121.880701][ T35] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 121.895560][ T35] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 121.905113][ T5356] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 121.911706][ T35] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 121.921675][ T35] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 121.930156][ T35] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 121.933506][ T35] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 121.946106][ T35] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 121.951842][ T35] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 121.957263][ T35] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 121.965299][ T35] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 121.968693][ T35] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 121.975115][ T35] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 121.980781][ T35] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 121.985637][ T35] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 121.996591][ T35] usb 6-1: string descriptor 0 read error: -22 [ 122.002186][ T35] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 122.006190][ T35] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.048082][ T35] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 122.450043][ T58] usb 6-1: USB disconnect, device number 6 [ 123.516832][ T6681] overlayfs: missing 'lowerdir' [ 123.539739][ T6683] FAULT_INJECTION: forcing a failure. [ 123.539739][ T6683] name failslab, interval 1, probability 0, space 0, times 0 [ 123.545065][ T6683] CPU: 0 UID: 0 PID: 6683 Comm: syz.1.381 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 123.549497][ T6683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 123.554257][ T6683] Call Trace: [ 123.555727][ T6683] [ 123.557139][ T6683] dump_stack_lvl+0x16c/0x1f0 [ 123.559123][ T6683] should_fail_ex+0x497/0x5b0 [ 123.561204][ T6683] ? fs_reclaim_acquire+0xae/0x160 [ 123.563163][ T6683] should_failslab+0xc2/0x120 [ 123.565237][ T6683] __kmalloc_cache_node_noprof+0x6e/0x360 [ 123.567652][ T6683] ? __get_vm_area_node+0xe1/0x2d0 [ 123.569845][ T6683] __get_vm_area_node+0xe1/0x2d0 [ 123.571665][ T6683] ? mark_lock+0xb5/0xc60 [ 123.573326][ T6683] __vmalloc_node_range_noprof+0x276/0x1520 [ 123.575603][ T6683] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 123.577984][ T6683] ? mark_lock+0xb5/0xc60 [ 123.579840][ T6683] ? __pfx_mark_lock+0x10/0x10 [ 123.581986][ T6683] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 123.584588][ T6683] ? mark_lock+0xb5/0xc60 [ 123.586505][ T6683] ? aa_get_newest_label+0x376/0x680 [ 123.588872][ T6683] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 123.591809][ T6683] ? __pfx_aa_get_newest_label+0x10/0x10 [ 123.594199][ T6683] ? mark_lock+0xb5/0xc60 [ 123.605886][ T6683] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 123.608413][ T6683] __vmalloc_noprof+0x6d/0x90 [ 123.610493][ T6683] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 123.612953][ T6683] bpf_prog_alloc_no_stats+0x54/0x5e0 [ 123.615784][ T6683] bpf_prog_alloc+0x3b/0x240 [ 123.618276][ T6683] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 123.621173][ T6683] bpf_prog_load+0x1758/0x2670 [ 123.623351][ T6683] ? hlock_class+0x4e/0x130 [ 123.625391][ T6683] ? __pfx_bpf_prog_load+0x10/0x10 [ 123.627713][ T6683] ? find_held_lock+0x2d/0x110 [ 123.629692][ T6683] ? security_bpf+0x8c/0xc0 [ 123.631644][ T6683] __sys_bpf+0x9e0/0x5600 [ 123.633616][ T6683] ? __pfx___sys_bpf+0x10/0x10 [ 123.636132][ T6683] ? ksys_write+0x12f/0x260 [ 123.638247][ T6683] ? find_held_lock+0x2d/0x110 [ 123.640472][ T6683] ? ksys_write+0x21c/0x260 [ 123.642539][ T6683] ? __pfx_lock_release+0x10/0x10 [ 123.644685][ T6683] ? vfs_write+0x14d/0x1140 [ 123.646543][ T6683] ? __mutex_unlock_slowpath+0x164/0x650 [ 123.649078][ T6683] ? fput+0x32/0x390 [ 123.650852][ T6683] ? ksys_write+0x1ab/0x260 [ 123.652610][ T6683] ? __pfx_ksys_write+0x10/0x10 [ 123.655189][ T6683] __ia32_sys_bpf+0x76/0xe0 [ 123.657055][ T6683] __do_fast_syscall_32+0x73/0x120 [ 123.659809][ T6683] do_fast_syscall_32+0x32/0x80 [ 123.670985][ T6683] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 123.673964][ T6683] RIP: 0023:0xf7f11579 [ 123.675941][ T6683] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 123.684411][ T6683] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 123.688185][ T6683] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200003c0 [ 123.693155][ T6683] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000 [ 123.705518][ T6683] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 123.708913][ T6683] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 123.712179][ T6683] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 123.716181][ T6683] [ 123.725021][ T6683] syz.1.381: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 123.732578][ T6683] CPU: 0 UID: 0 PID: 6683 Comm: syz.1.381 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 123.737627][ T6683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 123.742513][ T6683] Call Trace: [ 123.744041][ T6683] [ 123.745339][ T6683] dump_stack_lvl+0x16c/0x1f0 [ 123.747485][ T6683] warn_alloc+0x24d/0x3a0 [ 123.749371][ T6683] ? __pfx_warn_alloc+0x10/0x10 [ 123.753694][ T6683] ? fs_reclaim_acquire+0xae/0x160 [ 123.755928][ T6683] ? trace_kmalloc+0x2d/0xe0 [ 123.757964][ T6683] ? __kasan_kmalloc+0x8a/0xb0 [ 123.760066][ T6683] ? __get_vm_area_node+0x1bc/0x2d0 [ 123.762334][ T6683] __vmalloc_node_range_noprof+0xc1e/0x1520 [ 123.764936][ T6683] ? mark_lock+0xb5/0xc60 [ 123.766876][ T6683] ? __pfx_mark_lock+0x10/0x10 [ 123.769089][ T6683] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 123.771925][ T6683] ? mark_lock+0xb5/0xc60 [ 123.773961][ T6683] ? aa_get_newest_label+0x376/0x680 [ 123.776020][ T6683] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 123.778799][ T6683] ? __pfx_aa_get_newest_label+0x10/0x10 [ 123.781560][ T6683] ? mark_lock+0xb5/0xc60 [ 123.784167][ T6683] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 123.786845][ T6683] __vmalloc_noprof+0x6d/0x90 [ 123.789095][ T6683] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 123.791509][ T6683] bpf_prog_alloc_no_stats+0x54/0x5e0 [ 123.793859][ T6683] bpf_prog_alloc+0x3b/0x240 [ 123.795861][ T6683] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 123.798487][ T6683] bpf_prog_load+0x1758/0x2670 [ 123.809499][ T6683] ? hlock_class+0x4e/0x130 [ 123.811465][ T6683] ? __pfx_bpf_prog_load+0x10/0x10 [ 123.813823][ T6683] ? find_held_lock+0x2d/0x110 [ 123.815751][ T6683] ? security_bpf+0x8c/0xc0 [ 123.817757][ T6683] __sys_bpf+0x9e0/0x5600 [ 123.819641][ T6683] ? __pfx___sys_bpf+0x10/0x10 [ 123.821897][ T6683] ? ksys_write+0x12f/0x260 [ 123.823925][ T6683] ? find_held_lock+0x2d/0x110 [ 123.826026][ T6683] ? ksys_write+0x21c/0x260 [ 123.828218][ T6683] ? __pfx_lock_release+0x10/0x10 [ 123.830819][ T6683] ? vfs_write+0x14d/0x1140 [ 123.833032][ T6683] ? __mutex_unlock_slowpath+0x164/0x650 [ 123.835432][ T6683] ? fput+0x32/0x390 [ 123.837300][ T6683] ? ksys_write+0x1ab/0x260 [ 123.839323][ T6683] ? __pfx_ksys_write+0x10/0x10 [ 123.841451][ T6683] __ia32_sys_bpf+0x76/0xe0 [ 123.843482][ T6683] __do_fast_syscall_32+0x73/0x120 [ 123.845731][ T6683] do_fast_syscall_32+0x32/0x80 [ 123.847830][ T6683] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 123.850805][ T6683] RIP: 0023:0xf7f11579 [ 123.852474][ T6683] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 123.861325][ T6683] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 123.865767][ T6683] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200003c0 [ 123.869590][ T6683] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000 [ 123.873112][ T6683] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 123.876811][ T6683] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 123.880918][ T6683] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 123.884654][ T6683] [ 123.886437][ T6683] Mem-Info: [ 123.887839][ T6683] active_anon:2522 inactive_anon:455 isolated_anon:0 [ 123.887839][ T6683] active_file:2589 inactive_file:38744 isolated_file:0 [ 123.887839][ T6683] unevictable:787 dirty:194 writeback:0 [ 123.887839][ T6683] slab_reclaimable:4534 slab_unreclaimable:52403 [ 123.887839][ T6683] mapped:16600 shmem:806 pagetables:700 [ 123.887839][ T6683] sec_pagetables:324 bounce:0 [ 123.887839][ T6683] kernel_misc_reclaimable:0 [ 123.887839][ T6683] free:108635 free_pcp:14846 free_cma:0 [ 123.912881][ T6683] Node 0 active_anon:2224kB inactive_anon:96kB active_file:2152kB inactive_file:336kB unevictable:1612kB isolated(anon):0kB isolated(file):0kB mapped:12616kB dirty:204kB writeback:0kB shmem:2112kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10244kB pagetables:2224kB sec_pagetables:1256kB all_unreclaimable? no [ 123.929795][ T6683] Node 1 active_anon:6964kB inactive_anon:428kB active_file:9244kB inactive_file:153628kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:53712kB dirty:592kB writeback:0kB shmem:1108kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:744kB pagetables:584kB sec_pagetables:40kB all_unreclaimable? no [ 123.945268][ T6683] Node 0 DMA free:1008kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:192kB local_pcp:136kB free_cma:0kB [ 123.962471][ T6683] lowmem_reserve[]: 0 369 0 0 0 [ 123.965326][ T6683] Node 0 DMA32 free:29800kB boost:0kB min:18816kB low:23520kB high:28224kB reserved_highatomic:4096KB active_anon:120kB inactive_anon:2200kB active_file:752kB inactive_file:1736kB unevictable:1612kB writepending:204kB present:1032192kB managed:405700kB mlocked:76kB bounce:0kB free_pcp:4700kB local_pcp:852kB free_cma:0kB [ 123.979804][ T6683] lowmem_reserve[]: 0 0 0 0 0 [ 123.980323][ T6690] netlink: 152 bytes leftover after parsing attributes in process `syz.0.384'. [ 123.985592][ T6683] Node 1 DMA32 free:416060kB boost:0kB min:47052kB low:58812kB high:70572kB reserved_highatomic:0KB active_anon:6864kB inactive_anon:428kB active_file:9244kB inactive_file:153628kB unevictable:1536kB writepending:592kB present:1048436kB managed:946208kB mlocked:0kB bounce:0kB free_pcp:44716kB local_pcp:14436kB free_cma:0kB [ 124.002142][ T6683] lowmem_reserve[]: 0 0 0 0 0 [ 124.004436][ T6683] Node 0 DMA: 15*4kB (U) 10*8kB (U) 12*16kB (U) 24*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 1100kB [ 124.015624][ T6683] Node 0 DMA32: 340*4kB (UMEH) 280*8kB (UMEH) 30*16kB (UMEH) 170*32kB (UMEH) 58*64kB (UMEH) 36*128kB (UMEH) 25*256kB (UMEH) 9*512kB (UM) 1*1024kB (U) 1*2048kB (U) 0*4096kB = 31920kB [ 124.026076][ T6683] Node 1 DMA32: 19*4kB (UM) 22*8kB (UM) 16*16kB (UME) 22*32kB (UME) 27*64kB (UME) 92*128kB (UME) 62*256kB (UM) 75*512kB (UME) 29*1024kB (UME) 19*2048kB (UME) 68*4096kB (UM) = 416124kB [ 124.037679][ T6683] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 124.041857][ T6683] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 124.062532][ T6683] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 124.074284][ T6683] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 124.078257][ T6683] 42830 total pagecache pages [ 124.082721][ T6683] 664 pages in swap cache [ 124.084600][ T6683] Free swap = 106436kB [ 124.087381][ T6683] Total swap = 124996kB [ 124.093721][ T6683] 524155 pages RAM [ 124.096580][ T6683] 0 pages HighMem/MovableOnly [ 124.100002][ T6683] 182338 pages reserved [ 124.104310][ T6683] 0 pages cma reserved [ 124.485487][ T6716] netlink: 4 bytes leftover after parsing attributes in process `syz.1.391'. [ 124.892380][ T6724] netlink: 2028 bytes leftover after parsing attributes in process `syz.0.392'. [ 124.902691][ T6724] netlink: 20 bytes leftover after parsing attributes in process `syz.0.392'. [ 124.907197][ T6724] FAULT_INJECTION: forcing a failure. [ 124.907197][ T6724] name failslab, interval 1, probability 0, space 0, times 0 [ 124.918230][ T6724] CPU: 0 UID: 0 PID: 6724 Comm: syz.0.392 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 124.922992][ T6724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 124.927763][ T6724] Call Trace: [ 124.929236][ T6724] [ 124.930556][ T6724] dump_stack_lvl+0x16c/0x1f0 [ 124.932428][ T6724] should_fail_ex+0x497/0x5b0 [ 124.934382][ T6724] ? fs_reclaim_acquire+0xae/0x160 [ 124.936876][ T6724] should_failslab+0xc2/0x120 [ 124.939145][ T6724] __kmalloc_node_noprof+0xd1/0x440 [ 124.941336][ T6724] ? __kvmalloc_node_noprof+0x9d/0x1a0 [ 124.943741][ T6724] __kvmalloc_node_noprof+0x9d/0x1a0 [ 124.946149][ T6724] alloc_netdev_mqs+0xa95/0x1290 [ 124.948246][ T6724] rtnl_create_link+0xbed/0xf10 [ 124.950315][ T6724] __rtnl_newlink+0x10b3/0x1960 [ 124.952628][ T6724] ? __pfx___rtnl_newlink+0x10/0x10 [ 124.955562][ T6724] rtnl_newlink+0x67/0xa0 [ 124.957575][ T6724] ? __pfx_rtnl_newlink+0x10/0x10 [ 124.959728][ T6724] rtnetlink_rcv_msg+0x3c7/0xea0 [ 124.962215][ T6724] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 124.964693][ T6724] ? __pfx___dev_queue_xmit+0x10/0x10 [ 124.966981][ T6724] netlink_rcv_skb+0x165/0x410 [ 124.969019][ T6724] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 124.971448][ T6724] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 124.973814][ T6724] ? netlink_deliver_tap+0x1ae/0xcf0 [ 124.976144][ T6724] netlink_unicast+0x544/0x830 [ 124.978242][ T6724] ? __pfx_netlink_unicast+0x10/0x10 [ 124.980507][ T6724] ? const_folio_flags.constprop.0+0x56/0x150 [ 124.983192][ T6724] ? __phys_addr_symbol+0x30/0x80 [ 124.985489][ T6724] ? __check_object_size+0x497/0x720 [ 124.987902][ T6724] netlink_sendmsg+0x8b8/0xd70 [ 124.990114][ T6724] ? __pfx_netlink_sendmsg+0x10/0x10 [ 124.992539][ T6724] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 124.995194][ T6724] sock_sendmsg+0x369/0x410 [ 124.997345][ T6724] ? pipe_lock+0x64/0x80 [ 124.999330][ T6724] ? __pfx_sock_sendmsg+0x10/0x10 [ 125.001643][ T6724] splice_to_socket+0xab2/0x1040 [ 125.003771][ T6724] ? __pfx_splice_to_socket+0x10/0x10 [ 125.006082][ T6724] ? apparmor_file_permission+0x251/0x410 [ 125.008391][ T6724] ? bpf_lsm_file_permission+0x9/0x10 [ 125.010643][ T6724] ? security_file_permission+0x98/0xc0 [ 125.012827][ T6724] ? __pfx_splice_to_socket+0x10/0x10 [ 125.015168][ T6724] do_splice+0x148c/0x1f90 [ 125.017152][ T6724] ? find_held_lock+0x2d/0x110 [ 125.019163][ T6724] ? __pfx_do_splice+0x10/0x10 [ 125.021184][ T6724] ? __pfx_pipe_clear_nowait+0x10/0x10 [ 125.023667][ T6724] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 125.026868][ T6724] __do_splice+0x327/0x360 [ 125.029061][ T6724] ? __pfx___do_splice+0x10/0x10 [ 125.031681][ T6724] __ia32_sys_splice+0x1d0/0x260 [ 125.034194][ T6724] __do_fast_syscall_32+0x73/0x120 [ 125.036302][ T6724] do_fast_syscall_32+0x32/0x80 [ 125.038525][ T6724] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 125.041306][ T6724] RIP: 0023:0xf7f98579 [ 125.043147][ T6724] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 125.051800][ T6724] RSP: 002b:00000000f572556c EFLAGS: 00000296 ORIG_RAX: 0000000000000139 [ 125.056344][ T6724] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 125.059736][ T6724] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 000000000004ffe2 [ 125.063411][ T6724] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 125.067048][ T6724] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 125.070439][ T6724] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 125.073770][ T6724] [ 125.631085][ T6750] netlink: 8 bytes leftover after parsing attributes in process `syz.2.402'. [ 125.636801][ T6750] capability: warning: `syz.2.402' uses deprecated v2 capabilities in a way that may be insecure [ 125.749437][ T10] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 125.915078][ T6762] netlink: 40 bytes leftover after parsing attributes in process `syz.0.408'. [ 125.939539][ T10] usb 6-1: Using ep0 maxpacket: 8 [ 125.960817][ T10] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 125.968254][ T10] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 125.981296][ T10] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 125.998703][ T10] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 126.012979][ T10] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 126.017924][ T10] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 126.033398][ T10] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 126.046934][ T10] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 126.059621][ T10] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 126.063764][ T10] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 126.074802][ T10] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 126.104053][ T10] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 126.119330][ T10] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 126.133667][ T10] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 126.150387][ T10] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 126.155621][ T10] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 126.165331][ T10] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 126.180777][ T10] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 126.191991][ T10] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 126.206434][ T10] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 126.219503][ T10] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 126.240720][ T10] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 126.244513][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 126.255387][ T10] usb 6-1: Product: syz [ 126.258351][ T10] usb 6-1: Manufacturer: syz [ 126.265640][ T10] usb 6-1: SerialNumber: syz [ 126.824480][ T6746] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 126.830713][ T6746] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 127.097968][ T10] adutux 6-1:246.0: ADU100 now attached to /dev/usb/adutux0 [ 127.124992][ T10] usb 6-1: USB disconnect, device number 7 [ 127.242197][ T5356] Bluetooth: hci0: ISO packet for unknown connection handle 3108 [ 129.099680][ T8] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 129.295435][ T8] usb 6-1: Using ep0 maxpacket: 8 [ 129.301470][ T8] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 129.306080][ T8] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 129.315751][ T8] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 129.320831][ T8] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 129.333073][ T8] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 129.337614][ T8] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 129.342466][ T8] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 129.352715][ T8] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 129.356885][ T8] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 129.360769][ T8] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 129.365222][ T8] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 129.370827][ T8] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 129.376351][ T8] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 129.382163][ T8] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 129.390480][ T8] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 129.395263][ T8] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 129.400284][ T8] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 129.417943][ T8] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 129.423464][ T8] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 129.428825][ T8] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 129.437816][ T8] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 129.461399][ T8] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 129.472547][ T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 129.480825][ T8] usb 6-1: Product: syz [ 129.484996][ T8] usb 6-1: Manufacturer: syz [ 129.487222][ T8] usb 6-1: SerialNumber: syz [ 129.988553][ T6803] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 129.998568][ T6803] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 130.204133][ T6828] FAULT_INJECTION: forcing a failure. [ 130.204133][ T6828] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 130.232918][ T6828] CPU: 2 UID: 0 PID: 6828 Comm: syz.0.429 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 130.237645][ T6828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 130.241924][ T6828] Call Trace: [ 130.243254][ T6828] [ 130.244446][ T6828] dump_stack_lvl+0x16c/0x1f0 [ 130.246410][ T6828] should_fail_ex+0x497/0x5b0 [ 130.248329][ T6828] save_fsave_header+0x17c/0x2e0 [ 130.250338][ T6828] ? __pfx_save_fsave_header+0x10/0x10 [ 130.252475][ T6828] ? copy_fpstate_to_sigframe+0x2b2/0xaa0 [ 130.254742][ T6828] ? __local_bh_enable_ip+0xa4/0x120 [ 130.256888][ T6828] copy_fpstate_to_sigframe+0x734/0xaa0 [ 130.259135][ T6828] ? __pfx_copy_fpstate_to_sigframe+0x10/0x10 [ 130.261320][ T6828] ? __pfx_lock_acquire+0x10/0x10 [ 130.263190][ T6828] ? do_raw_spin_unlock+0x172/0x230 [ 130.265378][ T6828] ? do_raw_spin_lock+0x12d/0x2c0 [ 130.267489][ T6828] get_sigframe+0x455/0x930 [ 130.269347][ T6828] ? __pfx_get_sigframe+0x10/0x10 [ 130.271368][ T6828] ? _raw_spin_unlock_irq+0x29/0x50 [ 130.273452][ T6828] ? siginfo_layout+0x177/0x290 [ 130.275611][ T6828] ia32_setup_rt_frame+0xe4/0xb20 [ 130.277669][ T6828] ? __pfx_ia32_setup_rt_frame+0x10/0x10 [ 130.279908][ T6828] arch_do_signal_or_restart+0x47b/0x7e0 [ 130.282095][ T6828] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 130.285061][ T6828] ? __pfx_ksys_write+0x10/0x10 [ 130.286997][ T6828] syscall_exit_to_user_mode+0x150/0x2a0 [ 130.289206][ T6828] __do_fast_syscall_32+0x80/0x120 [ 130.291248][ T6828] do_fast_syscall_32+0x32/0x80 [ 130.293281][ T6828] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 130.296017][ T6828] RIP: 0023:0xf7f98577 [ 130.297666][ T6828] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 [ 130.305175][ T6828] RSP: 002b:00000000f574656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 130.308343][ T6828] RAX: 0000000000000151 RBX: 0000000000000003 RCX: 0000000020000bc0 [ 130.311419][ T6828] RDX: 000000000000005d RSI: 0000000000000122 RDI: 0000000000000000 [ 130.314508][ T6828] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 130.317607][ T6828] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 130.320371][ T6828] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 130.323109][ T6828] [ 130.356786][ T8] adutux 6-1:246.0: ADU100 now attached to /dev/usb/adutux0 [ 130.365974][ T8] usb 6-1: USB disconnect, device number 8 [ 131.028283][ T6839] FAULT_INJECTION: forcing a failure. [ 131.028283][ T6839] name failslab, interval 1, probability 0, space 0, times 0 [ 131.035098][ T6839] CPU: 3 UID: 0 PID: 6839 Comm: syz.1.433 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 131.041536][ T6839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 131.046827][ T6839] Call Trace: [ 131.048306][ T6839] [ 131.049649][ T6839] dump_stack_lvl+0x16c/0x1f0 [ 131.051889][ T6839] should_fail_ex+0x497/0x5b0 [ 131.054496][ T6839] should_failslab+0xc2/0x120 [ 131.057349][ T6839] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 131.059728][ T6839] ? skb_clone+0x190/0x3f0 [ 131.061852][ T6839] skb_clone+0x190/0x3f0 [ 131.064486][ T6839] ip6_finish_output2+0xc71/0x1890 [ 131.067340][ T6839] ip6_finish_output+0x3f9/0x1300 [ 131.070034][ T6839] ip6_output+0x1f8/0x540 [ 131.072103][ T6839] ? __pfx_ip6_output+0x10/0x10 [ 131.074228][ T6839] ip6_local_out+0xcd/0x4a0 [ 131.076014][ T6839] ip6_send_skb+0xcd/0x2d0 [ 131.078146][ T6839] udp_v6_send_skb+0x924/0x1870 [ 131.080570][ T6839] udpv6_sendmsg+0x2552/0x3040 [ 131.082719][ T6839] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 131.085209][ T6839] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 131.087510][ T6839] ? __pfx___lock_acquire+0x10/0x10 [ 131.089803][ T6839] ? udp_lib_get_port+0x57e/0x19c0 [ 131.092718][ T6839] ? __pfx___lock_acquire+0x10/0x10 [ 131.095771][ T6839] ? release_sock+0x21/0x220 [ 131.098617][ T6839] ? reacquire_held_locks+0x20b/0x4c0 [ 131.101391][ T6839] ? find_held_lock+0x59/0x110 [ 131.104211][ T6839] ? find_held_lock+0x2d/0x110 [ 131.106568][ T6839] ? __local_bh_enable_ip+0xa4/0x120 [ 131.109094][ T6839] ? lockdep_hardirqs_on+0x7c/0x110 [ 131.111717][ T6839] ? inet_autobind+0x145/0x1a0 [ 131.114035][ T6839] ? __local_bh_enable_ip+0xa4/0x120 [ 131.116947][ T6839] ? inet_autobind+0x14a/0x1a0 [ 131.119872][ T6839] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 131.122351][ T6839] ? inet6_sendmsg+0x105/0x140 [ 131.125169][ T6839] inet6_sendmsg+0x105/0x140 [ 131.127346][ T6839] ____sys_sendmsg+0x64f/0xb50 [ 131.129776][ T6839] ? __pfx_____sys_sendmsg+0x10/0x10 [ 131.132353][ T6839] ? get_compat_msghdr+0x11b/0x170 [ 131.135021][ T6839] ? __pfx___lock_acquire+0x10/0x10 [ 131.137303][ T6839] ___sys_sendmsg+0x135/0x1e0 [ 131.139507][ T6839] ? __pfx____sys_sendmsg+0x10/0x10 [ 131.141912][ T6839] ? __pfx_lock_release+0x10/0x10 [ 131.144245][ T6839] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 131.146847][ T6839] ? __fget_light+0x173/0x210 [ 131.149037][ T6839] __sys_sendmmsg+0x2a5/0x450 [ 131.151170][ T6839] ? __pfx___sys_sendmmsg+0x10/0x10 [ 131.153505][ T6839] ? vfs_write+0x14d/0x1140 [ 131.155756][ T6839] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 131.158960][ T6839] ? fput+0x32/0x390 [ 131.162120][ T6839] ? ksys_write+0x1ab/0x260 [ 131.164456][ T6839] ? __pfx_ksys_write+0x10/0x10 [ 131.166756][ T6839] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 131.169638][ T6839] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 131.172585][ T6839] __do_fast_syscall_32+0x73/0x120 [ 131.174903][ T6839] do_fast_syscall_32+0x32/0x80 [ 131.177429][ T6839] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 131.180580][ T6839] RIP: 0023:0xf7f11579 [ 131.182554][ T6839] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 131.192774][ T6839] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 131.197575][ T6839] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000940 [ 131.201481][ T6839] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 131.205824][ T6839] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 131.210228][ T6839] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 131.214773][ T6839] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 131.219732][ T6839] [ 131.381339][ T6843] netlink: 4 bytes leftover after parsing attributes in process `syz.1.434'. [ 132.401434][ T6857] netlink: 'syz.0.439': attribute type 2 has an invalid length. [ 132.548244][ T6863] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 133.306235][ T6882] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 134.869480][ T35] usb 7-1: new low-speed USB device number 14 using dummy_hcd [ 135.081228][ T35] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 135.085638][ T35] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 10 [ 135.094497][ T35] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 200, setting to 8 [ 135.099212][ T35] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 135.105303][ T35] usb 7-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 135.109174][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.120206][ T35] usb 7-1: config 0 descriptor?? [ 135.125336][ T6894] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 135.128039][ T6907] netlink: 'syz.1.455': attribute type 4 has an invalid length. [ 135.132754][ T6907] netlink: 152 bytes leftover after parsing attributes in process `syz.1.455'. [ 135.442599][ T35] usb 7-1: USB disconnect, device number 14 [ 136.419140][ T6931] nvme_fabrics: missing parameter 'transport=%s' [ 136.423262][ T6931] nvme_fabrics: missing parameter 'nqn=%s' [ 137.179649][ T6953] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 137.342178][ T6958] cgroup: Unknown subsys name 'permit_directio' [ 137.708758][ T6974] random: crng reseeded on system resumption [ 137.993218][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.996223][ T1377] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.801374][ T5455] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 139.009475][ T5455] usb 6-1: Using ep0 maxpacket: 8 [ 139.013905][ T5455] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 139.017787][ T5455] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 139.029329][ T5455] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 139.033626][ T5455] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 139.051480][ T5455] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 139.057033][ T5455] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 139.067066][ T5455] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 139.075614][ T5455] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 139.079924][ T5455] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 139.083147][ T5455] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 139.090047][ T5455] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 139.095047][ T5455] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 139.100470][ T5455] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 139.104846][ T5455] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 139.111252][ T5455] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 139.148531][ T5455] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 139.155350][ T5455] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 139.163654][ T5455] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 139.169908][ T5455] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 139.178599][ T5455] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 139.184091][ T5455] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 139.194383][ T5455] usb 6-1: string descriptor 0 read error: -22 [ 139.197152][ T5455] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 139.202520][ T5455] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 139.224299][ T5455] adutux 6-1:246.0: ADU100 now attached to /dev/usb/adutux0 [ 139.272625][ T7009] FAULT_INJECTION: forcing a failure. [ 139.272625][ T7009] name failslab, interval 1, probability 0, space 0, times 0 [ 139.278081][ T7009] CPU: 3 UID: 0 PID: 7009 Comm: syz.2.490 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 139.286535][ T7009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 139.291037][ T7009] Call Trace: [ 139.292453][ T7009] [ 139.293716][ T7009] dump_stack_lvl+0x16c/0x1f0 [ 139.295719][ T7009] should_fail_ex+0x497/0x5b0 [ 139.297721][ T7009] should_failslab+0xc2/0x120 [ 139.299717][ T7009] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 139.302022][ T7009] ? skb_clone+0x190/0x3f0 [ 139.303926][ T7009] skb_clone+0x190/0x3f0 [ 139.305704][ T7009] netlink_deliver_tap+0xb26/0xcf0 [ 139.307643][ T7009] netlink_unicast+0x606/0x830 [ 139.309693][ T7009] ? __pfx_netlink_unicast+0x10/0x10 [ 139.311789][ T7009] ? __phys_addr_symbol+0x30/0x80 [ 139.313925][ T7009] ? __check_object_size+0x497/0x720 [ 139.316198][ T7009] netlink_sendmsg+0x8b8/0xd70 [ 139.318235][ T7009] ? __pfx_netlink_sendmsg+0x10/0x10 [ 139.320548][ T7009] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 139.322816][ T7009] ____sys_sendmsg+0x9b4/0xb50 [ 139.324833][ T7009] ? __pfx_____sys_sendmsg+0x10/0x10 [ 139.327094][ T7009] ? get_compat_msghdr+0x11b/0x170 [ 139.329082][ T7009] ? __pfx___lock_acquire+0x10/0x10 [ 139.331552][ T7009] ___sys_sendmsg+0x135/0x1e0 [ 139.333764][ T7009] ? __pfx____sys_sendmsg+0x10/0x10 [ 139.335850][ T7009] ? ksys_write+0x21c/0x260 [ 139.337697][ T7009] ? __fget_light+0x173/0x210 [ 139.339575][ T7009] __sys_sendmsg+0x117/0x1f0 [ 139.341393][ T7009] ? __pfx___sys_sendmsg+0x10/0x10 [ 139.343445][ T7009] __do_fast_syscall_32+0x73/0x120 [ 139.345574][ T7009] do_fast_syscall_32+0x32/0x80 [ 139.347760][ T7009] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 139.350567][ T7009] RIP: 0023:0xf749e579 [ 139.352368][ T7009] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 139.361206][ T7009] RSP: 002b:00000000f57b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 139.365263][ T7009] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020004340 [ 139.368956][ T7009] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 139.372456][ T7009] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 139.375957][ T7009] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 139.379325][ T7009] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 139.383486][ T7009] [ 139.440497][ T7012] FAULT_INJECTION: forcing a failure. [ 139.440497][ T7012] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 139.440567][ T7012] [ 139.440571][ T7012] ====================================================== [ 139.440575][ T7012] WARNING: possible circular locking dependency detected [ 139.440580][ T7012] 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 Not tainted [ 139.440587][ T7012] ------------------------------------------------------ [ 139.440591][ T7012] syz.0.491/7012 is trying to acquire lock: [ 139.440598][ T7012] ffffffff8dda7578 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0x12/0x70 [ 139.440632][ T7012] [ 139.440632][ T7012] but task is already holding lock: [ 139.440635][ T7012] ffff88802c32a858 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x5d/0x220 [ 139.440664][ T7012] [ 139.440664][ T7012] which lock already depends on the new lock. [ 139.440664][ T7012] [ 139.440667][ T7012] [ 139.440667][ T7012] the existing dependency chain (in reverse order) is: [ 139.440671][ T7012] [ 139.440671][ T7012] -> #3 (&base->lock){-.-.}-{2:2}: [ 139.440691][ T7012] _raw_spin_lock_irqsave+0x3a/0x60 [ 139.440704][ T7012] lock_timer_base+0x5d/0x220 [ 139.440718][ T7012] __mod_timer+0x426/0xdc0 [ 139.440733][ T7012] add_timer_global+0x8a/0xc0 [ 139.440749][ T7012] __queue_delayed_work+0x1ba/0x2e0 [ 139.440768][ T7012] queue_delayed_work_on+0x12a/0x150 [ 139.440786][ T7012] psi_task_change+0x1b4/0x2e0 [ 139.440800][ T7012] enqueue_task+0x1a5/0x350 [ 139.440819][ T7012] wake_up_new_task+0x5ba/0xd30 [ 139.440835][ T7012] kernel_clone+0x236/0x980 [ 139.440849][ T7012] user_mode_thread+0xb4/0xf0 [ 139.440862][ T7012] rest_init+0x23/0x2b0 [ 139.440877][ T7012] start_kernel+0x3df/0x4c0 [ 139.440896][ T7012] x86_64_start_reservations+0x18/0x30 [ 139.440916][ T7012] x86_64_start_kernel+0xb2/0xc0 [ 139.440934][ T7012] common_startup_64+0x13e/0x148 [ 139.440948][ T7012] [ 139.440948][ T7012] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 139.440963][ T7012] _raw_spin_lock_nested+0x31/0x40 [ 139.440982][ T7012] raw_spin_rq_lock_nested+0x29/0x130 [ 139.440999][ T7012] task_fork_fair+0x73/0x250 [ 139.441012][ T7012] sched_cgroup_fork+0x3cf/0x510 [ 139.441024][ T7012] copy_process+0x4710/0x6f50 [ 139.441037][ T7012] kernel_clone+0xfd/0x980 [ 139.441050][ T7012] user_mode_thread+0xb4/0xf0 [ 139.441063][ T7012] rest_init+0x23/0x2b0 [ 139.441078][ T7012] start_kernel+0x3df/0x4c0 [ 139.441095][ T7012] x86_64_start_reservations+0x18/0x30 [ 139.441114][ T7012] x86_64_start_kernel+0xb2/0xc0 [ 139.441133][ T7012] common_startup_64+0x13e/0x148 [ 139.441145][ T7012] [ 139.441145][ T7012] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 139.441159][ T7012] _raw_spin_lock_irqsave+0x3a/0x60 [ 139.441170][ T7012] try_to_wake_up+0x9a/0x13e0 [ 139.441186][ T7012] up+0x79/0xb0 [ 139.441198][ T7012] console_unlock+0x23e/0x290 [ 139.441217][ T7012] vga_remove_vgacon+0x90/0xd0 [ 139.441233][ T7012] aperture_remove_conflicting_pci_devices+0x17f/0x210 [ 139.441247][ T7012] bochs_pci_probe+0x101/0x1150 [ 139.441266][ T7012] local_pci_probe+0xde/0x1b0 [ 139.441284][ T7012] pci_device_probe+0x29d/0x7b0 [ 139.441294][ T7012] really_probe+0x23e/0xa90 [ 139.441306][ T7012] __driver_probe_device+0x1de/0x440 [ 139.441318][ T7012] driver_probe_device+0x4c/0x1b0 [ 139.441330][ T7012] __driver_attach+0x283/0x580 [ 139.441341][ T7012] bus_for_each_dev+0x13c/0x1d0 [ 139.441358][ T7012] bus_add_driver+0x2e9/0x690 [ 139.441376][ T7012] driver_register+0x15c/0x4b0 [ 139.441389][ T7012] bochs_pci_driver_init+0x67/0x80 [ 139.441432][ T7012] do_one_initcall+0x128/0x630 [ 139.441449][ T7012] kernel_init_freeable+0x660/0xc50 [ 139.441468][ T7012] kernel_init+0x1c/0x2b0 [ 139.441484][ T7012] ret_from_fork+0x45/0x80 [ 139.441501][ T7012] ret_from_fork_asm+0x1a/0x30 [ 139.441519][ T7012] [ 139.441519][ T7012] -> #0 ((console_sem).lock){-.-.}-{2:2}: [ 139.441534][ T7012] __lock_acquire+0x24ed/0x3cb0 [ 139.441550][ T7012] lock_acquire+0x1b1/0x560 [ 139.441565][ T7012] _raw_spin_lock_irqsave+0x3a/0x60 [ 139.441576][ T7012] down_trylock+0x12/0x70 [ 139.441590][ T7012] __down_trylock_console_sem+0x40/0x140 [ 139.441606][ T7012] vprintk_emit+0xe4/0x5a0 [ 139.441617][ T7012] vprintk+0x7f/0xa0 [ 139.441628][ T7012] _printk+0xc8/0x100 [ 139.441643][ T7012] should_fail_ex+0x46c/0x5b0 [ 139.441657][ T7012] strncpy_from_user+0x38/0x320 [ 139.441669][ T7012] strncpy_from_user_nofault+0x7f/0x180 [ 139.441689][ T7012] bpf_probe_read_compat_str+0x131/0x170 [ 139.441703][ T7012] bpf_prog_5c83d719bb699f4a+0x45/0x47 [ 139.441713][ T7012] bpf_trace_run2+0x231/0x590 [ 139.441726][ T7012] enqueue_timer+0x2b4/0x550 [ 139.441741][ T7012] __mod_timer+0x8d7/0xdc0 [ 139.441756][ T7012] sk_reset_timer+0x21/0xc0 [ 139.441768][ T7012] tipc_sk_finish_conn+0x183/0x790 [ 139.441783][ T7012] tipc_socketpair+0x364/0x470 [ 139.441796][ T7012] __sys_socketpair+0x2f0/0x5a0 [ 139.441808][ T7012] __ia32_sys_socketpair+0x95/0x100 [ 139.441820][ T7012] __do_fast_syscall_32+0x73/0x120 [ 139.441834][ T7012] do_fast_syscall_32+0x32/0x80 [ 139.441848][ T7012] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 139.441868][ T7012] [ 139.441868][ T7012] other info that might help us debug this: [ 139.441868][ T7012] [ 139.441872][ T7012] Chain exists of: [ 139.441872][ T7012] (console_sem).lock --> &rq->__lock --> &base->lock [ 139.441872][ T7012] [ 139.441888][ T7012] Possible unsafe locking scenario: [ 139.441888][ T7012] [ 139.441891][ T7012] CPU0 CPU1 [ 139.441894][ T7012] ---- ---- [ 139.441897][ T7012] lock(&base->lock); [ 139.441904][ T7012] lock(&rq->__lock); [ 139.441911][ T7012] lock(&base->lock); [ 139.441918][ T7012] lock((console_sem).lock); [ 139.441924][ T7012] [ 139.441924][ T7012] *** DEADLOCK *** [ 139.441924][ T7012] [ 139.441927][ T7012] 2 locks held by syz.0.491/7012: [ 139.441934][ T7012] #0: ffff88802c32a858 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x5d/0x220 [ 139.441964][ T7012] #1: ffffffff8ddb9420 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1c2/0x590 [ 139.441993][ T7012] [ 139.441993][ T7012] stack backtrace: [ 139.441996][ T7012] CPU: 3 UID: 0 PID: 7012 Comm: syz.0.491 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 139.442012][ T7012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 139.442020][ T7012] Call Trace: [ 139.442025][ T7012] [ 139.442030][ T7012] dump_stack_lvl+0x116/0x1f0 [ 139.442050][ T7012] check_noncircular+0x31a/0x400 [ 139.442068][ T7012] ? __pfx_check_noncircular+0x10/0x10 [ 139.442084][ T7012] ? __pfx__prb_read_valid+0x10/0x10 [ 139.442098][ T7012] ? __pfx_format_decode+0x10/0x10 [ 139.442115][ T7012] ? lockdep_lock+0xc6/0x200 [ 139.442128][ T7012] ? __pfx_lockdep_lock+0x10/0x10 [ 139.442141][ T7012] ? vsnprintf+0x40f/0x1870 [ 139.442159][ T7012] __lock_acquire+0x24ed/0x3cb0 [ 139.442180][ T7012] ? __pfx___lock_acquire+0x10/0x10 [ 139.442198][ T7012] ? vprintk_store+0x222/0xbb0 [ 139.442219][ T7012] lock_acquire+0x1b1/0x560 [ 139.442235][ T7012] ? down_trylock+0x12/0x70 [ 139.442251][ T7012] ? __pfx_lock_acquire+0x10/0x10 [ 139.442268][ T7012] ? __pfx_mark_lock+0x10/0x10 [ 139.442287][ T7012] ? vprintk+0x7f/0xa0 [ 139.442300][ T7012] _raw_spin_lock_irqsave+0x3a/0x60 [ 139.442312][ T7012] ? down_trylock+0x12/0x70 [ 139.442327][ T7012] down_trylock+0x12/0x70 [ 139.442343][ T7012] __down_trylock_console_sem+0x40/0x140 [ 139.442362][ T7012] vprintk_emit+0xe4/0x5a0 [ 139.442375][ T7012] vprintk+0x7f/0xa0 [ 139.442388][ T7012] _printk+0xc8/0x100 [ 139.442404][ T7012] ? __pfx__printk+0x10/0x10 [ 139.442421][ T7012] ? ___ratelimit+0x24c/0x580 [ 139.442439][ T7012] ? __pfx____ratelimit+0x10/0x10 [ 139.442458][ T7012] should_fail_ex+0x46c/0x5b0 [ 139.442474][ T7012] strncpy_from_user+0x38/0x320 [ 139.442488][ T7012] strncpy_from_user_nofault+0x7f/0x180 [ 139.442506][ T7012] bpf_probe_read_compat_str+0x131/0x170 [ 139.442522][ T7012] bpf_prog_5c83d719bb699f4a+0x45/0x47 [ 139.442532][ T7012] bpf_trace_run2+0x231/0x590 [ 139.442548][ T7012] ? __pfx_bpf_trace_run2+0x10/0x10 [ 139.442563][ T7012] ? __pfx_debug_object_activate+0x10/0x10 [ 139.442587][ T7012] enqueue_timer+0x2b4/0x550 [ 139.442605][ T7012] __mod_timer+0x8d7/0xdc0 [ 139.442623][ T7012] ? __pfx___mod_timer+0x10/0x10 [ 139.442642][ T7012] ? net_generic+0xea/0x2a0 [ 139.442656][ T7012] ? __pfx_lock_release+0x10/0x10 [ 139.442674][ T7012] sk_reset_timer+0x21/0xc0 [ 139.442706][ T7012] tipc_sk_finish_conn+0x183/0x790 [ 139.442723][ T7012] tipc_socketpair+0x364/0x470 [ 139.442738][ T7012] ? security_socket_socketpair+0x98/0xc0 [ 139.442755][ T7012] __sys_socketpair+0x2f0/0x5a0 [ 139.442768][ T7012] ? __pfx___sys_socketpair+0x10/0x10 [ 139.442781][ T7012] ? fput+0x32/0x390 [ 139.442796][ T7012] ? __pfx_ksys_write+0x10/0x10 [ 139.442816][ T7012] __ia32_sys_socketpair+0x95/0x100 [ 139.442830][ T7012] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 139.442845][ T7012] __do_fast_syscall_32+0x73/0x120 [ 139.442861][ T7012] do_fast_syscall_32+0x32/0x80 [ 139.442877][ T7012] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 139.442897][ T7012] RIP: 0023:0xf7f98579 [ 139.442907][ T7012] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 139.442920][ T7012] RSP: 002b:00000000f574656c EFLAGS: 00000296 ORIG_RAX: 0000000000000168 [ 139.442932][ T7012] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000000005 [ 139.442941][ T7012] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000000 [ 139.442950][ T7012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 139.442958][ T7012] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 139.442966][ T7012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 139.442980][ T7012] [ 139.628483][ T6984] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 139.628987][ T7012] CPU: 3 UID: 0 PID: 7012 Comm: syz.0.491 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 139.636825][ T6984] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 139.639021][ T7012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 139.892992][ T7012] Call Trace: [ 139.894454][ T7012] [ 139.895827][ T7012] dump_stack_lvl+0x116/0x1f0 [ 139.897981][ T7012] should_fail_ex+0x497/0x5b0 [ 139.900101][ T7012] strncpy_from_user+0x38/0x320 [ 139.902366][ T7012] strncpy_from_user_nofault+0x7f/0x180 [ 139.904779][ T7012] bpf_probe_read_compat_str+0x131/0x170 [ 139.907424][ T7012] bpf_prog_5c83d719bb699f4a+0x45/0x47 [ 139.909915][ T7012] bpf_trace_run2+0x231/0x590 [ 139.912209][ T7012] ? __pfx_bpf_trace_run2+0x10/0x10 [ 139.914793][ T7012] ? __pfx_debug_object_activate+0x10/0x10 [ 139.917279][ T7012] enqueue_timer+0x2b4/0x550 [ 139.919395][ T7012] __mod_timer+0x8d7/0xdc0 [ 139.921367][ T7012] ? __pfx___mod_timer+0x10/0x10 [ 139.923371][ T7012] ? net_generic+0xea/0x2a0 [ 139.925282][ T7012] ? __pfx_lock_release+0x10/0x10 [ 139.927842][ T7012] sk_reset_timer+0x21/0xc0 [ 139.929417][ T7012] tipc_sk_finish_conn+0x183/0x790 [ 139.931492][ T7012] tipc_socketpair+0x364/0x470 [ 139.933673][ T7012] ? security_socket_socketpair+0x98/0xc0 [ 139.936258][ T7012] __sys_socketpair+0x2f0/0x5a0 [ 139.938445][ T7012] ? __pfx___sys_socketpair+0x10/0x10 [ 139.941152][ T7012] ? fput+0x32/0x390 [ 139.943128][ T7012] ? __pfx_ksys_write+0x10/0x10 [ 139.945328][ T7012] __ia32_sys_socketpair+0x95/0x100 [ 139.948800][ T7012] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 139.951431][ T7012] __do_fast_syscall_32+0x73/0x120 [ 139.953993][ T7012] do_fast_syscall_32+0x32/0x80 [ 139.956160][ T7012] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 139.958878][ T7012] RIP: 0023:0xf7f98579 [ 139.960729][ T7012] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 139.969113][ T7012] RSP: 002b:00000000f574656c EFLAGS: 00000296 ORIG_RAX: 0000000000000168 [ 139.972574][ T7012] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000000005 [ 139.975837][ T7012] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000000 [ 139.978846][ T7012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 139.982151][ T7012] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 139.985240][ T7012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 139.987755][ T7012] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 140.674165][ T3687] usb 6-1: USB disconnect, device number 9 [ 140.712410][ T6573] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.824815][ T6573] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.976349][ T6573] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.134434][ T6573] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.267356][ T6573] bridge_slave_1: left allmulticast mode [ 141.270221][ T6573] bridge_slave_1: left promiscuous mode [ 141.272773][ T6573] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.277754][ T6573] bridge_slave_0: left allmulticast mode [ 141.281268][ T6573] bridge_slave_0: left promiscuous mode [ 141.283918][ T6573] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.490590][ T6573] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 141.495698][ T6573] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 141.499948][ T6573] bond0 (unregistering): Released all slaves [ 141.822782][ T6573] hsr_slave_0: left promiscuous mode [ 141.825544][ T6573] hsr_slave_1: left promiscuous mode [ 141.829190][ T6573] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 141.833430][ T6573] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 141.838227][ T6573] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 141.842236][ T6573] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 141.847522][ T6573] veth1_macvtap: left promiscuous mode [ 141.851463][ T6573] veth0_macvtap: left promiscuous mode [ 141.854301][ T6573] veth1_vlan: left promiscuous mode [ 141.857534][ T6573] veth0_vlan: left promiscuous mode [ 142.133877][ T6573] team0 (unregistering): Port device team_slave_1 removed [ 142.183167][ T6573] team0 (unregistering): Port device team_slave_0 removed [ 142.827565][ T6573] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.921327][ T6573] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.998259][ T6573] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.076705][ T6573] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.160062][ T6573] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.236961][ T6573] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.311984][ T6573] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.375171][ T6573] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.488574][ T6573] bridge_slave_1: left allmulticast mode [ 143.494430][ T6573] bridge_slave_1: left promiscuous mode [ 143.497053][ T6573] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.503890][ T6573] bridge_slave_0: left allmulticast mode [ 143.506449][ T6573] bridge_slave_0: left promiscuous mode [ 143.508982][ T6573] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.516640][ T6573] bridge_slave_1: left allmulticast mode [ 143.518988][ T6573] bridge_slave_1: left promiscuous mode [ 143.521972][ T6573] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.527077][ T6573] bridge_slave_0: left allmulticast mode [ 143.530710][ T6573] bridge_slave_0: left promiscuous mode [ 143.533337][ T6573] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.934125][ T6573] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 143.939412][ T6573] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 143.944453][ T6573] bond0 (unregistering): Released all slaves [ 143.952423][ T6573] bond1 (unregistering): Released all slaves [ 143.963629][ T6573] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 143.969559][ T6573] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 143.974265][ T6573] bond0 (unregistering): Released all slaves [ 144.106140][ T6573] tipc: Left network mode [ 144.580727][ T6573] hsr_slave_0: left promiscuous mode [ 144.583664][ T6573] hsr_slave_1: left promiscuous mode [ 144.586877][ T6573] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 144.590241][ T6573] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 144.594219][ T6573] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 144.597718][ T6573] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 144.604963][ T6573] hsr_slave_0: left promiscuous mode [ 144.607992][ T6573] hsr_slave_1: left promiscuous mode [ 144.614840][ T6573] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 144.618161][ T6573] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 144.622321][ T6573] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 144.625682][ T6573] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 144.632430][ T6573] veth1_macvtap: left promiscuous mode [ 144.634824][ T6573] veth0_macvtap: left promiscuous mode [ 144.637332][ T6573] veth1_vlan: left promiscuous mode [ 144.639969][ T6573] veth0_vlan: left promiscuous mode [ 144.642901][ T6573] veth1_macvtap: left promiscuous mode [ 144.644963][ T6573] veth0_macvtap: left promiscuous mode [ 144.647430][ T6573] veth1_vlan: left promiscuous mode [ 144.649778][ T6573] veth0_vlan: left promiscuous mode [ 144.998030][ T6573] team0 (unregistering): Port device team_slave_1 removed [ 145.044727][ T6573] team0 (unregistering): Port device team_slave_0 removed [ 145.385029][ T6573] team0 (unregistering): Port device team_slave_1 removed [ 145.395378][ T6573] team0 (unregistering): Port device team_slave_0 removed [ 146.347575][ T6573] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.416686][ T6573] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.522148][ T6573] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.594683][ T6573] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.710680][ T6573] bridge_slave_1: left allmulticast mode [ 146.713189][ T6573] bridge_slave_1: left promiscuous mode [ 146.715856][ T6573] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.722653][ T6573] bridge_slave_0: left allmulticast mode [ 146.725847][ T6573] bridge_slave_0: left promiscuous mode [ 146.742884][ T6573] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.927409][ T6573] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 146.932565][ T6573] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 146.937406][ T6573] bond0 (unregistering): Released all slaves [ 147.276202][ T6573] hsr_slave_0: left promiscuous mode [ 147.279211][ T6573] hsr_slave_1: left promiscuous mode [ 147.286307][ T6573] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 147.289517][ T6573] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 147.293201][ T6573] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 147.296343][ T6573] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 147.301945][ T6573] veth1_macvtap: left promiscuous mode [ 147.304467][ T6573] veth0_macvtap: left promiscuous mode [ 147.306641][ T6573] veth1_vlan: left promiscuous mode [ 147.308858][ T6573] veth0_vlan: left promiscuous mode [ 147.559154][ T6573] team0 (unregistering): Port device team_slave_1 removed [ 147.569966][ T6573] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 04:20:04 Registers: info registers vcpu 0 CPU#0 RAX=00000000001ec264 RBX=0000000000000000 RCX=ffffffff8b065bd9 RDX=ffffed1005806fda RSI=ffffffff8bb04760 RDI=ffffffff81634ddc RBP=fffffbfff1b52af8 RSP=ffffffff8da07e20 R8 =0000000000000000 R9 =ffffed1005806fd9 R10=ffff88802c037ecb R11=ffff888016ab7400 R12=0000000000000000 R13=ffffffff8da957c0 R14=ffffffff901121d8 R15=0000000000000000 RIP=ffffffff8b066fcf RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7455008 CR3=000000000db7c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001c000000000 0000000600000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=fffff520018e6f32 RBX=1ffff920018e6f32 RCX=ffffc90022d82000 RDX=0000000000000000 RSI=000000000000009a RDI=ffffffff8bafefc0 RBP=0000000000000000 RSP=ffffc9000c737978 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=ffffffff8bafefc0 R13=000000000000009a R14=ffffc9000c737b40 R15=0000000020abae20 RIP=ffffffff8b064e74 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c100000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020aba018 CR3=0000000045de4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000123dac RBX=0000000000000002 RCX=ffffffff8b065bd9 RDX=ffffed1005846fda RSI=ffffffff8bb04760 RDI=ffffffff81634ddc RBP=ffffed1002cfb000 RSP=ffffc90000487e08 R8 =0000000000000000 R9 =ffffed1005846fd9 R10=ffff88802c237ecb R11=0000000000000001 R12=0000000000000002 R13=ffff8880167d8000 R14=ffffffff901121d8 R15=0000000000000000 RIP=ffffffff8b066fcf RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055bf3331b000 CR3=00000000173fe000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=16ff622f16ff622f 16ff622f16ff622f 16ff622f16ff622f 16ff622f16ff622f 16ff622f16ff622f 16ff622f16ff622f 16ff622f16ff622f 16ff622f16ff622f ZMM22=d3c95d7dd3c95d7d d3c95d7dd3c95d7d d3c95d7dd3c95d7d d3c95d7dd3c95d7d d3c95d7dd3c95d7d d3c95d7dd3c95d7d d3c95d7dd3c95d7d d3c95d7dd3c95d7d ZMM23=2cf35f202cf35f20 2cf35f202cf35f20 2cf35f202cf35f20 2cf35f202cf35f20 2cf35f202cf35f20 2cf35f202cf35f20 2cf35f202cf35f20 2cf35f202cf35f20 ZMM24=538866f6538866f6 538866f6538866f6 538866f6538866f6 538866f6538866f6 538866f6538866f6 538866f6538866f6 538866f6538866f6 538866f6538866f6 ZMM25=f33efa55f33efa55 f33efa55f33efa55 f33efa55f33efa55 f33efa55f33efa55 f33efa55f33efa55 f33efa55f33efa55 f33efa55f33efa55 f33efa55f33efa55 ZMM26=ad8a28cbad8a28cb ad8a28cbad8a28cb ad8a28cbad8a28cb ad8a28cbad8a28cb ad8a28cbad8a28cb ad8a28cbad8a28cb ad8a28cbad8a28cb ad8a28cbad8a28cb ZMM27=c37b9096c37b9096 c37b9096c37b9096 c37b9096c37b9096 c37b9096c37b9096 c37b9096c37b9096 c37b9096c37b9096 c37b9096c37b9096 c37b9096c37b9096 ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=ec040000ec040000 ec040000ec040000 ec040000ec040000 ec040000ec040000 ec040000ec040000 ec040000ec040000 ec040000ec040000 ec040000ec040000 info registers vcpu 3 CPU#3 RAX=0000000000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff84fa72f5 RDI=ffffffff9511c340 RBP=ffffffff9511c300 RSP=ffffc90023307638 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e31312e36 R12=0000000000000000 R13=0000000000000005 R14=ffffffff84fa7290 R15=0000000000000000 RIP=ffffffff84fa731f RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c300000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f5745fbc CR3=0000000020dcc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000