last executing test programs: 4.878979231s ago: executing program 2 (id=3445): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$TIPC_IMPORTANCE(r1, 0x10f, 0x7f, &(0x7f00000006c0), &(0x7f0000000700)=0x4) sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)={0x44, 0x0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_KEY={0x28, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "403a050c5bae9c544ef2b6d713459a7a"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0xfdb7}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5}]}]}, 0x44}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x20000010}, 0xc, &(0x7f0000000600)={&(0x7f0000000540)={0x90, 0x0, 0x400, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_SEC_OUT_LEVEL={0x8, 0x2a, 0x6}, @NL802154_ATTR_SEC_ENABLED={0x5, 0x29, 0x1}, @NL802154_ATTR_SEC_FRAME_COUNTER={0x8, 0x2c, 0x1d60}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_SEC_OUT_KEY_ID={0x30, 0x2b, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x9716}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x14d2}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x6}, @NL802154_KEY_ID_ATTR_INDEX={0x5}]}, @NL802154_ATTR_SEC_ENABLED={0x5}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x90}, 0x1, 0x0, 0x0, 0x4880}, 0x40000) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x2c, r2, 0x1, 0x0, 0x0, {0x7, 0x74, 0x600}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x2}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast2}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private}]}, 0x2c}, 0x1, 0xffffffff00000003}, 0x0) 4.808145228s ago: executing program 2 (id=3446): r0 = socket(0x2, 0x3, 0x8) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f00000003c0)={'sit0\x00', 0x0}) 4.736699707s ago: executing program 0 (id=3447): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) open$dir(&(0x7f0000000100)='./file0\x00', 0x3, 0x0) 4.735918891s ago: executing program 2 (id=3448): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0) getresuid(&(0x7f0000000440), 0x0, &(0x7f00000004c0)=0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r3]) llistxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 4.73199926s ago: executing program 0 (id=3449): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0) getresuid(&(0x7f0000000440), 0x0, &(0x7f00000004c0)=0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r3]) llistxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 4.586526606s ago: executing program 0 (id=3450): pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1) syz_open_dev$dmmidi(&(0x7f0000000480), 0xfc, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00'}, 0x10) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) readv(r2, &(0x7f0000001340)=[{&(0x7f0000000380)=""/165, 0xa5}], 0x1) ioctl$TCSETS(r2, 0x5402, &(0x7f00000014c0)={0x0, 0xffffffff, 0x0, 0x0, 0x0, "076a1400"}) ioctl$TCSETS(r2, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df000000a7d9de16c708db7200"}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="00000021007b560000000000400000ac8f6e5080024a0095"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000020009500000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) creat(&(0x7f0000000280)='./file0\x00', 0x0) mount$afs(&(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x400, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r3, 0x11, 0x0, 0x0, @prog_id}, 0x20) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)={@ifindex, r3, 0x11, 0x0, 0x0, @prog_id}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r5}, 0x10) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)={0x6, 0x4, 0x4001}, 0x48) 4.467843575s ago: executing program 2 (id=3451): syz_open_dev$tty1(0xc, 0x4, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000001400)={{&(0x7f0000ffe000/0x1000)=nil, 0x1000}}) add_key(&(0x7f00000001c0)='big_key\x00', 0x0, 0x0, 0x0, 0x0) r1 = add_key$user(0x0, &(0x7f0000000100), &(0x7f0000000480)="5bcd49fe96d5f708916e334e32d523bafcff0465e5f59e300fb620a18fd2cd1f21e8ba39dc00f18eadeee273dffdb4cf8451103fb841ea4bca2de8cb60ca66d6080dd3b24e0d33058dfdf4f5d2cf289c046e88edc124a3a18551d5409375b3c05479490bc223fe4461c9558ec5cb823f609bd5313125ef7488bbbf94eee95f50d204fef348f406beacd9298c8ba9a066f788165c8efecc4100b5b9b3ef983c4930d2070000006c59ed7f0c2cf61171789c8e4d721e055ad729958b8faf3411ed9a7654ca5b22384b49cd44fd34946e5a3dd062d67a273961b2fa2611c8b20cdd3da2569f0e5755f9f0889f50c2a23e497de9d314e2a927be0615897be74801a556373f33530c8130fe300ad2dfbfcfca55295c2443c3bd79806c6dba283db9e11028b3f30b7cfa140900b7d624397be8a374d78e64b82b85f66a4771eaf56bbbba06ad1333816d6b30ce2d016e41551514843622c3c3373dff234c8d27436e0c95f3cfa381245e6966d8da8e19546d9e65dd40d888ad6f2667f4a690", 0x17c, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000080)={r1, r1, r1}, &(0x7f00000000c0)=""/28, 0x1c, &(0x7f00000001c0)={&(0x7f0000000140)={'poly1305\x00'}}) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000300)={'erspan0\x00', &(0x7f0000000280)={'tunl0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x6, 0x4, 0x1, 0x0, 0x18, 0x66, 0x0, 0x0, 0x2f, 0x0, @rand_addr=0x64010101, @loopback, {[@noop]}}}}}) r4 = fsopen(&(0x7f00000001c0)='devtmpfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000080)={@dev={0xfe, 0x80, '\x00', 0x13}, @private0, @remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, r3}) r5 = socket(0x1, 0x6, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000280)={0xfffffffc}, 0x9) sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x26}}, 0x0) fsmount(r4, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r4, 0x7, 0x0, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$wireguard(&(0x7f0000004900), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) 3.24201251s ago: executing program 0 (id=3457): bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') pread64(r3, &(0x7f0000004180)=""/4096, 0x1000, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f00000000c0)={0x365c, "030700010000000823000000de02000000000000004000000020000400", 0xffffffffffffffff}) epoll_create1(0x0) r5 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000100)={0x30000000}) 2.890064049s ago: executing program 3 (id=3458): pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1) syz_open_dev$dmmidi(&(0x7f0000000480), 0xfc, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00'}, 0x10) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) readv(r2, &(0x7f0000001340)=[{&(0x7f0000000380)=""/165, 0xa5}], 0x1) ioctl$TCSETS(r2, 0x5402, &(0x7f00000014c0)={0x0, 0xffffffff, 0x0, 0x0, 0x0, "076a1400"}) ioctl$TCSETS(r2, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df000000a7d9de16c708db7200"}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="00000021007b560000000000400000ac8f6e5080024a0095"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000020009500000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) creat(&(0x7f0000000280)='./file0\x00', 0x0) mount$afs(&(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x400, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r3, 0x11, 0x0, 0x0, @prog_id}, 0x20) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)={@ifindex, r3, 0x11, 0x0, 0x0, @prog_id}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)={0x6, 0x4, 0x4001}, 0x48) 1.731420883s ago: executing program 1 (id=3463): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0) getresuid(&(0x7f0000000440), 0x0, &(0x7f00000004c0)=0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r3]) llistxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 1.588039044s ago: executing program 3 (id=3464): r0 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800090400000000000000000a00"/28], 0x24}}, 0x0) 1.574408662s ago: executing program 1 (id=3465): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000006c0)=0x30000) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000002740)=ANY=[@ANYBLOB="140000001300012c9dff7f8cd913e90007"], 0x14}], 0x1}, 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@local}) ppoll(&(0x7f0000000240)=[{r0}], 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000477000/0x2000)=nil, 0x2000, 0x2000000, 0x110, r1, 0x0) ioctl$VIDIOC_G_SELECTION(0xffffffffffffffff, 0xc040565e, &(0x7f0000001a80)={0xb, 0x0, 0xe, {0x80000000}}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001480)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="090300000000000000002200000004000180"], 0x18}, 0x1, 0xf000000}, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) syz_init_net_socket$llc(0x1a, 0x1, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3e, &(0x7f0000000040)=0x7, 0x4) fsopen(&(0x7f0000000200)='msdos\x00', 0x0) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r4) r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f0000000480)={0x0, 0x0, r6, 0x0}) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r4, 0xc01864b0, &(0x7f00000000c0)={r6, r7, 0x0, 0x0, 0x3}) (fail_nth: 12) 1.507022056s ago: executing program 3 (id=3466): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000740)={0x14, 0x3, 0x1, 0x201, 0x0, 0x0, {0xa}}, 0x14}}, 0x20008090) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) 1.474111179s ago: executing program 0 (id=3467): openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000980)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581d3b3"], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$binfmt_aout(r0, 0x0, 0xff2e) 1.397886055s ago: executing program 3 (id=3468): bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) bpf$ITER_CREATE(0xb, 0x0, 0x0) (async) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000040000000000009500000000000000"], &(0x7f0000000340)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000000c0)="a0", 0x0, 0xa3cf05dada2710e3}, 0x50) (async) socket$inet6_icmp(0xa, 0x2, 0x3a) r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000200), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000000)) (async, rerun: 64) ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000180)=0x6f) (rerun: 64) mkdir(&(0x7f0000000040)='./file1\x00', 0x142) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r2 = open(&(0x7f0000000280)='./file1\x00', 0x0, 0x0) mknodat$loop(r2, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') (async, rerun: 64) linkat(r2, &(0x7f0000000100)='./file1\x00', r2, &(0x7f0000000240)='./file0\x00', 0x0) (rerun: 64) renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x0) write$dsp(r1, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) (async) socket$inet_udp(0x2, 0x2, 0x0) (async) socket$nl_route(0x10, 0x3, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)) (async, rerun: 32) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0) (rerun: 32) openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) (async) socket$inet(0x2, 0x0, 0x0) (async, rerun: 32) getpid() (rerun: 32) getpid() (async, rerun: 32) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (rerun: 32) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10) (async, rerun: 64) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (rerun: 64) 1.288533471s ago: executing program 3 (id=3469): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000740)={0x30, 0x3, 0x1, 0x201, 0x0, 0x0, {0xa}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x28c}]}, @CTA_TUPLE_ORIG={0x10, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}]}]}, 0x30}}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$NFC_CMD_GET_TARGET(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r3, &(0x7f0000000040)={0x1f, 0x21, @fixed}, 0xe) connect$bt_sco(r2, &(0x7f0000000040), 0x8) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r5) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000580)={{{@in=@local, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6=@initdev}}, &(0x7f00000000c0)=0xe4) r7 = userfaultfd(0x80001) syz_emit_ethernet(0x82, &(0x7f0000000140)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010101, @private=0xa010101}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @rand_addr, {[@lsrr={0x83, 0x3}, @rr={0x7, 0x3}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@private=0xa010184}, {@private}, {@local}, {@remote}, {@private}, {@dev}, {@private}]}]}}}}}}}, 0x0) ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) socket$nl_generic(0x10, 0x3, 0x10) r8 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r8) r9 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x6, 0xbeaec86, 0xffffff5c, 0x160799a916c0e8bd, r9, 0xe2b, '\x00', r6, 0xffffffffffffffff, 0x85, 0x4, 0x2, 0x3}, 0x48) r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000400)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4}, 0x48) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000940)=@framed={{0x18, 0x9}}, &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r11}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x2c00) 1.097907805s ago: executing program 2 (id=3470): pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1) syz_open_dev$dmmidi(&(0x7f0000000480), 0xfc, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00'}, 0x10) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) readv(r2, &(0x7f0000001340)=[{&(0x7f0000000380)=""/165, 0xa5}], 0x1) ioctl$TCSETS(r2, 0x5402, &(0x7f00000014c0)={0x0, 0xffffffff, 0x0, 0x0, 0x0, "076a1400"}) ioctl$TCSETS(r2, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df000000a7d9de16c708db7200"}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="00000021007b560000000000400000ac8f6e5080024a0095"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000020009500000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000500)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000300)=@gettfilter={0x6c, 0x2e, 0xc, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x3, 0xc}, {0x10}, {0xfff3, 0xfff2}}, [{0x8, 0xb, 0xffffffff}, {0x8, 0xb, 0x54}, {0x8, 0xb, 0xffffffb6}, {0x8, 0xb, 0x2}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0x8e2}, {0x8, 0xb, 0x4}, {0x8, 0xb, 0x7}, {0x8, 0xb, 0x9}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4048000}, 0x54) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r3, 0x11, 0x0, 0x0, @prog_id}, 0x20) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)={@ifindex, r3, 0x11, 0x0, 0x0, @prog_id}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r6}, 0x10) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)={0x6, 0x4, 0x4001}, 0x48) 548.13935ms ago: executing program 1 (id=3471): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0) getresuid(&(0x7f0000000440), &(0x7f0000000480), 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC]) llistxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 441.851539ms ago: executing program 3 (id=3472): pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1) syz_open_dev$dmmidi(&(0x7f0000000480), 0xfc, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00'}, 0x10) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) readv(r2, &(0x7f0000001340)=[{&(0x7f0000000380)=""/165, 0xa5}], 0x1) ioctl$TCSETS(r2, 0x5402, &(0x7f00000014c0)={0x0, 0xffffffff, 0x0, 0x0, 0x0, "076a1400"}) ioctl$TCSETS(r2, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df000000a7d9de16c708db7200"}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="00000021007b560000000000400000ac8f6e5080024a0095"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000020009500000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) creat(&(0x7f0000000280)='./file0\x00', 0x0) mount$afs(&(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x400, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r3, 0x11, 0x0, 0x0, @prog_id}, 0x20) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)={@ifindex, r3, 0x11, 0x0, 0x0, @prog_id}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)={0x6, 0x4, 0x4001}, 0x48) 422.400189ms ago: executing program 1 (id=3473): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') fchdir(r0) creat(&(0x7f0000000000)='./file0\x00', 0x0) 325.456515ms ago: executing program 1 (id=3474): r0 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800090400000000000000000a00"/28], 0x24}}, 0x0) 155.519667ms ago: executing program 1 (id=3475): bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') pread64(r3, &(0x7f0000004180)=""/4096, 0x1000, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f00000000c0)={0x365c, "030700010000000823000000de02000000000000004000000020000400", 0xffffffffffffffff}) epoll_create1(0x0) r5 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000100)={0x30000000}) 788.112µs ago: executing program 2 (id=3476): socket$netlink(0x10, 0x3, 0x0) socket(0x11, 0x800000003, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000cec1000000000000000000008500000030000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) recvmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x0, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) getpid() r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r1}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x13, 0xe, 0x0, &(0x7f0000000080)="e02742e8680d85ff9782762f0800", 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 0s ago: executing program 0 (id=3477): syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="043e110f"], 0x14) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r0 = socket$inet6(0xa, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x4, 0x0, 0x0, 0x1}, 0x48) r1 = socket(0x10, 0x3, 0x0) r2 = epoll_create1(0x0) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f00000000c0)={0xa000000f}) read$char_usb(r3, &(0x7f0000000100)=""/169, 0xa9) getdents64(r3, 0x0, 0x0) mknodat(r3, &(0x7f0000000080)='./file0\x00', 0x0, 0x8) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r5, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000000500)="03b7a2140f2db0465b891bcd", 0xc}, {&(0x7f0000000580)="cf331e07c105bf672c260fa137c3d4dc586ccb95da192511557e42e7087d16892ecd9745f92f68147947dbe493a95c9dbde28fa1a3b448194308f8e087", 0x3d}], 0x2}, 0x0) setsockopt$sock_attach_bpf(r4, 0x1, 0x21, &(0x7f0000000540), 0x4) r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d}, 0x90) r7 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r6, r8}, 0x40) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000480)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000400000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d77d551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba05c001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5b0384222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09b15c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d5264cb454df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c56f273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56070049d9ea955a5f0dec1b3ccd35364600000000000000000032100000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc201cd07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c49fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86ecb838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd1119b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65af167f8f13cd0fdbca9c645989c7be25679a34ba2850fe18990087360185f89c7911765497d0f919aeddefde84c13174b679a2e6ae991b6658d204f743b89eb5d580f6ac5a7f255cb8205a32b2bf38d144a6bdd3c72d403bfa7b103b418a540b1329b2b5d8fef2fc8c6634aeecb5614495b450a8fd510f06416fb0cfe99e47c52371055b9a0800805aea58d352e0a1da7b774f4af58837fe71371a6ca1b62898f454090772be7b18bd606f46ec1a04ce219cee23e6cf325df46f7d64a4099119997112c32ccbe59c5455f45f7f028a600421fe7443b96d699b50a981bdc3aa4e9e628eae35d6c064abe0445afc0ec479231c940e874b597a22bd3f4ed3141b5c2c98513ea39"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r9, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9fffe316844268cb89e14f086dd47e0ffff26123a07631177fbac141416e000030a440a9f03fe80000000000000000000000000002e01070b038da188fe25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) syz_emit_ethernet(0x11dc0, &(0x7f0000000a00)=ANY=[@ANYBLOB="aaaaaaaaaaaaaf5c520a041c86dd60"], 0x0) sendmsg$inet(r5, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) pipe(0x0) write(r1, &(0x7f0000000040)="1400000052004f030e789e7e27286d000a4149f3", 0x14) recvmmsg(r0, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x10122, 0x0) r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r10, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r10, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0xc}, @hci_rp_le_read_supported_states={{0x1}, {0x74, "1a6792c6ce9d71ff"}}}}, 0xf) kernel console output (not intermixed with test programs): 76.999848][T15958] ? fs_reclaim_acquire+0xae/0x160 [ 676.999869][T15958] should_failslab+0xc2/0x120 [ 676.999892][T15958] __kmalloc_cache_noprof+0x6b/0x310 [ 677.014162][T15958] ? rtnl_newlink+0x49/0xa0 [ 677.016153][T15958] rtnl_newlink+0x49/0xa0 [ 677.018176][T15958] ? __pfx_rtnl_newlink+0x10/0x10 [ 677.020870][T15958] rtnetlink_rcv_msg+0x3c7/0xea0 [ 677.023904][T15958] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 677.027241][T15958] ? __pfx___dev_queue_xmit+0x10/0x10 [ 677.030321][T15958] netlink_rcv_skb+0x165/0x410 [ 677.033324][T15958] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 677.035872][T15958] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 677.038891][T15958] ? netlink_deliver_tap+0x1ae/0xcf0 [ 677.041962][T15958] netlink_unicast+0x544/0x830 [ 677.044893][T15958] ? __pfx_netlink_unicast+0x10/0x10 [ 677.047720][T15958] ? __phys_addr_symbol+0x30/0x80 [ 677.050241][T15958] ? __check_object_size+0x497/0x720 [ 677.052926][T15958] netlink_sendmsg+0x8b8/0xd70 [ 677.055191][T15958] ? __pfx_netlink_sendmsg+0x10/0x10 [ 677.057775][T15958] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 677.060908][T15958] ____sys_sendmsg+0x9b4/0xb50 [ 677.063438][T15958] ? __pfx_____sys_sendmsg+0x10/0x10 [ 677.066319][T15958] ? get_compat_msghdr+0x11b/0x170 [ 677.069526][T15958] ? __pfx___lock_acquire+0x10/0x10 [ 677.072853][T15958] ___sys_sendmsg+0x135/0x1e0 [ 677.075685][T15958] ? __pfx____sys_sendmsg+0x10/0x10 [ 677.078998][T15958] ? ksys_write+0x21c/0x260 [ 677.081809][T15958] ? __fget_light+0x173/0x210 [ 677.084734][T15958] __sys_sendmsg+0x117/0x1f0 [ 677.087622][T15958] ? __pfx___sys_sendmsg+0x10/0x10 [ 677.090426][T15958] __do_fast_syscall_32+0x73/0x120 [ 677.092721][T15958] do_fast_syscall_32+0x32/0x80 [ 677.095017][T15958] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 677.098306][T15958] RIP: 0023:0xf7fb6579 [ 677.100668][T15958] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 677.113294][T15958] RSP: 002b:00000000f576657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 677.118937][T15958] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000000 [ 677.121946][T15958] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 677.126323][T15958] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 677.129554][T15958] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 677.147886][T15958] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 677.151242][T15958] [ 677.153841][T15959] CPU: 2 UID: 0 PID: 15959 Comm: syz.1.3033 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 677.158761][T15959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 677.163390][T15959] Call Trace: [ 677.164738][T15959] [ 677.165911][T15959] dump_stack_lvl+0x16c/0x1f0 [ 677.168033][T15959] should_fail_ex+0x497/0x5b0 [ 677.170198][T15959] _copy_from_user+0x30/0xf0 [ 677.172265][T15959] input_event_from_user+0x22d/0x3b0 [ 677.175051][T15959] ? __pfx_input_event_from_user+0x10/0x10 [ 677.177668][T15959] ? input_inject_event+0x193/0x370 [ 677.180009][T15959] evdev_write+0x374/0x750 [ 677.182132][T15959] ? __pfx_evdev_write+0x10/0x10 [ 677.184716][T15959] ? bpf_lsm_file_permission+0x9/0x10 [ 677.187375][T15959] ? security_file_permission+0x98/0xc0 [ 677.190366][T15959] ? __pfx_evdev_write+0x10/0x10 [ 677.192668][T15959] vfs_write+0x29a/0x1140 [ 677.194616][T15959] ? __pfx_vfs_write+0x10/0x10 [ 677.196764][T15959] ? __fget_files+0x256/0x400 [ 677.198873][T15959] ? __fget_light+0x173/0x210 [ 677.200774][T15959] ksys_write+0x1f8/0x260 [ 677.202317][T15959] ? __pfx_ksys_write+0x10/0x10 [ 677.204450][T15959] __do_fast_syscall_32+0x73/0x120 [ 677.207345][T15959] do_fast_syscall_32+0x32/0x80 [ 677.210330][T15959] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 677.213325][T15959] RIP: 0023:0xf7f1f579 [ 677.215039][T15959] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 677.224788][T15959] RSP: 002b:00000000f56d657c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 677.228774][T15959] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040 [ 677.232949][T15959] RDX: 0000000000002250 RSI: 0000000000000000 RDI: 0000000000000000 [ 677.237344][T15959] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 677.240735][T15959] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 677.244562][T15959] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 677.248374][T15959] [ 677.250511][ C2] hpet: Lost 6 RTC interrupts [ 677.337852][T15961] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3035'. [ 677.350370][T15961] vxcan3: entered promiscuous mode [ 677.391441][T15961] loop7: detected capacity change from 0 to 16384 [ 677.517101][T15961] blk_print_req_error: 24 callbacks suppressed [ 677.517120][T15961] I/O error, dev loop7, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 677.528947][T15961] buffer_io_error: 23 callbacks suppressed [ 677.528956][T15961] Buffer I/O error on dev loop7, logical block 1, async page read [ 677.538474][T15961] Dev loop7: unable to read RDB block 8 [ 677.541652][T15961] I/O error, dev loop7, sector 24 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 677.546262][T15961] Buffer I/O error on dev loop7, logical block 3, async page read [ 677.559834][T15961] loop7: unable to read partition table [ 677.564137][T15961] loop_reread_partitions: partition scan of loop7 (K>i) /480# $qZI͛@3bj!5MM]z) failed (rc=-5) [ 677.764828][ C2] hpet: Lost 2 RTC interrupts [ 677.822476][T15963] netlink: 'syz.1.3036': attribute type 2 has an invalid length. [ 678.157249][T11943] Bluetooth: hci1: Frame reassembly failed (-84) [ 678.239018][T15975] netlink: 'syz.2.3039': attribute type 12 has an invalid length. [ 678.248944][T15975] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3039'. [ 678.348108][T15985] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 678.353472][T15985] FAULT_INJECTION: forcing a failure. [ 678.353472][T15985] name failslab, interval 1, probability 0, space 0, times 0 [ 678.361484][T15985] CPU: 2 UID: 0 PID: 15985 Comm: syz.0.3041 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 678.366991][T15985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 678.372888][T15985] Call Trace: [ 678.374686][T15985] [ 678.376380][T15985] dump_stack_lvl+0x16c/0x1f0 [ 678.379165][T15985] should_fail_ex+0x497/0x5b0 [ 678.382037][T15985] should_failslab+0xc2/0x120 [ 678.385029][T15985] __kmalloc_noprof+0xcb/0x410 [ 678.387947][T15985] ___neigh_create+0x141e/0x2ae0 [ 678.390779][T15985] ? nf_confirm+0x453/0x1210 [ 678.393488][T15985] ? __pfx____neigh_create+0x10/0x10 [ 678.396736][T15985] ip_finish_output2+0x1f75/0x2590 [ 678.399943][T15985] ? nf_hook+0x3bf/0x6d0 [ 678.402554][T15985] ? __pfx_ip_finish_output2+0x10/0x10 [ 678.405602][T15985] ? ip_skb_dst_mtu+0x3fc/0xc70 [ 678.407919][T15985] ? __pfx_ip_skb_dst_mtu+0x10/0x10 [ 678.411299][T15985] ? __pfx_nf_hook+0x10/0x10 [ 678.414135][T15985] __ip_finish_output+0x49e/0x950 [ 678.417212][T15985] ip_finish_output+0x31/0x310 [ 678.420137][T15985] ip_output+0x13b/0x2a0 [ 678.422812][T15985] ? __pfx_ip_output+0x10/0x10 [ 678.425800][T15985] ip_build_and_send_pkt+0xc15/0x1040 [ 678.428955][T15985] tcp_v4_send_synack+0x30e/0x990 [ 678.431509][T15985] ? __pfx_tcp_v4_send_synack+0x10/0x10 [ 678.434209][T15985] ? __pfx_tcp_openreq_init_rwin+0x10/0x10 [ 678.437799][T15985] ? get_random_u32+0x586/0x7e0 [ 678.440295][T15985] ? lockdep_hardirqs_on+0x7c/0x110 [ 678.443315][T15985] tcp_conn_request+0x1af5/0x38f0 [ 678.445551][T15985] ? __pfx_tcp_conn_request+0x10/0x10 [ 678.447943][T15985] ? __pfx___lock_acquire+0x10/0x10 [ 678.450082][T15985] ? __lock_acquire+0xbdd/0x3cb0 [ 678.452176][T15985] ? __pfx_lock_acquire+0x10/0x10 [ 678.454442][T15985] ? __pfx___lock_acquire+0x10/0x10 [ 678.456894][T15985] ? __pfx_mark_lock+0x10/0x10 [ 678.459051][T15985] ? tcp_v4_conn_request+0xc5/0x260 [ 678.461545][T15985] tcp_v4_conn_request+0xc5/0x260 [ 678.464192][T15985] tcp_v6_conn_request+0x2f1/0x470 [ 678.466895][T15985] tcp_rcv_state_process+0x2396/0x4fe0 [ 678.469750][T15985] ? sk_filter_trim_cap+0x50b/0xb90 [ 678.472121][T15985] ? __pfx_lock_release+0x10/0x10 [ 678.474845][T15985] ? hlock_class+0x4e/0x130 [ 678.477002][T15985] ? __pfx_tcp_rcv_state_process+0x10/0x10 [ 678.480234][T15985] ? sk_filter_trim_cap+0xec/0xb90 [ 678.482524][T15985] ? __pfx_tcp_inbound_hash+0x10/0x10 [ 678.485163][T15985] ? __pfx_sk_filter_trim_cap+0x10/0x10 [ 678.487643][T15985] ? __inet_lookup_listener+0x328/0x3b0 [ 678.490472][T15985] ? tcp_v4_do_rcv+0x1ad/0xa90 [ 678.492684][T15985] tcp_v4_do_rcv+0x1ad/0xa90 [ 678.495126][T15985] tcp_v4_rcv+0x3e33/0x4500 [ 678.497844][T15985] ? __pfx_tcp_v4_rcv+0x10/0x10 [ 678.500847][T15985] ? __pfx_raw_local_deliver+0x10/0x10 [ 678.504184][T15985] ? nf_hook.constprop.0+0x467/0x750 [ 678.507465][T15985] ? __pfx_tcp_v4_rcv+0x10/0x10 [ 678.510466][T15985] ip_protocol_deliver_rcu+0xba/0x4e0 [ 678.513759][T15985] ip_local_deliver_finish+0x316/0x570 [ 678.517078][T15985] ip_local_deliver+0x18e/0x1f0 [ 678.520016][T15985] ? __pfx_ip_local_deliver+0x10/0x10 [ 678.523025][T15985] ip_rcv+0x2c5/0x5d0 [ 678.525311][T15985] ? __pfx_ip_rcv+0x10/0x10 [ 678.527845][T15985] __netif_receive_skb_one_core+0x199/0x1e0 [ 678.532338][T15985] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 678.536212][T15985] ? timekeeping_debug_get_ns+0x334/0x5b0 [ 678.539632][T15985] __netif_receive_skb+0x1d/0x160 [ 678.542757][T15985] netif_receive_skb+0x13f/0x7b0 [ 678.545718][T15985] ? __pfx_netif_receive_skb+0x10/0x10 [ 678.549088][T15985] ? __pfx___lock_acquire+0x10/0x10 [ 678.552265][T15985] tun_rx_batched+0x429/0x780 [ 678.555175][T15985] ? __pfx_tun_rx_batched+0x10/0x10 [ 678.558296][T15985] ? tun_get_user+0x1d66/0x3c20 [ 678.560513][T15985] tun_get_user+0x2a4b/0x3c20 [ 678.562922][T15985] ? __pfx_tun_get_user+0x10/0x10 [ 678.565231][T15985] ? find_held_lock+0x2d/0x110 [ 678.567448][T15985] ? __pfx_lock_release+0x10/0x10 [ 678.569651][T15985] tun_chr_write_iter+0xe8/0x210 [ 678.571978][T15985] vfs_write+0x6b6/0x1140 [ 678.573911][T15985] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 678.576286][T15985] ? __pfx_vfs_write+0x10/0x10 [ 678.578441][T15985] ? __fget_files+0x256/0x400 [ 678.580719][T15985] ? __fget_light+0x173/0x210 [ 678.583037][T15985] ksys_write+0x12f/0x260 [ 678.584999][T15985] ? __pfx_ksys_write+0x10/0x10 [ 678.587332][T15985] __do_fast_syscall_32+0x73/0x120 [ 678.589635][T15985] do_fast_syscall_32+0x32/0x80 [ 678.592541][T15985] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 678.596392][T15985] RIP: 0023:0xf7fb6579 [ 678.598904][T15985] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 678.607861][T15985] RSP: 002b:00000000f5766540 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 678.611397][T15985] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 00000000200001c0 [ 678.615242][T15985] RDX: 0000000000000036 RSI: 00000000f7439ff4 RDI: 0000000000000000 [ 678.619727][T15985] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 678.624149][T15985] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 678.627865][T15985] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 678.635525][T15985] [ 678.638757][ C2] hpet: Lost 16 RTC interrupts [ 678.817863][T15991] FAULT_INJECTION: forcing a failure. [ 678.817863][T15991] name failslab, interval 1, probability 0, space 0, times 0 [ 678.834800][T15991] CPU: 3 UID: 0 PID: 15991 Comm: syz.0.3042 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 678.839894][T15991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 678.845490][T15991] Call Trace: [ 678.847264][T15991] [ 678.848889][T15991] dump_stack_lvl+0x16c/0x1f0 [ 678.851288][T15991] should_fail_ex+0x497/0x5b0 [ 678.853825][T15991] should_failslab+0xc2/0x120 [ 678.856288][T15991] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 678.859558][T15991] ? slab_build_skb+0x46/0x3c0 [ 678.861995][T15991] slab_build_skb+0x46/0x3c0 [ 678.864226][T15991] ? sock_init_data_uid+0x7f6/0xa00 [ 678.866505][T15991] bpf_prog_test_run_skb+0x360/0x2140 [ 678.868791][T15991] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 678.871198][T15991] ? fput+0x32/0x390 [ 678.873029][T15991] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 678.875933][T15991] __sys_bpf+0x141f/0x5600 [ 678.877806][T15991] ? __pfx___sys_bpf+0x10/0x10 [ 678.880512][T15991] ? ksys_write+0x12f/0x260 [ 678.883296][T15991] ? find_held_lock+0x2d/0x110 [ 678.885921][T15991] ? ksys_write+0x21c/0x260 [ 678.888361][T15991] ? __pfx_lock_release+0x10/0x10 [ 678.891334][T15991] ? vfs_write+0x14d/0x1140 [ 678.893470][T15991] ? __mutex_unlock_slowpath+0x164/0x650 [ 678.896587][T15991] ? fput+0x32/0x390 [ 678.898827][T15991] ? ksys_write+0x1ab/0x260 [ 678.901684][T15991] ? __pfx_ksys_write+0x10/0x10 [ 678.904676][T15991] __ia32_sys_bpf+0x76/0xe0 [ 678.907633][T15991] __do_fast_syscall_32+0x73/0x120 [ 678.910978][T15991] do_fast_syscall_32+0x32/0x80 [ 678.915804][T15991] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 678.918945][T15991] RIP: 0023:0xf7fb6579 [ 678.936957][T15991] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 678.945106][T15991] RSP: 002b:00000000f574557c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 678.948703][T15991] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000000 [ 678.952202][T15991] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 678.955582][T15991] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 678.960346][T15991] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 678.963916][T15991] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 678.967538][T15991] [ 680.178193][ T5227] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 680.180839][ T5226] Bluetooth: hci1: command 0x1003 tx timeout [ 680.922336][ T5259] kernel write not supported for file /input/event2 (pid: 5259 comm: kworker/2:3) [ 681.045015][T16019] kAFS: unparsable volume name [ 681.761612][T16027] netlink: 'syz.0.3052': attribute type 12 has an invalid length. [ 681.765080][T16027] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3052'. [ 681.915985][ T5226] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 681.924685][ T5226] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 681.942089][ T5226] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 681.946150][ T5226] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 681.949305][ T5226] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 681.964292][T16035] fuse: Unknown parameter 'dfTXF@"inI݋M' [ 681.969108][ T5226] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 682.028558][ T5227] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 682.042318][ T5227] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 682.052882][ T5227] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 682.062444][ T5227] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 682.075577][ T1084] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 682.080378][ T5227] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 682.084848][ T5227] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 682.322044][ T1084] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 682.484718][ T1084] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 682.585696][ T1084] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 682.804688][T16062] fuse: Unknown parameter '0xffffffffffffffff0000000000000000000000400000000000000000000012' [ 682.883769][T16031] chnl_net:caif_netlink_parms(): no params data found [ 683.284213][T16070] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3061'. [ 683.299103][T16031] bridge0: port 1(bridge_slave_0) entered blocking state [ 683.312124][T16031] bridge0: port 1(bridge_slave_0) entered disabled state [ 683.316604][T16031] bridge_slave_0: entered allmulticast mode [ 683.322108][T16031] bridge_slave_0: entered promiscuous mode [ 683.358186][T16074] netlink: 173 bytes leftover after parsing attributes in process `syz.3.3061'. [ 683.728630][ C2] hpet: Lost 1 RTC interrupts [ 683.786462][ C2] hpet: Lost 1 RTC interrupts [ 683.885766][T16078] kAFS: unparsable volume name [ 683.968524][ C2] hpet: Lost 1 RTC interrupts [ 684.012368][ C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 684.178728][ T39] audit: type=1400 audit(1721882133.334:236): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 684.186097][ T5226] Bluetooth: hci1: command tx timeout [ 684.379091][ T1084] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 684.413258][ T1084] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 684.423530][ T1084] bond0 (unregistering): Released all slaves [ 684.485408][T16070] : entered promiscuous mode [ 684.500104][T16031] bridge0: port 2(bridge_slave_1) entered blocking state [ 684.510568][T16031] bridge0: port 2(bridge_slave_1) entered disabled state [ 684.519923][T16031] bridge_slave_1: entered allmulticast mode [ 684.524404][T16031] bridge_slave_1: entered promiscuous mode [ 684.635448][T16081] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3063'. [ 684.644468][ T1084] tipc: Left network mode [ 684.692842][ C2] hpet: Lost 1 RTC interrupts [ 684.758619][T16031] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 684.782098][T16031] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 684.896964][T16092] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3064'. [ 684.903019][T16092] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3064'. [ 684.999743][T16086] netlink: 'syz.0.3065': attribute type 1 has an invalid length. [ 685.055968][T16099] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 685.060505][T16031] team0: Port device team_slave_0 added [ 685.070948][T16031] team0: Port device team_slave_1 added [ 685.221362][T16031] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 685.224456][T16031] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 685.259721][T16031] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 685.351684][T16031] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 685.355212][T16031] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 685.378813][T16031] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 685.477918][ T1084] hsr_slave_0: left promiscuous mode [ 685.481874][ T1084] hsr_slave_1: left promiscuous mode [ 685.484988][ T1084] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 685.488353][ T1084] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 685.501312][ T1084] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 685.504274][ T1084] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 685.583528][ T1084] veth1_macvtap: left promiscuous mode [ 685.585892][ T1084] veth0_macvtap: left promiscuous mode [ 685.588454][ T1084] veth1_vlan: left promiscuous mode [ 685.602782][ T1084] veth0_vlan: left promiscuous mode [ 686.249781][ T5226] Bluetooth: hci1: command tx timeout [ 686.332614][ C2] hpet: Lost 1 RTC interrupts [ 686.970029][T16121] kAFS: unparsable volume name [ 687.204660][ C2] hpet: Lost 1 RTC interrupts [ 687.702509][T16123] FAULT_INJECTION: forcing a failure. [ 687.702509][T16123] name failslab, interval 1, probability 0, space 0, times 0 [ 687.709101][T16123] CPU: 2 UID: 0 PID: 16123 Comm: syz.2.3073 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 687.713163][T16123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 687.717796][T16123] Call Trace: [ 687.719176][T16123] [ 687.720477][T16123] dump_stack_lvl+0x16c/0x1f0 [ 687.722500][T16123] should_fail_ex+0x497/0x5b0 [ 687.724364][T16123] ? fs_reclaim_acquire+0xae/0x160 [ 687.726424][T16123] should_failslab+0xc2/0x120 [ 687.728501][T16123] __kmalloc_noprof+0xcb/0x410 [ 687.730611][T16123] ? __pfx_lock_acquire+0x10/0x10 [ 687.732894][T16123] tomoyo_realpath_from_path+0xbf/0x710 [ 687.735339][T16123] ? tomoyo_profile+0x47/0x60 [ 687.737448][T16123] tomoyo_path_number_perm+0x245/0x5b0 [ 687.739446][T16123] ? tomoyo_path_number_perm+0x232/0x5b0 [ 687.741345][T16123] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 687.743661][T16123] ? __pfx_lock_release+0x10/0x10 [ 687.745969][T16123] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 687.748742][T16123] ? __fget_files+0x256/0x400 [ 687.750716][T16123] security_file_ioctl_compat+0x75/0xc0 [ 687.752938][T16123] __do_compat_sys_ioctl+0x5d/0x330 [ 687.755302][T16123] __do_fast_syscall_32+0x73/0x120 [ 687.757564][T16123] do_fast_syscall_32+0x32/0x80 [ 687.759751][T16123] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 687.762370][T16123] RIP: 0023:0xf7fe3579 [ 687.764114][T16123] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 687.771842][T16123] RSP: 002b:00000000f579657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 687.775286][T16123] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c0506617 [ 687.778392][T16123] RDX: 0000000020000380 RSI: 0000000000000000 RDI: 0000000000000000 [ 687.781885][T16123] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 687.785244][T16123] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 687.788402][T16123] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 687.791344][T16123] [ 687.792900][ C2] hpet: Lost 4 RTC interrupts [ 687.810121][T16123] ERROR: Out of memory at tomoyo_realpath_from_path. [ 688.162782][ T1084] team0 (unregistering): Port device team_slave_1 removed [ 688.331625][ T5226] Bluetooth: hci1: command tx timeout [ 688.401290][ T1084] team0 (unregistering): Port device team_slave_0 removed [ 688.436351][ C2] hpet: Lost 1 RTC interrupts [ 688.985750][ C2] hpet: Lost 2 RTC interrupts [ 689.189131][T16139] fuse: Unknown parameter 'dfTXF@"inI݋M' [ 690.191241][T16128] netlink: 'syz.2.3075': attribute type 1 has an invalid length. [ 690.233075][T16031] hsr_slave_0: entered promiscuous mode [ 690.271689][T16031] hsr_slave_1: entered promiscuous mode [ 690.312854][T16031] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 690.316027][T16031] Cannot create hsr debugfs directory [ 690.419819][ T5226] Bluetooth: hci1: command tx timeout [ 690.529438][ T39] audit: type=1400 audit(1721882139.694:237): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 690.712500][ C2] hpet: Lost 1 RTC interrupts [ 690.782230][ C2] hpet: Lost 4 RTC interrupts [ 690.864968][T16154] netlink: 'syz.2.3080': attribute type 12 has an invalid length. [ 690.868902][T16154] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3080'. [ 691.060074][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.062703][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 692.151862][T16187] FAULT_INJECTION: forcing a failure. [ 692.151862][T16187] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 692.157219][T16187] CPU: 3 UID: 0 PID: 16187 Comm: syz.3.3087 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 692.161685][T16187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 692.166379][T16187] Call Trace: [ 692.167897][T16187] [ 692.169255][T16187] dump_stack_lvl+0x16c/0x1f0 [ 692.171600][T16187] should_fail_ex+0x497/0x5b0 [ 692.173709][T16187] _copy_from_iter+0x27a/0xfc0 [ 692.175958][T16187] ? __alloc_skb+0x200/0x380 [ 692.178094][T16187] ? __pfx__copy_from_iter+0x10/0x10 [ 692.180763][T16187] ? __virt_addr_valid+0x5e/0x590 [ 692.183347][T16187] ? __phys_addr_symbol+0x30/0x80 [ 692.185407][T16187] ? __check_object_size+0x497/0x720 [ 692.187689][T16187] netlink_sendmsg+0x813/0xd70 [ 692.189561][T16187] ? __pfx_netlink_sendmsg+0x10/0x10 [ 692.191650][T16187] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 692.193790][T16187] ____sys_sendmsg+0x9b4/0xb50 [ 692.195684][T16187] ? __pfx_____sys_sendmsg+0x10/0x10 [ 692.197342][T16031] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 692.198107][T16187] ? get_compat_msghdr+0x11b/0x170 [ 692.204311][T16187] ? __pfx___lock_acquire+0x10/0x10 [ 692.206657][T16187] ___sys_sendmsg+0x135/0x1e0 [ 692.208775][T16187] ? __pfx____sys_sendmsg+0x10/0x10 [ 692.211307][T16187] ? ksys_write+0x21c/0x260 [ 692.213364][T16187] ? __fget_light+0x173/0x210 [ 692.216004][T16187] __sys_sendmsg+0x117/0x1f0 [ 692.218970][T16187] ? __pfx___sys_sendmsg+0x10/0x10 [ 692.221495][T16187] __do_fast_syscall_32+0x73/0x120 [ 692.223707][T16187] do_fast_syscall_32+0x32/0x80 [ 692.226039][T16187] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 692.229517][T16187] RIP: 0023:0xf7f92579 [ 692.232096][T16187] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 692.241910][T16187] RSP: 002b:00000000f574657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 692.245720][T16187] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080 [ 692.249365][T16187] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 692.253194][T16187] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 692.256864][T16187] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 692.259706][T16187] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 692.264094][T16187] [ 692.282624][T16031] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 692.298315][T16031] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 692.317416][T16031] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 692.447452][T16031] 8021q: adding VLAN 0 to HW filter on device bond0 [ 692.467165][T16031] 8021q: adding VLAN 0 to HW filter on device team0 [ 692.482499][ T1277] bridge0: port 1(bridge_slave_0) entered blocking state [ 692.485737][ T1277] bridge0: port 1(bridge_slave_0) entered forwarding state [ 692.503904][ T1277] bridge0: port 2(bridge_slave_1) entered blocking state [ 692.507500][ T1277] bridge0: port 2(bridge_slave_1) entered forwarding state [ 692.712990][T16204] tmpfs: Unknown parameter 'smackfshat' [ 692.851995][T16031] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 692.907006][T16031] veth0_vlan: entered promiscuous mode [ 692.921304][T16031] veth1_vlan: entered promiscuous mode [ 692.985436][T16031] veth0_macvtap: entered promiscuous mode [ 692.994542][T16031] veth1_macvtap: entered promiscuous mode [ 693.027248][T16031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 693.049737][T16031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.054602][T16031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 693.058633][T16031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.062976][T16031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 693.067461][T16031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.071460][T16031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 693.077280][T16031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.082017][T16031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 693.086490][T16031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.092232][T16031] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 693.101657][T16031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 693.107066][T16031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.112245][T16031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 693.116691][T16031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.122180][T16031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 693.126943][T16031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.131380][T16031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 693.136357][T16031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.140145][T16031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 693.144625][T16031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.150117][T16031] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 693.159151][T16031] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 693.163638][T16031] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 693.167428][T16031] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 693.172772][T16031] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 693.312364][ T1084] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 693.315947][ T1084] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 693.363353][T16216] netlink: 'syz.3.3093': attribute type 12 has an invalid length. [ 693.366399][T16216] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3093'. [ 693.385922][T11943] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 693.390765][T11943] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 694.677234][T16231] hugetlbfs: Bad value for 'size' [ 696.012682][ T39] audit: type=1400 audit(1721882145.184:238): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 696.720472][ C2] hpet: Lost 1 RTC interrupts [ 696.785661][ C2] hpet: Lost 3 RTC interrupts [ 696.838276][T16271] kAFS: unparsable volume name [ 697.080445][ C2] hpet: Lost 1 RTC interrupts [ 697.567404][T16282] hugetlbfs: Bad value for 'size' [ 697.673992][T16283] sctp: [Deprecated]: syz.3.3108 (pid 16283) Use of struct sctp_assoc_value in delayed_ack socket option. [ 697.673992][T16283] Use struct sctp_sack_info instead [ 697.850477][ T39] audit: type=1400 audit(1721882147.024:239): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 698.021365][T16293] netlink: 'syz.2.3114': attribute type 6 has an invalid length. [ 698.072149][ C2] hpet: Lost 2 RTC interrupts [ 698.103614][T16295] 9pnet_fd: Insufficient options for proto=fd [ 698.307850][T16298] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3116'. [ 699.825543][T16322] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 700.324679][T16325] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3121'. [ 700.432626][T16325] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3121'. [ 700.762907][T16331] 9pnet_fd: Insufficient options for proto=fd [ 700.993538][T16335] FAULT_INJECTION: forcing a failure. [ 700.993538][T16335] name failslab, interval 1, probability 0, space 0, times 0 [ 700.998845][T16335] CPU: 1 UID: 0 PID: 16335 Comm: syz.0.3125 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 701.004081][T16335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 701.018872][T16335] Call Trace: [ 701.020416][T16335] [ 701.021850][T16335] dump_stack_lvl+0x16c/0x1f0 [ 701.024197][T16335] should_fail_ex+0x497/0x5b0 [ 701.026312][T16335] ? fs_reclaim_acquire+0xae/0x160 [ 701.028612][T16335] should_failslab+0xc2/0x120 [ 701.030778][T16335] __kmalloc_cache_noprof+0x6b/0x310 [ 701.033247][T16335] ? register_netdevice+0x504/0x1e20 [ 701.035601][T16335] register_netdevice+0x504/0x1e20 [ 701.038282][T16335] ? kasan_save_track+0x14/0x30 [ 701.040610][T16335] ? __pfx_register_netdevice+0x10/0x10 [ 701.043459][T16335] ? macvlan_hash_add_source+0x4d/0x3a0 [ 701.045991][T16335] macvlan_common_newlink+0x10d5/0x1a10 [ 701.048538][T16335] ? __pfx_macvlan_common_newlink+0x10/0x10 [ 701.051146][T16335] ? rtnl_create_link+0xa2e/0xf10 [ 701.053339][T16335] ? __pfx_macvlan_newlink+0x10/0x10 [ 701.055670][T16335] __rtnl_newlink+0x119c/0x1960 [ 701.057996][T16335] ? __pfx___rtnl_newlink+0x10/0x10 [ 701.061238][T16335] rtnl_newlink+0x67/0xa0 [ 701.063915][T16335] ? __pfx_rtnl_newlink+0x10/0x10 [ 701.066992][T16335] rtnetlink_rcv_msg+0x3c7/0xea0 [ 701.069837][T16335] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 701.073216][T16335] ? __pfx___dev_queue_xmit+0x10/0x10 [ 701.075855][T16335] netlink_rcv_skb+0x165/0x410 [ 701.078467][T16335] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 701.081626][T16335] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 701.084010][T16335] ? netlink_deliver_tap+0x1ae/0xcf0 [ 701.086707][T16335] netlink_unicast+0x544/0x830 [ 701.088982][T16335] ? __pfx_netlink_unicast+0x10/0x10 [ 701.091344][T16335] ? __phys_addr_symbol+0x30/0x80 [ 701.093691][T16335] ? __check_object_size+0x497/0x720 [ 701.096063][T16335] netlink_sendmsg+0x8b8/0xd70 [ 701.098371][T16335] ? __pfx_netlink_sendmsg+0x10/0x10 [ 701.100783][T16335] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 701.103244][T16335] ____sys_sendmsg+0x9b4/0xb50 [ 701.106321][T16335] ? __pfx_____sys_sendmsg+0x10/0x10 [ 701.109042][T16335] ? get_compat_msghdr+0x11b/0x170 [ 701.111358][T16335] ? __pfx___lock_acquire+0x10/0x10 [ 701.113785][T16335] ___sys_sendmsg+0x135/0x1e0 [ 701.116147][T16335] ? __pfx____sys_sendmsg+0x10/0x10 [ 701.118634][T16335] ? ksys_write+0x21c/0x260 [ 701.120747][T16335] ? __fget_light+0x173/0x210 [ 701.123132][T16335] __sys_sendmsg+0x117/0x1f0 [ 701.125208][T16335] ? __pfx___sys_sendmsg+0x10/0x10 [ 701.127385][T16335] __do_fast_syscall_32+0x73/0x120 [ 701.129584][T16335] do_fast_syscall_32+0x32/0x80 [ 701.137136][T16335] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 701.139929][T16335] RIP: 0023:0xf7fb6579 [ 701.141608][T16335] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 701.149555][T16335] RSP: 002b:00000000f576657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 701.152774][T16335] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000280 [ 701.155870][T16335] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 701.158833][T16335] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 701.161602][T16335] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 701.164875][T16335] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 701.169049][T16335] [ 701.226892][T16337] hugetlbfs: Bad value for 'size' [ 701.360489][ C2] hpet: Lost 1 RTC interrupts [ 701.689413][T16343] FAULT_INJECTION: forcing a failure. [ 701.689413][T16343] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 701.708808][T16343] CPU: 3 UID: 0 PID: 16343 Comm: syz.3.3128 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 701.715282][T16343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 701.721521][T16343] Call Trace: [ 701.723275][T16343] [ 701.724840][T16343] dump_stack_lvl+0x16c/0x1f0 [ 701.727262][T16343] should_fail_ex+0x497/0x5b0 [ 701.729729][T16343] _copy_from_user+0x30/0xf0 [ 701.732735][T16343] cmsghdr_from_user_compat_to_kern+0x356/0x7c0 [ 701.737233][T16343] ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10 [ 701.740915][T16343] ? __import_iovec+0x1fd/0x6e0 [ 701.743654][T16343] ____sys_sendmsg+0x443/0xb50 [ 701.746143][T16343] ? __pfx_____sys_sendmsg+0x10/0x10 [ 701.749110][T16343] ? get_compat_msghdr+0x11b/0x170 [ 701.751208][T16343] ? __pfx___lock_acquire+0x10/0x10 [ 701.753545][T16343] ___sys_sendmsg+0x135/0x1e0 [ 701.755899][T16343] ? __pfx____sys_sendmsg+0x10/0x10 [ 701.758328][T16343] ? ksys_write+0x21c/0x260 [ 701.760378][T16343] ? __fget_light+0x173/0x210 [ 701.762458][T16343] __sys_sendmsg+0x117/0x1f0 [ 701.764540][T16343] ? __pfx___sys_sendmsg+0x10/0x10 [ 701.766693][T16343] __do_fast_syscall_32+0x73/0x120 [ 701.769570][T16343] do_fast_syscall_32+0x32/0x80 [ 701.771952][T16343] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 701.776102][T16343] RIP: 0023:0xf7f92579 [ 701.778050][T16343] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 701.787169][T16343] RSP: 002b:00000000f574657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 701.790688][T16343] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200003c0 [ 701.794749][T16343] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 701.798821][T16343] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 701.802277][T16343] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 701.805989][T16343] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 701.809746][T16343] [ 702.241012][ T1086] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 702.355782][ T1086] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 702.374782][ T1086] bond0 (unregistering): Released all slaves [ 702.773338][T16357] 9pnet_fd: Insufficient options for proto=fd [ 703.056151][T16361] FAULT_INJECTION: forcing a failure. [ 703.056151][T16361] name failslab, interval 1, probability 0, space 0, times 0 [ 703.064333][T16361] CPU: 0 UID: 0 PID: 16361 Comm: syz.3.3134 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 703.069051][T16361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 703.074660][T16361] Call Trace: [ 703.076124][T16361] [ 703.077540][T16361] dump_stack_lvl+0x16c/0x1f0 [ 703.079562][T16361] should_fail_ex+0x497/0x5b0 [ 703.081684][T16361] ? fs_reclaim_acquire+0xae/0x160 [ 703.084845][T16361] should_failslab+0xc2/0x120 [ 703.087505][T16361] __kmalloc_cache_noprof+0x6b/0x310 [ 703.090270][T16361] ? _snd_pcm_hw_param_min+0x259/0x630 [ 703.093001][T16361] ? snd_pcm_oss_change_params_locked+0x6e5/0x3a50 [ 703.095846][T16361] snd_pcm_oss_change_params_locked+0x6e5/0x3a50 [ 703.098548][T16361] ? trace_contention_end+0xea/0x140 [ 703.101028][T16361] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 703.104268][T16361] ? lock_acquire+0x1b1/0x560 [ 703.106807][T16361] ? snd_pcm_oss_make_ready+0xc4/0x1b0 [ 703.109594][T16361] ? __pfx___mutex_lock+0x10/0x10 [ 703.125556][T16361] ? snd_pcm_stream_unlock_irq+0x90/0xb0 [ 703.127723][T16361] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 703.129746][T16361] snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0 [ 703.132057][T16361] ? lockdep_hardirqs_on+0x7c/0x110 [ 703.134167][T16361] snd_pcm_oss_poll+0x971/0xb30 [ 703.135973][T16361] ? __pfx___debug_object_init+0x10/0x10 [ 703.138285][T16361] ? __might_fault+0x13b/0x190 [ 703.141808][T16361] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 703.144194][T16361] ? lockdep_init_map_type+0x16d/0x7d0 [ 703.146536][T16361] io_submit_one+0xc04/0x1df0 [ 703.148568][T16361] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 703.151454][T16361] ? __pfx_io_submit_one+0x10/0x10 [ 703.153870][T16361] ? __pfx_aio_poll_queue_proc+0x10/0x10 [ 703.156728][T16361] ? __might_fault+0x13b/0x190 [ 703.159487][T16361] ? __pfx___might_resched+0x10/0x10 [ 703.162152][T16361] ? __ia32_compat_sys_io_submit+0x1af/0x390 [ 703.165630][T16361] __ia32_compat_sys_io_submit+0x1af/0x390 [ 703.171106][T16361] ? __pfx___ia32_compat_sys_io_submit+0x10/0x10 [ 703.173701][T16361] __do_fast_syscall_32+0x73/0x120 [ 703.175919][T16361] do_fast_syscall_32+0x32/0x80 [ 703.178537][T16361] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 703.182777][T16361] RIP: 0023:0xf7f92579 [ 703.184713][T16361] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 703.195821][T16361] RSP: 002b:00000000f574657c EFLAGS: 00000292 ORIG_RAX: 00000000000000f8 [ 703.201679][T16361] RAX: ffffffffffffffda RBX: 00000000f7f8d000 RCX: 0000000000000002 [ 703.207787][T16361] RDX: 0000000020002340 RSI: 0000000000000000 RDI: 0000000000000000 [ 703.212182][T16361] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 703.215664][T16361] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 703.219294][T16361] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 703.223328][T16361] [ 703.272654][ C2] hpet: Lost 1 RTC interrupts [ 703.565232][ T1086] hsr_slave_0: left promiscuous mode [ 703.584807][ T1086] hsr_slave_1: left promiscuous mode [ 703.603218][ T1086] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 703.607053][ T1086] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 703.612297][ T1086] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 703.616130][ T1086] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 703.756141][ T1086] veth1_macvtap: left promiscuous mode [ 703.765482][ T1086] veth0_macvtap: left promiscuous mode [ 703.773170][ T1086] veth1_vlan: left promiscuous mode [ 703.775494][ T1086] veth0_vlan: left promiscuous mode [ 704.589231][T16392] kAFS: unparsable volume name [ 705.670713][ C2] hpet: Lost 1 RTC interrupts [ 705.827680][ C2] hpet: Lost 1 RTC interrupts [ 706.089966][ T1086] team0 (unregistering): Port device team_slave_1 removed [ 706.339148][ T1086] team0 (unregistering): Port device team_slave_0 removed [ 706.687887][ C2] hpet: Lost 1 RTC interrupts [ 706.864318][ C2] hpet: Lost 1 RTC interrupts [ 706.921690][ C2] hpet: Lost 1 RTC interrupts [ 709.574175][T16437] binder: 16434:16437 ioctl c0189379 20000280 returned -22 [ 709.592530][ C2] hpet: Lost 1 RTC interrupts [ 709.617194][T16437] binder: 16434:16437 ioctl 540f 20000000 returned -22 [ 709.750260][T16440] kAFS: unparsable volume name [ 710.420527][ C2] hpet: Lost 1 RTC interrupts [ 710.924313][ C2] hpet: Lost 1 RTC interrupts [ 710.950271][T16453] FAULT_INJECTION: forcing a failure. [ 710.950271][T16453] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 710.976864][T16453] CPU: 0 UID: 0 PID: 16453 Comm: syz.3.3157 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 710.981498][T16453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 710.986243][T16453] Call Trace: [ 710.987741][T16453] [ 710.989084][T16453] dump_stack_lvl+0x16c/0x1f0 [ 710.991155][T16453] should_fail_ex+0x497/0x5b0 [ 710.993184][T16453] _copy_from_user+0x30/0xf0 [ 710.995253][T16453] get_compat_msghdr+0xa8/0x170 [ 710.997403][T16453] ? __pfx_get_compat_msghdr+0x10/0x10 [ 710.999926][T16453] ? __pfx___lock_acquire+0x10/0x10 [ 711.002240][T16453] ___sys_sendmsg+0x1b0/0x1e0 [ 711.004578][T16453] ? __pfx____sys_sendmsg+0x10/0x10 [ 711.006919][T16453] ? ksys_write+0x21c/0x260 [ 711.008974][T16453] ? __fget_light+0x173/0x210 [ 711.010852][T16453] __sys_sendmsg+0x117/0x1f0 [ 711.012904][T16453] ? __pfx___sys_sendmsg+0x10/0x10 [ 711.015154][T16453] __do_fast_syscall_32+0x73/0x120 [ 711.017413][T16453] do_fast_syscall_32+0x32/0x80 [ 711.019574][T16453] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 711.022374][T16453] RIP: 0023:0xf7f92579 [ 711.024244][T16453] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 711.032509][T16453] RSP: 002b:00000000f574657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 711.036829][T16453] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000380 [ 711.040240][T16453] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 711.043663][T16453] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 711.047158][T16453] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 711.050612][T16453] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 711.054230][T16453] [ 711.464424][T16462] kAFS: unparsable volume name [ 712.486651][T16477] batadv_slave_1: entered promiscuous mode [ 712.599343][T16470] batadv_slave_1: left promiscuous mode [ 713.893915][T16501] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3170'. [ 713.960361][T16503] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3171'. [ 713.985668][T16505] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.3172'. [ 713.992279][T16505] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes. [ 714.267438][T16521] kAFS: unparsable volume name [ 715.282241][T16536] binder: 16534:16536 ioctl c0189379 20000280 returned -22 [ 715.289356][T16536] binder: 16534:16536 ioctl 540f 20000000 returned -22 [ 715.895482][T16538] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3180'. [ 717.105432][ C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 717.125420][ T39] audit: type=1400 audit(1721882166.294:240): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 717.581557][T16553] netlink: 'syz.2.3184': attribute type 12 has an invalid length. [ 717.649706][T16553] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3184'. [ 718.418983][T16568] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3189'. [ 718.668358][ T39] audit: type=1400 audit(1721882167.834:241): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 719.397970][T16601] netlink: 'syz.2.3197': attribute type 12 has an invalid length. [ 719.437451][ C2] hpet: Lost 2 RTC interrupts [ 719.449584][T16601] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3197'. [ 719.559762][ T1151] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 719.763910][ T1151] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 719.767827][ T1151] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 719.772754][ T1151] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 719.777098][ T1151] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 719.785313][ T1151] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 719.789155][ T1151] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 719.793438][ T1151] usb 5-1: Product: syz [ 719.795386][ T1151] usb 5-1: Manufacturer: syz [ 719.806414][ T1151] cdc_wdm 5-1:1.0: skipping garbage [ 719.808779][ T1151] cdc_wdm 5-1:1.0: skipping garbage [ 719.815870][ T1151] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 719.818547][ T1151] cdc_wdm 5-1:1.0: Unknown control protocol [ 720.125540][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 720.129875][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 720.133213][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 720.136654][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 720.140307][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 720.143396][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 720.145916][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 720.148790][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 720.151861][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 720.154856][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 720.157973][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 720.160871][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 720.164483][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 720.167515][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 720.170452][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 720.173414][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 720.176328][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 720.179320][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 720.182870][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 720.185595][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 720.200958][ T30] usb 5-1: USB disconnect, device number 40 [ 720.201050][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 721.045800][ T39] audit: type=1400 audit(1721882170.214:242): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 721.841611][T16633] kAFS: unparsable volume name [ 723.123089][T16656] fuse: Unknown parameter 'dfTXF@"inI݋M' [ 724.486275][T16677] kAFS: unparsable volume name [ 725.122486][ T39] audit: type=1400 audit(1721882174.294:243): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 725.617554][T16696] FAULT_INJECTION: forcing a failure. [ 725.617554][T16696] name failslab, interval 1, probability 0, space 0, times 0 [ 725.663136][T16696] CPU: 3 UID: 0 PID: 16696 Comm: syz.0.3220 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 725.668957][T16696] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 725.673333][T16696] Call Trace: [ 725.674737][T16696] [ 725.675959][T16696] dump_stack_lvl+0x16c/0x1f0 [ 725.678006][T16696] should_fail_ex+0x497/0x5b0 [ 725.680014][T16696] ? fs_reclaim_acquire+0xae/0x160 [ 725.682182][T16696] should_failslab+0xc2/0x120 [ 725.684200][T16696] kmem_cache_alloc_node_noprof+0x71/0x310 [ 725.686731][T16696] ? alloc_io_context+0x21/0x2f0 [ 725.688832][T16696] alloc_io_context+0x21/0x2f0 [ 725.690822][T16696] __copy_io+0xdc/0x210 [ 725.692580][T16696] copy_process+0x25c6/0x6f50 [ 725.694524][T16696] ? __pfx_copy_process+0x10/0x10 [ 725.696638][T16696] ? lockdep_init_map_type+0x16d/0x7d0 [ 725.698926][T16696] ? __raw_spin_lock_init+0x3a/0x110 [ 725.701199][T16696] ? __pfx_vhost_worker_killed+0x10/0x10 [ 725.703714][T16696] ? __pfx_vhost_run_work_list+0x10/0x10 [ 725.706487][T16696] vhost_task_create+0x1bd/0x2b0 [ 725.708649][T16696] ? __pfx_vhost_task_create+0x10/0x10 [ 725.711286][T16696] ? __pfx_vhost_task_fn+0x10/0x10 [ 725.713523][T16696] vhost_worker_create+0x152/0x370 [ 725.716441][T16696] ? __pfx_vhost_worker_create+0x10/0x10 [ 725.718658][T16696] ? rcu_is_watching+0x12/0xc0 [ 725.720597][T16696] ? __kmalloc_noprof+0x207/0x410 [ 725.722702][T16696] ? rcu_is_watching+0x12/0xc0 [ 725.724731][T16696] vhost_dev_set_owner+0x5c8/0xa70 [ 725.727693][T16696] vhost_dev_ioctl+0x937/0xe20 [ 725.729873][T16696] ? __pfx___mutex_lock+0x10/0x10 [ 725.732088][T16696] ? __pfx_vhost_dev_ioctl+0x10/0x10 [ 725.734478][T16696] vhost_vsock_dev_ioctl+0x3b0/0xb50 [ 725.736804][T16696] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 725.739285][T16696] ? __fget_files+0x256/0x400 [ 725.741563][T16696] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 725.744312][T16696] compat_ptr_ioctl+0x71/0xb0 [ 725.746242][T16696] ? __pfx_compat_ptr_ioctl+0x10/0x10 [ 725.748742][T16696] __do_compat_sys_ioctl+0x2c3/0x330 [ 725.751397][T16696] __do_fast_syscall_32+0x73/0x120 [ 725.753561][T16696] do_fast_syscall_32+0x32/0x80 [ 725.755617][T16696] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 725.758662][T16696] RIP: 0023:0xf7fb6579 [ 725.760609][T16696] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 725.768138][T16696] RSP: 002b:00000000f576657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 725.771790][T16696] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000af01 [ 725.775263][T16696] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 725.778752][T16696] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 725.782340][T16696] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 725.785829][T16696] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 725.789449][T16696] [ 726.056238][ C2] hpet: Lost 1 RTC interrupts [ 727.198671][ T39] audit: type=1400 audit(1721882176.364:244): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 727.263930][T16720] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3228'. [ 727.497719][T16725] kAFS: unparsable volume name [ 728.606212][T16742] kAFS: unparsable volume name [ 730.174879][ T39] audit: type=1400 audit(1721882179.344:245): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 731.764215][ C2] hpet: Lost 1 RTC interrupts [ 731.824673][ C2] hpet: Lost 2 RTC interrupts [ 731.912763][T16779] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 732.004655][ T1151] IPVS: starting estimator thread 0... [ 732.094229][T16785] IPVS: using max 20 ests per chain, 48000 per kthread [ 732.614038][T16790] fuse: Unknown parameter 'dfTXF@"inI݋M' [ 732.621065][T16790] team0: Device bridge0 is up. Set it down before adding it as a team port [ 732.629261][T16790] bridge_slave_1: left allmulticast mode [ 732.632503][T16790] bridge_slave_1: left promiscuous mode [ 732.635045][T16790] bridge0: port 2(bridge_slave_1) entered disabled state [ 732.672928][T16790] bridge_slave_0: left allmulticast mode [ 732.675250][T16790] bridge_slave_0: left promiscuous mode [ 732.678010][T16790] bridge0: port 1(bridge_slave_0) entered disabled state [ 732.824390][ T39] audit: type=1400 audit(1721882181.994:246): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 733.944038][ C1] vkms_vblank_simulate: vblank timer overrun [ 733.984157][ C1] vkms_vblank_simulate: vblank timer overrun [ 734.359908][ T1151] usb 7-1: new high-speed USB device number 43 using dummy_hcd [ 734.584848][ T1151] usb 7-1: Using ep0 maxpacket: 32 [ 734.591168][ T1151] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 734.615768][ T1151] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 734.629460][ T1151] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 734.634487][ T1151] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 734.638403][ T1151] usb 7-1: Product: syz [ 734.641154][ T1151] usb 7-1: Manufacturer: syz [ 734.643263][ T1151] usb 7-1: SerialNumber: syz [ 734.877729][ T1151] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 43 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 735.509410][T16822] overlayfs: invalid origin (0000) [ 736.024148][ T39] audit: type=1400 audit(1721882185.184:247): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 736.675211][T16834] FAULT_INJECTION: forcing a failure. [ 736.675211][T16834] name failslab, interval 1, probability 0, space 0, times 0 [ 736.720801][ C1] vkms_vblank_simulate: vblank timer overrun [ 736.759683][T16834] CPU: 1 UID: 0 PID: 16834 Comm: syz.0.3258 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 736.764958][T16834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 736.769470][T16834] Call Trace: [ 736.770942][T16834] [ 736.772282][T16834] dump_stack_lvl+0x16c/0x1f0 [ 736.774560][T16834] should_fail_ex+0x497/0x5b0 [ 736.776832][T16834] ? fs_reclaim_acquire+0xae/0x160 [ 736.779021][T16834] should_failslab+0xc2/0x120 [ 736.781065][T16834] __kmalloc_noprof+0xcb/0x410 [ 736.783183][T16834] ? __pfx___mutex_trylock_common+0x10/0x10 [ 736.786038][T16834] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 736.788795][T16834] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 736.790838][T16834] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 736.793347][T16834] ? ns_capable+0xd7/0x110 [ 736.795265][T16834] genl_rcv_msg+0x565/0x800 [ 736.797221][T16834] ? __pfx_genl_rcv_msg+0x10/0x10 [ 736.799301][T16834] ? __pfx_wg_set_device+0x10/0x10 [ 736.802045][T16834] netlink_rcv_skb+0x165/0x410 [ 736.804195][T16834] ? __pfx_genl_rcv_msg+0x10/0x10 [ 736.806375][T16834] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 736.808697][T16834] ? down_read+0xc9/0x330 [ 736.810458][T16834] ? __pfx_down_read+0x10/0x10 [ 736.812661][T16834] ? netlink_deliver_tap+0x1ae/0xcf0 [ 736.815015][T16834] genl_rcv+0x28/0x40 [ 736.816826][T16834] netlink_unicast+0x544/0x830 [ 736.818987][T16834] ? __pfx_netlink_unicast+0x10/0x10 [ 736.821286][T16834] ? __phys_addr_symbol+0x30/0x80 [ 736.823463][T16834] ? __check_object_size+0x497/0x720 [ 736.825897][T16834] netlink_sendmsg+0x8b8/0xd70 [ 736.828047][T16834] ? __pfx_netlink_sendmsg+0x10/0x10 [ 736.830812][T16834] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 736.833210][T16834] ____sys_sendmsg+0x9b4/0xb50 [ 736.835324][T16834] ? __pfx_____sys_sendmsg+0x10/0x10 [ 736.837757][T16834] ? get_compat_msghdr+0x11b/0x170 [ 736.840452][T16834] ? __pfx___lock_acquire+0x10/0x10 [ 736.842943][T16834] ___sys_sendmsg+0x135/0x1e0 [ 736.845060][T16834] ? __pfx____sys_sendmsg+0x10/0x10 [ 736.847370][T16834] ? ksys_write+0x21c/0x260 [ 736.849312][T16834] ? __fget_light+0x173/0x210 [ 736.851343][T16834] __sys_sendmsg+0x117/0x1f0 [ 736.853303][T16834] ? __pfx___sys_sendmsg+0x10/0x10 [ 736.855181][T16834] __do_fast_syscall_32+0x73/0x120 [ 736.857222][T16834] do_fast_syscall_32+0x32/0x80 [ 736.859621][T16834] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 736.862240][T16834] RIP: 0023:0xf7fb6579 [ 736.864082][T16834] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 736.872290][T16834] RSP: 002b:00000000f576657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 736.875721][T16834] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000340 [ 736.879002][T16834] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 736.882255][T16834] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 736.885462][T16834] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 736.888704][T16834] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 736.892011][T16834] [ 736.893512][ C1] vkms_vblank_simulate: vblank timer overrun [ 737.054056][T16837] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3259'. [ 737.213395][ T1151] usb 7-1: USB disconnect, device number 43 [ 737.218173][ T1151] usblp0: removed [ 737.406638][T16847] fuse: Unknown parameter 'dfTXF@"inI݋M' [ 737.619047][ T39] audit: type=1400 audit(1721882186.784:248): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 737.748208][T16863] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 737.792231][T16863] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 737.802086][ T1277] usb 6-1: new high-speed USB device number 43 using dummy_hcd [ 737.806102][T16863] vhci_hcd vhci_hcd.0: Device attached [ 737.941192][T16865] vhci_hcd: connection closed [ 737.942238][ T9419] vhci_hcd: stop threads [ 737.946957][ T9419] vhci_hcd: release socket [ 737.948978][ T9419] vhci_hcd: disconnect device [ 738.001753][ T1277] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 738.005460][ T1277] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 738.022619][ T1277] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 738.026158][ T1277] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 738.044361][ T1277] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 738.048541][ T1277] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 738.059651][ T1277] usb 6-1: Product: syz [ 738.061764][ T1277] usb 6-1: Manufacturer: syz [ 738.087107][ T1277] cdc_wdm 6-1:1.0: skipping garbage [ 738.096145][ T1277] cdc_wdm 6-1:1.0: skipping garbage [ 738.100520][ T1277] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 738.104425][ T1277] cdc_wdm 6-1:1.0: Unknown control protocol [ 738.257897][T16881] kAFS: unparsable volume name [ 738.405615][ C3] wdm_int_callback: 34 callbacks suppressed [ 738.405628][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 738.410796][ C3] wdm_int_callback: 34 callbacks suppressed [ 738.410809][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 738.415609][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 738.418513][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 738.421330][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 738.424390][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 738.427323][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 738.430824][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 738.433704][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 738.436801][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 738.440133][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 738.449815][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 738.453106][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 738.455458][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 738.457485][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 738.459391][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 738.462076][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 738.465255][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 738.467889][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 738.470430][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 738.476409][ T1277] usb 6-1: USB disconnect, device number 43 [ 738.479106][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 739.054578][T16888] kAFS: unparsable volume name [ 739.107444][T16890] fuse: Unknown parameter 'dfTXF@"inI݋M' [ 739.143061][T16890] team0: Port device bridge0 added [ 739.194600][T16890] team0: Port device bridge0 removed [ 741.296163][ C2] hpet: Lost 1 RTC interrupts [ 741.488132][T16929] kAFS: unparsable volume name [ 741.500312][ T5259] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 741.727394][ T5259] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 741.744112][ T5259] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 741.755766][ T5259] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 741.764519][ T5259] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 741.777813][ T5259] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 741.784412][ T5259] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 741.789956][ T5259] usb 5-1: Product: syz [ 741.792958][ T5259] usb 5-1: Manufacturer: syz [ 741.806721][ T5259] cdc_wdm 5-1:1.0: skipping garbage [ 741.809965][ T5259] cdc_wdm 5-1:1.0: skipping garbage [ 741.818101][ T5259] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 741.867658][ T5259] cdc_wdm 5-1:1.0: Unknown control protocol [ 742.131441][ T5259] usb 5-1: USB disconnect, device number 41 [ 742.137050][ C2] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 742.518167][T16942] sctp: [Deprecated]: syz.2.3290 (pid 16942) Use of struct sctp_assoc_value in delayed_ack socket option. [ 742.518167][T16942] Use struct sctp_sack_info instead [ 742.548823][ C2] hpet: Lost 1 RTC interrupts [ 743.049183][T16956] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3293'. [ 743.107268][T16956] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3293'. [ 743.639942][ C2] hpet: Lost 1 RTC interrupts [ 743.649955][T16966] kAFS: unparsable volume name [ 744.032442][ C2] hpet: Lost 1 RTC interrupts [ 744.110400][T16970] kAFS: unparsable volume name [ 744.808089][T16974] kAFS: unparsable volume name [ 745.376147][ C2] hpet: Lost 1 RTC interrupts [ 745.640201][T16977] netlink: 'syz.2.3299': attribute type 12 has an invalid length. [ 745.643143][T16977] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3299'. [ 745.868098][T16986] Device name cannot be null; rc = [-22] [ 745.928667][ T39] audit: type=1326 audit(1721882195.094:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16988 comm="syz.0.3303" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb6579 code=0x0 [ 746.294351][T17004] fuse: Unknown parameter 'dfTXF@"inI݋M' [ 746.354799][T17007] kAFS: unparsable volume name [ 747.137003][T17025] program syz.3.3313 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 747.196509][T17025] netlink: 'syz.3.3313': attribute type 2 has an invalid length. [ 747.203994][ T39] audit: type=1326 audit(1721882196.374:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17024 comm="syz.3.3313" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f92579 code=0x0 [ 747.349814][ T5219] usb 6-1: new high-speed USB device number 44 using dummy_hcd [ 747.540994][ T5219] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 747.575255][T17033] netlink: 'syz.0.3315': attribute type 12 has an invalid length. [ 747.579560][T17033] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3315'. [ 747.619664][ T5219] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 747.623618][ T5219] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 747.628332][ T5219] usb 6-1: config 0 interface 0 has no altsetting 0 [ 747.637529][ T5219] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 747.642064][ T5219] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 747.646736][ T5219] usb 6-1: config 0 interface 0 has no altsetting 0 [ 747.660478][ T5219] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 747.664251][ T5219] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 747.672266][ T5219] usb 6-1: config 0 interface 0 has no altsetting 0 [ 747.682234][ T5219] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 747.685484][ T5219] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 747.696590][ T5219] usb 6-1: config 0 interface 0 has no altsetting 0 [ 747.705607][ T5219] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 747.710502][ T5219] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 747.714992][ T5219] usb 6-1: config 0 interface 0 has no altsetting 0 [ 747.724230][T17037] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3316'. [ 747.728928][ T5219] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 747.739662][ T5219] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 747.744587][ T5219] usb 6-1: config 0 interface 0 has no altsetting 0 [ 747.751221][ T5219] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 747.754942][ T5219] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 747.759104][ T5219] usb 6-1: config 0 interface 0 has no altsetting 0 [ 747.782522][ T5219] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 747.786664][ T5219] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 747.800039][ T5219] usb 6-1: config 0 interface 0 has no altsetting 0 [ 747.808263][ T5219] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 747.812854][ T5219] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 747.816485][ T5219] usb 6-1: Product: syz [ 747.818370][ T5219] usb 6-1: Manufacturer: syz [ 747.830020][ T5219] usb 6-1: SerialNumber: syz [ 747.840907][ T5219] usb 6-1: config 0 descriptor?? [ 747.860983][ T5219] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0 [ 747.862180][T17039] fuse: Unknown parameter 'dfTXF@"inI݋M' [ 748.069123][ T5259] usb 6-1: USB disconnect, device number 44 [ 748.103860][ T5259] yurex 6-1:0.0: USB YUREX #0 now disconnected [ 748.813566][T17059] afs: Bad value for 'source' [ 749.230875][T17063] kAFS: unparsable volume name [ 749.513373][T17070] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3325'. [ 749.639870][T17073] program syz.2.3326 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 749.687848][T17073] netlink: 'syz.2.3326': attribute type 2 has an invalid length. [ 749.698720][ T39] audit: type=1326 audit(1721882198.864:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17072 comm="syz.2.3326" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe3579 code=0x0 [ 749.986532][T17081] fuse: Unknown parameter 'dfTXF@"inI݋M' [ 750.236004][ C2] hpet: Lost 1 RTC interrupts [ 750.324044][T17095] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3331'. [ 750.442481][T17091] netlink: 'syz.1.3330': attribute type 12 has an invalid length. [ 750.445982][T17091] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3330'. [ 750.544052][T17104] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3334'. [ 750.670927][T17108] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 750.824740][T17112] kAFS: unparsable volume name [ 751.210914][T17116] kAFS: unparsable volume name [ 751.423949][T17120] fuse: Unknown parameter 'dfTXF@"inI݋M' [ 751.591843][ C2] hpet: Lost 1 RTC interrupts [ 751.914211][T17133] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3343'. [ 751.915885][ C2] hpet: Lost 1 RTC interrupts [ 752.272814][T17148] fuse: Unknown parameter 'dfTXF@"inI݋M' [ 752.284893][ T5226] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 752.501633][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.504785][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 752.820444][T13692] usb 6-1: new high-speed USB device number 45 using dummy_hcd [ 752.936112][ C2] hpet: Lost 1 RTC interrupts [ 753.014207][T13692] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 753.018113][T13692] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 753.028878][T13692] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 753.033861][T13692] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 753.055128][T17167] fuse: Unknown parameter 'dfTXF@"inI݋M' [ 753.060867][T13692] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 753.065847][T13692] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 753.070178][T13692] usb 6-1: Product: syz [ 753.073174][T13692] usb 6-1: Manufacturer: syz [ 753.104747][T13692] cdc_wdm 6-1:1.0: skipping garbage [ 753.107224][T13692] cdc_wdm 6-1:1.0: skipping garbage [ 753.121240][T13692] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 753.125070][T13692] cdc_wdm 6-1:1.0: Unknown control protocol [ 753.206994][T17175] FAULT_INJECTION: forcing a failure. [ 753.206994][T17175] name failslab, interval 1, probability 0, space 0, times 0 [ 753.217583][T17175] CPU: 2 UID: 0 PID: 17175 Comm: syz.2.3350 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 753.222917][T17175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 753.227722][T17175] Call Trace: [ 753.229257][T17175] [ 753.230588][T17175] dump_stack_lvl+0x16c/0x1f0 [ 753.232801][T17175] should_fail_ex+0x497/0x5b0 [ 753.235389][T17175] ? fs_reclaim_acquire+0xae/0x160 [ 753.237837][T17175] should_failslab+0xc2/0x120 [ 753.239943][T17175] __kmalloc_cache_noprof+0x6b/0x310 [ 753.242257][T17175] ? __pfx_lock_release+0x10/0x10 [ 753.244870][T17175] ? __inet_diag_dump_start+0x8f/0x7f0 [ 753.247375][T17175] __inet_diag_dump_start+0x8f/0x7f0 [ 753.249974][T17175] __netlink_dump_start+0x624/0x9c0 [ 753.253502][T17175] inet_diag_handler_cmd+0x284/0x2e0 [ 753.255919][T17175] ? __pfx_inet_diag_handler_cmd+0x10/0x10 [ 753.258535][T17175] ? __pfx_lock_release+0x10/0x10 [ 753.261264][T17175] ? __pfx_inet_diag_dump_start+0x10/0x10 [ 753.263652][T17175] ? __pfx_inet_diag_dump+0x10/0x10 [ 753.265942][T17175] ? __pfx_inet_diag_dump_done+0x10/0x10 [ 753.268324][T17175] sock_diag_rcv_msg+0x437/0x790 [ 753.270602][T17175] netlink_rcv_skb+0x165/0x410 [ 753.272738][T17175] ? __pfx_sock_diag_rcv_msg+0x10/0x10 [ 753.275110][T17175] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 753.277415][T17175] ? netlink_deliver_tap+0x1ae/0xcf0 [ 753.279776][T17175] netlink_unicast+0x544/0x830 [ 753.281746][T17175] ? __pfx_netlink_unicast+0x10/0x10 [ 753.283825][T17175] ? __phys_addr_symbol+0x30/0x80 [ 753.285944][T17175] ? __check_object_size+0x497/0x720 [ 753.288310][T17175] netlink_sendmsg+0x8b8/0xd70 [ 753.290435][T17175] ? __pfx_netlink_sendmsg+0x10/0x10 [ 753.292795][T17175] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 753.294996][T17175] sock_write_iter+0x50a/0x5c0 [ 753.297781][T17175] ? __pfx_sock_write_iter+0x10/0x10 [ 753.300120][T17175] ? __pfx_mark_lock+0x10/0x10 [ 753.302222][T17175] do_iter_readv_writev+0x531/0x800 [ 753.304435][T17175] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 753.306977][T17175] ? bpf_lsm_file_permission+0x9/0x10 [ 753.309440][T17175] ? security_file_permission+0x98/0xc0 [ 753.311854][T17175] vfs_writev+0x36f/0xde0 [ 753.313686][T17175] ? __pfx_vfs_writev+0x10/0x10 [ 753.315985][T17175] ? __fget_files+0x24c/0x400 [ 753.318056][T17175] ? do_writev+0x287/0x370 [ 753.319959][T17175] do_writev+0x287/0x370 [ 753.321786][T17175] ? __pfx_do_writev+0x10/0x10 [ 753.323895][T17175] __do_fast_syscall_32+0x73/0x120 [ 753.326048][T17175] do_fast_syscall_32+0x32/0x80 [ 753.328186][T17175] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 753.330991][T17175] RIP: 0023:0xf7fe3579 [ 753.332797][T17175] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 753.341460][T17175] RSP: 002b:00000000f577557c EFLAGS: 00000292 ORIG_RAX: 0000000000000092 [ 753.345160][T17175] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200002c0 [ 753.348636][T17175] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 753.352120][T17175] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 753.355601][T17175] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 753.359387][T17175] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 753.362586][T17175] [ 753.363889][ C2] vkms_vblank_simulate: vblank timer overrun [ 753.366947][ C2] hpet: Lost 8 RTC interrupts [ 753.496549][T17179] kAFS: unparsable volume name [ 753.540544][ C2] wdm_int_callback: 21 callbacks suppressed [ 753.540563][ C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 753.541226][T13692] usb 6-1: USB disconnect, device number 45 [ 753.543295][ C2] wdm_int_callback: 21 callbacks suppressed [ 753.543308][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 753.554242][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 753.617444][T17182] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3352'. [ 753.988196][ T5227] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 754.009044][ T5227] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 754.015333][ T5227] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 754.023163][ T5227] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 754.028517][ T5227] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 754.034324][ T5227] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 754.313378][ T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.467875][ T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.492528][T17184] chnl_net:caif_netlink_parms(): no params data found [ 754.644841][ T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.725913][ T13] batman_adv: batadv2: Interface deactivated: netdevsim0 [ 754.744145][ T13] batman_adv: batadv2: Removing interface: netdevsim0 [ 754.752106][ T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.791072][T17184] bridge0: port 1(bridge_slave_0) entered blocking state [ 754.794590][T17184] bridge0: port 1(bridge_slave_0) entered disabled state [ 754.798722][T17184] bridge_slave_0: entered allmulticast mode [ 754.803732][T17184] bridge_slave_0: entered promiscuous mode [ 754.817706][T17184] bridge0: port 2(bridge_slave_1) entered blocking state [ 754.821455][T17184] bridge0: port 2(bridge_slave_1) entered disabled state [ 754.825548][T17184] bridge_slave_1: entered allmulticast mode [ 754.830632][T17184] bridge_slave_1: entered promiscuous mode [ 754.970463][T17184] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 754.999179][T17184] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 755.159475][T17184] team0: Port device team_slave_0 added [ 755.167608][T17184] team0: Port device team_slave_1 added [ 755.631756][ C2] vkms_vblank_simulate: vblank timer overrun [ 755.654899][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 755.663036][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 755.687223][ T13] bond0 (unregistering): Released all slaves [ 755.870091][T17201] kAFS: unparsable volume name [ 755.922164][ T13] : left promiscuous mode [ 755.987859][T17184] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 755.995975][T17184] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 756.012538][T17184] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 756.020166][T17184] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 756.023323][T17184] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 756.037753][T17184] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 756.102034][ T5227] Bluetooth: hci4: command tx timeout [ 756.178617][ T13] tipc: Left network mode [ 756.198619][T17184] hsr_slave_0: entered promiscuous mode [ 756.210785][T17184] hsr_slave_1: entered promiscuous mode [ 756.216976][T17184] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 756.229696][T17184] Cannot create hsr debugfs directory [ 756.640065][ C2] hpet: Lost 1 RTC interrupts [ 756.928097][ C2] hpet: Lost 1 RTC interrupts [ 756.957844][ T13] hsr_slave_0: left promiscuous mode [ 756.974945][ T13] hsr_slave_1: left promiscuous mode [ 756.981159][T17221] FAULT_INJECTION: forcing a failure. [ 756.981159][T17221] name failslab, interval 1, probability 0, space 0, times 0 [ 756.987594][T17221] CPU: 2 UID: 0 PID: 17221 Comm: syz.1.3358 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 756.992303][T17221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 756.997092][T17221] Call Trace: [ 756.998484][T17221] [ 756.999840][T17221] dump_stack_lvl+0x16c/0x1f0 [ 757.001971][T17221] should_fail_ex+0x497/0x5b0 [ 757.004369][T17221] ? fs_reclaim_acquire+0xae/0x160 [ 757.006874][T17221] should_failslab+0xc2/0x120 [ 757.008983][T17221] kmem_cache_alloc_node_noprof+0x71/0x310 [ 757.011617][T17221] ? alloc_vmap_area+0x636/0x2a70 [ 757.013923][T17221] alloc_vmap_area+0x636/0x2a70 [ 757.016140][T17221] ? __pfx_alloc_vmap_area+0x10/0x10 [ 757.018261][T17221] __get_vm_area_node+0x17e/0x2d0 [ 757.020527][T17221] __vmalloc_node_range_noprof+0x276/0x1520 [ 757.023246][T17221] ? bpf_check+0x1fa/0xb3f0 [ 757.025313][T17221] ? find_held_lock+0x2d/0x110 [ 757.027440][T17221] ? bpf_check+0x1fa/0xb3f0 [ 757.029570][T17221] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 757.032512][T17221] ? ___kmalloc_large_node+0x127/0x1a0 [ 757.034727][T17221] ? lockdep_hardirqs_on+0x7c/0x110 [ 757.036797][T17221] ? bpf_check+0x1fa/0xb3f0 [ 757.038771][T17221] vzalloc_noprof+0x6b/0x90 [ 757.040755][T17221] ? bpf_check+0x1fa/0xb3f0 [ 757.042822][T17221] bpf_check+0x1fa/0xb3f0 [ 757.044755][T17221] ? __pfx___lock_acquire+0x10/0x10 [ 757.047076][T17221] ? __pfx_bpf_check+0x10/0x10 [ 757.049321][T17221] ? ktime_get_with_offset+0x13a/0x240 [ 757.051938][T17221] ? __pfx_lock_release+0x10/0x10 [ 757.054274][T17221] ? find_held_lock+0x2d/0x110 [ 757.056427][T17221] ? timekeeping_debug_get_ns+0x3e0/0x5b0 [ 757.058979][T17221] ? lockdep_hardirqs_on+0x7c/0x110 [ 757.061622][T17221] ? read_tsc+0x9/0x20 [ 757.063431][T17221] ? timekeeping_debug_get_ns+0x334/0x5b0 [ 757.065920][T17221] ? bpf_obj_name_cpy+0x156/0x1b0 [ 757.068184][T17221] bpf_prog_load+0xe3f/0x2670 [ 757.070299][T17221] ? __pfx_bpf_prog_load+0x10/0x10 [ 757.072581][T17221] ? find_held_lock+0x2d/0x110 [ 757.074640][T17221] ? security_bpf+0x8c/0xc0 [ 757.076457][T17221] __sys_bpf+0x9e0/0x5600 [ 757.078166][T17221] ? __pfx___sys_bpf+0x10/0x10 [ 757.080113][T17221] ? ksys_write+0x12f/0x260 [ 757.082146][T17221] ? find_held_lock+0x2d/0x110 [ 757.084299][T17221] ? ksys_write+0x21c/0x260 [ 757.086545][T17221] ? __pfx_lock_release+0x10/0x10 [ 757.088785][T17221] ? vfs_write+0x14d/0x1140 [ 757.090827][T17221] ? __mutex_unlock_slowpath+0x164/0x650 [ 757.093347][T17221] ? fput+0x32/0x390 [ 757.095111][T17221] ? ksys_write+0x1ab/0x260 [ 757.097296][T17221] ? __pfx_ksys_write+0x10/0x10 [ 757.099459][T17221] __ia32_sys_bpf+0x76/0xe0 [ 757.101453][T17221] __do_fast_syscall_32+0x73/0x120 [ 757.103466][T17221] do_fast_syscall_32+0x32/0x80 [ 757.105602][T17221] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 757.108410][T17221] RIP: 0023:0xf743e579 [ 757.110235][T17221] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 757.118809][T17221] RSP: 002b:00000000f575657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 757.122613][T17221] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000040 [ 757.126095][T17221] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000 [ 757.129569][T17221] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 757.132937][T17221] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 757.136539][T17221] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 757.140052][T17221] [ 757.142433][ C2] hpet: Lost 9 RTC interrupts [ 757.165617][T17221] syz.1.3358: vmalloc error: size 288, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 757.181785][T17221] CPU: 2 UID: 0 PID: 17221 Comm: syz.1.3358 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 757.186519][T17221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 757.191546][T17221] Call Trace: [ 757.193127][T17221] [ 757.194461][T17221] dump_stack_lvl+0x16c/0x1f0 [ 757.196581][T17221] warn_alloc+0x24d/0x3a0 [ 757.198582][T17221] ? __pfx_warn_alloc+0x10/0x10 [ 757.200770][T17221] ? lockdep_hardirqs_on+0x7c/0x110 [ 757.203069][T17221] ? __get_vm_area_node+0x27d/0x2d0 [ 757.205217][T17221] ? __get_vm_area_node+0x1bc/0x2d0 [ 757.207259][T17221] __vmalloc_node_range_noprof+0xc1e/0x1520 [ 757.210032][T17221] ? find_held_lock+0x2d/0x110 [ 757.212107][T17221] ? bpf_check+0x1fa/0xb3f0 [ 757.213696][T17221] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 757.215815][T17221] ? ___kmalloc_large_node+0x127/0x1a0 [ 757.218120][T17221] ? lockdep_hardirqs_on+0x7c/0x110 [ 757.220203][T17221] ? bpf_check+0x1fa/0xb3f0 [ 757.222153][T17221] vzalloc_noprof+0x6b/0x90 [ 757.224265][T17221] ? bpf_check+0x1fa/0xb3f0 [ 757.226283][T17221] bpf_check+0x1fa/0xb3f0 [ 757.228206][T17221] ? __pfx___lock_acquire+0x10/0x10 [ 757.230034][T17221] ? __pfx_bpf_check+0x10/0x10 [ 757.231990][T17221] ? ktime_get_with_offset+0x13a/0x240 [ 757.234278][T17221] ? __pfx_lock_release+0x10/0x10 [ 757.236402][T17221] ? find_held_lock+0x2d/0x110 [ 757.238423][T17221] ? timekeeping_debug_get_ns+0x3e0/0x5b0 [ 757.240669][T17221] ? lockdep_hardirqs_on+0x7c/0x110 [ 757.242892][T17221] ? read_tsc+0x9/0x20 [ 757.244627][T17221] ? timekeeping_debug_get_ns+0x334/0x5b0 [ 757.246653][T17221] ? bpf_obj_name_cpy+0x156/0x1b0 [ 757.248479][T17221] bpf_prog_load+0xe3f/0x2670 [ 757.250334][T17221] ? __pfx_bpf_prog_load+0x10/0x10 [ 757.252751][T17221] ? find_held_lock+0x2d/0x110 [ 757.254910][T17221] ? security_bpf+0x8c/0xc0 [ 757.256726][T17221] __sys_bpf+0x9e0/0x5600 [ 757.258655][T17221] ? __pfx___sys_bpf+0x10/0x10 [ 757.260876][T17221] ? ksys_write+0x12f/0x260 [ 757.263066][T17221] ? find_held_lock+0x2d/0x110 [ 757.265011][T17221] ? ksys_write+0x21c/0x260 [ 757.266759][T17221] ? __pfx_lock_release+0x10/0x10 [ 757.268788][T17221] ? vfs_write+0x14d/0x1140 [ 757.270280][ T13] veth1_macvtap: left promiscuous mode [ 757.270686][T17221] ? __mutex_unlock_slowpath+0x164/0x650 [ 757.273049][ T13] veth0_macvtap: left promiscuous mode [ 757.275060][T17221] ? fput+0x32/0x390 [ 757.276953][ T13] veth1_vlan: left promiscuous mode [ 757.278136][T17221] ? ksys_write+0x1ab/0x260 [ 757.281815][T17221] ? __pfx_ksys_write+0x10/0x10 [ 757.283315][T17221] __ia32_sys_bpf+0x76/0xe0 [ 757.284303][ T13] veth0_vlan: left promiscuous mode [ 757.285596][T17221] __do_fast_syscall_32+0x73/0x120 [ 757.289439][T17221] do_fast_syscall_32+0x32/0x80 [ 757.291480][T17221] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 757.294321][T17221] RIP: 0023:0xf743e579 [ 757.296213][T17221] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 757.304090][T17221] RSP: 002b:00000000f575657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 757.307785][T17221] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000040 [ 757.311262][T17221] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000 [ 757.314748][T17221] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 757.318123][T17221] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 757.321527][T17221] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 757.324885][T17221] [ 757.327464][ C2] hpet: Lost 9 RTC interrupts [ 757.344871][T17221] Mem-Info: [ 757.350906][T17221] active_anon:10102 inactive_anon:138 isolated_anon:0 [ 757.350906][T17221] active_file:8559 inactive_file:34299 isolated_file:0 [ 757.350906][T17221] unevictable:768 dirty:300 writeback:0 [ 757.350906][T17221] slab_reclaimable:4447 slab_unreclaimable:65402 [ 757.350906][T17221] mapped:29003 shmem:5573 pagetables:862 [ 757.350906][T17221] sec_pagetables:345 bounce:0 [ 757.350906][T17221] kernel_misc_reclaimable:0 [ 757.350906][T17221] free:59451 free_pcp:5676 free_cma:0 [ 757.389729][T17221] Node 0 active_anon:228kB inactive_anon:2560kB active_file:0kB inactive_file:164kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:8372kB dirty:24kB writeback:0kB shmem:108kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9692kB pagetables:2176kB sec_pagetables:1308kB all_unreclaimable? no [ 757.450072][T17221] Node 1 active_anon:38076kB inactive_anon:16kB active_file:34236kB inactive_file:137040kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:107640kB dirty:1176kB writeback:0kB shmem:22184kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1844kB pagetables:1292kB sec_pagetables:72kB all_unreclaimable? no [ 757.501997][T17221] Node 0 DMA free:1236kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:176kB local_pcp:4kB free_cma:0kB [ 757.528392][T17221] lowmem_reserve[]: 0 374 0 0 0 [ 757.530967][T17221] Node 0 DMA32 free:31924kB boost:0kB min:19048kB low:23808kB high:28568kB reserved_highatomic:6144KB active_anon:2172kB inactive_anon:616kB active_file:168kB inactive_file:0kB unevictable:1536kB writepending:24kB present:1032192kB managed:410688kB mlocked:0kB bounce:0kB free_pcp:4284kB local_pcp:228kB free_cma:0kB [ 757.544358][T17221] lowmem_reserve[]: 0 0 0 0 0 [ 757.544830][ C2] hpet: Lost 1 RTC interrupts [ 757.554364][T17221] Node 1 DMA32 free:222840kB boost:0kB min:47048kB low:58808kB high:70568kB reserved_highatomic:0KB active_anon:38076kB inactive_anon:16kB active_file:34236kB inactive_file:137040kB unevictable:1536kB writepending:1176kB present:1048436kB managed:946208kB mlocked:0kB bounce:0kB free_pcp:27808kB local_pcp:12008kB free_cma:0kB [ 757.591707][T17221] lowmem_reserve[]: 0 0 0 0 0 [ 757.594098][T17221] Node 0 DMA: 51*4kB (U) 24*8kB (U) 10*16kB (U) 22*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 1260kB [ 757.599127][T17221] Node 0 DMA32: 208*4kB (UMH) 220*8kB (UMEH) 114*16kB (UMEH) 145*32kB (UMEH) 69*64kB (UMEH) 28*128kB (UMEH) 6*256kB (MEH) 6*512kB (UME) 2*1024kB (U) 2*2048kB (UM) 1*4096kB (U) = 31904kB [ 757.607652][T17221] Node 1 DMA32: 870*4kB (UME) 736*8kB (UME) 290*16kB (UME) 538*32kB (UME) 370*64kB (UME) 160*128kB (UME) 74*256kB (ME) 95*512kB (UME) 56*1024kB (UM) 13*2048kB (UM) 1*4096kB (U) = 231032kB [ 757.617072][T17221] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 757.621466][T17221] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 757.625703][T17221] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 757.630313][T17221] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 757.634426][T17221] 48836 total pagecache pages [ 757.636552][T17221] 405 pages in swap cache [ 757.638533][T17221] Free swap = 110796kB [ 757.642185][T17221] Total swap = 124996kB [ 757.644710][T17221] 524155 pages RAM [ 757.646457][T17221] 0 pages HighMem/MovableOnly [ 757.648704][T17221] 181091 pages reserved [ 757.651113][T17221] 0 pages cma reserved [ 757.968338][ T5227] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 758.047648][T17235] kAFS: unparsable volume name [ 758.179839][ T5227] Bluetooth: hci4: command tx timeout [ 758.412098][ C2] hpet: Lost 1 RTC interrupts [ 759.018124][T17250] devtmpfs: Unknown parameter 'fd' [ 760.254723][ T5227] Bluetooth: hci4: command tx timeout [ 760.305450][ T13] team0 (unregistering): Port device team_slave_1 removed [ 760.499934][ T13] team0 (unregistering): Port device team_slave_0 removed [ 760.894797][ C2] hpet: Lost 1 RTC interrupts [ 761.235503][ T13] smc: removing net device wg0 with user defined pnetid SYZ0 [ 762.342061][ T5227] Bluetooth: hci4: command tx timeout [ 762.572551][T17184] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 762.580269][T17184] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 762.586506][T17184] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 762.607929][ C2] hpet: Lost 1 RTC interrupts [ 762.626215][T17184] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 762.684140][T17288] kAFS: unparsable volume name [ 762.845480][T17184] 8021q: adding VLAN 0 to HW filter on device bond0 [ 762.881690][T17184] 8021q: adding VLAN 0 to HW filter on device team0 [ 762.895663][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state [ 762.899029][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 762.925001][ T1151] bridge0: port 2(bridge_slave_1) entered blocking state [ 762.928203][ T1151] bridge0: port 2(bridge_slave_1) entered forwarding state [ 762.987752][T17184] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 763.013711][T17184] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 763.163825][T17303] kAFS: unparsable volume name [ 763.525538][T17184] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 763.643816][ C2] hpet: Lost 1 RTC interrupts [ 763.667537][T17184] veth0_vlan: entered promiscuous mode [ 763.676829][T17184] veth1_vlan: entered promiscuous mode [ 763.723089][T17184] veth0_macvtap: entered promiscuous mode [ 763.751656][T17184] veth1_macvtap: entered promiscuous mode [ 763.789541][T17184] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 763.794876][T17184] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.799049][T17184] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 763.803518][T17184] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.807374][T17184] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 763.811507][T17184] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.815129][T17184] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 763.818840][T17184] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.822860][T17184] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 763.827886][T17184] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.863595][T17184] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 763.876231][T17184] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 763.900685][ C2] hpet: Lost 1 RTC interrupts [ 763.935863][ C2] hpet: Lost 2 RTC interrupts [ 763.951915][T17184] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.955809][T17184] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 763.982453][T17184] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 764.026010][T17184] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 764.030164][T17184] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 764.034295][T17184] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 764.040324][T17184] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 764.044058][T17184] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 764.058029][T17184] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 764.082111][T17184] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 764.118367][T17184] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 764.142650][T17184] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 764.146328][T17184] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 764.188807][T17184] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 764.221054][ C2] hpet: Lost 1 RTC interrupts [ 764.406880][ T9419] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 764.422649][ T9419] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 764.481247][ T9419] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 764.484848][ T9419] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 764.596146][ C2] hpet: Lost 1 RTC interrupts [ 764.656742][ T39] audit: type=1400 audit(1721882213.824:252): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 764.745883][T17339] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3377'. [ 766.055527][T17357] FAULT_INJECTION: forcing a failure. [ 766.055527][T17357] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 766.061369][T17357] CPU: 3 UID: 0 PID: 17357 Comm: syz.1.3381 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 766.065774][T17357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 766.070389][T17357] Call Trace: [ 766.071669][T17357] [ 766.072789][T17357] dump_stack_lvl+0x16c/0x1f0 [ 766.074584][T17357] should_fail_ex+0x497/0x5b0 [ 766.076465][T17357] _copy_to_user+0x30/0xc0 [ 766.078180][T17357] simple_read_from_buffer+0xd0/0x160 [ 766.080218][T17357] proc_fail_nth_read+0x1b0/0x290 [ 766.082039][T17357] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 766.083988][T17357] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 766.086082][T17357] vfs_read+0x1d4/0xbd0 [ 766.087640][T17357] ? kasan_quarantine_put+0x10a/0x240 [ 766.089721][T17357] ? __fdget_pos+0xeb/0x180 [ 766.091593][T17357] ? __pfx_vfs_read+0x10/0x10 [ 766.093636][T17357] ? __pfx___mutex_lock+0x10/0x10 [ 766.095875][T17357] ? __fget_files+0x256/0x400 [ 766.097937][T17357] ksys_read+0x12f/0x260 [ 766.099816][T17357] ? __pfx_ksys_read+0x10/0x10 [ 766.103068][T17357] __do_fast_syscall_32+0x73/0x120 [ 766.105306][T17357] do_fast_syscall_32+0x32/0x80 [ 766.107316][T17357] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 766.109892][T17357] RIP: 0023:0xf743e579 [ 766.112016][T17357] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 766.124252][T17357] RSP: 002b:00000000f57565b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 766.128178][T17357] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5756630 [ 766.132890][T17357] RDX: 000000000000000f RSI: 00000000f7429ff4 RDI: 0000000000000000 [ 766.136888][T17357] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 766.140735][T17357] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 766.144120][T17357] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 766.147190][T17357] [ 766.251954][T17359] 9pnet_fd: Insufficient options for proto=fd [ 767.279070][T17372] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3386'. [ 767.621882][T17381] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3387'. [ 767.777833][T17388] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3392'. [ 767.780806][ C2] hpet: Lost 1 RTC interrupts [ 767.792656][T17388] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3392'. [ 767.999740][ T1277] usb 7-1: new high-speed USB device number 44 using dummy_hcd [ 768.181204][ T1277] usb 7-1: Using ep0 maxpacket: 8 [ 768.196066][ T1277] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 768.200678][ T1277] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 768.206714][ T1277] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 768.215955][ T1277] usb 7-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 768.223087][ T1277] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 768.227212][ T1277] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 768.236899][ T1277] usbtmc 7-1:16.0: bulk endpoints not found [ 768.408594][ T39] audit: type=1400 audit(1721882217.574:253): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 768.767963][ C2] hpet: Lost 1 RTC interrupts [ 768.809512][ C2] hpet: Lost 1 RTC interrupts [ 769.721554][T17408] fuse: Bad value for 'fd' [ 769.841396][T17412] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3400'. [ 770.425148][T17429] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3405'. [ 770.488494][T17429] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3405'. [ 770.699475][ T5255] usb 7-1: USB disconnect, device number 44 [ 771.171651][ C2] hpet: Lost 1 RTC interrupts [ 773.091665][ C2] hpet: Lost 1 RTC interrupts [ 773.330955][T17473] netlink: 128 bytes leftover after parsing attributes in process `syz.2.3417'. [ 773.935090][T17476] fuse: Unknown parameter 'dfTXF@"inI݋M' [ 775.919733][ C2] hpet: Lost 1 RTC interrupts [ 776.120138][T17496] netlink: 256 bytes leftover after parsing attributes in process `syz.3.3423'. [ 776.653603][T17516] FAULT_INJECTION: forcing a failure. [ 776.653603][T17516] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 776.699410][T17516] CPU: 0 UID: 0 PID: 17516 Comm: syz.2.3427 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 776.704730][T17516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 776.709637][T17516] Call Trace: [ 776.711177][T17516] [ 776.713018][T17516] dump_stack_lvl+0x16c/0x1f0 [ 776.715926][T17516] should_fail_ex+0x497/0x5b0 [ 776.718738][T17516] _copy_to_user+0x30/0xc0 [ 776.721397][T17516] simple_read_from_buffer+0xd0/0x160 [ 776.724169][T17516] proc_fail_nth_read+0x1b0/0x290 [ 776.726378][T17516] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 776.729108][T17516] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 776.731393][T17516] vfs_read+0x1d4/0xbd0 [ 776.732988][T17516] ? __fdget_pos+0xeb/0x180 [ 776.734945][T17516] ? __pfx_vfs_read+0x10/0x10 [ 776.737129][T17516] ? __pfx___mutex_lock+0x10/0x10 [ 776.739554][T17516] ? __fget_files+0x256/0x400 [ 776.741760][T17516] ksys_read+0x12f/0x260 [ 776.744083][T17516] ? __pfx_ksys_read+0x10/0x10 [ 776.746554][T17516] __do_fast_syscall_32+0x73/0x120 [ 776.750046][T17516] do_fast_syscall_32+0x32/0x80 [ 776.752283][T17516] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 776.755077][T17516] RIP: 0023:0xf7fe3579 [ 776.756926][T17516] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 776.767277][T17516] RSP: 002b:00000000f57965b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 776.771698][T17516] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5796630 [ 776.775887][T17516] RDX: 000000000000000f RSI: 00000000f7469ff4 RDI: 0000000000000000 [ 776.778960][T17516] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 776.783020][T17516] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 776.787149][T17516] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 776.792057][T17516] [ 776.968306][T17524] fuse: Unknown parameter 'dfTXF@"inI݋M' [ 777.184591][T17529] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3430'. [ 777.189297][T17529] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3430'. [ 777.458611][T17538] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3432'. [ 777.468359][T17535] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3432'. [ 780.015773][ C2] hpet: Lost 1 RTC interrupts [ 780.112237][T17565] kAFS: unparsable volume name [ 780.579827][ C2] hpet: Lost 1 RTC interrupts [ 781.764012][ C2] hpet: Lost 1 RTC interrupts [ 782.108392][T17589] 9p: Unknown access argument 18446744073709551615: -34 [ 782.186721][T17591] 9p: Unknown access argument 18446744073709551615: -34 [ 782.255700][ C2] hpet: Lost 1 RTC interrupts [ 782.483358][T17598] 9p: Unknown access argument 18446744073709551615: -34 [ 782.616327][ T39] audit: type=1400 audit(1721882231.784:254): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 782.659954][T17607] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3455'. [ 782.931787][T17604] kAFS: unparsable volume name [ 784.105526][T17621] 9p: Unknown access argument 18446744073709551615: -34 [ 784.261402][T17622] kAFS: unparsable volume name [ 784.411081][T17624] FAULT_INJECTION: forcing a failure. [ 784.411081][T17624] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 784.446273][T17624] CPU: 3 UID: 0 PID: 17624 Comm: syz.1.3461 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 784.451541][T17624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 784.455775][T17624] Call Trace: [ 784.457076][T17624] [ 784.458223][T17624] dump_stack_lvl+0x16c/0x1f0 [ 784.460108][T17624] should_fail_ex+0x497/0x5b0 [ 784.461928][T17624] strncpy_from_user+0x38/0x320 [ 784.464212][T17624] getname_flags.part.0+0x8f/0x550 [ 784.466771][T17624] getname+0x8d/0xe0 [ 784.468856][T17624] do_sys_openat2+0x104/0x1e0 [ 784.470986][T17624] ? __pfx_do_sys_openat2+0x10/0x10 [ 784.473581][T17624] __ia32_compat_sys_open+0x147/0x1e0 [ 784.475943][T17624] ? __pfx___ia32_compat_sys_open+0x10/0x10 [ 784.478505][T17624] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 784.481367][T17624] __do_fast_syscall_32+0x73/0x120 [ 784.483622][T17624] do_fast_syscall_32+0x32/0x80 [ 784.485591][T17624] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 784.488343][T17624] RIP: 0023:0xf743e579 [ 784.490270][T17624] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 784.499580][T17624] RSP: 002b:00000000f575657c EFLAGS: 00000292 ORIG_RAX: 0000000000000005 [ 784.503532][T17624] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 0000000000000003 [ 784.506924][T17624] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 784.510351][T17624] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 784.513648][T17624] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 784.517204][T17624] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 784.520676][T17624] [ 785.092313][T17632] 9p: Unknown access argument 18446744073709551615: -34 [ 785.190705][T17634] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3464'. [ 785.375747][ C2] hpet: Lost 1 RTC interrupts [ 785.396772][T17640] FAULT_INJECTION: forcing a failure. [ 785.396772][T17640] name failslab, interval 1, probability 0, space 0, times 0 [ 785.406247][T17640] CPU: 3 UID: 0 PID: 17640 Comm: syz.1.3465 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 785.410831][T17640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 785.415235][T17640] Call Trace: [ 785.416751][T17640] [ 785.418108][T17640] dump_stack_lvl+0x16c/0x1f0 [ 785.420238][T17640] should_fail_ex+0x497/0x5b0 [ 785.422235][T17640] ? fs_reclaim_acquire+0xae/0x160 [ 785.424277][T17640] should_failslab+0xc2/0x120 [ 785.426166][T17640] __kmalloc_cache_noprof+0x6b/0x310 [ 785.428565][T17640] ? vkms_plane_duplicate_state+0x87/0x130 [ 785.431538][T17640] ? kasan_save_track+0x14/0x30 [ 785.433805][T17640] vkms_plane_duplicate_state+0x87/0x130 [ 785.436321][T17640] drm_atomic_get_plane_state+0x20b/0x590 [ 785.439427][T17640] page_flip_common+0xf9/0x320 [ 785.441927][T17640] drm_atomic_helper_page_flip+0xb6/0x190 [ 785.445014][T17640] drm_mode_page_flip_ioctl+0x1044/0x1470 [ 785.448187][T17640] ? __pfx_drm_mode_page_flip_ioctl+0x10/0x10 [ 785.451677][T17640] ? find_held_lock+0x2d/0x110 [ 785.453643][T17640] ? do_raw_spin_unlock+0x172/0x230 [ 785.455922][T17640] drm_ioctl_kernel+0x1ec/0x3e0 [ 785.458016][T17640] ? __pfx_drm_mode_page_flip_ioctl+0x10/0x10 [ 785.460659][T17640] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 785.463015][T17640] ? __pfx_drm_mode_page_flip_ioctl+0x10/0x10 [ 785.465881][T17640] drm_ioctl+0x584/0xbb0 [ 785.467727][T17640] ? __pfx_drm_ioctl+0x10/0x10 [ 785.469806][T17640] drm_compat_ioctl+0x32d/0x470 [ 785.471916][T17640] ? bpf_lsm_file_ioctl_compat+0x9/0x10 [ 785.474280][T17640] ? __pfx_drm_compat_ioctl+0x10/0x10 [ 785.476546][T17640] __do_compat_sys_ioctl+0x2c3/0x330 [ 785.478708][T17640] __do_fast_syscall_32+0x73/0x120 [ 785.480927][T17640] do_fast_syscall_32+0x32/0x80 [ 785.483066][T17640] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 785.485970][T17640] RIP: 0023:0xf743e579 [ 785.487956][T17640] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 785.496290][T17640] RSP: 002b:00000000f573557c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 785.499916][T17640] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000c01864b0 [ 785.507077][T17640] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 785.526378][T17640] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 785.529938][T17640] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 785.533472][T17640] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 785.536984][T17640] [ 785.547858][ C2] hpet: Lost 1 RTC interrupts [ 785.699908][T13692] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 785.857471][ C2] hpet: Lost 1 RTC interrupts [ 785.934875][T13692] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 785.938784][T13692] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 785.946727][T13692] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 785.950628][T13692] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 785.961564][T13692] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 785.965678][T13692] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 785.972113][T13692] usb 5-1: Product: syz [ 785.974120][T13692] usb 5-1: Manufacturer: syz [ 785.993050][T13692] cdc_wdm 5-1:1.0: skipping garbage [ 785.995467][T13692] cdc_wdm 5-1:1.0: skipping garbage [ 786.000342][T13692] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 786.003215][T13692] cdc_wdm 5-1:1.0: Unknown control protocol [ 786.219454][T13692] usb 5-1: USB disconnect, device number 42 [ 786.245300][T17657] 9p: Unknown access argument 18446744073709551615: -34 [ 786.503177][T17666] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3474'. [ 786.526309][ C2] hpet: Lost 1 RTC interrupts [ 786.613782][T17664] kAFS: unparsable volume name [ 786.672711][ C2] hpet: Lost 1 RTC interrupts [ 787.015262][ C2] ================================================================== [ 787.019870][ C2] BUG: KASAN: stack-out-of-bounds in xdp_do_check_flushed+0x429/0x4e0 [ 787.023431][ C2] Read of size 8 at addr ffffc9000644fa58 by task syz.0.3477/17677 [ 787.029989][ C2] [ 787.031105][ C2] CPU: 2 UID: 0 PID: 17677 Comm: syz.0.3477 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 787.035379][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 787.039620][ C2] Call Trace: [ 787.052403][ C2] [ 787.053644][ C2] dump_stack_lvl+0x116/0x1f0 [ 787.055832][ C2] print_report+0xc3/0x620 [ 787.058104][ C2] ? __virt_addr_valid+0x5e/0x590 [ 787.060264][ C2] kasan_report+0xd9/0x110 [ 787.062158][ C2] ? xdp_do_check_flushed+0x429/0x4e0 [ 787.064297][ C2] ? xdp_do_check_flushed+0x429/0x4e0 [ 787.066526][ C2] xdp_do_check_flushed+0x429/0x4e0 [ 787.068717][ C2] __napi_poll.constprop.0+0xd1/0x550 [ 787.071509][ C2] net_rx_action+0xa92/0x1010 [ 787.073540][ C2] ? __pfx_net_rx_action+0x10/0x10 [ 787.075750][ C2] ? __pfx_mark_lock+0x10/0x10 [ 787.077847][ C2] ? kvm_sched_clock_read+0x11/0x20 [ 787.080417][ C2] ? sched_clock+0x38/0x60 [ 787.082681][ C2] ? sched_clock_cpu+0x6d/0x4d0 [ 787.085273][ C2] ? mark_held_locks+0x9f/0xe0 [ 787.087655][ C2] handle_softirqs+0x216/0x8f0 [ 787.089736][ C2] ? __pfx_handle_softirqs+0x10/0x10 [ 787.092028][ C2] ? irqtime_account_irq+0x18d/0x2e0 [ 787.094228][ C2] ? netif_rx+0x206/0x2c0 [ 787.096035][ C2] do_softirq+0xb2/0xf0 [ 787.097775][ C2] [ 787.098971][ C2] [ 787.100183][ C2] __local_bh_enable_ip+0x100/0x120 [ 787.102442][ C2] netif_rx+0x20b/0x2c0 [ 787.104222][ C2] ? __pfx_eth_header+0x10/0x10 [ 787.106158][ C2] tipc_clone_to_loopback+0x331/0x470 [ 787.108434][ C2] tipc_node_xmit+0xbb8/0xe60 [ 787.110070][ C2] ? tipc_msg_build+0x316/0x10d0 [ 787.111617][ C2] ? __pfx_tipc_node_xmit+0x10/0x10 [ 787.113207][ C2] ? __tipc_sendstream+0x872/0x1170 [ 787.115293][ C2] __tipc_sendstream+0x872/0x1170 [ 787.117568][ C2] ? __pfx___tipc_sendstream+0x10/0x10 [ 787.120167][ C2] ? tipc_sendstream+0x41/0x70 [ 787.122295][ C2] ? __pfx_lock_release+0x10/0x10 [ 787.124565][ C2] ? __pfx_woken_wake_function+0x10/0x10 [ 787.127002][ C2] ? mark_held_locks+0x9f/0xe0 [ 787.129048][ C2] ? tipc_sendstream+0x41/0x70 [ 787.130907][ C2] ? __local_bh_enable_ip+0xa4/0x120 [ 787.132945][ C2] tipc_sendstream+0x4f/0x70 [ 787.134745][ C2] ____sys_sendmsg+0x9b4/0xb50 [ 787.136637][ C2] ? __pfx_____sys_sendmsg+0x10/0x10 [ 787.138692][ C2] ? get_compat_msghdr+0x11b/0x170 [ 787.140907][ C2] ? __pfx___lock_acquire+0x10/0x10 [ 787.143083][ C2] ? try_to_wake_up+0xc08/0x13e0 [ 787.145310][ C2] ___sys_sendmsg+0x135/0x1e0 [ 787.147252][ C2] ? __pfx____sys_sendmsg+0x10/0x10 [ 787.149318][ C2] ? __fget_light+0x173/0x210 [ 787.151173][ C2] __sys_sendmsg+0x117/0x1f0 [ 787.153099][ C2] ? __pfx___sys_sendmsg+0x10/0x10 [ 787.155331][ C2] ? __ia32_sys_futex_time32+0x1da/0x460 [ 787.158087][ C2] __do_fast_syscall_32+0x73/0x120 [ 787.160448][ C2] do_fast_syscall_32+0x32/0x80 [ 787.162606][ C2] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 787.167814][ C2] RIP: 0023:0xf7fb6579 [ 787.169628][ C2] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 787.178464][ C2] RSP: 002b:00000000f572457c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 787.182285][ C2] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000480 [ 787.185715][ C2] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 787.189481][ C2] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 787.193567][ C2] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 787.197412][ C2] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 787.201570][ C2] [ 787.203067][ C2] [ 787.204230][ C2] The buggy address belongs to stack of task syz.0.3477/17677 [ 787.207625][ C2] and is located at offset 136 in frame: [ 787.210369][ C2] __tipc_sendstream+0x0/0x1170 [ 787.212732][ C2] [ 787.213807][ C2] This frame has 2 objects: [ 787.215934][ C2] [48, 56) 'timeout' [ 787.215947][ C2] [80, 120) 'wait_' [ 787.217690][ C2] [ 787.220578][ C2] The buggy address belongs to the virtual mapping at [ 787.220578][ C2] [ffffc90006448000, ffffc90006451000) created by: [ 787.220578][ C2] kernel_clone+0xfd/0x980 [ 787.228657][ C2] [ 787.229740][ C2] The buggy address belongs to the physical page: [ 787.232692][ C2] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88806afe1798 pfn:0x6afe1 [ 787.237550][ C2] memcg:ffff888026743e02 [ 787.239493][ C2] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 787.242758][ C2] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 787.246542][ C2] raw: ffff88806afe1798 0000000000000000 00000001ffffffff ffff888026743e02 [ 787.249589][ C2] page dumped because: kasan: bad access detected [ 787.252010][ C2] page_owner tracks the page as allocated [ 787.254581][ C2] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 17588, tgid 17588 (syz.0.3449), ts 782096572671, free_ts 779650508470 [ 787.262802][ C2] post_alloc_hook+0x2d1/0x350 [ 787.265026][ C2] get_page_from_freelist+0x1351/0x2e50 [ 787.267343][ C2] __alloc_pages_noprof+0x22b/0x2460 [ 787.269447][ C2] alloc_pages_mpol_noprof+0x275/0x610 [ 787.271505][ C2] __vmalloc_node_range_noprof+0xa6a/0x1520 [ 787.273714][ C2] copy_process+0x29f5/0x6f50 [ 787.275597][ C2] kernel_clone+0xfd/0x980 [ 787.277582][ C2] __do_sys_clone3+0x1f5/0x270 [ 787.279676][ C2] do_int80_emulation+0x104/0x200 [ 787.281877][ C2] asm_int80_emulation+0x1a/0x20 [ 787.284024][ C2] page last free pid 5281 tgid 5281 stack trace: [ 787.286640][ C2] free_unref_page+0x64a/0xe40 [ 787.288725][ C2] vfree+0x181/0x7a0 [ 787.290555][ C2] delayed_vfree_work+0x56/0x70 [ 787.292748][ C2] process_one_work+0x958/0x1ad0 [ 787.294919][ C2] worker_thread+0x6c8/0xf20 [ 787.297034][ C2] kthread+0x2c1/0x3a0 [ 787.298795][ C2] ret_from_fork+0x45/0x80 [ 787.300788][ C2] ret_from_fork_asm+0x1a/0x30 [ 787.302914][ C2] [ 787.303990][ C2] Memory state around the buggy address: [ 787.306399][ C2] ffffc9000644f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 787.309714][ C2] ffffc9000644f980: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 f1 f1 [ 787.312892][ C2] >ffffc9000644fa00: 00 f2 f2 f2 00 00 00 00 00 f3 f3 f3 f3 f3 00 00 [ 787.316320][ C2] ^ [ 787.319273][ C2] ffffc9000644fa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 787.322792][ C2] ffffc9000644fb00: 00 f1 f1 f1 f1 f1 f1 00 00 00 00 04 f3 f3 f3 f3 [ 787.326356][ C2] ================================================================== [ 787.335451][ C2] vkms_vblank_simulate: vblank timer overrun [ 787.339935][ C2] hpet: Lost 19 RTC interrupts [ 787.343151][ C2] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 787.347048][ C2] CPU: 2 UID: 0 PID: 17677 Comm: syz.0.3477 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0 [ 787.352288][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 787.357170][ C2] Call Trace: [ 787.358909][ C2] [ 787.360458][ C2] dump_stack_lvl+0x3d/0x1f0 [ 787.362518][ C2] panic+0x6f5/0x7a0 [ 787.364591][ C2] ? __pfx_panic+0x10/0x10 [ 787.367059][ C2] ? check_panic_on_warn+0x1f/0xb0 [ 787.369629][ C2] check_panic_on_warn+0xab/0xb0 [ 787.372452][ C2] end_report+0x117/0x180 [ 787.375164][ C2] kasan_report+0xe9/0x110 [ 787.377909][ C2] ? xdp_do_check_flushed+0x429/0x4e0 [ 787.380690][ C2] ? xdp_do_check_flushed+0x429/0x4e0 [ 787.383072][ C2] xdp_do_check_flushed+0x429/0x4e0 [ 787.385409][ C2] __napi_poll.constprop.0+0xd1/0x550 [ 787.387795][ C2] net_rx_action+0xa92/0x1010 [ 787.389928][ C2] ? __pfx_net_rx_action+0x10/0x10 [ 787.392801][ C2] ? __pfx_mark_lock+0x10/0x10 [ 787.395386][ C2] ? kvm_sched_clock_read+0x11/0x20 [ 787.398268][ C2] ? sched_clock+0x38/0x60 [ 787.401064][ C2] ? sched_clock_cpu+0x6d/0x4d0 [ 787.403755][ C2] ? mark_held_locks+0x9f/0xe0 [ 787.405819][ C2] handle_softirqs+0x216/0x8f0 [ 787.407805][ C2] ? __pfx_handle_softirqs+0x10/0x10 [ 787.409895][ C2] ? irqtime_account_irq+0x18d/0x2e0 [ 787.412015][ C2] ? netif_rx+0x206/0x2c0 [ 787.413732][ C2] do_softirq+0xb2/0xf0 [ 787.415459][ C2] [ 787.416823][ C2] [ 787.418176][ C2] __local_bh_enable_ip+0x100/0x120 [ 787.420561][ C2] netif_rx+0x20b/0x2c0 [ 787.422427][ C2] ? __pfx_eth_header+0x10/0x10 [ 787.425086][ C2] tipc_clone_to_loopback+0x331/0x470 [ 787.427886][ C2] tipc_node_xmit+0xbb8/0xe60 [ 787.430597][ C2] ? tipc_msg_build+0x316/0x10d0 [ 787.432895][ C2] ? __pfx_tipc_node_xmit+0x10/0x10 [ 787.435224][ C2] ? __tipc_sendstream+0x872/0x1170 [ 787.437315][ C2] __tipc_sendstream+0x872/0x1170 [ 787.439241][ C2] ? __pfx___tipc_sendstream+0x10/0x10 [ 787.441652][ C2] ? tipc_sendstream+0x41/0x70 [ 787.443799][ C2] ? __pfx_lock_release+0x10/0x10 [ 787.446178][ C2] ? __pfx_woken_wake_function+0x10/0x10 [ 787.448753][ C2] ? mark_held_locks+0x9f/0xe0 [ 787.450933][ C2] ? tipc_sendstream+0x41/0x70 [ 787.453156][ C2] ? __local_bh_enable_ip+0xa4/0x120 [ 787.455623][ C2] tipc_sendstream+0x4f/0x70 [ 787.457824][ C2] ____sys_sendmsg+0x9b4/0xb50 [ 787.460911][ C2] ? __pfx_____sys_sendmsg+0x10/0x10 [ 787.463867][ C2] ? get_compat_msghdr+0x11b/0x170 [ 787.466150][ C2] ? __pfx___lock_acquire+0x10/0x10 [ 787.468723][ C2] ? try_to_wake_up+0xc08/0x13e0 [ 787.471231][ C2] ___sys_sendmsg+0x135/0x1e0 [ 787.473608][ C2] ? __pfx____sys_sendmsg+0x10/0x10 [ 787.476030][ C2] ? __fget_light+0x173/0x210 [ 787.478239][ C2] __sys_sendmsg+0x117/0x1f0 [ 787.480322][ C2] ? __pfx___sys_sendmsg+0x10/0x10 [ 787.482657][ C2] ? __ia32_sys_futex_time32+0x1da/0x460 [ 787.485177][ C2] __do_fast_syscall_32+0x73/0x120 [ 787.487539][ C2] do_fast_syscall_32+0x32/0x80 [ 787.489817][ C2] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 787.492464][ C2] RIP: 0023:0xf7fb6579 [ 787.494099][ C2] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 787.501608][ C2] RSP: 002b:00000000f572457c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 787.505491][ C2] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000480 [ 787.509772][ C2] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 787.513823][ C2] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 787.518117][ C2] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 787.522447][ C2] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 787.527250][ C2] [ 787.531221][ C2] Kernel Offset: disabled [ 787.533563][ C2] Rebooting in 86400 seconds.. VM DIAGNOSIS: 04:24:55 Registers: info registers vcpu 0 CPU#0 RAX=ffffc90000e5fc78 RBX=0000000000000000 RCX=ffffffff81c569e5 RDX=ffff88801b348000 RSI=0000000000000001 RDI=0000000000000004 RBP=0000000000000001 RSP=ffffc90000e5f3c0 R8 =0000000000000004 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000000 R12=ffffea0000b02c00 R13=0000000000000000 R14=ffffea0000b02c08 R15=dffffc0000000000 RIP=ffffffff818b1671 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020fc3000 CR3=000000001c04e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000001 RCX=0000000000000002 RDX=0000000000000008 RSI=ffff8880217daf98 RDI=ffff8880217da440 RBP=0000000000000000 RSP=ffffc90007277178 R8 =0000000000000000 R9 =0000000000000006 R10=ffffffff942536c7 R11=0000000000000002 R12=dffffc0000000000 R13=ffff8880217daf98 R14=0000000000000002 R15=ffff8880217da440 RIP=ffffffff8168d710 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c100000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000203aa000 CR3=000000001c04e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff00000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000062 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84f924a5 RDI=ffffffff94dba180 RBP=ffffffff94dba140 RSP=ffffc90000540788 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030303963666666 R12=0000000000000000 R13=0000000000000062 R14=ffffffff84f92440 R15=0000000000000000 RIP=ffffffff84f924cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c200000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020012000 CR3=0000000055c78000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000018800000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff81926236 RDX=0000000000000000 RSI=0000000000000008 RDI=ffffffff8fe56498 RBP=ffffffff88ff1584 RSP=ffffc9000771f830 R8 =0000000000000000 R9 =fffffbfff1fcac93 R10=ffffffff8fe5649f R11=0000000000000000 R12=000000000003db4c R13=ffffc9000771f9c0 R14=0000000000000000 R15=1ffff92000ee3f1e RIP=ffffffff81e9a120 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c300000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c3e66d2 CR3=0000000055bfa000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000