last executing test programs: 5m41.173907149s ago: executing program 1 (id=769): r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000004c0)=0x7f) (async) socket(0x10, 0x3, 0x0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000280)={'batadv0\x00', 0x0}) (async, rerun: 64) r3 = socket$kcm(0x10, 0x2, 0x0) (async, rerun: 64) r4 = socket$inet6(0xa, 0x3, 0x8) setsockopt$inet6_IPV6_DSTOPTS(r4, 0x29, 0x3b, 0x0, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@map, 0xffffffffffffffff, 0x7, 0x4, 0xffffffffffffffff, @void, @value}, 0x20) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) (async) syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) (async) sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async) r5 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$6lowpan_control(r5, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b) (async, rerun: 64) openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0) (async, rerun: 64) r6 = socket$nl_route(0x10, 0x3, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) socket$nl_netfilter(0x10, 0x3, 0xc) (async) r9 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@fallback=r8, 0x0, 0x1, 0x9ce, &(0x7f0000000300)=[0x0], 0x1, 0x0, &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0, 0x0], &(0x7f0000000440)=[0x0], 0x0}, 0x40) (rerun: 32) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000500)={@fallback=r1, r7, 0x9, 0x2014, 0xffffffffffffffff, @value=r8, @void, @void, @void, r10}, 0x20) (async) r11 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_PEER_GET(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x20, r11, 0xb03, 0x3, 0x0, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x4}]}]}, 0x20}}, 0x0) sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000707070000c00028008000100"/28, @ANYRES32=r6, @ANYBLOB], 0x38}}, 0x0) (async) r12 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r13 = bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x6, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r12, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001bc0)={r13, 0x0, 0x4000, 0x4000, &(0x7f0000001cc0)="633268f83ca3000000a2029e3815bb2fa117d8326687688b2c969fd7267d546214af00d1ca2524d00f9e4d9555f3ab381b5d44fd6bda8c509e66101d296f10c805252e7c5d48d9814f46db8f07441878734b13270fe47fba418b7358984b9a61c2bbf964a520459fd0d90590b46cf1677d580a26933b6e35aee75996b73a15a25aa8ae2f1f9bc9699a505c0dc4050ab2255fc35f508ccc52f10ac12febf28652fe36f725714868675ca2a7042ab4b26904b2f000589694f69ab0b22a5aec72c5036ce1c8974690045e4ab412a70336b4c65b2dfc8121af4143c2e10a0e5632bcd44e0b000029da424d86f298656822dae2c002e289fbfa6fe0dfb2fd57713a7684dc166c628dc45027ac174c5db54f22e409eb4e94263dbc9919f90f1af3290918b9824c3e0268b300bf69cc2eb3fc58f655439bdbe2b905", &(0x7f0000001c40)=""/76, 0x0, 0x0, 0x47, 0x50, &(0x7f0000001ac0)="9c01bd6f9a6028c80d7364240fd78867d9d62eca43c565f2c5ac65dd4a0fadceb6c65dcb07f2421e69087e0f17b4eb709e4805f2722709c46bef17c4cb9aed9fb1c342179ea349", &(0x7f0000001a40)="408fd0050dc7945b483103067eca9bd26ffbe35abf0f88a103f6893dc2b1d1cdc2195d4ae89abc04ff5fe5d2466892c81015df835a7d47be4f852161bc4015e7564b08584290fe1762f943a653008ac5", 0x1, 0x0, 0x13}, 0x22) (async, rerun: 64) r14 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 64) sendmsg$nl_route_sched(r14, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x1000}, 0x0) 5m40.818568542s ago: executing program 1 (id=771): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) socket(0x2c, 0x2, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000005c40)={0x0, 0x0, 0x0}, 0x0) connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) sendto$inet6(r2, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d0000008500000008"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$inet(0x2, 0x1, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f0000000a40)=""/65, 0x41}], 0x1, 0x6, 0x0) 5m39.791223061s ago: executing program 1 (id=777): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2200, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000004c0)=ANY=[@ANYBLOB="010000000015000072000040"]) (fail_nth: 7) 5m39.481016446s ago: executing program 1 (id=780): r0 = socket$alg(0x26, 0x5, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c\x00'}, 0x58) r2 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)={0x14, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x8000) sendmsg$NL80211_CMD_DISASSOCIATE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x14, 0x0, 0x100, 0x70bd2d, 0x25dfdbf9, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x40) socket$alg(0x26, 0x5, 0x0) (async) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) (async) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) (async) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) (async) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) (async) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) (async) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0) (async) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) (async) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) (async) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c\x00'}, 0x58) (async) accept4(r0, 0x0, 0x0, 0x0) (async) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)={0x14, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x8000) (async) sendmsg$NL80211_CMD_DISASSOCIATE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x14, 0x0, 0x100, 0x70bd2d, 0x25dfdbf9, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x40) (async) 5m39.434095285s ago: executing program 1 (id=781): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, 0x0, 0x80) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000040601010000fff500000000000000000500010007"], 0x1c}}, 0x0) 5m39.290941036s ago: executing program 1 (id=782): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0x2, 0x0) write$cgroup_pid(r0, &(0x7f0000000000), 0x12) r1 = syz_io_uring_setup(0xc4f, &(0x7f0000000440)={0x0, 0xfffffffc, 0x10100, 0x7fe}, &(0x7f0000000400)=0x0, &(0x7f0000000200)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000100)=@IORING_OP_SHUTDOWN) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4, 0x0, 0xfffffffffffffffe}, 0x9e) sched_setscheduler(0x0, 0x1, 0x0) r5 = getpid() sched_setscheduler(r5, 0x2, 0x0) r6 = syz_open_dev$MSR(0x0, 0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE(0x0, 0x0, 0x50) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a44000000090a0000000000fa82a3fa211411fa0008000a40000000000900020073797a31000000000900010073797a30000000000800054000000000080008400000000014000000110001"], 0x6c}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x10) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001c08000640ffffff000800034000000028580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c0003802800008008000340000000021c00028018000280080001"], 0xec}}, 0x0) sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001940)=ANY=[@ANYBLOB="14000000100001000000000000000000e900000a20000000000a01020000000000000000050000000900010073797a10000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000213c0000000e0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000100003800c0000800800034000000002"], 0xc0}}, 0x400) io_uring_enter(r1, 0x2dbe, 0x0, 0x0, 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000000)=0x5, 0x8) r9 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000069c0)=@updpolicy={0xb4, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in=@empty, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x80, 0x80}, {0x0, 0x2000000, 0x1}, {}, 0x0, 0x6e6bb0, 0x0, 0x0, 0x1, 0x1}}, 0xb4}}, 0x0) r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000006000000cbb8f6c979f0880e6c297b0ffc469eaf1ad2edc0e92eeb5744bb59a7a35b26a285abbd691b1c9ff9548b683b9daacce4029bdcef3594b92cac18d2c79d1b462e3753c4e15f5a17095695116219346e2163b3bfdb8b1d74c57ec6f064c9fc2f60f4c67dae3b90d0a4c331719db00e9fc3a911", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='mm_page_alloc\x00', r11}, 0x10) r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='pids.current\x00', 0x275a, 0x0) write$UHID_CREATE2(r12, &(0x7f0000000180)=ANY=[], 0x118) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e00000000000000dd92000003"], 0x48) 5m39.215860595s ago: executing program 32 (id=782): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0x2, 0x0) write$cgroup_pid(r0, &(0x7f0000000000), 0x12) r1 = syz_io_uring_setup(0xc4f, &(0x7f0000000440)={0x0, 0xfffffffc, 0x10100, 0x7fe}, &(0x7f0000000400)=0x0, &(0x7f0000000200)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000100)=@IORING_OP_SHUTDOWN) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4, 0x0, 0xfffffffffffffffe}, 0x9e) sched_setscheduler(0x0, 0x1, 0x0) r5 = getpid() sched_setscheduler(r5, 0x2, 0x0) r6 = syz_open_dev$MSR(0x0, 0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE(0x0, 0x0, 0x50) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a44000000090a0000000000fa82a3fa211411fa0008000a40000000000900020073797a31000000000900010073797a30000000000800054000000000080008400000000014000000110001"], 0x6c}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x10) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001c08000640ffffff000800034000000028580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c0003802800008008000340000000021c00028018000280080001"], 0xec}}, 0x0) sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001940)=ANY=[@ANYBLOB="14000000100001000000000000000000e900000a20000000000a01020000000000000000050000000900010073797a10000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000213c0000000e0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000100003800c0000800800034000000002"], 0xc0}}, 0x400) io_uring_enter(r1, 0x2dbe, 0x0, 0x0, 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000000)=0x5, 0x8) r9 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000069c0)=@updpolicy={0xb4, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in=@empty, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x80, 0x80}, {0x0, 0x2000000, 0x1}, {}, 0x0, 0x6e6bb0, 0x0, 0x0, 0x1, 0x1}}, 0xb4}}, 0x0) r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000006000000cbb8f6c979f0880e6c297b0ffc469eaf1ad2edc0e92eeb5744bb59a7a35b26a285abbd691b1c9ff9548b683b9daacce4029bdcef3594b92cac18d2c79d1b462e3753c4e15f5a17095695116219346e2163b3bfdb8b1d74c57ec6f064c9fc2f60f4c67dae3b90d0a4c331719db00e9fc3a911", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='mm_page_alloc\x00', r11}, 0x10) r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='pids.current\x00', 0x275a, 0x0) write$UHID_CREATE2(r12, &(0x7f0000000180)=ANY=[], 0x118) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e00000000000000dd92000003"], 0x48) 15.607180591s ago: executing program 0 (id=3006): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x92) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]}) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') rename(&(0x7f0000000180)='./bus\x00', &(0x7f00000001c0)='./file0\x00') 15.537410242s ago: executing program 0 (id=3008): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0xc}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r6 = openat$kvm(0xffffffffffffff9c, 0x0, 0x121400, 0x0) pread64(r0, 0x0, 0x0, 0x2) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="02"], 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) setsockopt$TIPC_GROUP_LEAVE(r7, 0x10f, 0x88) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0) socket$inet6_sctp(0xa, 0x801, 0x84) 14.641287786s ago: executing program 0 (id=3014): r0 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0) ioctl$CEC_DQEVENT(r0, 0xc0506107, 0x0) r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x47f6, 0x0, 0x4, 0x0, 0x0) 14.641010501s ago: executing program 0 (id=3015): sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}}) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000003c0)={0x2, 0x3, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2) syz_usb_connect(0x0, 0x2d, &(0x7f0000000200)={{0x12, 0x1, 0x0, 0xff, 0xb0, 0x8a, 0x40, 0x1689, 0x58f5, 0x42ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xc7, 0x0, 0x1, 0xff, 0x5d, 0x81, 0x0, [], [{{0x9, 0x5, 0x8}}]}}]}}]}}, 0x0) r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) socket(0x200000100000011, 0x3, 0x3) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sysvipc/shm\x00', 0x0, 0x0) read$FUSE(r6, &(0x7f0000002480)={0x2020}, 0x2020) syz_open_dev$evdev(0x0, 0x0, 0x121041) writev(0xffffffffffffffff, &(0x7f0000000800)=[{&(0x7f0000000700)="ebfa0e81ceb3dc4c43c215dc4dade38ff8c84ace9d15af003afa41ae5fbebe5b175c12cf29c48c2d4b61ce76443645c1dc73113beeb9b5a73cd0415b0437839aa6c68111a4582c3a6a3bb8f9e0", 0x4d}], 0x1) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000000c0)={0x0, 0x0, 0x0, {0x0, 0x100000000000001}, {0x74, 0x2}}) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) 8.766221176s ago: executing program 0 (id=3015): sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}}) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000003c0)={0x2, 0x3, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2) syz_usb_connect(0x0, 0x2d, &(0x7f0000000200)={{0x12, 0x1, 0x0, 0xff, 0xb0, 0x8a, 0x40, 0x1689, 0x58f5, 0x42ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xc7, 0x0, 0x1, 0xff, 0x5d, 0x81, 0x0, [], [{{0x9, 0x5, 0x8}}]}}]}}]}}, 0x0) r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) socket(0x200000100000011, 0x3, 0x3) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sysvipc/shm\x00', 0x0, 0x0) read$FUSE(r6, &(0x7f0000002480)={0x2020}, 0x2020) syz_open_dev$evdev(0x0, 0x0, 0x121041) writev(0xffffffffffffffff, &(0x7f0000000800)=[{&(0x7f0000000700)="ebfa0e81ceb3dc4c43c215dc4dade38ff8c84ace9d15af003afa41ae5fbebe5b175c12cf29c48c2d4b61ce76443645c1dc73113beeb9b5a73cd0415b0437839aa6c68111a4582c3a6a3bb8f9e0", 0x4d}], 0x1) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000000c0)={0x0, 0x0, 0x0, {0x0, 0x100000000000001}, {0x74, 0x2}}) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) 3.240939728s ago: executing program 3 (id=3070): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) lsetxattr$trusted_overlay_upper(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x3) 3.240754316s ago: executing program 3 (id=3071): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee3, 0x8031, 0xffffffffffffffff, 0x20000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, 0x0, 0x0) setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f00000001c0)=0x200000, 0x4) 2.651149909s ago: executing program 4 (id=3076): syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="ffffffffffff000000000000"], 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @main=@item_4={0x3, 0x0, 0x9, "b2938f8d"}, @local=@item_012={0x1, 0x2, 0x2, "90"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8, "000f0200"}, @global=@item_4={0x3, 0x1, 0x5, "a90da1f6"}, @local=@item_4={0x3, 0x2, 0x0, "00000400"}, @global]}}, 0x0}, 0x0) r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0) ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000100)=""/95) 2.440970465s ago: executing program 2 (id=3082): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c000080080003400000000280000b807c"], 0x140}}, 0x0) 2.371325583s ago: executing program 2 (id=3083): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_ADD(r0, 0x0, 0x0) 2.371080422s ago: executing program 2 (id=3084): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000240)={0x1f, 0x21, @fixed}, 0xe) r1 = getpid() sched_setscheduler(r1, 0x2, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$UI_BEGIN_FF_UPLOAD(0xffffffffffffffff, 0xc06855c8, 0x0) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$int_in(r2, 0x5421, &(0x7f0000001100)=0x2000000009) connect$bt_sco(r2, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8) close(r2) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) connect$bt_sco(r3, &(0x7f0000000340)={0x1f, @none}, 0x8) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) connect$bt_sco(r4, &(0x7f0000000600)={0x1f, @none}, 0x8) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, 0x0, 0x800) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000040)) sendmsg$TEAM_CMD_OPTIONS_SET(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYBLOB, @ANYRES32], 0x5c}, 0x1, 0xf000, 0x0, 0x4044040}, 0x8000) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_SIOCSIFFLAGS(r8, 0x8923, 0x0) 2.280892452s ago: executing program 3 (id=3085): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x3c}}, 0x0) 2.280608086s ago: executing program 3 (id=3086): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) socket$inet6(0xa, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901) move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x10) 1.680312514s ago: executing program 0 (id=3015): sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}}) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000003c0)={0x2, 0x3, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2) syz_usb_connect(0x0, 0x2d, &(0x7f0000000200)={{0x12, 0x1, 0x0, 0xff, 0xb0, 0x8a, 0x40, 0x1689, 0x58f5, 0x42ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xc7, 0x0, 0x1, 0xff, 0x5d, 0x81, 0x0, [], [{{0x9, 0x5, 0x8}}]}}]}}]}}, 0x0) r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) socket(0x200000100000011, 0x3, 0x3) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sysvipc/shm\x00', 0x0, 0x0) read$FUSE(r6, &(0x7f0000002480)={0x2020}, 0x2020) syz_open_dev$evdev(0x0, 0x0, 0x121041) writev(0xffffffffffffffff, &(0x7f0000000800)=[{&(0x7f0000000700)="ebfa0e81ceb3dc4c43c215dc4dade38ff8c84ace9d15af003afa41ae5fbebe5b175c12cf29c48c2d4b61ce76443645c1dc73113beeb9b5a73cd0415b0437839aa6c68111a4582c3a6a3bb8f9e0", 0x4d}], 0x1) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000000c0)={0x0, 0x0, 0x0, {0x0, 0x100000000000001}, {0x74, 0x2}}) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) 1.53135268s ago: executing program 2 (id=3087): socket$inet_smc(0x2b, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffd}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0xfc844, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) umount2(&(0x7f0000000040)='./file0\x00', 0x3) 1.361389071s ago: executing program 3 (id=3088): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x40004}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_clone3(&(0x7f00000004c0)={0x114040000, 0x0, &(0x7f0000000180), &(0x7f00000001c0), {0x13}, &(0x7f0000000300)=""/119, 0x77, &(0x7f0000000380)=""/176, &(0x7f0000000280)=[r0], 0x1}, 0x58) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000003c0)=0x14) ioctl$TIOCVHANGUP(r3, 0x5437, 0x2) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 1.051296564s ago: executing program 4 (id=3089): r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r0, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x814}, 0x10) sched_setscheduler(r2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800"/15, @ANYRES32], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x62, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) io_setup(0x8, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$UHID_INPUT(r1, &(0x7f0000000500)={0x8, {"1f607ca6f9a2d53e72834e8960162cc41a743bc6f9e6c2a0c01c99bfc7cb061a05a4c9f29545fa11ffa2c2b2062a10ad18dd312b7aee0e689b33bdf8324ebd7906e88957b6c309e8397c7331d2e536d28a3717e2515a1e7a587ec3270f32339ce785afe8079c0a1255a5b15d286059538ff3b262e579944d1087bec64a17fad56077b2d7a5b503577d648533c8217710c1f847e43b369a911056da2b2ec1fc657b883791dcc17853b4dc3b3ffa742e2889dd2353d70ae76fbe5e76bef07fb090e2b537555ddabdeedb0d008758e7a44e3a0dc3be902c43ced016889329104395166886c3ef31f90f4dd4afdb7f78ac546332340a7fd304f0761d9bdb75538b879409e1ea6fb6f0421f8f46df702335bcff29e1e2c899d37196e7529f36cf3deeaaffab34e47d0b3b86e7ab87087c2d4883052c237d1cf327fa3696af9497e673fb031ec6256a292e01bf0fd628378648a4e8dad18fa4dc70745d718e964ddf7b168fa24ff684dea46ba9453a0d23182968535cb7806847c0313c923808fd9e8e3958bd22cfdad8d5821cb30511eb7fe8a9c583d5465394e334a648d6930d56002f16c09e8e6ffbeedd0cf0459f0ebbce19cf3134ebbb7d93e1e52a52e0587a3ff3af2a6e4983091aa34d7e2787b20b821503c400c17708065beb30d2f0bf2c29a80405061cc52db5573a38c10de4b0e72ca9724f40af90153171426f1428b61152d9eb91d1a11c8fe9abd0f1415761461c2bc0bcc685f6a0e4bd8d763e06a78fa4a7a07b13ad602f34e1c5606793e6d4f389db245ed45a3046d5d2dc47771ec9539b6575f1ed79c1d1e2698d3a397e4a6164cd9accd5dd36e3f0c04767cf3ca5a8218ed37465e24ff3c2e6d2a5c212f9ef52569b35b8249fc005680c06133e1ecd3246f2fc7a7a4763f4ee996319abb76b6a833710de4273083f15e553cf6486d1321d3a98503bcd5fa8d71abbc9dfe03846f812f8ace9536da033ff77d3aaa353c9b838d1f5cdd239934352b33aab0a33a61110e8ddd01aa16214c83e81876bf9c7db6ab5c4cf856ae01ef9f468cfed21f0e9403cb7573e0c316666830a492c6f643a4f10b80344f26cb03de442503fee762cc29bb810daed606ac070f1e744fc53801d978373d1aee544e65de354e29c676530a7567c3045bc74ef70aa29fc3d7a4dcb5558e3a705f6b15254f3cb81fc88a5e549f6def0de6dbddfe0c6c11353424e3d50bd18fdc629cf306b9d8b3bcf8a04576d47d6783745611ca1e2b1bcf99b873b1940f4ab866b8d7189335bc124f955c30ef0a2757ef9a48330498da6ba8931a9a23a0d443318163e1cd917096eab04adde75c0af2bd1366e689b44f670da95ee96d75055fcb2db412390fc12f7b08139a119b6ff0ecbcc4b5051c9e462f0c8e1eac0b35336546726b3bd6a31317d9d21bd49a7032bb2b7b1064a68fe04e28e78b037a5344afc7605753ed863fca198250a8e4be5291cbf91955e8244ee19e57546a5d3b4286b87f1737b73fd47c1534194a089cfbcdeb735a58a0cfde6a16d81f6d40cd36a7e7e82d3219255a6b0ca8d7be56e15184765c57a0a051e5ae71976876585c79baf5efe36420ddd3e13ff15c2465dfdba549f0e37122c2fe26f051704cd770b59fca6c9b087b7a546d5bfe60f73713b815948d4e8a7fcaf5c896f46b187b17357e887debcaf94ee0a8823fd7f7f71f034f3607e0d587fbf2afc7e7812c0c5b47211a3dc307a953448c676cba6bb77105a65bfe15561afca443da27eb31b6019f4fd652f64fc08344fe628d9bf2d34bc924b3abbf518433b634fb73672f81707ab03cd727be62aa144fcf48724998b13d57efcedd920e22c2db4d9691bd86084786c6f72cb4169b6ea0029cd5317bf74163c34c673fae76cc5222b09056325f4afdbd8ab9e74782eedd0e2a9384d131904d1e5018c1c4d01bae0ffdb467e296081c8854908cb4af49586aab42f973f73280670cef01e860a31bf31979836170be2ff3afdf28bf4c896489fac6e80fdbcc7ceeb1774d984f52094a1143ef31b763132ab9cc8b428f937016fb83c8f7790e115c768a57dc2e83059c574ba977c371a0424cb1b99944e492e54ecc0e939fdfad42e45bee2378ecfd001900b9b66fe7ce7d64814b122d3c49a01b16e5590df1398809579f1a2c3be808fca14cc7167d4a98a57950c22b1e667fc95ac33a842d9e271360ec0dc9a7cdaea8a5f75ef88c6b0bf1f7dd533d9dcaeed7a82d1d76f5044b7c0c39426cba6b3e1148e066af6c97e62e884dd2b18ea6244e852ad6751a7678ddef606737c107b4892e1de815d157ad75a4065804aa252060a699263537c405a1aa78a0f390e7afcf15a024c67dfb0f8e34a631bcecb8400c5372205d4ea9a35df88ff88db6a04c995817b53683a4550be38062f2aa5ea211cfaac0934be96f725a7cdd283e05078f61dc257133f4013fdabb25b01fb2f6e88ba1794378cba125bde47c877bd4e4658b937f593f9a09edfcd76887e648eb611047dd6e757c4bcbff011607e5d33e1b23820c9e7c79a773d440ddfad4ce27e0e4a85bda65a352797b014cc4cae65e00f5672e71b547dbea2b1a3f42561f3a59145d6864aed859215802d9f78177f2ca195e3ebcb6db5741cbcccc976b1cf8da042c2c2fd4104395700c8188f68a198b7e16ab5135574da08c420a8b87804036d2c6df257dc1168b07a2291adff7cbc21e2ca17dcbfecb3265c1140fa3938484f08197762a313776bde31d0e0f1f68d06295c17b5afc246d354002d76ac4cae02e3949458392047dddb8608e90ba5c6689a230d8bfc44dffff0f2c2670a8b05a78e5d358019af0e041c32bd8cc02dc607bed2237736c6b805e7d3105fbf5dfbb4d9b7f3bc61e5b712b9516ba91205a3f5051ff4071a02618473190a9780ccec1e41b0b0aafc8e031cbb07f61007115638a5c7bdd7aa7f0042304462157b0251a0f98f6fe1ef82c27d85e832c3f56283b12cacd40332c4cea6c6a200631218309bf626c3fe64ee4bed0d5f9088f6419aa16db32997a6cb5bce64227afff7643745ea89ac8ef5c7abe8c8a1bb2492638f62e21bf5b8079c31e685aefc6e5cedf73ff3ba3a682077ac77ba82dde7ad1a4dd656720f40e106fbfb480a4aba4236dfe0b491aebe1c3ca13cdac77c3ef1f4de8fe165f2a9d2107a87425cd0ab3c11af2ffafe7689cc575f878a002bd0e2067c5fa9dac414301193596737008811c1f2fe29c4a60e126ca5400470ae7b6389f37d302d1f2e02b2a4f019e87c109434219da20e53b29e12270952469cebe8f8c309e099c3f0ea108caecf1608f240759910503afe4992bddade8af9bb2064c15b0bd7ee2268818d628ff40d679652ac74882e02942cc8ee84beb827215d97f4ca68bbc00d8a99db2b8ffbed0ddc6a744fe4272a5984ccce630be3306f2964d7748db7d1a5010bb4695c8cbdc71c1837f4d5396965e33e99b1b113252613ed888e8d23de86a71e9493684384f88fb73bba8f98197051441b5efcc36199b25cdbedc04a69a40333f745665d8280f542f5610afdd3bccebb3bc0f5a9d409cf27f93391f911da36757f7dbb99cbfa64092a568479203d6828a77d718b3817f27f9fc71c5a417955d0583ffa4032e65ac8118bd711c485594e498f807721d288b55a9cbcc1af9950f67e1218fc14aea677ed9f51671619dda0f914a8e08da3c91f077c58e374b235104ac2c2b19b587b7e607634c2cbab844e39a01be15fb7799bf6a17aa7220aae2e2a73f7d7c3bfa12a83120c196b6b0a199cf8e696f1fd14eec1adf5abe5020303cd1193504646eb2bb6786e1c26b29484ce32ef45be80bd7f9be821820e6c97a70c4078541389392b1d2485b3e6ddea956982a1c8d40cefd051dc2742c2b1171da0e9c21f3e6090179320d74af7f89acadedf0d0819a71258d2584426f28bc46bed2146a3a64265bd1e39264c3479fbae22f6383e76b3a87e5600adf788611f6e24a3c57bd5f35a285e807bad09ff9691729519c1bd70d84fa6a16d3c046e586ac9d1d2dc48cc0f99648996ba383865a756059c1927e590adf34d492c2b2a49ef33537ce0e115b58a1205a61c8982c4a1b58ac7326016bc0472dda661e2faad36f229b9045e704badbc934388fbd5a8c05533c63e74aea79aed8df3a5dd5c551aa64bc8fd9fe33d8987d2fe30aa2f94c1deab9b8c0c66abad87c1505d3f8f3422e65d26fdac54d369f4231623163a34862bcbf99f7671212df686df45c07076c5c1f97e8ed5b07764203604519c467de580abcdf38f67c5688c20d7a8eff8034f343b6bcacf35bf4a4da892ae8bd5c95e1c9e346ccab92fee4bab5c05d2db9890428b3abc37056ae438e599c668daa63acd20662715884f36151ecbe5520c328dd7d8f29c41b3b3cdb1b19e40f8d32a932bbe7aa6e617f309ccf683a8956eaee524119e68148beebb0478c6696a9453f16da5deb5f8d39554522e60e796de531de0b0cbf919bbdece9049ef6ae73c49f7c572a1dbd7e625a54a7955f3224ccc27d26e2fdaec1b2695393ff409bebbfc4f2f4f2c55a169034406dfb572e2df3fdf83a15d36e587e50c23bc841b08c3dd6dc3013f85b426f0c90b6ecb392ec5685ef923a2bc5e189ba440029f4bb0cb8a13bea7906f8ce99e381115e2e954a04a4af614fb133a7a937be1fa3dfe5b837dd18123802a4b8db55b326e2aa11b237dd69f95f348f503e44d12d05f42e2bc710112e3530ec926d5bcc060275b777ff746248f40a487a69fe257ec68c2ddecd7106de4e00b43540c8526f5d891ccbd3e17b4716220e84bd41242f342b722901cd1db5c4f151cbc0a45bcb1704fca890377943320b3a853fbf3d5cedc69e62d70c5b2fa718969f10a856ffd85f3d93fa612c8974ee9a7e6808a2ee1338d2c88f4222c6f8757c07dc81ae2826c203408aa30a2ab2f0d6b56f4154aacfc3ef4a781f5694bd4bd4da18c58e9c91d6616b6f9cf977d069df6ffd3ad5d4ff7c70ed786be92bf61166b06b2893233a77da706e6305e86a52f53c972260a0f468c18e86129f692a1077ae6271a3d31587c8d8fa6632fa7212d7f1ff7a97f499240db4fa9a9a198346ab91730dad4f2161fb3588232fa917229bf418af5f2c5b2c4a2f56578f1f183cf0c4c0f2b032e9557bbe13b0c4bd9afb041039e592db8a46467961b5bb6e8de2cda183a20be9ef81593ba205e5c1519861a87a0422a5578d92970c4d097fb5a363cf7891112a0b32e7619ba479ea596b33c1cbfbb370e3e7ec603d2d1d1433e34019bef4d81b289c8fcdb6d1933cbd89be2af38cd93a9ecd6b487f918d5816127e100ab4643aa94921d48c561a53544ed792b6f1da1d93404a25faebf423858dd841ca41d26b2421a13dafe582dc29a4e32919bebc9263c6638a456157f8adb4698570e7806c082286b57c7e5ca53c9878f5ff24ad6c14d60406afd6a646e2dd5536fe902184b83c00644aea3cd4455928255bb71dd743dc7eb3e6b41da8a00fe125e7a9c0bd4ae0664ed405b8ded04bd499fc8f026402df1db38b3bd30cc03fb3df75ed1c85759bf87e46cbaf0aa31d430bf664df11de1dad104bc3342b023e3adf04361a352b1ef5821b7e860d8a0e1dcdbdae0fe7b63911a4d29282c7fb1da0848a2e5b10fa00a3c051a864334642680d6ae3240c46aac5919ac497683e1f458ecf4f57e04f8b660b8fe8d4bf635097bddf480151f137bbf8d0d775c17beadde83b1df1b27cd0e4449727657902100c404a7d3fe59406ea208fc2bc8b4195bcbfaac", 0x1000}}, 0x1006) 601.267827ms ago: executing program 2 (id=3090): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='quota']) r0 = openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd) quotactl_fd$Q_GETNEXTQUOTA(r0, 0xffffffff80000901, 0x0, 0x0) 600.905777ms ago: executing program 2 (id=3091): r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000440)={0x28, 0x0, 0x2710, @hyper}, 0x10) listen(r0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x800000334e8b}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000002500)) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10) mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) execve(&(0x7f00000190c0)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000019080)='./file0\x00', 0x0, 0x23010, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002fc0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)="643c87cf2bd21d995e", 0x9}], 0x1}}], 0x1, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000180)={[&(0x7f0000000200)=' ']}) sendto$packet(r2, &(0x7f0000000600)="5f0efc3e1792a50972d2eb21bdff9ca4ac804c2847fe7bf05ddc63ff512d4074687760a5fbd1fc97772c6f5027dcea15b6658de3b024a6ea22baafb445bf8427c8055d00", 0xffffff3d, 0x0, 0x0, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r3, 0xffffffffffffffff, 0x0) r4 = socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff) getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000500)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', r5, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x80, 0xfffffffc}}) 454.089154ms ago: executing program 3 (id=3092): r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000540)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000480)={0x2c, 0x0, &(0x7f0000000380)={0x0, 0xa, 0x1, 0xff}, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000015c0)={0x1c, &(0x7f0000000380)=ANY=[], 0x0, 0x0}) 141.023919ms ago: executing program 4 (id=3093): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_ADD(r0, 0x0, 0x0) 140.856897ms ago: executing program 4 (id=3094): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000015c0)={0x1, 0x2, 0x6000, 0x2000, &(0x7f0000fa2000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48) close_range(r0, 0xffffffffffffffff, 0x0) 177.76µs ago: executing program 4 (id=3095): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000300)=ANY=[], 0x3c}}, 0x0) 0s ago: executing program 4 (id=3096): futex(&(0x7f0000000140), 0xd, 0x1, &(0x7f0000000180)={0x0, 0x3938700}, 0x0, 0x2) 0s ago: executing program 4 (id=3097): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f00000004c0)={0x2, 0xda0, 0x0, 0x0}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) kernel console output (not intermixed with test programs): /0x110 [ 435.046959][T16446] ? __pfx_vfs_writev+0x10/0x10 [ 435.046980][T16446] ? find_held_lock+0x2d/0x110 [ 435.047003][T16446] ? __pfx_lock_release+0x10/0x10 [ 435.047026][T16446] ? trace_lock_acquire+0x14e/0x1f0 [ 435.047054][T16446] ? __fget_files+0x206/0x3a0 [ 435.047084][T16446] ? do_writev+0x133/0x340 [ 435.047104][T16446] do_writev+0x133/0x340 [ 435.047126][T16446] ? __pfx_do_writev+0x10/0x10 [ 435.047162][T16446] __do_fast_syscall_32+0x73/0x120 [ 435.047188][T16446] do_fast_syscall_32+0x32/0x80 [ 435.047212][T16446] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 435.047240][T16446] RIP: 0023:0xf747e579 [ 435.047254][T16446] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 435.047271][T16446] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000092 [ 435.047288][T16446] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000ac0 [ 435.047299][T16446] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 435.047310][T16446] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 435.047320][T16446] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 435.047330][T16446] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 435.047353][T16446] [ 435.484693][T16453] 9pnet_virtio: no channels available for device 127.0.0.1 [ 435.909195][ T6028] usb 7-1: new high-speed USB device number 28 using dummy_hcd [ 436.064483][ T6028] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 436.068517][ T6028] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 436.072113][ T6028] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 436.076401][ T6028] usb 7-1: config 0 descriptor?? [ 436.292781][ T6028] usbhid 7-1:0.0: can't add hid device: -71 [ 436.294614][ T6028] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 436.302136][ T6028] usb 7-1: USB disconnect, device number 28 [ 436.333147][T16470] IPVS: Error connecting to the multicast addr [ 436.739099][ T6028] usb 7-1: new high-speed USB device number 29 using dummy_hcd [ 436.899160][ T6028] usb 7-1: Using ep0 maxpacket: 32 [ 436.902552][ T6028] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 436.905598][ T6028] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 436.908124][ T6028] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 436.911250][ T6028] usb 7-1: config 0 descriptor?? [ 436.914036][ T6028] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 436.917006][ T6028] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 437.109345][T16487] IPVS: Error connecting to the multicast addr [ 437.173801][T16490] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 437.178009][T16490] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 437.420959][T16500] netlink: 2 bytes leftover after parsing attributes in process `syz.4.2465'. [ 437.424324][T16500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 437.427272][T16500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 437.430599][T16500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 437.435136][T16500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 437.438399][T16500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 437.441957][T16500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 437.445678][T16500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 437.448652][T16500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 437.452240][T16500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 437.455942][T16500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 438.517585][ T6028] usb 7-1: USB disconnect, device number 29 [ 438.522198][T16517] IPVS: set_ctl: invalid protocol: 0 10.1.1.1:20002 [ 438.527276][ T6028] ldusb 7-1:0.0: LD USB Device #0 now disconnected [ 438.699912][T16517] /dev/sr0: Can't open blockdev [ 439.117857][T16526] blktrace: Concurrent blktraces are not allowed on sg0 [ 439.246541][T16536] netlink: 'syz.4.2474': attribute type 10 has an invalid length. [ 439.253102][T16536] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 439.278407][T16536] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2474'. [ 439.314383][T16540] FAULT_INJECTION: forcing a failure. [ 439.314383][T16540] name failslab, interval 1, probability 0, space 0, times 0 [ 439.318127][T16540] CPU: 3 UID: 0 PID: 16540 Comm: syz.0.2476 Not tainted 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 [ 439.318156][T16540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 439.318166][T16540] Call Trace: [ 439.318173][T16540] [ 439.318181][T16540] dump_stack_lvl+0x16c/0x1f0 [ 439.318208][T16540] should_fail_ex+0x50a/0x650 [ 439.318224][T16540] ? fs_reclaim_acquire+0xae/0x150 [ 439.318246][T16540] ? tomoyo_encode2+0x100/0x3e0 [ 439.318267][T16540] should_failslab+0xc2/0x120 [ 439.318283][T16540] __kmalloc_noprof+0xcb/0x510 [ 439.318306][T16540] ? d_absolute_path+0x137/0x1b0 [ 439.318323][T16540] ? rcu_is_watching+0x12/0xc0 [ 439.318343][T16540] tomoyo_encode2+0x100/0x3e0 [ 439.318367][T16540] tomoyo_encode+0x29/0x50 [ 439.318388][T16540] tomoyo_realpath_from_path+0x19d/0x720 [ 439.318416][T16540] tomoyo_path_number_perm+0x248/0x590 [ 439.318435][T16540] ? tomoyo_path_number_perm+0x235/0x590 [ 439.318457][T16540] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 439.318501][T16540] ? __pfx_lock_release+0x10/0x10 [ 439.318524][T16540] ? trace_lock_acquire+0x14e/0x1f0 [ 439.318546][T16540] ? lock_acquire+0x2f/0xb0 [ 439.318565][T16540] ? __fget_files+0x40/0x3a0 [ 439.318590][T16540] ? __fget_files+0x206/0x3a0 [ 439.318615][T16540] security_file_ioctl_compat+0x9b/0x240 [ 439.318637][T16540] __do_compat_sys_ioctl+0x4e/0x2c0 [ 439.318658][T16540] __do_fast_syscall_32+0x73/0x120 [ 439.318677][T16540] do_fast_syscall_32+0x32/0x80 [ 439.318692][T16540] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 439.318710][T16540] RIP: 0023:0xf747e579 [ 439.318719][T16540] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 439.318730][T16540] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 439.318741][T16540] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000002285 [ 439.318747][T16540] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 439.318754][T16540] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 439.318760][T16540] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 439.318766][T16540] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 439.318778][T16540] [ 439.318788][T16540] ERROR: Out of memory at tomoyo_realpath_from_path. [ 439.443890][ T1416] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.445951][ T1416] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.451500][T16536] bridge_slave_1 (unregistering): left allmulticast mode [ 439.456108][T16536] bridge_slave_1 (unregistering): left promiscuous mode [ 439.458193][T16536] bridge0: port 2(bridge_slave_1) entered disabled state [ 440.259145][ T6001] usb 7-1: new high-speed USB device number 30 using dummy_hcd [ 440.366686][T16549] blktrace: Concurrent blktraces are not allowed on sg0 [ 440.440555][ T6001] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 440.444727][ T6001] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 440.448139][ T6001] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 440.508413][ T6001] usb 7-1: config 0 descriptor?? [ 440.721994][ T6001] usbhid 7-1:0.0: can't add hid device: -71 [ 440.726495][ T6001] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 440.732532][ T6001] usb 7-1: USB disconnect, device number 30 [ 441.169110][ T6001] usb 7-1: new high-speed USB device number 31 using dummy_hcd [ 441.306231][T16557] FAULT_INJECTION: forcing a failure. [ 441.306231][T16557] name failslab, interval 1, probability 0, space 0, times 0 [ 441.310572][T16557] CPU: 2 UID: 0 PID: 16557 Comm: syz.4.2482 Not tainted 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 [ 441.310587][T16557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 441.310594][T16557] Call Trace: [ 441.310598][T16557] [ 441.310602][T16557] dump_stack_lvl+0x16c/0x1f0 [ 441.310621][T16557] should_fail_ex+0x50a/0x650 [ 441.310633][T16557] ? fs_reclaim_acquire+0xae/0x150 [ 441.310653][T16557] ? tomoyo_encode2+0x100/0x3e0 [ 441.310675][T16557] should_failslab+0xc2/0x120 [ 441.310691][T16557] __kmalloc_noprof+0xcb/0x510 [ 441.310715][T16557] ? d_absolute_path+0x137/0x1b0 [ 441.310733][T16557] ? rcu_is_watching+0x12/0xc0 [ 441.310754][T16557] tomoyo_encode2+0x100/0x3e0 [ 441.310778][T16557] tomoyo_encode+0x29/0x50 [ 441.310799][T16557] tomoyo_realpath_from_path+0x19d/0x720 [ 441.310829][T16557] tomoyo_path_number_perm+0x248/0x590 [ 441.310848][T16557] ? tomoyo_path_number_perm+0x235/0x590 [ 441.310869][T16557] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 441.310904][T16557] ? __pfx_lock_release+0x10/0x10 [ 441.310921][T16557] ? trace_lock_acquire+0x14e/0x1f0 [ 441.310941][T16557] ? lock_acquire+0x2f/0xb0 [ 441.310962][T16557] ? __fget_files+0x40/0x3a0 [ 441.310989][T16557] ? __fget_files+0x206/0x3a0 [ 441.311017][T16557] security_file_ioctl_compat+0x9b/0x240 [ 441.311041][T16557] __do_compat_sys_ioctl+0x4e/0x2c0 [ 441.311063][T16557] __do_fast_syscall_32+0x73/0x120 [ 441.311089][T16557] do_fast_syscall_32+0x32/0x80 [ 441.311111][T16557] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 441.311136][T16557] RIP: 0023:0xf7fe4579 [ 441.311148][T16557] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 441.311168][T16557] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 441.311181][T16557] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040045612 [ 441.311188][T16557] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 441.311194][T16557] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 441.311200][T16557] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 441.311210][T16557] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 441.311231][T16557] [ 441.311248][T16557] ERROR: Out of memory at tomoyo_realpath_from_path. [ 441.329112][ T6001] usb 7-1: Using ep0 maxpacket: 32 [ 441.349524][T16557] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 441.353207][ T6001] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 441.401465][ T6001] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 441.403969][ T6001] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 441.406865][ T6001] usb 7-1: config 0 descriptor?? [ 441.409546][ T6001] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 441.412676][ T6001] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 441.510983][ T5956] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 441.517715][ T5956] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 441.521397][ T5956] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 441.528889][ T5956] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 441.536812][ T5956] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 441.540935][ T5956] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 441.631673][T16563] chnl_net:caif_netlink_parms(): no params data found [ 441.649126][ T6028] usb 9-1: new high-speed USB device number 17 using dummy_hcd [ 441.664805][T16571] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 441.667615][T16571] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 441.698498][T16563] bridge0: port 1(bridge_slave_0) entered blocking state [ 441.701167][T16563] bridge0: port 1(bridge_slave_0) entered disabled state [ 441.703791][T16563] bridge_slave_0: entered allmulticast mode [ 441.706744][T16563] bridge_slave_0: entered promiscuous mode [ 441.710566][T16563] bridge0: port 2(bridge_slave_1) entered blocking state [ 441.712613][T16563] bridge0: port 2(bridge_slave_1) entered disabled state [ 441.714703][T16563] bridge_slave_1: entered allmulticast mode [ 441.716693][T16563] bridge_slave_1: entered promiscuous mode [ 441.747297][T16563] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 441.750968][T16563] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 441.782038][T16563] team0: Port device team_slave_0 added [ 441.786111][T16563] team0: Port device team_slave_1 added [ 441.799076][ T6028] usb 9-1: Using ep0 maxpacket: 8 [ 441.802631][ T6028] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 441.806592][ T6028] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 441.810136][ T6028] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 441.817577][ T6028] usb 9-1: config 0 descriptor?? [ 441.821222][T16563] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 441.823737][T16563] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 441.833204][T16563] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 441.838255][T16563] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 441.840772][T16563] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 441.849789][T16563] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 441.881001][T16563] hsr_slave_0: entered promiscuous mode [ 441.883547][T16563] hsr_slave_1: entered promiscuous mode [ 441.885836][T16563] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 441.888522][T16563] Cannot create hsr debugfs directory [ 442.027863][ T6028] iowarrior 9-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1 [ 442.229132][ T6028] usb 9-1: USB disconnect, device number 17 [ 442.229408][T16563] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 442.235724][T16563] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 442.241488][T16563] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 442.250187][T16563] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 442.275624][T16563] bridge0: port 2(bridge_slave_1) entered blocking state [ 442.277698][T16563] bridge0: port 2(bridge_slave_1) entered forwarding state [ 442.280030][T16563] bridge0: port 1(bridge_slave_0) entered blocking state [ 442.281996][T16563] bridge0: port 1(bridge_slave_0) entered forwarding state [ 442.305531][T16563] 8021q: adding VLAN 0 to HW filter on device bond0 [ 442.314200][ T58] bridge0: port 1(bridge_slave_0) entered disabled state [ 442.318104][ T58] bridge0: port 2(bridge_slave_1) entered disabled state [ 442.338095][T16563] 8021q: adding VLAN 0 to HW filter on device team0 [ 442.347351][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 442.349471][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 442.354969][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 442.357447][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 442.440319][T16563] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 442.457154][T16563] veth0_vlan: entered promiscuous mode [ 442.462442][T16563] veth1_vlan: entered promiscuous mode [ 442.478093][T16563] veth0_macvtap: entered promiscuous mode [ 442.481940][T16563] veth1_macvtap: entered promiscuous mode [ 442.488007][T16563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 442.491642][T16563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 442.495268][T16563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 442.498058][T16563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 442.501762][T16563] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 442.507561][T16563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 442.511020][T16563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 442.514647][T16563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 442.517708][T16563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 442.521098][T16563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 442.523855][T16563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 442.526480][T16563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 442.529665][T16563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 442.533404][T16563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 442.536538][T16563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 442.539316][T16563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 442.542117][T16563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 442.546367][T16563] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 442.551864][T16563] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.554145][T16563] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.556394][T16563] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.558688][T16563] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.594485][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 442.597282][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 442.608568][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 442.611552][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 442.985029][ T6001] usb 7-1: USB disconnect, device number 31 [ 442.988773][ T6001] ldusb 7-1:0.0: LD USB Device #0 now disconnected [ 443.042803][T16595] FAULT_INJECTION: forcing a failure. [ 443.042803][T16595] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 443.047924][T16595] CPU: 1 UID: 0 PID: 16595 Comm: syz.3.2488 Not tainted 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 [ 443.047947][T16595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 443.047957][T16595] Call Trace: [ 443.047963][T16595] [ 443.047971][T16595] dump_stack_lvl+0x16c/0x1f0 [ 443.047999][T16595] should_fail_ex+0x50a/0x650 [ 443.048020][T16595] _copy_to_user+0x32/0xd0 [ 443.048042][T16595] simple_read_from_buffer+0xd0/0x160 [ 443.048067][T16595] proc_fail_nth_read+0x198/0x270 [ 443.048095][T16595] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 443.048119][T16595] ? rw_verify_area+0xcf/0x680 [ 443.048140][T16595] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 443.048162][T16595] vfs_read+0x1df/0xbf0 [ 443.048185][T16595] ? __fget_files+0x1fc/0x3a0 [ 443.048211][T16595] ? __pfx___mutex_lock+0x10/0x10 [ 443.048234][T16595] ? __pfx_vfs_read+0x10/0x10 [ 443.048264][T16595] ? __fget_files+0x206/0x3a0 [ 443.048296][T16595] ksys_read+0x12b/0x250 [ 443.048318][T16595] ? __pfx_ksys_read+0x10/0x10 [ 443.048348][T16595] __do_fast_syscall_32+0x73/0x120 [ 443.048374][T16595] do_fast_syscall_32+0x32/0x80 [ 443.048398][T16595] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 443.048425][T16595] RIP: 0023:0xf7f6f579 [ 443.048439][T16595] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 443.048455][T16595] RSP: 002b:00000000f5096590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 443.048471][T16595] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5096620 [ 443.048482][T16595] RDX: 000000000000000f RSI: 00000000f73fcff4 RDI: 0000000000000000 [ 443.048493][T16595] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 443.048503][T16595] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 443.048513][T16595] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 443.048536][T16595] [ 443.469191][ T5982] usb 9-1: new high-speed USB device number 18 using dummy_hcd [ 443.599180][ T5299] Bluetooth: hci1: command tx timeout [ 443.621173][ T5982] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 443.624894][ T5982] usb 9-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 443.627461][ T5982] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 443.633395][ T5982] usb 9-1: config 0 descriptor?? [ 443.693491][T16613] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2494'. [ 444.017795][ T5982] usbhid 9-1:0.0: can't add hid device: -71 [ 444.019630][ T5982] usbhid 9-1:0.0: probe with driver usbhid failed with error -71 [ 444.023806][ T5982] usb 9-1: USB disconnect, device number 18 [ 444.389237][ T5982] usb 9-1: new high-speed USB device number 19 using dummy_hcd [ 444.404685][ T41] audit: type=1326 audit(1742287795.576:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.3.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 444.414067][ T41] audit: type=1326 audit(1742287795.576:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.3.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 444.421864][ T41] audit: type=1326 audit(1742287795.576:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.3.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=258 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 444.431034][ T41] audit: type=1326 audit(1742287795.576:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.3.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 444.439145][ T41] audit: type=1326 audit(1742287795.576:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.3.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 444.446875][ T41] audit: type=1326 audit(1742287795.576:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.3.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 444.454706][ T41] audit: type=1326 audit(1742287795.576:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.3.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 444.461367][ T41] audit: type=1326 audit(1742287795.576:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.3.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 444.467333][ T41] audit: type=1326 audit(1742287795.576:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.3.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 444.473415][ T41] audit: type=1326 audit(1742287795.576:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.3.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 444.539133][ T5982] usb 9-1: Using ep0 maxpacket: 32 [ 444.541793][ T5982] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 444.544856][ T5982] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 444.547345][ T5982] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 444.550495][ T5982] usb 9-1: config 0 descriptor?? [ 444.554111][ T5982] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 444.557173][ T5982] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 444.773059][T16631] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2499'. [ 444.809347][T16634] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 444.812348][T16634] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 445.188429][T15651] usb 9-1: USB disconnect, device number 19 [ 445.193964][T15651] ldusb 9-1:0.0: LD USB Device #0 now disconnected [ 445.269153][ T6001] usb 5-1: new high-speed USB device number 46 using dummy_hcd [ 445.431605][ T6001] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 445.435683][ T6001] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 445.439128][ T6001] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 445.444502][ T6001] usb 5-1: config 0 descriptor?? [ 445.664246][ T6001] usbhid 5-1:0.0: can't add hid device: -71 [ 445.666373][ T6001] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 445.679225][ T5299] Bluetooth: hci1: command tx timeout [ 445.681225][ T6001] usb 5-1: USB disconnect, device number 46 [ 445.759626][T16651] overlayfs: failed to resolve './file1': -2 [ 445.909111][T16656] FAULT_INJECTION: forcing a failure. [ 445.909111][T16656] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 445.912768][T16656] CPU: 3 UID: 0 PID: 16656 Comm: syz.4.2507 Not tainted 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 [ 445.912782][T16656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 445.912789][T16656] Call Trace: [ 445.912793][T16656] [ 445.912798][T16656] dump_stack_lvl+0x16c/0x1f0 [ 445.912816][T16656] should_fail_ex+0x50a/0x650 [ 445.912830][T16656] _copy_from_iter+0x2a1/0x1560 [ 445.912842][T16656] ? trace_lock_acquire+0x14e/0x1f0 [ 445.912855][T16656] ? __alloc_skb+0x1fe/0x380 [ 445.912871][T16656] ? __pfx__copy_from_iter+0x10/0x10 [ 445.912882][T16656] ? __virt_addr_valid+0x1a4/0x590 [ 445.912896][T16656] ? __virt_addr_valid+0x5e/0x590 [ 445.912906][T16656] ? __phys_addr_symbol+0x30/0x80 [ 445.912917][T16656] ? __check_object_size+0x488/0x710 [ 445.912930][T16656] netlink_sendmsg+0x813/0xd70 [ 445.912948][T16656] ? __pfx_netlink_sendmsg+0x10/0x10 [ 445.912968][T16656] ____sys_sendmsg+0xaaf/0xc90 [ 445.912982][T16656] ? __pfx_____sys_sendmsg+0x10/0x10 [ 445.912995][T16656] ? get_compat_msghdr+0x11b/0x170 [ 445.913014][T16656] ___sys_sendmsg+0x135/0x1e0 [ 445.913031][T16656] ? __pfx____sys_sendmsg+0x10/0x10 [ 445.913053][T16656] ? __pfx_lock_release+0x10/0x10 [ 445.913067][T16656] ? trace_lock_acquire+0x14e/0x1f0 [ 445.913084][T16656] ? __fget_files+0x206/0x3a0 [ 445.913102][T16656] __sys_sendmsg+0x16e/0x220 [ 445.913119][T16656] ? __pfx___sys_sendmsg+0x10/0x10 [ 445.913144][T16656] __do_fast_syscall_32+0x73/0x120 [ 445.913161][T16656] do_fast_syscall_32+0x32/0x80 [ 445.913176][T16656] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 445.913193][T16656] RIP: 0023:0xf7fe4579 [ 445.913202][T16656] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 445.913213][T16656] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 445.913223][T16656] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 445.913230][T16656] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 445.913236][T16656] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 445.913242][T16656] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 445.913249][T16656] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 445.913261][T16656] [ 446.016097][T16659] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2508'. [ 446.054034][T16661] IPVS: Error connecting to the multicast addr [ 446.255447][ T6001] usb 5-1: new high-speed USB device number 47 using dummy_hcd [ 446.732524][ T6001] usb 5-1: Using ep0 maxpacket: 32 [ 446.741638][ T6001] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 446.744830][ T6001] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 446.747624][ T6001] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 446.757828][ T6001] usb 5-1: config 0 descriptor?? [ 446.771573][ T6001] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 446.778846][ T6001] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 446.845817][T16668] IPVS: Error connecting to the multicast addr [ 447.042157][T16674] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 447.044657][T16674] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 447.759621][ T5299] Bluetooth: hci1: command tx timeout [ 448.119945][T16683] IPVS: sync thread started: state = MASTER, mcast_ifn = wg1, syncid = 262145, id = 0 [ 448.396779][T15651] usb 5-1: USB disconnect, device number 47 [ 448.400641][T15651] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 449.013416][T16700] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2517'. [ 449.903554][T16718] IPVS: sync thread started: state = MASTER, mcast_ifn = wg1, syncid = 262145, id = 0 [ 450.099487][ T31] usb 8-1: new high-speed USB device number 30 using dummy_hcd [ 450.162750][T16727] FAULT_INJECTION: forcing a failure. [ 450.162750][T16727] name failslab, interval 1, probability 0, space 0, times 0 [ 450.166582][T16727] CPU: 3 UID: 0 PID: 16727 Comm: syz.2.2524 Not tainted 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 [ 450.166596][T16727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 450.166604][T16727] Call Trace: [ 450.166607][T16727] [ 450.166612][T16727] dump_stack_lvl+0x16c/0x1f0 [ 450.166687][T16727] should_fail_ex+0x50a/0x650 [ 450.166717][T16727] ? io_cqring_event_overflow+0xcb/0x6f0 [ 450.166732][T16727] should_failslab+0xc2/0x120 [ 450.166744][T16727] __kmalloc_noprof+0xcb/0x510 [ 450.166763][T16727] io_cqring_event_overflow+0xcb/0x6f0 [ 450.166780][T16727] io_req_cqe_overflow+0x101/0x1e0 [ 450.166795][T16727] __io_submit_flush_completions+0x968/0x1df0 [ 450.166816][T16727] ? io_poll_remove_prep+0x24f/0x380 [ 450.166830][T16727] io_submit_sqes+0xa2c/0x2670 [ 450.166848][T16727] __do_sys_io_uring_enter+0xd60/0x1670 [ 450.166861][T16727] ? __fget_files+0x206/0x3a0 [ 450.166878][T16727] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 450.166891][T16727] ? fput+0x67/0x440 [ 450.166902][T16727] ? ksys_write+0x1ba/0x250 [ 450.166916][T16727] ? __pfx_ksys_write+0x10/0x10 [ 450.166935][T16727] __do_fast_syscall_32+0x73/0x120 [ 450.166951][T16727] do_fast_syscall_32+0x32/0x80 [ 450.166967][T16727] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 450.166985][T16727] RIP: 0023:0xf7f64579 [ 450.166994][T16727] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 450.167004][T16727] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa [ 450.167014][T16727] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000002d3e [ 450.167022][T16727] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 450.167029][T16727] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 450.167035][T16727] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 450.167041][T16727] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 450.167053][T16727] [ 450.253152][T16731] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2526'. [ 450.282571][ T31] usb 8-1: config 0 has no interfaces? [ 450.284444][ T31] usb 8-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 450.286989][ T31] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 450.292414][ T31] usb 8-1: config 0 descriptor?? [ 450.294108][T16734] IPVS: Error connecting to the multicast addr [ 450.535864][T15651] usb 8-1: USB disconnect, device number 30 [ 451.002526][T16746] 9pnet_virtio: no channels available for device 127.0.0.1 [ 451.350477][T16756] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 451.478933][T16763] FAULT_INJECTION: forcing a failure. [ 451.478933][T16763] name failslab, interval 1, probability 0, space 0, times 0 [ 451.484875][T16763] CPU: 0 UID: 0 PID: 16763 Comm: syz.4.2536 Not tainted 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 [ 451.484906][T16763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 451.484914][T16763] Call Trace: [ 451.484918][T16763] [ 451.484922][T16763] dump_stack_lvl+0x16c/0x1f0 [ 451.484987][T16763] should_fail_ex+0x50a/0x650 [ 451.485015][T16763] ? fs_reclaim_acquire+0xae/0x150 [ 451.485031][T16763] ? rtnl_newlink+0x109/0x1d60 [ 451.485047][T16763] should_failslab+0xc2/0x120 [ 451.485057][T16763] __kmalloc_cache_noprof+0x68/0x410 [ 451.485072][T16763] ? is_bpf_text_address+0x8a/0x1a0 [ 451.485087][T16763] ? __pfx_lock_release+0x10/0x10 [ 451.485105][T16763] rtnl_newlink+0x109/0x1d60 [ 451.485121][T16763] ? hlock_class+0x4e/0x130 [ 451.485132][T16763] ? __lock_acquire+0xcc5/0x3c40 [ 451.485148][T16763] ? __pfx_rtnl_newlink+0x10/0x10 [ 451.485168][T16763] ? __pfx___lock_acquire+0x10/0x10 [ 451.485183][T16763] ? aa_get_newest_label+0x376/0x680 [ 451.485198][T16763] ? find_held_lock+0x2d/0x110 [ 451.485211][T16763] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 451.485227][T16763] ? __pfx_lock_release+0x10/0x10 [ 451.485255][T16763] ? trace_lock_acquire+0x14e/0x1f0 [ 451.485271][T16763] ? __pfx_rtnl_newlink+0x10/0x10 [ 451.485290][T16763] rtnetlink_rcv_msg+0x95b/0xea0 [ 451.485308][T16763] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 451.485325][T16763] ? __pfx___lock_acquire+0x10/0x10 [ 451.485340][T16763] ? __pfx___lock_acquire+0x10/0x10 [ 451.485354][T16763] ? hlock_class+0x4e/0x130 [ 451.485365][T16763] ? __lock_acquire+0xcc5/0x3c40 [ 451.485382][T16763] netlink_rcv_skb+0x16b/0x440 [ 451.485397][T16763] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 451.485414][T16763] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 451.485437][T16763] ? netlink_deliver_tap+0x1ae/0xd30 [ 451.485454][T16763] netlink_unicast+0x53c/0x7f0 [ 451.485471][T16763] ? __pfx_netlink_unicast+0x10/0x10 [ 451.485487][T16763] ? __phys_addr_symbol+0x30/0x80 [ 451.485499][T16763] ? __check_object_size+0x488/0x710 [ 451.485512][T16763] netlink_sendmsg+0x8b8/0xd70 [ 451.485530][T16763] ? __pfx_netlink_sendmsg+0x10/0x10 [ 451.485550][T16763] ____sys_sendmsg+0xaaf/0xc90 [ 451.485564][T16763] ? __pfx_____sys_sendmsg+0x10/0x10 [ 451.485577][T16763] ? get_compat_msghdr+0x11b/0x170 [ 451.485596][T16763] ___sys_sendmsg+0x135/0x1e0 [ 451.485613][T16763] ? __pfx____sys_sendmsg+0x10/0x10 [ 451.485635][T16763] ? __pfx_lock_release+0x10/0x10 [ 451.485649][T16763] ? trace_lock_acquire+0x14e/0x1f0 [ 451.485666][T16763] ? __fget_files+0x206/0x3a0 [ 451.485685][T16763] __sys_sendmsg+0x16e/0x220 [ 451.485701][T16763] ? __pfx___sys_sendmsg+0x10/0x10 [ 451.485726][T16763] __do_fast_syscall_32+0x73/0x120 [ 451.485742][T16763] do_fast_syscall_32+0x32/0x80 [ 451.485757][T16763] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 451.485775][T16763] RIP: 0023:0xf7fe4579 [ 451.485783][T16763] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 451.485794][T16763] RSP: 002b:00000000f50e555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 451.485805][T16763] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000100 [ 451.485811][T16763] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 451.485817][T16763] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 451.485823][T16763] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 451.485830][T16763] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 451.485842][T16763] [ 452.181871][T16772] IPVS: Error connecting to the multicast addr [ 454.065269][T16813] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 455.350328][ T36] usb 9-1: new full-speed USB device number 20 using dummy_hcd [ 455.514858][ T36] usb 9-1: not running at top speed; connect to a high speed hub [ 455.520359][ T36] usb 9-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 455.522864][ T36] usb 9-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 455.525376][ T36] usb 9-1: config 1 has no interface number 1 [ 455.527153][ T36] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 455.546192][ T36] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 455.548732][ T36] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 455.551689][ T36] usb 9-1: Product: syz [ 455.552878][ T36] usb 9-1: Manufacturer: syz [ 455.556093][ T36] usb 9-1: SerialNumber: syz [ 455.920868][T16853] 9pnet_virtio: no channels available for device 127.0.0.1 [ 455.993297][ T36] usb 9-1: 2:1: invalid format type 0x1002 is detected, processed as PCM [ 455.998429][ T36] usb 9-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 456.020181][ T36] usb 9-1: USB disconnect, device number 20 [ 456.214743][T15582] udevd[15582]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 457.039282][ T36] usb 7-1: new high-speed USB device number 32 using dummy_hcd [ 457.201815][ T36] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 457.207002][ T36] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 457.210545][ T36] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 457.219985][ T36] usb 7-1: config 0 descriptor?? [ 457.436510][ T36] usbhid 7-1:0.0: can't add hid device: -71 [ 457.440651][ T36] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 457.446688][ T36] usb 7-1: USB disconnect, device number 32 [ 457.946374][ T36] usb 7-1: new high-speed USB device number 33 using dummy_hcd [ 458.099211][ T36] usb 7-1: Using ep0 maxpacket: 32 [ 458.110241][ T36] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 458.114199][ T36] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 458.117485][ T36] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 458.124020][ T36] usb 7-1: config 0 descriptor?? [ 458.126815][ T36] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 458.131019][ T36] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 458.329312][T16903] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 458.385208][T16905] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 458.388757][T16905] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 459.727019][ T36] usb 7-1: USB disconnect, device number 33 [ 459.756996][ T36] ldusb 7-1:0.0: LD USB Device #0 now disconnected [ 459.777087][T16922] blktrace: Concurrent blktraces are not allowed on sg0 [ 460.114570][T16929] IPVS: Error connecting to the multicast addr [ 461.754699][T16957] blktrace: Concurrent blktraces are not allowed on sg0 [ 462.147585][T16978] 9pnet_virtio: no channels available for device 127.0.0.1 [ 462.396609][T16979] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 462.706151][T16983] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2588'. [ 462.958769][T16986] IPVS: Error connecting to the multicast addr [ 463.969537][T16996] blktrace: Concurrent blktraces are not allowed on sg0 [ 464.091878][T17001] blktrace: Concurrent blktraces are not allowed on sg0 [ 464.185445][ T41] kauditd_printk_skb: 23 callbacks suppressed [ 464.185461][ T41] audit: type=1326 audit(1742287815.356:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17003 comm="syz.4.2594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 464.196743][ T41] audit: type=1326 audit(1742287815.356:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17003 comm="syz.4.2594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 464.209481][ T41] audit: type=1326 audit(1742287815.366:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17003 comm="syz.4.2594" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 464.228470][ T41] audit: type=1326 audit(1742287815.366:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17003 comm="syz.4.2594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 464.289172][ T41] audit: type=1326 audit(1742287815.366:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17003 comm="syz.4.2594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 464.297791][ T41] audit: type=1326 audit(1742287815.366:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17003 comm="syz.4.2594" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 464.317315][ T41] audit: type=1326 audit(1742287815.366:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17003 comm="syz.4.2594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 464.323523][ T41] audit: type=1326 audit(1742287815.366:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17003 comm="syz.4.2594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 464.330210][ T41] audit: type=1326 audit(1742287815.366:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17003 comm="syz.4.2594" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 464.334187][T17012] overlayfs: failed to resolve './file0': -2 [ 464.337016][ T41] audit: type=1326 audit(1742287815.376:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17003 comm="syz.4.2594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 464.748746][T17023] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 465.048326][T17022] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 465.559608][T17033] blktrace: Concurrent blktraces are not allowed on sg0 [ 465.817642][T17047] FAULT_INJECTION: forcing a failure. [ 465.817642][T17047] name failslab, interval 1, probability 0, space 0, times 0 [ 465.821866][T17047] CPU: 0 UID: 0 PID: 17047 Comm: syz.3.2605 Not tainted 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 [ 465.821891][T17047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 465.821899][T17047] Call Trace: [ 465.821903][T17047] [ 465.821908][T17047] dump_stack_lvl+0x16c/0x1f0 [ 465.821975][T17047] should_fail_ex+0x50a/0x650 [ 465.822003][T17047] ? fs_reclaim_acquire+0xae/0x150 [ 465.822019][T17047] ? io_cache_alloc_new+0x45/0xf0 [ 465.822033][T17047] should_failslab+0xc2/0x120 [ 465.822044][T17047] __kmalloc_noprof+0xcb/0x510 [ 465.822063][T17047] io_cache_alloc_new+0x45/0xf0 [ 465.822078][T17047] io_prep_rw+0xdc8/0x10e0 [ 465.822094][T17047] ? __pfx_io_prep_rw+0x10/0x10 [ 465.822110][T17047] ? __asan_memset+0x23/0x50 [ 465.822124][T17047] ? __io_alloc_req_refill+0x30c/0x5b0 [ 465.822143][T17047] io_prep_rwv+0xa8/0x360 [ 465.822158][T17047] ? __pfx_io_prep_rwv+0x10/0x10 [ 465.822179][T17047] io_submit_sqes+0x863/0x2670 [ 465.822197][T17047] __do_sys_io_uring_enter+0xd60/0x1670 [ 465.822211][T17047] ? __fget_files+0x206/0x3a0 [ 465.822227][T17047] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 465.822240][T17047] ? fput+0x67/0x440 [ 465.822251][T17047] ? ksys_write+0x1ba/0x250 [ 465.822265][T17047] ? __pfx_ksys_write+0x10/0x10 [ 465.822284][T17047] __do_fast_syscall_32+0x73/0x120 [ 465.822301][T17047] do_fast_syscall_32+0x32/0x80 [ 465.822316][T17047] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 465.822334][T17047] RIP: 0023:0xf7f6f579 [ 465.822343][T17047] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 465.822354][T17047] RSP: 002b:00000000f507555c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa [ 465.822364][T17047] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000000047ba [ 465.822372][T17047] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 465.822382][T17047] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 465.822391][T17047] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 465.822401][T17047] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 465.822421][T17047] [ 466.649562][T17054] FAULT_INJECTION: forcing a failure. [ 466.649562][T17054] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 466.660145][T17054] CPU: 1 UID: 0 PID: 17054 Comm: syz.2.2609 Not tainted 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 [ 466.660162][T17054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 466.660169][T17054] Call Trace: [ 466.660172][T17054] [ 466.660177][T17054] dump_stack_lvl+0x16c/0x1f0 [ 466.660196][T17054] should_fail_ex+0x50a/0x650 [ 466.660210][T17054] _copy_to_iter+0x465/0x1560 [ 466.660225][T17054] ? __pfx__copy_to_iter+0x10/0x10 [ 466.660236][T17054] ? __virt_addr_valid+0x1a4/0x590 [ 466.660250][T17054] ? __virt_addr_valid+0x5e/0x590 [ 466.660260][T17054] ? __phys_addr+0xc6/0x150 [ 466.660270][T17054] ? __phys_addr_symbol+0x30/0x80 [ 466.660280][T17054] ? __check_object_size+0x488/0x710 [ 466.660293][T17054] simple_copy_to_iter+0x4f/0x80 [ 466.660309][T17054] __skb_datagram_iter+0x5a6/0x8c0 [ 466.660322][T17054] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 466.660340][T17054] skb_copy_datagram_iter+0x40/0x50 [ 466.660355][T17054] unix_stream_read_actor+0x7b/0xc0 [ 466.660372][T17054] unix_stream_read_generic+0xe04/0x27d0 [ 466.660397][T17054] ? __pfx_unix_stream_read_generic+0x10/0x10 [ 466.660414][T17054] ? hlock_class+0x4e/0x130 [ 466.660430][T17054] ? __pfx_autoremove_wake_function+0x10/0x10 [ 466.660450][T17054] unix_stream_recvmsg+0x192/0x1c0 [ 466.660460][T17054] ? __pfx_unix_stream_recvmsg+0x10/0x10 [ 466.660477][T17054] ? __pfx_aa_sk_perm+0x10/0x10 [ 466.660490][T17054] ? __pfx_unix_stream_read_actor+0x10/0x10 [ 466.660506][T17054] ? find_held_lock+0x2d/0x110 [ 466.660520][T17054] sock_recvmsg+0x1f6/0x250 [ 466.660533][T17054] ____sys_recvmsg+0x219/0x6b0 [ 466.660548][T17054] ? __pfx_____sys_recvmsg+0x10/0x10 [ 466.660569][T17054] ___sys_recvmsg+0x115/0x1a0 [ 466.660586][T17054] ? __pfx____sys_recvmsg+0x10/0x10 [ 466.660603][T17054] ? __fget_files+0x1fc/0x3a0 [ 466.660619][T17054] ? trace_lock_acquire+0x14e/0x1f0 [ 466.660635][T17054] ? __fget_files+0x206/0x3a0 [ 466.660654][T17054] do_recvmmsg+0x55d/0x740 [ 466.660672][T17054] ? __pfx_do_recvmmsg+0x10/0x10 [ 466.660689][T17054] ? vfs_write+0x306/0x1150 [ 466.660711][T17054] ? __fget_files+0x206/0x3a0 [ 466.660728][T17054] __sys_recvmmsg+0x21e/0x280 [ 466.660739][T17054] ? __pfx___sys_recvmmsg+0x10/0x10 [ 466.660749][T17054] ? __pfx_ksys_write+0x10/0x10 [ 466.660766][T17054] __ia32_compat_sys_recvmmsg_time32+0xc4/0x160 [ 466.660782][T17054] ? lockdep_hardirqs_on+0x7c/0x110 [ 466.660797][T17054] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 466.660812][T17054] __do_fast_syscall_32+0x73/0x120 [ 466.660828][T17054] do_fast_syscall_32+0x32/0x80 [ 466.660843][T17054] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 466.660861][T17054] RIP: 0023:0xf7f64579 [ 466.660870][T17054] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 466.660886][T17054] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 466.660896][T17054] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000800034c0 [ 466.660903][T17054] RDX: 000000000000013c RSI: 0000000000000700 RDI: 0000000000000000 [ 466.660910][T17054] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 466.660916][T17054] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 466.660922][T17054] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 466.660934][T17054] [ 466.664749][T17056] 9pnet_fd: Insufficient options for proto=fd [ 466.919111][ T36] usb 9-1: new high-speed USB device number 21 using dummy_hcd [ 467.032265][T17069] blktrace: Concurrent blktraces are not allowed on sg0 [ 467.054714][T17071] netlink: 'syz.3.2614': attribute type 27 has an invalid length. [ 467.069128][ T36] usb 9-1: Using ep0 maxpacket: 8 [ 467.072551][ T36] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 467.073601][T17071] bridge0: port 2(bridge_slave_1) entered disabled state [ 467.076507][ T36] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 467.079402][T17071] bridge0: port 1(bridge_slave_0) entered disabled state [ 467.082597][ T36] usb 9-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x76, changing to 0x6 [ 467.090470][ T36] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 100, changing to 10 [ 467.094548][ T36] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 24936, setting to 1024 [ 467.098549][ T36] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 467.101910][ T36] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 467.106796][ T36] hub 9-1:1.0: bad descriptor, ignoring hub [ 467.108808][ T36] hub 9-1:1.0: probe with driver hub failed with error -5 [ 467.111245][ T36] cdc_wdm 9-1:1.0: skipping garbage [ 467.112700][ T36] cdc_wdm 9-1:1.0: skipping garbage [ 467.114240][ T36] cdc_wdm 9-1:1.0: probe with driver cdc_wdm failed with error -22 [ 467.161350][T17071] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 467.172196][T17071] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 467.214888][T17071] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.217368][T17071] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.220503][T17071] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.223120][T17071] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.256527][T17073] 8021q: adding VLAN 0 to HW filter on device bond0 [ 467.258905][T17073] 8021q: adding VLAN 0 to HW filter on device team0 [ 467.262732][T17073] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 467.409421][ T5983] usb 9-1: USB disconnect, device number 21 [ 467.508094][T17061] FAULT_INJECTION: forcing a failure. [ 467.508094][T17061] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 467.511831][T17061] CPU: 3 UID: 0 PID: 17061 Comm: syz.4.2610 Not tainted 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 [ 467.511846][T17061] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 467.511854][T17061] Call Trace: [ 467.511857][T17061] [ 467.511861][T17061] dump_stack_lvl+0x16c/0x1f0 [ 467.511881][T17061] should_fail_ex+0x50a/0x650 [ 467.511894][T17061] strncpy_from_user+0x3b/0x2d0 [ 467.511911][T17061] getname_flags.part.0+0x8f/0x550 [ 467.511930][T17061] getname+0x8d/0xe0 [ 467.511943][T17061] do_sys_openat2+0x104/0x1e0 [ 467.511955][T17061] ? __pfx_do_sys_openat2+0x10/0x10 [ 467.511968][T17061] ? __fget_files+0x206/0x3a0 [ 467.511986][T17061] __ia32_compat_sys_openat+0x16e/0x210 [ 467.511998][T17061] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 467.512011][T17061] ? ksys_write+0x1ba/0x250 [ 467.512030][T17061] __do_fast_syscall_32+0x73/0x120 [ 467.512046][T17061] do_fast_syscall_32+0x32/0x80 [ 467.512061][T17061] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 467.512079][T17061] RIP: 0023:0xf7fe4579 [ 467.512087][T17061] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 467.512098][T17061] RSP: 002b:00000000f5104460 EFLAGS: 00000293 ORIG_RAX: 0000000000000127 [ 467.512108][T17061] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f72f4df8 [ 467.512115][T17061] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 00000000f746cff4 [ 467.512122][T17061] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 467.512128][T17061] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 467.512134][T17061] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 467.512146][T17061] [ 467.778064][T17088] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2619'. [ 467.802494][T17088] mac80211_hwsim hwsim23 wlan1: entered promiscuous mode [ 467.808006][T17088] macvtap1: entered promiscuous mode [ 467.862234][T17088] mac80211_hwsim hwsim23 wlan1: left promiscuous mode [ 468.052834][T17092] IPVS: Error connecting to the multicast addr [ 470.300489][T17121] FAULT_INJECTION: forcing a failure. [ 470.300489][T17121] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 470.305444][T17121] CPU: 0 UID: 0 PID: 17121 Comm: syz.2.2626 Not tainted 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 [ 470.305460][T17121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 470.305467][T17121] Call Trace: [ 470.305471][T17121] [ 470.305476][T17121] dump_stack_lvl+0x16c/0x1f0 [ 470.305535][T17121] should_fail_ex+0x50a/0x650 [ 470.305564][T17121] ? __pfx___might_resched+0x10/0x10 [ 470.305583][T17121] should_fail_alloc_page+0xe7/0x130 [ 470.305596][T17121] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 470.305613][T17121] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 470.305632][T17121] ? __pfx_mark_lock+0x10/0x10 [ 470.305650][T17121] ? hlock_class+0x4e/0x130 [ 470.305661][T17121] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 470.305683][T17121] ? mark_held_locks+0x9f/0xe0 [ 470.305697][T17121] ? __pfx___lock_acquire+0x10/0x10 [ 470.305712][T17121] ? finish_task_switch.isra.0+0x217/0xcc0 [ 470.305729][T17121] ? finish_task_switch.isra.0+0x2e8/0xcc0 [ 470.305744][T17121] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 470.305762][T17121] ? policy_nodemask+0xea/0x4e0 [ 470.305773][T17121] alloc_pages_mpol+0x1fc/0x540 [ 470.305784][T17121] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 470.305794][T17121] ? __page_table_check_ptes_set+0x16b/0x3e0 [ 470.305812][T17121] ? do_raw_spin_lock+0x12d/0x2c0 [ 470.305822][T17121] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 470.305834][T17121] alloc_pages_noprof+0x131/0x390 [ 470.305844][T17121] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 470.305859][T17121] get_free_pages_noprof+0xc/0x40 [ 470.305871][T17121] kasan_populate_vmalloc_pte+0x2d/0x160 [ 470.305886][T17121] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 470.305902][T17121] __apply_to_page_range+0x5fd/0xd30 [ 470.305918][T17121] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 470.305935][T17121] ? __pfx___apply_to_page_range+0x10/0x10 [ 470.305950][T17121] ? preempt_schedule_thunk+0x1a/0x30 [ 470.305967][T17121] alloc_vmap_area+0x93e/0x2a60 [ 470.305985][T17121] ? __pfx_alloc_vmap_area+0x10/0x10 [ 470.306001][T17121] __get_vm_area_node+0x19e/0x2f0 [ 470.306016][T17121] ? vb2_fop_read+0x213/0x3e0 [ 470.306032][T17121] __vmalloc_node_range_noprof+0x26a/0x1530 [ 470.306047][T17121] ? vb2_vmalloc_alloc+0x11e/0x3d0 [ 470.306067][T17121] ? vb2_vmalloc_alloc+0x11e/0x3d0 [ 470.306086][T17121] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 470.306108][T17121] ? vb2_vmalloc_alloc+0x11e/0x3d0 [ 470.306125][T17121] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 470.306140][T17121] vmalloc_user_noprof+0x6b/0x90 [ 470.306155][T17121] ? vb2_vmalloc_alloc+0x11e/0x3d0 [ 470.306171][T17121] vb2_vmalloc_alloc+0x11e/0x3d0 [ 470.306188][T17121] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 470.306204][T17121] __vb2_queue_alloc+0x896/0x1230 [ 470.306225][T17121] vb2_core_reqbufs+0xa73/0xfb0 [ 470.306244][T17121] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 470.306266][T17121] __vb2_init_fileio+0x3f3/0x1110 [ 470.306283][T17121] ? __pfx___schedule+0x10/0x10 [ 470.306296][T17121] ? vb2_fop_read+0xe2/0x3e0 [ 470.306311][T17121] __vb2_perform_fileio+0x9de/0x1620 [ 470.306331][T17121] ? __pfx___vb2_perform_fileio+0x10/0x10 [ 470.306351][T17121] vb2_fop_read+0x213/0x3e0 [ 470.306365][T17121] ? __pfx_vb2_fop_read+0x10/0x10 [ 470.306382][T17121] v4l2_read+0x226/0x360 [ 470.306394][T17121] ? __pfx_v4l2_read+0x10/0x10 [ 470.306406][T17121] vfs_read+0x1df/0xbf0 [ 470.306422][T17121] ? __fget_files+0x1fc/0x3a0 [ 470.306437][T17121] ? __pfx_lock_release+0x10/0x10 [ 470.306452][T17121] ? __pfx_vfs_read+0x10/0x10 [ 470.306467][T17121] ? lock_acquire+0x2f/0xb0 [ 470.306480][T17121] ? __fget_files+0x40/0x3a0 [ 470.306497][T17121] ? __fget_files+0x206/0x3a0 [ 470.306516][T17121] ksys_pread64+0x170/0x1a0 [ 470.306531][T17121] ? __pfx_ksys_pread64+0x10/0x10 [ 470.306550][T17121] __do_fast_syscall_32+0x73/0x120 [ 470.306566][T17121] do_fast_syscall_32+0x32/0x80 [ 470.306581][T17121] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 470.306599][T17121] RIP: 0023:0xf7f64579 [ 470.306609][T17121] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 470.306620][T17121] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 00000000000000b4 [ 470.306631][T17121] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180 [ 470.306638][T17121] RDX: 0000000000000051 RSI: 0000000000000000 RDI: 0000000000000000 [ 470.306644][T17121] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 470.306650][T17121] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 470.306656][T17121] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 470.306668][T17121] [ 470.307080][T17121] syz.2.2626: vmalloc error: size 70778880, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 470.458471][T17121] CPU: 0 UID: 0 PID: 17121 Comm: syz.2.2626 Not tainted 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 [ 470.458495][T17121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 470.458503][T17121] Call Trace: [ 470.458507][T17121] [ 470.458512][T17121] dump_stack_lvl+0x16c/0x1f0 [ 470.458533][T17121] warn_alloc+0x24d/0x3a0 [ 470.458550][T17121] ? __pfx_warn_alloc+0x10/0x10 [ 470.458568][T17121] ? kfree+0x2c4/0x4d0 [ 470.458585][T17121] ? __get_vm_area_node+0x1dc/0x2f0 [ 470.458602][T17121] __vmalloc_node_range_noprof+0xd24/0x1530 [ 470.458621][T17121] ? vb2_vmalloc_alloc+0x11e/0x3d0 [ 470.458640][T17121] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 470.458659][T17121] ? vb2_vmalloc_alloc+0x11e/0x3d0 [ 470.458675][T17121] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 470.458691][T17121] vmalloc_user_noprof+0x6b/0x90 [ 470.458705][T17121] ? vb2_vmalloc_alloc+0x11e/0x3d0 [ 470.458721][T17121] vb2_vmalloc_alloc+0x11e/0x3d0 [ 470.458739][T17121] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 470.458754][T17121] __vb2_queue_alloc+0x896/0x1230 [ 470.458776][T17121] vb2_core_reqbufs+0xa73/0xfb0 [ 470.458795][T17121] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 470.458821][T17121] __vb2_init_fileio+0x3f3/0x1110 [ 470.458838][T17121] ? __pfx___schedule+0x10/0x10 [ 470.458852][T17121] ? vb2_fop_read+0xe2/0x3e0 [ 470.458867][T17121] __vb2_perform_fileio+0x9de/0x1620 [ 470.458886][T17121] ? __pfx___vb2_perform_fileio+0x10/0x10 [ 470.458907][T17121] vb2_fop_read+0x213/0x3e0 [ 470.458921][T17121] ? __pfx_vb2_fop_read+0x10/0x10 [ 470.458937][T17121] v4l2_read+0x226/0x360 [ 470.458949][T17121] ? __pfx_v4l2_read+0x10/0x10 [ 470.458961][T17121] vfs_read+0x1df/0xbf0 [ 470.458976][T17121] ? __fget_files+0x1fc/0x3a0 [ 470.459002][T17121] ? __pfx_lock_release+0x10/0x10 [ 470.459018][T17121] ? __pfx_vfs_read+0x10/0x10 [ 470.459033][T17121] ? lock_acquire+0x2f/0xb0 [ 470.459047][T17121] ? __fget_files+0x40/0x3a0 [ 470.459064][T17121] ? __fget_files+0x206/0x3a0 [ 470.459084][T17121] ksys_pread64+0x170/0x1a0 [ 470.459100][T17121] ? __pfx_ksys_pread64+0x10/0x10 [ 470.459118][T17121] __do_fast_syscall_32+0x73/0x120 [ 470.459134][T17121] do_fast_syscall_32+0x32/0x80 [ 470.459150][T17121] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 470.459167][T17121] RIP: 0023:0xf7f64579 [ 470.459176][T17121] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 470.459187][T17121] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 00000000000000b4 [ 470.459197][T17121] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180 [ 470.459204][T17121] RDX: 0000000000000051 RSI: 0000000000000000 RDI: 0000000000000000 [ 470.459210][T17121] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 470.459217][T17121] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 470.459222][T17121] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 470.459234][T17121] [ 470.555465][T17121] Mem-Info: [ 470.556746][T17121] active_anon:4663 inactive_anon:3809 isolated_anon:0 [ 470.556746][T17121] active_file:6020 inactive_file:19428 isolated_file:0 [ 470.556746][T17121] unevictable:1768 dirty:244 writeback:0 [ 470.556746][T17121] slab_reclaimable:6666 slab_unreclaimable:68804 [ 470.556746][T17121] mapped:27091 shmem:5121 pagetables:861 [ 470.556746][T17121] sec_pagetables:312 bounce:0 [ 470.556746][T17121] kernel_misc_reclaimable:0 [ 470.556746][T17121] free:50854 free_pcp:7344 free_cma:0 [ 470.574685][T17121] Node 0 active_anon:2388kB inactive_anon:0kB active_file:1224kB inactive_file:540kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2212kB dirty:68kB writeback:0kB shmem:4560kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9424kB pagetables:964kB sec_pagetables:1120kB all_unreclaimable? yes [ 470.584237][T17121] Node 1 active_anon:16264kB inactive_anon:15236kB active_file:22856kB inactive_file:77172kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:106152kB dirty:908kB writeback:0kB shmem:15924kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:3592kB pagetables:2480kB sec_pagetables:128kB all_unreclaimable? no [ 470.593173][T17121] Node 0 DMA free:3732kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:52kB local_pcp:40kB free_cma:0kB [ 470.600695][T17121] lowmem_reserve[]: 0 294 294 294 294 [ 470.603355][T17121] Node 0 DMA32 free:18420kB boost:2048kB min:15608kB low:18996kB high:22384kB reserved_highatomic:4096KB active_anon:2388kB inactive_anon:0kB active_file:1224kB inactive_file:536kB unevictable:3536kB writepending:68kB present:1032196kB managed:301720kB mlocked:0kB bounce:0kB free_pcp:3164kB local_pcp:132kB free_cma:0kB [ 470.619202][T17121] lowmem_reserve[]: 0 0 0 0 0 [ 470.620787][T17121] Node 1 DMA32 free:182584kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:16264kB inactive_anon:15236kB active_file:22856kB inactive_file:77172kB unevictable:3536kB writepending:908kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:25248kB local_pcp:2944kB free_cma:0kB [ 470.630415][T17121] lowmem_reserve[]: 0 0 0 0 0 [ 470.631775][T17121] Node 0 DMA: 77*4kB (UM) 58*8kB (UM) 43*16kB (U) 21*32kB (UM) 7*64kB (UM) 1*128kB (M) 0*256kB 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 3732kB [ 470.636177][T17121] Node 0 DMA32: 551*4kB (UMEH) 145*8kB (UMEH) 5*16kB (MEH) 102*32kB (UMEH) 45*64kB (UME) 13*128kB (UME) 4*256kB (UME) 4*512kB (UM) 4*1024kB (M) 0*2048kB 0*4096kB = 18420kB [ 470.642985][T17121] Node 1 DMA32: 843*4kB (UME) 152*8kB (UME) 32*16kB (UME) 237*32kB (UME) 332*64kB (UME) 99*128kB (UME) 56*256kB (UME) 29*512kB (UM) 18*1024kB (UM) 27*2048kB (UM) 8*4096kB (UM) = 182284kB [ 470.649974][T17124] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2627'. [ 470.653450][T17121] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 470.657003][T17121] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 470.660599][T17121] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 470.664173][T17121] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 470.667433][T17121] 30755 total pagecache pages [ 470.670278][T17121] 186 pages in swap cache [ 470.672047][T17121] Free swap = 121724kB [ 470.673573][T17121] Total swap = 124996kB [ 470.675309][T17121] 524155 pages RAM [ 470.676767][T17121] 0 pages HighMem/MovableOnly [ 470.678509][T17121] 207822 pages reserved [ 470.680706][T17121] 0 pages cma reserved [ 471.201967][T17134] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 471.707403][T17143] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 472.007855][T17154] 9pnet_virtio: no channels available for device 127.0.0.1 [ 472.259084][T17159] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2635'. [ 472.274343][ T41] kauditd_printk_skb: 35 callbacks suppressed [ 472.274390][ T41] audit: type=1326 audit(1742287823.446:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17150 comm="syz.2.2635" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x0 [ 472.599270][T17163] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2637'. [ 472.602312][T17163] netlink: 'syz.3.2637': attribute type 7 has an invalid length. [ 472.604718][T17163] netlink: 'syz.3.2637': attribute type 8 has an invalid length. [ 472.606867][T17163] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2637'. [ 472.613800][T17165] IPVS: Error connecting to the multicast addr [ 473.547990][T17197] FAULT_INJECTION: forcing a failure. [ 473.547990][T17197] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 473.552647][T17197] CPU: 2 UID: 0 PID: 17197 Comm: syz.4.2647 Not tainted 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 [ 473.552664][T17197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 473.552672][T17197] Call Trace: [ 473.552676][T17197] [ 473.552680][T17197] dump_stack_lvl+0x16c/0x1f0 [ 473.552712][T17197] should_fail_ex+0x50a/0x650 [ 473.552728][T17197] _copy_from_user+0x2e/0xd0 [ 473.552741][T17197] move_addr_to_kernel+0x68/0x160 [ 473.552757][T17197] __sys_connect+0xb0/0x170 [ 473.552772][T17197] ? __pfx___sys_connect+0x10/0x10 [ 473.552793][T17197] ? __pfx_ksys_write+0x10/0x10 [ 473.552817][T17197] __ia32_sys_connect+0x71/0xb0 [ 473.552833][T17197] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 473.552850][T17197] __do_fast_syscall_32+0x73/0x120 [ 473.552867][T17197] do_fast_syscall_32+0x32/0x80 [ 473.552883][T17197] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 473.552902][T17197] RIP: 0023:0xf7fe4579 [ 473.552911][T17197] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 473.552923][T17197] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 000000000000016a [ 473.552934][T17197] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080 [ 473.552941][T17197] RDX: 000000000000001e RSI: 0000000000000000 RDI: 0000000000000000 [ 473.552947][T17197] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 473.552954][T17197] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 473.552960][T17197] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 473.552973][T17197] [ 473.749715][T17207] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 473.758228][T17212] IPVS: Error connecting to the multicast addr [ 474.186097][T17225] 9pnet_virtio: no channels available for device syz [ 474.747088][T17232] IPVS: Error connecting to the multicast addr [ 475.757964][T17265] IPVS: Error connecting to the multicast addr [ 475.817660][T17267] 9pnet_virtio: no channels available for device 127.0.0.1 [ 476.993163][T17286] veth3: entered promiscuous mode [ 477.076042][T17291] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2670'. [ 477.097310][T17291] 8021q: adding VLAN 0 to HW filter on device bond3 [ 477.765860][T17313] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 478.471957][T17330] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2680'. [ 478.504832][T17330] 8021q: adding VLAN 0 to HW filter on device bond1 [ 480.181383][T17352] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 480.183597][T17352] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 480.186931][T17352] vhci_hcd vhci_hcd.0: Device attached [ 480.293060][T17363] block device autoloading is deprecated and will be removed. [ 480.413450][T17366] blktrace: Concurrent blktraces are not allowed on sg0 [ 480.439291][ T10] usb 37-1: new low-speed USB device number 5 using vhci_hcd [ 480.536601][T17352] netlink: 'syz.0.2686': attribute type 10 has an invalid length. [ 480.543712][T17352] team0: Device ipvlan1 failed to register rx_handler [ 480.553112][T17354] vhci_hcd: connection reset by peer [ 480.554868][ T1173] vhci_hcd: stop threads [ 480.556077][ T1173] vhci_hcd: release socket [ 480.559068][ T1173] vhci_hcd: disconnect device [ 480.559653][T17362] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 480.570833][T17360] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 480.752179][T17377] block device autoloading is deprecated and will be removed. [ 480.767005][T17379] IPVS: Error connecting to the multicast addr [ 481.271106][T17394] block device autoloading is deprecated and will be removed. [ 481.555823][T17400] blktrace: Concurrent blktraces are not allowed on sg0 [ 481.673317][T17405] tmpfs: Bad value for 'mpol' [ 481.869114][ T41] audit: type=1326 audit(1742287833.026:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17402 comm="syz.2.2699" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 481.878160][ T41] audit: type=1326 audit(1742287833.026:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17402 comm="syz.2.2699" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 481.884120][ T41] audit: type=1326 audit(1742287833.026:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17402 comm="syz.2.2699" exe="/syz-executor" sig=0 arch=40000003 syscall=276 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 481.890037][ T41] audit: type=1326 audit(1742287833.026:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17402 comm="syz.2.2699" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 481.895794][ T41] audit: type=1326 audit(1742287833.026:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17402 comm="syz.2.2699" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 481.901682][ T41] audit: type=1326 audit(1742287833.026:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17402 comm="syz.2.2699" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 481.907465][ T41] audit: type=1326 audit(1742287833.026:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17402 comm="syz.2.2699" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 481.913956][ T41] audit: type=1326 audit(1742287833.026:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17402 comm="syz.2.2699" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 481.919795][ T41] audit: type=1326 audit(1742287833.026:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17402 comm="syz.2.2699" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 481.925552][ T41] audit: type=1326 audit(1742287833.026:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17402 comm="syz.2.2699" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 482.170450][T17410] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 482.442056][T17420] /dev/sr0: Can't open blockdev [ 482.700166][T17430] blktrace: Concurrent blktraces are not allowed on sg0 [ 483.222447][T17449] block device autoloading is deprecated and will be removed. [ 483.813784][T17470] 9pnet_virtio: no channels available for device 127.0.0.1 [ 484.802333][T17494] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2721'. [ 484.810416][T17494] Bluetooth: (null): Out-of-order packet arrived (4 != 0) [ 484.814668][ T13] Bluetooth: (null): Invalid header checksum [ 484.872099][T17499] block device autoloading is deprecated and will be removed. [ 485.055437][T17510] block device autoloading is deprecated and will be removed. [ 485.690849][T17530] afs: Unknown parameter 'smackfsroot' [ 485.698742][ T10] vhci_hcd: vhci_device speed not set [ 485.921889][T17538] 9pnet_virtio: no channels available for device 127.0.0.1 [ 486.213307][T17541] block device autoloading is deprecated and will be removed. [ 487.003135][T17556] IPVS: Error connecting to the multicast addr [ 487.246374][T17559] 9pnet_virtio: no channels available for device syz [ 488.380874][T17584] usb 1-1: USB disconnect, device number 2 [ 488.464193][T17595] random: crng reseeded on system resumption [ 488.540771][T17601] 9pnet_virtio: no channels available for device 127.0.0.1 [ 489.385823][T17610] IPVS: Error connecting to the multicast addr [ 489.399400][ T3227] usb 5-1: new high-speed USB device number 48 using dummy_hcd [ 489.569862][ T3227] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 489.575061][ T3227] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 489.578629][ T3227] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 489.587510][ T3227] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 489.590814][ T3227] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 489.591583][T17617] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2754'. [ 489.593851][ T3227] usb 5-1: Product: syz [ 489.600773][ T3227] usb 5-1: Manufacturer: syz [ 489.602623][ T3227] usb 5-1: SerialNumber: syz [ 489.605114][T17617] 8021q: adding VLAN 0 to HW filter on device bond4 [ 489.819568][ T3227] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 48 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 490.018840][ T3227] usb 5-1: USB disconnect, device number 48 [ 490.024365][ T3227] usblp0: removed [ 491.311997][T17644] IPVS: Error connecting to the multicast addr [ 492.702016][T17660] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2764'. [ 492.704627][T17660] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2764'. [ 492.943589][ T41] kauditd_printk_skb: 55 callbacks suppressed [ 492.943603][ T41] audit: type=1800 audit(1742287844.116:1021): pid=17673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2767" name="file1" dev="overlay" ino=516 res=0 errno=0 [ 493.023651][T17675] overlay: filesystem on ./bus not supported as upperdir [ 493.171111][T17677] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2768'. [ 494.909598][T17703] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 495.672578][T17711] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 495.693742][T17717] FAULT_INJECTION: forcing a failure. [ 495.693742][T17717] name failslab, interval 1, probability 0, space 0, times 0 [ 495.697258][T17717] CPU: 0 UID: 0 PID: 17717 Comm: syz.0.2778 Not tainted 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 [ 495.697273][T17717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 495.697280][T17717] Call Trace: [ 495.697284][T17717] [ 495.697288][T17717] dump_stack_lvl+0x16c/0x1f0 [ 495.697362][T17717] should_fail_ex+0x50a/0x650 [ 495.697392][T17717] ? fs_reclaim_acquire+0xae/0x150 [ 495.697408][T17717] ? vlan_dev_set_egress_priority+0x1a2/0x400 [ 495.697421][T17717] should_failslab+0xc2/0x120 [ 495.697432][T17717] __kmalloc_cache_noprof+0x68/0x410 [ 495.697450][T17717] vlan_dev_set_egress_priority+0x1a2/0x400 [ 495.697465][T17717] vlan_changelink+0x52f/0x5e0 [ 495.697479][T17717] vlan_newlink+0x3ba/0x6a0 [ 495.697491][T17717] ? __pfx_vlan_newlink+0x10/0x10 [ 495.697504][T17717] rtnl_newlink+0xb95/0x1d60 [ 495.697525][T17717] ? __pfx_rtnl_newlink+0x10/0x10 [ 495.697544][T17717] ? __pfx___lock_acquire+0x10/0x10 [ 495.697559][T17717] ? kfree_skbmem+0x1a4/0x1f0 [ 495.697574][T17717] ? aa_get_newest_label+0x376/0x680 [ 495.697588][T17717] ? find_held_lock+0x2d/0x110 [ 495.697606][T17717] ? __pfx_rtnl_newlink+0x10/0x10 [ 495.697623][T17717] rtnetlink_rcv_msg+0x95b/0xea0 [ 495.697641][T17717] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 495.697663][T17717] netlink_rcv_skb+0x16b/0x440 [ 495.697680][T17717] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 495.697698][T17717] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 495.697720][T17717] ? netlink_deliver_tap+0x1ae/0xd30 [ 495.697738][T17717] netlink_unicast+0x53c/0x7f0 [ 495.697755][T17717] ? __pfx_netlink_unicast+0x10/0x10 [ 495.697772][T17717] ? __phys_addr_symbol+0x30/0x80 [ 495.697783][T17717] ? __check_object_size+0x488/0x710 [ 495.697795][T17717] netlink_sendmsg+0x8b8/0xd70 [ 495.697813][T17717] ? __pfx_netlink_sendmsg+0x10/0x10 [ 495.697834][T17717] ____sys_sendmsg+0xaaf/0xc90 [ 495.697848][T17717] ? __pfx_____sys_sendmsg+0x10/0x10 [ 495.697864][T17717] ? get_compat_msghdr+0x11b/0x170 [ 495.697885][T17717] ___sys_sendmsg+0x135/0x1e0 [ 495.697903][T17717] ? __pfx____sys_sendmsg+0x10/0x10 [ 495.697924][T17717] ? __pfx_lock_release+0x10/0x10 [ 495.697939][T17717] ? trace_lock_acquire+0x14e/0x1f0 [ 495.697955][T17717] ? __fget_files+0x206/0x3a0 [ 495.697974][T17717] __sys_sendmsg+0x16e/0x220 [ 495.697991][T17717] ? __pfx___sys_sendmsg+0x10/0x10 [ 495.698016][T17717] __do_fast_syscall_32+0x73/0x120 [ 495.698033][T17717] do_fast_syscall_32+0x32/0x80 [ 495.698048][T17717] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 495.698067][T17717] RIP: 0023:0xf740e579 [ 495.698075][T17717] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 495.698087][T17717] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 495.698097][T17717] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280 [ 495.698103][T17717] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 495.698109][T17717] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 495.698115][T17717] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 495.698121][T17717] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 495.698133][T17717] [ 496.068935][T17718] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 496.106034][T17729] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2780'. [ 496.126450][T17729] 8021q: adding VLAN 0 to HW filter on device bond5 [ 498.000419][T17766] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2789'. [ 498.049248][T17766] 8021q: adding VLAN 0 to HW filter on device bond3 [ 498.225025][T17771] blktrace: Concurrent blktraces are not allowed on sg0 [ 498.611414][T17774] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2791'. [ 498.617431][T17774] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2791'. [ 499.349457][T17796] 9pnet_virtio: no channels available for device 127.0.0.1 [ 500.575732][T17808] cgroup: fork rejected by pids controller in /syz4 [ 500.891440][ T1416] ieee802154 phy0 wpan0: encryption failed: -22 [ 500.893281][ T1416] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.169113][ T5982] usb 5-1: new high-speed USB device number 49 using dummy_hcd [ 501.329217][ T5982] usb 5-1: Using ep0 maxpacket: 8 [ 501.338018][ T5982] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 501.340937][ T5982] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 501.346681][ T5982] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 501.353524][ T5982] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 501.360417][ T5982] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 501.366100][ T5982] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 501.375908][ T5982] hub 5-1:1.0: bad descriptor, ignoring hub [ 501.381051][ T5982] hub 5-1:1.0: probe with driver hub failed with error -5 [ 501.385597][ T5982] cdc_wdm 5-1:1.0: skipping garbage [ 501.389044][ T5982] cdc_wdm 5-1:1.0: skipping garbage [ 501.393525][ T5982] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 501.397497][ T5982] cdc_wdm 5-1:1.0: Unknown control protocol [ 502.232750][T17894] 9pnet_virtio: no channels available for device 127.0.0.1 [ 502.289529][T17857] usb 5-1: reset high-speed USB device number 49 using dummy_hcd [ 502.749331][ T5983] usb 5-1: USB disconnect, device number 49 [ 503.627615][T17917] FAULT_INJECTION: forcing a failure. [ 503.627615][T17917] name failslab, interval 1, probability 0, space 0, times 0 [ 503.637820][T17917] CPU: 2 UID: 0 PID: 17917 Comm: syz.2.2818 Not tainted 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 [ 503.637845][T17917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 503.637857][T17917] Call Trace: [ 503.637863][T17917] [ 503.637871][T17917] dump_stack_lvl+0x16c/0x1f0 [ 503.637955][T17917] should_fail_ex+0x50a/0x650 [ 503.637994][T17917] ? fs_reclaim_acquire+0xae/0x150 [ 503.638017][T17917] ? __request_module+0x2c6/0x6c0 [ 503.638042][T17917] should_failslab+0xc2/0x120 [ 503.638059][T17917] __kmalloc_cache_noprof+0x68/0x410 [ 503.638081][T17917] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 503.638103][T17917] ? lockdep_hardirqs_on+0x7c/0x110 [ 503.638129][T17917] __request_module+0x2c6/0x6c0 [ 503.638153][T17917] ? crypto_alg_mod_lookup+0x3a2/0x4e0 [ 503.638173][T17917] ? __pfx___request_module+0x10/0x10 [ 503.638206][T17917] ? __pfx___up_read+0x10/0x10 [ 503.638232][T17917] ? notifier_call_chain+0x36c/0x410 [ 503.638256][T17917] ? crypto_alg_mod_lookup+0x2da/0x4e0 [ 503.638280][T17917] crypto_alg_mod_lookup+0x3a2/0x4e0 [ 503.638315][T17917] crypto_alloc_tfm_node+0xd3/0x260 [ 503.638334][T17917] ? kasan_save_track+0x14/0x30 [ 503.638360][T17917] ? __pfx_rng_bind+0x10/0x10 [ 503.638377][T17917] rng_bind+0x6c/0xf0 [ 503.638395][T17917] alg_bind+0x264/0x510 [ 503.638421][T17917] __sys_bind+0x213/0x260 [ 503.638445][T17917] ? __pfx___sys_bind+0x10/0x10 [ 503.638465][T17917] ? __fget_files+0x206/0x3a0 [ 503.638498][T17917] ? __pfx_ksys_write+0x10/0x10 [ 503.638533][T17917] __ia32_sys_bind+0x71/0xb0 [ 503.638554][T17917] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 503.638575][T17917] __do_fast_syscall_32+0x73/0x120 [ 503.638596][T17917] do_fast_syscall_32+0x32/0x80 [ 503.638617][T17917] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 503.638644][T17917] RIP: 0023:0xf7f64579 [ 503.638656][T17917] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 503.638671][T17917] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000169 [ 503.638688][T17917] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0 [ 503.638699][T17917] RDX: 0000000000000058 RSI: 0000000000000000 RDI: 0000000000000000 [ 503.638709][T17917] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 503.638718][T17917] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 503.638728][T17917] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 503.638750][T17917] [ 504.411843][T17939] IPVS: Error connecting to the multicast addr [ 505.347364][T17961] IPVS: Error connecting to the multicast addr [ 505.532967][T17956] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 505.911497][T17973] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2829'. [ 506.210366][T17979] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 506.785595][T18002] IPVS: Error connecting to the multicast addr [ 507.641446][T18004] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 508.563423][ T41] audit: type=1800 audit(1742287859.736:1022): pid=18037 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2846" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0 [ 508.709056][T18039] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2847'. [ 508.722471][T18039] 8021q: adding VLAN 0 to HW filter on device bond4 [ 508.802104][T18042] IPVS: Error connecting to the multicast addr [ 513.211293][T18131] mac80211_hwsim hwsim23 wlan1: entered allmulticast mode [ 513.236192][T18131] bridge_slave_0: left allmulticast mode [ 513.237840][T18131] bridge_slave_0: left promiscuous mode [ 513.240381][T18131] bridge0: port 1(bridge_slave_0) entered disabled state [ 513.244207][T18131] bridge_slave_1: left allmulticast mode [ 513.245885][T18131] bridge_slave_1: left promiscuous mode [ 513.247506][T18131] bridge0: port 2(bridge_slave_1) entered disabled state [ 513.252034][T18131] bond0: (slave bond_slave_0): Releasing backup interface [ 513.256028][T18131] bond0: (slave bond_slave_1): Releasing backup interface [ 513.270415][T18131] team0: Port device team_slave_0 removed [ 513.275573][T18131] team0: Port device team_slave_1 removed [ 513.277535][T18131] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 513.280738][T18131] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 513.283586][T18131] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 513.285749][T18136] netlink: 'syz.0.2872': attribute type 10 has an invalid length. [ 513.286012][T18131] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 513.305116][T18136] mac80211_hwsim hwsim23 wlan1: left allmulticast mode [ 513.313817][T18136] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 513.510001][T18148] IPVS: Error connecting to the multicast addr [ 514.474218][T18174] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2882'. [ 514.476782][T18174] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2882'. [ 514.732377][T18184] usb usb6: usbfs: process 18184 (syz.2.2885) did not claim interface 0 before use [ 515.420442][T18197] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 515.484957][T18201] lo: entered allmulticast mode [ 515.769088][ T6003] usb 5-1: new high-speed USB device number 50 using dummy_hcd [ 515.919253][ T6003] usb 5-1: Using ep0 maxpacket: 16 [ 515.925898][ T6003] usb 5-1: config 0 has an invalid interface number: 245 but max is 0 [ 515.928568][ T6003] usb 5-1: config 0 has no interface number 0 [ 515.931371][ T6003] usb 5-1: config 0 interface 245 has no altsetting 0 [ 515.938802][ T6003] usb 5-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=11.e2 [ 515.943202][ T6003] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 515.945867][ T6003] usb 5-1: Product: syz [ 515.947157][ T6003] usb 5-1: Manufacturer: syz [ 515.948563][ T6003] usb 5-1: SerialNumber: syz [ 515.953432][ T6003] usb 5-1: config 0 descriptor?? [ 515.960157][ T6003] usb 5-1: selecting invalid altsetting 0 [ 516.009092][ T10] usb 9-1: new full-speed USB device number 22 using dummy_hcd [ 516.060918][T18212] 9pnet_fd: Insufficient options for proto=fd [ 516.160103][ T6003] usb 5-1: USB disconnect, device number 50 [ 516.173170][ T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 516.176026][ T10] usb 9-1: New USB device found, idVendor=046d, idProduct=c626, bcdDevice= 0.00 [ 516.178842][ T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 516.182274][ T10] usb 9-1: config 0 descriptor?? [ 516.246324][T18054] bridge_slave_1: left allmulticast mode [ 516.248943][T18054] bridge_slave_1: left promiscuous mode [ 516.252312][T18054] bridge0: port 2(bridge_slave_1) entered disabled state [ 516.257847][T18054] bridge_slave_0: left allmulticast mode [ 516.259920][T18054] bridge_slave_0: left promiscuous mode [ 516.261697][T18054] bridge0: port 1(bridge_slave_0) entered disabled state [ 516.399804][T18054] bond1 (unregistering): (slave gretap2): Releasing active interface [ 516.595777][ T10] logitech 0003:046D:C626.0009: item fetching failed at offset 0/3 [ 516.598177][ T10] logitech 0003:046D:C626.0009: parse failed [ 516.600356][ T10] logitech 0003:046D:C626.0009: probe with driver logitech failed with error -22 [ 516.635799][T18054] bond1 (unregistering): Released all slaves [ 516.740299][T18054] bond2 (unregistering): Released all slaves [ 516.798667][ T6002] usb 9-1: USB disconnect, device number 22 [ 516.873115][T18054] bond3 (unregistering): (slave bond4): Releasing backup interface [ 516.875946][T18054] bond4 (unregistering): left promiscuous mode [ 516.891428][T18054] bond3 (unregistering): Released all slaves [ 517.026142][T18054] bond4 (unregistering): Released all slaves [ 517.033290][T18054] bond5 (unregistering): Released all slaves [ 517.040534][T18054] bond6 (unregistering): Released all slaves [ 517.454468][T18054] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 517.457473][T18054] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 517.460145][T18054] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 517.905274][T18258] netlink: 'syz.2.2908': attribute type 1 has an invalid length. [ 517.939814][T18261] Failed to get privilege flags for destination (handle=0x2:0x9) [ 517.959098][ T6003] usb 9-1: new high-speed USB device number 23 using dummy_hcd [ 518.119111][ T6003] usb 9-1: Using ep0 maxpacket: 16 [ 518.206921][ T6003] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 518.210895][ T6003] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 518.214392][ T6003] usb 9-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00 [ 518.217765][ T6003] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 518.221930][ T6003] usb 9-1: config 0 descriptor?? [ 518.303460][T18054] team0 (unregistering): Port device team_slave_1 removed [ 518.423245][T18054] team0 (unregistering): Port device team_slave_0 removed [ 518.640889][ T6003] gt683r_led 0003:1770:FF00.000A: item fetching failed at offset 2/5 [ 518.643531][ T6003] gt683r_led 0003:1770:FF00.000A: hid parsing failed [ 518.645722][ T6003] gt683r_led 0003:1770:FF00.000A: probe with driver gt683r_led failed with error -22 [ 519.168005][T18264] netlink: 'syz.3.2909': attribute type 4 has an invalid length. [ 519.174442][ T6002] usb 9-1: USB disconnect, device number 23 [ 519.178915][T18264] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.2909'. [ 519.428158][T18278] netlink: 'syz.2.2914': attribute type 1 has an invalid length. [ 519.482591][T18054] IPVS: stop unused estimator thread 0... [ 519.519171][ T6003] usb 8-1: new full-speed USB device number 31 using dummy_hcd [ 519.680819][ T6003] usb 8-1: config 0 has no interfaces? [ 519.684002][ T6003] usb 8-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 519.686561][ T6003] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 519.688856][ T6003] usb 8-1: Product: syz [ 519.690177][ T6003] usb 8-1: Manufacturer: syz [ 519.691544][ T6003] usb 8-1: SerialNumber: syz [ 519.693738][ T6003] usb 8-1: config 0 descriptor?? [ 519.899342][T18275] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 519.902585][T18275] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 519.905888][T18275] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 519.908344][T18275] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 519.911871][ T6002] usb 8-1: USB disconnect, device number 31 [ 520.049277][ T26] usb 9-1: new high-speed USB device number 24 using dummy_hcd [ 520.199117][ T26] usb 9-1: Using ep0 maxpacket: 32 [ 520.202578][ T26] usb 9-1: config 0 interface 0 altsetting 254 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 520.206388][ T26] usb 9-1: config 0 interface 0 has no altsetting 0 [ 520.208304][ T26] usb 9-1: New USB device found, idVendor=056a, idProduct=0024, bcdDevice= 0.00 [ 520.211058][ T26] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 520.214499][ T26] usb 9-1: config 0 descriptor?? [ 520.634401][ T26] wacom 0003:056A:0024.000B: unknown main item tag 0x0 [ 520.637074][ T26] wacom 0003:056A:0024.000B: unknown main item tag 0x0 [ 520.642146][ T26] wacom 0003:056A:0024.000B: unknown main item tag 0x0 [ 520.644269][ T26] wacom 0003:056A:0024.000B: unknown main item tag 0x0 [ 520.646316][ T26] wacom 0003:056A:0024.000B: unknown main item tag 0x0 [ 520.648404][ T26] wacom 0003:056A:0024.000B: unknown main item tag 0x0 [ 520.653994][ T26] wacom 0003:056A:0024.000B: unknown main item tag 0x0 [ 520.657237][ T26] wacom 0003:056A:0024.000B: Unknown device_type for 'HID 056a:0024'. Assuming pen. [ 520.667215][ T26] wacom 0003:056A:0024.000B: hidraw0: USB HID v0.00 Device [HID 056a:0024] on usb-dummy_hcd.4-1/input0 [ 520.676987][ T26] input: Wacom Intuos 12x18 Pen as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/0003:056A:0024.000B/input/input19 [ 520.736808][T18313] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.2927'. [ 520.831175][ T6002] usb 9-1: USB disconnect, device number 24 [ 521.795247][T18338] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.2936'. [ 522.436671][T18366] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.2945'. [ 523.039108][ T5956] Bluetooth: hci1: command 0x0405 tx timeout [ 523.846524][T18403] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2957'. [ 525.287864][ T6003] usb 7-1: new high-speed USB device number 34 using dummy_hcd [ 525.439280][ T6003] usb 7-1: Using ep0 maxpacket: 32 [ 525.444677][ T6003] usb 7-1: config 0 has an invalid interface number: 184 but max is 0 [ 525.446937][ T6003] usb 7-1: config 0 has no interface number 0 [ 525.449919][ T6003] usb 7-1: config 0 interface 184 has no altsetting 0 [ 525.455188][ T6003] usb 7-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 525.458760][ T6003] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 525.461849][ T6003] usb 7-1: Product: syz [ 525.463364][ T6003] usb 7-1: Manufacturer: syz [ 525.465092][ T6003] usb 7-1: SerialNumber: syz [ 525.469491][ T6003] usb 7-1: config 0 descriptor?? [ 525.473779][ T6003] smsc75xx v1.0.0 [ 526.085616][ T6003] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 526.088503][ T6003] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 526.290022][T18460] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2978'. [ 526.445920][T18466] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2981'. [ 526.693988][ T6003] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71 [ 526.697006][ T6003] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71 [ 526.699967][ T6003] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 526.702872][ T6003] smsc75xx 7-1:0.184: probe with driver smsc75xx failed with error -71 [ 526.706828][ T6003] usb 7-1: USB disconnect, device number 34 [ 527.242922][ T6003] IPVS: starting estimator thread 0... [ 527.349168][T18487] IPVS: using max 37 ests per chain, 88800 per kthread [ 527.393039][T18490] macsec0: entered promiscuous mode [ 527.394600][T18490] macsec0: entered allmulticast mode [ 527.396060][T18490] veth1_macvtap: entered allmulticast mode [ 528.498201][T18525] syz.4.3000 (18525): drop_caches: 2 [ 528.502169][T18525] syz.4.3000 (18525): drop_caches: 2 [ 529.549196][ T6002] usb 9-1: new high-speed USB device number 25 using dummy_hcd [ 529.689235][ T6028] usb 7-1: new high-speed USB device number 35 using dummy_hcd [ 529.710435][ T6002] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 529.713797][ T6002] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 529.716328][ T6002] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 529.718725][ T6002] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 529.722248][T18542] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 529.725817][ T6002] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 529.850588][ T6028] usb 7-1: config 2 has an invalid interface number: 115 but max is 0 [ 529.852899][ T6028] usb 7-1: config 2 has no interface number 0 [ 529.854542][ T6028] usb 7-1: config 2 interface 115 altsetting 0 endpoint 0xE has invalid maxpacket 1024, setting to 64 [ 529.857519][ T6028] usb 7-1: config 2 interface 115 altsetting 0 endpoint 0x4 has invalid maxpacket 512, setting to 64 [ 529.862284][ T6028] usb 7-1: New USB device found, idVendor=07c9, idProduct=0012, bcdDevice=5f.2c [ 529.864657][ T6028] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 529.866890][ T6028] usb 7-1: Product: syz [ 529.868128][ T6028] usb 7-1: Manufacturer: syz [ 529.869443][ T6028] usb 7-1: SerialNumber: syz [ 529.926528][ T3227] usb 9-1: USB disconnect, device number 25 [ 530.089284][ T6028] usb 7-1: USB disconnect, device number 35 [ 530.244012][ T1173] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.342436][ T1173] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.362320][ T5956] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 530.366797][ T5956] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 530.370241][ T5956] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 530.373309][ T5956] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 530.376222][ T5956] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 530.378941][ T5956] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 530.408690][ T1173] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.480688][ T1173] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.489642][T18562] chnl_net:caif_netlink_parms(): no params data found [ 530.560241][T18562] bridge0: port 1(bridge_slave_0) entered blocking state [ 530.562254][T18562] bridge0: port 1(bridge_slave_0) entered disabled state [ 530.564393][T18562] bridge_slave_0: entered allmulticast mode [ 530.566522][T18562] bridge_slave_0: entered promiscuous mode [ 530.569870][T18562] bridge0: port 2(bridge_slave_1) entered blocking state [ 530.571967][T18562] bridge0: port 2(bridge_slave_1) entered disabled state [ 530.574176][T18562] bridge_slave_1: entered allmulticast mode [ 530.576385][T18562] bridge_slave_1: entered promiscuous mode [ 530.619870][T18562] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 530.631146][T18576] tipc: Started in network mode [ 530.632671][T18576] tipc: Node identity 4, cluster identity 4711 [ 530.634387][T18576] tipc: Node number set to 4 [ 530.638174][T18562] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 530.782896][T18581] 9pnet_virtio: no channels available for device 127.0.0.1 [ 530.981083][ T1173] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 530.986767][ T1173] bond0 (unregistering): Released all slaves [ 531.016247][T18562] team0: Port device team_slave_0 added [ 531.019330][T18581] lo speed is unknown, defaulting to 1000 [ 531.020978][T18562] team0: Port device team_slave_1 added [ 531.022598][T18581] lo speed is unknown, defaulting to 1000 [ 531.033441][T18581] lo speed is unknown, defaulting to 1000 [ 531.037451][T18581] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 531.059634][T18581] lo speed is unknown, defaulting to 1000 [ 531.060143][T18562] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 531.069183][T18562] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 531.075881][T18562] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 531.079984][T18562] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 531.081817][T18562] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 531.095434][T18562] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 531.100132][ T1173] IPVS: stopping master sync thread 16718 ... [ 531.144877][T18562] hsr_slave_0: entered promiscuous mode [ 531.147591][T18562] hsr_slave_1: entered promiscuous mode [ 531.150297][T18562] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 531.154558][T18562] Cannot create hsr debugfs directory [ 531.167646][T18581] lo speed is unknown, defaulting to 1000 [ 531.173527][T18581] lo speed is unknown, defaulting to 1000 [ 531.175532][T18581] lo speed is unknown, defaulting to 1000 [ 531.177484][T18581] lo speed is unknown, defaulting to 1000 [ 531.179568][T18581] lo speed is unknown, defaulting to 1000 [ 531.188326][T18581] lo speed is unknown, defaulting to 1000 [ 531.295635][ T1173] hsr_slave_0: left promiscuous mode [ 531.297460][ T1173] hsr_slave_1: left promiscuous mode [ 531.325848][ T1173] veth1_macvtap: left allmulticast mode [ 531.327545][ T1173] veth1_macvtap: left promiscuous mode [ 531.329812][ T1173] veth0_macvtap: left promiscuous mode [ 531.331388][ T1173] veth1_vlan: left promiscuous mode [ 531.333674][ T1173] veth0_vlan: left promiscuous mode [ 532.489785][ T5299] Bluetooth: hci1: command tx timeout [ 532.689121][ T26] usb 7-1: new high-speed USB device number 36 using dummy_hcd [ 532.859148][ T26] usb 7-1: Using ep0 maxpacket: 32 [ 532.861943][ T26] usb 7-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 532.864684][ T26] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 532.868773][ T26] usb 7-1: config 0 descriptor?? [ 532.872209][ T26] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 533.090068][ T1173] lo (unregistering): left allmulticast mode [ 533.438272][T18562] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 533.447244][T18562] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 533.451430][T18562] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 533.456798][T18562] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 533.467302][ T1173] IPVS: stop unused estimator thread 0... [ 533.508842][T18562] 8021q: adding VLAN 0 to HW filter on device bond0 [ 533.522265][T18562] 8021q: adding VLAN 0 to HW filter on device team0 [ 533.528025][ T1137] bridge0: port 1(bridge_slave_0) entered blocking state [ 533.530177][ T1137] bridge0: port 1(bridge_slave_0) entered forwarding state [ 533.543937][ T1135] bridge0: port 2(bridge_slave_1) entered blocking state [ 533.546084][ T1135] bridge0: port 2(bridge_slave_1) entered forwarding state [ 533.717740][T18562] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 533.755876][T18562] veth0_vlan: entered promiscuous mode [ 533.774380][T18562] veth1_vlan: entered promiscuous mode [ 533.816984][T18562] veth0_macvtap: entered promiscuous mode [ 533.820662][T18562] veth1_macvtap: entered promiscuous mode [ 533.829632][T18562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 533.833647][T18562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 533.837167][T18562] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 533.848647][T18562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 533.852427][T18562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 533.855403][T18562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 533.858780][T18562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 533.861872][T18562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 533.864789][T18562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 533.867625][T18562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 533.870720][T18562] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 533.876798][T18562] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 533.882494][T18562] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 533.884971][T18562] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 533.887358][T18562] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 533.890100][T18562] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 533.927178][ T1135] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 533.932354][ T1135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 533.946026][ T78] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 533.949586][ T78] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 534.082007][ T26] gspca_nw80x: reg_w err -71 [ 534.084282][ T26] nw80x 7-1:0.0: probe with driver nw80x failed with error -71 [ 534.090097][ T26] usb 7-1: USB disconnect, device number 36 [ 534.859073][ T31] usb 7-1: new high-speed USB device number 37 using dummy_hcd [ 534.948308][T18623] mkiss: ax0: crc mode is auto. [ 535.012095][ T31] usb 7-1: Using ep0 maxpacket: 32 [ 535.014809][ T31] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 535.019132][ T31] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 535.021658][ T31] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 535.023944][ T31] usb 7-1: Product: syz [ 535.025143][ T31] usb 7-1: Manufacturer: syz [ 535.026446][ T31] usb 7-1: SerialNumber: syz [ 535.028655][ T31] usb 7-1: config 0 descriptor?? [ 535.030627][T18619] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 535.049426][ T31] hub 7-1:0.0: bad descriptor, ignoring hub [ 535.051128][ T31] hub 7-1:0.0: probe with driver hub failed with error -5 [ 535.186051][T18630] netlink: 4768 bytes leftover after parsing attributes in process `syz.3.3034'. [ 535.909183][T15651] usb 9-1: new high-speed USB device number 26 using dummy_hcd [ 535.950209][T17980] raw-gadget.0 gadget.2: failed to queue suspend event [ 536.019151][T18619] raw-gadget.0 gadget.2: failed to queue resume event [ 536.039680][T17980] raw-gadget.0 gadget.2: failed to queue suspend event [ 536.061056][T15651] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 536.064076][T15651] usb 9-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 536.066725][T15651] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 536.070025][T15651] usb 9-1: config 0 descriptor?? [ 536.073206][T15651] pwc: Askey VC010 type 2 USB webcam detected. [ 536.089975][T18635] raw-gadget.0 gadget.2: failed to queue disconnect event [ 536.116778][ T78] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 536.274337][ T5956] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 536.279225][ T5956] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 536.282065][ T5956] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 536.286385][ T5956] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 536.289199][ T5956] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 536.291375][ T5956] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 536.308263][T18647] lo speed is unknown, defaulting to 1000 [ 536.362284][T18647] chnl_net:caif_netlink_parms(): no params data found [ 536.410800][T18647] bridge0: port 1(bridge_slave_0) entered blocking state [ 536.412962][T18647] bridge0: port 1(bridge_slave_0) entered disabled state [ 536.415011][T18647] bridge_slave_0: entered allmulticast mode [ 536.417327][T18647] bridge_slave_0: entered promiscuous mode [ 536.421278][T18647] bridge0: port 2(bridge_slave_1) entered blocking state [ 536.423298][T18647] bridge0: port 2(bridge_slave_1) entered disabled state [ 536.425285][T18647] bridge_slave_1: entered allmulticast mode [ 536.427545][T18647] bridge_slave_1: entered promiscuous mode [ 536.451168][T18647] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 536.455212][T18647] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 536.481818][T18647] team0: Port device team_slave_0 added [ 536.486036][T18647] team0: Port device team_slave_1 added [ 536.489338][T15651] pwc: recv_control_msg error -32 req 02 val 2b00 [ 536.491870][T15651] pwc: recv_control_msg error -32 req 02 val 2700 [ 536.494076][T15651] pwc: recv_control_msg error -32 req 02 val 2c00 [ 536.501656][T15651] pwc: recv_control_msg error -32 req 04 val 1000 [ 536.506610][T15651] pwc: recv_control_msg error -32 req 04 val 1300 [ 536.508897][T15651] pwc: recv_control_msg error -32 req 04 val 1400 [ 536.512509][T15651] pwc: recv_control_msg error -32 req 02 val 2000 [ 536.513592][T18647] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 536.514815][T15651] pwc: recv_control_msg error -32 req 02 val 2100 [ 536.516352][T18647] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 536.518420][T15651] pwc: recv_control_msg error -32 req 04 val 1500 [ 536.526631][T18647] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 536.527134][T15651] pwc: recv_control_msg error -32 req 02 val 2500 [ 536.530435][T18647] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 536.532111][T15651] pwc: recv_control_msg error -32 req 02 val 2400 [ 536.533436][T18647] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 536.542481][T18647] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 536.566610][T18647] hsr_slave_0: entered promiscuous mode [ 536.568545][T18647] hsr_slave_1: entered promiscuous mode [ 536.570406][T18647] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 536.572508][T18647] Cannot create hsr debugfs directory [ 536.736054][T15651] pwc: recv_control_msg error -71 req 02 val 2900 [ 536.738194][T15651] pwc: recv_control_msg error -71 req 02 val 2800 [ 536.740341][T15651] pwc: recv_control_msg error -71 req 04 val 1100 [ 536.742473][T15651] pwc: recv_control_msg error -71 req 04 val 1200 [ 536.749907][T15651] pwc: Registered as video103. [ 536.751799][T15651] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb9/9-1/input/input23 [ 536.756417][T15651] usb 9-1: USB disconnect, device number 26 [ 537.264767][T18663] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3042'. [ 537.950345][ T78] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 538.025981][ T78] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 538.092759][ T78] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 538.209756][ T78] bridge_slave_1: left allmulticast mode [ 538.211449][ T78] bridge_slave_1: left promiscuous mode [ 538.214669][ T78] bridge0: port 2(bridge_slave_1) entered disabled state [ 538.222402][ T78] bridge_slave_0: left allmulticast mode [ 538.224026][ T78] bridge_slave_0: left promiscuous mode [ 538.226269][ T78] bridge0: port 1(bridge_slave_0) entered disabled state [ 538.319218][ T5956] Bluetooth: hci1: command tx timeout [ 538.432214][ T41] audit: type=1804 audit(1742287889.606:1023): pid=18692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3049" name="/newroot/159/bus/bus" dev="overlay" ino=917 res=1 errno=0 [ 538.524468][ T78] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 538.527876][ T78] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 538.531036][ T78] bond0 (unregistering): Released all slaves [ 538.861575][ T78] hsr_slave_0: left promiscuous mode [ 538.863655][ T78] hsr_slave_1: left promiscuous mode [ 538.865495][ T78] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 538.867455][ T78] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 538.870092][ T78] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 538.872120][ T78] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 538.904241][ T78] veth1_macvtap: left promiscuous mode [ 538.905852][ T78] veth0_macvtap: left promiscuous mode [ 538.907436][ T78] veth1_vlan: left promiscuous mode [ 538.910319][ T78] veth0_vlan: left promiscuous mode [ 539.201420][T18698] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3052'. [ 539.386330][T17980] usb 7-1: USB disconnect, device number 37 [ 539.471834][T18708] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3056'. [ 539.475591][T18708] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3056'. [ 539.649124][T14898] usb 8-1: new high-speed USB device number 32 using dummy_hcd [ 539.679726][ T5956] Bluetooth: hci4: command 0x0406 tx timeout [ 539.747836][ T78] team0 (unregistering): Port device team_slave_1 removed [ 539.799092][T14898] usb 8-1: Using ep0 maxpacket: 8 [ 539.803896][T14898] usb 8-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 539.806552][T14898] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 539.810753][T14898] usb 8-1: Product: syz [ 539.812471][T14898] usb 8-1: Manufacturer: syz [ 539.816037][T14898] usb 8-1: SerialNumber: syz [ 539.818219][T14898] usb 8-1: config 0 descriptor?? [ 539.853103][ T78] team0 (unregistering): Port device team_slave_0 removed [ 540.030546][T14898] usb 8-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 540.262281][T18721] loop2: detected capacity change from 0 to 7 [ 540.272612][T18721] Dev loop2: unable to read RDB block 7 [ 540.278711][T18721] loop2: unable to read partition table [ 540.283684][T18721] loop2: partition table beyond EOD, truncated [ 540.285421][T18721] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 540.399095][ T5299] Bluetooth: hci1: command tx timeout [ 540.528896][T18647] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 540.533725][T18647] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 540.538635][T18647] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 540.547860][T18647] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 540.586786][T18647] 8021q: adding VLAN 0 to HW filter on device bond0 [ 540.599307][T18647] 8021q: adding VLAN 0 to HW filter on device team0 [ 540.603846][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 540.605961][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 540.616008][ T1137] bridge0: port 2(bridge_slave_1) entered blocking state [ 540.618046][ T1137] bridge0: port 2(bridge_slave_1) entered forwarding state [ 540.766555][T18647] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 540.786172][T18647] veth0_vlan: entered promiscuous mode [ 540.793421][T18738] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 540.796374][T18647] veth1_vlan: entered promiscuous mode [ 540.818791][T18647] veth0_macvtap: entered promiscuous mode [ 540.826573][T18647] veth1_macvtap: entered promiscuous mode [ 540.834070][T18647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 540.837035][T18647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 540.841972][T18647] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 540.846587][T18647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 540.859061][T18647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 540.861862][T18647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 540.864787][T18647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 540.867489][T18647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 540.870582][T18647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 540.873424][T18647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 540.876305][T18647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 540.879845][T18647] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 540.884978][T18647] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 540.888155][T18647] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 540.891547][T18647] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 540.894572][T18647] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 540.936434][ T1135] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 540.944233][ T1135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 540.944769][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 540.949643][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 541.042625][T14898] dvb_usb_rtl28xxu 8-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 541.047188][T14898] usb 8-1: USB disconnect, device number 32 [ 542.406624][T18783] netlink: 120 bytes leftover after parsing attributes in process `syz.2.3082'. [ 542.410081][T18783] netlink: 120 bytes leftover after parsing attributes in process `syz.2.3082'. [ 542.439234][ T26] usb 9-1: new high-speed USB device number 27 using dummy_hcd [ 542.599312][ T26] usb 9-1: Using ep0 maxpacket: 16 [ 542.604272][ T26] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 542.607236][ T26] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 542.610044][ T26] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 542.613562][ T26] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 542.616014][ T26] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 542.619082][ T26] usb 9-1: config 0 descriptor?? [ 543.026222][ T26] HID 045e:07da: Invalid code 65791 type 1 [ 543.031614][ T26] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/0003:045E:07DA.000C/input/input24 [ 543.038796][ T26] microsoft 0003:045E:07DA.000C: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 543.199968][ T58] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 543.225420][ T26] usb 9-1: USB disconnect, device number 27 [ 543.333781][T18799] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 543.339196][T18799] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 543.345420][T18799] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 543.348888][T18799] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 543.351996][T18799] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 543.354699][T18799] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 543.373295][T18797] lo speed is unknown, defaulting to 1000 [ 543.421497][T18797] chnl_net:caif_netlink_parms(): no params data found [ 543.463317][T18797] bridge0: port 1(bridge_slave_0) entered blocking state [ 543.465394][T18797] bridge0: port 1(bridge_slave_0) entered disabled state [ 543.467385][T18797] bridge_slave_0: entered allmulticast mode [ 543.469649][T18797] bridge_slave_0: entered promiscuous mode [ 543.472180][T18797] bridge0: port 2(bridge_slave_1) entered blocking state [ 543.474215][T18797] bridge0: port 2(bridge_slave_1) entered disabled state [ 543.476242][T18797] bridge_slave_1: entered allmulticast mode [ 543.478359][T18797] bridge_slave_1: entered promiscuous mode [ 543.506720][T18797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 543.514304][T18797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 543.551327][T18797] team0: Port device team_slave_0 added [ 543.555088][T18797] team0: Port device team_slave_1 added [ 543.578408][T18797] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 543.580604][T18797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 543.587796][T18797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 543.592355][T18797] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 543.594296][T18797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 543.601984][T18797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 543.625500][T18797] hsr_slave_0: entered promiscuous mode [ 543.627892][T18797] hsr_slave_1: entered promiscuous mode [ 543.630151][T18797] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 543.632331][T18797] Cannot create hsr debugfs directory [ 543.972818][ T26] kernel write not supported for file /vcs (pid: 26 comm: kworker/2:0) [ 544.569139][ T5956] Bluetooth: hci4: command 0x0406 tx timeout [ 544.599107][T15651] usb 8-1: new high-speed USB device number 33 using dummy_hcd [ 544.752433][T15651] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 544.755393][T15651] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 544.758146][T15651] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 544.761911][T15651] usb 8-1: config 0 descriptor?? [ 544.765177][T15651] pwc: Askey VC010 type 2 USB webcam detected. [ 544.888494][T18834] [ 544.889418][T18834] ============================= [ 544.890931][T18834] WARNING: suspicious RCU usage [ 544.892581][T18834] 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 Not tainted [ 544.896923][T18834] ----------------------------- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 544.898476][T18834] ./include/linux/kvm_host.h:1057 suspicious rcu_dereference_check() usage! [ 544.901260][T18834] [ 544.901260][T18834] other info that might help us debug this: [ 544.901260][T18834] [ 544.904336][T18834] [ 544.904336][T18834] rcu_scheduler_active = 2, debug_locks = 1 [ 544.906632][T18834] no locks held by syz.4.3097/18834. [ 544.908234][T18834] [ 544.908234][T18834] stack backtrace: [ 544.910323][T18834] CPU: 3 UID: 0 PID: 18834 Comm: syz.4.3097 Not tainted 6.14.0-rc7-syzkaller-00050-gfc444ada1310 #0 [ 544.910338][T18834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 544.910346][T18834] Call Trace: [ 544.910350][T18834] [ 544.910355][T18834] dump_stack_lvl+0x16c/0x1f0 [ 544.910422][T18834] lockdep_rcu_suspicious+0x210/0x3c0 [ 544.910458][T18834] kvm_vcpu_gfn_to_memslot+0x48c/0x590 [ 544.910475][T18834] ? __lock_acquire+0x15a9/0x3c40 [ 544.910491][T18834] kvm_vcpu_write_guest+0x68/0x130 [ 544.910509][T18834] kvm_xen_write_hypercall_page+0x4aa/0x530 [ 544.910526][T18834] ? __pfx_kvm_xen_write_hypercall_page+0x10/0x10 [ 544.910546][T18834] kvm_set_msr_common+0x160b/0x33c0 [ 544.910558][T18834] ? __pfx_kvm_set_msr_common+0x10/0x10 [ 544.910569][T18834] ? __pfx_lock_release+0x10/0x10 [ 544.910584][T18834] ? do_raw_spin_lock+0x12d/0x2c0 [ 544.910596][T18834] vmx_set_msr+0xc2b/0x3950 [ 544.910611][T18834] ? __pfx_vmx_set_msr+0x10/0x10 [ 544.910625][T18834] ? _raw_spin_unlock+0x28/0x50 [ 544.910640][T18834] ? kvm_clear_async_pf_completion_queue+0x2e1/0x480 [ 544.910657][T18834] kvm_vcpu_reset+0x9ca/0x1a10 [ 544.910674][T18834] ? __pfx_kvm_vcpu_reset+0x10/0x10 [ 544.910690][T18834] ? kvm_set_tsc_khz+0x28b/0x520 [ 544.910707][T18834] kvm_arch_vcpu_create+0x6dc/0xab0 [ 544.910723][T18834] kvm_vm_ioctl+0xf4f/0x3d70 [ 544.910739][T18834] ? stack_trace_save+0x95/0xd0 [ 544.910752][T18834] ? stack_depot_save_flags+0x28/0x9c0 [ 544.910792][T18834] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 544.910809][T18834] ? kasan_save_stack+0x42/0x60 [ 544.910826][T18834] ? kasan_save_stack+0x33/0x60 [ 544.910841][T18834] ? kasan_save_track+0x14/0x30 [ 544.910856][T18834] ? kasan_save_free_info+0x3b/0x60 [ 544.910870][T18834] ? __kasan_slab_free+0x51/0x70 [ 544.910885][T18834] ? kfree+0x2c4/0x4d0 [ 544.910899][T18834] ? tomoyo_path_number_perm+0x46d/0x590 [ 544.910912][T18834] ? security_file_ioctl_compat+0x9b/0x240 [ 544.910925][T18834] ? __do_compat_sys_ioctl+0x4e/0x2c0 [ 544.910937][T18834] ? __do_fast_syscall_32+0x73/0x120 [ 544.910952][T18834] ? do_fast_syscall_32+0x32/0x80 [ 544.910966][T18834] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 544.910983][T18834] ? kvm_arch_vm_compat_ioctl+0x2d1/0x480 [ 544.910994][T18834] ? hlock_class+0x4e/0x130 [ 544.911005][T18834] ? mark_lock+0xb5/0xc60 [ 544.911019][T18834] ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10 [ 544.911030][T18834] ? __pfx_mark_lock+0x10/0x10 [ 544.911052][T18834] ? find_held_lock+0x2d/0x110 [ 544.911065][T18834] ? tomoyo_path_number_perm+0x298/0x590 [ 544.911077][T18834] ? __pfx_lock_release+0x10/0x10 [ 544.911093][T18834] ? tomoyo_path_number_perm+0x46d/0x590 [ 544.911108][T18834] ? tomoyo_path_number_perm+0x190/0x590 [ 544.911121][T18834] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 544.911134][T18834] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 544.911151][T18834] ? do_vfs_ioctl+0x513/0x1990 [ 544.911164][T18834] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 544.911182][T18834] kvm_vm_compat_ioctl+0x399/0x440 [ 544.911199][T18834] ? __pfx_kvm_vm_compat_ioctl+0x10/0x10 [ 544.911216][T18834] ? __pfx_lock_release+0x10/0x10 [ 544.911230][T18834] ? trace_lock_acquire+0x14e/0x1f0 [ 544.911246][T18834] ? __fget_files+0x206/0x3a0 [ 544.911263][T18834] ? __pfx_kvm_vm_compat_ioctl+0x10/0x10 [ 544.911279][T18834] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 544.911293][T18834] __do_fast_syscall_32+0x73/0x120 [ 544.911308][T18834] do_fast_syscall_32+0x32/0x80 [ 544.911323][T18834] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 544.911339][T18834] RIP: 0023:0xf7fe4579 [ 544.911348][T18834] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 544.911358][T18834] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 544.911368][T18834] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000ae41 [ 544.911375][T18834] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 544.911381][T18834] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 544.911387][T18834] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 544.911393][T18834] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 544.911405][T18834] [ 545.075052][ T58] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.079738][T15651] pwc: recv_control_msg error -71 req 02 val 2b00 [ 545.081847][T15651] pwc: recv_control_msg error -71 req 02 val 2700 [ 545.084024][T15651] pwc: recv_control_msg error -71 req 02 val 2c00 [ 545.086113][T15651] pwc: recv_control_msg error -71 req 04 val 1000 [ 545.088395][T15651] pwc: recv_control_msg error -71 req 04 val 1300 [ 545.091899][T15651] pwc: recv_control_msg error -71 req 04 val 1400 [ 545.094188][T15651] pwc: recv_control_msg error -71 req 02 val 2000 [ 545.096394][T15651] pwc: recv_control_msg error -71 req 02 val 2100 [ 545.099465][T15651] pwc: recv_control_msg error -71 req 04 val 1500 [ 545.101536][T15651] pwc: recv_control_msg error -71 req 02 val 2500 [ 545.103506][T15651] pwc: recv_control_msg error -71 req 02 val 2400 [ 545.105431][T15651] pwc: recv_control_msg error -71 req 02 val 2600 [ 545.107593][T15651] pwc: recv_control_msg error -71 req 02 val 2900 [ 545.110062][T15651] pwc: recv_control_msg error -71 req 02 val 2800 [ 545.112407][T15651] pwc: recv_control_msg error -71 req 04 val 1100 [ 545.115043][T15651] pwc: recv_control_msg error -71 req 04 val 1200 [ 545.143416][T15651] pwc: Registered as video103. [ 545.145353][T15651] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb8/8-1/input/input25 [ 545.157686][T15651] usb 8-1: USB disconnect, device number 33 [ 545.223218][ T58] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.292451][ T58] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.379554][ T58] bridge_slave_1: left allmulticast mode [ 545.381161][ T58] bridge_slave_1: left promiscuous mode [ 545.383514][ T58] bridge0: port 2(bridge_slave_1) entered disabled state [ 545.387047][ T58] bridge_slave_0: left allmulticast mode [ 545.388601][ T58] bridge_slave_0: left promiscuous mode [ 545.393498][ T58] bridge0: port 1(bridge_slave_0) entered disabled state [ 545.442141][ T5299] Bluetooth: hci1: command tx timeout [ 545.692121][ T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 545.696975][ T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 545.703671][ T58] bond0 (unregistering): Released all slaves [ 546.045539][ T58] hsr_slave_0: left promiscuous mode [ 546.047250][ T58] hsr_slave_1: left promiscuous mode [ 546.048866][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 546.051014][ T58] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 546.053223][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 546.055125][ T58] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 546.085745][ T58] veth1_macvtap: left promiscuous mode [ 546.087229][ T58] veth0_macvtap: left promiscuous mode [ 546.088724][ T58] veth1_vlan: left promiscuous mode [ 546.090188][ T58] veth0_vlan: left promiscuous mode [ 546.784549][ T58] team0 (unregistering): Port device team_slave_1 removed [ 546.863851][ T58] team0 (unregistering): Port device team_slave_0 removed [ 548.321926][ T58] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 548.397842][ T58] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 548.474444][ T58] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 548.560674][ T58] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 548.654067][ T58] bridge_slave_1: left allmulticast mode [ 548.655688][ T58] bridge_slave_1: left promiscuous mode [ 548.657325][ T58] bridge0: port 2(bridge_slave_1) entered disabled state [ 548.660104][ T58] bridge_slave_0: left allmulticast mode [ 548.661682][ T58] bridge_slave_0: left promiscuous mode [ 548.663304][ T58] bridge0: port 1(bridge_slave_0) entered disabled state [ 548.667227][ T58] bridge_slave_1: left allmulticast mode [ 548.668751][ T58] bridge_slave_1: left promiscuous mode [ 548.670894][ T58] bridge0: port 2(bridge_slave_1) entered disabled state [ 548.673655][ T58] bridge_slave_0: left allmulticast mode [ 548.675168][ T58] bridge_slave_0: left promiscuous mode [ 548.676729][ T58] bridge0: port 1(bridge_slave_0) entered disabled state [ 548.679838][ T58] bridge_slave_1: left allmulticast mode [ 548.681383][ T58] bridge_slave_1: left promiscuous mode [ 548.682935][ T58] bridge0: port 2(bridge_slave_1) entered disabled state [ 548.687139][ T58] bridge_slave_0: left allmulticast mode [ 548.688677][ T58] bridge_slave_0: left promiscuous mode [ 548.690520][ T58] bridge0: port 1(bridge_slave_0) entered disabled state [ 549.301750][ T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 549.305400][ T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 549.308606][ T58] bond0 (unregistering): Released all slaves [ 549.414493][ T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 549.418609][ T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 549.422140][ T58] bond0 (unregistering): Released all slaves [ 549.523023][ T58] bond1 (unregistering): Released all slaves [ 549.611169][ T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 549.614882][ T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 549.618543][ T58] bond0 (unregistering): Released all slaves [ 549.716730][ T58] bond1 (unregistering): Released all slaves [ 549.721401][ T58] bond2 (unregistering): Released all slaves [ 549.813708][ T58] bond3 (unregistering): Released all slaves [ 549.893212][ T58] bond4 (unregistering): Released all slaves [ 549.972058][ T58] bond5 (unregistering): Released all slaves [ 550.140050][ T58] tipc: Left network mode [ 550.151203][ T58] IPVS: stopping master sync thread 16683 ... [ 550.154244][ T58] IPVS: stopping master sync thread 15122 ... [ 550.480637][ T58] hsr_slave_0: left promiscuous mode [ 550.482551][ T58] hsr_slave_1: left promiscuous mode [ 550.484242][ T58] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 550.486353][ T58] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 550.492418][ T58] hsr_slave_0: left promiscuous mode [ 550.494307][ T58] hsr_slave_1: left promiscuous mode [ 550.495971][ T58] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 550.498217][ T58] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 550.506569][ T58] hsr_slave_0: left promiscuous mode [ 550.508365][ T58] hsr_slave_1: left promiscuous mode [ 550.510160][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 550.512145][ T58] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 550.514283][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 550.516241][ T58] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 550.549941][ T58] veth1_macvtap: left promiscuous mode [ 550.551532][ T58] veth0_macvtap: left promiscuous mode [ 550.553138][ T58] veth1_vlan: left promiscuous mode [ 550.554617][ T58] veth0_vlan: left promiscuous mode [ 550.770642][ T58] team0 (unregistering): Port device team_slave_1 removed [ 550.824995][ T58] team0 (unregistering): Port device team_slave_0 removed [ 551.704444][ T58] team0 (unregistering): Port device team_slave_1 removed [ 551.795157][ T58] team0 (unregistering): Port device team_slave_0 removed [ 553.198561][ T58] team0 (unregistering): Port device team_slave_1 removed [ 553.286678][ T58] team0 (unregistering): Port device team_slave_0 removed [ 553.951077][ T5982] lo speed is unknown, defaulting to 1000 [ 553.952916][ T5982] infiniband syz2: ib_query_port failed (-19) VM DIAGNOSIS: 08:51:36 Registers: info registers vcpu 0 CPU#0 RAX=00000000019ecc33 RBX=0000000000000000 RCX=ffffffff8b556469 RDX=0000000000000000 RSI=ffffffff8b6cfc80 RDI=ffffffff8bd35b20 RBP=fffffbfff1bd2ee8 RSP=ffffffff8de07e20 R8 =0000000000000001 R9 =ffffed1005686f85 R10=ffff88802b437c2b R11=0000000000000000 R12=0000000000000000 R13=ffffffff8de97740 R14=ffffffff90628b10 R15=0000000000000000 RIP=ffffffff8b55784f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f746d230 CR3=0000000069da4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000001000008fb RBX=0000000000000001 RCX=0000000000000830 RDX=0000000000000001 RSI=00000000000000fb RDI=0000000000000001 RBP=0000000000000000 RSP=ffffc90003cc7a78 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=0000000000000000 R13=ffffc90003cc7ca8 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8167f058 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000008004a000 CR3=0000000069da4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000000 RBX=ffff88802355d392 RCX=ffffffff8195c82e RDX=1ffff110046aba6c RSI=0000000000000001 RDI=ffffffff942ce998 RBP=dffffc0000000000 RSP=ffffc900038875d8 R8 =0000000000000000 R9 =fffffbfff2dd83b1 R10=ffffffff96ec1d8f R11=0000000000000000 R12=0000000000009a9b R13=ffff88802355c880 R14=8a3e25eea70996f7 R15=ffff88802355d370 RIP=ffffffff81967f7c RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f2cd76cdd00 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055ad5fdf9e95 CR3=000000004bb70000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 ZMM17=9aaccf1c52fd9307 9e70806adf2981ef 9aaccf1c52fd9307 9e70806adf2981ef 9aaccf1c52fd9307 9e70806adf2981ef 9aaccf1c52fd9307 9e70806adf2981ef ZMM18=c48be970af68fd6c 48c305bfe58b6eff c48be970af68fd6c 48c305bfe58b6eff c48be970af68fd6c 48c305bfe58b6eff c48be970af68fd6c 48c305bfe58b6eff ZMM19=7122000000000000 0000000000000005 7122000000000000 0000000000000004 7122000000000000 0000000000000003 7122000000000000 0000000000000002 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=9e70806a9e70806a 9e70806a9e70806a 9e70806a9e70806a 9e70806a9e70806a 9e70806a9e70806a 9e70806a9e70806a 9e70806a9e70806a 9e70806a9e70806a ZMM22=52fd930752fd9307 52fd930752fd9307 52fd930752fd9307 52fd930752fd9307 52fd930752fd9307 52fd930752fd9307 52fd930752fd9307 52fd930752fd9307 ZMM23=9aaccf1c9aaccf1c 9aaccf1c9aaccf1c 9aaccf1c9aaccf1c 9aaccf1c9aaccf1c 9aaccf1c9aaccf1c 9aaccf1c9aaccf1c 9aaccf1c9aaccf1c 9aaccf1c9aaccf1c ZMM24=e58b6effe58b6eff e58b6effe58b6eff e58b6effe58b6eff e58b6effe58b6eff e58b6effe58b6eff e58b6effe58b6eff e58b6effe58b6eff e58b6effe58b6eff ZMM25=48c305bf48c305bf 48c305bf48c305bf 48c305bf48c305bf 48c305bf48c305bf 48c305bf48c305bf 48c305bf48c305bf 48c305bf48c305bf 48c305bf48c305bf ZMM26=af68fd6caf68fd6c af68fd6caf68fd6c af68fd6caf68fd6c af68fd6caf68fd6c af68fd6caf68fd6c af68fd6caf68fd6c af68fd6caf68fd6c af68fd6caf68fd6c ZMM27=c48be970c48be970 c48be970c48be970 c48be970c48be970 c48be970c48be970 c48be970c48be970 c48be970c48be970 c48be970c48be970 c48be970c48be970 ZMM28=000000400000003f 0000003e0000003d 0000003c0000003b 0000003a00000039 0000003800000037 0000003600000035 0000003400000033 0000003200000031 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=6f2200006f220000 6f2200006f220000 6f2200006f220000 6f2200006f220000 6f2200006f220000 6f2200006f220000 6f2200006f220000 6f2200006f220000 info registers vcpu 3 CPU#3 RAX=ffffc90000405000 RBX=ffff888044b18400 RCX=ffffffff819af027 RDX=1ffff11008963006 RSI=ffffffff8640bd84 RDI=ffff888044b18030 RBP=0000000000000001 RSP=ffffc90000608d00 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000002 R12=ffffc90000405008 R13=ffff888044b18028 R14=ffff888041ed6000 R15=0000000000000000 RIP=ffffffff8640bdd2 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f74a2064 CR3=000000005f67c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000