last executing test programs: 1.353780256s ago: executing program 2 (id=853): sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x2000c044) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) close(r2) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f00000006c0)=ANY=[@ANYBLOB="b40800000000000073114100000000008510000002000000b7000000000000009500c2000000000095000012000000000e09b9445761db3ed82f7be4b9f1628b9a5c40384cb45e62e827e611f21a01a76f66f616553959b478ad3c46bb20e558783b21dd5307760617deec8b1b75c00853ee69e33ba2c01c28950365dd46fcc9f2ac6d20197fd68292e8445824f49b6fba41a316e13e462e31ca00d2622d56318d78e271d364329e7ae732bf8dade587bb30d67e23f78662621b74aabfd8eaf399893bab50fed33101f5a1085f991877907bd6117db675155932860499977f7384a8d94e810492c284fc7cc784ed942bf11d72897a7896f5f8c957984312e9d39eaa478a3065afd52404cb058b"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) close(r4) bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r3, 0x0, 0x0}, 0x10) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r4, r3, 0x4, r3}, 0x10) 1.35342729s ago: executing program 2 (id=856): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000009f00), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r1, &(0x7f000000a340)={&(0x7f000000a140)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f000000a300)={&(0x7f000000a180)={0x84, r0, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x64, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0302}}, @NL802154_DEVKEY_ATTR_ID={0x2c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x4}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x40}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x4}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xa6b7}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x371f}, @NL802154_DEVKEY_ATTR_ID={0x4}, @NL802154_DEVKEY_ATTR_ID={0x1c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x2}]}]}]}, 0x84}}, 0x4000050) 1.292516949s ago: executing program 2 (id=859): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWSETELEM={0x18, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0xfffe}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x4}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x40}}, 0x0) 1.292114524s ago: executing program 2 (id=861): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f00000002c0)={0x1, [0x0]}, &(0x7f0000000300)=0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000000c0)={r2, 0x8}, &(0x7f00000002c0)=0x8) 1.23359313s ago: executing program 1 (id=864): socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000d80)={0x24, 0x2c, 0x1, 0x0, 0x0, "", [@nested={0x4}, @nested={0x10, 0xc, 0x0, 0x1, [@typed={0xc, 0x7a, 0x0, 0x0, @u64=0xff}]}]}, 0x24}], 0x1}, 0x0) r1 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40) r2 = socket$netlink(0x10, 0x3, 0x0) syz_emit_ethernet(0x3e, 0x0, 0x0) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r4 = openat$cgroup_devices(r3, 0x0, 0x2, 0x0) write$cgroup_devices(r4, 0x0, 0xb) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_mreqsrc(r1, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc) 1.163682582s ago: executing program 0 (id=866): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWSET={0x20, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x48}}, 0x0) 1.163289548s ago: executing program 1 (id=867): openat$dsp(0xffffffffffffff9c, 0x0, 0x101, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = socket(0x2b, 0x1, 0x1) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000180)={@private0, 0x8000000, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x8000000, 0x0, 0xff, 0x3}, 0x20) bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000140)={0x28, 0x0, 0x2710}, 0x10) r5 = socket$pppl2tp(0x18, 0x1, 0x1) r6 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r5, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32) writev(r5, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x1fffa2}], 0x1) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000800000000000000000850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x40060c4}, 0x0) r8 = socket$inet_udp(0x2, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x5, 0x7, 0x7ffc1ffb}]}) r9 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r9, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r8, {0x2, 0x0, @rand_addr=0x64010100}, 0xb}}, 0x26) sendmmsg$inet(r9, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040) r10 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r10, &(0x7f0000000180)={0x1a, 0x0, 0x2, 0x3d, 0x0, 0x0, @random="48164953c468"}, 0x10) sendmmsg(r10, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 1.163059706s ago: executing program 0 (id=868): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000009f00), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(0xffffffffffffffff, &(0x7f000000a340)={&(0x7f000000a140)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f000000a300)={&(0x7f000000a180)={0x84, r0, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x64, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0302}}, @NL802154_DEVKEY_ATTR_ID={0x2c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x4}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x40}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x4}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xa6b7}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x371f}, @NL802154_DEVKEY_ATTR_ID={0x4}, @NL802154_DEVKEY_ATTR_ID={0x1c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x2}]}]}]}, 0x84}}, 0x4000050) 1.108328223s ago: executing program 0 (id=869): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1100000015000100000000000000890002"], 0x24}}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r1 = socket$unix(0x1, 0x5, 0x0) bind$unix(r1, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r1, 0x3f) ppoll(&(0x7f00000003c0)=[{r1, 0x8100}], 0x1, &(0x7f0000000440), 0x0, 0x0) r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) bind$ax25(r2, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x8a) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="9500000000f6ff00000000000000000085100000feffffff95000000000000007a166228546b837f04e252b44efb30d913d9f1e2dc0569066f0c9ab1a9eaaad8d0335333f7f8bdd2380c87cbaf3cf159c152c77ecdce83914ea5ff88b1a6379bba56443504c98270b373e59012ecae82ff7a333a00167180bd590844127badbbb34030254f7cd0b72caedc472865e0729fb6788e08bd6f660f95de6d7fc1252929874c7bb64cfe96935f0045e8ebf196d73f7386b3409b60aa5b747ca3ce"], &(0x7f0000000280)='GPL\x00', 0x4, 0xdf, &(0x7f00000002c0)=""/223, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0xc, 0x0, 0x2, 0x10, &(0x7f00000004c0), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r4 = syz_init_net_socket$ax25(0x3, 0x3, 0x7) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x1c, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_PEER_GET(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x38, r6, 0x30d, 0x0, 0x0, {}, [@TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0xffffffffffffff93}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}]}]}, 0x38}}, 0x0) r7 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r7, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000200), 0x4) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007"], 0x98}}, 0x0) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002800)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, 0x2, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x8094}, 0x4) bind$ax25(r4, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48) rmdir(&(0x7f0000000000)='./file0\x00') r10 = open_tree(0xffffffffffffffff, &(0x7f0000000280)='\x00', 0x89901) move_mount(r10, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 973.349145ms ago: executing program 0 (id=870): ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r0}, 0x10) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) tee(r2, r1, 0x80000001, 0x0) vmsplice(r3, &(0x7f0000000380)=[{&(0x7f0000013580)='\r', 0x1}], 0x1, 0x0) 973.182407ms ago: executing program 3 (id=871): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'}) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000200)={0x0, 0x220000, 0x1000, 0x32, 0x2}, 0x20) 930.162837ms ago: executing program 1 (id=872): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) prlimit64(0x0, 0x7, &(0x7f0000000440), 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000400)='ext4_ext_show_extent\x00', r1}, 0x18) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='percpu_alloc_percpu\x00', r0}, 0x10) r3 = fanotify_init(0x0, 0x0) r4 = epoll_create1(0x0) r5 = fcntl$dupfd(r4, 0x2, 0xffffffffffffffff) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r6, r5, 0x2) fanotify_mark(r3, 0x11, 0x48000038, r5, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x86) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='percpu_alloc_percpu\x00', r7}, 0x10) close(r2) r8 = add_key$keyring(&(0x7f0000000380), &(0x7f00000003c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffff8) add_key$fscrypt_provisioning(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x2}, &(0x7f0000000340)={0x97c1f45889a9458b, 0x0, @c}, 0x29, r8) 916.569276ms ago: executing program 1 (id=873): socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$nl_netfilter(0x10, 0x3, 0xc) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) keyctl$setperm(0x5, 0x0, 0x0) lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) socket$pptp(0x18, 0x1, 0x2) r2 = socket(0x2b, 0x3, 0x1) setsockopt$inet_int(r2, 0x0, 0xd, 0x0, 0xffffffffffffff83) r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r3, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, 0x0, &(0x7f0000000140)) getpeername(0xffffffffffffffff, 0x0, &(0x7f0000001180)) syz_open_dev$tty20(0xc, 0x4, 0x0) syz_io_uring_setup(0x5e2, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_open_dev$vim2m(0x0, 0x0, 0x2) socket$inet_sctp(0x2, 0x5, 0x84) 916.260415ms ago: executing program 3 (id=874): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1100000015000100000000000000890002"], 0x24}}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r1 = socket$unix(0x1, 0x5, 0x0) bind$unix(r1, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r1, 0x3f) ppoll(&(0x7f00000003c0)=[{r1, 0x8100}], 0x1, &(0x7f0000000440), 0x0, 0x0) r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) bind$ax25(r2, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x8a) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="9500000000f6ff00000000000000000085100000feffffff95000000000000007a166228546b837f04e252b44efb30d913d9f1e2dc0569066f0c9ab1a9eaaad8d0335333f7f8bdd2380c87cbaf3cf159c152c77ecdce83914ea5ff88b1a6379bba56443504c98270b373e59012ecae82ff7a333a00167180bd590844127badbbb34030254f7cd0b72caedc472865e0729fb6788e08bd6f660f95de6d7fc1252929874c7bb64cfe96935f0045e8ebf196d73f7386b3409b60aa5b747ca3ce"], &(0x7f0000000280)='GPL\x00', 0x4, 0xdf, &(0x7f00000002c0)=""/223, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0xc, 0x0, 0x2, 0x10, &(0x7f00000004c0), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r4 = syz_init_net_socket$ax25(0x3, 0x3, 0x7) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x1c, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_PEER_GET(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x38, r6, 0x30d, 0x0, 0x0, {}, [@TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0xffffffffffffff93}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}]}]}, 0x38}}, 0x0) r7 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r7, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000200), 0x4) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007"], 0x98}}, 0x0) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002800)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, 0x2, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x8094}, 0x4) bind$ax25(r4, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48) rmdir(&(0x7f0000000000)='./file0\x00') r10 = open_tree(0xffffffffffffffff, &(0x7f0000000280)='\x00', 0x89901) move_mount(r10, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 876.970507ms ago: executing program 0 (id=875): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = openat$binfmt_register(0xffffff9c, &(0x7f0000000000), 0x1, 0x0) write$binfmt_register(r0, &(0x7f0000000040)={0x3a, 'syz2', 0x3a, 'M', 0x3a, 0x5, 0x3a, '\\x{@[', 0x3a, '', 0x3a, './file0'}, 0x2c) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000140), &(0x7f0000000180)=0x30) openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = socket$inet(0x2, 0x2, 0x1) setsockopt$inet_int(r6, 0x0, 0xf, &(0x7f0000000000)=0xfffffffc, 0x4) bind$inet(r6, &(0x7f00000000c0)={0x2, 0x4e1e, @rand_addr=0x64010102}, 0x10) syz_io_uring_setup(0x7c45, &(0x7f0000000080)={0x0, 0x20, 0x13100, 0x0, 0xfffffffc}, 0x0, 0x0) r7 = syz_io_uring_setup(0x117, &(0x7f0000000100), &(0x7f0000000280)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4) syz_io_uring_submit(r8, r9, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0xc}) io_uring_enter(r7, 0x47f6, 0x0, 0x0, 0x0, 0x0) 868.223028ms ago: executing program 3 (id=876): inotify_init1(0x0) r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f00000001c0)={0x0, 0x2, 0x7, 0x93, 0x9206, 0x100, 0x95, 0x2, {0x0, @in={{0x2, 0x4e20, @empty}}, 0x6, 0xb, 0x9, 0x3, 0xd}}, &(0x7f0000000140)=0xb0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000002c0)={r1, @in={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x3}, &(0x7f0000000380)=0x88) r2 = openat$null(0xffffffffffffff9c, 0x0, 0x1, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) llistxattr(0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'batadv_slave_0\x00'}) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14) setsockopt$inet6_IPV6_PKTINFO(r4, 0x29, 0x32, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @loopback}, r6}, 0x14) socket$alg(0x26, 0x5, 0x0) r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0) mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) write$P9_RSTATu(0xffffffffffffffff, &(0x7f00000004c0)={0x232, 0x7d, 0x0, {{0x500, 0xf1, 0x0, 0x5000000, {}, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x04nodev{cvfox%\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\xce\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\"\x00}\xfag>\xff\xeb\t\xb51\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00/\xa9Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x01\x00\x00\x00', 0x12, '\xcf\xb6\x00'/18, 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x232) r8 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0) r9 = gettid() fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) tkill(r9, 0xb) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, 0x0) close_range(r7, 0xffffffffffffffff, 0x0) read$FUSE(r3, &(0x7f0000001280)={0x2020}, 0x2020) 703.281779ms ago: executing program 3 (id=877): r0 = openat$btrfs_control(0xffffff9c, &(0x7f0000000000), 0x100, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x40043311) r1 = syz_open_dev$MSR(0x0, 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r2, 0x50009405, &(0x7f0000000480)) prctl$PR_SCHED_CORE(0x3e, 0x80000000000001, 0x0, 0x2, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x1061413, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) syz_open_dev$radio(0x0, 0x0, 0x2) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x3000001d}) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), 0xffffffffffffffff) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYRESHEX=r2, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d6163766c616e000c0002808800e285fc4f0f6b0f61632134a5d999f00a9d1f03f43ddf56c2a32dc05704000000000000", @ANYRESOCT=r3], 0x3c}}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188) mount(&(0x7f0000000000)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='iso9660\x00', 0x0, 0x0) r5 = syz_open_dev$vcsu(&(0x7f0000000080), 0x4, 0x40) accept4$unix(r5, &(0x7f0000000140), &(0x7f0000000280)=0x6e, 0x0) capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)) getsockopt$IP_VS_SO_GET_INFO(r4, 0x0, 0x481, &(0x7f00000002c0), &(0x7f0000000300)=0xc) ioctl$IOMMU_VFIO_GET_API_VERSION(r0, 0x3b64) ioctl$VIDIOC_G_FREQUENCY(r5, 0xc02c5638, &(0x7f0000000200)={0xfffffff1, 0x5, 0x3}) 374.033402ms ago: executing program 2 (id=878): ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000080)={0x0, 'batadv0\x00', {0x8}, 0x1}) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r2}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0) r3 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000080)={'dummy0\x00'}) socket$inet(0x2, 0x8000b, 0x8) r4 = socket$kcm(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r4, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0xb}}) 247.625592ms ago: executing program 3 (id=879): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1100000015000100000000000000890002"], 0x24}}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r1 = socket$unix(0x1, 0x5, 0x0) bind$unix(r1, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r1, 0x3f) ppoll(&(0x7f00000003c0)=[{r1, 0x8100}], 0x1, &(0x7f0000000440), 0x0, 0x0) r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) bind$ax25(r2, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x8a) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="9500000000f6ff00000000000000000085100000feffffff95000000000000007a166228546b837f04e252b44efb30d913d9f1e2dc0569066f0c9ab1a9eaaad8d0335333f7f8bdd2380c87cbaf3cf159c152c77ecdce83914ea5ff88b1a6379bba56443504c98270b373e59012ecae82ff7a333a00167180bd590844127badbbb34030254f7cd0b72caedc472865e0729fb6788e08bd6f660f95de6d7fc1252929874c7bb64cfe96935f0045e8ebf196d73f7386b3409b60aa5b747ca3ce"], &(0x7f0000000280)='GPL\x00', 0x4, 0xdf, &(0x7f00000002c0)=""/223, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0xc, 0x0, 0x2, 0x10, &(0x7f00000004c0), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r4 = syz_init_net_socket$ax25(0x3, 0x3, 0x7) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x1c, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_PEER_GET(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x38, r6, 0x30d, 0x0, 0x0, {}, [@TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0xffffffffffffff93}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}]}]}, 0x38}}, 0x0) r7 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r7, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000200), 0x4) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007"], 0x98}}, 0x0) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002800)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, 0x2, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x8094}, 0x4) bind$ax25(r4, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) r10 = open_tree(0xffffffffffffffff, &(0x7f0000000280)='\x00', 0x89901) move_mount(r10, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 192.561724ms ago: executing program 2 (id=880): openat$dsp(0xffffffffffffff9c, 0x0, 0x101, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) socket(0x2b, 0x1, 0x1) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000180)={@private0, 0x8000000, 0x0, 0xff, 0x1}, 0x20) r4 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r4, &(0x7f0000000140)={0x28, 0x0, 0x2710}, 0x10) r5 = socket$pppl2tp(0x18, 0x1, 0x1) r6 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r5, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32) writev(r5, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x1fffa2}], 0x1) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000800000000000000000850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x40060c4}, 0x0) r8 = socket$inet_udp(0x2, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x5, 0x7, 0x7ffc1ffb}]}) r9 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r9, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r8, {0x2, 0x0, @rand_addr=0x64010100}, 0xb}}, 0x26) sendmmsg$inet(r9, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040) r10 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r10, &(0x7f0000000180)={0x1a, 0x0, 0x2, 0x3d, 0x0, 0x0, @random="48164953c468"}, 0x10) sendmmsg(r10, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 96.697596ms ago: executing program 3 (id=881): syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=0x0, &(0x7f00000001c0)=0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 77.250177ms ago: executing program 1 (id=882): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'}) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000200)={0x0, 0x220000, 0x1000, 0x32, 0x2}, 0x20) 2.380082ms ago: executing program 1 (id=883): ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r0}, 0x10) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) tee(r2, r1, 0x80000001, 0x0) vmsplice(r3, &(0x7f0000000380)=[{&(0x7f0000013580)='\r', 0x1}], 0x1, 0x0) 0s ago: executing program 0 (id=884): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) prlimit64(0x0, 0x7, &(0x7f0000000440), 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000400)='ext4_ext_show_extent\x00', r1}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='percpu_alloc_percpu\x00', r0}, 0x10) kernel console output (not intermixed with test programs): =1326 audit(1736977822.975:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6815 comm="syz.2.203" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 76.744265][ T40] audit: type=1326 audit(1736977822.975:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6815 comm="syz.2.203" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 76.752265][ T40] audit: type=1326 audit(1736977822.975:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6815 comm="syz.2.203" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 76.758510][ T40] audit: type=1326 audit(1736977822.975:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6815 comm="syz.2.203" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 76.764537][ T40] audit: type=1326 audit(1736977822.975:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6815 comm="syz.2.203" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 76.770473][ T40] audit: type=1326 audit(1736977822.985:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6815 comm="syz.2.203" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 77.124261][ T5953] Bluetooth: hci3: command 0x0405 tx timeout [ 77.542709][ T5312] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 78.304240][ T8] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 78.664235][ T30] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 78.774183][ T8] usb 8-1: device descriptor read/64, error -71 [ 78.838900][ T30] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 78.841552][ T30] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 78.843860][ T30] usb 7-1: Product: syz [ 78.845467][ T30] usb 7-1: Manufacturer: syz [ 78.846920][ T30] usb 7-1: SerialNumber: syz [ 78.851266][ T30] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 78.878854][ T30] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 79.024182][ T8] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 79.164193][ T8] usb 8-1: device descriptor read/64, error -71 [ 79.277277][ T8] usb usb8-port1: attempt power cycle [ 79.614176][ T8] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 79.644602][ T8] usb 8-1: device descriptor read/8, error -71 [ 79.924243][ T8] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 79.946090][ T8] usb 8-1: device descriptor read/8, error -71 [ 80.054297][ T8] usb usb8-port1: unable to enumerate USB device [ 80.074177][ T6005] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 80.134321][ T30] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 80.136843][ T30] ath9k_htc: Failed to initialize the device [ 80.224218][ T6005] usb 6-1: Using ep0 maxpacket: 8 [ 80.227710][ T6005] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 80.230088][ T6005] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 80.233232][ T6005] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 80.236341][ T6005] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 80.239431][ T6005] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 80.242371][ T6005] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 80.247800][ T6005] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 80.250582][ T6005] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.255818][ T6005] usbtmc 6-1:16.0: probe with driver usbtmc failed with error -22 [ 80.660362][ T30] usb 7-1: ath9k_htc: USB layer deinitialized [ 81.038307][ T833] cfg80211: failed to load regulatory.db [ 81.049367][ T6868] sg_write: data in/out 83886044/14 bytes for SCSI command 0x0-- guessing data in; [ 81.049367][ T6868] program syz.2.214 not setting count and/or reply_len properly [ 81.055475][ T6868] netlink: 76 bytes leftover after parsing attributes in process `syz.2.214'. [ 81.753414][ T6889] netlink: 4 bytes leftover after parsing attributes in process `syz.0.223'. [ 82.108948][ T6892] Bluetooth: MGMT ver 1.23 [ 82.137991][ T6892] sp0: Synchronizing with TNC [ 82.498385][ T833] usb 7-1: USB disconnect, device number 7 [ 82.653300][ T6899] netlink: 8 bytes leftover after parsing attributes in process `syz.2.226'. [ 82.657634][ T6899] nbd: socks must be embedded in a SOCK_ITEM attr [ 82.689059][ T6899] netlink: 16 bytes leftover after parsing attributes in process `syz.2.226'. [ 82.695111][ T6901] binder: 6900:6901 ioctl c0306201 20000680 returned -14 [ 82.756530][ T40] kauditd_printk_skb: 47 callbacks suppressed [ 82.756544][ T40] audit: type=1326 audit(1736977829.035:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.0.225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 82.769862][ T40] audit: type=1326 audit(1736977829.045:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.0.225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 82.780153][ T40] audit: type=1326 audit(1736977829.045:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.0.225" exe="/syz-executor" sig=0 arch=40000003 syscall=138 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 82.788982][ T40] audit: type=1326 audit(1736977829.045:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.0.225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 82.801592][ T40] audit: type=1326 audit(1736977829.045:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.0.225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 82.809473][ T40] audit: type=1326 audit(1736977829.045:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.0.225" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 82.817079][ T40] audit: type=1326 audit(1736977829.045:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.0.225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 82.823190][ T40] audit: type=1326 audit(1736977829.045:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.0.225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 82.829461][ T40] audit: type=1326 audit(1736977829.045:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.0.225" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 82.838937][ T40] audit: type=1326 audit(1736977829.045:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.0.225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 82.848180][ T6005] usb 6-1: USB disconnect, device number 4 [ 83.288538][ T6925] netlink: 24 bytes leftover after parsing attributes in process `syz.3.232'. [ 83.296533][ T6925] netlink: 4 bytes leftover after parsing attributes in process `syz.3.232'. [ 83.349522][ T6930] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 83.588057][ T6937] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 84.257241][ T6941] netlink: 28 bytes leftover after parsing attributes in process `syz.0.237'. [ 84.260170][ T6941] netlink: 28 bytes leftover after parsing attributes in process `syz.0.237'. [ 84.487296][ T6941] erspan0: entered promiscuous mode [ 84.492197][ T6941] batadv_slave_1: entered promiscuous mode [ 84.564791][ T6949] Bluetooth: (null): Non-link packet received in non-active state [ 84.871657][ T6959] random: crng reseeded on system resumption [ 85.095795][ T6965] netlink: 'syz.1.244': attribute type 15 has an invalid length. [ 85.098142][ T6965] netlink: 666 bytes leftover after parsing attributes in process `syz.1.244'. [ 85.378318][ T6992] netlink: 4 bytes leftover after parsing attributes in process `syz.3.253'. [ 85.397132][ T6994] vivid-001: disconnect [ 85.398689][ T6993] vivid-001: reconnect [ 85.433378][ T7001] ======================================================= [ 85.433378][ T7001] WARNING: The mand mount option has been deprecated and [ 85.433378][ T7001] and is ignored by this kernel. Remove the mand [ 85.433378][ T7001] option from the mount to silence this warning. [ 85.433378][ T7001] ======================================================= [ 85.446629][ T7001] syz.0.255: attempt to access beyond end of device [ 85.446629][ T7001] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0 [ 85.462425][ T7001] syz.0.255: attempt to access beyond end of device [ 85.462425][ T7001] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0 [ 86.201025][ T6992] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 86.821139][ T7047] __nla_validate_parse: 2 callbacks suppressed [ 86.821154][ T7047] netlink: 28 bytes leftover after parsing attributes in process `syz.1.264'. [ 86.827777][ T7047] netlink: 8 bytes leftover after parsing attributes in process `syz.1.264'. [ 86.880039][ T7050] netlink: 8 bytes leftover after parsing attributes in process `syz.1.264'. [ 86.890239][ T7050] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.895592][ T7050] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.010022][ T7061] netlink: 4 bytes leftover after parsing attributes in process `syz.0.269'. [ 87.080807][ C0] dccp_check_seqno: Step 6 failed for CLOSE packet, (LSWL(236130682262278) <= P.seqno(236130682262277) <= S.SWH(236130682262352)) and (P.ackno exists or LAWL(12710255599619) <= P.ackno(12710255599619) <= S.AWH(12710255599619), sending SYNC... [ 87.415712][ T7080] netlink: 'syz.0.274': attribute type 1 has an invalid length. [ 87.418050][ T7080] netlink: 220 bytes leftover after parsing attributes in process `syz.0.274'. [ 87.444364][ T8] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 87.611403][ T8] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 87.614553][ T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 87.617474][ T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 87.620240][ T8] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 87.624892][ T8] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 87.627579][ T8] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 87.629898][ T8] usb 6-1: Manufacturer: syz [ 87.632075][ T8] usb 6-1: config 0 descriptor?? [ 88.166132][ T8] appleir 0003:05AC:8243.0002: unknown main item tag 0x0 [ 88.168724][ T8] appleir 0003:05AC:8243.0002: No inputs registered, leaving [ 88.176575][ T8] appleir 0003:05AC:8243.0002: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 88.306771][ T40] kauditd_printk_skb: 104 callbacks suppressed [ 88.306838][ T40] audit: type=1326 audit(1736977834.585:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7074 comm="syz.1.273" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x0 [ 88.617639][ T40] audit: type=1326 audit(1736977834.895:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7105 comm="syz.2.280" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x0 [ 88.725337][ T7107] netlink: 12 bytes leftover after parsing attributes in process `syz.2.280'. [ 89.322779][ T7120] capability: warning: `syz.0.284' uses deprecated v2 capabilities in a way that may be insecure [ 89.384791][ T8] usb 6-1: reset high-speed USB device number 5 using dummy_hcd [ 90.051039][ T5312] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 90.053566][ T5312] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 90.282156][ T7134] block device autoloading is deprecated and will be removed. [ 90.373592][ T7133] md2: using deprecated bitmap file support [ 90.375785][ T7133] md2: error: bitmap file must be a regular file [ 90.402915][ T77] IPVS: starting estimator thread 0... [ 90.494915][ T7138] IPVS: using max 20 ests per chain, 48000 per kthread [ 90.548335][ T7150] syz_tun: entered allmulticast mode [ 90.551663][ T7149] syz_tun: left allmulticast mode [ 90.572730][ T5312] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 90.575796][ T5312] CPU: 2 UID: 0 PID: 5312 Comm: kworker/u33:1 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 90.579946][ T5312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.583120][ T5312] Workqueue: hci2 hci_rx_work [ 90.584536][ T5312] Call Trace: [ 90.585510][ T5312] [ 90.586416][ T5312] dump_stack_lvl+0x16c/0x1f0 [ 90.587796][ T5312] sysfs_warn_dup+0x7f/0xa0 [ 90.589124][ T5312] sysfs_create_dir_ns+0x24d/0x2b0 [ 90.590614][ T5312] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 90.592318][ T5312] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 90.593879][ T5312] ? kobject_add_internal+0x12d/0x990 [ 90.595446][ T5312] ? do_raw_spin_unlock+0x172/0x230 [ 90.596962][ T5312] kobject_add_internal+0x2c8/0x990 [ 90.598473][ T5312] kobject_add+0x16f/0x240 [ 90.599813][ T5312] ? __pfx_kobject_add+0x10/0x10 [ 90.601284][ T5312] ? class_to_subsys+0x3e/0x160 [ 90.602730][ T5312] ? do_raw_spin_unlock+0x172/0x230 [ 90.604245][ T5312] ? kobject_put+0xab/0x5a0 [ 90.605800][ T5312] device_add+0x289/0x1a70 [ 90.607122][ T5312] ? __pfx_dev_set_name+0x10/0x10 [ 90.608608][ T5312] ? __pfx_device_add+0x10/0x10 [ 90.610027][ T5312] ? mgmt_send_event_skb+0x2f2/0x460 [ 90.611580][ T5312] hci_conn_add_sysfs+0x17e/0x230 [ 90.613055][ T5312] le_conn_complete_evt+0xfce/0x1d10 [ 90.614600][ T5312] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 90.616272][ T5312] ? __mutex_lock+0x1cc/0xa60 [ 90.617660][ T5312] hci_le_conn_complete_evt+0x23c/0x370 [ 90.619262][ T5312] hci_le_meta_evt+0x2e2/0x5d0 [ 90.620678][ T5312] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 90.622480][ T5312] hci_event_packet+0x666/0x1190 [ 90.623934][ T5312] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 90.625489][ T5312] ? __pfx_hci_event_packet+0x10/0x10 [ 90.627061][ T5312] ? mark_held_locks+0x9f/0xe0 [ 90.628483][ T5312] ? kcov_remote_start+0x3cf/0x6e0 [ 90.629965][ T5312] ? lockdep_hardirqs_on+0x7c/0x110 [ 90.631473][ T5312] hci_rx_work+0x2c5/0x16b0 [ 90.632808][ T5312] ? process_one_work+0x8bb/0x1b30 [ 90.634292][ T5312] process_one_work+0x958/0x1b30 [ 90.635736][ T5312] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 90.637367][ T5312] ? __pfx_process_one_work+0x10/0x10 [ 90.638921][ T5312] ? rcu_is_watching+0x12/0xc0 [ 90.640325][ T5312] ? assign_work+0x1a0/0x250 [ 90.641716][ T5312] worker_thread+0x6c8/0xf00 [ 90.643061][ T5312] ? __pfx_worker_thread+0x10/0x10 [ 90.644547][ T5312] kthread+0x2c1/0x3a0 [ 90.645730][ T5312] ? _raw_spin_unlock_irq+0x23/0x50 [ 90.647253][ T5312] ? __pfx_kthread+0x10/0x10 [ 90.648619][ T5312] ret_from_fork+0x45/0x80 [ 90.649910][ T5312] ? __pfx_kthread+0x10/0x10 [ 90.651253][ T5312] ret_from_fork_asm+0x1a/0x30 [ 90.652669][ T5312] [ 90.654249][ T5312] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 90.658239][ T5312] Bluetooth: hci2: failed to register connection device [ 90.778486][ T7130] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 91.060529][ T7167] FAULT_INJECTION: forcing a failure. [ 91.060529][ T7167] name failslab, interval 1, probability 0, space 0, times 0 [ 91.064431][ T7167] CPU: 0 UID: 0 PID: 7167 Comm: syz.3.296 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 91.067451][ T7167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 91.070512][ T7167] Call Trace: [ 91.071501][ T7167] [ 91.072365][ T7167] dump_stack_lvl+0x16c/0x1f0 [ 91.073728][ T7167] should_fail_ex+0x497/0x5b0 [ 91.075130][ T7167] ? fs_reclaim_acquire+0xae/0x150 [ 91.076628][ T7167] should_failslab+0xc2/0x120 [ 91.078002][ T7167] __kmalloc_node_track_caller_noprof+0xcf/0x520 [ 91.079824][ T7167] ? kstrdup_const+0x63/0x80 [ 91.081161][ T7167] kstrdup+0x42/0xb0 [ 91.082296][ T7167] kstrdup_const+0x63/0x80 [ 91.083594][ T7167] __kernfs_new_node+0x9c/0x890 [ 91.084975][ T7167] ? hlock_class+0x4e/0x130 [ 91.086315][ T7167] ? __pfx___kernfs_new_node+0x10/0x10 [ 91.087900][ T7167] ? map_id_range_down+0x2bb/0x3a0 [ 91.089368][ T7167] ? __pfx_map_id_range_down+0x10/0x10 [ 91.090927][ T7167] ? __pfx___lock_acquire+0x10/0x10 [ 91.092429][ T7167] ? __switch_to+0x749/0x1190 [ 91.093790][ T7167] kernfs_new_node+0x186/0x240 [ 91.095354][ T7167] ? net_ns_get_ownership+0xf8/0x1b0 [ 91.096919][ T7167] kernfs_create_dir_ns+0x4c/0x150 [ 91.098380][ T7167] sysfs_create_dir_ns+0x13b/0x2b0 [ 91.099857][ T7167] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 91.101463][ T7167] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 91.103010][ T7167] ? kobject_add_internal+0x12d/0x990 [ 91.104564][ T7167] ? net_namespace+0x12/0x50 [ 91.105897][ T7167] ? device_namespace+0x76/0xa0 [ 91.107339][ T7167] kobject_add_internal+0x2c8/0x990 [ 91.108851][ T7167] kobject_add+0x16f/0x240 [ 91.110142][ T7167] ? __pfx_kobject_add+0x10/0x10 [ 91.111580][ T7167] ? kobject_put+0xab/0x5a0 [ 91.112971][ T7167] ? device_add+0xc02/0x1a70 [ 91.114338][ T7167] device_add+0x289/0x1a70 [ 91.115634][ T7167] ? __pfx_dev_set_name+0x10/0x10 [ 91.117088][ T7167] ? __pfx_device_add+0x10/0x10 [ 91.118490][ T7167] ? __init_waitqueue_head+0xca/0x150 [ 91.120050][ T7167] netdev_register_kobject+0x183/0x3a0 [ 91.121672][ T7167] register_netdevice+0x1473/0x1e20 [ 91.123173][ T7167] ? __pfx_register_netdevice+0x10/0x10 [ 91.124773][ T7167] ? alloc_netdev_mqs+0xfa0/0x1320 [ 91.126267][ T7167] internal_dev_create+0x2d3/0x520 [ 91.127753][ T7167] ovs_vport_add+0x144/0x4e0 [ 91.129092][ T7167] new_vport+0x16/0x1d0 [ 91.130298][ T7167] ovs_dp_cmd_new+0x6b0/0xe50 [ 91.131676][ T7167] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 91.133179][ T7167] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 91.135275][ T7167] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 91.137400][ T7167] genl_family_rcv_msg_doit+0x202/0x2f0 [ 91.138994][ T7167] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 91.140760][ T7167] ? genl_get_cmd+0x195/0x580 [ 91.142120][ T7167] ? bpf_lsm_capable+0x9/0x10 [ 91.143483][ T7167] ? security_capable+0x7e/0x260 [ 91.144928][ T7167] ? ns_capable+0xd7/0x110 [ 91.146235][ T7167] genl_rcv_msg+0x565/0x800 [ 91.147565][ T7167] ? __pfx_genl_rcv_msg+0x10/0x10 [ 91.149020][ T7167] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 91.150524][ T7167] netlink_rcv_skb+0x165/0x410 [ 91.151914][ T7167] ? __pfx_genl_rcv_msg+0x10/0x10 [ 91.153373][ T7167] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 91.154839][ T7167] ? down_read+0xc9/0x330 [ 91.156049][ T7167] ? __pfx_down_read+0x10/0x10 [ 91.157375][ T7167] ? netlink_deliver_tap+0x1ae/0xca0 [ 91.158894][ T7167] genl_rcv+0x28/0x40 [ 91.160067][ T7167] netlink_unicast+0x53c/0x7f0 [ 91.161450][ T7167] ? __pfx_netlink_unicast+0x10/0x10 [ 91.162964][ T7167] ? __phys_addr_symbol+0x30/0x80 [ 91.164413][ T7167] ? __check_object_size+0x488/0x710 [ 91.165947][ T7167] netlink_sendmsg+0x8b8/0xd70 [ 91.167356][ T7167] ? __pfx_netlink_sendmsg+0x10/0x10 [ 91.168890][ T7167] ____sys_sendmsg+0x9ae/0xb40 [ 91.170273][ T7167] ? __pfx_____sys_sendmsg+0x10/0x10 [ 91.171795][ T7167] ? get_compat_msghdr+0x11b/0x170 [ 91.173270][ T7167] ___sys_sendmsg+0x135/0x1e0 [ 91.174640][ T7167] ? __pfx____sys_sendmsg+0x10/0x10 [ 91.176158][ T7167] ? __pfx_lock_release+0x10/0x10 [ 91.177604][ T7167] ? trace_lock_acquire+0x14e/0x1f0 [ 91.179120][ T7167] ? __fget_files+0x206/0x3a0 [ 91.180492][ T7167] __sys_sendmsg+0x16e/0x220 [ 91.181962][ T7167] ? __pfx___sys_sendmsg+0x10/0x10 [ 91.183976][ T7167] __do_fast_syscall_32+0x73/0x120 [ 91.185774][ T7167] do_fast_syscall_32+0x32/0x80 [ 91.187201][ T7167] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 91.189029][ T7167] RIP: 0023:0xf70ae579 [ 91.190216][ T7167] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 91.195676][ T7167] RSP: 002b:00000000f50a055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 91.198048][ T7167] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000 [ 91.200302][ T7167] RDX: 000000000000c000 RSI: 0000000000000000 RDI: 0000000000000000 [ 91.202562][ T7167] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 91.204831][ T7167] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 91.207089][ T7167] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 91.209361][ T7167] [ 91.212968][ T7167] kobject: kobject_add_internal failed for  (error: -12 parent: net) [ 91.214348][ T1453] usb 6-1: USB disconnect, device number 5 [ 91.481258][ T7173] binder: 7172:7173 ioctl c0306201 0 returned -14 [ 91.483778][ T7173] binder: 7172:7173 ioctl 4018620d 0 returned -22 [ 91.536717][ T7174] binder: 7172:7174 ioctl c0306201 0 returned -14 [ 92.794308][ T1489] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 92.946974][ T1489] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 92.950791][ T1489] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 92.953616][ T1489] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 92.958076][ T1489] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 92.960978][ T1489] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.965017][ T1489] usb 5-1: config 0 descriptor?? [ 93.006996][ T7196] syz.3.305 uses obsolete (PF_INET,SOCK_PACKET) [ 93.175376][ T7193] netlink: 'syz.0.303': attribute type 1 has an invalid length. [ 93.197106][ T7193] bond1: (slave ip6erspan0): making interface the new active one [ 93.202123][ T7193] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link [ 93.212818][ T40] audit: type=1326 audit(1736977839.485:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7198 comm="syz.3.306" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 93.220539][ T40] audit: type=1326 audit(1736977839.495:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7198 comm="syz.3.306" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 93.226776][ T40] audit: type=1326 audit(1736977839.495:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7198 comm="syz.3.306" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 93.234023][ T40] audit: type=1326 audit(1736977839.495:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7198 comm="syz.3.306" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 93.241573][ T40] audit: type=1326 audit(1736977839.495:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7198 comm="syz.3.306" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 93.247766][ T40] audit: type=1326 audit(1736977839.495:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7198 comm="syz.3.306" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 93.255794][ T40] audit: type=1326 audit(1736977839.495:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7198 comm="syz.3.306" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 93.262014][ T40] audit: type=1326 audit(1736977839.495:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7198 comm="syz.3.306" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 93.410264][ T1489] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 93.412670][ T1489] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 93.415056][ T1489] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 93.417428][ T1489] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 93.419782][ T1489] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 93.421974][ T1489] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 93.424354][ T1489] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 93.426614][ T1489] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 93.428851][ T1489] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 93.431218][ T1489] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 93.433852][ T1489] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 93.487627][ T1489] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 93.614614][ T7214] batadv0: entered promiscuous mode [ 93.746820][ T7215] netlink: 'syz.0.303': attribute type 1 has an invalid length. [ 93.749183][ T7215] netlink: 244 bytes leftover after parsing attributes in process `syz.0.303'. [ 93.992253][ T5312] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 94.084050][ T7225] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13) [ 94.086100][ T7225] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 94.093263][ T7225] vhci_hcd vhci_hcd.0: Device attached [ 94.187768][ T7230] FAULT_INJECTION: forcing a failure. [ 94.187768][ T7230] name failslab, interval 1, probability 0, space 0, times 0 [ 94.191609][ T7230] CPU: 2 UID: 0 PID: 7230 Comm: syz.2.314 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 94.194627][ T7230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.197674][ T7230] Call Trace: [ 94.198613][ T7230] [ 94.199467][ T7230] dump_stack_lvl+0x16c/0x1f0 [ 94.200807][ T7230] should_fail_ex+0x497/0x5b0 [ 94.202155][ T7230] ? fs_reclaim_acquire+0xae/0x150 [ 94.203631][ T7230] should_failslab+0xc2/0x120 [ 94.204981][ T7230] __kmalloc_noprof+0xce/0x4f0 [ 94.206395][ T7230] ? rcu_is_watching+0x12/0xc0 [ 94.207786][ T7230] ? p9_fcall_init+0x97/0x260 [ 94.209137][ T7230] p9_fcall_init+0x97/0x260 [ 94.210448][ T7230] p9_tag_alloc+0x17a/0x870 [ 94.211762][ T7230] ? __pfx_p9_tag_alloc+0x10/0x10 [ 94.213209][ T7230] p9_client_prepare_req+0x19f/0x4d0 [ 94.214729][ T7230] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 94.216407][ T7230] ? hlock_class+0x4e/0x130 [ 94.217716][ T7230] ? mark_lock+0xb5/0xc60 [ 94.218954][ T7230] ? __pfx___lock_acquire+0x10/0x10 [ 94.220451][ T7230] p9_client_rpc+0x1c3/0xc10 [ 94.221783][ T7230] ? __pfx_p9_client_rpc+0x10/0x10 [ 94.223258][ T7230] ? find_held_lock+0x2d/0x110 [ 94.224647][ T7230] ? p9_fid_create+0x26a/0x470 [ 94.226026][ T7230] ? mark_held_locks+0x9f/0xe0 [ 94.227423][ T7230] ? rcu_is_watching+0x12/0xc0 [ 94.228798][ T7230] p9_client_attach+0x154/0x2b0 [ 94.230189][ T7230] ? __pfx_p9_client_attach+0x10/0x10 [ 94.231724][ T7230] v9fs_fid_lookup+0x97d/0xec0 [ 94.233092][ T7230] v9fs_vfs_setattr_dotl+0x7f9/0xc00 [ 94.234606][ T7230] ? __pfx_v9fs_vfs_setattr_dotl+0x10/0x10 [ 94.236271][ T7230] ? evm_inode_setattr+0x65/0x680 [ 94.237698][ T7230] ? __pfx_from_vfsgid+0x10/0x10 [ 94.239114][ T7230] ? __pfx_v9fs_vfs_setattr_dotl+0x10/0x10 [ 94.240766][ T7230] notify_change+0x6a6/0x1230 [ 94.242108][ T7230] chown_common+0x538/0x670 [ 94.243407][ T7230] ? __pfx_chown_common+0x10/0x10 [ 94.245191][ T7230] ? trace_lock_acquire+0x14e/0x1f0 [ 94.246888][ T7230] ? mnt_get_write_access+0x6a/0x300 [ 94.248454][ T7230] ? mnt_get_write_access+0x20c/0x300 [ 94.249959][ T7230] do_fchownat+0x1ac/0x200 [ 94.251205][ T7230] ? __pfx_do_fchownat+0x10/0x10 [ 94.252589][ T7230] ? __pfx_ksys_write+0x10/0x10 [ 94.253926][ T7230] __ia32_sys_lchown16+0xe6/0x120 [ 94.255328][ T7230] __do_fast_syscall_32+0x73/0x120 [ 94.256783][ T7230] do_fast_syscall_32+0x32/0x80 [ 94.258142][ T7230] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 94.259948][ T7230] RIP: 0023:0xf7f61579 [ 94.261109][ T7230] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 94.266436][ T7230] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000010 [ 94.268722][ T7230] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000000000 [ 94.270937][ T7230] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 94.273152][ T7230] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 94.275313][ T7230] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 94.277497][ T7230] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 94.279621][ T7230] [ 94.314312][ T5986] vhci_hcd: vhci_device speed not set [ 94.374252][ T5986] usb 43-1: new full-speed USB device number 2 using vhci_hcd [ 94.465549][ T40] kauditd_printk_skb: 9 callbacks suppressed [ 94.465612][ T40] audit: type=1326 audit(1736977840.745:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7234 comm="syz.2.316" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x0 [ 94.568938][ T40] audit: type=1326 audit(1736977840.845:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.1.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7fc00000 [ 95.172665][ T40] audit: type=1326 audit(1736977841.445:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.1.315" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fa0579 code=0x7fc00000 [ 95.178951][ T40] audit: type=1326 audit(1736977841.445:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.1.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7fc00000 [ 95.185064][ T40] audit: type=1326 audit(1736977841.445:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.1.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7fc00000 [ 95.191084][ T40] audit: type=1326 audit(1736977841.445:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.1.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7fc00000 [ 95.197612][ T40] audit: type=1326 audit(1736977841.445:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.1.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7fc00000 [ 95.203528][ T40] audit: type=1326 audit(1736977841.445:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.1.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7fc00000 [ 95.209764][ T40] audit: type=1326 audit(1736977841.445:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.1.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7fc00000 [ 95.216641][ T40] audit: type=1326 audit(1736977841.445:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7231 comm="syz.1.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7fc00000 [ 95.345464][ T7246] ERROR: device name not specified. [ 95.398414][ T7226] vhci_hcd: connection reset by peer [ 95.404548][ T1162] vhci_hcd: stop threads [ 95.406169][ T1162] vhci_hcd: release socket [ 95.408425][ T1162] vhci_hcd: disconnect device [ 95.426447][ T6005] usb 5-1: USB disconnect, device number 4 [ 95.552028][ T7249] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 95.572824][ T7249] evm: overlay not supported [ 96.393517][ T7260] bridge0: port 3(vlan2) entered blocking state [ 96.396299][ T7260] bridge0: port 3(vlan2) entered disabled state [ 96.398872][ T7260] vlan2: entered allmulticast mode [ 96.401972][ T7260] vlan2: entered promiscuous mode [ 96.634221][ T7238] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 96.794265][ T5953] Bluetooth: hci2: command 0x0406 tx timeout [ 97.261391][ T7268] nr0: entered promiscuous mode [ 97.338493][ T7238] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 97.340426][ T7238] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 97.347996][ T7238] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 97.350542][ T7238] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 97.352332][ T7238] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 97.355684][ T7238] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 97.359323][ T7238] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 97.361278][ T7238] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 97.362957][ T7238] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 97.367563][ T7238] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 98.481828][ T5953] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 98.490573][ T7306] netlink: 56 bytes leftover after parsing attributes in process `syz.2.337'. [ 98.578259][ T7313] netlink: 8 bytes leftover after parsing attributes in process `syz.2.339'. [ 98.652694][ T7326] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 98.660615][ T7326] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 98.670736][ T7311] netlink: 188 bytes leftover after parsing attributes in process `syz.1.338'. [ 98.711562][ T7336] 9pnet_fd: Insufficient options for proto=fd [ 98.714163][ T5953] Bluetooth: hci1: command 0x0c1a tx timeout [ 98.757230][ T7298] syz.3.334 (7298): drop_caches: 2 [ 98.812996][ T7298] syz.3.334 (7298): drop_caches: 2 [ 98.964211][ T73] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 99.060664][ T7342] netlink: 8 bytes leftover after parsing attributes in process `syz.0.344'. [ 99.098419][ T7345] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0 [ 99.101442][ T7344] hugetlbfs: syz.3.343 (7344): Using mlock ulimits for SHM_HUGETLB is obsolete [ 99.104265][ T73] usb 7-1: device descriptor read/64, error -71 [ 99.364240][ T5953] Bluetooth: hci2: command 0x0406 tx timeout [ 99.367517][ T73] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 99.434182][ T5953] Bluetooth: hci3: command 0x0405 tx timeout [ 99.504189][ T73] usb 7-1: device descriptor read/64, error -71 [ 99.514330][ T5986] vhci_hcd: vhci_device speed not set [ 99.563019][ T7362] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.564493][ C1] Illegal XDP return value 16128 on prog (id 77) dev bond_slave_0, expect packet loss! [ 99.598359][ T7362] bond0: (slave rose0): Enslaving as an active interface with an up link [ 99.614427][ T73] usb usb7-port1: attempt power cycle [ 99.964915][ T73] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 99.985078][ T73] usb 7-1: device descriptor read/8, error -71 [ 100.118653][ T7383] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 100.120573][ T7383] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 100.122786][ T7383] vhci_hcd vhci_hcd.0: Device attached [ 100.224206][ T73] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 100.248452][ T73] usb 7-1: device descriptor read/8, error -71 [ 100.305257][ T6005] vhci_hcd: vhci_device speed not set [ 100.334029][ T40] kauditd_printk_skb: 33104 callbacks suppressed [ 100.334040][ T40] audit: type=1326 audit(1736977846.605:33462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7387 comm="syz.3.352" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 100.344268][ T40] audit: type=1326 audit(1736977846.615:33463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7387 comm="syz.3.352" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 100.351394][ T40] audit: type=1326 audit(1736977846.615:33464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7387 comm="syz.3.352" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 100.355596][ T73] usb usb7-port1: unable to enumerate USB device [ 100.359231][ T40] audit: type=1326 audit(1736977846.625:33465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7387 comm="syz.3.352" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 100.366540][ T40] audit: type=1326 audit(1736977846.625:33466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7387 comm="syz.3.352" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 100.366541][ T6005] usb 37-1: new full-speed USB device number 2 using vhci_hcd [ 100.373555][ T40] audit: type=1326 audit(1736977846.625:33467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7387 comm="syz.3.352" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 100.376656][ T5985] usb 5-1: new low-speed USB device number 5 using dummy_hcd [ 100.386069][ T40] audit: type=1326 audit(1736977846.625:33468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7387 comm="syz.3.352" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 100.396179][ T40] audit: type=1326 audit(1736977846.625:33469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7387 comm="syz.3.352" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 100.404425][ T40] audit: type=1326 audit(1736977846.625:33470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7387 comm="syz.3.352" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 100.410917][ T40] audit: type=1326 audit(1736977846.625:33471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7387 comm="syz.3.352" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 100.430867][ T7396] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0 [ 100.535519][ T5985] usb 5-1: config 0 has no interfaces? [ 100.537611][ T5985] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 100.540861][ T5985] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.546452][ T5985] usb 5-1: config 0 descriptor?? [ 100.756090][ T5985] usb 5-1: USB disconnect, device number 5 [ 100.765366][ T7384] vhci_hcd: connection closed [ 100.767587][ T1133] vhci_hcd: stop threads [ 100.770196][ T1133] vhci_hcd: release socket [ 100.771514][ T1133] vhci_hcd: disconnect device [ 100.794220][ T5953] Bluetooth: hci1: command 0x0c1a tx timeout [ 101.195688][ T7407] netlink: 8 bytes leftover after parsing attributes in process `syz.3.358'. [ 101.203075][ T7407] netlink: 64 bytes leftover after parsing attributes in process `syz.3.358'. [ 101.233848][ T7411] netlink: 36 bytes leftover after parsing attributes in process `syz.3.359'. [ 101.291939][ T7412] netlink: 'syz.3.359': attribute type 4 has an invalid length. [ 101.294292][ T7412] netlink: 17 bytes leftover after parsing attributes in process `syz.3.359'. [ 101.434281][ T5953] Bluetooth: hci2: command 0x0406 tx timeout [ 101.481947][ T7421] 9pnet_fd: Insufficient options for proto=fd [ 101.514588][ T5953] Bluetooth: hci3: command 0x0405 tx timeout [ 101.684290][ T5986] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 101.836208][ T5986] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 101.839288][ T5986] usb 6-1: config 1 has an invalid descriptor of length 164, skipping remainder of the config [ 101.842268][ T5986] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 101.846235][ T5986] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 97, changing to 10 [ 101.850078][ T5986] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59053, setting to 1024 [ 101.855507][ T5986] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 101.858424][ T5986] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 101.860907][ T5986] usb 6-1: Product: syz [ 101.862286][ T5986] usb 6-1: Manufacturer: syz [ 101.870844][ T7418] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 101.875549][ T5986] cdc_wdm 6-1:1.0: skipping garbage [ 101.877152][ T5986] cdc_wdm 6-1:1.0: skipping garbage [ 101.884473][ T5986] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 101.886234][ T5986] cdc_wdm 6-1:1.0: Unknown control protocol [ 102.262635][ C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 102.264673][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 102.267090][ C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 102.269022][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 102.270944][ C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 102.272866][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 102.274771][ C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 102.276723][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 102.278614][ C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 102.281201][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 102.283802][ C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 102.285687][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 102.287679][ C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 102.289839][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 102.292129][ C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 102.293922][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 102.295765][ C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 102.297647][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 102.299705][ C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 102.302160][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 102.319293][ T8] usb 6-1: USB disconnect, device number 6 [ 102.319328][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 102.494863][ T7442] FAULT_INJECTION: forcing a failure. [ 102.494863][ T7442] name failslab, interval 1, probability 0, space 0, times 0 [ 102.499621][ T7442] CPU: 0 UID: 0 PID: 7442 Comm: syz.0.367 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 102.502729][ T7442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 102.505670][ T7442] Call Trace: [ 102.506659][ T7442] [ 102.507543][ T7442] dump_stack_lvl+0x16c/0x1f0 [ 102.508883][ T7442] should_fail_ex+0x497/0x5b0 [ 102.510212][ T7442] ? fs_reclaim_acquire+0xae/0x150 [ 102.511729][ T7442] should_failslab+0xc2/0x120 [ 102.513056][ T7442] __kmalloc_cache_noprof+0x68/0x420 [ 102.514563][ T7442] p9_client_create+0xc8/0x11a0 [ 102.515959][ T7442] ? __pfx_p9_client_create+0x10/0x10 [ 102.517502][ T7442] ? rcu_is_watching+0x12/0xc0 [ 102.518856][ T7442] ? trace_kmalloc+0x2d/0xd0 [ 102.520184][ T7442] ? lockdep_init_map_type+0x16d/0x7d0 [ 102.521888][ T7442] ? __kasan_kmalloc+0xaa/0xb0 [ 102.523334][ T7442] ? __raw_spin_lock_init+0x3a/0x110 [ 102.524953][ T7442] v9fs_session_init+0x1f8/0x1a80 [ 102.526989][ T7442] ? __pfx_v9fs_session_init+0x10/0x10 [ 102.529185][ T7442] ? kasan_save_track+0x14/0x30 [ 102.530670][ T7442] v9fs_mount+0xc6/0xa30 [ 102.531914][ T7442] ? __pfx_v9fs_mount+0x10/0x10 [ 102.533295][ T7442] ? __pfx_v9fs_mount+0x10/0x10 [ 102.534707][ T7442] legacy_get_tree+0x109/0x220 [ 102.536136][ T7442] vfs_get_tree+0x8f/0x380 [ 102.537410][ T7442] path_mount+0x6e1/0x1f00 [ 102.538683][ T7442] ? kmem_cache_free+0x152/0x4c0 [ 102.540136][ T7442] ? __pfx_path_mount+0x10/0x10 [ 102.541639][ T7442] ? putname+0x13c/0x180 [ 102.542886][ T7442] __ia32_sys_mount+0x292/0x310 [ 102.544282][ T7442] ? __pfx___ia32_sys_mount+0x10/0x10 [ 102.545848][ T7442] __do_fast_syscall_32+0x73/0x120 [ 102.547357][ T7442] do_fast_syscall_32+0x32/0x80 [ 102.548791][ T7442] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 102.550640][ T7442] RIP: 0023:0xf7f7f579 [ 102.551892][ T7442] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 102.557434][ T7442] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 102.559847][ T7442] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000800 [ 102.562241][ T7442] RDX: 00000000200007c0 RSI: 0000000000000000 RDI: 0000000020000340 [ 102.564648][ T7442] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 102.566948][ T7442] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 102.569300][ T7442] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 102.571648][ T7442] [ 102.576311][ T5312] Bluetooth: hci3: unexpected event for opcode 0x2024 [ 102.758515][ T7447] netlink: 'syz.2.369': attribute type 10 has an invalid length. [ 102.761212][ T7447] netlink: 4 bytes leftover after parsing attributes in process `syz.2.369'. [ 102.763799][ T7447] vlan2: left allmulticast mode [ 102.765286][ T7447] vlan2: left promiscuous mode [ 102.766778][ T7447] bridge0: port 3(vlan2) entered disabled state [ 102.770773][ T7447] bridge_slave_1: left allmulticast mode [ 102.772460][ T7447] bridge_slave_1: left promiscuous mode [ 102.774194][ T7447] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.778300][ T7447] bridge_slave_0: left allmulticast mode [ 102.779999][ T7447] bridge_slave_0: left promiscuous mode [ 102.781640][ T7447] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.877255][ T5312] Bluetooth: hci1: command 0x0c1a tx timeout [ 103.145195][ T5312] Bluetooth: hci0: unexpected event for opcode 0x2024 [ 103.514222][ T5312] Bluetooth: hci2: command 0x0406 tx timeout [ 103.672050][ T7473] netlink: 16 bytes leftover after parsing attributes in process `syz.2.377'. [ 104.280996][ T7479] FAULT_INJECTION: forcing a failure. [ 104.280996][ T7479] name failslab, interval 1, probability 0, space 0, times 0 [ 104.284957][ T7479] CPU: 3 UID: 0 PID: 7479 Comm: syz.3.379 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 104.287991][ T7479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 104.291037][ T7479] Call Trace: [ 104.292025][ T7479] [ 104.292882][ T7479] dump_stack_lvl+0x16c/0x1f0 [ 104.294209][ T7479] should_fail_ex+0x497/0x5b0 [ 104.295640][ T7479] ? fs_reclaim_acquire+0xae/0x150 [ 104.297150][ T7479] should_failslab+0xc2/0x120 [ 104.298520][ T7479] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 104.300093][ T7479] ? __pfx_mark_lock+0x10/0x10 [ 104.301490][ T7479] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 104.303246][ T7479] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 104.305110][ T7479] mmu_topup_memory_caches+0x22/0xd0 [ 104.306751][ T7479] kvm_mmu_load+0xda/0x21f0 [ 104.308141][ T7479] ? mark_held_locks+0x9f/0xe0 [ 104.309511][ T7479] ? kvm_apic_has_interrupt+0xb6/0x190 [ 104.311067][ T7479] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 104.312859][ T7479] ? kvm_guest_time_update+0x780/0xeb0 [ 104.314438][ T7479] ? clear_pending_if_disabled+0xa9/0x210 [ 104.316087][ T7479] ? __pfx_kvm_mmu_load+0x10/0x10 [ 104.317510][ T7479] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 104.319157][ T7479] ? kvm_check_and_inject_events+0x725/0x12e0 [ 104.320903][ T7479] ? record_steal_time+0x51/0xbe0 [ 104.322341][ T7479] vcpu_run+0x2e2e/0x4c00 [ 104.323583][ T7479] ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10 [ 104.325263][ T7479] ? __pfx_vcpu_run+0x10/0x10 [ 104.326679][ T7479] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 104.328297][ T7479] ? rcu_is_watching+0x12/0xc0 [ 104.329655][ T7479] ? trace_lock_acquire+0x14e/0x1f0 [ 104.331116][ T7479] ? __local_bh_enable_ip+0xa4/0x120 [ 104.332622][ T7479] ? lockdep_hardirqs_on+0x7c/0x110 [ 104.334087][ T7479] ? kvm_arch_vcpu_ioctl_run+0x150/0x1740 [ 104.335809][ T7479] ? lock_acquire+0x2f/0xb0 [ 104.337120][ T7479] ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 104.338696][ T7479] kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 104.340312][ T7479] kvm_vcpu_ioctl+0x6ce/0x1520 [ 104.341621][ T7479] ? tomoyo_path_number_perm+0x46d/0x5b0 [ 104.343255][ T7479] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 104.344776][ T7479] ? tomoyo_path_number_perm+0x190/0x5b0 [ 104.346448][ T7479] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 104.348212][ T7479] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 104.349921][ T7479] ? do_vfs_ioctl+0x513/0x1950 [ 104.351295][ T7479] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 104.352760][ T7479] ? __pfx_lock_release+0x10/0x10 [ 104.354190][ T7479] ? trace_lock_acquire+0x14e/0x1f0 [ 104.355760][ T7479] kvm_vcpu_compat_ioctl+0x210/0x3f0 [ 104.357391][ T7479] ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10 [ 104.359085][ T7479] ? __fget_files+0x206/0x3a0 [ 104.360486][ T7479] ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10 [ 104.362195][ T7479] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 104.363750][ T7479] __do_fast_syscall_32+0x73/0x120 [ 104.365215][ T7479] do_fast_syscall_32+0x32/0x80 [ 104.366640][ T7479] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 104.368467][ T7479] RIP: 0023:0xf70ae579 [ 104.369656][ T7479] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 104.375164][ T7479] RSP: 002b:00000000f50a055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 104.377588][ T7479] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80 [ 104.379858][ T7479] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 104.382021][ T7479] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 104.384288][ T7479] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 104.386545][ T7479] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 104.388835][ T7479] [ 104.402881][ T7479] kvm: kvm [7478]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x11e) = 0x3 [ 104.422503][ T7479] kvm: kvm [7478]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x186) = 0x3 [ 104.425350][ T7479] kvm: kvm [7478]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x187) = 0x3 [ 104.442934][ T7479] kvm_intel: kvm [7478]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x1d9) = 0x3 [ 104.792413][ T7497] ip6t_srh: unknown srh match flags D90B [ 105.514306][ T6005] vhci_hcd: vhci_device speed not set [ 105.529524][ T7518] virtio-fs: tag not found [ 105.550548][ T7521] netlink: 12 bytes leftover after parsing attributes in process `syz.2.391'. [ 105.553625][ T7520] netlink: 12 bytes leftover after parsing attributes in process `syz.2.391'. [ 105.554886][ T7521] netlink: 16 bytes leftover after parsing attributes in process `syz.2.391'. [ 105.559204][ T7521] netlink: 12 bytes leftover after parsing attributes in process `syz.2.391'. [ 105.567955][ T7521] netlink: 4 bytes leftover after parsing attributes in process `syz.2.391'. [ 105.571889][ T7521] netlink: 20 bytes leftover after parsing attributes in process `syz.2.391'. [ 105.604216][ T5312] Bluetooth: hci2: command 0x0406 tx timeout [ 105.632775][ T7524] netlink: 36 bytes leftover after parsing attributes in process `syz.2.392'. [ 105.691824][ T7526] netlink: 'syz.2.392': attribute type 4 has an invalid length. [ 105.695521][ T7526] netlink: 17 bytes leftover after parsing attributes in process `syz.2.392'. [ 106.080676][ T7529] warning: `syz.1.393' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 106.246971][ T7536] netlink: 24 bytes leftover after parsing attributes in process `syz.1.395'. [ 106.325226][ T7533] netlink: 'syz.1.395': attribute type 1 has an invalid length. [ 106.328565][ T7533] netlink: 'syz.1.395': attribute type 3 has an invalid length. [ 106.334953][ T7533] netlink: 224 bytes leftover after parsing attributes in process `syz.1.395'. [ 106.347711][ T7533] program syz.1.395 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 106.636010][ T7555] binder: 7543:7555 ioctl c0306201 0 returned -14 [ 106.793152][ T7562] netlink: 'syz.2.401': attribute type 39 has an invalid length. [ 106.877093][ T7563] block device autoloading is deprecated and will be removed. [ 107.091896][ T7567] capability: warning: `syz.2.403' uses 32-bit capabilities (legacy support in use) [ 107.327412][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 107.561938][ T7590] block device autoloading is deprecated and will be removed. [ 107.564627][ T7591] input: syz0 as /devices/virtual/input/input10 [ 107.566556][ T7591] input: failed to attach handler leds to device input10, error: -6 [ 107.729935][ T7594] tipc: Started in network mode [ 107.732579][ T7594] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 107.743589][ T7594] tipc: Enabled bearer , priority 0 [ 108.243158][ T7602] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 108.246160][ T7602] UDF-fs: Scanning with blocksize 2048 failed [ 108.250113][ T7602] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 108.252229][ T7602] UDF-fs: Scanning with blocksize 4096 failed [ 108.736600][ T8] tipc: Node number set to 11578026 [ 108.825489][ T7619] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.900881][ T7619] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.955097][ T7619] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.034784][ T7619] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.184024][ T7619] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.189549][ T7619] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.196155][ T7619] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.201760][ T7619] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.337609][ T7636] syzkaller0: entered promiscuous mode [ 109.342391][ T7636] syzkaller0: entered allmulticast mode [ 110.641331][ T7689] overlayfs: failed to resolve './file1': -2 [ 110.648319][ T7689] syz.2.434 (7689): /proc/7688/oom_adj is deprecated, please use /proc/7688/oom_score_adj instead. [ 110.678155][ T7679] tmpfs: Bad value for 'mpol' [ 110.842901][ T40] kauditd_printk_skb: 22 callbacks suppressed [ 110.842912][ T40] audit: type=1400 audit(1736977858.118:33494): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=7705 comm=6C2586CE36DB0CCF197CC94F7FCE8F [ 111.706606][ T40] audit: type=1326 audit(1736977858.988:33495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.1.438" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 111.714301][ T40] audit: type=1326 audit(1736977858.988:33496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.1.438" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 111.722330][ T40] audit: type=1326 audit(1736977858.988:33497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.1.438" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 111.730906][ T40] audit: type=1326 audit(1736977858.988:33498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.1.438" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 111.738451][ T40] audit: type=1326 audit(1736977858.988:33499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.1.438" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 111.746545][ T40] audit: type=1326 audit(1736977858.988:33500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.1.438" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 111.756168][ T40] audit: type=1326 audit(1736977858.988:33501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.1.438" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 111.764391][ T40] audit: type=1326 audit(1736977858.988:33502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.1.438" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 111.772601][ T40] audit: type=1326 audit(1736977858.988:33503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz.1.438" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 112.246034][ T7742] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 112.965970][ T7755] __nla_validate_parse: 6 callbacks suppressed [ 112.965981][ T7755] netlink: 8 bytes leftover after parsing attributes in process `syz.1.444'. [ 113.620408][ T7770] netlink: 8 bytes leftover after parsing attributes in process `syz.0.448'. [ 113.681470][ T7773] syzkaller1: entered promiscuous mode [ 113.683727][ T7773] syzkaller1: entered allmulticast mode [ 113.987163][ T7782] netdevsim netdevsim0: Direct firmware load for . [ 113.987163][ T7782] failed with error -2 [ 113.990376][ T7782] netdevsim netdevsim0: Falling back to sysfs fallback for: . [ 113.990376][ T7782] [ 114.265216][ T7796] netlink: 'syz.2.456': attribute type 9 has an invalid length. [ 114.456959][ T7796] netlink: 9 bytes leftover after parsing attributes in process `syz.2.456'. [ 114.814312][ T7802] netlink: 4 bytes leftover after parsing attributes in process `syz.1.457'. [ 115.018015][ T7804] FAULT_INJECTION: forcing a failure. [ 115.018015][ T7804] name failslab, interval 1, probability 0, space 0, times 0 [ 115.023554][ T7804] CPU: 3 UID: 0 PID: 7804 Comm: syz.3.458 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 115.027556][ T7804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 115.031497][ T7804] Call Trace: [ 115.032783][ T7804] [ 115.033897][ T7804] dump_stack_lvl+0x16c/0x1f0 [ 115.035557][ T7804] should_fail_ex+0x497/0x5b0 [ 115.037308][ T7804] ? fs_reclaim_acquire+0xae/0x150 [ 115.039391][ T7804] should_failslab+0xc2/0x120 [ 115.041210][ T7804] kmem_cache_alloc_lru_noprof+0x73/0x3b0 [ 115.043335][ T7804] ? __d_alloc+0x35/0x8c0 [ 115.044982][ T7804] __d_alloc+0x35/0x8c0 [ 115.046625][ T7804] path_from_stashed+0x7a1/0xec0 [ 115.048554][ T7804] ? __pfx_path_from_stashed+0x10/0x10 [ 115.050623][ T7804] ? netns_get+0x21/0x150 [ 115.052306][ T7804] ? do_raw_spin_unlock+0x172/0x230 [ 115.054180][ T7804] ns_get_path+0x5f/0x80 [ 115.055753][ T7804] proc_ns_get_link+0x122/0x260 [ 115.057635][ T7804] ? __pfx_proc_ns_get_link+0x10/0x10 [ 115.059672][ T7804] ? __pfx___might_resched+0x10/0x10 [ 115.061818][ T7804] ? __pfx_proc_ns_get_link+0x10/0x10 [ 115.063883][ T7804] step_into+0x1aed/0x2230 [ 115.065585][ T7804] ? __pfx_step_into+0x10/0x10 [ 115.067014][ T7804] ? __pfx___up_read+0x10/0x10 [ 115.068688][ T7804] path_openat+0x74c/0x2d60 [ 115.070460][ T7804] ? __pfx_path_openat+0x10/0x10 [ 115.072384][ T7804] ? __pfx___lock_acquire+0x10/0x10 [ 115.074160][ T7804] ? lock_acquire.part.0+0x11b/0x380 [ 115.076235][ T7804] ? find_held_lock+0x2d/0x110 [ 115.077802][ T7804] do_filp_open+0x20c/0x470 [ 115.079514][ T7804] ? __pfx_do_filp_open+0x10/0x10 [ 115.081466][ T7804] ? find_held_lock+0x2d/0x110 [ 115.083180][ T7804] ? alloc_fd+0x41f/0x760 [ 115.084727][ T7804] do_sys_openat2+0x17a/0x1e0 [ 115.086505][ T7804] ? __pfx_do_sys_openat2+0x10/0x10 [ 115.088525][ T7804] ? __fget_files+0x206/0x3a0 [ 115.090292][ T7804] __ia32_compat_sys_openat+0x16e/0x210 [ 115.092427][ T7804] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 115.094814][ T7804] ? ksys_write+0x1ba/0x250 [ 115.096474][ T7804] __do_fast_syscall_32+0x73/0x120 [ 115.098018][ T7804] do_fast_syscall_32+0x32/0x80 [ 115.099693][ T7804] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 115.101768][ T7804] RIP: 0023:0xf70ae579 [ 115.103321][ T7804] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 115.110420][ T7804] RSP: 002b:00000000f50a04f0 EFLAGS: 00000293 ORIG_RAX: 0000000000000127 [ 115.113559][ T7804] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f728ce8c [ 115.116567][ T7804] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f73e3ff4 [ 115.119565][ T7804] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 115.122534][ T7804] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 115.125499][ T7804] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 115.128488][ T7804] [ 115.179221][ T7808] overlayfs: missing 'lowerdir' [ 115.183753][ T7808] Invalid ELF header magic: != ELF [ 115.210860][ T7806] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 115.590253][ T7823] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 115.853682][ T40] kauditd_printk_skb: 6435 callbacks suppressed [ 115.853725][ T40] audit: type=1326 audit(1736977863.128:39939): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=unconfined pid=7795 comm="syz.2.456" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 115.868277][ T40] audit: type=1326 audit(1736977863.128:39940): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=unconfined pid=7795 comm="syz.2.456" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f615a7 code=0x7ffc0000 [ 115.877972][ T40] audit: type=1326 audit(1736977863.128:39941): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=unconfined pid=7795 comm="syz.2.456" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 115.887026][ T40] audit: type=1326 audit(1736977863.128:39942): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=unconfined pid=7795 comm="syz.2.456" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f615a7 code=0x7ffc0000 [ 115.893503][ T40] audit: type=1326 audit(1736977863.128:39943): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=unconfined pid=7795 comm="syz.2.456" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 115.901975][ T40] audit: type=1326 audit(1736977863.128:39944): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=unconfined pid=7795 comm="syz.2.456" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f615a7 code=0x7ffc0000 [ 115.908813][ T40] audit: type=1326 audit(1736977863.128:39945): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=unconfined pid=7795 comm="syz.2.456" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 115.920580][ T40] audit: type=1326 audit(1736977863.128:39946): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=unconfined pid=7795 comm="syz.2.456" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f615a7 code=0x7ffc0000 [ 115.929873][ T40] audit: type=1326 audit(1736977863.138:39947): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=unconfined pid=7795 comm="syz.2.456" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f61579 code=0x7ffc0000 [ 115.938303][ T40] audit: type=1326 audit(1736977863.138:39948): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=unconfined pid=7795 comm="syz.2.456" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f615a7 code=0x7ffc0000 [ 116.218156][ T7836] 9pnet_virtio: no channels available for device syz [ 116.223459][ T7836] mmap: syz.2.468 (7836) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 116.784986][ T7845] tmpfs: Bad value for 'mpol' [ 117.001624][ T7876] netlink: 'syz.0.474': attribute type 39 has an invalid length. [ 117.196851][ T7891] ptrace attach of "/syz-executor exec"[5945] was attempted by "/syz-executor exec"[7891] [ 118.594236][ T5986] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 118.745564][ T5986] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 118.748826][ T5986] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 118.751625][ T5986] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 118.757073][ T5986] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 118.760476][ T5986] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.762925][ T5986] usb 8-1: Product: syz [ 118.764422][ T5986] usb 8-1: Manufacturer: syz [ 118.765833][ T5986] usb 8-1: SerialNumber: syz [ 118.978814][ T5986] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 119.047248][ T7937] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 119.278374][ T63] usb 8-1: USB disconnect, device number 9 [ 119.340650][ T63] usblp0: removed [ 119.571696][ T7948] 8021q: adding VLAN 0 to HW filter on device bond2 [ 119.575833][ T7948] bridge0: port 3(bond2) entered blocking state [ 119.578965][ T5312] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 119.579099][ T7948] bridge0: port 3(bond2) entered disabled state [ 119.583488][ T7948] bond2: entered allmulticast mode [ 119.589380][ T7948] bond2: entered promiscuous mode [ 119.591526][ T7948] bridge0: port 3(bond2) entered blocking state [ 119.594078][ T7948] bridge0: port 3(bond2) entered forwarding state [ 119.599832][ T105] bridge0: port 3(bond2) entered disabled state [ 119.606379][ T7950] ptrace attach of "/syz-executor exec"[5955] was attempted by "/syz-executor exec"[7950] [ 119.751710][ T7952] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 119.755292][ T7952] IPv6: NLM_F_CREATE should be set when creating new route [ 119.758246][ T7952] IPv6: NLM_F_CREATE should be set when creating new route [ 120.353674][ T7960] infiniband syz1: set active [ 121.512443][ T40] kauditd_printk_skb: 513 callbacks suppressed [ 121.512472][ T40] audit: type=1326 audit(1736977868.788:40462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7988 comm="syz.0.500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 121.527813][ T40] audit: type=1326 audit(1736977868.798:40463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7988 comm="syz.0.500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 121.543106][ T40] audit: type=1326 audit(1736977868.798:40464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7988 comm="syz.0.500" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 121.557640][ T40] audit: type=1326 audit(1736977868.798:40465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7988 comm="syz.0.500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 121.568801][ T40] audit: type=1326 audit(1736977868.798:40466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7988 comm="syz.0.500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 121.576310][ T40] audit: type=1326 audit(1736977868.798:40467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7988 comm="syz.0.500" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 121.582192][ T40] audit: type=1326 audit(1736977868.798:40468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7988 comm="syz.0.500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 121.588642][ T40] audit: type=1326 audit(1736977868.798:40469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7988 comm="syz.0.500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 121.594939][ T40] audit: type=1326 audit(1736977868.798:40470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7988 comm="syz.0.500" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 121.603155][ T40] audit: type=1326 audit(1736977868.818:40471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7988 comm="syz.0.500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 122.083923][ T8008] netlink: 76 bytes leftover after parsing attributes in process `syz.3.503'. [ 122.495057][ T8029] random: crng reseeded on system resumption [ 123.252664][ T8045] netlink: 8 bytes leftover after parsing attributes in process `syz.1.513'. [ 123.259313][ T8045] macsec0: entered promiscuous mode [ 123.489182][ T8055] syz.0.515: vmalloc error: size 12288, failed to allocate pages, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 123.495640][ T8055] CPU: 2 UID: 0 PID: 8055 Comm: syz.0.515 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 123.498707][ T8055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 123.501749][ T8055] Call Trace: [ 123.502715][ T8055] [ 123.503580][ T8055] dump_stack_lvl+0x16c/0x1f0 [ 123.504892][ T8055] warn_alloc+0x24d/0x3a0 [ 123.506098][ T8055] ? __pfx_warn_alloc+0x10/0x10 [ 123.507514][ T8055] ? policy_nodemask+0xea/0x4e0 [ 123.508900][ T8055] ? alloc_pages_mpol_noprof+0x327/0x620 [ 123.510462][ T8055] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 123.512167][ T8055] ? __pfx___might_resched+0x10/0x10 [ 123.513685][ T8055] __vmalloc_node_range_noprof+0x12c0/0x1530 [ 123.515389][ T8055] ? hashlimit_mt_check_common+0x8b0/0x1450 [ 123.517486][ T8055] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 123.520006][ T8055] ? __pfx_lock_release+0x10/0x10 [ 123.521828][ T8055] ? trace_lock_acquire+0x14e/0x1f0 [ 123.523789][ T8055] ? hashlimit_mt_check_common+0x8b0/0x1450 [ 123.526115][ T8055] vmalloc_noprof+0x6b/0x90 [ 123.527966][ T8055] ? hashlimit_mt_check_common+0x8b0/0x1450 [ 123.530202][ T8055] hashlimit_mt_check_common+0x8b0/0x1450 [ 123.532367][ T8055] hashlimit_mt_check_v1+0x2fe/0x370 [ 123.534483][ T8055] ? __pfx_hashlimit_mt_check_v1+0x10/0x10 [ 123.536582][ T8055] ? trace_contention_end+0xee/0x140 [ 123.538093][ T8055] ? __pfx_hashlimit_mt_check_v1+0x10/0x10 [ 123.539758][ T8055] xt_check_match+0x284/0xa50 [ 123.541105][ T8055] ? __pfx_xt_check_match+0x10/0x10 [ 123.542589][ T8055] ? pcpu_alloc_noprof+0x126/0x1650 [ 123.544084][ T8055] ? xt_find_match.part.0+0x1b6/0x250 [ 123.545618][ T8055] find_check_entry.constprop.0+0x325/0x9c0 [ 123.547386][ T8055] ? __pfx_find_check_entry.constprop.0+0x10/0x10 [ 123.549215][ T8055] ? kfree+0x14f/0x4b0 [ 123.550427][ T8055] ? kvfree+0x47/0x50 [ 123.551676][ T8055] translate_table+0xc88/0x1730 [ 123.553518][ T8055] ? __pfx_translate_table+0x10/0x10 [ 123.555498][ T8055] translate_compat_table+0x13d9/0x18c0 [ 123.557396][ T8055] ? __pfx_translate_compat_table+0x10/0x10 [ 123.559096][ T8055] ? __might_fault+0x13b/0x190 [ 123.560533][ T8055] ? trace_lock_acquire+0x14e/0x1f0 [ 123.561991][ T8055] compat_do_replace+0x35d/0x500 [ 123.563431][ T8055] ? __pfx_compat_do_replace+0x10/0x10 [ 123.564963][ T8055] ? aa_get_newest_label+0x376/0x680 [ 123.566493][ T8055] ? __pfx_aa_get_newest_label+0x10/0x10 [ 123.568275][ T8055] ? bpf_lsm_capable+0x9/0x10 [ 123.570017][ T8055] ? security_capable+0x7e/0x260 [ 123.571816][ T8055] do_ipt_set_ctl+0x686/0xc10 [ 123.573509][ T8055] ? __mutex_lock+0x1cc/0xa60 [ 123.575207][ T8055] ? __pfx_do_ipt_set_ctl+0x10/0x10 [ 123.577199][ T8055] ? __mutex_unlock_slowpath+0x164/0x690 [ 123.578816][ T8055] ? sockopt_release_sock+0x52/0x60 [ 123.580323][ T8055] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 123.582041][ T8055] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 123.583588][ T8055] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 123.585303][ T8055] nf_setsockopt+0x8a/0xf0 [ 123.586639][ T8055] ip_setsockopt+0xcb/0xf0 [ 123.587946][ T8055] udp_setsockopt+0x7d/0xd0 [ 123.589264][ T8055] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 123.590967][ T8055] do_sock_setsockopt+0x222/0x480 [ 123.592427][ T8055] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 123.594023][ T8055] ? lock_acquire+0x2f/0xb0 [ 123.595359][ T8055] __sys_setsockopt+0x1a0/0x230 [ 123.597041][ T8055] __ia32_sys_setsockopt+0xbc/0x160 [ 123.598718][ T8055] ? lockdep_hardirqs_on+0x7c/0x110 [ 123.600326][ T8055] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 123.602227][ T8055] __do_fast_syscall_32+0x73/0x120 [ 123.603735][ T8055] do_fast_syscall_32+0x32/0x80 [ 123.605153][ T8055] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 123.606955][ T8055] RIP: 0023:0xf7f7f579 [ 123.608139][ T8055] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 123.613585][ T8055] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 123.615984][ T8055] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000000000000 [ 123.618224][ T8055] RDX: 0000000000000040 RSI: 0000000020000000 RDI: 0000000000000578 [ 123.620475][ T8055] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 123.622752][ T8055] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 123.625008][ T8055] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 123.627370][ T8055] [ 123.628837][ T8055] Mem-Info: [ 123.629773][ T8055] active_anon:13596 inactive_anon:16257 isolated_anon:0 [ 123.629773][ T8055] active_file:15521 inactive_file:28707 isolated_file:0 [ 123.629773][ T8055] unevictable:1768 dirty:358 writeback:0 [ 123.629773][ T8055] slab_reclaimable:5889 slab_unreclaimable:57880 [ 123.629773][ T8055] mapped:29987 shmem:27284 pagetables:783 [ 123.629773][ T8055] sec_pagetables:304 bounce:0 [ 123.629773][ T8055] kernel_misc_reclaimable:0 [ 123.629773][ T8055] free:31677 free_pcp:7718 free_cma:0 [ 123.642840][ T8055] Node 0 active_anon:6328kB inactive_anon:324kB active_file:10876kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:5584kB dirty:96kB writeback:0kB shmem:5576kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10064kB pagetables:972kB sec_pagetables:1160kB all_unreclaimable? yes [ 123.651569][ T8055] Node 1 active_anon:48056kB inactive_anon:64704kB active_file:51208kB inactive_file:114828kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:114364kB dirty:1336kB writeback:0kB shmem:103560kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2548kB pagetables:2160kB sec_pagetables:56kB all_unreclaimable? no [ 123.660735][ T8055] Node 0 DMA free:2984kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:76kB inactive_anon:16kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:692kB local_pcp:164kB free_cma:0kB [ 123.668646][ T8055] lowmem_reserve[]: 0 273 0 0 0 [ 123.670060][ T8055] Node 0 DMA32 free:21128kB boost:2048kB min:15952kB low:19428kB high:22904kB reserved_highatomic:4096KB active_anon:6252kB inactive_anon:308kB active_file:10876kB inactive_file:0kB unevictable:3536kB writepending:100kB present:1032196kB managed:306308kB mlocked:0kB bounce:0kB free_pcp:1500kB local_pcp:288kB free_cma:0kB [ 123.678527][ T8055] lowmem_reserve[]: 0 0 0 0 0 [ 123.679928][ T8055] Node 1 DMA32 free:101504kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:48056kB inactive_anon:64704kB active_file:51208kB inactive_file:114828kB unevictable:3536kB writepending:1336kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:28764kB local_pcp:5632kB free_cma:0kB [ 123.688663][ T8055] lowmem_reserve[]: 0 0 0 0 0 [ 123.690057][ T8055] Node 0 DMA: 0*4kB 67*8kB (U) 59*16kB (U) 47*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2984kB [ 123.693752][ T8055] Node 0 DMA32: 98*4kB (UMH) 82*8kB (UMEH) 13*16kB (MH) 140*32kB (UMEH) 62*64kB (UMEH) 33*128kB (UMEH) 6*256kB (UH) 5*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 21096kB [ 123.698753][ T8055] Node 1 DMA32: 5*4kB (UE) 67*8kB (UME) 12*16kB (UME) 70*32kB (UME) 31*64kB (E) 76*128kB (UME) 34*256kB (UME) 13*512kB (UME) 8*1024kB (UME) 4*2048kB (UE) 13*4096kB (UM) = 99692kB [ 123.703837][ T8055] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 123.706614][ T8055] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 123.709733][ T8055] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 123.712529][ T8055] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 123.715266][ T8055] 71514 total pagecache pages [ 123.716637][ T8055] 0 pages in swap cache [ 123.717840][ T8055] Free swap = 123628kB [ 123.719069][ T8055] Total swap = 124996kB [ 123.720279][ T8055] 524155 pages RAM [ 123.721364][ T8055] 0 pages HighMem/MovableOnly [ 123.722741][ T8055] 206675 pages reserved [ 123.723952][ T8055] 0 pages cma reserved [ 125.126987][ T8096] xt_CT: No such helper "syz0" [ 125.164764][ T5986] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 125.326067][ T5986] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 125.330820][ T5986] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 125.333719][ T5986] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 125.336590][ T5986] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.341771][ T8083] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 125.350648][ T5986] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 125.581891][ T8083] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 125.586397][ T8083] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 125.693386][ T5312] Bluetooth: hci1: unexpected event for opcode 0x041b [ 126.024047][ T8120] siw: device registration error -23 [ 126.245128][ T8126] batadv0: entered promiscuous mode [ 126.621113][ T8134] netlink: 8 bytes leftover after parsing attributes in process `syz.3.536'. [ 126.624875][ T8134] netlink: 24 bytes leftover after parsing attributes in process `syz.3.536'. [ 126.632157][ T8134] vxcan3: entered promiscuous mode [ 126.634371][ T8134] vxcan3: entered allmulticast mode [ 126.662483][ T8136] nr0: left promiscuous mode [ 126.989553][ T8153] netlink: 4 bytes leftover after parsing attributes in process `syz.3.540'. [ 127.364319][ T1453] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 127.494207][ T1453] usb 5-1: device descriptor read/64, error -71 [ 127.617458][ T8160] netlink: 'syz.3.546': attribute type 2 has an invalid length. [ 127.620234][ T8160] netlink: 'syz.3.546': attribute type 11 has an invalid length. [ 127.623140][ T8160] netlink: 132 bytes leftover after parsing attributes in process `syz.3.546'. [ 127.658081][ T8162] kAFS: unable to lookup cell '.,' [ 127.690794][ T8164] netlink: 8 bytes leftover after parsing attributes in process `syz.3.548'. [ 127.693451][ T8164] openvswitch: netlink: Actions may not be safe on all matching packets [ 127.721903][ T8166] FAULT_INJECTION: forcing a failure. [ 127.721903][ T8166] name failslab, interval 1, probability 0, space 0, times 0 [ 127.725873][ T8166] CPU: 1 UID: 0 PID: 8166 Comm: syz.3.549 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 127.728840][ T8166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 127.731902][ T8166] Call Trace: [ 127.732866][ T8166] [ 127.733723][ T8166] dump_stack_lvl+0x16c/0x1f0 [ 127.734329][ T1453] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 127.735302][ T8166] should_fail_ex+0x497/0x5b0 [ 127.739893][ T8166] ? fs_reclaim_acquire+0xae/0x150 [ 127.741508][ T8166] should_failslab+0xc2/0x120 [ 127.742860][ T8166] __kmalloc_cache_noprof+0x68/0x420 [ 127.744535][ T8166] xprt_alloc+0x518/0x860 [ 127.745838][ T8166] xs_setup_xprt.part.0+0x4b/0x250 [ 127.747320][ T8166] xs_setup_local+0x9d/0x880 [ 127.748651][ T8166] xprt_create_transport+0x169/0x720 [ 127.750222][ T8166] rpc_create+0x379/0x7e0 [ 127.751486][ T8166] ? __pfx_rpc_create+0x10/0x10 [ 127.752884][ T8166] ? __lock_acquire+0x15a9/0x3c40 [ 127.754393][ T8166] ? __pfx___lock_acquire+0x10/0x10 [ 127.756521][ T8166] ? rpcb_create_local+0x100/0x270 [ 127.758212][ T8166] ? __pfx___lock_acquire+0x10/0x10 [ 127.759708][ T8166] ? rcu_is_watching+0x12/0xc0 [ 127.761135][ T8166] rpcb_create_af_local+0x10d/0x300 [ 127.762620][ T8166] ? __pfx_rpcb_create_af_local+0x10/0x10 [ 127.764251][ T8166] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.765797][ T8166] ? lock_acquire+0x2f/0xb0 [ 127.767095][ T8166] ? rpcb_create_local+0x148/0x270 [ 127.768605][ T8166] rpcb_create_local+0x1ee/0x270 [ 127.770028][ T8166] svc_bind+0x1e8/0x260 [ 127.771279][ T8166] nfsd_create_serv+0x32c/0x510 [ 127.772662][ T8166] ? __pfx_nfsd_create_serv+0x10/0x10 [ 127.774225][ T8166] ? __nla_validate_parse+0x605/0x2b10 [ 127.776421][ T8166] nfsd_nl_listener_set_doit+0xeb/0x1b40 [ 127.778233][ T8166] ? __pfx___nla_validate_parse+0x10/0x10 [ 127.779870][ T8166] ? rcu_is_watching+0x12/0xc0 [ 127.781283][ T8166] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 127.783030][ T8166] ? __nla_parse+0x40/0x60 [ 127.784404][ T8166] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 127.786505][ T8166] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 127.788644][ T8166] genl_family_rcv_msg_doit+0x202/0x2f0 [ 127.790231][ T8166] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 127.792028][ T8166] ? __pfx_mark_lock+0x10/0x10 [ 127.793452][ T8166] ? __pfx_stack_trace_save+0x10/0x10 [ 127.795063][ T8166] ? genl_get_cmd+0x195/0x580 [ 127.796440][ T8166] ? bpf_lsm_capable+0x9/0x10 [ 127.797832][ T8166] ? security_capable+0x7e/0x260 [ 127.799289][ T8166] genl_rcv_msg+0x565/0x800 [ 127.800604][ T8166] ? __pfx_genl_rcv_msg+0x10/0x10 [ 127.802090][ T8166] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 127.803873][ T8166] ? __pfx___lock_acquire+0x10/0x10 [ 127.805620][ T8166] netlink_rcv_skb+0x165/0x410 [ 127.807007][ T8166] ? __pfx_genl_rcv_msg+0x10/0x10 [ 127.808511][ T8166] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 127.810038][ T8166] ? down_read+0xc9/0x330 [ 127.811341][ T8166] ? __pfx_down_read+0x10/0x10 [ 127.812719][ T8166] ? netlink_deliver_tap+0x1ae/0xca0 [ 127.814297][ T8166] genl_rcv+0x28/0x40 [ 127.815461][ T8166] netlink_unicast+0x53c/0x7f0 [ 127.816860][ T8166] ? __pfx_netlink_unicast+0x10/0x10 [ 127.818405][ T8166] ? __phys_addr_symbol+0x30/0x80 [ 127.819861][ T8166] ? __check_object_size+0x488/0x710 [ 127.821416][ T8166] netlink_sendmsg+0x8b8/0xd70 [ 127.822785][ T8166] ? __pfx_netlink_sendmsg+0x10/0x10 [ 127.824322][ T8166] ____sys_sendmsg+0x9ae/0xb40 [ 127.825705][ T8166] ? __pfx_____sys_sendmsg+0x10/0x10 [ 127.827244][ T8166] ? get_compat_msghdr+0x11b/0x170 [ 127.828756][ T8166] ___sys_sendmsg+0x135/0x1e0 [ 127.830120][ T8166] ? __pfx____sys_sendmsg+0x10/0x10 [ 127.831662][ T8166] ? __pfx_lock_release+0x10/0x10 [ 127.833113][ T8166] ? trace_lock_acquire+0x14e/0x1f0 [ 127.834660][ T8166] ? __fget_files+0x206/0x3a0 [ 127.836046][ T8166] __sys_sendmsg+0x16e/0x220 [ 127.837428][ T8166] ? __pfx___sys_sendmsg+0x10/0x10 [ 127.838949][ T8166] __do_fast_syscall_32+0x73/0x120 [ 127.840465][ T8166] do_fast_syscall_32+0x32/0x80 [ 127.841910][ T8166] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 127.843741][ T8166] RIP: 0023:0xf70ae579 [ 127.844962][ T8166] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 127.850434][ T8166] RSP: 002b:00000000f50a055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 127.852586][ T8166] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200001c0 [ 127.855116][ T8166] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 127.857903][ T8166] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 127.860190][ T8166] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 127.862460][ T8166] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 127.864307][ T1453] usb 5-1: device descriptor read/64, error -71 [ 127.864866][ T8166] [ 127.934082][ T8168] trusted_key: syz.1.550 sent an empty control message without MSG_MORE. [ 127.941827][ T8] usb 7-1: USB disconnect, device number 12 [ 127.974982][ T1453] usb usb5-port1: attempt power cycle [ 128.043661][ T8178] input: syz1 as /devices/virtual/input/input11 [ 128.344193][ T1453] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 128.525337][ T1453] usb 5-1: device descriptor read/8, error -71 [ 128.525695][ T8183] FAULT_INJECTION: forcing a failure. [ 128.525695][ T8183] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 128.531039][ T8183] CPU: 2 UID: 0 PID: 8183 Comm: syz.2.556 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 128.534156][ T8183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 128.537175][ T8183] Call Trace: [ 128.538194][ T8183] [ 128.539085][ T8183] dump_stack_lvl+0x16c/0x1f0 [ 128.540492][ T8183] should_fail_ex+0x497/0x5b0 [ 128.541848][ T8183] ? fs_reclaim_acquire+0xae/0x150 [ 128.543334][ T8183] should_fail_alloc_page+0xe7/0x130 [ 128.544851][ T8183] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 128.546666][ T8183] __alloc_pages_noprof+0x190/0x25b0 [ 128.548191][ T8183] ? stack_depot_save_flags+0x36d/0x9e0 [ 128.549769][ T8183] ? __pfx_lock_release+0x10/0x10 [ 128.551640][ T8183] ? hlock_class+0x4e/0x130 [ 128.553146][ T8183] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 128.554776][ T8183] ? __pfx___lock_acquire+0x10/0x10 [ 128.556339][ T8183] ? kasan_save_stack+0x42/0x60 [ 128.557742][ T8183] ? kasan_save_stack+0x33/0x60 [ 128.559134][ T8183] ? kasan_save_track+0x14/0x30 [ 128.560794][ T8183] ? __kasan_slab_alloc+0x89/0x90 [ 128.562392][ T8183] ? kmem_cache_alloc_node_noprof+0x1ca/0x3b0 [ 128.564847][ T8183] ? alloc_vmap_area+0xdc8/0x2a70 [ 128.566912][ T8183] ? __get_vm_area_node+0x19e/0x2f0 [ 128.569025][ T8183] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 128.571413][ T8183] ? policy_nodemask+0xea/0x4e0 [ 128.573384][ T8183] alloc_pages_mpol_noprof+0x2c8/0x620 [ 128.575557][ T8183] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 128.577807][ T8183] ? do_raw_spin_lock+0x12d/0x2c0 [ 128.579709][ T8183] ? lock_acquire+0x2f/0xb0 [ 128.581384][ T8183] ? kasan_populate_vmalloc_pte+0xfb/0x160 [ 128.583535][ T8183] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 128.585570][ T8183] get_free_pages_noprof+0xc/0x40 [ 128.587060][ T8183] kasan_populate_vmalloc_pte+0x2d/0x160 [ 128.589115][ T8183] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 128.591502][ T8183] __apply_to_page_range+0x5fd/0xd30 [ 128.593467][ T8183] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 128.595802][ T8183] ? __pfx___apply_to_page_range+0x10/0x10 [ 128.597877][ T8183] ? insert_vmap_area+0x2ef/0x4d0 [ 128.599339][ T8183] alloc_vmap_area+0x93e/0x2a70 [ 128.600986][ T8183] ? __pfx_alloc_vmap_area+0x10/0x10 [ 128.603126][ T8183] __get_vm_area_node+0x19e/0x2f0 [ 128.604596][ T8183] __vmalloc_node_range_noprof+0x26a/0x1530 [ 128.606488][ T8183] ? sock_hash_alloc+0x336/0x510 [ 128.608484][ T8183] ? sock_hash_alloc+0x336/0x510 [ 128.610432][ T8183] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 128.612724][ T8183] ? rcu_is_watching+0x12/0xc0 [ 128.614099][ T8183] ? trace_kmalloc+0x2d/0xd0 [ 128.615943][ T8183] ? __kmalloc_node_noprof+0x23d/0x520 [ 128.618148][ T8183] ? sock_hash_alloc+0x336/0x510 [ 128.620148][ T8183] __bpf_map_area_alloc+0xea/0x190 [ 128.622102][ T8183] ? sock_hash_alloc+0x336/0x510 [ 128.623946][ T8183] sock_hash_alloc+0x336/0x510 [ 128.625731][ T8183] map_create+0x5c5/0x1f20 [ 128.627407][ T8183] ? __pfx_lock_release+0x10/0x10 [ 128.629219][ T8183] ? trace_lock_acquire+0x14e/0x1f0 [ 128.631299][ T8183] ? __pfx_map_create+0x10/0x10 [ 128.633242][ T8183] ? lock_acquire+0x2f/0xb0 [ 128.635130][ T8183] ? __might_fault+0xe3/0x190 [ 128.637090][ T8183] ? __might_fault+0xe3/0x190 [ 128.639007][ T8183] __sys_bpf+0x4f58/0x57a0 [ 128.640822][ T8183] ? __pfx_lock_release+0x10/0x10 [ 128.642904][ T8183] ? __pfx___sys_bpf+0x10/0x10 [ 128.644859][ T8183] ? vfs_write+0x306/0x1150 [ 128.646425][ T8183] ? __mutex_unlock_slowpath+0x164/0x690 [ 128.648121][ T8183] ? fput+0x67/0x440 [ 128.649594][ T8183] ? ksys_write+0x1ba/0x250 [ 128.651443][ T8183] ? __pfx_ksys_write+0x10/0x10 [ 128.653425][ T8183] __ia32_sys_bpf+0x76/0xe0 [ 128.655277][ T8183] __do_fast_syscall_32+0x73/0x120 [ 128.657326][ T8183] do_fast_syscall_32+0x32/0x80 [ 128.659300][ T8183] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 128.661726][ T8183] RIP: 0023:0xf7f61579 [ 128.662899][ T8183] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 128.668422][ T8183] RSP: 002b:00000000f509555c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 128.670927][ T8183] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200001c0 [ 128.673143][ T8183] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000 [ 128.675349][ T8183] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 128.678200][ T8183] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 128.680857][ T8183] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 128.683668][ T8183] [ 128.774223][ T1453] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 128.794947][ T1453] usb 5-1: device descriptor read/8, error -71 [ 128.853266][ T8187] binder: 8186:8187 ioctl 4018620d 0 returned -22 [ 128.855711][ T8187] binder: 8186:8187 ioctl c0306201 20000280 returned -11 [ 128.904683][ T1453] usb usb5-port1: unable to enumerate USB device [ 128.969425][ T40] kauditd_printk_skb: 75 callbacks suppressed [ 128.969435][ T40] audit: type=1326 audit(1736977876.248:40547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.3.559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 128.978446][ T40] audit: type=1326 audit(1736977876.248:40548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.3.559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 129.018775][ T40] audit: type=1326 audit(1736977876.248:40549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.3.559" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 129.025374][ T40] audit: type=1326 audit(1736977876.248:40550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.3.559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 129.031763][ T40] audit: type=1326 audit(1736977876.248:40551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.3.559" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 129.038466][ T40] audit: type=1326 audit(1736977876.248:40552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.3.559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 129.046253][ T40] audit: type=1326 audit(1736977876.248:40553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.3.559" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 129.052274][ T40] audit: type=1326 audit(1736977876.248:40554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.3.559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 129.059437][ T40] audit: type=1326 audit(1736977876.248:40555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.3.559" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 129.065755][ T40] audit: type=1326 audit(1736977876.258:40556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.3.559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 129.084274][ T8197] loop5: detected capacity change from 0 to 16384 [ 129.696006][ T833] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 129.755453][ T5312] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 129.758539][ T5312] Bluetooth: hci1: Injecting HCI hardware error event [ 129.763366][ T5959] Bluetooth: hci1: hardware error 0x00 [ 129.815968][ T8208] netlink: 'syz.2.562': attribute type 10 has an invalid length. [ 129.820078][ T8208] netlink: 'syz.2.562': attribute type 10 has an invalid length. [ 129.854268][ T833] usb 8-1: Using ep0 maxpacket: 8 [ 129.863273][ T833] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 129.869407][ T833] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 129.873430][ T833] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 129.878127][ T833] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 129.881190][ T833] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 129.886328][ T833] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 129.889140][ T833] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 130.105224][ T833] usb 8-1: GET_CAPABILITIES returned 0 [ 130.107587][ T833] usbtmc 8-1:16.0: can't read capabilities [ 130.531852][ T1453] usb 8-1: USB disconnect, device number 10 [ 130.667119][ T8226] random: crng reseeded on system resumption [ 130.950669][ T8230] netlink: 24 bytes leftover after parsing attributes in process `syz.0.570'. [ 130.965132][ T8230] netlink: 4 bytes leftover after parsing attributes in process `syz.0.570'. [ 131.250323][ T5312] Bluetooth: hci3: unexpected event for opcode 0x0c7b [ 131.834278][ T5959] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 131.964313][ T6005] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 132.013857][ T8256] netlink: 4 bytes leftover after parsing attributes in process `syz.2.578'. [ 132.136738][ T5959] Bluetooth: hci0: ACL packet for unknown connection handle 201 [ 132.164251][ T6005] usb 5-1: Using ep0 maxpacket: 16 [ 132.168710][ T6005] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 132.171892][ T6005] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 132.174637][ T6005] usb 5-1: Product: syz [ 132.176939][ T6005] usb 5-1: Manufacturer: syz [ 132.178318][ T6005] usb 5-1: SerialNumber: syz [ 132.180552][ T6005] usb 5-1: config 0 descriptor?? [ 132.256011][ T1412] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.257862][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.544040][ T35] usb 5-1: USB disconnect, device number 10 [ 132.603060][ T8279] binder: BINDER_SET_CONTEXT_MGR already set [ 132.607208][ T8279] binder: 8277:8279 ioctl 4018620d 200002c0 returned -16 [ 133.188216][ T105] Bluetooth: (null): Invalid header checksum [ 133.191119][ T105] Bluetooth: (null): Invalid header checksum [ 133.294568][ T1162] Bluetooth: (null): Invalid header checksum [ 133.406855][ T105] Bluetooth: (null): Invalid header checksum [ 133.516339][ T105] Bluetooth: (null): Invalid header checksum [ 133.635570][ T105] Bluetooth: (null): Invalid header checksum [ 133.706632][ T8324] sp0: Synchronizing with TNC [ 133.964231][ T6073] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 134.312414][ T69] Bluetooth: hci4: Frame reassembly failed (-84) [ 134.314642][ T69] Bluetooth: hci4: Frame reassembly failed (-84) [ 134.347945][ T6073] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 134.352468][ T6073] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 134.356318][ T6073] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 134.359682][ T6073] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 134.363572][ T6073] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 134.366322][ T6073] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.379559][ T6073] usb 6-1: config 0 descriptor?? [ 134.390493][ T8329] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 134.797245][ T6073] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 134.799557][ T6073] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 134.802113][ T6073] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 134.805551][ T6073] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 134.808769][ T6073] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 134.811949][ T6073] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 134.814589][ T6073] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 134.817307][ T6073] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 134.819531][ T6073] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 134.821819][ T6073] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 134.825368][ T6073] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 134.828998][ T6073] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 134.832419][ T6073] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 134.838252][ T6073] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 134.841451][ T6073] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 134.844668][ T6073] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving [ 134.852264][ T6073] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 135.076152][ T8329] FAULT_INJECTION: forcing a failure. [ 135.076152][ T8329] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 135.079987][ T8329] CPU: 3 UID: 0 PID: 8329 Comm: syz.1.602 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 135.082951][ T8329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 135.085950][ T8329] Call Trace: [ 135.086901][ T8329] [ 135.087740][ T8329] dump_stack_lvl+0x16c/0x1f0 [ 135.089078][ T8329] should_fail_ex+0x497/0x5b0 [ 135.090437][ T8329] ? fs_reclaim_acquire+0xae/0x150 [ 135.091898][ T8329] should_fail_alloc_page+0xe7/0x130 [ 135.093401][ T8329] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 135.095129][ T8329] __alloc_pages_noprof+0x190/0x25b0 [ 135.096616][ T8329] ? hlock_class+0x4e/0x130 [ 135.097899][ T8329] ? __lock_acquire+0x15a9/0x3c40 [ 135.099314][ T8329] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 135.100933][ T8329] ? hlock_class+0x4e/0x130 [ 135.102204][ T8329] ? __lock_acquire+0xcc5/0x3c40 [ 135.103571][ T8329] ? __pfx___lock_acquire+0x10/0x10 [ 135.105086][ T8329] ? lock_acquire.part.0+0x11b/0x380 [ 135.106592][ T8329] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 135.108320][ T8329] ? policy_nodemask+0xea/0x4e0 [ 135.109716][ T8329] alloc_pages_mpol_noprof+0x2c8/0x620 [ 135.111330][ T8329] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 135.113053][ T8329] ? __fget_files+0x1fc/0x3a0 [ 135.114421][ T8329] ? __pfx_lock_release+0x10/0x10 [ 135.115896][ T8329] get_free_pages_noprof+0xc/0x40 [ 135.117368][ T8329] __pollwait+0x291/0x4c0 [ 135.118617][ T8329] pipe_poll+0x279/0x850 [ 135.119854][ T8329] ? __pfx___pollwait+0x10/0x10 [ 135.121253][ T8329] ? __pfx_pipe_poll+0x10/0x10 [ 135.122641][ T8329] do_sys_poll+0x524/0xde0 [ 135.123950][ T8329] ? __pfx_do_sys_poll+0x10/0x10 [ 135.125389][ T8329] ? __pfx___lock_acquire+0x10/0x10 [ 135.126894][ T8329] ? __pfx___pollwait+0x10/0x10 [ 135.128302][ T8329] ? __pfx_pollwake+0x10/0x10 [ 135.129660][ T8329] ? __pfx_pollwake+0x10/0x10 [ 135.131037][ T8329] ? __pfx_pollwake+0x10/0x10 [ 135.132410][ T8329] ? __pfx_pollwake+0x10/0x10 [ 135.133765][ T8329] ? __pfx_pollwake+0x10/0x10 [ 135.135139][ T8329] ? __pfx_pollwake+0x10/0x10 [ 135.136493][ T8329] ? __pfx_pollwake+0x10/0x10 [ 135.137876][ T8329] ? __pfx_pollwake+0x10/0x10 [ 135.139238][ T8329] ? __pfx_pollwake+0x10/0x10 [ 135.140622][ T8329] ? __mutex_unlock_slowpath+0x164/0x690 [ 135.142242][ T8329] ? set_compat_user_sigmask+0x20f/0x2a0 [ 135.143850][ T8329] ? __pfx_set_compat_user_sigmask+0x10/0x10 [ 135.145563][ T8329] ? __fget_files+0x206/0x3a0 [ 135.146934][ T8329] __ia32_compat_sys_ppoll_time32+0x24a/0x2c0 [ 135.148689][ T8329] ? __pfx___ia32_compat_sys_ppoll_time32+0x10/0x10 [ 135.150573][ T8329] ? ksys_write+0x1ba/0x250 [ 135.151919][ T8329] ? __pfx_ksys_write+0x10/0x10 [ 135.153343][ T8329] __do_fast_syscall_32+0x73/0x120 [ 135.154818][ T8329] do_fast_syscall_32+0x32/0x80 [ 135.156252][ T8329] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 135.158073][ T8329] RIP: 0023:0xf7fa0579 [ 135.159260][ T8329] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 135.164395][ T8329] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000135 [ 135.166730][ T8329] RAX: ffffffffffffffda RBX: 00000000200000c0 RCX: 00000000000000dc [ 135.168902][ T8329] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 135.171141][ T8329] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 135.173332][ T8329] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 135.175528][ T8329] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 135.177815][ T8329] [ 135.182007][ T35] usb 6-1: USB disconnect, device number 7 [ 135.274261][ T5312] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 135.278236][ T5312] Bluetooth: hci3: Injecting HCI hardware error event [ 135.722673][ T8375] sp0: Synchronizing with TNC [ 135.916750][ T8384] netlink: 44 bytes leftover after parsing attributes in process `syz.3.619'. [ 135.920946][ T8384] netlink: 24 bytes leftover after parsing attributes in process `syz.3.619'. [ 136.314262][ T5312] Bluetooth: hci4: command 0x1003 tx timeout [ 136.314287][ T5959] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 136.654346][ T35] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 136.805389][ T35] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 136.807970][ T35] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 136.810946][ T35] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 136.814435][ T35] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 136.818750][ T35] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 136.826511][ T35] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 136.830075][ T35] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 136.832494][ T35] usb 8-1: Product: syz [ 136.834418][ T35] usb 8-1: Manufacturer: syz [ 136.839359][ T35] cdc_wdm 8-1:1.0: skipping garbage [ 136.841485][ T35] cdc_wdm 8-1:1.0: skipping garbage [ 136.845539][ T35] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 136.847967][ T35] cdc_wdm 8-1:1.0: Unknown control protocol [ 137.762602][ T8394] netlink: 12 bytes leftover after parsing attributes in process `syz.3.622'. [ 137.864652][ T8435] fuse: Bad value for 'fd' [ 137.896486][ T35] usb 8-1: USB disconnect, device number 11 [ 137.897278][ T8437] netlink: 'syz.0.634': attribute type 1 has an invalid length. [ 137.900500][ T8437] netlink: 224 bytes leftover after parsing attributes in process `syz.0.634'. [ 137.946038][ T8442] fuse: Bad value for 'fd' [ 138.312082][ T8470] overlayfs: conflicting options: userxattr,redirect_dir=on [ 138.865828][ T8474] netlink: 48 bytes leftover after parsing attributes in process `syz.1.643'. [ 138.972533][ T8484] netlink: 'syz.0.648': attribute type 4 has an invalid length. [ 138.976430][ T8484] netlink: 52 bytes leftover after parsing attributes in process `syz.0.648'. [ 138.980379][ T8484] netlink: 36 bytes leftover after parsing attributes in process `syz.0.648'. [ 139.201240][ T8491] vivid-001: disconnect [ 139.333356][ T40] kauditd_printk_skb: 68 callbacks suppressed [ 139.333373][ T40] audit: type=1326 audit(1736977886.608:40625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8506 comm="syz.3.658" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x0 [ 139.856559][ T40] audit: type=1326 audit(1736977887.138:40626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.2.646" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7fc00000 [ 139.864705][ T40] audit: type=1326 audit(1736977887.138:40627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.2.646" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f61579 code=0x7fc00000 [ 139.871501][ T40] audit: type=1326 audit(1736977887.138:40628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.2.646" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7fc00000 [ 139.878966][ T40] audit: type=1326 audit(1736977887.138:40629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.2.646" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7fc00000 [ 139.885027][ T8490] vivid-001: reconnect [ 139.887123][ T40] audit: type=1326 audit(1736977887.138:40630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.2.646" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7fc00000 [ 139.894261][ T40] audit: type=1326 audit(1736977887.138:40631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.2.646" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7fc00000 [ 139.900326][ T40] audit: type=1326 audit(1736977887.138:40632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.2.646" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7fc00000 [ 139.906461][ T40] audit: type=1326 audit(1736977887.138:40633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.2.646" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7fc00000 [ 139.912594][ T40] audit: type=1326 audit(1736977887.138:40634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.2.646" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7fc00000 [ 140.416369][ T8539] binder_alloc: binder_alloc_mmap_handler: 8538 20ffd000-21000000 already mapped failed -16 [ 140.794299][ T35] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 140.822776][ T8561] /dev/nullb0: Can't open blockdev [ 140.900704][ T8565] 9pnet_fd: Insufficient options for proto=fd [ 140.952321][ T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 140.956786][ T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 140.960688][ T35] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 140.964485][ T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.969683][ T35] usb 8-1: config 0 descriptor?? [ 141.470656][ T8582] net veth1_virt_wifi virt_wifi0: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 141.500167][ T5959] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 141.592160][ T35] usbhid 8-1:0.0: can't add hid device: -71 [ 141.594437][ T35] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 141.598623][ T35] usb 8-1: USB disconnect, device number 12 [ 142.624309][ T1453] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 142.855958][ T8616] netlink: 4 bytes leftover after parsing attributes in process `syz.1.691'. [ 142.894237][ T1453] usb 5-1: Using ep0 maxpacket: 8 [ 142.898903][ T1453] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 142.902206][ T1453] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 142.907779][ T1453] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 142.911575][ T1453] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 142.917345][ T1453] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 142.921638][ T1453] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 142.924296][ T1453] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.152231][ T1453] usb 5-1: GET_CAPABILITIES returned 0 [ 143.154079][ T1453] usbtmc 5-1:16.0: can't read capabilities [ 143.301640][ T8631] netlink: 24 bytes leftover after parsing attributes in process `syz.2.695'. [ 143.954255][ T5959] Bluetooth: hci3: command 0x0405 tx timeout [ 143.976345][ T5953] Bluetooth: hci3: hardware error 0x00 [ 144.164557][ T1453] usb 5-1: USB disconnect, device number 11 [ 144.377520][ T8659] netlink: 8 bytes leftover after parsing attributes in process `syz.2.704'. [ 144.538982][ T8666] siw: device registration error -23 [ 145.785152][ T40] kauditd_printk_skb: 6244 callbacks suppressed [ 145.785512][ T40] audit: type=1326 audit(1736977893.058:46879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8696 comm="syz.0.715" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 145.810731][ T40] audit: type=1326 audit(1736977893.058:46880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8696 comm="syz.0.715" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 145.825534][ T40] audit: type=1326 audit(1736977893.068:46881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8696 comm="syz.0.715" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 145.827921][ T8701] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 145.841506][ T40] audit: type=1326 audit(1736977893.068:46882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8696 comm="syz.0.715" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 145.858711][ T40] audit: type=1326 audit(1736977893.068:46883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8696 comm="syz.0.715" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 145.867020][ T40] audit: type=1326 audit(1736977893.068:46884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8696 comm="syz.0.715" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 145.873553][ T40] audit: type=1326 audit(1736977893.078:46885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8696 comm="syz.0.715" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 145.882527][ T40] audit: type=1326 audit(1736977893.078:46886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8696 comm="syz.0.715" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 145.905138][ T40] audit: type=1326 audit(1736977893.078:46887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8696 comm="syz.0.715" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 145.913262][ T40] audit: type=1326 audit(1736977893.108:46888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8696 comm="syz.0.715" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000 [ 146.005661][ T5953] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 146.081695][ T8712] netlink: 36 bytes leftover after parsing attributes in process `syz.3.718'. [ 146.084544][ T8712] netlink: 16 bytes leftover after parsing attributes in process `syz.3.718'. [ 146.087230][ T8712] netlink: 36 bytes leftover after parsing attributes in process `syz.3.718'. [ 146.512580][ T8728] netlink: 16 bytes leftover after parsing attributes in process `syz.0.721'. [ 147.109397][ T8747] netlink: 56 bytes leftover after parsing attributes in process `syz.2.730'. [ 147.112227][ T8747] netlink: 'syz.2.730': attribute type 5 has an invalid length. [ 147.512732][ T8751] netlink: 8 bytes leftover after parsing attributes in process `syz.2.731'. [ 148.135778][ T8788] netlink: 24 bytes leftover after parsing attributes in process `syz.2.738'. [ 148.462588][ T8804] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 148.465507][ T8804] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 148.614220][ T833] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 148.775821][ T833] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 148.779078][ T833] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 148.782222][ T833] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.786516][ T833] usb 7-1: config 0 descriptor?? [ 149.009498][ T833] usbhid 7-1:0.0: can't add hid device: -71 [ 149.011389][ T833] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 149.015919][ T833] usb 7-1: USB disconnect, device number 13 [ 149.464308][ T1464] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 149.620885][ T8831] dvmrp0: entered allmulticast mode [ 149.624361][ T1464] usb 7-1: Using ep0 maxpacket: 32 [ 149.627266][ T1464] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 149.630353][ T1464] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 149.633070][ T1464] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.638399][ T1464] usb 7-1: config 0 descriptor?? [ 149.641060][ T1464] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 149.644976][ T1464] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 149.693741][ T8833] Cannot find add_set index 0 as target [ 149.719468][ T8834] netlink: 4 bytes leftover after parsing attributes in process `syz.1.748'. [ 149.734926][ T8834] netlink: 'syz.1.748': attribute type 1 has an invalid length. [ 149.736614][ T8836] netlink: 36 bytes leftover after parsing attributes in process `syz.3.750'. [ 149.812210][ T8838] netlink: 24 bytes leftover after parsing attributes in process `syz.1.751'. [ 150.060169][ T8842] netlink: 'syz.3.750': attribute type 4 has an invalid length. [ 150.062578][ T8842] netlink: 17 bytes leftover after parsing attributes in process `syz.3.750'. [ 150.087779][ T8842] netlink: 12 bytes leftover after parsing attributes in process `syz.3.750'. [ 150.091201][ T8841] netlink: 4 bytes leftover after parsing attributes in process `syz.1.752'. [ 150.671473][ T8848] netlink: 4 bytes leftover after parsing attributes in process `syz.0.753'. [ 150.990854][ T8866] netlink: 'syz.0.758': attribute type 4 has an invalid length. [ 151.079470][ T8865] netlink: 20 bytes leftover after parsing attributes in process `syz.0.758'. [ 151.152125][ T1464] usb 7-1: USB disconnect, device number 14 [ 151.156215][ T1464] ldusb 7-1:0.0: LD USB Device #0 now disconnected [ 151.538572][ T8880] siw: device registration error -23 [ 151.605579][ T8882] netlink: 32 bytes leftover after parsing attributes in process `syz.1.764'. [ 151.619889][ T8882] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 151.622736][ T8882] overlayfs: missing 'lowerdir' [ 152.285287][ T8899] ip6t_srh: unknown srh invflags 6BE9 [ 152.288989][ T8899] overlayfs: conflicting options: metacopy=off,verity=on [ 152.937768][ T8905] syz.3.773 (8905) used greatest stack depth: 20480 bytes left [ 152.949909][ T8931] binder: BINDER_SET_CONTEXT_MGR already set [ 152.952497][ T8931] binder: 8929:8931 ioctl 4018620d 20000040 returned -16 [ 153.847480][ T8979] sp0: Synchronizing with TNC [ 153.888692][ T8976] syz.0.793: attempt to access beyond end of device [ 153.888692][ T8976] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 153.893465][ T8976] efs: cannot read volume header [ 154.134986][ T8992] __nla_validate_parse: 3 callbacks suppressed [ 154.135019][ T8992] netlink: 4 bytes leftover after parsing attributes in process `syz.1.796'. [ 154.139661][ T8992] netlink: 48 bytes leftover after parsing attributes in process `syz.1.796'. [ 154.180633][ T8999] netlink: 'syz.0.799': attribute type 12 has an invalid length. [ 154.249243][ T9006] netlink: 4 bytes leftover after parsing attributes in process `syz.0.802'. [ 154.574379][ T5953] Bluetooth: hci2: unexpected event for opcode 0x204e [ 154.708964][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 154.708979][ T40] audit: type=1326 audit(1736977901.988:46903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9021 comm="syz.1.805" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 154.724181][ T40] audit: type=1326 audit(1736977901.998:46904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9021 comm="syz.1.805" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 154.737482][ T40] audit: type=1326 audit(1736977901.998:46905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9021 comm="syz.1.805" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 154.743770][ T40] audit: type=1326 audit(1736977901.998:46906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9021 comm="syz.1.805" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 154.753042][ T40] audit: type=1326 audit(1736977901.998:46907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9021 comm="syz.1.805" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 154.759892][ T40] audit: type=1326 audit(1736977901.998:46908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9021 comm="syz.1.805" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 154.767343][ T40] audit: type=1326 audit(1736977901.998:46909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9021 comm="syz.1.805" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 154.773504][ T40] audit: type=1326 audit(1736977901.998:46910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9021 comm="syz.1.805" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 154.779899][ T40] audit: type=1326 audit(1736977902.008:46911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9021 comm="syz.1.805" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 154.786317][ T40] audit: type=1326 audit(1736977902.008:46912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9021 comm="syz.1.805" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 155.609384][ T9048] netlink: 36 bytes leftover after parsing attributes in process `syz.0.809'. [ 156.108669][ T9056] 9pnet_virtio: no channels available for device syz [ 156.110879][ T9056] overlay: ./file0 is not a directory [ 156.307589][ T9070] can0: slcan on ttyS3. [ 156.525328][ T9083] can0 (unregistered): slcan off ttyS3. [ 157.889909][ T9115] netlink: 84 bytes leftover after parsing attributes in process `syz.1.822'. [ 159.152875][ T9133] netlink: 4 bytes leftover after parsing attributes in process `syz.3.829'. [ 159.398949][ T9152] openvswitch: netlink: IP tunnel TTL not specified. [ 159.686375][ T9180] netlink: 16 bytes leftover after parsing attributes in process `syz.2.847'. [ 159.731678][ T9187] netlink: 28 bytes leftover after parsing attributes in process `syz.1.852'. [ 159.887549][ T9211] netlink: 'syz.0.865': attribute type 10 has an invalid length. [ 159.891292][ T9211] syz_tun: entered promiscuous mode [ 159.898137][ T9211] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 159.900322][ T9213] netlink: 'syz.1.864': attribute type 12 has an invalid length. [ 159.907510][ T9213] netlink: 'syz.1.864': attribute type 4 has an invalid length. [ 160.022379][ T9222] netlink: 24 bytes leftover after parsing attributes in process `syz.0.869'. [ 160.027162][ T40] kauditd_printk_skb: 85 callbacks suppressed [ 160.027190][ T40] audit: type=1326 audit(1736977907.308:46998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9216 comm="syz.1.867" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 160.044973][ T9222] netlink: 4 bytes leftover after parsing attributes in process `syz.0.869'. [ 160.048493][ T40] audit: type=1326 audit(1736977907.318:46999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9216 comm="syz.1.867" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 160.061411][ T40] audit: type=1326 audit(1736977907.318:47000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9216 comm="syz.1.867" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 160.068059][ T40] audit: type=1326 audit(1736977907.318:47001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9216 comm="syz.1.867" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 160.075175][ T40] audit: type=1326 audit(1736977907.318:47002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9216 comm="syz.1.867" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 160.080945][ T40] audit: type=1326 audit(1736977907.318:47003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9216 comm="syz.1.867" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 160.086727][ T40] audit: type=1326 audit(1736977907.318:47004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9216 comm="syz.1.867" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 160.093077][ T40] audit: type=1326 audit(1736977907.318:47005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9216 comm="syz.1.867" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 160.101700][ T40] audit: type=1326 audit(1736977907.318:47006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9216 comm="syz.1.867" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 160.109557][ T40] audit: type=1326 audit(1736977907.348:47007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9216 comm="syz.1.867" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x7ffc0000 [ 160.237659][ T9232] netlink: 24 bytes leftover after parsing attributes in process `syz.3.874'. [ 160.242996][ T9232] netlink: 4 bytes leftover after parsing attributes in process `syz.3.874'. [ 160.329608][ T1464] libceph: connect (1)[c::]:6789 error -101 [ 160.331676][ T1464] libceph: mon0 (1)[c::]:6789 connect error [ 160.353988][ T9241] ceph: No mds server is up or the cluster is laggy [ 160.781398][ T9254] batman_adv: batadv0: Adding interface: dummy0 [ 160.783238][ T9254] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.792144][ T9254] batman_adv: batadv0: Interface activated: dummy0 [ 160.801129][ T9254] batadv0: mtu less than device minimum [ 160.804998][ T9254] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 160.808829][ T9254] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 160.812512][ T9254] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 160.816468][ T9254] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 160.820160][ T9254] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 160.823818][ T9254] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 160.827552][ T9254] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 160.831243][ T9254] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 160.923166][ T9257] netlink: 24 bytes leftover after parsing attributes in process `syz.3.879'. [ 160.929100][ T9257] netlink: 4 bytes leftover after parsing attributes in process `syz.3.879'. [ 161.201717][ T9261] [ 161.202449][ T9261] ============================= [ 161.203819][ T9261] [ BUG: Invalid wait context ] [ 161.205192][ T9261] 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 Not tainted [ 161.207350][ T9261] ----------------------------- [ 161.209896][ T9261] syz.3.881/9261 is trying to lock: [ 161.211386][ T9261] ffff888020909298 (&sighand->siglock){-.-.}-{3:3}, at: __lock_task_sighand+0xc2/0x340 [ 161.214114][ T9261] other info that might help us debug this: [ 161.215734][ T9261] context-{5:5} [ 161.216738][ T9261] 4 locks held by syz.3.881/9261: [ 161.218174][ T9261] #0: ffff8880252ae0a8 (&ctx->uring_lock){+.+.}-{4:4}, at: io_handle_tw_list+0x27c/0x540 [ 161.220963][ T9261] #1: ffff8880639f0128 (&acct->lock){+.+.}-{2:2}, at: io_wq_enqueue+0x20a/0xb30 [ 161.223550][ T9261] #2: ffffffff8ddbad40 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1c2/0x590 [ 161.226194][ T9261] #3: ffffffff8ddbad40 (rcu_read_lock){....}-{1:3}, at: __lock_task_sighand+0x3f/0x340 [ 161.228817][ T9261] stack backtrace: [ 161.229871][ T9261] CPU: 2 UID: 0 PID: 9261 Comm: syz.3.881 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 161.232848][ T9261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 161.235889][ T9261] Call Trace: [ 161.236821][ T9261] [ 161.237600][ T9261] dump_stack_lvl+0x116/0x1f0 [ 161.238942][ T9261] __lock_acquire+0x878/0x3c40 [ 161.240257][ T9261] ? __pfx___lock_acquire+0x10/0x10 [ 161.241708][ T9261] ? __pfx___lock_acquire+0x10/0x10 [ 161.243198][ T9261] lock_acquire.part.0+0x11b/0x380 [ 161.244695][ T9261] ? __lock_task_sighand+0xc2/0x340 [ 161.246197][ T9261] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 161.247803][ T9261] ? rcu_is_watching+0x12/0xc0 [ 161.249208][ T9261] ? trace_lock_acquire+0x14e/0x1f0 [ 161.250615][ T9261] ? trace_lock_acquire+0x14e/0x1f0 [ 161.252003][ T9261] ? __lock_task_sighand+0xc2/0x340 [ 161.253410][ T9261] ? lock_acquire+0x2f/0xb0 [ 161.254544][ T9261] ? __lock_task_sighand+0xc2/0x340 [ 161.255991][ T9261] _raw_spin_lock_irqsave+0x3a/0x60 [ 161.257431][ T9261] ? __lock_task_sighand+0xc2/0x340 [ 161.258874][ T9261] __lock_task_sighand+0xc2/0x340 [ 161.260269][ T9261] group_send_sig_info+0x290/0x300 [ 161.261643][ T9261] ? __pfx_group_send_sig_info+0x10/0x10 [ 161.263164][ T9261] ? __pfx___lock_acquire+0x10/0x10 [ 161.264636][ T9261] bpf_send_signal_common+0x415/0x520 [ 161.266148][ T9261] ? __pfx_bpf_send_signal_common+0x10/0x10 [ 161.267746][ T9261] ? trace_lock_acquire+0x14e/0x1f0 [ 161.269161][ T9261] ? __pfx___lock_acquire+0x10/0x10 [ 161.270594][ T9261] ? bpf_trace_run2+0x1c2/0x590 [ 161.271919][ T9261] bpf_send_signal+0x1d/0x30 [ 161.273154][ T9261] bpf_prog_631417f49dd64198+0x25/0x48 [ 161.274643][ T9261] bpf_trace_run2+0x231/0x590 [ 161.275903][ T9261] ? __pfx_bpf_trace_run2+0x10/0x10 [ 161.277297][ T9261] ? hlock_class+0x4e/0x130 [ 161.278532][ T9261] trace_contention_end.constprop.0+0xf0/0x170 [ 161.280266][ T9261] __pv_queued_spin_lock_slowpath+0x27e/0xc90 [ 161.281940][ T9261] ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10 [ 161.283722][ T9261] ? lock_acquire.part.0+0x11b/0x380 [ 161.285119][ T9261] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 161.286675][ T9261] do_raw_spin_lock+0x210/0x2c0 [ 161.288010][ T9261] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 161.289462][ T9261] ? lock_acquire+0x2f/0xb0 [ 161.290736][ T9261] ? io_wq_enqueue+0x20a/0xb30 [ 161.292059][ T9261] io_wq_enqueue+0x20a/0xb30 [ 161.293328][ T9261] ? io_arm_poll_handler+0x133/0xc60 [ 161.294777][ T9261] ? __pfx_io_wq_enqueue+0x10/0x10 [ 161.296217][ T9261] ? __pfx_io_wq_work_match_item+0x10/0x10 [ 161.297783][ T9261] ? io_prep_async_work+0x654/0x770 [ 161.299179][ T9261] io_queue_iowq+0x28b/0x5c0 [ 161.300426][ T9261] io_queue_async+0x1e7/0x420 [ 161.301682][ T9261] io_req_task_submit+0x1c8/0x1f0 [ 161.303034][ T9261] ? __pfx_io_req_task_submit+0x10/0x10 [ 161.304523][ T9261] io_handle_tw_list+0x4c3/0x540 [ 161.305881][ T9261] ? __pfx_io_handle_tw_list+0x10/0x10 [ 161.307351][ T9261] ? lock_acquire.part.0+0x11b/0x380 [ 161.308793][ T9261] ? find_held_lock+0x2d/0x110 [ 161.310124][ T9261] tctx_task_work_run+0xac/0x390 [ 161.311518][ T9261] tctx_task_work+0x7b/0xd0 [ 161.312735][ T9261] ? __pfx_tctx_task_work+0x10/0x10 [ 161.314168][ T9261] ? _raw_spin_unlock_irq+0x23/0x50 [ 161.315618][ T9261] ? lockdep_hardirqs_on+0x7c/0x110 [ 161.317050][ T9261] task_work_run+0x14e/0x250 [ 161.318333][ T9261] ? __pfx_task_work_run+0x10/0x10 [ 161.319767][ T9261] get_signal+0x1d3/0x2610 [ 161.320998][ T9261] ? __pfx_get_signal+0x10/0x10 [ 161.322328][ T9261] ? fput+0x67/0x440 [ 161.323427][ T9261] ? __do_sys_io_uring_enter+0x5fb/0x1620 [ 161.324967][ T9261] arch_do_signal_or_restart+0x90/0x7e0 [ 161.326476][ T9261] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 161.328164][ T9261] ? rcu_is_watching+0x12/0xc0 [ 161.329463][ T9261] syscall_exit_to_user_mode+0x150/0x2a0 [ 161.330991][ T9261] __do_fast_syscall_32+0x80/0x120 [ 161.332355][ T9261] do_fast_syscall_32+0x32/0x80 [ 161.333670][ T9261] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 161.335383][ T9261] RIP: 0023:0xf70ae579 [ 161.336485][ T9261] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 161.341654][ T9261] RSP: 002b:00000000f50a055c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa [ 161.343858][ T9261] RAX: 0000000000000200 RBX: 0000000000000003 RCX: 0000000000003516 [ 161.345975][ T9261] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 161.348079][ T9261] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 161.350215][ T9261] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 161.352331][ T9261] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 161.354476][ T9261] VM DIAGNOSIS: 21:51:47 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000000 RBX=ffffc90004d5faa8 RCX=ffff888068dd5008 RDX=dffffc0000000000 RSI=ffffffff81e6e69a RDI=ffff888068dd5008 RBP=0000000000000000 RSP=ffffc90004d5f618 R8 =0000000000000007 R9 =0000000000000000 R10=ffffffffffffffff R11=0000000000005f2c R12=0000000000000001 R13=ffffffffffffffff R14=ffff888068dd5000 R15=ffffc90004d5faa8 RIP=ffffffff81e6e6d3 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002f41fffc CR3=000000000db7e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000003 RCX=1ffffffff203a53a RDX=ffff888023360000 RSI=ffffffff81484a84 RDI=ffffffff81484a71 RBP=ffff8880639f0110 RSP=ffffc90006bbfb28 R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff901cf6d7 R11=0000000000000b8f R12=0000000000000003 R13=0000000000000003 R14=ffff88802b53fc40 R15=ffffed100c73e022 RIP=ffffffff81484a86 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f74401b8 CR3=000000006b8c6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85145e25 RDI=ffffffff9a66a200 RBP=ffffffff9a66a1c0 RSP=ffffc90004f66dd8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=000000000000002d R14=ffffffff85145dc0 R15=0000000000000000 RIP=ffffffff85145e4f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020000080 CR3=000000006b8c6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000001d4804 RBX=0000000000000003 RCX=ffffffff8b1a8889 RDX=ffffed10056e6fee RSI=ffffffff8bb17240 RDI=ffffffff81703079 RBP=ffffed10036ea488 RSP=ffffc9000049fe08 R8 =0000000000000000 R9 =ffffed10056e6fed R10=ffff88802b737f6b R11=0000000000000001 R12=0000000000000003 R13=ffff88801b752440 R14=ffffffff901cf6d0 R15=0000000000000000 RIP=ffffffff8b1a9c6f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020958000 CR3=000000006d6b4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000