last executing test programs: 16.529525734s ago: executing program 1 (id=2077): bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640), 0x0, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x0) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f0000001380)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time}], 0x54) connect$pppoe(0xffffffffffffffff, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) ioctl$PPPIOCGCHAN(0xffffffffffffffff, 0x80047437, &(0x7f0000001f00)) sendmmsg(0xffffffffffffffff, &(0x7f0000000080), 0x4000000000001f0, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) eventfd(0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0) io_setup(0x4, &(0x7f00000004c0)) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000300)={0x0, 0x500, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, 0x7, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) 16.152173348s ago: executing program 1 (id=2079): openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xc}, 0x48) mount$fuse(0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000060000,user_id=', @ANYRESDEC, @ANYBLOB=',group_id=', @ANYRESDEC, @ANYBLOB=',default_permissions,blksize=0x0000000000000400']) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="04300300c9008cba4dffaa0a52c0186ef28359af281f3a6bfde3a6ee0de9ddee0bf7da43aebf706b3329b0a564835713c2de78691734f5b9ada875d8facbcb611c220f4296a197c00dc7780e18d276969228dd91f813fda5cbc6adcfdd40386249f98919c934448632816bbc251be47d7af97966b4a96a6a8b7f211d8e29678fe8216eb9b30f4fa5856c0371b3c31559e07c414833"], 0x6) syz_emit_vhci(0x0, 0x22) r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, 0x0, 0x0) setsockopt$inet_opts(r0, 0x0, 0x0, &(0x7f0000000000)="89070404", 0x4) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4010}, 0xc0c0) sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x68}, 0x1, 0x0, 0x0, 0x804}, 0x0) ppoll(&(0x7f0000000100)=[{r4}], 0x1, &(0x7f0000000140), 0x0, 0x0) syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r7 = io_uring_setup(0x15ae, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8) ioctl$KVM_RUN(r3, 0xae80, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='batadv_slave_0\x00', 0x10) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10) 16.09283806s ago: executing program 2 (id=2080): socket$kcm(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) r0 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r0, 0x107, 0x13, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) r1 = socket(0x2, 0x3, 0xff) bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000240)=0x880, 0x4) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) sendmmsg$unix(r1, &(0x7f00000006c0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000180)="3bfde24f64256c3dee9bd55cc6abe1de5cad2903e2ec0e51585d4509c9bf38b621704549f2bcc0ac2e5fec44", 0x2c}], 0x1}}], 0x1, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) r3 = gettid() ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000400)={{0x3, 0x2, 0x401, 0x0, 'syz1\x00', 0x4}, 0x5, 0x400, 0x1, r3, 0x0, 0x0, 'syz0\x00', 0x0}) syz_emit_ethernet(0x36, &(0x7f0000000280)={@broadcast, @random="54f55c5c52c0", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "f512ff", 0x0, 0x3c, 0x0, @local, @mcast2}}}}, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) pipe(&(0x7f0000000080)) socket$netlink(0x10, 0x3, 0xa) socket$nl_generic(0x10, 0x3, 0x10) 15.656580679s ago: executing program 2 (id=2082): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000001e80)=0x6, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', {[], {{0x3f, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 15.422846072s ago: executing program 2 (id=2083): r0 = socket$netlink(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmsg$GTP_CMD_DELPDP(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route_sched(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}}, 0x0) 15.252831254s ago: executing program 2 (id=2084): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc0109058903"], 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040efc"], 0xff) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x1}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xbb}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14}, 0x90) socket$inet_udplite(0x2, 0x2, 0x88) socket(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xd, 0x1, 0x4, 0x6, 0x115}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000980)=0x7) setuid(r6) ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0x11) socket$inet6(0xa, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="043e110b"], 0xfc) bind$alg(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0) syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0) 14.448190249s ago: executing program 1 (id=2085): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_PMKSA(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000200000003400000008000300", @ANYRES32=r3, @ANYBLOB="140055003dd7b6d2db5b3550449e4977514874c2"], 0x30}}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r4 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000001609010a00000000000000000a000000040000000c0007000000000000000000dc526041d131e1f3242ed8031c59718c58e025fccf2c6fef4488ed130300390f9c259a7435b967e77103141748f2518b73438c7eddd11b3756a4501847200953c8754dbb0b12b315531103597ce607feb7aa07d5a17cf8339e5538677a6eda3aa30c15c1602a8cc9d1e1836a27e3f0735b05f204a653788638dd19e6dec7ccc9bfcabd383f2be2e79a19c2b53cf0d01f4fba72a000"/198], 0x24}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000140)=ANY=[@ANYRES32=r4], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1}, 0x90) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) bind$inet(r6, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) syz_emit_ethernet(0x3e, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff0800450000300000000000019078ac1e0001ac1414aa0300907803000000450000040000020000000000ac14060aac1414bb"], 0x0) r7 = dup(r5) ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000001e010000004001000000010000000000"]) r8 = socket(0x10, 0x803, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc0406618, &(0x7f0000000000)) write(r8, &(0x7f0000001200)="2600000022004701050007008980e8ff02006d20002b1f00c0e9f7094a51f10101033500b088", 0x26) r9 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r9, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r9, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10) setsockopt$SO_TIMESTAMPING(r9, 0x1, 0x25, &(0x7f0000000040)=0x1b3a, 0x4) setsockopt$sock_int(r9, 0x1, 0x29, &(0x7f0000000140)=0x9, 0x4) sendto$inet(r9, &(0x7f0000000080)='m', 0x1, 0x0, 0x0, 0x0) recvmsg(r9, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=""/216, 0xd8}, 0x2000) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffe}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSETELEM={0x2c, 0xe, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xb0}}, 0x0) 14.160545479s ago: executing program 1 (id=2086): sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000000300)=""/102400, 0x19000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket(0x23, 0x5, 0x5) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x141a41, 0x0) syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x22, 0x0, &(0x7f0000000040)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) chdir(&(0x7f0000000080)='./file1\x00') r1 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, &(0x7f0000000100)={0x0, 0x3f}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, &(0x7f0000000040)={0x80}) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x38, 0x3, 0x8, 0x301, 0x0, 0x0, {}, [@CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_CLOSE_WAIT={0x8}, @CTA_TIMEOUT_TCP_TIME_WAIT={0x8}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_L3PROTO={0x6}]}, 0x38}}, 0x0) writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000280)='2', 0x1}, {&(0x7f0000000080)='-', 0x1}], 0x2) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000080)={0x5}, 0x10) write(r3, &(0x7f0000000000)="240000001a005f0214f9f4070d0903001f00000000000005000000000800040001000000", 0x24) 13.182796466s ago: executing program 2 (id=2087): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mkdir(0x0, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180)) ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x40049366, &(0x7f0000000180)) fcntl$getownex(r1, 0x10, &(0x7f0000000380)={0x0, 0x0}) setpgid(0x0, r3) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r4 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000006a0001e3"], 0x14}}, 0x0) 12.184045623s ago: executing program 2 (id=2089): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x7}, 0x48) r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r5, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f00000004c0)=ANY=[@ANYRESHEX=r1, @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffc5ffb7000000330000009560207a285f82086e4db9cae8bdd969240c9ce2157e803d8d09890f70e524da201af98b40a873b57027e312d0922769dbb1b6b4f5fd8d64ce63900540141b9c0d3ae7cee36b5b79c939e83b27aea2be199aa3b1c8d75e1c301c2dc07274eff11a2ddaa88f26bc11d898d549f48c32f3bd09000000000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r7, r3, 0x25, 0x0, @val=@tcx}, 0x40) r8 = socket$inet(0x2, 0x3, 0x6) setsockopt$sock_int(r8, 0x1, 0x2e, &(0x7f0000000180)=0x207f, 0x4) shutdown(r8, 0x0) recvmmsg(r8, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a00000006000100970000003e4effbd5bddb7a25a0bff07c10e8f2e8b1ff040aeb219175d9d51"], 0x1c}}, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000000), r1) socket$nl_route(0x10, 0x3, 0x0) r9 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r9, &(0x7f0000000300)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) sendto$inet6(r9, &(0x7f0000000140)="11", 0x1, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private2}, 0x1c) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r9, 0x84, 0x7c, &(0x7f00000002c0), 0x8) syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB], 0xd) syz_emit_ethernet(0x0, 0x0, 0x0) recvmsg(r2, &(0x7f00000006c0)={&(0x7f00000001c0)=@generic, 0x80, &(0x7f0000000680)=[{&(0x7f0000000340)=""/88, 0x58}, {&(0x7f00000005c0)=""/117, 0x75}, {&(0x7f0000000640)}], 0x3, &(0x7f0000000a40)=""/4096, 0x1000}, 0x50) socket$inet6_udp(0xa, 0x2, 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) open$dir(&(0x7f0000000100)='./file0\x00', 0x149800, 0x0) syz_io_uring_setup(0xed0, &(0x7f0000000080)={0x0, 0x0, 0x10300}, &(0x7f0000000100), &(0x7f0000000140)) 10.837421984s ago: executing program 0 (id=2091): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000791240000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x90) splice(0xffffffffffffffff, &(0x7f0000000280), r0, 0x0, 0x8, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800"/16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000080)=ANY=[@ANYRES64], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x4}]}) rt_sigqueueinfo(0x0, 0x0, 0x0) r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002302230102090500000010000020d3"]) mq_open(&(0x7f00000001c0)='eth0\xd2', 0x42, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe15, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffff4b, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) bpf$BPF_PROG_GET_NEXT_ID(0x7, &(0x7f0000000000), 0x8) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r3, 0x5609, &(0x7f0000000080)={0x9}) add_key(&(0x7f0000000080)='user\x00', &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000040)="cd", 0x1, 0xfffffffffffffffc) r4 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000340)='$,[\x00', &(0x7f0000000480)='syz', 0x0) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x7f}, 0x48) ioctl$CAPI_REGISTER(r4, 0x400c4301, &(0x7f0000000080)={0x0, 0x0, 0x800}) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x14f881, 0x0) syz_io_uring_setup(0x1f9, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000440), &(0x7f0000000140)) close_range(r1, 0xffffffffffffffff, 0x0) 10.269687392s ago: executing program 0 (id=2094): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000000004000000000000009500000000000000"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket(0x0, 0x0, 0x0) socket$packet(0x11, 0x0, 0x300) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={0x0, 0x0, 0x26}, 0x20) ptrace(0x10, r1) ptrace$getregset(0x4204, r1, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0xfffffffd}, 0x48) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close_range(r2, 0xffffffffffffffff, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x4, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='br_fdb_add\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='br_fdb_add\x00', r0}, 0x10) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'bridge0\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r7, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x0) 9.26272124s ago: executing program 0 (id=2095): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc0109058903"], 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040efc"], 0xff) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x1}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xbb}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14}, 0x90) socket$inet_udplite(0x2, 0x2, 0x88) socket(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xd, 0x1, 0x4, 0x6, 0x115}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000980)=0x7) setuid(r6) ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0x11) socket$inet6(0xa, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="043e110b"], 0xfc) bind$alg(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0) syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0) 7.162809447s ago: executing program 0 (id=2096): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, 0x0}, 0x4) r1 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200067e001009058b1e20"], 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0) syz_io_uring_setup(0x3eaf, &(0x7f000000f240)={0x0, 0x0, 0x832}, 0x0, 0x0) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) sched_setscheduler(0x0, 0x2, 0x0) ioctl$KDSKBENT(r2, 0x4b32, &(0x7f0000000fc0)={0x0, 0x38}) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x5, 0x2}}}, 0x24}}, 0x0) write$char_usb(r3, 0x0, 0x0) unshare(0x22020600) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r5 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10) sendto$inet(r5, 0x0, 0x0, 0x200408c4, &(0x7f0000000200)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r5, &(0x7f0000000140)="948b", 0x2, 0x4000061, 0x0, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f0000fef000/0xf000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000440)=""/94, 0x5e, 0x0, 0x0, 0xffffffffffffff2a}, &(0x7f0000000000)=0x40) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) chdir(&(0x7f0000000080)='./file6\x00') r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a38000000060a01040000000000000000020000000900020073797a32000000000900010073797a30000000010c0003400000000000000000140000001100010000000000000000000000000a"], 0x60}}, 0x0) removexattr(&(0x7f0000000040)='./file6\x00', 0x0) 4.315636855s ago: executing program 1 (id=2097): openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0) fcntl$setstatus(r0, 0x4, 0x42c00) 4.002668466s ago: executing program 1 (id=2098): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x14}, 0x0, 0x2}, 0xe) socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000002080)=""/102400, 0x19000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000080)={0x0, {{0x2, 0x4e23, @local}}}, 0x84) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) llistxattr(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x60440, 0x0) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x8082, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000040)) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x6, 0x8, 0x8}, 0x48) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00') read$eventfd(r4, &(0x7f0000000080), 0x8) socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2) ioctl$VIDIOC_G_FBUF(r5, 0x802c560a, &(0x7f0000000080)={0x10, 0x35, 0x0, {0x200001, 0x81, 0x56544943, 0x6, 0xc8, 0x0, 0x4, 0x1ff}}) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_sctp(0xa, 0x5, 0x84) syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="03000067a3ef4f8faa90c00775ea7ee1c30eb6453d931ae53ee5d7c8c17b2f77a843404a279bd1a27ac1009a0705a2f665cc5337033ed524253ae4f1b24e474c8948dbb431800ce0aa448c7b25e69b6c4e467a19808edacb0509f38dc4c45f6a2b9267e5f773d40f369897a1a715f9cc59cd14908f0027442cc50cf9ad2f304d2f7412a3beb088050325c6384537718a02bf25705fe8f30d944992c5cc6cee5b736c81d542eaba18d829c3865dbec8515f083c7d787e5336c36c7dcf133ff3b979cb38dbab8ab9de272a65c3a67ca947cbc6801fd63a666e90c876407bcd032a52ca5218c47f6c40a7fbcbe066ec6c7bfd668e72774ef0c0af78778b65d3e348c74507814b4531781d57f1728a56f3d5a40e2d3ed7658387fd16ab6e5d36936426e0c9d93a174daa4ee3a84215e3cf3e099a1e8c69da0325c3dc25a3b1a6f98e0243d9172d6cdf0c64e7a155b31210e56ef40d288cc68e47273e879d75a739aa082d0e821c2313e50bc4804511df19121acaeab97d6ca3742e757632482def7e88212f4815280e38417274b62f50bace49760cbe9a71cd0303efaef67a7324ba753b"], 0x6b) 3.984840527s ago: executing program 0 (id=2099): r0 = creat(&(0x7f0000000180)='./file0\x00', 0x13e) futex_waitv(&(0x7f0000001dc0)=[{0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x1, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x6, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}], 0x36, 0x0, &(0x7f0000000ec0)={0x0, 0x3938700}, 0x0) write$cgroup_pressure(r0, &(0x7f00000001c0)={'some'}, 0x4cdad095) utime(&(0x7f0000000100)='./file0\x00', 0x0) unlink(&(0x7f00000000c0)='./file0\x00') 3.730886512s ago: executing program 3 (id=2101): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000000)={r2, @in={{0x2, 0x0, @empty}}}, 0x90) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640), 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000840)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8fff0ff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b70000000000000095000010000000004e62011c3034fdb117168bd07ba08af339d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945ff15d802f5132143c0a9fc7a84452569957c1002ed7d458e17f791f4798c8eb484de03312c69b3edff5be26765ba5f8f2879021c2ea53ac547a654bbd2db5356b971d83dd12742be9087a3e7b7c0efd3e38c794eb06b0b8c392904ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057826ef4e912f01a201e694e3049b8c8fe8b65d8d66bb766f7f3f918c86a702522368d9f81897133af94a5a4cff7f4d8b9d8eaf302f0b2e0c252b0000000000000000ee917bca4885bbf597a14ab6458e6272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36be115be3b325ecd201d2ffb0a7fa4f5d1106560cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b861299fcd9ed9d8679406419406bf0c5329bd5b4697336112b0b8756ce3574046bf611a108f8df4d1a88597840b702b6fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f7faf39a43a66c5540b8762b42007c9ec43193ccf617dbf8a12b4a189edbf9fb7c42b1f435ccd4b19b53b60322af0aa66e8f448e1bd96822e6b70b62912c926dbe417cccd4f696d528fa8a3ea847f10e9b1106f3bb506f1d7fbdf801000000000000006c028eb5b5a073d0de5538ab42e171b3baae34c35987b0dda497ac3f5e97e60eaeea15c6d55badf9b86b1c000100006e60cd06c9ed24313ce607d403bb6030f800000000690db0221b1705c501f802ff59b4e683efa4b6e77e042072ec9eb8166f6e28b49a7705a1befc4d315878f88a8fb1dd679fb4c5557abae6849917dc51a89d47b728502f7e621fc0e3ba04020000c149ee6601728c750930519339b44197c22da865059b475afd96187d881e93b42a5fdfd686d8900c44c67133eeb0109dcb60dddad58037fda65885a15a42560ee3027a5ebf95254744f10fd607bc3100b94932b8d9447c42f6e21ee0e54f8be386bdc09decece910a481e648e0cb074536a25ff581d92af08a06f857311a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6ae00f0000000000006a8194479700a02b92bec8d05eae1f24fdd7b80d3dde04c22f689594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4acd7acf1dfe79d6771903b76e2ae47d972651390c22d641030e1ddac018dc3116e1803af10a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f00000000000000001000ba96edb95ede0e1957c2a2754258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548941d5d16297757310d9daebd5a3dabbced3b051129cd60a37d397643324e6f0aadf978d639650000000000000000570b0acbcaa196e6b46e213a34c1a550e7c2d8cee7a278cee591f360e345d37dc9f8991a16c08d72317e42d2ac9126acd76130ef1086016697e4d51c4b42b2efc8edab88d46bc3d5d6e5a634c912bc40513643bf44cb416b3149040220aa39035ae46d16d879fc815a5cb84b0d5c8ad970128adf8dec1171e860ca54ce5d6a5aa0327bca4f49a710bf8a8399071237fe5d764e2034873c94a4f21287f3bce3eeb69e94df2e14e4ab10cc7834b304bc879b80255991dd7aac2e92c9e7c411c019d229c1f1e563152f1c5ae9cda3e808000000a0c779d624c5a2b7491b8f73e767389ecd1dee951353bb22b7caf89468871520823715cfebd04189c6c6b34bd8a6541f6bc0630000000000f94e85f5111add3a3cb5bcace95f38465402c39df835754ef33056b0e1134187822c001a25304f3e00b44675d0a25a21dc4023c642cc6f5a75c45a29ab933600acf9a2d471b73a73178cdf309e5d53311996215b44295dfddc1dd6b81132e999366e460d15d366e84da02b8afc40c47e733f804460ed8300ec34eab2ed80097bd32ff1a6143ab1476037e474ca876187c85bed4391215cd77e6a1fd6399a498b96b9b0cca93255acb08c67e50004c5af6fd5b4ce7c1ebc9202bd7b329a4d2530486d5999dd7f90ebecca37f2869135438f0540801fd7481daf9ec94b799c12e714d573e2a6331f496254f254a60c52b2026ed6a72c82cd191490fabe7b151f92e5d700f21830d613fbe490f305b3845a78817e59bf7ed36471dbca01d39e50ae2535460e1d2f2614940647233a02d5000000000000000000f70e52f0d56f6a4dcf7e57c03d4b4add0500000000000000320304d0d2b308c5ed3956eae263035d703f862224e9818a3d7ac270793a7bf2af87585293960a80ac63c54e55063bf8d24639e561253ef0caf6c58118120d8acecc0528f0d81d291009fc46401baf9c22d1c452a5b61b7a1b9adfcc17f5ad99dcdf935923185db7b14a7fa7babc1f53df70618bb73aa810b756696f26653b84cf842ae433fda59fbe312be11bb7dfecdc38c1c1f688d2724568cc396fca7c74984b7f7bd000000000000003ff3e5857fc6598c933610be374909dc8622b0722259e922f40d7862f7ea72f1754f07711de7600000000000000000000000000c4cb643e73ad8a45f0c7164484540e66e29943aa72297d831ce6c978866a55ed53130c6747f569c9c9abe724b4fc647b17401d2201e8c201e7d6ffa1fa122677f7393ed4fe8a93306f048b6703b04544e42a9cd937ef8d98ee8d878a12a627791c5c2d9fc6de65356be92fd98fdbe819686c7bd3be5bd0ce627c8357675f752c73a502d25c31c831078f098c34295bfe90e882843003841f4c0c65dc1810a50000000000000015911cb03e743c482199757d35df5b59fe0a0c5240c85498d818578e2d65c4ff4acbee037498222b1f81f3726a244da1fd6b8c195f1303bedb744045f31e1547d7bc3c3eae68b8da059a59c8c37e3639c2c4eb3d8229ac24d2ce12bc0e5db4a8202d72e64d5c5eacd0d0c0cd7a879ed967f5a2bd39ae4cf7daf7c9fa1777d54fb5920c8434163f75062c62455bf6e23817a85d"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0) r4 = openat$vmci(0xffffff9c, &(0x7f0000000380), 0x2, 0x0) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f00000003c0)={{@host, 0x6}, @host, 0x4, 0x8, 0x9, 0x3, 0x3, 0x8, 0xa73f}) r5 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4) bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r5, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x46, 0x0, 0x0) setsockopt$inet6_int(r5, 0x29, 0x42, &(0x7f0000000100)=0x1e79, 0x4) sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r6, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x1c, r7, 0x331, 0x0, 0x0, {0x8}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}]}, 0x1c}}, 0x0) syz_emit_vhci(&(0x7f0000000240)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_LE_SET_SCAN_PARAM}}, 0x7) 3.562706619s ago: executing program 3 (id=2102): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000791240000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x90) splice(0xffffffffffffffff, &(0x7f0000000280), r0, 0x0, 0x8, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800"/16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000080)=ANY=[@ANYRES64], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x4}]}) rt_sigqueueinfo(0x0, 0x0, 0x0) r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002302230102090500000010000020d3"]) mq_open(&(0x7f00000001c0)='eth0\xd2', 0x42, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe15, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffff4b, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) bpf$BPF_PROG_GET_NEXT_ID(0x7, &(0x7f0000000000), 0x8) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r3, 0x5609, &(0x7f0000000080)={0x9}) add_key(&(0x7f0000000080)='user\x00', &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000040)="cd", 0x1, 0xfffffffffffffffc) r4 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000340)='$,[\x00', &(0x7f0000000480)='syz', 0x0) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x7f}, 0x48) ioctl$CAPI_REGISTER(r4, 0x400c4301, &(0x7f0000000080)={0x0, 0x0, 0x800}) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x14f881, 0x0) syz_io_uring_setup(0x1f9, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000440), &(0x7f0000000140)) close_range(r1, 0xffffffffffffffff, 0x0) 3.366657251s ago: executing program 3 (id=2103): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) socket$nl_generic(0x10, 0x3, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x8, &(0x7f0000000000)=0xfffffffe, 0x4) getsockopt$inet6_tcp_buf(r1, 0x6, 0x8, 0x0, &(0x7f0000001040)) r2 = dup(r0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x0, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000015000200071b1700bd030100000000009500000000000000bc26080000000000bf67000000000000070300000fff0700670200000300000016060a000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad43"], 0x0}, 0x90) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"]) ioctl$KVM_RUN(r5, 0xae80, 0x0) write$UHID_INPUT(r2, &(0x7f0000002080)={0xfc, {"fce3ad09ed0d09f9075e071887f70e06d038e7ff7fc6e5539b0d3e0a8b089b3f36356d030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) ioctl$VT_DISALLOCATE(r0, 0x5608) 2.352427565s ago: executing program 0 (id=2104): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc0109058903"], 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040efc"], 0xff) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x1}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xbb}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14}, 0x90) socket$inet_udplite(0x2, 0x2, 0x88) socket(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xd, 0x1, 0x4, 0x6, 0x115}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000980)=0x7) setuid(r6) ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0x11) socket$inet6(0xa, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="043e110b"], 0xfc) bind$alg(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0) syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0) 2.011678764s ago: executing program 3 (id=2106): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$VT_ACTIVATE(r1, 0x4bfa, 0x0) r2 = io_uring_setup(0x2e34, 0x0) r3 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r3, &(0x7f000047b000)={0xa, 0x404e20, 0x0, @empty}, 0x1c) listen(r3, 0x400000001ffffffd) r4 = socket$inet6(0xa, 0x6, 0xb00) r5 = timerfd_create(0x6, 0x0) socket$l2tp6(0xa, 0x2, 0x73) socket$nl_route(0x10, 0x3, 0x0) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000004c0)={'veth1_to_hsr\x00', 0x0}) r8 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r8, &(0x7f0000000200)={0x18, 0x2, {0x1, @local}}, 0x1e) bind$pptp(r8, &(0x7f0000000000)={0x18, 0x2, {0x0, @empty}}, 0x1e) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_LINK={0x8, 0x5, r7}, @IFLA_MASTER={0x8, 0x3, r7}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004081}, 0x0) r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000240)=[r5, r4, r3, r9], 0x4) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) accept4(r3, 0x0, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0xffffffc3) r10 = socket$igmp6(0xa, 0x3, 0x2) bind$inet6(r10, &(0x7f0000000040)={0xa, 0x4e24, 0x70, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x745c9586}, 0x1c) close_range(r2, 0xffffffffffffffff, 0x0) 461.933441ms ago: executing program 3 (id=2107): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup(r1) syz_emit_ethernet(0x8e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2000000080080000000000106907800000000e00000010000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="b000000090780000040200fe09f9898a66eb76db0007ec5adf5b021e440009c99defa242eb97b9109b643c099cffe5acf82f8ddf78a70dea12af0718aebaa5a3528dfbeca9dccb7a"], 0x0) r3 = syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) write$binfmt_aout(r4, &(0x7f00000010c0)=ANY=[], 0x1a3) write$binfmt_misc(r4, &(0x7f0000000040)=ANY=[], 0xe09) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) mount$9p_fd(0x20100000, &(0x7f0000000380)='.\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r0}}) sendmsg$SEG6_CMD_DUMPHMAC(r0, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=0x0, @ANYRESOCT=r3], 0x80}, 0x1, 0x0, 0x0, 0x4041}, 0x20000881) openat$ptmx(0xffffffffffffff9c, 0x0, 0xa80280, 0x0) restart_syscall() setgroups(0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f00000000c0), 0x4) r5 = socket(0x1e, 0x1, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r5, 0x10f, 0x81, &(0x7f0000000180)=0x3ff, 0x4) sendmsg$xdp(0xffffffffffffffff, 0x0, 0x0) connect$tipc(r5, &(0x7f0000000040)=@id, 0x10) connect$tipc(r5, 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{r6}, &(0x7f0000000680), &(0x7f00000006c0)='%+9llu \x00'}, 0x20) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10) shutdown(r5, 0x2) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b28, &(0x7f0000000380)={'wlan1\x00', @multicast}) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) 0s ago: executing program 3 (id=2108): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, 0x0}) r3 = syz_open_procfs(r2, &(0x7f0000000600)='fd/4\x00') bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000280)=ANY=[@ANYRESDEC=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000000000000b7040000000000008500000033", @ANYBLOB="18000000000000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$ptmx(0xffffff9c, &(0x7f0000000040), 0x24000, 0x0) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write$eventfd(r3, &(0x7f0000000700)=0x400, 0x8) sendmsg$alg(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000340)="707e7937adff57d638501712d4a357a66e4fb1e6e44612ce9f9b6e422f015058a14e79f9d1eae8922510458ef0542cafb7e3c12a7b575fc18365f2b31255660f4fe82eb52c4b3e4f3b021f734810acb50135a7c8ac18654d63aeeca9af4a0d7e49e83ffd05b63629edc73f41768ee087744dd789e024380f1608932dfa32502e9fc4678ed401bb88b299cb6517548b6e2fce9b67544477da624a635db4aefa33f787def63d37c6056d5fba3adbbba1d7b7ec1a5f6f2f51fdf1e6c0f823fa25f1202f9024bae3829c323e01af94bcc80e0db7481f3ea44a1673e00ebeef2aad80afa923eda2fe7db5214405a49dab5d5667", 0xf1}, {&(0x7f0000000180)="056053b851ea4645962ade43f6cd68b3de787e154e542e8bd6b75dd6329cfe97e531d5c06bb10243228286", 0x2b}, {&(0x7f0000000440)="88687e841902a7f7a4a2739ebfd2c1bfaed5f333665ddd0f95e166e717af8730238e41faead95bad22e293939f57c73cc11c9639eec63e03b3a51f8d317e8c3edfc7b30e5fa47f784edd6b71557f7643f511a3011210191bfb5df08b637f7c2842add2262ddb203b1de95f92106c9b559575e7fbd8e492647f", 0x79}, {&(0x7f00000004c0)="5503ab9f1d01319c9a4435a7d5863bae6503cb155938a52bfcf4a990e61aec67a23cba82f0132f732088a6ce6bc98ae9d4708539fbeb2bf27ede97d3d439214efd0acf007d5543648c006de52ebc61fc1d39ef5cf27251430b36df4ebef8d68f46355d9e141cf137462d01356befa829b4522fb0c7d954ce63e5bebdb927817eb44d2a68d29bfb855fac636e41b39df983ea8715abead9aa9d66478ab24be5f6d1119967346d55206d618f", 0xab}], 0x4, &(0x7f0000000640)=[@iv={0x94, 0x117, 0x2, 0x82, "3e17ab171e8e27fed77af781bbea7c850fd541746e1bed102717551688487634a0cd3e25c30ec6ddff3feeba7edfbcc9f7cdef3cc7fc8b9437205eaaebb11c3b1b633e53bd0432e8b14112ee2f3fc6a26054ca0bc1c0264b13e6b2d7c8d7cb6057385367c91a97eafef3215184d1492caeeb0b125fefdb55e9bbe8d25ca8cdee1689"}], 0x94, 0x20040004}, 0x800) ioctl$HCIINQUIRY(r4, 0x400448cc, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="400000006800010000000000000000000a0000000000000018000880140001000000000000000000000004000000000008000500", @ANYRES32=r5, @ANYBLOB="060006"], 0x40}}, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40305829, &(0x7f0000000240)) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f00000005c0)={0x6, 0x80000000, 0xac4, 0x6, 0x45, "ce1ad582bfd481bdd66a9624bf6c4ee44a8dc2", 0x795, 0x3}) syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') (async) fchdir(r0) (async) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) (async) inotify_init1(0x0) (async) fcntl$setown(r1, 0x8, 0xffffffffffffffff) (async) fcntl$getownex(r1, 0x10, &(0x7f0000000140)) (async) syz_open_procfs(r2, &(0x7f0000000600)='fd/4\x00') (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000280)=ANY=[@ANYRESDEC=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000000000000b7040000000000008500000033", @ANYBLOB="18000000000000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async) openat$ptmx(0xffffff9c, &(0x7f0000000040), 0x24000, 0x0) (async) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) (async) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async) write$eventfd(r3, &(0x7f0000000700)=0x400, 0x8) (async) sendmsg$alg(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000340)="707e7937adff57d638501712d4a357a66e4fb1e6e44612ce9f9b6e422f015058a14e79f9d1eae8922510458ef0542cafb7e3c12a7b575fc18365f2b31255660f4fe82eb52c4b3e4f3b021f734810acb50135a7c8ac18654d63aeeca9af4a0d7e49e83ffd05b63629edc73f41768ee087744dd789e024380f1608932dfa32502e9fc4678ed401bb88b299cb6517548b6e2fce9b67544477da624a635db4aefa33f787def63d37c6056d5fba3adbbba1d7b7ec1a5f6f2f51fdf1e6c0f823fa25f1202f9024bae3829c323e01af94bcc80e0db7481f3ea44a1673e00ebeef2aad80afa923eda2fe7db5214405a49dab5d5667", 0xf1}, {&(0x7f0000000180)="056053b851ea4645962ade43f6cd68b3de787e154e542e8bd6b75dd6329cfe97e531d5c06bb10243228286", 0x2b}, {&(0x7f0000000440)="88687e841902a7f7a4a2739ebfd2c1bfaed5f333665ddd0f95e166e717af8730238e41faead95bad22e293939f57c73cc11c9639eec63e03b3a51f8d317e8c3edfc7b30e5fa47f784edd6b71557f7643f511a3011210191bfb5df08b637f7c2842add2262ddb203b1de95f92106c9b559575e7fbd8e492647f", 0x79}, {&(0x7f00000004c0)="5503ab9f1d01319c9a4435a7d5863bae6503cb155938a52bfcf4a990e61aec67a23cba82f0132f732088a6ce6bc98ae9d4708539fbeb2bf27ede97d3d439214efd0acf007d5543648c006de52ebc61fc1d39ef5cf27251430b36df4ebef8d68f46355d9e141cf137462d01356befa829b4522fb0c7d954ce63e5bebdb927817eb44d2a68d29bfb855fac636e41b39df983ea8715abead9aa9d66478ab24be5f6d1119967346d55206d618f", 0xab}], 0x4, &(0x7f0000000640)=[@iv={0x94, 0x117, 0x2, 0x82, "3e17ab171e8e27fed77af781bbea7c850fd541746e1bed102717551688487634a0cd3e25c30ec6ddff3feeba7edfbcc9f7cdef3cc7fc8b9437205eaaebb11c3b1b633e53bd0432e8b14112ee2f3fc6a26054ca0bc1c0264b13e6b2d7c8d7cb6057385367c91a97eafef3215184d1492caeeb0b125fefdb55e9bbe8d25ca8cdee1689"}], 0x94, 0x20040004}, 0x800) (async) ioctl$HCIINQUIRY(r4, 0x400448cc, 0x0) (async) socket$nl_route(0x10, 0x3, 0x0) (async) sendmsg$nl_route(r5, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="400000006800010000000000000000000a0000000000000018000880140001000000000000000000000004000000000008000500", @ANYRES32=r5, @ANYBLOB="060006"], 0x40}}, 0x0) (async) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40305829, &(0x7f0000000240)) (async) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f00000005c0)={0x6, 0x80000000, 0xac4, 0x6, 0x45, "ce1ad582bfd481bdd66a9624bf6c4ee44a8dc2", 0x795, 0x3}) (async) kernel console output (not intermixed with test programs): .677673][T12797] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 546.679929][T12797] ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360 [ 546.682182][T12797] ? sctp_bind_addr_copy+0xe0/0x530 [ 546.683941][T12797] sctp_bind_addr_copy+0xe0/0x530 [ 546.685757][T12797] sctp_connect_new_asoc+0x1d8/0x790 [ 546.687563][T12797] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 546.689557][T12797] ? mark_held_locks+0x9f/0xe0 [ 546.691281][T12797] ? sctp_sendmsg+0x112f/0x1f10 [ 546.692908][T12797] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 546.695098][T12797] sctp_sendmsg+0x162a/0x1f10 [ 546.696767][T12797] ? __pfx___lock_acquire+0x10/0x10 [ 546.698785][T12797] ? __pfx_sctp_sendmsg+0x10/0x10 [ 546.700872][T12797] ? __pfx___might_resched+0x10/0x10 [ 546.702842][T12797] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 546.705063][T12797] ? __pfx_aa_sk_perm+0x10/0x10 [ 546.706942][T12797] ? __import_iovec+0x1fd/0x6e0 [ 546.708848][T12797] ? __pfx_sctp_sendmsg+0x10/0x10 [ 546.710697][T12797] inet_sendmsg+0x119/0x140 [ 546.712098][T12797] ____sys_sendmsg+0x90d/0xb50 [ 546.713855][T12797] ? __pfx_____sys_sendmsg+0x10/0x10 [ 546.715798][T12797] ? get_compat_msghdr+0x11b/0x170 [ 546.717505][T12797] ? __pfx___lock_acquire+0x10/0x10 [ 546.719347][T12797] ___sys_sendmsg+0x135/0x1e0 [ 546.720995][T12797] ? __pfx____sys_sendmsg+0x10/0x10 [ 546.722727][T12797] ? __pfx_lock_release+0x10/0x10 [ 546.724495][T12797] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 546.726561][T12797] ? __fget_light+0x173/0x210 [ 546.728291][T12797] __sys_sendmmsg+0x2a5/0x450 [ 546.729925][T12797] ? __pfx___sys_sendmmsg+0x10/0x10 [ 546.731938][T12797] ? vfs_write+0x14d/0x1140 [ 546.733772][T12797] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 546.736261][T12797] ? fput+0x32/0x390 [ 546.737899][T12797] ? ksys_write+0x1ab/0x260 [ 546.739729][T12797] ? __pfx_ksys_write+0x10/0x10 [ 546.742170][T12797] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 546.744508][T12797] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 546.747228][T12797] __do_fast_syscall_32+0x73/0x120 [ 546.749457][T12797] do_fast_syscall_32+0x32/0x80 [ 546.751396][T12797] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 546.753957][T12797] RIP: 0023:0xf7466579 [ 546.755542][T12797] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 546.763002][T12797] RSP: 002b:00000000f5d7e57c EFLAGS: 00000292 ORIG_RAX: 0000000000000159 [ 546.766481][T12797] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001a80 [ 546.769632][T12797] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 546.772378][T12797] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 546.774811][T12797] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 546.777720][T12797] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 546.781029][T12797] [ 546.813156][ T39] audit: type=1326 audit(1720355286.724:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12798 comm="syz.3.1798" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7459579 code=0x0 [ 546.891979][T12801] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 548.297816][ T55] usb 7-1: USB disconnect, device number 37 [ 548.768326][T12816] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1802'. [ 549.030662][T12820] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 549.142470][T12820] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 549.210586][T12820] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1804'. [ 549.240645][T12820] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1804'. [ 549.245886][T12820] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1804'. [ 549.313201][T12821] RDS: rds_bind could not find a transport for fc00::, load rds_tcp or rds_rdma? [ 551.360594][T12847] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 551.393246][T12847] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 551.420821][T12847] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1815'. [ 551.431852][T12847] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1815'. [ 551.451187][T12847] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1815'. [ 551.521224][T12849] RDS: rds_bind could not find a transport for fc00::, load rds_tcp or rds_rdma? [ 552.030680][T12850] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1814'. [ 553.397483][T12872] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1823'. [ 553.527359][T12874] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1823'. [ 554.190674][T12884] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 554.232459][T12884] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 554.272326][T12884] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1827'. [ 554.279001][T12884] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1827'. [ 554.294292][T12884] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1827'. [ 554.361583][T12885] RDS: rds_bind could not find a transport for fc00::, load rds_tcp or rds_rdma? [ 554.543567][T12890] netlink: 'syz.0.1826': attribute type 4 has an invalid length. [ 555.615336][T12901] netlink: 'syz.1.1832': attribute type 1 has an invalid length. [ 555.619038][T12901] netlink: 'syz.1.1832': attribute type 4 has an invalid length. [ 555.640498][T12901] netlink: 15334 bytes leftover after parsing attributes in process `syz.1.1832'. [ 555.650494][T12900] netlink: 'syz.1.1832': attribute type 1 has an invalid length. [ 555.654252][T12900] netlink: 'syz.1.1832': attribute type 4 has an invalid length. [ 555.657830][T12900] netlink: 15334 bytes leftover after parsing attributes in process `syz.1.1832'. [ 555.710655][T12903] €: renamed from bridge_slave_1 (while UP) [ 556.070688][T12914] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1836'. [ 556.160471][ T39] audit: type=1326 audit(1720355296.054:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12909 comm="syz.2.1836" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x0 [ 556.788754][T12930] netlink: 'syz.1.1839': attribute type 4 has an invalid length. [ 557.092780][T12936] FAULT_INJECTION: forcing a failure. [ 557.092780][T12936] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 557.099646][T12936] CPU: 2 PID: 12936 Comm: syz.0.1842 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0 [ 557.105064][T12936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 557.110484][T12936] Call Trace: [ 557.111980][T12936] [ 557.113327][T12936] dump_stack_lvl+0x16c/0x1f0 [ 557.115433][T12936] should_fail_ex+0x497/0x5b0 [ 557.117814][T12936] _copy_to_user+0x30/0xc0 [ 557.119825][T12936] generic_map_lookup_batch+0x69a/0xb90 [ 557.122403][T12936] ? __pfx_generic_map_lookup_batch+0x10/0x10 [ 557.125426][T12936] bpf_map_do_batch+0x43e/0x6e0 [ 557.127825][T12936] ? __pfx_generic_map_lookup_batch+0x10/0x10 [ 557.130930][T12936] __sys_bpf+0x5301/0x5830 [ 557.133260][T12936] ? __pfx___sys_bpf+0x10/0x10 [ 557.135742][T12936] ? ksys_write+0x21c/0x260 [ 557.138249][T12936] ? __pfx_lock_release+0x10/0x10 [ 557.141083][T12936] ? __mutex_unlock_slowpath+0x164/0x650 [ 557.144227][T12936] ? fput+0x32/0x390 [ 557.146273][T12936] ? ksys_write+0x1ab/0x260 [ 557.148641][T12936] ? __pfx_ksys_write+0x10/0x10 [ 557.151144][T12936] __ia32_sys_bpf+0x76/0xe0 [ 557.153656][T12936] __do_fast_syscall_32+0x73/0x120 [ 557.156632][T12936] do_fast_syscall_32+0x32/0x80 [ 557.159226][T12936] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 557.162645][T12936] RIP: 0023:0xf73b1579 [ 557.164809][T12936] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 557.174061][T12936] RSP: 002b:00000000f5cc957c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 557.178593][T12936] RAX: ffffffffffffffda RBX: 0000000000000018 RCX: 00000000200000c0 [ 557.182970][T12936] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000 [ 557.187198][T12936] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 557.191391][T12936] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 557.195119][T12936] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 557.198588][T12936] [ 558.108159][T12966] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1851'. [ 558.145759][T12966] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1851'. [ 558.597219][T12973] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1853'. [ 558.607080][T12973] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1853'. [ 559.400595][ T10] usb 6-1: new high-speed USB device number 37 using dummy_hcd [ 559.593656][ T10] usb 6-1: Using ep0 maxpacket: 16 [ 559.617070][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 559.622248][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 559.632597][ T10] usb 6-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 559.648637][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 559.660247][ T10] usb 6-1: config 0 descriptor?? [ 559.962174][T12984] sp0: Synchronizing with TNC [ 560.010219][T12990] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1858'. [ 560.074595][T12990] batman_adv: batadv1: Adding interface: netdevsim0 [ 560.084910][T12990] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 560.121627][T12990] batman_adv: batadv1: Interface activated: netdevsim0 [ 560.160907][T12984] can0: slcan on ptm0. [ 560.451829][T12983] can0 (unregistered): slcan off ptm0. [ 560.477814][ T10] usbhid 6-1:0.0: can't add hid device: -71 [ 560.490627][ T10] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 560.506567][ T10] usb 6-1: USB disconnect, device number 37 [ 561.156634][T13014] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1861'. [ 562.885202][T13027] netlink: 9396 bytes leftover after parsing attributes in process `syz.2.1866'. [ 562.890991][T13027] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1866'. [ 562.895673][T13027] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1866'. [ 562.900326][T13027] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1866'. [ 563.309821][T13034] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1869'. [ 564.296801][T13042] kvm: MWAIT instruction emulated as NOP! [ 565.959110][T13054] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1872'. [ 565.980516][T13054] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1872'. [ 567.510534][ T30] usb 7-1: new high-speed USB device number 38 using dummy_hcd [ 567.710515][ T30] usb 7-1: Using ep0 maxpacket: 16 [ 567.722861][ T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 567.727636][ T30] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 567.746731][ T30] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 567.760946][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 567.772822][ T30] usb 7-1: config 0 descriptor?? [ 568.225085][ T30] microsoft 0003:045E:07DA.0008: No inputs registered, leaving [ 568.242482][ T30] microsoft 0003:045E:07DA.0008: hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 568.247581][ T30] microsoft 0003:045E:07DA.0008: no inputs found [ 568.260652][ T30] microsoft 0003:045E:07DA.0008: could not initialize ff, continuing anyway [ 568.423411][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.426619][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.702569][ T30] usb 7-1: USB disconnect, device number 38 [ 569.412780][T13071] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1878'. [ 569.416647][T13071] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1878'. [ 569.731892][T13069] TCP: MD5 Hash failed for 172.20.20.187.0->255.255.255.255.20002 [RP.] L3 index 0 [ 569.760650][T13069] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1876'. [ 570.141323][T13077] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1879'. [ 570.805237][ T4638] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 570.813331][ T4638] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 570.818273][ T4638] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 570.834628][ T4638] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 570.839599][ T4638] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 570.843263][ T4638] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 571.315489][T13089] chnl_net:caif_netlink_parms(): no params data found [ 571.402649][ T39] audit: type=1400 audit(1720355311.314:435): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A220AE10CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A552C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=13094 comm="syz.2.1883" [ 571.573768][T13089] bridge0: port 1(bridge_slave_0) entered blocking state [ 571.590601][T13089] bridge0: port 1(bridge_slave_0) entered disabled state [ 571.593870][T13089] bridge_slave_0: entered allmulticast mode [ 571.632086][T13089] bridge_slave_0: entered promiscuous mode [ 571.643656][T13089] bridge0: port 2(bridge_slave_1) entered blocking state [ 571.671214][T13089] bridge0: port 2(bridge_slave_1) entered disabled state [ 571.674236][T13089] bridge_slave_1: entered allmulticast mode [ 571.678192][T13089] bridge_slave_1: entered promiscuous mode [ 571.826868][T13089] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 571.844613][T13089] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 572.011589][T13089] team0: Port device team_slave_0 added [ 572.018429][T13089] team0: Port device team_slave_1 added [ 572.150630][T13089] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 572.153560][T13089] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 572.177124][T13089] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 572.185722][T13089] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 572.188897][T13089] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 572.210455][T13089] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 572.476311][T13089] hsr_slave_0: entered promiscuous mode [ 572.500990][T13089] hsr_slave_1: entered promiscuous mode [ 572.510488][T13089] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 572.513820][T13089] Cannot create hsr debugfs directory [ 572.596755][ T5211] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 572.620527][ T5211] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 572.626438][ T5211] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 572.650946][ T5211] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 572.655073][ T5211] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 572.658534][ T5211] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 572.901005][ T5211] Bluetooth: hci10: command tx timeout [ 573.096044][T13089] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 573.283730][T13089] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 573.492820][T13089] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 573.535532][T13105] chnl_net:caif_netlink_parms(): no params data found [ 573.685697][T13089] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 573.871477][T13105] bridge0: port 1(bridge_slave_0) entered blocking state [ 573.874539][T13105] bridge0: port 1(bridge_slave_0) entered disabled state [ 573.877617][T13105] bridge_slave_0: entered allmulticast mode [ 573.881119][T13105] bridge_slave_0: entered promiscuous mode [ 573.884897][T13105] bridge0: port 2(bridge_slave_1) entered blocking state [ 573.887341][T13105] bridge0: port 2(bridge_slave_1) entered disabled state [ 573.890362][T13105] bridge_slave_1: entered allmulticast mode [ 573.893824][T13105] bridge_slave_1: entered promiscuous mode [ 574.055169][T13105] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 574.062072][T13105] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 574.198586][T13105] team0: Port device team_slave_0 added [ 574.231362][T13105] team0: Port device team_slave_1 added [ 574.391220][T13105] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 574.394107][T13105] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 574.431892][T13105] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 574.456755][T13105] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 574.459548][T13105] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 574.500487][T13105] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 574.537363][T13117] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1886'. [ 574.546145][T13117] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1886'. [ 574.630522][T13089] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 574.644080][T13089] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 574.741797][ T5211] Bluetooth: hci12: command tx timeout [ 574.776872][T13105] hsr_slave_0: entered promiscuous mode [ 574.779820][T13105] hsr_slave_1: entered promiscuous mode [ 574.783465][T13105] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 574.786346][T13105] Cannot create hsr debugfs directory [ 574.800612][T13089] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 574.833972][T13089] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 574.980808][ T5211] Bluetooth: hci10: command tx timeout [ 575.342436][T13105] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 575.563004][T13105] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 575.594504][T13089] 8021q: adding VLAN 0 to HW filter on device bond0 [ 575.615244][T13089] 8021q: adding VLAN 0 to HW filter on device team0 [ 575.631800][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 575.634745][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 575.668813][T13105] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 575.707209][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 575.710249][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 575.727166][T13126] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1888'. [ 575.746446][T13126] netlink: 'syz.2.1888': attribute type 1 has an invalid length. [ 575.776113][T13105] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 575.801991][T13089] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 575.806640][T13089] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 576.026808][T13105] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 576.054546][T13105] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 576.062763][T13105] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 576.074238][T13105] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 576.119448][T13089] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 576.255667][T13089] veth0_vlan: entered promiscuous mode [ 576.284492][T13105] 8021q: adding VLAN 0 to HW filter on device bond0 [ 576.311840][T13089] veth1_vlan: entered promiscuous mode [ 576.329146][ T55] usb 7-1: new high-speed USB device number 39 using dummy_hcd [ 576.355152][T13105] 8021q: adding VLAN 0 to HW filter on device team0 [ 576.369366][ T3525] bridge0: port 1(bridge_slave_0) entered blocking state [ 576.372661][ T3525] bridge0: port 1(bridge_slave_0) entered forwarding state [ 576.423360][ T3525] bridge0: port 2(bridge_slave_1) entered blocking state [ 576.426767][ T3525] bridge0: port 2(bridge_slave_1) entered forwarding state [ 576.461750][T13089] veth0_macvtap: entered promiscuous mode [ 576.506293][T13089] veth1_macvtap: entered promiscuous mode [ 576.520098][ T55] usb 7-1: Using ep0 maxpacket: 16 [ 576.544580][ T55] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 576.549337][ T55] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 576.561176][ T55] usb 7-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 576.570593][ T55] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 576.570612][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 576.578785][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.581555][ T55] usb 7-1: config 0 descriptor?? [ 576.593616][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 576.598454][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.603254][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 576.610486][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.615134][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 576.630010][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.634926][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 576.639540][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.644880][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 576.649482][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.656963][ T39] audit: type=1326 audit(1720355316.564:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13138 comm="syz.3.1890" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7459579 code=0x0 [ 576.664746][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 576.674874][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.678701][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 576.690545][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.694888][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 576.699465][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.720521][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 576.725273][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.729585][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 576.750459][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.757162][T13089] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 576.764830][T13140] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 576.782530][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.786992][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.800802][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.800822][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.800833][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.800845][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.800864][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.800877][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.800891][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.800903][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.800917][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.800930][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.800944][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.800956][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.800970][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.800983][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.800997][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.801008][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.801022][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.801034][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.801049][T13089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.801061][T13089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.813092][T13089] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 576.816680][T13089] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.816713][T13089] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.816740][T13089] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.816766][T13089] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.832188][ T5211] Bluetooth: hci12: command tx timeout [ 576.856782][T13135] sp0: Synchronizing with TNC [ 577.022115][T13135] can0: slcan on ptm0. [ 577.070836][ T5211] Bluetooth: hci10: command tx timeout [ 577.154356][T13105] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 577.160823][T13133] can0 (unregistered): slcan off ptm0. [ 577.210595][ T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 577.214174][ T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 577.272899][ T55] usbhid 7-1:0.0: can't add hid device: -71 [ 577.275644][ T55] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 577.283288][ T1093] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 577.293752][ T1093] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 577.301807][ T55] usb 7-1: USB disconnect, device number 39 [ 577.357038][T13105] veth0_vlan: entered promiscuous mode [ 577.397992][T13105] veth1_vlan: entered promiscuous mode [ 577.445509][T13105] veth0_macvtap: entered promiscuous mode [ 577.473832][T13105] veth1_macvtap: entered promiscuous mode [ 577.492460][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 577.497759][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.510512][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 577.515589][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.521868][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 577.526511][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.531711][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 577.550435][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.554878][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 577.559342][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.564081][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 577.568696][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.585968][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 577.591513][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.595907][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 577.600346][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.621499][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 577.626123][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.640468][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 577.645327][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.649558][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 577.654642][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.659097][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 577.670473][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.677463][T13157] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 577.690206][T13105] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 577.702789][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 577.707834][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.726012][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 577.734304][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.738649][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 577.760530][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.764758][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 577.769201][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.780472][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 577.785147][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.789648][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 577.798306][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.820512][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 577.825218][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.829603][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 577.835460][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.839891][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 577.846998][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.869268][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 577.879472][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.884732][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 577.889201][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.893492][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 577.897820][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 577.903468][T13105] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 577.909164][T13160] netlink: 'syz.0.1881': attribute type 4 has an invalid length. [ 577.956282][T13105] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 577.960069][T13105] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 577.972525][T13105] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 577.976166][T13105] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 578.105503][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 578.108824][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 578.177678][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 578.186379][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 578.192092][T13169] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 578.290649][ T10] usb 7-1: new high-speed USB device number 40 using dummy_hcd [ 578.301993][T13169] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 578.401015][T13169] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1893'. [ 578.447324][T13169] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1893'. [ 578.473642][T13169] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1893'. [ 578.501004][ T10] usb 7-1: Using ep0 maxpacket: 16 [ 578.504786][ T10] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 578.508478][ T10] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 578.513737][ T10] usb 7-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 578.517529][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 578.532600][ T10] usb 7-1: config 0 descriptor?? [ 578.537952][ T10] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 578.571760][T13178] RDS: rds_bind could not find a transport for fc00::, load rds_tcp or rds_rdma? [ 578.701051][T13183] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1884'. [ 578.791938][T13167] sp0: Synchronizing with TNC [ 578.910719][ T5211] Bluetooth: hci12: command tx timeout [ 578.953390][T13167] can0: slcan on ptm0. [ 579.042842][T13166] can0 (unregistered): slcan off ptm0. [ 579.072778][T13145] usb 7-1: USB disconnect, device number 40 [ 579.150867][ T5211] Bluetooth: hci10: command tx timeout [ 579.720752][ T3525] usb 6-1: new high-speed USB device number 38 using dummy_hcd [ 579.870928][ T827] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 579.931075][ T3525] usb 6-1: Using ep0 maxpacket: 32 [ 580.016961][ T3525] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 580.020106][ T3525] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 580.046440][ T3525] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 580.054849][ T3525] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 580.070602][ T827] usb 5-1: Using ep0 maxpacket: 16 [ 580.074039][ T827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 580.077977][ T827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 580.080522][ T3525] usb 6-1: config 0 interface 0 has no altsetting 0 [ 580.081472][ T827] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 580.086849][ T827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 580.092464][ T827] usb 5-1: config 0 descriptor?? [ 580.118328][ T3525] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 580.121493][ T3525] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 580.124375][ T3525] usb 6-1: Product: syz [ 580.125827][ T3525] usb 6-1: Manufacturer: syz [ 580.127843][ T3525] usb 6-1: SerialNumber: syz [ 580.151881][T13210] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1900'. [ 580.162032][ T3525] usb 6-1: config 0 descriptor?? [ 580.167465][T13210] macvtap3: entered promiscuous mode [ 580.168216][ T3525] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 580.169553][T13210] macvtap3: entered allmulticast mode [ 580.176081][ T3525] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 580.400872][T13202] sp0: Synchronizing with TNC [ 580.493117][ T3525] usb 6-1: USB disconnect, device number 38 [ 580.495765][ C2] ldusb 6-1:0.0: usb_submit_urb failed (-19) [ 580.557143][T13196] ldusb 6-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 580.575055][T13202] can0: slcan on ptm0. [ 580.608293][ T3525] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 580.847520][T13201] can0 (unregistered): slcan off ptm0. [ 580.852236][ T827] usbhid 5-1:0.0: can't add hid device: -71 [ 580.855119][ T827] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 580.890905][ T827] usb 5-1: USB disconnect, device number 28 [ 580.995680][ T5211] Bluetooth: hci12: command tx timeout [ 581.196073][T13218] binder: 13214:13218 ioctl ab03 0 returned -22 [ 581.830943][ T7181] usb 6-1: new high-speed USB device number 39 using dummy_hcd [ 582.032696][ T7181] usb 6-1: Using ep0 maxpacket: 32 [ 582.037336][ T7181] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 582.050519][ T7181] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 582.059431][ T7181] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 582.071038][ T7181] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 582.076862][ T7181] usb 6-1: config 0 interface 0 has no altsetting 0 [ 582.112604][ T7181] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 582.116944][ T7181] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 582.130593][ T7181] usb 6-1: Product: syz [ 582.132583][ T7181] usb 6-1: Manufacturer: syz [ 582.134800][ T7181] usb 6-1: SerialNumber: syz [ 582.161485][ T7181] usb 6-1: config 0 descriptor?? [ 582.172596][ T7181] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 582.191067][ T7181] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 582.544511][T13224] ldusb 6-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 582.545661][ T35] usb 6-1: USB disconnect, device number 39 [ 582.547647][ C2] ldusb 6-1:0.0: usb_submit_urb failed (-19) [ 582.620541][ T35] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 582.640853][T13241] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 582.700035][T13241] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 582.748122][T13241] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1908'. [ 582.758254][T13241] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1908'. [ 582.780714][T13241] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1908'. [ 582.863182][T13244] RDS: rds_bind could not find a transport for fc00::, load rds_tcp or rds_rdma? [ 583.001839][T13246] FAULT_INJECTION: forcing a failure. [ 583.001839][T13246] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 583.030499][ T7181] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 583.038705][T13246] CPU: 1 PID: 13246 Comm: syz.2.1910 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0 [ 583.043088][T13246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 583.047689][T13246] Call Trace: [ 583.049191][T13246] [ 583.050520][T13246] dump_stack_lvl+0x16c/0x1f0 [ 583.052645][T13246] should_fail_ex+0x497/0x5b0 [ 583.054758][T13246] ? fs_reclaim_acquire+0xae/0x160 [ 583.057058][T13246] __should_fail_alloc_page+0xe7/0x130 [ 583.059455][T13246] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 583.062128][T13246] __alloc_pages_noprof+0x194/0x2460 [ 583.064441][T13246] ? hlock_class+0x4e/0x130 [ 583.066453][T13246] ? mark_lock+0xb5/0xc60 [ 583.068361][T13246] ? __pfx___lock_acquire+0x10/0x10 [ 583.070641][T13246] ? hlock_class+0x4e/0x130 [ 583.072671][T13246] ? __lock_acquire+0xc5d/0x3b30 [ 583.074876][T13246] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 583.077405][T13246] ? __pfx___lock_acquire+0x10/0x10 [ 583.079698][T13246] ? __pfx___lock_acquire+0x10/0x10 [ 583.082006][T13246] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 583.084641][T13246] ? policy_nodemask+0xea/0x4e0 [ 583.086840][T13246] alloc_pages_mpol_noprof+0x275/0x610 [ 583.089240][T13246] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 583.091843][T13246] ? xas_load+0x49/0x5b0 [ 583.093736][T13246] ? const_folio_flags+0x71/0x1f0 [ 583.095987][T13246] folio_alloc_noprof+0x1e/0xc0 [ 583.098187][T13246] filemap_alloc_folio_noprof+0x3ba/0x490 [ 583.100618][T13246] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 583.103343][T13246] __filemap_get_folio+0x53d/0xae0 [ 583.105653][T13246] ioctx_alloc+0x75c/0x1f80 [ 583.107704][T13246] ? __might_fault+0x13b/0x190 [ 583.109818][T13246] ? __pfx_ioctx_alloc+0x10/0x10 [ 583.111944][T13246] ? __might_fault+0xe3/0x190 [ 583.113998][T13246] __ia32_compat_sys_io_setup+0xc8/0x210 [ 583.116440][T13246] __do_fast_syscall_32+0x73/0x120 [ 583.118703][T13246] do_fast_syscall_32+0x32/0x80 [ 583.120845][T13246] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 583.123634][T13246] RIP: 0023:0xf747e579 [ 583.125482][T13246] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 583.133854][T13246] RSP: 002b:00000000f5d9657c EFLAGS: 00000292 ORIG_RAX: 00000000000000f5 [ 583.137540][T13246] RAX: ffffffffffffffda RBX: 0000000000000685 RCX: 0000000020000280 [ 583.141015][T13246] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 583.144453][T13246] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 583.148025][T13246] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 583.151912][T13246] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 583.155595][T13246] [ 583.230908][ T7181] usb 5-1: Using ep0 maxpacket: 16 [ 583.235185][ T7181] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 583.239708][ T7181] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 583.250495][ T7181] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 583.254274][ T7181] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 583.270370][ T7181] usb 5-1: config 0 descriptor?? [ 583.279166][ T7181] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 583.534084][T13243] sp0: Synchronizing with TNC [ 583.672882][T13243] can0: slcan on ptm0. [ 583.751746][T13252] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1911'. [ 583.760630][ T7181] usb 6-1: new high-speed USB device number 40 using dummy_hcd [ 583.808758][T13252] macvtap3: entered promiscuous mode [ 583.811770][T13252] macvtap3: entered allmulticast mode [ 583.820620][T13242] can0 (unregistered): slcan off ptm0. [ 583.841891][ T35] usb 5-1: USB disconnect, device number 29 [ 583.980533][ T7181] usb 6-1: Using ep0 maxpacket: 32 [ 583.984451][ T7181] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 584.000486][ T7181] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 584.024635][ T7181] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 584.029659][ T7181] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 584.050459][ T7181] usb 6-1: config 0 interface 0 has no altsetting 0 [ 584.064771][ T7181] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 584.070711][ T7181] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 584.074318][ T7181] usb 6-1: Product: syz [ 584.076135][ T7181] usb 6-1: Manufacturer: syz [ 584.078205][ T7181] usb 6-1: SerialNumber: syz [ 584.095411][ T7181] usb 6-1: config 0 descriptor?? [ 584.101185][ T7181] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 584.120794][ T7181] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 584.408492][T13250] ldusb 6-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 584.408856][ T55] usb 6-1: USB disconnect, device number 40 [ 584.411636][ C3] ldusb 6-1:0.0: usb_submit_urb failed (-19) [ 584.420361][ T55] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 584.605166][T13259] binder: 13258:13259 ioctl c00c620f 20000340 returned -22 [ 584.642870][T13259] veth0_vlan: entered allmulticast mode [ 584.771374][T13261] veth0_vlan: left promiscuous mode [ 584.782326][T13261] veth0_vlan: entered promiscuous mode [ 585.106583][T13268] netlink: 'syz.2.1916': attribute type 4 has an invalid length. [ 586.200681][ T56] usb 7-1: new high-speed USB device number 41 using dummy_hcd [ 586.220616][ T5252] usb 6-1: new high-speed USB device number 41 using dummy_hcd [ 586.400475][ T56] usb 7-1: Using ep0 maxpacket: 16 [ 586.404632][ T56] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 586.408988][ T56] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 586.430472][ T5252] usb 6-1: Using ep0 maxpacket: 16 [ 586.441265][ T56] usb 7-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 586.446018][ T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 586.462407][ T56] usb 7-1: config 0 descriptor?? [ 586.467165][ T5252] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 586.472063][ T5252] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 586.476091][ T5252] usb 6-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 586.479862][ T5252] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 586.493522][ T56] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 586.502674][ T5252] usb 6-1: config 0 descriptor?? [ 586.760561][T13284] sp0: Synchronizing with TNC [ 586.845617][T13285] sp0: Synchronizing with TNC [ 586.856853][T13284] can0: slcan on ptm0. [ 587.021103][T13283] can0 (unregistered): slcan off ptm0. [ 587.025645][T13291] usb 7-1: USB disconnect, device number 41 [ 587.150185][T13285] can0: slcan on ptm1. [ 587.317763][T13293] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1924'. [ 587.363187][T13282] can0 (unregistered): slcan off ptm1. [ 587.379115][T13293] macvtap4: entered promiscuous mode [ 587.381740][ T5252] usbhid 6-1:0.0: can't add hid device: -71 [ 587.381837][ T5252] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 587.388603][ T5252] usb 6-1: USB disconnect, device number 41 [ 587.391171][T13293] macvtap4: entered allmulticast mode [ 587.550917][ T5211] Bluetooth: hci10: Controller not accepting commands anymore: ncmd = 0 [ 587.556322][ T5211] Bluetooth: hci10: Injecting HCI hardware error event [ 587.561688][ T5211] Bluetooth: hci10: hardware error 0x00 [ 588.133485][T13315] can0: slcan on ptm0. [ 588.232630][T13313] can0 (unregistered): slcan off ptm0. [ 588.660667][T13145] usb 6-1: new high-speed USB device number 42 using dummy_hcd [ 588.721705][T13328] netlink: 'syz.3.1930': attribute type 4 has an invalid length. [ 588.860548][T13145] usb 6-1: Using ep0 maxpacket: 32 [ 588.865043][T13145] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 588.868692][T13145] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 588.882920][T13145] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 588.890262][T13145] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 588.905525][T13145] usb 6-1: config 0 interface 0 has no altsetting 0 [ 588.911839][T13145] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 588.915846][T13145] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 588.930050][T13145] usb 6-1: Product: syz [ 588.931979][T13145] usb 6-1: Manufacturer: syz [ 588.934106][T13145] usb 6-1: SerialNumber: syz [ 588.938687][T13145] usb 6-1: config 0 descriptor?? [ 588.944847][T13145] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 588.951462][T13145] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 589.586235][T13342] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1934'. [ 589.609516][T13342] macvtap4: entered promiscuous mode [ 589.615949][T13342] macvtap4: entered allmulticast mode [ 589.630526][ T5211] Bluetooth: hci10: Opcode 0x0c03 failed: -110 [ 590.831620][ T7181] usb 7-1: new high-speed USB device number 42 using dummy_hcd [ 591.030487][ T7181] usb 7-1: Using ep0 maxpacket: 16 [ 591.071012][ T7181] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 591.075965][ T7181] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 591.090492][ T7181] usb 7-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 591.094580][ T7181] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 591.111348][ T7181] usb 7-1: config 0 descriptor?? [ 591.444485][T13345] sp0: Synchronizing with TNC [ 591.608709][T13345] can0: slcan on ptm0. [ 591.780547][T13344] can0 (unregistered): slcan off ptm0. [ 591.789339][ T7181] usbhid 7-1:0.0: can't add hid device: -71 [ 591.792358][ T7181] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 591.823380][ T7181] usb 7-1: USB disconnect, device number 42 [ 592.561847][T13358] can0: slcan on ptm0. [ 592.672894][T13357] can0 (unregistered): slcan off ptm0. [ 594.278018][T13321] ldusb 6-1:0.0: Couldn't submit HID_REQ_SET_REPORT -110 [ 594.322167][ T7181] usb 6-1: USB disconnect, device number 42 [ 594.326121][ T7181] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 594.397423][T13373] omfs: Invalid superblock (0) [ 595.551211][T13387] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1943'. [ 595.661218][ T4638] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 595.668358][ T4638] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 595.672628][ T4638] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 595.677526][ T4638] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 595.681960][ T4638] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 595.686161][ T4638] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 595.736083][T13387] macvtap5: entered promiscuous mode [ 595.740225][T13387] macvtap5: entered allmulticast mode [ 595.988369][T13387] syz.3.1943 (13387) used greatest stack depth: 17728 bytes left [ 596.096338][T13389] chnl_net:caif_netlink_parms(): no params data found [ 596.660019][T13389] bridge0: port 1(bridge_slave_0) entered blocking state [ 596.670824][T13389] bridge0: port 1(bridge_slave_0) entered disabled state [ 596.674285][T13389] bridge_slave_0: entered allmulticast mode [ 596.695002][T13389] bridge_slave_0: entered promiscuous mode [ 596.712498][T13389] bridge0: port 2(bridge_slave_1) entered blocking state [ 596.715926][T13389] bridge0: port 2(bridge_slave_1) entered disabled state [ 596.719516][T13389] bridge_slave_1: entered allmulticast mode [ 596.732738][T13389] bridge_slave_1: entered promiscuous mode [ 596.855978][ T9678] syz_tun (unregistering): left allmulticast mode [ 597.624596][T13401] can0: slcan on ptm0. [ 597.645183][T13389] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 597.657700][T13389] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 597.780821][ T5211] Bluetooth: hci13: command tx timeout [ 598.388400][ T83] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 598.396525][ T83] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 598.422408][ T83] bond0 (unregistering): Released all slaves [ 598.612214][T13400] can0 (unregistered): slcan off ptm0. [ 598.673950][ T83] tipc: Left network mode [ 598.925018][T13389] team0: Port device team_slave_0 added [ 599.095149][T13389] team0: Port device team_slave_1 added [ 599.461838][T13389] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 599.464568][T13389] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 599.474944][T13389] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 599.481084][T13389] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 599.484050][T13389] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 599.495752][T13389] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 599.722424][ T83] hsr_slave_0: left promiscuous mode [ 599.726219][ T83] hsr_slave_1: left promiscuous mode [ 599.731417][ T83] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 599.734807][ T83] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 599.742771][ T83] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 599.746208][ T83] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 599.870639][ T5211] Bluetooth: hci13: command tx timeout [ 600.081317][ T83] veth1_macvtap: left promiscuous mode [ 600.083881][ T83] veth0_macvtap: left promiscuous mode [ 600.086518][ T83] veth1_vlan: left allmulticast mode [ 600.089159][ T83] veth1_vlan: left promiscuous mode [ 600.097574][ T83] veth0_vlan: left promiscuous mode [ 601.950877][ T5211] Bluetooth: hci13: command tx timeout [ 603.103189][ T83] team0 (unregistering): Port device team_slave_1 removed [ 603.455036][ T83] team0 (unregistering): Port device team_slave_0 removed [ 603.761220][ T112] EXT4-fs warning (device sda1): es_reclaim_extents:1825: forced shrink of precached extents [ 603.767060][ T112] EXT4-fs warning (device sda1): es_reclaim_extents:1825: forced shrink of precached extents [ 604.030700][ T5211] Bluetooth: hci13: command tx timeout [ 605.463796][T13438] sit0: entered promiscuous mode [ 605.504154][T13438] netlink: 'syz.3.1952': attribute type 1 has an invalid length. [ 605.507561][T13438] netlink: 1 bytes leftover after parsing attributes in process `syz.3.1952'. [ 605.560507][T13425] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1948'. [ 605.564120][T13425] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1948'. [ 605.567127][T13425] team_slave_1: entered promiscuous mode [ 605.569352][T13425] team_slave_1: entered allmulticast mode [ 605.939996][T13445] can0: slcan on ptm0. [ 605.953143][T13389] hsr_slave_0: entered promiscuous mode [ 605.990045][T13389] hsr_slave_1: entered promiscuous mode [ 606.009928][T13389] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 606.013473][T13389] Cannot create hsr debugfs directory [ 606.142174][T13444] can0 (unregistered): slcan off ptm0. [ 606.660695][T13145] usb 6-1: new high-speed USB device number 43 using dummy_hcd [ 606.725317][T13389] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 606.815837][T13389] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 606.850639][T13145] usb 6-1: Using ep0 maxpacket: 16 [ 606.856910][T13145] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 606.865545][T13145] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 606.886033][T13145] usb 6-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 606.889977][T13145] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 606.926421][T13145] usb 6-1: config 0 descriptor?? [ 607.074999][T13389] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 607.318875][T13389] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 607.428863][T13454] sp0: Synchronizing with TNC [ 607.654477][T13467] can0: slcan on ptm0. [ 607.807710][T13468] omfs: Invalid superblock (0) [ 608.243419][T13389] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 608.252139][T13389] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 608.256145][T13452] can0 (unregistered): slcan off ptm0. [ 608.262881][T13145] usbhid 6-1:0.0: can't add hid device: -71 [ 608.265598][T13145] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 608.291125][T13145] usb 6-1: USB disconnect, device number 43 [ 608.291135][T13389] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 608.435715][T13389] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 608.670058][T13389] 8021q: adding VLAN 0 to HW filter on device bond0 [ 608.720148][T13389] 8021q: adding VLAN 0 to HW filter on device team0 [ 608.743316][ T827] bridge0: port 1(bridge_slave_0) entered blocking state [ 608.746342][ T827] bridge0: port 1(bridge_slave_0) entered forwarding state [ 608.787228][T13145] bridge0: port 2(bridge_slave_1) entered blocking state [ 608.790907][T13145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 609.045626][T13489] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 609.164118][T13389] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 609.248192][T13389] veth0_vlan: entered promiscuous mode [ 609.318652][T13494] can0: slcan on ptm0. [ 609.352708][T13389] veth1_vlan: entered promiscuous mode [ 609.448598][T13389] veth0_macvtap: entered promiscuous mode [ 609.462349][T13389] veth1_macvtap: entered promiscuous mode [ 609.470597][T13491] can0 (unregistered): slcan off ptm0. [ 609.508213][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 609.520445][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.531084][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 609.540452][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.544433][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 609.569126][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.572883][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 609.576651][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.590004][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 609.593846][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.600152][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 609.604931][T13145] usb 7-1: new high-speed USB device number 43 using dummy_hcd [ 609.618524][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.623120][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 609.627518][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.640521][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 609.650538][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.654841][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 609.669279][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.680499][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 609.684948][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.689300][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 609.700549][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.710458][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 609.720465][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.726152][T13389] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 609.747658][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 609.760463][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.771921][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 609.775681][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.789209][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 609.793838][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.797196][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 609.801326][T13145] usb 7-1: Using ep0 maxpacket: 16 [ 609.810640][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.814791][T13145] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 609.818259][T13145] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 609.824291][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 609.827798][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.834420][T13145] usb 7-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 609.837687][T13145] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 609.845739][T13145] usb 7-1: config 0 descriptor?? [ 609.847605][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 609.861181][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.866234][T13145] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 609.873960][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 609.888818][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.897503][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 609.901633][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.905639][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 609.909952][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.913355][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 609.917662][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.921764][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 609.926158][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.930203][T13389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 609.934644][T13389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 609.940217][T13389] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 609.953388][T13389] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 609.956799][T13389] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 609.959997][T13389] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 609.964059][T13389] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 610.070819][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 610.073842][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 610.103293][ T1093] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 610.107235][ T1093] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 610.193246][T13501] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 610.203397][T13496] sp0: Synchronizing with TNC [ 610.250637][T13501] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 610.272385][T13501] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1966'. [ 610.296549][T13501] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1966'. [ 610.337091][T13501] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1966'. [ 610.418830][T13504] RDS: rds_bind could not find a transport for fc00::, load rds_tcp or rds_rdma? [ 610.431232][T13496] can0: slcan on ptm0. [ 610.588925][T13503] FAULT_INJECTION: forcing a failure. [ 610.588925][T13503] name failslab, interval 1, probability 0, space 0, times 0 [ 610.588953][T13503] CPU: 1 PID: 13503 Comm: syz.0.1944 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0 [ 610.588972][T13503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 610.588983][T13503] Call Trace: [ 610.588992][T13503] [ 610.589000][T13503] dump_stack_lvl+0x16c/0x1f0 [ 610.589028][T13503] should_fail_ex+0x497/0x5b0 [ 610.589059][T13503] should_failslab+0x9/0x20 [ 610.589084][T13503] kmalloc_trace_noprof+0x6b/0x310 [ 610.589108][T13503] ? con_insert_unipair+0x151/0x270 [ 610.589138][T13503] con_insert_unipair+0x151/0x270 [ 610.589168][T13503] con_set_unimap+0x3e0/0x630 [ 610.589206][T13503] vt_compat_ioctl+0x2e5/0x4e0 [ 610.589229][T13503] ? __pfx_vt_compat_ioctl+0x10/0x10 [ 610.589257][T13503] ? __fget_files+0x256/0x400 [ 610.589280][T13503] ? __pfx_vt_compat_ioctl+0x10/0x10 [ 610.589301][T13503] tty_compat_ioctl+0x300/0x4f0 [ 610.589327][T13503] ? __pfx_tty_compat_ioctl+0x10/0x10 [ 610.589353][T13503] __do_compat_sys_ioctl+0x2c3/0x330 [ 610.589378][T13503] __do_fast_syscall_32+0x73/0x120 [ 610.589406][T13503] do_fast_syscall_32+0x32/0x80 [ 610.589432][T13503] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 610.589454][T13503] RIP: 0023:0xf746a579 [ 610.589476][T13503] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 610.589495][T13503] RSP: 002b:00000000f5d8257c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 610.589516][T13503] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000000004b67 [ 610.589530][T13503] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 610.589542][T13503] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 610.589555][T13503] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 610.589568][T13503] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 610.589593][T13503] [ 610.595884][T13495] can0 (unregistered): slcan off ptm0. [ 610.596656][ T5252] usb 7-1: USB disconnect, device number 43 [ 610.637951][T13511] netlink: 'syz.3.1967': attribute type 4 has an invalid length. [ 611.546409][T13530] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 611.695991][T13534] can0: slcan on ptm0. [ 611.779017][T13535] 9pnet_fd: Insufficient options for proto=fd [ 611.815063][T13532] can0 (unregistered): slcan off ptm0. [ 611.971800][T13545] 9pnet: Unknown protocol version 9 [ 612.200530][ T56] usb 7-1: new high-speed USB device number 44 using dummy_hcd [ 612.400493][ T56] usb 7-1: Using ep0 maxpacket: 16 [ 612.406422][ T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 612.415170][ T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 612.419407][ T56] usb 7-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 612.436338][ T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 612.453829][ T56] usb 7-1: config 0 descriptor?? [ 612.939581][T13553] omfs: Invalid superblock (0) [ 613.242334][T13544] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 613.246729][T13544] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 613.442188][T13562] FAULT_INJECTION: forcing a failure. [ 613.442188][T13562] name failslab, interval 1, probability 0, space 0, times 0 [ 613.448933][T13562] CPU: 0 PID: 13562 Comm: syz.3.1977 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0 [ 613.453266][T13562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 613.457504][T13562] Call Trace: [ 613.458738][T13562] [ 613.459848][T13562] dump_stack_lvl+0x16c/0x1f0 [ 613.461598][T13562] should_fail_ex+0x497/0x5b0 [ 613.463287][T13562] should_failslab+0x9/0x20 [ 613.465554][T13562] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 613.467910][T13562] ? security_file_alloc+0x41/0x260 [ 613.470330][T13562] security_file_alloc+0x41/0x260 [ 613.472398][T13562] init_file+0x99/0x260 [ 613.474206][T13562] alloc_empty_file+0x91/0x1e0 [ 613.476304][T13562] path_openat+0xe0/0x2e50 [ 613.478321][T13562] ? hlock_class+0x4e/0x130 [ 613.480346][T13562] ? __lock_acquire+0x14f4/0x3b30 [ 613.482618][T13562] ? __pfx_path_openat+0x10/0x10 [ 613.484751][T13562] ? __pfx___lock_acquire+0x10/0x10 [ 613.487028][T13562] ? find_held_lock+0x2d/0x110 [ 613.489177][T13562] do_filp_open+0x1dc/0x430 [ 613.491187][T13562] ? __pfx_do_filp_open+0x10/0x10 [ 613.493436][T13562] ? find_held_lock+0x2d/0x110 [ 613.495899][T13562] ? _raw_spin_unlock+0x28/0x50 [ 613.498021][T13562] ? alloc_fd+0x2d7/0x6c0 [ 613.499957][T13562] do_sys_openat2+0x17a/0x1e0 [ 613.502119][T13562] ? __pfx_do_sys_openat2+0x10/0x10 [ 613.504816][T13562] __ia32_compat_sys_openat+0x16e/0x210 [ 613.507308][T13562] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 613.510166][T13562] ? ksys_write+0x1ab/0x260 [ 613.512246][T13562] __do_fast_syscall_32+0x73/0x120 [ 613.514681][T13562] do_fast_syscall_32+0x32/0x80 [ 613.517211][T13562] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 613.520283][T13562] RIP: 0023:0xf7459579 [ 613.522160][T13562] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 613.530622][T13562] RSP: 002b:00000000f5d2f57c EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 613.534315][T13562] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000100 [ 613.537692][T13562] RDX: 0000000000141a42 RSI: 0000000000000000 RDI: 0000000000000000 [ 613.541055][T13562] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 613.544465][T13562] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 613.547864][T13562] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 613.551276][T13562] [ 613.733813][T13549] sp0: Synchronizing with TNC [ 614.033983][T13552] Falling back ldisc for ptm0. [ 614.073913][ T56] usbhid 7-1:0.0: can't add hid device: -71 [ 614.076727][ T56] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 614.108020][ T56] usb 7-1: USB disconnect, device number 44 [ 614.315070][T13564] netlink: 'syz.1.1978': attribute type 4 has an invalid length. [ 614.774281][T13575] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 614.790214][T13575] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 614.807312][T13575] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1981'. [ 614.819229][T13575] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1981'. [ 614.824387][T13575] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1981'. [ 614.829844][ T39] audit: type=1804 audit(1720355354.714:437): pid=13573 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1980" name="/newroot/2/bus/file0" dev="overlay" ino=36 res=1 errno=0 [ 614.887602][T13576] RDS: rds_bind could not find a transport for fc00::, load rds_tcp or rds_rdma? [ 615.068202][T13579] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 616.145072][ T1093] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 616.364542][ T1093] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 616.515378][ T1093] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 616.607814][T13589] [U] [ 616.609793][T13589] [U] [ 616.611198][T13589] [U] [ 616.612463][T13589] [U] [ 616.643242][T13589] [U] [ 616.644600][T13589] [U] [ 616.645885][T13589] [U] [ 616.647155][T13589] [U] [ 616.648610][T13589] [U] [ 616.649861][T13589] [U] [ 616.651158][T13589] [U] [ 616.652378][T13589] [U] [ 616.663596][ T1093] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 616.703063][T13589] [U] [ 616.704415][T13589] [U] [ 616.705686][T13589] [U] [ 616.706950][T13589] [U] [ 616.734591][T13589] [U] [ 616.735923][T13589] [U] [ 616.737206][T13589] [U] [ 616.738472][T13589] [U] [ 616.739852][T13589] [U] [ 616.741131][T13589] [U] [ 616.742409][T13589] [U] [ 616.743667][T13589] [U] [ 616.748232][ T4638] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 616.756390][ T4638] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 616.761869][ T4638] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 616.766372][ T4638] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 616.773420][ T4638] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 616.776920][ T4638] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 616.781345][T13589] [U] [ 616.782594][T13589] [U] [ 616.783837][T13589] [U] [ 616.785084][T13589] [U] [ 616.786442][T13589] [U] [ 616.787680][T13589] [U] [ 616.788928][T13589] [U] [ 616.790174][T13589] [U] [ 616.794342][T13589] [U] [ 616.795599][T13589] [U] [ 616.796833][T13589] [U] [ 616.798059][T13589] [U] [ 616.799572][T13589] [U] [ 616.800795][T13589] [U] [ 616.802013][T13589] [U] [ 616.803161][T13589] [U] [ 616.804802][T13589] [U] [ 616.806056][T13589] [U] [ 616.807304][T13589] [U] [ 616.808570][T13589] [U] [ 616.810389][T13589] [U] [ 616.811667][T13589] [U] [ 616.812909][T13589] [U] [ 616.814168][T13589] [U] [ 616.815933][T13589] [U] [ 616.817193][T13589] [U] [ 616.818433][T13589] [U] [ 616.819662][T13589] [U] [ 616.821603][T13589] [U] [ 616.822899][T13589] [U] [ 616.824171][T13589] [U] [ 616.825421][T13589] [U] [ 616.827108][T13589] [U] [ 616.828375][T13589] [U] [ 616.829593][T13589] [U] [ 616.830838][T13589] [U] [ 616.877641][T13589] [U] [ 616.878987][T13589] [U] [ 616.880304][T13589] [U] [ 616.881626][T13589] [U] [ 616.943521][T13589] [U] [ 616.944868][T13589] [U] [ 616.946165][T13589] [U] [ 616.947464][T13589] [U] [ 616.949032][ T1093] bridge_slave_1: left allmulticast mode [ 616.952048][ T1093] bridge_slave_1: left promiscuous mode [ 616.961283][ T1093] bridge0: port 2(bridge_slave_1) entered disabled state [ 616.980804][T13589] [U] [ 616.982212][T13589] [U] [ 616.983472][T13589] [U] [ 616.984757][T13589] [U] [ 616.986192][T13589] [U] [ 616.987474][T13589] [U] [ 616.988767][T13589] [U] [ 616.990032][T13589] [U] [ 617.011635][ T1093] bridge_slave_0: left allmulticast mode [ 617.012521][T13589] [U] [ 617.014220][ T1093] bridge_slave_0: left promiscuous mode [ 617.015510][T13589] [U] [ 617.018138][ T1093] bridge0: port 1(bridge_slave_0) entered disabled state [ 617.019193][T13589] [U] [ 617.023597][T13589] [U] [ 617.063088][T13589] [U] [ 617.064411][T13589] [U] [ 617.065696][T13589] [U] [ 617.067025][T13589] [U] [ 617.068512][T13589] [U] [ 617.069915][T13589] [U] [ 617.071352][T13589] [U] [ 617.072780][T13589] [U] [ 617.111216][T13589] [U] [ 617.112563][T13589] [U] [ 617.113852][T13589] [U] [ 617.115129][T13589] [U] [ 617.121465][T13589] [U] [ 617.122741][T13589] [U] [ 617.123991][T13589] [U] [ 617.125246][T13589] [U] [ 617.134632][T13589] [U] [ 617.136097][T13589] [U] [ 617.137428][T13589] [U] [ 617.138736][T13589] [U] [ 617.160574][T13589] [U] [ 617.161666][T13589] [U] [ 617.162894][T13589] [U] [ 617.164175][T13589] [U] [ 617.167165][T13589] [U] [ 617.168497][T13589] [U] [ 617.169825][T13589] [U] [ 617.171082][T13589] [U] [ 617.190617][T13589] [U] [ 617.191834][T13589] [U] [ 617.192965][T13589] [U] [ 617.194232][T13589] [U] [ 617.195588][T13589] [U] [ 617.196849][T13589] [U] [ 617.198031][T13589] [U] [ 617.199219][T13589] [U] [ 617.200299][T13589] [U] [ 617.201544][T13589] [U] [ 617.202828][T13589] [U] [ 617.204164][T13589] [U] [ 617.260590][T13589] [U] [ 617.261794][T13589] [U] [ 617.263171][T13589] [U] [ 617.264346][T13589] [U] [ 617.265595][T13589] [U] [ 617.266806][T13589] [U] [ 617.267978][T13589] [U] [ 617.283828][T13588] [U] [ 617.781159][ T35] usb 7-1: new high-speed USB device number 45 using dummy_hcd [ 617.960569][ T35] usb 7-1: Using ep0 maxpacket: 16 [ 617.971736][ T35] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 617.976314][ T35] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 617.985615][ T35] usb 7-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 617.990045][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 617.997839][ T35] usb 7-1: config 0 descriptor?? [ 618.296146][ T1093] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 618.411144][ T1093] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 618.422870][ T1093] bond0 (unregistering): Released all slaves [ 618.594557][T13596] sp0: Synchronizing with TNC [ 618.711910][T13598] Falling back ldisc for ptm0. [ 618.810018][T13596] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 618.820657][ T5211] Bluetooth: hci6: command tx timeout [ 618.828376][T13596] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 618.864002][ T35] usbhid 7-1:0.0: can't add hid device: -71 [ 618.866758][ T35] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 618.882349][ T35] usb 7-1: USB disconnect, device number 45 [ 619.252629][T13618] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 619.361651][ T1093] hsr_slave_0: left promiscuous mode [ 619.364999][ T1093] hsr_slave_1: left promiscuous mode [ 619.368429][ T1093] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 619.372446][ T1093] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 619.381951][ T1093] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 619.388054][ T1093] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 619.556775][ T1093] veth1_macvtap: left promiscuous mode [ 619.559520][ T1093] veth0_macvtap: left promiscuous mode [ 619.570691][ T1093] veth1_vlan: left promiscuous mode [ 619.573271][ T1093] veth0_vlan: left promiscuous mode [ 619.809004][T13630] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 619.825388][T13630] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 620.161168][T13637] RDS: rds_bind could not find a transport for fc00::, load rds_tcp or rds_rdma? [ 620.611015][T13628] slcan: can't register candev [ 620.613527][T13628] Falling back ldisc for ptm0. [ 620.900803][ T5211] Bluetooth: hci6: command tx timeout [ 622.623563][ T1093] team0 (unregistering): Port device team_slave_1 removed [ 622.980753][ T5211] Bluetooth: hci6: command tx timeout [ 623.058178][ T1093] team0 (unregistering): Port device team_slave_0 removed [ 623.730524][T13291] usb 6-1: new high-speed USB device number 44 using dummy_hcd [ 623.983821][T13291] usb 6-1: Using ep0 maxpacket: 16 [ 624.021333][T13291] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 624.025591][T13291] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 624.040526][T13291] usb 6-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 624.050508][T13291] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 624.060343][T13291] usb 6-1: config 0 descriptor?? [ 624.089953][T13291] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 625.060530][ T5211] Bluetooth: hci6: command tx timeout [ 625.715397][T13630] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1995'. [ 625.719537][T13633] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1995'. [ 625.725024][T13635] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1995'. [ 625.800290][T13652] sp0: Synchronizing with TNC [ 625.923283][T13592] chnl_net:caif_netlink_parms(): no params data found [ 625.942954][T13660] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 626.087292][T13653] can0: slcan on ptm0. [ 626.392130][T13651] can0 (unregistered): slcan off ptm0. [ 626.396448][ T3525] usb 6-1: USB disconnect, device number 44 [ 626.524386][T13592] bridge0: port 1(bridge_slave_0) entered blocking state [ 626.528073][T13592] bridge0: port 1(bridge_slave_0) entered disabled state [ 626.554540][T13592] bridge_slave_0: entered allmulticast mode [ 626.558682][T13592] bridge_slave_0: entered promiscuous mode [ 626.567371][T13592] bridge0: port 2(bridge_slave_1) entered blocking state [ 626.570823][T13592] bridge0: port 2(bridge_slave_1) entered disabled state [ 626.574197][T13592] bridge_slave_1: entered allmulticast mode [ 626.578366][T13592] bridge_slave_1: entered promiscuous mode [ 626.789468][T13592] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 626.815078][T13592] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 626.981528][T13592] team0: Port device team_slave_0 added [ 626.987997][T13592] team0: Port device team_slave_1 added [ 627.201600][T13592] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 627.204485][T13592] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 627.237176][T13592] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 627.249042][T13592] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 627.253945][T13592] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 627.270477][T13592] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 627.277698][T13692] ntfs3: nullb0: Primary boot signature is not NTFS. [ 627.307775][T13692] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 627.553761][T13592] hsr_slave_0: entered promiscuous mode [ 627.580868][T13592] hsr_slave_1: entered promiscuous mode [ 627.650585][T13592] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 627.653948][T13592] Cannot create hsr debugfs directory [ 628.083901][T13702] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 628.170610][T13702] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 628.280503][T13702] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2007'. [ 628.291176][T13702] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2007'. [ 628.340999][T13702] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2007'. [ 628.429282][T13707] RDS: rds_bind could not find a transport for fc00::, load rds_tcp or rds_rdma? [ 628.453524][T13708] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 628.511029][ T5211] Bluetooth: hci12: Controller not accepting commands anymore: ncmd = 0 [ 628.516046][ T5211] Bluetooth: hci12: Injecting HCI hardware error event [ 628.524579][ T4638] Bluetooth: hci12: hardware error 0x00 [ 629.044397][ T55] usb 7-1: new high-speed USB device number 46 using dummy_hcd [ 629.192274][T13592] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 629.204603][T13592] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 629.228788][T13592] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 629.230487][ T55] usb 7-1: Using ep0 maxpacket: 16 [ 629.242857][ T55] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 629.249488][ T55] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 629.253329][T13592] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 629.260550][ T55] usb 7-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 629.264817][ T55] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 629.295294][ T55] usb 7-1: config 0 descriptor?? [ 629.454231][T13592] 8021q: adding VLAN 0 to HW filter on device bond0 [ 629.476130][T13592] 8021q: adding VLAN 0 to HW filter on device team0 [ 629.490836][ T5264] bridge0: port 1(bridge_slave_0) entered blocking state [ 629.494071][ T5264] bridge0: port 1(bridge_slave_0) entered forwarding state [ 629.524394][ T5264] bridge0: port 2(bridge_slave_1) entered blocking state [ 629.527427][ T5264] bridge0: port 2(bridge_slave_1) entered forwarding state [ 629.604744][T13714] sp0: Synchronizing with TNC [ 629.781673][T13724] can0: slcan on ptm0. [ 629.872537][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.875585][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.891514][T13712] can0 (unregistered): slcan off ptm0. [ 629.900683][ T55] usbhid 7-1:0.0: can't add hid device: -71 [ 629.902056][T13735] overlay: filesystem on ./bus not supported [ 629.903506][ T55] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 629.920758][ T55] usb 7-1: USB disconnect, device number 46 [ 629.977277][ T5264] usb 6-1: new high-speed USB device number 45 using dummy_hcd [ 630.097845][T13592] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 630.200943][ T5264] usb 6-1: Using ep0 maxpacket: 16 [ 630.206025][ T5264] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 630.212196][ T5264] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 630.217698][ T5264] usb 6-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 630.251902][T13592] veth0_vlan: entered promiscuous mode [ 630.254610][ T5264] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 630.264707][ T5264] usb 6-1: config 0 descriptor?? [ 630.274764][T13592] veth1_vlan: entered promiscuous mode [ 630.282058][ T5264] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 630.332043][T13592] veth0_macvtap: entered promiscuous mode [ 630.338642][T13592] veth1_macvtap: entered promiscuous mode [ 630.385990][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 630.412147][T13747] netlink: 84 bytes leftover after parsing attributes in process `syz.3.2015'. [ 630.416231][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.421428][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 630.425822][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.429873][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 630.450437][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.454511][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 630.458883][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.496608][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 630.508323][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.521704][ T5211] Bluetooth: hci12: unexpected event for opcode 0x0000 [ 630.528300][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 630.541231][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.570469][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 630.602391][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.607777][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 630.620786][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.625286][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 630.640853][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.645732][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 630.660595][ T4638] Bluetooth: hci12: Opcode 0x0c03 failed: -110 [ 630.662993][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.671035][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 630.676066][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.700444][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 630.704829][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.722584][T13592] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 630.729143][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 630.743819][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.752493][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 630.761378][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.771474][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 630.780277][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.792532][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 630.805940][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.820844][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 630.825452][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.828022][T13758] 9pnet_fd: Insufficient options for proto=fd [ 630.834279][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 630.844015][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.852999][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 630.863112][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.869848][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 630.877919][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.884693][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 630.893462][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.900542][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 630.909248][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.919295][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 630.927973][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.936938][T13592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 630.946029][T13592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 630.958710][T13592] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 630.970300][T13731] sp0: Synchronizing with TNC [ 630.991767][T13592] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 630.994844][T13592] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 630.999534][T13592] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 631.010453][T13592] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 631.208533][T13767] ecryptfs_parse_options: eCryptfs: unrecognized option [&@] [ 631.212505][T13767] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 631.218610][T13767] Error parsing options; rc = [-22] [ 631.296657][T13755] can0: slcan on ptm0. [ 631.399441][ T1093] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 631.403458][ T1093] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 631.423661][T13729] can0 (unregistered): slcan off ptm0. [ 631.450760][ T827] usb 6-1: USB disconnect, device number 45 [ 631.480807][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 631.484337][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 632.055989][T13789] netlink: 'syz.0.1987': attribute type 4 has an invalid length. [ 632.488907][T13798] FAULT_INJECTION: forcing a failure. [ 632.488907][T13798] name failslab, interval 1, probability 0, space 0, times 0 [ 632.491632][T13796] bridge_slave_1: left allmulticast mode [ 632.497214][T13796] bridge_slave_1: left promiscuous mode [ 632.500162][T13796] bridge0: port 2(bridge_slave_1) entered disabled state [ 632.508560][T13798] CPU: 1 PID: 13798 Comm: syz.3.2024 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0 [ 632.512566][T13798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 632.516664][T13798] Call Trace: [ 632.517941][T13798] [ 632.519226][T13798] dump_stack_lvl+0x16c/0x1f0 [ 632.521235][T13798] should_fail_ex+0x497/0x5b0 [ 632.523179][T13798] should_failslab+0x9/0x20 [ 632.525062][T13798] kmem_cache_alloc_node_noprof+0x71/0x310 [ 632.527480][T13798] ? alloc_vmap_area+0x636/0x2a70 [ 632.529728][T13798] alloc_vmap_area+0x636/0x2a70 [ 632.531851][T13798] ? __pfx_alloc_vmap_area+0x10/0x10 [ 632.534095][T13798] __get_vm_area_node+0x17e/0x2d0 [ 632.536168][T13798] __vmalloc_node_range_noprof+0x276/0x1520 [ 632.538439][T13798] ? bpf_check+0x1fa/0xb370 [ 632.541020][T13798] ? find_held_lock+0x2d/0x110 [ 632.543229][T13798] ? rcu_read_unlock+0x17/0x60 [ 632.545136][T13798] ? __pfx_lock_release+0x10/0x10 [ 632.547090][T13798] ? bpf_check+0x1fa/0xb370 [ 632.548878][T13798] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 632.551573][T13798] ? __kmalloc_large_node+0x127/0x1a0 [ 632.553672][T13798] ? lockdep_hardirqs_on+0x7c/0x110 [ 632.555889][T13798] ? bpf_check+0x1fa/0xb370 [ 632.557583][T13798] vzalloc_noprof+0x6b/0x90 [ 632.559214][T13798] ? bpf_check+0x1fa/0xb370 [ 632.561245][T13798] bpf_check+0x1fa/0xb370 [ 632.563213][T13798] ? __pfx___lock_acquire+0x10/0x10 [ 632.565444][T13798] ? __pfx_bpf_check+0x10/0x10 [ 632.567485][T13798] ? ktime_get_with_offset+0x13a/0x240 [ 632.569759][T13798] ? __pfx_lock_release+0x10/0x10 [ 632.571904][T13798] ? find_held_lock+0x2d/0x110 [ 632.573962][T13798] ? timekeeping_debug_get_ns+0x3e0/0x5b0 [ 632.576222][T13798] ? lockdep_hardirqs_on+0x7c/0x110 [ 632.578142][T13798] ? read_tsc+0x9/0x20 [ 632.579809][T13798] ? timekeeping_debug_get_ns+0x334/0x5b0 [ 632.582412][T13798] ? bpf_obj_name_cpy+0x156/0x1b0 [ 632.584740][T13798] bpf_prog_load+0xe3f/0x2670 [ 632.586910][T13798] ? __pfx_bpf_prog_load+0x10/0x10 [ 632.589239][T13798] ? find_held_lock+0x2d/0x110 [ 632.591346][T13798] ? security_bpf+0x8c/0xc0 [ 632.593383][T13798] __sys_bpf+0x9d2/0x5830 [ 632.595333][T13798] ? __pfx___sys_bpf+0x10/0x10 [ 632.597513][T13798] ? ksys_write+0x21c/0x260 [ 632.599474][T13798] ? __pfx_lock_release+0x10/0x10 [ 632.601761][T13798] ? __mutex_unlock_slowpath+0x164/0x650 [ 632.603752][T13798] ? fput+0x32/0x390 [ 632.605400][T13798] ? ksys_write+0x1ab/0x260 [ 632.607252][T13798] ? __pfx_ksys_write+0x10/0x10 [ 632.609381][T13798] __ia32_sys_bpf+0x76/0xe0 [ 632.611487][T13798] __do_fast_syscall_32+0x73/0x120 [ 632.613860][T13798] do_fast_syscall_32+0x32/0x80 [ 632.616098][T13798] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 632.618933][T13798] RIP: 0023:0xf7459579 [ 632.620787][T13798] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 632.629464][T13798] RSP: 002b:00000000f5d7157c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 632.633231][T13798] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000440 [ 632.636811][T13798] RDX: 0000000000000070 RSI: 0000000000000000 RDI: 0000000000000000 [ 632.640577][T13798] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 632.644227][T13798] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 632.647617][T13798] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 632.650962][T13798] [ 632.666432][T13800] 9pnet_fd: Insufficient options for proto=fd [ 632.669137][T13798] syz.3.2024: vmalloc error: size 432, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1 [ 632.676648][T13798] CPU: 0 PID: 13798 Comm: syz.3.2024 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0 [ 632.681103][T13798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 632.685753][T13798] Call Trace: [ 632.687253][T13798] [ 632.688601][T13798] dump_stack_lvl+0x16c/0x1f0 [ 632.690816][T13798] warn_alloc+0x24d/0x3a0 [ 632.692800][T13798] ? __pfx_warn_alloc+0x10/0x10 [ 632.695046][T13798] ? lockdep_hardirqs_on+0x7c/0x110 [ 632.697488][T13798] ? __get_vm_area_node+0x27d/0x2d0 [ 632.699955][T13798] ? __get_vm_area_node+0x1bc/0x2d0 [ 632.702318][T13798] __vmalloc_node_range_noprof+0xc1e/0x1520 [ 632.704997][T13798] ? find_held_lock+0x2d/0x110 [ 632.707147][T13798] ? rcu_read_unlock+0x17/0x60 [ 632.709268][T13798] ? __pfx_lock_release+0x10/0x10 [ 632.711533][T13798] ? bpf_check+0x1fa/0xb370 [ 632.713619][T13798] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 632.716420][T13798] ? __kmalloc_large_node+0x127/0x1a0 [ 632.718784][T13798] ? lockdep_hardirqs_on+0x7c/0x110 [ 632.721043][T13798] ? bpf_check+0x1fa/0xb370 [ 632.723001][T13798] vzalloc_noprof+0x6b/0x90 [ 632.724971][T13798] ? bpf_check+0x1fa/0xb370 [ 632.726924][T13798] bpf_check+0x1fa/0xb370 [ 632.728741][T13798] ? __pfx___lock_acquire+0x10/0x10 [ 632.731059][T13798] ? __pfx_bpf_check+0x10/0x10 [ 632.733266][T13798] ? ktime_get_with_offset+0x13a/0x240 [ 632.735734][T13798] ? __pfx_lock_release+0x10/0x10 [ 632.737744][T13798] ? find_held_lock+0x2d/0x110 [ 632.739585][T13798] ? timekeeping_debug_get_ns+0x3e0/0x5b0 [ 632.742154][T13798] ? lockdep_hardirqs_on+0x7c/0x110 [ 632.744416][T13798] ? read_tsc+0x9/0x20 [ 632.745790][T13798] ? timekeeping_debug_get_ns+0x334/0x5b0 [ 632.747714][T13798] ? bpf_obj_name_cpy+0x156/0x1b0 [ 632.749692][T13798] bpf_prog_load+0xe3f/0x2670 [ 632.751806][T13798] ? __pfx_bpf_prog_load+0x10/0x10 [ 632.754125][T13798] ? find_held_lock+0x2d/0x110 [ 632.756324][T13798] ? security_bpf+0x8c/0xc0 [ 632.758379][T13798] __sys_bpf+0x9d2/0x5830 [ 632.760311][T13798] ? __pfx___sys_bpf+0x10/0x10 [ 632.762470][T13798] ? ksys_write+0x21c/0x260 [ 632.764517][T13798] ? __pfx_lock_release+0x10/0x10 [ 632.766229][T13798] ? __mutex_unlock_slowpath+0x164/0x650 [ 632.768251][T13798] ? fput+0x32/0x390 [ 632.769954][T13798] ? ksys_write+0x1ab/0x260 [ 632.771932][T13798] ? __pfx_ksys_write+0x10/0x10 [ 632.774150][T13798] __ia32_sys_bpf+0x76/0xe0 [ 632.776193][T13798] __do_fast_syscall_32+0x73/0x120 [ 632.778449][T13798] do_fast_syscall_32+0x32/0x80 [ 632.780554][T13798] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 632.782643][T13798] RIP: 0023:0xf7459579 [ 632.784034][T13798] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 632.792558][T13798] RSP: 002b:00000000f5d7157c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 632.796395][T13798] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000440 [ 632.799846][T13798] RDX: 0000000000000070 RSI: 0000000000000000 RDI: 0000000000000000 [ 632.803191][T13798] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 632.806375][T13798] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 632.809817][T13798] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 632.813312][T13798] [ 632.817540][T13798] Mem-Info: [ 632.819120][T13798] active_anon:6782 inactive_anon:4290 isolated_anon:0 [ 632.819120][T13798] active_file:4894 inactive_file:8896 isolated_file:0 [ 632.819120][T13798] unevictable:768 dirty:266 writeback:0 [ 632.819120][T13798] slab_reclaimable:5338 slab_unreclaimable:82653 [ 632.819120][T13798] mapped:38047 shmem:8268 pagetables:772 [ 632.819120][T13798] sec_pagetables:335 bounce:0 [ 632.819120][T13798] kernel_misc_reclaimable:0 [ 632.819120][T13798] free:37208 free_pcp:842 free_cma:0 [ 632.850176][T13798] Node 0 active_anon:0kB inactive_anon:0kB active_file:12kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:14228kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9924kB pagetables:1648kB sec_pagetables:1268kB all_unreclaimable? no [ 632.851658][T13796] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 632.863698][T13798] Node 1 active_anon:27128kB inactive_anon:17160kB active_file:19564kB inactive_file:35584kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:137960kB dirty:1060kB writeback:0kB shmem:31536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3156kB pagetables:1440kB sec_pagetables:72kB all_unreclaimable? no [ 632.863758][T13798] Node 0 DMA free:916kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:8kB free_cma:0kB [ 632.903428][T13798] lowmem_reserve[]: 0 374 0 0 0 [ 632.923375][T13798] Node 0 DMA32 free:30764kB boost:0kB min:19048kB low:23808kB high:28568kB reserved_highatomic:6144KB active_anon:0kB inactive_anon:0kB active_file:12kB inactive_file:0kB unevictable:1536kB writepending:4kB present:1032192kB managed:410812kB mlocked:0kB bounce:0kB free_pcp:1124kB local_pcp:40kB free_cma:0kB [ 632.947359][T13798] lowmem_reserve[]: 0 0 0 0 0 [ 632.959679][T13798] Node 1 DMA32 free:117840kB boost:12288kB min:59336kB low:71096kB high:82856kB reserved_highatomic:0KB active_anon:27228kB inactive_anon:17160kB active_file:19564kB inactive_file:35584kB unevictable:1536kB writepending:1060kB present:1048436kB managed:946208kB mlocked:0kB bounce:0kB free_pcp:1568kB local_pcp:724kB free_cma:0kB [ 632.993067][T13798] lowmem_reserve[]: 0 0 0 0 0 [ 632.995966][T13798] Node 0 DMA: 7*4kB (E) 9*8kB (E) 10*16kB (UE) 18*32kB (UE) 1*64kB (E) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 900kB [ 633.004130][T13798] Node 0 DMA32: 343*4kB (UMEH) 83*8kB (UMEH) 126*16kB (UMEH) 160*32kB (UMEH) 84*64kB (UMEH) 30*128kB (UMEH) 10*256kB (UMEH) 4*512kB (UM) 4*1024kB (UMH) 1*2048kB (M) 0*4096kB = 29140kB [ 633.012996][T13798] Node 1 DMA32: 485*4kB (UME) 507*8kB (UME) 129*16kB (UME) 113*32kB (UME) 57*64kB (UME) 18*128kB (UME) 13*256kB (UME) 11*512kB (UME) 10*1024kB (UM) 8*2048kB (UM) 16*4096kB (M) = 118748kB [ 633.022995][T13798] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 633.027680][T13798] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 633.030793][T13795] delete_channel: no stack [ 633.032506][T13798] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 633.041482][T13798] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 633.046137][T13798] 22768 total pagecache pages [ 633.048354][T13798] 710 pages in swap cache [ 633.050303][T13798] Free swap = 71476kB [ 633.060272][T13798] Total swap = 124996kB [ 633.062730][T13798] 524155 pages RAM [ 633.064558][T13798] 0 pages HighMem/MovableOnly [ 633.066757][T13798] 181060 pages reserved [ 633.068679][T13798] 0 pages cma reserved [ 633.219798][T13804] binder: 13803:13804 ioctl 400454ca 0 returned -22 [ 633.582305][T13814] 9pnet_fd: Insufficient options for proto=fd [ 633.590922][T13811] overlay: filesystem on ./bus not supported [ 634.341719][T13825] fuse: Bad value for 'group_id' [ 634.363773][T13825] 9pnet_fd: Insufficient options for proto=fd [ 634.510967][T13826] netlink: 'syz.0.2032': attribute type 4 has an invalid length. [ 635.573860][T13835] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2034'. [ 636.005932][T13850] netlink: 'syz.0.2039': attribute type 4 has an invalid length. [ 636.297407][T13852] overlay: filesystem on ./bus not supported [ 636.626802][T13855] overlay: filesystem on ./bus not supported [ 636.870361][T13853] mkiss: ax0: crc mode is auto. [ 636.962718][T13863] FAULT_INJECTION: forcing a failure. [ 636.962718][T13863] name failslab, interval 1, probability 0, space 0, times 0 [ 636.969415][T13863] CPU: 3 PID: 13863 Comm: syz.3.2044 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0 [ 636.973817][T13863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 636.978455][T13863] Call Trace: [ 636.979951][T13863] [ 636.981286][T13863] dump_stack_lvl+0x116/0x1f0 [ 636.983513][T13863] should_fail_ex+0x497/0x5b0 [ 636.985866][T13863] should_failslab+0x9/0x20 [ 636.988406][T13863] __kmalloc_noprof+0xcf/0x420 [ 636.990621][T13863] virtqueue_add_split+0xb92/0x1c00 [ 636.992951][T13863] ? find_held_lock+0x2d/0x110 [ 636.995059][T13863] ? __pfx_virtqueue_add_split+0x10/0x10 [ 636.998299][T13863] ? __pfx_lock_acquire+0x10/0x10 [ 637.001050][T13863] virtqueue_add_sgs+0x166/0x190 [ 637.004432][T13863] p9_virtio_request+0x271/0x6a0 [ 637.006905][T13863] ? __pfx_p9_virtio_request+0x10/0x10 [ 637.009973][T13863] ? p9_client_prepare_req+0x111/0x4d0 [ 637.012558][T13863] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 637.014944][T13863] ? mark_lock+0xb5/0xc60 [ 637.016889][T13863] ? __pfx___lock_acquire+0x10/0x10 [ 637.019244][T13863] ? __pfx_v9fs_xattr_handler_get+0x10/0x10 [ 637.021857][T13863] p9_client_rpc+0x33d/0xc10 [ 637.024022][T13863] ? __pfx_p9_client_rpc+0x10/0x10 [ 637.026353][T13863] ? p9_fid_create+0x26a/0x470 [ 637.028585][T13863] ? __pfx_lock_release+0x10/0x10 [ 637.030963][T13863] ? __pfx_v9fs_xattr_handler_get+0x10/0x10 [ 637.033729][T13863] ? mark_held_locks+0x9f/0xe0 [ 637.035844][T13863] ? rcu_is_watching+0x12/0xc0 [ 637.037965][T13863] ? trace_9p_fid_ref+0x174/0x1f0 [ 637.040172][T13863] ? __pfx_v9fs_xattr_handler_get+0x10/0x10 [ 637.042815][T13863] p9_client_xattrwalk+0xc0/0x2b0 [ 637.045229][T13863] ? __pfx_v9fs_xattr_handler_get+0x10/0x10 [ 637.048280][T13863] v9fs_fid_xattr_get+0x108/0x320 [ 637.050781][T13863] ? __pfx_v9fs_fid_xattr_get+0x10/0x10 [ 637.053235][T13863] ? __pfx_v9fs_fid_find+0x10/0x10 [ 637.055519][T13863] ? __pfx_lock_release+0x10/0x10 [ 637.057799][T13863] ? v9fs_fid_lookup+0xe9/0xf20 [ 637.060005][T13863] v9fs_xattr_handler_get+0x6b/0x130 [ 637.062328][T13863] __vfs_getxattr+0x13b/0x1a0 [ 637.064467][T13863] ? __pfx___vfs_getxattr+0x10/0x10 [ 637.066869][T13863] cap_inode_need_killpriv+0x40/0x60 [ 637.069331][T13863] security_inode_need_killpriv+0x65/0xb0 [ 637.071806][T13863] dentry_needs_remove_privs+0xae/0x100 [ 637.074167][T13863] do_truncate+0xea/0x220 [ 637.076142][T13863] ? __pfx_do_truncate+0x10/0x10 [ 637.078488][T13863] ? common_perm_cond+0x242/0x560 [ 637.080877][T13863] do_ftruncate+0x5e5/0x720 [ 637.082910][T13863] __ia32_compat_sys_ftruncate+0xac/0x110 [ 637.085443][T13863] __do_fast_syscall_32+0x73/0x120 [ 637.087916][T13863] do_fast_syscall_32+0x32/0x80 [ 637.090287][T13863] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 637.093190][T13863] RIP: 0023:0xf7459579 [ 637.094983][T13863] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 637.104080][T13863] RSP: 002b:00000000f5d7157c EFLAGS: 00000292 ORIG_RAX: 000000000000005d [ 637.107797][T13863] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 637.111182][T13863] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 637.114575][T13863] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 637.117565][T13863] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 637.120892][T13863] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 637.124435][T13863] [ 637.243187][T13871] netlink: 'syz.0.2043': attribute type 4 has an invalid length. [ 638.881903][T13893] mkiss: ax0: crc mode is auto. [ 639.916389][T13907] overlay: filesystem on ./bus not supported [ 640.542926][T13916] snd_dummy snd_dummy.0: control 2:1025:0:syz1:4 is already present [ 640.693799][T13921] vxcan1: tx address claim with different name [ 642.167748][T13941] netfs: Couldn't get user pages (rc=-14) [ 642.220526][ T39] audit: type=1800 audit(1720355382.054:438): pid=13941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2064" name="bus" dev="9p" ino=38011000 res=0 errno=0 [ 642.312256][T13942] overlay: filesystem on ./bus not supported [ 642.934142][T13951] netlink: 'syz.1.2067': attribute type 7 has an invalid length. [ 642.937987][T13951] netlink: 'syz.1.2067': attribute type 39 has an invalid length. [ 643.022642][T13951] netlink: 'syz.1.2067': attribute type 7 has an invalid length. [ 643.025374][T13951] netlink: 'syz.1.2067': attribute type 39 has an invalid length. [ 643.041999][T13951] fuse: Bad value for 'group_id' [ 643.581571][T13960] netlink: 10 bytes leftover after parsing attributes in process `syz.0.2069'. [ 643.600473][T13960] netlink: 10 bytes leftover after parsing attributes in process `syz.0.2069'. [ 644.452128][T13971] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2072'. [ 644.770514][T13970] FAULT_INJECTION: forcing a failure. [ 644.770514][T13970] name failslab, interval 1, probability 0, space 0, times 0 [ 644.806797][T13970] CPU: 3 PID: 13970 Comm: syz.0.2073 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0 [ 644.811301][T13970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 644.816255][T13970] Call Trace: [ 644.817848][T13970] [ 644.819245][T13970] dump_stack_lvl+0x16c/0x1f0 [ 644.821379][T13970] should_fail_ex+0x497/0x5b0 [ 644.823463][T13970] should_failslab+0x9/0x20 [ 644.825478][T13970] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 644.827769][T13970] ? p9_tag_alloc+0x9c/0x870 [ 644.829765][T13970] p9_tag_alloc+0x9c/0x870 [ 644.831700][T13970] ? mark_held_locks+0x9f/0xe0 [ 644.833789][T13970] ? __pfx_p9_tag_alloc+0x10/0x10 [ 644.835946][T13970] ? lockdep_hardirqs_on+0x7c/0x110 [ 644.838213][T13970] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 644.840925][T13970] ? stack_depot_save_flags+0x31b/0x900 [ 644.843441][T13970] ? find_held_lock+0x2d/0x110 [ 644.845610][T13970] p9_client_prepare_req+0x19f/0x4d0 [ 644.847987][T13970] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 644.850576][T13970] ? do_renameat2+0x532/0xdc0 [ 644.853041][T13970] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 644.856073][T13970] p9_client_rpc+0x1c3/0xc10 [ 644.858341][T13970] ? __pfx_p9_client_rpc+0x10/0x10 [ 644.860908][T13970] p9_client_getattr_dotl+0xba/0x1e0 [ 644.863150][T13970] v9fs_fid_iget_dotl+0x1e3/0x390 [ 644.865295][T13970] v9fs_vfs_lookup+0x33f/0x550 [ 644.867308][T13970] ? __pfx_v9fs_vfs_lookup+0x10/0x10 [ 644.869545][T13970] ? do_raw_spin_unlock+0x172/0x230 [ 644.871821][T13970] ? _raw_spin_unlock+0x28/0x50 [ 644.874033][T13970] lookup_one_qstr_excl+0x11d/0x190 [ 644.876391][T13970] do_renameat2+0x532/0xdc0 [ 644.878483][T13970] ? __pfx_do_renameat2+0x10/0x10 [ 644.880792][T13970] ? __check_object_size+0x48e/0x720 [ 644.883190][T13970] ? strncpy_from_user+0x213/0x300 [ 644.885540][T13970] ? getname_flags.part.0+0x1e1/0x4f0 [ 644.887978][T13970] ? ksys_write+0x1ab/0x260 [ 644.890034][T13970] __ia32_sys_renameat2+0xeb/0x130 [ 644.892380][T13970] __do_fast_syscall_32+0x73/0x120 [ 644.894714][T13970] do_fast_syscall_32+0x32/0x80 [ 644.896946][T13970] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 644.899880][T13970] RIP: 0023:0xf73b3579 [ 644.901758][T13970] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 644.910001][T13970] RSP: 002b:00000000f5ccb57c EFLAGS: 00000292 ORIG_RAX: 0000000000000161 [ 644.913987][T13970] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000200008c0 [ 644.917555][T13970] RDX: 00000000ffffff9c RSI: 0000000020000900 RDI: 0000000000000000 [ 644.921121][T13970] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 644.924720][T13970] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 644.928238][T13970] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 644.931511][T13970] [ 645.759241][T13990] snd_dummy snd_dummy.0: control 2:1025:0:syz1:4 is already present [ 646.350524][ T56] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 646.570466][ T56] usb 5-1: Using ep0 maxpacket: 8 [ 646.578446][ T56] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 646.588131][ T56] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 646.610587][ T56] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 646.614985][ T56] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 646.620667][ T56] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 646.624680][ T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 646.641213][ T827] usb 7-1: new high-speed USB device number 47 using dummy_hcd [ 646.830932][ T827] usb 7-1: Using ep0 maxpacket: 16 [ 646.835563][ T827] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 646.840261][ T827] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 646.844665][ T827] usb 7-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 646.848560][ T827] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 646.872849][ T827] usb 7-1: config 0 descriptor?? [ 646.921226][ T56] usb 5-1: usb_control_msg returned -32 [ 646.923615][ T56] usbtmc 5-1:16.0: can't read capabilities [ 647.229506][T14003] sp0: Synchronizing with TNC [ 647.336489][T14005] Falling back ldisc for ptm0. [ 647.611960][T14003] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 647.616318][T14003] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 647.635893][ T827] hid (null): report_id 0 is invalid [ 647.649450][ T827] hid-generic 0003:0158:0100.0009: unknown main item tag 0x1 [ 647.660488][ T827] hid-generic 0003:0158:0100.0009: unexpected long global item [ 647.664646][ T827] hid-generic 0003:0158:0100.0009: probe with driver hid-generic failed with error -22 [ 647.855934][ T5264] usb 7-1: USB disconnect, device number 47 [ 649.100763][ T5264] usb 5-1: USB disconnect, device number 30 [ 650.539618][T14025] snd_dummy snd_dummy.0: control 2:1025:0:syz1:4 is already present [ 650.993017][T14029] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 652.166926][T14036] bridge: RTM_NEWNEIGH with invalid ether address [ 652.711487][T13720] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 652.900828][T13720] usb 5-1: Using ep0 maxpacket: 16 [ 652.907988][T13720] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 652.917330][T13720] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 652.930576][T13720] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 652.934375][T13720] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 652.949982][T13720] usb 5-1: config 0 descriptor?? [ 653.235013][T14041] sp0: Synchronizing with TNC [ 653.330705][T14041] Falling back ldisc for ptm0. [ 653.378921][ T4638] Bluetooth: hci6: Malformed LE Event: 0x0b [ 653.585859][T13720] hid (null): report_id 0 is invalid [ 653.609664][T13720] hid-generic 0003:0158:0100.000A: unknown main item tag 0x1 [ 653.612410][T13720] hid-generic 0003:0158:0100.000A: unexpected long global item [ 653.615423][T13720] hid-generic 0003:0158:0100.000A: probe with driver hid-generic failed with error -22 [ 653.800621][T13720] usb 5-1: USB disconnect, device number 31 [ 654.800617][T13720] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 655.010493][T13720] usb 5-1: Using ep0 maxpacket: 8 [ 655.014720][T13720] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 655.019396][T13720] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 655.028667][T13720] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 655.040448][T13720] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 655.044933][T13720] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 655.048060][T13720] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 655.355334][T13720] usb 5-1: usb_control_msg returned -32 [ 655.357831][T13720] usbtmc 5-1:16.0: can't read capabilities [ 657.220590][ T4638] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0 [ 657.223973][ T4638] Bluetooth: hci6: Injecting HCI hardware error event [ 657.229998][ T5211] Bluetooth: hci6: hardware error 0x00 [ 657.593463][T13291] usb 5-1: USB disconnect, device number 32 [ 657.778830][T14056] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2100'. [ 657.788105][T14056] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2100'. [ 658.085615][T14066] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 659.301273][ T5211] Bluetooth: hci6: Opcode 0x0c03 failed: -110 [ 659.790502][ T3525] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 659.990525][ T3525] usb 5-1: Using ep0 maxpacket: 16 [ 660.054308][ T3525] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 660.059002][ T3525] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 660.068613][ T3525] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 660.080087][ T3525] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 660.089286][ T3525] usb 5-1: config 0 descriptor?? [ 660.242321][ T4638] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 660.251020][ T4638] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 660.255278][ T4638] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 660.260995][ T4638] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 660.267703][ T4638] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 660.271109][ T4638] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 660.571974][T12991] syz_tun (unregistering): left allmulticast mode [ 660.999393][T14083] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 661.027095][T14083] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 661.134260][T14080] sp0: Synchronizing with TNC [ 661.174491][T14086] loop0: detected capacity change from 0 to 7 [ 661.192673][T14086] Dev loop0: unable to read RDB block 7 [ 661.208659][T14086] loop0: AHDI p1 p2 p4 [ 661.210752][T14086] loop0: partition table partially beyond EOD, truncated [ 661.217528][T14086] loop0: p1 start 2778944141 is beyond EOD, truncated [ 661.283650][ T83] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 661.306194][T14087] 9pnet_fd: Insufficient options for proto=fd [ 661.444321][ T83] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 661.516341][T14072] can0: slcan on ptm0. [ 661.682920][ T83] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 661.701615][T14071] can0 (unregistered): slcan off ptm0. [ 661.731806][ T3525] usbhid 5-1:0.0: can't add hid device: -71 [ 661.734583][ T3525] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 661.751608][ T3525] usb 5-1: USB disconnect, device number 33 [ 661.797407][ T83] batman_adv: batadv1: Interface deactivated: netdevsim0 [ 661.863529][ T83] batman_adv: batadv1: Removing interface: netdevsim0 SYZFAIL: can't reallocate (errno 9: Bad file descriptor) [ 661.868901][ T83] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 662.343885][ T5211] Bluetooth: hci13: command tx timeout [ 662.580936][ T83] €: left allmulticast mode [ 662.583120][ T83] €: left promiscuous mode [ 662.592353][ T83] bridge0: port 2(€) entered disabled state [ 662.822547][ T83] bridge_slave_0: left allmulticast mode [ 662.825182][ T83] bridge_slave_0: left promiscuous mode [ 662.828225][ T83] bridge0: port 1(bridge_slave_0) entered disabled state [ 663.722591][ T83] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 663.731080][ T83] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 663.738212][ T83] bond0 (unregistering): Released all slaves [ 663.890100][T10718] syz_tun (unregistering): left allmulticast mode [ 664.643999][ T83] hsr_slave_0: left promiscuous mode [ 664.648334][ T83] hsr_slave_1: left promiscuous mode [ 664.652545][ T83] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 664.655261][ T83] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 664.673694][ T83] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 664.676415][ T83] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 664.768952][ T83] veth1_macvtap: left promiscuous mode [ 664.781184][ T83] veth0_macvtap: left promiscuous mode [ 664.783663][ T83] veth1_vlan: left promiscuous mode [ 664.785640][ T83] veth0_vlan: left promiscuous mode [ 665.061088][ T83] pimreg (unregistering): left allmulticast mode [ 667.961530][ T83] team0 (unregistering): Port device team_slave_1 removed [ 668.282868][ T83] team0 (unregistering): Port device team_slave_0 removed [ 671.445579][ T83] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 671.607633][ T83] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 671.727646][ T83] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 671.833407][ T83] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 VM DIAGNOSIS: 12:30:02 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000000 RBX=1ffff92000e70f67 RCX=ffffffff816bcb0e RDX=0000000000000001 RSI=ffffffff8b2cbce0 RDI=ffffffff8b8fb620 RBP=0000000000000200 RSP=ffffc90007387af8 R8 =0000000000000000 R9 =fffffbfff283e67b R10=ffffffff941f33df R11=0000000000000001 R12=0000000000000001 R13=0000000000000000 R14=ffff88806fcf43d8 R15=0000000000000000 RIP=ffffffff8b0014f0 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ffd4f873eb8 CR3=000000006de92000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=c618cb12c618cb12 c618cb12c618cb12 c618cb12c618cb12 c618cb12c618cb12 c618cb12c618cb12 c618cb12c618cb12 c618cb12c618cb12 c618cb12c618cb12 ZMM22=fb7c5e60fb7c5e60 fb7c5e60fb7c5e60 fb7c5e60fb7c5e60 fb7c5e60fb7c5e60 fb7c5e60fb7c5e60 fb7c5e60fb7c5e60 fb7c5e60fb7c5e60 fb7c5e60fb7c5e60 ZMM23=853ff44c853ff44c 853ff44c853ff44c 853ff44c853ff44c 853ff44c853ff44c 853ff44c853ff44c 853ff44c853ff44c 853ff44c853ff44c 853ff44c853ff44c ZMM24=ea3742d0ea3742d0 ea3742d0ea3742d0 ea3742d0ea3742d0 ea3742d0ea3742d0 ea3742d0ea3742d0 ea3742d0ea3742d0 ea3742d0ea3742d0 ea3742d0ea3742d0 ZMM25=1a3490381a349038 1a3490381a349038 1a3490381a349038 1a3490381a349038 1a3490381a349038 1a3490381a349038 1a3490381a349038 1a3490381a349038 ZMM26=296917c1296917c1 296917c1296917c1 296917c1296917c1 296917c1296917c1 296917c1296917c1 296917c1296917c1 296917c1296917c1 296917c1296917c1 ZMM27=a0f04ebea0f04ebe a0f04ebea0f04ebe a0f04ebea0f04ebe a0f04ebea0f04ebe a0f04ebea0f04ebe a0f04ebea0f04ebe a0f04ebea0f04ebe a0f04ebea0f04ebe ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=110e0000110e0000 110e0000110e0000 110e0000110e0000 110e0000110e0000 110e0000110e0000 110e0000110e0000 110e0000110e0000 110e0000110e0000 info registers vcpu 1 CPU#1 RAX=ffff88802ba63800 RBX=ffff88802bb57800 RCX=1ffff110023b2b8d RDX=1ffff1100574c714 RSI=0000005c6c852e6b RDI=ffff88802ba638a0 RBP=dffffc0000000000 RSP=ffffc900044bf710 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000003 R11=0000000000000001 R12=ffff88802c03ebc0 R13=ffffed1005807d92 R14=ffff88802c03ec80 R15=ffff88802c03ec90 RIP=ffffffff81647524 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c100000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7366068 CR3=0000000076f94000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000020400 Opmask01=0000000001008000 Opmask02=0000000000010000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe5ce555b0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656565656565 6565656565656565 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f6e3a6d5e007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4b1f485e005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3020636c65642000 0a32206570206720 000a20202d202038 30362074203a2920 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffffffff8ffaa75c RCX=ffffffff813c7b34 RDX=ffffffff81e2ded8 RSI=ffffffff81e2e107 RDI=ffffffff81e2e107 RBP=ffffffff8ffaa75c RSP=ffffc90003397268 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=ffffffff81e2e107 R13=ffffffff81e2ded8 R14=dffffc0000000000 R15=ffffffff8ffaa75c RIP=ffffffff818e890e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f1646988d00 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055feda252000 CR3=0000000025992000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=c618cb12c618cb12 c618cb12c618cb12 c618cb12c618cb12 c618cb12c618cb12 c618cb12c618cb12 c618cb12c618cb12 c618cb12c618cb12 c618cb12c618cb12 ZMM22=fb7c5e60fb7c5e60 fb7c5e60fb7c5e60 fb7c5e60fb7c5e60 fb7c5e60fb7c5e60 fb7c5e60fb7c5e60 fb7c5e60fb7c5e60 fb7c5e60fb7c5e60 fb7c5e60fb7c5e60 ZMM23=853ff44c853ff44c 853ff44c853ff44c 853ff44c853ff44c 853ff44c853ff44c 853ff44c853ff44c 853ff44c853ff44c 853ff44c853ff44c 853ff44c853ff44c ZMM24=ea3742d0ea3742d0 ea3742d0ea3742d0 ea3742d0ea3742d0 ea3742d0ea3742d0 ea3742d0ea3742d0 ea3742d0ea3742d0 ea3742d0ea3742d0 ea3742d0ea3742d0 ZMM25=1a3490381a349038 1a3490381a349038 1a3490381a349038 1a3490381a349038 1a3490381a349038 1a3490381a349038 1a3490381a349038 1a3490381a349038 ZMM26=296917c1296917c1 296917c1296917c1 296917c1296917c1 296917c1296917c1 296917c1296917c1 296917c1296917c1 296917c1296917c1 296917c1296917c1 ZMM27=a0f04ebea0f04ebe a0f04ebea0f04ebe a0f04ebea0f04ebe a0f04ebea0f04ebe a0f04ebea0f04ebe a0f04ebea0f04ebe a0f04ebea0f04ebe a0f04ebea0f04ebe ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=110e0000110e0000 110e0000110e0000 110e0000110e0000 110e0000110e0000 110e0000110e0000 110e0000110e0000 110e0000110e0000 110e0000110e0000 info registers vcpu 3 CPU#3 RAX=0000000000000200 RBX=1ffff9200077df67 RCX=0000000000000000 RDX=0000000000000000 RSI=ffffffff8b2cbca0 RDI=ffff8880284023d8 RBP=0000000000000200 RSP=ffffc90003befb08 R8 =0000000000000001 R9 =0000000000000000 R10=ffffffff8fe29557 R11=0000000000000000 R12=0000000000000001 R13=0000000000000000 R14=ffff8880284023d8 R15=0000000000000000 RIP=ffffffff816cbfb2 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c300000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f5d0dd40 CR3=000000000d7c0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 00c800a400000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000100000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000