last executing test programs: 6.277717782s ago: executing program 3 (id=460): socket$inet(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000040)="0000006aac", 0x5) r2 = accept4(r1, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r2) sendmsg$nl_route_sched_retired(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002f80)=@delchain={0xc58, 0x65, 0x200, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x4, 0xfff2}, {0x5, 0xa}, {0x4, 0xf}}, [@f_tcindex={{0xc}, {0x810, 0x2, [@TCA_TCINDEX_POLICE={0x80c, 0x6, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1, 0x4, 0x5, 0x6, 0x2, 0x1, 0xffffff14, 0xa, 0x7, 0x7, 0x3, 0x0, 0x12bb1875, 0x766, 0x1ff, 0x101, 0x6, 0x7, 0x3, 0xffffffff, 0x4, 0x7b, 0xffffff00, 0x8, 0x800, 0x3, 0x3, 0x6, 0x7, 0x1, 0xffffffff, 0x2, 0x4, 0xd2, 0x3, 0x4, 0x3ff, 0x278, 0x7, 0x5, 0x5, 0x2, 0xff7, 0x4, 0x2, 0x2, 0xfffffffa, 0x8001, 0x3, 0xffffffff, 0xffff7fff, 0x3, 0x9, 0x7f, 0x2, 0x9, 0x1, 0x8, 0x101, 0x3ff, 0x8, 0x4, 0x1f8, 0x4, 0x5, 0x0, 0x9, 0x80000001, 0xffffff00, 0x4, 0xee2, 0x8, 0x1, 0xc0000000, 0x80, 0x7, 0x0, 0x2, 0x1, 0x2, 0x0, 0x8, 0x8, 0xa, 0x7, 0x7fffffff, 0x4, 0x7, 0x6, 0x1000, 0x8001, 0x3, 0x8, 0xe26, 0x101, 0x3, 0x5, 0x8000, 0x3, 0x1, 0x9, 0x80000000, 0x4, 0x2, 0x4, 0xd, 0x9, 0x7ff, 0xff, 0x2, 0x8, 0x4, 0x4, 0x9, 0x81, 0xffff, 0x9b7c, 0x101, 0x8, 0xa56, 0x2a, 0x2, 0x7f, 0xfff, 0x3, 0x1, 0x8, 0x1000, 0x4000000, 0x3, 0x10001, 0x2, 0xdb96, 0x8, 0x0, 0x5, 0x9, 0xf, 0x80000001, 0x15b3, 0xbaca, 0x4d27, 0x40, 0x41, 0x7, 0x6, 0x3, 0x2e, 0x9, 0x200, 0x62e111c5, 0x1, 0xfffffffc, 0x9feb, 0x7, 0x7, 0x4, 0x7, 0x0, 0x2, 0x1000, 0x40, 0xc, 0x8, 0x4, 0x4, 0x1000000, 0x3, 0x4896, 0xfffffe01, 0xffff, 0x40, 0x9733, 0x7, 0x759d, 0x5, 0x9, 0x7fff, 0xfffffc00, 0x9, 0x9bc7, 0x4, 0x1ff, 0x2, 0x9, 0xff, 0xfffffffa, 0x6, 0x1, 0x5, 0xd94, 0x8, 0x9, 0x0, 0x8, 0x2118, 0x7, 0x3, 0x2, 0x7, 0x1, 0x71, 0x1000, 0x8, 0x1, 0x5, 0x8, 0x80000001, 0x4, 0x1, 0x2, 0xfffffc00, 0x5, 0x5, 0x2, 0x7, 0x10000, 0x3, 0x5, 0x4, 0xff, 0x34fc62f0, 0x7, 0x7, 0x5, 0x1, 0xd18, 0x55, 0x1, 0x0, 0x40, 0x8, 0x7, 0x9, 0x5, 0x8, 0x3ff, 0x6, 0x4, 0xffffffff, 0x0, 0x5, 0x7, 0x80000001, 0x8, 0xb, 0xd249, 0x4, 0x5, 0x9, 0x7, 0x8000, 0x10000, 0xafee, 0x7fffffff, 0xae]}, @TCA_POLICE_RATE={0x404, 0x2, [0x101, 0x3, 0x5, 0x9, 0xfff, 0x7f, 0x400, 0x6, 0x40, 0xfffffff9, 0xf, 0x4, 0x7, 0xa706, 0x5, 0x800, 0xaf89, 0x400000, 0x200, 0x2, 0x81, 0x100, 0x1, 0x716, 0x7fff, 0x9, 0x0, 0x6, 0x6, 0x5, 0x3, 0x4, 0x4, 0xc, 0x0, 0x7, 0x7f, 0xffffffff, 0x0, 0x9, 0x7, 0xdf4a, 0x2, 0x4, 0x7, 0x4, 0x6939, 0x5, 0x0, 0x9, 0x10, 0x0, 0x9, 0x8, 0xffffffff, 0x6, 0x4, 0x4, 0x500, 0x7, 0x5, 0xff, 0x9, 0x81, 0x2, 0x3ff, 0x6, 0x3ff, 0x9, 0x7fff, 0x400, 0xfffffffa, 0x6, 0x9, 0x7, 0x10000, 0x6, 0x7, 0x81, 0x7ff, 0x2, 0x7, 0xf9d, 0x0, 0x0, 0x7ff, 0x8001, 0xf97, 0xff, 0x2, 0xfffffffc, 0xfffffffb, 0x0, 0x704, 0x9, 0x81, 0xe, 0xe, 0x7, 0x3, 0x1ff, 0x4, 0x8, 0x4, 0xd325, 0x7, 0x784, 0x6, 0x740, 0x9, 0xfffffff9, 0x2, 0x3ff, 0xf, 0x0, 0x7, 0xf4, 0x3, 0x6, 0x5, 0x835, 0x5, 0x5, 0x6, 0xc, 0x3, 0x83, 0x4, 0x40, 0x40, 0x2, 0xb, 0x38, 0x8001, 0x6, 0x6, 0xff, 0x38, 0x9, 0x6, 0x9fc, 0x40, 0xffff0001, 0x7ff, 0x7, 0x7, 0x1800, 0xfff, 0x71ca, 0xfffffff7, 0xf, 0xc690, 0x6, 0x9, 0x3892, 0x0, 0x0, 0x6, 0x4, 0x5, 0x5, 0x7, 0x77, 0x7, 0x800, 0x0, 0x101, 0x0, 0xc646, 0x200, 0x4, 0x7, 0x7fffffff, 0x3, 0xfffffffd, 0x17fa, 0x4, 0x6, 0x8, 0x6, 0x85c2, 0x8, 0x5, 0x9, 0xfffffffb, 0x4, 0x127, 0x16db, 0x8, 0x0, 0xfffffff9, 0x5, 0x6, 0x4, 0x9, 0x0, 0x4, 0x6, 0x5e79, 0xb0c9, 0x7, 0x6, 0x4c8, 0x6, 0x269c, 0x2c8, 0x1, 0xc, 0x6, 0x9, 0x1ff, 0x4, 0x5848, 0x3, 0xce, 0x4, 0x1, 0x9, 0x1, 0x358a, 0x0, 0x4, 0x7, 0x1, 0x8, 0xfff, 0x4, 0x0, 0x6, 0xfffffffd, 0x3, 0xfffffff7, 0x7, 0x7, 0xfffffff7, 0x8, 0x40, 0x8000, 0x3, 0x9, 0x4, 0x101, 0xc, 0x3, 0x5, 0x4, 0xb6, 0x2, 0x401, 0x8, 0x8, 0xffffff44, 0x2743, 0x6b8cc28e, 0x5, 0x8e0]}]}]}}, @f_tcindex={{0xc}, {0x40c, 0x2, [@TCA_TCINDEX_POLICE={0x408, 0x6, [@TCA_POLICE_RATE={0x404, 0x2, [0x6, 0x8, 0x4d8, 0xffffffff, 0x8d1, 0x8, 0x9, 0x9, 0x0, 0xfffffff7, 0x4, 0x3, 0x81, 0x8, 0x6, 0x6, 0xd62, 0x6, 0x7, 0x29, 0x5, 0x5, 0x8, 0x2, 0x1000, 0x2, 0x793, 0x4, 0x3, 0xffffdc7a, 0x5, 0x7fff, 0x1, 0x5, 0x4b37, 0x2, 0x4, 0xd9a, 0x1, 0x4e, 0x401, 0x800, 0x9, 0x1, 0x9, 0x1, 0x0, 0x9, 0x8, 0x4e, 0x0, 0x80, 0x10000, 0x80, 0x10000, 0x8, 0x4, 0x5, 0x7, 0x9, 0x2, 0x7fffffff, 0xfcf, 0x7, 0x2, 0x2, 0x4, 0x1000, 0xea, 0x1, 0x9, 0x5, 0x200, 0xfec0, 0xffffe49a, 0x2, 0x4, 0x58e, 0xffffffff, 0x5, 0x6, 0x7f, 0x400, 0x8, 0x80, 0x7, 0x3, 0x6, 0xd, 0x3, 0xce, 0xd, 0x7fffffff, 0x1, 0x6, 0x4, 0x6, 0x3, 0x7f, 0x8001, 0xed4b, 0x68, 0x9, 0xc, 0xffff, 0x9, 0x7, 0xabe1, 0xf97, 0x5, 0x4, 0x80000001, 0x6, 0x7, 0x6, 0x5, 0xfff, 0x3, 0x46, 0x3ff, 0x7e4d, 0x5, 0x0, 0x6, 0x9, 0x20000f1, 0x4, 0x3, 0x3, 0xb, 0x8, 0x7, 0xa, 0x6, 0x9, 0x2, 0x0, 0x4, 0x5d6e5b73, 0x8, 0x3, 0x1, 0x4a0b, 0x99f, 0x400, 0x3, 0x0, 0x3, 0x9, 0x401, 0x9e, 0x8000, 0xf8, 0x5, 0x2, 0xffffffff, 0x3, 0x7fffffff, 0x0, 0x2, 0x6, 0x8, 0x7, 0x80000000, 0x74, 0x1, 0x7, 0xa94, 0x3, 0x4, 0x44, 0x0, 0x1, 0x13, 0x5, 0x0, 0x7f, 0x4, 0x818, 0x1, 0x560, 0x6, 0x9, 0x3, 0x4, 0x1ff, 0x4, 0x8001, 0x44, 0x2, 0x9, 0x8, 0x3, 0x8000, 0x100, 0x1, 0x1b35709e, 0x9629, 0x1, 0x5, 0x400, 0x0, 0x0, 0xba9, 0x2, 0x7, 0xe1, 0x4, 0x7, 0x5, 0x2, 0x21, 0xfffffeff, 0x0, 0x2d5b, 0xd, 0x1, 0x1000, 0x9, 0x2a, 0x8, 0x4, 0x9, 0x7, 0x8, 0x5, 0x1, 0x6, 0x6, 0x1, 0x1, 0x80, 0x1, 0x5, 0x0, 0x7fffffff, 0x3ff, 0x2, 0x5, 0x9, 0x8001, 0x8ee, 0x8, 0x10000004, 0x2, 0x9, 0x8, 0xd, 0x8, 0x7, 0x1, 0x440, 0x1, 0xaa20, 0x5, 0x4]}]}]}}]}, 0xc58}}, 0x4080000) 5.289808462s ago: executing program 3 (id=463): ioctl$CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, &(0x7f0000000340)) socket$alg(0x26, 0x5, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x230, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}, {0x1d0, 0x1, [@m_mirred={0x90, 0xa, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x3, 0xc, 0x20000000, 0xa0b, 0x5}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x5, 0xffffffff, 0x5, 0x10, 0x2}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x4025, 0x4, 0x0, 0x4, 0x3}, 0x4}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_skbedit={0xd8, 0x20, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x0, 0x1, 0x1, 0x3, 0x7fffffff}}]}, {0x94, 0x6, "e0aea23d6eebeeab55912fc34eaa42db9e333843f06623eebc400332e1193f0aa2ca3bde15a5339fd5c84031b447623e46e977dc90ae5093fbcc0c980afee0982f29e31cd2a86384c5da3fe8e2d0c745e465d5c34d02cc44c9ca17414f1501a3c89b1eadfc2035c01d6134a3da1eb9bfb036f8450b6ecf93ea651e257d49666dc1035d3a661455eba1476b5308c35c11"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_skbmod={0x64, 0x2, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x20, 0x2, {{0x0, 0x1, 0x20000000, 0x81, 0xfff}, 0xe}}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0xe}]}, {0xf, 0x6, "1df7fae888e399ecc544ec"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}]}]}, 0x230}, 0x1, 0x0, 0x0, 0x804}, 0x0) ustat(0x6, &(0x7f0000000080)) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x52cd, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x1c, 0x1, 0x0, "6106007722366ccef4ba566c4acd3d00e7bfeb8cace586d84a500000000800", 0x37303250}) socket$inet6_sctp(0xa, 0x1, 0x84) munmap(&(0x7f0000901000/0x3000)=nil, 0x3000) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x40, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) gettid() socket$nl_route(0x10, 0x3, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd74) syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), 0xffffffffffffffff) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)={0x1b, 0x0, 0x0, 0x80000000, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, @void, @value, @void, @value}, 0x50) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x14, r5, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x141040, 0x42) mount(&(0x7f0000000000)=@sr0, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000040)='udf\x00', 0x100080f, 0x0) 4.526443083s ago: executing program 0 (id=466): pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x4080) (async) r1 = syz_open_dev$vim2m(&(0x7f0000000580), 0x3, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0xffff, 0x2, 0x2}) (async) ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f00000002c0)={0x2, @pix_mp={0x0, 0x80000a, 0x31435641, 0x0, 0x0, [{}, {}, {}, {0x80000000}, {}, {}, {}, {0x0, 0x3fd}], 0x2}}) (async) r2 = openat$ttyprintk(0xffffff9c, &(0x7f0000000000), 0x20001, 0x0) tee(r0, r2, 0x4e, 0x0) (async) r3 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) (async) ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d) ioctl$TIOCGSOFTCAR(r3, 0x5414, 0x0) 4.439795765s ago: executing program 0 (id=467): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0) lseek(r0, 0x2d33, 0x3) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) lstat(&(0x7f00000013c0)='./file1\x00', &(0x7f0000001400)) read$FUSE(r0, &(0x7f0000001480)={0x2020}, 0x2020) sched_setaffinity(0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x8c) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=@gettfilter={0x3c, 0x2e, 0x2, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xf, 0xd}, {0xffe0, 0xffff}, {0x9, 0xfff3}}, [{0x8, 0xb, 0x7}, {0x8, 0xb, 0x2}, {0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r2 = openat$dsp1(0xffffff9c, &(0x7f00000001c0), 0x24003, 0x0) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000001040)=0x1) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f0000006040)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000006000)={&(0x7f00000055c0)={0x61c, 0x0, 0x10, 0x70bd29, 0x25dfdbff, {}, [{{0x8}, {0x268, 0x2, 0x0, 0x1, [{0x84, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x54, 0x4, [{0xfff1, 0x1, 0x2, 0x85}, {0x3, 0x0, 0xa5, 0x95a3}, {0x2, 0xa, 0xc, 0xfffffff0}, {0x100, 0x3, 0xa, 0x7}, {0x4, 0x1f, 0x0, 0x62}, {0x2, 0x71, 0x2, 0x1}, {0x2, 0x5, 0xfa, 0x5}, {0xc, 0x6, 0x3, 0xf}, {0x2, 0x6, 0x2}, {0x5ab, 0x5, 0x0, 0x6}]}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x81, 0xe2, 0x10, 0x1}, {0x6, 0x9, 0x3, 0x4}, {0x518, 0x23, 0x7f, 0x8}]}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x244d}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xe127}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0xfc, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2f7}}}]}}, {{0x8}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xa}}}]}}, {{0x8}, {0x140, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x2400}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x80000001}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}]}}]}, 0x61c}, 0x1, 0x0, 0x0, 0x4000}, 0x40000c0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f0000009c00)=[{{&(0x7f0000000380)=@l2tp6={0xa, 0x0, 0x0, @mcast2}, 0x80, &(0x7f0000000300)=[{&(0x7f00000034c0)=""/4096, 0x1000}, {&(0x7f00000044c0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/144, 0x90}, {&(0x7f0000000500)=""/147, 0x93}, {&(0x7f00000005c0)=""/188, 0xbc}, {&(0x7f0000000680)=""/229, 0xe5}, {&(0x7f0000000780)=""/76, 0x4c}, {&(0x7f0000000800)=""/147, 0x93}], 0x8, &(0x7f0000009d40)=""/4100, 0x1004}, 0x6}, {{&(0x7f00000008c0)=@un=@abs, 0x80, &(0x7f0000000a40)=[{&(0x7f0000000940)=""/67, 0x43}, {&(0x7f00000009c0)=""/64, 0x40}, {&(0x7f0000000a00)=""/31, 0x1f}, {&(0x7f00000064c0)=""/4096, 0x1000}], 0x4, &(0x7f0000000a80)=""/164, 0xa4}, 0xb}, {{0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f00000074c0)=""/4096, 0x1000}, {&(0x7f0000000b40)=""/229, 0xe5}, {&(0x7f0000000c40)=""/204, 0xcc}, {&(0x7f00000084c0)=""/4096, 0x1000}, {&(0x7f0000000d40)=""/28, 0x1c}], 0x5}, 0x1000}, {{&(0x7f0000000dc0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f00000094c0)=[{&(0x7f0000000e40)=""/25, 0x19}, {&(0x7f0000000e80)=""/142, 0x8e}, {&(0x7f0000000f40)=""/180, 0xb4}, {&(0x7f0000009cc0)=""/72, 0x48}, {&(0x7f0000001080)=""/96, 0x60}, {&(0x7f0000001100)=""/250, 0xfa}, {&(0x7f0000001200)=""/16, 0x10}, {&(0x7f00000054c0)=""/223, 0xdf}, {&(0x7f0000001340)=""/40, 0x28}], 0x9, &(0x7f0000009540)=""/169, 0xa9}, 0x1}, {{0x0, 0x0, &(0x7f0000009b40)=[{&(0x7f0000001380)=""/17, 0x11}, {&(0x7f0000009600)=""/196, 0xc4}, {&(0x7f0000009700)=""/53, 0x35}, {&(0x7f0000009740)=""/206, 0xce}, {&(0x7f0000009840)=""/136, 0x88}, {&(0x7f0000009900)=""/165, 0xa5}, {&(0x7f00000099c0)=""/173, 0xad}, {&(0x7f0000009a80)=""/160, 0xa0}], 0x8, &(0x7f0000009b80)=""/111, 0x6f}, 0x4}], 0x5, 0x120, 0x0) fanotify_init(0x4c, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) ioctl$SOUND_OLD_MIXER_INFO(r2, 0x80304d65, &(0x7f0000000280)) shutdown(0xffffffffffffffff, 0x1) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0xd4, &(0x7f0000000180)={[], [], 0x2c}) fspick(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1) r6 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810) socket$inet6(0xa, 0x5, 0x6) 4.437831643s ago: executing program 3 (id=468): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009ac0b620110f2110"], 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_ep_write(r0, 0x81, 0xfffffffffffffdca, &(0x7f0000000080)="c0") r2 = openat$urandom(0xffffffffffffff9c, &(0x7f00000000c0), 0x48c01, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40045201, 0x0) syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x30, 0xc8, 0x8}}}, 0x7) syz_usb_control_io$hid(r0, &(0x7f0000000300)={0x14, &(0x7f00000000c0)={0x0, 0x0, 0xd9, {0xd9, 0xa, "a3d3c133fe7c205990eb31ee2146201cebebad939a9a5b1e5e9e24f2f61c464058695ea733a1b99508ffd5c466b4fbb8d763a39c1d8f73caecc89b9d311dfa322b5bb33d96346f05180f5acd92e1844eb04d3c1a53e64d8ce5a9c401a8fa380b8bcac1e12540cd0def8b2aaf6843ca57842dead03f85cf0361fa2f33961aed46e312a52e80c062b76f12e3e98ce863f72767708b5b845717e95d8125efe0c19e1a6cd19d30f84c02d9256f729224f1b5b099a604fb3ef5bf53723fe3fa39fa5bb758029188da226c186c28b47f5af460e2b971c2298ca2"}}, &(0x7f00000001c0)={0x0, 0x3, 0xad, @string={0xad, 0x3, "f641857ed19732108c056b699b53c3376c699358ff9506632b326e12260d265734e3ecb1a659d2f6400432fcddefacbe06ac2580b245b85c100d4f1e3e3e2a0fb63686bdc7a23b54858a4b271f36e82ee632d3307891d73e6d7669b6551b11df6c0ab7418c721a83496769ecd45c33d072313d6ef6ca0b3b3172641662f100da30d670d63273194e7d092513fe0a69d676a518a0a1b4503f1dd5132fd790b3d4c5382ac000d80e9948771e"}}, &(0x7f0000000280)={0x0, 0x22, 0xa, {[@main=@item_4={0x3, 0x0, 0xb, "9df0f192"}, @main=@item_4={0x3, 0x0, 0xc, "4ef03031"}]}}, &(0x7f00000002c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0x6b, 0x3, 0x1, {0x22, 0x575}}}}, &(0x7f0000000540)={0x18, &(0x7f0000000380)={0x0, 0x8, 0x37, "dbc6acf2025c66f95d8f71fa3f2e1374003f555939b455eff1fb7443dd15e6f73657301e910f067b4470eb34100f95cc89b1b86f48b077"}, &(0x7f00000003c0)={0x0, 0xa, 0x1, 0xa}, &(0x7f0000000400)={0x0, 0x8, 0x1, 0x2}, &(0x7f0000000440)={0x20, 0x1, 0x98, "f26831bdb0437a5e9ddba9268982134793ee449fef1835d69b0386e8d4c239e8bbb473cf516e189b0cfe7c88c44c17738db6b1e623e3a1445a89f3d9381395b0d133c58e5aea8200e041b8fd09b852ccf40294e0222150f35bc2df06b3e8d92883b223fd5ff3bce6710a005c84e1d76a1c2fac551989c1f10124a3742b28bc410a05395c05dc6311bfab6bff342561977d7cf9b451990442"}, &(0x7f0000000500)={0x20, 0x3, 0x1, 0x5}}) readv(r1, &(0x7f0000000340)=[{&(0x7f0000000040)=""/5, 0x5}], 0x1) 2.905629208s ago: executing program 0 (id=472): socket$inet(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_procfs(0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x15) writev(r3, &(0x7f0000000280)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500", 0x1a}, {&(0x7f0000000580)="fa21bd2b5c40cc420740358ffc7f9f4b6e68fc8d1aa2597e7b484f301f11e35f22", 0x21}], 0x2) syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000040)="0000006aac", 0x5) sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002f80)=@delchain={0xc58, 0x65, 0x200, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x4, 0xfff2}, {0x5, 0xa}, {0x4, 0xf}}, [@f_tcindex={{0xc}, {0x810, 0x2, [@TCA_TCINDEX_POLICE={0x80c, 0x6, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1, 0x4, 0x5, 0x6, 0x2, 0x1, 0xffffff14, 0xa, 0x7, 0x7, 0x3, 0x0, 0x12bb1875, 0x766, 0x1ff, 0x101, 0x6, 0x7, 0x3, 0xffffffff, 0x4, 0x7b, 0xffffff00, 0x8, 0x800, 0x3, 0x3, 0x6, 0x7, 0x1, 0xffffffff, 0x2, 0x4, 0xd2, 0x3, 0x4, 0x3ff, 0x278, 0x7, 0x5, 0x5, 0x2, 0xff7, 0x4, 0x2, 0x2, 0xfffffffa, 0x8001, 0x3, 0xffffffff, 0xffff7fff, 0x3, 0x9, 0x7f, 0x2, 0x9, 0x1, 0x8, 0x101, 0x3ff, 0x8, 0x4, 0x1f8, 0x4, 0x5, 0x0, 0x9, 0x80000001, 0xffffff00, 0x4, 0xee2, 0x8, 0x1, 0xc0000000, 0x80, 0x7, 0x0, 0x2, 0x1, 0x2, 0x0, 0x8, 0x8, 0xa, 0x7, 0x7fffffff, 0x4, 0x7, 0x6, 0x1000, 0x8001, 0x3, 0x8, 0xe26, 0x101, 0x3, 0x5, 0x8000, 0x3, 0x1, 0x9, 0x80000000, 0x4, 0x2, 0x4, 0xd, 0x9, 0x7ff, 0xff, 0x2, 0x8, 0x4, 0x4, 0x9, 0x81, 0xffff, 0x9b7c, 0x101, 0x8, 0xa56, 0x2a, 0x2, 0x7f, 0xfff, 0x3, 0x1, 0x8, 0x1000, 0x4000000, 0x3, 0x10001, 0x2, 0xdb96, 0x8, 0x0, 0x5, 0x9, 0xf, 0x80000001, 0x15b3, 0xbaca, 0x4d27, 0x40, 0x41, 0x7, 0x6, 0x3, 0x2e, 0x9, 0x200, 0x62e111c5, 0x1, 0xfffffffc, 0x9feb, 0x7, 0x7, 0x4, 0x7, 0x0, 0x2, 0x1000, 0x40, 0xc, 0x8, 0x4, 0x4, 0x1000000, 0x3, 0x4896, 0xfffffe01, 0xffff, 0x40, 0x9733, 0x7, 0x759d, 0x5, 0x9, 0x7fff, 0xfffffc00, 0x9, 0x9bc7, 0x4, 0x1ff, 0x2, 0x9, 0xff, 0xfffffffa, 0x6, 0x1, 0x5, 0xd94, 0x8, 0x9, 0x0, 0x8, 0x2118, 0x7, 0x3, 0x2, 0x7, 0x1, 0x71, 0x1000, 0x8, 0x1, 0x5, 0x8, 0x80000001, 0x4, 0x1, 0x2, 0xfffffc00, 0x5, 0x5, 0x2, 0x7, 0x10000, 0x3, 0x5, 0x4, 0xff, 0x34fc62f0, 0x7, 0x7, 0x5, 0x1, 0xd18, 0x55, 0x1, 0x0, 0x40, 0x8, 0x7, 0x9, 0x5, 0x8, 0x3ff, 0x6, 0x4, 0xffffffff, 0x0, 0x5, 0x7, 0x80000001, 0x8, 0xb, 0xd249, 0x4, 0x5, 0x9, 0x7, 0x8000, 0x10000, 0xafee, 0x7fffffff, 0xae]}, @TCA_POLICE_RATE={0x404, 0x2, [0x101, 0x3, 0x5, 0x9, 0xfff, 0x7f, 0x400, 0x6, 0x40, 0xfffffff9, 0xf, 0x4, 0x7, 0xa706, 0x5, 0x800, 0xaf89, 0x400000, 0x200, 0x2, 0x81, 0x100, 0x1, 0x716, 0x7fff, 0x9, 0x0, 0x6, 0x6, 0x5, 0x3, 0x4, 0x4, 0xc, 0x0, 0x7, 0x7f, 0xffffffff, 0x0, 0x9, 0x7, 0xdf4a, 0x2, 0x4, 0x7, 0x4, 0x6939, 0x5, 0x0, 0x9, 0x10, 0x0, 0x9, 0x8, 0xffffffff, 0x6, 0x4, 0x4, 0x500, 0x7, 0x5, 0xff, 0x9, 0x81, 0x2, 0x3ff, 0x6, 0x3ff, 0x9, 0x7fff, 0x400, 0xfffffffa, 0x6, 0x9, 0x7, 0x10000, 0x6, 0x7, 0x81, 0x7ff, 0x2, 0x7, 0xf9d, 0x0, 0x0, 0x7ff, 0x8001, 0xf97, 0xff, 0x2, 0xfffffffc, 0xfffffffb, 0x0, 0x704, 0x9, 0x81, 0xe, 0xe, 0x7, 0x3, 0x1ff, 0x4, 0x8, 0x4, 0xd325, 0x7, 0x784, 0x6, 0x740, 0x9, 0xfffffff9, 0x2, 0x3ff, 0xf, 0x0, 0x7, 0xf4, 0x3, 0x6, 0x5, 0x835, 0x5, 0x5, 0x6, 0xc, 0x3, 0x83, 0x4, 0x40, 0x40, 0x2, 0xb, 0x38, 0x8001, 0x6, 0x6, 0xff, 0x38, 0x9, 0x6, 0x9fc, 0x40, 0xffff0001, 0x7ff, 0x7, 0x7, 0x1800, 0xfff, 0x71ca, 0xfffffff7, 0xf, 0xc690, 0x6, 0x9, 0x3892, 0x0, 0x0, 0x6, 0x4, 0x5, 0x5, 0x7, 0x77, 0x7, 0x800, 0x0, 0x101, 0x0, 0xc646, 0x200, 0x4, 0x7, 0x7fffffff, 0x3, 0xfffffffd, 0x17fa, 0x4, 0x6, 0x8, 0x6, 0x85c2, 0x8, 0x5, 0x9, 0xfffffffb, 0x4, 0x127, 0x16db, 0x8, 0x0, 0xfffffff9, 0x5, 0x6, 0x4, 0x9, 0x0, 0x4, 0x6, 0x5e79, 0xb0c9, 0x7, 0x6, 0x4c8, 0x6, 0x269c, 0x2c8, 0x1, 0xc, 0x6, 0x9, 0x1ff, 0x4, 0x5848, 0x3, 0xce, 0x4, 0x1, 0x9, 0x1, 0x358a, 0x0, 0x4, 0x7, 0x1, 0x8, 0xfff, 0x4, 0x0, 0x6, 0xfffffffd, 0x3, 0xfffffff7, 0x7, 0x7, 0xfffffff7, 0x8, 0x40, 0x8000, 0x3, 0x9, 0x4, 0x101, 0xc, 0x3, 0x5, 0x4, 0xb6, 0x2, 0x401, 0x8, 0x8, 0xffffff44, 0x2743, 0x6b8cc28e, 0x5, 0x8e0]}]}]}}, @f_tcindex={{0xc}, {0x40c, 0x2, [@TCA_TCINDEX_POLICE={0x408, 0x6, [@TCA_POLICE_RATE={0x404, 0x2, [0x6, 0x8, 0x4d8, 0xffffffff, 0x8d1, 0x8, 0x9, 0x9, 0x0, 0xfffffff7, 0x4, 0x3, 0x81, 0x8, 0x6, 0x6, 0xd62, 0x6, 0x7, 0x29, 0x5, 0x5, 0x8, 0x2, 0x1000, 0x2, 0x793, 0x4, 0x3, 0xffffdc7a, 0x5, 0x7fff, 0x1, 0x5, 0x4b37, 0x2, 0x4, 0xd9a, 0x1, 0x4e, 0x401, 0x800, 0x9, 0x1, 0x9, 0x1, 0x0, 0x9, 0x8, 0x4e, 0x0, 0x80, 0x10000, 0x80, 0x10000, 0x8, 0x4, 0x5, 0x7, 0x9, 0x2, 0x7fffffff, 0xfcf, 0x7, 0x2, 0x2, 0x4, 0x1000, 0xea, 0x1, 0x9, 0x5, 0x200, 0xfec0, 0xffffe49a, 0x2, 0x4, 0x58e, 0xffffffff, 0x5, 0x6, 0x7f, 0x400, 0x8, 0x80, 0x7, 0x3, 0x6, 0xd, 0x3, 0xce, 0xd, 0x7fffffff, 0x1, 0x6, 0x4, 0x6, 0x3, 0x7f, 0x8001, 0xed4b, 0x68, 0x9, 0xc, 0xffff, 0x9, 0x7, 0xabe1, 0xf97, 0x5, 0x4, 0x80000001, 0x6, 0x7, 0x6, 0x5, 0xfff, 0x3, 0x46, 0x3ff, 0x7e4d, 0x5, 0x0, 0x6, 0x9, 0x20000f1, 0x4, 0x3, 0x3, 0xb, 0x8, 0x7, 0xa, 0x6, 0x9, 0x2, 0x0, 0x4, 0x5d6e5b73, 0x8, 0x3, 0x1, 0x4a0b, 0x99f, 0x400, 0x3, 0x0, 0x3, 0x9, 0x401, 0x9e, 0x8000, 0xf8, 0x5, 0x2, 0xffffffff, 0x3, 0x7fffffff, 0x0, 0x2, 0x6, 0x8, 0x7, 0x80000000, 0x74, 0x1, 0x7, 0xa94, 0x3, 0x4, 0x44, 0x0, 0x1, 0x13, 0x5, 0x0, 0x7f, 0x4, 0x818, 0x1, 0x560, 0x6, 0x9, 0x3, 0x4, 0x1ff, 0x4, 0x8001, 0x44, 0x2, 0x9, 0x8, 0x3, 0x8000, 0x100, 0x1, 0x1b35709e, 0x9629, 0x1, 0x5, 0x400, 0x0, 0x0, 0xba9, 0x2, 0x7, 0xe1, 0x4, 0x7, 0x5, 0x2, 0x21, 0xfffffeff, 0x0, 0x2d5b, 0xd, 0x1, 0x1000, 0x9, 0x2a, 0x8, 0x4, 0x9, 0x7, 0x8, 0x5, 0x1, 0x6, 0x6, 0x1, 0x1, 0x80, 0x1, 0x5, 0x0, 0x7fffffff, 0x3ff, 0x2, 0x5, 0x9, 0x8001, 0x8ee, 0x8, 0x10000004, 0x2, 0x9, 0x8, 0xd, 0x8, 0x7, 0x1, 0x440, 0x1, 0xaa20, 0x5, 0x4]}]}]}}]}, 0xc58}}, 0x4080000) 2.719999539s ago: executing program 1 (id=474): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cast6)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="54c7b6e4915d564c90c2002a4e7f8a3b98bd0500000000000000c8dd14c87300313e59bd727ac064142026aa17a7e69015da227c", 0x34) r1 = socket$nl_rdma(0x10, 0x3, 0x14) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x80000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r3}, 0x10) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x4, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) close(r4) sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x18, 0x140e, 0x3fca440fc5d735f5, 0x70bd29, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x4004010}, 0x4) r5 = syz_open_dev$audion(&(0x7f0000000240), 0x4, 0x19784555e0cb2bdb) ioctl$DRM_IOCTL_GET_MAGIC(r5, 0x80046402, &(0x7f0000000280)=0xb9d3) r6 = accept4(r0, 0x0, 0x0, 0x80000) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xaece, 0x0) preadv(r9, &(0x7f0000000540)=[{0x0}, {&(0x7f00000015c0)=""/4098, 0x38b}], 0x2, 0xf5, 0x0) sendmsg$alg(r6, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r6) sendmsg$DEVLINK_CMD_RATE_SET(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000008c80)={0x128, 0x0, 0x800, 0x70bd2a, 0x25dfdbfe, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xe9, 0xa8, @random="8c5b7b9105de84c9a02641c4d524d739ea922e1fc8506b87be909556bda7ccaad32941be05152527d7c739f78f8c11bec93e379322ac7b02439882229397f87850aa49e5668226fb1f1789a900562494a744f8b2c3cd07dcb18ee1500b997eee658ad4bdd9887254c08db7583fa662eab8ee2ea07e114196f4470e6712c94e8d8ed4ffeefb72fbf100021eba62bcf0a2f3d95b86edd74eb29a80d2e1f2cd71d1c98dda123e9d00b221233eeda0142bcaa986cbc030eeb64dfc37c042093774ebc4c4e65975c614dc193efaf4cfa82ea5e8939b68923915b2ddfc35f38d7105410a9391df02"}, @DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0xf5}, @handle=@pci={{0x8}, {0x11}}]}, 0xfd51}, 0x1, 0x0, 0x0, 0x1}, 0x4000) sendmsg$can_raw(r6, &(0x7f0000000100)={&(0x7f0000000000), 0x10, &(0x7f00000000c0)={&(0x7f0000000040)=@can={{0x0, 0x0, 0x1}, 0x4, 0x96c6825141604a8, 0x0, 0x0, "011a5e43546c6846"}, 0x10}, 0x1, 0x0, 0x0, 0x1}, 0x40084) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuacct.usage_sys\x00', 0x0, 0x0) r10 = syz_open_dev$usbmon(&(0x7f0000005500), 0x4853, 0x40500) ioctl$MON_IOCQ_RING_SIZE(r10, 0x9205) 2.490030293s ago: executing program 1 (id=476): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) (async) r2 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) read$FUSE(r2, 0x0, 0x0) (async, rerun: 64) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48) (async, rerun: 64) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRES64=r3, @ANYBLOB="e5c46f984b24bb8d1512f8fac0c93942f6f5a60d1bb4e322e53b19d95e01515bc31f4b82953a51c6fb57292c5392ab927e52b68952bc7fe69ae9bb8efb5e836459b434b3d6a9340272fae30214e1412dd505c0ad1544619a26a11b3c458c374cc361c480e88c7f196afc88c15a5df8c9c5dab150386c03497d8cca180ada6b8e9ab576a81f40d2955a61d3119e7396e9653d14e33a9986b628afe11b920f3000afa2df3560ab5631ecb254466b97269c7963d16f133221b0761b021954fcbeaa73bd5f8dddcee518874a8b5ff4ae0ccee41c0440c1ed1f23a02311f1746f2fe117dddb237fcfd6d33399921a8c984e2be04924f5d0b5d662af87", @ANYRES64=r2, @ANYRES8=r1, @ANYRESOCT=r3, @ANYRES32=r3], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r4}, 0x10) (async, rerun: 64) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (rerun: 64) r6 = syz_io_uring_setup(0x58f, &(0x7f0000000880)={0x0, 0xea52, 0x800, 0x3, 0x380}, &(0x7f0000000900), &(0x7f0000000940)) io_uring_register$IORING_UNREGISTER_EVENTFD(r6, 0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r5}, 0x10) (async) socketpair$unix(0x1, 0x1, 0x0, 0x0) sync() 2.329819701s ago: executing program 1 (id=477): creat(&(0x7f0000000000)='./file1\x00', 0x5c) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x33f}, 0x1, 0x0, 0x0, 0xc0d0}, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000300)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e24, @remote}, 0x4, 0x2, 0x1, 0x4}}, 0x2e) sendmmsg$inet(r0, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x18}], 0x1}}], 0x1, 0x8040) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e20, 0x7, @mcast1, 0x1000}}, 0x0, 0x0, 0x3f8, 0x0, 0x32, 0x0, 0x3}, 0x9c) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0xe, &(0x7f0000001500)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x5}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@getqdisc={0x2c, 0x26, 0x1, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xffe1, 0x3}, {0x2, 0x8}, {0xd, 0xfff1}}, [{0x4}, {0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x20000000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r5 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r5, 0x50009405, &(0x7f0000001440)) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r2, &(0x7f0000000340)={0x4}) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r3, @ANYRES32=r1, @ANYBLOB="000400000000000000000000000000fb00000000"], 0x50) bind$inet6(r2, &(0x7f00004b8fe4)={0xa, 0x4e23, 0xd, @loopback}, 0x1c) sendto$inet6(r2, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)}], 0x1}}], 0x1, 0x0) 2.039852539s ago: executing program 2 (id=480): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x4, &(0x7f0000000000)=0x1) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x2b2, 0x1, &(0x7f0000000040)=0x1) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x0, &(0x7f0000000080)) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xffffffff, 0x40, &(0x7f00000000c0)=0x1) r0 = io_uring_setup(0x2053, &(0x7f0000000100)={0x0, 0xfe51, 0x20000, 0x1, 0x30b}) syz_io_uring_setup(0x4f7b, &(0x7f0000000180)={0x0, 0x19f7, 0x2, 0x2, 0x22e, 0x0, r0}, &(0x7f0000000200), &(0x7f0000000240)) r1 = socket$can_j1939(0x1d, 0x2, 0x7) getpeername(r1, &(0x7f0000000280)=@ieee802154={0x24, @long}, &(0x7f0000000300)=0x80) r2 = syz_io_uring_setup(0x11ce, &(0x7f0000000340)={0x0, 0xdaf3, 0xb420, 0x0, 0x36a}, &(0x7f00000003c0), &(0x7f0000000400)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000000, 0x1010, r2, 0x8000000) r3 = socket$inet_udp(0x2, 0x2, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, r4, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0xfffffff8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x44800) syz_open_dev$evdev(&(0x7f0000000580), 0x7, 0x280440) r5 = socket$packet(0x11, 0x2, 0x300) r6 = accept4$packet(r5, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000600)=0x14, 0x80000) ioctl$F2FS_IOC_WRITE_CHECKPOINT(r3, 0xf507, 0x0) r7 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000640)={0x0, 0x5}, &(0x7f0000000680)=0x8) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r7, 0x84, 0x79, &(0x7f00000006c0)={r8, 0x0, 0x9}, 0x8) r9 = openat$nvram(0xffffff9c, &(0x7f0000000700), 0x4001, 0x0) r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000780), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_GET(r9, &(0x7f0000000980)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000940)={&(0x7f00000007c0)={0x158, r10, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x80, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x844}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xe8ab}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'ib', 0x3a, 'syz_tun\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x26}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @loopback}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x4, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7}}}}]}, @TIPC_NLA_PUBL={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x400}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9b}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3020}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xffffffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8}]}, @TIPC_NLA_LINK={0x34, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x400}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}]}, @TIPC_NLA_BEARER={0x3c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0xe, @empty, 0x7fff}}, {0x14, 0x2, @in={0x2, 0x4e20, @multicast1}}}}]}]}, 0x158}, 0x1, 0x0, 0x0, 0x2}, 0x20000081) ioctl$FS_IOC_FSGETXATTR(r9, 0x801c581f, &(0x7f00000009c0)={0x2, 0x12a0000, 0x5, 0x5, 0x9}) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000a40)=@generic={&(0x7f0000000a00)='./file0\x00', r9}, 0x14) setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000a80)={0x40, 0x1, 0x3}, 0x10) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r9, 0x80045300, &(0x7f0000000ac0)) ioctl$FIBMAP(r6, 0x1, &(0x7f0000000b00)=0xfff) recvfrom$inet(r3, &(0x7f0000000b40)=""/50, 0x32, 0x10060, 0x0, 0x0) setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000bc0)={0x1, 0x4, '\x00', [@padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0xc}, @jumbo={0xc2, 0x4, 0x8}, @enc_lim={0x4, 0x1, 0x81}, @jumbo={0xc2, 0x4, 0x2}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}, 0x30) 1.769538024s ago: executing program 0 (id=481): openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x42280, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) userfaultfd(0x80001) socket$inet(0x2, 0x1, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x40080, 0x0) pipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xf, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x1a, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000680)={0x4, 0xc, 0x17, 0x8000}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32], 0x4c}}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) setitimer(0x2, &(0x7f0000000080)={{0x6, 0xfffffffffffffffb}, {0x0, 0x2710}}, 0x0) sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000780)={0x0, 0x0, 0x0}, &(0x7f00000007c0)=0xc) read$FUSE(r3, &(0x7f0000003600)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) r8 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) sendmsg$netlink(r8, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="3c0000002e000100000000000000000008000000", @ANYRES32=r9, @ANYBLOB="0b000080976b640868603000150001803fb3eb663c00d1185eefb7c895d0e5001a000000"], 0x3c}], 0x1}, 0x0) lstat(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f00000008c0)) statx(r2, &(0x7f0000000940)='./file0\x00', 0x2000, 0x4, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r12 = syz_clone(0x4200000, 0x0, 0x0, 0x0, 0x0, 0x0) wait4(r12, 0x0, 0x40000000, 0x0) statx(0xffffffffffffffff, &(0x7f0000000ac0)='./file0\x00', 0x2000, 0x200, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000c00)={0x0, 0x0, 0x0}, &(0x7f0000000c40)=0xc) sendmmsg$unix(r2, &(0x7f0000000d40)=[{{&(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000700)=[{&(0x7f0000005640)="dc1860d0fd2afe86ef5878ce617a77950b129ba7c233c42346f649217bac09c18a287ceb79edf2e7d63b7d2b81be3410e5b096b4ad5b9fb5e62f6c13988afb9f0d83b5e9b6ae09124c2faff3d4a62a866193cce5f6b24e3219332d1bcdf225b839aaa09d1575a7c99359a983f3b800cac464e30865728984dc190a985f58e66a5da2984b87f069f2433386718ec3f6df90fd0e6e930c946cc262314da9baeb1740379791dc6b26a901c8967224e9ed5db1ed9eff742f0d676bceddb17d843b843fd623566f7c2e6cebcb799437c908253af98c98b32989f55bb5e76c5705956d5617895e1bf99d1c3cde68b04bdd8e655207a957b67d13c0c60ac1bca6dddc7c7ee763f25e4e42aab4928b043dfca91510eefa86346b672f355d3e40c416d542ddf1a9924c26962ded7867c23011056a9d4bdcd2093f3f55510314691549f3faaeaad06cab80ebb4fba8e3ace5088a9235150ef2b6612c6b160d1703ec0393ab6ff9d8a8faa9832fd2915e3ab68a7bffd3271f6fc38519edeab1080398d0fc1cacbde323e30b12f95389511013dc1f7ee355ad320b971fed1454aed776fb07a20fbe069b4ab4326cb3e1b500101790e3e79fca5f2ec128108943499c7d35b41e25d55413b3ac742b81b86a7041cab9ed8d75284b81ae2df03fb851e6196114de3963db10b51c9fd9975cf6616e3652d914f53812b58256877db00e7695ec7ee7a22dadbcfa95382f3dc0eeeec5e9a8696bed0154f863f3c4823be7de94f030df710c494af160306e75c5b03f655b414df4e2650368785294c5a859449ddda937b734283ede494bd2d98bdc6f72781f8e7b19286802cbc97aec02bc5685547b67ab96e50b1cb4e71cc48fdc787d63999fbd0ba09adcbecdca261bb3d9e6c04c05275013985db66cf02867dc8ac1cce1e2cd4271907f83c1f928c09de99a0f7c2c01993f64e015a96c1dc348827ea1816836dca3fc4e98e64b9fe0fd82f336d0ca8e883de0d5d68bbc6a33c73c547dff788208deba853c3150458b51c9c82835178f26c0af3ceaa17124c52ae0a91040a4db48d16e1c4989613cc8a9a01b5a4d9311ac87157edb2b57501423325f834a2fd4402d21ec08fda3fd1a726b73006ee73f8f4370d126cfdf90fbcf1fa89d166bd8fea5fc747a568c235c310745fac997657d4180fc06958f732d58a5212c43fc3e618bdebbf10a11dc9a48834d4ff49e76df0c86b744767d0c7807f9532e6a8b55a51c1a7784e41d7903d0a18f53a57690679decc172ecba428edde3ebec2ae95104221cd89d0cbef33cd1f1d3b5c7908c9daf1c106a37bca10c6c82f225a2b142108bf5c60d81c07a34c73485114df1610e859da5d2c8b9ddfd1ab30d6e35a3f1adf80165efc3756d73375f0d519aab35652cc2c5983584da969c64a5e7a6196c3d58cc475cd7b5c5d29da1dbb1b35063e2e41c224eb53c43f1c9bab8ac3e3432dc0bb5d7a7ecb59b9ab0a06714a16f052954e0ce60337f5c678bb4362deefb5d68dbc41fff170e98e1e2e880bc7b50ceb30e5a191453ede81abea03d97d4dd8d9e90f603528e124081a4ee929f13e629ec1d8674f32047d2ca890d6df5b8608b773304e9ab09f8b8f3579cea840edb989ef00d7ba7f259e22a4335fcd0a19a59f56a05651407b1629cd37bc19523e21e79420066236fe549d0ac436af34442aab506b2e8dae524bf5e63f2d76d8c4d47281ba7aaae2a464f56ad44971fb10bfc02a9625c739cefd591d7007459745df3044555b8d2dfebdd4afdf92bef3367eea7f6ab4586925e45778037742214a7b2aca139e1f0c9f4790d541b425d19e92d07de33b5089a551c4074bcf08876ccbd6fbde18b626357e962d6051d678d2378e3e3da1cffb1790bad3153dc6c447e221e1818afc0703bd4c2c18cf9c1605798a0212ba4a27590b692badafa8a2ae68a14b30ed22faade2763b30471dccfe727560d0a8e71971e624536fd0edbddf8f0cfe7052bb98b99f48712ff3901efe6da3d9b6488d13315b614318830c56806189b76670cfaa37adfbb41f4a704916243aa58fdf270354c809254f9935f91ba21b63bbdf65e57f29dc658b72141f9e2f36443932c8ecba44920f73c983d95417299ef6ad5482ddf7eb374c2ed9e42c56216211ef3c490d327ae3cd1aef27fc0049ec406167d43336ab2f9725d16d356b73ea2684762b043294042da2d904e7af8b3a584057ec1785236f4812b262c6779b57122d04ed8d1ca21c1e457b813c289a4a5a87252848b0fa712d73b8285b1bb7aea5f748676350d72639d3dac12c4397cbc447a5adeb9817f4d728638bf5dc295c98bb5bfe44578d7031b18134cd4107b37dc6ac2f0f386edf96d2afcd73a61cb94070442c8237ad67093bbb451be99e898b478dcbe1c3075b46f2004a3f5a4a89179ba9a0de3fb84aad494baebba4e6130ccf112b808160a9fc2ee4bc01d3155ba2569005610e6f462423b2f1d9180e371be3b1ee8aece8c55f40c39d8ef37dd9f547edcfa907c512e36571080603fa417874162aadaa4d4f2a6c4f33529760a50ace1fba20292cda4d0e0e9631b7ed3e54c1672a8009ad685daf9de9b4b7da11501f7a26d9709293768da9f84206cbf0a29f4af3ab61cc81aecd38b1f026a7f4feb2f04b0c90290df86f94f2a385d5db4cc503e7bef43628da6fa56963fcb17b0714c14affbf9f63b3efafc057ccc7f7655ee1916cea74fdd2183a537c4b8f45554dc1b3bfca1b741d5d96f7bf9587ae443c8747e9de53c6269551c0ce95ebb143c57ee6c74aeea4faffa4aeb2d0958b664a864783446ae881cb063a212115c6bbf3e88311a4d4d08ae9dcb44b0ec195ae5dff4994b98f9f49b432b15f7cf1b48fa8f6f349ec2ff1586b97440f08aad44ab4e2156da4cbd46d63be872c40a97a209f877ae2b6cf8cd850656ad56dfb1c7470b38ed3fc9ea84c612d9cc567fc16711dbe216f22092121d188f200de46c0bea4a2481ec4a7eec24061d64e6368dddfeee858361655899c9df524b23a02f86666872381b7bfc033c9ccda5e2ba3649d18ef2709bb5f00e8d0231ed77676426647f323ea247a4c7ebe1ef683334d99768c0685e9cc8a660a64ba3b38f7c585f20377443da58ca3eaa8b0f49d9a01667e045661bff8e9736a8edf4fc5cd6e8b9a7aec3d3e46c238daaf10c4acaa12ffc38b38e4838d5812e7cb70746ba33aa7506a57c80215e28a7171421088caf5094e9afe067d0c1d64e8b6413776f358b5d6ae4981c26ff455c05515ef692da9126a3c0253a63931cb07fc5360cbabbd1c673deac99d731476248d3342b2dc0f52f6a4c3af17fa230c390e47e76861f57f07e57eb84c089c645b4fd3d79b44334877da38b4d151f60985f273557ff5ebc147bc12df1db67610a75cae820cde326ffe824b65c4cdc6ed8011c7bb55f3599d1944e2f087292585ea5972b68565206e946d13e3d6797f7de7d07a9095507bff899d340b849cccc572aa9dc833989cb82977e95290f2a97452eeeee9cefd4f6ada6ac5d168d4ca34731a1e42f3a57d3ed36742e3a28d2863a5b5140e96b4d4766c0f1a7e49d14f1bd2b1d6f491c94a2266e5f2060c3e9d3a644fd518472e1cc5d7e486bf4a427b042c33a4f6326697f768b733d4f80cf64be904c00e713423e3339b51d90faa11c4dcacc133eba588715765ff8067fb625e0ade1cc28c770ec0b263a6883eb0f11656153e493fc409497e00804302f0faa1d1f00bb834fef2ca74b883a2d560d960fc4cc2003dd05b5696a5b73f538e7a04f4a3eb56de6dfbcf25667e61d6e27be85ca21ae8ed277c5b9df79ba3af2bcb7d94af016178d5c6f6bcf7d5f1c3b551c7a40e35f43d234590b1c3a02c71eb23f0572a6a6dfbfd55671640e7e5b263f2b18ea5e732a57261ec83b991cf9cc7d5b3049628f5b969f7e376c68b3d081cd9a721b4bba741e45e4af27294f44ac43759809ced0fec574f4c35de3a2fab98d277d3254472a248948ada2e4636b823b5e5830b736ac390e2327244e4721bca45c0eaf9c96ca89433f77e6c7fd55667cd09804d213ce7165ce8ebbf3e01965a75e3df5ceea59d81805d6bb06a13945c15e9dc975ca53c8879efe7c79242b2f756bb06f7ef74d5ee016d06870c39ec073bd15d5fad8dbbfaecb284816f44b277f49e9227e6ae22edc0f273e915865c09eea4f69499735ad29684310cafd7bc3b9016cd78769ca5bc1e4ed0f5acb743b9bee7ca2763a5ea28f48d5cd4a2bde2f80bdb4d05bc774c2e5d53f951b6aca3895172c356513d360f0f7b2176aa18e8c24db01c874cbe6ae9d88c509aba51a6878ab1879c5540f7bde3e7d8268e29910799b9f42e5520a8891f68c41f20db22450d3556b20f136ff1b36ef59fffbf0b825828ffa14e770030cfb5a9c538870f442dfb75ff0860217d0aa00688eac9a695839fbb6731b2f62138b3deddb53a402384da33b46525d3aa475841e26fa4661f50321d818d8f0bd48fe2972b9c9a5fa9333fbfc6f650a909d144f858501bd40dcc088e2e838923446c44288401d74024c60f6caefa731531ae83661a7144475d1034ca24edc947641c1494c15fb2c8a6ed7206c930bb8ba87692f754a872282d1abb248c279176357f8b330414064c5d0cf07f385c9ad547fd72ca77b38d8f1f61ae14de3f4e64b25aad72bd2a5944b43fe25f1de8c58421e08584368c8e06f85f2ebfbd9082743d5e95ab88530014b4f7e0e46e8c511dfdf025b9abf4e33f25069beb3df4a495c1de3718976f8c76d1356ccf18a707e10824468c24f23093d8eb4fb021a64a447fb80d229b8d259dedef043ca8772e1a357d7e92090d60d322ab67ff7827077e68351186882927d81bf4e34d90ec411fee0702277badb854a56a2e398923aee4dcf14fb1782da68391075c55bf5b6a9f702d48035685a821b618a55c5b4487f4a59f0a33d02e05905d36fcdc16ca2a51b14403dc271412ba2f51f469f64e16a99d057d19f39e848953fe780ac209e38c62f8041ca258d67e30eb9f2865d68f78a63a616bd00e1f877dc45842ae519a110b468baa2284d694e4dafd5ad5aa9e81a260b17b20edc037c5e0194613538aab78baab7a4e4635f8108044e690d5c87f7b51e9876048a86c8097c9e24c7b3aa3954d0fadc2a0584ec49141e41bd701e1b98474d14686a8c82e9a62ec05729e0838579033a0c51e2d27a7e33291c92fa729ae318dc2d43fb5d0580229fe9b970921d73ab1864724aa2044e4949c07fc81efa3a0d75ff2ad0c82a0e02d31f9552bff8cf7d89c31d44c0730c2c38762419bd823fc25c890d5cbb6804c59b18128324c0dd0fca3849424f09f547e6995d5fee193eb3f78c173bbed5f11bb6046f7107ae1fdd56a1f6282555c8c969e5b2d27f8b710881e7998fb3440584e12d8ebb12729a07bed14457ca7a28e8d2077990e3d1fdb4d09d55d7d8256d1c68b9136370835681613a305ed527104a57db4d9c02af3fdbf9e448282f5110f7d433bbb107cfe1c613afdd7b7de2eaca8218adffd0e42bfbcc82bf50c8ea6e06fccd15b33c24f08ab5dc49da1174d4a107c87f6db56de032886b0d9d325188c51cee2e72d974f57dd82a60354bc7c33401ea32168d758ffc21102be05df8d140d3b93e8f4a6363fd5d9909685e7d25111c37c4dc4e3fcaf9355b1dfc23b1b7d6b4aa57c870946c5f5232963f8771e8fc470c8ff80776d846925cb5ca019d3ece55abab5c3f5f3cb56dd311619261b88aaef0f3bd411ba9365f3100"/4096, 0x1000}, {&(0x7f00000001c0)="9b1b23be1f8faad4540ba771db6ab4f03e99cb392aacd9150316d80a9f2b4a2a3948e95574ad95a5240ec02511c8f7cdf76c0c814923ac33c8", 0x39}, {&(0x7f0000000440)="4a83c59ebca8bd6af51413cb82f10900864c2c37e94396543c2b4614ade69ec6f5a85457c36615b09bb9bdb3389ece241aeb0d9d78bf1c60a6b52fda483ca39892e0c638130936d73f7336f960248416ebca8fa637a0f2d379762527f80c6c8262b1293ec765e8fbb5956c6a5d706c272795182a721712fd43d85a2892b17866c7268b5105abe56845174762c8420405873ef076a2e4e0f346a5c96254ad488d952df445079388e5017c22167a21f0aa04a758cf50e6878ed573", 0xba}, {&(0x7f0000002600)="6db2b598a3da8ba0638ca94343b2b5109832fa7d75c9a345c7539ae3394c2d131667307f38251df50334e34baed199f212e01053e17a5420802e83b2d49baee3d7064c3c4c87cdbf132211f0bb2a5a53a5ab96b172a91b668611a31dc7939f3d8b72f1991600703d6e25c4e3f83db8afb5a4700b4c73ce7fab391c292c9d8fb0ed6f6b7af2c4330b9428d5740925b230c99ddec9f1b5ee495d611224db76e6383b1e695f14fae0b62e75258e2a7df409be201c5fde2e0b2992e700a9b4655096593deee6785e02987813df12f7157e181d6654b0a2370026a7b3aee8b3cdb442facb7013257041ff6701ce21b87e3e58d18672eecb79bb093b957218170a98a5774301d6e50550a090ba40cd65be2dba77ca4cbf000257b1b27fc36e2091f27f0ace8e177a997b5a1b7cfef2abaae19973699ac6bebf9705f24b417344b5477138a43dc61ee31892eed6d92e0f13fbeb9945d95e9edfe88649c21305adfc46048a05dda0e1ab44368a443132c79ce8aae4fd4e5b4e073e0a08a75071bd0d40ce87c0439b5577ac176900aec9bfd1c19d7113803472bfbc9f181572f9203ced072684e8618f8f729607c7562638a7f8d7413ba4b68b4be4244d83b150d53f2bdba78416c5b336f1723e4283b966679eef647e57daf416d6c2b5d9b99542d15dbabbb5f93476da4a0a5c7ef3221eac2dd9c710b63ba2cba8e2f23a7a4446df764bc553e92417094020f1374a0884816808119e6a97ee107767b38dfe19278d50de33dd92724a510703961bc5dbb5825935840f56cc07f13b603b0ec2a3bc0efe8fe100ffc7ba04c72a8ed84cbe955a306862e3a9e41eee33ff197dac4df9668d689d4ede7c382a804b12f30556b8620ddf378482536a85f00c8a24286a7ff4afff12147c87816bfd413fecf2fe4256ff53af97142516aa972d45ecb382656eb499a4bd50cdbb3f7ecfc12a052d237b9092b3bd355b0aabf6f8a8aae51ebad7e4844a33d4bbb6fc88524a1167aa8e8deee17f1890623882b69dac5a6caf56f5178b5ecff8499e27226bea8a4dc3bbf50127589a7feaea6424a76b6ea3cf9804e468f7306fca368382d65818c9a4c23be8346be1b2c8522332d308f1e0fe6dd418c1460085e3f5f1a9f07b92a0f52ea6a66d45878d34a94b78afb6440378a96ac55300f4227b3d49f0a261092f7a21fa66d01554efca40760d02c001f064c82dffa8ac63ba8fe96f8fc3b95a4a120b26210533ea0ede7e90db32cbd66126e7aae217aec59cfdece5e00c888817d315608e2368acdb3a471871ef8d806037b489c838f8ec5e33082e3c86041f1bc29660594ddf7d1cefaca4c6c891d42fb32a6a7f1a98905d17064fe2813dd9dcacbaa282c881998e23c3f40691fa9a8224b7cf5c75a1c3b4e5dae5991f9e5a242b811893899fde046a095ac63a805d836e00a9fc28ab40fb0e7a5cfb2b6fc195db7691dc26a49ce7fb161aa7d05a0a689ee3ed1790b981a666fe449571158cab47650bc47c409eda7af9ccb35eca3528e2c68b6162233fbc040ff455d42da9662225d6438c64b62fc547e52ce2dddb4e765a98452b24ff7806d48196ff3a0a0974e63136114717faa99f61d74251b773729f5c0554e3c55c59308693724e91b217a941df66260492a4ee27461b1a4b2cd3e114f06f246774963e0e43ffc7da3ef591e5f22a1ca2d17d223c2d5603b16c142924c9f79cbdf954192df0d8bc972be7163749b79e1ae3c79cf75b6ca665445ba169a194ddfd200f8ec036467ded99c57bb7220c0db6e9ca8f7213de0c51dd8a9935b23746efacbfaa882a8865868aa7ea903cb0e5e19b06ba7055a3d554e04fb35a15265979589df89f6df1e2c1b4f72cd1ce96a949e4dfe8b4e242cc823c023d7d97224c38e779a11b379de918f9e4d7c8b3bafca329a769349cc143d079ff26093f3bbdd3816548cabc84faa68011b243cdb10dd7c7cb2907559ff01a097749fef27d11ccfaf09a485252d5f1ada21946ca4bdc71fa06a4a83649b6510a5b826e94df5b4980d0eedfc9a7254ac64ecd48e406c41332b50c4c110300b73e0723918d9f8ed732bbecb100e7b14ec3783b4b29fce1aa9c78e4f55fbbaf1ebe1392f84ef77d3b18cfad7c04e4f5bd3959bc308d0a40b8386728ffb0c3c6dd244d4f43f01bf86beaf2f8ccf817fd271473ebf28391b563de58647051bc5c953ab5116aaad44042f8a2569cf1927db2019af2352397bfe89c1b91ff30678c65e66bc68947705a5d2fbec481d4809cf0adbd1ad006360150a3f1d46856b8fb6d87f98dd4f05ffaf8b2a304645f0b83d9acef900230e3d7a4cf9780f09a168e634563fec9d48633b33dc510bf786a2b9b616f820d7b331beb46f4bc4da71d88fed4732d7ba8ee8a98750afafa7d63f31d732f32c5faf8968a0fc8b61ac2a68374c120e6137308053c1a0636a34b4b0e092c24385aa2d4b68980d21dc3f4519f24c163d5419f0dc23e04cdff7867ad4d61356754715f75fc0fdf06f6f3981f2f22901a6dac9fb171b44e76766bfe779d05d3b632416e0cbdcae90c2e2623fbc8693c3d97b4ea204faeb7f88554490d53887d50ec5b2149ef240a959ab10998f8c10ea30493c90094dff82adbc845ae54252a6123e99555274427bf30d75fe0d27a7a46f3cc084d25ad104e7afef0bb3e86147189ca85d54096ff6c145908356063285f4aa628895d2f41c737ede27cd8425b7235cd607dd01792257af20144ed679e9eed1a30c76b0265e80ff3eb903581e2ac3be135a492b440de3e97bbc1346c1c9a387201b7cc18f05792729fbd4d03857364b3c580dfcc08430d8c423c65188075222bd7b3a1b1791a1b6f16ca434cc6daa99f8c7c7ebc44a87635c11eff57bdb8d5e851babe7ddfcde6c09bbd69f5705e6252b264c4a46a5bc3876fff2fdc0df747c0e1fce3f085d5be2e0ed44a8ce27788c1b0cccbeb279cede510f92b119b0f483a529e8407f4b8119e96ff55311bcad3919e0ab8cc47202a8b8b0c8c797279a413048ec01136208b29ee5d08e6ed6639775ebeb0040574bfcbbb4d50793b26dc339ec5183939550906ec86e861fd1a956d3de872f94ad3c667546ee2beae21fb7c3ebbdbffd657a64e739e359a25b96ff35031180ff4395066abe6fdbc7a70812c40309d445844439da33e9ae05cad9c6856d95c9caf70482d892d219366843d383af8341d92180385f76dd8c78703839d5ef29ee8a63668c28c9fc817c0f456518e1715f4c63fa3f499b53c7286f07ed0e1e744cd4596e8a8671f312a165672d65ab8a0deaaa0fe0ed27e085b004552e994988564c2a399b280aef90befb7b928ce720acfb9271455935d5a6178ef81a7af4fae640eeaaca9bdc521e64c8977734210bf0743bd8c28032912602fa5bb121fc258a91d6547ae24b7c74524851a2497ad6d68fc8bc909d80ed5cec92781fd7c8dea23ced406139ee448f60501ae5e6ed2c86a23269b0c16a9940c1fd10a90d165ff02bf062e062f4518b0e11886784176de295e6e384021ea6c122e043a060281c69cb16c9d4cd303a2c340a653c5f2b3089d63e65d2baa61707c059c519db60a0fc7420c0a05cae4d57665751db365caf504d0b52a5452c220abc4fcd68bf620cb55d204d65eb5cd22590dbf637f88aeff3525d8088766b522b69e7a0a37563a84a822b72d404a389789d12371299c3649ff7edd12af7dc3fac0e6985745a44d2f4e782f5dd67392b518194ed8d2616ecc8e31f4ab486727bb9244aedb2ad707b429620745fc2832051f5776669c0f03b2de7fdb9356836f43a9bdad47cbf062999405ea71d902042070dd1162d49c0195dedce0729d12f41563c0d8934d68279e0f8a4db22718a2220786c4e40e1e927735234a301d64382b06161a8fe436f17be49d1d39f38d7263a8380a38d9cc1bbb00f1ba7389d2bb659fded51491ae64ac53712a4eb29a8c201f9e00189058910ae51ee85b7ea3ff7efa2fd5686ee47ddaea3d211bd53b507e9b1b452817bb9365239916a2799d50ae7f06aa28b958e44aafa56e0592b48748893adbb3442f8a5716c1253d24ad22ff1f8d54c0d01c3b1eef35e7a09e4e46dbbab53ceae55cb941f68e1b23f68caf053c09971eb9baa63b1124199d13679852d1e8b68536e278e55eca6015187a308e0665a95ffb3494677581188e13047c7a336176d5153efb3152bc193f04375c65995f5eb911244a65a3c9888a306334da61ed384bd55d282ee2cd1776b5512a0251ac41d704d1763c949a6bf954d52b7d4f8b303f2692a35a786f6726120262402ccfba08b467b63e8ad4f8ce126e1ab26aa18d34836376cfd07a0c36645c2e9940f0a890eaf65794c9ec4cef8bc3bcb05f13b54daae5c2a6385876613dc0a862ada0564b2a99822f16903662767d3f13ef265a701b6d6181ad960399b0f325044e258c786a4f3f519a23cc2b080883996594ab08269a123fefa55f3cf2616ff19fb78bc7e106280e14fb647ad9c4af0912fb6c16a667badb61e92ca003c8894ff14cf3eedb7166210816f7a1605112ba5f29d6d3fc317e93e65394c80cd7ff3c61cbb8bb7a636d4aa98219f0b397ed757fe838311b80f0d8969875d0f1581ec61f10c86223dc115191e912139ee8564a5ac813dde6078355bc702ec17cc318d53afcd2fc2f892b385f62e041281722d31e3e318fa4b6fc951a6b4795e006847e734334da9daa02865a1e2c344f077e351f04d5b7af7d6d8db8141c6a53c3eec2c67aa29a839c60a744569269eeb024509bb8d82f1745548220d103c03432e2dff1c43aeb1e801ab4f2d8e5b5333c1444a24e3e1dd1fb5a2470837e4ace08867dc83afd19eca475fd7d10c1357743df0b0de4dfa282746c4ba82a9ede1729722e0fbd24266f8bb26a81cfefbe558a11138accff381d66c97de22e541b4e83503147b4eaa6f0384f6ec9cdf3331752b2baf19eb69e1834a464d8c4a60f7c639d297e1706f1ecc2bb02fcb03588388aaaf0afd695ff449bc2701bf2ff2b8ecf765caf04270e127a6ef9d7d4ff42c6f83e4b36b1d2e83a2aba7ef479a2e578857dbc337df843b3ee1ba05ea3f578f815e1e56bab8e0a37c5d9e4537195e2857a0ad0e261dcd98826b90128230e713f7f413e4ef7b9c92c27f6d816ac7ca56c51f1501f55c08d96cd84df5718a0162e4fe44d817ef9be4f944fea2fff0f4a1161d655354adf291329902411bc720a0d8bb8e6907e88a7ffaf4bad55f371fff51fa58dab63300a3b05a483dcde8d145c573d62546a2d3f93d00c5f0184699fb27b8e5f39174569885cb863a1ae595d23d21cb6c5f2bc104103783e132909e694864452717c6597a54043b85f3d3f7fd32c6cb025eb2ead59a79e1dec29513850c1d99c3ca3c47170abbccb8713935f7ca089d58586d8243f900e544c6b9c0b1ac535a017ee6d4c4ba87564000d69567c65fafca46baf14c3a4c6b238d374e7d016db00f6330db1e749176bce668534cadbc46498f53ec2e10c7b757257e58b3558547c3b21f3e952585f553bf7eda5bc8f240f8f51e5644392629f4a9fae801cb2cd5790b6589668511aa9095c335f519096f55a0b028ea680b749392e27c6cefc4d7f6133180c4360568f03e85d60af196f4045839347509087c555e09fc1463e372f268f554bc0ad84ff38e63a9cdcc7bf31ae77341765e28128e71ff92865aa4fe5f1c20ca9b4b600f54ed55e812974925237511fe80c118cebe3fd1b56a9465a7c6d49119d380b111feddbe8a7c362d563683cdbe2d83929", 0x1000}, {&(0x7f0000000500)="2ee2e3cdd2d1896f2dc95c8ffed8223f9eb45ecc80263ece8d8581f00c4d29a61de6ba1a8f7913ab5d9bd67fa6c3636e5bac717b078bd68c32524daab9325dcd91140341387469c003513d5005524a7199ab8374a48b2d0d0a2d140dd654cededd652a394b578c889499525e33c1423f17a696fd9838021fc0905b41366e8bb56082df6c47a066450f3a9c761afc443339396d3c808dc9b2a06a8e9605102915d56fdfdef5f6cd112a8cb8ad1f4da5e00f98b4ff48304cfeb31cf57b8da04740f60793e5592a06b31d90e06379690c5800"/219, 0xdb}, {&(0x7f0000000200)="e9c0d454a0ce013eb6675b5bedb19468ca701178aee6a8aee69a89a56d456b12a3567b9b2252c10e7aaea6633f909dca4e533952b4ff8397c346806eccd5cd12012c25323ba31ff1a3a36632c6c4a86b8a6826f11226", 0x56}, {&(0x7f0000000c80)="4159b642749d92edb4a7ac6e4a17442e9bfda3fe0a754146f12d0db48d16befa41e542e14ba45181ff02fa7a613546ac1d6ca2aabee77db471b814bb7a9a5a56d58972d66238345acb2535f0c33b9c583d19116b95b726e8bd71fd8f6c13c0c21cbd4d05ec3071c4736f9f057910e969d972ac04d4", 0x75}, {&(0x7f0000000340)="52d2d5be998c76bd69044f9c938f756529254a59d7affae07b6954bc7874b97e8c761280de821d6e06b6b5f6fbb9a21032a782dc95a876", 0x37}, {&(0x7f00000006c0)="47c8f73f40c20c20f802019cf2137b85ad6caf8f673e4621836e0f0f", 0x1c}], 0x9, &(0x7f0000000d80)=ANY=[@ANYBLOB="0c0000000100000001000000180000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=r6, @ANYBLOB="180000000100000002000000", @ANYRES32=r7, @ANYRES32=r9, @ANYRES32=r10, @ANYBLOB="180000000100000002000000", @ANYRES16=r4, @ANYRES32=r14, @ANYRES32=r11, @ANYBLOB="140000000100000001000000", @ANYRES32=r4, @ANYRES32=r1, @ANYBLOB="180400000100000002000000", @ANYRES32=r12, @ANYRES32=r13, @ANYRES32=r15], 0x80, 0x80}}], 0x1, 0x840) ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000000640)={0x2, {0x2, 0xd4b, 0xd, 0x8, 0x80, 0x2}}) r16 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_qrtr_SIOCGIFADDR(r16, 0x8915, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0) 1.529896393s ago: executing program 2 (id=482): socket$nl_netfilter(0x10, 0x3, 0xc) socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0xfffffffe}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) bind$alg(0xffffffffffffffff, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x6, 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="1802000067f9bfff00", @ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$IPCTNL_MSG_CT_GET_DYING(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x5}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000540)="64b61d9b104c99176403699c7d94", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0) r5 = syz_io_uring_setup(0x5c2, &(0x7f0000000740)={0x0, 0x79f5, 0x0, 0xffffffff}, &(0x7f0000000300)=0x0, &(0x7f00000002c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0x6, 0x0, 0x4) syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x40, 0x0, r1, 0x0, &(0x7f0000000340)="f87b5c36d82c8ee650519b5c4ca6c461cf4c58a9d37152c47f956a178a6c1746795c210233f0aa909cdcceae84e43a0ad5a4c5eb7bbb4f8a871f41d7a2fbe36b9529e7391ec53d3d56140285beba167bb42a62499e7b06dc60e8b7b205", 0x5d, 0x40002100}) io_uring_enter(r5, 0x6e2, 0x600, 0x1, 0x0, 0x0) preadv2(r4, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1) 1.449915122s ago: executing program 0 (id=483): r0 = memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc00xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) openat$misdntimer(0xffffffffffffff9c, 0x0, 0xc00, 0x0) r5 = socket$rxrpc(0x21, 0x2, 0xa) mkdir(&(0x7f0000000140)='./file0\x00', 0xd2) ioctl$sock_SIOCGPGRP(r5, 0x8904, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r6 = openat$ndctl0(0xffffff9c, &(0x7f0000000300), 0x20200, 0x0) ioctl$HIDIOCGVERSION(r6, 0x80044801, 0x0) 1.436940202s ago: executing program 1 (id=484): socket$nl_netfilter(0x10, 0x3, 0xc) socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0xfffffffe}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) bind$alg(0xffffffffffffffff, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x6, 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="1802000067f9bf", @ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$IPCTNL_MSG_CT_GET_DYING(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x5}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000540)="64b61d9b104c99176403699c7d94", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0) r5 = syz_io_uring_setup(0x5c2, &(0x7f0000000740)={0x0, 0x79f5, 0x0, 0xffffffff}, &(0x7f0000000300)=0x0, &(0x7f00000002c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0x6, 0x0, 0x4) syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x40, 0x0, r1, 0x0, &(0x7f0000000340)="f87b5c36d82c8ee650519b5c4ca6c461cf4c58a9d37152c47f956a178a6c1746795c210233f0aa909cdcceae84e43a0ad5a4c5eb7bbb4f8a871f41d7a2fbe36b9529e7391ec53d3d56140285beba167bb42a62499e7b06dc60e8b7b205", 0x5d, 0x40002100}) io_uring_enter(r5, 0x6e2, 0x600, 0x1, 0x0, 0x0) preadv2(r4, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1) 1.055234502s ago: executing program 3 (id=485): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2}, {0x0, 0x200000, 0x7}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0xec, 0x1a, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2}, {0x0, 0x200000, 0x7}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0) 1.054429209s ago: executing program 3 (id=486): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="08000300000000000c00060001f3"], 0x30}, 0x1, 0x0, 0x0, 0x4044401}, 0x20010) 949.762012ms ago: executing program 3 (id=487): r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000080)=0x80000003) r1 = dup2(r0, r0) read$FUSE(r1, &(0x7f00000063c0)={0x2020}, 0x2020) syz_fuse_handle_req(r1, &(0x7f0000000280)="0d1c409c14b8ddbbe2423ac75d732f3d0e9cd37b375b9673cb39c6b35cbb85c4ba83de9d23bbcdd53a9f0d7c92b66f6d877096b32f4bdac32a6136c86365cfd42c3b0a25fac76123b6d700d3ba70cc138bc435d3b1fcee2545c3a421119087bddbbfd0418488219343819cf0a6780d54166d2769a719b207136357ff3f505fc1d6144239ba630b15e7f8aeef7be5cb8c9e738faec0d1ab79d34b994e098323b94d32926bc3b0fd88c13cc781a0fc3da7c4d83fbaf3288fabe01685a3422570fa4cba7e840bd0a01e995c91c5aba51ca15461dc1916bde9e70c66f3aae48475e95aea1f8e6c6f10104d64f767b7f9b7909f5caa5fd61ec7bc7392bfb7fe4f1d1d0528601a87f9248693f31a0f2ea07a0f33e670bad3ba0c648266195c6d9a76cd973a9da6016d1f5e0d49122f64da8933cfcf6a970d11767279a9e8e37a30a007e6ea473e146069e72894fcd378e17d4fa761999c128492a0321c3153edf7b28d0cddd78758f5192a924fbe2e8c594cf35aeffc635b14903d134fc5f7857218f99266c64be16e5f4ad76a8b5f6d39ca2451afcdcb0cf42322a5166becc90621f99f28e42bb2cb610039c45e54cc4bb8e8210e612a3f1ac93366b7bd77410af8b4b3eb03085354c9f8d12cc62da82eff96a006dab656c10e1bf210124b0ed6841158ec70981a399ba7c406f3014bf77553be6197d79dc1d31ac4c598bdbd007578d50f00ce85810e0759e91505549c70005a5f923aba20d8e05d0b764680b9ea259c8fa71f1ee36b71da662b825019c07aade7db363662103887079dea43ca30c32e4f0d9ff043720541633157a3ff1dc055ac1db5b25765b7ef2e338c104db28b6be7fdae54f04075e26ce38ec71d35c029df580ee3ef68e46359031aea121d0776398d1f1e28e9cbdc20cb58adf5dfa01a2819f697bb3189ac0d32eec43c0ef75f5bd4c7926d18daf9a6e9265c961aadbed4fb9627a1f0a6c3dde66fe5530993a7f150e5b361ad0db403a864ef4f5e0f21db55aa22055bdc5b282b057d07efd6abe23f941a62d6f613a1ff8d31da632284e89a3069c6b26ef35e55fc846fb1c28651cc5a879a4994568c4639b9fba8395014c9f4f6152cee1ddf8d582bc496bcbad8e39e0a5a3e713deed021eb9d5b3f8679a8bddc08ca77d7cd101006c5021b65cc7648a646735d9d7f6e54e4fb5bcf1fd9aee4beb700e597011a2fa6c01d22e9b6c7a5afd7def8ab0a3e612d8a5ce571dba2d0696155c3dbfcc851293eebccfac6855a7b024d762e768867f57446ecd6e1d09a31959a6374c50445884dfcc68a62662e5701a25a1da8e0abd0428bb558f9f7e74c250d4af62afad71e0f23268a955c548b41cc83f6810c72c832476383a355abfa449fc05c7afa2ed70849f175e826361882503246e688983f472c418578ae4c893d847c0c7f8ec99352d3024a69134dfccbc6ec3351b321483c57d2d1e77c0c7551cdaf4c14038844b1b05c25541d1d48bf0dfd1ae40c35872a5b37c2958e3a60187531814f3adff870aeb42cf611c3f777b08f7dcacf5c087b19c17dfca413097a603823363c2c55597330de20a73465ccbe5acfad066fcb17c177827cf081c588b73c042150bf1a18aff97518fbc1b4d5d22f29077e186ae9b998b4d6fdbcbc8c3bd57dcc61cc322537743ce480c1dea39adcc6a51da745a60e5272a7181986bcb992895035f0f882cdf79c56a84cd88c9bf0b7dab9c1f453cf4c05e2a33f43f4252fdcf99cf785e639bd9d11c374d4e3107ce128d2a823b6a8631a8fdebdf14a0bfc3f79d44cd54d3e8b9c5a3f41b9a1187e23f5a5eb5fadff92d746ff3befec7189ca19c1987551d0fec321cc306d235f82b3f479f3d7a3c1d2377afe3f22a49c682646e9893d7700061a0229a99d360f89d281dc6bb95b92329cc7277b89a9e6a3edd3c753cbb93e9f1249572bae520fb7c46970f527fd93c445a8159d4992badc395c05313462d37c4f651afbdb04f9f42ad4433c5c765735731ed6d8c97e4ca9fd3a1885de6c051e652a1ea40230e9d854ec2145c78ef5574deac83e78df8932dde1d5c46862c9f808394dc7f064b5649cc7b2627a55683ed33f2712ad2d4f77ec7f2be200e01fca138b3d1f42916a54a66561916bcbd3109f6eacf5096e478442e56e5af61f7c32c681bd35bf94a429a52024a48f6002978594418b66c6eb0fa91dccc4fa83d48927349b8a7cbb70670bd78b8acbbcb554a219cdc6740de4bbfcad2250fc219436ba5db017c172d6e24eaedf29d169b8867fc84eb2e721b31b08604a6fbd8d5edd9bb0152346509619f4a0f41090228b10868f56cd7d7c025cccc8f2b4a7d85ab91862c65d5d578fd5c046928c5c8f999611dea07a1451357b4365b33bac0a2a842b84e2cd4f790dca74cc962000f72d821b093e271e63680c0e9019769f3abed377f51f2e0a373958dfe351a1db29da4b74f9ba1250a8a0b985ed86cd7a2a4ede57ce00dbe77f5c797e6b9896ccb978d3a01047f9ac7d66e820073193b6a3400ff41f2f8a98a44a0d2a608db3000571efdade9a44f278272e7ada101d275c589fed2ee0191801b7a2ea62dec117c9cfd96ccb73de7fa2eb4d60a7ce1170047a5266668da1aa8489c6e4ce564607a485afc6991ba262cd6f155c23fbb47610f555e0be090854ffa0d610ae4baa1dbd1f36249beb0510b8d96132b6396a6261214f3153bfc4f0dcfeb55046bcca5868aa913316a2e802f9bfb51caacfd0045d96b3983b883db123da07fc20d06c973e3dc74c53006c77361cfa9d3b2062da3f9740cc7335ec792d1b2c767e86417433fe047c8d9368c0c51373b5e5158503afa52ab08ef49616499ccb8dc829e343d25fc1fc2ea6c95933295ab397f07703d1d8defebeb44a2a9556bbd5414cf921abfa8df9bc5ea76922d728ef0024f516c9fd7a2927a68ba9a7dcc4f52c3d8b72909b2bde14408e476778a3221644dfa13794e365a9ebb670eaf691b3c2393adc441519c1125b960ff109ccab52294c6584d74b3084cfda3707f7153681c88a1578a77be9224a70ce400f4af3dd72452df147476abf2668c1801fe538be40042717b6c468fe1a33d1d597fb637396b8ebed9f64eee42e645bd8dc0e63fbd3a139bce3157ce7ed6f5f643ee26847908efaf61cd977627647bc0e4f119b924bb185664f1dcf2240b2697c89e8f569332d19ceec176642ebf0bf509bd3b9477272159d45b708510908e74cc5e0304104d5ed6e578b46dffcf64367fe9d274ab8f16f3154f3e83ce6d3ae92a2644ceeb8ec33e07f728319eb69dfa37bb70b40a1001ff0157173e33af633496062b17cfab8b5c06ef2fadfef280da4e1f70fbbac10981a0b35f3ada39733d7d31798e455f0dd1c530939f09df43b5aff342c39052a51d773b22acbc8c1525f3572ef469eefe66d1895a9ca3c637286e3f9acd29e890ffccbb313dd9da50aacce808d06d0b109a16a1c2bf69fc4b85b9b7cc9b9ba9e5d709c65fd0a879032caee38315eb049b12f11c4d485ef426fff3a4f91b4f1ad4c192c4074636787ff966f82c8d4fcad13a7b581718ee7318f6731da2eb1338c95c35f1f2e082bedea7f05b87d891876cfab51ddf2908ebb2bc153c20001ae9c142b35a3de474b732c5f629bd948ac9230067120671d296001cabe19e3d2302c1f32e4fcff1681ab2ef216309c21c6a5afc51ac500687a5140d015ee2bda5f3d8a15826a21a0a9495b36fe958fff32afe270f809f3a8f8cd2d8992a859e5de779bd8aa4dc6979807171282ef34502f1bf34f529cdad15671692f232a9f2dd2107f8198f7a9ea5883cbeb2a060ff1b13fc1a4df315dff940e8f013e8142c640acf51ebb2b2f878dafb6c12747cef3061f2235bccceacce4bf9829df24b9f9e9c5c259aafbe61ff6be827e492e2c03fa1e9f936196ff9acb28081f7ca74109d823c5c96b1e808bc2b8072763954ec5691f7935284e045c6d86c5c68d69b4502a5132b3c1cdc5e000ed1f6aa4bc0a9090a8923004ac05558e08827c71fd2e24f931f880244143a8d092dc8bb2b48317ff49fa0b494b3fea0741fbcac6cf780f93db42f47d23170a70619d06b0462f2fb04dabe2a0c94a1d97ecb159d426df47f0a1e13764e045d97ba75fd0eede9711d112581b4a2e66b10077aa92c98e30d6504f0c08c0c68015c88abbc991d5a799e588d1ee7492d699126627ace339c1bb024a59ccd9d3df0197c8e56219d76698b61ec94927f41ccc7bc80ab6f65380d31d58f796e7e697b28e371ecd9ccf6b58e9cf32daee54c5228268446677f600ca8d091b6a4774749d40d6d4d6a009ae12bae1c530e6961420507a13a2a32c4f0863c790159a26588bed9f50b4ffbfc8649adc8144779653b4226fed5ab93570fb3edcc1be70780f6ddc8d9ef1ff39d22bd20cd8ae0195d02ada60fa0d65e065b7a3950d5a2b77546ad8f1c1018344589085638793d26fb4a5c59c23f1c9b148ddcbc478e1867e109590c44c14f5ad6e8cda21a75358cbfe6f397c711eead2b1c73df1453d184a44e85c2f6ac0c266b0f67b001426cec02efb66085bd1b8bcaf06d6709d545895337fe36e9d26417238f36be5ba51d5cd7cd7cec452780b72bc441052f67496ed8bb4d393db8da52aa3b0ef10a74a33c2b7ee24f76642f83bfc3e686951cbd1983f1ea54d536f6c86e8b20a4eaefb9ca57308abcfd81357e3d0eebeb0ff805c151ea1d0063c3bea7120562886fc4ce284f33d4a85c830d8b9b9b1295c352c3f5db54973a5ed3788e5396a1add7022546f13db95e4ad1a994142aa4f98d644cd822192e3e1875da3b4a6cfd61cca36a82fd4c1f09db84f6b379483e2b81749609750b493e406c8add341d8855ef47d8e8cd49e9d1340be1223d268bed3a2cc949b74cf01160723d26de9b11138fd8e8957354c2a58fa30903b7544d2bdf49249e5ca9f5d030f0c17e7ec605482523d1da3b3ca6c94c8724c20b929954c1c1f321ba7f77e2e954056a2838e57696e40a2fc9f8c2b7e25a41cd500f4fffb196810b3d77f79dfc1f7179fd4e2c63957c65da8325185cdfa37a82d42ebfc631a87ce7ba60ad09132f1eabe7b870c88fa277578e19a6adabd328e6b453dae201ce4327a378174695264ff4411a3815c362480058038b1b70b652e89b0c7743548b897c80c53b16aba4d244753fd8c14c8bcdbe2a2710df7842a8af2bd0a966632655c01bbc2604151b80e349b2f5f63fc8fdfb34c7223803fc0fd1dcf7fb5471c65f59ef9b02c3c0440f7e44fa4759782a46165c64e2ffc246d0438248c461e932806ddc20d3eeb597d74e9cbfba85951c601fd8b903c80f5d8bd5fc5b824cd63d9bc2d38438eb8a8bd1fbbad944b3ca074eb318ae074ef4d7f12076ac1809ca6868be7e5fcbb953ee70bcccb7cf51422e8293faf3e88d4b179b4c7a6ab53638eb05c902715c023f33ba9e121aed0b7b5f0544b5275cf22093e64a7038cda03fc9014002cb52d4568625d321b344e566b50a7e9695c79daab4aa0fc82790cd32708bdc0242686052677eb163cba152231e45d0ad1b8238a7d1230f43612ae8b9525d1f98372774a326e9baa48e69093b215ea503e054729722a71c7e6c58b958f3cec95fdbf1811b7c8a53787e95d266a70d408798e94d9579e813a8e9e3d4bdb4f2682f7aa30b659c722aa07faa911543c57db9fb3abf73ac5b4096cadb4bfa2b25e51b11e754348a2abff384a16194af26590ccd657cf76bae1f1246b67ee0834105f008cf77b1320ecfcb87bfa7d2b2fdec1330f54b6c6cf2280119e39e9a66ccef3df0c4297e1c861a027fa2ea5a1ab530f5b94a98895405c620bb6faecd7e80bfb42d1a4646360e0e8355af548439f8db48d583352ea84385e271b3067bf7b047e69e23c3bd2c3ea74df48b3649985b0ef12a9f3803ccfa52e01381d30a9005f0415a149557b67d0ac7c439ba8b20a9eb293ee4d357cc1d9e1e7f707ad77e58f22d2b26f9a8e726e826b6722c2b910416dcdaf772476e55256fefb1fa5de0139e15c2bf84e267be5d5381bb30607b731c8f305a1b4e1e4bae0b59e61dc77b13d129dfff4fdaf48f95038cc11b14e8266aac4d59fb40346c07a7fee92327e40905e40f8135b0f6e9e31969902e9926a99d7ae30891be917581189ff998ea5310da0cf72faae333ab8ee7cb9f78bb0a8695a841b8d37709e2826594cc8927f5dd98c53ea4c5246b5fc09f756f29b61c21996dcb6c0f1e476674aa9b6f69ccfcf8672b048ee723af55104da1c2f5250e8bbb3bdf2b7edb4878a902032ab4115f516d804d2cde7bce6b0c6dcd1f0d321fe4bb279e4c45294df0fd33956469839c70bcb68c033b597daf3f515354e72fd1ecff87e4b8d1ae52e6ef0fc773a49ca76d0659454b59e9c62fc8e10131e50893c0c0a997fb5766157701ce8e6a6482bd8b0b53a6b4fd4227d8e02c6453114f161017b18e52867282010df15c361a0ed3b17636adce6567ca97d4864dc15fca353490aecd5d26af991a92dcfd3e4dd38b8ed9181dee7e2e20cc2600c3211eecafd0dac537a693573e843259c30789a3d0ef91b78f95ed5da1c9e61716f651284e4eea663aab9c30d28a620745e44fbcf71221a23d332d411d17220c5a43321cbae90ba8104ffb4415d7563a21406d6be1fdc9abfff8998b51628b28b4ed84ded6804726cae5b62281949bb7cd7bec7bb2dfa8d831d4928b274c7452d2e9f8a37c67c98239b121d3acf381a10469d0dee019d38dbba865fdecfa34e39b0dcd4cf7a66e30f87d4f26d4190fdc62d44c850e94121ace3d531de3204ed5f838f5953c98b44a387a0cc95fc5e76facdf3a9f98183d32d887fb7d997a37b4737861bb12ea8e412e1015d3cceff7b448381f3fedd35a535e524f9e6df67e14882d9ec956a81e1972392c8c79cec77fe6d0f88a00710aaab4878187d6c387cf1ade1c61ca3b9bef117ad621c9a971d4f04a2e45314422f9f7606c932ab593db97747d7666948d04aacee1ceb6ae2fb205f32d953d94e5f2c7cb332eefa4bf11c999fb67e287960b64c36fa37de3c81fe53e057abc6f5575cb900a117242340126f721f8ad4c3d744440f2d9e1abf71fb24ca6f5abd392ce1110d4d138cd312373f99eef5a9b55a2a92a73be76860c380e5f2f1c9e5526ab5dc6f91d81d086dcfb70165c69b9bba0670366910ed053d43a61bc8215e95f304d73d38a689f174ac4940f1c7c87a011fbaa364e54887a0f38281509282943c38c77f9dbf385d0f8f62d30b300ae7ce24eb5b855057fc4fc8efcb05c4451fbc4de6f8b545559fb2bd2f8200eaa2822990d4afa0398e4c4d40534ece023306239bd86e2a0b9ae2fbfa640046379c1e2f0471e0005bdbd929119e54808f53fbc9ae318fd128aecaee2e314efcd76085a1da95b1261a321fe8229434dcc57844f15914221116d53faef06466643b996d5802167c0dcabe44979e576b4290aceee7aa771820fe113b85162e45961dea78ba31e0c54faa89ef75263d15580dd144745ab42b5d510f1beb115832df59ce57be19113f97aa21d984448e7fbc92c1291fd84f98e9ddd832336be330528e9df7b88f17f47708dfa401ba49562ef3650155bca61a81348896c151d05651caf865a3c40dbaecde5036233dd42a23f5712c93b2fa1c3ab754445bd258491fcf508ac344eeb38db1a4cb9980b1d97b826d76b0b10f8b8937dd0a9385c66ffffdab1819049c35aaf90b15267f7c58ff236c425414286bc7dfc3bd22abea8aeaeb113592ed41fa566d1426c85c3db9ef04e70b31ea52ae2f9352ae1195035b517f7e36350906773fabaef38fb29348b9797ec90cce08e0afb923fcfe0fe62ed2abd97d39949993048ae10c5be54808986f6c4aa437e413b449f57b0b0fc6f393808631fac191af623b8e90193ef2b0dda64f26b4771ab256bccd61ebf4b7ad099156986d64e77d37039d4a2e5836528a10c8c9d9ca9c640804dbf2db4154384cd8a8c02ce863e102ea944c17a643c120361d631b7f349f920ae6bd06db3e3af1bf902c3204e8632d27bd928701ee206a7d64448f9a81265a17a31878e3c1a2a044fc6f956b557471d1bf7dfe160716028191e851e18439f4e3561aa589528889090a3b673f70aebc1edb12861277f04f300acd8278e5f640ac0dc7e4f8df3ea39186119b0599f3e7bedfa0ee65e4d25d8586a2d10e773182d98ea9eef3b3d9805697adce7daf083b8a934c0d9c6467be25a6a22b6b246abcb355d03b8c3345dff9f40e253ae80a2de668dd9da044a2b90bc5788b0fe3a2c6387b3c817ea456eb7713a728caf4287d15006500435ff93eb6803e42e57c087c483e23605d9dcd6f758883fbb990eb0f91f351191956ac451e1c1d1ae113c03311057f5e70d8231bef8edb7c2cbecc4ab3e46b02945afbcdb2e8b005819dd141055af1fd6a3240af08751cd3a78ff92e39bba4d3c23aef960646512b3b86d6a8fa6880cfce6d58e1fbe734ac5f9b7018451a7a5879b3767dfb359eee615bab65116237e5de5b96bf9fbacd11702c73a8e478a64895d15ac0110737c3ab91222bc4c87326b5d5e3cf089da0a76d43222a8eeeb5286a4cb2fced98ebc2f6e876e8ff48b6f8f8264e52cf5b38906d657bd8d0d91e2d7846224ac60526f878e8189d80957a73a0fb95223842fb819286234d742c0aee14c75ed069411f7631aaa3e2a011fe75e67131a51733b9d2dc7981935d559a08a965363cdbc02dbadfcc4435040cff61df0cea2dcc5017deab9076fcc1a11ebe5020b6c96a16425397df15881815cf60b942648c234a5614ecffd4d5de50884934bdbd5177d24ee76f0c97fd0a2b97e527fa86c73ec672398f1d88c03d467f2712908d8fff5e02b4e1fe2d7bff02205597b3a5360e2767a3d7c488d222a3ea39d3fec61423e349689297868a4bfcf08a0938729fbc819ca2181f03f4ea42c7892dccd76560f1ef812ba7380681a8943e7bf2d6bb0729002a33a4a595c411cec870e8757e5d9cddb17563a627e598bd170cb6eab4d0d8a02c926bd0d67d2084df5873591ba8da1309f9c309fcdb1e1afea2ed48b467170f9d2539e62e75ed1e9ad94e2f574bba5e25f7473534e82e91263cef442f31e9e568a3eafa2b9de2a99fa681c6f6f245db26c24d56ae77fe239c63a70c2edd113f0d48bf5c2a887e1512bfb2801a0c628d3b91f57b1d1401b0e5e6012d32dafacd08775b1b28f15c44b03cd340a4e45be0534c4f5099c5bda5ef0035ab7d1ddbdb2e73ad49e15f6a04b5b09280581ebe2ce940a8058e2d14a0556c14adce8a40b6f0f78cc6bf46f0d0b2c4f9ce79e60eadd828eec8fd5c6b1196f685add24c959d4f1c9cbf7d21fb010df2f26fd1f1a5186186de0ab6f7fbf7ac2406a815382aad4edde90c8aa08ce053e86777fcbb089b4cbeb596949ff04739b53c4262b84881814c1cee97eb9147854b54ea354d53d906869c21e5772be517c127a0feb3844acb8b721f060e065b096d5f390b3557e25d50bb887ac018564a9b3ca3fe38eec76dace59bcadb81ed3764c177766ffc8770b7eca1fd3c87f3fc84f157974dc6356ab41388d973ae0a5a4a1d3d08f207b4add5bb902034f0be23bd27010cf5fb3a8ce4c34b123be47bf50fb6ff1593602e720d893561f72fcabdf7141ea4a274d319e9157ee4deb55dd412296525a1d82726fc8e8ad1ebddd6f7ac4ac10d3f59473cf5b0ae0644db9224268415ad314e4a7f4e4a17be80425198c097287ef95948ef260eb02d59e235caabeb1bcbf8829240e5637358879016ea8b5b06337d58aab36bc1a981d7667974068ca1a353a8caad2885236f407fcfc277210ff15f4d7d0caa2b31e5f745f455ff36a5fd9a9036c02f319a049ecb1d67c057130ae3d68374c82191059b44f8aebdf4574cd84cf7c031b6e177e8f5808f25ac76df8d7f9aada99e1a16ea5b22cc4bb349a352aceb2cb1ea47710704d446498f4d6ff2d8705797cfe62e03de9064a5831df451d021fcd93a71c3105f81df9d1ce5dc27d26d77326ab4bedf0c428a70772f2b0630b0640f643292e68e9b44d53f5c401f6ee09f8217b77b2d308e13cbedefa56920ad948b464a74c3e9ca9259d10132880d7dbd2c972c772985f7022a41ef473c254289982b9cde41f937a1de59b9a50caf728accac23ba485842dae35ad4ed412a31d2a134bf05ede9fc70fab45fee38f1f7e749e803446b418cc1b5e7f2019777ae03eab5e129e1eef2195ca84cde2848df14a93bbc3a917f1e06ce3753cf127f2241295fb630f6e27eadeaff570f955ace44dd204dcc082f7bcbe310e2c33267852049cb839142d072e3f3ebb1fc289c78769fd0f05578630e42a5829b82c6d535c012204aa74659282ba0498156e2183ecee174054d45fd97e5a0159255d8af432563d367f045d209c67cc70f7cf13b9a6578983ea640f0e8e66113484f48d41cb65b1338eb6cec534b3acdf9e5a1a3ac9157d75986583edfda4958e79593b6808b4762f823a6f442ee1749e592bc103f2b9e16107b939ece49cb447e5a7d34d66f18567d0e981f4fef25a467144689662783503a03e1800d22f40f61903d8270453161a68386bdd94d59dd66eb5ae067d4129be23a0b17b89d0478734460bb88c5771d9444caa769aa62d56bd128bc328e03d2e18d966f5784398ca2aab86007f7ca00908d4bd7f2f3ecf3024110b073304c7bb17bd73725721a99e94c8d5e5da7a839d58f2196cace99b98d7f584a49fee2a426e6ec3f08e520f7965aa2dad97084c2ebed43c58dbc9116f420d4735decc47dea514b689f5479c56b6128dd684c4fbf0945aa15363276af833b27b82cb48541413bc9fc51f9ce57c14bb6c39f86cbc99b69e5d91e7cf72f340f67012eb2f5fb21d830e97eb3664674ecc36c754f90d1a8f6092fe3a48827849ec95ed35887cfd2ab3f26331bdc154ad034f31ef26ecec5feedac1367f4f642e99ebb409ddd5dd8d0087ebf048e4924a2119c69ff00af79233443b897f7bd1d80f4d34555719bd8dd9c0d824d0437c2adfc598fd4c2c2d8cf7693e05238987bdb9bb04751dfcd44fbced899a7dadef499b9bfb45ee52ea59369c950821a667712946c7207e36473660f3f9c9906ed889ffe7a8c735e98d41cc96aecf3e577072cb4711eb690d28ff41dbe9070cd73da26875994a7b8480f2d21bd4b92402bc293fea154071c401581a9b858dcb4113149105d793fd4d0e98894f228f24250ada364f49180fbd116e0677cbfbe928a840dbfab2791865cec67ab39affa7b76c266285ed2ede7ce77e9e6f21545b8d177cc73e5142e6bbfbb3e9793716de8d6faeb74e18475cac7541e3ccd875cc0dc8bd5a01e468700d5817fc44b6dd64d74dbe0b351c80815102a0dc2038c83dc75189bb4ca425eabeeaa70fcebfda8f16c4b083762811325fdc6b94f84b6d4629929b85d0cf678b28651cab8a825f28440ca4e7a2193c6f9c769b0aa226754fa8eabd7cd1d31ea2478a83e0d79eaff6f72bfb05c31098f4640256b8c21ef25808821c08cbc68e8b6205fdbcb10b17d63cfb5ead7fb8ae1", 0x2000, &(0x7f0000002cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_connect(0x1, 0x2d, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) 569.614993ms ago: executing program 0 (id=488): syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$audio(0xffffff9c, 0x0, 0x402, 0x0) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) writev(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000180)='\r', 0x1}], 0x1) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB="280300002d00090027bd7000000000000400000013031780", @ANYRESDEC=r2, @ANYRES32], 0x328}, 0x1, 0x0, 0x0, 0x800}, 0x40044085) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x80001) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0) ioctl$SNAPSHOT_CREATE_IMAGE(r4, 0x40043311, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000080)={&(0x7f00006c6000/0x400000)=nil, &(0x7f000018b000/0x3000)=nil, 0x400000, 0x0, 0x18100}) mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) 473.634527ms ago: executing program 1 (id=489): bpf$ITER_CREATE(0x21, &(0x7f0000000200), 0x8) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f00002da000/0x3000)=nil, 0x3000, 0x4, 0x10010, 0xffffffffffffffff, 0x7bc7d000) chroot(0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@deltfilter={0x88c, 0x2d, 0x4, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xc, 0x10}, {0x0, 0x7}, {0xc, 0xc}}, [@TCA_CHAIN={0x8, 0xb, 0xeb}, @TCA_RATE={0x6, 0x5, {0x4, 0x9}}, @TCA_CHAIN={0x8, 0xb, 0x7}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_basic={{0xa}, {0x83c, 0x2, [@TCA_BASIC_EMATCHES={0x4}, @TCA_BASIC_POLICE={0x834, 0x4, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x10001}, @TCA_POLICE_RATE={0x404, 0x2, [0x2, 0x7, 0x5, 0x8, 0xf, 0x0, 0x8, 0x1, 0x2, 0x5, 0x2, 0x1bae4000, 0x7ff, 0xbaf9, 0x80000000, 0x2, 0x1, 0xae000000, 0x4ff, 0x3, 0x8, 0x3, 0xe, 0x80000000, 0x1000, 0x80, 0x1d9, 0x0, 0xfffffffa, 0x2, 0x1, 0x1, 0x5, 0xa7d, 0x40, 0x101, 0x6, 0x9, 0xf8, 0x7b5e1067, 0xe, 0x400, 0x7ff, 0x9, 0x1187, 0x10, 0x8, 0x7, 0x100, 0xfac2, 0x2, 0x8, 0x5, 0x14, 0x8, 0x7fffffff, 0x5, 0xffff3829, 0x7fffffff, 0x83, 0x80000000, 0x7fffffff, 0xe439, 0x2, 0x6, 0x4, 0x8, 0x0, 0x102, 0x4, 0x7f, 0x3, 0x1, 0x2b5, 0xabf, 0x5, 0x200, 0x2, 0xfffffff7, 0xe, 0x3ff, 0x3a, 0x507b, 0x9, 0x10001, 0x9, 0x10, 0xfffff3b6, 0xd35, 0x1, 0x3, 0xfffffffd, 0x3ff, 0x101, 0xda, 0x4, 0x1ff, 0x6, 0x7, 0x9, 0x960, 0x9, 0xc, 0x4, 0x4, 0x9, 0x6, 0x8a, 0x7, 0x9, 0x5, 0x7, 0x8, 0xa, 0x2, 0x3, 0x9, 0x0, 0x8, 0x95c, 0xfff, 0x5, 0x3, 0x972, 0x80000000, 0x6, 0x80000000, 0x8, 0x7, 0x3, 0x1, 0x6, 0x3, 0xff, 0x101, 0x0, 0x2, 0x8, 0x7, 0x7fff, 0x6, 0x1, 0x0, 0x1, 0x80000001, 0xd, 0x3, 0x6, 0x40, 0x75, 0x7f, 0x9, 0x3, 0x2, 0x0, 0xfffffffb, 0x254, 0x1, 0x400, 0xfffffffe, 0x10c9, 0xfff, 0xc, 0x3, 0x80000000, 0x4, 0x337f, 0x3, 0x8, 0x2, 0x6, 0x3, 0xff, 0x7, 0x3, 0x8, 0x2, 0x80, 0x7, 0x8, 0x10, 0x6, 0x8, 0x80000001, 0x9, 0x142, 0x1ff, 0x50d2, 0x3, 0x0, 0xc, 0x4, 0x3, 0x5, 0x95, 0xffffaf8d, 0x4, 0x3, 0x5, 0x1, 0x0, 0x800, 0x8, 0x7, 0x1, 0xf5, 0x80, 0x11516000, 0x3, 0xff, 0xb91, 0x2, 0x1, 0x400, 0x4, 0x8, 0xfffffffe, 0x8000, 0x3, 0x0, 0x7ff, 0x950, 0x3c5, 0xfffffffb, 0xffffff50, 0x4, 0x1, 0x7, 0x401, 0x8, 0xfff, 0x800, 0x3, 0x1, 0x2, 0x8, 0x9, 0x674, 0x1000, 0x7, 0x7, 0x80000000, 0x2, 0x6, 0x8, 0x670, 0x2, 0x80000001, 0xa, 0x2, 0x9, 0x1, 0x5, 0x4, 0xfffffff7, 0x40]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0xfffffffc}, @TCA_POLICE_RESULT={0x8, 0x5, 0x4}, @TCA_POLICE_RATE={0x404, 0x2, [0x8, 0x0, 0xd, 0x10000, 0x0, 0x9, 0xc8, 0x9, 0x1000, 0x10000, 0x0, 0x7, 0x9, 0x0, 0x2, 0x3, 0xec1, 0xe7, 0x82, 0x9, 0x48a4, 0x5, 0x0, 0x26c, 0x8001, 0x66afa060, 0xffff, 0x8, 0x8, 0x7, 0x8001, 0x2, 0x369, 0x6, 0x0, 0x4, 0x2, 0x26d2, 0x5, 0x8, 0x9, 0x8, 0x7, 0x3, 0x6, 0x41b3, 0x6, 0x9, 0xf778, 0x9147, 0x6651, 0x100, 0x10001, 0x1, 0x9, 0xffffcf8b, 0xa, 0x3, 0x7f, 0x15, 0xbe91, 0x0, 0x7, 0x55, 0x7, 0x3, 0xfffffff5, 0xfff, 0x40, 0xef7, 0x1, 0xefe, 0x9, 0xd36b, 0x101, 0x2, 0x0, 0x0, 0x1881, 0x1, 0x6, 0x100, 0x8, 0x4, 0x200, 0x9a3, 0x7f, 0x50000, 0x8, 0x5, 0x2, 0x3, 0x8, 0x400, 0x6, 0xc406, 0x7, 0x6, 0x3, 0x1ff, 0x7, 0x7ff, 0x9, 0x7, 0x7, 0x100, 0x3, 0x9b, 0x8bb3, 0x81, 0xa32, 0x7, 0xffffffff, 0x5, 0xfffffff7, 0x2, 0x0, 0x4, 0x1d, 0x3, 0x7, 0x2, 0x3, 0x9, 0x5, 0x1, 0x0, 0x3, 0x1, 0x1, 0x3, 0x7ff, 0x7, 0x92b7, 0x40, 0x1, 0x40, 0xd8, 0x0, 0x2f, 0x1c, 0x5, 0x1, 0xff, 0x9, 0x0, 0x80000000, 0x1, 0x0, 0xa2ca, 0x6, 0x7, 0x3, 0x8, 0x2, 0x8, 0x6, 0x9, 0x401, 0x3, 0x0, 0xe, 0x600, 0x6, 0x27b, 0x3, 0x6, 0x4, 0x6, 0x9, 0xd1, 0x6, 0xc47, 0x9, 0x1186, 0x4d, 0x1, 0x6, 0x9, 0x2, 0x8, 0x4, 0x7ff, 0x3ff, 0x3, 0x8, 0xfffffff9, 0x0, 0xfffeffff, 0x3, 0x9, 0x8, 0x9cdc, 0x90000000, 0x2, 0x0, 0x6b, 0x1, 0x0, 0x5, 0x5, 0x3, 0x5, 0xffff7fff, 0x4, 0x3, 0x80000001, 0x6, 0xfffffffe, 0x7, 0x7, 0x4, 0x173ea81e, 0xe, 0x7, 0x6, 0x4, 0x2, 0x4, 0xf48, 0x1, 0x5, 0x9, 0x2, 0xffffc39b, 0x8d, 0xffffffff, 0x6, 0x1ff, 0x2, 0x7, 0xa, 0xf3, 0x2, 0x6, 0x5, 0x7, 0x10001, 0x7, 0x5, 0x7, 0xfffffffc, 0x10, 0x6, 0x8, 0x1, 0x0, 0x7, 0x7, 0x8, 0x2, 0x7f, 0x4, 0x6, 0x7, 0xb9d5]}, @TCA_POLICE_RATE64={0xc, 0x8, 0x6}]}]}}]}, 0x88c}}, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) munlockall() fsopen(0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = userfaultfd(0x80001) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000140)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) r4 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x1}, 0x1c) ioctl$UFFDIO_COPY(r3, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000}) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) close_range(r5, 0xffffffffffffffff, 0x0) r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) close(r6) recvmsg$can_raw(r6, &(0x7f0000000300)={&(0x7f00000000c0)=@pppol2tpv3in6, 0x80, 0x0, 0x0, &(0x7f0000000280)=""/74, 0x4a}, 0x0) uname(&(0x7f0000000000)=""/154) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 414.296265ms ago: executing program 2 (id=490): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="500000000a0601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) (fail_nth: 5) 413.991989ms ago: executing program 2 (id=491): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="580000001000010400"/20, @ANYRES32, @ANYBLOB="0000000000800200380012800b0001006272696467650000280002800c002300fbffffffffffffff050024000000000105"], 0x58}}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009002"]) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c000280050001"], 0x4c}}, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x22) rmdir(&(0x7f0000000080)='./cgroup/../file0\x00') r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, 0x0, 0x4000804) sendmsg$NFT_BATCH(r5, 0x0, 0x4000010) socket$key(0xf, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$xdp(0x2c, 0x3, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000001600000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48) r6 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r6, 0x6, 0x0, 0x0, 0x0) r7 = fsmount(r6, 0x0, 0x0) r8 = openat$cgroup_subtree(r7, &(0x7f0000000100), 0x2, 0x0) write$cgroup_subtree(r8, &(0x7f0000000980)={[{0x2d, 'pids'}]}, 0x1f) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, 0x0, 0x0) r9 = openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x20082, 0x0) ioctl$IOCTL_CONFIG_SYS_RESOURCE_PARAMETERS(r9, 0x40096100, 0x0) sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 170.018453ms ago: executing program 2 (id=492): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="500000000a0601020000000000000000020000000900020073797a31000000000500010007000000280005800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) 119.089321ms ago: executing program 2 (id=493): socket$inet(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000040)="0000006aac", 0x5) r2 = accept4(r1, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r2) sendmsg$nl_route_sched_retired(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002f80)=@delchain={0xc58, 0x65, 0x200, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x4, 0xfff2}, {0x5, 0xa}, {0x4, 0xf}}, [@f_tcindex={{0xc}, {0x810, 0x2, [@TCA_TCINDEX_POLICE={0x80c, 0x6, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1, 0x4, 0x5, 0x6, 0x2, 0x1, 0xffffff14, 0xa, 0x7, 0x7, 0x3, 0x0, 0x12bb1875, 0x766, 0x1ff, 0x101, 0x6, 0x7, 0x3, 0xffffffff, 0x4, 0x7b, 0xffffff00, 0x8, 0x800, 0x3, 0x3, 0x6, 0x7, 0x1, 0xffffffff, 0x2, 0x4, 0xd2, 0x3, 0x4, 0x3ff, 0x278, 0x7, 0x5, 0x5, 0x2, 0xff7, 0x4, 0x2, 0x2, 0xfffffffa, 0x8001, 0x3, 0xffffffff, 0xffff7fff, 0x3, 0x9, 0x7f, 0x2, 0x9, 0x1, 0x8, 0x101, 0x3ff, 0x8, 0x4, 0x1f8, 0x4, 0x5, 0x0, 0x9, 0x80000001, 0xffffff00, 0x4, 0xee2, 0x8, 0x1, 0xc0000000, 0x80, 0x7, 0x0, 0x2, 0x1, 0x2, 0x0, 0x8, 0x8, 0xa, 0x7, 0x7fffffff, 0x4, 0x7, 0x6, 0x1000, 0x8001, 0x3, 0x8, 0xe26, 0x101, 0x3, 0x5, 0x8000, 0x3, 0x1, 0x9, 0x80000000, 0x4, 0x2, 0x4, 0xd, 0x9, 0x7ff, 0xff, 0x2, 0x8, 0x4, 0x4, 0x9, 0x81, 0xffff, 0x9b7c, 0x101, 0x8, 0xa56, 0x2a, 0x2, 0x7f, 0xfff, 0x3, 0x1, 0x8, 0x1000, 0x4000000, 0x3, 0x10001, 0x2, 0xdb96, 0x8, 0x0, 0x5, 0x9, 0xf, 0x80000001, 0x15b3, 0xbaca, 0x4d27, 0x40, 0x41, 0x7, 0x6, 0x3, 0x2e, 0x9, 0x200, 0x62e111c5, 0x1, 0xfffffffc, 0x9feb, 0x7, 0x7, 0x4, 0x7, 0x0, 0x2, 0x1000, 0x40, 0xc, 0x8, 0x4, 0x4, 0x1000000, 0x3, 0x4896, 0xfffffe01, 0xffff, 0x40, 0x9733, 0x7, 0x759d, 0x5, 0x9, 0x7fff, 0xfffffc00, 0x9, 0x9bc7, 0x4, 0x1ff, 0x2, 0x9, 0xff, 0xfffffffa, 0x6, 0x1, 0x5, 0xd94, 0x8, 0x9, 0x0, 0x8, 0x2118, 0x7, 0x3, 0x2, 0x7, 0x1, 0x71, 0x1000, 0x8, 0x1, 0x5, 0x8, 0x80000001, 0x4, 0x1, 0x2, 0xfffffc00, 0x5, 0x5, 0x2, 0x7, 0x10000, 0x3, 0x5, 0x4, 0xff, 0x34fc62f0, 0x7, 0x7, 0x5, 0x1, 0xd18, 0x55, 0x1, 0x0, 0x40, 0x8, 0x7, 0x9, 0x5, 0x8, 0x3ff, 0x6, 0x4, 0xffffffff, 0x0, 0x5, 0x7, 0x80000001, 0x8, 0xb, 0xd249, 0x4, 0x5, 0x9, 0x7, 0x8000, 0x10000, 0xafee, 0x7fffffff, 0xae]}, @TCA_POLICE_RATE={0x404, 0x2, [0x101, 0x3, 0x5, 0x9, 0xfff, 0x7f, 0x400, 0x6, 0x40, 0xfffffff9, 0xf, 0x4, 0x7, 0xa706, 0x5, 0x800, 0xaf89, 0x400000, 0x200, 0x2, 0x81, 0x100, 0x1, 0x716, 0x7fff, 0x9, 0x0, 0x6, 0x6, 0x5, 0x3, 0x4, 0x4, 0xc, 0x0, 0x7, 0x7f, 0xffffffff, 0x0, 0x9, 0x7, 0xdf4a, 0x2, 0x4, 0x7, 0x4, 0x6939, 0x5, 0x0, 0x9, 0x10, 0x0, 0x9, 0x8, 0xffffffff, 0x6, 0x4, 0x4, 0x500, 0x7, 0x5, 0xff, 0x9, 0x81, 0x2, 0x3ff, 0x6, 0x3ff, 0x9, 0x7fff, 0x400, 0xfffffffa, 0x6, 0x9, 0x7, 0x10000, 0x6, 0x7, 0x81, 0x7ff, 0x2, 0x7, 0xf9d, 0x0, 0x0, 0x7ff, 0x8001, 0xf97, 0xff, 0x2, 0xfffffffc, 0xfffffffb, 0x0, 0x704, 0x9, 0x81, 0xe, 0xe, 0x7, 0x3, 0x1ff, 0x4, 0x8, 0x4, 0xd325, 0x7, 0x784, 0x6, 0x740, 0x9, 0xfffffff9, 0x2, 0x3ff, 0xf, 0x0, 0x7, 0xf4, 0x3, 0x6, 0x5, 0x835, 0x5, 0x5, 0x6, 0xc, 0x3, 0x83, 0x4, 0x40, 0x40, 0x2, 0xb, 0x38, 0x8001, 0x6, 0x6, 0xff, 0x38, 0x9, 0x6, 0x9fc, 0x40, 0xffff0001, 0x7ff, 0x7, 0x7, 0x1800, 0xfff, 0x71ca, 0xfffffff7, 0xf, 0xc690, 0x6, 0x9, 0x3892, 0x0, 0x0, 0x6, 0x4, 0x5, 0x5, 0x7, 0x77, 0x7, 0x800, 0x0, 0x101, 0x0, 0xc646, 0x200, 0x4, 0x7, 0x7fffffff, 0x3, 0xfffffffd, 0x17fa, 0x4, 0x6, 0x8, 0x6, 0x85c2, 0x8, 0x5, 0x9, 0xfffffffb, 0x4, 0x127, 0x16db, 0x8, 0x0, 0xfffffff9, 0x5, 0x6, 0x4, 0x9, 0x0, 0x4, 0x6, 0x5e79, 0xb0c9, 0x7, 0x6, 0x4c8, 0x6, 0x269c, 0x2c8, 0x1, 0xc, 0x6, 0x9, 0x1ff, 0x4, 0x5848, 0x3, 0xce, 0x4, 0x1, 0x9, 0x1, 0x358a, 0x0, 0x4, 0x7, 0x1, 0x8, 0xfff, 0x4, 0x0, 0x6, 0xfffffffd, 0x3, 0xfffffff7, 0x7, 0x7, 0xfffffff7, 0x8, 0x40, 0x8000, 0x3, 0x9, 0x4, 0x101, 0xc, 0x3, 0x5, 0x4, 0xb6, 0x2, 0x401, 0x8, 0x8, 0xffffff44, 0x2743, 0x6b8cc28e, 0x5, 0x8e0]}]}]}}, @f_tcindex={{0xc}, {0x40c, 0x2, [@TCA_TCINDEX_POLICE={0x408, 0x6, [@TCA_POLICE_RATE={0x404, 0x2, [0x6, 0x8, 0x4d8, 0xffffffff, 0x8d1, 0x8, 0x9, 0x9, 0x0, 0xfffffff7, 0x4, 0x3, 0x81, 0x8, 0x6, 0x6, 0xd62, 0x6, 0x7, 0x29, 0x5, 0x5, 0x8, 0x2, 0x1000, 0x2, 0x793, 0x4, 0x3, 0xffffdc7a, 0x5, 0x7fff, 0x1, 0x5, 0x4b37, 0x2, 0x4, 0xd9a, 0x1, 0x4e, 0x401, 0x800, 0x9, 0x1, 0x9, 0x1, 0x0, 0x9, 0x8, 0x4e, 0x0, 0x80, 0x10000, 0x80, 0x10000, 0x8, 0x4, 0x5, 0x7, 0x9, 0x2, 0x7fffffff, 0xfcf, 0x7, 0x2, 0x2, 0x4, 0x1000, 0xea, 0x1, 0x9, 0x5, 0x200, 0xfec0, 0xffffe49a, 0x2, 0x4, 0x58e, 0xffffffff, 0x5, 0x6, 0x7f, 0x400, 0x8, 0x80, 0x7, 0x3, 0x6, 0xd, 0x3, 0xce, 0xd, 0x7fffffff, 0x1, 0x6, 0x4, 0x6, 0x3, 0x7f, 0x8001, 0xed4b, 0x68, 0x9, 0xc, 0xffff, 0x9, 0x7, 0xabe1, 0xf97, 0x5, 0x4, 0x80000001, 0x6, 0x7, 0x6, 0x5, 0xfff, 0x3, 0x46, 0x3ff, 0x7e4d, 0x5, 0x0, 0x6, 0x9, 0x20000f1, 0x4, 0x3, 0x3, 0xb, 0x8, 0x7, 0xa, 0x6, 0x9, 0x2, 0x0, 0x4, 0x5d6e5b73, 0x8, 0x3, 0x1, 0x4a0b, 0x99f, 0x400, 0x3, 0x0, 0x3, 0x9, 0x401, 0x9e, 0x8000, 0xf8, 0x5, 0x2, 0xffffffff, 0x3, 0x7fffffff, 0x0, 0x2, 0x6, 0x8, 0x7, 0x80000000, 0x74, 0x1, 0x7, 0xa94, 0x3, 0x4, 0x44, 0x0, 0x1, 0x13, 0x5, 0x0, 0x7f, 0x4, 0x818, 0x1, 0x560, 0x6, 0x9, 0x3, 0x4, 0x1ff, 0x4, 0x8001, 0x44, 0x2, 0x9, 0x8, 0x3, 0x8000, 0x100, 0x1, 0x1b35709e, 0x9629, 0x1, 0x5, 0x400, 0x0, 0x0, 0xba9, 0x2, 0x7, 0xe1, 0x4, 0x7, 0x5, 0x2, 0x21, 0xfffffeff, 0x0, 0x2d5b, 0xd, 0x1, 0x1000, 0x9, 0x2a, 0x8, 0x4, 0x9, 0x7, 0x8, 0x5, 0x1, 0x6, 0x6, 0x1, 0x1, 0x80, 0x1, 0x5, 0x0, 0x7fffffff, 0x3ff, 0x2, 0x5, 0x9, 0x8001, 0x8ee, 0x8, 0x10000004, 0x2, 0x9, 0x8, 0xd, 0x8, 0x7, 0x1, 0x440, 0x1, 0xaa20, 0x5, 0x4]}]}]}}]}, 0xc58}}, 0x4080000) 0s ago: executing program 1 (id=494): socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) close(0x4) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00') unshare(0x68000000) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x28, 0x10, 0x801, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x53209, 0x18213}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) kernel console output (not intermixed with test programs): 6540][ T6136] __sys_sendmsg+0x16d/0x220 [ 54.336553][ T6136] ? __pfx___sys_sendmsg+0x10/0x10 [ 54.336570][ T6136] ? rcu_is_watching+0x12/0xc0 [ 54.336583][ T6136] __do_fast_syscall_32+0x73/0x120 [ 54.336600][ T6136] do_fast_syscall_32+0x32/0x80 [ 54.336616][ T6136] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 54.336628][ T6136] RIP: 0023:0xf705e579 [ 54.336636][ T6136] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 54.336646][ T6136] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 54.336655][ T6136] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000000 [ 54.336662][ T6136] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 54.336667][ T6136] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 54.336673][ T6136] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 54.336678][ T6136] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 54.336690][ T6136] [ 54.559342][ T6142] netlink: 156 bytes leftover after parsing attributes in process `syz.1.38'. [ 54.562400][ T6142] netlink: 156 bytes leftover after parsing attributes in process `syz.1.38'. [ 54.566114][ T6144] FAULT_INJECTION: forcing a failure. [ 54.566114][ T6144] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 54.572002][ T6144] CPU: 3 UID: 0 PID: 6144 Comm: syz.3.42 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 54.572036][ T6144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 54.572057][ T6144] Call Trace: [ 54.572064][ T6144] [ 54.572069][ T6144] dump_stack_lvl+0x16c/0x1f0 [ 54.572097][ T6144] should_fail_ex+0x512/0x640 [ 54.572123][ T6144] _copy_from_user+0x2e/0xd0 [ 54.572147][ T6144] get_compat_msghdr+0xa7/0x170 [ 54.572164][ T6144] ? __pfx_get_compat_msghdr+0x10/0x10 [ 54.572185][ T6144] ___sys_sendmsg+0x1ae/0x1d0 [ 54.572202][ T6144] ? __pfx____sys_sendmsg+0x10/0x10 [ 54.572243][ T6144] __sys_sendmsg+0x16d/0x220 [ 54.572260][ T6144] ? __pfx___sys_sendmsg+0x10/0x10 [ 54.572287][ T6144] ? rcu_is_watching+0x12/0xc0 [ 54.572307][ T6144] __do_fast_syscall_32+0x73/0x120 [ 54.572334][ T6144] do_fast_syscall_32+0x32/0x80 [ 54.572358][ T6144] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 54.572379][ T6144] RIP: 0023:0xf705e579 [ 54.572393][ T6144] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 54.572409][ T6144] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 54.572426][ T6144] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0 [ 54.572437][ T6144] RDX: 0000000020004094 RSI: 0000000000000000 RDI: 0000000000000000 [ 54.572446][ T6144] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 54.572457][ T6144] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 54.572466][ T6144] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 54.572485][ T6144] [ 54.829472][ T6151] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 55.162460][ T5948] Bluetooth: hci0: command tx timeout [ 55.162476][ T5949] Bluetooth: hci1: command tx timeout [ 55.240376][ T5949] Bluetooth: hci2: command tx timeout [ 55.241081][ T5948] Bluetooth: hci3: command tx timeout [ 55.281392][ T6160] netlink: 4 bytes leftover after parsing attributes in process `syz.1.45'. [ 55.287321][ T6160] netlink: 4 bytes leftover after parsing attributes in process `syz.1.45'. [ 55.661067][ T6173] netlink: 4 bytes leftover after parsing attributes in process `syz.2.48'. [ 55.667585][ T6173] netlink: 4 bytes leftover after parsing attributes in process `syz.2.48'. [ 55.778141][ T6176] netlink: 76 bytes leftover after parsing attributes in process `syz.1.49'. [ 55.815777][ T6180] netlink: 4 bytes leftover after parsing attributes in process `syz.1.50'. [ 55.821012][ T6180] netlink: 4 bytes leftover after parsing attributes in process `syz.1.50'. [ 55.840180][ T6008] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 56.004805][ T6008] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 56.007757][ T6008] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 56.010476][ T6008] usb 5-1: Product: syz [ 56.011850][ T6008] usb 5-1: Manufacturer: syz [ 56.013375][ T6008] usb 5-1: SerialNumber: syz [ 56.025528][ T6008] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 56.071706][ T76] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 56.859182][ T6193] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 56.862496][ T6193] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 57.080791][ T76] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 57.083605][ T76] ath9k_htc: Failed to initialize the device [ 57.104324][ T76] usb 5-1: ath9k_htc: USB layer deinitialized [ 57.112374][ T76] usb 5-1: USB disconnect, device number 2 [ 57.399067][ T6204] Zero length message leads to an empty skb [ 57.457939][ T6211] netlink: 76 bytes leftover after parsing attributes in process `syz.1.58'. [ 57.709760][ T6223] FAULT_INJECTION: forcing a failure. [ 57.709760][ T6223] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 57.727414][ T6223] CPU: 0 UID: 0 PID: 6223 Comm: syz.3.62 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 57.727452][ T6223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 57.727462][ T6223] Call Trace: [ 57.727467][ T6223] [ 57.727474][ T6223] dump_stack_lvl+0x16c/0x1f0 [ 57.727502][ T6223] should_fail_ex+0x512/0x640 [ 57.727529][ T6223] _copy_from_user+0x2e/0xd0 [ 57.727555][ T6223] memdup_user+0x6b/0xe0 [ 57.727576][ T6223] strndup_user+0x78/0xe0 [ 57.727597][ T6223] __ia32_sys_mount+0x137/0x310 [ 57.727616][ T6223] ? __pfx___ia32_sys_mount+0x10/0x10 [ 57.727634][ T6223] ? rcu_is_watching+0x12/0xc0 [ 57.727653][ T6223] __do_fast_syscall_32+0x73/0x120 [ 57.727679][ T6223] do_fast_syscall_32+0x32/0x80 [ 57.727703][ T6223] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 57.727722][ T6223] RIP: 0023:0xf705e579 [ 57.727734][ T6223] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 57.727748][ T6223] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 57.727763][ T6223] RAX: ffffffffffffffda RBX: 00000000800000c0 RCX: 0000000080000440 [ 57.727773][ T6223] RDX: 0000000080000280 RSI: 0000000000000000 RDI: 0000000000000000 [ 57.727782][ T6223] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 57.727808][ T6223] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 57.727818][ T6223] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 57.727839][ T6223] [ 58.778558][ T6247] netlink: 76 bytes leftover after parsing attributes in process `syz.1.67'. [ 59.012500][ T6253] netlink: 'syz.2.69': attribute type 1 has an invalid length. [ 59.211803][ T6260] batadv_slave_1: entered promiscuous mode [ 59.218885][ T6260] 9p: Unknown Cache mode or invalid value ahead [ 59.401384][ T6259] batadv_slave_1: left promiscuous mode [ 60.010335][ T6290] netlink: 76 bytes leftover after parsing attributes in process `syz.2.76'. [ 60.187899][ T6271] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 60.192197][ T6271] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 60.210166][ T6271] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 60.215150][ T6271] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 60.217388][ T6271] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 60.222695][ T6271] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 60.225536][ T6271] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 60.227582][ T6271] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 60.257726][ T6305] fuse: Bad value for 'fd' [ 60.260528][ T6305] overlayfs: missing 'lowerdir' [ 60.304508][ T6271] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 60.311090][ T6271] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 60.318145][ T6271] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 60.332949][ T6271] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 61.173275][ T6334] netlink: 76 bytes leftover after parsing attributes in process `syz.2.85'. [ 61.443904][ T6347] overlayfs: missing 'workdir' [ 61.468513][ T6345] netlink: 'syz.2.87': attribute type 1 has an invalid length. [ 61.480163][ T5948] Bluetooth: hci0: command 0x0c1a tx timeout [ 61.811234][ T6361] FAULT_INJECTION: forcing a failure. [ 61.811234][ T6361] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 61.815604][ T6361] CPU: 2 UID: 0 PID: 6361 Comm: syz.0.94 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 61.815618][ T6361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 61.815624][ T6361] Call Trace: [ 61.815630][ T6361] [ 61.815635][ T6361] dump_stack_lvl+0x16c/0x1f0 [ 61.815653][ T6361] should_fail_ex+0x512/0x640 [ 61.815672][ T6361] _copy_from_user+0x2e/0xd0 [ 61.815688][ T6361] get_compat_msghdr+0xa7/0x170 [ 61.815701][ T6361] ? __pfx_get_compat_msghdr+0x10/0x10 [ 61.815718][ T6361] ___sys_sendmsg+0x1ae/0x1d0 [ 61.815733][ T6361] ? __pfx____sys_sendmsg+0x10/0x10 [ 61.815780][ T6361] __sys_sendmsg+0x16d/0x220 [ 61.815795][ T6361] ? __pfx___sys_sendmsg+0x10/0x10 [ 61.815813][ T6361] ? rcu_is_watching+0x12/0xc0 [ 61.815826][ T6361] __do_fast_syscall_32+0x73/0x120 [ 61.815842][ T6361] do_fast_syscall_32+0x32/0x80 [ 61.815858][ T6361] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 61.815872][ T6361] RIP: 0023:0xf706e579 [ 61.815880][ T6361] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 61.815889][ T6361] RSP: 002b:00000000f505e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 61.815899][ T6361] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080 [ 61.815905][ T6361] RDX: 0000000000004080 RSI: 0000000000000000 RDI: 0000000000000000 [ 61.815911][ T6361] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 61.815916][ T6361] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 61.815922][ T6361] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 61.815936][ T6361] [ 62.003177][ T6364] mmap: syz.0.95 (6364) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 62.095912][ T6366] FAULT_INJECTION: forcing a failure. [ 62.095912][ T6366] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 62.100379][ T6366] CPU: 0 UID: 0 PID: 6366 Comm: syz.1.96 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 62.100393][ T6366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 62.100399][ T6366] Call Trace: [ 62.100402][ T6366] [ 62.100407][ T6366] dump_stack_lvl+0x16c/0x1f0 [ 62.100426][ T6366] should_fail_ex+0x512/0x640 [ 62.100444][ T6366] _copy_to_user+0x32/0xd0 [ 62.100455][ T6366] simple_read_from_buffer+0xcb/0x170 [ 62.100472][ T6366] proc_fail_nth_read+0x197/0x270 [ 62.100487][ T6366] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 62.100503][ T6366] ? rw_verify_area+0xcf/0x680 [ 62.100517][ T6366] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 62.100532][ T6366] vfs_read+0x1e1/0xc70 [ 62.100544][ T6366] ? __pfx___mutex_lock+0x10/0x10 [ 62.100559][ T6366] ? __pfx_vfs_read+0x10/0x10 [ 62.100573][ T6366] ? __fget_files+0x20e/0x3c0 [ 62.100586][ T6366] ksys_read+0x12a/0x240 [ 62.100596][ T6366] ? __pfx_ksys_read+0x10/0x10 [ 62.100607][ T6366] ? rcu_is_watching+0x12/0xc0 [ 62.100620][ T6366] __do_fast_syscall_32+0x73/0x120 [ 62.100637][ T6366] do_fast_syscall_32+0x32/0x80 [ 62.100653][ T6366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 62.100665][ T6366] RIP: 0023:0xf70fe579 [ 62.100674][ T6366] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 62.100683][ T6366] RSP: 002b:00000000f50ee590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 62.100693][ T6366] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f50ee620 [ 62.100699][ T6366] RDX: 000000000000000f RSI: 00000000f7462ff4 RDI: 0000000000000000 [ 62.100705][ T6366] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 62.100710][ T6366] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 62.100716][ T6366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 62.100728][ T6366] [ 62.280200][ T5949] Bluetooth: hci2: command 0x0c1a tx timeout [ 62.280901][ T5952] Bluetooth: hci1: command 0x0c1a tx timeout [ 62.360218][ T5952] Bluetooth: hci3: command 0x0c1a tx timeout [ 62.443235][ T6375] overlayfs: missing 'workdir' [ 62.787722][ T6383] netlink: 'syz.0.102': attribute type 8 has an invalid length. [ 62.793945][ T6383] netlink: 28 bytes leftover after parsing attributes in process `syz.0.102'. [ 63.058205][ T6387] netlink: 'syz.0.103': attribute type 4 has an invalid length. [ 63.153738][ T6390] netlink: 'syz.0.103': attribute type 4 has an invalid length. [ 63.192208][ T6389] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 63.234361][ T6393] FAULT_INJECTION: forcing a failure. [ 63.234361][ T6393] name failslab, interval 1, probability 0, space 0, times 0 [ 63.238652][ T6393] CPU: 2 UID: 0 PID: 6393 Comm: syz.2.105 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 63.238665][ T6393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 63.238671][ T6393] Call Trace: [ 63.238675][ T6393] [ 63.238680][ T6393] dump_stack_lvl+0x16c/0x1f0 [ 63.238698][ T6393] should_fail_ex+0x512/0x640 [ 63.238714][ T6393] ? __kmalloc_noprof+0xbf/0x510 [ 63.238727][ T6393] ? lsm_blob_alloc+0x68/0x90 [ 63.238736][ T6393] should_failslab+0xc2/0x120 [ 63.238749][ T6393] __kmalloc_noprof+0xd2/0x510 [ 63.238763][ T6393] lsm_blob_alloc+0x68/0x90 [ 63.238773][ T6393] security_sk_alloc+0x30/0x270 [ 63.238786][ T6393] sk_prot_alloc+0x1c7/0x2a0 [ 63.238802][ T6393] sk_alloc+0x36/0xc20 [ 63.238814][ T6393] __netlink_create+0x5e/0x2c0 [ 63.238825][ T6393] ? __wake_up+0x3f/0x60 [ 63.238837][ T6393] netlink_create+0x39e/0x620 [ 63.238849][ T6393] ? __pfx_genl_bind+0x10/0x10 [ 63.238862][ T6393] ? __pfx_genl_unbind+0x10/0x10 [ 63.238875][ T6393] ? __pfx_genl_release+0x10/0x10 [ 63.238891][ T6393] __sock_create+0x335/0x8d0 [ 63.238909][ T6393] __sys_socket+0x14d/0x260 [ 63.238919][ T6393] ? __pfx___sys_socket+0x10/0x10 [ 63.238932][ T6393] __ia32_compat_sys_socketcall+0x5ca/0x770 [ 63.238946][ T6393] ? __fget_files+0x20e/0x3c0 [ 63.238955][ T6393] ? __pfx___ia32_compat_sys_socketcall+0x10/0x10 [ 63.238970][ T6393] ? fput+0x70/0xf0 [ 63.238986][ T6393] ? rcu_is_watching+0x12/0xc0 [ 63.238999][ T6393] __do_fast_syscall_32+0x73/0x120 [ 63.239016][ T6393] do_fast_syscall_32+0x32/0x80 [ 63.239032][ T6393] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 63.239045][ T6393] RIP: 0023:0xf7fc3579 [ 63.239053][ T6393] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 63.239063][ T6393] RSP: 002b:00000000f50c44f0 EFLAGS: 00000286 ORIG_RAX: 0000000000000066 [ 63.239073][ T6393] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000f50c4500 [ 63.239079][ T6393] RDX: 00000000f7452ff4 RSI: 0000000000000000 RDI: 00000000f7452ff4 [ 63.239085][ T6393] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 63.239090][ T6393] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 63.239096][ T6393] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 63.239108][ T6393] [ 63.440386][ T6397] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.443453][ T6397] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.477938][ T6400] 9pnet_fd: p9_fd_create_unix (6400): address too long: ./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 63.510211][ T6397] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 63.552458][ T6397] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 63.570167][ T5952] Bluetooth: hci0: command 0x0c1a tx timeout [ 63.573347][ T6406] 9pnet_virtio: no channels available for device ./file0/file0 [ 63.601042][ T6397] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.604997][ T6397] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.608875][ T6397] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.613344][ T6397] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.732518][ T6408] capability: warning: `syz.1.111' uses deprecated v2 capabilities in a way that may be insecure [ 63.964008][ T6423] netlink: 4 bytes leftover after parsing attributes in process `syz.0.112'. [ 63.970386][ T6423] process 'syz.0.112' launched './file0' with NULL argv: empty string added [ 64.360183][ T5952] Bluetooth: hci1: command 0x0c1a tx timeout [ 64.360287][ T5948] Bluetooth: hci2: command 0x0c1a tx timeout [ 64.451657][ T5948] Bluetooth: hci3: command 0x0c1a tx timeout [ 64.517811][ T6435] FAULT_INJECTION: forcing a failure. [ 64.517811][ T6435] name failslab, interval 1, probability 0, space 0, times 0 [ 64.522814][ T6435] CPU: 2 UID: 0 PID: 6435 Comm: syz.3.118 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 64.522828][ T6435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 64.522834][ T6435] Call Trace: [ 64.522839][ T6435] [ 64.522842][ T6435] dump_stack_lvl+0x16c/0x1f0 [ 64.522863][ T6435] should_fail_ex+0x512/0x640 [ 64.522878][ T6435] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 64.522891][ T6435] should_failslab+0xc2/0x120 [ 64.522904][ T6435] __kmalloc_cache_noprof+0x6a/0x3e0 [ 64.522915][ T6435] ? __alloc_workqueue+0xda2/0x1810 [ 64.522931][ T6435] __alloc_workqueue+0xda2/0x1810 [ 64.522944][ T6435] ? __mutex_lock+0x1ca/0xb90 [ 64.522962][ T6435] ? loop_configure+0x2fb/0x1a30 [ 64.522980][ T6435] alloc_workqueue+0xd2/0x200 [ 64.522993][ T6435] ? __pfx_alloc_workqueue+0x10/0x10 [ 64.523014][ T6435] loop_configure+0x1271/0x1a30 [ 64.523038][ T6435] ? __lock_acquire+0xaa4/0x1ba0 [ 64.523053][ T6435] ? __pfx_loop_configure+0x10/0x10 [ 64.523081][ T6435] lo_ioctl+0xf6c/0x28e0 [ 64.523097][ T6435] ? __pfx_stack_trace_save+0x10/0x10 [ 64.523108][ T6435] ? stack_depot_save_flags+0x28/0xa50 [ 64.523124][ T6435] ? __lock_acquire+0xaa4/0x1ba0 [ 64.523138][ T6435] ? kasan_save_stack+0x42/0x60 [ 64.523149][ T6435] ? kasan_save_stack+0x33/0x60 [ 64.523159][ T6435] ? kasan_save_track+0x14/0x30 [ 64.523169][ T6435] ? kasan_save_free_info+0x3b/0x60 [ 64.523183][ T6435] ? __kasan_slab_free+0x51/0x70 [ 64.523194][ T6435] ? kfree+0x2b6/0x4d0 [ 64.523201][ T6435] ? tomoyo_path_number_perm+0x470/0x580 [ 64.523219][ T6435] ? security_file_ioctl_compat+0x9b/0x240 [ 64.523232][ T6435] ? __ia32_compat_sys_ioctl+0xc3/0x360 [ 64.523246][ T6435] ? __do_fast_syscall_32+0x73/0x120 [ 64.523261][ T6435] ? do_fast_syscall_32+0x32/0x80 [ 64.523276][ T6435] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 64.523290][ T6435] ? __pfx_lo_ioctl+0x10/0x10 [ 64.523319][ T6435] ? kasan_quarantine_put+0x10a/0x240 [ 64.523329][ T6435] ? lockdep_hardirqs_on+0x7c/0x110 [ 64.523345][ T6435] ? find_held_lock+0x2b/0x80 [ 64.523355][ T6435] ? tomoyo_path_number_perm+0x295/0x580 [ 64.523370][ T6435] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 64.523402][ T6435] lo_compat_ioctl+0xb9/0x170 [ 64.523417][ T6435] ? __pfx_lo_compat_ioctl+0x10/0x10 [ 64.523432][ T6435] compat_blkdev_ioctl+0x2eb/0x7a0 [ 64.523446][ T6435] ? __pfx_compat_blkdev_ioctl+0x10/0x10 [ 64.523458][ T6435] ? __fput_deferred+0x370/0x370 [ 64.523473][ T6435] ? __pfx_compat_blkdev_ioctl+0x10/0x10 [ 64.523487][ T6435] __ia32_compat_sys_ioctl+0x24f/0x360 [ 64.523503][ T6435] __do_fast_syscall_32+0x73/0x120 [ 64.523519][ T6435] do_fast_syscall_32+0x32/0x80 [ 64.523535][ T6435] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 64.523549][ T6435] RIP: 0023:0xf705e579 [ 64.523561][ T6435] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 64.523575][ T6435] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 64.523591][ T6435] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000004c0a [ 64.523603][ T6435] RDX: 0000000080000440 RSI: 0000000000000000 RDI: 0000000000000000 [ 64.523612][ T6435] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 64.523620][ T6435] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 64.523629][ T6435] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 64.523651][ T6435] [ 64.671030][ T6437] FAULT_INJECTION: forcing a failure. [ 64.671030][ T6437] name failslab, interval 1, probability 0, space 0, times 0 [ 64.675141][ T6437] CPU: 3 UID: 0 PID: 6437 Comm: syz.3.119 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 64.675154][ T6437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 64.675161][ T6437] Call Trace: [ 64.675165][ T6437] [ 64.675169][ T6437] dump_stack_lvl+0x16c/0x1f0 [ 64.675188][ T6437] should_fail_ex+0x512/0x640 [ 64.675206][ T6437] should_failslab+0xc2/0x120 [ 64.675220][ T6437] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 64.675233][ T6437] ? skb_clone+0x190/0x3f0 [ 64.675248][ T6437] skb_clone+0x190/0x3f0 [ 64.675262][ T6437] netlink_deliver_tap+0xabd/0xd30 [ 64.675279][ T6437] netlink_unicast+0x5df/0x7f0 [ 64.675294][ T6437] ? __pfx_netlink_unicast+0x10/0x10 [ 64.675312][ T6437] netlink_sendmsg+0x8d1/0xdd0 [ 64.675328][ T6437] ? __pfx_netlink_sendmsg+0x10/0x10 [ 64.675342][ T6437] ? __import_iovec+0x1c8/0x660 [ 64.675356][ T6437] ____sys_sendmsg+0xa95/0xc70 [ 64.675371][ T6437] ? f2fs_prepare_lookup+0x150/0x300 [ 64.675385][ T6437] ? __pfx_____sys_sendmsg+0x10/0x10 [ 64.675399][ T6437] ? get_compat_msghdr+0x11a/0x170 [ 64.675417][ T6437] ___sys_sendmsg+0x134/0x1d0 [ 64.675431][ T6437] ? __pfx____sys_sendmsg+0x10/0x10 [ 64.675460][ T6437] __sys_sendmsg+0x16d/0x220 [ 64.675473][ T6437] ? __pfx___sys_sendmsg+0x10/0x10 [ 64.675491][ T6437] ? rcu_is_watching+0x12/0xc0 [ 64.675504][ T6437] __do_fast_syscall_32+0x73/0x120 [ 64.675521][ T6437] do_fast_syscall_32+0x32/0x80 [ 64.675537][ T6437] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 64.675550][ T6437] RIP: 0023:0xf705e579 [ 64.675558][ T6437] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 64.675568][ T6437] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 64.675577][ T6437] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 64.675583][ T6437] RDX: 0000000004048000 RSI: 0000000000000000 RDI: 0000000000000000 [ 64.675589][ T6437] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 64.675594][ T6437] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 64.675600][ T6437] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 64.675615][ T6437] [ 64.675635][ T6437] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 64.755082][ T6437] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1) [ 64.758825][ T6437] bridge_slave_0: default FDB implementation only supports local addresses [ 64.763279][ T6439] netlink: 4 bytes leftover after parsing attributes in process `syz.0.120'. [ 64.789617][ T6442] netlink: 'syz.3.122': attribute type 29 has an invalid length. [ 64.792925][ T6442] netlink: 8 bytes leftover after parsing attributes in process `syz.3.122'. [ 64.796224][ T6442] netlink: 'syz.3.122': attribute type 29 has an invalid length. [ 64.798807][ T6442] netlink: 8 bytes leftover after parsing attributes in process `syz.3.122'. [ 64.858182][ T6446] netlink: 4 bytes leftover after parsing attributes in process `syz.1.121'. [ 65.172182][ T6452] overlayfs: missing 'lowerdir' [ 65.629496][ T6460] Invalid logical block size (18) [ 65.660220][ T5948] Bluetooth: hci0: command 0x0c1a tx timeout [ 65.916520][ T6474] syzkaller1: entered promiscuous mode [ 65.918496][ T6474] syzkaller1: entered allmulticast mode [ 66.440265][ T5948] Bluetooth: hci1: command 0x0c1a tx timeout [ 66.450296][ T5948] Bluetooth: hci2: command 0x0c1a tx timeout [ 66.530382][ T5948] Bluetooth: hci3: command 0x0c1a tx timeout [ 66.953949][ T6503] FAULT_INJECTION: forcing a failure. [ 66.953949][ T6503] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 66.958697][ T6503] CPU: 3 UID: 0 PID: 6503 Comm: syz.3.143 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 66.958711][ T6503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 66.958717][ T6503] Call Trace: [ 66.958720][ T6503] [ 66.958725][ T6503] dump_stack_lvl+0x16c/0x1f0 [ 66.958744][ T6503] should_fail_ex+0x512/0x640 [ 66.958762][ T6503] _copy_from_user+0x2e/0xd0 [ 66.958779][ T6503] memdup_user+0x6b/0xe0 [ 66.958794][ T6503] strndup_user+0x78/0xe0 [ 66.958807][ T6503] __ia32_sys_mount+0x137/0x310 [ 66.958821][ T6503] ? __pfx___ia32_sys_mount+0x10/0x10 [ 66.958834][ T6503] ? rcu_is_watching+0x12/0xc0 [ 66.958846][ T6503] __do_fast_syscall_32+0x73/0x120 [ 66.958863][ T6503] do_fast_syscall_32+0x32/0x80 [ 66.958879][ T6503] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 66.958892][ T6503] RIP: 0023:0xf705e579 [ 66.958900][ T6503] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 66.958914][ T6503] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 66.958924][ T6503] RAX: ffffffffffffffda RBX: 00000000800000c0 RCX: 0000000080000440 [ 66.958930][ T6503] RDX: 0000000080000280 RSI: 0000000000000000 RDI: 0000000080000900 [ 66.958936][ T6503] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 66.958941][ T6503] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 66.958947][ T6503] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 66.958959][ T6503] [ 68.600186][ T5948] Bluetooth: hci3: command 0x0c1a tx timeout [ 68.718139][ T6575] ip6t_srh: unknown srh invflags 6BE9 [ 68.720680][ T6575] ubi: mtd0 is already attached to ubi31 [ 68.922345][ T5948] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 69.047582][ T6586] netlink: 44 bytes leftover after parsing attributes in process `syz.0.164'. [ 69.084366][ T6585] FAULT_INJECTION: forcing a failure. [ 69.084366][ T6585] name failslab, interval 1, probability 0, space 0, times 0 [ 69.089052][ T6585] CPU: 0 UID: 0 PID: 6585 Comm: syz.3.169 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 69.089065][ T6585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.089071][ T6585] Call Trace: [ 69.089075][ T6585] [ 69.089079][ T6585] dump_stack_lvl+0x16c/0x1f0 [ 69.089098][ T6585] should_fail_ex+0x512/0x640 [ 69.089114][ T6585] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 69.089127][ T6585] should_failslab+0xc2/0x120 [ 69.089141][ T6585] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 69.089152][ T6585] ? skb_clone+0x190/0x3f0 [ 69.089168][ T6585] skb_clone+0x190/0x3f0 [ 69.089181][ T6585] pfkey_process+0xc6/0x840 [ 69.089192][ T6585] ? __pfx___might_resched+0x10/0x10 [ 69.089206][ T6585] ? __pfx_pfkey_process+0x10/0x10 [ 69.089215][ T6585] ? trace_contention_end+0xdd/0x130 [ 69.089240][ T6585] ? __pfx_aa_sk_perm+0x10/0x10 [ 69.089256][ T6585] pfkey_sendmsg+0x435/0x850 [ 69.089269][ T6585] ____sys_sendmsg+0xa95/0xc70 [ 69.089286][ T6585] ? __pfx_____sys_sendmsg+0x10/0x10 [ 69.089300][ T6585] ? get_compat_msghdr+0x11a/0x170 [ 69.089314][ T6585] ? __pfx__kstrtoull+0x10/0x10 [ 69.089330][ T6585] ___sys_sendmsg+0x134/0x1d0 [ 69.089344][ T6585] ? __pfx____sys_sendmsg+0x10/0x10 [ 69.089363][ T6585] ? find_held_lock+0x2b/0x80 [ 69.089381][ T6585] __sys_sendmmsg+0x2f9/0x420 [ 69.089395][ T6585] ? __pfx___sys_sendmmsg+0x10/0x10 [ 69.089413][ T6585] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 69.089447][ T6585] ? fput+0x70/0xf0 [ 69.089460][ T6585] ? ksys_write+0x1b9/0x240 [ 69.089470][ T6585] ? __pfx_ksys_write+0x10/0x10 [ 69.089483][ T6585] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 69.089495][ T6585] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 69.089511][ T6585] __do_fast_syscall_32+0x73/0x120 [ 69.089529][ T6585] do_fast_syscall_32+0x32/0x80 [ 69.089544][ T6585] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 69.089557][ T6585] RIP: 0023:0xf705e579 [ 69.089566][ T6585] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 69.089575][ T6585] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 69.089585][ T6585] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180 [ 69.089591][ T6585] RDX: 0000000000000393 RSI: 0000000000000000 RDI: 0000000000000000 [ 69.089597][ T6585] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 69.089602][ T6585] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 69.089608][ T6585] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 69.089621][ T6585] [ 69.090361][ T6580] syz.2.168 (6580): drop_caches: 0 [ 69.308038][ T6601] netlink: 4 bytes leftover after parsing attributes in process `syz.3.173'. [ 69.775138][ T6622] sctp: [Deprecated]: syz.1.181 (pid 6622) Use of struct sctp_assoc_value in delayed_ack socket option. [ 69.775138][ T6622] Use struct sctp_sack_info instead [ 70.110155][ T63] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 70.145255][ T6636] xt_recent: hitcount (4294967293) is larger than allowed maximum (65535) [ 70.286926][ T63] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 70.297627][ T63] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 70.300565][ T63] usb 6-1: Product: syz [ 70.301949][ T63] usb 6-1: Manufacturer: syz [ 70.303465][ T63] usb 6-1: SerialNumber: syz [ 70.317085][ T63] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 70.335815][ T63] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 70.449171][ T6645] xt_CT: You must specify a L4 protocol and not use inversions on it [ 70.855120][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.857888][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.071426][ T6664] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 71.092303][ T6664] netlink: 4 bytes leftover after parsing attributes in process `syz.0.195'. [ 71.112370][ T6651] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 71.116189][ T6651] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 71.381330][ T6670] FAULT_INJECTION: forcing a failure. [ 71.381330][ T6670] name failslab, interval 1, probability 0, space 0, times 0 [ 71.385567][ T6670] CPU: 3 UID: 0 PID: 6670 Comm: syz.3.197 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 71.385580][ T6670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 71.385586][ T6670] Call Trace: [ 71.385591][ T6670] [ 71.385595][ T6670] dump_stack_lvl+0x16c/0x1f0 [ 71.385614][ T6670] should_fail_ex+0x512/0x640 [ 71.385630][ T6670] ? __kmalloc_noprof+0xbf/0x510 [ 71.385644][ T6670] ? drm_atomic_state_init+0xe4/0x320 [ 71.385659][ T6670] should_failslab+0xc2/0x120 [ 71.385673][ T6670] __kmalloc_noprof+0xd2/0x510 [ 71.385688][ T6670] drm_atomic_state_init+0xe4/0x320 [ 71.385701][ T6670] ? __kasan_kmalloc+0xaa/0xb0 [ 71.385716][ T6670] drm_atomic_state_alloc+0xd3/0x120 [ 71.385736][ T6670] drm_atomic_helper_disable_plane+0x39/0x270 [ 71.385754][ T6670] __setplane_atomic+0x2ea/0x380 [ 71.385775][ T6670] drm_mode_cursor_universal+0x4a6/0xcb0 [ 71.385794][ T6670] ? __pfx_drm_mode_cursor_universal+0x10/0x10 [ 71.385813][ T6670] ? __pfx_drm_lease_held+0x10/0x10 [ 71.385824][ T6670] ? modeset_lock+0x114/0x6e0 [ 71.385837][ T6670] drm_mode_cursor_common+0x308/0x960 [ 71.385853][ T6670] ? __pfx_drm_mode_cursor_common+0x10/0x10 [ 71.385875][ T6670] ? drm_is_current_master+0x2c/0x40 [ 71.385891][ T6670] ? do_raw_spin_unlock+0x172/0x230 [ 71.385909][ T6670] drm_ioctl_kernel+0x1f4/0x3e0 [ 71.385920][ T6670] ? __pfx_drm_mode_cursor2_ioctl+0x10/0x10 [ 71.385934][ T6670] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 71.385949][ T6670] drm_ioctl+0x5c9/0xc30 [ 71.385962][ T6670] ? __pfx_drm_mode_cursor2_ioctl+0x10/0x10 [ 71.385977][ T6670] ? __pfx_drm_ioctl+0x10/0x10 [ 71.385998][ T6670] drm_compat_ioctl+0x327/0x460 [ 71.386014][ T6670] ? __pfx_drm_compat_ioctl+0x10/0x10 [ 71.386028][ T6670] __ia32_compat_sys_ioctl+0x24f/0x360 [ 71.386045][ T6670] __do_fast_syscall_32+0x73/0x120 [ 71.386062][ T6670] do_fast_syscall_32+0x32/0x80 [ 71.386078][ T6670] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 71.386091][ T6670] RIP: 0023:0xf705e579 [ 71.386100][ T6670] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 71.386109][ T6670] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 71.386119][ T6670] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c02464bb [ 71.386125][ T6670] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 71.386131][ T6670] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 71.386136][ T6670] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 71.386142][ T6670] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 71.386155][ T6670] [ 71.410195][ T63] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 71.481617][ T63] ath9k_htc: Failed to initialize the device [ 71.501232][ T63] usb 6-1: ath9k_htc: USB layer deinitialized [ 71.509441][ T1454] usb 6-1: USB disconnect, device number 2 [ 71.962419][ T6684] syz.2.200 uses obsolete (PF_INET,SOCK_PACKET) [ 72.051048][ T6690] binder: BC_ACQUIRE_RESULT not supported [ 72.054400][ T6690] binder: 6689:6690 ioctl c0306201 80000480 returned -22 [ 72.123129][ T6693] ip6t_srh: unknown srh invflags 6BE9 [ 72.125564][ T6693] ubi: mtd0 is already attached to ubi31 [ 72.798328][ T40] kauditd_printk_skb: 49 callbacks suppressed [ 72.798339][ T40] audit: type=1326 audit(1747705244.829:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6711 comm="syz.0.207" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x0 [ 73.200235][ T64] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 73.354941][ T64] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 73.358976][ T64] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.362793][ T64] usb 7-1: Product: syz [ 73.364717][ T64] usb 7-1: Manufacturer: syz [ 73.366794][ T64] usb 7-1: SerialNumber: syz [ 73.379611][ T64] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 73.395598][ T24] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 73.965772][ T6735] FAULT_INJECTION: forcing a failure. [ 73.965772][ T6735] name failslab, interval 1, probability 0, space 0, times 0 [ 73.971210][ T6735] CPU: 1 UID: 0 PID: 6735 Comm: syz.1.214 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 73.971224][ T6735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 73.971230][ T6735] Call Trace: [ 73.971234][ T6735] [ 73.971238][ T6735] dump_stack_lvl+0x16c/0x1f0 [ 73.971257][ T6735] should_fail_ex+0x512/0x640 [ 73.971274][ T6735] ? __kmalloc_noprof+0xbf/0x510 [ 73.971287][ T6735] ? io_cache_alloc_new+0x45/0xf0 [ 73.971297][ T6735] should_failslab+0xc2/0x120 [ 73.971310][ T6735] __kmalloc_noprof+0xd2/0x510 [ 73.971334][ T6735] ? mark_held_locks+0x49/0x80 [ 73.971351][ T6735] io_cache_alloc_new+0x45/0xf0 [ 73.971362][ T6735] io_msg_alloc_async+0x1c3/0x3a0 [ 73.971377][ T6735] io_sendmsg_prep+0x3c5/0x5d0 [ 73.971392][ T6735] io_submit_sqes+0x825/0x25d0 [ 73.971413][ T6735] __do_sys_io_uring_enter+0xd6a/0x1630 [ 73.971428][ T6735] ? __fget_files+0x20e/0x3c0 [ 73.971438][ T6735] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 73.971454][ T6735] ? fput+0x70/0xf0 [ 73.971466][ T6735] ? ksys_write+0x1b9/0x240 [ 73.971476][ T6735] ? __pfx_ksys_write+0x10/0x10 [ 73.971485][ T6735] ? rcu_is_watching+0x12/0xc0 [ 73.971496][ T6735] ? rcu_is_watching+0x12/0xc0 [ 73.971507][ T6735] __do_fast_syscall_32+0x73/0x120 [ 73.971524][ T6735] do_fast_syscall_32+0x32/0x80 [ 73.971540][ T6735] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 73.971553][ T6735] RIP: 0023:0xf70fe579 [ 73.971562][ T6735] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 73.971571][ T6735] RSP: 002b:00000000f50cd55c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa [ 73.971581][ T6735] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 0000000000003d0e [ 73.971587][ T6735] RDX: 00000000000004c1 RSI: 0000000000000043 RDI: 0000000000000000 [ 73.971593][ T6735] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 73.971599][ T6735] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 73.971604][ T6735] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 73.971617][ T6735] [ 74.156784][ T6734] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 74.167404][ T6734] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 74.441138][ T24] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 74.443548][ T24] ath9k_htc: Failed to initialize the device [ 74.463330][ T6744] fuse: Unknown parameter 'grkupid' [ 74.464193][ T24] usb 7-1: ath9k_htc: USB layer deinitialized [ 74.470161][ T24] usb 7-1: USB disconnect, device number 2 [ 75.205268][ T6776] netlink: 40 bytes leftover after parsing attributes in process `syz.2.223'. [ 75.210271][ T6776] netlink: 4 bytes leftover after parsing attributes in process `syz.2.223'. [ 75.303011][ T6778] capability: warning: `syz.3.224' uses 32-bit capabilities (legacy support in use) [ 75.344258][ T6780] netlink: 40 bytes leftover after parsing attributes in process `syz.2.225'. [ 75.348968][ T6780] netlink: 40 bytes leftover after parsing attributes in process `syz.2.225'. [ 76.069755][ T6805] netlink: 24 bytes leftover after parsing attributes in process `syz.3.231'. [ 76.136633][ T6805] FAULT_INJECTION: forcing a failure. [ 76.136633][ T6805] name failslab, interval 1, probability 0, space 0, times 0 [ 76.142000][ T6805] CPU: 1 UID: 0 PID: 6805 Comm: syz.3.231 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 76.142024][ T6805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.142030][ T6805] Call Trace: [ 76.142034][ T6805] [ 76.142039][ T6805] dump_stack_lvl+0x16c/0x1f0 [ 76.142058][ T6805] should_fail_ex+0x512/0x640 [ 76.142077][ T6805] should_failslab+0xc2/0x120 [ 76.142090][ T6805] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 76.142103][ T6805] ? skb_clone+0x190/0x3f0 [ 76.142118][ T6805] skb_clone+0x190/0x3f0 [ 76.142131][ T6805] netlink_deliver_tap+0xabd/0xd30 [ 76.142148][ T6805] netlink_unicast+0x5df/0x7f0 [ 76.142163][ T6805] ? __pfx_netlink_unicast+0x10/0x10 [ 76.142181][ T6805] netlink_sendmsg+0x8d1/0xdd0 [ 76.142197][ T6805] ? __pfx_netlink_sendmsg+0x10/0x10 [ 76.142212][ T6805] ? __import_iovec+0x1c8/0x660 [ 76.142225][ T6805] ____sys_sendmsg+0xa95/0xc70 [ 76.142243][ T6805] ? __pfx_____sys_sendmsg+0x10/0x10 [ 76.142258][ T6805] ? get_compat_msghdr+0x11a/0x170 [ 76.142276][ T6805] ___sys_sendmsg+0x134/0x1d0 [ 76.142290][ T6805] ? __pfx____sys_sendmsg+0x10/0x10 [ 76.142320][ T6805] __sys_sendmsg+0x16d/0x220 [ 76.142332][ T6805] ? __pfx___sys_sendmsg+0x10/0x10 [ 76.142351][ T6805] ? rcu_is_watching+0x12/0xc0 [ 76.142364][ T6805] __do_fast_syscall_32+0x73/0x120 [ 76.142381][ T6805] do_fast_syscall_32+0x32/0x80 [ 76.142397][ T6805] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 76.142409][ T6805] RIP: 0023:0xf705e579 [ 76.142418][ T6805] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 76.142427][ T6805] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 76.142437][ T6805] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000140 [ 76.142443][ T6805] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 76.142449][ T6805] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 76.142454][ T6805] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 76.142460][ T6805] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 76.142472][ T6805] [ 77.486916][ T6832] FAULT_INJECTION: forcing a failure. [ 77.486916][ T6832] name failslab, interval 1, probability 0, space 0, times 0 [ 77.493197][ T6832] CPU: 3 UID: 0 PID: 6832 Comm: syz.3.237 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 77.493211][ T6832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.493217][ T6832] Call Trace: [ 77.493221][ T6832] [ 77.493225][ T6832] dump_stack_lvl+0x16c/0x1f0 [ 77.493245][ T6832] should_fail_ex+0x512/0x640 [ 77.493283][ T6832] ? __kmalloc_noprof+0xbf/0x510 [ 77.493304][ T6832] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 77.493329][ T6832] should_failslab+0xc2/0x120 [ 77.493349][ T6832] __kmalloc_noprof+0xd2/0x510 [ 77.493367][ T6832] ? __pfx___mutex_trylock_common+0x10/0x10 [ 77.493395][ T6832] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 77.493427][ T6832] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 77.493454][ T6832] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 77.493477][ T6832] ? rcu_is_watching+0x12/0xc0 [ 77.493505][ T6832] ? bpf_lsm_capable+0x9/0x10 [ 77.493522][ T6832] ? security_capable+0x7e/0x260 [ 77.493546][ T6832] genl_rcv_msg+0x55c/0x800 [ 77.493573][ T6832] ? __pfx_genl_rcv_msg+0x10/0x10 [ 77.493598][ T6832] ? __pfx_ieee802154_llsec_add_devkey+0x10/0x10 [ 77.493627][ T6832] ? __lock_acquire+0xaa4/0x1ba0 [ 77.493655][ T6832] netlink_rcv_skb+0x16d/0x440 [ 77.493677][ T6832] ? __pfx_genl_rcv_msg+0x10/0x10 [ 77.493719][ T6832] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 77.493756][ T6832] ? __pfx_down_read+0x10/0x10 [ 77.493774][ T6832] ? netlink_deliver_tap+0x1ae/0xd30 [ 77.493799][ T6832] genl_rcv+0x28/0x40 [ 77.493820][ T6832] netlink_unicast+0x53a/0x7f0 [ 77.493846][ T6832] ? __pfx_netlink_unicast+0x10/0x10 [ 77.493882][ T6832] netlink_sendmsg+0x8d1/0xdd0 [ 77.493908][ T6832] ? __pfx_netlink_sendmsg+0x10/0x10 [ 77.493932][ T6832] ? __import_iovec+0x1c8/0x660 [ 77.493954][ T6832] ____sys_sendmsg+0xa95/0xc70 [ 77.493982][ T6832] ? __pfx_____sys_sendmsg+0x10/0x10 [ 77.494005][ T6832] ? get_compat_msghdr+0x11a/0x170 [ 77.494037][ T6832] ___sys_sendmsg+0x134/0x1d0 [ 77.494060][ T6832] ? __pfx____sys_sendmsg+0x10/0x10 [ 77.494113][ T6832] __sys_sendmsg+0x16d/0x220 [ 77.494133][ T6832] ? __pfx___sys_sendmsg+0x10/0x10 [ 77.494162][ T6832] ? rcu_is_watching+0x12/0xc0 [ 77.494180][ T6832] ? rcu_is_watching+0x12/0xc0 [ 77.494200][ T6832] __do_fast_syscall_32+0x73/0x120 [ 77.494228][ T6832] do_fast_syscall_32+0x32/0x80 [ 77.494253][ T6832] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 77.494275][ T6832] RIP: 0023:0xf705e579 [ 77.494288][ T6832] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 77.494303][ T6832] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 77.494319][ T6832] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000100 [ 77.494330][ T6832] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 77.494339][ T6832] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 77.494348][ T6832] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 77.494357][ T6832] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 77.494380][ T6832] [ 78.158920][ T6841] FAULT_INJECTION: forcing a failure. [ 78.158920][ T6841] name failslab, interval 1, probability 0, space 0, times 0 [ 78.163241][ T6841] CPU: 2 UID: 0 PID: 6841 Comm: syz.0.240 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 78.163255][ T6841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 78.163261][ T6841] Call Trace: [ 78.163265][ T6841] [ 78.163269][ T6841] dump_stack_lvl+0x16c/0x1f0 [ 78.163288][ T6841] should_fail_ex+0x512/0x640 [ 78.163303][ T6841] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 78.163317][ T6841] should_failslab+0xc2/0x120 [ 78.163330][ T6841] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 78.163342][ T6841] ? __alloc_skb+0x2b2/0x380 [ 78.163356][ T6841] __alloc_skb+0x2b2/0x380 [ 78.163367][ T6841] ? __pfx___alloc_skb+0x10/0x10 [ 78.163380][ T6841] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 78.163397][ T6841] netlink_alloc_large_skb+0x69/0x130 [ 78.163411][ T6841] netlink_sendmsg+0x6a1/0xdd0 [ 78.163427][ T6841] ? __pfx_netlink_sendmsg+0x10/0x10 [ 78.163442][ T6841] ? __import_iovec+0x1c8/0x660 [ 78.163455][ T6841] ____sys_sendmsg+0xa95/0xc70 [ 78.163471][ T6841] ? __pfx_____sys_sendmsg+0x10/0x10 [ 78.163486][ T6841] ? get_compat_msghdr+0x11a/0x170 [ 78.163504][ T6841] ___sys_sendmsg+0x134/0x1d0 [ 78.163517][ T6841] ? __pfx____sys_sendmsg+0x10/0x10 [ 78.163545][ T6841] __sys_sendmsg+0x16d/0x220 [ 78.163558][ T6841] ? __pfx___sys_sendmsg+0x10/0x10 [ 78.163574][ T6841] ? rcu_is_watching+0x12/0xc0 [ 78.163585][ T6841] ? rcu_is_watching+0x12/0xc0 [ 78.163596][ T6841] __do_fast_syscall_32+0x73/0x120 [ 78.163640][ T6841] do_fast_syscall_32+0x32/0x80 [ 78.163656][ T6841] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 78.163669][ T6841] RIP: 0023:0xf706e579 [ 78.163677][ T6841] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 78.163687][ T6841] RSP: 002b:00000000f503d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 78.163696][ T6841] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000340 [ 78.163702][ T6841] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 78.163708][ T6841] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 78.163713][ T6841] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 78.163719][ T6841] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 78.163731][ T6841] [ 79.559245][ T6863] netlink: 16 bytes leftover after parsing attributes in process `syz.1.247'. [ 80.429977][ T6881] netlink: 24 bytes leftover after parsing attributes in process `syz.0.250'. [ 80.623751][ T40] audit: type=1326 audit(1747705252.659:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.253" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 80.631467][ T40] audit: type=1326 audit(1747705252.659:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.253" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 80.641709][ T40] audit: type=1326 audit(1747705252.659:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.253" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 80.649034][ T40] audit: type=1326 audit(1747705252.659:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.253" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 80.660427][ T40] audit: type=1326 audit(1747705252.659:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.253" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 80.690913][ T40] audit: type=1326 audit(1747705252.729:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.253" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 80.699440][ T40] audit: type=1326 audit(1747705252.729:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.253" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 80.732713][ T6911] netlink: 'syz.1.255': attribute type 1 has an invalid length. [ 80.735671][ T40] audit: type=1326 audit(1747705252.769:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.253" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 80.750925][ T40] audit: type=1326 audit(1747705252.769:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.253" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 80.758681][ T40] audit: type=1326 audit(1747705252.769:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.253" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 80.759862][ T6911] bond2: entered promiscuous mode [ 80.781027][ T6911] bond2: entered allmulticast mode [ 80.961701][ T6915] netlink: 28 bytes leftover after parsing attributes in process `syz.1.255'. [ 80.962269][ T6911] bond2: (slave erspan1): making interface the new active one [ 81.000251][ T6911] erspan1: entered promiscuous mode [ 81.002615][ T6911] erspan1: entered allmulticast mode [ 81.006187][ T6911] bond2: (slave erspan1): Enslaving as an active interface with an up link [ 81.009849][ T6915] bond2: left promiscuous mode [ 81.012659][ T6915] erspan1: left promiscuous mode [ 81.014318][ T6915] bond2: left allmulticast mode [ 81.015896][ T6915] erspan1: left allmulticast mode [ 81.026457][ T6915] 8021q: adding VLAN 0 to HW filter on device bond2 [ 81.092115][ T29] cfg80211: failed to load regulatory.db [ 81.600964][ T6938] FAULT_INJECTION: forcing a failure. [ 81.600964][ T6938] name failslab, interval 1, probability 0, space 0, times 0 [ 81.605028][ T6938] CPU: 3 UID: 0 PID: 6938 Comm: syz.0.264 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 81.605043][ T6938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.605048][ T6938] Call Trace: [ 81.605052][ T6938] [ 81.605057][ T6938] dump_stack_lvl+0x16c/0x1f0 [ 81.605076][ T6938] should_fail_ex+0x512/0x640 [ 81.605094][ T6938] should_failslab+0xc2/0x120 [ 81.605108][ T6938] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 81.605121][ T6938] ? skb_clone+0x190/0x3f0 [ 81.605136][ T6938] skb_clone+0x190/0x3f0 [ 81.605150][ T6938] netlink_deliver_tap+0xabd/0xd30 [ 81.605166][ T6938] netlink_unicast+0x5df/0x7f0 [ 81.605182][ T6938] ? __pfx_netlink_unicast+0x10/0x10 [ 81.605199][ T6938] netlink_sendmsg+0x8d1/0xdd0 [ 81.605215][ T6938] ? __pfx_netlink_sendmsg+0x10/0x10 [ 81.605230][ T6938] ? __import_iovec+0x1c8/0x660 [ 81.605243][ T6938] ____sys_sendmsg+0xa95/0xc70 [ 81.605260][ T6938] ? __pfx_____sys_sendmsg+0x10/0x10 [ 81.605274][ T6938] ? get_compat_msghdr+0x11a/0x170 [ 81.605293][ T6938] ___sys_sendmsg+0x134/0x1d0 [ 81.605307][ T6938] ? __pfx____sys_sendmsg+0x10/0x10 [ 81.605336][ T6938] __sys_sendmsg+0x16d/0x220 [ 81.605348][ T6938] ? __pfx___sys_sendmsg+0x10/0x10 [ 81.605367][ T6938] ? rcu_is_watching+0x12/0xc0 [ 81.605379][ T6938] __do_fast_syscall_32+0x73/0x120 [ 81.605397][ T6938] do_fast_syscall_32+0x32/0x80 [ 81.605413][ T6938] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 81.605425][ T6938] RIP: 0023:0xf706e579 [ 81.605434][ T6938] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 81.605443][ T6938] RSP: 002b:00000000f505e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 81.605453][ T6938] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0 [ 81.605459][ T6938] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 81.605465][ T6938] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 81.605470][ T6938] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 81.605476][ T6938] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 81.605488][ T6938] [ 81.605501][ T6938] netlink: 16 bytes leftover after parsing attributes in process `syz.0.264'. [ 81.617527][ T6939] netlink: 'syz.3.263': attribute type 1 has an invalid length. [ 81.618278][ T6938] netlink: 8 bytes leftover after parsing attributes in process `syz.0.264'. [ 81.713743][ T6942] netlink: 16 bytes leftover after parsing attributes in process `syz.0.265'. [ 81.717196][ T6942] netlink: 8 bytes leftover after parsing attributes in process `syz.0.265'. [ 81.763418][ T6946] FAULT_INJECTION: forcing a failure. [ 81.763418][ T6946] name failslab, interval 1, probability 0, space 0, times 0 [ 81.767916][ T6946] CPU: 3 UID: 0 PID: 6946 Comm: syz.0.267 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 81.767929][ T6946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.767935][ T6946] Call Trace: [ 81.767939][ T6946] [ 81.767944][ T6946] dump_stack_lvl+0x16c/0x1f0 [ 81.767962][ T6946] should_fail_ex+0x512/0x640 [ 81.767981][ T6946] should_failslab+0xc2/0x120 [ 81.767994][ T6946] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 81.768008][ T6946] ? skb_clone+0x190/0x3f0 [ 81.768023][ T6946] skb_clone+0x190/0x3f0 [ 81.768036][ T6946] netlink_deliver_tap+0xabd/0xd30 [ 81.768053][ T6946] netlink_unicast+0x5df/0x7f0 [ 81.768069][ T6946] ? __pfx_netlink_unicast+0x10/0x10 [ 81.768086][ T6946] netlink_sendmsg+0x8d1/0xdd0 [ 81.768102][ T6946] ? __pfx_netlink_sendmsg+0x10/0x10 [ 81.768117][ T6946] ? __import_iovec+0x1c8/0x660 [ 81.768131][ T6946] ____sys_sendmsg+0xa95/0xc70 [ 81.768148][ T6946] ? __pfx_____sys_sendmsg+0x10/0x10 [ 81.768163][ T6946] ? get_compat_msghdr+0x11a/0x170 [ 81.768181][ T6946] ___sys_sendmsg+0x134/0x1d0 [ 81.768194][ T6946] ? __pfx____sys_sendmsg+0x10/0x10 [ 81.768223][ T6946] __sys_sendmsg+0x16d/0x220 [ 81.768236][ T6946] ? __pfx___sys_sendmsg+0x10/0x10 [ 81.768255][ T6946] ? rcu_is_watching+0x12/0xc0 [ 81.768267][ T6946] __do_fast_syscall_32+0x73/0x120 [ 81.768284][ T6946] do_fast_syscall_32+0x32/0x80 [ 81.768300][ T6946] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 81.768313][ T6946] RIP: 0023:0xf706e579 [ 81.768322][ T6946] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 81.768332][ T6946] RSP: 002b:00000000f505e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 81.768342][ T6946] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100 [ 81.768348][ T6946] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 81.768354][ T6946] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 81.768359][ T6946] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 81.768365][ T6946] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 81.768378][ T6946] [ 81.839932][ C3] vkms_vblank_simulate: vblank timer overrun [ 81.887489][ T6949] syz.0.268 (6949) used greatest stack depth: 19816 bytes left [ 82.659401][ T6975] Option ''MO' to dns_resolver key: bad/missing value [ 82.664477][ T6968] netlink: 32 bytes leftover after parsing attributes in process `syz.3.273'. [ 82.667489][ T6968] netlink: 32 bytes leftover after parsing attributes in process `syz.3.273'. [ 82.667920][ T6976] FAULT_INJECTION: forcing a failure. [ 82.667920][ T6976] name failslab, interval 1, probability 0, space 0, times 0 [ 82.674756][ T6976] CPU: 3 UID: 0 PID: 6976 Comm: syz.2.276 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 82.674771][ T6976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.674789][ T6976] Call Trace: [ 82.674794][ T6976] [ 82.674798][ T6976] dump_stack_lvl+0x16c/0x1f0 [ 82.674818][ T6976] should_fail_ex+0x512/0x640 [ 82.674841][ T6976] should_failslab+0xc2/0x120 [ 82.674860][ T6976] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 82.674872][ T6976] ? skb_clone+0x190/0x3f0 [ 82.674888][ T6976] skb_clone+0x190/0x3f0 [ 82.674901][ T6976] netlink_deliver_tap+0xabd/0xd30 [ 82.674918][ T6976] netlink_unicast+0x5df/0x7f0 [ 82.674933][ T6976] ? __pfx_netlink_unicast+0x10/0x10 [ 82.674951][ T6976] netlink_sendmsg+0x8d1/0xdd0 [ 82.674966][ T6976] ? __pfx_netlink_sendmsg+0x10/0x10 [ 82.674981][ T6976] ? __import_iovec+0x1c8/0x660 [ 82.674995][ T6976] ____sys_sendmsg+0xa95/0xc70 [ 82.675029][ T6976] ? __pfx_____sys_sendmsg+0x10/0x10 [ 82.675049][ T6976] ? get_compat_msghdr+0x11a/0x170 [ 82.675078][ T6976] ___sys_sendmsg+0x134/0x1d0 [ 82.675101][ T6976] ? __pfx____sys_sendmsg+0x10/0x10 [ 82.675149][ T6976] __sys_sendmsg+0x16d/0x220 [ 82.675170][ T6976] ? __pfx___sys_sendmsg+0x10/0x10 [ 82.675202][ T6976] ? rcu_is_watching+0x12/0xc0 [ 82.675223][ T6976] __do_fast_syscall_32+0x73/0x120 [ 82.675247][ T6976] do_fast_syscall_32+0x32/0x80 [ 82.675271][ T6976] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 82.675290][ T6976] RIP: 0023:0xf7fc3579 [ 82.675303][ T6976] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 82.675318][ T6976] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 82.675333][ T6976] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800000c0 [ 82.675344][ T6976] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 82.675353][ T6976] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 82.675362][ T6976] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 82.675372][ T6976] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 82.675395][ T6976] [ 82.675697][ T6976] netlink: 32 bytes leftover after parsing attributes in process `syz.2.276'. [ 82.750988][ T6976] netlink: 32 bytes leftover after parsing attributes in process `syz.2.276'. [ 82.836500][ T6982] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 83.975399][ T7015] Option ''MO' to dns_resolver key: bad/missing value [ 84.015639][ T7015] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 84.325863][ T5948] Bluetooth: hci0: unexpected event for opcode 0x2003 [ 84.570149][ T5945] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 84.740936][ T5945] usb 6-1: Using ep0 maxpacket: 32 [ 84.747175][ T5945] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 84.751084][ T5945] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 84.754326][ T5945] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 84.758378][ T5945] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.789719][ T5945] usb 6-1: config 0 descriptor?? [ 84.792328][ T7031] sctp: [Deprecated]: syz.3.293 (pid 7031) Use of struct sctp_assoc_value in delayed_ack socket option. [ 84.792328][ T7031] Use struct sctp_sack_info instead [ 85.238428][ T5945] savu 0003:1E7D:2D5A.0002: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 85.479245][ T29] usb 6-1: USB disconnect, device number 3 [ 85.810974][ T64] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 85.994995][ T64] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 85.999126][ T64] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 86.003772][ T64] usb 5-1: Product: syz [ 86.005231][ T64] usb 5-1: Manufacturer: syz [ 86.006845][ T64] usb 5-1: SerialNumber: syz [ 86.031180][ T64] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 86.049625][ T24] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 86.074765][ T7059] FAULT_INJECTION: forcing a failure. [ 86.074765][ T7059] name failslab, interval 1, probability 0, space 0, times 0 [ 86.079022][ T7059] CPU: 3 UID: 0 PID: 7059 Comm: syz.1.300 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 86.079036][ T7059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.079041][ T7059] Call Trace: [ 86.079046][ T7059] [ 86.079050][ T7059] dump_stack_lvl+0x16c/0x1f0 [ 86.079069][ T7059] should_fail_ex+0x512/0x640 [ 86.079085][ T7059] ? __kvmalloc_node_noprof+0x122/0x600 [ 86.079098][ T7059] should_failslab+0xc2/0x120 [ 86.079111][ T7059] __kvmalloc_node_noprof+0x135/0x600 [ 86.079122][ T7059] ? seq_read_iter+0x826/0x12c0 [ 86.079140][ T7059] ? seq_read_iter+0x826/0x12c0 [ 86.079154][ T7059] seq_read_iter+0x826/0x12c0 [ 86.079169][ T7059] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 86.079186][ T7059] kernfs_fop_read_iter+0x40f/0x5a0 [ 86.079202][ T7059] copy_splice_read+0x618/0xba0 [ 86.079221][ T7059] ? __pfx_copy_splice_read+0x10/0x10 [ 86.079237][ T7059] ? look_up_lock_class+0x59/0x150 [ 86.079254][ T7059] ? lockdep_init_map_type+0x5c/0x280 [ 86.079269][ T7059] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 86.079280][ T7059] ? __pfx_copy_splice_read+0x10/0x10 [ 86.079295][ T7059] do_splice_read+0x282/0x370 [ 86.079311][ T7059] splice_direct_to_actor+0x2a1/0xa30 [ 86.079328][ T7059] ? __pfx_direct_splice_actor+0x10/0x10 [ 86.079346][ T7059] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 86.079360][ T7059] ? get_pid_task+0xfc/0x250 [ 86.079379][ T7059] do_splice_direct+0x174/0x240 [ 86.079394][ T7059] ? __pfx_do_splice_direct+0x10/0x10 [ 86.079410][ T7059] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 86.079427][ T7059] ? rw_verify_area+0xcf/0x680 [ 86.079444][ T7059] do_sendfile+0xafd/0xe50 [ 86.079456][ T7059] ? __pfx_do_sendfile+0x10/0x10 [ 86.079466][ T7059] ? __fget_files+0x20e/0x3c0 [ 86.079479][ T7059] __ia32_compat_sys_sendfile+0x1e5/0x220 [ 86.079491][ T7059] ? ksys_write+0x1b9/0x240 [ 86.079501][ T7059] ? __pfx___ia32_compat_sys_sendfile+0x10/0x10 [ 86.079515][ T7059] ? rcu_is_watching+0x12/0xc0 [ 86.079528][ T7059] __do_fast_syscall_32+0x73/0x120 [ 86.079563][ T7059] do_fast_syscall_32+0x32/0x80 [ 86.079579][ T7059] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 86.079592][ T7059] RIP: 0023:0xf70fe579 [ 86.079600][ T7059] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 86.079610][ T7059] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb [ 86.079620][ T7059] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000004 [ 86.079626][ T7059] RDX: 0000000000000000 RSI: 0000000008000002 RDI: 0000000000000000 [ 86.079631][ T7059] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 86.079637][ T7059] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 86.079642][ T7059] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 86.079655][ T7059] [ 86.173824][ C3] vkms_vblank_simulate: vblank timer overrun [ 86.302697][ T7069] batadv_slave_1: entered promiscuous mode [ 86.456042][ T7073] __nla_validate_parse: 9 callbacks suppressed [ 86.456052][ T7073] netlink: 16 bytes leftover after parsing attributes in process `syz.1.305'. [ 86.461293][ T7073] netlink: 8 bytes leftover after parsing attributes in process `syz.1.305'. [ 86.516329][ T7074] fuse: Unknown parameter 'rootmode0000000000400{YC|ߜ +m' [ 86.786973][ T7079] netlink: 'syz.1.307': attribute type 10 has an invalid length. [ 86.794973][ T7079] team0: Port device dummy0 added [ 86.822893][ T7075] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 86.825927][ T7075] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 87.080813][ T24] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 87.083275][ T24] ath9k_htc: Failed to initialize the device [ 87.111668][ T24] usb 5-1: ath9k_htc: USB layer deinitialized [ 87.115643][ T64] usb 5-1: USB disconnect, device number 3 [ 87.125092][ T7067] batadv_slave_1: left promiscuous mode [ 87.797599][ T7101] FAULT_INJECTION: forcing a failure. [ 87.797599][ T7101] name failslab, interval 1, probability 0, space 0, times 0 [ 87.804101][ T7101] CPU: 2 UID: 0 PID: 7101 Comm: syz.3.314 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 87.804124][ T7101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.804133][ T7101] Call Trace: [ 87.804141][ T7101] [ 87.804148][ T7101] dump_stack_lvl+0x16c/0x1f0 [ 87.804178][ T7101] should_fail_ex+0x512/0x640 [ 87.804201][ T7101] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 87.804226][ T7101] should_failslab+0xc2/0x120 [ 87.804248][ T7101] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 87.804268][ T7101] ? __d_alloc+0x31/0xaa0 [ 87.804287][ T7101] ? stack_trace_save+0x8e/0xc0 [ 87.804307][ T7101] __d_alloc+0x31/0xaa0 [ 87.804329][ T7101] d_alloc+0x4a/0x1e0 [ 87.804350][ T7101] d_alloc_parallel+0xe3/0x12e0 [ 87.804380][ T7101] ? find_held_lock+0x2b/0x80 [ 87.804399][ T7101] ? __pfx_d_alloc_parallel+0x10/0x10 [ 87.804426][ T7101] ? __d_lookup+0x266/0x4a0 [ 87.804455][ T7101] lookup_open.isra.0+0x665/0x1580 [ 87.804486][ T7101] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 87.804525][ T7101] ? __pfx_down_write+0x10/0x10 [ 87.804540][ T7101] ? mnt_get_write_access+0x20c/0x300 [ 87.804566][ T7101] path_openat+0x905/0x2d40 [ 87.804595][ T7101] ? __pfx_path_openat+0x10/0x10 [ 87.804619][ T7101] do_filp_open+0x20b/0x470 [ 87.804637][ T7101] ? __pfx_do_filp_open+0x10/0x10 [ 87.804674][ T7101] ? alloc_fd+0x471/0x7d0 [ 87.804708][ T7101] do_sys_openat2+0x11b/0x1d0 [ 87.804731][ T7101] ? __pfx_do_sys_openat2+0x10/0x10 [ 87.804758][ T7101] ? __fget_files+0x20e/0x3c0 [ 87.804778][ T7101] __ia32_compat_sys_openat+0x16d/0x210 [ 87.804812][ T7101] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 87.804833][ T7101] ? ksys_write+0x1b9/0x240 [ 87.804856][ T7101] ? rcu_is_watching+0x12/0xc0 [ 87.804877][ T7101] __do_fast_syscall_32+0x73/0x120 [ 87.804904][ T7101] do_fast_syscall_32+0x32/0x80 [ 87.804929][ T7101] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 87.804949][ T7101] RIP: 0023:0xf705e579 [ 87.804964][ T7101] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 87.804979][ T7101] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000127 [ 87.804996][ T7101] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000040 [ 87.805007][ T7101] RDX: 0000000000000042 RSI: 0000000000000000 RDI: 0000000000000000 [ 87.805015][ T7101] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 87.805025][ T7101] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 87.805035][ T7101] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 87.805057][ T7101] [ 88.200172][ T29] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 88.362699][ T29] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 88.366597][ T29] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 88.371142][ T29] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 88.375056][ T29] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 88.379779][ T29] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 88.389880][ T29] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 88.393524][ T29] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 88.397094][ T29] usb 8-1: Product: syz [ 88.398702][ T29] usb 8-1: Manufacturer: syz [ 88.404369][ T29] cdc_wdm 8-1:1.0: skipping garbage [ 88.406190][ T29] cdc_wdm 8-1:1.0: skipping garbage [ 88.410972][ T29] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 88.412988][ T29] cdc_wdm 8-1:1.0: Unknown control protocol [ 88.444156][ T7110] netlink: 12 bytes leftover after parsing attributes in process `syz.1.317'. [ 88.606363][ T7105] FAULT_INJECTION: forcing a failure. [ 88.606363][ T7105] name failslab, interval 1, probability 0, space 0, times 0 [ 88.612115][ T7105] CPU: 0 UID: 0 PID: 7105 Comm: syz.3.315 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 88.612138][ T7105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.612147][ T7105] Call Trace: [ 88.612153][ T7105] [ 88.612159][ T7105] dump_stack_lvl+0x16c/0x1f0 [ 88.612190][ T7105] should_fail_ex+0x512/0x640 [ 88.612215][ T7105] ? __kmalloc_node_noprof+0xc5/0x500 [ 88.612238][ T7105] should_failslab+0xc2/0x120 [ 88.612261][ T7105] __kmalloc_node_noprof+0xd8/0x500 [ 88.612281][ T7105] ? obj_cgroup_charge+0x365/0x640 [ 88.612301][ T7105] ? alloc_slab_obj_exts+0x41/0xa0 [ 88.612321][ T7105] alloc_slab_obj_exts+0x41/0xa0 [ 88.612339][ T7105] __memcg_slab_post_alloc_hook+0x27b/0x940 [ 88.612364][ T7105] ? kasan_save_track+0x14/0x30 [ 88.612387][ T7105] kmem_cache_alloc_noprof+0x307/0x3b0 [ 88.612407][ T7105] ? do_epoll_ctl+0x22ea/0x3590 [ 88.612437][ T7105] do_epoll_ctl+0x22ea/0x3590 [ 88.612471][ T7105] ? __pfx_do_epoll_ctl+0x10/0x10 [ 88.612493][ T7105] ? find_held_lock+0x2b/0x80 [ 88.612507][ T7105] ? __might_fault+0xe3/0x190 [ 88.612525][ T7105] ? __might_fault+0xe3/0x190 [ 88.612550][ T7105] ? __ia32_sys_epoll_ctl+0x15b/0x1e0 [ 88.612585][ T7105] __ia32_sys_epoll_ctl+0x15b/0x1e0 [ 88.612611][ T7105] ? __pfx___ia32_sys_epoll_ctl+0x10/0x10 [ 88.612634][ T7105] ? rcu_is_watching+0x12/0xc0 [ 88.612652][ T7105] ? rcu_is_watching+0x12/0xc0 [ 88.612673][ T7105] __do_fast_syscall_32+0x73/0x120 [ 88.612701][ T7105] do_fast_syscall_32+0x32/0x80 [ 88.612725][ T7105] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 88.612753][ T7105] RIP: 0023:0xf705e579 [ 88.612768][ T7105] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 88.612783][ T7105] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 00000000000000ff [ 88.612798][ T7105] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000001 [ 88.612809][ T7105] RDX: 0000000000000004 RSI: 0000000080000000 RDI: 0000000000000000 [ 88.612819][ T7105] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 88.612828][ T7105] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 88.612836][ T7105] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 88.612860][ T7105] [ 88.733320][ T7113] warning: `syz.0.318' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 88.738247][ T29] usb 8-1: USB disconnect, device number 2 [ 89.280731][ T5945] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 89.393234][ T7130] netlink: 24 bytes leftover after parsing attributes in process `syz.1.325'. [ 89.456192][ T5945] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 89.460367][ T5945] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 89.463978][ T5945] usb 7-1: Product: syz [ 89.465871][ T5945] usb 7-1: Manufacturer: syz [ 89.467963][ T5945] usb 7-1: SerialNumber: syz [ 89.476227][ T5945] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 89.532827][ T6047] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 89.680281][ T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 89.831449][ T24] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 89.834920][ T24] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 89.838969][ T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 89.843294][ T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 89.847061][ T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 89.852783][ T24] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 89.855658][ T24] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 89.858196][ T24] usb 6-1: Product: syz [ 89.859670][ T24] usb 6-1: Manufacturer: syz [ 89.866254][ T24] cdc_wdm 6-1:1.0: skipping garbage [ 89.867971][ T24] cdc_wdm 6-1:1.0: skipping garbage [ 89.870859][ T24] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 89.872823][ T24] cdc_wdm 6-1:1.0: Unknown control protocol [ 90.076398][ T76] usb 6-1: USB disconnect, device number 4 [ 90.366205][ T7140] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 90.369274][ T7140] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 90.473183][ T7148] ip6t_srh: unknown srh invflags 6BE9 [ 90.475743][ T7148] ubi: mtd0 is already attached to ubi31 [ 90.600157][ T6047] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 90.603596][ T6047] ath9k_htc: Failed to initialize the device [ 90.699974][ T6047] usb 7-1: ath9k_htc: USB layer deinitialized [ 90.705075][ T5945] usb 7-1: USB disconnect, device number 3 [ 90.706846][ T7157] overlayfs: missing 'workdir' [ 90.722038][ T7157] overlayfs: failed to resolve './file0': -2 [ 91.738601][ T7178] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12) [ 91.740839][ T7178] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 91.745453][ T7178] vhci_hcd vhci_hcd.0: Device attached [ 91.748295][ T7178] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 91.754009][ T7178] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(16) [ 91.756218][ T7178] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 91.758732][ T7178] vhci_hcd vhci_hcd.0: Device attached [ 91.762058][ T7178] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(18) [ 91.764347][ T7178] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 91.767017][ T7178] vhci_hcd vhci_hcd.0: Device attached [ 91.771953][ T7178] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 91.776696][ T7178] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 91.781717][ T7178] vhci_hcd vhci_hcd.0: pdev(1) rhport(6) sockfd(25) [ 91.784402][ T7178] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 91.787621][ T7178] vhci_hcd vhci_hcd.0: Device attached [ 91.792410][ T7185] vhci_hcd: connection closed [ 91.793294][ T7183] vhci_hcd: connection closed [ 91.793957][ T6905] vhci_hcd: stop threads [ 91.795787][ T7181] vhci_hcd: connection closed [ 91.797480][ T6905] vhci_hcd: release socket [ 91.800619][ T7179] vhci_hcd: connection closed [ 91.801089][ T6905] vhci_hcd: disconnect device [ 91.806991][ T6905] vhci_hcd: stop threads [ 91.808455][ T6905] vhci_hcd: release socket [ 91.809985][ T6905] vhci_hcd: disconnect device [ 91.812979][ T6905] vhci_hcd: stop threads [ 91.814488][ T6905] vhci_hcd: release socket [ 91.816043][ T6905] vhci_hcd: disconnect device [ 91.818095][ T6905] vhci_hcd: stop threads [ 91.819565][ T6905] vhci_hcd: release socket [ 91.821312][ T6905] vhci_hcd: disconnect device [ 92.098596][ T7196] FAULT_INJECTION: forcing a failure. [ 92.098596][ T7196] name failslab, interval 1, probability 0, space 0, times 0 [ 92.104031][ T7196] CPU: 2 UID: 0 PID: 7196 Comm: syz.0.340 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 92.104047][ T7196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.104056][ T7196] Call Trace: [ 92.104061][ T7196] [ 92.104068][ T7196] dump_stack_lvl+0x16c/0x1f0 [ 92.104095][ T7196] should_fail_ex+0x512/0x640 [ 92.104121][ T7196] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 92.104141][ T7196] should_failslab+0xc2/0x120 [ 92.104163][ T7196] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 92.104180][ T7196] ? getname_flags.part.0+0x4c/0x550 [ 92.104204][ T7196] getname_flags.part.0+0x4c/0x550 [ 92.104233][ T7196] getname_flags+0x93/0xf0 [ 92.104249][ T7196] user_path_at+0x24/0x60 [ 92.104259][ T7196] __ia32_sys_mount+0x1fb/0x310 [ 92.104271][ T7196] ? __pfx___ia32_sys_mount+0x10/0x10 [ 92.104284][ T7196] ? rcu_is_watching+0x12/0xc0 [ 92.104296][ T7196] __do_fast_syscall_32+0x73/0x120 [ 92.104313][ T7196] do_fast_syscall_32+0x32/0x80 [ 92.104329][ T7196] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 92.104343][ T7196] RIP: 0023:0xf706e579 [ 92.104351][ T7196] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 92.104360][ T7196] RSP: 002b:00000000f505e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 92.104370][ T7196] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800000c0 [ 92.104376][ T7196] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 00000000800001c0 [ 92.104382][ T7196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 92.104387][ T7196] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 92.104393][ T7196] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 92.104406][ T7196] [ 92.153203][ T7198] tipc: Started in network mode [ 92.180194][ T7198] tipc: Node identity 6af8b21d69ae, cluster identity 4711 [ 92.184443][ T7198] tipc: Enabled bearer , priority 10 [ 92.184555][ T7205] overlayfs: conflicting options: verity=require,redirect_dir=nofollow [ 92.466680][ T7215] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 92.473676][ T7215] xt_TPROXY: Can be used only with -p tcp or -p udp [ 92.490189][ T5945] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 92.663982][ T5945] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 92.666979][ T5945] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.670283][ T5945] usb 7-1: Product: syz [ 92.671760][ T5945] usb 7-1: Manufacturer: syz [ 92.673994][ T5945] usb 7-1: SerialNumber: syz [ 92.714274][ T5945] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 92.727734][ T5945] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 93.099151][ T7226] FAULT_INJECTION: forcing a failure. [ 93.099151][ T7226] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 93.104377][ T7226] CPU: 2 UID: 0 PID: 7226 Comm: syz.3.349 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 93.104398][ T7226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 93.104408][ T7226] Call Trace: [ 93.104414][ T7226] [ 93.104421][ T7226] dump_stack_lvl+0x16c/0x1f0 [ 93.104448][ T7226] should_fail_ex+0x512/0x640 [ 93.104476][ T7226] _copy_to_user+0x32/0xd0 [ 93.104493][ T7226] simple_read_from_buffer+0xcb/0x170 [ 93.104519][ T7226] proc_fail_nth_read+0x197/0x270 [ 93.104544][ T7226] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 93.104568][ T7226] ? rw_verify_area+0xcf/0x680 [ 93.104592][ T7226] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 93.104616][ T7226] vfs_read+0x1e1/0xc70 [ 93.104636][ T7226] ? __pfx___mutex_lock+0x10/0x10 [ 93.104660][ T7226] ? __pfx_vfs_read+0x10/0x10 [ 93.104684][ T7226] ? __fget_files+0x20e/0x3c0 [ 93.104706][ T7226] ksys_read+0x12a/0x240 [ 93.104722][ T7226] ? __pfx_ksys_read+0x10/0x10 [ 93.104740][ T7226] ? rcu_is_watching+0x12/0xc0 [ 93.104759][ T7226] __do_fast_syscall_32+0x73/0x120 [ 93.104786][ T7226] do_fast_syscall_32+0x32/0x80 [ 93.104811][ T7226] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 93.104832][ T7226] RIP: 0023:0xf705e579 [ 93.104845][ T7226] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 93.104861][ T7226] RSP: 002b:00000000f504e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 93.104877][ T7226] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f504e620 [ 93.104887][ T7226] RDX: 000000000000000f RSI: 00000000f73c2ff4 RDI: 0000000000000000 [ 93.104896][ T7226] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 93.104906][ T7226] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 93.104915][ T7226] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 93.104937][ T7226] [ 93.313575][ T76] tipc: Node number set to 56013341 [ 93.497531][ T7229] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 93.504689][ T7229] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 93.619875][ T7240] FAULT_INJECTION: forcing a failure. [ 93.619875][ T7240] name failslab, interval 1, probability 0, space 0, times 0 [ 93.624748][ T7240] CPU: 3 UID: 0 PID: 7240 Comm: syz.1.353 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 93.624763][ T7240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 93.624769][ T7240] Call Trace: [ 93.624773][ T7240] [ 93.624777][ T7240] dump_stack_lvl+0x16c/0x1f0 [ 93.624796][ T7240] should_fail_ex+0x512/0x640 [ 93.624812][ T7240] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 93.624836][ T7240] should_failslab+0xc2/0x120 [ 93.624852][ T7240] __kmalloc_cache_noprof+0x6a/0x3e0 [ 93.624862][ T7240] ? tcf_chain_create+0x98/0x370 [ 93.624875][ T7240] tcf_chain_create+0x98/0x370 [ 93.624887][ T7240] __tcf_chain_get+0x153/0x1b0 [ 93.624902][ T7240] tc_new_tfilter+0x6ed/0x2340 [ 93.624917][ T7240] ? bpf_ksym_find+0x121/0x1c0 [ 93.624937][ T7240] ? kernel_text_address+0x8d/0x100 [ 93.624947][ T7240] ? __kernel_text_address+0xd/0x40 [ 93.624956][ T7240] ? __pfx_tc_new_tfilter+0x10/0x10 [ 93.624969][ T7240] ? arch_stack_walk+0xa6/0x100 [ 93.624987][ T7240] ? __lock_acquire+0x5ca/0x1ba0 [ 93.625009][ T7240] ? find_held_lock+0x2b/0x80 [ 93.625019][ T7240] ? __pfx_tc_new_tfilter+0x10/0x10 [ 93.625032][ T7240] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 93.625046][ T7240] ? __pfx_tc_new_tfilter+0x10/0x10 [ 93.625061][ T7240] rtnetlink_rcv_msg+0x95b/0xe90 [ 93.625075][ T7240] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 93.625096][ T7240] netlink_rcv_skb+0x16d/0x440 [ 93.625110][ T7240] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 93.625124][ T7240] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 93.625146][ T7240] ? netlink_deliver_tap+0x1ae/0xd30 [ 93.625162][ T7240] netlink_unicast+0x53a/0x7f0 [ 93.625178][ T7240] ? __pfx_netlink_unicast+0x10/0x10 [ 93.625195][ T7240] netlink_sendmsg+0x8d1/0xdd0 [ 93.625212][ T7240] ? __pfx_netlink_sendmsg+0x10/0x10 [ 93.625226][ T7240] ? __import_iovec+0x1c8/0x660 [ 93.625240][ T7240] ____sys_sendmsg+0xa95/0xc70 [ 93.625257][ T7240] ? __pfx_____sys_sendmsg+0x10/0x10 [ 93.625272][ T7240] ? get_compat_msghdr+0x11a/0x170 [ 93.625291][ T7240] ___sys_sendmsg+0x134/0x1d0 [ 93.625304][ T7240] ? __pfx____sys_sendmsg+0x10/0x10 [ 93.625335][ T7240] __sys_sendmsg+0x16d/0x220 [ 93.625348][ T7240] ? __pfx___sys_sendmsg+0x10/0x10 [ 93.625367][ T7240] ? rcu_is_watching+0x12/0xc0 [ 93.625380][ T7240] __do_fast_syscall_32+0x73/0x120 [ 93.625397][ T7240] do_fast_syscall_32+0x32/0x80 [ 93.625417][ T7240] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 93.625430][ T7240] RIP: 0023:0xf70fe579 [ 93.625441][ T7240] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 93.625451][ T7240] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 93.625464][ T7240] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080006040 [ 93.625470][ T7240] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000 [ 93.625476][ T7240] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 93.625482][ T7240] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 93.625488][ T7240] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 93.625501][ T7240] [ 93.810949][ T5945] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 93.813573][ T5945] ath9k_htc: Failed to initialize the device [ 93.849668][ T5945] usb 7-1: ath9k_htc: USB layer deinitialized [ 93.857235][ T34] usb 7-1: USB disconnect, device number 4 [ 94.120266][ T76] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 94.235590][ T7252] bridge_slave_0: left allmulticast mode [ 94.237495][ T7252] bridge_slave_0: left promiscuous mode [ 94.239421][ T7252] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.244401][ T7252] bridge_slave_1: left allmulticast mode [ 94.246324][ T7252] bridge_slave_1: left promiscuous mode [ 94.248247][ T7252] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.253944][ T7252] bond0: (slave bond_slave_0): Releasing backup interface [ 94.258384][ T7252] bond0: (slave bond_slave_1): Releasing backup interface [ 94.273174][ T76] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 94.277121][ T7252] team0: Port device team_slave_0 removed [ 94.279518][ T76] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 94.285910][ T76] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 94.290236][ T76] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.290612][ T7252] team0: Port device team_slave_1 removed [ 94.300775][ T7252] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 94.304089][ T7252] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 94.308910][ T7252] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 94.311780][ T7252] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 94.402058][ T7255] FAULT_INJECTION: forcing a failure. [ 94.402058][ T7255] name failslab, interval 1, probability 0, space 0, times 0 [ 94.407546][ T7255] CPU: 0 UID: 0 PID: 7255 Comm: syz.2.359 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 94.407570][ T7255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.407579][ T7255] Call Trace: [ 94.407584][ T7255] [ 94.407591][ T7255] dump_stack_lvl+0x16c/0x1f0 [ 94.407620][ T7255] should_fail_ex+0x512/0x640 [ 94.407647][ T7255] should_failslab+0xc2/0x120 [ 94.407683][ T7255] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 94.407705][ T7255] ? skb_clone+0x190/0x3f0 [ 94.407728][ T7255] skb_clone+0x190/0x3f0 [ 94.407748][ T7255] netlink_deliver_tap+0xabd/0xd30 [ 94.407775][ T7255] netlink_unicast+0x5df/0x7f0 [ 94.407799][ T7255] ? __pfx_netlink_unicast+0x10/0x10 [ 94.407827][ T7255] netlink_sendmsg+0x8d1/0xdd0 [ 94.407853][ T7255] ? __pfx_netlink_sendmsg+0x10/0x10 [ 94.407875][ T7255] ? __import_iovec+0x1c8/0x660 [ 94.407897][ T7255] ____sys_sendmsg+0xa95/0xc70 [ 94.407924][ T7255] ? __pfx_____sys_sendmsg+0x10/0x10 [ 94.407946][ T7255] ? get_compat_msghdr+0x11a/0x170 [ 94.407981][ T7255] ___sys_sendmsg+0x134/0x1d0 [ 94.408003][ T7255] ? __pfx____sys_sendmsg+0x10/0x10 [ 94.408051][ T7255] __sys_sendmsg+0x16d/0x220 [ 94.408072][ T7255] ? __pfx___sys_sendmsg+0x10/0x10 [ 94.408102][ T7255] ? rcu_is_watching+0x12/0xc0 [ 94.408121][ T7255] __do_fast_syscall_32+0x73/0x120 [ 94.408147][ T7255] do_fast_syscall_32+0x32/0x80 [ 94.408172][ T7255] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 94.408191][ T7255] RIP: 0023:0xf7fc3579 [ 94.408204][ T7255] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 94.408220][ T7255] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 94.408235][ T7255] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800001c0 [ 94.408245][ T7255] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 94.408255][ T7255] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 94.408263][ T7255] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 94.408272][ T7255] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 94.408294][ T7255] [ 94.408350][ T7255] netlink: 4 bytes leftover after parsing attributes in process `syz.2.359'. [ 94.501999][ T76] usb 6-1: usb_control_msg returned -32 [ 94.503865][ T76] usbtmc 6-1:16.0: can't read capabilities [ 94.826184][ T7264] ip6t_srh: unknown srh invflags 6BE9 [ 94.833530][ T7266] syzkaller1: entered promiscuous mode [ 94.835356][ T7266] syzkaller1: entered allmulticast mode [ 94.837506][ T7264] ubi: mtd0 is already attached to ubi31 [ 94.857080][ T7267] usbtmc 6-1:16.0: usb_control_msg returned -32 [ 94.859613][ T7249] netlink: 4 bytes leftover after parsing attributes in process `syz.1.357'. [ 94.957876][ T7270] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 94.984191][ T7270] FAULT_INJECTION: forcing a failure. [ 94.984191][ T7270] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 94.984789][ T24] usb 6-1: USB disconnect, device number 5 [ 94.988687][ T7270] CPU: 1 UID: 0 PID: 7270 Comm: syz.3.364 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 94.988713][ T7270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.988719][ T7270] Call Trace: [ 94.988728][ T7270] [ 94.988732][ T7270] dump_stack_lvl+0x16c/0x1f0 [ 94.988752][ T7270] should_fail_ex+0x512/0x640 [ 94.988770][ T7270] __kvm_read_guest_page+0x16b/0x220 [ 94.988788][ T7270] kvm_fetch_guest_virt+0x128/0x1a0 [ 94.988804][ T7270] __do_insn_fetch_bytes+0x41e/0x6d0 [ 94.988818][ T7270] ? __pfx___do_insn_fetch_bytes+0x10/0x10 [ 94.988832][ T7270] ? vmx_vcpu_load_vmcs+0x272/0x7f0 [ 94.988850][ T7270] x86_decode_insn+0xb90/0x5540 [ 94.988870][ T7270] ? vmx_segment_cache_test_set+0x14b/0x400 [ 94.988883][ T7270] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 94.988897][ T7270] ? __pfx_x86_decode_insn+0x10/0x10 [ 94.988912][ T7270] ? vmx_cache_reg+0x333/0x5e0 [ 94.988928][ T7270] ? kvm_register_read_raw+0xe9/0x240 [ 94.988942][ T7270] ? init_decode_cache+0xd/0x210 [ 94.988956][ T7270] ? init_emulate_ctxt+0x337/0x510 [ 94.988972][ T7270] ? __pfx_init_emulate_ctxt+0x10/0x10 [ 94.988987][ T7270] ? kvm_sched_in+0x9a/0xf0 [ 94.988999][ T7270] ? rcu_is_watching+0x12/0xc0 [ 94.989009][ T7270] ? trace_sched_exit_tp+0xde/0x130 [ 94.989024][ T7270] x86_emulate_instruction+0x9b2/0x1a90 [ 94.989044][ T7270] handle_ud+0x103/0x280 [ 94.989057][ T7270] ? __pfx_handle_ud+0x10/0x10 [ 94.989073][ T7270] ? rcu_is_watching+0x12/0xc0 [ 94.989082][ T7270] ? __vmx_complete_interrupts+0x111/0x4e0 [ 94.989095][ T7270] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 94.989110][ T7270] handle_exception_nmi+0x856/0x1740 [ 94.989125][ T7270] ? __pfx_handle_exception_nmi+0x10/0x10 [ 94.989137][ T7270] vmx_handle_exit+0x6ab/0x1cc0 [ 94.989152][ T7270] vcpu_run+0x30ba/0x5390 [ 94.989173][ T7270] ? __pfx_vcpu_run+0x10/0x10 [ 94.989189][ T7270] ? fpu_swap_kvm_fpstate+0x235/0x4a0 [ 94.989202][ T7270] ? __local_bh_enable_ip+0xa4/0x120 [ 94.989218][ T7270] ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0 [ 94.989232][ T7270] kvm_arch_vcpu_ioctl_run+0x51e/0x18c0 [ 94.989251][ T7270] kvm_vcpu_ioctl+0x5e9/0x1680 [ 94.989268][ T7270] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 94.989283][ T7270] ? tomoyo_path_number_perm+0x18d/0x580 [ 94.989298][ T7270] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 94.989310][ T7270] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 94.989325][ T7270] ? do_vfs_ioctl+0x512/0x1990 [ 94.989340][ T7270] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 94.989366][ T7270] kvm_vcpu_compat_ioctl+0x20f/0x3d0 [ 94.989382][ T7270] ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10 [ 94.989398][ T7270] ? __fget_files+0x20e/0x3c0 [ 94.989406][ T7270] ? __fput_deferred+0x370/0x370 [ 94.989421][ T7270] ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10 [ 94.989437][ T7270] __ia32_compat_sys_ioctl+0x24f/0x360 [ 94.989454][ T7270] __do_fast_syscall_32+0x73/0x120 [ 94.989471][ T7270] do_fast_syscall_32+0x32/0x80 [ 94.989487][ T7270] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 94.989500][ T7270] RIP: 0023:0xf705e579 [ 94.989532][ T7270] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 94.989544][ T7270] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 94.989554][ T7270] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000ae80 [ 94.989560][ T7270] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 94.989566][ T7270] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 94.989571][ T7270] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 94.989577][ T7270] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 94.989590][ T7270] [ 95.460547][ T7287] FAULT_INJECTION: forcing a failure. [ 95.460547][ T7287] name failslab, interval 1, probability 0, space 0, times 0 [ 95.466992][ T7287] CPU: 2 UID: 0 PID: 7287 Comm: syz.0.368 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 95.467013][ T7287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.467022][ T7287] Call Trace: [ 95.467027][ T7287] [ 95.467033][ T7287] dump_stack_lvl+0x16c/0x1f0 [ 95.467063][ T7287] should_fail_ex+0x512/0x640 [ 95.467087][ T7287] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 95.467110][ T7287] should_failslab+0xc2/0x120 [ 95.467131][ T7287] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 95.467153][ T7287] ? __request_module+0x2cb/0x690 [ 95.467180][ T7287] kstrdup+0x53/0x100 [ 95.467202][ T7287] __request_module+0x2cb/0x690 [ 95.467225][ T7287] ? __pfx___request_module+0x10/0x10 [ 95.467244][ T7287] ? aa_get_newest_label+0x375/0x680 [ 95.467263][ T7287] ? __pfx_aa_get_newest_label+0x10/0x10 [ 95.467285][ T7287] ? apparmor_capable+0x114/0x1d0 [ 95.467304][ T7287] ? dev_load+0x1c0/0x240 [ 95.467324][ T7287] dev_load+0x221/0x240 [ 95.467340][ T7287] dev_ioctl+0x20d/0x1060 [ 95.467360][ T7287] sock_do_ioctl+0x19d/0x280 [ 95.467382][ T7287] ? __pfx_sock_do_ioctl+0x10/0x10 [ 95.467401][ T7287] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 95.467425][ T7287] ? unix_ioctl+0xf0/0x5e0 [ 95.467472][ T7287] ? __pfx_unix_ioctl+0x10/0x10 [ 95.467495][ T7287] compat_sock_ioctl+0x301/0x730 [ 95.467513][ T7287] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 95.467536][ T7287] ? __fget_files+0x20e/0x3c0 [ 95.467546][ T7287] ? __fput_deferred+0x370/0x370 [ 95.467562][ T7287] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 95.467578][ T7287] __ia32_compat_sys_ioctl+0x24f/0x360 [ 95.467594][ T7287] __do_fast_syscall_32+0x73/0x120 [ 95.467611][ T7287] do_fast_syscall_32+0x32/0x80 [ 95.467627][ T7287] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 95.467641][ T7287] RIP: 0023:0xf706e579 [ 95.467650][ T7287] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 95.467660][ T7287] RSP: 002b:00000000f505e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 95.467671][ T7287] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000008914 [ 95.467677][ T7287] RDX: 0000000080002280 RSI: 0000000000000000 RDI: 0000000000000000 [ 95.467683][ T7287] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 95.467689][ T7287] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 95.467695][ T7287] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 95.467712][ T7287] [ 95.634538][ T7292] netlink: 48 bytes leftover after parsing attributes in process `syz.2.370'. [ 95.664721][ T7298] binder: 7297:7298 ioctl c0306201 80000240 returned -14 [ 95.667937][ T7298] FAULT_INJECTION: forcing a failure. [ 95.667937][ T7298] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 95.672471][ T7298] CPU: 1 UID: 0 PID: 7298 Comm: syz.1.372 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 95.672485][ T7298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.672492][ T7298] Call Trace: [ 95.672495][ T7298] [ 95.672499][ T7298] dump_stack_lvl+0x16c/0x1f0 [ 95.672532][ T7298] should_fail_ex+0x512/0x640 [ 95.672551][ T7298] _copy_to_user+0x32/0xd0 [ 95.672562][ T7298] simple_read_from_buffer+0xcb/0x170 [ 95.672579][ T7298] proc_fail_nth_read+0x197/0x270 [ 95.672595][ T7298] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 95.672611][ T7298] ? rw_verify_area+0xcf/0x680 [ 95.672626][ T7298] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 95.672640][ T7298] vfs_read+0x1e1/0xc70 [ 95.672653][ T7298] ? __pfx___mutex_lock+0x10/0x10 [ 95.672673][ T7298] ? __pfx_vfs_read+0x10/0x10 [ 95.672687][ T7298] ? __fget_files+0x20e/0x3c0 [ 95.672701][ T7298] ksys_read+0x12a/0x240 [ 95.672710][ T7298] ? __pfx_ksys_read+0x10/0x10 [ 95.672721][ T7298] ? rcu_is_watching+0x12/0xc0 [ 95.672734][ T7298] __do_fast_syscall_32+0x73/0x120 [ 95.672751][ T7298] do_fast_syscall_32+0x32/0x80 [ 95.672767][ T7298] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 95.672780][ T7298] RIP: 0023:0xf70fe579 [ 95.672789][ T7298] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 95.672799][ T7298] RSP: 002b:00000000f50ee590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 95.672809][ T7298] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f50ee620 [ 95.672815][ T7298] RDX: 000000000000000f RSI: 00000000f7462ff4 RDI: 0000000000000000 [ 95.672821][ T7298] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 95.672826][ T7298] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 95.672832][ T7298] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 95.672845][ T7298] [ 95.882770][ T7305] FAULT_INJECTION: forcing a failure. [ 95.882770][ T7305] name failslab, interval 1, probability 0, space 0, times 0 [ 95.887105][ T7305] CPU: 0 UID: 0 PID: 7305 Comm: syz.2.374 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 95.887120][ T7305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.887126][ T7305] Call Trace: [ 95.887133][ T7305] [ 95.887140][ T7305] dump_stack_lvl+0x16c/0x1f0 [ 95.887160][ T7305] should_fail_ex+0x512/0x640 [ 95.887175][ T7305] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 95.887190][ T7305] should_failslab+0xc2/0x120 [ 95.887204][ T7305] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 95.887216][ T7305] ? __d_alloc+0x31/0xaa0 [ 95.887229][ T7305] __d_alloc+0x31/0xaa0 [ 95.887239][ T7305] ? __d_lookup+0x266/0x4a0 [ 95.887255][ T7305] d_alloc+0x4a/0x1e0 [ 95.887266][ T7305] lookup_one_qstr_excl_raw.part.0+0x96/0x160 [ 95.887280][ T7305] ? lookup_dcache+0x66/0x170 [ 95.887294][ T7305] lookup_one_qstr_excl+0x3e/0x120 [ 95.887308][ T7305] do_renameat2+0x5aa/0xc90 [ 95.887324][ T7305] ? __pfx_do_renameat2+0x10/0x10 [ 95.887337][ T7305] ? find_held_lock+0x2b/0x80 [ 95.887347][ T7305] ? __might_fault+0xe3/0x190 [ 95.887360][ T7305] ? __might_fault+0x13b/0x190 [ 95.887378][ T7305] ? getname_flags.part.0+0x1c5/0x550 [ 95.887395][ T7305] __ia32_sys_rename+0x7c/0xa0 [ 95.887407][ T7305] __do_fast_syscall_32+0x73/0x120 [ 95.887424][ T7305] do_fast_syscall_32+0x32/0x80 [ 95.887469][ T7305] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 95.887486][ T7305] RIP: 0023:0xf7fc3579 [ 95.887494][ T7305] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 95.887504][ T7305] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000026 [ 95.887515][ T7305] RAX: ffffffffffffffda RBX: 00000000800001c0 RCX: 0000000080000200 [ 95.887521][ T7305] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 95.887527][ T7305] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 95.887532][ T7305] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 95.887538][ T7305] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 95.887556][ T7305] [ 96.128333][ T7310] FAULT_INJECTION: forcing a failure. [ 96.128333][ T7310] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 96.133195][ T7310] CPU: 2 UID: 0 PID: 7310 Comm: syz.3.376 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 96.133209][ T7310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.133215][ T7310] Call Trace: [ 96.133220][ T7310] [ 96.133224][ T7310] dump_stack_lvl+0x16c/0x1f0 [ 96.133245][ T7310] should_fail_ex+0x512/0x640 [ 96.133264][ T7310] _copy_from_user+0x2e/0xd0 [ 96.133281][ T7310] kstrtouint_from_user+0xd6/0x1d0 [ 96.133294][ T7310] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 96.133306][ T7310] ? __lock_acquire+0xaa4/0x1ba0 [ 96.133327][ T7310] proc_fail_nth_write+0x83/0x250 [ 96.133343][ T7310] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 96.133362][ T7310] vfs_write+0x25f/0x1180 [ 96.133371][ T7310] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 96.133388][ T7310] ? __pfx___mutex_lock+0x10/0x10 [ 96.133404][ T7310] ? __pfx_vfs_write+0x10/0x10 [ 96.133418][ T7310] ? __fget_files+0x20e/0x3c0 [ 96.133432][ T7310] ksys_write+0x12a/0x240 [ 96.133442][ T7310] ? __pfx_ksys_write+0x10/0x10 [ 96.133453][ T7310] ? rcu_is_watching+0x12/0xc0 [ 96.133466][ T7310] __do_fast_syscall_32+0x73/0x120 [ 96.133483][ T7310] do_fast_syscall_32+0x32/0x80 [ 96.133499][ T7310] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 96.133512][ T7310] RIP: 0023:0xf705e579 [ 96.133521][ T7310] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 96.133531][ T7310] RSP: 002b:00000000f504e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 96.133541][ T7310] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f504e620 [ 96.133547][ T7310] RDX: 0000000000000001 RSI: 00000000f73c2ff4 RDI: 0000000000000000 [ 96.133555][ T7310] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 96.133563][ T7310] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 96.133570][ T7310] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 96.133583][ T7310] [ 96.686315][ T7323] binder: 7322:7323 ioctl c0306201 80000240 returned -14 [ 96.691355][ T7321] ip6t_srh: unknown srh invflags 6BE9 [ 96.765672][ T7321] ubi: mtd0 is already attached to ubi31 [ 97.090731][ T7333] netlink: 164 bytes leftover after parsing attributes in process `syz.2.384'. [ 97.094714][ T7333] netlink: 164 bytes leftover after parsing attributes in process `syz.2.384'. [ 97.097712][ T7333] netlink: 60 bytes leftover after parsing attributes in process `syz.2.384'. [ 97.138714][ T5948] Bluetooth: hci0: unexpected cc 0x2007 length: 100 > 2 [ 97.141701][ T5948] Bluetooth: hci0: unexpected event for opcode 0x2007 [ 97.309981][ T7341] netlink: 164 bytes leftover after parsing attributes in process `syz.2.386'. [ 97.314194][ T7341] netlink: 164 bytes leftover after parsing attributes in process `syz.2.386'. [ 97.318683][ T7341] netlink: 60 bytes leftover after parsing attributes in process `syz.2.386'. [ 97.570270][ T5945] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 97.751150][ T5945] usb 6-1: not running at top speed; connect to a high speed hub [ 97.756312][ T5945] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 97.759933][ T5945] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 97.762913][ T5945] usb 6-1: Product: 飥Ꞵ韮솽蘷釈굼劣朥騝♃᳤申ﲛន◲錖嚥衾㡄幧ꊏ㳋俗ࡱ斜챞둀ꚹ틺脫⣗럁쉦ജ箋蹲臉戮鶒퉫푓ٛ [ 97.769829][ T5945] usb 6-1: Manufacturer: Ь [ 97.777732][ T5945] usb 6-1: SerialNumber: syz [ 98.004781][ T5945] cdc_ncm 6-1:1.0: bind() failure [ 98.008924][ T5945] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found [ 98.023261][ T5945] cdc_ncm 6-1:1.1: bind() failure [ 98.037988][ T5945] usb 6-1: USB disconnect, device number 6 [ 98.819605][ T7371] netlink: 16 bytes leftover after parsing attributes in process `syz.1.394'. [ 98.825314][ T7371] binder: 7369:7371 ioctl c0306201 80000240 returned -14 [ 99.266791][ T7379] ip6t_srh: unknown srh invflags 6BE9 [ 99.272219][ T7379] ubi: mtd0 is already attached to ubi31 [ 100.046375][ T7406] netlink: 'syz.0.404': attribute type 10 has an invalid length. [ 100.049385][ T7406] macvlan0: entered allmulticast mode [ 100.053174][ T7406] veth1_vlan: entered allmulticast mode [ 100.058652][ T7406] team0: Port device macvlan0 added [ 100.062392][ T7406] __nla_validate_parse: 2 callbacks suppressed [ 100.062402][ T7406] netlink: 60 bytes leftover after parsing attributes in process `syz.0.404'. [ 100.123695][ T7408] No source specified [ 100.718249][ T7400] netlink: 8 bytes leftover after parsing attributes in process `syz.2.401'. [ 100.721530][ T7400] netlink: 'syz.2.401': attribute type 5 has an invalid length. [ 100.724378][ T7400] netlink: 20 bytes leftover after parsing attributes in process `syz.2.401'. [ 100.737713][ T7400] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 100.742389][ T7400] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 100.745529][ T7400] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 100.750695][ T7400] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 100.753525][ T7400] geneve2: entered promiscuous mode [ 100.755213][ T7400] geneve2: entered allmulticast mode [ 101.173341][ T5948] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 101.176423][ T5948] Bluetooth: hci0: Injecting HCI hardware error event [ 101.179594][ T5948] Bluetooth: hci0: hardware error 0x00 [ 101.849933][ T5952] Bluetooth: hci3: unexpected event for opcode 0x080e [ 101.852398][ T5952] Bluetooth: hci3: ACL packet for unknown connection handle 201 [ 101.854814][ T5952] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 102.726336][ T7460] No source specified [ 102.729824][ T7460] binder: 7459:7460 ioctl c0306201 80000540 returned -14 [ 102.902546][ T7466] ip6t_srh: unknown srh invflags 6BE9 [ 102.905745][ T7466] ubi: mtd0 is already attached to ubi31 [ 103.240191][ T5948] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 103.434847][ T7477] fuse: Unknown parameter 'f' [ 103.811520][ T5945] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 103.903760][ T40] kauditd_printk_skb: 23 callbacks suppressed [ 103.903772][ T40] audit: type=1800 audit(1747705275.939:95): pid=7473 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.425" name="/" dev="fuse" ino=0 res=0 errno=0 [ 103.970205][ T5945] usb 8-1: Using ep0 maxpacket: 32 [ 103.974966][ T5945] usb 8-1: config index 0 descriptor too short (expected 29220, got 36) [ 103.977317][ T5945] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 103.980011][ T5945] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 103.982713][ T5945] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 103.985404][ T5945] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 103.988119][ T5945] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 103.992166][ T5945] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 103.995067][ T5945] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.998743][ T5945] usb 8-1: config 0 descriptor?? [ 104.218891][ T7480] loop9: detected capacity change from 0 to 7 [ 104.236014][ T7480] Dev loop9: unable to read RDB block 7 [ 104.249010][ T7480] loop9: unable to read partition table [ 104.263664][ T7480] loop9: partition table beyond EOD, truncated [ 104.332885][ T7480] loop_reread_partitions: partition scan of loop9 (被x ) failed (rc=-5) [ 104.421683][ T5945] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 104.621227][ T7480] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 104.624048][ T7480] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 105.293783][ T7504] FAULT_INJECTION: forcing a failure. [ 105.293783][ T7504] name failslab, interval 1, probability 0, space 0, times 0 [ 105.298098][ T7504] CPU: 0 UID: 0 PID: 7504 Comm: syz.2.434 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 105.298112][ T7504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 105.298118][ T7504] Call Trace: [ 105.298122][ T7504] [ 105.298126][ T7504] dump_stack_lvl+0x16c/0x1f0 [ 105.298147][ T7504] should_fail_ex+0x512/0x640 [ 105.298166][ T7504] should_failslab+0xc2/0x120 [ 105.298179][ T7504] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 105.298192][ T7504] ? __alloc_skb+0x2b2/0x380 [ 105.298206][ T7504] __alloc_skb+0x2b2/0x380 [ 105.298218][ T7504] ? __pfx___alloc_skb+0x10/0x10 [ 105.298229][ T7504] ? rt6_nlmsg_size+0xaf/0x450 [ 105.298242][ T7504] ? rt6_get_route_info+0x960/0x9e0 [ 105.298255][ T7504] ? fib6_add_1+0xc50/0x17d0 [ 105.298268][ T7504] inet6_rt_notify+0xc7/0x260 [ 105.298286][ T7504] fib6_add+0x251e/0x4b60 [ 105.298304][ T7504] ? __pfx_fib6_add+0x10/0x10 [ 105.298316][ T7504] ? do_raw_spin_lock+0x12c/0x2b0 [ 105.298332][ T7504] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 105.298351][ T7504] ? ip6_route_add+0x8d/0x1c0 [ 105.298369][ T7504] ip6_route_add+0x8d/0x1c0 [ 105.298390][ T7504] ipv6_route_ioctl+0x426/0x5d0 [ 105.298416][ T7504] ? __pfx_ipv6_route_ioctl+0x10/0x10 [ 105.298450][ T7504] ? __might_fault+0xe3/0x190 [ 105.298466][ T7504] ? __might_fault+0xe3/0x190 [ 105.298476][ T7504] ? __might_fault+0x13b/0x190 [ 105.298492][ T7504] inet6_compat_ioctl+0x2db/0x360 [ 105.298504][ T7504] ? __pfx_inet6_compat_ioctl+0x10/0x10 [ 105.298532][ T7504] ? __pfx_inet6_compat_ioctl+0x10/0x10 [ 105.298551][ T7504] compat_sock_ioctl+0x173/0x730 [ 105.298577][ T7504] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 105.298604][ T7504] ? __fget_files+0x20e/0x3c0 [ 105.298618][ T7504] ? __fput_deferred+0x370/0x370 [ 105.298636][ T7504] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 105.298651][ T7504] __ia32_compat_sys_ioctl+0x24f/0x360 [ 105.298668][ T7504] __do_fast_syscall_32+0x73/0x120 [ 105.298689][ T7504] do_fast_syscall_32+0x32/0x80 [ 105.298711][ T7504] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 105.298729][ T7504] RIP: 0023:0xf7fc3579 [ 105.298744][ T7504] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 105.298759][ T7504] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 105.298774][ T7504] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000890b [ 105.298784][ T7504] RDX: 0000000080000540 RSI: 0000000000000000 RDI: 0000000000000000 [ 105.298793][ T7504] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 105.298798][ T7504] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 105.298804][ T7504] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 105.298817][ T7504] [ 105.756070][ T7512] netlink: 20 bytes leftover after parsing attributes in process `syz.1.436'. [ 106.596254][ T24] usb 8-1: USB disconnect, device number 3 [ 106.634054][ T24] usblp0: removed [ 106.861416][ T7531] Cannot find del_set index 3 as target [ 106.870295][ T7531] netlink: 'syz.2.440': attribute type 11 has an invalid length. [ 106.872924][ T7531] netlink: 224 bytes leftover after parsing attributes in process `syz.2.440'. [ 107.583746][ T7555] netlink: 20 bytes leftover after parsing attributes in process `syz.3.445'. [ 107.700389][ T5945] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 107.850147][ T5945] usb 7-1: Using ep0 maxpacket: 16 [ 107.855072][ T5945] usb 7-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 107.860695][ T5945] usb 7-1: config 0 interface 0 has no altsetting 0 [ 107.863593][ T5945] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice=ff.f7 [ 107.873364][ T5945] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.883778][ T5945] usb 7-1: config 0 descriptor?? [ 108.146349][ T7570] IPVS: wrr: FWM 3 0x00000003 - no destination available [ 108.151052][ T5945] IPVS: starting estimator thread 0... [ 108.167126][ T9] usb 7-1: USB disconnect, device number 5 [ 108.250211][ T7571] IPVS: using max 42 ests per chain, 100800 per kthread [ 108.323962][ T7574] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 109.056146][ T7578] ======================================================= [ 109.056146][ T7578] WARNING: The mand mount option has been deprecated and [ 109.056146][ T7578] and is ignored by this kernel. Remove the mand [ 109.056146][ T7578] option from the mount to silence this warning. [ 109.056146][ T7578] ======================================================= [ 109.067429][ T7578] overlay: ./file1 is not a directory [ 109.070260][ T7578] FAULT_INJECTION: forcing a failure. [ 109.070260][ T7578] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 109.074539][ T7578] CPU: 2 UID: 0 PID: 7578 Comm: syz.1.450 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 109.074552][ T7578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 109.074559][ T7578] Call Trace: [ 109.074563][ T7578] [ 109.074568][ T7578] dump_stack_lvl+0x16c/0x1f0 [ 109.074591][ T7578] should_fail_ex+0x512/0x640 [ 109.074610][ T7578] _copy_from_user+0x2e/0xd0 [ 109.074627][ T7578] get_compat_msghdr+0xa7/0x170 [ 109.074641][ T7578] ? __pfx_get_compat_msghdr+0x10/0x10 [ 109.074657][ T7578] ___sys_sendmsg+0x1ae/0x1d0 [ 109.074671][ T7578] ? __pfx____sys_sendmsg+0x10/0x10 [ 109.074700][ T7578] __sys_sendmsg+0x16d/0x220 [ 109.074713][ T7578] ? __pfx___sys_sendmsg+0x10/0x10 [ 109.074731][ T7578] ? rcu_is_watching+0x12/0xc0 [ 109.074744][ T7578] __do_fast_syscall_32+0x73/0x120 [ 109.074761][ T7578] do_fast_syscall_32+0x32/0x80 [ 109.074777][ T7578] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 109.074791][ T7578] RIP: 0023:0xf70fe579 [ 109.074799][ T7578] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 109.074809][ T7578] RSP: 002b:00000000f50cd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 109.074819][ T7578] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000240 [ 109.074826][ T7578] RDX: 0000000000000810 RSI: 0000000000000000 RDI: 0000000000000000 [ 109.074831][ T7578] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 109.074837][ T7578] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 109.074843][ T7578] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 109.074855][ T7578] [ 109.535017][ T7595] netlink: 20 bytes leftover after parsing attributes in process `syz.0.454'. [ 111.102515][ T7626] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 111.105124][ T7626] UDF-fs: Scanning with blocksize 2048 failed [ 111.108772][ T7626] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 111.111723][ T7626] UDF-fs: Scanning with blocksize 4096 failed [ 111.631534][ T7633] Bluetooth: MGMT ver 1.23 [ 111.708025][ T7626] syz.3.463 (7626) used greatest stack depth: 16808 bytes left [ 111.750879][ T7633] netlink: 36 bytes leftover after parsing attributes in process `syz.1.465'. [ 111.794658][ T7645] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048) [ 111.908063][ T7647] overlayfs: missing 'lowerdir' [ 111.913423][ T7647] lo speed is unknown, defaulting to 1000 [ 111.917495][ T7647] lo speed is unknown, defaulting to 1000 [ 111.921273][ T7647] lo speed is unknown, defaulting to 1000 [ 111.970158][ T63] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 112.015202][ T1454] lo speed is unknown, defaulting to 1000 [ 112.017891][ T7647] infiniband sz1: set active [ 112.019622][ T7647] infiniband sz1: added lo [ 112.041411][ T7647] RDS/IB: sz1: added [ 112.043143][ T7647] smc: adding ib device sz1 with port count 1 [ 112.045374][ T7647] smc: ib device sz1 port 1 has pnetid [ 112.048539][ T1454] lo speed is unknown, defaulting to 1000 [ 112.052815][ T7647] lo speed is unknown, defaulting to 1000 [ 112.141933][ T63] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 112.146023][ T63] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 112.149348][ T63] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.164067][ T63] usb 8-1: config 0 descriptor?? [ 112.255099][ T7647] lo speed is unknown, defaulting to 1000 [ 112.490458][ T7647] lo speed is unknown, defaulting to 1000 [ 112.550987][ T63] usbhid 8-1:0.0: can't add hid device: -71 [ 112.553288][ T63] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 112.559949][ T63] usb 8-1: USB disconnect, device number 4 [ 112.861645][ T7647] lo speed is unknown, defaulting to 1000 [ 112.900200][ T63] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 113.050161][ T63] usb 8-1: Using ep0 maxpacket: 32 [ 113.054287][ T63] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 113.061157][ T63] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 113.073873][ T63] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.084977][ T63] usb 8-1: config 0 descriptor?? [ 113.098586][ T63] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 113.111436][ T63] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 113.319656][ C2] ldusb 8-1:0.0: Ring buffer overflow, 8 bytes dropped [ 113.947980][ T7689] netlink: 4 bytes leftover after parsing attributes in process `syz.2.478'. [ 113.993674][ T7691] netlink: 12 bytes leftover after parsing attributes in process `syz.2.479'. [ 114.002330][ T7692] ldusb 8-1:0.0: Read buffer overflow, 3 bytes dropped [ 114.006157][ C3] ldusb 8-1:0.0: Ring buffer overflow, 8 bytes dropped [ 114.429254][ T7703] netlink: 'syz.0.481': attribute type 39 has an invalid length. [ 115.041402][ T24] usb 8-1: USB disconnect, device number 5 [ 115.045628][ T24] ldusb 8-1:0.0: LD USB Device #0 now disconnected [ 115.059647][ T7717] netlink: 4 bytes leftover after parsing attributes in process `syz.3.485'. [ 115.664980][ T7727] random: crng reseeded on system resumption [ 115.689516][ T7729] FAULT_INJECTION: forcing a failure. [ 115.689516][ T7729] name failslab, interval 1, probability 0, space 0, times 0 [ 115.693801][ T7729] CPU: 0 UID: 0 PID: 7729 Comm: syz.2.490 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 115.693815][ T7729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 115.693822][ T7729] Call Trace: [ 115.693826][ T7729] [ 115.693830][ T7729] dump_stack_lvl+0x16c/0x1f0 [ 115.693849][ T7729] should_fail_ex+0x512/0x640 [ 115.693868][ T7729] should_failslab+0xc2/0x120 [ 115.693882][ T7729] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 115.693895][ T7729] ? skb_clone+0x190/0x3f0 [ 115.693910][ T7729] skb_clone+0x190/0x3f0 [ 115.693924][ T7729] netlink_deliver_tap+0xabd/0xd30 [ 115.693941][ T7729] netlink_unicast+0x5df/0x7f0 [ 115.693956][ T7729] ? __pfx_netlink_unicast+0x10/0x10 [ 115.693974][ T7729] netlink_sendmsg+0x8d1/0xdd0 [ 115.694003][ T7729] ? __pfx_netlink_sendmsg+0x10/0x10 [ 115.694018][ T7729] ? __import_iovec+0x1c8/0x660 [ 115.694032][ T7729] ____sys_sendmsg+0xa95/0xc70 [ 115.694049][ T7729] ? __pfx_____sys_sendmsg+0x10/0x10 [ 115.694064][ T7729] ? get_compat_msghdr+0x11a/0x170 [ 115.694083][ T7729] ___sys_sendmsg+0x134/0x1d0 [ 115.694097][ T7729] ? __pfx____sys_sendmsg+0x10/0x10 [ 115.694127][ T7729] __sys_sendmsg+0x16d/0x220 [ 115.694140][ T7729] ? __pfx___sys_sendmsg+0x10/0x10 [ 115.694159][ T7729] ? rcu_is_watching+0x12/0xc0 [ 115.694172][ T7729] __do_fast_syscall_32+0x73/0x120 [ 115.694190][ T7729] do_fast_syscall_32+0x32/0x80 [ 115.694206][ T7729] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 115.694219][ T7729] RIP: 0023:0xf7fc3579 [ 115.694228][ T7729] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 115.694239][ T7729] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 115.694248][ T7729] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0 [ 115.694255][ T7729] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 115.694260][ T7729] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 115.694266][ T7729] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 115.694272][ T7729] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 115.694285][ T7729] [ 115.789102][ T7732] netlink: 16 bytes leftover after parsing attributes in process `syz.2.491'. [ 116.168616][ T7744] lo speed is unknown, defaulting to 1000 [ 116.197096][ T7746] lo: entered allmulticast mode [ 116.201378][ T7746] tunl0: entered allmulticast mode [ 116.205367][ T7746] gre0: entered allmulticast mode [ 116.211825][ T7746] gretap0: entered allmulticast mode [ 116.215696][ T7746] erspan0: entered allmulticast mode [ 116.219572][ T7746] ip_vti0: entered allmulticast mode [ 116.223810][ T7746] ip6_vti0: entered allmulticast mode [ 116.227826][ T7746] sit0: entered allmulticast mode [ 116.234286][ T7746] ip6tnl0: entered allmulticast mode [ 116.237435][ T7746] ip6gre0: entered allmulticast mode [ 116.240929][ T7746] syz_tun: entered allmulticast mode [ 116.244749][ T7746] ip6gretap0: entered allmulticast mode [ 116.249325][ T7746] bridge0: entered allmulticast mode [ 116.252244][ T7746] vcan0: entered allmulticast mode [ 116.255339][ T7746] bond0: entered allmulticast mode [ 116.257704][ T7746] bond_slave_0: entered allmulticast mode [ 116.260924][ T7746] bond_slave_1: entered allmulticast mode [ 116.264265][ T7746] 8021q: adding VLAN 0 to HW filter on device bond0 [ 116.266944][ T7746] team0: entered allmulticast mode [ 116.268754][ T7746] team_slave_0: entered allmulticast mode [ 116.270712][ T7746] team_slave_1: entered allmulticast mode [ 116.272696][ T7746] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578 [ 116.275727][ T7746] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 7746, name: syz.1.494 [ 116.281369][ T7746] preempt_count: 0, expected: 0 [ 116.283038][ T7746] RCU nest depth: 1, expected: 0 [ 116.284774][ T7746] 2 locks held by syz.1.494/7746: [ 116.286541][ T7746] #0: ffffffff9012a3e8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000 [ 116.289561][ T7746] #1: ffffffff8e3bfa80 (rcu_read_lock){....}-{1:3}, at: team_change_rx_flags+0x33/0x390 [ 116.293179][ T7746] CPU: 2 UID: 0 PID: 7746 Comm: syz.1.494 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 116.293194][ T7746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 116.293201][ T7746] Call Trace: [ 116.293205][ T7746] [ 116.293210][ T7746] dump_stack_lvl+0x16c/0x1f0 [ 116.293230][ T7746] __might_resched+0x3c0/0x5e0 [ 116.293245][ T7746] ? __pfx___might_resched+0x10/0x10 [ 116.293257][ T7746] ? __lock_acquire+0xaa4/0x1ba0 [ 116.293275][ T7746] __mutex_lock+0x106/0xb90 [ 116.293290][ T7746] ? netdev_info+0xe4/0x120 [ 116.293304][ T7746] ? __dev_notify_flags+0x18e/0x2e0 [ 116.293315][ T7746] ? dev_set_allmulti+0xa2/0x260 [ 116.293332][ T7746] ? __pfx___mutex_lock+0x10/0x10 [ 116.293351][ T7746] ? __local_bh_enable_ip+0xa4/0x120 [ 116.293367][ T7746] ? dev_set_allmulti+0xa2/0x260 [ 116.293381][ T7746] dev_set_allmulti+0xa2/0x260 [ 116.293395][ T7746] team_change_rx_flags+0x1bc/0x390 [ 116.293409][ T7746] ? __pfx_team_change_rx_flags+0x10/0x10 [ 116.293422][ T7746] netif_set_allmulti+0x206/0x3d0 [ 116.293435][ T7746] __dev_change_flags+0x3d0/0x720 [ 116.293449][ T7746] ? __pfx___dev_change_flags+0x10/0x10 [ 116.293462][ T7746] ? validate_linkmsg+0x57c/0xb60 [ 116.293474][ T7746] ? netif_state_change+0xfa/0x3b0 [ 116.293490][ T7746] ? __pfx_validate_linkmsg+0x10/0x10 [ 116.293504][ T7746] netif_change_flags+0x8d/0x160 [ 116.293524][ T7746] do_setlink.constprop.0+0xddf/0x44b0 [ 116.293541][ T7746] ? __lock_acquire+0xaa4/0x1ba0 [ 116.293554][ T7746] ? __pfx_do_setlink.constprop.0+0x10/0x10 [ 116.293569][ T7746] ? kasan_save_stack+0x42/0x60 [ 116.293580][ T7746] ? kasan_save_stack+0x33/0x60 [ 116.293590][ T7746] ? __kasan_kmalloc+0xaa/0xb0 [ 116.293602][ T7746] ? __mutex_trylock_common+0xe9/0x250 [ 116.293617][ T7746] ? __pfx___mutex_trylock_common+0x10/0x10 [ 116.293632][ T7746] ? __pfx___might_resched+0x10/0x10 [ 116.293645][ T7746] ? rcu_is_watching+0x12/0xc0 [ 116.293655][ T7746] ? trace_contention_end+0xdd/0x130 [ 116.293669][ T7746] ? __mutex_lock+0x1ca/0xb90 [ 116.293685][ T7746] ? rcu_is_watching+0x12/0xc0 [ 116.293694][ T7746] ? rtnl_newlink+0x600/0x2000 [ 116.293706][ T7746] ? trace_cap_capable+0x18d/0x200 [ 116.293718][ T7746] ? __pfx___mutex_lock+0x10/0x10 [ 116.293734][ T7746] ? apparmor_capable+0x114/0x1d0 [ 116.293750][ T7746] ? netlink_ns_capable+0xfa/0x130 [ 116.293765][ T7746] rtnl_newlink+0x18e0/0x2000 [ 116.293782][ T7746] ? __pfx_rtnl_newlink+0x10/0x10 [ 116.293796][ T7746] ? kernel_text_address+0x8d/0x100 [ 116.293806][ T7746] ? __kernel_text_address+0xd/0x40 [ 116.293815][ T7746] ? unwind_get_return_address+0x59/0xa0 [ 116.293828][ T7746] ? arch_stack_walk+0xa6/0x100 [ 116.293846][ T7746] ? __lock_acquire+0x5ca/0x1ba0 [ 116.293861][ T7746] ? rcu_is_watching+0x12/0xc0 [ 116.293871][ T7746] ? trace_cap_capable+0x18d/0x200 [ 116.293885][ T7746] ? find_held_lock+0x2b/0x80 [ 116.293894][ T7746] ? __pfx_rtnl_newlink+0x10/0x10 [ 116.293907][ T7746] ? __pfx_rtnl_newlink+0x10/0x10 [ 116.293918][ T7746] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 116.293932][ T7746] ? __pfx_rtnl_newlink+0x10/0x10 [ 116.293959][ T7746] rtnetlink_rcv_msg+0x95b/0xe90 [ 116.293975][ T7746] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 116.293996][ T7746] netlink_rcv_skb+0x16d/0x440 [ 116.294010][ T7746] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 116.294024][ T7746] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 116.294046][ T7746] ? netlink_deliver_tap+0x1ae/0xd30 [ 116.294062][ T7746] netlink_unicast+0x53a/0x7f0 [ 116.294077][ T7746] ? __pfx_netlink_unicast+0x10/0x10 [ 116.294096][ T7746] netlink_sendmsg+0x8d1/0xdd0 [ 116.294112][ T7746] ? __pfx_netlink_sendmsg+0x10/0x10 [ 116.294127][ T7746] ? __import_iovec+0x1c8/0x660 [ 116.294141][ T7746] ____sys_sendmsg+0xa95/0xc70 [ 116.294158][ T7746] ? __pfx_____sys_sendmsg+0x10/0x10 [ 116.294173][ T7746] ? get_compat_msghdr+0x11a/0x170 [ 116.294192][ T7746] ___sys_sendmsg+0x134/0x1d0 [ 116.294206][ T7746] ? __pfx____sys_sendmsg+0x10/0x10 [ 116.294249][ T7746] __sys_sendmsg+0x16d/0x220 [ 116.294263][ T7746] ? __pfx___sys_sendmsg+0x10/0x10 [ 116.294275][ T7746] ? __ia32_sys_futex_time32+0x1d9/0x460 [ 116.294293][ T7746] ? rcu_is_watching+0x12/0xc0 [ 116.294303][ T7746] ? rcu_is_watching+0x12/0xc0 [ 116.294315][ T7746] __do_fast_syscall_32+0x73/0x120 [ 116.294332][ T7746] do_fast_syscall_32+0x32/0x80 [ 116.294348][ T7746] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 116.294361][ T7746] RIP: 0023:0xf70fe579 [ 116.294370][ T7746] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 116.294380][ T7746] RSP: 002b:00000000f50cd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 116.294390][ T7746] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000140 [ 116.294397][ T7746] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 116.294403][ T7746] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 116.294408][ T7746] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 116.294414][ T7746] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 116.294428][ T7746] [ 116.294504][ T7746] [ 116.393194][ T7724] PM: hibernation: Basic memory bitmaps freed [ 116.393607][ T7746] ============================= [ 116.393613][ T7746] [ BUG: Invalid wait context ] [ 116.393618][ T7746] 6.15.0-rc7-syzkaller #0 Tainted: G W [ 116.393625][ T7746] ----------------------------- [ 116.393628][ T7746] syz.1.494/7746 is trying to lock: [ 116.393633][ T7746] ffff8880682a8d30 (&dev_instance_lock_key#3){+.+.}-{4:4}, at: dev_set_allmulti+0xa2/0x260 [ 116.470328][ T7746] other info that might help us debug this: [ 116.472236][ T7746] context-{5:5} [ 116.473417][ T7746] 2 locks held by syz.1.494/7746: [ 116.475039][ T7746] #0: ffffffff9012a3e8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000 [ 116.477924][ T7746] #1: ffffffff8e3bfa80 (rcu_read_lock){....}-{1:3}, at: team_change_rx_flags+0x33/0x390 [ 116.481284][ T7746] stack backtrace: [ 116.482491][ T7746] CPU: 2 UID: 0 PID: 7746 Comm: syz.1.494 Tainted: G W 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 116.482512][ T7746] Tainted: [W]=WARN [ 116.482516][ T7746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 116.482522][ T7746] Call Trace: [ 116.482527][ T7746] [ 116.482531][ T7746] dump_stack_lvl+0x116/0x1f0 [ 116.482550][ T7746] __lock_acquire+0x3ff/0x1ba0 [ 116.482566][ T7746] lock_acquire+0x179/0x350 [ 116.482579][ T7746] ? dev_set_allmulti+0xa2/0x260 [ 116.482594][ T7746] ? __pfx___might_resched+0x10/0x10 [ 116.482606][ T7746] ? __lock_acquire+0xaa4/0x1ba0 [ 116.482619][ T7746] __mutex_lock+0x199/0xb90 [ 116.482634][ T7746] ? dev_set_allmulti+0xa2/0x260 [ 116.482648][ T7746] ? netdev_info+0xe4/0x120 [ 116.482661][ T7746] ? __dev_notify_flags+0x18e/0x2e0 [ 116.482671][ T7746] ? dev_set_allmulti+0xa2/0x260 [ 116.482685][ T7746] ? __pfx___mutex_lock+0x10/0x10 [ 116.482702][ T7746] ? __local_bh_enable_ip+0xa4/0x120 [ 116.482716][ T7746] ? dev_set_allmulti+0xa2/0x260 [ 116.482729][ T7746] dev_set_allmulti+0xa2/0x260 [ 116.482744][ T7746] team_change_rx_flags+0x1bc/0x390 [ 116.482757][ T7746] ? __pfx_team_change_rx_flags+0x10/0x10 [ 116.482770][ T7746] netif_set_allmulti+0x206/0x3d0 [ 116.482782][ T7746] __dev_change_flags+0x3d0/0x720 [ 116.482794][ T7746] ? __pfx___dev_change_flags+0x10/0x10 [ 116.482806][ T7746] ? validate_linkmsg+0x57c/0xb60 [ 116.482818][ T7746] ? netif_state_change+0xfa/0x3b0 [ 116.482833][ T7746] ? __pfx_validate_linkmsg+0x10/0x10 [ 116.482846][ T7746] netif_change_flags+0x8d/0x160 [ 116.482858][ T7746] do_setlink.constprop.0+0xddf/0x44b0 [ 116.482872][ T7746] ? __lock_acquire+0xaa4/0x1ba0 [ 116.482885][ T7746] ? __pfx_do_setlink.constprop.0+0x10/0x10 [ 116.482898][ T7746] ? kasan_save_stack+0x42/0x60 [ 116.482910][ T7746] ? kasan_save_stack+0x33/0x60 [ 116.482920][ T7746] ? __kasan_kmalloc+0xaa/0xb0 [ 116.482930][ T7746] ? __mutex_trylock_common+0xe9/0x250 [ 116.482944][ T7746] ? __pfx___mutex_trylock_common+0x10/0x10 [ 116.482958][ T7746] ? __pfx___might_resched+0x10/0x10 [ 116.482970][ T7746] ? rcu_is_watching+0x12/0xc0 [ 116.482979][ T7746] ? trace_contention_end+0xdd/0x130 [ 116.482993][ T7746] ? __mutex_lock+0x1ca/0xb90 [ 116.483008][ T7746] ? rcu_is_watching+0x12/0xc0 [ 116.483017][ T7746] ? rtnl_newlink+0x600/0x2000 [ 116.483028][ T7746] ? trace_cap_capable+0x18d/0x200 [ 116.483040][ T7746] ? __pfx___mutex_lock+0x10/0x10 [ 116.483054][ T7746] ? apparmor_capable+0x114/0x1d0 [ 116.483068][ T7746] ? netlink_ns_capable+0xfa/0x130 [ 116.483080][ T7746] rtnl_newlink+0x18e0/0x2000 [ 116.483095][ T7746] ? __pfx_rtnl_newlink+0x10/0x10 [ 116.483107][ T7746] ? kernel_text_address+0x8d/0x100 [ 116.483117][ T7746] ? __kernel_text_address+0xd/0x40 [ 116.483126][ T7746] ? unwind_get_return_address+0x59/0xa0 [ 116.483138][ T7746] ? arch_stack_walk+0xa6/0x100 [ 116.483152][ T7746] ? __lock_acquire+0x5ca/0x1ba0 [ 116.483165][ T7746] ? rcu_is_watching+0x12/0xc0 [ 116.483174][ T7746] ? trace_cap_capable+0x18d/0x200 [ 116.483186][ T7746] ? find_held_lock+0x2b/0x80 [ 116.483195][ T7746] ? __pfx_rtnl_newlink+0x10/0x10 [ 116.483207][ T7746] ? __pfx_rtnl_newlink+0x10/0x10 [ 116.483219][ T7746] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 116.483232][ T7746] ? __pfx_rtnl_newlink+0x10/0x10 [ 116.483244][ T7746] rtnetlink_rcv_msg+0x95b/0xe90 [ 116.483280][ T7746] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 116.483299][ T7746] netlink_rcv_skb+0x16d/0x440 [ 116.483312][ T7746] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 116.483325][ T7746] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 116.483342][ T7746] ? netlink_deliver_tap+0x1ae/0xd30 [ 116.483355][ T7746] netlink_unicast+0x53a/0x7f0 [ 116.483369][ T7746] ? __pfx_netlink_unicast+0x10/0x10 [ 116.483384][ T7746] netlink_sendmsg+0x8d1/0xdd0 [ 116.483398][ T7746] ? __pfx_netlink_sendmsg+0x10/0x10 [ 116.483412][ T7746] ? __import_iovec+0x1c8/0x660 [ 116.483424][ T7746] ____sys_sendmsg+0xa95/0xc70 [ 116.483440][ T7746] ? __pfx_____sys_sendmsg+0x10/0x10 [ 116.483454][ T7746] ? get_compat_msghdr+0x11a/0x170 [ 116.483469][ T7746] ___sys_sendmsg+0x134/0x1d0 [ 116.483481][ T7746] ? __pfx____sys_sendmsg+0x10/0x10 [ 116.483501][ T7746] __sys_sendmsg+0x16d/0x220 [ 116.483517][ T7746] ? __pfx___sys_sendmsg+0x10/0x10 [ 116.483528][ T7746] ? __ia32_sys_futex_time32+0x1d9/0x460 [ 116.483544][ T7746] ? rcu_is_watching+0x12/0xc0 [ 116.483553][ T7746] ? rcu_is_watching+0x12/0xc0 [ 116.483563][ T7746] __do_fast_syscall_32+0x73/0x120 [ 116.483580][ T7746] do_fast_syscall_32+0x32/0x80 [ 116.483595][ T7746] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 116.483608][ T7746] RIP: 0023:0xf70fe579 [ 116.483617][ T7746] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 116.483627][ T7746] RSP: 002b:00000000f50cd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 116.483637][ T7746] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000140 [ 116.483644][ T7746] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 116.483649][ T7746] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 116.483655][ T7746] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 116.483661][ T7746] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 116.483670][ T7746] [ 116.659970][ T7746] dummy0: entered allmulticast mode [ 116.663418][ T7746] 8021q: adding VLAN 0 to HW filter on device team0 [ 116.667119][ T7746] nlmon0: entered allmulticast mode [ 116.669690][ T7746] chnl_net:chnl_net_open(): err: Unable to register and open device, Err:-19 [ 116.673685][ T7746] caif:caif_disconnect_client(): nothing to disconnect [ 116.676567][ T7746] chnl_net:chnl_flowctrl_cb(): NET flowctrl func called flow: CLOSE/DEINIT [ 116.680259][ T7746] chnl_net:chnl_net_open(): state disconnected [ 116.682853][ T7746] caif0: entered allmulticast mode [ 116.685139][ T7746] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. VM DIAGNOSIS: 01:41:28 Registers: info registers vcpu 0 CPU#0 RAX=00000000001d287f RBX=0000000000000000 RCX=ffffffff8b69a3e9 RDX=0000000000000000 RSI=ffffffff8dbde62f RDI=ffffffff8bf48b60 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e10 R8 =0000000000000001 R9 =ffffed10056465bd R10=ffff88802b232deb R11=0000000000000000 R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90854c10 R15=0000000000000000 RIP=ffffffff8b698c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880977e7000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7496188 CR3=000000006abd5000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000037ff07 RBX=0000000000000001 RCX=ffffffff8b69a3e9 RDX=0000000000000000 RSI=ffffffff8dbde62f RDI=ffffffff8bf48b60 RBP=ffffed1003adf488 RSP=ffffc9000046fdf8 R8 =0000000000000001 R9 =ffffed10056665bd R10=ffff88802b332deb R11=0000000000000000 R12=0000000000000001 R13=ffff88801d6fa440 R14=ffffffff90854c10 R15=0000000000000000 RIP=ffffffff8b698c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880978e7000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c2d1314 CR3=000000006c6c3000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000036 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854c5bf5 RDI=ffffffff9ade4c80 RBP=ffffffff9ade4c40 RSP=ffffc9000c1be8b8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000036 R14=ffffffff9ade4c40 R15=ffffffff854c5b90 RIP=ffffffff854c5c1f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880979e7000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f50cdda4 CR3=000000006cdb9000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=ffff88801bf08af0 RCX=0000000000000001 RDX=0000000000000000 RSI=ffffffff8e3bfa80 RDI=ffff88801bf08af0 RBP=ffffffff8e3bfa80 RSP=ffffc900005e7478 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffff88801bf08000 R13=ffff88801bf08af0 R14=00000000ffffffff R15=0000000000000000 RIP=ffffffff8b6995ab RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097ae7000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f30f4128 CR3=000000004a16b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7462ff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000