last executing test programs: 20m1.884516446s ago: executing program 0 (id=989): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWRULE={0x3c, 0x6, 0xa, 0xad3394dc192dae8b, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x10, 0x4, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @void}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_NEWTABLE={0x2c, 0x0, 0xa, 0x201, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x90}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) keyctl$clear(0x3, 0xfffffffffffffffd) syz_init_net_socket$ax25(0x3, 0x5, 0xca) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, 0x0, 0x80202, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000100), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x200100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f0000000140)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) 20m0.660021635s ago: executing program 0 (id=993): bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x18) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="340000001e00010026bd7000fedbdf250700", @ANYRES32=0x0], 0x34}, 0x1, 0x0, 0x0, 0x4008451}, 0x20000800) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, 0x0) sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(0xffffffffffffffff, 0x0, 0x4) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0, 0x75, 0x0, 0x0, 0x0, 0x2}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000", @ANYRES32=r2], 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x18) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000f80)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe50a10a000700014002020c600e41b0000900ac000a0501000000160012000a00ff150048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e970392", 0xc5}], 0x1}, 0x40080) 20m0.250220691s ago: executing program 0 (id=996): bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x18) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="340000001e00010026bd7000fedbdf250700", @ANYRES32=0x0], 0x34}, 0x1, 0x0, 0x0, 0x4008451}, 0x20000800) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, 0x0) sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(0xffffffffffffffff, 0x0, 0x4) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000e3ff0000000000004b64ffec850000006d00000085000000050000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0, 0x75, 0x0, 0x0, 0x0, 0x2}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000", @ANYRES32=r2], 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x18) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000f80)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe50a10a000700014002020c600e41b0000900ac000a0501000000160012000a00ff150048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e970392", 0xc5}], 0x1}, 0x40080) 19m59.053811925s ago: executing program 0 (id=998): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', &(0x7f00000000c0)='%(:2', 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040), 0x0) ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc044560f, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}], [], 0x2f}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80) getdents64(r3, &(0x7f0000000400)=""/4096, 0x1000) 19m56.672649723s ago: executing program 0 (id=1002): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001c000104000000000000000002000000", @ANYBLOB="040014000a000100000000000000000008"], 0x30}}, 0x0) landlock_create_ruleset(&(0x7f00000001c0)={0xa019, 0x1, 0x3}, 0x18, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000100"], 0x7c}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) rseq(0x0, 0x0, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r3, 0x0, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0xf, 0x491, 0x3, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) 19m55.706214081s ago: executing program 0 (id=1003): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x2c, 0x24, 0x200, 0x1, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xb, 0x5}, {0x3134da121b5383f4, 0xffff}, {0xa, 0x8}}, [@TCA_RATE={0x6, 0x5, {0x7, 0x9}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x4048084) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r0, &(0x7f0000000000), 0xfffffecc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) r4 = socket$inet6(0xa, 0x1, 0x0) r5 = dup2(r4, r4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', 0x0}) creat(&(0x7f0000000040)='./file0\x00', 0x24) ioctl$sock_inet6_SIOCDELRT(r5, 0x890c, &(0x7f00000000c0)={@remote, @private0, @empty, 0x40003, 0x40, 0x5, 0x100, 0x0, 0x590043, r6}) semctl$IPC_INFO(0x0, 0x3, 0x3, 0x0) r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f00000000c0)={0x1, 0x5d5c, 0x9}) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000001, 0x13, r7, 0x100300) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000003cc0)='./file0\x00', &(0x7f0000003d00)) geteuid() 19m40.703027794s ago: executing program 32 (id=1003): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x2c, 0x24, 0x200, 0x1, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xb, 0x5}, {0x3134da121b5383f4, 0xffff}, {0xa, 0x8}}, [@TCA_RATE={0x6, 0x5, {0x7, 0x9}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x4048084) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r0, &(0x7f0000000000), 0xfffffecc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) r4 = socket$inet6(0xa, 0x1, 0x0) r5 = dup2(r4, r4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', 0x0}) creat(&(0x7f0000000040)='./file0\x00', 0x24) ioctl$sock_inet6_SIOCDELRT(r5, 0x890c, &(0x7f00000000c0)={@remote, @private0, @empty, 0x40003, 0x40, 0x5, 0x100, 0x0, 0x590043, r6}) semctl$IPC_INFO(0x0, 0x3, 0x3, 0x0) r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f00000000c0)={0x1, 0x5d5c, 0x9}) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000001, 0x13, r7, 0x100300) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000003cc0)='./file0\x00', &(0x7f0000003d00)) geteuid() 8.193033652s ago: executing program 4 (id=6815): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fc00002}]}) socket$packet(0x11, 0x3, 0x300) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) setrlimit(0x7, &(0x7f0000000180)={0xfffffffe, 0x6}) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) r2 = socket(0x10, 0x3, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(cast6)\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$unix(r3, &(0x7f0000009a00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40040}}, {{&(0x7f0000000480)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000001100)=[@cred={{0x18}}], 0x18}}, {{&(0x7f0000001180)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4004000}}], 0x3, 0x0) sendmmsg(r2, &(0x7f0000000000), 0x400000000000235, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r2, 0x89f0, 0x0) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x2001, 0x0) r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5) openat$ppp(0xffffff9c, 0x0, 0x4340, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f000000fa00)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000001880)) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) r6 = syz_io_uring_setup(0x1e1e, &(0x7f0000000380)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000), &(0x7f0000000280)) io_uring_enter(r6, 0x48e9, 0x0, 0x2, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000500)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) 7.120116863s ago: executing program 4 (id=6818): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) getpriority(0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) mount(0x0, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x44021, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000f000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x108) socket$inet6_mptcp(0xa, 0x1, 0x106) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r2, &(0x7f0000006340)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r2, &(0x7f0000000280)={0x50, 0x0, r3, {0x7, 0x1f, 0x1, 0x8888b1, 0x0, 0x1, 0x2, 0xa, 0x0, 0x0, 0x2, 0x8}}, 0x50) syz_fuse_handle_req(r2, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0xa4901, 0x28) write$tcp_congestion(r4, &(0x7f00000000c0)='lp\x00', 0xfffffdef) dup2(r4, r2) bpf$PROG_LOAD(0x5, 0x0, 0x0) 6.175488792s ago: executing program 4 (id=6820): r0 = socket$inet6(0xa, 0x2, 0x0) getsockopt$sock_timeval(r0, 0x1, 0xa, &(0x7f0000000200), &(0x7f0000000400)=0x10) 6.092033659s ago: executing program 4 (id=6821): r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0x44, &(0x7f0000000340)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 3.140013759s ago: executing program 3 (id=6881): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000300)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000880)=@filter={'filter\x00', 0x4, 0x4, 0x320, 0xffffffff, 0x0, 0xec, 0x42c, 0xfeffffff, 0xffffffff, 0x618, 0x618, 0x618, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xa4, 0xc8}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x3}}}, {{@uncond, 0x0, 0xa4, 0xc8}, @REJECT={0x24}}, {{@uncond, 0x0, 0xa4, 0xc8}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x6}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x37c) 3.139800705s ago: executing program 3 (id=6882): prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10) r1 = socket(0x840000000002, 0x3, 0xff) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10) sendmmsg$inet(r1, &(0x7f00000003c0)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a90500040000746400009e150451160200000064", 0x14}, {&(0x7f0000000500)="17464039020000eedc81ba60ccbb9d94", 0x10}], 0x2}}, {{&(0x7f00000004c0)={0x2, 0x4e24, @multicast1}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000780)="5825be57aff9352b356be67ca2746357d1787b35", 0x14}], 0x1}}], 0x2, 0x4004040) 3.089249006s ago: executing program 3 (id=6884): syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="043e1d19"], 0x20) syz_usb_connect$printer(0x2, 0x0, 0x0, 0x0) fspick(0xffffffffffffffff, 0x0, 0x1) 3.009422436s ago: executing program 4 (id=6886): syz_usb_connect(0x2, 0x5e, &(0x7f0000000140)={{0x12, 0x1, 0x250, 0x1c, 0x2e, 0xa5, 0x10, 0xdfaf, 0x4900, 0xcb62, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x4c, 0x1, 0x0, 0x0, 0x30, 0x8, [{{0x9, 0x4, 0x20, 0x1, 0x0, 0x2, 0x2, 0x5, 0x40, [@cdc_ncm={{0x5}, {0x5, 0x24, 0x0, 0xfff3}, {0xd, 0x24, 0xf, 0x1, 0x32f, 0x1, 0x1, 0x4b}, {0x6, 0x24, 0x1a, 0x2, 0x26}}, @cdc_ncm={{0x5}, {0x5, 0x24, 0x0, 0x9}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x3, 0x7ff, 0x7}, {0x6, 0x24, 0x1a, 0x1, 0x10}}]}}]}}]}}, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0}) 2.499766758s ago: executing program 3 (id=6888): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r1 = fcntl$dupfd(r0, 0x406, r0) write$sndseq(r1, &(0x7f00000001c0)=[{0x82, 0x4, 0x0, 0x0, @time={0x8001, 0x1}, {0xb2, 0xb8}, {0x3, 0x1}, @raw32={[0x7, 0x200, 0xd]}}, {0x0, 0x0, 0x3, 0x84, @time={0x4800000, 0xfff}, {0x6, 0x4}, {0xc}, @connect={{0x1, 0xd}, {0x4, 0x9}}}], 0x38) 2.499661395s ago: executing program 3 (id=6889): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, 0x0, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000003c0)='cubic', 0xb) setsockopt$sock_int(r0, 0x1, 0x24, &(0x7f0000000100), 0x4) 2.419980266s ago: executing program 3 (id=6891): r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1b96, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x5, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\"\n'], 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f00000004c0)={0x18, 0x0, 0x0, 0x0, &(0x7f0000000380)={0x20, 0x1, 0x8, "54ec5a585e55a1a1"}, 0x0}) 1.817566834s ago: executing program 1 (id=6900): add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) write$binfmt_aout(r0, &(0x7f00000006c0)=ANY=[], 0xff2e) ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000200)={0x0, 0xfffffefc, 0x7c, 0xfffffffa, 0xc6, "84b53f5dc1d996eee7d479db86fe609ea2029b", 0x7f, 0x2}) 969.763241ms ago: executing program 1 (id=6905): openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 869.868482ms ago: executing program 1 (id=6906): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x80040, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x149002, 0x0) socket$kcm(0x11, 0x3, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x3, r0, 0x1}) unshare(0x20040600) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 869.663612ms ago: executing program 1 (id=6907): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9400000010000100"/20, @ANYRES32=r1, @ANYBLOB="0006000000000000240012800b00010067656e6576650000140002"], 0x94}, 0x1, 0x2, 0x0, 0x804}, 0x4) 816.56798ms ago: executing program 1 (id=6908): r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x48240) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000080)=[0x2], &(0x7f0000000200), &(0x7f00000001c0), 0x0, 0x1}) 749.599874ms ago: executing program 1 (id=6909): r0 = eventfd2(0xfffffffd, 0x80801) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x1, 0x803, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) r4 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'veth0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="5800000010000304002300"/20, @ANYRES32=0x0, @ANYBLOB="80000500010000002800128009000100766c616e00000000180002800c0002001e0000001f00000006000100fc0f000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r3, @ANYBLOB], 0x58}}, 0x8000) readv(r0, &(0x7f0000000080)=[{&(0x7f0000000240)=""/250, 0xfa}], 0x1) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_opts(r6, 0x29, 0x3b, &(0x7f0000000000)=@fragment={0x5c, 0x0, 0x1, 0x0, 0x0, 0xd, 0x65}, 0x8) listen(r6, 0x100101) recvfrom$inet6(r6, &(0x7f0000000040)=""/18, 0x12, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x1ff, @empty, 0x1}, 0x1c) accept4(r6, 0x0, 0x0, 0x80800) 149.698802ms ago: executing program 2 (id=6913): r0 = syz_open_dev$loop(&(0x7f0000000040), 0x1, 0x80000) ioctl$BLKZEROOUT(r0, 0x127f, 0x0) 149.485317ms ago: executing program 2 (id=6914): r0 = socket(0x2d, 0x2, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = openat$sequencer2(0xffffffffffffff9c, 0x0, 0x181603, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r2, 0x40085112, &(0x7f00000001c0)=@l={0x92, 0xe, 0xb0, 0x0, 0xc, 0xa}) r3 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2000001, 0x13, r3, 0x1e67e000) mremap(&(0x7f0000241000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000977000/0x1000)=nil) r4 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r1, 0x0, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x4}, {0xfff1, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$nl_route_sched(r1, 0x0, 0xc000) r6 = accept4$alg(r0, 0x0, 0x0, 0x800) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newtaction={0x64, 0x30, 0x871a15abc695fb3d, 0x70bd2a, 0x25dfdbfd, {}, [{0x50, 0x1, [@m_vlan={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x81, 0xffffadf3, 0x4, 0x6, 0x10000}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000044}, 0x0) openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) futex(&(0x7f000000cffc), 0xa, 0x1, 0x0, 0x0, 0xfffffffe) sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0) r8 = openat$autofs(0xffffff9c, &(0x7f0000000180), 0x802, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(r8, 0xc0189371, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r6}, './file0\x00'}) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x11d, 0x1b, 0x0, 0x0) r9 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2) ioctl$vim2m_VIDIOC_QUERYCAP(r9, 0x80685600, &(0x7f00000000c0)) 69.753911ms ago: executing program 2 (id=6915): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='bbr', 0x3) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10) 69.610783ms ago: executing program 2 (id=6916): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x880}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@delchain={0x3c, 0x64, 0xf31, 0x3, 0x4, {0x0, 0x0, 0x0, r3, {0x8, 0xffe0}, {0x10, 0xffff}, {0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_IPV4_SRC={0x8, 0x1b, @remote}]}}]}, 0x3c}}, 0x0) 212.108µs ago: executing program 2 (id=6917): syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="043e1d19"], 0x20) 107.657µs ago: executing program 2 (id=6918): syz_open_procfs(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000015) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x83, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4188aea7, 0x0) 0s ago: executing program 4 (id=6919): r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r1 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x2) ftruncate(r1, 0xffff) fcntl$addseals(r1, 0x409, 0x7) ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000000)={r1, 0x0, 0x0, 0x8000}) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff7ff9}]}) close_range(r2, 0xffffffffffffffff, 0x0) 0s ago: executing program 4 (id=6920): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0]) mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040)) chdir(&(0x7f0000000080)='./file0\x00') setpgid(r0, r0) setpgid(0x0, r0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r1, &(0x7f0000000040)=0x1f00, 0x12) mount(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): .6350" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 1515.620925][ T40] audit: type=1326 audit(1766433142.212:24140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30604 comm="syz.1.6350" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 1515.647538][ T5950] Bluetooth: hci4: unexpected event for opcode 0x2002 [ 1516.020223][ T40] audit: type=1326 audit(1766433142.212:24141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30604 comm="syz.1.6350" exe="/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 1516.026835][ T40] audit: type=1326 audit(1766433142.212:24142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30604 comm="syz.1.6350" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 1516.418302][T30619] netlink: zone id is out of range [ 1516.420058][T30619] netlink: del zone limit has 8 unknown bytes [ 1516.425780][T30619] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.6353'. [ 1516.792545][T30623] fuse: Bad value for 'rootmode' [ 1517.893237][T30637] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1517.902150][T30637] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6356'. [ 1518.118899][T30643] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 1518.120994][T30643] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 1518.190435][T30643] vhci_hcd vhci_hcd.0: Device attached [ 1518.548987][T24911] usb 40-1: SetAddress Request (58) to port 0 [ 1518.551034][T24911] usb 40-1: new SuperSpeed USB device number 58 using vhci_hcd [ 1518.729885][T30645] vhci_hcd: connection reset by peer [ 1518.733109][ T4946] vhci_hcd vhci_hcd.1: stop threads [ 1518.735261][ T4946] vhci_hcd vhci_hcd.1: release socket [ 1518.737550][ T4946] vhci_hcd vhci_hcd.1: disconnect device [ 1518.849612][T30659] fuse: Bad value for 'fd' [ 1519.162400][T30663] fuse: Bad value for 'rootmode' [ 1519.645317][T30665] FAULT_INJECTION: forcing a failure. [ 1519.645317][T30665] name failslab, interval 1, probability 0, space 0, times 0 [ 1519.649337][T30665] CPU: 3 UID: 0 PID: 30665 Comm: syz.2.6367 Tainted: G L syzkaller #0 PREEMPT(full) [ 1519.649355][T30665] Tainted: [L]=SOFTLOCKUP [ 1519.649359][T30665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1519.649366][T30665] Call Trace: [ 1519.649371][T30665] [ 1519.649375][T30665] dump_stack_lvl+0x16c/0x1f0 [ 1519.649396][T30665] should_fail_ex+0x512/0x640 [ 1519.649409][T30665] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 1519.649425][T30665] should_failslab+0xc2/0x120 [ 1519.649442][T30665] kmem_cache_alloc_node_noprof+0x86/0x800 [ 1519.649456][T30665] ? __alloc_skb+0x156/0x410 [ 1519.649471][T30665] ? __alloc_skb+0x156/0x410 [ 1519.649482][T30665] __alloc_skb+0x156/0x410 [ 1519.649493][T30665] ? __alloc_skb+0x35d/0x410 [ 1519.649505][T30665] ? __pfx___alloc_skb+0x10/0x10 [ 1519.649517][T30665] ? is_bpf_text_address+0x8a/0x1a0 [ 1519.649533][T30665] ? bpf_ksym_find+0x124/0x1c0 [ 1519.649547][T30665] alloc_skb_with_frags+0xe0/0x860 [ 1519.649562][T30665] ? unwind_get_return_address+0x59/0xa0 [ 1519.649581][T30665] sock_alloc_send_pskb+0x7f9/0x980 [ 1519.649593][T30665] ? __lock_acquire+0x436/0x2890 [ 1519.649608][T30665] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 1519.649620][T30665] ? __pfx___might_resched+0x10/0x10 [ 1519.649636][T30665] ? find_held_lock+0x2b/0x80 [ 1519.649653][T30665] ? aa_sk_perm+0x2f2/0xae0 [ 1519.649667][T30665] hci_sock_sendmsg+0x1c7/0x26b0 [ 1519.649686][T30665] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 1519.649702][T30665] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 1519.649723][T30665] sock_write_iter+0x566/0x610 [ 1519.649740][T30665] ? __pfx_sock_write_iter+0x10/0x10 [ 1519.649762][T30665] ? bpf_lsm_file_permission+0x9/0x10 [ 1519.649775][T30665] ? security_file_permission+0x71/0x210 [ 1519.649790][T30665] ? rw_verify_area+0xcf/0x6c0 [ 1519.649806][T30665] vfs_write+0x7d3/0x11d0 [ 1519.649822][T30665] ? __pfx_sock_write_iter+0x10/0x10 [ 1519.649841][T30665] ? __pfx_vfs_write+0x10/0x10 [ 1519.649855][T30665] ? find_held_lock+0x2b/0x80 [ 1519.649877][T30665] ksys_write+0x1f8/0x250 [ 1519.649892][T30665] ? __pfx_ksys_write+0x10/0x10 [ 1519.649908][T30665] ? do_user_addr_fault+0x843/0x1370 [ 1519.649924][T30665] __do_fast_syscall_32+0xe8/0x680 [ 1519.649944][T30665] do_fast_syscall_32+0x32/0x80 [ 1519.649954][T30665] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1519.649968][T30665] RIP: 0023:0xf7f87579 [ 1519.649977][T30665] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1519.649988][T30665] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 1519.649999][T30665] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000080 [ 1519.650006][T30665] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000000 [ 1519.650013][T30665] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1519.650019][T30665] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1519.650025][T30665] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1519.650038][T30665] [ 1519.977694][T30672] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1519.981665][T30672] UDF-fs: Scanning with blocksize 2048 failed [ 1519.991256][T30672] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1519.993614][T30672] UDF-fs: Scanning with blocksize 4096 failed [ 1521.323761][T30683] netlink: 'syz.2.6373': attribute type 10 has an invalid length. [ 1521.327265][T30683] hsr0: entered promiscuous mode [ 1521.329749][T30683] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 1521.354001][T30684] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1521.361023][T30684] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6366'. [ 1521.379965][ T40] kauditd_printk_skb: 73 callbacks suppressed [ 1521.379982][ T40] audit: type=1326 audit(1766433148.162:24216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30675 comm="syz.3.6366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1521.383447][T30683] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 1521.397508][T30683] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 1521.398084][ T40] audit: type=1326 audit(1766433148.162:24217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30675 comm="syz.3.6366" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1521.428212][ T40] audit: type=1326 audit(1766433148.162:24218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30675 comm="syz.3.6366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1521.437893][ T40] audit: type=1326 audit(1766433148.162:24219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30675 comm="syz.3.6366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1521.447773][ T40] audit: type=1326 audit(1766433148.162:24220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30675 comm="syz.3.6366" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1521.456823][ T40] audit: type=1326 audit(1766433148.162:24221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30675 comm="syz.3.6366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1521.465962][ T40] audit: type=1326 audit(1766433148.162:24222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30675 comm="syz.3.6366" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1521.495898][ T40] audit: type=1326 audit(1766433148.172:24223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30675 comm="syz.3.6366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1521.516444][T30688] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1521.518889][T30688] UDF-fs: Scanning with blocksize 2048 failed [ 1521.522061][T30688] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1521.524508][T30688] UDF-fs: Scanning with blocksize 4096 failed [ 1521.543464][ T40] audit: type=1326 audit(1766433148.172:24224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30675 comm="syz.3.6366" exe="/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1521.593217][T30685] sctp: [Deprecated]: syz.4.6371 (pid 30685) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1521.593217][T30685] Use struct sctp_sack_info instead [ 1521.604655][ T40] audit: type=1326 audit(1766433148.172:24225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30675 comm="syz.3.6366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1521.710781][T30690] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 1521.721582][T30690] team0: Port device batadv1 added [ 1522.513455][T30701] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1522.522142][T30701] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6376'. [ 1522.627399][T30700] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1522.665239][T30700] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6375'. [ 1522.681194][T30704] FAULT_INJECTION: forcing a failure. [ 1522.681194][T30704] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1522.685798][T30704] CPU: 0 UID: 0 PID: 30704 Comm: syz.1.6377 Tainted: G L syzkaller #0 PREEMPT(full) [ 1522.685816][T30704] Tainted: [L]=SOFTLOCKUP [ 1522.685820][T30704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1522.685827][T30704] Call Trace: [ 1522.685831][T30704] [ 1522.685836][T30704] dump_stack_lvl+0x16c/0x1f0 [ 1522.685857][T30704] should_fail_ex+0x512/0x640 [ 1522.685873][T30704] _copy_from_user+0x2e/0xd0 [ 1522.685887][T30704] get_compat_msghdr+0xa7/0x170 [ 1522.685902][T30704] ? __pfx_get_compat_msghdr+0x10/0x10 [ 1522.685921][T30704] ___sys_sendmsg+0x1ae/0x1d0 [ 1522.685936][T30704] ? __pfx____sys_sendmsg+0x10/0x10 [ 1522.685956][T30704] ? find_held_lock+0x2b/0x80 [ 1522.685979][T30704] __sys_sendmsg+0x16d/0x220 [ 1522.685993][T30704] ? __pfx___sys_sendmsg+0x10/0x10 [ 1522.686012][T30704] ? fput+0x70/0xf0 [ 1522.686026][T30704] __do_fast_syscall_32+0xe8/0x680 [ 1522.686045][T30704] do_fast_syscall_32+0x32/0x80 [ 1522.686057][T30704] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1522.686077][T30704] RIP: 0023:0xf70ed579 [ 1522.686090][T30704] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1522.686101][T30704] RSP: 002b:00000000f54dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 1522.686112][T30704] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000480 [ 1522.686119][T30704] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 1522.686126][T30704] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1522.686133][T30704] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1522.686139][T30704] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1522.686159][T30704] [ 1522.814834][T30709] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6379'. [ 1523.010615][T30711] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6380'. [ 1523.013897][T30711] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6380'. [ 1523.021527][T30711] vlan2: entered allmulticast mode [ 1523.023244][T30711] hsr0: entered allmulticast mode [ 1523.024969][T30711] hsr_slave_0: entered allmulticast mode [ 1523.026811][T30711] hsr_slave_1: entered allmulticast mode [ 1523.131590][T30714] FAULT_INJECTION: forcing a failure. [ 1523.131590][T30714] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1523.136344][T30714] CPU: 0 UID: 0 PID: 30714 Comm: syz.1.6381 Tainted: G L syzkaller #0 PREEMPT(full) [ 1523.136371][T30714] Tainted: [L]=SOFTLOCKUP [ 1523.136377][T30714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1523.136387][T30714] Call Trace: [ 1523.136394][T30714] [ 1523.136402][T30714] dump_stack_lvl+0x16c/0x1f0 [ 1523.136431][T30714] should_fail_ex+0x512/0x640 [ 1523.136453][T30714] _copy_from_user+0x2e/0xd0 [ 1523.136471][T30714] mptcp_setsockopt+0x13ef/0x3380 [ 1523.136493][T30714] ? __pfx_mptcp_setsockopt+0x10/0x10 [ 1523.136511][T30714] ? find_held_lock+0x2b/0x80 [ 1523.136535][T30714] ? aa_sock_opt_perm+0xfd/0x1b0 [ 1523.136561][T30714] ? sock_common_setsockopt+0x2e/0xf0 [ 1523.136585][T30714] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1523.136611][T30714] do_sock_setsockopt+0xf3/0x1d0 [ 1523.136638][T30714] __sys_setsockopt+0x120/0x1a0 [ 1523.136661][T30714] __ia32_sys_setsockopt+0xbc/0x160 [ 1523.136680][T30714] ? __do_fast_syscall_32+0x9a/0x680 [ 1523.136706][T30714] ? lockdep_hardirqs_on+0x7c/0x110 [ 1523.136730][T30714] __do_fast_syscall_32+0xe8/0x680 [ 1523.136757][T30714] do_fast_syscall_32+0x32/0x80 [ 1523.136772][T30714] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1523.136792][T30714] RIP: 0023:0xf70ed579 [ 1523.136805][T30714] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1523.136821][T30714] RSP: 002b:00000000f54bc55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 1523.136838][T30714] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000006 [ 1523.136849][T30714] RDX: 0000000000000019 RSI: 00000000800000c0 RDI: 0000000000000004 [ 1523.136859][T30714] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1523.136869][T30714] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1523.136878][T30714] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1523.136900][T30714] [ 1523.391969][T30716] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6382'. [ 1523.608955][T24911] usb 40-1: device descriptor read/8, error -110 [ 1523.958874][T30730] FAULT_INJECTION: forcing a failure. [ 1523.958874][T30730] name failslab, interval 1, probability 0, space 0, times 0 [ 1523.963116][T30730] CPU: 1 UID: 0 PID: 30730 Comm: syz.4.6383 Tainted: G L syzkaller #0 PREEMPT(full) [ 1523.963134][T30730] Tainted: [L]=SOFTLOCKUP [ 1523.963138][T30730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1523.963157][T30730] Call Trace: [ 1523.963163][T30730] [ 1523.963168][T30730] dump_stack_lvl+0x16c/0x1f0 [ 1523.963189][T30730] should_fail_ex+0x512/0x640 [ 1523.963202][T30730] ? fs_reclaim_acquire+0xae/0x150 [ 1523.963221][T30730] should_failslab+0xc2/0x120 [ 1523.963239][T30730] __kmalloc_noprof+0xeb/0x910 [ 1523.963252][T30730] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1523.963270][T30730] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1523.963289][T30730] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1523.963305][T30730] ? tomoyo_profile+0x47/0x60 [ 1523.963323][T30730] tomoyo_path_number_perm+0x245/0x580 [ 1523.963335][T30730] ? tomoyo_path_number_perm+0x237/0x580 [ 1523.963349][T30730] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1523.963375][T30730] ? find_held_lock+0x2b/0x80 [ 1523.963390][T30730] ? hook_file_ioctl_common+0x144/0x410 [ 1523.963406][T30730] ? __fget_files+0x20e/0x3c0 [ 1523.963422][T30730] ? __fput_deferred+0x480/0x480 [ 1523.963435][T30730] security_file_ioctl_compat+0x9b/0x240 [ 1523.963450][T30730] __ia32_compat_sys_ioctl+0xc3/0x370 [ 1523.963467][T30730] __do_fast_syscall_32+0xe8/0x680 [ 1523.963486][T30730] do_fast_syscall_32+0x32/0x80 [ 1523.963496][T30730] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1523.963511][T30730] RIP: 0023:0xf703d579 [ 1523.963520][T30730] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1523.963531][T30730] RSP: 002b:00000000f53eb55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 1523.963543][T30730] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000ae01 [ 1523.963550][T30730] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1523.963556][T30730] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1523.963562][T30730] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1523.963569][T30730] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1523.963582][T30730] [ 1523.963707][T30730] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1524.000490][T24911] usb usb40-port1: attempt power cycle [ 1524.291719][T30734] fuse: Bad value for 'fd' [ 1524.629738][T24911] usb usb40-port1: unable to enumerate USB device [ 1524.806348][T30744] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1524.808697][T30744] UDF-fs: Scanning with blocksize 2048 failed [ 1524.812943][T30744] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1524.815285][T30744] UDF-fs: Scanning with blocksize 4096 failed [ 1524.917724][T30746] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1525.684345][T30753] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6392'. [ 1526.378919][T24911] usb 6-1: new high-speed USB device number 49 using dummy_hcd [ 1526.442090][T30775] syz_tun: entered allmulticast mode [ 1526.528928][T24911] usb 6-1: Using ep0 maxpacket: 32 [ 1526.532645][T24911] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 1526.536099][T24911] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 1526.540847][T24911] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 1526.545450][T24911] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 1526.551052][T24911] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1526.555699][T24911] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 1526.559610][T24911] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 1526.563191][T24911] usb 6-1: Product: syz [ 1526.564991][T24911] usb 6-1: Manufacturer: syz [ 1526.566980][T24911] usb 6-1: SerialNumber: syz [ 1526.572538][T24911] usb 6-1: config 0 descriptor?? [ 1526.577234][T24911] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 1526.582398][T24911] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 1527.000331][T30787] macvlan2: entered allmulticast mode [ 1527.002391][T30787] veth1_vlan: entered allmulticast mode [ 1527.006828][T30787] veth1_vlan: left allmulticast mode [ 1527.275304][T30774] syz_tun: left allmulticast mode [ 1527.440970][ T40] kauditd_printk_skb: 161 callbacks suppressed [ 1527.440983][ T40] audit: type=1326 audit(1766433154.272:24387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30788 comm="syz.4.6400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1527.452533][ T40] audit: type=1326 audit(1766433154.272:24388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30788 comm="syz.4.6400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1527.460871][ T40] audit: type=1326 audit(1766433154.282:24389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30788 comm="syz.4.6400" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1527.461953][T30791] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1527.469404][ T40] audit: type=1326 audit(1766433154.282:24390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30788 comm="syz.4.6400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1527.480728][ T40] audit: type=1326 audit(1766433154.282:24391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30788 comm="syz.4.6400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1527.490527][ T40] audit: type=1326 audit(1766433154.282:24392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30788 comm="syz.4.6400" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1527.499839][ T40] audit: type=1326 audit(1766433154.282:24393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30788 comm="syz.4.6400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1527.507552][ T40] audit: type=1326 audit(1766433154.282:24394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30788 comm="syz.4.6400" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1527.516213][ T40] audit: type=1326 audit(1766433154.282:24395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30788 comm="syz.4.6400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1527.522710][ T40] audit: type=1326 audit(1766433154.282:24396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30788 comm="syz.4.6400" exe="/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1527.656582][T30793] netlink: 44 bytes leftover after parsing attributes in process `syz.2.6401'. [ 1527.699493][T30795] netlink: 'syz.2.6402': attribute type 1 has an invalid length. [ 1527.702637][T30795] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6402'. [ 1527.848549][T30798] IPVS: length: 218 != 24 [ 1527.851048][T30798] syz_tun: entered allmulticast mode [ 1527.946383][T30797] syz_tun: left allmulticast mode [ 1527.976990][T30801] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1527.979874][T30801] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1528.288923][T30804] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1528.291503][T30804] UDF-fs: Scanning with blocksize 2048 failed [ 1528.294306][T30804] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1528.296742][T30804] UDF-fs: Scanning with blocksize 4096 failed [ 1528.958421][T30812] FAULT_INJECTION: forcing a failure. [ 1528.958421][T30812] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1528.966277][T30812] CPU: 3 UID: 0 PID: 30812 Comm: syz.3.6407 Tainted: G L syzkaller #0 PREEMPT(full) [ 1528.966308][T30812] Tainted: [L]=SOFTLOCKUP [ 1528.966315][T30812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1528.966327][T30812] Call Trace: [ 1528.966333][T30812] [ 1528.966341][T30812] dump_stack_lvl+0x16c/0x1f0 [ 1528.966374][T30812] should_fail_ex+0x512/0x640 [ 1528.966399][T30812] _copy_from_user+0x2e/0xd0 [ 1528.966420][T30812] get_compat_msghdr+0xa7/0x170 [ 1528.966445][T30812] ? __pfx_get_compat_msghdr+0x10/0x10 [ 1528.966477][T30812] ___sys_sendmsg+0x1ae/0x1d0 [ 1528.966504][T30812] ? __pfx____sys_sendmsg+0x10/0x10 [ 1528.966540][T30812] ? find_held_lock+0x2b/0x80 [ 1528.966580][T30812] __sys_sendmsg+0x16d/0x220 [ 1528.966604][T30812] ? __pfx___sys_sendmsg+0x10/0x10 [ 1528.966637][T30812] ? do_user_addr_fault+0x843/0x1370 [ 1528.966666][T30812] __do_fast_syscall_32+0xe8/0x680 [ 1528.966698][T30812] do_fast_syscall_32+0x32/0x80 [ 1528.966716][T30812] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1528.966739][T30812] RIP: 0023:0xf7f75579 [ 1528.966754][T30812] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1528.966773][T30812] RSP: 002b:00000000f544555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 1528.966791][T30812] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100 [ 1528.966803][T30812] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1528.966813][T30812] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1528.966823][T30812] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1528.966834][T30812] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1528.966858][T30812] [ 1529.187203][T25115] usb 6-1: USB disconnect, device number 49 [ 1529.190579][T25115] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 1529.712015][T30825] random: crng reseeded on system resumption [ 1530.274813][T30829] netlink: 'syz.3.6412': attribute type 10 has an invalid length. [ 1530.277798][T30829] hsr0: entered promiscuous mode [ 1530.286818][T30829] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 1530.291823][T30829] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 1530.297314][T30829] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 1530.427347][T30823] tipc: Failed to obtain node identity [ 1530.429284][T30823] tipc: Enabling of bearer rejected, failed to enable media [ 1530.513031][T30833] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 1530.524327][T30833] team0: Port device batadv1 added [ 1531.865183][T25115] libceph: connect (1)[c::]:6789 error -101 [ 1531.867511][T25115] libceph: mon0 (1)[c::]:6789 connect error [ 1531.899275][T30856] ceph: No mds server is up or the cluster is laggy [ 1532.202546][T30862] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1532.205855][T30862] UDF-fs: Scanning with blocksize 2048 failed [ 1532.211994][T30862] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1532.214880][T30862] UDF-fs: Scanning with blocksize 4096 failed [ 1532.789154][T25115] usb 6-1: new high-speed USB device number 50 using dummy_hcd [ 1532.942901][T25115] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1532.951399][T25115] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 1532.955993][T25115] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1532.963583][T25115] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 1532.968317][T25115] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 1532.982942][T25115] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1532.987008][T25115] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1532.994290][T25115] usb 6-1: Product: syz [ 1533.053297][T25115] usb 6-1: Manufacturer: syz [ 1533.171274][T25115] cdc_wdm 6-1:1.0: skipping garbage [ 1533.173354][T25115] cdc_wdm 6-1:1.0: skipping garbage [ 1533.177043][T25115] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 1533.188867][T25115] cdc_wdm 6-1:1.0: Unknown control protocol [ 1533.311253][T30868] tipc: Enabling of bearer rejected, already enabled [ 1533.315772][ T5950] Bluetooth: hci4: unexpected event for opcode 0x5ea6 [ 1534.615723][T30893] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6426'. [ 1535.569452][T26327] usb 6-1: USB disconnect, device number 50 [ 1535.700395][T30898] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1535.702721][T30898] UDF-fs: Scanning with blocksize 2048 failed [ 1535.705266][T30898] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1535.707743][T30898] UDF-fs: Scanning with blocksize 4096 failed [ 1536.748374][T30920] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1536.751937][T30920] UDF-fs: Scanning with blocksize 2048 failed [ 1536.756379][T30920] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1536.759743][T30920] UDF-fs: Scanning with blocksize 4096 failed [ 1538.016758][T30935] FAULT_INJECTION: forcing a failure. [ 1538.016758][T30935] name failslab, interval 1, probability 0, space 0, times 0 [ 1538.022150][T30935] CPU: 1 UID: 0 PID: 30935 Comm: syz.1.6436 Tainted: G L syzkaller #0 PREEMPT(full) [ 1538.022190][T30935] Tainted: [L]=SOFTLOCKUP [ 1538.022197][T30935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1538.022209][T30935] Call Trace: [ 1538.022217][T30935] [ 1538.022225][T30935] dump_stack_lvl+0x16c/0x1f0 [ 1538.022257][T30935] should_fail_ex+0x512/0x640 [ 1538.022280][T30935] ? fs_reclaim_acquire+0xae/0x150 [ 1538.022310][T30935] should_failslab+0xc2/0x120 [ 1538.022340][T30935] __kmalloc_noprof+0xeb/0x910 [ 1538.022364][T30935] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1538.022394][T30935] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1538.022420][T30935] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1538.022448][T30935] ? tomoyo_profile+0x47/0x60 [ 1538.022478][T30935] tomoyo_path_number_perm+0x245/0x580 [ 1538.022499][T30935] ? tomoyo_path_number_perm+0x237/0x580 [ 1538.022522][T30935] ? lock_acquire+0x174/0x330 [ 1538.022539][T30935] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1538.022568][T30935] ? finish_task_switch.isra.0+0x202/0xbd0 [ 1538.022617][T30935] ? find_held_lock+0x2b/0x80 [ 1538.022642][T30935] ? hook_file_ioctl_common+0x144/0x410 [ 1538.022672][T30935] ? __fget_files+0x20e/0x3c0 [ 1538.022697][T30935] ? __fput_deferred+0x480/0x480 [ 1538.022719][T30935] security_file_ioctl_compat+0x9b/0x240 [ 1538.022746][T30935] __ia32_compat_sys_ioctl+0xc3/0x370 [ 1538.022773][T30935] __do_fast_syscall_32+0xe8/0x680 [ 1538.022805][T30935] do_fast_syscall_32+0x32/0x80 [ 1538.022824][T30935] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1538.022848][T30935] RIP: 0023:0xf70ed579 [ 1538.022864][T30935] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1538.022888][T30935] RSP: 002b:00000000f549b55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 1538.022905][T30935] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000560a [ 1538.022917][T30935] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 1538.022930][T30935] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1538.022943][T30935] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1538.022953][T30935] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1538.022977][T30935] [ 1538.023024][T30935] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1538.689062][ T5983] usb 6-1: new high-speed USB device number 51 using dummy_hcd [ 1538.841288][ T5983] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1538.844737][ T5983] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 1538.850056][ T5983] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1538.853586][ T5983] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 1538.857128][ T5983] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 1538.863127][ T5983] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1538.866812][ T5983] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1538.870380][ T5983] usb 6-1: Product: syz [ 1538.872123][ T5983] usb 6-1: Manufacturer: syz [ 1538.882135][ T5983] cdc_wdm 6-1:1.0: skipping garbage [ 1538.884403][ T5983] cdc_wdm 6-1:1.0: skipping garbage [ 1538.888467][ T5983] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 1538.891278][ T5983] cdc_wdm 6-1:1.0: Unknown control protocol [ 1540.115832][T30953] netlink: 'syz.3.6441': attribute type 10 has an invalid length. [ 1540.120294][T30953] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 1540.126654][T30953] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 1540.131601][T30953] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 1540.247904][T30955] 8021q: adding VLAN 0 to HW filter on device batadv2 [ 1540.252316][T30955] team0: Port device batadv2 added [ 1541.598992][T25115] usb 6-1: USB disconnect, device number 51 [ 1542.947523][T30977] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1542.950627][T30977] UDF-fs: Scanning with blocksize 2048 failed [ 1542.956205][T30977] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1542.959128][T30977] UDF-fs: Scanning with blocksize 4096 failed [ 1543.474428][T30986] loop2: detected capacity change from 0 to 7 [ 1543.478344][T30986] Dev loop2: unable to read RDB block 7 [ 1543.481175][T30986] loop2: unable to read partition table [ 1543.484139][T30986] loop2: partition table beyond EOD, truncated [ 1543.487284][T30986] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 1543.722643][ T5351] Dev loop2: unable to read RDB block 7 [ 1543.725221][ T5351] loop2: unable to read partition table [ 1543.729761][ T5351] loop2: partition table beyond EOD, truncated [ 1543.753339][T30985] netlink: 44 bytes leftover after parsing attributes in process `syz.1.6448'. [ 1543.958746][ T40] kauditd_printk_skb: 36 callbacks suppressed [ 1543.958764][ T40] audit: type=1326 audit(1766433170.772:24433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30990 comm="syz.1.6450" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 1543.994018][T30993] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1544.006344][T30993] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6450'. [ 1544.010587][T30995] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 1544.012675][T30995] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 1544.017363][ T40] audit: type=1326 audit(1766433170.772:24434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30990 comm="syz.1.6450" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 1544.019403][T30995] vhci_hcd vhci_hcd.0: Device attached [ 1544.024324][ T40] audit: type=1326 audit(1766433170.772:24435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30990 comm="syz.1.6450" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 1544.036435][ T40] audit: type=1326 audit(1766433170.772:24436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30990 comm="syz.1.6450" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 1544.044661][ T40] audit: type=1326 audit(1766433170.772:24437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30990 comm="syz.1.6450" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 1544.058900][ T40] audit: type=1326 audit(1766433170.772:24438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30990 comm="syz.1.6450" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 1544.085627][ T40] audit: type=1326 audit(1766433170.772:24439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30990 comm="syz.1.6450" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 1544.086031][ T40] audit: type=1326 audit(1766433170.772:24440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30990 comm="syz.1.6450" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 1544.086154][ T40] audit: type=1326 audit(1766433170.772:24441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30990 comm="syz.1.6450" exe="/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 1544.086223][ T40] audit: type=1326 audit(1766433170.772:24442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30990 comm="syz.1.6450" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000 [ 1544.328983][T26327] usb 42-1: SetAddress Request (30) to port 0 [ 1544.331957][T26327] usb 42-1: new SuperSpeed USB device number 30 using vhci_hcd [ 1544.681619][T30996] vhci_hcd: connection reset by peer [ 1544.683182][T31007] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1544.707660][ T4946] vhci_hcd vhci_hcd.2: stop threads [ 1544.709905][ T4946] vhci_hcd vhci_hcd.2: release socket [ 1544.711917][ T4946] vhci_hcd vhci_hcd.2: disconnect device [ 1545.082982][T31010] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1545.085903][T31010] UDF-fs: Scanning with blocksize 2048 failed [ 1545.089777][T31010] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1545.092193][T31010] UDF-fs: Scanning with blocksize 4096 failed [ 1545.657742][T31013] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6454'. [ 1545.806568][T31018] netlink: 2012 bytes leftover after parsing attributes in process `syz.3.6455'. [ 1545.809706][T31018] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6455'. [ 1546.314897][T31030] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6457'. [ 1546.578901][T25115] usb 6-1: new high-speed USB device number 52 using dummy_hcd [ 1546.730049][T25115] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1546.733502][T25115] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 1546.737779][T25115] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1546.741689][T25115] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1546.746367][T25115] usb 6-1: config 0 descriptor?? [ 1546.750804][T25115] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 1546.835245][T31034] netlink: 44 bytes leftover after parsing attributes in process `syz.4.6460'. [ 1547.096701][T31045] tipc: Can't bind to reserved service type 1 [ 1547.204412][T31047] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1547.208375][T31047] UDF-fs: Scanning with blocksize 2048 failed [ 1547.220455][T31047] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1547.225053][T31047] UDF-fs: Scanning with blocksize 4096 failed [ 1548.044893][ T5950] Bluetooth: hci4: unexpected event for opcode 0x2002 [ 1548.100269][T25260] usb 6-1: USB disconnect, device number 52 [ 1548.250142][T31060] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1548.252841][T31060] UDF-fs: Scanning with blocksize 2048 failed [ 1548.273985][T31060] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1548.279379][T31060] UDF-fs: Scanning with blocksize 4096 failed [ 1549.369308][T26327] usb 42-1: device descriptor read/8, error -110 [ 1549.759808][T26327] usb usb42-port1: attempt power cycle [ 1550.379677][T26327] usb usb42-port1: unable to enumerate USB device [ 1551.751874][T31093] tipc: Failed to obtain node identity [ 1551.753788][T31093] tipc: Enabling of bearer rejected, failed to enable media [ 1551.886279][T31096] FAULT_INJECTION: forcing a failure. [ 1551.886279][T31096] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1551.909959][T31096] CPU: 3 UID: 0 PID: 31096 Comm: syz.4.6473 Tainted: G L syzkaller #0 PREEMPT(full) [ 1551.909997][T31096] Tainted: [L]=SOFTLOCKUP [ 1551.910004][T31096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1551.910015][T31096] Call Trace: [ 1551.910022][T31096] [ 1551.910030][T31096] dump_stack_lvl+0x16c/0x1f0 [ 1551.910063][T31096] should_fail_ex+0x512/0x640 [ 1551.910088][T31096] _copy_from_user+0x2e/0xd0 [ 1551.910109][T31096] copy_clone_args_from_user+0x150/0x7e0 [ 1551.910138][T31096] ? get_pid_task+0xfc/0x250 [ 1551.910155][T31096] ? __pfx_copy_clone_args_from_user+0x10/0x10 [ 1551.910194][T31096] __do_sys_clone3+0xbd/0x290 [ 1551.910221][T31096] ? __pfx___do_sys_clone3+0x10/0x10 [ 1551.910261][T31096] ? __fget_files+0x20e/0x3c0 [ 1551.910297][T31096] ? do_user_addr_fault+0x843/0x1370 [ 1551.910325][T31096] __do_fast_syscall_32+0xe8/0x680 [ 1551.910356][T31096] do_fast_syscall_32+0x32/0x80 [ 1551.910373][T31096] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1551.910396][T31096] RIP: 0023:0xf703d579 [ 1551.910411][T31096] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1551.910429][T31096] RSP: 002b:00000000f540c42c EFLAGS: 00000286 ORIG_RAX: 00000000000001b3 [ 1551.910447][T31096] RAX: ffffffffffffffda RBX: 00000000f540c460 RCX: 0000000000000058 [ 1551.910458][T31096] RDX: 0000000000000000 RSI: 000000000a802000 RDI: 0000000000000000 [ 1551.910469][T31096] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1551.910480][T31096] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1551.910491][T31096] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1551.910515][T31096] [ 1552.176106][T31105] debugfs: 'ttyS3' already exists in 'caif_serial' [ 1552.974339][T31116] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6479'. [ 1553.034967][T31117] 9p: Bad value for 'rfdno' [ 1553.038290][T31117] loop5: detected capacity change from 0 to 7 [ 1553.043829][T31117] Dev loop5: unable to read RDB block 7 [ 1553.046141][T31117] loop5: AHDI p1 p2 [ 1553.047840][T31117] loop5: partition table partially beyond EOD, truncated [ 1553.051000][T31117] loop5: p1 start 1702000233 is beyond EOD, truncated [ 1553.519012][T26327] usb 6-1: new high-speed USB device number 53 using dummy_hcd [ 1553.670512][T26327] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 1553.674345][T26327] usb 6-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 1553.677480][T26327] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1553.698879][T26327] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1553.865068][T31124] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1553.874982][T31124] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1553.930868][T16888] usb 6-1: USB disconnect, device number 53 [ 1554.075566][T31127] ALSA: mixer_oss: invalid OSS volume '' [ 1554.086220][T31127] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 1554.089053][T31127] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 1554.092489][T31127] vhci_hcd vhci_hcd.0: Device attached [ 1554.270734][T26327] vhci_hcd vhci_hcd.3: vhci_device speed not set [ 1554.329003][T26327] usb 43-1: new low-speed USB device number 4 using vhci_hcd [ 1554.336741][T31128] vhci_hcd: connection reset by peer [ 1554.338768][T24874] vhci_hcd vhci_hcd.3: stop threads [ 1554.340574][T24874] vhci_hcd vhci_hcd.3: release socket [ 1554.342390][T24874] vhci_hcd vhci_hcd.3: disconnect device [ 1554.664072][T31137] fuse: Unknown parameter 'user_id00000000000000000000' [ 1556.815669][ T40] kauditd_printk_skb: 76 callbacks suppressed [ 1556.815837][ T40] audit: type=1326 audit(1766433183.642:24519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31159 comm="syz.4.6491" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1556.907809][ T40] audit: type=1326 audit(1766433183.732:24520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31159 comm="syz.4.6491" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1556.928902][ T40] audit: type=1326 audit(1766433183.742:24521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31159 comm="syz.4.6491" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1556.935920][ T40] audit: type=1326 audit(1766433183.742:24522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31159 comm="syz.4.6491" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1556.958467][ T40] audit: type=1326 audit(1766433183.752:24523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31159 comm="syz.4.6491" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1556.975390][ T40] audit: type=1326 audit(1766433183.752:24524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31159 comm="syz.4.6491" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1556.987629][ T40] audit: type=1326 audit(1766433183.762:24525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31159 comm="syz.4.6491" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1556.997309][ T40] audit: type=1326 audit(1766433183.772:24526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31159 comm="syz.4.6491" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1557.017236][T31168] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1557.020937][T31169] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6493'. [ 1557.021950][T31168] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1557.288598][ T40] audit: type=1326 audit(1766433184.112:24527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31159 comm="syz.4.6491" exe="/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1557.305895][ T40] audit: type=1326 audit(1766433184.112:24528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31159 comm="syz.4.6491" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1557.337687][T31161] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1557.343179][T31161] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6491'. [ 1557.708207][T31181] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1557.763903][T31182] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1557.800348][T31181] UDF-fs: Scanning with blocksize 2048 failed [ 1557.801798][T31182] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6496'. [ 1557.948253][T31181] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1557.950853][T31181] UDF-fs: Scanning with blocksize 4096 failed [ 1557.973486][T31177] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1557.984100][T31177] UDF-fs: Scanning with blocksize 2048 failed [ 1557.992509][T31177] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1557.995033][T31177] UDF-fs: Scanning with blocksize 4096 failed [ 1558.801630][T31189] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1558.807839][T31189] UDF-fs: Scanning with blocksize 2048 failed [ 1558.827161][T31189] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1558.831636][T31189] UDF-fs: Scanning with blocksize 4096 failed [ 1559.549086][T26327] vhci_hcd vhci_hcd.3: vhci_device speed not set [ 1560.063942][T31202] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6501'. [ 1560.067467][T31202] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6501'. [ 1560.327582][T31213] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1560.333184][T31213] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1560.514758][T31216] FAULT_INJECTION: forcing a failure. [ 1560.514758][T31216] name failslab, interval 1, probability 0, space 0, times 0 [ 1560.519722][T31216] CPU: 0 UID: 0 PID: 31216 Comm: syz.3.6505 Tainted: G L syzkaller #0 PREEMPT(full) [ 1560.519752][T31216] Tainted: [L]=SOFTLOCKUP [ 1560.519756][T31216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1560.519763][T31216] Call Trace: [ 1560.519767][T31216] [ 1560.519772][T31216] dump_stack_lvl+0x16c/0x1f0 [ 1560.519794][T31216] should_fail_ex+0x512/0x640 [ 1560.519807][T31216] ? fs_reclaim_acquire+0xae/0x150 [ 1560.519826][T31216] should_failslab+0xc2/0x120 [ 1560.519843][T31216] __kmalloc_noprof+0xeb/0x910 [ 1560.519856][T31216] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1560.519874][T31216] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1560.519889][T31216] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1560.519906][T31216] ? tomoyo_profile+0x47/0x60 [ 1560.519924][T31216] tomoyo_path_number_perm+0x245/0x580 [ 1560.519936][T31216] ? tomoyo_path_number_perm+0x237/0x580 [ 1560.519949][T31216] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1560.519976][T31216] ? find_held_lock+0x2b/0x80 [ 1560.519991][T31216] ? hook_file_ioctl_common+0x144/0x410 [ 1560.520020][T31216] ? __fget_files+0x20e/0x3c0 [ 1560.520035][T31216] ? __fput_deferred+0x480/0x480 [ 1560.520048][T31216] security_file_ioctl_compat+0x9b/0x240 [ 1560.520064][T31216] __ia32_compat_sys_ioctl+0xc3/0x370 [ 1560.520080][T31216] __do_fast_syscall_32+0xe8/0x680 [ 1560.520099][T31216] do_fast_syscall_32+0x32/0x80 [ 1560.520109][T31216] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1560.520124][T31216] RIP: 0023:0xf7f75579 [ 1560.520133][T31216] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1560.520144][T31216] RSP: 002b:00000000f546655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 1560.520155][T31216] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000040086203 [ 1560.520162][T31216] RDX: 00000000800001c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 1560.520169][T31216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1560.520176][T31216] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1560.520182][T31216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1560.520196][T31216] [ 1560.520709][T31216] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1560.965082][T31219] fuse: Unknown parameter 'user_id00000000000000000000' [ 1561.148698][T31227] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1561.156469][T31227] UDF-fs: Scanning with blocksize 2048 failed [ 1561.163348][T31227] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1561.165770][T31227] UDF-fs: Scanning with blocksize 4096 failed [ 1561.301010][T31232] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1561.305889][T31232] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6510'. [ 1562.000811][T31233] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6508'. [ 1562.197203][ T40] kauditd_printk_skb: 84 callbacks suppressed [ 1562.197220][ T40] audit: type=1326 audit(1766433189.022:24613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31234 comm="syz.3.6511" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1562.209183][ T40] audit: type=1326 audit(1766433189.022:24614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31234 comm="syz.3.6511" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1562.218148][ T40] audit: type=1326 audit(1766433189.032:24615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31234 comm="syz.3.6511" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1562.234056][T31242] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1562.234187][ T40] audit: type=1326 audit(1766433189.032:24616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31234 comm="syz.3.6511" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1562.243057][T31242] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6511'. [ 1562.249031][ T40] audit: type=1326 audit(1766433189.032:24617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31234 comm="syz.3.6511" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1562.258663][ T40] audit: type=1326 audit(1766433189.032:24618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31234 comm="syz.3.6511" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1562.267084][ T40] audit: type=1326 audit(1766433189.032:24619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31234 comm="syz.3.6511" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1562.276553][ T40] audit: type=1326 audit(1766433189.032:24620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31234 comm="syz.3.6511" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1562.285687][ T40] audit: type=1326 audit(1766433189.042:24621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31234 comm="syz.3.6511" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1562.295919][ T40] audit: type=1326 audit(1766433189.042:24622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31234 comm="syz.3.6511" exe="/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1562.492260][T31249] netlink: 'syz.2.6516': attribute type 10 has an invalid length. [ 1562.495627][T31249] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 1562.500788][T31249] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 1562.505873][T31249] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 1562.628147][T31251] 8021q: adding VLAN 0 to HW filter on device batadv2 [ 1562.631449][T31251] team0: Port device batadv2 added [ 1563.228337][T31253] tipc: Failed to obtain node identity [ 1563.230707][T31253] tipc: Enabling of bearer rejected, failed to enable media [ 1563.235411][ T5950] Bluetooth: hci3: unexpected event for opcode 0x5ea6 [ 1563.805464][T31274] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1563.812232][T31274] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6521'. [ 1564.459185][T31287] FAULT_INJECTION: forcing a failure. [ 1564.459185][T31287] name failslab, interval 1, probability 0, space 0, times 0 [ 1564.464429][T31287] CPU: 0 UID: 0 PID: 31287 Comm: syz.3.6524 Tainted: G L syzkaller #0 PREEMPT(full) [ 1564.464458][T31287] Tainted: [L]=SOFTLOCKUP [ 1564.464478][T31287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1564.464491][T31287] Call Trace: [ 1564.464498][T31287] [ 1564.464506][T31287] dump_stack_lvl+0x16c/0x1f0 [ 1564.464539][T31287] should_fail_ex+0x512/0x640 [ 1564.464560][T31287] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 1564.464587][T31287] should_failslab+0xc2/0x120 [ 1564.464615][T31287] kmem_cache_alloc_node_noprof+0x86/0x800 [ 1564.464638][T31287] ? __alloc_skb+0x156/0x410 [ 1564.464669][T31287] ? __alloc_skb+0x156/0x410 [ 1564.464688][T31287] __alloc_skb+0x156/0x410 [ 1564.464706][T31287] ? __alloc_skb+0x35d/0x410 [ 1564.464726][T31287] ? __pfx___alloc_skb+0x10/0x10 [ 1564.464756][T31287] inet_netconf_notify_devconf+0x8b/0x1f0 [ 1564.464779][T31287] mrtsock_destruct+0x1e7/0x290 [ 1564.464808][T31287] ? __pfx_mrtsock_destruct+0x10/0x10 [ 1564.464836][T31287] ip_ra_control+0x43c/0x590 [ 1564.464861][T31287] ip_mroute_setsockopt+0xe91/0x1420 [ 1564.464894][T31287] ? __pfx_ip_mroute_setsockopt+0x10/0x10 [ 1564.464923][T31287] ? aa_label_sk_perm+0x194/0x5f0 [ 1564.464962][T31287] do_ip_setsockopt+0x2de/0x3790 [ 1564.464987][T31287] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 1564.465013][T31287] ? __pfx___might_resched+0x10/0x10 [ 1564.465040][T31287] ? __lock_acquire+0x436/0x2890 [ 1564.465062][T31287] ? aa_sk_perm+0x2f2/0xae0 [ 1564.465087][T31287] ip_setsockopt+0x59/0xf0 [ 1564.465110][T31287] raw_setsockopt+0xb7/0x2a0 [ 1564.465133][T31287] ? __pfx_raw_setsockopt+0x10/0x10 [ 1564.465156][T31287] ? sock_common_setsockopt+0x2e/0xf0 [ 1564.465183][T31287] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1564.465213][T31287] do_sock_setsockopt+0xf3/0x1d0 [ 1564.465243][T31287] __sys_setsockopt+0x120/0x1a0 [ 1564.465270][T31287] __ia32_sys_setsockopt+0xbc/0x160 [ 1564.465291][T31287] ? __do_fast_syscall_32+0x9a/0x680 [ 1564.465320][T31287] ? lockdep_hardirqs_on+0x7c/0x110 [ 1564.465346][T31287] __do_fast_syscall_32+0xe8/0x680 [ 1564.465377][T31287] do_fast_syscall_32+0x32/0x80 [ 1564.465395][T31287] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1564.465417][T31287] RIP: 0023:0xf7f75579 [ 1564.465432][T31287] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1564.465450][T31287] RSP: 002b:00000000f546655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 1564.465469][T31287] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 1564.465481][T31287] RDX: 00000000000000c9 RSI: 0000000000000000 RDI: 0000000000000000 [ 1564.465491][T31287] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1564.465502][T31287] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1564.465513][T31287] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1564.465538][T31287] [ 1564.736231][T31296] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1564.739476][T31296] UDF-fs: Scanning with blocksize 2048 failed [ 1564.743870][T31296] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1564.746712][T31296] UDF-fs: Scanning with blocksize 4096 failed [ 1565.875863][T31315] FAULT_INJECTION: forcing a failure. [ 1565.875863][T31315] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.914185][T31315] CPU: 2 UID: 0 PID: 31315 Comm: syz.4.6532 Tainted: G L syzkaller #0 PREEMPT(full) [ 1565.914217][T31315] Tainted: [L]=SOFTLOCKUP [ 1565.914221][T31315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1565.914229][T31315] Call Trace: [ 1565.914233][T31315] [ 1565.914238][T31315] dump_stack_lvl+0x16c/0x1f0 [ 1565.914259][T31315] should_fail_ex+0x512/0x640 [ 1565.914272][T31315] ? fs_reclaim_acquire+0xae/0x150 [ 1565.914291][T31315] should_failslab+0xc2/0x120 [ 1565.914309][T31315] __kmalloc_noprof+0xeb/0x910 [ 1565.914322][T31315] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1565.914340][T31315] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1565.914355][T31315] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1565.914372][T31315] ? tomoyo_profile+0x47/0x60 [ 1565.914390][T31315] tomoyo_path_number_perm+0x245/0x580 [ 1565.914403][T31315] ? tomoyo_path_number_perm+0x237/0x580 [ 1565.914417][T31315] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1565.914443][T31315] ? find_held_lock+0x2b/0x80 [ 1565.914458][T31315] ? hook_file_ioctl_common+0x144/0x410 [ 1565.914475][T31315] ? __fget_files+0x20e/0x3c0 [ 1565.914490][T31315] ? __fput_deferred+0x480/0x480 [ 1565.914504][T31315] security_file_ioctl_compat+0x9b/0x240 [ 1565.914519][T31315] __ia32_compat_sys_ioctl+0xc3/0x370 [ 1565.914536][T31315] __do_fast_syscall_32+0xe8/0x680 [ 1565.914556][T31315] do_fast_syscall_32+0x32/0x80 [ 1565.914566][T31315] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1565.914580][T31315] RIP: 0023:0xf703d579 [ 1565.914590][T31315] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1565.914601][T31315] RSP: 002b:00000000f542d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 1565.914617][T31315] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000540a [ 1565.914624][T31315] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1565.914630][T31315] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1565.914637][T31315] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1565.914643][T31315] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1565.914657][T31315] [ 1566.089281][T31315] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1566.438143][T31323] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1566.444014][T31323] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6533'. [ 1567.339649][T31334] overlayfs: missing 'lowerdir' [ 1567.352706][T31334] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 1567.478192][T31334] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 1567.481693][T31334] overlayfs: failed to look up (tracing) for ino (-66) [ 1568.401080][T31347] FAULT_INJECTION: forcing a failure. [ 1568.401080][T31347] name failslab, interval 1, probability 0, space 0, times 0 [ 1568.404595][T31347] CPU: 0 UID: 0 PID: 31347 Comm: syz.4.6539 Tainted: G L syzkaller #0 PREEMPT(full) [ 1568.404613][T31347] Tainted: [L]=SOFTLOCKUP [ 1568.404617][T31347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1568.404624][T31347] Call Trace: [ 1568.404628][T31347] [ 1568.404636][T31347] dump_stack_lvl+0x16c/0x1f0 [ 1568.404657][T31347] should_fail_ex+0x512/0x640 [ 1568.404671][T31347] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 1568.404687][T31347] should_failslab+0xc2/0x120 [ 1568.404704][T31347] kmem_cache_alloc_node_noprof+0x86/0x800 [ 1568.404718][T31347] ? __alloc_skb+0x156/0x410 [ 1568.404733][T31347] ? __alloc_skb+0x156/0x410 [ 1568.404744][T31347] __alloc_skb+0x156/0x410 [ 1568.404755][T31347] ? __alloc_skb+0x35d/0x410 [ 1568.404767][T31347] ? __pfx___alloc_skb+0x10/0x10 [ 1568.404780][T31347] ? is_bpf_text_address+0x8a/0x1a0 [ 1568.404795][T31347] ? bpf_ksym_find+0x124/0x1c0 [ 1568.404808][T31347] alloc_skb_with_frags+0xe0/0x860 [ 1568.404824][T31347] ? unwind_get_return_address+0x59/0xa0 [ 1568.404842][T31347] sock_alloc_send_pskb+0x7f9/0x980 [ 1568.404859][T31347] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 1568.404871][T31347] ? __pfx___might_resched+0x10/0x10 [ 1568.404887][T31347] ? find_held_lock+0x2b/0x80 [ 1568.404903][T31347] ? aa_sk_perm+0x2f2/0xae0 [ 1568.404918][T31347] hci_sock_sendmsg+0x1c7/0x26b0 [ 1568.404937][T31347] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 1568.404953][T31347] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 1568.404974][T31347] sock_write_iter+0x566/0x610 [ 1568.404992][T31347] ? __pfx_sock_write_iter+0x10/0x10 [ 1568.405013][T31347] ? bpf_lsm_file_permission+0x9/0x10 [ 1568.405027][T31347] ? security_file_permission+0x71/0x210 [ 1568.405042][T31347] ? rw_verify_area+0xcf/0x6c0 [ 1568.405058][T31347] vfs_write+0x7d3/0x11d0 [ 1568.405074][T31347] ? __pfx_sock_write_iter+0x10/0x10 [ 1568.405093][T31347] ? __pfx_vfs_write+0x10/0x10 [ 1568.405107][T31347] ? find_held_lock+0x2b/0x80 [ 1568.405129][T31347] ksys_write+0x1f8/0x250 [ 1568.405157][T31347] ? __pfx_ksys_write+0x10/0x10 [ 1568.405177][T31347] __do_fast_syscall_32+0xe8/0x680 [ 1568.405196][T31347] do_fast_syscall_32+0x32/0x80 [ 1568.405206][T31347] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1568.405221][T31347] RIP: 0023:0xf703d579 [ 1568.405230][T31347] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1568.405241][T31347] RSP: 002b:00000000f542d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 1568.405251][T31347] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000000 [ 1568.405258][T31347] RDX: 000000000000000d RSI: 0000000000000000 RDI: 0000000000000000 [ 1568.405265][T31347] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1568.405271][T31347] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1568.405277][T31347] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1568.405291][T31347] [ 1568.813947][T31356] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1568.816381][T31356] UDF-fs: Scanning with blocksize 2048 failed [ 1568.819945][T31356] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1568.822640][T31356] UDF-fs: Scanning with blocksize 4096 failed [ 1569.281490][T31361] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1569.283725][T31361] UDF-fs: Scanning with blocksize 2048 failed [ 1569.317193][T31361] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1569.320546][T31361] UDF-fs: Scanning with blocksize 4096 failed [ 1569.464141][ T40] kauditd_printk_skb: 119 callbacks suppressed [ 1569.464152][ T40] audit: type=1326 audit(1766433196.292:24742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31365 comm="syz.3.6545" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1569.473572][ T40] audit: type=1326 audit(1766433196.302:24743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31365 comm="syz.3.6545" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1569.481416][ T40] audit: type=1326 audit(1766433196.312:24744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31365 comm="syz.3.6545" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1569.488625][ T40] audit: type=1326 audit(1766433196.312:24745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31365 comm="syz.3.6545" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1569.502303][ T40] audit: type=1326 audit(1766433196.312:24746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31365 comm="syz.3.6545" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1569.513781][ T40] audit: type=1326 audit(1766433196.322:24747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31365 comm="syz.3.6545" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1569.525587][T31368] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1569.529245][ T40] audit: type=1326 audit(1766433196.322:24748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31365 comm="syz.3.6545" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1569.536181][ T40] audit: type=1326 audit(1766433196.322:24749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31365 comm="syz.3.6545" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1569.544458][ T40] audit: type=1326 audit(1766433196.322:24750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31365 comm="syz.3.6545" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1569.553013][ T40] audit: type=1326 audit(1766433196.332:24751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31365 comm="syz.3.6545" exe="/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1569.576959][T31368] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6545'. [ 1570.147180][T31374] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1570.158068][T31374] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6546'. [ 1570.412831][T31384] FAULT_INJECTION: forcing a failure. [ 1570.412831][T31384] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1570.418256][T31384] CPU: 0 UID: 0 PID: 31384 Comm: syz.3.6549 Tainted: G L syzkaller #0 PREEMPT(full) [ 1570.418285][T31384] Tainted: [L]=SOFTLOCKUP [ 1570.418291][T31384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1570.418302][T31384] Call Trace: [ 1570.418309][T31384] [ 1570.418318][T31384] dump_stack_lvl+0x16c/0x1f0 [ 1570.418350][T31384] should_fail_ex+0x512/0x640 [ 1570.418375][T31384] _copy_to_user+0x32/0xd0 [ 1570.418398][T31384] simple_read_from_buffer+0xcb/0x170 [ 1570.418425][T31384] proc_fail_nth_read+0x197/0x240 [ 1570.418456][T31384] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1570.418484][T31384] ? rw_verify_area+0xcf/0x6c0 [ 1570.418505][T31384] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1570.418529][T31384] vfs_read+0x1e4/0xcf0 [ 1570.418551][T31384] ? __pfx___mutex_lock+0x10/0x10 [ 1570.418581][T31384] ? __pfx_vfs_read+0x10/0x10 [ 1570.418604][T31384] ? find_held_lock+0x2b/0x80 [ 1570.418633][T31384] ? __fget_files+0x20e/0x3c0 [ 1570.418666][T31384] ksys_read+0x12a/0x250 [ 1570.418690][T31384] ? __pfx_ksys_read+0x10/0x10 [ 1570.418723][T31384] __do_fast_syscall_32+0xe8/0x680 [ 1570.418755][T31384] do_fast_syscall_32+0x32/0x80 [ 1570.418772][T31384] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1570.418795][T31384] RIP: 0023:0xf7f75579 [ 1570.418827][T31384] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1570.418845][T31384] RSP: 002b:00000000f5445590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 1570.418864][T31384] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5445620 [ 1570.418881][T31384] RDX: 000000000000000f RSI: 00000000f7406ff4 RDI: 0000000000000000 [ 1570.418893][T31384] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 1570.418903][T31384] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1570.418914][T31384] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1570.418939][T31384] [ 1571.372737][T31399] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7) [ 1571.374809][T31399] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 1571.382487][T31399] vhci_hcd vhci_hcd.0: Device attached [ 1571.669443][T26327] usb 40-1: SetAddress Request (62) to port 0 [ 1571.671324][T26327] usb 40-1: new SuperSpeed USB device number 62 using vhci_hcd [ 1572.280541][T31400] vhci_hcd: connection reset by peer [ 1572.282532][ T4946] vhci_hcd vhci_hcd.1: stop threads [ 1572.284696][ T4946] vhci_hcd vhci_hcd.1: release socket [ 1572.287003][ T4946] vhci_hcd vhci_hcd.1: disconnect device [ 1572.779711][T31406] [U] ÿ [ 1572.830847][T31409] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1572.834027][T31409] UDF-fs: Scanning with blocksize 2048 failed [ 1572.837589][T31409] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1572.840855][T31409] UDF-fs: Scanning with blocksize 4096 failed [ 1573.368871][T31418] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1573.371202][T31418] UDF-fs: Scanning with blocksize 2048 failed [ 1573.382689][T31418] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1573.385095][T31418] UDF-fs: Scanning with blocksize 4096 failed [ 1574.021711][T31430] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1574.026913][T31430] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6559'. [ 1574.792102][T31437] netlink: 44 bytes leftover after parsing attributes in process `syz.2.6563'. [ 1574.925762][T31448] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1574.928598][T31448] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1576.734880][T26327] usb 40-1: device descriptor read/8, error -110 [ 1577.119836][T26327] usb usb40-port1: attempt power cycle [ 1577.349926][T31456] netlink: 'syz.1.6569': attribute type 10 has an invalid length. [ 1577.352410][T31456] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 1577.356074][T31456] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 1577.359978][T31456] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 1577.486341][T31458] 8021q: adding VLAN 0 to HW filter on device batadv2 [ 1577.489427][T31458] team0: Port device batadv2 added [ 1577.636278][T31461] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1577.639337][T31461] UDF-fs: Scanning with blocksize 2048 failed [ 1577.643442][T31461] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1577.646439][T31461] UDF-fs: Scanning with blocksize 4096 failed [ 1577.681330][T26327] usb usb40-port1: unable to enumerate USB device [ 1577.764928][T31464] block nbd4: not configured, cannot reconfigure [ 1578.098133][ T40] kauditd_printk_skb: 117 callbacks suppressed [ 1578.098145][ T40] audit: type=1326 audit(1766433204.922:24869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31465 comm="syz.2.6572" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1578.111234][ T40] audit: type=1326 audit(1766433204.942:24870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31465 comm="syz.2.6572" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1578.154862][T31470] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1578.166886][T31470] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6572'. [ 1578.193061][ T40] audit: type=1326 audit(1766433204.952:24871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31465 comm="syz.2.6572" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1578.203501][ T40] audit: type=1326 audit(1766433204.952:24872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31465 comm="syz.2.6572" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1578.222656][ T40] audit: type=1326 audit(1766433204.952:24873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31465 comm="syz.2.6572" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1578.250274][ T40] audit: type=1326 audit(1766433204.952:24874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31465 comm="syz.2.6572" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1578.267496][ T40] audit: type=1326 audit(1766433204.952:24875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31465 comm="syz.2.6572" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1578.282072][ T40] audit: type=1326 audit(1766433204.952:24876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31465 comm="syz.2.6572" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1578.294320][ T40] audit: type=1326 audit(1766433204.962:24877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31465 comm="syz.2.6572" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1578.305768][ T40] audit: type=1326 audit(1766433204.972:24878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31465 comm="syz.2.6572" exe="/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1578.443167][T31471] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1578.445606][T31471] UDF-fs: Scanning with blocksize 2048 failed [ 1578.448399][T31471] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1578.451706][T31471] UDF-fs: Scanning with blocksize 4096 failed [ 1579.094435][T31484] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1579.101874][T31484] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6576'. [ 1580.098952][T24563] usb 6-1: new high-speed USB device number 54 using dummy_hcd [ 1580.250567][T24563] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1580.255121][T24563] usb 6-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1580.268954][T24563] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1580.271791][T24563] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1580.282592][T24563] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 1580.286325][T24563] usb 6-1: invalid MIDI out EP 0 [ 1580.342850][T24563] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 1580.485459][T24563] usb 6-1: USB disconnect, device number 54 [ 1580.735419][T31511] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1580.743359][T31511] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6583'. [ 1581.170208][T31515] FAULT_INJECTION: forcing a failure. [ 1581.170208][T31515] name failslab, interval 1, probability 0, space 0, times 0 [ 1581.174652][T31515] CPU: 3 UID: 0 PID: 31515 Comm: syz.4.6585 Tainted: G L syzkaller #0 PREEMPT(full) [ 1581.174670][T31515] Tainted: [L]=SOFTLOCKUP [ 1581.174674][T31515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1581.174681][T31515] Call Trace: [ 1581.174685][T31515] [ 1581.174690][T31515] dump_stack_lvl+0x16c/0x1f0 [ 1581.174710][T31515] should_fail_ex+0x512/0x640 [ 1581.174724][T31515] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 1581.174740][T31515] should_failslab+0xc2/0x120 [ 1581.174758][T31515] kmem_cache_alloc_node_noprof+0x86/0x800 [ 1581.174771][T31515] ? __alloc_skb+0x156/0x410 [ 1581.174787][T31515] ? __alloc_skb+0x156/0x410 [ 1581.174798][T31515] __alloc_skb+0x156/0x410 [ 1581.174809][T31515] ? __alloc_skb+0x35d/0x410 [ 1581.174820][T31515] ? __pfx___alloc_skb+0x10/0x10 [ 1581.174833][T31515] ? is_bpf_text_address+0x8a/0x1a0 [ 1581.174848][T31515] ? bpf_ksym_find+0x124/0x1c0 [ 1581.174861][T31515] alloc_skb_with_frags+0xe0/0x860 [ 1581.174877][T31515] ? unwind_get_return_address+0x59/0xa0 [ 1581.174899][T31515] sock_alloc_send_pskb+0x7f9/0x980 [ 1581.174916][T31515] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 1581.174929][T31515] ? __pfx___might_resched+0x10/0x10 [ 1581.174948][T31515] ? find_held_lock+0x2b/0x80 [ 1581.174964][T31515] ? aa_sk_perm+0x2f2/0xae0 [ 1581.174980][T31515] hci_sock_sendmsg+0x1c7/0x26b0 [ 1581.174998][T31515] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 1581.175014][T31515] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 1581.175034][T31515] sock_write_iter+0x566/0x610 [ 1581.175052][T31515] ? __pfx_sock_write_iter+0x10/0x10 [ 1581.175074][T31515] ? bpf_lsm_file_permission+0x9/0x10 [ 1581.175087][T31515] ? security_file_permission+0x71/0x210 [ 1581.175101][T31515] ? rw_verify_area+0xcf/0x6c0 [ 1581.175117][T31515] vfs_write+0x7d3/0x11d0 [ 1581.175133][T31515] ? __pfx_sock_write_iter+0x10/0x10 [ 1581.175151][T31515] ? __pfx_vfs_write+0x10/0x10 [ 1581.175165][T31515] ? find_held_lock+0x2b/0x80 [ 1581.175187][T31515] ksys_write+0x1f8/0x250 [ 1581.175202][T31515] ? __pfx_ksys_write+0x10/0x10 [ 1581.175221][T31515] __do_fast_syscall_32+0xe8/0x680 [ 1581.175240][T31515] do_fast_syscall_32+0x32/0x80 [ 1581.175251][T31515] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1581.175264][T31515] RIP: 0023:0xf703d579 [ 1581.175273][T31515] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1581.175284][T31515] RSP: 002b:00000000f542d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 1581.175295][T31515] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000 [ 1581.175302][T31515] RDX: 000000000000000d RSI: 0000000000000000 RDI: 0000000000000000 [ 1581.175308][T31515] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1581.175314][T31515] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1581.175321][T31515] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1581.175333][T31515] [ 1581.350174][T31519] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1581.355913][T31519] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6586'. [ 1581.373483][T31521] netlink: 'syz.2.6587': attribute type 10 has an invalid length. [ 1581.376857][T31521] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 1581.382138][T31521] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 1581.387337][T31521] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 1581.629595][T31529] 8021q: adding VLAN 0 to HW filter on device batadv3 [ 1581.633880][T31529] team0: Port device batadv3 added [ 1582.253781][T31549] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1582.260421][T31549] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6589'. [ 1583.759111][T31568] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1583.761483][T31568] UDF-fs: Scanning with blocksize 2048 failed [ 1583.764490][T31568] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1583.767572][T31568] UDF-fs: Scanning with blocksize 4096 failed [ 1583.784784][T31567] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1583.787997][T31567] UDF-fs: Scanning with blocksize 2048 failed [ 1583.826192][T31567] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1583.829591][T31567] UDF-fs: Scanning with blocksize 4096 failed [ 1583.865770][T31572] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1583.873688][T31572] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6596'. [ 1583.898938][ T40] kauditd_printk_skb: 205 callbacks suppressed [ 1583.898950][ T40] audit: type=1326 audit(1766433210.682:25084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31569 comm="syz.2.6596" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1583.909741][ T40] audit: type=1326 audit(1766433210.682:25085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31569 comm="syz.2.6596" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1583.916413][ T40] audit: type=1326 audit(1766433210.682:25086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31569 comm="syz.2.6596" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1583.923532][ T40] audit: type=1326 audit(1766433210.682:25087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31569 comm="syz.2.6596" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1583.931232][ T40] audit: type=1326 audit(1766433210.682:25088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31569 comm="syz.2.6596" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1583.938420][ T40] audit: type=1326 audit(1766433210.682:25089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31569 comm="syz.2.6596" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1583.978530][ T40] audit: type=1326 audit(1766433210.682:25090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31569 comm="syz.2.6596" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1583.989438][ T40] audit: type=1326 audit(1766433210.682:25091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31569 comm="syz.2.6596" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1584.001868][ T40] audit: type=1326 audit(1766433210.682:25092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31569 comm="syz.2.6596" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1584.013636][ T40] audit: type=1326 audit(1766433210.682:25093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31569 comm="syz.2.6596" exe="/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1584.606646][T31578] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1584.611655][T31578] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6597'. [ 1585.324734][T31583] overlayfs: failed to resolve './file2': -2 [ 1586.886025][T31619] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1586.888416][T31619] UDF-fs: Scanning with blocksize 2048 failed [ 1586.893573][T31619] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1586.896545][T31619] UDF-fs: Scanning with blocksize 4096 failed [ 1589.569877][T31643] netlink: 'syz.2.6614': attribute type 10 has an invalid length. [ 1589.579121][T31643] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 1589.583642][T31643] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 1589.588142][T31643] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 1589.731014][T31646] 8021q: adding VLAN 0 to HW filter on device batadv4 [ 1589.734212][T31646] team0: Port device batadv4 added [ 1590.754746][T31666] 9pnet_virtio: no channels available for device syz [ 1591.877518][ T40] kauditd_printk_skb: 75 callbacks suppressed [ 1591.877530][ T40] audit: type=1326 audit(1766433218.702:25169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31674 comm="syz.4.6623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1591.886829][ T40] audit: type=1326 audit(1766433218.702:25170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31674 comm="syz.4.6623" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1591.897113][ T40] audit: type=1326 audit(1766433218.702:25171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31674 comm="syz.4.6623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1591.914319][ T40] audit: type=1326 audit(1766433218.702:25172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31674 comm="syz.4.6623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1591.924733][ T40] audit: type=1326 audit(1766433218.702:25173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31674 comm="syz.4.6623" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1592.048953][ T40] audit: type=1326 audit(1766433218.702:25174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31674 comm="syz.4.6623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1592.080373][ T40] audit: type=1326 audit(1766433218.702:25175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31674 comm="syz.4.6623" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1592.103909][ T40] audit: type=1326 audit(1766433218.732:25176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31674 comm="syz.4.6623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1592.118557][ T40] audit: type=1326 audit(1766433218.732:25177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31674 comm="syz.4.6623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1592.147258][ T40] audit: type=1326 audit(1766433218.732:25178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31674 comm="syz.4.6623" exe="/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf703d579 code=0x7ffc0000 [ 1592.410669][T31681] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1593.019133][T31693] netlink: 'syz.4.6628': attribute type 10 has an invalid length. [ 1593.022653][T31693] hsr0: entered promiscuous mode [ 1593.026605][T31693] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 1593.030716][T31693] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 1593.035264][T31693] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 1593.353675][T31696] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 1593.356963][T31696] team0: Port device batadv1 added [ 1593.964311][T31702] FAULT_INJECTION: forcing a failure. [ 1593.964311][T31702] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1593.969572][T31702] CPU: 2 UID: 0 PID: 31702 Comm: syz.1.6630 Tainted: G L syzkaller #0 PREEMPT(full) [ 1593.969591][T31702] Tainted: [L]=SOFTLOCKUP [ 1593.969595][T31702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1593.969602][T31702] Call Trace: [ 1593.969606][T31702] [ 1593.969611][T31702] dump_stack_lvl+0x16c/0x1f0 [ 1593.969631][T31702] should_fail_ex+0x512/0x640 [ 1593.969650][T31702] _copy_to_user+0x32/0xd0 [ 1593.969665][T31702] simple_read_from_buffer+0xcb/0x170 [ 1593.969704][T31702] proc_fail_nth_read+0x197/0x240 [ 1593.969723][T31702] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1593.969742][T31702] ? rw_verify_area+0xcf/0x6c0 [ 1593.969756][T31702] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1593.969774][T31702] vfs_read+0x1e4/0xcf0 [ 1593.969791][T31702] ? __pfx___mutex_lock+0x10/0x10 [ 1593.969809][T31702] ? __pfx_vfs_read+0x10/0x10 [ 1593.969823][T31702] ? find_held_lock+0x2b/0x80 [ 1593.969842][T31702] ? __fget_files+0x20e/0x3c0 [ 1593.969862][T31702] ksys_read+0x12a/0x250 [ 1593.969877][T31702] ? __pfx_ksys_read+0x10/0x10 [ 1593.969894][T31702] ? rcu_is_watching+0x12/0xc0 [ 1593.969912][T31702] __do_fast_syscall_32+0xe8/0x680 [ 1593.969931][T31702] do_fast_syscall_32+0x32/0x80 [ 1593.969941][T31702] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1593.969955][T31702] RIP: 0023:0xf70ed579 [ 1593.969965][T31702] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1593.969976][T31702] RSP: 002b:00000000f54dd590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 1593.969988][T31702] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54dd620 [ 1593.969995][T31702] RDX: 000000000000000f RSI: 00000000f7486ff4 RDI: 0000000000000000 [ 1593.970001][T31702] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 1593.970007][T31702] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1593.970014][T31702] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1593.970028][T31702] [ 1594.814289][T31719] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1594.821355][T31719] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6635'. [ 1595.191863][T31725] FAULT_INJECTION: forcing a failure. [ 1595.191863][T31725] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1595.195981][T31725] CPU: 0 UID: 0 PID: 31725 Comm: syz.4.6637 Tainted: G L syzkaller #0 PREEMPT(full) [ 1595.196001][T31725] Tainted: [L]=SOFTLOCKUP [ 1595.196005][T31725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1595.196013][T31725] Call Trace: [ 1595.196018][T31725] [ 1595.196024][T31725] dump_stack_lvl+0x16c/0x1f0 [ 1595.196046][T31725] should_fail_ex+0x512/0x640 [ 1595.196061][T31725] _copy_from_user+0x2e/0xd0 [ 1595.196074][T31725] get_compat_msghdr+0xa7/0x170 [ 1595.196089][T31725] ? __pfx_get_compat_msghdr+0x10/0x10 [ 1595.196108][T31725] ___sys_sendmsg+0x1ae/0x1d0 [ 1595.196124][T31725] ? __pfx____sys_sendmsg+0x10/0x10 [ 1595.196145][T31725] ? find_held_lock+0x2b/0x80 [ 1595.196168][T31725] __sys_sendmsg+0x16d/0x220 [ 1595.196183][T31725] ? __pfx___sys_sendmsg+0x10/0x10 [ 1595.196202][T31725] ? do_user_addr_fault+0x843/0x1370 [ 1595.196219][T31725] __do_fast_syscall_32+0xe8/0x680 [ 1595.196238][T31725] do_fast_syscall_32+0x32/0x80 [ 1595.196248][T31725] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1595.196263][T31725] RIP: 0023:0xf703d579 [ 1595.196272][T31725] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1595.196283][T31725] RSP: 002b:00000000f542d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 1595.196294][T31725] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0 [ 1595.196301][T31725] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1595.196307][T31725] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1595.196314][T31725] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1595.196320][T31725] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1595.196334][T31725] [ 1595.954427][T31740] fuse: Unknown parameter 'fd0x000000000000000c' [ 1596.899831][T31748] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1596.902185][T31748] UDF-fs: Scanning with blocksize 2048 failed [ 1596.904903][T31748] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1596.907331][T31748] UDF-fs: Scanning with blocksize 4096 failed [ 1598.042621][T31759] FAULT_INJECTION: forcing a failure. [ 1598.042621][T31759] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1598.047349][T31759] CPU: 1 UID: 0 PID: 31759 Comm: syz.4.6646 Tainted: G L syzkaller #0 PREEMPT(full) [ 1598.047379][T31759] Tainted: [L]=SOFTLOCKUP [ 1598.047386][T31759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1598.047403][T31759] Call Trace: [ 1598.047410][T31759] [ 1598.047418][T31759] dump_stack_lvl+0x16c/0x1f0 [ 1598.047450][T31759] should_fail_ex+0x512/0x640 [ 1598.047474][T31759] _copy_from_user+0x2e/0xd0 [ 1598.047495][T31759] get_compat_msghdr+0xa7/0x170 [ 1598.047520][T31759] ? __pfx_get_compat_msghdr+0x10/0x10 [ 1598.047552][T31759] ___sys_sendmsg+0x1ae/0x1d0 [ 1598.047578][T31759] ? __pfx____sys_sendmsg+0x10/0x10 [ 1598.047614][T31759] ? find_held_lock+0x2b/0x80 [ 1598.047653][T31759] __sys_sendmsg+0x16d/0x220 [ 1598.047677][T31759] ? __pfx___sys_sendmsg+0x10/0x10 [ 1598.047710][T31759] ? do_user_addr_fault+0x843/0x1370 [ 1598.047738][T31759] __do_fast_syscall_32+0xe8/0x680 [ 1598.047771][T31759] do_fast_syscall_32+0x32/0x80 [ 1598.047789][T31759] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1598.047811][T31759] RIP: 0023:0xf703d579 [ 1598.047825][T31759] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1598.047843][T31759] RSP: 002b:00000000f542d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 1598.047863][T31759] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0 [ 1598.047875][T31759] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1598.047887][T31759] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1598.047899][T31759] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1598.047911][T31759] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1598.047936][T31759] [ 1598.158079][T31763] netlink: 44 bytes leftover after parsing attributes in process `syz.4.6648'. [ 1598.242583][T31767] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1598.249248][T31767] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6647'. [ 1598.349563][ T40] kauditd_printk_skb: 64 callbacks suppressed [ 1598.349588][ T40] audit: type=1326 audit(1766433225.052:25243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31760 comm="syz.2.6647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1598.361630][ T40] audit: type=1326 audit(1766433225.052:25244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31760 comm="syz.2.6647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1598.371209][ T40] audit: type=1326 audit(1766433225.052:25245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31760 comm="syz.2.6647" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1598.380593][ T40] audit: type=1326 audit(1766433225.052:25246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31760 comm="syz.2.6647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1598.390055][ T40] audit: type=1326 audit(1766433225.062:25247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31760 comm="syz.2.6647" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1598.399015][ T40] audit: type=1326 audit(1766433225.062:25248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31760 comm="syz.2.6647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1598.408164][ T40] audit: type=1326 audit(1766433225.062:25249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31760 comm="syz.2.6647" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1598.417490][ T40] audit: type=1326 audit(1766433225.062:25250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31760 comm="syz.2.6647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1598.426959][ T40] audit: type=1326 audit(1766433225.062:25251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31760 comm="syz.2.6647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1598.436225][ T40] audit: type=1326 audit(1766433225.062:25252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31760 comm="syz.2.6647" exe="/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1598.753575][T31775] netlink: 'syz.3.6651': attribute type 1 has an invalid length. [ 1598.757701][T31775] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR [ 1598.900987][T31780] overlayfs: failed to resolve './file2': -2 [ 1599.305365][T31786] tipc: Enabling of bearer rejected, already enabled [ 1599.309340][ T5950] Bluetooth: hci4: unexpected event for opcode 0x5ea6 [ 1599.437308][T31788] FAULT_INJECTION: forcing a failure. [ 1599.437308][T31788] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1599.463411][T31788] CPU: 0 UID: 0 PID: 31788 Comm: syz.2.6654 Tainted: G L syzkaller #0 PREEMPT(full) [ 1599.463442][T31788] Tainted: [L]=SOFTLOCKUP [ 1599.463448][T31788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1599.463460][T31788] Call Trace: [ 1599.463467][T31788] [ 1599.463475][T31788] dump_stack_lvl+0x16c/0x1f0 [ 1599.463520][T31788] should_fail_ex+0x512/0x640 [ 1599.463544][T31788] _copy_from_user+0x2e/0xd0 [ 1599.463565][T31788] __sys_bpf+0x248/0x4980 [ 1599.463586][T31788] ? __pfx___sys_bpf+0x10/0x10 [ 1599.463601][T31788] ? find_held_lock+0x2b/0x80 [ 1599.463630][T31788] ? find_held_lock+0x2b/0x80 [ 1599.463660][T31788] ? __mutex_unlock_slowpath+0x161/0x790 [ 1599.463703][T31788] ? fput+0x70/0xf0 [ 1599.463721][T31788] ? ksys_write+0x1ac/0x250 [ 1599.463745][T31788] ? __pfx_ksys_write+0x10/0x10 [ 1599.463774][T31788] __ia32_sys_bpf+0x76/0xe0 [ 1599.463791][T31788] ? lockdep_hardirqs_on+0x7c/0x110 [ 1599.463818][T31788] __do_fast_syscall_32+0xe8/0x680 [ 1599.463848][T31788] do_fast_syscall_32+0x32/0x80 [ 1599.463864][T31788] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1599.463887][T31788] RIP: 0023:0xf7f87579 [ 1599.463901][T31788] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1599.463918][T31788] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 1599.463936][T31788] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000800002c0 [ 1599.463948][T31788] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 1599.463959][T31788] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1599.463970][T31788] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1599.463980][T31788] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1599.464003][T31788] [ 1599.839846][T31795] netlink: 44 bytes leftover after parsing attributes in process `syz.1.6657'. [ 1600.783295][ T5950] Bluetooth: hci3: unexpected event for opcode 0x5ea6 [ 1601.649468][T31824] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1601.652336][T31824] UDF-fs: Scanning with blocksize 2048 failed [ 1601.655180][T31824] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1601.658108][T31824] UDF-fs: Scanning with blocksize 4096 failed [ 1602.412179][T31832] netlink: 44 bytes leftover after parsing attributes in process `syz.4.6668'. [ 1602.498008][T31840] geneve2: entered promiscuous mode [ 1602.500945][T26116] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1602.503768][T26116] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1602.507155][T26116] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1602.510019][T26116] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1602.534096][T31842] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1602.536613][T31842] UDF-fs: Scanning with blocksize 2048 failed [ 1602.542440][T31842] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1602.544998][T31842] UDF-fs: Scanning with blocksize 4096 failed [ 1602.619412][ T5983] usb 6-1: new high-speed USB device number 55 using dummy_hcd [ 1602.719946][T31834] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1602.724361][T31834] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1602.806170][ T5983] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1602.810510][ T5983] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1602.815799][ T5983] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 1602.835642][ T5983] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1602.853562][ T5983] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1602.881772][ T5983] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 1603.379911][ T5983] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -12 [ 1603.390137][T28481] udevd[28481]: setting mode of /dev/snd/controlC4 to 020660 failed: No such file or directory [ 1603.390624][ T5983] usb 6-1: USB disconnect, device number 55 [ 1603.393642][T28481] udevd[28481]: setting owner of /dev/snd/controlC4 to uid=0, gid=29 failed: No such file or directory [ 1605.614806][T31875] netlink: 44 bytes leftover after parsing attributes in process `syz.2.6677'. [ 1605.762667][T31884] netlink: 'syz.3.6680': attribute type 10 has an invalid length. [ 1605.766079][T31884] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 1605.770958][T31884] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 1605.776052][T31884] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 1605.918935][T31888] 8021q: adding VLAN 0 to HW filter on device batadv3 [ 1605.923548][T31888] team0: Port device batadv3 added [ 1605.964588][T31889] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1605.967662][T31889] UDF-fs: Scanning with blocksize 2048 failed [ 1605.971528][T31889] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1605.974499][T31889] UDF-fs: Scanning with blocksize 4096 failed [ 1607.214754][T31901] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6682'. [ 1611.702087][T31941] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1611.704463][T31941] UDF-fs: Scanning with blocksize 2048 failed [ 1611.706856][T31941] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1611.709965][T31941] UDF-fs: Scanning with blocksize 4096 failed [ 1612.247596][T31954] batadv_slave_1: entered promiscuous mode [ 1613.032045][T31948] fuse: Bad value for 'fd' [ 1613.456059][ T40] kauditd_printk_skb: 34 callbacks suppressed [ 1613.456070][ T40] audit: type=1326 audit(1766433240.282:25287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31959 comm="syz.3.6696" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1613.465123][ T40] audit: type=1326 audit(1766433240.292:25288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31959 comm="syz.3.6696" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1613.476814][ T40] audit: type=1326 audit(1766433240.302:25289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31959 comm="syz.3.6696" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1613.505192][T31962] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1613.511002][ T40] audit: type=1326 audit(1766433240.322:25290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31959 comm="syz.3.6696" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1613.540889][ T40] audit: type=1326 audit(1766433240.322:25291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31959 comm="syz.3.6696" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1613.547545][ T40] audit: type=1326 audit(1766433240.322:25292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31959 comm="syz.3.6696" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1613.554163][ T40] audit: type=1326 audit(1766433240.322:25293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31959 comm="syz.3.6696" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1613.554701][T31962] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6696'. [ 1613.560866][ T40] audit: type=1326 audit(1766433240.322:25294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31959 comm="syz.3.6696" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1613.560895][ T40] audit: type=1326 audit(1766433240.322:25295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31959 comm="syz.3.6696" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1613.560917][ T40] audit: type=1326 audit(1766433240.322:25296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31959 comm="syz.3.6696" exe="/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1614.632541][T31975] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1614.640769][T31975] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6699'. [ 1617.053361][T32007] devtmpfs: Cannot change global quota limit on remount [ 1617.250054][T32011] fuse: Bad value for 'fd' [ 1618.976714][T32037] netlink: 'syz.1.6714': attribute type 10 has an invalid length. [ 1618.980210][T32037] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 1618.983598][T32037] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 1618.988239][T32037] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 1619.114280][T32040] 8021q: adding VLAN 0 to HW filter on device batadv3 [ 1619.117797][T32040] team0: Port device batadv3 added [ 1619.899499][T32057] fuse: Bad value for 'fd' [ 1620.751546][T32064] netlink: 'syz.2.6720': attribute type 21 has an invalid length. [ 1620.754073][T32064] netlink: 132 bytes leftover after parsing attributes in process `syz.2.6720'. [ 1620.899384][ T40] kauditd_printk_skb: 83 callbacks suppressed [ 1620.899407][ T40] audit: type=1326 audit(1766433247.722:25380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32065 comm="syz.3.6721" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1620.912430][ T40] audit: type=1326 audit(1766433247.732:25381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32065 comm="syz.3.6721" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1620.929894][ T40] audit: type=1326 audit(1766433247.762:25382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32065 comm="syz.3.6721" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1620.971113][ T40] audit: type=1326 audit(1766433247.762:25383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32065 comm="syz.3.6721" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1621.043505][ T40] audit: type=1326 audit(1766433247.762:25384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32065 comm="syz.3.6721" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1621.072319][T32073] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1621.081224][T32073] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6721'. [ 1621.116094][ T40] audit: type=1326 audit(1766433247.762:25385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32065 comm="syz.3.6721" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1621.130178][ T40] audit: type=1326 audit(1766433247.772:25386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32065 comm="syz.3.6721" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1621.140287][ T40] audit: type=1326 audit(1766433247.772:25387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32065 comm="syz.3.6721" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1621.147893][ T40] audit: type=1326 audit(1766433247.862:25388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32065 comm="syz.3.6721" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1621.190291][ T40] audit: type=1326 audit(1766433247.862:25389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32065 comm="syz.3.6721" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1622.157639][T32098] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1622.160375][T32098] UDF-fs: Scanning with blocksize 2048 failed [ 1622.163672][T32098] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1622.165924][T32098] UDF-fs: Scanning with blocksize 4096 failed [ 1622.336935][T32099] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1622.340189][T32099] UDF-fs: Scanning with blocksize 2048 failed [ 1622.344498][T32099] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1622.346714][T32099] UDF-fs: Scanning with blocksize 4096 failed [ 1623.830856][T32113] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1623.833149][T32113] UDF-fs: Scanning with blocksize 2048 failed [ 1623.835694][T32113] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1623.838922][T32113] UDF-fs: Scanning with blocksize 4096 failed [ 1624.703209][T32123] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6730'. [ 1624.717512][T32123] openvswitch: netlink: Flow actions attr not present in new flow. [ 1624.717926][T32125] syzkaller0: entered promiscuous mode [ 1624.722130][T32125] syzkaller0: entered allmulticast mode [ 1624.910139][T32130] FAULT_INJECTION: forcing a failure. [ 1624.910139][T32130] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1624.914287][T32130] CPU: 2 UID: 0 PID: 32130 Comm: syz.2.6735 Tainted: G L syzkaller #0 PREEMPT(full) [ 1624.914306][T32130] Tainted: [L]=SOFTLOCKUP [ 1624.914310][T32130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1624.914317][T32130] Call Trace: [ 1624.914321][T32130] [ 1624.914326][T32130] dump_stack_lvl+0x16c/0x1f0 [ 1624.914347][T32130] should_fail_ex+0x512/0x640 [ 1624.914362][T32130] _copy_to_user+0x32/0xd0 [ 1624.914376][T32130] simple_read_from_buffer+0xcb/0x170 [ 1624.914404][T32130] proc_fail_nth_read+0x197/0x240 [ 1624.914425][T32130] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1624.914444][T32130] ? rw_verify_area+0xcf/0x6c0 [ 1624.914459][T32130] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1624.914477][T32130] vfs_read+0x1e4/0xcf0 [ 1624.914494][T32130] ? __pfx___mutex_lock+0x10/0x10 [ 1624.914513][T32130] ? __pfx_vfs_read+0x10/0x10 [ 1624.914527][T32130] ? find_held_lock+0x2b/0x80 [ 1624.914546][T32130] ? __fget_files+0x20e/0x3c0 [ 1624.914561][T32130] ? bpf_trace_run2+0x210/0x5c0 [ 1624.914581][T32130] ksys_read+0x12a/0x250 [ 1624.914600][T32130] ? __pfx_ksys_read+0x10/0x10 [ 1624.914618][T32130] ? syscall_trace_enter+0x1cb/0x220 [ 1624.914633][T32130] ? rcu_is_watching+0x12/0xc0 [ 1624.914651][T32130] __do_fast_syscall_32+0xe8/0x680 [ 1624.914670][T32130] do_fast_syscall_32+0x32/0x80 [ 1624.914681][T32130] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1624.914695][T32130] RIP: 0023:0xf7f87579 [ 1624.914704][T32130] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1624.914715][T32130] RSP: 002b:00000000f5476590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 1624.914727][T32130] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5476620 [ 1624.914734][T32130] RDX: 000000000000000f RSI: 00000000f7416ff4 RDI: 0000000000000000 [ 1624.914740][T32130] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 1624.914747][T32130] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1624.914753][T32130] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1624.914767][T32130] [ 1625.169377][T32135] netlink: 'syz.1.6737': attribute type 10 has an invalid length. [ 1625.170649][T32136] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1625.172511][T32135] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 1625.176957][T32136] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6736'. [ 1625.179928][T32135] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 1625.188112][T32135] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 1626.007542][T32150] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1626.010241][T32150] UDF-fs: Scanning with blocksize 2048 failed [ 1626.014791][T32150] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1626.017529][T32150] UDF-fs: Scanning with blocksize 4096 failed [ 1628.154451][T32170] netlink: 44 bytes leftover after parsing attributes in process `syz.2.6746'. [ 1628.507849][T32182] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1628.596989][ T40] kauditd_printk_skb: 72 callbacks suppressed [ 1628.597008][ T40] audit: type=1326 audit(1766433255.362:25462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32173 comm="syz.2.6748" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1628.609255][ T40] audit: type=1326 audit(1766433255.362:25463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32173 comm="syz.2.6748" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1629.713719][T32200] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1629.716082][T32200] UDF-fs: Scanning with blocksize 2048 failed [ 1629.720042][T32200] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1629.722417][T32200] UDF-fs: Scanning with blocksize 4096 failed [ 1632.513973][T32227] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1632.517309][T32227] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1633.369618][T32238] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1633.372771][T32238] UDF-fs: Scanning with blocksize 2048 failed [ 1633.378047][T32238] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1633.381390][T32238] UDF-fs: Scanning with blocksize 4096 failed [ 1635.870198][T32266] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1635.873683][T32266] UDF-fs: Scanning with blocksize 2048 failed [ 1635.878663][T32266] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1635.882041][T32266] UDF-fs: Scanning with blocksize 4096 failed [ 1641.678742][T32331] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 1642.355472][T32331] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 1642.358659][T32331] overlayfs: failed to look up (tracing) for ino (-66) [ 1642.488179][T32335] program syz.2.6785 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1642.539119][ T1109] ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0 [ 1642.543086][ T1109] ata1.00: irq_stat 0x40000000 [ 1642.544835][ T1109] ata1.00: failed command: ZAC MANAGEMENT OUT [ 1642.547191][ T1109] ata1.00: cmd 9f/02:00:00:00:00/00:00:00:00:00/40 tag 14 [ 1642.547191][ T1109] res 41/04:00:00:00:00/00:00:00:00:00/40 Emask 0x1 (device error) [ 1642.553447][ T1109] ata1.00: status: { DRDY ERR } [ 1642.555243][ T1109] ata1.00: error: { ABRT } [ 1642.557112][ T1109] ata1.00: device reported invalid CHS sector 0 [ 1642.560652][T32335] program syz.2.6785 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1643.725821][ C3] ata1: illegal qc_active transition (00000000->00000400) [ 1644.052162][ T1109] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300) [ 1644.064240][ T1109] ata1.00: configured for UDMA/100 [ 1644.860057][T32367] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma? [ 1648.236699][T32415] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1648.239162][T32415] UDF-fs: Scanning with blocksize 2048 failed [ 1648.243256][T32415] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 1648.245638][T32415] UDF-fs: Scanning with blocksize 4096 failed [ 1649.226790][T32423] netlink: 44 bytes leftover after parsing attributes in process `syz.4.6806'. [ 1649.937824][ T5950] Bluetooth: hci2: unexpected event for opcode 0x5ea6 [ 1649.956259][T32436] FAULT_INJECTION: forcing a failure. [ 1649.956259][T32436] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1649.960360][T32436] CPU: 2 UID: 0 PID: 32436 Comm: syz.3.6809 Tainted: G L syzkaller #0 PREEMPT(full) [ 1649.960378][T32436] Tainted: [L]=SOFTLOCKUP [ 1649.960382][T32436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1649.960389][T32436] Call Trace: [ 1649.960394][T32436] [ 1649.960398][T32436] dump_stack_lvl+0x16c/0x1f0 [ 1649.960420][T32436] should_fail_ex+0x512/0x640 [ 1649.960448][T32436] _copy_from_user+0x2e/0xd0 [ 1649.960462][T32436] do_compat_fcntl64+0x39b/0x710 [ 1649.960475][T32436] ? __pfx_do_compat_fcntl64+0x10/0x10 [ 1649.960490][T32436] ? fput+0x70/0xf0 [ 1649.960500][T32436] ? ksys_write+0x1ac/0x250 [ 1649.960518][T32436] ? do_user_addr_fault+0x843/0x1370 [ 1649.960534][T32436] __do_fast_syscall_32+0xe8/0x680 [ 1649.960553][T32436] do_fast_syscall_32+0x32/0x80 [ 1649.960564][T32436] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1649.960578][T32436] RIP: 0023:0xf7f75579 [ 1649.960587][T32436] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1649.960598][T32436] RSP: 002b:00000000f544555c EFLAGS: 00000296 ORIG_RAX: 0000000000000037 [ 1649.960609][T32436] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000005 [ 1649.960616][T32436] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000 [ 1649.960623][T32436] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1649.960629][T32436] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1649.960636][T32436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1649.960650][T32436] [ 1653.546621][T32471] tipc: Enabling of bearer rejected, already enabled [ 1653.658901][T25260] usb 6-1: new high-speed USB device number 56 using dummy_hcd [ 1653.830523][T25260] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1653.834187][T25260] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 1653.838519][T25260] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1653.841967][T25260] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1653.848140][T32465] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1653.857926][T25260] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 1654.122381][T25260] usb 6-1: USB disconnect, device number 56 [ 1655.106068][T32511] binder: 32509:32511 ioctl 8008662c 80000240 returned -22 [ 1655.654421][ T40] audit: type=1326 audit(1766433282.482:25464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32516 comm="syz.3.6837" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1655.661202][ T40] audit: type=1326 audit(1766433282.492:25465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32516 comm="syz.3.6837" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1655.668096][ T40] audit: type=1326 audit(1766433282.492:25466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32516 comm="syz.3.6837" exe="/syz-executor" sig=0 arch=40000003 syscall=438 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1655.689786][ T40] audit: type=1326 audit(1766433282.492:25467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32516 comm="syz.3.6837" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1655.696229][ T40] audit: type=1326 audit(1766433282.492:25468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32516 comm="syz.3.6837" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 1656.268462][T32564] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6859'. [ 1656.282882][T32564] bond1 (unregistering): Released all slaves [ 1656.304575][T32567] netlink: 'syz.1.6860': attribute type 8 has an invalid length. [ 1656.340715][T32569] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6861'. [ 1656.442758][T32579] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6866'. [ 1656.455630][T32581] netlink: 'syz.2.6867': attribute type 12 has an invalid length. [ 1656.458208][T32581] netlink: 'syz.2.6867': attribute type 29 has an invalid length. [ 1656.461264][T32581] netlink: 'syz.2.6867': attribute type 8 has an invalid length. [ 1656.463755][T32581] netlink: 'syz.2.6867': attribute type 6 has an invalid length. [ 1656.466199][T32581] netlink: 228 bytes leftover after parsing attributes in process `syz.2.6867'. [ 1656.574374][T32586] sg_write: data in/out 49276/1 bytes for SCSI command 0x6-- guessing data in; [ 1656.574374][T32586] program syz.2.6869 not setting count and/or reply_len properly [ 1656.839310][T32599] tmpfs: Unknown parameter 'usrquota_block_hardlnmit' [ 1657.063438][ T40] audit: type=1326 audit(1766433283.892:25469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32604 comm="syz.2.6877" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1657.070323][ T40] audit: type=1326 audit(1766433283.892:25470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32604 comm="syz.2.6877" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1657.077178][ T40] audit: type=1326 audit(1766433283.892:25471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32604 comm="syz.2.6877" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1657.077218][ T40] audit: type=1326 audit(1766433283.892:25472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32604 comm="syz.2.6877" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1657.091092][ T40] audit: type=1326 audit(1766433283.892:25473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32604 comm="syz.2.6877" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000 [ 1657.540389][ T5950] Bluetooth: hci4: Unable to find connection with handle 0x0000 [ 1658.080972][T32635] sg_write: data in/out 32733/8 bytes for SCSI command 0xff-- guessing data in; [ 1658.080972][T32635] program syz.3.6888 not setting count and/or reply_len properly [ 1658.543926][T32649] IPVS: set_ctl: invalid protocol: 135 255.255.255.255:20002 [ 1659.668352][T32670] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1659.671321][T32670] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1659.745855][T32676] netlink: 80 bytes leftover after parsing attributes in process `syz.1.6907'. [ 1659.748706][T32676] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6907'. [ 1659.752774][T32676] geneve0: entered allmulticast mode [ 1659.835386][T32680] veth0: entered promiscuous mode [ 1659.840446][T32680] bond0: (slave vlan3): Enslaving as an active interface with an up link [ 1660.525935][T32695] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6916'. [ 1660.579749][ T5950] Bluetooth: hci2: Unable to find connection with handle 0x0000 [ 1660.671825][T32703] [ 1660.672583][T32703] ====================================================== [ 1660.674570][T32703] WARNING: possible circular locking dependency detected [ 1660.676558][T32703] syzkaller #0 Tainted: G L [ 1660.678566][T32703] ------------------------------------------------------ [ 1660.680614][T32703] syz.4.6920/32703 is trying to acquire lock: [ 1660.682353][T32703] ffff888025b75468 (&pipe->mutex){+.+.}-{4:4}, at: anon_pipe_write+0x15d/0x1bd0 [ 1660.684936][T32703] [ 1660.684936][T32703] but task is already holding lock: [ 1660.687026][T32703] ffff888028dc0948 (&sbi->pipe_mutex){+.+.}-{4:4}, at: autofs_notify_daemon+0x4a6/0xd60 [ 1660.690036][T32703] [ 1660.690036][T32703] which lock already depends on the new lock. [ 1660.690036][T32703] [ 1660.693291][T32703] [ 1660.693291][T32703] the existing dependency chain (in reverse order) is: [ 1660.696156][T32703] [ 1660.696156][T32703] -> #3 (&sbi->pipe_mutex){+.+.}-{4:4}: [ 1660.698415][T32703] __mutex_lock+0x1aa/0x1ca0 [ 1660.700143][T32703] autofs_notify_daemon+0x4a6/0xd60 [ 1660.702202][T32703] autofs_wait+0x10f3/0x1ac0 [ 1660.704081][T32703] autofs_mount_wait+0x132/0x3c0 [ 1660.706039][T32703] autofs_d_automount+0x4b2/0x960 [ 1660.708134][T32703] __traverse_mounts+0x1b9/0x830 [ 1660.709795][T32703] step_into_slowpath+0x772/0xf50 [ 1660.711533][T32703] path_lookupat+0x627/0xc40 [ 1660.713010][T32703] filename_lookup+0x224/0x5f0 [ 1660.714541][T32703] kern_path+0x35/0x50 [ 1660.715904][T32703] lookup_bdev+0xd8/0x280 [ 1660.717315][T32703] resume_store+0x1d6/0x490 [ 1660.718779][T32703] kobj_attr_store+0x58/0x80 [ 1660.720287][T32703] sysfs_kf_write+0xf2/0x150 [ 1660.721763][T32703] kernfs_fop_write_iter+0x3af/0x570 [ 1660.723460][T32703] vfs_write+0x7d3/0x11d0 [ 1660.724865][T32703] ksys_write+0x12a/0x250 [ 1660.726277][T32703] __do_fast_syscall_32+0xe8/0x680 [ 1660.727924][T32703] do_fast_syscall_32+0x32/0x80 [ 1660.729483][T32703] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1660.731465][T32703] [ 1660.731465][T32703] -> #2 (&of->mutex){+.+.}-{4:4}: [ 1660.733652][T32703] __mutex_lock+0x1aa/0x1ca0 [ 1660.735367][T32703] kernfs_seq_start+0x4f/0x2a0 [ 1660.737076][T32703] seq_read_iter+0x2c1/0x12d0 [ 1660.738690][T32703] kernfs_fop_read_iter+0x46c/0x610 [ 1660.740357][T32703] vfs_read+0x8bf/0xcf0 [ 1660.741731][T32703] ksys_read+0x12a/0x250 [ 1660.743184][T32703] __do_fast_syscall_32+0xe8/0x680 [ 1660.744798][T32703] do_fast_syscall_32+0x32/0x80 [ 1660.746362][T32703] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1660.748312][T32703] [ 1660.748312][T32703] -> #1 (&p->lock){+.+.}-{4:4}: [ 1660.750291][T32703] __mutex_lock+0x1aa/0x1ca0 [ 1660.751791][T32703] seq_read_iter+0xe1/0x12d0 [ 1660.753284][T32703] kernfs_fop_read_iter+0x46c/0x610 [ 1660.754946][T32703] copy_splice_read+0x618/0xc20 [ 1660.756574][T32703] do_splice_read+0x285/0x370 [ 1660.758074][T32703] splice_file_to_pipe+0x109/0x120 [ 1660.759704][T32703] do_sendfile+0x400/0xe50 [ 1660.761203][T32703] __ia32_sys_sendfile64+0x1d7/0x220 [ 1660.762902][T32703] __do_fast_syscall_32+0xe8/0x680 [ 1660.764521][T32703] do_fast_syscall_32+0x32/0x80 [ 1660.766075][T32703] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1660.768027][T32703] [ 1660.768027][T32703] -> #0 (&pipe->mutex){+.+.}-{4:4}: [ 1660.770156][T32703] __lock_acquire+0x1669/0x2890 [ 1660.771709][T32703] lock_acquire+0x179/0x330 [ 1660.773179][T32703] __mutex_lock+0x1aa/0x1ca0 [ 1660.774714][T32703] anon_pipe_write+0x15d/0x1bd0 [ 1660.776370][T32703] __kernel_write_iter+0x720/0xb10 [ 1660.777987][T32703] __kernel_write+0xf5/0x140 [ 1660.779478][T32703] autofs_notify_daemon+0x4db/0xd60 [ 1660.781126][T32703] autofs_wait+0x10f3/0x1ac0 [ 1660.782598][T32703] autofs_mount_wait+0x132/0x3c0 [ 1660.784316][T32703] autofs_d_automount+0x4b2/0x960 [ 1660.785912][T32703] __traverse_mounts+0x1b9/0x830 [ 1660.787490][T32703] step_into_slowpath+0x772/0xf50 [ 1660.789088][T32703] path_lookupat+0x627/0xc40 [ 1660.790569][T32703] filename_lookup+0x224/0x5f0 [ 1660.792102][T32703] kern_path+0x35/0x50 [ 1660.793508][T32703] lookup_bdev+0xd8/0x280 [ 1660.794968][T32703] resume_store+0x1d6/0x490 [ 1660.796473][T32703] kobj_attr_store+0x58/0x80 [ 1660.797955][T32703] sysfs_kf_write+0xf2/0x150 [ 1660.799446][T32703] kernfs_fop_write_iter+0x3af/0x570 [ 1660.801142][T32703] vfs_write+0x7d3/0x11d0 [ 1660.802553][T32703] ksys_write+0x12a/0x250 [ 1660.803989][T32703] __do_fast_syscall_32+0xe8/0x680 [ 1660.805623][T32703] do_fast_syscall_32+0x32/0x80 [ 1660.807180][T32703] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1660.809121][T32703] [ 1660.809121][T32703] other info that might help us debug this: [ 1660.809121][T32703] [ 1660.812099][T32703] Chain exists of: [ 1660.812099][T32703] &pipe->mutex --> &of->mutex --> &sbi->pipe_mutex [ 1660.812099][T32703] [ 1660.815611][T32703] Possible unsafe locking scenario: [ 1660.815611][T32703] [ 1660.817735][T32703] CPU0 CPU1 [ 1660.819355][T32703] ---- ---- [ 1660.820905][T32703] lock(&sbi->pipe_mutex); [ 1660.822236][T32703] lock(&of->mutex); [ 1660.824123][T32703] lock(&sbi->pipe_mutex); [ 1660.826149][T32703] lock(&pipe->mutex); [ 1660.827371][T32703] [ 1660.827371][T32703] *** DEADLOCK *** [ 1660.827371][T32703] [ 1660.829680][T32703] 5 locks held by syz.4.6920/32703: [ 1660.831200][T32703] #0: ffff888022258638 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 1660.833864][T32703] #1: ffff88802638a420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 1660.836465][T32703] #2: ffff88802408f088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 1660.839306][T32703] #3: ffff888040efb788 (kn->active#68){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 1660.842197][T32703] #4: ffff888028dc0948 (&sbi->pipe_mutex){+.+.}-{4:4}, at: autofs_notify_daemon+0x4a6/0xd60 [ 1660.845118][T32703] [ 1660.845118][T32703] stack backtrace: [ 1660.846842][T32703] CPU: 0 UID: 0 PID: 32703 Comm: syz.4.6920 Tainted: G L syzkaller #0 PREEMPT(full) [ 1660.846860][T32703] Tainted: [L]=SOFTLOCKUP [ 1660.846865][T32703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1660.846873][T32703] Call Trace: [ 1660.846878][T32703] [ 1660.846884][T32703] dump_stack_lvl+0x116/0x1f0 [ 1660.846902][T32703] print_circular_bug+0x275/0x340 [ 1660.846922][T32703] check_noncircular+0x146/0x160 [ 1660.846941][T32703] __lock_acquire+0x1669/0x2890 [ 1660.846953][T32703] ? __kasan_check_byte+0x13/0x50 [ 1660.846971][T32703] lock_acquire+0x179/0x330 [ 1660.846981][T32703] ? anon_pipe_write+0x15d/0x1bd0 [ 1660.846998][T32703] ? __pfx___might_resched+0x10/0x10 [ 1660.847014][T32703] ? rcu_is_watching+0x12/0xc0 [ 1660.847030][T32703] __mutex_lock+0x1aa/0x1ca0 [ 1660.847052][T32703] ? anon_pipe_write+0x15d/0x1bd0 [ 1660.847068][T32703] ? is_bpf_text_address+0x94/0x1a0 [ 1660.847083][T32703] ? kernel_text_address+0x8d/0x100 [ 1660.847095][T32703] ? anon_pipe_write+0x15d/0x1bd0 [ 1660.847111][T32703] ? unwind_get_return_address+0x59/0xa0 [ 1660.847126][T32703] ? __bfs+0x148/0x290 [ 1660.847141][T32703] ? __pfx___mutex_lock+0x10/0x10 [ 1660.847159][T32703] ? check_irq_usage+0xe8/0xbc0 [ 1660.847179][T32703] ? anon_pipe_write+0x15d/0x1bd0 [ 1660.847195][T32703] anon_pipe_write+0x15d/0x1bd0 [ 1660.847212][T32703] ? lockdep_unlock+0x64/0xd0 [ 1660.847225][T32703] ? __lock_acquire+0x12c2/0x2890 [ 1660.847235][T32703] ? __pfx_anon_pipe_write+0x10/0x10 [ 1660.847252][T32703] ? lock_acquire+0x179/0x330 [ 1660.847263][T32703] ? __pfx_anon_pipe_write+0x10/0x10 [ 1660.847278][T32703] __kernel_write_iter+0x720/0xb10 [ 1660.847294][T32703] ? __pfx___kernel_write_iter+0x10/0x10 [ 1660.847310][T32703] ? __mutex_lock+0x27b/0x1ca0 [ 1660.847326][T32703] ? __kernel_text_address+0xd/0x40 [ 1660.847338][T32703] ? autofs_notify_daemon+0x45a/0xd60 [ 1660.847352][T32703] __kernel_write+0xf5/0x140 [ 1660.847367][T32703] ? __pfx___kernel_write+0x10/0x10 [ 1660.847382][T32703] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1660.847402][T32703] autofs_notify_daemon+0x4db/0xd60 [ 1660.847415][T32703] ? __pfx_autofs_notify_daemon+0x10/0x10 [ 1660.847427][T32703] ? kernfs_fop_write_iter+0x3af/0x570 [ 1660.847443][T32703] ? vfs_write+0x7d3/0x11d0 [ 1660.847456][T32703] ? ksys_write+0x12a/0x250 [ 1660.847476][T32703] ? lockdep_init_map_type+0x5c/0x270 [ 1660.847487][T32703] ? lockdep_init_map_type+0x5c/0x270 [ 1660.847499][T32703] autofs_wait+0x10f3/0x1ac0 [ 1660.847512][T32703] ? __pfx_autofs_wait+0x10/0x10 [ 1660.847523][T32703] ? __pfx_path_check_mount+0x10/0x10 [ 1660.847534][T32703] ? find_held_lock+0x2b/0x80 [ 1660.847548][T32703] ? path_has_submounts+0xcf/0x120 [ 1660.847561][T32703] ? do_raw_spin_unlock+0x172/0x230 [ 1660.847573][T32703] ? find_held_lock+0x2b/0x80 [ 1660.847587][T32703] autofs_mount_wait+0x132/0x3c0 [ 1660.847599][T32703] autofs_d_automount+0x4b2/0x960 [ 1660.847611][T32703] __traverse_mounts+0x1b9/0x830 [ 1660.847623][T32703] step_into_slowpath+0x772/0xf50 [ 1660.847638][T32703] ? __up_read+0x2d1/0x700 [ 1660.847649][T32703] ? __pfx_step_into_slowpath+0x10/0x10 [ 1660.847664][T32703] ? __lookup_slow+0x420/0x460 [ 1660.847677][T32703] path_lookupat+0x627/0xc40 [ 1660.847692][T32703] filename_lookup+0x224/0x5f0 [ 1660.847707][T32703] ? __pfx_filename_lookup+0x10/0x10 [ 1660.847726][T32703] ? getname_kernel+0x52/0x370 [ 1660.847736][T32703] ? __asan_memcpy+0x3c/0x60 [ 1660.847750][T32703] kern_path+0x35/0x50 [ 1660.847764][T32703] lookup_bdev+0xd8/0x280 [ 1660.847775][T32703] ? __pfx_lookup_bdev+0x10/0x10 [ 1660.847785][T32703] ? __asan_memcpy+0x3c/0x60 [ 1660.847799][T32703] resume_store+0x1d6/0x490 [ 1660.847812][T32703] ? __pfx_resume_store+0x10/0x10 [ 1660.847826][T32703] ? find_held_lock+0x2b/0x80 [ 1660.847840][T32703] ? __pfx_resume_store+0x10/0x10 [ 1660.847854][T32703] kobj_attr_store+0x58/0x80 [ 1660.847870][T32703] ? __pfx_kobj_attr_store+0x10/0x10 [ 1660.847888][T32703] sysfs_kf_write+0xf2/0x150 [ 1660.847899][T32703] kernfs_fop_write_iter+0x3af/0x570 [ 1660.847915][T32703] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1660.847926][T32703] vfs_write+0x7d3/0x11d0 [ 1660.847941][T32703] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1660.847958][T32703] ? __pfx_vfs_write+0x10/0x10 [ 1660.847972][T32703] ? find_held_lock+0x2b/0x80 [ 1660.847989][T32703] ksys_write+0x12a/0x250 [ 1660.848005][T32703] ? __pfx_ksys_write+0x10/0x10 [ 1660.848021][T32703] __do_fast_syscall_32+0xe8/0x680 [ 1660.848040][T32703] do_fast_syscall_32+0x32/0x80 [ 1660.848058][T32703] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1660.848073][T32703] RIP: 0023:0xf703d579 [ 1660.848084][T32703] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1660.848096][T32703] RSP: 002b:00000000f542d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 1660.848108][T32703] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 1660.848115][T32703] RDX: 0000000000000012 RSI: 0000000000000000 RDI: 0000000000000000 [ 1660.848122][T32703] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1660.848128][T32703] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1660.848136][T32703] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1660.848146][T32703] [ 1661.487332][T32703] PM: Image not found (code -22)