last executing test programs: 4m43.515137694s ago: executing program 0 (id=435): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0x2}], 0x1, &(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac1414000000000014000000000000ffff000000070000"], 0x38}, 0x0) 4m43.514915097s ago: executing program 0 (id=436): syz_emit_ethernet(0x2a, &(0x7f0000000040)={@link_local, @random="0000fc00", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x60, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x16, 0x7c, 0x0, @dev={0xac, 0x14, 0x14, 0x70}}}}}}, 0x0) 4m43.435138538s ago: executing program 0 (id=437): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x20, r1, 0x30d, 0x0, 0x0, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20048005}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000780)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x1, 0x32}, 0x9c) bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r3, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000240)={'ip6tnl0\x00', &(0x7f00000003c0)={'ip6gre0\x00', 0x0, 0x4, 0x2, 0x3, 0x7, 0x3c, @mcast1, @empty, 0x8000, 0x1, 0x7, 0x401}}) sendmmsg$inet6(r3, &(0x7f00000040c0)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000340)="6d4627af2a4d39c99966dc781f3e925e3cdfd03f6ab067f81daaff3e577f3cbc6c7198f3a0be43b7c8ddde7e4b0cc7242cb343f0b39d45aec6142c7fb5a7b76b012467fced361608fd07039b722a5dccd8ac9fe45716", 0x56}, {&(0x7f00000000c0)="f742fbfcb378fa10", 0x8}], 0x2, &(0x7f0000000840)=ANY=[@ANYBLOB="00000000000000002900f4ff3200000000000000000000000000000000000001", @ANYRES32=r4, @ANYBLOB="00000000000000000000000029000000360000008900000000000000010000000000000000000000000000000000000000000000290000000b0000000000000300000000000000000000000029000000390000002e00000900000000ff020000000000000000000000000001000000000000000029000000370000003a000000000000000001000f0071c6e7f87f67613741dcd0473d7acfb469819eda96891b4ca75aa729601e8104a5c2e3479c18e4c14f0b7bd6fbc0a2aa6d02ef1344840d18752f738d4878c8db79306c30c37d044badd268cb3dafbd12bfc0bc74c825e93751a1fc1ca565d3f46c7e20a31507364273f30e5ab8bb3f4a6a29bd82b6ed1100e31f61336ba7ee7dc0407ac6d0135affbc73192d263af7ae96e56ce697076a913540a5586b4443e55213ea519cf556b2af194c62a07da3be1fcdc1e932ac1b108aa1d8bb9e737a773489a39c1902e9280e458c6610caed84f56550e8993af212c4068ca3475f1f183c08d36a1cbfad3310ef2a79d877736add3ec3b087707a8f5e000000000000000000002900000008000000aa00000000000000"]}}, {{&(0x7f00000002c0)={0xa, 0x4e22, 0x8000, @remote, 0x7}, 0x1c, 0x0, 0x0, &(0x7f0000006740)=[@dstopts_2292={{0x58, 0x29, 0x4, {0x3a, 0x7, '\x00', [@enc_lim={0x4, 0x1, 0x7}, @jumbo={0xc2, 0x4, 0x6}, @calipso={0x7, 0x30, {0x0, 0xa, 0x6, 0x1400, [0x4, 0x8, 0x4, 0x4, 0x1]}}]}}}, @dstopts_2292={{0x28, 0x29, 0x4, {0x3c, 0x1, '\x00', [@jumbo={0xc2, 0x4, 0xdb0}, @padn={0x1, 0x1, [0x0]}]}}}, @tclass={{0x14, 0x29, 0x43, 0x2b82}}, @rthdr_2292={{0xa8, 0x29, 0x39, {0x3a, 0x12, 0x2, 0x40, 0x0, [@private1, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, @rand_addr=' \x01\x00', @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @remote, @empty]}}}, @rthdrdstopts={{0xd0, 0x29, 0x37, {0x87, 0x16, '\x00', [@ra={0x5, 0x2, 0x7}, @jumbo={0xc2, 0x4, 0xb1f5}, @hao={0xc9, 0x10, @private1}, @enc_lim={0x4, 0x1, 0x8}, @jumbo, @generic={0x8, 0x8c, "c92d16cfca5667c08b2c5d5ddc14e8ea78d92396657ac58bc3672cfb50845c343cffe4c37f34e67f399d881301e1a05284dfe36d397e6e3ce2ae5427a48c183d90ec76346a115be9764bdcb89ad6951a79edc71c262c66b4a88e534960afce02df3b1d5405ee1154953546d63955a070898ee084d8a36be2f0390dc67f0da728588854dbbb2afd6298a9c045"}]}}}, @dstopts_2292={{0x20, 0x29, 0x4, {0xc, 0x0, '\x00', [@ra={0x5, 0x2, 0x6e5}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x10}}, @hopopts={{0xfe8, 0x29, 0x36, {0xff, 0x1f9, '\x00', [@pad1, @calipso={0x7, 0x20, {0x2, 0x6, 0xee, 0x8, [0x6, 0x79, 0x9]}}, @generic={0x80, 0xfa0, "cebfcd12fcb0bb45417813883eb672cd4cf6f9da6c78ac8db15e3e066ff676087a1111b0988b65171e724452e06567f4a38fc69400400ca6e498706bd8a680b15b226bba6756f85b40fea53de44f887dd3527ed8a145db6f19cdd074a7a16e09d2745d304d7d372e0fa9c9077dceaa4bd186ddecce0bbb0344f082bd275c5e5d7b7847174d8bf0acd60efb48d24a5248e63b3351406fb5b274b57a562e68911985c764bb974bb1028c37a9f151d4dcaead0774e9c936377448aba991c6216f51608f21e7cf56cba6dfa91c00122aea31db4d1f745581d37ff0728f5b98c0372b3d34f0334be5db55cf6003bdeacabd987cfce7d519a3a4517c6b9423ce7e37ded1ca6e628960577035238a09b7a42139af06dab848e5cb4e4bdb4270bf07904084e3239d7ba7244ef9fe5fbc77d4794196397fb758cafcb9ca1537b88da15525075de0dda518bfc1dc7e22be29f796c2af77818bdd582f759ce467f3e428410e8a2e5c9f03949902600781fd87617cb4f186c67ee82c9238e610e177c47ae1a162cb46894910b9268f0e1e998df2b2c61d06a4a4742a9fd8964ee81edf38c518d3aaa25f4d90f412e6b0b55e1aad9d7799bf65edce982c515411168d5e8b534beb8fb5c9106dc34fb1d8971fc53033ca3ad7dafe9f692c60c05997e31d395651e583db72beb631a281cfaeadaf9eae4980d269370a853b7bc558efe442c26d297a6c36f49b98b04c79d5f4e9fe8aa8354069732fa87d268edaa5cdd22553232b9480dd403915a4da4395ce8f22e829ddf20834e86d23fa4bb4c211123bc17e4cf2854dd79eb20c9b24223650da96a907f253c5841e34248705c3bd13bd64d565817c8a7e3c989e70edb06ca5a957f58d058308c917b0224b609f0df1f3fd6af6c602365f094d43b1ab2a62c1dd2b6e8531285f46ca55b69ebf0079f63f0da30ee888c10cfb6d85e0d63c8bcc6d67b5996b528243a529000ddfb6255dff88b66fecf7efb36a06c73cfb1e18935c08d724d1c87c83d4cc7108403495bf7c238dae4282ee28898f15026fbba1692e70813d8c18d51be27369a558fc26dc1540b83410e48e0083bb87c7b26e4940b81e711a30ef56ff2ad20df8f72266ba0a6edc09c56251428573240637f6a6dffc0f84ff79b3f433c20d94954cd3f1674f5a136612e33c7fce4978c9acb880fbddf859fa48da5a677a42038907b94505ce12747ad160b64ee575a559ab90cc74b8df9d846b5b34d36408e6e94c2f202cad3a987a70282083713cfe1b49bf5b85c66c3e002f46ba8f2905070ec7e2e3f062325176e21105045f8917931ce2bea2eed6d052866a149e652ae222c43d2f70f4ae7640c7c7f186d83e2b611461b4acbe7c3da7f5b375d7dffc3ead4cdd95dc0d3daa39ef1752c5938ef300165ecd22b12fe9abb5e72763522968ac5157da80a2f48855e82e7823acd6864f550d5a4089b3b852f375d15c99b00ddcd9c9fca8cb0c695caae6b8666dee22bfd08e412bea3d3817e19f61f1abb2d4e55fcedac418536169825426b2e9f3b01664fa80a005fea394397c1b46040ac43d229b9cc2bd4b21d4677fcef6002b8e7d5ffba244907748b5e445905fcc0b037ffe7862f2c7db0b3204489c6ee809e22a7e1bbf4314d6188a82a5118ea76b88b3de5ad2974644b831867d1d584236a12b30fd33be870c3943caa796243983111d57d9f57c06c33c51cf11e95137039bcfd231e3d8c7ea3c7bc3d0910936fa898b002253a7aa287204aa2c127e2422aee9d8af9e72087cc3db614e5e1c1b4a2cb2008f550d30543dd23377f422d0d7093ee8dc2347e8588df4a76b721e4cade366067a6a5ac93f22a549e3283c6261ec08faf15d58b0a3303a24266a8d33def662f3654dbe4f78ec7b99cfc8eb81c1b543a0013809349a90ed8158700826529809128ad696e1be33b478c77d9e028cd277ac6cdc55e02e6652c4bd7ef9c80d23869fc5b5acb26c810d18358716d3f0113b76a5575f024bda84e5f97c5e7c7c9e2ffd70820f9d283c2a6dbf25dfd72034346b5e55b090a03f010be1e5989b45c0a8e4760302d0fc860aa480f67b99dfdcbcae234ead5ca448a7ad04e44d591eece7fff35d90136064aca4e45402463416d34b5ca71914e929a24a65bb3c842b3175ccbca001a45af2a5ed6753bea533de4994bf3243e400a7c43d4816594cb3face7c174d18f65e9855bc99f14b5c770ef7c8ba2729d606e71759beba0838a10e39e68fce6b965bdc205277ecfe1b26df0dc1c088ffed3923a163c0331a15e96d069b7a82dbfdbdef781cfa7c1cdeada2ed166dca5f499a10272a4a24164e0f68ab40a814a8614a8b10397c24ebe7eaccf314e1f1a0eaeb8362ad7a2633c8a7d5710a506970b263b45dd90cab65512d9302297e11880e41bc75a6880529ea9c5e56d0072013fbb174a680dad7e5c32ac320a387bb937919b26b5035e0c3869d5edb341016158968d74cf04973cc563c486b02bf3772662beae751b673fc6dcee7f42d1ef3ed5ecd1aaf2067befd7325576172ff7a270ddd9ebc4d838b8d41b65035238a3c3907205177d527994d5ce883cdff5ff0140233da5b264da32745e6030e191b62d152490a92436c3ddf2be68be7e98402d7e759363d6fb193074847d8e09d16cdb9532b0c571957e203f21f2756e3bec26a338bb197e38f18c8c9c113a96881c7939f6b40590a528686773b18639c9e00c54b9185b037a30957cade4dbf59629f4118d6661d327565a8f47eeb7672435a9e0a425136b64914d2b8e936a58d0014f24641f5353c232707b6bc130ac2ac5c014261043864ffd39ff2e7b062e559336d00fb26caa1d74bb3b398d8d4818b70186163edbc456ca7ef49f46b45db85cfd49aa35558a676964a1ca202535383ce838d9dce269005005a4334ce3cd876014b2394e8433d44fe246c1e73fe59713898de4fc8fe7bba74f26b48cf82c05df0037466df7e407a50e95c5cba4e6bc13476ba7bec54f7ffa9c20a5c5b57a38986a631daff23a5c26f393a27906d9fcf5ab1b9fbef4aa02fb02fb7eceda46e30d6b9c9cbe16e30d4da7540d7b9db6490ab9e9a86839918c45bbf288674fef26b09972027b2d82724a1247ea9eb0e7fe2618c7b3c78cadd668f7b91628586f1f51e575bfabb6e303266f27f5ad74d1358605e8d57681f7f613a76171e6853b3d754be4ccd723db588eaba8abedbc544d7f91d59845ed345c80b145a8909e325eafc227b15c0c6c8f1d2f81ddcf794c3ec0ddd165618fce1aba080e67af8d35a7397ca3502444f0067eac484065471c393097b64d50038781d0785c2caf9a70f6f86c100b59bb848ee87cb2eb4b3d242f7cf562e5f4d3135b377bdb74451e86d5eae9243d52b0cbcb6fc1ce862bece571db09484d0964da63050b1f08b5cb3f8db0961d20b72c571397d0d173ab9ed045e45d8eca32707bbd4fc205c43e6d3f7c662fee7a518c60555a386a6b36e5d83f542f0f05665218abb2bea6c578988254d9bb5b787949121bf69819ab9b86845b45f51e30d919ffd49fb2fb493033fcfdbecffc9ceb0737205e8b2b1308104f1b49ca04fd17eaae1bfe0b598d77d3427e31812f4c0a19149ab70009246007c267f880765cc4c760fddc38ae254828494d8df541f0b8c551f08b3573dfa85bb7fb775da2c3a3ba84ed307ddab35683acaf6010a778aa0a110c3d0bb1d9a9f7a337f87e725ed72e125efded0c09af98e5711cc6af984b7f4a8cbfe935fba97a46c3be23c2f12fcbc12bd103f51b69e96445968d4296d13d391a555bccf638ab5253174e7b19a0aed7fe62ce855e7bc7a4af462ba3fcc2267820bbd587c169251942b3d1c7ad3f910c5af17aee2010b11e70a9b73cbef7a0be4faf46611fdc4285880ff55b0a7d234c0d2ef216e875d27991b6e291dc47bc274d8be3b076e6f68d07b7986864d68c937cdc41039262f7470fb4bbdc802aaa5ce82e35e5e84e6fd178970934e6c8a7ef7d826016217ccf27145d7e401203a7da875d043e4b9a195ddf4366cab872a0bb65a7ecb76a54d3992d475c2a89f78f030398e929b86faad11c4145a8ed55ee5691cd82b44277ec4652fa202fde5b43bd2f7e8fbadb82ebd7a65eee2c11280999f494be50e588ef2180306183e7462fc24fd819546a62761294ed5cda929a68cf1982a1787c90b9a25abf2749c4d5352dc06b25b9d09b9ff721a4b911a8dfe571bf9c9759dcefeffb043bd81f2a5e0b6c7c2cbff10a0d0622f979e2044613c213b34abe5f26eb1bd0461e2d160236c436d3ddf065b27746185dff45acd44cb369771f81b7fee42662e3279612b9f146e1edb536bc4a784b269b2ec3c142e243460fa6d50b5e70c0c4bb23e281be3fdab3e615ac0ba1b8012a6d196baf193c038c6a3a584d6e8f97170c9f4003b5cfb9d119e0c30fbf8aa3fee2f74c594264959af11ee276919bb22902ad6091a2f66a891da1c6a7145a4a444ee3707cf495cc3189682cb4f303dc3965ab90dee4d68a0a253a088df93140daa8ede32527a1cb1d02bda2ccaafe0f2582b594c584acbb750c15348b226433e19ac9318620f2e7842bad773f5979810103e854416d281a723198d293034726a3b927fed94ee61f273d8021db5ae3715bb986bc78e5835cec691f17b487c24d6ee7848936b6b10ec2a9a2635ed18a1bf56e8993427efac4e4254c975311240d7916c4ff33525b0d91d368a366ccfb96bbd0526b72c8e39082e55617e4d7a10658c4b08efcfed17be7e2d82c84718421a2d14fab47e6c56341085dfadf34650c9ecea507a4da325336ad6af45562a6c1a3a3aec3cc83ecb18dc936f4dab5017d2ab01be2575a4ae5e80b7db7f823e3716e91bd238270ac60539e8d96784f1c61ab8ccc7659519581ffa211f172d2dcda6e11f5086d1ca6b4deb5ebd76b3c55cf2b66d85e722b73034d328ed987030eba96ebcaf91fd164a01702bb6842b24551375ff214657966b21f06efe9b82be268b6e41aabe62f6eb85eff56e48c3dd106164916515f134e42666f0a8784453164982e1ede5e0bebeedf3dcf5c43ea71713daa17ab3c12547c7470cca66433011f01b4fee419915dc779ce9369ad73d32e9035b266a1869b0753dda3a53ecfe3714c66f1c68123c3184fc5d34ddf0bc7ac8f9226fc8f84aa3eda508a05e9b36ac7ffc664b7b196111440ebe4173ecdaddd6cc2776006aec732c1249e32434b85c6385ea29d9087250edbfdb77969b0350dee780d5c4cbe7428da9df6db04f7e6337e3accd02c290b66abd07511a0fd76cbbd656e5e4ac1b241a5eda85278f6ee7ed1c8d76a017895fc10ff0935fde14d52f97a5c37fdb5ada6297f2f606b568e7eb6d2f0d1093bf370d7591f7de2e96ccd0194c74fd387ea8bbb1ca2238f7a4cf688cbdddbe60bceb34e8ba395a9f889230f616f950f40f3700a8ca4feb5bd6b728525fe6908543cd6ae1d435fb9bb59a4c839a3d8230fa0850509e06ec490e53ee816f23b4c24e3776062f5583cf10d5268d0f0288d423285c1f229222f5917cd0b1925697b7a498e6426f7ed171db0d3eec4b5981a1c93b2e7a98f5ae43a6469bdcf2dea28fa3f5a18273c7319e451de9ae8dd9f9c71f30ce1b41a3bfaedd1d7ef3e2345431221c52"}, @pad1, @enc_lim={0x4, 0x1, 0x2}]}}}], 0x1230}}, {{&(0x7f00000005c0)={0xa, 0x4e21, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1a12aece}, 0x1c, &(0x7f0000004000)=[{&(0x7f0000000740)="74a53d27f065bdd9e070b7bac241098e2e599f791b80f846bee6cac95a6fb87fe78515e8a6749e", 0x27}, {&(0x7f0000003d80)="99d7e55a57077bf5e34792101c3914e7d1c90ca557712b4618bdff6ce0f20cd6c10282cc288eda8df2967e41d718b133ccec758f49f7025df70b3f19327cbcc7b430d659e358cbf6ec35f9a42c2c4f1e937c28a616a163aa2d9fd50fc25bb3e72897a32044b66daf417cb72cd2df81e039822352bece6bc3fd9a95a5474992f25ce9d40ac67d18b4bb5e96b3a6bbf0810a19eef41340202ea9d3cb2f09f3b821a9fa5ab2664d85", 0xa7}, {&(0x7f0000003e40)="e0569c3880afb8fd78b71304d64d7f62ebbe296d9f97cf44e540b2134cb2bd89d45200aff03431be60b9c9a5af", 0x2d}, {&(0x7f0000003e80)="04e3f79b565d348439fd5efeda4fd0be9e4e86925a55032b921e22d632c268f6de6e99c3fb755da5e5d1d4db5d58a00947226916506d00cbe9f27f93b9e6890042a78134f7b657bccb5b8a6a4db5280871779dcf4fc3cc5dbded9fcf91761e9d7dda3f6311", 0x65}, {&(0x7f0000003f00)="1f4543b61f61d14096c505fce7f35b53ca0f5e56c34fbe721325f8f958a9f7fa62d137bb5131da845804a5e20d8f10ee510ab7e6a76bd53024dfc8be2fb1ad0e52a18f3727bb10c390a107beb85357117cdb8f64cee75eb030e8376de7f5757560cbef1e42928019184a42aad39974a0dd40f701970a8528f534ef1facd6978470f896ec6df795d00f7785782e8dc538f88371b3cbeb1e06d247e9200434839aad24b156ec19f49f5c806698538bf3d7ae26dc902d6f", 0xb6}, {&(0x7f0000004740)="9a8b3583c32849f336eab5f0a1033ef4310520990d1b5d1a76c3933832ab4a95d1546902f515f832290227bf1836040ff291af5c6c5c94e3bcc048432d25e0c233b8a65e7e1d6cd6d96d9815505de967d749f7e3f83d309fc6bae11dce096b177c1f5d0362e83e9b5c207b8fd8368f3c20ca506a83ef0fb7623d18ae5e079b87dbd0cd70e71d0285d04c8fff589fa11c996f12b6310ea41a92bac2b4e482c5f367fbea1783494447757fbc911e06f22c598e4e0e4ba0a21435dbb179f57aa8b0bc6a86614149b51c946ccae119ebbeaa1987adee1899951e069ddd35ffe9f1bae4814bf6474181978e36176ebc6d291fc13cfc6025622d6d7954bb49a43a9d99b732cce5d9c24b0a8e7c79c9ad1eb0f241519f3a5a11a8abdff413238f38d282d972b833e6c0d8e7eec9c3432866dd08f68b1d0fb21a974a74caaac1e37d3ae8078ee70d90f0969241bb9b9814ebc42e49c613fc61a9af8bf9af9f5b7d473b58019a456d409d230173a1173abed7508e80926fca042ed2301befd96118d87937be55c207c13fba6b42cc8bcdd666791324ab20913d45daf0249fde061df61c7b5bfd80cad1e72eea5d48d9248624188af963e2de72d71353a6cb430c509019182552e6f7064503744cf02ce3537ad3ad559e7716712f9ac0d47b1435b6490f9e73d8b65e9b26eb37ae3ec59846c37a92c1a3399f4d58bd5c26f305ffcd6c9d11572e23f2d59ac3f95d97964dcabe53e7db6206665a799f8b028f14834ed614e4e161fe75d2de82a141cb610bb960484a0851a145f91eb95c58a295af622e3925f1169051934dc8bcfccab7c3b582d9ba4e9fe17300679ebc6ed2e80a900ab55eba7f4ad725aa9ce575aea0415ebc3b6d5d213353899db89ac407d949e5086d22e2ea9465e0fc61fb3342aff1971de86bc86db22e635623772c8a10b8f3b629adccca099eafaa1cb35ebcb42e63075ef3c553e078080186f4a43e65a82ef13b95a9566745c6b1737074215b1c42e0cd3ae275bc6ae615fd66b2649e8aebef01ae7d230f5f3374b46b0d637a6dd45765a80d858ee76c40407df270f2a91a0bb6e18eacbabde9919f33dce2842305c099f6a0a53d6e9378aef8d40f118bc8726f0f5162c347af0f9534f8cc702d6e0d812d6b8f50160e67fd883e1f0061f5aa1a2dcb5448e8877ab548927011521c8b4efa61ee77b5b4c1ba4110b7145bfe531c91ed1a85ba354c722c39e79b962941fdf7b05ab9a4e8cd557cda89d2307a303f15e0155519136185a663884a02b0c31163ae00fa477f7847d6c5dd04936fd205f0f9b07b421efae96532c82224a4b7e57373dfc66a485e351563fe1732759f5f5f8d0ac120162b03fa96bb7824807f80bc2718216b7498e28e604e8373f5bc178b90a57c7eaaa1813f323d3275f1640325599eb54da40e64d90aeb6a9863f1d3c1a68e505fcf9a2a9ec5cc9578cd3396b044708a2d94fce546ff20eed5b31fd8be48879c43b496edfae901f265059b20c4aec97934774ad069b00d0226767dacf40522edec3cfa9fabc604b747246f3ddbd005f3954145d7dc3b976fdebfb99da52985e04d4f77bb18d9a705de19513af8f4f481df34d4d775bb4d6bea6c3d26df58aecf8b826a6e97473c948b90c37b4767815a4e38cdbddd49f937ac30eae8027a3e518e94483443a07ca1b916488d5490db237baabdb657371bd3b32f5916a0f2beb6eb14e444aac3044075eeb10dbc81c05d4abecec5c70170055e2ceda162a6bc7d0168d59315d00f401a91de27e0f942d3e0d5cd19adca43f6252b1a12cff0633c64f7c0c1c395be1acda0c1e4981586065860558fcfdd2b74c36a08c83f06abb650de086d5a675a3c31b5815abb3405f28359b1fc9f5e888bdd55064a9de8be28aca92bb5ddcd2b7ad77edc26ba7a93095a2c7d78911cb8add152db50cb878ac2dc27e079b3bfc0ba749f58af3d4a66f473c5fd708f27ea32cd5188618c5ab73b31efc908d0412c7ad9f8ee6a926ea8c5def37ff2adb6489d8936abf0469baf6ae2c9ee15504d5a4b53387ee449f0f2f3064f4f8945fab4d89f0d32da7b6f159658c71deaf03fd3b2fcf52c51c7faac629fb96a611e339634baa62dc6edd1d6da71ac437529504c72b6223d514f62a103fd7aafab59f3d4a3afed96ce21907485f2dabe324c75ed679adc118e86afb6cd84c32cd525c1adf18f6dff2171a2d6a71d836350268a564ff442eac4ef5828172ae9c096cda8eace32edcd0cea60b0849c24daf12fdd90fd7c42582ca43c9e0bcdba0d04c0c937c3dec8519dcc48cbf2d8f5571b3e5db1317a05e88b953c11b757d90d2778d4ad956e947716f8c5e7a9a80ab3f759911a4f3868714d1055d3ecb37bbf33b8dd4452f156a5e370b45c9501d9922bb9b16e8fc2f87487c04b8f45ab28a0ca51e8bd390a0dd5240dcfd13f427e0a6762ec0093f2f1472ace6ff0f4ca2d9f92a63daabe1f3a1b0ba976ca38e5092802a85bc722c57d21752d6f2c24123e6a21bf2287f9a3a00b40cb8db42f9745aff34cd6948eb9f87aea5efdb4f030b091166a6748a197f4f2b1814465a2e26907d699290123df407abba331ff2165ec492b519690b47ce1e34d6bacd52980ff7dd666dde8055f1015ad052c3491596a3e88bc72d3b6299754281c077802028d7cd09a7ee30563a0ace9b3524e24532e8426f86ad1749b83cd289241f262965f46678fd211df4befee324afeb76a025a075256e11cf8a43eb20f36ce7e8095de319c00e3581cd0cd7d5f5d03beb6c17e522447725f3fe19d49400e4b0e6c6c8ca1548911a332d863bd136e74c344053fee9a8f4d1fcde47b52d38486ab21e3943670d4d2b884b60da5ae7a523ba82c65fcd6b9f0f85159716d6811dcd90fee0053bb6f196edb3121855531bd80bb7ee7cff4ee00af339bebd2f55973930db84d9a81563d1a4596c345baab2da6045c4cca260a305ebcca0d07688d790c71cea962727b9e0946d7ba3233b00cb0d3a430abd6c93b8098f3f5de363e7ab1266c189d8afda9da6e923a25dad7d3d4fdc62e63a292486f727263c11e8c89fa6ca8b77eaab14ebac5b78647bd80ba591c4b56f514107aa043cd19fcd893fb82548fdd4c3630e7df993afd6b574bd4d94c3ba3e3f16637a736e5226b49a729f696ac199a9181f8a3d944ca28df7d200265457ab3192837a712c65079b6d8561d6c4fb837482baa9c573556c9622958725e9da3c7ee4e1825aadb5bf01562d6e73c82bf90b688277fba4acef82eb3a02285378ecba4a32c5279e90745922403fdc33a894e32e1ee94a124e315a1654a685e3a57e040bf01fb3980b2cfef3075668c0e844f7381d1522339ec8234d8ba9e1eaf38ca21950397ace7e2fbfec1643b48185323f7ad5eca39906de03d34f26ae2d7fd2f07f1464a726285eba61f3c76b667cd05fccc946c4fb3ed1f65508cab5f58f1e2d041420336a79ad3b36956e4d91cc82d5cf1f97fff53e2c60205c78cdcbecd6508a9039d08308f25875ec4d7dbdab7747e70493c0bd6910b1e9cf64d4ac5313f93fb526d3f5c12f2bb216f8298c48ce242ec3917f301b483c4b490c120c7560b8d2a48a24196e8650030a8d8083dce40c7d2a635f67858bb4e19208da9bbd4e3d728e7676158940e0779c10c8f11d8e255b6465e2bdca61ab407e74702022823de7f01bb781d77b79a27106b4cf270c8b4127885b247256049426b1e92f10b5a08637a23ab94a7549311b2c98c1f03f3393a03dfc9ce6c372dbc4220ba2fe74711f85d91662463633ab1c7ff232f717f85450c8ce135a83f97d4c641d20332f30f2c2a50365dba56acde5cfd7909ba635e6e4b89dbf1dace84c01a29880ac79ff698719272f53219057cb7eef8f55c5763b284723042566afc5b33c19d0a3d5a06c7e0bcaf6f98b097a89662f50144dbf1e1b51824c6a4cf73757a8cceefbaa0f3bc8d7de40cfe8d16c037e450fd138d3b7409e1dd3e0240b0d50af513ab21c0a6fe7add1a18e3a2627710b739c2556564d0ccc0ac2b81738c277c275209c5f20b8c5e58247b565cf30b255496bb39714f881c58f1cfe7dae0f29a6e08efb95f16cd3722610e373bc3202aa7a15181c1e230e3356d7a8dd608343337001beba897658d7dc8d013ff5b30ba055a437e1929ff8cffb6493a05c9841a263a7b10b13f8640450d9305986f0d3a52505653a575e17f4e8a23e0ef2e667d7badb2d3dbf86206f770bdecd88fe8fc6241db2dbe4d5462ab22e0d6704df8e799c5f6246349a9fcf6d5b52efc8939d1ea296b103a269a33306f9c8efd002353f6bbe6e4151d33e5ecbfbf995839c95a54a8961c1791ec3c8dd1c7d30092de4d13a31e621c373f1211126c64899e74ade6cfcb1fa030ef3b86b4ab24023e59c55a7d6a02e961b73e0b1dbe1e3c95fbaa15ecdeec07df45a4515ad9fe1b1183cc451bedc6c79b972a5defda34e70b89cba2acd72f8032bd022e9ab9c98654e4aed463753459eaca97448d01889450c940c349d9fe405fdec4b8596febc8064378bc0783665c992bbb051c2d00d52dd9ef6618aa43c4c4b70cf38d32f44fdada2ccc435bb15c09f0042be332777301e1300a9bb1a60d16fc41cfc5dcf41995d109b69129233fb6aae6c9d08644102115f80ac83776aaa95636de2c7df5c6d04f7ba3ee5b5f206750eb6a8d2af33bdc5d21cdff754a428468bcc0dd998e1d1853f2e25e703613b0037eaf8304e1d87d49cc46090076c5cebbb1425468d760e5d1364af10d25256711abeaf54d5cbbabd5bcba5bc146f4cb16cf62d1c28e91b210887905a67fdfc46cc2895e596615db48681d432e7a013ba579079cf11ae5bc157ede4ecd97d57fac9a1c467e5b2cfd649be896b9db9829b68b43700e7514bcccf193cc0ecb09cdbd37e834b0ccdfd32b970e7741f4b6e4b583acd40307e1c7c748f856d20a5991fcd96d01c46eb76f0482cd1dc41d948ced2572a5700880a83518302586593d73a3790aa0d9db504950d663fa0f434d3f43a99d120a8b0d943b3c3285d8e8b531ea9b4371311565d40aa2cbfa4101d401e79e758e6d1921a15ad8ce7fd35143a58a602d7ec9721d0614b534be8c2e836813aea19059742fd164e2923c2d63c06fcab286f88364619ab7bb5fb601474bc09b411b87834b5cdfffcb78a13fd66427b0038e226b1ac75b0c65300f22be11cc00f993503159f8f3295b0c3ca64ab1404db78b74017bb95969fb4eaa6d6dc8c5bb324ec86a809a86c3bf195399a23c5068c2a8028f4b0b1066e2dd72b916aa4e710f92c233cbdd63a071b2fc3e08904d0f12738708eb136a936af4cf85533c17942a7427cb4bc39b1ed8e643521e075e2431b3732e04584ae8f8620923c6b91b375cd37a8ca2e294c10cdee6616cdc78fa48c5ca12dfb9e784a254ddc99dad6d3ddd28766580f04000d7e527ac9d0ac5061281a706e11a03d264737f25e0673fe75a260973e307ef10cb475ee1cbe52d4fdc7e28d5699545c96fabc9b3d80d16a6a9de04ee4a35b1155ba9bb1521af9cab06ce457abe27b900cccaedeb825acde471e027b089321b4deec4a146356f144bb07c98320ad742c06f640cb26c186df1900cf34b62608a90b4ec5bcf93d4d970a6289b24262c6f427d1bda998d6d531fca946a9021fd1b98e0e784f198db1711fa6deb2849a725cb", 0xfc0}, {&(0x7f0000003fc0)="db175092fca71cc9d2f3a7812f7df826e7232faa47abdfede41cf0f5c2cdf4", 0x1f}, {&(0x7f0000005740)="2af7ea78b7f2b08689501b0289f9d963540ab9f1fb00e5c42c57c673c557a12e0a28d7ecee89b4e3fed181fcf584b26809f7b2ea1a101a531e4053e155ebbcea23963b21943c5e9c608292ce4c9e3f2e27e52d11f0a99ace9047d081ad50cfca9e82c3ed40d50c61db3c2552ac927073dce31f78889058adfc1846ef6aeea21b54701b8b2dabe781052b3aba1e5bb1feb51e56aded0085587c0980c9f009420265db10a54b9e45213cd081d8f95b2b287f92ed518bb0e05a471123371c262f30208e1b0079db731d7d0ce7505909425c3ab081926a310df453270718ee7e87807c0586e5e3c44e24ce167fdeccc3286c645fa56f2e25b4e55e3beb244c7e79243ac3d5bbd2aa38a7b80ecea91147c84d9f4e299eece6f609d072487e0cadc0927f8c678c6c87a2c758ee64a55a26c37ea605719db700696dca8373d5d9be225fd547d4db6180910a931f1739090289c7af29a8bcc89a1d799f32e6054e717ea66e0e3f541b638da1bea01218df8e1cb5f8ed5e4215153fa2a6a4abd11b5f6a7d89838cfe7d76da8e5e1273f0ab800f52b7ff76ead1a86a0e3b06f805a80add0ccb9a9037d59d8ab873c9f8446b363eb117b08c8d3d7da81c64fc3fe6e4acc844957122f945d71241e5d8c51092ebb9040a9134439c9d029f8cc089022af397afaf5a7b16fdfa520b10ec07ee9cdf1762978d00f3d00b0df54a9ad434bf43026ca32b7754d4cf135c0e47ada4e6b4d94c0cec7446ae55a281cfef153d483031100c89b6cc60d629b72e0bee0defe2db5409d2adf70fb3f319d583bee9c5363d1410a3ac8d678af411eef9006bfcc1e151091cf3b4c9459d82ff56ec0ce34e43b3bf9aa260ae7920a7cabb3570ff27d4d3b127003b540127b9f98514d86f81bd26decfda4dcbc9f83e7328a0a156cdc774743c6da70f97caf9ceb1f4c8dc676a33e8f2200a263045cb91cdd544a3e73905f1f9ac80e16f6c1aff444ba5953b00dd34da9dcc6349df8458894feb78541fa428b5e9ab899e840f592cc830fe35070d74251d61ef831f08cbc77ba85ddcf14cce060868168252ce1490b6f7f7dfe27c3ea8334c92152d4ac6cb72cd8feb6b81fe907d0205b52a5b6d327ec9ca15e4fada28eded2221731f8db7406e478a8c6cc08d1b20fd6eca7ddf3524dc8c7663575a90b790bc5ed8c22f54628baceda3a274b512dab31c70524cda1d4de976e51c15ded8c55e01ed5590cefffe53ac9ce201e9398f46a582f11a123a421ec0ba536018b46dc3f7c97fa75e2a6efe32ff642c4f6c914e3437c3c1e6fd7a5f782d9dbb4917ce27a1a25e18e6eafecb652e1a5d91afe9a444aae5fd77d323b6228ea714314dc7e36e112abb125c2a34b1f0f8ca931cb3e2a2eb8628035b6a4ae3d2a928b5b46622642de221cc1c73b00e88bf0deb10ef0a59925a0ec4cc23b33be8bde75e3ddd06a03ac6980dd5212e3691f92cca3570ca3b31914705b1577a583000f2208ac3d918f60f33334211b58419ef8c0e6c898b24c1ffe017b96b62de3a3bc73ba3191b5079da6ae724c0bca3d9fbe45b84879cc954225d048822ceaf5946cdeb0ae7a9c6787e99f97e0401c3c2f2088a25861b0083bd45a50c482e85bda86cb8b59a65705db1fc09202924f914c4250d10c321b7109e036648efa53c471007d8dcd31c424526bdc252fa3c41ca37baaefde014c523a2b504f2ce4d0e18eeb5fff25e63c5ec74a133e8d34b8bf53fcf156ca2c90b270bafcfeaccacf2d8cec8a5e0e87ddbe15faec9a5b138125746e5955cc3feec5dfb941695f9da1b4170b12ef5371f4f242328e3096f0bec40dab793de1e4d72bb3a0ae3b36b5c2e14c5d4ca9798baaabf8a1b96f12aab99fc58b5dccb14615e27503bfb644147bd918e15aa705b0daa2c8dc65bc01747542b0842cfa4ba9b6e1f8e6b20df1ca09e1f17a317a7169dca131aedcfd2180d393058d74aed0f9cd422e6b118c34919e6be9d1bf57847a88e201175851453d3baf27d3588d8b2082fed3de621e5ad9f88506f54dd9dcc22f97940f365f1f5dd48debbc61ab290ef8c959100db0f3c70215de01692745be2021ab370b502457ae9f11ad7ee8e3904e5b60687db75069306de555783822f99928bcf6ada3de9ffac56041d34372f1cb49ea346ac44052965b0138ffd648464a04a75e17e14605e09359e0261189a7bc935229bfb07bf919994550b055bc28c5f9d764c670ee81c4d27df59f17d7a3ba530e88e76003c0d7d43240e6a43ed798f41491c586e144fcf7c9f7925997bb5a0053b51927f73522f11126680adaa5ad634b79b40420e5331984ce2d9887252cf5c5a209f274c703e3a2378610dc72792e3551af32a78cd33d64aac877f046c698e01292ef076310df6b9b9d9a1f403820a57250be1a250798335cad9653a96761bd7447c87c0a5378eaba6d0015c56680b2e8b7fdf11003314666a3b18905c66c060597cfd31cb37915dd38c88f4a96196b30fa8049a00a8ca04636847a3e6aa318e36b3cae22546bc5edcfa08537162da5c6598a68046f39c6ac18cdd79498742ff7ad44d616e77f7eb9df4bf7b5f683ed65683ce534a87d8636a78a825cdb46b4d453733badaf51bef8439d9fa561d04deb13327384f65c428ba6a2d42dad68ad55fb252492f90402ecd6f5cb8cbdac42d1e5a028a5f9309c9a6459ffb1c16103e9b4fac9f3d67f76d167a72421c115977f011c9d2e66d97f00044766f264fe31f517e3571355ec2ebf41ce38daf98f7555ce94538ca5d1638885d933d6222107578042782417090274d72f00204aa9009a7179595fad58f65f693e09d30794fbc474ec8f8f8bed12f5ce283c11f7d7735e56dcfd1ebbdb5c7e5ac3e9123979e7dd4f555a42250171fe20135699c60ea24f427a9a72b040183788f8af8e006f4db3775d517a2a4d3b2fd36e8c07b643bb3b47d1ac74a6092ced92c2dc460166fc5b1cc8a625929dd30e7eca741b75984d6278320326631f93924bb68f6aff5c04a8bf638519dff7854261fef92e2254c6c537312b052652f428fe509d88200fd5f29261a9324f4e815ce02072b5aba8c5da5a937c8ed6446505e94f4aee84cf9e7eef14ed7502992a55a4432effe6798ff78c0928540b2fe3b108e98982db4d449e8dc5c9868dc707db93608ee1397daacb6bb127bb3d9bc7300d5e542d26004b0a8ce6306d434f908c7035b083013cf69b071c7952cce097db7dbe7ef2bad7ea064d6e401dee2766fa087a041132eefc489b698a51da586e2f8473bcbdfb8372fa17ce84edfb9afa7537aebe161ec35805a1686d64bb60b3eee16c645263bc4952fb2aee5ffdcbd655a6220d725f7c97e6db6668a0a232d40992f908eece8e7ba89f2664579238fd6332d0fda588a5125e331777f453a6a3ae00398391a2524c640a0d581284951cd364f606940c0d753e3f879641bfd58528d7727d5e0c507d294d96411be0854ca8a378f4acbec2bab1b162a9d3d15524d1087860cc6893cf8b1ca09c21581e0cbab6d466373f1e2f2a4ea67bc2b72a516c25831250424d575fb625b50e2aa46d3ed731801542bd8f5c272a14a736b24fa4c3e738157133320e7e6e3fdf4eeb9fe9a9a6896882202db8aa90eae5ef51bffcc34c4036423a367c8b138d916aecdd355e94a407570c1de463612e2246e1fa63b33181b5ab0a87dce220f7e941ce6672171d7e5c29e71aa03ff839aa2b5a3a31199f3446ec4759d74c35b89db22430f41ce992cefd60ddce1339a91497aa60865be26efe14d65889ab949192418ec6770c9c4139d55d8d9445b681fe1ba182afa6413c17faf85881f6d5ad28df82e3f3e35b8df2e649b2f56b40ccb43b8427985f32e3f408b37b6a25367c89db569786cff1a693212f58f6cc47b5c2845c370b0b545c86370500b19be7e8bb013877419ca848bdf91817b1f332b48b428fba568e221004e4e13c7e71049f17306117e3e7f2e71e8f013abe07a6b24aff22aca8c3233954a5c6ceab8e742768bce72d436d522d89a3ecf5a23db2cebb3d221cea93b2b1ca07a2069acaa3ce6161e76e6aa963c482e291959ee96b73b4d9e9a9d4208600293413fd581e700627c1924442ab2db06725d88fe530d69792f61053c577c9a78e52706ae59ca81794af922fa82509f87db17cdbf9f218f94d02f57db7d370eeb4f62eb088cf34068fb9f20728c1a3b39b9492ef33f86f865f6bb38c76fcfc4a4c7161e2521bcfa85efd28e76a694cd87c991b11be819d2ac0207f04a7c0439348e57d936304146a3a67912f9bf111e85893ac4340392229989086514eb40a06451e66416558445e95109f285dcf72deded7af92edd11ae8707c6532106c58bf4fa24e9c576ea3d81a58fbdd537d396a6872c4f10d51fa36de830e5352c67fa27fd70b4cbbc7e2b0e96faa60f41c23d7f487970e2db4df4b0523b18c3251d17935c624a0140d293ac29069c3438ab9ee924961cc97f8f965f579719f178efb53f2916c551af8ce67f27fc355b25a1bc10e9a6064ce46baca6e76aa05d2e9a6bfa3784949ce2aea024b0b796784c541dd189c10dee070f8de31d9f42320c805fa9fe2ee6a3b69b0fd48739cb799608fcb37bd4f30058bb4d440096daf434cd84afd42f194cd43132f6c5ef6f60134018d68a67301e919961275ebea40c5ed3d29e350ec3e4a25e65b091b748a44aa41fcfc9ed16baca615088a1938278780b376d7924319c8245da4c3d703ec021212ebd07f0b4558af14666c668ff6e8a7c9cf916d83868ce53ab548070a5ff00b0f3d9b97eecd3fee7c7e036919f0ef163c28ccd5c4058f3253f68b663ba5742538eff84700d2b7babf6439e53d129676b41e8459180d4b0c106212eca6b4fc69bc84f7df970e92ddb779a5149cadf9651bd5d8a0910b2f62052c3c45e514af36ae39a2450de83329ae9edc24b54d981ac56b012c8968ed608720afc41e46de4e786d207862d3ab01f143e368d7622f63081e1db81824ccada35983e22905c45d4545fc7a1eeb96d64c503261dcaec98222b68397570bd11d2025dc77e313127990c8be76402036a9ac35b6cca7fb7730e49e7e6e7133776c5e63f5a300a290d469200fe2a4019b555f1dc542dbabbc45a55bd14e127e597d094ece0d962bf7fa9022534da0c3cfbf1ed345ce585903fa11544c01d94415843d118ea29177c061e51af06c78b1d6aa2ad462e0984c11ccd4889246d368415b92c9bd35c2908fcfd11c81594a155f4542eef52140098b6c0c3c5c031c52c6759ea0e94f7580ba1d3d106d6fbeceb00ebd0a4ffdd2176670bfe40fd6e521e55c64613f45f7f8d841f957b462f92151e6c68caa116335d5d9926b0e8cdd8dcc6979e3c3a6ce89bc4b3406a87e1ce67b777811c02de7fbef7b1cf8be45b3ed1670e8876babc951641b5f3b529466478cc9fb51ffd09b13db187430abace08b89e7a6f4b95374315c06fc2c5bcd9e86cf3c409e6d535243ef692f5662f1876144be84cb7ccc38ecefcdd31e02545ffb97ef8f8f2ab85e5c09352473834f8beaf9a60a27eeca58acf355f70de32d6d75fa2a8cc72ac6ca28f873d8bcad437640d6244eeeab76dc9a6e24b8b4f7ad8c3c0755c20f304d3cab38599f727a14dfd6fa99fa8af5ff7130048a99a7c44ac05c4142e3921a03306496f635f9f621753e01140538607b93463caf60b82b00b99cec94c09e466c588e7f8c508db0cc70443d7248e97940d65f9f925e9a4aa58b605b83e31f085054b7eec8111cb749794c5880a3a457b542873", 0x1000}], 0x8, &(0x7f0000004080)=ANY=[@ANYBLOB="0000000000000000000000003e0020000180000000000000"]}}], 0x3, 0x40885) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={0x14, 0x0, 0x1, 0x0, 0x0, 0x1a14, {0x2}}, 0x14}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x38, 0x3, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x41}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121) openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r7 = socket$inet6(0xa, 0xa, 0x0) bind$inet6(r7, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @multicast2, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) socket$nl_route(0x10, 0x3, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000004700)) socket$kcm(0x10, 0x2, 0x0) 4m42.554587631s ago: executing program 0 (id=450): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newlink={0x58, 0x10, 0x401, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, 0xe59bca127d81b0fa, 0xc574450d1af3193c}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_MCAST_TO_UCAST={0x5, 0x1c, 0x1}]}}}, @IFLA_IFNAME={0x14, 0x3, 'bridge_slave_0\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x20044010}, 0x0) (async) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newlink={0x58, 0x10, 0x401, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, 0xe59bca127d81b0fa, 0xc574450d1af3193c}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_MCAST_TO_UCAST={0x5, 0x1c, 0x1}]}}}, @IFLA_IFNAME={0x14, 0x3, 'bridge_slave_0\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x20044010}, 0x0) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0x94b, 0x4) syz_emit_ethernet(0x13a, &(0x7f0000000700)={@local, @empty, @val={@void, {0x8100, 0x1, 0x1, 0x4}}, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, '\x00\'$', 0x100, 0x3a, 0xff, @private0, @mcast2, {[@hopopts={0x32, 0x2, '\x00', [@jumbo={0xc2, 0x4, 0x4}, @jumbo={0xc2, 0x4, 0x9}, @ra={0x5, 0x2, 0x1000}]}, @routing={0x2, 0x6, 0x1, 0x7, 0x0, [@private1={0xfc, 0x1, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @ipv4={'\x00', '\xff\xff', @local}]}, @srh={0x2f, 0xc, 0x4, 0x6, 0x3, 0x8, 0x0, [@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2, @empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local]}, @fragment={0x3b, 0x0, 0x9, 0x0, 0x0, 0x6, 0x68}, @fragment={0x8, 0x0, 0x8, 0x0, 0x0, 0xe, 0x65}], @pkt_toobig={0x2, 0x0, 0x0, 0x500, {0x6, 0x6, ':yE', 0x2, 0x3a, 0x0, @empty, @private2, [], "9e29335287b7a081"}}}}}}}, 0x0) (async) syz_emit_ethernet(0x13a, &(0x7f0000000700)={@local, @empty, @val={@void, {0x8100, 0x1, 0x1, 0x4}}, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, '\x00\'$', 0x100, 0x3a, 0xff, @private0, @mcast2, {[@hopopts={0x32, 0x2, '\x00', [@jumbo={0xc2, 0x4, 0x4}, @jumbo={0xc2, 0x4, 0x9}, @ra={0x5, 0x2, 0x1000}]}, @routing={0x2, 0x6, 0x1, 0x7, 0x0, [@private1={0xfc, 0x1, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @ipv4={'\x00', '\xff\xff', @local}]}, @srh={0x2f, 0xc, 0x4, 0x6, 0x3, 0x8, 0x0, [@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2, @empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local]}, @fragment={0x3b, 0x0, 0x9, 0x0, 0x0, 0x6, 0x68}, @fragment={0x8, 0x0, 0x8, 0x0, 0x0, 0xe, 0x65}], @pkt_toobig={0x2, 0x0, 0x0, 0x500, {0x6, 0x6, ':yE', 0x2, 0x3a, 0x0, @empty, @private2, [], "9e29335287b7a081"}}}}}}}, 0x0) recvmmsg(r0, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2000, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) r2 = socket(0x10, 0x803, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000000002010400000000000000000080000a"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4040004) r3 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x1000}, 0x4) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x1000000) (async) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x1000000) socket$kcm(0x10, 0x3, 0x10) (async) socket$kcm(0x10, 0x3, 0x10) setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000240)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x4, 0xf84, 0x4}, 0x1c) poll(&(0x7f00000016c0)=[{r3, 0x440}], 0x1, 0xffffffff) (async) poll(&(0x7f00000016c0)=[{r3, 0x440}], 0x1, 0xffffffff) getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xffffffffffffffc6) shutdown(0xffffffffffffffff, 0x0) (async) shutdown(0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000040)=[@in6={0xa, 0x4e20, 0x1, @mcast1, 0x8}]}, &(0x7f0000000280)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000000c0)={r5, @in={{0x2, 0x4e23, @empty}}, 0x0, 0x2, 0x40000000, 0x6, 0xa17433da3c5d69a5, 0x2, 0x81}, 0x9c) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="48000001100003e7ff00"/20, @ANYRES32=r4, @ANYBLOB="0000000040000200280012800a000100767863616e0000001800028014000100000000", @ANYRES32=r4], 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x80) chdir(&(0x7f0000000100)='./file0\x00') r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.net/syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r6, &(0x7f00000003c0)='memory.current\x00', 0x0, 0x0) (async) openat$cgroup_ro(r6, &(0x7f00000003c0)='memory.current\x00', 0x0, 0x0) rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file1\x00') (async) rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file1\x00') mknod(&(0x7f0000000040)='./file0\x00', 0x8000, 0x7) r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r7) (async) ptrace(0x10, r7) ptrace$cont(0x20, r7, 0x0, 0x0) ptrace$getregs(0xc, r7, 0x1, &(0x7f0000000000)=""/107) (async) ptrace$getregs(0xc, r7, 0x1, &(0x7f0000000000)=""/107) 4m42.445929522s ago: executing program 0 (id=452): r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x3, 0x6c4ba42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xcd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0xfffffffffffffffb, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x200, 0x0, 0x40000000000, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x100000001]}) 4m42.144811972s ago: executing program 0 (id=457): r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000780), 0x2, 0x8000) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000100)={0x6}) lremovexattr(0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x103000, 0xe9) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x20000, 0x71) pread64(r2, &(0x7f0000001440)=""/126, 0x7e, 0x41) r3 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_int(r3, 0x1, 0xf, 0x0, &(0x7f0000000100)) r4 = socket$tipc(0x1e, 0x2, 0x0) getsockopt$TIPC_NODE_RECVQ_DEPTH(r4, 0x10f, 0x83, &(0x7f0000000000), &(0x7f0000000040)=0x4) 4m42.089443885s ago: executing program 32 (id=457): r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000780), 0x2, 0x8000) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000100)={0x6}) lremovexattr(0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x103000, 0xe9) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x20000, 0x71) pread64(r2, &(0x7f0000001440)=""/126, 0x7e, 0x41) r3 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_int(r3, 0x1, 0xf, 0x0, &(0x7f0000000100)) r4 = socket$tipc(0x1e, 0x2, 0x0) getsockopt$TIPC_NODE_RECVQ_DEPTH(r4, 0x10f, 0x83, &(0x7f0000000000), &(0x7f0000000040)=0x4) 3m25.294663249s ago: executing program 3 (id=1865): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000000003f000080"], 0x48) 3m25.294493395s ago: executing program 3 (id=1866): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=@newsa={0x128, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2, 0x0, 0x10000000, 0xad}, {0x0, 0x200000, 0x7}, {0x40000, 0xfffffffd, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x74}, [@coaddr={0x14, 0xe, @in6=@remote}, @lifetime_val={0x24, 0x9, {0x100000000, 0x8000000000000001, 0xb4, 0x5}}]}, 0x128}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB="040100001a0007000000000000000000fe80000000000002000000000000001b00000000000000000000ffff0a010102ffff0000000000000000000002000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ff010000000000000000000000000001000000002b000000fc000000000000000000000000000000000000000000004000b40000000000000200000000000000000000007ffffffe0000000000000000000000000000000000000000000000000000000000000000000100000000000000002000000000000700000000000000fdffffffffffffff0000040000000000e80a000000000000000000000a000200700000000000000014000e"], 0x104}}, 0x4cc00) 3m25.290983505s ago: executing program 3 (id=1868): r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={0x0, 0x8000000}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000000c0)=@assoc_value={r1, 0x2}, &(0x7f0000000100)=0x8) (async) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000140)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f00000001c0)={0x18, r2, 0x1, 0x0, &(0x7f0000000180)=[{0x7311, 0x8}]}) (async) ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r0, 0x3b70, &(0x7f0000000200)={0xc0, 0x0, 0x0, 0x0, {}, {{}, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}]}}) (async) ioctl$SNDRV_PCM_IOCTL_START(r0, 0x4142, 0x0) (async) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000002c0)={0x2, @sliced={0x8, [0x34c, 0x4, 0x9, 0x1000, 0x62, 0x1, 0x8, 0x101, 0x5, 0x18, 0x4, 0x5, 0xfffb, 0xfff, 0x2, 0x3, 0x6, 0x3, 0x3, 0x4, 0xffff, 0x6d39, 0x2, 0x6, 0x4, 0x100, 0x1, 0x9, 0x5cbe, 0x9, 0xff, 0xb6, 0xfff7, 0x9, 0x0, 0x6, 0x5, 0x8, 0x63c, 0xfffc, 0x4, 0x3ff, 0x0, 0x3ff, 0x1, 0x4, 0x0, 0x10], 0x3ff}}) (async) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f00000003c0)={0x0, 0x0, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f00000007c0)={{r0}, {@val={r3}, @max}}) (async) r4 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000840), 0xffffffffffffffff) sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000940)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000900)={&(0x7f0000000880)={0x54, r4, 0x2, 0x70bd27, 0x25dfdbff, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0xc}, @SEG6_ATTR_ALGID={0x5, 0x6, 0xff}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0xffffffff}, @SEG6_ATTR_SECRET={0xc, 0x4, [0x1, 0x7]}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x7}, @SEG6_ATTR_SECRET={0xc, 0x4, [0xfffffffe, 0x80]}]}, 0x54}, 0x1, 0x0, 0x0, 0xc000}, 0x20000) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000a80)={@map=r0, 0xe, 0x0, 0x2ba, &(0x7f0000000980)=[0x0, 0x0], 0x2, 0x0, &(0x7f00000009c0)=[0x0], &(0x7f0000000a00)=[0x0], &(0x7f0000000a40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0}, 0x40) (async) r6 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000b00), 0x200, 0x0) (async) r7 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000c00)={r0, r0, 0x34, 0x0, @val=@uprobe_multi={&(0x7f0000000b40)='./file0\x00', &(0x7f0000000b80)=[0x2, 0x2, 0x5ec, 0x5, 0x8], &(0x7f0000000bc0)=[0x0, 0x0, 0x1, 0x3, 0x3, 0x3, 0x1, 0x0], 0x401, 0x5, 0x1}}, 0x40) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000ac0)={@cgroup=r6, r0, 0x2e, 0x2010, 0x0, @value=r7, @void, @void, @void, r5}, 0x20) r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000c80), r0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000cc0)={'batadv_slave_0\x00', 0x0}) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r6, &(0x7f0000000dc0)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000d80)={&(0x7f0000000d00)={0x4c, r8, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r9}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x10001}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8000}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000020}, 0x20004800) (async) r10 = socket$nl_generic(0x10, 0x3, 0x10) (async) r11 = syz_genetlink_get_family_id$tipc(&(0x7f0000000e40), r0) sendmsg$TIPC_CMD_GET_MAX_PORTS(r0, &(0x7f0000000f00)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e80)={0x1c, r11, 0x200, 0x70bd2b, 0x25dfdbfc, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) (async) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r10, &(0x7f0000001000)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f80)={0x30, r11, 0x800, 0x70bd2a, 0x25dfdbfc, {{}, {}, {0x14, 0x19, {0x1, 0x0, 0xd, 0x5}}}, ["", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x8010}, 0x24000004) (async) r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001080), r0) sendmsg$NL80211_CMD_SET_BEACON(r10, &(0x7f0000001240)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x850400}, 0xc, &(0x7f0000001200)={&(0x7f00000010c0)={0x124, r12, 0x10, 0x70bd27, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_BEACON_HEAD={0x10d, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1}, {0x6256}, @broadcast, @device_b, @initial, {0x3, 0x2}}, 0xffffffffffffffff, @random=0x3a1, 0xaa, @val={0x0, 0x6, @random="5364305d318c"}, @val={0x1, 0x4, [{0x30}, {0x9}, {0xb, 0x1}, {0x5, 0x1}]}, @void, @val={0x4, 0x6, {0xf8, 0x0, 0x1, 0xe0}}, @val={0x6, 0x2, 0x13}, @void, @val={0x25, 0x3, {0x0, 0x6, 0xea}}, @val={0x2a, 0x1, {0x1, 0x1}}, @val={0x3c, 0x4, {0x1, 0x0, 0x5, 0x5}}, @val={0x2d, 0x1a, {0x2, 0x2, 0x4, 0x0, {0x2b, 0x6, 0x0, 0x3f8, 0x0, 0x1, 0x1, 0x0, 0x1}, 0x8, 0x10000, 0x1}}, @val={0x72, 0x6}, @void, @val={0x76, 0x6, {0x2e, 0x15, 0x8, 0x83bc}}, [{0xdd, 0x77, "f6aa2501154295d20411f9f0c450aad014051239233df58c80b63bf8e5b59f7cdce8f5b453a2241c17b0727d90e9727c3d0001c4b334a7c91517af43e725d82daf9b458ef438f767401d5a6d964cea0d5ca1d3f19070ad8ccb897ab095bf022eb2b19d4bbf2ba92d95dfe2bc96fae99382cf1b44271f01"}, {0xdd, 0x16, "5fb0e0c44f2408bde500eaaafb3e467e83392311e4e0"}]}}]}, 0x124}, 0x1, 0x0, 0x0, 0x84}, 0x20004001) (async) ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f0000001280)={0xc, r2}) ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f00000012c0)) (async) r13 = syz_open_dev$vcsu(&(0x7f0000001300), 0xd41c, 0x212000) (async) r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001380), r0) sendmsg$NL80211_CMD_LEAVE_MESH(r13, &(0x7f0000001480)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001440)={&(0x7f0000001400)={0x1c, r14, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000000) 3m25.213541826s ago: executing program 3 (id=1869): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000006000000000f00000008000300", @ANYRES32=r2, @ANYBLOB="28000e0080000000ffffffffffff1202110000000802110000000000000000000000000064000100080026006c09000008000c006400000008000d003603f8d7cb708eca02020202"], 0x74}}, 0x0) 3m25.213167883s ago: executing program 3 (id=1870): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83) sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0xf0, 0x32, 0x205, 0x70bd2d, 0x25dfdbfc, {}, [{0xc9}]}, 0xf0}, 0x1, 0x0, 0x0, 0x85}, 0x8000) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40086602, &(0x7f0000000000)) r2 = syz_open_dev$video(&(0x7f0000000000), 0x0, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) r4 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000000040)=0x2, 0x4) connect$rxrpc(r4, &(0x7f0000000080)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x0, 0x0, @mcast1}}, 0x24) sendmsg$inet(r4, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0) connect$rxrpc(r3, &(0x7f0000000000)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @mcast1}}, 0x24) sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0) ioctl$VIDIOC_S_SELECTION(r2, 0xc040565f, &(0x7f0000000940)={0x5, 0x3, 0x2, {0x8000, 0x8, 0x8, 0x2}}) fstat(r1, &(0x7f0000000340)) sendmsg$OSF_MSG_REMOVE(r0, &(0x7f0000001280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="6010000001050103000000000000000001000004540201000200000005000000060a0300b12e0d0073797a31000000000000000000000000000000000000000000000000000000005cfdc6196958696adab560eb5f2900c767a50b3b8e7061cb8b8e9e4e272e4a4296f4cc77f4bb35bfe837dfc039842b54446b97cd6b41cddaf257c0bf5fb80b320800f9ff0300000000000000842003000000000007000000c5030900030000000004000008004d2c1cad1958040000000800060002000000010000000100010101000000fbffffff08640300010000000500000000002dcf010000006a0000000400e50003000000f8ffffff89a10080020000000700000005000600000000000e000000090005000000000004000000a0df0104030000000100010004000800010000002e0600000600020003000000030000000800000200000000ea0000000500ff0f03000000040000000500030002000000ff7f00000600ff0000000000ff00000002000800000000000500000000000c0002000000001000000900000003000000445b00000700faff00000000ff010000ff0f040001000000040000000000018002000000020000000048010000000000080000000000000001000000080000000200fa000200000001000000010007000000000002000000070002000300000004000000010009000200000001000000070000000200000008000000010000000300000006000000010008000200000009000000000207000000000004000000980e0000020000000300000000040100030000000000008006000800000000000400000045000300000000008eb100000600fcff02000000010000005402010002000000000800002d0001800104210073797a31000000000000000000000000000000000000000000000000000000003eb19c202e4d6743b53fbb594917825925ae4308b6c8245de520fff67e913450ce0318d3a41dc364006a933dee3b1b5378f567143bb548c78cd58cbab059f7a002000f0b02000000e8075a3800082d000000000000000000090000000100000010000000feff010402000000040000000100fbff0200000000000000fd0002000000000005000000070006000000000009000000010103000000000005000000ec0040000100000001000000080001000100000001000000070002000200000009000000ff07040000000000a5e600003b000800020000003c59590f050007000300000000080000000100060002000000000200000400030003000000020000000500ff7f03000000030000000700fcff01000000010400000500050001000000ff0100000101020b03000000c8f8c61407000600000000000400000001000900000000004000000005007f0002000000070000000900c00b0100000004000000ff070300010000005e060000090005000100000004000000470a000400000000864f00000004050001000000fdffffff09000e0003000000070000000500080000000000d800000008000001030000000500000005000700000000000300000005000000000000000900000061000100030000002fdf00000a000800030000000800000008000900020000000400000009000600000000007f0000000004f7ff000000000000000000008000030000000800000054020100000000000300000000070300be000c0073797a30000000000000000000000000000000000000000000000000000000003f652c6e932d6618310612d01b91c03f8d995930f9985f4508567b245b33520b70ea93013ac9622dc2f29a98d429d94da93a8b318cf3e39695edf62f2f00bda90500090000000000010000000500010000000000a700000010080800020000000002000007000200030000000000000001000a0003000000020000000400080000000000050000000d00070001000000030b00000200430e02000000060000000000f9ff03000000bdffffff0200dff40000000006000000020008000000000002000000008099020300000000000000c200090000000000070000000400040000000000030000000300040002000000c201000003000600000000000200000007000a0003000000537481730900060001000000010100000000010001000000b00000004cbf010000000000010000000900f8ff020000008000000008000b0001000000400000009d06ce0003000000060000000900040002000000070000007a0b03000300000001800000ff07e50001000000040000000200f7ff0200000000000000090001fe0200000001000000040099a201000000010000000c00040003000000f7c0000008000e0003000000018000000000080001000000000000000600030000000000070000000800060000000000ffff000007000500030000000002000002000200030000004102000004001d05020000000600000001fc01000200000003000000000007000300000000000100ffff030002000000ff000000540201000000000007000000a8090600b90e250073797a310000000000000000000000000000000000000000000000000000000098eb6ae8ea04b8b564b3f0f683a07b75c5bb148ee84a467a4d15bdc981755a9287fb9dc6b65f7d177afbfdd9da831b95648e7796e39505766e229d3abdd3bb9001007509010000000400000007008000000000000900000005000000adb91763070000000500040000000000070000002f00f70901000000030000000200010003000000020000000000010403000000020000000010000000000000090000000800e05600000000fcffffff0001ffff01000000000000000f00080000000000010000000800020002000000010001000800a97901000000060000000300030000000000010000000100010003000000010000000200000000000000f55300001a0600000100000000fcffff080051000000000010000000f6062a220100000001010000120f01ff00000000020000008100ff0001000000040000000600090001000000810000000600cf250000000003000000d9d20a0000000000020000000100010001000000040000000100040001000000070000000200810001000000700b00000101090003000000080000003903080000000000090000000c00090003000000ffffffff10000700030000000000000000000700010000000c0000000200010000000000ff7f00000600070000000000f3090000ffff0700020000007cd100001000050002000000810000000600070002000000f7ffffff840f0500010000001a0000000700800000000000000000008000ff0f0100000008000000540201000200000031090000060a0600f7ff270073797a3100000000000000000000000000000000000000000000000000000000a59ad2ca4e1a5bcbf3d194d3b271106c11702dbb193f85ad419fba461d6fdf1c366e4bce6da143c2a6958c01179f316bc72414af8cf614d04b44d0b5b91b6846090001800300000003000000080009000300000002000000010001800300000007000000080008000100000003000000443eb60700000000090000000d00008002000000020000003a0a030002000000edcd000059d2030001000000050000002f0001000200000001000080ff07090000000000080000000800010003000000000000000900f9ff0300000001000000080002000100000001000000070008000300000002000000000204000100000009000000010004000000000006000000050002000000000000800000030009000200000006000000f7ff020003000000aedb6b1713830200010000001cb900000700000200000000030000000200040000000000ffffff7f800040000200000003000000060006000200000000000000d5c8d000020000000500000003000004000000000700000004000100020000000900000006000100000000000400000003000600010000000d0000000900000000000000070000000300800000000000ff7f000008000400000000000000002007003d07ce2e9476010000000800020002000000ae790000ff03795d01000000180000000700030000000000050000000300800000000000000000000100040001000000070000000e002b0e010000001a0700004c08060002000000ff010000540201000100000005000000ff0001012500100073797a3000000000000000000000000000000000000000000000000000000000006685cb79932713ccd420dcffe34e8582791c8e28b10afd53222c5c6c06bdf0e49b5c0ac7931098b84f4a40dd72cfb5d9d00e453f276440c02f099ddfc8b97a090002000000000000000000f7ff080002000000030000001000f7ff020000008000000001000400030000000700000007003a000000000001000000090001000100000002000000ff030300030000000004000001ff01000100000005000000800002000300000003000000ffff07000000000009000000b60700700300000000000080090007000200000002000000ece2ae000200000005000000030006000200000000080000090058000300000093ffffff060009000300000088da9a6cfcff09000200000001000000050006000200000005000000ff07000003000000050000000700060003000000030000000000ffff01000000635d00000a00db6501000000070000004300000200000000040000000200577400000000080000000300030001000000360d000003001e7b000000008500000008004cff02000000eb0000000104580001000000000000000200000003000000040000000500050000000000ff0700000400060001000000ff0700000900dff0000000000a0000000300000202000000080000006303510e02000000100000000400080001000000bd00000006000400020000007b0900000400040000000000f7ffffff1000030001000000090000000a00010003000000050000000300810002000000224500005402010000000000feffffff060702000000170073797a3000000000000000000000000000000000000000000000000000000000361e4e2104def38cc2045ef0a19fffdd97546055d653bd8b4f2138c4b9a414c9ff0e89c88382f0a489556d981762652d839faec80c0458dd0dfd90d25dd78a5bff7fd80000000000ee0c00000c0db66b00000000ffff0000ff00008000000000050000004b006da7000000000800000009000900b32dd4af0000000007000c0001000000020000000000090003000000050000000d00f60f01000000050000000400040003000000c2b500000700400002000000ffffff7f0900e99e030000000f0000000f00000003000000fbe300000f00010000000000050000000a00000003000000ffffffff07000500010000007c0f0000b20502000300000006000000620cd13301000000010000000a00000000000000040000005500da0002000000850000000500000001000000ff0100000000faff00000000000000000000090002000000060000004002030001000000060000000600050001000000010000000000ff030000000085060000020002000300000004000000ffff020003000000060000000400f8ff03000000000000000600ab8301000000030000000800ffff00000000080000005b760700030000000100008006000900030000000200000000000400010000000500000007000900020000000f000000020004000200000000800000060008000100000009000000339a010002000000040000000400040002000000ff000000020003000200000086390000010101000000000003000000"], 0x1060}, 0x1, 0x0, 0x0, 0xc095}, 0x80) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x110}, 0x1, 0x0, 0x0, 0x4000804}, 0x20008000) 3m25.144946277s ago: executing program 3 (id=1871): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x6}}}, 0x24}}, 0x0) getsockname$packet(r0, 0x0, &(0x7f0000001480)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) r1 = socket(0x2a, 0x2, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000026c0)=@newtfilter={0x87c, 0x2c, 0xd27, 0x70bd2d, 0x4, {0x0, 0x0, 0x0, r2, {0xe, 0x6}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_basic={{0xa}, {0x84c, 0x2, [@TCA_BASIC_POLICE={0x848, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0x8, 0x5, 0x8, 0x401, 0x7, 0xffffffff, 0x6, 0x8, 0x7f, 0x101, 0x3, 0x9, 0x5, 0x4dc6, 0x7fff, 0x6, 0x8, 0x3, 0xd, 0x4, 0x3ae0, 0x5, 0x99, 0x1, 0xff, 0x1, 0x6, 0x80, 0x7f1b, 0x5, 0x5, 0x80000000, 0xfffffffa, 0xffffffff, 0x800, 0xf20d, 0x800, 0x0, 0x1, 0x4, 0x80000000, 0x6, 0x9, 0x3, 0xff, 0x0, 0x9f0, 0x1ff, 0xdf7a, 0x7fffffff, 0x0, 0x0, 0xc, 0x14, 0xffffffff, 0xc, 0x401, 0xffff, 0x9bf, 0x6f3c, 0x8, 0x9, 0x7ff, 0x3, 0x9, 0x8000, 0x8, 0xffffffc0, 0x4, 0x1, 0x2, 0x8, 0x4, 0x9, 0x200, 0x3ff, 0x8000, 0x81, 0x3, 0x4, 0x7ff, 0x1, 0x5, 0x80000000, 0x2, 0x5, 0x2, 0x1, 0x0, 0x10001, 0x81, 0xc, 0x6, 0x80000001, 0x401, 0x6, 0x0, 0x3, 0x800, 0xf79, 0x6, 0x1, 0x4, 0xfff, 0x2, 0x1, 0x37800000, 0x0, 0x3, 0xae5, 0x4, 0x4, 0xae, 0xfffffffe, 0x1, 0x6, 0x8, 0x400, 0x1, 0x8000, 0xc, 0x1, 0x8, 0x3, 0x95, 0x1, 0x6, 0x3, 0xca, 0x0, 0x0, 0x3, 0x7, 0xffffb09a, 0x1, 0xe, 0x9, 0x5, 0x6, 0x4b, 0x9, 0x4, 0xfffffffe, 0xfffffffe, 0x4, 0x69, 0x2, 0x2, 0x6c, 0x0, 0x5, 0xffff, 0x4, 0x5, 0x2, 0x6, 0xffffffd1, 0x6, 0x1, 0xb3, 0x5, 0x5, 0x1, 0x9, 0x4, 0x3, 0x9, 0xffffffff, 0x5, 0x2c9, 0x8bf, 0x0, 0xde39067, 0x9, 0x8, 0x6, 0x1534fe8b, 0x7, 0x0, 0x6, 0x2, 0x4, 0x81, 0xd16d, 0x0, 0xf9, 0x8, 0x401, 0xffffffff, 0xe19b, 0x80000000, 0x6, 0x81, 0x800, 0x9, 0x651, 0x10001, 0x6, 0x0, 0x5, 0x1d58, 0x401, 0x3, 0x8002, 0x80000008, 0x36, 0x15a, 0x2, 0x6, 0x5, 0x7, 0x6, 0x79, 0x8, 0x1da, 0x1, 0x9, 0x30, 0x0, 0xfffffff9, 0x9c06, 0x3, 0x0, 0x27b, 0x5, 0x1001, 0x3, 0x400001, 0x6, 0x5, 0x64c, 0x4, 0xfffffff7, 0x9, 0x4, 0x80000000, 0x80, 0x7, 0x7, 0x7, 0x3, 0xa, 0x8, 0xffff, 0x22, 0x9, 0x4, 0x3, 0x3, 0x9, 0xfffffffa, 0x1, 0x6, 0x3321, 0x9, 0x5]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x80000001, 0x7, 0x3ff, 0x7, 0x4, 0x2, 0xffffffc0, 0x7ff, 0x86, 0x9, 0xa, 0x2, 0x8c, 0x1000200, 0x5, 0x5, 0x40000000, 0x5, 0x7, 0x1, 0x0, 0x4, 0x0, 0xc, 0xd, 0x3, 0x9, 0x49, 0x80000000, 0xd35, 0x25431060, 0xd2, 0x5, 0x9, 0xb5f0, 0x401, 0x7, 0x2, 0x6, 0x80000001, 0xa, 0x8, 0x9, 0x1, 0xccf1793, 0x2c800000, 0x5d, 0x1, 0x239, 0x5, 0x5a5057fd, 0x5, 0x4, 0x6, 0x8, 0x5, 0x200, 0x3d, 0x10000, 0xf9, 0x6, 0x408, 0x7, 0x3, 0xfffffeff, 0x9, 0x1, 0x401, 0x1ff, 0x2, 0x0, 0x20000, 0x800, 0x3, 0x0, 0x8, 0x10000, 0x6, 0x7c, 0x1, 0x9, 0xffffff01, 0x9, 0x8, 0x8052, 0x9, 0x5, 0x8, 0x142, 0x2d, 0x7, 0x8, 0xb, 0x81, 0x9, 0x3ff, 0x1, 0x10000, 0x9, 0x1c0, 0x7, 0xffffffff, 0x5, 0xe8, 0x6, 0x8, 0xf, 0x3, 0x0, 0xff, 0xfffffffa, 0x6, 0x8001, 0x5, 0x9, 0x8, 0x5, 0x9, 0x1ff, 0x2, 0x10001, 0x8, 0x0, 0x6, 0x4, 0x866, 0x7fff, 0xe0, 0x8, 0x80000d3a, 0x6000000, 0xfffffffc, 0x9, 0x7fff, 0x7, 0x10000, 0x3, 0x7fff, 0x40000000, 0x1, 0x7, 0xfffffffb, 0x3, 0x1, 0x9, 0x0, 0x7, 0x6, 0x4, 0x700, 0x4, 0x1, 0x2, 0x0, 0x5, 0x7, 0x6, 0x7, 0x8, 0x8, 0xc, 0x9, 0x6, 0x5, 0x0, 0x5, 0x2, 0x2, 0x8, 0x9, 0x9, 0x9, 0x5847cb5c, 0x9, 0x2, 0xffffffd8, 0x10001, 0xfffffffc, 0x5, 0x401, 0x8, 0x1, 0x2, 0x0, 0x0, 0x1200, 0x2, 0x0, 0xef2c, 0x80000001, 0xac5ae1dd, 0x0, 0x800, 0xffffffff, 0x2, 0x3, 0x1, 0x8, 0x7785, 0x8001, 0x4, 0x5, 0x4, 0xc, 0x0, 0x6, 0xffffff2f, 0x8001, 0x3, 0x5, 0x3, 0x4, 0x7, 0x5, 0x7, 0xabd, 0x0, 0x10001, 0x9, 0x4, 0x30000000, 0x5, 0x13c1, 0x3, 0x7, 0x1, 0x8, 0x2, 0x6, 0x1, 0x2, 0x2, 0xb, 0x8, 0xa, 0x9, 0xfffffff9, 0x7, 0x7, 0x3, 0x8, 0x9, 0xfffffffc, 0x81, 0xe7a9, 0x10001, 0x6, 0x0, 0xb9, 0x8cca, 0xdda5, 0x1, 0xa, 0x7fffffff, 0x10, 0x31f]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x4, 0x4, 0x7f, 0x0, {0x6, 0x0, 0x6, 0x7ff, 0x6e6, 0xd74}, {0x8, 0x0, 0xffff, 0x8, 0x7f, 0x7fff}, 0x0, 0x8000, 0xbab2}}]}]}}]}, 0x87c}}, 0x20000050) r3 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210057ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48) 3m10.153411479s ago: executing program 33 (id=1871): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x6}}}, 0x24}}, 0x0) getsockname$packet(r0, 0x0, &(0x7f0000001480)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) r1 = socket(0x2a, 0x2, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000026c0)=@newtfilter={0x87c, 0x2c, 0xd27, 0x70bd2d, 0x4, {0x0, 0x0, 0x0, r2, {0xe, 0x6}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_basic={{0xa}, {0x84c, 0x2, [@TCA_BASIC_POLICE={0x848, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0x8, 0x5, 0x8, 0x401, 0x7, 0xffffffff, 0x6, 0x8, 0x7f, 0x101, 0x3, 0x9, 0x5, 0x4dc6, 0x7fff, 0x6, 0x8, 0x3, 0xd, 0x4, 0x3ae0, 0x5, 0x99, 0x1, 0xff, 0x1, 0x6, 0x80, 0x7f1b, 0x5, 0x5, 0x80000000, 0xfffffffa, 0xffffffff, 0x800, 0xf20d, 0x800, 0x0, 0x1, 0x4, 0x80000000, 0x6, 0x9, 0x3, 0xff, 0x0, 0x9f0, 0x1ff, 0xdf7a, 0x7fffffff, 0x0, 0x0, 0xc, 0x14, 0xffffffff, 0xc, 0x401, 0xffff, 0x9bf, 0x6f3c, 0x8, 0x9, 0x7ff, 0x3, 0x9, 0x8000, 0x8, 0xffffffc0, 0x4, 0x1, 0x2, 0x8, 0x4, 0x9, 0x200, 0x3ff, 0x8000, 0x81, 0x3, 0x4, 0x7ff, 0x1, 0x5, 0x80000000, 0x2, 0x5, 0x2, 0x1, 0x0, 0x10001, 0x81, 0xc, 0x6, 0x80000001, 0x401, 0x6, 0x0, 0x3, 0x800, 0xf79, 0x6, 0x1, 0x4, 0xfff, 0x2, 0x1, 0x37800000, 0x0, 0x3, 0xae5, 0x4, 0x4, 0xae, 0xfffffffe, 0x1, 0x6, 0x8, 0x400, 0x1, 0x8000, 0xc, 0x1, 0x8, 0x3, 0x95, 0x1, 0x6, 0x3, 0xca, 0x0, 0x0, 0x3, 0x7, 0xffffb09a, 0x1, 0xe, 0x9, 0x5, 0x6, 0x4b, 0x9, 0x4, 0xfffffffe, 0xfffffffe, 0x4, 0x69, 0x2, 0x2, 0x6c, 0x0, 0x5, 0xffff, 0x4, 0x5, 0x2, 0x6, 0xffffffd1, 0x6, 0x1, 0xb3, 0x5, 0x5, 0x1, 0x9, 0x4, 0x3, 0x9, 0xffffffff, 0x5, 0x2c9, 0x8bf, 0x0, 0xde39067, 0x9, 0x8, 0x6, 0x1534fe8b, 0x7, 0x0, 0x6, 0x2, 0x4, 0x81, 0xd16d, 0x0, 0xf9, 0x8, 0x401, 0xffffffff, 0xe19b, 0x80000000, 0x6, 0x81, 0x800, 0x9, 0x651, 0x10001, 0x6, 0x0, 0x5, 0x1d58, 0x401, 0x3, 0x8002, 0x80000008, 0x36, 0x15a, 0x2, 0x6, 0x5, 0x7, 0x6, 0x79, 0x8, 0x1da, 0x1, 0x9, 0x30, 0x0, 0xfffffff9, 0x9c06, 0x3, 0x0, 0x27b, 0x5, 0x1001, 0x3, 0x400001, 0x6, 0x5, 0x64c, 0x4, 0xfffffff7, 0x9, 0x4, 0x80000000, 0x80, 0x7, 0x7, 0x7, 0x3, 0xa, 0x8, 0xffff, 0x22, 0x9, 0x4, 0x3, 0x3, 0x9, 0xfffffffa, 0x1, 0x6, 0x3321, 0x9, 0x5]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x80000001, 0x7, 0x3ff, 0x7, 0x4, 0x2, 0xffffffc0, 0x7ff, 0x86, 0x9, 0xa, 0x2, 0x8c, 0x1000200, 0x5, 0x5, 0x40000000, 0x5, 0x7, 0x1, 0x0, 0x4, 0x0, 0xc, 0xd, 0x3, 0x9, 0x49, 0x80000000, 0xd35, 0x25431060, 0xd2, 0x5, 0x9, 0xb5f0, 0x401, 0x7, 0x2, 0x6, 0x80000001, 0xa, 0x8, 0x9, 0x1, 0xccf1793, 0x2c800000, 0x5d, 0x1, 0x239, 0x5, 0x5a5057fd, 0x5, 0x4, 0x6, 0x8, 0x5, 0x200, 0x3d, 0x10000, 0xf9, 0x6, 0x408, 0x7, 0x3, 0xfffffeff, 0x9, 0x1, 0x401, 0x1ff, 0x2, 0x0, 0x20000, 0x800, 0x3, 0x0, 0x8, 0x10000, 0x6, 0x7c, 0x1, 0x9, 0xffffff01, 0x9, 0x8, 0x8052, 0x9, 0x5, 0x8, 0x142, 0x2d, 0x7, 0x8, 0xb, 0x81, 0x9, 0x3ff, 0x1, 0x10000, 0x9, 0x1c0, 0x7, 0xffffffff, 0x5, 0xe8, 0x6, 0x8, 0xf, 0x3, 0x0, 0xff, 0xfffffffa, 0x6, 0x8001, 0x5, 0x9, 0x8, 0x5, 0x9, 0x1ff, 0x2, 0x10001, 0x8, 0x0, 0x6, 0x4, 0x866, 0x7fff, 0xe0, 0x8, 0x80000d3a, 0x6000000, 0xfffffffc, 0x9, 0x7fff, 0x7, 0x10000, 0x3, 0x7fff, 0x40000000, 0x1, 0x7, 0xfffffffb, 0x3, 0x1, 0x9, 0x0, 0x7, 0x6, 0x4, 0x700, 0x4, 0x1, 0x2, 0x0, 0x5, 0x7, 0x6, 0x7, 0x8, 0x8, 0xc, 0x9, 0x6, 0x5, 0x0, 0x5, 0x2, 0x2, 0x8, 0x9, 0x9, 0x9, 0x5847cb5c, 0x9, 0x2, 0xffffffd8, 0x10001, 0xfffffffc, 0x5, 0x401, 0x8, 0x1, 0x2, 0x0, 0x0, 0x1200, 0x2, 0x0, 0xef2c, 0x80000001, 0xac5ae1dd, 0x0, 0x800, 0xffffffff, 0x2, 0x3, 0x1, 0x8, 0x7785, 0x8001, 0x4, 0x5, 0x4, 0xc, 0x0, 0x6, 0xffffff2f, 0x8001, 0x3, 0x5, 0x3, 0x4, 0x7, 0x5, 0x7, 0xabd, 0x0, 0x10001, 0x9, 0x4, 0x30000000, 0x5, 0x13c1, 0x3, 0x7, 0x1, 0x8, 0x2, 0x6, 0x1, 0x2, 0x2, 0xb, 0x8, 0xa, 0x9, 0xfffffff9, 0x7, 0x7, 0x3, 0x8, 0x9, 0xfffffffc, 0x81, 0xe7a9, 0x10001, 0x6, 0x0, 0xb9, 0x8cca, 0xdda5, 0x1, 0xa, 0x7fffffff, 0x10, 0x31f]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x4, 0x4, 0x7f, 0x0, {0x6, 0x0, 0x6, 0x7ff, 0x6e6, 0xd74}, {0x8, 0x0, 0xffff, 0x8, 0x7f, 0x7fff}, 0x0, 0x8000, 0xbab2}}]}]}}]}, 0x87c}}, 0x20000050) r3 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210057ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48) 2.160616493s ago: executing program 4 (id=5476): bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x20, &(0x7f0000000280)={&(0x7f0000000040)=""/180, 0xb4, 0x0, &(0x7f00000001c0)=""/187, 0xbb}}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}, 0x94) 2.075269071s ago: executing program 4 (id=5477): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bond_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="8a450200003f00002400128009000100626f6e640000000014000280050001000600000008000200", @ANYRES32=r1], 0x44}, 0x1, 0x0, 0x0, 0x20000044}, 0x40) 2.021514075s ago: executing program 2 (id=5479): mkdir(&(0x7f0000000180)='./file0\x00', 0x30) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = syz_open_dev$video(&(0x7f00000002c0), 0x20000000005, 0x8100) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x50, 0x24, 0xd0f, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x24, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x748, 0xffff8000}}, @TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x4}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x20002044}, 0x44080) sendmsg$alg(r1, &(0x7f0000000a40)={0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000740)="18", 0x1}, {&(0x7f0000000800)}, {&(0x7f0000000840)="db0c48bb179175f8074dcce0a997e2d9255eb056838e190b38139e54b5439fd56f705f2c058ebebc96f9ec84b2eb0eadb5796c382f9be7cc4126a5837a4ba47bb09389691d29e7518c27602758b3e44c433698cec23aa9d3fda457fd2da048684b8952901fbf7ee0bf207238d73a4817a85a", 0x72}, {&(0x7f00000015c0)="cc6ed182f16cdeeacfcdbe9ae3695fa5cfbf535571ed2639f41dd65651d42a80a9bfa94b5e405fae615468797091cfb7bf6206f600d3895f0a950f6e33ef47f2f5d421bd41f8ea0698786dba1d911b54ac9e6b9c91ce294113ccf250b2bac0144919aa7d562764aa3ec53eed4edaa5c6d01a9d31ecfcb87c38765b207dd5fcdcdedd93468d934acbdcfdd5785bb148c6cab46811f03ccff562bd4b6f5dd34c44eaa8f0b11c622d5c2476c8c23f76b00ebca2af352666f978f5949e1ce54db9f032f537ad360887c7238c072e852e3fd15ae5a556d68787aeb86289342764432ee96819eea06969aa1ba66b85f013265b4e6b073c87bcebc19ff8ecb8baf77f7a2d3d4849b89288d184052cceb3d3d7f3f4922311a200b732ee45c4a50269f4cd3942942b94a121f1ae801c5d1007168f9f38258a2f4c8fd220aad3c47a6eb1439fa7b7264914f893090c10eb765c90617bddb6c82d3171be4650e610310620bd46df80aadbeeeba3e3febcd389f4f7320921ac28c012ab49824fd30b66a773152b4b822340f7af24cff7d33e3394930097caec0586d183140d81e2ce1b126458db53105fc894d396b6fbf84e896ba74567086233431f6f2dea9e8c042a271eebffe153283c6b09eb28f331def0d8f836b83c0e971d68f9efc295142246ad163a2908e6bd837a511b522a3d967de37bd4a3e27067bb8012018cf5ccc9364696b5755aa31bdadb712f6075685c17e6fd0e38e9d342353c4574df32bba53bec0273dac0d44ab7267a02d669f5582f6c861db48acfbc8cbcfad4d6fbc353f5dfc950387336cae12d7a301a88f65c170b8e70c17f67d89981ec33db20b56bc57dcc5ccf4d60a7350c1b408b05ebca7a90abef7c9934f2970228dfc1b9540da7b475a0f1b26c0b6920c00d9eebc9439d355f3377324183f7ca57b9b9de66072d7a8788d5b8882efe71d71b8d7b3c0060366710f647f0a12df1d5e663a84caa094a80f05f1185b85ba8caadf3288cdadfd0eeef069c124024f4e742628413afb4ecb4d7144b829b2b6833d6ec980e70d48f74e1ee9119d7fa536fb4d99d9a9b69ca27657c93938cc9e8dd377855b70b3fe65553572490c981d35366c3ff914da9d1d62f0370960a4abd046801e76040d47abd5d588017aad13ed43265609e1dbc739a7086ce796f25f566157b4181b3661b3b18bb40afbd86cdef1a290740b0539786bbad0ac91f6a2153703908ef683e9d70c0eff35e03a7ec3e0a8550abee336e5de43211c5c894b9f4d75fde176515bd4314d9173c9c58f8f2e0b771af44b24e79feda2f588a97f05e60c6c9c9dd63bedb02668b81b55f6f301e6c748c6d0680f3aeef77f1cb901995b9e41f7bd59f017c89110c3a45cb07f24dfdc633f38252e51a3a88bf5338d318b63936c2464447ed4ba10051096dae7d4157ce66298338e74f34fff0e16bcdea26b0d1ec2406100f8f6ddfc7d7ac3816c7d6045ae1335ed25434aa4dcc348bbf7b59f5dd8126a1088e6c1207b47243acc7fe1609a7eeebb5e6653f3d9b25235a265da3f61c0038483e52f63534f038f7f30a470ab7f9fdd0b0735e5b8a99f8fc508f9163589751a5bea5814cff5caf9633a2f4ae2a5441104b80c33d162922ef14737aa9da5aba8c116f01cd51858e8ecad322320c45de0d7b8810e11ec9d2290d69aecec74f40be3b7e4107f10c832339817b348f5a2f1aab4fc732b6c17bafbb23573e06fdb16f7048246a89ceb9f85772392d228914a26d3c7e17a3658c149038c60ad028e1855c4c7b0bb71e8f8dd295a03df0c0cbcfc2032a2e4f7a44ca0abd93cec660eb48de9725a01ed241b44ecefc7cf56e86016fa1f398237f77e609ef63df39b2214dd9f047eb71c11ccd22ff6da5916eda781cdaeead321da61a985f0d86dd3662cca3777f1638ee95d733c3f83e60e6289ec5d2e683fe1cce6f6f48c1524a9e4e5028d50328dd5eec5fc04f20df0d2a6e80a92f3c8b96bc6017971a033483a5129e69cb976e0e54fe5554741297654ef52a12e0e871f247eba4090b54d6982880f7c8bc38cd68ebb9ed5214aa5e225ed5fc6c45476071135ff45c4270e4732ccbef099eaecadaa2ff85340cce4571755b96a1810dedfe42c29158368a9f43e0cc297b84791b6f9c586dcc02e80abc1ea1df608ba406a3a77cf0539c5e7da1ae9ccd354d85df8ebfaa63367e4901d5465499385589f1313768fa996e4ad21bf6eb10137bdb38642b71c4e3d02256618c973b8761b09a2345d9d30759c2b3e9d85c261a1d2cf71be19ae77266c5360a161db201a268608205d9bb8704b01c4570f6b80ca59abd2f3733954573a3a385a870a385d322cf5c681e68b9b62ca205ae32fdecbb36f1feda692816ad24aa236e5af804a809339331af24b3f86b2e989e96337d08151d622a3edeae51160ccf96f9316a2718c36761e8097ce47702f5730394a1ee9147bd20aa929651f09b39b43d1670cddbc4f4fc9214f8afb5a9a02c026d06a34f5f728dd18c647b6896e422ed48b28b6697e542c665d77ad1af5afddddd5da192961226cbb671cfd0eed8d0c8471dfc803ba1096e66878ebc50ff87b6c4e15cc012bfea30bf6dd29b6c5c3098584c92937f9ef04002fca9daf37e4211f388036d67b9b2d3ac68a797b274b5a81e2a444c7c7260aba5a505358c97f55efb4927438633c3ba27898381a58acb726559ff3dbd3ca71e3c85a952dc55a7f54994ccbe949079364168265bbd11df274fd8db69680ea4f40187233402e1853bfe7083be41212809e2e8ab36cb15c13c5b05638c1439309aae2770a361aa1ee721076e4ff52253c0a8589dc3842d64f4acc3dd7a27041e3841ad9a8573414b53a6e1083bea19f251e7890b471bf89556144dee1441a65e31da98b95101be6519b605ea59cf839e2f187a81d9f30d2ff94922a50204aa721a27f8e2b3431aa3c0d2e5cbc75adea18ea37356d42ec65a1d5846ef4abf55827c88f5f771de4d285914ddc6ad031bf65e0c05e4b497112022727f2d09110e35a32748c72538601183de6caf24da3b1dc3e223ee070bd3eb8f9751d31875be9cbe5395d3559c9c76dc85e13538a1e9ae6b010da8ffb468ede37dab4467e1da6a4c3d9a2ada45966d05426c04d38449a98c66684c5a3f18fe383ca1d8e44046fae490e798c77b3c0b7948009f20bb4b6cc6e022ca1429091bc26cf52a3dac5e40bc795f843fc8335f61e167facf78026d464fefd145a9e19c43584fea3bcf1cc81704dff439dfb98ec8d31d620c766ce53ce02baec52097b89683de1dadc0306ca7acfdf284cf6710c49a38b3edc0255405b179e97eecf858b9319fc190bc5671b6875228ff745ac8c724fb954ebd4c260fe0035e8e56003a710ba0445d9346e25b3587d6940e94eefd801412c31c38d9ec15f619b5fd092958a0dbeceac6e4aa844a70e03e069289b070f311e5d760ee5b2b253040b2cd35ce291874b4d69229b068abe79b7ef67ae06b8019ac2094ae17b5e531dc4ffa3e8c2f87b88046e4f54e316c9ed8f13477fa8163e55f180400226d14683e5247af71d2483e5d5d6369a94b8975a76ad1ff655638b3bece25958124a0ba4251a85bae39bdd062dd1cf66ecd7224d4262e1c9ab4dc0e2b5df825ab00b016c04fa1f5eace37a97645a706936451cf0f6f3f7eda9ef12d13d014f014ff4ac076b1335bbc8878b2dbf1de5e96b24bfe5cbf374bff9b3adbaba9afa8583f929a43f709b1dc14130fd7f41b7e01a799545f4dbb1af177f6fa13e13175fad6b761c9a13e8d38202616166e8f5201e5f7aa5dd0a1c9fb3e6ca246c967724df7a0440f0460afe1f6603ed03b5adc765123970f8dda2649acefc578d0ccf136b54d5f7fad9f19ed6098892aba5537d55f7c0a693c607d1cf8dfac93bc64a8d7712073a9acddc30e4c557c5a1db4c254b7416a05dac82335520880e0460bce6bb6f488291057b47c119a9f95993972d21c4e7b00d9beae9e1b3d9055ac86a85dd71acd63ec2566593c8cc04e7258dcb593997891fd5b1a3eeb6d5765c2b26de6b62f66f9198b01ebcfc82fda7210d16a73848989aa11943d2482472ade5f24ad868490a73e5b7ba34e8575aac872c6ad3734cc7afd86d285fa761f8643da585f2c565f75f705529ecf94a4ba444dd922f8c83b3031b2022870d413d63cc294047ace759655285afb9bfffc5e9d3a1dfaa020a0b869cd27d4dc8caefb1d6169bd79afb1ee10c84c32e9f14d59beb22827be8ce16d139b9d9901725ca66294414ccc7832087265b91ef7e4c9727766e8f348525f7a3b358d34025e3b53ba0b10ee7ae8821cd20f974c4dc7bc567370bc36169e8f06208b3820fd2a47c029475127b84d2bcafa184bde25d3bed73aa2d5daca75f3be98631fe8bd21ebd953737a4ac9fcd7cad9accced862acab4c82b5cb9702bd6d0ca19f058238387feff0792f50a2ec7db3106bfcefaf5e52546d5cef120aa58b7d65bf62f7f5cb1d3a2ed1dc75d4df51b1bf371a0bca4ec652d4a6ebcb1fc66cfb576dff08ffda874cf3462d86cb83fed648d6e8ba122af05b49a594750792b34cea127f53576aba60e45925d8c3a6498c21baa3be7ec64a3169c621056ce0fffa92abac329e4052e8a34adfede1f5682aba1d4bdbf1889ca35b596264476d502a93c61f78a9a2b93d9eab4e0938c6164daeb178495402e76ad9781611211f810f7f959443c13408d2365a77283761e3ca5397898b887550215611db0a4c2b7682b783543bdd1667b3be27947fa3d1e9f9c5b726c3d397c098d16c8318c3402b293fce11ff5070b11c0979713adf954e7277f9601f2c318203872daae44862ea099e0a4da0c8b4a92acef32a50bed0d45dc3db532bc40ab242b7ea3b160d5dff27735315d0e1309ae179a3124eb17f5805ab661afb8bfd71b85a19fd65df641e9fef8ca930ee84c8d64d948dfcbe1216a904a44767bab207318d4f2ca9159b5611f95a0a4b10673a87e6efb8f67b6430604fcc88a58cd9f497c6356a5c619508734aec94491d3efc58dcaba11f5b90d2b2b0438fcf787f9c8cdf7e455003445cb3101bff411433c4cd71754fb11c40008d9432c4335896cfe404b8c65fe65e331d843d3790b152db89657aee929d6cb2acee4962c288744dee223d5c29959b859d4299074ca798d37149d04421a0e50d4c22b492ee7b25d7e827ccdaeb23cff7572609f932c39834268899a92fc705029b8e5becaaeca62853481cafc1afeaca5a8fc267354a819ff98a6c86dad38a0b89e4322b887d8c8d2da7453a24fc2e7c0994a0e853240bed7221797aa0525d173f0bec7c588f40e936232ca69892398f8c6867ac4d32d7ec261369c50188675d05491355c489e6ba0f3ec2bad8bcd85f87ce4ec588701426e7edf3cc35e0507b414a33a6a6741d8a460e6110a8b20eedbcc53f96d72a32d070d6054709064cd08e6db3da6e075e752e83a27abc921c3a933930755273ab8f633ed4a6a8454e78fd3ac00939195e0636e2d7ef25ffed974662fdc20c7541a1ec89604694ffabd9245ebad25b5f8ef3bce96ff1654121f47ce1b6f8541273f80e329ee5124d079a5aeebf9581a823c99a4853a3e55b3d87ba1ed287b9c15469d67aec8c43a399e48011b6864acd0b1a61560d754a1afea34b5806317bf92ea88697288019ba4aa0f3f304c01484b60f74afdc6dc3034c66b539599d350d386ba8395d7d656976874357bb936047f52aa4004e7fc25f879ec0586ee4370524d833b241017c4814ddfafdd93a5185f", 0x1000}, {&(0x7f00000025c0)="1db69abaa0ef05adde374853b4ce3c7da9c5dcebac8a7f2610c97518921745dc002be6ca45c5ec9d867fefac531d65c1e4c98e610d27c8a6fc1d6023c684345a8a931084d5db1c3e9df19166815b6d2d283e74ac6c2904789e2bd3a7c11ce815acec049d94c6ee9404dfbe69f145c752239110da541bf88bfa5fa50eae267fcc6f8fecb6080252e88165046d483ad2f1526f631520dda660371a5103e0f328c13d70621ef2937272928f32dd3a07c64419a2f163f184ad5fffae4bc91d116d0437203b3e9a191d6fdec3793bcc8ec980e48fc24c805d7e501260479db259bb3c4d91f2d5033c11705bee0ddf1e7eeb5009729535c6b0172f283e761c382527f78ec660d9ac41e62abe63c6e5d7373fdfa7c7bbbf8b14e0c374a4c03c6248316e47124f0083a55105a0d59ca39754787c7850436c3f151a7dd3e3c88d17f41052ec91555ce606a4ac9355a56166350214964df1168b89efc0790859d33e25bc543e33c9949a48f657720c9e77d5c92a496a1d7c696b9daccad2aac03451442d017ace5b319efe4e8c935086e0c7a4596d16da14409e98d6fee914f7994daba9007044cf62ee9544d63c58e2a51dfebbbfc5a6bf5ddc85d85e20b8452bcc75d65c4330f704823952c8cf84f072099df496f389440bb740c8086836defb7766324fbb23e57625fcff6c798dfc5de450c06a0512cc2b734c3e2dd8bf9bde90c5934c285d13451ffa66989340fe0807c18f9a808f610584bb801777c0ac1146ce813ca583f7f085f767755d47f493c31ccbc7461d69e669f8daccbfd7da1cf641957d6475763ce62b1ba06c17531bdb9a2f35620355d7a9c5b58240386e057e2e451fca310891059136cef7c15b0da27ba2651a1b1f761f1a6e0621e825308e1ba52a7450e7c12f573b334ac1571452b60512cb092f685966a44baaf3744c64fbffe300275fe91cbad673f07b7b78f5bbd9d13ee4f13c8cf30ee2021000a3c2061468abca445423cb1adc3ede21367093c8f9ed540b4b1f7bc44d2775939e99886a6425df3f4d0e09294a6d6da427364a5785bf1e380653cc5c3787ca91dc500c11fdda6831bfbfe5bed0bd0a9cd5e65609acef1ac105c9cd5a6547de0a1b1a74c6c6babbcefc1fa12b5fdaf0fc78a0104f66cc68cf784d04477ad5a4e5a6ed7e59195939f26c237b6836bbccb6f89ae1919ef0f9aa3decfd5a44dfe2348c410392befcc3dd021990f074e5061e453dbd0dece686f093a5e554aa72b7febd56d3eae977691ca21b701f0edcbe8cbc8507971e7bb8bd26d749d50f16124f6e086308f2a32165166efd1237a15055db8266109631f13dea720c7a4f7b494eba9db10f180508798c84824a81efa087d56cec4f7e852733aff2cf95ec87ff13727a9e9542c84886a9496e07579eae555a43f3f6803f3920dee5e408135f6507f1d3df4ac7ca8e81269c97a2998f6a70aedb0ccbd7a49ac50d449744de880235694abdb34ddde61e433e1c952aea375113b90f0bb950fec7853de7a99495b9ec74dfd2600a89b1def4754d71c108d101c9f7ade85e2b256466b961a841f656aa47bd2d2db9fc043eca385396ee84ddeb3c4ed09d134e5dc961be99a7673591186514bff9b36fde76758b0d5bb1f1674bc1da219a3007e050859bf63ddee6b6da82fe1b85fb94f1f4a351f3ea41276a2e2a0938986bf5f9f80fdb248052700f55d409c786dac73983437ba8db7111d757f0353f162933247f99a6f3896b6a14d116f01216c3cf6ce962072e02dfaede14652980b0604bf8b1e010edb9b14b13fbba5643d7f6a79e223c99bc57f88edaddfcacacb189acbbca0d19ab7aa5a98f0e32b4f07476a1e8efe9d95f7383bdaa38a5fd13b6a0a2e9313dbf036abd9f7ed6ea9c23743099904cd58f6732170239e022be37571f29c1b832c0d284f88b99ae52d508abc3c75de5234c7731654b932c919ec7da1cd3bd09089792b8ddcc8ef905b0149757ce1c5ae802eaf98257310ab8766325c51c3e57c47ad2873056d60e3840343bf369fa4d7301032cf9ab9caf746390ba75f43e2fe1a1ac37c9235bf66f2d9cf6942fd3fb119fcc9965598e54939117b46c61b7cd2929d0534e291095adc41f298e934fc79a0ac5026529f6d1571d8731927b8d93c0acdc3d19f2fd4d1dc832725482b10e1fde22245a01a0ee7d2167d908e8e5899549140cd342dc947aaebcc4b69225474f8f642c6a4630647b1e046ef99ed598e2b86f4bfb82d01db34492557fe928927aabc65a096bf5d91ade92a4b36ab96e31b9987a917c0a2bb40209ff21adaae854c9636b1363fc478a5ea0e04f5e8c6b2abb9056ba6781fc764e5115b702f20148242dbca3141da1b214bccee75695a197d0ac7e8f3b44a5e98ad66daf77fa33cc11eb948f02589f05e529936719ce6006d5a944234f56e46da1914ab77933096734379abca70e984540caaf44f2f834baab4733cef671f468528bca234bd72d5837848245b574d170cf5e50306ee3d5629147a4e81c0378cf73a382c5847031e4b4971e648321285755609e684e7ac0ea445e7594695774f845a742a0426c28053e24861daa9acdc9bac4e5f8db11beed4219d0967e1846548d35c73e668738a010bb4ef9da97364634f4f3a1779a09a2686578a51c67af305db5884c528df607ed1191086c5a06d860b493abdc78b702ff440814a3712efc7ad21781384d7544892f141364a027f98905f2b7a0342fc04b8eea5c22eb083ed689ed6777a26a31fe02c481c91c666420e2f596712f2cf49e95e41f28b1ab750e91ec5ac4fef2ac7e060f90b67be782357bae1e75833ba1f9ed14664ba0144959d7227e604de037a4a5c98bff01296acc7850e662a29ba82bbfb4d91cc3ac12a40a52ba2bbc57d666be405085cb77dc602d187704b351d391ec6142c07a9155f44cf5ce3b4a8c60b6ddc3ce23beea060ff913a3580f9551d69172af2d404791e9e3527847a2acc8b3447ff98d506f64dcbfc743ccf947e57d4dd541f727b4fe79a649755285bae7c58dbf7a460be4d09736be7131db223f1bf9e5d3e500d4b594256b25d124c747672bae4e4507ec4d00e9ccb557d1302eb3d42a97e481546b8bdf84dce033afdb87a6975651fb05e6d07a3c5721e5d324c97994418bf4d0696e2004a2415983f65709a9471b703b0916eee14be62f28ad3dd4c07711b2f236d44a33b01076cb60ceb6912984ec53290527be781302e4b0e4233405cfa5ebb4403a27c7e1956fad93bf4eb732bcc8913b37716c898cc22c80abe190a66939196daae591ab0e1a860b2ca8085158bfd120a390e8c66f0438a7e9abba4018273d91da1c5f7b8668cdd558d62723ffb017f03a14c15c1d043d10572d9bfd0520e3075f844bb4fedefb7c9bb258631f7f095f180e97f0136ffe453b2229d1bb042977d9d700dd5ae06064a2178f6db3ca8e79791d46368f11096037c22c668b5c7a82c828323c8f7140ea02ce042e1ac8885f7f80fc77e9d61740ff4bb4bd002b629b58c78ee417edc0365a81009b92cc311d01cbe11bf85c823a5f1e4cb94a6db6dc2e7019995c74b2dc51e8251738ac7c3bc601d4e43f3717efb912b3148c2a29b2f28f351a7e34e3b3a9a4fd22360a0c9635d198f70e8a0d4378df7768dd31d6232791356a7b3940338f3b970c8eeb6e951cc85a15e7af14732093f3a965a118a84221f135a7a7a8dd7174abbb6982f3b5e1c17f02172e938c8a32f2ebcf11542143f43f7db4f46bfb51a8b26775e280111fd689ff05d16fe8dddd72d2f475735555e649e27d7325dc080a45e8bcc113238b7c301072acb6f1d65144cfb544b472ccf265e8e258c44ee031507dd6f038394a0cf42c8474ee8dbf44c52ce219412fa9f4d38131d09ca4007991c0a2d1c3995ac9f96a075709ba1b2e67007047615688279c05e240c3aee8ae6353a5976e9fa8e3c7ebc98b278607e9cda66ca3385cbfa2e208931bbfbd871063ae1a72fba4ee49b01beea3fd5c47ea30f1f39f792c9bd812f27a04e117ecc0fbe8a4e747c50473786593297615f4064d4affc4c0b8c9ccd8d1e0477eca054917e0fc8fa64067bb35f41a588bcb11764451a71dc32ddda9a21571c4c253da4264aeb4614c8c93af7ecb40e07416dce24e1ba08e502af6b18297198cdc9b90e62ecb92c59517e63dacb9e6b51a0f87c34a5e0ffa52ee40eaf7b7783f820fc8fe744480cc35ee868d4f82ed20691c7b7b2e559db9f797bd96c0f20a80f0893f18a7e5acec79593e40e4e6f13016d7c62a4b4dc4cc489c715aa7534b67bbabd1ab9c1acbffc1da74cf5d2c17eca1fa711514efb01f1a36c7db20565c09752a550c17e76ef503b7ddbc1acbdfab5bbe093bce64da7d0e546b7d2ec709afd958de4786c2be24bd7af77cf30a4efd3f4136387945555ac375351e0cd4d94506c8fd191e86f67cff86ba9db11809f83637ddb85ea30b264199cf9dd6b328fe0b34700f997a5cb3b4f9fe76a0b19f7f073b3252ab41e08b84741dc81af9058113045174efdc070e246cf350c669462e00fc2f838f946daa6ed839d77254608f938b84337fb4e003b034afbfed0fe60ccc0d41bbea4355d4ee79e3c50b0377591bbac42ee3a4381eca176e4695c5c47968ce67b2eb9c5a1f42ce4088226159170c1ee20c12080ed8efd419a16a1a00015992fc167b515f80718dcdd9b74084db3a812bc192ebdfe8586442bc07a5cb4a96356f1b38fa01b024adabb03d4b9c7b505b389bfc70359d17681e64e7361f1269f5864648f60a1f7b46a19481d64a12ab27ef998c1fddc3fa6c59fc09d55f01cc0eb1cabf8a2a2ed8bf299ca64533c8b5bd484166791606ca30e37fb8c556255b531fa0018c1ad5df4fd210681bb68097f3fc2e3a4f29285089e7962eae237b96080b9fbeeea1c7c7ed39cc21a7b0c4f9054646648c2314ebd5946ecc8dacec5aa502c88526d1a4318dde52d55ed3a95fa64fa66a9ea5a260812861914be4eb6ff89c134983328849c0c9f0ddaf52a015f9b4967e7d62f037290bec420917742694e22c6a220261c630bf1158e35a82112290715afb1e956ef71b1d5ca560edf8b6fd5a1730a4d77f16fb02af1125bbd4d64e1600e4e67a0a63ee90972f7cb253168584e8c03c7e3a88c3c5b7329ddbbe3ba0226114f6cbfaef15ffc099c2eb0c1d3c03883c3ef7fac2487a5365ded52b221ac9b22e7f2de5b57b446785f18f86bef916a541f6255a35ae1147c274307e399ba563c0b1d850d7cbc51bb618f5c1cd2c757390aaec9e85a7f46b07f32a4494212a25b46aa04e818bebe52aa0e7fcd6bda5ea6fb264adba726a22f48bb821cbb49b43e1d9869d30037f0374dddbe492f9fae84a2929177e4a435b97cdf7f0c16c8bf0519257f53c11905924de529d447d432beb28d0c971007e41a298aaffaac861e04b25b39575efac203eef268f53de7bb4b0cf0c0e52bd2720d3ff7ba8bde4e0fe4f4e6feeed5c91c8738b8e893c8939b35a0429484aeb10f1f14689d13623988df6992c53542a2edfb734f76dbb511b74c0946759c8c8cd3f4574fd6d38decfee6824975c3d7e4f1f1eb0750b9a3d53c3b4dfa4db9166b98f040141eabf59f586dbdf0d8d7899954867d5de260480e39c6ee02c1ef26b4d9c66c8c41cb167b9955154a459f782b0c9cb09c038f65fe1b54fe34260781d323019f355a44417241e00767c95903a2b2f791ae60c406cb5275db6b9d56f406b9ab9f575cfe0c0344a11727ab2ff1578f17e1263fffc602a7a911959442e093338", 0x1000}, {&(0x7f00000008c0)="57e48be1d04eff13a65ddfcc0ced8ff34f02734d87b2ef574073c8c50af4e84fcddffa48195953308e37b34f7304bf6e7445d02e6431d89730b8de3a411a14a1873ed207b7154b3c5254372d1a09656d1eb3628eba90575f5c12668211393a461afe2cac179355025f75e52473a0326db46a93f6ff933fa4ad583f2d6144d9854c59b13e37aa2ee907c921fde90cb65558704441b6c35a1995513e51c8e5429419c627e1f7923adb1c33f22be65e52d5e259b5f0f5d3484f66a171d516a8a035e252bf120f357dc9f8dcbc85b721a879149e5abd651426", 0xd7}], 0x6, &(0x7f0000000b00)=[@op={0x18, 0x117, 0x3, 0x1}, @iv={0xc0, 0x117, 0x2, 0xa7, "e6cf75d8360790a1355c22b3aeb742fb5634c4f4fe10ff59f38080e4a857f7212685dfe53267dad019ee5ed8f1e5ad1489755182b3adce19c802c197a6b0be049db62e61388c8743f3cb39e8cfcce2c6dae29343836aafd87a0ee640fcaf2fe0d1c07ff788ced34148375f1f6cb1e60481fef3dfe614ad53d378d0b2b36518e61443d9e043edd54cbf87c1015fca99f879e15de7a064541c9c06f7721cda2a984a92464e022e92"}], 0xd8, 0x20000004}, 0x4) r4 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x6, 0x2, 0x1, 0x0, 0x1}) ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000140)={0x2, @vbi={0x500, 0x0, 0x0, 0x0, [0x4]}}) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000340)={0x1, @pix_mp={0x3, 0x7, 0x34424752, 0x7, 0x1, [{0x400, 0x5}, {}, {0xd4, 0x8}, {0x6, 0x8}, {0xef, 0x1}, {0x17e, 0xffffff93}, {0x2, 0x3}, {0x9}], 0x9, 0x7, 0x9, 0x2}}) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000140), 0x82084, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000005, 0x10, r4, 0x5ff81000) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x3) ioctl$TCFLSH(r6, 0x540b, 0x2) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r5, 0x0, 0x4}, 0x18) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BTRFS_IOC_SEND(r7, 0x40489426, &(0x7f00000005c0)={{r4}, 0x3, &(0x7f0000000580)=[0x7fffffff, 0xfffffffffffffffe, 0x1], 0xe91, 0x4}) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f00000001c0)=0xc) ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, &(0x7f0000000640)={0x3, 0x0, 0x1, {0x1, 0x2, 0x1, 0xfd}}) quotactl_fd$Q_SETQUOTA(r8, 0xffffffff80000802, r10, &(0x7f0000000280)={0x8, 0x2802, 0xffffffffffffffff, 0x39, 0x262fb3fa, 0x0, 0x54, 0x4, 0x6}) sendmsg$inet(r8, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000080)=';', 0x1}], 0x1}, 0x0) r11 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) fsetxattr$security_evm(r11, &(0x7f0000000500), &(0x7f0000000540)=@md5={0x1, "374053e504fd8ca2809b48d88a369fb0"}, 0x11, 0x7) r12 = open$dir(&(0x7f0000000200)='./file0\x00', 0x40000, 0x8) open_tree(r12, &(0x7f00000004c0)='./file0\x00', 0x101) recvmsg$unix(r9, &(0x7f0000001140)={0x0, 0x0, 0x0}, 0x40000100) mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)='jfs\x00', 0x0, &(0x7f0000000140)='grpquota') 2.021300308s ago: executing program 4 (id=5480): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x5, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=@migrate={0xcc, 0x21, 0x1, 0x0, 0xfffffffe, {{@in6=@private2, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0xfffc, 0x0, 0x0, 0x0, 0xa, 0xe0, 0x80}, 0x2}, [@migrate={0x50, 0x11, [{@in6=@dev={0xfe, 0x80, '\x00', 0x11}, @in=@rand_addr=0x64010102, @in=@local, @in6=@remote, 0x3c, 0x0, 0x84ff, 0x0, 0xa, 0xa}]}, @user_kmaddress={0x2c, 0x13, {@in6=@private1, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x2}}]}, 0xcc}, 0x1, 0x0, 0x0, 0x800}, 0x0) 1.935476545s ago: executing program 4 (id=5483): bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x3, &(0x7f0000000340)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = add_key$user(0x0, &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d2", 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x5, 0x3, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 1.935344148s ago: executing program 2 (id=5484): r0 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000000), 0x169101, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000440)={'netdevsim0\x00', &(0x7f0000000180)=@ethtool_ringparam={0x10, 0x0, 0x0, 0xfffffffc, 0x1, 0xffff8001, 0x0, 0x5379be1c}}) ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000180)) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @rand_addr=0x64010101, @broadcast}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56d1373669caaa2f19935e6996c7096ffe4fb3af45a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1.679488898s ago: executing program 2 (id=5488): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$netlink(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sched_kthread_stop\x00', r1}, 0x10) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000800060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0) 1.615087596s ago: executing program 4 (id=5491): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000006000060000000600000008000300", @ANYRES32=r2, @ANYBLOB="0800050009"], 0x24}}, 0x0) 1.61486757s ago: executing program 4 (id=5492): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000007112370000000000950000000000000089e2d90aa1795cc26efb1dacf01150510936875c66d6a7d6eb12d4cdbc5c0ce0d29df91940d8ca08008e7aa5b3c9a10909d6e18b263131bf965f55746df5189a2e23905ae4dc5340e0eb74eb523d5b77a763cccb768b4453c8b1b1dd0a71983b5c2cfe11f3d30228772b0b798ebaf5abde2ce3ec34f8c6f13ee1f181ac563ba7a7edc9be94452da6d7eb67ae3243cb393245efd0dd21de9553cbd1a8516282de458c44d1ddae97af584de743d44ed18d20dd3b2c42cf1e8b27788dfc562367d46197198cd19fda89a6feca6c738b1d4b2522"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) r1 = syz_usb_connect(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f010400000009058303"], 0x0) ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000080)=0xb309) syz_usb_ep_write$ath9k_ep2(r1, 0x83, 0x8, &(0x7f0000000080)=ANY=[]) r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0) ioctl$EVIOCSFF(r2, 0x40304580, &(0x7f0000000300)={0x50, 0xffff, 0x0, {0x0, 0x68bd}, {}, @cond=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]}) close_range(r0, 0xffffffffffffffff, 0x0) 1.508676649s ago: executing program 2 (id=5495): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000007112370000000000950000000000000089e2d90aa1795cc26efb1dacf01150510936875c66d6a7d6eb12d4cdbc5c0ce0d29df91940d8ca08008e7aa5b3c9a10909d6e18b263131bf965f55746df5189a2e23905ae4dc5340e0eb74eb523d5b77a763cccb768b4453c8b1b1dd0a71983b5c2cfe11f3d30228772b0b798ebaf5abde2ce3ec34f8c6f13ee1f181ac563ba7a7edc9be94452da6d7eb67ae3243cb393245efd0dd21de9553cbd1a8516282de458c44d1ddae97af584de743d44ed18d20dd3b2c42cf1e8b27788dfc562367d46197198cd19fda89a6feca6c738b1d4b2522"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) r1 = syz_usb_connect(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f010400000009058303"], 0x0) ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000080)=0xb309) syz_usb_ep_write$ath9k_ep2(r1, 0x83, 0x8, &(0x7f0000000080)=ANY=[]) r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000100008400000000000000000200000000000005000000000000000604"], 0x0, 0x3e, 0x0, 0x1}, 0x28) ioctl$EVIOCSFF(r2, 0x40304580, &(0x7f0000000300)={0x50, 0xffff, 0x0, {0x0, 0x68bd}, {}, @cond=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]}) close_range(r0, 0xffffffffffffffff, 0x0) 866.835063ms ago: executing program 1 (id=5502): bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x3, &(0x7f0000000340)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = add_key$user(0x0, &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d2", 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x5, 0x3, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 407.212539ms ago: executing program 1 (id=5505): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0xe, 0x1, 0x200, &(0x7f0000003c40)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a73090000000000001b0f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be25070000001f000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258add6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961616c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"}) 407.02641ms ago: executing program 5 (id=5506): r0 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff0200000000000000fffffff500000104004e200023b0"], 0x0) 342.992548ms ago: executing program 5 (id=5507): timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r1, 0x701, 0x10000, 0x0, {0x26}}, 0x14}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=@framed={{}, [@printk={@llx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x2d}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x51) 342.606101ms ago: executing program 1 (id=5508): r0 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace00000000000000752100000002ff02000000000000000045000000000104004e200023b0"], 0x0) 342.561407ms ago: executing program 1 (id=5509): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x40201, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000380)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000) write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="001c86dd2000100000004000000060ec97000fc83b00fe800000000000000000000000003faaff02000000000000000000000000000188"], 0xffe) 288.665234ms ago: executing program 5 (id=5510): bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x3, &(0x7f0000000340)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280), 0x0, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x5, 0x3, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 148.475286ms ago: executing program 1 (id=5511): r0 = syz_open_dev$sg(&(0x7f0000000500), 0x0, 0x40001) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000480)={[{0x7ff, 0x7fff, 0xe0, 0xfc, 0x3c, 0x7, 0x4, 0x21, 0x0, 0xfe, 0x7d, 0x5, 0x400001}, {0x7fffffff, 0x2, 0xff, 0xff, 0x4, 0x0, 0x1e, 0x0, 0x20, 0x2, 0x0, 0x4}, {0x6, 0x0, 0x0, 0x11, 0x1, 0x9, 0xf8, 0x2, 0xfd, 0x6, 0x0, 0x8, 0xe0ee}], 0x7c1d}) (async) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000040)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'staff_u'}}]}}) (async, rerun: 32) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x80000) (async, rerun: 32) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {0xee00, 0xee01}}, './file0\x00'}) (async, rerun: 32) getresuid(&(0x7f00000001c0), &(0x7f0000000200)=0x0, &(0x7f0000000240)) (rerun: 32) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), 0x29000, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cache_readahead}, {@fscache}, {@ignoreqv}, {@cachetag={'cachetag', 0x3d, 'user_id'}}, {@dfltgid={'dfltgid', 0x3d, r3}}], [{@fowner_eq={'fowner', 0x3d, 0xee01}}, {@obj_user={'obj_user', 0x3d, 'user_id'}}, {@smackfstransmute}, {@smackfsroot}, {@euid_gt={'euid>', r4}}, {@audit}, {@dont_measure}]}}) (async) ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f00000003c0)={0x8d, 0x0, 0x400, "a15e96debc3a879c36b4298708d4bf5ee8edfb96d7997bcdda0df0c00440c7c68fba5119b4edba315821b0334bf913eaaaa13a638ff8a8a084224a580b8366685920f23cdb9bf144ab2909015c505036f79bdbba293de2da015cc15cb5e71b79f06154be46b4e83746e04636f55522cfd3ff8c7e3d39b7f4496115cf2f72a32d894a592c4c09e4b3e4d0883682"}) (async, rerun: 32) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000480)=ANY=[@ANYBLOB="000000000000000085"]) (async, rerun: 32) lsetxattr$security_ima(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580), &(0x7f00000005c0)=@v2={0x5, 0x2, 0x3, 0xff, 0x33, "22d2b3d5a862d4a76bda6134181d3990ff3cab7c28adc842fd525a9628ae249d37990deb5a862ebbd749e083951e3fb15c537a"}, 0x3c, 0x2) 147.717201ms ago: executing program 5 (id=5512): socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) r0 = socket(0x1, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)) socket(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x1, 0x803, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001880)=ANY=[@ANYBLOB="500000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e160feff2800128009000100766c616e00000000180002800c0002000e0000000a000000060001000004000008000500", @ANYRES32=r3], 0x50}}, 0x2) 147.51651ms ago: executing program 1 (id=5513): bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x3, &(0x7f0000000340)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = add_key$user(&(0x7f00000002c0), 0x0, &(0x7f0000000280)="d2", 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x5, 0x3, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 75.366592ms ago: executing program 5 (id=5514): r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000002c0)={0x0, 0x1, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000000000005ff00090000003c000380140002007663616e30000000000000000000000014000600ff0500000000000000000000000000010800010001000000080003"], 0x50}}, 0x0) 75.023584ms ago: executing program 5 (id=5515): r0 = socket$nl_route(0x10, 0x3, 0x0) lseek(r0, 0xfffffffffffffff7, 0x1) rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0) rseq(&(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x7, 0x8d6, 0x4, 0x4}}, 0x20, 0x1, 0x0) futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0) r1 = memfd_create(&(0x7f0000000280)='\x00\x00\x00\x00\x00\x00z\x9b\xb6\xe8t;\xfc\x02\x00\x00\x009\xa0\x8b\x14d\xa2\xa1\xa8!\xe8\xd1\xa0\x8a\xce0\x1c\xb7\xf1\xccm\xce\xd4\xdb\x89\xe5\x8f\xe2\xb6\xd6\x9cF\xbd\xff\x14\x05\x00\x00\x00\x00\x00\x00\x00\xf3\xdc\x91\'\x06\\8\r\xfc\xeeG\xbe\x90C\x1c)5\x98\xa3\xfa\a\xf9\x98\xbb}\xeb\x86P=\xe51\x9d,\xb7\xe6_M\xbe\x19\xea#\xff[\xd1\xc3\x9a\xa3\x1b\xf9\xe9\x1d \xce1\xc9\x9f\xb0\x14\xc2\xeb\xf9\xceE\xad\xa4\x92\f\xef\x87g\xb6\xabW\xac\rP\xf42\xb7\xc8\xaajn\xd7\n\r\x802\xd7\x1b$\x95tO*\xf4\xae\xb8\xb8m\xbf\r\xd5\xbf*\xfd\xc7\x85\x1b\x8b\xe5\x97j`c\xe0\x88?\xda\x8a#t>r\xae\xe8\xc9)', 0x0) execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) setrlimit(0x0, &(0x7f0000000980)={0x0, 0x62}) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) writev(r4, &(0x7f00000007c0)=[{&(0x7f0000000380)="8b74fdeab98d012a806f42d2772d1ff8be3fc2a474c76bd60c840a664ed8779134b75313c6bff4140e2a0baff74fe18c6a418a383f7baf03485750a817224e5f2bec6cab178156b1e75a5a06c278ea8426585d01f82247ddbd57c8a80ccb94d6c3a5d6af5c8b8b5693c6ce1347300dbc24b4581bba50495824d242870c0c81e8573a0d5725c0e4fdcc660aa2aa63f09cf9e722d0508ffbd553d76dc22f8c224dd3045895ec7c160c6e8663cdb17b1589ee732c7b3734dae55a", 0xb9}, {&(0x7f0000000500)="d3a20f6c51408fcac0021fc76386275c94c9eab879e2ee2781362f1d406e73e3d42795dcc9bfb755f8590e8b004b0a8994d72d0c2d2b5707eb9d9271ea20d79e6ae409388a8c08d1a56a9e44c40aed3ca1f4733006b66419738cd7e6b27bcbe83012bea26bd77db0498ae31165b303c97712da2475a6da64b825e67ee933f966663699adbdf9c9ed8aa920a81d4f1b2ecbaa70c9dc4236549e286584bd471dd0c52058a184b118514234a4a011f590709f8cc8324fba6e945d9901c870d015a7534654862b8e0d3c34170d51a1d8d875a6455db030852fa75bb6f157d151e23d0e", 0xe1}, {&(0x7f0000000600)="98aba4801808da5011afd5c69bf5a2410a0957514640287f1cde9aa0a5733431bfc1d552bc99b6f21cb4498d6481e3d4504b790cd20ba79e2f61b6cc6016e095b52a7847a84ef248a0cd09b02d41b673e3f4926eca0ccc074ec37e11fadf2179834690fd9cb1aad37c8136120ea61d9c117443ece0ffa446470ecfe5a080b4059060ceb1e4bb243cc6269d134ebd51a1d89b98d049", 0x95}, {&(0x7f00000009c0)="2a7b73b56021d0d59a13dd026dc28218c7685596ff40bef350f4e866b699183891a189e3b22164fb3dda2defe19f52e6f3ff1a94fee51816e047558d18ad0bb1251c5bdf49171dfceaa3ce345351ae0ff37c7f0df735d3bec8b5c74cb8e31b56a8f281f097f5a4899c9c304729b167d9b22b58a5b5f82c02eef6ac9da35fe597a8d957e19230cb66e7e0b8b4ddd296bb45eaf2e1d1b23058e618dd8fa306f1dbc45f3b5699e6693b0e5ea29eccb70874053904603050b2d97cd7fac8d7a42345200d90383d4f8f8a783c8a7eebe1193a8db2912f8c0f6910ecafc2c831779704e5466209b51d126fdca03f04efffc607cd6e6a63af8b382de77e8750e813d965ab390a713ae49a1b6090f1902a588b67a33405088c8e2efe01f11ac89f00336d389f07bf7b0878498058c58dd154dddc437fdd2bd725516bb2a2f3a07cb9860461bfe74ba7bd8884ee5ef79e18fcbf706429e5d3f1243c93a2c408875a3ad09842ede3e64490e290b792a351f5d88c38a5c4204d9b07be81cbd3f0cf6f8e352521cffc1dc60d9ab1b30647efd24700f78d394af76d5a621b215575154edf9a078c5b92452726395be6f35411a7b15793b49dd4e29bf79699c03e05fd54be0edac5e87712080be54b84215812d0b2f434f4f5d42b2de0919993d08ed1bf13613519275336a3c04128d2c2017e61e869b3b92ed3c68b98f163ba55ac120f969df669833bca799020ee585fc6309eda5c7933b4ea37b3f1577d0ff3ffbc9df65fda2b2246ffe8ae08b14492eeb77a4ad4b0ee6fb1156699a589bdc445a58c759b25ea12657eac8b2ae1cc8054d75ba1f64d2bfed23608f95e601f862f419f7f55eaecd8de45f4c1fad6a680c77549dd5397019884e226028432859ff959eb0e111eda2ea7d26eff03fc5bf8c2d26fc27429243b64fa03df247bf80994609dddf92613e918940e8b564cbeef89c967fcee8d830c688a7afae50110ae400df5c2070085358d6cd740803335f1862fafbc97c0051d8e2c0b350dd44131bffb72b64a9d0e4cd6665cf946787a4b856ca356cfa71f0b0925e9d3182840af51a58453c32e12f5846dacf4d400c15df479c9180aa3306de36b1a2c699dc653289ed4c11f7c87c3ed2887427bd0ba9971ea9db731ec8dbc52d20e51bef460065a202e124fb9f6507866337809822afdc834a5537c689455751509e5b9116054d13ceb3406a18635700d1ba315bff111175a9a2ae7f91ff1e16bd422bffbc8c14966767d4a8c370858ffeb9e4b048b4b2dcaadc8ea549eb85a7ef8bf6bb59f4e983f8bf5c7d6e80c860cb88c6313daf0a7ac5d5c4e5e4ff8bc09b84b1ff911c676e4033795317b66f2ad1b5d8b9c94b30036e682fbacc4a682287395c14c0626c0f5bde4e1b890013b543aa6e7c1db8920914372add7d6584344c1bf1567cdef61d34b3d5d5c02b250314b222eff1b95c0f956dce677cbe7d72064438d943fc75a4837d8f2d08ba780ec770078eebf1e65f850c9f614715cef1b0818db0ea0486b31feffec4a14e0f3f593507a90b66285bc0998c509e8c91603ff24dcc3d8d70fd8ca4349e5ebcf1fefa52ad312712784701747ad3a56716d24ff732024b2f0cdb550f905121b65f1ca19dcd4048eb779c3b14a2d38fbe91dbe99902809c8d1f1b93f49eed5660336060a22a13736f326f3e08142f2d5bb438f0516ed839a0931462bb3463a372d3eb1cbb221c67ad83cc0c256cf96c9ff4819af9f8f103c8d0deb44f7a1d5db6c79f12877911c44c9f82fb8320e06f4f4fc3f335e21dfca6feabd6e3c99c0c1eeec52d0180cd45657b9c8d039cbe0686b3dcb2b30243fad5ca3b6bb5ddd6cad5953af60e577c386c5f60a05ce99f8ee19d48c2284d4ba1f7e1ad8af9a66056048c24c154e90565a25b40e87cea60c551d05dcc8ac78bb4008070a0fccc6d8fe6c36c3f8d3259d21cc50d8f0d5e67a53cf3b3a1b0ec79a6599c5593236c434fd449af4667b43dbbe24db6b6c81e692cf6e38ff1bd8d1350ae8d7a7d500032388744f5037a21352079105960cbcb2822adc1840ebc434028b082f1227e723c92846c95e321ad5de95b263cc7112ac652c189812d48aaee987c33fb23d0ce2069e21fe33b7fba31b5c6957bbb42f4b3f8d36eb71b1942d306bdd0884257f09f6137b00b4cb9772fccf711b471abd9be8b97ef7a59def121e9bcd3bbc00656a46465b185829b7cdb8f3ae928939b70aa2123082c74421317eea46bbb4efe78729fa2a6e0e320945af43400f5d4a5d723c5ea48d840b2ab65d46bbf8ff4be42aa9bea64e51fef7ac945100015ee7f64492c0d68d9b07866864647b1588b1e3a67222d4bcb23b93fc87b9ca921622284b3690ed5fa20c428ae3232955d96a59ccfb73c263cb50966987978fa4e03f9b0aeced9f784f751366eb2a1669d0d956a19e524acbbd6abfd6a5291078465ad521793b956ac8d2533f87ce6267b4c57725c8cb1de2b2eea88f3ca10086f1fd6b45deefbbe098c4df056cec4d229704a205b242c43cf69452cb642492d0e9056771dfb1570a06cab81b0c0601b847fa61f8d216f72fc257bfb58cf6d88dfd13cffb34458e74c8f7b9c80a460099d680da8ce50e8c21aa3ed63d7647e37673e7fdee7b1df769a26d54e80f1f2dfe7e9ae41e332a4bf65d9c17fe0db5ff84c93917c49314fb727a8223375af0f4b7bdbbc462f2eb1385ed817e49ee295b861b574adc948cf660de370f4d1c05d3a342b0882dac7f533975f19d99e408d837dca810652119799f2c78c851a9909f9ab4ad06740859246370239bb087b87aef5aa6c0d1f56d8d84e7cc32593b3fef69aa7d1e0a1fbdd589d144152efeabaacdd436ac0af436031dfe8abfdd9a2478a85cf2018fcd523f0c173ad7320cfdf2e32f53b6252f8f5b0428bac854576c53a4f8d028309a257ab63d20a097b0be6acd2a5aa7c724ebaf0a034d05a83d4f368acb0af6d69a5644c22bc39bd424739ebc4e05cc191a1bfafdd33e6c07a95350679bf2f0f302f61eab3539df51b8813a75193b36ccd7b221f0934daf359adaf1bc842ea45d0aee2d549b3250dc2b08837df074c56675226ddaca0eb3fc3435e50f7502de73d7befb0593e87dbf915c1431ed9f23c58b500cd8459fa8fbdf9f01d883c0d3b924c868cb9e24245da2a992fe81aaf29834dfe6bf6af68bff1503ce03a03e4c32f3c92a40bf7bc9b91206d1058cd3c9559a0c1d779614cef952280084372d02a77db79acf6d94f347752ac959e8f7fced7c6dcb8f822ba0c35c2367c2bd85f555777a5a186fe8916e7e68e59afecdf1a26b309043889160276512261e93a17f6f9242ce61f9acdc414a3ed62888364fd5c65636dc860bc908c1719635c0f00a7f5cdf58f092250ad02b3b243a6d0264cfa459002476ee55eb57b93a82707a3308e3cfe1e44752033b2c7268efd0542ad8a39962f54c54fa5a222ca25afeca01ab7501441819a14c294417ab58f672f05991ce289d72e8d18ddfbf5b93cbd1be57efd6466a755c9eb5b0df23cb119a8566ce203ae24ec15c7e4d976150b9450ce4844865d340e9407a297089e95aeb1ae0bfea2a0978cfc9e5bee6a913b6150175d4ee46926933adb2012a60dd2c489324c0f756c64736e69cd815c47d07ee6b0546a0d03bb21ddc287cd713c2687d56ebc305ff42e5a242ccae6ed18f181dd7106040ba62879dc05ed310e0fa553fac74a6955fcdecb9897666c2e6321a89c61d2706624e175e3ed506b355c68977163a0eb7e381ab5a7a623d7fe01d0a9533fff51f0f3e45178505aac18764dd174258f492dae5314dfb408a63fd33f9c72bc42ee85c8eb9e7291fcec0e8f060cae41cc770ff185786a8f67d957e464be765f24fb07a5ed75139890f193474ce019e960911c7dab724923890a19ba8fab6f89054fc74d6159e9d8787d11451c57fac8107f2232fe2f4e675af0e80feeb385ff19fbaefbdf1f68f5a42d31797b3d9da8cc5e1c68b32112f8c520303e39eff02b7ec28c2f5eb6c9389466b134527f987a0e42c603b323e1cf12b4adbb400b5b04ab4ed46bebdae5b54d37f735d62e173721d7db8507655961286d494182857e7292c4065cd61df00fea02f1cce291676428af395e479b7229bf96d75134c7ecc8db569d053693cc9f9ca2219deebfc389f2f866398cfa63feb18d0e01a065c87d49ac2f4d3910e8e457e618b856a499cf11a65c4e29982f0ea9164f6a9e16b4a40fb1f60913d6256d431a2cfeb49b0b70a4c50d5f14c2c3d9043499ca5ef020a8165ebf50e2dba5fbeabf8906cfd248e9b2ab6f1c02b10f8c0b3292b131cc72a22834c0b3cd02f1d2b8c5b677770dc91f0c0c75761a6c3836e199d66e3697131ca630c4b3be7d1c6df6c76cf157e2365d0d7270b10b747ebe120a7bbcd8a34de0be84900a12473b84662b433359f1b956f34dff6be8e87941a3b7c93297263564761631022842308983de7b1c060bb7ca8218307ac03487cd91464ac23bd951cbde35b2e470155df9e730c2fde90a2698f92b4abb5f5ac0877679cb231fcc30d98e0e9e8ea36900412fbf8cb355ab2d12e6af98fe08c1b84f4086593a50e3066c4f77db3db41d858f69de72a7f20f7a658f7dfa10cecb8c4945311bfda817dafad295c8f1a08d232e752caae79bc315aff1440d0275b29fbea21a82c8a3328e9bd838644aba8542fc6819c198bde00e3f192826462c379259bc00aa1b25ed6cfe1a13a262eb3df4c93884e1235e508073bdb2ae6025f79095781071ec9cb76b4b9cd4bfd21af54ce72b234f9814c37b6e6fe0b79e3950ae86854e3b31f6dfe0c352a239de8b41ee1d6ee521347034df01b2827ee4233b3b05a9c41ca4fbf627268d1e478f21897d1c24427a9d41d443600e9449661851e470be94ec02f9340ed1e7dd87369645100dbf7dbfa14136f352b16983a5e40cda28be68f11f38d41dbfe6fcfc7f1bf8d1925242534bdbc8573f1b78c622c936373516313fa76feed845bc2c7320b48b6b28fb66cf0aad7b91cdf338cf45ec047be4ab732e5b4d64406f5c208136235ea6e7a4bac2d97d3cf1904224869de2d983fc02b7845faf62841de11f314a2c4194d563d90f6eb6216e01b32762b725bf07090dc25f30137ef8a6d26d13913bdbf38b54f12741bee5912de70be0b2831a715829cde4816487759393209484a12b33675c3bb5a24fbffefcdfd818543ab388dfb7454357db9351754287463d613fa931cd06b5648732533498fddf42f390378f16a00f43408fc501f4aeae5bbd53e64a9c01d83604a29b021fd739702f0f86c3c588b056d7869b7978e26bbbe824866e072985071af09eafd81767ccb3a3b672e8ad149f252d842574de6d463817302e75e93f18a19687d170f6e7d28b7512e192b699eed6de552fcc81c772aefc55ab94382684066a87271ef51e9a07dbadf77e0df523bc73a941181d524aab7868edca856f866f29d8038bdb200005b89aea068fc6b776812c30a77c19034458dd7c25b8b9eb03292ef9eadf7f9953cb8aa595d7c9ca744d7169664b569b47d606e961eb66a26172b69ecbc966b0bc3374ff77f656eb9facbe1900723b03823f8cc164a868a1a85c070f37f0e76c3501d511424ef3521bf28df00958dfea48408762b266481416bbee24e2ac4cd7bc6bda6b98c733cf15e575eda459a5c4c20d2cf5a8e6cd309ba6985e0be7d69ee7233a203213de810d42272bbe1f96995620bfeab5534a5663689d92c9be3475a82c87feb351ec285cb0787fbf0", 0x1000}, {&(0x7f00000006c0)="7ab82d25f4267db15da3106895027ab7f8925140495476f58142a6e141b643a92e97e0039c149c0ec13b2c4b9ee301b80e2bd8f2f0a2cdf65477f84300f0bd48b60d18640d59a7433184f1f6966c20517b03d88ef5403f75f43887b1a7c1592f7fab32f6068a1370775ddb38decd93974dbc219a0e63b0614e580a7ae0d0393025108e8c877650d0cfdae6130633960b289389a93b3d87c20a0f2e96c4b922338388d2a126980b237ad1064fbfa1b62f4b998b12096e7ac9b8c5f81457730edf2efc326a74e79838f14d245b5ccade0785aece43afc4e98c3ed1bead5422547de8", 0xe1}, {&(0x7f0000000440)="6f77865b35086b0298d629a399dbfc68ac4a68ae6286a82316809f1c98e6723f08b97e0dae7c29846f8885c8dae6f486b1fa93f61b153a9f8f50c1fdff5e72c4d899c625fe6c3f2758bd817de595c56ad5e506efe7039279317247832c10123685e12de75fd18e08b17d19759ae42744cdac46", 0x73}], 0x6) getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x7) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000013000100000000000500000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000005002100030000001400350064756d6d7930"], 0x3c}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='romfs\x00', 0x200000, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x8}, {0xfff1, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0) 74.877266ms ago: executing program 2 (id=5516): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000500000080"], 0x48) 0s ago: executing program 2 (id=5517): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="08000000007702009c000040"]) 0s ago: executing program 1 (id=5518): madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x13) r0 = getpid() (async) r1 = gettid() (async) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$TCFLSH(r3, 0x400455c8, 0x2) (async) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000440)=0xffffffc0) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000040)=0xfc) sched_setscheduler(0x0, 0x2, 0x0) (async) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) (async) ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x3d, 0x800000, 0x8, 0x7, 0x2, 0x81}) (async) write$bt_hci(r4, &(0x7f0000000080)=ANY=[], 0x6) (async) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000280)=0x4) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2b) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000180)=0x98) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000380)=0xff) (async) ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000002c0)=0xff) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) (async) r5 = syz_pidfd_open(r0, 0x0) (async) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0xfd6d}, 0x48) close(r6) (async) r7 = getpgid(0x0) (async) ioctl$BLKDISCARDZEROES(r3, 0x127c, &(0x7f00000003c0)) r8 = syz_pidfd_open(r7, 0x0) fstat(r8, &(0x7f0000003200)) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r6, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c) setns(r5, 0x24020000) kernel console output (not intermixed with test programs): ink: 4 bytes leftover after parsing attributes in process `syz.5.4715'. [ 333.158557][T19598] bond0: (slave syz_tun): Releasing backup interface [ 333.417447][T19617] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=19617 comm=syz.2.4721 [ 333.509297][ T9] usb 10-1: new high-speed USB device number 31 using dummy_hcd [ 333.530151][ T40] audit: type=1400 audit(1756203106.649:830): avc: denied { setopt } for pid=19622 comm="syz.4.4724" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 333.555741][T19621] netlink: 'syz.2.4723': attribute type 10 has an invalid length. [ 333.680313][ T9] usb 10-1: Using ep0 maxpacket: 8 [ 333.684290][ T9] usb 10-1: config 179 has an invalid interface number: 65 but max is 0 [ 333.686957][ T9] usb 10-1: config 179 has an invalid descriptor of length 139, skipping remainder of the config [ 333.690213][ T9] usb 10-1: config 179 has no interface number 0 [ 333.696046][ T9] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 333.696972][T19644] netlink: 'syz.4.4729': attribute type 10 has an invalid length. [ 333.699344][ T9] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 333.705525][ T9] usb 10-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 333.709609][ T9] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 333.714921][ T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 333.722466][T19612] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 333.808315][T19650] __nla_validate_parse: 2 callbacks suppressed [ 333.808327][T19650] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4732'. [ 333.819903][T19651] fuse: Bad value for 'group_id' [ 333.822028][T19651] fuse: Bad value for 'group_id' [ 333.853996][T19653] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 333.929993][T19657] FAULT_INJECTION: forcing a failure. [ 333.929993][T19657] name failslab, interval 1, probability 0, space 0, times 0 [ 333.935263][T19657] CPU: 1 UID: 0 PID: 19657 Comm: syz.4.4735 Not tainted syzkaller #0 PREEMPT(full) [ 333.935281][T19657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 333.935289][T19657] Call Trace: [ 333.935294][T19657] [ 333.935300][T19657] dump_stack_lvl+0x16c/0x1f0 [ 333.935346][T19657] should_fail_ex+0x512/0x640 [ 333.935373][T19657] ? __kvmalloc_node_noprof+0x124/0x620 [ 333.935392][T19657] should_failslab+0xc2/0x120 [ 333.935412][T19657] __kvmalloc_node_noprof+0x137/0x620 [ 333.935432][T19657] ? page_pool_create_percpu+0x34e/0xc50 [ 333.935462][T19657] ? page_pool_create_percpu+0x34e/0xc50 [ 333.935484][T19657] page_pool_create_percpu+0x34e/0xc50 [ 333.935512][T19657] bpf_test_run_xdp_live+0x18e/0x500 [ 333.935535][T19657] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 333.935559][T19657] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 333.935621][T19657] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 333.935640][T19657] ? bpf_dispatcher_change_prog+0x54d/0xa80 [ 333.935687][T19657] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 333.935713][T19657] ? 0xffffffffa0205f80 [ 333.935731][T19657] ? 0xffffffffa0205f80 [ 333.935747][T19657] ? 0xffffffffa0205f80 [ 333.935768][T19657] bpf_prog_test_run_xdp+0x824/0x1590 [ 333.935808][T19657] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 333.935831][T19657] ? pfn_swap_entry_to_page+0x540/0x540 [ 333.935856][T19657] ? fput+0x9b/0xd0 [ 333.935884][T19657] ? __bpf_prog_get+0x97/0x2a0 [ 333.935904][T19657] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 333.935924][T19657] __sys_bpf+0x1050/0x4de0 [ 333.935950][T19657] ? __pfx___sys_bpf+0x10/0x10 [ 333.935975][T19657] ? ksys_write+0x190/0x250 [ 333.936000][T19657] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 333.936036][T19657] ? fput+0x9b/0xd0 [ 333.936060][T19657] ? ksys_write+0x1ac/0x250 [ 333.936080][T19657] ? __pfx_ksys_write+0x10/0x10 [ 333.936105][T19657] __x64_sys_bpf+0x78/0xc0 [ 333.936130][T19657] ? lockdep_hardirqs_on+0x7c/0x110 [ 333.936150][T19657] do_syscall_64+0xcd/0x4c0 [ 333.936173][T19657] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.936194][T19657] RIP: 0033:0x7fb2c718ebe9 [ 333.936209][T19657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 333.936222][T19657] RSP: 002b:00007fb2c7fb8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 333.936242][T19657] RAX: ffffffffffffffda RBX: 00007fb2c73b5fa0 RCX: 00007fb2c718ebe9 [ 333.936250][T19657] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 333.936257][T19657] RBP: 00007fb2c7fb8090 R08: 0000000000000000 R09: 0000000000000000 [ 333.936265][T19657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 333.936272][T19657] R13: 00007fb2c73b6038 R14: 00007fb2c73b5fa0 R15: 00007ffdfe7f95a8 [ 333.936288][T19657] [ 333.936293][T19657] page_pool_create_percpu() gave up with errno -12 [ 333.946537][ T9] usb 10-1: USB disconnect, device number 31 [ 334.275828][T19677] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4743'. [ 334.279300][T19677] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4743'. [ 334.507941][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 334.551275][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 334.598069][ T40] audit: type=1400 audit(1756203107.650:831): avc: denied { getopt } for pid=19699 comm="syz.5.4752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 334.636461][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 334.656511][T19707] bond0: entered promiscuous mode [ 334.681127][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 334.692918][T19711] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not bonding slave [ 334.697240][T19711] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1) [ 334.749271][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 334.866141][ T40] audit: type=1400 audit(1756203107.903:832): avc: denied { setopt } for pid=19722 comm="syz.2.4760" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 334.995279][ T839] usb 10-1: new high-speed USB device number 32 using dummy_hcd [ 335.155656][ T839] usb 10-1: Using ep0 maxpacket: 8 [ 335.159446][ T839] usb 10-1: config 179 has an invalid interface number: 65 but max is 0 [ 335.162675][ T839] usb 10-1: config 179 has no interface number 0 [ 335.165332][ T839] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 335.169939][ T839] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 335.174488][ T839] usb 10-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 335.180035][ T839] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 335.183681][ T839] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.189745][T19717] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 335.409974][ T839] usb 10-1: USB disconnect, device number 32 [ 335.480212][T19729] binder: 19726:19729 unknown command 0 [ 335.482420][T19729] binder: 19726:19729 ioctl c0306201 200000000080 returned -22 [ 335.622808][T19746] IPVS: Error connecting to the multicast addr [ 335.661477][T19752] validate_nla: 2 callbacks suppressed [ 335.661488][T19752] netlink: 'syz.2.4774': attribute type 3 has an invalid length. [ 335.667028][T19752] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4774'. [ 335.671132][T19752] FAULT_INJECTION: forcing a failure. [ 335.671132][T19752] name failslab, interval 1, probability 0, space 0, times 0 [ 335.676753][T19752] CPU: 0 UID: 0 PID: 19752 Comm: syz.2.4774 Not tainted syzkaller #0 PREEMPT(full) [ 335.676777][T19752] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 335.676785][T19752] Call Trace: [ 335.676792][T19752] [ 335.676798][T19752] dump_stack_lvl+0x16c/0x1f0 [ 335.676844][T19752] should_fail_ex+0x512/0x640 [ 335.676868][T19752] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 335.676890][T19752] should_failslab+0xc2/0x120 [ 335.676908][T19752] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 335.676926][T19752] ? __alloc_skb+0x2b2/0x380 [ 335.676946][T19752] __alloc_skb+0x2b2/0x380 [ 335.676962][T19752] ? __pfx___alloc_skb+0x10/0x10 [ 335.676978][T19752] ? genl_rcv_msg+0x4b0/0x800 [ 335.677004][T19752] ? genl_rcv_msg+0x4bb/0x800 [ 335.677031][T19752] netlink_ack+0x15d/0xb80 [ 335.677059][T19752] netlink_rcv_skb+0x332/0x420 [ 335.677077][T19752] ? __pfx_genl_rcv_msg+0x10/0x10 [ 335.677100][T19752] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 335.677130][T19752] ? netlink_deliver_tap+0x1ae/0xd30 [ 335.677152][T19752] genl_rcv+0x28/0x40 [ 335.677171][T19752] netlink_unicast+0x5aa/0x870 [ 335.677193][T19752] ? __pfx_netlink_unicast+0x10/0x10 [ 335.677212][T19752] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 335.677238][T19752] netlink_sendmsg+0x8d1/0xdd0 [ 335.677261][T19752] ? __pfx_netlink_sendmsg+0x10/0x10 [ 335.677290][T19752] ____sys_sendmsg+0xa98/0xc70 [ 335.677313][T19752] ? copy_msghdr_from_user+0x10a/0x160 [ 335.677330][T19752] ? __pfx_____sys_sendmsg+0x10/0x10 [ 335.677364][T19752] ___sys_sendmsg+0x134/0x1d0 [ 335.677384][T19752] ? __pfx____sys_sendmsg+0x10/0x10 [ 335.677434][T19752] __sys_sendmsg+0x16d/0x220 [ 335.677451][T19752] ? __pfx___sys_sendmsg+0x10/0x10 [ 335.677485][T19752] do_syscall_64+0xcd/0x4c0 [ 335.677505][T19752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 335.677523][T19752] RIP: 0033:0x7fee8e58ebe9 [ 335.677537][T19752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 335.677553][T19752] RSP: 002b:00007fee8f3d6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 335.677577][T19752] RAX: ffffffffffffffda RBX: 00007fee8e7b5fa0 RCX: 00007fee8e58ebe9 [ 335.677588][T19752] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003 [ 335.677598][T19752] RBP: 00007fee8f3d6090 R08: 0000000000000000 R09: 0000000000000000 [ 335.677608][T19752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 335.677618][T19752] R13: 00007fee8e7b6038 R14: 00007fee8e7b5fa0 R15: 00007ffd74096f98 [ 335.677641][T19752] [ 335.715429][T19757] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4776'. [ 335.716894][ C0] vkms_vblank_simulate: vblank timer overrun [ 335.766068][ C0] vkms_vblank_simulate: vblank timer overrun [ 335.868486][T19774] cgroup: Invalid name [ 335.983618][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 336.024680][T19795] bond0: (slave syz_tun): Releasing backup interface [ 336.075170][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 336.122806][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 336.140829][T19795] netlink: 'syz.2.4788': attribute type 10 has an invalid length. [ 336.143897][T19795] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4788'. [ 336.417833][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 336.684820][ T5978] usb 10-1: new high-speed USB device number 33 using dummy_hcd [ 336.855431][ T5978] usb 10-1: Using ep0 maxpacket: 8 [ 336.859332][ T5978] usb 10-1: config 179 has an invalid interface number: 65 but max is 0 [ 336.861915][ T5978] usb 10-1: config 179 has no interface number 0 [ 336.863862][ T5978] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 336.867772][ T5978] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 336.872332][ T5978] usb 10-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 336.876955][ T5978] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 336.879829][ T5978] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 336.884446][T19823] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 336.989212][ T40] audit: type=1400 audit(1756203109.886:833): avc: denied { map } for pid=19846 comm="syz.2.4809" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 337.000132][ T40] audit: type=1400 audit(1756203109.886:834): avc: denied { execute } for pid=19846 comm="syz.2.4809" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 337.104424][ T2148] usb 10-1: USB disconnect, device number 33 [ 337.195576][T19850] netlink: 'syz.2.4810': attribute type 10 has an invalid length. [ 337.332206][T19863] netlink: 'syz.4.4814': attribute type 10 has an invalid length. [ 337.334751][T19863] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4814'. [ 337.419754][T19874] netlink: 'syz.2.4819': attribute type 3 has an invalid length. [ 337.432445][T19874] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4819'. [ 337.460233][T19877] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 337.465457][T19877] overlayfs: overlapping lowerdir path [ 337.502162][T19884] FAULT_INJECTION: forcing a failure. [ 337.502162][T19884] name failslab, interval 1, probability 0, space 0, times 0 [ 337.506189][T19884] CPU: 0 UID: 0 PID: 19884 Comm: syz.1.4822 Not tainted syzkaller #0 PREEMPT(full) [ 337.506206][T19884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 337.506213][T19884] Call Trace: [ 337.506218][T19884] [ 337.506222][T19884] dump_stack_lvl+0x16c/0x1f0 [ 337.506239][T19884] should_fail_ex+0x512/0x640 [ 337.506253][T19884] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 337.506272][T19884] should_failslab+0xc2/0x120 [ 337.506286][T19884] __kmalloc_cache_noprof+0x6a/0x3e0 [ 337.506303][T19884] ? __xa_alloc_cyclic+0x1f3/0x340 [ 337.506317][T19884] ? __xdp_reg_mem_model+0x134/0x680 [ 337.506334][T19884] __xdp_reg_mem_model+0x134/0x680 [ 337.506349][T19884] ? __pfx___xdp_reg_mem_model+0x10/0x10 [ 337.506364][T19884] ? page_pool_list+0x1ca/0x240 [ 337.506383][T19884] xdp_reg_mem_model+0x22/0x70 [ 337.506397][T19884] bpf_test_run_xdp_live+0x1c7/0x500 [ 337.506411][T19884] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 337.506424][T19884] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 337.506449][T19884] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 337.506460][T19884] ? bpf_dispatcher_change_prog+0x54d/0xa80 [ 337.506486][T19884] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 337.506501][T19884] ? 0xffffffffa0205f80 [ 337.506511][T19884] ? 0xffffffffa0205f80 [ 337.506520][T19884] ? 0xffffffffa0205f80 [ 337.506531][T19884] bpf_prog_test_run_xdp+0x824/0x1590 [ 337.506549][T19884] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 337.506562][T19884] ? pfn_swap_entry_to_page+0x540/0x540 [ 337.506577][T19884] ? fput+0x9b/0xd0 [ 337.506591][T19884] ? __bpf_prog_get+0x97/0x2a0 [ 337.506603][T19884] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 337.506616][T19884] __sys_bpf+0x1050/0x4de0 [ 337.506633][T19884] ? __pfx___sys_bpf+0x10/0x10 [ 337.506648][T19884] ? ksys_write+0x190/0x250 [ 337.506674][T19884] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 337.506696][T19884] ? fput+0x9b/0xd0 [ 337.506711][T19884] ? ksys_write+0x1ac/0x250 [ 337.506721][T19884] ? __pfx_ksys_write+0x10/0x10 [ 337.506735][T19884] __x64_sys_bpf+0x78/0xc0 [ 337.506751][T19884] ? lockdep_hardirqs_on+0x7c/0x110 [ 337.506763][T19884] do_syscall_64+0xcd/0x4c0 [ 337.506776][T19884] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 337.506788][T19884] RIP: 0033:0x7fed26d8ebe9 [ 337.506797][T19884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 337.506808][T19884] RSP: 002b:00007fed27b68038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 337.506820][T19884] RAX: ffffffffffffffda RBX: 00007fed26fb5fa0 RCX: 00007fed26d8ebe9 [ 337.506827][T19884] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 337.506834][T19884] RBP: 00007fed27b68090 R08: 0000000000000000 R09: 0000000000000000 [ 337.506840][T19884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 337.506847][T19884] R13: 00007fed26fb6038 R14: 00007fed26fb5fa0 R15: 00007ffdc21707e8 [ 337.506861][T19884] [ 337.736756][T19896] netlink: 'syz.4.4825': attribute type 10 has an invalid length. [ 337.736904][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 337.846876][ T2148] IPVS: starting estimator thread 0... [ 337.956569][T19900] IPVS: using max 44 ests per chain, 105600 per kthread [ 338.002629][T19912] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4830'. [ 338.005702][T19912] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4830'. [ 338.726239][ T1025] usb 10-1: new high-speed USB device number 34 using dummy_hcd [ 338.734518][T19944] syzkaller1: entered promiscuous mode [ 338.737014][T19944] syzkaller1: entered allmulticast mode [ 338.888007][ T1025] usb 10-1: Using ep0 maxpacket: 8 [ 338.900080][ T1025] usb 10-1: config 179 has an invalid interface number: 65 but max is 0 [ 338.904164][ T1025] usb 10-1: config 179 has no interface number 0 [ 338.906861][ T1025] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 338.909490][T19953] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not bonding slave [ 338.914560][T19953] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1) [ 338.920134][ T1025] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 338.924800][ T1025] usb 10-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 338.940230][ T1025] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 338.945514][ T1025] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 338.953088][T19928] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 339.174266][ T60] usb 10-1: USB disconnect, device number 34 [ 339.917966][ T6039] IPVS: starting estimator thread 0... [ 340.019772][T19980] IPVS: using max 45 ests per chain, 108000 per kthread [ 340.254963][ T60] usb 7-1: new high-speed USB device number 43 using dummy_hcd [ 340.415327][ T60] usb 7-1: Using ep0 maxpacket: 8 [ 340.419854][ T60] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 340.422896][ T60] usb 7-1: config 179 has no interface number 0 [ 340.424954][ T60] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 340.428693][ T60] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 340.432224][ T60] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 340.435757][ T60] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 340.441207][ T60] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 340.444083][ T60] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 340.448954][T19984] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 340.674283][ T2148] usb 7-1: USB disconnect, device number 43 [ 340.678548][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 340.691295][T19990] binder: 19989:19990 unknown command 0 [ 340.695021][T19990] binder: 19989:19990 ioctl c0306201 200000000080 returned -22 [ 340.726445][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 340.752114][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 340.779854][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 340.818015][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 340.822757][T19999] IPVS: Error connecting to the multicast addr [ 340.848245][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 340.945821][ T6283] udevd[6283]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 340.952804][T20010] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4866'. [ 340.985248][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 341.018970][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 341.045839][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 341.053554][T20020] netlink: 'syz.5.4870': attribute type 3 has an invalid length. [ 341.056128][T20020] netlink: 68 bytes leftover after parsing attributes in process `syz.5.4870'. [ 341.059419][T20020] FAULT_INJECTION: forcing a failure. [ 341.059419][T20020] name failslab, interval 1, probability 0, space 0, times 0 [ 341.063531][T20020] CPU: 2 UID: 0 PID: 20020 Comm: syz.5.4870 Not tainted syzkaller #0 PREEMPT(full) [ 341.063546][T20020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 341.063553][T20020] Call Trace: [ 341.063557][T20020] [ 341.063562][T20020] dump_stack_lvl+0x16c/0x1f0 [ 341.063598][T20020] should_fail_ex+0x512/0x640 [ 341.063615][T20020] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 341.063630][T20020] should_failslab+0xc2/0x120 [ 341.063644][T20020] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 341.063656][T20020] ? __alloc_skb+0x2b2/0x380 [ 341.063670][T20020] __alloc_skb+0x2b2/0x380 [ 341.063681][T20020] ? __pfx___alloc_skb+0x10/0x10 [ 341.063697][T20020] ? genl_rcv_msg+0x4b0/0x800 [ 341.063712][T20020] ? genl_rcv_msg+0x4bb/0x800 [ 341.063730][T20020] netlink_ack+0x15d/0xb80 [ 341.063747][T20020] netlink_rcv_skb+0x332/0x420 [ 341.063760][T20020] ? __pfx_genl_rcv_msg+0x10/0x10 [ 341.063776][T20020] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 341.063795][T20020] ? netlink_deliver_tap+0x1ae/0xd30 [ 341.063810][T20020] genl_rcv+0x28/0x40 [ 341.063824][T20020] netlink_unicast+0x5aa/0x870 [ 341.063839][T20020] ? __pfx_netlink_unicast+0x10/0x10 [ 341.063852][T20020] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 341.063882][T20020] netlink_sendmsg+0x8d1/0xdd0 [ 341.063898][T20020] ? __pfx_netlink_sendmsg+0x10/0x10 [ 341.063917][T20020] ____sys_sendmsg+0xa98/0xc70 [ 341.063934][T20020] ? copy_msghdr_from_user+0x10a/0x160 [ 341.063946][T20020] ? __pfx_____sys_sendmsg+0x10/0x10 [ 341.063969][T20020] ___sys_sendmsg+0x134/0x1d0 [ 341.063982][T20020] ? __pfx____sys_sendmsg+0x10/0x10 [ 341.064012][T20020] __sys_sendmsg+0x16d/0x220 [ 341.064024][T20020] ? __pfx___sys_sendmsg+0x10/0x10 [ 341.064042][T20020] ? fput+0x9b/0xd0 [ 341.064060][T20020] do_syscall_64+0xcd/0x4c0 [ 341.064074][T20020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.064086][T20020] RIP: 0033:0x7fd910d8ebe9 [ 341.064096][T20020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 341.064107][T20020] RSP: 002b:00007fd911c24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 341.064125][T20020] RAX: ffffffffffffffda RBX: 00007fd910fb5fa0 RCX: 00007fd910d8ebe9 [ 341.064132][T20020] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003 [ 341.064140][T20020] RBP: 00007fd911c24090 R08: 0000000000000000 R09: 0000000000000000 [ 341.064146][T20020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 341.064153][T20020] R13: 00007fd910fb6038 R14: 00007fd910fb5fa0 R15: 00007ffd402f0168 [ 341.064168][T20020] [ 341.149269][ C2] vkms_vblank_simulate: vblank timer overrun [ 341.286140][T20046] netlink: 'syz.4.4882': attribute type 4 has an invalid length. [ 341.289274][T20046] netlink: 'syz.4.4882': attribute type 4 has an invalid length. [ 341.301600][T20046] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12336 sclass=netlink_route_socket pid=20046 comm=syz.4.4882 [ 341.308641][T20046] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12336 sclass=netlink_route_socket pid=20046 comm=syz.4.4882 [ 341.312785][T20046] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12336 sclass=netlink_route_socket pid=20046 comm=syz.4.4882 [ 341.430068][T20052] netlink: 'syz.5.4879': attribute type 10 has an invalid length. [ 341.460836][T20052] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4879'. [ 341.739639][T20080] netlink: 'syz.5.4894': attribute type 10 has an invalid length. [ 341.770742][T20092] netlink: 'syz.4.4898': attribute type 10 has an invalid length. [ 341.773563][T20092] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4898'. [ 341.776418][T20092] dummy0: entered promiscuous mode [ 341.778281][T20092] bridge0: port 1(dummy0) entered blocking state [ 341.780414][T20092] bridge0: port 1(dummy0) entered disabled state [ 341.782499][T20092] dummy0: entered allmulticast mode [ 341.785924][T20092] bridge0: port 1(dummy0) entered blocking state [ 341.788451][T20092] bridge0: port 1(dummy0) entered forwarding state [ 341.913803][ T6039] usb 6-1: new high-speed USB device number 34 using dummy_hcd [ 342.022976][T20111] netlink: 'syz.4.4905': attribute type 21 has an invalid length. [ 342.025381][T20111] netlink: 'syz.4.4905': attribute type 6 has an invalid length. [ 342.027521][T20111] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4905'. [ 342.033821][T20107] netlink: 152 bytes leftover after parsing attributes in process `syz.5.4904'. [ 342.051096][ T839] usb 7-1: new high-speed USB device number 44 using dummy_hcd [ 342.072432][ T6039] usb 6-1: Using ep0 maxpacket: 8 [ 342.080003][ T6039] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 342.083928][ T6039] usb 6-1: config 179 has no interface number 0 [ 342.086601][ T6039] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 342.090466][ T6039] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 342.095835][ T6039] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 342.100573][ T6039] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 342.102856][T20115] 9pnet_virtio: no channels available for device 127.0.0.1 [ 342.105555][ T6039] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 342.105571][ T6039] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 342.111793][T20077] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 342.211370][ T839] usb 7-1: Using ep0 maxpacket: 16 [ 342.214248][ T839] usb 7-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0 [ 342.217583][ T839] usb 7-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0 [ 342.220611][ T839] usb 7-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 342.224524][ T839] usb 7-1: config 1 interface 0 has no altsetting 0 [ 342.228497][ T839] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 342.236039][ T839] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 342.238559][ T839] usb 7-1: Product: syz [ 342.239958][ T839] usb 7-1: Manufacturer: syz [ 342.241343][ T839] usb 7-1: SerialNumber: syz [ 342.296501][T20126] dummy0: left allmulticast mode [ 342.303680][T20126] bridge0: port 1(dummy0) entered disabled state [ 342.325850][T20126] bond2: (slave bridge1): Releasing active interface [ 342.338933][ T6039] usb 6-1: USB disconnect, device number 34 [ 342.461002][ T839] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 44 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8 [ 342.526471][T20132] netlink: 'syz.4.4913': attribute type 10 has an invalid length. [ 342.561022][T20134] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4914'. [ 342.564275][T20134] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4914'. [ 342.799095][T20146] program syz.5.4918 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 343.174933][T20165] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not bonding slave [ 343.178168][T20165] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1) [ 343.360992][ T40] audit: type=1400 audit(1756203115.853:835): avc: denied { link } for pid=20182 comm="syz.1.4932" name="#57" dev="tmpfs" ino=2978 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 343.370376][ T40] audit: type=1400 audit(1756203115.853:836): avc: denied { rename } for pid=20182 comm="syz.1.4932" name="#58" dev="tmpfs" ino=2978 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 343.413075][T20189] binder: 20188:20189 unknown command 0 [ 343.414966][T20189] binder: 20188:20189 ioctl c0306201 200000000080 returned -22 [ 343.526276][ T2148] usb 10-1: new high-speed USB device number 35 using dummy_hcd [ 343.697282][ T2148] usb 10-1: Using ep0 maxpacket: 8 [ 343.701506][ T2148] usb 10-1: config 179 has an invalid interface number: 65 but max is 0 [ 343.704765][ T2148] usb 10-1: config 179 has no interface number 0 [ 343.706745][ T2148] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 343.710538][ T2148] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 343.713933][ T2148] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 343.717474][ T2148] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 343.722085][ T2148] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 343.725299][ T2148] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 343.731744][T20175] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 343.952238][ T2148] usb 10-1: USB disconnect, device number 35 [ 344.581458][T20212] IPVS: Error connecting to the multicast addr [ 344.587598][T20214] binder: 20213:20214 ioctl 4018620d 0 returned -22 [ 344.622299][T20218] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4944'. [ 344.675050][T20223] netlink: 'syz.1.4946': attribute type 3 has an invalid length. [ 344.677628][T20223] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4946'. [ 344.680705][T20223] FAULT_INJECTION: forcing a failure. [ 344.680705][T20223] name failslab, interval 1, probability 0, space 0, times 0 [ 344.686118][T20223] CPU: 1 UID: 0 PID: 20223 Comm: syz.1.4946 Not tainted syzkaller #0 PREEMPT(full) [ 344.686134][T20223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 344.686142][T20223] Call Trace: [ 344.686146][T20223] [ 344.686151][T20223] dump_stack_lvl+0x16c/0x1f0 [ 344.686168][T20223] should_fail_ex+0x512/0x640 [ 344.686185][T20223] should_failslab+0xc2/0x120 [ 344.686200][T20223] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 344.686213][T20223] ? skb_clone+0x190/0x3f0 [ 344.686228][T20223] skb_clone+0x190/0x3f0 [ 344.686240][T20223] netlink_deliver_tap+0xabd/0xd30 [ 344.686257][T20223] netlink_unicast+0x71f/0x870 [ 344.686273][T20223] ? __pfx_netlink_unicast+0x10/0x10 [ 344.686287][T20223] ? genl_rcv_msg+0x4bb/0x800 [ 344.686306][T20223] netlink_ack+0x696/0xb80 [ 344.686324][T20223] netlink_rcv_skb+0x332/0x420 [ 344.686337][T20223] ? __pfx_genl_rcv_msg+0x10/0x10 [ 344.686353][T20223] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 344.686373][T20223] ? netlink_deliver_tap+0x1ae/0xd30 [ 344.686388][T20223] genl_rcv+0x28/0x40 [ 344.686402][T20223] netlink_unicast+0x5aa/0x870 [ 344.686417][T20223] ? __pfx_netlink_unicast+0x10/0x10 [ 344.686431][T20223] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 344.686449][T20223] netlink_sendmsg+0x8d1/0xdd0 [ 344.686465][T20223] ? __pfx_netlink_sendmsg+0x10/0x10 [ 344.686484][T20223] ____sys_sendmsg+0xa98/0xc70 [ 344.686501][T20223] ? copy_msghdr_from_user+0x10a/0x160 [ 344.686513][T20223] ? __pfx_____sys_sendmsg+0x10/0x10 [ 344.686536][T20223] ___sys_sendmsg+0x134/0x1d0 [ 344.686549][T20223] ? __pfx____sys_sendmsg+0x10/0x10 [ 344.686580][T20223] __sys_sendmsg+0x16d/0x220 [ 344.686593][T20223] ? __pfx___sys_sendmsg+0x10/0x10 [ 344.686611][T20223] ? fput+0x9b/0xd0 [ 344.686628][T20223] do_syscall_64+0xcd/0x4c0 [ 344.686643][T20223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.686655][T20223] RIP: 0033:0x7fed26d8ebe9 [ 344.686665][T20223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 344.686677][T20223] RSP: 002b:00007fed27b68038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 344.686688][T20223] RAX: ffffffffffffffda RBX: 00007fed26fb5fa0 RCX: 00007fed26d8ebe9 [ 344.686695][T20223] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003 [ 344.686702][T20223] RBP: 00007fed27b68090 R08: 0000000000000000 R09: 0000000000000000 [ 344.686709][T20223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 344.686716][T20223] R13: 00007fed26fb6038 R14: 00007fed26fb5fa0 R15: 00007ffdc21707e8 [ 344.686736][T20223] [ 344.774007][ C1] hpet: Lost 4 RTC interrupts [ 344.814759][ T40] audit: type=1400 audit(1756203117.210:837): avc: denied { execute } for pid=20232 comm="syz.1.4950" path="/selinux/avc/hash_stats" dev="selinuxfs" ino=26 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=file permissive=1 [ 344.990875][ T2148] usb 10-1: new high-speed USB device number 36 using dummy_hcd [ 345.062840][ T1025] usb 7-1: USB disconnect, device number 44 [ 345.071074][ T1025] usblp0: removed [ 345.161905][ T2148] usb 10-1: Using ep0 maxpacket: 8 [ 345.164871][ T2148] usb 10-1: config 179 has an invalid interface number: 65 but max is 0 [ 345.167644][ T2148] usb 10-1: config 179 has no interface number 0 [ 345.169869][ T2148] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 345.177399][ T2148] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 345.181128][ T2148] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 345.185101][ T2148] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 345.189765][ T2148] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 345.192807][ T2148] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 345.198957][T20228] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 345.338171][T20260] dummy0: entered promiscuous mode [ 345.340333][T20260] bridge0: port 1(dummy0) entered blocking state [ 345.342562][T20260] bridge0: port 1(dummy0) entered disabled state [ 345.346604][T20260] dummy0: entered allmulticast mode [ 345.351685][T20260] bridge0: port 1(dummy0) entered blocking state [ 345.353896][T20260] bridge0: port 1(dummy0) entered forwarding state [ 345.495085][T20269] 8021q: adding VLAN 0 to HW filter on device bond1 [ 345.506177][T20269] bond1: (slave geneve2): making interface the new active one [ 345.509938][T20269] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 345.523646][ T40] audit: type=1400 audit(1756203117.874:838): avc: denied { listen } for pid=20271 comm="syz.1.4965" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 345.633519][T12525] usb 10-1: USB disconnect, device number 36 [ 345.633548][ C3] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 345.638762][ C3] xpad 10-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 345.915245][T20290] FAULT_INJECTION: forcing a failure. [ 345.915245][T20290] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 345.920350][T20290] CPU: 2 UID: 0 PID: 20290 Comm: syz.1.4973 Not tainted syzkaller #0 PREEMPT(full) [ 345.920365][T20290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 345.920373][T20290] Call Trace: [ 345.920378][T20290] [ 345.920382][T20290] dump_stack_lvl+0x16c/0x1f0 [ 345.920399][T20290] should_fail_ex+0x512/0x640 [ 345.920415][T20290] _copy_from_user+0x2e/0xd0 [ 345.920430][T20290] input_event_from_user+0x133/0x3b0 [ 345.920448][T20290] ? __pfx_input_event_from_user+0x10/0x10 [ 345.920469][T20290] evdev_write+0x37b/0x750 [ 345.920488][T20290] ? __pfx_evdev_write+0x10/0x10 [ 345.920505][T20290] ? bpf_lsm_file_permission+0x9/0x10 [ 345.920520][T20290] ? security_file_permission+0x71/0x210 [ 345.920538][T20290] ? rw_verify_area+0xcf/0x6c0 [ 345.920557][T20290] ? __pfx_evdev_write+0x10/0x10 [ 345.920572][T20290] vfs_write+0x29d/0x11d0 [ 345.920586][T20290] ? __pfx_vfs_write+0x10/0x10 [ 345.920597][T20290] ? find_held_lock+0x2b/0x80 [ 345.920612][T20290] ? __fget_files+0x204/0x3c0 [ 345.920627][T20290] ? __fget_files+0x20e/0x3c0 [ 345.920643][T20290] ksys_write+0x1f8/0x250 [ 345.920667][T20290] ? __pfx_ksys_write+0x10/0x10 [ 345.920684][T20290] do_syscall_64+0xcd/0x4c0 [ 345.920698][T20290] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.920710][T20290] RIP: 0033:0x7fed26d8ebe9 [ 345.920720][T20290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 345.920731][T20290] RSP: 002b:00007fed27b68038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 345.920742][T20290] RAX: ffffffffffffffda RBX: 00007fed26fb5fa0 RCX: 00007fed26d8ebe9 [ 345.920750][T20290] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003 [ 345.920757][T20290] RBP: 00007fed27b68090 R08: 0000000000000000 R09: 0000000000000000 [ 345.920763][T20290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 345.920770][T20290] R13: 00007fed26fb6038 R14: 00007fed26fb5fa0 R15: 00007ffdc21707e8 [ 345.920784][T20290] [ 346.123068][ T13] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 346.126701][ T13] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 346.130220][ T13] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 346.132829][ T13] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 346.196077][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 346.217490][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 346.296155][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 346.299630][T20306] dummy0: left allmulticast mode [ 346.301363][T20306] bridge0: port 1(dummy0) entered disabled state [ 346.316225][T20306] bond1: (slave geneve2): Releasing active interface [ 346.490681][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 346.577800][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 346.908754][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 346.932585][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 347.040348][T20332] __nla_validate_parse: 9 callbacks suppressed [ 347.040359][T20332] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4987'. [ 347.182638][T20338] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4990'. [ 347.185608][T20338] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4990'. [ 347.193331][ T839] usb 10-1: new high-speed USB device number 37 using dummy_hcd [ 347.364415][ T839] usb 10-1: Using ep0 maxpacket: 8 [ 347.368324][ T839] usb 10-1: config 179 has an invalid interface number: 65 but max is 0 [ 347.371752][ T839] usb 10-1: config 179 has no interface number 0 [ 347.374431][ T839] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 347.379574][ T839] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 347.384268][ T839] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 347.389326][ T839] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 347.394914][ T839] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 347.399022][ T839] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 347.405150][T20330] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 347.839661][ C0] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 347.839668][ T5978] usb 10-1: USB disconnect, device number 37 [ 347.843299][ C0] xpad 10-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 348.190203][T20347] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not bonding slave [ 348.194606][T20347] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1) [ 348.279198][T20352] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4995'. [ 348.405201][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 348.424995][T20361] binder: BINDER_SET_CONTEXT_MGR already set [ 348.427406][T20361] binder: 20357:20361 ioctl 4018620d 2000000000c0 returned -16 [ 348.450700][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 348.495162][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 348.523402][T20377] binder: 20375:20377 unknown command 0 [ 348.525197][T20377] binder: 20375:20377 ioctl c0306201 200000000080 returned -22 [ 348.579616][T20382] netlink: 'syz.1.5007': attribute type 11 has an invalid length. [ 348.621111][T20389] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5010'. [ 348.723857][ T40] audit: type=1400 audit(1756203120.867:839): avc: denied { create } for pid=20405 comm="syz.4.5018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 348.776186][ T6039] usb 7-1: new high-speed USB device number 45 using dummy_hcd [ 348.897410][T20417] IPVS: Error connecting to the multicast addr [ 348.928104][T20419] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5023'. [ 348.958947][ T6039] usb 7-1: Using ep0 maxpacket: 8 [ 348.963302][ T6039] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 348.977037][ T6039] usb 7-1: config 179 has no interface number 0 [ 348.981307][ T6039] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 348.988428][ T6039] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 348.992228][ T6039] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 348.995918][ T6039] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 349.003069][ T6039] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 349.006286][ T5988] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 349.008982][ T6039] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 349.012524][ T5988] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 349.014719][T20378] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 349.017276][ T5988] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 349.022464][ T5988] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 349.025096][ T5988] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 349.104947][ T43] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.199819][ T43] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.277155][T20437] validate_nla: 5 callbacks suppressed [ 349.277169][T20437] netlink: 'syz.4.5030': attribute type 3 has an invalid length. [ 349.282192][T20437] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5030'. [ 349.290622][T20437] FAULT_INJECTION: forcing a failure. [ 349.290622][T20437] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 349.296675][T20437] CPU: 1 UID: 0 PID: 20437 Comm: syz.4.5030 Not tainted syzkaller #0 PREEMPT(full) [ 349.296698][T20437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 349.296709][T20437] Call Trace: [ 349.296715][T20437] [ 349.296723][T20437] dump_stack_lvl+0x16c/0x1f0 [ 349.296747][T20437] should_fail_ex+0x512/0x640 [ 349.296771][T20437] _copy_to_user+0x32/0xd0 [ 349.296795][T20437] simple_read_from_buffer+0xcb/0x170 [ 349.296817][T20437] proc_fail_nth_read+0x197/0x240 [ 349.296839][T20437] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 349.296861][T20437] ? rw_verify_area+0xcf/0x6c0 [ 349.296886][T20437] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 349.296906][T20437] vfs_read+0x1e4/0xcf0 [ 349.296927][T20437] ? __pfx___mutex_lock+0x10/0x10 [ 349.296960][T20437] ? __pfx_vfs_read+0x10/0x10 [ 349.296985][T20437] ? __fget_files+0x20e/0x3c0 [ 349.297012][T20437] ksys_read+0x12a/0x250 [ 349.297029][T20437] ? __pfx_ksys_read+0x10/0x10 [ 349.297054][T20437] do_syscall_64+0xcd/0x4c0 [ 349.297075][T20437] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.297094][T20437] RIP: 0033:0x7fb2c718d5fc [ 349.297108][T20437] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 349.297124][T20437] RSP: 002b:00007fb2c7fb8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 349.297140][T20437] RAX: ffffffffffffffda RBX: 00007fb2c73b5fa0 RCX: 00007fb2c718d5fc [ 349.297151][T20437] RDX: 000000000000000f RSI: 00007fb2c7fb80a0 RDI: 0000000000000004 [ 349.297162][T20437] RBP: 00007fb2c7fb8090 R08: 0000000000000000 R09: 0000000000000000 [ 349.297172][T20437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 349.297182][T20437] R13: 00007fb2c73b6038 R14: 00007fb2c73b5fa0 R15: 00007ffdfe7f95a8 [ 349.297206][T20437] [ 349.366647][ C1] hpet: Lost 3 RTC interrupts [ 349.389509][ T43] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.401436][T20422] chnl_net:caif_netlink_parms(): no params data found [ 349.454240][ T839] usb 7-1: USB disconnect, device number 45 [ 349.456224][ C0] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 349.456247][ C0] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 349.520305][ T43] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.530856][T20422] bridge0: port 1(bridge_slave_0) entered blocking state [ 349.533931][T20422] bridge0: port 1(bridge_slave_0) entered disabled state [ 349.537231][T20422] bridge_slave_0: entered allmulticast mode [ 349.540966][T20422] bridge_slave_0: entered promiscuous mode [ 349.547000][T20422] bridge0: port 2(bridge_slave_1) entered blocking state [ 349.549248][T20422] bridge0: port 2(bridge_slave_1) entered disabled state [ 349.551626][T20422] bridge_slave_1: entered allmulticast mode [ 349.555357][T20422] bridge_slave_1: entered promiscuous mode [ 349.627299][T20422] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 349.635179][T20422] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 349.670301][T20422] team0: Port device team_slave_0 added [ 349.675378][T20422] team0: Port device team_slave_1 added [ 349.675671][T20457] KVM: debugfs: duplicate directory 20457-6 [ 349.744096][T20422] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 349.746463][T20422] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 349.758292][T20422] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 349.782582][T20422] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 349.784804][T20422] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 349.793374][T20422] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 349.858769][T20422] hsr_slave_0: entered promiscuous mode [ 349.861015][T20422] hsr_slave_1: entered promiscuous mode [ 349.863180][T20422] debugfs: 'hsr0' already exists in 'hsr' [ 349.864933][T20422] Cannot create hsr debugfs directory [ 350.166311][T20477] netlink: 'syz.2.5041': attribute type 10 has an invalid length. [ 350.232470][T20479] netlink: 'syz.4.5043': attribute type 10 has an invalid length. [ 350.235314][T20479] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5043'. [ 350.378455][ T43] bond0 (unregistering): Released all slaves [ 350.386063][ T43] bond1 (unregistering): Released all slaves [ 350.393609][ T43] bond2 (unregistering): Released all slaves [ 350.401131][ T43] bond3 (unregistering): Released all slaves [ 350.490481][ T43] bond4 (unregistering): Released all slaves [ 350.578502][ T43] bond5 (unregistering): Released all slaves [ 350.612619][T20479] bridge0: port 1(dummy0) entered blocking state [ 350.619447][T20479] bridge0: port 1(dummy0) entered disabled state [ 350.622223][T20479] dummy0: entered allmulticast mode [ 350.625574][T20479] bridge0: port 1(dummy0) entered blocking state [ 350.627639][T20479] bridge0: port 1(dummy0) entered forwarding state [ 350.725283][T20485] netlink: 596 bytes leftover after parsing attributes in process `syz.2.5044'. [ 351.014351][T20506] netlink: 'syz.4.5051': attribute type 3 has an invalid length. [ 351.017037][T20506] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5051'. [ 351.052540][ T839] usb 7-1: new high-speed USB device number 46 using dummy_hcd [ 351.076413][ T43] hsr_slave_0: left promiscuous mode [ 351.078591][ T43] hsr_slave_1: left promiscuous mode [ 351.104850][ T43] veth1_macvtap: left promiscuous mode [ 351.108264][ T43] veth0_macvtap: left promiscuous mode [ 351.155809][ T43] pimreg (unregistering): left allmulticast mode [ 351.203753][ T5973] Bluetooth: hci1: command tx timeout [ 351.245085][ T839] usb 7-1: Using ep0 maxpacket: 8 [ 351.248432][ T839] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 351.251143][ T839] usb 7-1: config 179 has no interface number 0 [ 351.253374][ T839] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 351.257220][ T839] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 351.265945][ T839] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 351.270755][ T839] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 351.274912][ T839] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 351.277943][ T839] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.282063][T20492] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 351.308218][ T5973] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 351.351216][T20530] FAULT_INJECTION: forcing a failure. [ 351.351216][T20530] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 351.355497][T20530] CPU: 2 UID: 0 PID: 20530 Comm: syz.5.5058 Not tainted syzkaller #0 PREEMPT(full) [ 351.355513][T20530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 351.355520][T20530] Call Trace: [ 351.355525][T20530] [ 351.355530][T20530] dump_stack_lvl+0x16c/0x1f0 [ 351.355547][T20530] should_fail_ex+0x512/0x640 [ 351.355564][T20530] _copy_from_user+0x2e/0xd0 [ 351.355579][T20530] input_event_from_user+0x133/0x3b0 [ 351.355598][T20530] ? __pfx_input_event_from_user+0x10/0x10 [ 351.355615][T20530] ? __pfx___might_resched+0x10/0x10 [ 351.355629][T20530] ? input_inject_event+0x1c0/0x3b0 [ 351.355648][T20530] evdev_write+0x37b/0x750 [ 351.355667][T20530] ? __pfx_evdev_write+0x10/0x10 [ 351.355684][T20530] ? bpf_lsm_file_permission+0x9/0x10 [ 351.355700][T20530] ? security_file_permission+0x71/0x210 [ 351.355719][T20530] ? rw_verify_area+0xcf/0x6c0 [ 351.355738][T20530] ? __pfx_evdev_write+0x10/0x10 [ 351.355754][T20530] vfs_write+0x29d/0x11d0 [ 351.355769][T20530] ? __pfx_vfs_write+0x10/0x10 [ 351.355780][T20530] ? find_held_lock+0x2b/0x80 [ 351.355795][T20530] ? __fget_files+0x204/0x3c0 [ 351.355810][T20530] ? __fget_files+0x20e/0x3c0 [ 351.355827][T20530] ksys_write+0x1f8/0x250 [ 351.355839][T20530] ? __pfx_ksys_write+0x10/0x10 [ 351.355859][T20530] do_syscall_64+0xcd/0x4c0 [ 351.355874][T20530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.355887][T20530] RIP: 0033:0x7fd910d8ebe9 [ 351.355897][T20530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 351.355909][T20530] RSP: 002b:00007fd911c24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 351.355920][T20530] RAX: ffffffffffffffda RBX: 00007fd910fb5fa0 RCX: 00007fd910d8ebe9 [ 351.355928][T20530] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003 [ 351.355935][T20530] RBP: 00007fd911c24090 R08: 0000000000000000 R09: 0000000000000000 [ 351.355942][T20530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 351.355949][T20530] R13: 00007fd910fb6038 R14: 00007fd910fb5fa0 R15: 00007ffd402f0168 [ 351.355963][T20530] [ 351.500966][ C0] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 351.503720][ C0] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 351.507133][ T839] usb 7-1: USB disconnect, device number 46 [ 352.777638][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 352.863609][T20547] netlink: 'syz.4.5062': attribute type 10 has an invalid length. [ 352.938590][T20553] __nla_validate_parse: 2 callbacks suppressed [ 352.938610][T20553] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5061'. [ 352.948149][T20422] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 352.956427][T20422] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 352.963884][T20422] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 352.976629][T20422] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 353.060562][T20422] 8021q: adding VLAN 0 to HW filter on device bond0 [ 353.076692][T20422] 8021q: adding VLAN 0 to HW filter on device team0 [ 353.086370][ T6694] bridge0: port 1(bridge_slave_0) entered blocking state [ 353.088763][ T6694] bridge0: port 1(bridge_slave_0) entered forwarding state [ 353.092192][ T6694] bridge0: port 2(bridge_slave_1) entered blocking state [ 353.094598][ T6694] bridge0: port 2(bridge_slave_1) entered forwarding state [ 353.265627][T20422] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 353.295321][T20577] hugetlbfs: syz.2.5065 (20577): Using mlock ulimits for SHM_HUGETLB is obsolete [ 353.295424][T20422] veth0_vlan: entered promiscuous mode [ 353.308372][T20422] veth1_vlan: entered promiscuous mode [ 353.327093][T20422] veth0_macvtap: entered promiscuous mode [ 353.333364][T20422] veth1_macvtap: entered promiscuous mode [ 353.363492][T20422] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 353.371046][T20422] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 353.378485][ T6681] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.382286][ T6681] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.396367][ T6681] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.399369][ T6681] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.425858][ T5973] Bluetooth: hci1: command tx timeout [ 353.444674][ T6283] udevd[6283]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 353.454210][ T40] audit: type=1326 audit(1756203125.292:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20584 comm="syz.2.5069" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee8e58ebe9 code=0x50000 [ 353.455064][ T1182] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 353.463848][ T1182] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 353.467715][ T40] audit: type=1326 audit(1756203125.292:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20584 comm="syz.2.5069" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee8e58ebe9 code=0x50000 [ 353.478344][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 353.480209][ T40] audit: type=1326 audit(1756203125.292:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20584 comm="syz.2.5069" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee8e58ebe9 code=0x50000 [ 353.489494][ T40] audit: type=1326 audit(1756203125.292:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20584 comm="syz.2.5069" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee8e58ebe9 code=0x50000 [ 353.492720][ T1182] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 353.497333][ T40] audit: type=1326 audit(1756203125.292:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20584 comm="syz.2.5069" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee8e58ebe9 code=0x50000 [ 353.499875][ T1182] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 353.506846][ T40] audit: type=1326 audit(1756203125.292:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20584 comm="syz.2.5069" exe="/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fee8e58ebe9 code=0x50000 [ 353.516884][ T40] audit: type=1326 audit(1756203125.292:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20584 comm="syz.2.5069" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fee8e5c14a5 code=0x50000 [ 353.524697][ T40] audit: type=1326 audit(1756203125.292:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20584 comm="syz.2.5069" exe="/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fee8e58ebe9 code=0x50000 [ 353.684192][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 353.705985][T20607] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5077'. [ 353.708838][T20607] tipc: Invalid UDP bearer configuration [ 353.708865][T20607] tipc: Enabling of bearer rejected, failed to enable media [ 353.742191][T20609] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave [ 353.745228][T20609] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1) [ 353.759101][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 353.865993][T20619] bridge_slave_0: left allmulticast mode [ 353.868503][T20619] bridge_slave_0: left promiscuous mode [ 353.871254][T20619] bridge0: port 1(bridge_slave_0) entered disabled state [ 353.880834][T20619] bridge_slave_1: left allmulticast mode [ 353.883059][T20619] bridge_slave_1: left promiscuous mode [ 353.885644][T20619] bridge0: port 2(bridge_slave_1) entered disabled state [ 353.920961][T20619] bond0: (slave bond_slave_0): Releasing backup interface [ 353.924264][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 353.937836][T20619] bond0: (slave bond_slave_1): Releasing backup interface [ 353.958326][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 353.983784][T20619] team0: Port device team_slave_0 removed [ 353.992670][T20619] team0: Port device team_slave_1 removed [ 353.995643][T20619] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 353.999228][T20619] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 354.002896][T20619] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 354.005521][T20619] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 354.050275][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 354.082023][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 354.106460][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 354.112779][T20639] binder: 20638:20639 unknown command 0 [ 354.114574][T20639] binder: 20638:20639 ioctl c0306201 200000000080 returned -22 [ 354.338878][T20663] ref_ctr_offset mismatch. inode: 0x45 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x4 [ 354.436468][T20676] IPVS: Error connecting to the multicast addr [ 354.542873][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 354.542890][ T40] audit: type=1400 audit(1756203126.311:851): avc: denied { setattr } for pid=20682 comm="syz.5.5106" name="file0" dev="tmpfs" ino=859 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 354.555559][T20683] Invalid source name [ 354.556935][T20683] UBIFS error (pid: 20683): cannot open "./file0", error -22 [ 354.595581][T20685] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5107'. [ 354.651702][T20689] binder: Bad value for 'max' [ 355.231019][ T40] audit: type=1400 audit(1756203126.947:852): avc: denied { setopt } for pid=20719 comm="syz.5.5119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 355.297830][T20724] netlink: 'syz.5.5121': attribute type 10 has an invalid length. [ 355.317506][T20729] netlink: 'syz.1.5122': attribute type 10 has an invalid length. [ 355.322189][T20729] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5122'. [ 355.325004][T20729] dummy0: entered promiscuous mode [ 355.327542][T20729] bridge0: port 1(dummy0) entered blocking state [ 355.329922][T20729] bridge0: port 1(dummy0) entered disabled state [ 355.332592][T20729] dummy0: entered allmulticast mode [ 355.335849][T20729] bridge0: port 1(dummy0) entered blocking state [ 355.338141][T20729] bridge0: port 1(dummy0) entered forwarding state [ 355.451281][T20744] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5126'. [ 355.457359][T20744] netlink: 'syz.2.5126': attribute type 22 has an invalid length. [ 355.457507][T20743] IPVS: length: 245 != 8 [ 355.460429][T20744] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5126'. [ 355.521924][T20744] netlink: 'syz.2.5126': attribute type 22 has an invalid length. [ 355.524445][T20744] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5126'. [ 355.650638][ T5988] Bluetooth: hci1: command tx timeout [ 355.731604][T20761] FAULT_INJECTION: forcing a failure. [ 355.731604][T20761] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 355.737365][T20761] CPU: 2 UID: 0 PID: 20761 Comm: syz.2.5134 Not tainted syzkaller #0 PREEMPT(full) [ 355.737382][T20761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 355.737389][T20761] Call Trace: [ 355.737393][T20761] [ 355.737398][T20761] dump_stack_lvl+0x16c/0x1f0 [ 355.737415][T20761] should_fail_ex+0x512/0x640 [ 355.737431][T20761] _copy_from_user+0x2e/0xd0 [ 355.737446][T20761] input_event_from_user+0x133/0x3b0 [ 355.737465][T20761] ? __pfx_input_event_from_user+0x10/0x10 [ 355.737482][T20761] ? __pfx___might_resched+0x10/0x10 [ 355.737496][T20761] ? input_inject_event+0x1c0/0x3b0 [ 355.737514][T20761] evdev_write+0x37b/0x750 [ 355.737532][T20761] ? __pfx_evdev_write+0x10/0x10 [ 355.737549][T20761] ? bpf_lsm_file_permission+0x9/0x10 [ 355.737564][T20761] ? security_file_permission+0x71/0x210 [ 355.737582][T20761] ? rw_verify_area+0xcf/0x6c0 [ 355.737600][T20761] ? __pfx_evdev_write+0x10/0x10 [ 355.737621][T20761] vfs_write+0x29d/0x11d0 [ 355.737636][T20761] ? __pfx_vfs_write+0x10/0x10 [ 355.737646][T20761] ? find_held_lock+0x2b/0x80 [ 355.737661][T20761] ? __fget_files+0x204/0x3c0 [ 355.737676][T20761] ? __fget_files+0x20e/0x3c0 [ 355.737692][T20761] ksys_write+0x1f8/0x250 [ 355.737703][T20761] ? __pfx_ksys_write+0x10/0x10 [ 355.737719][T20761] do_syscall_64+0xcd/0x4c0 [ 355.737733][T20761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 355.737745][T20761] RIP: 0033:0x7fee8e58ebe9 [ 355.737754][T20761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 355.737766][T20761] RSP: 002b:00007fee8f3d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 355.737777][T20761] RAX: ffffffffffffffda RBX: 00007fee8e7b5fa0 RCX: 00007fee8e58ebe9 [ 355.737784][T20761] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003 [ 355.737791][T20761] RBP: 00007fee8f3d6090 R08: 0000000000000000 R09: 0000000000000000 [ 355.737797][T20761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 355.737804][T20761] R13: 00007fee8e7b6038 R14: 00007fee8e7b5fa0 R15: 00007ffd74096f98 [ 355.737818][T20761] [ 355.829036][T20766] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5136'. [ 355.832324][T20766] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5136'. [ 355.871729][T20769] CUSE: unknown device info "" [ 355.874089][T20769] CUSE: zero length info key specified [ 355.877509][T20769] sg_read: process 498 (syz.2.5137) changed security contexts after opening file descriptor, this is not allowed. [ 355.883610][ T40] audit: type=1400 audit(1756203127.555:853): avc: denied { accept } for pid=20768 comm="syz.2.5137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 355.897010][ T1146] Bluetooth: Error in BCSP hdr checksum [ 355.978569][T20775] netlink: 'syz.1.5139': attribute type 10 has an invalid length. [ 355.981405][T20775] syz_tun: entered promiscuous mode [ 356.094502][T20777] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5140'. [ 356.175569][ T1146] Bluetooth: Error in BCSP hdr checksum [ 356.462597][ T13] Bluetooth: Error in BCSP hdr checksum [ 356.557125][T20814] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not bonding slave [ 356.560656][T20814] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1) [ 356.672373][T20824] netlink: 'syz.2.5158': attribute type 3 has an invalid length. [ 356.674961][T20824] netlink: 'syz.2.5158': attribute type 3 has an invalid length. [ 356.674989][T20824] netlink: 'syz.2.5158': attribute type 3 has an invalid length. [ 356.675015][T20824] netlink: 'syz.2.5158': attribute type 3 has an invalid length. [ 356.675040][T20824] netlink: 'syz.2.5158': attribute type 3 has an invalid length. [ 356.750803][ T13] Bluetooth: Error in BCSP hdr checksum [ 356.885290][T20841] binder: 20840:20841 unknown command 0 [ 356.887455][T20841] binder: 20840:20841 ioctl c0306201 200000000080 returned -22 [ 357.039470][ T13] Bluetooth: Error in BCSP hdr checksum [ 357.330269][ T6681] Bluetooth: Error in BCSP hdr checksum [ 357.617105][ T6681] Bluetooth: Error in BCSP hdr checksum [ 357.670277][ T40] audit: type=1326 audit(1756203129.239:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20885 comm="syz.2.5182" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fee8e58ebe9 code=0x0 [ 357.683741][T20890] IPVS: Error connecting to the multicast addr [ 357.788358][ T5988] Bluetooth: hci4: command 0x1003 tx timeout [ 357.788956][ T5973] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 357.862496][ T5973] Bluetooth: hci1: command tx timeout [ 357.906712][ T13] Bluetooth: Error in BCSP hdr checksum [ 358.183747][ T6681] Bluetooth: Error in BCSP hdr checksum [ 358.226391][ T141] usb 7-1: new high-speed USB device number 47 using dummy_hcd [ 358.363302][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 358.397249][ T141] usb 7-1: Using ep0 maxpacket: 32 [ 358.400629][ T141] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 134, changing to 11 [ 358.404055][ T141] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 2047, setting to 1024 [ 358.407748][ T141] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 358.412578][ T141] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 358.415437][ T141] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 358.417895][ T141] usb 7-1: Product: syz [ 358.419375][ T141] usb 7-1: Manufacturer: syz [ 358.420875][ T141] usb 7-1: SerialNumber: syz [ 358.463219][ T6283] udevd[6283]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 358.473273][ T61] Bluetooth: Error in BCSP hdr checksum [ 358.543066][ T6283] udevd[6283]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 358.657788][ T141] cdc_ncm 7-1:1.0: bind() failure [ 358.663305][ T141] cdc_ncm 7-1:1.1: CDC Union missing and no IAD found [ 358.666254][ T141] cdc_ncm 7-1:1.1: bind() failure [ 358.675408][ T141] usb 7-1: USB disconnect, device number 47 [ 358.688898][T20942] __nla_validate_parse: 1 callbacks suppressed [ 358.688910][T20942] netlink: 52 bytes leftover after parsing attributes in process `syz.5.5200'. [ 358.689679][ T6283] udevd[6283]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 358.723175][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 358.726401][T20944] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5201'. [ 358.730614][T20944] bridge0: port 1(dummy0) entered blocking state [ 358.732789][T20944] bridge0: port 1(dummy0) entered disabled state [ 358.735061][T20944] dummy0: entered allmulticast mode [ 358.737826][T20944] dummy0: entered promiscuous mode [ 358.740989][T20944] bridge0: port 1(dummy0) entered blocking state [ 358.743088][T20944] bridge0: port 1(dummy0) entered forwarding state [ 358.762160][ T13] Bluetooth: Error in BCSP hdr checksum [ 358.780835][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 358.819078][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 358.829947][T20949] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5203'. [ 358.982647][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 359.012535][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 359.040218][ T13] Bluetooth: Error in BCSP hdr checksum [ 359.113912][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 359.155612][T20957] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5207'. [ 359.300633][T20964] FAULT_INJECTION: forcing a failure. [ 359.300633][T20964] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 359.304746][T20964] CPU: 2 UID: 0 PID: 20964 Comm: syz.1.5210 Not tainted syzkaller #0 PREEMPT(full) [ 359.304762][T20964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 359.304770][T20964] Call Trace: [ 359.304774][T20964] [ 359.304779][T20964] dump_stack_lvl+0x16c/0x1f0 [ 359.304796][T20964] should_fail_ex+0x512/0x640 [ 359.304812][T20964] _copy_from_user+0x2e/0xd0 [ 359.304842][T20964] input_event_from_user+0x133/0x3b0 [ 359.304860][T20964] ? __pfx_input_event_from_user+0x10/0x10 [ 359.304877][T20964] ? __pfx___might_resched+0x10/0x10 [ 359.304892][T20964] ? input_inject_event+0x1c0/0x3b0 [ 359.304910][T20964] evdev_write+0x37b/0x750 [ 359.304929][T20964] ? __pfx_evdev_write+0x10/0x10 [ 359.304946][T20964] ? bpf_lsm_file_permission+0x9/0x10 [ 359.304961][T20964] ? security_file_permission+0x71/0x210 [ 359.304979][T20964] ? rw_verify_area+0xcf/0x6c0 [ 359.304998][T20964] ? __pfx_evdev_write+0x10/0x10 [ 359.305013][T20964] vfs_write+0x29d/0x11d0 [ 359.305028][T20964] ? __pfx_vfs_write+0x10/0x10 [ 359.305038][T20964] ? find_held_lock+0x2b/0x80 [ 359.305053][T20964] ? __fget_files+0x204/0x3c0 [ 359.305068][T20964] ? __fget_files+0x20e/0x3c0 [ 359.305084][T20964] ksys_write+0x1f8/0x250 [ 359.305095][T20964] ? __pfx_ksys_write+0x10/0x10 [ 359.305111][T20964] do_syscall_64+0xcd/0x4c0 [ 359.305126][T20964] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.305138][T20964] RIP: 0033:0x7f4bfd98ebe9 [ 359.305148][T20964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 359.305159][T20964] RSP: 002b:00007f4bfe841038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 359.305169][T20964] RAX: ffffffffffffffda RBX: 00007f4bfdbb5fa0 RCX: 00007f4bfd98ebe9 [ 359.305177][T20964] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003 [ 359.305183][T20964] RBP: 00007f4bfe841090 R08: 0000000000000000 R09: 0000000000000000 [ 359.305190][T20964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 359.305197][T20964] R13: 00007f4bfdbb6038 R14: 00007f4bfdbb5fa0 R15: 00007ffd6c8af5e8 [ 359.305211][T20964] [ 359.378677][ T61] Bluetooth: Error in BCSP hdr checksum [ 359.390956][T20969] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5212'. [ 359.394538][T20969] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5212'. [ 359.647860][ T1146] Bluetooth: Error in BCSP hdr checksum [ 359.807168][T20991] dummy0: left allmulticast mode [ 359.811178][T20991] bridge0: port 1(dummy0) entered disabled state [ 359.936609][ T6681] Bluetooth: Error in BCSP hdr checksum [ 360.164983][T21014] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5229'. [ 360.167837][T21014] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5229'. [ 360.200455][T21018] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not bonding slave [ 360.204627][T21018] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1) [ 360.204870][ T1146] Bluetooth: Error in BCSP hdr checksum [ 360.419691][T21023] net_ratelimit: 31 callbacks suppressed [ 360.419703][T21023] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 360.425930][T21023] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5232'. [ 360.481830][ T43] Bluetooth: Error in BCSP hdr checksum [ 360.614925][T21034] netlink: 60 bytes leftover after parsing attributes in process `syz.5.5236'. [ 360.681503][T21043] binder: 21042:21043 unknown command 0 [ 360.683315][T21043] binder: 21042:21043 ioctl c0306201 200000000080 returned -22 [ 360.759909][ T61] Bluetooth: Error in BCSP hdr checksum [ 360.930733][ T141] usb 10-1: new high-speed USB device number 38 using dummy_hcd [ 361.050671][ T1182] Bluetooth: Error in BCSP hdr checksum [ 361.092407][ T141] usb 10-1: Using ep0 maxpacket: 8 [ 361.102189][ T141] usb 10-1: config 179 has an invalid interface number: 65 but max is 0 [ 361.104871][ T141] usb 10-1: config 179 has no interface number 0 [ 361.108009][ T141] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 361.111646][ T141] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 361.115987][ T141] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 361.119622][ T141] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 361.124148][ T141] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 361.127033][ T141] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 361.135946][T21041] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 361.326467][ T6681] Bluetooth: Error in BCSP hdr checksum [ 361.338665][T21094] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 361.344589][T21094] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 361.350934][T21098] IPVS: Error connecting to the multicast addr [ 361.360866][ T141] input: Generic X-Box pad as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:179.65/input/input33 [ 361.564852][ T40] audit: type=1400 audit(1756203132.878:855): avc: denied { listen } for pid=21092 comm="syz.4.5258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 361.575474][ T5978] usb 10-1: USB disconnect, device number 38 [ 361.575524][ C2] xpad 10-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 361.580829][ C2] dummy_hcd dummy_hcd.5: timer fired with no URBs pending? [ 361.604508][ T61] Bluetooth: Error in BCSP hdr checksum [ 361.790021][ T40] audit: type=1400 audit(1756203133.093:856): avc: denied { accept } for pid=21092 comm="syz.4.5258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 361.885542][ T43] Bluetooth: Error in BCSP hdr checksum [ 361.888801][T21132] validate_nla: 48 callbacks suppressed [ 361.888810][T21132] netlink: 'syz.1.5273': attribute type 12 has an invalid length. [ 361.894964][T21134] netlink: 'syz.1.5273': attribute type 12 has an invalid length. [ 362.007532][T21138] netlink: 'syz.2.5275': attribute type 10 has an invalid length. [ 362.039284][T21143] syzkaller1: entered promiscuous mode [ 362.041060][T21143] syzkaller1: entered allmulticast mode [ 362.130456][T21148] netlink: 'syz.1.5278': attribute type 10 has an invalid length. [ 362.133140][T21148] bridge0: port 1(dummy0) entered blocking state [ 362.135194][T21148] bridge0: port 1(dummy0) entered disabled state [ 362.137764][T21148] dummy0: entered allmulticast mode [ 362.141242][T21148] bridge0: port 1(dummy0) entered blocking state [ 362.143424][T21148] bridge0: port 1(dummy0) entered forwarding state [ 362.160372][ T43] Bluetooth: Error in BCSP hdr checksum [ 362.192137][ T5973] Bluetooth: hci0: unexpected event for opcode 0x0c1a [ 362.200075][T21154] kvm: pic: non byte read [ 362.204158][T21154] kvm: pic: non byte read [ 362.208387][T21154] kvm: pic: single mode not supported [ 362.208734][T21154] kvm: pic: non byte read [ 362.215097][T21154] kvm: pic: non byte read [ 362.217787][T21154] kvm: pic: non byte read [ 362.220467][T21154] kvm: pic: non byte read [ 362.223207][T21154] kvm: pic: non byte read [ 362.225914][T21154] kvm: pic: single mode not supported [ 362.225940][T21154] kvm: pic: level sensitive irq not supported [ 362.227870][T21154] kvm: pic: non byte read [ 362.232368][T21154] kvm: pic: non byte read [ 362.236165][T21154] openvswitch: netlink: nsh attribute has unmatched MD type 0. [ 362.238893][T21154] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 362.335402][T21167] FAULT_INJECTION: forcing a failure. [ 362.335402][T21167] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 362.341554][T21167] CPU: 0 UID: 0 PID: 21167 Comm: syz.1.5285 Not tainted syzkaller #0 PREEMPT(full) [ 362.341571][T21167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 362.341578][T21167] Call Trace: [ 362.341582][T21167] [ 362.341587][T21167] dump_stack_lvl+0x16c/0x1f0 [ 362.341622][T21167] should_fail_ex+0x512/0x640 [ 362.341656][T21167] _copy_from_user+0x2e/0xd0 [ 362.341671][T21167] input_event_from_user+0x133/0x3b0 [ 362.341689][T21167] ? __pfx_input_event_from_user+0x10/0x10 [ 362.341706][T21167] ? __pfx___might_resched+0x10/0x10 [ 362.341721][T21167] ? input_inject_event+0x1c0/0x3b0 [ 362.341739][T21167] evdev_write+0x37b/0x750 [ 362.341762][T21167] ? __pfx_evdev_write+0x10/0x10 [ 362.341780][T21167] ? bpf_lsm_file_permission+0x9/0x10 [ 362.341795][T21167] ? security_file_permission+0x71/0x210 [ 362.341813][T21167] ? rw_verify_area+0xcf/0x6c0 [ 362.341831][T21167] ? __pfx_evdev_write+0x10/0x10 [ 362.341847][T21167] vfs_write+0x29d/0x11d0 [ 362.341862][T21167] ? __pfx_vfs_write+0x10/0x10 [ 362.341872][T21167] ? find_held_lock+0x2b/0x80 [ 362.341887][T21167] ? __fget_files+0x204/0x3c0 [ 362.341903][T21167] ? __fget_files+0x20e/0x3c0 [ 362.341919][T21167] ksys_write+0x1f8/0x250 [ 362.341931][T21167] ? __pfx_ksys_write+0x10/0x10 [ 362.341946][T21167] do_syscall_64+0xcd/0x4c0 [ 362.341961][T21167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.341973][T21167] RIP: 0033:0x7f4bfd98ebe9 [ 362.341983][T21167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 362.341994][T21167] RSP: 002b:00007f4bfe841038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 362.342006][T21167] RAX: ffffffffffffffda RBX: 00007f4bfdbb5fa0 RCX: 00007f4bfd98ebe9 [ 362.342013][T21167] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003 [ 362.342020][T21167] RBP: 00007f4bfe841090 R08: 0000000000000000 R09: 0000000000000000 [ 362.342027][T21167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 362.342034][T21167] R13: 00007f4bfdbb6038 R14: 00007f4bfdbb5fa0 R15: 00007ffd6c8af5e8 [ 362.342048][T21167] [ 362.372189][T21172] raw_sendmsg: syz.5.5288 forgot to set AF_INET. Fix it! [ 362.438392][ T43] Bluetooth: Error in BCSP hdr checksum [ 362.587628][ T6140] usb 7-1: new high-speed USB device number 48 using dummy_hcd [ 362.591340][T21181] kvm: user requested TSC rate below hardware speed [ 362.657033][T21184] No control pipe specified [ 362.667403][T21186] netlink: 'syz.1.5294': attribute type 10 has an invalid length. [ 362.716549][ T6681] Bluetooth: Error in BCSP hdr checksum [ 362.758734][ T6140] usb 7-1: Using ep0 maxpacket: 8 [ 362.762113][ T6140] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 362.765539][ T6140] usb 7-1: config 179 has no interface number 0 [ 362.768051][ T6140] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 362.772428][ T6140] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 362.775918][ T6140] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 362.779510][ T6140] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 362.784027][ T6140] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 362.786764][ T6140] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 362.792419][T21170] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 363.005886][ T1146] Bluetooth: Error in BCSP hdr checksum [ 363.014307][ T6140] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:179.65/input/input34 [ 363.227997][ T6140] usb 7-1: USB disconnect, device number 48 [ 363.229989][ C3] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 363.230011][ C3] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 363.258464][T21197] dummy0: left allmulticast mode [ 363.260175][T21197] bridge0: port 1(dummy0) entered disabled state [ 363.293862][ T43] Bluetooth: Error in BCSP hdr checksum [ 363.377115][T21201] netlink: 'syz.1.5299': attribute type 13 has an invalid length. [ 363.571809][ T1146] Bluetooth: Error in BCSP hdr checksum [ 363.674819][T21219] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not bonding slave [ 363.678886][T21219] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1) [ 363.716410][T21221] netlink: 'syz.1.5306': attribute type 3 has an invalid length. [ 363.778611][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 363.786718][ T40] audit: type=1400 audit(1756203134.964:857): avc: denied { nosuid_transition } for pid=21222 comm="syz.1.5307" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process2 permissive=1 [ 363.793235][ T40] audit: type=1400 audit(1756203134.964:858): avc: denied { transition } for pid=21222 comm="syz.1.5307" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1 [ 363.813152][ T40] audit: type=1400 audit(1756203134.964:859): avc: denied { entrypoint } for pid=21222 comm="syz.1.5307" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1154 scontext=system_u:object_r:hugetlbfs_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 363.826703][ T6283] udevd[6283]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 363.829749][ T40] audit: type=1400 audit(1756203134.964:860): avc: denied { share } for pid=21222 comm="syz.1.5307" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1 [ 363.837542][ T40] audit: type=1400 audit(1756203134.964:861): avc: denied { noatsecure } for pid=21222 comm="syz.1.5307" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1 [ 363.849873][ T1182] Bluetooth: Error in BCSP hdr checksum [ 363.867138][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 363.900146][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 363.985490][T21243] binder: 21242:21243 unknown command 0 [ 363.987285][T21243] binder: 21242:21243 ioctl c0306201 200000000080 returned -22 [ 364.127651][ T61] Bluetooth: Error in BCSP hdr checksum [ 364.146571][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 364.178731][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 364.214708][ T2148] usb 6-1: new high-speed USB device number 35 using dummy_hcd [ 364.219287][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 364.296944][ T40] audit: type=1400 audit(1756203135.431:862): avc: denied { getopt } for pid=21257 comm="syz.2.5322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 364.373117][ T2148] usb 6-1: Using ep0 maxpacket: 32 [ 364.376505][ T2148] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 364.379130][ T2148] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 364.381895][ T2148] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 364.385117][ T2148] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 364.388238][ T2148] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 364.391422][ T2148] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 364.395765][ T2148] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 364.398576][ T2148] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 364.402634][ T2148] usb 6-1: config 0 descriptor?? [ 364.405487][ T43] Bluetooth: Error in BCSP hdr checksum [ 364.480447][ T141] usb 10-1: new high-speed USB device number 39 using dummy_hcd [ 364.622645][ T2148] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 35 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 364.640862][ T141] usb 10-1: Using ep0 maxpacket: 8 [ 364.644363][ T141] usb 10-1: config 179 has an invalid interface number: 65 but max is 0 [ 364.646966][ T141] usb 10-1: config 179 has no interface number 0 [ 364.648985][ T141] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 364.652494][ T141] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 364.656213][ T141] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 364.659546][ T141] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 364.663721][ T141] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 364.666544][ T141] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 364.671027][T21269] __nla_validate_parse: 9 callbacks suppressed [ 364.671038][T21269] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5326'. [ 364.671043][T21253] raw-gadget.3 gadget.5: fail, usb_ep_enable returned -22 [ 364.685042][ T1146] Bluetooth: Error in BCSP hdr checksum [ 364.741467][T21275] tmpfs: Bad value for 'mpol' [ 364.850219][T21284] binder: 21283:21284 unknown command 0 [ 364.852584][T21284] binder: 21283:21284 ioctl c0306201 200000000080 returned -22 [ 364.870223][ T2148] usb 6-1: USB disconnect, device number 35 [ 364.884486][ T2148] usblp0: removed [ 364.910486][ T141] input: Generic X-Box pad as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:179.65/input/input35 [ 364.961554][ T43] Bluetooth: Error in BCSP hdr checksum [ 364.992625][T21284] syz.2.5333 (21284): drop_caches: 2 [ 365.093698][T21301] IPVS: Error connecting to the multicast addr [ 365.116611][ T6039] usb 10-1: USB disconnect, device number 39 [ 365.116620][ C2] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 365.138750][T21305] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=21112 sclass=netlink_route_socket pid=21305 comm=syz.4.5336 [ 365.140783][T21306] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=21112 sclass=netlink_route_socket pid=21306 comm=syz.4.5336 [ 365.240869][ T61] Bluetooth: Error in BCSP hdr checksum [ 365.520620][ T43] Bluetooth: Error in BCSP hdr checksum [ 365.540751][ T5988] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 365.545995][ T5988] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 365.550224][ T5988] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 365.554072][ T5988] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 365.557633][ T5988] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 365.682091][ T43] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 365.702225][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 365.795859][ T1146] Bluetooth: Error in BCSP hdr checksum [ 365.796212][ T43] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 365.831111][T21312] chnl_net:caif_netlink_parms(): no params data found [ 365.860062][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 365.904021][ T43] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 365.926953][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 365.957301][T21312] bridge0: port 1(bridge_slave_0) entered blocking state [ 365.959612][T21312] bridge0: port 1(bridge_slave_0) entered disabled state [ 365.961960][T21312] bridge_slave_0: entered allmulticast mode [ 365.964711][T21312] bridge_slave_0: entered promiscuous mode [ 365.969990][T21312] bridge0: port 2(bridge_slave_1) entered blocking state [ 365.972445][T21312] bridge0: port 2(bridge_slave_1) entered disabled state [ 365.974865][T21312] bridge_slave_1: entered allmulticast mode [ 365.979050][T21312] bridge_slave_1: entered promiscuous mode [ 366.022648][ T43] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.053413][T21312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 366.057973][T21312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 366.073005][ T61] Bluetooth: Error in BCSP hdr checksum [ 366.090957][T21347] dummy0: left allmulticast mode [ 366.093058][T21347] dummy0: left promiscuous mode [ 366.095139][T21347] bridge0: port 1(dummy0) entered disabled state [ 366.154438][T21312] team0: Port device team_slave_0 added [ 366.165745][T21312] team0: Port device team_slave_1 added [ 366.205807][T21347] netlink: 'syz.5.5348': attribute type 10 has an invalid length. [ 366.223609][T21312] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 366.225770][T21312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 366.240814][T21347] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5348'. [ 366.241069][T21312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 366.250785][T21312] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 366.254259][T21312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 366.264955][T21312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 366.349789][ T40] audit: type=1400 audit(1756203137.349:863): avc: denied { sqpoll } for pid=21353 comm="syz.5.5350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 366.356514][ T6681] Bluetooth: Error in BCSP hdr checksum [ 366.460974][T21312] hsr_slave_0: entered promiscuous mode [ 366.463209][T21312] hsr_slave_1: entered promiscuous mode [ 366.465295][T21312] debugfs: 'hsr0' already exists in 'hsr' [ 366.467041][T21312] Cannot create hsr debugfs directory [ 366.514435][ T43] dummy0: left allmulticast mode [ 366.518543][ T43] bridge0: port 1(dummy0) entered disabled state [ 366.637570][ T61] Bluetooth: Error in BCSP hdr checksum [ 366.913551][ T1182] Bluetooth: Error in BCSP hdr checksum [ 367.188892][ T61] Bluetooth: Error in BCSP hdr checksum [ 367.284143][ T43] bond0 (unregistering): Released all slaves [ 367.290614][ T43] bond1 (unregistering): Released all slaves [ 367.297558][ T43] bond2 (unregistering): Released all slaves [ 367.304818][ T43] bond3 (unregistering): Released all slaves [ 367.313732][ T43] bond4 (unregistering): Released all slaves [ 367.431412][ T43] : left promiscuous mode [ 367.463876][ T61] Bluetooth: Error in BCSP hdr checksum [ 367.527403][ T141] usb 10-1: new high-speed USB device number 40 using dummy_hcd [ 367.687338][ T141] usb 10-1: Using ep0 maxpacket: 8 [ 367.690474][ T141] usb 10-1: config 179 has an invalid interface number: 65 but max is 0 [ 367.693040][ T141] usb 10-1: config 179 has no interface number 0 [ 367.695347][ T141] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 367.699253][ T141] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 367.703578][ T141] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 367.707551][ T141] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 367.712054][ T141] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 367.714764][ T141] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 367.723422][T21363] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 367.744413][ T6681] Bluetooth: Error in BCSP hdr checksum [ 367.785333][ T5988] Bluetooth: hci3: command tx timeout [ 367.848655][ T43] batadv_slave_0: left promiscuous mode [ 367.853973][T21392] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5357'. [ 367.859747][ T43] hsr_slave_0: left promiscuous mode [ 367.863796][ T43] hsr_slave_1: left promiscuous mode [ 367.889936][ T43] veth1_macvtap: left promiscuous mode [ 367.892914][ T43] veth0_macvtap: left promiscuous mode [ 367.894901][ T43] veth1_vlan: left promiscuous mode [ 367.896594][ T43] veth0_vlan: left promiscuous mode [ 367.945096][ T141] input: Generic X-Box pad as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:179.65/input/input36 [ 368.023126][ T61] Bluetooth: Error in BCSP hdr checksum [ 368.156792][ T6140] usb 10-1: USB disconnect, device number 40 [ 368.156894][ C2] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 368.162044][ C2] xpad 10-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 368.308115][ T13] Bluetooth: Error in BCSP hdr checksum [ 368.596601][ T1146] Bluetooth: Error in BCSP hdr checksum [ 368.875616][ T61] Bluetooth: Error in BCSP hdr checksum [ 369.154423][ T61] Bluetooth: Error in BCSP hdr checksum [ 369.353746][T21392] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR [ 369.412419][T21403] CUSE: info not properly terminated [ 369.430592][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 369.436340][ T61] Bluetooth: Error in BCSP hdr checksum [ 369.512469][T21312] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 369.532754][T21312] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 369.673399][T21312] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 369.684989][T21312] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 369.721428][ T13] Bluetooth: Error in BCSP hdr checksum [ 369.788909][T21312] 8021q: adding VLAN 0 to HW filter on device bond0 [ 369.795570][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 369.809639][T21312] 8021q: adding VLAN 0 to HW filter on device team0 [ 369.876539][ T1182] bridge0: port 1(bridge_slave_0) entered blocking state [ 369.880030][ T1182] bridge0: port 1(bridge_slave_0) entered forwarding state [ 369.960827][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 369.963913][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 370.009379][ T5988] Bluetooth: hci3: command tx timeout [ 370.009410][ T1182] Bluetooth: Error in BCSP hdr checksum [ 370.026254][ T43] IPVS: stop unused estimator thread 0... [ 370.211564][T21312] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 370.287553][ T61] Bluetooth: Error in BCSP hdr checksum [ 370.326824][ T6273] usb 7-1: new high-speed USB device number 49 using dummy_hcd [ 370.404488][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 370.422340][T21312] veth0_vlan: entered promiscuous mode [ 370.427848][T21312] veth1_vlan: entered promiscuous mode [ 370.454523][T21312] veth0_macvtap: entered promiscuous mode [ 370.469455][T21312] veth1_macvtap: entered promiscuous mode [ 370.493888][T21462] batman_adv: batadv0: Adding interface: dummy0 [ 370.496141][T21462] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 370.504342][ T6273] usb 7-1: Using ep0 maxpacket: 8 [ 370.507509][T21462] batman_adv: batadv0: Interface activated: dummy0 [ 370.513215][ T6273] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 370.516715][ T6273] usb 7-1: config 179 has no interface number 0 [ 370.519028][T21312] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 370.519286][ T6273] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 370.525883][ T6273] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 370.527162][T21462] batadv0: mtu less than device minimum [ 370.529201][ T6273] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 370.529219][ T6273] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 370.529244][ T6273] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 370.529256][ T6273] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 370.531853][T21445] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 370.546749][T21462] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 370.551094][T21462] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 370.554748][T21462] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 370.558417][T21462] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 370.563268][T21462] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 370.563650][ T61] Bluetooth: Error in BCSP hdr checksum [ 370.566885][T21462] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 370.572283][T21462] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 370.575690][T21466] netlink: 'syz.1.5368': attribute type 10 has an invalid length. [ 370.578592][T21462] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 370.582139][T21462] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 370.595470][T21312] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 370.601451][ T6681] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.604717][ T6681] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.610425][ T6681] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.613979][ T6681] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.674594][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 370.677302][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 370.681311][T21471] netlink: 'syz.1.5370': attribute type 4 has an invalid length. [ 370.684730][T21471] netlink: 17 bytes leftover after parsing attributes in process `syz.1.5370'. [ 370.709879][T21471] syzkaller1: entered promiscuous mode [ 370.712100][T21471] syzkaller1: entered allmulticast mode [ 370.717919][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 370.720805][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 370.770474][ T141] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:179.65/input/input37 [ 370.785813][T21475] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5338'. [ 370.841544][ T1146] Bluetooth: Error in BCSP hdr checksum [ 370.864869][T21479] netlink: 'syz.1.5372': attribute type 10 has an invalid length. [ 370.868312][T21479] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5372'. [ 370.871110][T21479] batman_adv: batadv0: Interface deactivated: dummy0 [ 370.873465][T21479] batman_adv: batadv0: Removing interface: dummy0 [ 370.876281][T21479] bridge0: port 1(dummy0) entered blocking state [ 370.878393][T21479] bridge0: port 1(dummy0) entered disabled state [ 370.880592][T21479] dummy0: entered allmulticast mode [ 370.885456][T21479] bridge0: port 1(dummy0) entered blocking state [ 370.887517][T21479] bridge0: port 1(dummy0) entered forwarding state [ 370.931898][ T6283] udevd[6283]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 370.984306][ T141] usb 7-1: USB disconnect, device number 49 [ 370.986329][ C2] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 370.986351][ C2] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 371.078313][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 371.116271][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 371.122115][T21492] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5377'. [ 371.125101][T21492] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5377'. [ 371.131341][ T43] Bluetooth: Error in BCSP hdr checksum [ 371.166474][T21495] FAULT_INJECTION: forcing a failure. [ 371.166474][T21495] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 371.173250][T21495] CPU: 3 UID: 0 PID: 21495 Comm: syz.5.5379 Not tainted syzkaller #0 PREEMPT(full) [ 371.173266][T21495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 371.173288][T21495] Call Trace: [ 371.173292][T21495] [ 371.173297][T21495] dump_stack_lvl+0x16c/0x1f0 [ 371.173334][T21495] should_fail_ex+0x512/0x640 [ 371.173354][T21495] _copy_from_user+0x2e/0xd0 [ 371.173370][T21495] input_event_from_user+0x133/0x3b0 [ 371.173388][T21495] ? __pfx_input_event_from_user+0x10/0x10 [ 371.173405][T21495] ? __pfx___might_resched+0x10/0x10 [ 371.173420][T21495] ? input_inject_event+0x1c0/0x3b0 [ 371.173438][T21495] evdev_write+0x37b/0x750 [ 371.173457][T21495] ? __pfx_evdev_write+0x10/0x10 [ 371.173476][T21495] ? bpf_lsm_file_permission+0x9/0x10 [ 371.173491][T21495] ? security_file_permission+0x71/0x210 [ 371.173509][T21495] ? rw_verify_area+0xcf/0x6c0 [ 371.173528][T21495] ? __pfx_evdev_write+0x10/0x10 [ 371.173543][T21495] vfs_write+0x29d/0x11d0 [ 371.173558][T21495] ? __pfx_vfs_write+0x10/0x10 [ 371.173569][T21495] ? find_held_lock+0x2b/0x80 [ 371.173583][T21495] ? __fget_files+0x204/0x3c0 [ 371.173598][T21495] ? __fget_files+0x20e/0x3c0 [ 371.173614][T21495] ksys_write+0x1f8/0x250 [ 371.173626][T21495] ? __pfx_ksys_write+0x10/0x10 [ 371.173641][T21495] do_syscall_64+0xcd/0x4c0 [ 371.173656][T21495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 371.173668][T21495] RIP: 0033:0x7fd910d8ebe9 [ 371.173678][T21495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 371.173688][T21495] RSP: 002b:00007fd911c24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 371.173699][T21495] RAX: ffffffffffffffda RBX: 00007fd910fb5fa0 RCX: 00007fd910d8ebe9 [ 371.173711][T21495] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003 [ 371.173718][T21495] RBP: 00007fd911c24090 R08: 0000000000000000 R09: 0000000000000000 [ 371.173724][T21495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 371.173731][T21495] R13: 00007fd910fb6038 R14: 00007fd910fb5fa0 R15: 00007ffd402f0168 [ 371.173745][T21495] [ 371.175579][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 371.393785][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 371.408354][ T13] Bluetooth: Error in BCSP hdr checksum [ 371.471690][ T53] usb 6-1: new high-speed USB device number 36 using dummy_hcd [ 371.479202][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 371.639834][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 371.646136][ T53] usb 6-1: no configurations [ 371.648140][ T53] usb 6-1: can't read configurations, error -22 [ 371.687341][ T6681] Bluetooth: Error in BCSP hdr checksum [ 371.724415][T21516] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5385'. [ 371.792321][ T53] usb 6-1: new high-speed USB device number 37 using dummy_hcd [ 371.836655][T21521] netlink: 'syz.5.5387': attribute type 10 has an invalid length. [ 371.844618][T21522] netlink: 'syz.2.5385': attribute type 1 has an invalid length. [ 371.854964][T21522] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=21522 comm=syz.2.5385 [ 371.964039][ T53] usb 6-1: no configurations [ 371.966557][ T53] usb 6-1: can't read configurations, error -22 [ 371.969639][ T53] usb usb6-port1: attempt power cycle [ 371.974177][ T6681] Bluetooth: Error in BCSP hdr checksum [ 372.231003][ T5988] Bluetooth: hci3: command tx timeout [ 372.253982][ T13] Bluetooth: Error in BCSP hdr checksum [ 372.312714][T21537] bridge_slave_0: left allmulticast mode [ 372.314589][T21537] bridge_slave_0: left promiscuous mode [ 372.322034][T21537] bridge0: port 1(bridge_slave_0) entered disabled state [ 372.344948][T21537] bridge_slave_1: left allmulticast mode [ 372.346833][T21537] bridge_slave_1: left promiscuous mode [ 372.348262][ T53] usb 6-1: new high-speed USB device number 38 using dummy_hcd [ 372.352877][T21537] bridge0: port 2(bridge_slave_1) entered disabled state [ 372.364999][T21537] bond0: (slave bond_slave_0): Releasing backup interface [ 372.374162][T21537] bond0: (slave bond_slave_1): Releasing backup interface [ 372.388037][T21537] team0: Port device team_slave_0 removed [ 372.394315][ T53] usb 6-1: no configurations [ 372.401442][ T53] usb 6-1: can't read configurations, error -22 [ 372.403769][T21537] team0: Port device team_slave_1 removed [ 372.406707][T21537] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 372.409058][T21537] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 372.416198][T21537] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 372.419456][T21537] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 372.497888][ T141] usb 10-1: new high-speed USB device number 41 using dummy_hcd [ 372.530425][ T1146] Bluetooth: Error in BCSP hdr checksum [ 372.540708][ T53] usb 6-1: new high-speed USB device number 39 using dummy_hcd [ 372.562862][ T53] usb 6-1: no configurations [ 372.564405][ T53] usb 6-1: can't read configurations, error -22 [ 372.566668][ T53] usb usb6-port1: unable to enumerate USB device [ 372.661283][ T141] usb 10-1: Using ep0 maxpacket: 8 [ 372.664397][ T141] usb 10-1: config 179 has an invalid interface number: 65 but max is 0 [ 372.666928][ T141] usb 10-1: config 179 has no interface number 0 [ 372.669169][ T141] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 372.672580][ T141] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 372.676088][ T141] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 372.680521][ T141] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 372.680546][ T141] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 372.680559][ T141] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 372.686172][T21534] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 372.705907][T21550] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not bonding slave [ 372.709102][T21550] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1) [ 372.786909][T21558] could not allocate digest TFM handle tgr128 [ 372.819071][ T1146] Bluetooth: Error in BCSP hdr checksum [ 372.919892][ T141] input: Generic X-Box pad as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:179.65/input/input38 [ 373.107777][ T61] Bluetooth: Error in BCSP hdr checksum [ 373.129939][ C2] xpad 10-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 373.132507][ C2] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 373.135099][ T141] usb 10-1: USB disconnect, device number 41 [ 373.231306][T21576] binder: 21575:21576 unknown command 0 [ 373.233065][T21576] binder: 21575:21576 ioctl c0306201 200000000080 returned -22 [ 373.396187][ T61] Bluetooth: Error in BCSP hdr checksum [ 373.685908][ T1182] Bluetooth: Error in BCSP hdr checksum [ 373.967266][ T1146] Bluetooth: Error in BCSP hdr checksum [ 374.253579][ T61] Bluetooth: Error in BCSP hdr checksum [ 374.262327][ T40] audit: type=1400 audit(1756203144.757:864): avc: denied { getopt } for pid=21621 comm="syz.5.5423" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 374.465276][ T5988] Bluetooth: hci3: command tx timeout [ 374.490979][T21639] IPVS: Error connecting to the multicast addr [ 374.543802][ T6681] Bluetooth: Error in BCSP hdr checksum [ 374.818126][ T61] Bluetooth: Error in BCSP hdr checksum [ 374.851579][T21661] netlink: 'syz.4.5435': attribute type 10 has an invalid length. [ 374.875275][T21661] 8021q: adding VLAN 0 to HW filter on device bond0 [ 374.880878][T21661] team0: Port device bond0 added [ 374.944096][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 374.951272][T21660] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5435'. [ 374.987049][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 375.008243][ T40] audit: type=1400 audit(1756203145.450:865): avc: denied { append } for pid=21671 comm="syz.5.5441" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 375.078884][ T40] audit: type=1400 audit(1756203145.524:866): avc: denied { write } for pid=21671 comm="syz.5.5441" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1 [ 375.087348][ T40] audit: type=1400 audit(1756203145.524:867): avc: denied { map } for pid=21671 comm="syz.5.5441" path="socket:[119766]" dev="sockfs" ino=119766 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 375.098234][ T1182] Bluetooth: Error in BCSP hdr checksum [ 375.143889][T21660] team0 (unregistering): Port device bond0 removed [ 375.374272][ T1182] Bluetooth: Error in BCSP hdr checksum [ 375.437415][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 375.443402][T21691] netlink: 'syz.2.5449': attribute type 10 has an invalid length. [ 375.520112][T21709] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5453'. [ 375.548607][T21712] netlink: 'syz.2.5454': attribute type 10 has an invalid length. [ 375.551924][T21712] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5454'. [ 375.653229][ T6681] Bluetooth: Error in BCSP hdr checksum [ 375.797425][T21727] 9pnet_fd: Insufficient options for proto=fd [ 375.832689][T21735] FAULT_INJECTION: forcing a failure. [ 375.832689][T21735] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 375.838213][T21735] CPU: 1 UID: 0 PID: 21735 Comm: syz.4.5461 Not tainted syzkaller #0 PREEMPT(full) [ 375.838230][T21735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 375.838237][T21735] Call Trace: [ 375.838241][T21735] [ 375.838246][T21735] dump_stack_lvl+0x16c/0x1f0 [ 375.838263][T21735] should_fail_ex+0x512/0x640 [ 375.838280][T21735] _copy_from_user+0x2e/0xd0 [ 375.838295][T21735] input_event_from_user+0x133/0x3b0 [ 375.838313][T21735] ? __pfx_input_event_from_user+0x10/0x10 [ 375.838347][T21735] ? __pfx___might_resched+0x10/0x10 [ 375.838363][T21735] ? input_inject_event+0x1c0/0x3b0 [ 375.838381][T21735] evdev_write+0x37b/0x750 [ 375.838399][T21735] ? __pfx_evdev_write+0x10/0x10 [ 375.838417][T21735] ? bpf_lsm_file_permission+0x9/0x10 [ 375.838432][T21735] ? security_file_permission+0x71/0x210 [ 375.838450][T21735] ? rw_verify_area+0xcf/0x6c0 [ 375.838469][T21735] ? __pfx_evdev_write+0x10/0x10 [ 375.838484][T21735] vfs_write+0x29d/0x11d0 [ 375.838499][T21735] ? __pfx_vfs_write+0x10/0x10 [ 375.838509][T21735] ? find_held_lock+0x2b/0x80 [ 375.838524][T21735] ? __fget_files+0x204/0x3c0 [ 375.838538][T21735] ? __fget_files+0x20e/0x3c0 [ 375.838554][T21735] ksys_write+0x1f8/0x250 [ 375.838566][T21735] ? __pfx_ksys_write+0x10/0x10 [ 375.838581][T21735] do_syscall_64+0xcd/0x4c0 [ 375.838596][T21735] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 375.838607][T21735] RIP: 0033:0x7f3bc9d8ebe9 [ 375.838617][T21735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 375.838633][T21735] RSP: 002b:00007f3bcacc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 375.838644][T21735] RAX: ffffffffffffffda RBX: 00007f3bc9fb5fa0 RCX: 00007f3bc9d8ebe9 [ 375.838652][T21735] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003 [ 375.838658][T21735] RBP: 00007f3bcacc3090 R08: 0000000000000000 R09: 0000000000000000 [ 375.838666][T21735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 375.838673][T21735] R13: 00007f3bc9fb6038 R14: 00007f3bc9fb5fa0 R15: 00007ffe5abb9cd8 [ 375.838687][T21735] [ 375.892022][T21737] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5460'. [ 375.897007][ C1] hpet: Lost 2 RTC interrupts [ 375.918883][ C1] hpet: Lost 1 RTC interrupts [ 375.930313][T21739] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 375.936609][ T40] audit: type=1400 audit(1756203146.319:868): avc: denied { ioctl } for pid=21738 comm="syz.4.5462" path="socket:[118683]" dev="sockfs" ino=118683 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sock_file permissive=1 [ 375.948788][ T1182] Bluetooth: Error in BCSP hdr checksum [ 376.018899][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 376.111138][T21751] netlink: 'syz.4.5467': attribute type 10 has an invalid length. [ 376.114680][T21751] syz_tun: entered promiscuous mode [ 376.119781][T21751] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 376.188873][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 376.219985][ T1182] Bluetooth: Error in BCSP hdr checksum [ 376.372660][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 376.447033][T21773] dummy0: left allmulticast mode [ 376.448868][T21773] bridge0: port 1(dummy0) entered disabled state [ 376.451688][T21783] netlink: 'syz.5.5478': attribute type 3 has an invalid length. [ 376.452247][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 376.455019][T21783] __nla_validate_parse: 1 callbacks suppressed [ 376.455030][T21783] netlink: 68 bytes leftover after parsing attributes in process `syz.5.5478'. [ 376.474285][T21781] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not bonding slave [ 376.480350][T21781] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1) [ 376.497072][ T13] Bluetooth: Error in BCSP hdr checksum [ 376.525391][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 376.533489][ T40] audit: type=1400 audit(1756203146.881:869): avc: denied { execute } for pid=21784 comm="syz.2.5479" path="/dev/video0" dev="devtmpfs" ino=955 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 376.587611][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 376.627294][ T6638] udevd[6638]: symlink '../../loop5' '/dev/disk/by-diskseq/195.tmp-b7:5' failed: Read-only file system [ 376.637918][T21797] binder: 21796:21797 unknown command 0 [ 376.639723][T21797] binder: 21796:21797 ioctl c0306201 200000000080 returned -22 [ 376.785787][ T6681] Bluetooth: Error in BCSP hdr checksum [ 377.077066][ T1146] Bluetooth: Error in BCSP hdr checksum [ 377.233752][ T9] usb 10-1: new high-speed USB device number 42 using dummy_hcd [ 377.267684][ T59] usb 7-1: new high-speed USB device number 50 using dummy_hcd [ 377.351746][ T1146] Bluetooth: Error in BCSP hdr checksum [ 377.394226][ T9] usb 10-1: Using ep0 maxpacket: 8 [ 377.397156][ T9] usb 10-1: config 179 has an invalid interface number: 65 but max is 0 [ 377.399887][ T9] usb 10-1: config 179 has no interface number 0 [ 377.401876][ T9] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 377.405834][ T9] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 377.409407][ T9] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 377.412869][ T9] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 377.417968][ T9] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 377.421209][ T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 377.425611][T21826] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 377.429690][ T59] usb 7-1: Using ep0 maxpacket: 8 [ 377.433118][ T59] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 377.436925][ T59] usb 7-1: config 179 has no interface number 0 [ 377.438906][ T59] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 377.442336][ T59] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 377.445801][ T59] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 377.449930][ T59] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 377.454236][ T59] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 377.457280][ T59] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 377.462928][T21828] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22 [ 377.629584][ T6681] Bluetooth: Error in BCSP hdr checksum [ 377.653509][ T9] input: Generic X-Box pad as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:179.65/input/input39 [ 377.700708][ T59] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:179.65/input/input40 [ 377.860374][ T9] usb 10-1: USB disconnect, device number 42 [ 377.862408][ C0] xpad 10-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 377.862432][ C0] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 377.903114][ T6273] usb 7-1: USB disconnect, device number 50 [ 377.903188][ C1] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 377.908602][ C1] dummy_hcd dummy_hcd.2: timer fired with no URBs pending? [ 377.921473][ T13] Bluetooth: Error in BCSP hdr checksum [ 378.074169][ T5988] Bluetooth: hci0: unexpected event for opcode 0x2005 [ 378.196713][ T13] Bluetooth: Error in BCSP hdr checksum [ 378.353740][T21866] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 378.443543][T21875] IPVS: Error connecting to the multicast addr [ 378.482432][T21879] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5515'. [ 378.487890][ T61] Bluetooth: Error in BCSP hdr checksum [ 378.489778][T21879] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 378.496380][T21879] VFS: Can't find a romfs filesystem on dev nullb0. [ 378.496380][T21879] [ 378.609211][T21885] Oops: general protection fault, probably for non-canonical address 0xdffffc000000005f: 0000 [#1] SMP KASAN NOPTI [ 378.613031][T21885] KASAN: null-ptr-deref in range [0x00000000000002f8-0x00000000000002ff] [ 378.616540][T21885] CPU: 1 UID: 0 PID: 21885 Comm: syz.1.5518 Not tainted syzkaller #0 PREEMPT(full) [ 378.620459][T21885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 378.624311][T21885] RIP: 0010:h5_recv+0x104/0x950 [ 378.626011][T21885] Code: c1 e8 03 4c 01 f0 48 89 44 24 08 48 8d 83 08 03 00 00 48 89 44 24 30 48 c1 e8 03 48 89 44 24 10 e8 91 b4 40 f9 48 8b 44 24 08 <80> 38 00 0f 85 ae 01 00 00 48 89 ea 48 89 e9 4c 8b bb f8 02 00 00 [ 378.631912][T21885] RSP: 0018:ffffc900048ffc00 EFLAGS: 00010293 [ 378.634047][T21885] RAX: dffffc000000005f RBX: 0000000000000000 RCX: ffffffff887ad72a [ 378.636621][T21885] RDX: ffff888064804880 RSI: ffffffff887ad76f RDI: 0000000000000005 [ 378.639110][T21885] RBP: ffffc900048ffd88 R08: 0000000000000005 R09: 0000000000000000 [ 378.641700][T21885] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001 [ 378.644128][T21885] R13: 0000000000000001 R14: dffffc0000000000 R15: ffffffff8cb47920 [ 378.646737][T21885] FS: 00007f4bfe8206c0(0000) GS:ffff8880d67b9000(0000) knlGS:0000000000000000 [ 378.649531][T21885] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 378.651740][T21885] CR2: 0000200000000300 CR3: 000000004dcd8000 CR4: 0000000000352ef0 [ 378.654583][T21885] DR0: 0000000000000003 DR1: 0000000000000009 DR2: 0000000000000101 [ 378.657231][T21885] DR3: 0000000000000005 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 378.659789][T21885] Call Trace: [ 378.660870][T21885] [ 378.661813][T21885] ? __pfx_h5_recv+0x10/0x10 [ 378.663389][T21885] hci_uart_tty_receive+0x251/0x7e0 [ 378.665258][T21885] ? __pfx_hci_uart_tty_receive+0x10/0x10 [ 378.667245][T21885] tty_ioctl+0x583/0x1680 [ 378.668657][T21885] ? __pfx_tty_ioctl+0x10/0x10 [ 378.670300][T21885] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 378.672485][T21885] ? hook_file_ioctl_common+0x145/0x410 [ 378.674460][T21885] ? selinux_file_ioctl+0x180/0x270 [ 378.676259][T21885] ? selinux_file_ioctl+0xb4/0x270 [ 378.678215][T21885] ? __pfx_tty_ioctl+0x10/0x10 [ 378.679905][T21885] __x64_sys_ioctl+0x18b/0x210 [ 378.681612][T21885] do_syscall_64+0xcd/0x4c0 [ 378.683187][T21885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 378.685047][T21885] RIP: 0033:0x7f4bfd98ebe9 [ 378.686616][T21885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 378.692663][T21885] RSP: 002b:00007f4bfe820038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 378.695335][T21885] RAX: ffffffffffffffda RBX: 00007f4bfdbb6090 RCX: 00007f4bfd98ebe9 [ 378.697813][T21885] RDX: 0000200000000440 RSI: 0000000000005412 RDI: 0000000000000004 [ 378.700443][T21885] RBP: 00007f4bfda11e19 R08: 0000000000000000 R09: 0000000000000000 [ 378.703058][T21885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 378.705592][T21885] R13: 00007f4bfdbb6128 R14: 00007f4bfdbb6090 R15: 00007ffd6c8af5e8 [ 378.708196][T21885] [ 378.709200][T21885] Modules linked in: [ 378.711105][ C1] hpet: Lost 5 RTC interrupts [ 378.713219][T21885] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 378.716602][T21885] RIP: 0010:h5_recv+0x104/0x950 [ 378.718748][T21885] Code: c1 e8 03 4c 01 f0 48 89 44 24 08 48 8d 83 08 03 00 00 48 89 44 24 30 48 c1 e8 03 48 89 44 24 10 e8 91 b4 40 f9 48 8b 44 24 08 <80> 38 00 0f 85 ae 01 00 00 48 89 ea 48 89 e9 4c 8b bb f8 02 00 00 [ 378.725129][T21885] RSP: 0018:ffffc900048ffc00 EFLAGS: 00010293 [ 378.727020][T21885] RAX: dffffc000000005f RBX: 0000000000000000 RCX: ffffffff887ad72a [ 378.729575][T21885] RDX: ffff888064804880 RSI: ffffffff887ad76f RDI: 0000000000000005 [ 378.732984][T21885] RBP: ffffc900048ffd88 R08: 0000000000000005 R09: 0000000000000000 [ 378.735851][T21885] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001 [ 378.738319][T21885] R13: 0000000000000001 R14: dffffc0000000000 R15: ffffffff8cb47920 [ 378.740873][T21885] FS: 00007f4bfe8206c0(0000) GS:ffff8880d67b9000(0000) knlGS:0000000000000000 [ 378.751805][T21885] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 378.754028][T21885] CR2: 0000200000000300 CR3: 000000004dcd8000 CR4: 0000000000352ef0 [ 378.756503][T21885] DR0: 0000000000000003 DR1: 0000000000000009 DR2: 0000000000000101 [ 378.759186][T21885] DR3: 0000000000000005 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 378.762210][T21885] Kernel panic - not syncing: Fatal exception [ 378.765207][T21885] Kernel Offset: disabled [ 378.766579][T21885] Rebooting in 86400 seconds.. VM DIAGNOSIS: 10:03:59 Registers: info registers vcpu 0 CPU#0 RAX=000000000028fb04 RBX=0000000000000000 RCX=ffffffff8b93bc29 RDX=ffffed100d486656 RSI=ffffffff8c162880 RDI=ffffffff81913331 RBP=fffffbfff1c52ef8 RSP=ffffffff8e207e08 R8 =0000000000000000 R9 =ffffed100d486655 R10=ffff88806a4332ab R11=0000000000000000 R12=0000000000000000 R13=ffffffff8e2977c0 R14=ffffffff90ab4c90 R15=0000000000000000 RIP=ffffffff8b93a78f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d66b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f4bfe840f98 CR3=0000000062ddf000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080040001 Opmask01=0000000020080810 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd6c8af970 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd6c8afaf6 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd6c8afaf6 00007ffd6c8afafc ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12e46 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12e53 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12e4d ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12e61 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12ee7 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12fc5 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000000000a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85643c85 RDI=ffffffff9b1110a0 RBP=ffffffff9b111060 RSP=ffffc900048ff600 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000004153414b R12=0000000000000000 R13=000000000000000a R14=ffffffff9b111060 R15=ffffffff85643c20 RIP=ffffffff85643caf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f4bfe8206c0 ffffffff 00c00000 GS =0000 ffff8880d67b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000000300 CR3=000000004dcd8000 CR4=00352ef0 DR0=0000000000000003 DR1=0000000000000009 DR2=0000000000000101 DR3=0000000000000005 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000020080810 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd6c8afaf6 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd6c8afaf6 00007ffd6c8afafc ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12e46 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12e53 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12e4d ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12e61 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12ee7 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12fc5 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfdb874a8 00007f4bfdb874a0 00007f4bfdb87498 00007f4bfdb87470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfe6ed100 00007f4bfdb87460 00007f4bfdb87478 00007f4bfdb874c0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfdb874b8 00007f4bfdb874b0 00007f4bfdb874a8 00007f4bfdb874a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000002ac944 RBX=0000000000000002 RCX=ffffffff8b93bc29 RDX=ffffed100d4c6656 RSI=ffffffff8c162880 RDI=ffffffff81913331 RBP=ffffed1003bd2910 RSP=ffffc90000187df8 R8 =0000000000000000 R9 =ffffed100d4c6655 R10=ffff88806a6332ab R11=0000000000000000 R12=0000000000000002 R13=ffff88801de94880 R14=ffffffff90ab4c90 R15=0000000000000000 RIP=ffffffff8b93a78f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d68b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f4bfe81ff98 CR3=000000004dcd8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000020080810 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd6c8afaf6 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd6c8afaf6 00007ffd6c8afafc ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12e46 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12e53 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12e4d ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12e61 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12ee7 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfda12fc5 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfdb874a8 00007f4bfdb874a0 00007f4bfdb87498 00007f4bfdb87470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfe6ed100 00007f4bfdb87460 00007f4bfdb87478 00007f4bfdb874c0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4bfdb874b8 00007f4bfdb874b0 00007f4bfdb874a8 00007f4bfdb874a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000002 RBX=ffff88802a949200 RCX=ffffffff84934c9d RDX=ffff88804cd88000 RSI=0000000000000000 RDI=0000000000000001 RBP=ffffffff8e4708e0 RSP=ffffc900040feb28 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000015646 R12=0000000000000000 R13=ffff88803206ab00 R14=0000000000000001 R15=ffff888024df42d0 RIP=ffffffff81bb8c00 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007fd911c246c0 ffffffff 00c01300 GS =0000 ffff8880d69b9000 ffffffff 00c01300 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000030 CR3=000000004e58c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff4a3fdf4b 00007fff4a3fdf4b ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff4a3fe450 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff4a3fe450 0000003000000018 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000