last executing test programs: 4.497256082s ago: executing program 3 (id=380): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$tipc(0x1e, 0x2, 0x0) connect$tipc(r1, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x5}}, 0x10) r2 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$apparmor_exec(r2, &(0x7f0000000200)=ANY=[@ANYBLOB='exe'], 0xb0) write$apparmor_exec(r2, 0x0, 0xb1) sendmmsg$inet(r1, &(0x7f0000006740)=[{{0x0, 0x0, &(0x7f00000056c0)=[{&(0x7f0000001240)="80349c0d9e8fcc9f44658138dc4a3c4ad42f918348474a5bc38ff0e0571fc22c8eb5cb22fdf30ced1a4c1ccb5e5b35fed7db48c1a8a7132adc5623d146ddfe2254dd2579b4284b53d1cea6206864473d31bdb00c9d1462458b678827e80c94d88099e7471a58b1463086f9cdd1ccc19fa2fc4a9dd5a56fe782d15e66648c7630f1aaa7e9820460c46e292dbb8fa6f6701048ff17f46097b1ee0750ed038f18b81b2ba014bf866062c9a6f88b5d07e13b7eddd968ba9c7a53609c7b61471a51fd85bceebc0a92b2cd7c45a7f4571e693abebc3c5ff16c8128d92476", 0xdb}, {&(0x7f0000000280)="5b4ea50f20d7212327afde5e7a457cde2dff791c69fbc3", 0x17}, {&(0x7f00000002c0)="851d8a90d516f218f839a7c48edfe734b2490c90a2fbf5be3383f1c9f5be8e55148723ac0258ef4f8af1f5e0b0a86885f018523d60072c7d9c1568700b3abe208fbd5dad2daf18b5150a530d816bf4cc6e43da4f2793611b38009e8c0970268cf5836926fd1223f4f8bec6a4a68b2aaff7af151a661793a04cd9b936da8f53eae22356781c580df817f3168269eaeeae014fa9b1878bd89e2acb4853ffd7b9a06d7f5ff090c605f5d343e6d93c80d747365d21acea325c44fbb87f6271a2d9333e9b9dd1d36dfea61641d34fd54cd2970ac14acdadd04357bdd44bc926d0adef887b2e25c2f435ce79bac1d1f473c3a49a12aa5c5cfa4bfa4fd2470308ed259e62c218aee67006a3ca187c9aa13a806d99b2275341fd6022940537b1cb1fd2389f417ea92c6e77a09a9d09a98c4e2f0912d36b47588ff991aa98c3c650055bacb669aaf68dd4f8a7b43569c9af62e7cee6ba05278fe8642feafa5c436cb13fa45b3cdf750f8956c493acf7c561b12259331a363c74fb5f2947652ced415b0986b673680e8ad7bad823ff84c30681cbe45114510d9aa6f423f212bcdf1c244178ae31474d9f176707e9c481057f72d489372f7daeba51e3ea86895c8eed109566ad19f3957d0df21a671fce2d674c207d8643c85a018834f4e8e3992e6991d815", 0x1e0}, {&(0x7f0000001440)="f0e266805aba28ca0c0d67b3479e1c7cb90d64b8ba8093c11696a92981d4fdd1f40043ce52efdea3f8d7b9ba23840df17c5a35207d6fc677263be310a063adb7b1528b8a04ec5b50d2cfa0df73c57f16a94941e8fb22f429a1f34b5b01514fefc4bd79a2cb936cf2eae82bd7b628431ae2d7b61059b35abc6ee24fd40e3c1bd6106af177bc4670395df7238a420fecf1e6ed3fe8906c3a2843215618fcb72ae77c6d36feefb4d45157e5d35fb4bf297d15ca042520f08e85ad2d7c5045fc7c4a2a8b6e149fc755d70437b3835083ee9fc662afbf840ab97f0adcdde20099bb22e909b937696e9d950ca0a361dfa8f5453454696927ae5a2401340264bdcdcd86941c18b536bdccb964461679d1b62855dadee9b66e5d494183283808c706247cdf83b45c44178775fc957483923b717724549dbe2f9a092fa07e93a7772d16bfbff9a0dd14d48d30b1e4f8206f92cf2fe08a7702f73404b79e77dec1b694e8a7c588a7bb2d770122291b10b456c4419dda49da0433a0aa5f0be221d29b45082b4f9521c2a1fbae507aa2652123619b78f340f01523bf9e6089e8e8186af2b85476d7059226f07467a6e036bf8808f2e9070b2a94ac1c64ec066def276c362a1d4a830edf754783f0a1e52e1adc4f6ca2d7200fd73b9cda79ccfcf57a27f60e184ebe12c4daeb214c2057b69719db280e0dcc2d10b085c7ab8e2394bae44893e3f335a3121bae3a33c32b004ab7bca48726029b77a6c784d2af3789fd520e37009d103c0a63598fa5857ee1b86a38a9feaf1d1f512d1884861c13d647d26888430e2f15e78cdd6a4c875e52de709dfdc4af4775ce03d7c8c3ff2b9fbae82dbabf11460bd1bc1ffe10c5062a265fd211a2b52a41613cc03917b8d34591885396369d1d172df31244a236c49d4457a936848684b59e326872d58c5db20684d1194ccb7ecbf5017f0f702f29c75cdeea09619db8bf00b41b1a165af13b3810d7f7b6a681aef628190f4fd53244a650b0500df500946792d003f2d2f0ba3c57f8257c0cc897cb1dabd63870ef86378a14e7f5068ea6a2311414656d766fb24e43c2a57b44cb1dc584d71e91628348790dc6a9adf85bc403a934e7603f7b45473407cf1395163b3efc9e880963bbd98140adfd624ccfc1141cd899826261e152265b9307695488c0cbad9027bf74b6f0c7adbc9878983d96e6026c818ac30fac3e2392e1c8fdab8ccf902d0915a471701083949efafc7a2e05608139fd0ef22d834ff02569878579c43635ad2d56d7cdfacaba8a3adc47c7fd42e521ca6b14726e68f67e2662c972bf9824ba847e22985400fad74280c22a0636aee80eeb7ef0c691cee94573ec78b53d43316ba691fd5274d1ff8085e297d2781a31f704dfeb58db9fa216c3356341207e953712de9ef27018bdfdddba8abc0c5f205908f12a42685ecc0c20cd92a57bba45a435f7bb412ccab1a6d877392971de8b808af07ea32b102dbcd7d00c869ad5cd8f5a5895b3d6dfef226d51d819756a85ffdde3d08f59fbbb7510a9ac3568f8f039fa7abc7b34685f3579050e88773cb4bb7958ff83aba1f23c8ab4ecd019c59781d47bcc50c64a957c3fa37311a240649313f77fa81020a5da0560d3bdabe6001ab6792ad782fe0e44bbb59efd4a524984742940563dd9e9a0226925324ac94373a9dcb16f32183ef3f465a13b83974f593e664f53131241e2133ce22917fbb412354a51026847f92aa7afadb1cdf51677fc2fe5938812ef17ae79f4db75afdfce3c5b8822dd612457b5f59dd616acdc473e97afb83f3c9789f3df399a2c3c89e8b5e6db33a306168b0cd4e8acbbd6ac81dd46cfb2f7d24b609d009049784611d027daa0cfb12111c1236aa010796cc687cbb151ba30e3a786ee8bfdae51e65a0c3667f7b8856089621742bdc19ad66f60eb48bd7f20b0ac2a523e89e6a7089e3704f266c52c58994e018e5d20b77a0413c71cafd420d9e0abb77e9f1199aca31f6d94372ca5736c749c197cac572e4962fc089f866a896763cd7b804c8e7211bd3a64f1ed12d65182deb850279ecb530683551bd50214e03b9f813431688dadf4caaf77d2e8b20d3e5c424243ab50f9c20462cea0f38eb080b02074e3e77a236d4ec929b04d134dcc5f767736c096794be3aec9f1195b87862128b436fbd0305a6ad6ebb0b2167e184c1de57048144b7567a6ad6c028c4b8a78858925f0ed415313da984484f753d14234d30964aa3d15af13337b6e5338d4f787abc18e0ea4d9656aa3c1d3eee0854078470a0e724062fd61a95f17516ca92faae8397ce07ba558a689ea49d25685a28c68fbc533892827829692d65a15711f0d14f7f685095f6c5dd085b30ffc4dfd9097157c1fab80023d24912861e87d1e484fe5a4476743dcb983d3eecabfe168db03f888432d8b1639e89c8f0513dc36ca8969ec364d28814fa6e21f979020df1292d772cd20c0eb4a5888f38d8d129e30ffee29ab6baf3b2f3a509e02d26b354f1ebe3531fe97968f1f678937b36f3684a8c100030a2328941dfc09574f7cebc26337cd4b2a6fc0b92affc3f3f892542e46fd6cfc2780c0b8a916b3fbb7f33a2537571b06643d82f86e2156740e024b360f48b844797971383610dc93abedc9945ec26d6a56e2701522e3fd6b77d4647a137346985af549d8944c652ddd797e1856a30f296258eb275981bc9432f38532d6e141d603b002c75247b3e71b39dbc01e8e64bc0cd510bd1700685a95ead8fb3fe8fbd72be2e8f9f5a9f1b2c400bfdc0aeabb14a7538c9a38a4839bf41120f2c2aa00277a327d7dff15f52854146a94ea41e4f14a15443124c6bcff43489e7e242c8315ed8d542377fefb6002292c1adc571c730d67b8dab5a4da06659fe7b69bac3147ef39fc877c323edbb9912886ab468c530a8d7844692010ea93effd20f4ccc47b3ff51f378c12b1d03155d49772f14d65bf2ce38f589ca4647b6713ae081fd13e74b307aba8bc34a4406d78c26ccfdf328f5c273b294f6c6419cc157eca59939ec4c0b95cc6d5f97c83c3f14aeb5b88910ec29cf64496d9b1b855fe073d4791507c7533846cdd7810667427583b3a8b7febb2c43643c09bebbb12c08781ac9d0995723fb47febef49e0d6631f054e5b3b3a284391590cfb5d5cf4aaa71586cb37b9fffa15848176da20969e88ed87dd8a4fa2b5140fd56f0a9973217f8ce0c6ee50b67214b6d7d6b84d41d83694a14b2e96f0cb79b49f5fe4dd21727c00819e83b6ea203bada46e9ae8ce7bebaf24f05fd20672e4230b3851b8f05bb2f0977dda7c8cdd1f2689b7a10a72018ff76699e53b2a3f77bf7fa03fe3cf85d4859c9db915fa5c1ddff79e77d0b1b6316d3e50d0d60a42271332f3e81376f120836cd3ea55b7f1453833a7bce0058f79b698a4bd0e857ae35b8ac8f20ed8f238475757af11ce7b450cf89191a4f27a365f594ef68efe6ea1a5c3518712b1aa37a1f47e05f85debfa461f5346d985a71e49ef17f4eb068862977d56671d445176934be6b5318300d7debf3ad8d7da0c014b25af2d8fa52753974116a8cea6c974692f5de03b526a075cc3bc8a4375333f0ef09dd3c361738a151f326ba3253c171f8f7876107eeac122a65124e59dfe7c66bb9546d6428559df314063ac08c03d96b04b6a91508371fa18348c65238546f3d489c7efc1bd01e6e389fbeaa8f125bc7b7c8673904eb676bbdfa3680fea612ba20fab20cdd411c2bafe0417b76852de9e863f09d291bf59510ead793cfd9d6710c0de77cefb5b65481d3aabde2683457b13e3b32ebc06f60d5afa47e36f652a95bd16dcf55dd3e1b05d0df9b8a183553097c2aa95aa175eda6792f58a74170781260e6120981549b3836d13ef037178dd8ddcb5a5624f3790f9d92b0f8f3cd11bddf478cd79456db871f32dd6e24948dd762ba2c22a94300f527c1df5ff05aef5ae4893ff88adc8f7af779d03fcb4ecabfa32460315f27505681242064541657acbb29f531043ce1d04ad189045140232f24f46d0580ada560c61fa4a90aec4743a9a0d466493476923cdff87a21127bac3da7d61d674d8bc9bd63cc3df85c707a912773e090256d5a0bdc5da8ceae2ca25c596410982b63055e6d292a31776cefe58457cb6b5cb92a2c69ed5eeed35e4ea3d6b54ee22e41dea28adac6e1eeadf604f0ef3a67c86974c3ecacdb7f502c74ed31138123dcb80282dbfb0ea0fc2a6016dccecbcbe4952c27b09e7abf784db6b7cc55366d048f16f6473a268b90a1c9b9c612f88bed9008308b11e47d79329cbefc3f313863eff4a16e6a70c41a296d3042a1164d0578297642ec82da1f92dfaa6a67ff9cfcd1b3e88fc442246a303a0e539ce65ad6fcb6d8657937cd88d4c30fd369f2bef0308f5db8824919139b25f82f56e24ef4cf1feda07c3bef9dd215575ed774dc05603f4664332c7b002c48d873bf1ebec930a273efc78dafe153f7eba9161002ca9a8fa855bc357f3a67810fc081b9ae9b4f69401ef93d039c7c1398fa8c9eeb1ce001e08e9231ce2c2beacdafe2955d4056e18d4d09ed22a996666d4df5ca91c37663bb54eb42fe39712736fa0e64ad4f8ca843fe52702c9ae48e60a3f5eac160f58ff3cb80684120845b9e34bc1aecb19662b1a429926ae351d004eca1d367fcb34facbeb2184716c5140a7e420c7f4379b0c43ce872b62723a587d9ad528c2aabf158cefa2df3422203b5cc73e9443825089527700b69a2331e0558a9b1e9d3e69a59896e6cf4df46b41a8cbb0e598a874fc23b16a6eda6eafde02451f0255ff9e6d1bd007c86dee8b6ae875752415b8057b916a3fe7b35cfcf7d38a50e461f1fc1d6a4541ba4079e1f21d0ea2a5ce4aad561215a1d75a2599c757cd6025753fc0578e4b7f4195ad025c46d50c5c351af1ce1e8f8c35439c8598293cd59d2e90a1445497b0249a314379dd13e95f00f2d8240190da9e12adbdd809b1a96900054db156d2893f7998aca02c86f61478a9b21e9e11a6f4b9f7f382243739e492e9048ed9c7b0b8118d966c0f41709abd171873c498a3168639bb2451e0f65e93755fc9cbf3b996ed0873a8256a579372146c3a1e749a9a640f8e9c01af2d0fdd34f2b5fcf4e0bac0b7becd41851359f89dc17156b6ddbd6377c05a059cde362397f28ae2cbbdac107142b40913aaf059d897039ce3fda8c29ae93210676e44f131f78e78d68d858bb7fde230a2f0fd542c5e8374fdc11a488da9de28bc3992a8d74089de36a732110c841bbdc5f24f71663d9a5f5209791fb7027749be23cdb3380f581151563d3707290cd31b28c13139b8e041cd72af3ad9b0fd0b3f131608a8ec5d80c4e7cd458abebae0244c921ef69a4ea0e9a2c2073bd13b49f574a7e278c7ba08c22d89b678a3cd814e8d0dea0101d95f789ada5178f46a4c6beb8dd12352cec179c886ae98ac2bc4382acb565df99eaff3f6824536ef7de884176ea3ca14a9f225f8ada2aac871e7c35df92943600cf7961b8eefdeb70d985fbc93252c978c5c773b4f2ab4b7683e2563d36ebfa4355969f6201e4bcac04ede3c6c9a18ed23f23ec331cbe2d645fa4ffcb2c742ba4905788c27a9bc97536dcbc08d3cbdd2f7195acc0f0eb3cf52aad9a1d23a1dd3633a49a482a1c1eb8761dcc7474f0fd4596a661b7668ab22ebecbfe33886b9b4a0c250380a9a34fefd9724ff89b32e5622258287b3281bcccd0bade4e260b6fefe73219c41f2de521587404ac1d2de4e2999202b3870099718115552aac2d446e6", 0xfff}, {&(0x7f0000002440)="253c10cd0a56ebbb9e8b465670109c340c95f1d27d36cbeb7fa948545e9b18da346b70b5dc6ea12ad1a30e4f7038336f1af1d61b04de988f1755e9b3ba9919b2a4952ceda920a7f0e22dd239d4a74f2d1c854bc64f09f979aa3e9f5c25ff8ec189e5d809483583f648cd8870291200e428", 0x71}, {&(0x7f00000024c0)="2ba671ae8107530b978dd82841597ed8f4275ed9e6b9f7b73ee6324ddf688ad9d88125b82afd2e28aef7183086ce0dd4ee880fc56a2ca8b52ef8f5b5f3e475f49b0bcd201fe612703d680fdd1151dd32535b04d4697d472c7750d6c4c197162e9f872253b611b1ca20e79dcf40d1faf58a453f8db9a03fdd351b54ad4e77fa0fda7990bb281079ae7ba3994aef7380e1d6342305e2d12c57379fd12e784f48e4e832171df4576c8724e3bfd70ebc92fc11914cd4", 0xb4}, {&(0x7f00000025c0)="96cb9dfd0c61d5ed863c5a35109d427201da53416c37631f95451a170fdb734214157996b04630903a7ad20aca669b5120871c47c6ef4e5975222b9676223895144ae5c2898ba0e94642e43e374bf9515c7e840e62021f25181401bda4c4d2d77867390c0a05af019adabfe896d7824f0dcb1724c64da40478808059ea83fa60145e108809ca25edf6ab820f23a5ce2b1779aa8c037a26d99df56f39ff5beca1c1e0cbfd69e415971a02f5115f6da0ba6da9be9772efa870aa6b62774ce009e7bcca4b4a7a910aab97e7f3da899eaaf573ac8a926a7be9b5875b3bb707ae9124ead39e70948bcf654b6b4342043f756323494e4ec559866c5a480c3b156c0427f1cc1d373b77424ea38e3697e36dcefd261575e5516bfcedc7baa8cbebed0ce49dd27e6291dd6f968eaf37f13313ba0bd22b6a63496be04a42df10fef87386434103b5ef819a969e8792a7765dc52c310fbe89851eaf8b2eabcf27bd487f817d48a54b0c7e8b151f0941a6f4adcf6a4486f96f8d18a2928829db333ec08bffe029f4840fdc0433d75157e80b33c3041f193e5c3fb1b7c13d1d7d7a8fe3122ddef181a6534232731c8f91dae42d9a66b9c2e0c6de6da74c24752b53d344b3c9a48ed62705c3e93f7e346c0379a6ec672b3a73dcfc159a79a77bd7b9edd013e3e9832d4dca6f9f973d63d5d235c7e22822e012e4181e102e68b03bdec323db739968061a7ba6fcf9589bd2975520fe9f1b44e52489bf5f5b0125b14bc894f4ff1ad2ba817dad6ab1654a2cacce1cc5160ea4bf3d7011cbf16ad0389b6511448c4186da0a7a55be54031a6d2773ac33aab5d533e7bb213309193f2ca3970e8fffc2fdacbc96e6f49c116b0505385a8bf282589be6b844e2aaaa652459b5d021127f59009020d34932cd03fbe5fea45bdc1f68463c4afe2b5ea8f97dee5e2e6b58196aff00e5ca51a0087f02bcb1dbdd638a5c7590095561578c30904f7ea80072de21fcedd0e41da8e7fe3514eaabc603d770a6fbed5367edb7feb5c5edfda04c7b8a4bfce5c73b876f52fde7dc929f3ffa632eb9514596793533d20fd191b484e902ab104dfc34a8486ba64d3e31c495e043279d8d6b4e6ca3c3fd4ae43529e55be690309e1bc90af2e9188cd5673eea73c75d4decf8972039c086e4b47caee900e1422fd2fbe0303dd5147a9fa487a7b08ad529d0d3db2bae4b26a83de0b15b9b82f26b23336481aca875c48605dc8d25d872920d01e2e163cc13d1f026666f8f54d6fe7895b47939599d168dc98a2de4aac463d98cb39375ac13fadd722b9f1e221d35bde594c9e53aa0f34b235a9d68d8f4841f9455804cd8a7bf05315c5bab2fa8820e956a8161cdd685fc4e1344f9d89189057376a5d1c23273d475aaa72ccbf4b5d8f2863f3f0fe7c0f8b001c065bae68aad9d8878a5edcd8dcbeec07d317c0a81fc84b8b208c60db73c6cf86d46cac98a7df449581d74be7991f1fa6924b76a2d6077aacca10fc777f0d09c5420cfc38c4638957086c9a2065ce94a286da01527bd8b8fd5830f93bcab97a4d0ca13c55b4ee32a49e078b4d79e7b17200fb6a550cfcccd33c681e37bc83c7fcda081a67c2a828e65a75df33e587a05f75fe05aef4078b3482c9078e2edb63c74134f92461044871e4a71f40228d156cbb3beb53eb898e0b6ade2d486a7111ce074510ad957f0eeae0812dd3802db231d9a15948a6b133167eb51dde0199023dfb3471661c7f13f14e786278c551d60929ef969b15d4ea544a9cda830183052ca1072083fb304502f38bcfd46ef64091a2a64bacc55ff3e91f8a7a97f69a9524bdaa60c14d75ddb44e399158c603cded78f42b79a6e9b9c30575289a92558f4d1d9cbb35780c86462cb56d5b474901c17df6ccba95481c004c384b17f99fb29458c9c59666c5305c508561e654d5f1b8ed375231358828b73b487c5f3096211f863375333bb1d3970f7c4cbc7b0f122dbb330b24498f38d804ec0e9c8a5976578bfbc2e46e8d898ec08b3742d5f9ba03d56567f6541f075c4f45eec94a6af78065689e8851294c48f02d48b1266586db86266bd2d0cbb729b567ed7643edf6849f50ca7a28b4ef59433ff22ce0680ffb3348a458ff77b6a796e849cb456df4b443d625d423d10e21bf0bcc785a243cf70ed2ea7c52548cd366ad9af486a4a0171f21ee9d961aa808a69a066aeb0c605fe7a83291ba942df3d11ba1e12da7381d7af20ccbd0de5416ef389c65d1fd0ff209dce808c490707a371b317ce65765082d1c5f67846ddfa65f291117d6e5a795ac2961d56eb24060d8b160d5bd146cd61589c00a108a1dba9e8730157e403cc35b0cd64b3aa66eada80be3bbb974d4642aa76bdf87c2d63134af1c646b1f0bfd218d4e4ebd277ad1cfc9b6f20c4036c6a511cb1ce486c3a563ca9368b10bed088bcfcdab752e0c78a10e550544ee6250d3908e3e7b09b2119f94abc2fdf43d7c82a4ffce81a3f962124ace1108443f41202c6d055d37e99b4eb6287c485acabff03f3a115db1ec790fdc5436e97bf2443c2f707ffb513f6d6494812b2238d679c8787a854ec92126bdc4681803ed4a5b84590e4f00ce956c6c3394773303b0620d118d2290cb229ea3b9bb9de8d719a0f92a50d34909a363f5f6ff906326f917be78c914c78846ef30c9b107b26c0a55401ceabf5b3c669eaa7a1a36d97b01d5da410366e3da5d232fb711d26afd9d4a5016425e47c0ec9b6305673af4cb46526af752011793c322797fb706042da364b6e723b513fd73db6721b00bd80e0923fe075300951d4dfefdd029c3fed21b734bf102f96d58b50bf4edcad014670c2d93eeb4d7bda3d1b70d9e21262c644bb96855895e4c0b32c9ed599d940ac24814b69812c124648428e13d7f72d74feb30288eb78b4a99fadc96589d8a9c7047787aa802514ba28af4d5520ac50928cd75ca92e2934a2e126456bfe1587003e87d9428b1fdb6b7662c44a5fee9d537b7f43822e5b103aeece1aa603215c215de2873e3a6b327c5ed0a0190fb7645034e1839ad165f3f7f80fd793734ac1412bbe20d82aea543792047ba5c5b37ee11988cd7e71cd43547e13c6bbc1ce3cf6aff9727381f06feb83b23b694724d9259d3736eba6ee66ee73a224b8a978debbbc35f8e28cc8267646e5c8cd8076d2044d41eadce01738ab2c7dc763de5a8042b957680223c4d9fdbf65d17e8998444e8db36c50fbe3c9a83e506661a029c4538617d46b6a43675c6dcf283a45b99e44188fd2681a50747e819e7f37496207ec448670fe62a3cb94712abeafb5dd2690ec12b18f8d67d5b0db41a897124f8b94695501aba517447338034bf14d0f99cbf5518aa013e1f35a052b4d27d1247349ff7a83362444372f017fcbdfe972b91c46a0a57f4639204673341ae92bc2dbf2b8d1680b432552850964eb1e14f38995e7e404b1bd1bf63d8d58c7b4ec38e3b9e73959e6509ad9f67d684f62759f5cae90bf8c1781b5800922c312aa634e5748b6181fc37df267eb5c66afc0c9249f9f601136c78d817beddf308c6970ee0e8221abe6fa124f55de7e5e78398004095a175f58cc270840e8c6759627f139e4f9b3b362e2700c5d06da66e862d1016c9f89d18646a6bb823f992342433b03397ed7586f489824a1495d707c81d3885029a47845802ef97856e530789a5cb7239752c6509cdd094212cb4b1b8baa7416cf5000db59418ad7f7a0d7d8e4cb8ebbbe4c40ba0ccc25283b9c933e251fff9871fc01026fafd8eed7ddcbe454b79339be93cd4b25a55af449f5c0", 0xa86}], 0x7}}], 0x1, 0x0) 4.413342314s ago: executing program 0 (id=381): r0 = syz_io_uring_setup(0x110, &(0x7f0000000140), 0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(0x0, r1, &(0x7f0000000840)=@IORING_OP_TIMEOUT={0xb, 0x8, 0x0, 0x0, 0x6, &(0x7f0000000900), 0x1, 0x1}) io_uring_enter(r0, 0x45f6, 0xd761, 0x0, 0x0, 0x0) 4.412902009s ago: executing program 0 (id=382): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) r0 = getpid() r1 = getpid() syz_clone(0x2000080, &(0x7f0000000000)="2cce3b7b564872daefcc2cdd133d77fadfed45a8c0e589c97777e9505c8e45514b54cfa92be1dc5da6e567dfbba13a076fd5296201893a528999c5453da92d38b6586e69360ae4be8a39121fa6aae847ca638ec3f4a57519f09ae73dc4be782d140bec142eb63d065e2949aa133967fdefe7bd3c8fc13caac23d9b11db1ac84f503322c3121917dfa0", 0x89, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)="609491a0bf01038be5dcbd5a1e2ee8182750b3119843d31586865f825e7fc800c22e6145f81e6445078479cd33859886e90af14a36ffda03e08ce9db57a564c3b9936378fd250005e6093bae72be2d68d09bcffe93e59dff4d72ad2099a9dd217e174416d747825e136c605cd559f8ed447e8f3ffdc741d06d459f781e02b6f532df0eb73c0ad746d5acd0c54966f33e5d4c298348c09b564dfd89866cc793d71ad11bd736883ff3552cdce768efff65b86e74b1604837a6c16d661a1f3ce4ade1504b") syz_pidfd_open(r0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x0, 0x0) r3 = getpid() r4 = socket$inet(0x2, 0x2, 0x0) bind$inet(r4, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r6 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) r7 = fsmount(r6, 0x0, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94) r9 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0) r10 = fsmount(r9, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r8, r10}, 0x10) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={r5, r7, 0x1b, 0x0, @val=@tracing={0x0, 0x7}}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000000500)={@broadcast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x8}}}}}, 0x0) sched_setscheduler(r3, 0x0, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1d, 0x6, &(0x7f0000000a00)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e8ba639a67880141cca555077e3a159110193dd2ff1fa7216a446a00683782c3205bfedbe9d8f3b423cdacfa7e32fe0231368b2264f9c504c9f1f65515b2e1a38d52dce18bd10a48b043ccc42646d25ddd73d06d7535f7866907dc6751dfced1fd8accae669e173a649c1cfd6587d47578f4c35235138d5521f9453559c3dc5da860e8efbc6f2b2a3e3173d566a0f06c54c3a4903ef31c4d4acef2ce27e698a3c7a3a48a01010000009f2f0517e4ca0e1803a2971a50f713d4e21b3336f1ae0778f23526ec0fd97f734c4c815bf697e6bd25eac36d4dfafe7cc03b0864009d2e7d7ff6ff72ba8972b122b09789d99b3d0524f39dc09244ba5dbe0f76f7049db5cb19d7962fed44e00f39ed8c13a11fa798de504e2865cd81f290276df9b7ac8d8cd249c8130b018d4300000000000000db3947c8dc7b1b4c4554ffdca8b7fb05000000000000593d60abc9b3e67d127e56f3d3759dcfeb820634fd4d419efaefb24305b2bea20007840484511b6efaad206335a30ef7b9e01446a6285f4665a7fe37da2349f8bf4064726dc32add75e0f435f28fbeda75cf971d54a9690100000000000000c176070bfff7909413f3fbd3ced3284db730b368ddca654dd7836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f00000000000000006952be5cb0417d33d3ab25493418494d9d10d76e603129e9a726579ac7d672cacd581b7e2fc7a5758fcfb822de1dacc357341e000cc34c49914f1aa198a77b3610b7403930fd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66d91254a6f911b1449c62a6e1e3f9ce19a9d1715c009a58e6eadac8f61b45853673df7ce88282dc813f7454ae22d79ac48034282f030408895886e9644179dcf66d93907cedd49e0c5752f7558cbf18b251ce63b29fe177745448ccc925770fac12cf9e291200df6bb669d5a57dd74df817ef2f8848f710c359afe73947afebdf5536ee267258e0d613261c5ab2b8d8b63667ab3401d33b06055162ca577f0965ce0c19a11c74253755b9c544b43c442ea1e9dd43457bc644892075638fef8ae345054df1546f3e04d934e87dd5ec4d7654193e56de857e84c696eed500f80afbe140a12c83467a73bc2c0ce1e272f98f718839b041c64ac6b2fb724f7c5eb3dc217661843a5baa646e9bd8c72b7868014b8bc0e60b8fd493a762b85e470f73756342187620b771a60074e8686510085c2d3b915c10ab4b7fd90c63b8e73c264cc3917a0f4e0ce368a59cec421948be7a0d5b58c216040109f70a15738798fd9b59fe31dc2748028fde470d4252dc7aecf0b074a757662f01d43d27698ed0796cb1be1602e5e85c40822bdf9392cbf549322fc8a4219bb4ba20f3cde8bdb3702f909450db4032765d4be284d8eef7ff608fa6bf9fe4abe881acded27830f076ee6b6bef6b9000000ee2e8cbc4e89269658ea07ee7627397fbe79103b1c5fddceefd1addced50c56b0fc225aaad12819c1ddf703f4e7b65cadc071270dd42f8d7"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r11}, 0x10) getpeername$packet(r2, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000380)=0x14) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x5, &(0x7f00000005c0)=ANY=[@ANYRES64=r1], 0x0, 0x3878, 0x0, 0x0, 0x0, 0x11, '\x00', r12, @fallback=0x29, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000580)={0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000400), 0x0, 0x10, 0x0, @void, @value}, 0x94) 4.263177656s ago: executing program 0 (id=383): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = gettid() r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r2) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r3 = inotify_init1(0x800) fcntl$setown(r3, 0x8, 0xffffffffffffffff) fcntl$getownex(r3, 0x10, &(0x7f0000000140)={0x0, 0x0}) r5 = syz_open_procfs(r4, &(0x7f0000000600)='fd/4\x00') ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r5, 0xc020660b, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) listen(0xffffffffffffffff, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r6) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r7 = inotify_init1(0x0) fcntl$setown(r7, 0x8, 0xffffffffffffffff) fcntl$getownex(r7, 0x10, &(0x7f0000000140)={0x0, 0x0}) r9 = syz_open_procfs(r8, &(0x7f0000000600)='fd/4\x00') fsetxattr$trusted_overlay_opaque(r9, &(0x7f0000000040), 0x0, 0x0, 0x0) io_submit(0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, 0x0}, 0x0) r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r10, 0x0, 0x0) 2.833057629s ago: executing program 1 (id=386): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r2, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000000000000000000800080000014000091ff0f00004500f5ff06ff00010100fc5e15f4c3d3fbd80dad0000", @ANYRES8], 0x125) 2.832219206s ago: executing program 2 (id=387): r0 = socket$l2tp6(0xa, 0x2, 0x73) r1 = socket$kcm(0x25, 0x1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x2, &(0x7f0000000040)=[{&(0x7f00000000c0)="1800000039000517d25a80648c63940d0324fc600b003540", 0x18}], 0x1, 0x0, 0x0, 0x6c000000}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="c8080000", @ANYRES16=r4, @ANYBLOB="010000000000000000000100000014000200776730000000000000000000000000000600060000000000980808806c0200803c0209801c000080060001000200000008000200ac1414bb05000300030000007c000080060001000200000008000200e00000020500030003000000060001000200000008000200ac1e01010500030001000000060001000a00000014000200fc0000000000000000000000000000010500030003000000060001000a00000014000200200100000000000000000000000000000500030003000000d0000080060001000a00000014000200fc0000000000000000000000000000010500030000000000060001000a00000014000200fc0200000000000000000000000000000500030003000000060001000a00000014000200fe80000000000000000000000000002f0500030001000000060001000a00000014000200fe8000000000000000000000000000bb05000300030000000600010002000000080002007f0000010500030002000000060001000a00000014000200fc0000000000000000000000000000000500030002000000d0000080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000a00000014000200fe8800000000000000000000000000010500030000000000060001000a0000001400020000000000000000000000ffffac14140c0500030001000000060001000a00000014000200ff02000000000000000000000000000105000300000000000600010002000000080002007f0000010500030000000000060001000a00000014000200000000000000000000000000000000000500030003000000060005000800000024000100"], 0x8c8}}, 0x0) openat$cgroup_root(0xffffff9c, &(0x7f0000000100)='./cgroup.net/syz1\x00', 0x200002, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"]) chdir(&(0x7f0000000280)='./file0\x00') r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_serviced\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0) write$FUSE_LK(r5, &(0x7f00000002c0)={0x28, 0x0, 0x0, {{0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0x28) clock_gettime(0x0, &(0x7f0000000040)) r6 = openat$cgroup_root(0xffffff9c, &(0x7f0000000140)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup(r6, &(0x7f0000000180)='syz0\x00', 0x200002, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r7}, 0x10) recvmsg(r1, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x10160) sendmmsg$inet6(r0, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x0, 0xfffff001, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}, 0x1c, 0x0, 0x0, &(0x7f00000003c0)=[@rthdr={{0x24, 0x29, 0x5, {0x0, 0x2, 0x2, 0x1, 0x0, [@mcast2]}}}, @dontfrag={{0x10}}], 0x34}}], 0x1, 0x0) 2.773185433s ago: executing program 1 (id=388): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="180200000000000400000000000000008500000030000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$LINK_GET_NEXT_ID(0x1f, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) r3 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4004, @fd=r0, 0x2, &(0x7f0000000900)=""/104, 0x68, 0x4, 0x1}) io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0) 2.640760827s ago: executing program 2 (id=389): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x17) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000003c0)={r0}, 0x4) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000740)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (fail_nth: 15) 2.398954023s ago: executing program 0 (id=390): r0 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000840)=@IORING_OP_TIMEOUT={0xb, 0x8, 0x0, 0x0, 0x6, &(0x7f0000000900), 0x1, 0x1}) io_uring_enter(r0, 0x45f6, 0xd761, 0x0, 0x0, 0x0) 2.313175684s ago: executing program 0 (id=391): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000079105e000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = socket$alg(0x26, 0x5, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mknod$loop(0x0, 0x0, 0x1) mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080)='msdos\x00', 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000f5ff000000000000009474efb164db83dc1cb4"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10) ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, "fe0d00003413000000bd2f027e0c01000000000000000000000004b427180010"}}) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) syz_emit_ethernet(0x0, 0x0, 0x0) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="54010000100013070000000000000000e0000002000000000000000000000000ff01000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ac14143e0000000000000000000000000000000032000000ac1e0001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000fcffffffffffffff00000000000000000000000000000000000000000000000000000000020000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c001c000000000000000000000000000000000028bd7000"/264], 0x154}, 0x1, 0x0, 0x0, 0x4040010}, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000004c0)={&(0x7f0000000480)=[r3], 0x1, 0x800}) r5 = openat$dlm_monitor(0xffffff9c, &(0x7f0000000100), 0x84200, 0x0) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000008c0)=@raw={'raw\x00', 0x8, 0x3, 0x13b0, 0x1110, 0x11, 0x148, 0x1110, 0x10, 0x131c, 0x2a8, 0x2a8, 0x131c, 0x2a8, 0x7fffffe, 0x0, {[{{@ip={@empty, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xffffffff, 0xffffffff, 'ip_vti0\x00', 'hsr0\x00', {0xff}, {}, 0x6}, 0x10, 0x10f0, 0x1110, 0x1c, {0x6}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x0, 0xff, './cgroup.cpu/syz1\x00'}}, @common=@osf={{0x50}, {'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x1a4, 0x20c, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0xe, 0x400, 0x0, 0x1, 'syz1\x00', 0x33}}, @common=@set={{0x40}, {{0xffffffffffffffff, [0x2, 0x3, 0x1, 0x0, 0x4ec1dce344943dfa, 0x2], 0x1, 0x1}}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x10, 0xfff6, 0xdc6, 0x2, 'snmp_trap\x00', 'syz1\x00', {0x6}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x140c) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10) fcntl$notify(r0, 0x402, 0x18) r6 = accept4(r0, 0x0, 0x0, 0x80800) sendmmsg$alg(r6, &(0x7f0000004800)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000580)="9bb8442afce24880561482fd601e617067ef13f027b18c4411422248afc13fa07b2093fff5db991e7351c707c52bb7558eb2b8ca4a213d3e19c3f1fe39dbcbc91cd402da1925cdd3c90e0152f5621fe0a8a06e013318370a253b0ff05ee8e27ae681c18132c0df963837ba001e4fa9a73b8f77789ac842", 0x77}, {&(0x7f0000000040)="552768b9d527f7d3f3e71e", 0xb}, {&(0x7f00000001c0)="648623ce", 0x4}], 0x3}], 0x1, 0x0) r7 = openat2$dir(0xffffff9c, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x200000, 0x80, 0x4}, 0x18) execveat(r7, &(0x7f0000000400)='./file0\x00', &(0x7f0000000540), &(0x7f0000000600), 0x800) r8 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803003a000b12d25a80648c2594f90224fc60100c034002a10800feff000037153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) r9 = syz_open_dev$vbi(&(0x7f0000000640), 0x3, 0x2) writev(r9, &(0x7f0000000840)=[{&(0x7f0000000740)="a14cbf2fdd4b0f971297fd1a6f5e8abffa25779fb74c2af2d85b57850fd0e6f8336ba55ae8e8ee7122479eb8bfe4a18e5dffe2453b85a0f7b5337521de69ec458477f808cd6163d930cfa3dfe41d5bcd1528322d3d639a46b3880875b14636380e28c9f20c840d4a87c04a76adcb7d65d547da594c7cbb1e47ee14c049cfc32d956f8bd200afbcae41a6764fcdc59e9077e2cb", 0x93}, {&(0x7f0000000680)="b2414d4c94aa4d3a3e1974084b4d1560936ae6f1282cd3741b41b637cb4fca06e2d0b36f8f22a2fd0956dc50780b7294a26ca5426fc7257ad03d3fba630002ab58c8d4cf413f5ee8ce11358286af885512b0c3d602950bd3bc68cc5098ae745fcbbcf1052b3e20ac6121b7632a34483181102b45d9f97c0517", 0x79}, {&(0x7f0000000800)="4cc11c6c550bd33d7c0977764bbbd3397d", 0x11}], 0x3) 2.163103788s ago: executing program 3 (id=392): sched_setaffinity(0x0, 0x0, 0x0) (async) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000000300)=""/102400, 0x19000) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1b, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x78, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, @void, @value}, 0x90) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r2}, 0x10) (async) fadvise64(0xffffffffffffffff, 0x6, 0x8001, 0x4) (async) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/address_bits', 0x0, 0x104) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000019480)={0x8, 0x0, &(0x7f0000019440), &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async) r3 = socket$phonet_pipe(0x23, 0x5, 0x2) connect$phonet_pipe(r3, &(0x7f0000000200), 0x10) (async) r4 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r5, &(0x7f0000000940)={0x0, 0xe, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400600142603600e1208000b0000000401a8001600a400014009000200036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) (async) r6 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0) dup3(r4, r6, 0x0) (async, rerun: 32) socket$inet6_sctp(0xa, 0x5, 0x84) (async, rerun: 32) madvise(&(0x7f0000d38000/0x3000)=nil, 0x3000, 0xe) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async, rerun: 32) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) (async, rerun: 32) r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_FREE_STREAMS(r7, 0x541b, 0x0) (async) r8 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r8, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) (async) writev(r8, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1) (async, rerun: 32) shutdown(r8, 0x1) (async, rerun: 32) recvmmsg(r8, &(0x7f0000003e40)=[{{0x0, 0x3, 0x0, 0x0, &(0x7f00000035c0)=""/241, 0xfffffffffffffc93}}, {{&(0x7f0000000540)=@un=@abs, 0x80, &(0x7f0000003780)=[{&(0x7f0000003740)=""/4, 0x7ffff}], 0x15, &(0x7f00000037c0)=""/236, 0xec}}, {{0x0, 0x0, &(0x7f0000003bc0)=[{0x0, 0xe00000000000000}, {&(0x7f0000003a00)=""/190, 0xbe}, {&(0x7f0000003ac0)=""/131, 0x83}, {0x0}], 0x4, &(0x7f0000003c00)=""/65, 0x49}}, {{&(0x7f0000003c80)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x80, 0x0, 0x0, &(0x7f0000003e00)=""/48, 0x30}}], 0x4, 0x40000121, 0x0) 2.013063422s ago: executing program 2 (id=393): r0 = openat$nvram(0xffffff9c, &(0x7f0000002c80), 0x40100, 0x0) close_range(r0, 0xffffffffffffffff, 0x2) r1 = syz_open_dev$mouse(&(0x7f0000000000), 0x1, 0x2000) r2 = openat$snapshot(0xffffff9c, &(0x7f0000000040), 0x100, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.time\x00', 0x26e1, 0x0) close(r3) r4 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000000c00)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000240)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0xe, 0x8000, 0xc2, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0xc01064b3, &(0x7f0000000300)={r5}) r6 = openat$autofs(0xffffff9c, &(0x7f0000000180), 0x101200, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r6, 0xc0189373, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r4, {0x9e4}}, './file0\x00'}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000380)="b9ff03076804268c989e14f088a8", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) fcntl$dupfd(r1, 0x0, r2) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, 0x0) r7 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r8, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r8, &(0x7f0000000000)="2e000300010003", 0x7) r9 = socket(0x2, 0x2, 0x0) ioctl$NBD_SET_SOCK(r7, 0xab00, r9) setsockopt$CAN_RAW_JOIN_FILTERS(r9, 0x65, 0x6, &(0x7f0000000100), 0x4) 1.623085889s ago: executing program 1 (id=394): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000500)={'\x00', 0x52d35ce30131f272}) ioctl$TUNSETOFFLOAD(r1, 0x400454c9, 0x9) ioctl$TUNGETFILTER(r1, 0x400454ce, 0x0) pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0) write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c) memfd_create(&(0x7f0000000100)=';e\x00\x00\xa4\xd8\xe0\x9c\x7f9\x8aZ]3N\xbb\xe1^\x9c\xe1\x9b6s$0Y\xf8\x90\x00\x00\x00\x00\xd2~l\xf6\x12\xde\xdd\xd5\x1d\x96\xb0a\xad\xcd\x16\xd8G\xae\xd9DZm\xabO\xad\x11%\x7f`@\x16c\xc0\xb6\x1f\xe3\x00\x1a_\xc7\xbf\xa7T\xbe\x13\x8b\xb3r\x8fL\xe6\xba\xe7\x18\xb4$BIj\xa3\xc9\xc6|\x9b\x88\xddPx\x02I\xde\xe8\xcd\x02\xc1\xedc2\x06\xcbM\xfb\x13jZ\x96\xeej\x9b\xe4XjN\xb9>\xdf3U\r \x8dh8T/h)\x90\xff\x8d\xd9\x89\xab\xf8P\xacYtk\xa3\xed\xfa*8\x13\b\xce\xf8z\xed\xadnz\x96\xa3\x9a9R\xd9]\xe11We\xfe3\xe06\x1a^\x04^\xef\xa3\x0fU\x9b1\xc6J\x83\x9d[\\a\xfd\xdc\xa1\xcd\xbe\x9b\xc5z7\xe8VP\x89\x16MK`\xe5\x137\b\x00\x00\x00\xd5\x01\xea\x98\xe6Z\x95j\xe3\x0ek>\x14\x80\rXS\xce\xf9\x0e\x89\xc4\xc6\x1bOm4Lla\r\xce\x17\xb5r&\xf3\x96\xbc\xc39\xa7\x95\xd9F\x17', 0x0) socket$inet6_sctp(0xa, 0x2, 0x84) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r3 = syz_open_dev$vim2m(0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0x8, 0x0, 0x1}) ioctl$vim2m_VIDIOC_DQBUF(r3, 0xc058565d, &(0x7f0000000240)=@multiplanar_overlay={0x1000a, 0x1, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0xc, 0x0, 0x0, 0x0, 0x0, "4000f869"}, 0x0, 0x3, {0x0}}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = getpid() close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$sock_int(r5, 0x1, 0x26, &(0x7f0000000080)=0x80, 0x4) getsockopt$inet6_tcp_buf(r5, 0x6, 0xd, 0x0, &(0x7f0000000000)) fanotify_mark(0xffffffffffffffff, 0x0, 0x8001000, 0xffffffffffffffff, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000200000000000000801ec0f426ed6951b1c2"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10) syz_init_net_socket$ax25(0x3, 0x0, 0x0) process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) creat(0x0, 0x345b40169a255668) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0xd, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYBLOB="c4e175257700000000000000", @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bca2000000000000a6020000f8ffffefb703000008000000b70000330073a1d8f4000000002b4f0668cb97459c6ae58b8912900b65aaa136d76be6cbdad7e3077e79bfd965957088e70697a9a6d19ab9186c2c6930e0eeb327ad09e95c096b85bfd21dcbaf21a6155ac1782ec959"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r7, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7}, 0x50) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x4e20, 0xffffffff, @empty, 0x734}}, 0x3, 0xfffc, 0xf, 0x7, 0x54, 0x5, 0x7}, &(0x7f0000000040)=0x9c) 1.09147455s ago: executing program 2 (id=395): r0 = socket$inet6(0xa, 0x2, 0x0) sendmsg$inet6(r0, &(0x7f0000000100)={&(0x7f0000000040)={0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, '\x00', 0x4}, 0x800000}, 0x1c, 0x0, 0x0, &(0x7f0000000340)=[@hopopts_2292={{0x14, 0x29, 0x3b}}, @dstopts_2292={{0x14, 0x29, 0x4, {0x6}}}], 0x28}, 0x0) r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$CDROM_SEND_PACKET(r1, 0x5393, &(0x7f0000000080)={"9d00", &(0x7f0000000000)="bb", 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0}) 1.091023505s ago: executing program 2 (id=396): r0 = getpgid(0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) r3 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c) recvmmsg$unix(r3, &(0x7f0000003100)=[{{&(0x7f0000000000), 0x6e, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1, 0x0, 0x28}}], 0x1, 0x0, 0x0) sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) r4 = openat$autofs(0xffffff9c, &(0x7f0000000240), 0x208400, 0x0) close(r4) ftruncate(0xffffffffffffffff, 0xffff) fcntl$addseals(0xffffffffffffffff, 0x409, 0x7) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r5 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000100)={0x20000014}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0xa0000001}) epoll_wait(r5, &(0x7f0000000340)=[{}], 0x1, 0x1000) r6 = socket$tipc(0x1e, 0x2, 0x0) connect$tipc(r6, &(0x7f0000003100)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x7}}, 0x10) sendmmsg$inet(r6, &(0x7f0000002f40)=[{{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001500)="91199893b794f675ec8892b5eb905137c1174ed3239fef317c7608000000bdc2a8c32d46f77944d1de9f924d05d3566b8eb8f5750393c669559d000000002927ef0dffffe3d4f8541f34e1c7c8ca2d1e813267f3dc50fdd469af72a49e684e28a364f5da124dff2b55a5536aa670b82da70bf0f19cd420371848ddc41d65649fde307c1971599f2fec84845e32bb2b6ebda099de12e8b64842024389524a1c5a97608000d1030d99e2a6e23a0bc8", 0xae}, {&(0x7f00000015c0)="11a68683394e1541cc444dff7adf30f079408cb066a6f8f4d33c4f11850de78c586d1a2ccff92e8e83fb9ae447d9b88de408924811c97415f41ef8a504215a2b2f88665262659fdb988d0f527c36", 0x4e}, {&(0x7f00000017c0)="875ad17d55c11f1ea6ec6cd17661afc73209e32142961e4660591bf3ca40d05a507ac0b0e71f7ed4c63f52a003cc8102f20dc6e33b5dc6de64ac815cf87867507cc072f0cb762aa5deb8731a699d3c7c69f85266ba51eb244e20129de091adaeb0c2d2eb13d19d9ac60e6e4968f215ddff92b05148f0ad653018b14798e45e55ecb916cedd89f2df7e33c470998f3c1998", 0xe7}, {&(0x7f0000001480)="1273dd9951adeaefffe3c4957c86dbff8693adf2202b620b3aec000cf330bb7249eecbc2a8fc3758967c712aa083099f67aa78cf5de7bb683f0147bf102b6dfc9be3080cee9f904e1f42c7901b6c5d306bcd8836c94e08836a6ff07b5c2a7bfe0199ebae1c5de278dba6948ce3a1d395d961aeb7c96a5a0a", 0x78}, {&(0x7f0000000500)="4167c4fd9ea8b423c01e798bbd631e888a04e31e6865a2d55b31833b82989759c0f3241bb5ebe979636a5f22244112d95d11a07cb172724ec37ef9faaf227d64f5190c9d82dfe194b2cf6d77e917e513170fa1e8e4c82dd9898b4ad23e677261595ec62844104d7ca15aa7eec90685ad92f2cd5b745910e47d703315a0d1d3a6d143575da2604e54bb1ddb295e590a1392770befa52aaf1651d375682bcf94e5da4ea37e1cde1d2a80890d896cfe4d08801bc50d9bc08480de2b2710b694ff7fb5bda12cd8a8cb8dc18bf0c265b71aef50ec0ee22e1968a4f3487d8487026bc2b721692064dcfdd1b6b6aec3e8da3d0ab7d3cc51e2db33c169e6354ea425fbfc1bc39057e64d3aff3749d60edcf0a50fe0e973b5ee3a7cd45ad967564fdbc9832869346037dabe420448b5089ab553c2c87e94befac8d3a0c2a56ca2ab778c2f34f571217c837580e8a524db35baea8024482bb32306182faaf39bb1c4e992c4440889e274952ed3d17d5e87224fec8048e6b7344270e046ab2fdda270ad4e5f651fd6eede5d42d9599265520d45d6f500fd733372a62ab4f496b56839b0d6418961a3b6016c26409daba4f2beeceeb38cc6ba75f57e8ee45d8a6c2ecc031c9469d937b9d7db91ded158ebd7f7d512d445f4104130a429ce7fce52d3fec37df953fc6e6adaa781b820b4bb6d4ffd2c10a16f9583890118793bae09157d3ac5625ad8e66a367488e2722bb82161661711d91a5540a92e3de7506861875575d40465cda28989cbc46fb3d80c2bc7e96afbde1cbd2e89103c55bde669c77b774ea570b26e93a1be5e50269ea5f3355869ac5a9701ac0e7d8f69b0a3186e118c6e2ce8e946c95bd729d94d237e5915e2711cc82826f147176a8a0555b9e11fb9a8ad736d016d202cea43b10a5102e48387ab70069b876051ac0557528c14748aa9cc0e0d9bf512533bdc83610d9f801ec4ed512a4a877e2f45b0cbe87ee25a314d481153eefe8643fb2f3e0478353552b0ae863635ab12e7bf0e4f046e8ba9cb7ce3189d52b2a27ff9e4eb5bf8b12d09d610705eec149589bdd38c951de63de4e3065e45eeb261a72c980349387514cb42467e1fe5812abaf4670e993c6fb561e5cccf7a472ee874bbfe73412bc63f706424f174afd1a3f16fb8b8305d932d33ab211d473d210b87e2f20b6ba951a2b982065a3c04516fd57fc7365cec4a1831548470ebefe7f9487cc7b287b2f45eb69b4e165b9f3404d8ac84b2b57ace34de669a85fd885ecb055a6fd2ba5d5396737c702c082bfb35f3ccace91eacfc7a71b2bca1e228170ad6d194aa7c2dc2cf5f0bce153ac1befb2b82e6cf1f12d28812e309f5da0dbe1cad03172d296fa13247b1952ec988316f668aa65e1ca7e9e383b115ce5c25130955c118a0b4567bd180c07ce18bd0c459cc33ed7ba1c43262034a60711315ed81bbc95b7e3088dbd22b976fcd18bae330f08c89236f770478305fac20b5d9bd5cbc98c5c0f9713345c7362bc0e0bc78d212433bcdc6142989bc6ab82160df897825aa906d739dac905a434c90b2cbc72223011ea11480278b681cdcdf5fa63ac5f8b8f1f3ef7d4eb02f422e9fc52b98163630cd2f130f076a33bb011bb8e42800c9475f5cbee042b79fda44b6432b126f085a17553b82d9cae519ec239a9cccb99444f24b8f11e255e31e0d53a28e36949a3f8238c2ea3f4e3d8cf3b85b031c962504d00a4e7928b5fa2fab311bcc54d68738086ce70a8e5bdaf425033036a85e59aa3bb1b01f8b6c6a2e221c69e48565b55a196b2dc9cb067b4ccf8a7c81e31795a8b74e8940455126f19c8bbb9b941cc66c9443fd13e20c2074a9c3bc1740262c1fcb8e9ca5ac5729dfe6e25561eba41ccae8ca2e851affc1ab4ec912925ef7ccf72e97c577413260ccda170d75741336f837258a59da907460a2917f652c6e4ebc0467da8a95f2ceae9afcc4e0d1f4b95fc68b2f5e32af96fb12a8e7f3140dd235a30e5ad94e78cf58ad75ca8a871a70820090ba510e7563c0f78cf364369a51fa6683ff8d24924ceb922927eb0ba1395b7a4f37d92913a9688ef8428a887f1161f10aeab749f5ea8ca24e579008f542a9b785841dae071b94b5a8ba79985930f60ac2c93aa002d84b212e2e2b6c9c2a0694595dad99fd1f27d0044481ef5b364a059599ef982a114a61094b3b7d0f9a7b78d7615cc8573430e676987ab7421fde9abeb29e4529beb6a2724bed86a7b1d27ee73585892f083fad4307696a4166356b9c20a9579bbf3e8cda9ad7ec2b2bb973d05cf8d9457dc03eee2cfbf630dd917768ae652c0627e32ebb4c62951dfbd8e074dfdf02c5517ace50d5813c8d8d7f1fc0fc63a4fae5c2bcf26560c627500e03692384630be287790d545403adc500ef732d66e269b8b051aa57bb865a9b709c7a0426188daf29caf1d062b104592b4f6acc86895956d8085424dba0bfafdf900419f2227db1eca75b338091d23da2067566c6d54de1604bf8d4cce8a0b4484c4645a305861bc46ebccafbe500e01d51236b40027d1b2c7a72937b15899bb982c880d83ed6b70502bd0d68d2a2146a85c6518a11c386df610243ec513e7a284a81c841f9201ee3b9d3a8f44cdf52ec842e07c1f2f35e2a5b17278dce1f9b7fa09866ecb0d2e78fc8095b7dee81d3e308fd10a1490036194bfa89c118bd9c72d4747b90724d7bd0a7ead28c89c23cc6667c1a8b362ca5385d24b2c1265957764a4e46176365a5348bcf85c457921e7fa6c9e165b6c4d8bd9e8782c96839a5fd2679cd08f656ca5b41d00f8429d517a0d776049918e73b4a258fd2a1576b6420b67fc9ff3520556881ef4838e973f552edebde686af1d55e6172e5bb9b01543d32c0c7753b380dd9ed3f5c0b663a9b1bcb4bd36a365172aeee96a8d69c1e5c5b6c88fc9453ace6aa24bdfc1cfa27ea8cc36c80cace296259545a4e155d154ccbf00ae4ff912c583c871b7cdb46813584ea14bb6943d16b3f12e8fe149076e5e646e1dca0bf121a2e2fa09816e9056aa1143988ff17c21c49981445d98d88fd4bba6a59d9f97d301d90e3754103389b36308713c1ba31031e42f2d759343a95bbae9c01a3bb3e6b537b658d1c028c8ec3126bf79db223a3320e25a671ef834c924f02c1bbab338517accb8378f945cb1d65d4dff90f1e3af8168e33a5a124aef715b656075f6a62099afa110f2fe5eb83e0b3e36df91be2125be6500e5f3a81f8bc116f42734c784f6bb6c7e968610243b06026a9def4e85f8344fae36602aa3795cf71ecf7e57a3da0bef859daf649abc6390e86edaa84eefe48999ddba9067b90dd5ea2477f150ab588dadfe79ab7524157d1b94c738ca3345ce8657bfac981cb30b7c0f05f96dafcdce3e41471943609b121de1eda3e95a1c31bada084beec699512c7d5cec71e06a57c177ca1f383120bf46a9c805c9220d3d0c6807d60e6b7f9c80de1d815bdf1ebe62338862719eab55ef4971a69c76aa2f25c3c9d0c2e5c7857a86f9ab26c3c6aa395f2c366548f60a40abbe14dd011358d9b3695b8a091e16552478aeee1e2e91abd67deeb15732f428c3304a2bf2e4cbb3768875b35d126ca46d29e506ee1e0aba7a17eba27c19d7626064c0a17d7ee7f2f220e5e28bd7d691dffa84f2a2f92c924b87da382ae9a688ad4322fa0cc72604fc43e17002b8f3844a7431205de46818310d0fcf4676f45c9941dde767c9a4376e13cd7e91308cc0df25a4c79e390674fa0161695cc9e9bee12620d8571a4b3800370cd01bf0546758a048563539edf15d58b108159ea5fe0f038281c7855bbd92cc86de38df60b8597f4bce4ae9cae1647b5024bfb73630cdf4d1827a5f0ff779a1e6c6efbc6561d06b249986703b9dc61a63e2068e4786e6a8be34a808143301ef00f21bee8399d88ecffddb4867790d4d1cbe827a5a220834ba831d3ba424ff8fc9a99b175d2feca9f581e24bb69bdc4f64a6ea0c9c37d6976d15e9388519a2bed100a2a8358215a8b63b6e25a677875ee2bc3fd9c77783b39a166b863376b496775b83804a2c7f5363cca9ade819034afc2f7b40ffc316089556dec2e55e1bd92c9b905d6b1b9160d6c492d4384acd7e380874939b1ab02dbbacfbedd74cd524b4eab643e8b92d38d9fae446afd8d774d1c933bce8c341f0ff283acec3bbbbfdb06a15eb88ca6600542dda45334a374e31bae3b5fb058f92398", 0xbae}], 0x5}}], 0x1, 0x40) r7 = openat$cachefiles(0xffffff9c, &(0x7f0000000040), 0x4100, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r7, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x3c, 0x4, 0x8, 0x101, 0x0, 0x0, {0x2, 0x0, 0x5}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0x4}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x9001}, 0x80) ioctl$BTRFS_IOC_SCRUB_CANCEL(r5, 0x941c, 0x0) 941.743157ms ago: executing program 3 (id=397): socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r2, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000000000000000000800080000014000091ff0f00004500f5ff06ff00010100fc5e15f4c3d3fbd80dad0000", @ANYRES8], 0x125) 941.554789ms ago: executing program 3 (id=398): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000140)={{}, 'syz0\x00'}) ioctl$UI_SET_KEYBIT(r0, 0x40045565, 0xee) ioctl$UI_DEV_CREATE(r0, 0x5501) 842.758523ms ago: executing program 3 (id=399): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x3, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000100000000000000000000008500000087000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000d000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xfffffffa, 0x2000, 0x0, 0x0, 0x0, 0x0}, 0x50) 592.311961ms ago: executing program 1 (id=400): iopl(0x3) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x3, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xb, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffb, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005400e501000000000000000007", @ANYRES32], 0x38}}, 0x0) sched_setscheduler(0xffffffffffffffff, 0x0, &(0x7f00000003c0)=0x9) r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x1, 0x200) ioctl$BTRFS_IOC_LOGICAL_INO_V2(r0, 0xc038943b, &(0x7f0000000180)={0x9, 0x30, '\x00', 0x1, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xfffffffc}}, './file0\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r4, 0x0, 0x8000f28, 0x0) splice(r3, 0x0, r2, 0x0, 0x7f, 0xe) write(r1, 0x0, 0x0) 323.155067ms ago: executing program 1 (id=401): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x0) r0 = syz_io_uring_setup(0xec4, &(0x7f00000004c0)={0x0, 0x2f4c, 0x400, 0x20000003, 0x26d}, &(0x7f0000000540)=0x0, &(0x7f0000000340)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23) 171.705085ms ago: executing program 1 (id=402): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="180200000000000400000000000000008500000030000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$LINK_GET_NEXT_ID(0x1f, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) r3 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4004, @fd=r0, 0x2, &(0x7f0000000900)=""/104, 0x68, 0x4, 0x1}) io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0) 52.367056ms ago: executing program 2 (id=403): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) io_uring_setup(0x1b9, &(0x7f0000004740)={0x0, 0x0, 0x0, 0x1}) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000040)) ioctl$PPPIOCSACTIVE(r1, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0}) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0186405, &(0x7f0000000240)={0x539f, 0x4, {}, {0xffffffffffffffff}, 0x3, 0xfffffff9}) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000802, r2, &(0x7f0000000380)={0xdf02, 0x1, 0x0, 0x9, 0x9, 0x8000, 0x2, 0x8001, 0x8d2}) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = openat$hwrng(0xffffff9c, &(0x7f0000000000), 0x181400, 0x0) r5 = creat(&(0x7f0000000100)='./file0\x00', 0x0) close(r5) read$msr(r5, &(0x7f00000000c0)=""/208, 0xd0) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1a, 0x18, &(0x7f0000000180)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @cb_func={0x18, 0x7, 0x4, 0x0, 0x8}, @exit, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x9f}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0x4c}, @exit, @map_val={0x18, 0x4, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x7}], &(0x7f0000000140)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) read(r1, 0x0, 0x2) pwrite64(r1, &(0x7f0000000340)="5da1", 0x4, 0x0) readv(r1, &(0x7f00000002c0)=[{&(0x7f00000000c0)=""/157, 0x9d}], 0x1) close_range(r0, 0xffffffffffffffff, 0x0) 2.020617ms ago: executing program 0 (id=404): r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_vs\x00') openat2(r0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x208000, 0x11c, 0xc}, 0x18) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020300090a00000025bd7000000000000300060000000e0002000000ac1414aa000000000000000002000100000000000000000400000000030003000000000002000000e0000001000000000000000064e3a247792555630baa00abd55f360e09db5cf5960592cc7cd097ddbf03829bdf81d9bfce138ed05401e44d1aef9e515c4b19173ff5326019f90463f77c80f24c56381ef46926b5667dbf099c9e90a5a5b197ef499c21fa73775fb60718fcbcff6fb492c12932d3d0321311baf03f19c62742c5b5bd0ccf77e87dc77d2bcebde95effef"], 0x50}}, 0x0) sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0) r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r3 = dup(r2) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r4, 0x0, 0x14, 0x0, &(0x7f00000006c0)="f6f4e9a1d78ad62ceef1884366a578bb3fb7dbfc", 0x0, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000700)="49723b3ab53a13274c", 0x0}, 0x50) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r5) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r6 = inotify_init1(0x0) fcntl$setown(r6, 0x8, 0xffffffffffffffff) fcntl$getownex(r6, 0x10, &(0x7f0000000140)={0x0, 0x0}) r8 = syz_open_procfs(r7, &(0x7f0000000600)='fd/4\x00') ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r8, 0x801c581f, &(0x7f0000000180)={@desc={0x1, 0x2000000, @desc3}}) r9 = inotify_init1(0x0) fcntl$setown(r9, 0x8, 0xffffffffffffffff) fcntl$getownex(r9, 0x10, &(0x7f0000000140)={0x0, 0x0}) r11 = syz_open_procfs(r10, &(0x7f0000000600)='fd/4\x00') syz_open_procfs(r10, &(0x7f0000000240)='net/udplite\x00') ioctl$PTP_EXTTS_REQUEST2(r3, 0x43403d05, 0x0) r12 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01) r13 = fcntl$dupfd(r12, 0x0, r12) write$UHID_INPUT2(r11, &(0x7f0000000380)=ANY=[@ANYBLOB="15cdc20cee51b2b0fda876241e1bfc83c700123b48b638265ea462f2de19cbd7fd4c7ef40a0d51e8544454d72641effe672b17849b2194107476931f59f4141c14fefab3030a"], 0xefe) poll(&(0x7f0000000080)=[{r13, 0x462}], 0x1, 0x40000) openat$incfs(r13, &(0x7f0000000280)='.pending_reads\x00', 0x222001, 0xb4) read(r0, &(0x7f0000001b00)=""/194, 0xc2) openat$sndseq(0xffffff9c, &(0x7f00000000c0), 0x200800) 0s ago: executing program 3 (id=405): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000700004400000008000300", @ANYBLOB="340023800600000003000000050008000000000005000e"], 0x50}}, 0x0) kernel console output (not intermixed with test programs): 39.581142][ T5340] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.583000][ T5340] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.584859][ T5340] bridge_slave_0: entered allmulticast mode [ 39.586914][ T5340] bridge_slave_0: entered promiscuous mode [ 39.589647][ T5340] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.591504][ T5340] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.593373][ T5340] bridge_slave_1: entered allmulticast mode [ 39.595410][ T5340] bridge_slave_1: entered promiscuous mode [ 39.611018][ T5348] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.613618][ T5348] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.615847][ T5348] bridge_slave_1: entered allmulticast mode [ 39.618708][ T5348] bridge_slave_1: entered promiscuous mode [ 39.634163][ T5339] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.636789][ T5339] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.639408][ T5339] bridge_slave_1: entered allmulticast mode [ 39.642248][ T5339] bridge_slave_1: entered promiscuous mode [ 39.689887][ T5339] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.698798][ T5339] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.712996][ T5340] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.732928][ T5348] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.738476][ T5348] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.769855][ T5340] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.811949][ T5339] team0: Port device team_slave_0 added [ 39.858144][ T5348] team0: Port device team_slave_0 added [ 39.861046][ T5339] team0: Port device team_slave_1 added [ 39.877573][ T5348] team0: Port device team_slave_1 added [ 39.879931][ T5352] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.882521][ T5352] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.885107][ T5352] bridge_slave_0: entered allmulticast mode [ 39.888368][ T5352] bridge_slave_0: entered promiscuous mode [ 39.907429][ T5340] team0: Port device team_slave_0 added [ 39.924544][ T5352] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.928032][ T5352] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.930546][ T5352] bridge_slave_1: entered allmulticast mode [ 39.933505][ T5352] bridge_slave_1: entered promiscuous mode [ 39.967697][ T5340] team0: Port device team_slave_1 added [ 40.000588][ T5352] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.004395][ T5339] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.006884][ T5339] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.015687][ T5339] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.021416][ T5339] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.023879][ T5339] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.033094][ T5339] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.059889][ T5348] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.062332][ T5348] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.071127][ T5348] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.076650][ T5352] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.084857][ T5340] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.087494][ T5340] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.096836][ T5340] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.101652][ T5348] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.104262][ T5348] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.114726][ T5348] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.147922][ T5340] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.150506][ T5340] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.159830][ T5340] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.185041][ T5352] team0: Port device team_slave_0 added [ 40.189242][ T5352] team0: Port device team_slave_1 added [ 40.209216][ T5339] hsr_slave_0: entered promiscuous mode [ 40.212156][ T5339] hsr_slave_1: entered promiscuous mode [ 40.301677][ T5352] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.304133][ T5352] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.313016][ T5352] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.319780][ T5348] hsr_slave_0: entered promiscuous mode [ 40.322481][ T5348] hsr_slave_1: entered promiscuous mode [ 40.324888][ T5348] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 40.327900][ T5348] Cannot create hsr debugfs directory [ 40.332935][ T5340] hsr_slave_0: entered promiscuous mode [ 40.336637][ T5340] hsr_slave_1: entered promiscuous mode [ 40.339090][ T5340] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 40.341685][ T5340] Cannot create hsr debugfs directory [ 40.365638][ T5352] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.368141][ T5352] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.377157][ T5352] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.530492][ T5352] hsr_slave_0: entered promiscuous mode [ 40.533263][ T5352] hsr_slave_1: entered promiscuous mode [ 40.536189][ T5352] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 40.538215][ T5352] Cannot create hsr debugfs directory [ 40.741249][ T5348] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 40.748404][ T5348] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 40.755071][ T5348] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 40.760313][ T5348] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 40.783924][ T5340] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 40.790449][ T5340] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 40.793878][ T5340] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 40.798966][ T5340] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 40.829446][ T5339] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 40.834218][ T5339] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 40.839061][ T5339] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 40.846468][ T5339] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 40.896698][ T5352] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 40.908838][ T5352] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 40.917458][ T5352] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 40.923012][ T5352] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 40.939965][ T5348] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.979551][ T5348] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.999610][ T1014] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.001973][ T1014] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.007580][ T5340] 8021q: adding VLAN 0 to HW filter on device bond0 [ 41.015470][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.017531][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.023974][ T5339] 8021q: adding VLAN 0 to HW filter on device bond0 [ 41.046112][ T5340] 8021q: adding VLAN 0 to HW filter on device team0 [ 41.054938][ T5339] 8021q: adding VLAN 0 to HW filter on device team0 [ 41.068112][ T1014] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.070718][ T1014] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.074065][ T1014] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.076656][ T1014] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.097406][ T1014] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.099854][ T1014] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.117259][ T1014] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.119970][ T1014] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.169209][ T5352] 8021q: adding VLAN 0 to HW filter on device bond0 [ 41.186509][ T5345] Bluetooth: hci1: command tx timeout [ 41.187470][ T5356] Bluetooth: hci2: command tx timeout [ 41.195514][ T5356] Bluetooth: hci0: command tx timeout [ 41.207640][ T5352] 8021q: adding VLAN 0 to HW filter on device team0 [ 41.214071][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.216613][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.236492][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.238872][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.265795][ T5356] Bluetooth: hci3: command tx timeout [ 41.309082][ T5348] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 41.313312][ T5339] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 41.348082][ T5340] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 41.362348][ T5352] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 41.369873][ T5348] veth0_vlan: entered promiscuous mode [ 41.375194][ T5339] veth0_vlan: entered promiscuous mode [ 41.381525][ T5348] veth1_vlan: entered promiscuous mode [ 41.387852][ T5339] veth1_vlan: entered promiscuous mode [ 41.410920][ T5340] veth0_vlan: entered promiscuous mode [ 41.416695][ T5348] veth0_macvtap: entered promiscuous mode [ 41.425367][ T5348] veth1_macvtap: entered promiscuous mode [ 41.433956][ T5352] veth0_vlan: entered promiscuous mode [ 41.439066][ T5340] veth1_vlan: entered promiscuous mode [ 41.442014][ T5339] veth0_macvtap: entered promiscuous mode [ 41.446740][ T5339] veth1_macvtap: entered promiscuous mode [ 41.451262][ T5348] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.456058][ T5348] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.464400][ T5352] veth1_vlan: entered promiscuous mode [ 41.468249][ T5348] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.470973][ T5348] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.473891][ T5348] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.476920][ T5348] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.494469][ T5339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.497355][ T5339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.500406][ T5339] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.502811][ T5352] veth0_macvtap: entered promiscuous mode [ 41.506992][ T5352] veth1_macvtap: entered promiscuous mode [ 41.516105][ T5339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.519031][ T5339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.522619][ T5339] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.544614][ T5339] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.547222][ T5339] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.549706][ T5339] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.552272][ T5339] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.559279][ T5340] veth0_macvtap: entered promiscuous mode [ 41.570712][ T5340] veth1_macvtap: entered promiscuous mode [ 41.576107][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.578514][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.579690][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.582449][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.586784][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.591407][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.595831][ T5352] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.602171][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.607927][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.611310][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.614708][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.619686][ T5352] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.624965][ T5352] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.628578][ T5352] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.631621][ T5352] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.634656][ T5352] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.657747][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.660734][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.672977][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.676976][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.679462][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.682836][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.686088][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.688757][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.692528][ T5340] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.703136][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.706399][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.708943][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.711628][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.714151][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.716930][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.720124][ T5340] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.729181][ T5340] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.731867][ T5340] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.734175][ T5340] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.736613][ T5340] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.744106][ T5348] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 41.750502][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.754126][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.785019][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.787654][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.789705][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.794221][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.839447][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.842122][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.872833][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.874075][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.875981][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.881181][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.906471][ C3] Illegal XDP return value 16128 on prog (id 2) dev bond_slave_1, expect packet loss! [ 41.923839][ T5405] 9pnet_virtio: no channels available for device 127.0.0.1 [ 42.016701][ T5410] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2'. [ 42.064055][ T5413] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 42.083751][ T5413] futex_wake_op: syz.3.4 tries to shift op by -1; fix this program [ 42.113016][ T39] audit: type=1326 audit(1728498659.049:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5404 comm="syz.0.1" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x0 [ 42.215937][ T1014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 42.707116][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 42.756450][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 42.972395][ T1098] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 42.977914][ T1098] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 42.996097][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 42.998668][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 43.037173][ T70] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 43.055370][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 43.095942][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 43.265415][ T5356] Bluetooth: hci1: command tx timeout [ 43.266160][ T5345] Bluetooth: hci0: command tx timeout [ 43.266176][ T5347] Bluetooth: hci2: command tx timeout [ 43.345411][ T5345] Bluetooth: hci3: command tx timeout [ 43.596101][ T5432] process 'syz.3.7' launched './file0' with NULL argv: empty string added [ 43.725445][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 43.748404][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 44.239518][ T5436] sg_read: process 12 (syz.2.9) changed security contexts after opening file descriptor, this is not allowed. [ 44.272848][ T5394] IPVS: starting estimator thread 0... [ 44.285315][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 44.337816][ T0] NOHZ tick-stop error: local softirq work is pending, handler #248!!! [ 44.355461][ T5442] IPVS: using max 35 ests per chain, 84000 per kthread [ 44.426240][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 44.775306][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 44.794396][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 44.865693][ T70] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 45.345250][ T5345] Bluetooth: hci1: command tx timeout [ 45.346728][ T5356] Bluetooth: hci2: command tx timeout [ 45.355280][ T5356] Bluetooth: hci0: command tx timeout [ 45.425254][ T5356] Bluetooth: hci3: command tx timeout [ 45.586291][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 45.676818][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 45.823078][ T5475] sp0: Synchronizing with TNC [ 46.053525][ T5485] fuse: Unknown parameter 'user_i00000000000000000000' [ 46.249818][ T5489] netlink: 28 bytes leftover after parsing attributes in process `syz.3.21'. [ 47.425453][ T5356] Bluetooth: hci1: command tx timeout [ 47.435312][ T5356] Bluetooth: hci0: command tx timeout [ 47.435833][ T5345] Bluetooth: hci2: command tx timeout [ 47.505530][ T5345] Bluetooth: hci3: command tx timeout [ 47.876986][ T5508] input: syz0 as /devices/virtual/input/input5 [ 47.912573][ T5394] net_ratelimit: 4 callbacks suppressed [ 47.912589][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 48.955319][ T5330] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 48.957708][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 49.985992][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 50.247523][ T5538] FAULT_INJECTION: forcing a failure. [ 50.247523][ T5538] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 50.251749][ T5538] CPU: 3 UID: 0 PID: 5538 Comm: syz.2.33 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 50.254806][ T5538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 50.258365][ T5538] Call Trace: [ 50.259516][ T5538] [ 50.260537][ T5538] dump_stack_lvl+0x16c/0x1f0 [ 50.262073][ T5538] should_fail_ex+0x497/0x5b0 [ 50.263580][ T5538] _copy_from_iter+0x29b/0x13e0 [ 50.265174][ T5538] ? __pfx__copy_from_iter+0x10/0x10 [ 50.266893][ T5538] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 50.268896][ T5538] ? tun_build_skb.constprop.0+0x1b8/0x1120 [ 50.270805][ T5538] ? __pfx_lock_release+0x10/0x10 [ 50.272229][ T5538] ? trace_lock_acquire+0x14a/0x1d0 [ 50.273956][ T5538] copy_page_from_iter+0xa5/0x120 [ 50.275328][ T9] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 50.275659][ T5538] tun_build_skb.constprop.0+0x294/0x1120 [ 50.279525][ T5538] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 50.281792][ T5538] ? __pfx___lock_acquire+0x10/0x10 [ 50.283383][ T5538] ? __pfx___lock_acquire+0x10/0x10 [ 50.284911][ T5538] ? __pfx___lock_acquire+0x10/0x10 [ 50.286608][ T5538] ? __lock_acquire+0xbdd/0x3ce0 [ 50.288005][ T5538] tun_get_user+0x872/0x3d70 [ 50.289590][ T5538] ? find_held_lock+0x2d/0x110 [ 50.291126][ T5538] ? __pfx_tun_get_user+0x10/0x10 [ 50.292913][ T5538] ? find_held_lock+0x2d/0x110 [ 50.294605][ T5538] ? __pfx_lock_release+0x10/0x10 [ 50.296088][ T5538] tun_chr_write_iter+0xdc/0x210 [ 50.297757][ T5538] vfs_write+0x6b5/0x1140 [ 50.299098][ T5538] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 50.300843][ T5538] ? trace_lock_acquire+0x14a/0x1d0 [ 50.302519][ T5538] ? __pfx_vfs_write+0x10/0x10 [ 50.304053][ T5538] ? __fget_files+0x40/0x3f0 [ 50.305554][ T5538] ksys_write+0x12f/0x260 [ 50.306796][ T5538] ? __pfx_ksys_write+0x10/0x10 [ 50.308241][ T5538] __do_fast_syscall_32+0x73/0x120 [ 50.309724][ T5538] do_fast_syscall_32+0x32/0x80 [ 50.311066][ T5538] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 50.312725][ T5538] RIP: 0023:0xf744e579 [ 50.313887][ T5538] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 50.319930][ T5538] RSP: 002b:00000000f5736530 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 50.322280][ T5538] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000240 [ 50.324464][ T5538] RDX: 000000000000004a RSI: 00000000f743bff4 RDI: 0000000000000000 [ 50.326796][ T5538] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 50.329091][ T5538] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 50.331895][ T5538] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 50.334280][ T5538] [ 50.468026][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 50.472738][ T9] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 50.474912][ T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 50.477543][ T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 50.480047][ T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 50.482591][ T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 50.486712][ T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 50.489748][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 50.766432][ T5548] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 50.783480][ T9] usb 6-1: usb_control_msg returned -32 [ 50.789895][ T9] usbtmc 6-1:16.0: can't read capabilities [ 50.820266][ T9] usb 6-1: USB disconnect, device number 2 [ 50.922027][ T5550] overlayfs: failed to get inode (-116) [ 50.923627][ T5550] overlayfs: failed to get inode (-116) [ 50.928737][ T5550] overlayfs: failed to get inode (-116) [ 50.930379][ T5550] overlayfs: failed to get inode (-116) [ 51.035486][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 51.127674][ T5345] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 51.131119][ T5345] CPU: 0 UID: 0 PID: 5345 Comm: kworker/u33:3 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 51.134855][ T5345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 51.138537][ T5345] Workqueue: hci2 hci_rx_work [ 51.140180][ T5345] Call Trace: [ 51.141324][ T5345] [ 51.142354][ T5345] dump_stack_lvl+0x16c/0x1f0 [ 51.143980][ T5345] sysfs_warn_dup+0x7f/0xa0 [ 51.145545][ T5345] sysfs_create_dir_ns+0x24d/0x2b0 [ 51.147338][ T5345] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 51.149281][ T5345] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 51.151154][ T5345] ? kobject_add_internal+0x12d/0x990 [ 51.153025][ T5345] ? do_raw_spin_unlock+0x172/0x230 [ 51.154899][ T5345] kobject_add_internal+0x2c8/0x990 [ 51.156771][ T5345] kobject_add+0x16f/0x240 [ 51.158382][ T5345] ? __pfx_kobject_add+0x10/0x10 [ 51.160136][ T5345] ? class_to_subsys+0x3e/0x160 [ 51.161883][ T5345] ? do_raw_spin_unlock+0x172/0x230 [ 51.163728][ T5345] ? kobject_put+0xab/0x5a0 [ 51.165378][ T5345] device_add+0x289/0x1a70 [ 51.167008][ T5345] ? __pfx_dev_set_name+0x10/0x10 [ 51.168762][ T5345] ? __pfx_device_add+0x10/0x10 [ 51.170482][ T5345] ? mgmt_send_event_skb+0x2f2/0x460 [ 51.172373][ T5345] hci_conn_add_sysfs+0x17e/0x230 [ 51.174118][ T5345] le_conn_complete_evt+0xfc7/0x1cf0 [ 51.175997][ T5345] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 51.178125][ T5345] ? trace_contention_end+0xea/0x140 [ 51.180091][ T5345] ? __mutex_lock+0x1a6/0x9c0 [ 51.181843][ T5345] hci_le_enh_conn_complete_evt+0x23d/0x380 [ 51.183491][ T5345] ? skb_pull_data+0x166/0x210 [ 51.184788][ T5345] hci_le_meta_evt+0x2e2/0x5d0 [ 51.186070][ T5345] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 51.187822][ T5345] hci_event_packet+0x666/0x1190 [ 51.189121][ T5345] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 51.190527][ T5345] ? __pfx_hci_event_packet+0x10/0x10 [ 51.192001][ T5345] ? mark_held_locks+0x9f/0xe0 [ 51.193795][ T5345] ? kcov_remote_start+0x3cf/0x6e0 [ 51.195684][ T5345] ? lockdep_hardirqs_on+0x7c/0x110 [ 51.197591][ T5345] hci_rx_work+0x2c6/0x16c0 [ 51.199269][ T5345] ? lock_acquire+0x2f/0xb0 [ 51.200855][ T5345] ? process_one_work+0x8bb/0x1b30 [ 51.202256][ T5345] process_one_work+0x958/0x1b30 [ 51.203543][ T5345] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 51.205114][ T5345] ? __pfx_process_one_work+0x10/0x10 [ 51.207080][ T5345] ? assign_work+0x1a0/0x250 [ 51.208745][ T5345] worker_thread+0x6c8/0xf00 [ 51.210471][ T5345] ? __pfx_worker_thread+0x10/0x10 [ 51.212308][ T5345] kthread+0x2c1/0x3a0 [ 51.213838][ T5345] ? _raw_spin_unlock_irq+0x23/0x50 [ 51.215745][ T5345] ? __pfx_kthread+0x10/0x10 [ 51.217445][ T5345] ret_from_fork+0x45/0x80 [ 51.218971][ T5345] ? __pfx_kthread+0x10/0x10 [ 51.220672][ T5345] ret_from_fork_asm+0x1a/0x30 [ 51.222464][ T5345] [ 51.224149][ T5345] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 51.229615][ T5345] Bluetooth: hci2: failed to register connection device [ 51.477521][ T5561] fuse: Bad value for 'fd' [ 51.985774][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 52.065385][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 52.170467][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 52.518963][ T39] audit: type=1326 audit(1728498669.459:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5568 comm="syz.3.42" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 52.555825][ T39] audit: type=1326 audit(1728498669.459:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5568 comm="syz.3.42" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 52.563592][ T39] audit: type=1326 audit(1728498669.459:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5568 comm="syz.3.42" exe="/syz-executor" sig=0 arch=40000003 syscall=277 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 52.588128][ T39] audit: type=1326 audit(1728498669.469:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5568 comm="syz.3.42" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 52.594087][ T39] audit: type=1326 audit(1728498669.469:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5568 comm="syz.3.42" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 52.600565][ T39] audit: type=1326 audit(1728498669.469:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5568 comm="syz.3.42" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 52.608127][ T39] audit: type=1326 audit(1728498669.469:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5568 comm="syz.3.42" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 52.615513][ T39] audit: type=1326 audit(1728498669.469:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5568 comm="syz.3.42" exe="/syz-executor" sig=0 arch=40000003 syscall=63 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 52.623178][ T39] audit: type=1326 audit(1728498669.469:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5568 comm="syz.3.42" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 52.630687][ T39] audit: type=1326 audit(1728498669.469:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5568 comm="syz.3.42" exe="/syz-executor" sig=0 arch=40000003 syscall=282 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 52.838109][ T5580] FAULT_INJECTION: forcing a failure. [ 52.838109][ T5580] name failslab, interval 1, probability 0, space 0, times 1 [ 52.841347][ T5580] CPU: 1 UID: 0 PID: 5580 Comm: syz.2.46 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 52.844061][ T5580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 52.846848][ T5580] Call Trace: [ 52.847740][ T5580] [ 52.848529][ T5580] dump_stack_lvl+0x16c/0x1f0 [ 52.849797][ T5580] should_fail_ex+0x497/0x5b0 [ 52.851039][ T5580] ? fs_reclaim_acquire+0xae/0x160 [ 52.852380][ T5580] should_failslab+0xc2/0x120 [ 52.853664][ T5580] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 52.855085][ T5580] ? getname_flags.part.0+0x4c/0x550 [ 52.856466][ T5580] ? vfs_write+0x14d/0x1140 [ 52.857682][ T5580] getname_flags.part.0+0x4c/0x550 [ 52.859026][ T5580] getname+0x8d/0xe0 [ 52.860062][ T5580] do_sys_openat2+0x104/0x1e0 [ 52.861299][ T5580] ? __pfx_do_sys_openat2+0x10/0x10 [ 52.862666][ T5580] ? __fget_files+0x244/0x3f0 [ 52.863900][ T5580] __ia32_compat_sys_openat+0x16e/0x210 [ 52.865344][ T5580] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 52.866933][ T5580] ? ksys_write+0x1ad/0x260 [ 52.868132][ T5580] __do_fast_syscall_32+0x73/0x120 [ 52.869443][ T5580] do_fast_syscall_32+0x32/0x80 [ 52.870721][ T5580] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 52.872348][ T5580] RIP: 0023:0xf744e579 [ 52.873382][ T5580] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 52.878261][ T5580] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000127 [ 52.880407][ T5580] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000680 [ 52.882453][ T5580] RDX: 0000000000101040 RSI: 0000000000000000 RDI: 0000000000000000 [ 52.884487][ T5580] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 52.886497][ T5580] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 52.888536][ T5580] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 52.890593][ T5580] [ 52.940543][ T5575] netlink: 4 bytes leftover after parsing attributes in process `syz.0.44'. [ 53.062983][ T5584] netlink: 104 bytes leftover after parsing attributes in process `syz.2.47'. [ 53.105377][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 53.207948][ T5586] netlink: 'syz.2.47': attribute type 8 has an invalid length. [ 53.210877][ T5586] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.47'. [ 53.235354][ T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 53.265574][ T5356] Bluetooth: hci2: command tx timeout [ 53.428347][ T5330] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 53.545265][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 53.555012][ T9] usb 5-1: config 167 has too many interfaces: 202, using maximum allowed: 32 [ 53.558264][ T9] usb 5-1: config 167 has 1 interface, different from the descriptor's value: 202 [ 53.636777][ T9] usb 5-1: New USB device found, idVendor=1025, idProduct=005f, bcdDevice=fe.29 [ 53.640092][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 53.643575][ T9] usb 5-1: Product: syz [ 53.645085][ T9] usb 5-1: Manufacturer: syz [ 53.646845][ T9] usb 5-1: SerialNumber: syz [ 53.653582][ T9] dvb-usb: found a 'Unknown USB1.1 DVB-T device ???? please report the name to the author' in warm state. [ 53.659560][ T9] dvb-usb: bulk message failed: -22 (3/0) [ 53.688339][ T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 53.713057][ T9] dvbdev: DVB: registering new adapter (Unknown USB1.1 DVB-T device ???? please report the name to the author) [ 53.742097][ T9] usb 5-1: media controller created [ 53.813373][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 53.849006][ T9] dvb-usb: bulk message failed: -22 (6/0) [ 53.851276][ T9] dvb-usb: no frontend was attached by 'Unknown USB1.1 DVB-T device ???? please report the name to the author' [ 53.882467][ T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb5/5-1/input/input6 [ 53.920759][ T9] dvb-usb: schedule remote query interval to 150 msecs. [ 53.923165][ T9] dvb-usb: bulk message failed: -22 (3/0) [ 53.957993][ T9] dvb-usb: Unknown USB1.1 DVB-T device ???? please report the name to the author successfully initialized and connected. [ 54.042854][ T5384] usb 5-1: USB disconnect, device number 2 [ 54.063882][ T5384] dvb-usb: Unknown USB1.1 DVB-T device ???? please successfully deinitialized and disconnected. [ 54.066709][ T5356] Bluetooth: hci3: command tx timeout [ 54.066850][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 54.067040][ T5402] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 54.128851][ T5607] tmpfs: Cannot change global quota limit on remount [ 54.145401][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 54.705894][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 55.185513][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 55.210343][ T5623] fuse: Bad value for 'fd' [ 55.538779][ T5631] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 56.225389][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 56.731630][ T5646] netlink: 104 bytes leftover after parsing attributes in process `syz.1.62'. [ 56.756431][ T5646] netlink: 'syz.1.62': attribute type 8 has an invalid length. [ 56.779004][ T5646] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.62'. [ 57.105334][ T5330] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 57.265569][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 57.683950][ T5661] ======================================================= [ 57.683950][ T5661] WARNING: The mand mount option has been deprecated and [ 57.683950][ T5661] and is ignored by this kernel. Remove the mand [ 57.683950][ T5661] option from the mount to silence this warning. [ 57.683950][ T5661] ======================================================= [ 57.865243][ T1987] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 57.963938][ T5668] netlink: 104 bytes leftover after parsing attributes in process `syz.2.70'. [ 57.991174][ T5668] netlink: 'syz.2.70': attribute type 8 has an invalid length. [ 57.993207][ T5668] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.70'. [ 58.015244][ T1987] usb 8-1: Using ep0 maxpacket: 8 [ 58.017744][ T1987] usb 8-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 58.020041][ T1987] usb 8-1: config 246 descriptor has 1 excess byte, ignoring [ 58.021943][ T1987] usb 8-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 58.024362][ T1987] usb 8-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 58.027396][ T1987] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 58.030270][ T1987] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 58.033089][ T1987] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 58.046113][ T1987] usb 8-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 58.048796][ T1987] usb 8-1: config 246 descriptor has 1 excess byte, ignoring [ 58.050699][ T1987] usb 8-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 58.053008][ T1987] usb 8-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 58.056362][ T1987] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 58.059244][ T1987] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 58.062055][ T1987] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 58.070126][ T1987] usb 8-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 58.072393][ T1987] usb 8-1: config 246 descriptor has 1 excess byte, ignoring [ 58.074308][ T1987] usb 8-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 58.078172][ T1987] usb 8-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 58.084181][ T1987] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 58.090341][ T1987] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 58.096188][ T1987] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 58.103297][ T1987] usb 8-1: string descriptor 0 read error: -22 [ 58.104940][ T1987] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 58.107360][ T1987] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 58.112104][ T1987] adutux 8-1:246.0: ADU100 now attached to /dev/usb/adutux0 [ 58.305540][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 58.397214][ T5672] syz.3.66 uses obsolete (PF_INET,SOCK_PACKET) [ 59.115852][ T5680] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0 [ 59.231887][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 59.231896][ T39] audit: type=1326 audit(1728498676.169:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz.0.76" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 59.245478][ T39] audit: type=1326 audit(1728498676.169:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz.0.76" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 59.251040][ T39] audit: type=1326 audit(1728498676.179:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz.0.76" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 59.257127][ T39] audit: type=1326 audit(1728498676.179:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz.0.76" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 59.263385][ T39] audit: type=1326 audit(1728498676.179:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz.0.76" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 59.269085][ T39] audit: type=1326 audit(1728498676.179:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz.0.76" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 59.284090][ T39] audit: type=1326 audit(1728498676.179:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz.0.76" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 59.290228][ T39] audit: type=1326 audit(1728498676.179:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz.0.76" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 59.296090][ T39] audit: type=1326 audit(1728498676.179:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz.0.76" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 59.301893][ T39] audit: type=1326 audit(1728498676.179:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz.0.76" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 59.308699][ T5693] x_tables: duplicate underflow at hook 1 [ 59.312777][ T5693] Zero length message leads to an empty skb [ 59.345332][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 59.818054][ T5700] netlink: 4 bytes leftover after parsing attributes in process `syz.0.81'. [ 60.155794][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 60.312113][ C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 60.391332][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 61.425362][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 61.541597][ T5711] netlink: 8 bytes leftover after parsing attributes in process `syz.0.84'. [ 61.546263][ T5711] ip6t_srh: unknown srh match flags D90B [ 61.859259][ T5720] x_tables: duplicate underflow at hook 1 [ 61.877230][ T5721] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 61.880157][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 61.955218][ T9] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 62.019911][ T5725] netlink: 104 bytes leftover after parsing attributes in process `syz.2.89'. [ 62.048339][ T5725] netlink: 'syz.2.89': attribute type 8 has an invalid length. [ 62.051083][ T5725] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.89'. [ 62.085333][ T9] usb 5-1: device descriptor read/64, error -71 [ 62.325285][ T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 62.455417][ T9] usb 5-1: device descriptor read/64, error -71 [ 62.466163][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 62.546983][ T1987] usb 8-1: USB disconnect, device number 2 [ 62.565833][ T9] usb usb5-port1: attempt power cycle [ 62.904290][ T5356] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 63.076289][ T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 63.110155][ T9] usb 5-1: device descriptor read/8, error -71 [ 63.185687][ T5330] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 63.325264][ T5402] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 63.389441][ T5751] cgroup: fork rejected by pids controller in /syz1 [ 63.395260][ T9] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 63.491689][ T9] usb 5-1: device descriptor read/8, error -71 [ 63.508680][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 63.520945][ T5402] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 63.525005][ T5402] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 63.528495][ T5402] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 63.531813][ T5402] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.543557][ T5746] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 63.553492][ T5402] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 63.605686][ T9] usb usb5-port1: unable to enumerate USB device [ 63.665479][ T5402] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 63.706147][ T6054] netlink: 104 bytes leftover after parsing attributes in process `syz.3.98'. [ 63.750553][ T6054] netlink: 'syz.3.98': attribute type 8 has an invalid length. [ 63.754463][ T6054] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.98'. [ 63.755539][ T5746] FAULT_INJECTION: forcing a failure. [ 63.755539][ T5746] name failslab, interval 1, probability 0, space 0, times 0 [ 63.763309][ T5746] CPU: 0 UID: 0 PID: 5746 Comm: syz.2.94 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 63.766484][ T5746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 63.769259][ T5746] Call Trace: [ 63.770350][ T5746] [ 63.771150][ T5746] dump_stack_lvl+0x16c/0x1f0 [ 63.772719][ T5746] should_fail_ex+0x497/0x5b0 [ 63.774045][ T5746] ? fs_reclaim_acquire+0xae/0x160 [ 63.775517][ T5746] should_failslab+0xc2/0x120 [ 63.777021][ T5746] __kmalloc_cache_noprof+0x6b/0x310 [ 63.778886][ T5746] ? snd_seq_oss_open+0x55/0xa20 [ 63.780485][ T5746] snd_seq_oss_open+0x55/0xa20 [ 63.781960][ T5746] odev_open+0x6f/0x90 [ 63.783211][ T5746] ? __pfx_odev_open+0x10/0x10 [ 63.784701][ T5746] soundcore_open+0x409/0x580 [ 63.786309][ T5746] ? __pfx_soundcore_open+0x10/0x10 [ 63.788122][ T5746] chrdev_open+0x237/0x6a0 [ 63.789401][ T5746] ? __pfx_chrdev_open+0x10/0x10 [ 63.790881][ T5746] ? security_file_open+0x62a/0x9d0 [ 63.792611][ T5746] do_dentry_open+0x6ca/0x1530 [ 63.794176][ T5746] ? __pfx_chrdev_open+0x10/0x10 [ 63.795607][ T5746] ? inode_permission+0xdd/0x5f0 [ 63.797106][ T5746] vfs_open+0x82/0x3f0 [ 63.798632][ T5746] ? may_open+0x1f2/0x400 [ 63.799978][ T5746] path_openat+0x1e6a/0x2d60 [ 63.801411][ T5746] ? __pfx_path_openat+0x10/0x10 [ 63.803250][ T5746] ? __pfx___lock_acquire+0x10/0x10 [ 63.804769][ T5746] do_filp_open+0x1dc/0x430 [ 63.806144][ T5746] ? __pfx_do_filp_open+0x10/0x10 [ 63.807650][ T5746] ? find_held_lock+0x2d/0x110 [ 63.809080][ T5746] ? _raw_spin_unlock+0x28/0x50 [ 63.810458][ T5746] ? alloc_fd+0x2d7/0x6c0 [ 63.811690][ T5746] do_sys_openat2+0x17a/0x1e0 [ 63.813283][ T5746] ? __pfx_do_sys_openat2+0x10/0x10 [ 63.814946][ T5746] ? __fget_files+0x244/0x3f0 [ 63.816360][ T5746] __ia32_compat_sys_openat+0x16e/0x210 [ 63.818198][ T5746] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 63.820340][ T5746] ? ksys_write+0x1ad/0x260 [ 63.821965][ T5746] __do_fast_syscall_32+0x73/0x120 [ 63.823792][ T5746] do_fast_syscall_32+0x32/0x80 [ 63.825528][ T5746] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 63.827396][ T5746] RIP: 0023:0xf744e579 [ 63.828782][ T5746] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 63.834962][ T5746] RSP: 002b:00000000f571556c EFLAGS: 00000296 ORIG_RAX: 0000000000000127 [ 63.837295][ T5746] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000040 [ 63.839467][ T5746] RDX: 0000000000020800 RSI: 0000000000000000 RDI: 0000000000000000 [ 63.841699][ T5746] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 63.843917][ T5746] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 63.846411][ T5746] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 63.849084][ T5746] [ 64.315635][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 64.318677][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 64.418462][ T6349] binder: BINDER_SET_CONTEXT_MGR already set [ 64.420170][ T6349] binder: 6346:6349 ioctl 4018620d 20000040 returned -16 [ 64.426519][ T6349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 64.428863][ T6349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 64.431157][ T6349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 64.490869][ T6349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 64.493166][ T6349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 64.556104][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 64.786690][ T6361] FAULT_INJECTION: forcing a failure. [ 64.786690][ T6361] name failslab, interval 1, probability 0, space 0, times 0 [ 64.791735][ T6361] CPU: 3 UID: 0 PID: 6361 Comm: syz.1.102 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 64.795314][ T6361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 64.798835][ T6361] Call Trace: [ 64.799979][ T6361] [ 64.800989][ T6361] dump_stack_lvl+0x16c/0x1f0 [ 64.802555][ T6361] should_fail_ex+0x497/0x5b0 [ 64.804173][ T6361] ? fs_reclaim_acquire+0xae/0x160 [ 64.805822][ T6361] should_failslab+0xc2/0x120 [ 64.807421][ T6361] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 64.809228][ T6361] ? alloc_empty_file_noaccount+0x23/0xd0 [ 64.811183][ T6361] alloc_empty_file_noaccount+0x23/0xd0 [ 64.812995][ T6361] alloc_file_pseudo_noaccount+0x13d/0x200 [ 64.815002][ T6361] ? __pfx_alloc_file_pseudo_noaccount+0x10/0x10 [ 64.817011][ T6361] ? iput+0xd3/0x890 [ 64.818384][ T6361] bdev_file_open_by_dev+0x13e/0x210 [ 64.820141][ T6361] setup_bdev_super+0x39b/0x730 [ 64.821941][ T6361] get_tree_bdev+0x349/0x610 [ 64.823541][ T6361] ? __pfx_xfs_fs_fill_super+0x10/0x10 [ 64.825372][ T6361] ? __pfx_get_tree_bdev+0x10/0x10 [ 64.827113][ T6361] ? bpf_lsm_capable+0x9/0x10 [ 64.828732][ T6361] vfs_get_tree+0x8f/0x380 [ 64.830269][ T6361] path_mount+0x6e1/0x1f10 [ 64.831805][ T6361] ? kmem_cache_free+0x152/0x4b0 [ 64.833250][ T6361] ? __pfx_path_mount+0x10/0x10 [ 64.834900][ T6361] ? putname+0x12e/0x170 [ 64.836239][ T6361] __ia32_sys_mount+0x292/0x310 [ 64.837922][ T6361] ? __pfx___ia32_sys_mount+0x10/0x10 [ 64.839754][ T6361] __do_fast_syscall_32+0x73/0x120 [ 64.841393][ T6361] do_fast_syscall_32+0x32/0x80 [ 64.843024][ T6361] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 64.845189][ T6361] RIP: 0023:0xf746e579 [ 64.846480][ T6361] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 64.852791][ T6361] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 64.855567][ T6361] RAX: ffffffffffffffda RBX: 00000000200002c0 RCX: 0000000020000140 [ 64.858047][ T6361] RDX: 0000000020000180 RSI: 0000000000200080 RDI: 0000000000000000 [ 64.860722][ T6361] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 64.863388][ T6361] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 64.866058][ T6361] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 64.868599][ T6361] [ 64.874149][ T5402] usb 7-1: USB disconnect, device number 2 [ 64.875631][ T6361] /dev/sr0: Can't open blockdev [ 65.028774][ T6366] sd 0:0:0:0: PR command failed: 1026 [ 65.031014][ T6366] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 65.033264][ T6366] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 65.041988][ T6366] netlink: 'syz.1.104': attribute type 1 has an invalid length. [ 65.044416][ T6366] netlink: 157116 bytes leftover after parsing attributes in process `syz.1.104'. [ 67.353961][ T6401] fuse: Unknown parameter 'user_i00000000000000000000' [ 67.546475][ T6404] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 68.347657][ T6416] netlink: 36 bytes leftover after parsing attributes in process `syz.2.117'. [ 68.683946][ T6425] warning: `syz.0.118' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 68.705481][ T5394] net_ratelimit: 5 callbacks suppressed [ 68.705497][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 68.786134][ T6431] netlink: 104 bytes leftover after parsing attributes in process `syz.1.120'. [ 68.838957][ T6431] netlink: 'syz.1.120': attribute type 8 has an invalid length. [ 68.841378][ T6431] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.120'. [ 68.954616][ T6434] loop7: detected capacity change from 0 to 16384 [ 69.035029][ T6435] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 69.041201][ T6434] I/O error, dev loop7, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 69.049122][ T6435] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 69.052453][ T6434] Buffer I/O error on dev loop7, logical block 1, async page read [ 69.061839][ T6434] Dev loop7: unable to read RDB block 8 [ 69.074195][ T6434] I/O error, dev loop7, sector 24 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 69.077838][ T6434] Buffer I/O error on dev loop7, logical block 3, async page read [ 69.080802][ T6434] loop7: unable to read partition table [ 69.082944][ T6434] loop_reread_partitions: partition scan of loop7 (K>i) /480# $qZI[u@3bj!5MM]z) failed (rc=-5) [ 69.623279][ T5330] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 69.745486][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 69.859180][ T5356] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 69.862721][ T5356] Bluetooth: hci3: SCO packet for unknown connection handle 1039 [ 70.076183][ T5402] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 70.081985][ T5402] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 70.333016][ T6443] e1000e 0000:00:02.0 eth1: NIC Link is Down [ 70.525276][ T5394] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 70.547697][ T6455] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks [ 70.695265][ T5394] usb 7-1: Using ep0 maxpacket: 8 [ 70.709068][ T5394] usb 7-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b [ 70.714356][ T5394] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 70.719149][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 70.720392][ T1374] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.724789][ T1374] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.732411][ T5394] usb 7-1: Product: syz [ 70.734160][ T5394] usb 7-1: Manufacturer: syz [ 70.738001][ T5394] usb 7-1: SerialNumber: syz [ 70.744884][ T5394] usb 7-1: config 0 descriptor?? [ 70.777649][ T5394] option 7-1:0.0: GSM modem (1-port) converter detected [ 70.801783][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 70.803489][ T6475] netlink: 36 bytes leftover after parsing attributes in process `syz.0.128'. [ 71.825404][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 72.237395][ T5402] usb 7-1: USB disconnect, device number 3 [ 72.241203][ T5402] option 7-1:0.0: device disconnected [ 72.926751][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 73.036673][ T6536] misc userio: Invalid payload size [ 73.041147][ T6536] misc userio: No port type given on /dev/userio [ 73.289253][ T5330] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 73.824387][ T6550] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 73.834168][ T6550] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 73.838657][ T6550] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 73.841804][ T6550] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 73.892822][ T6556] netlink: 32 bytes leftover after parsing attributes in process `syz.2.149'. [ 73.986152][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 74.256711][ T5330] IPVS: starting estimator thread 0... [ 74.355304][ T6566] IPVS: using max 36 ests per chain, 86400 per kthread [ 75.036005][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 75.173399][ T6572] netlink: 4 bytes leftover after parsing attributes in process `syz.2.153'. [ 75.828868][ T978] cfg80211: failed to load regulatory.db [ 76.107932][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 76.305378][ T5330] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 76.831912][ T6595] loop7: detected capacity change from 0 to 16384 [ 76.915527][ T6595] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.918417][ T6595] Buffer I/O error on dev loop7, logical block 0, async page read [ 76.920934][ T6597] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.925287][ T6595] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.928696][ T6595] Buffer I/O error on dev loop7, logical block 0, async page read [ 76.932409][ T6595] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.936786][ T6595] Buffer I/O error on dev loop7, logical block 0, async page read [ 76.944553][ T6595] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.948168][ T6595] Buffer I/O error on dev loop7, logical block 0, async page read [ 76.954523][ T6595] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.958394][ T6595] Buffer I/O error on dev loop7, logical block 0, async page read [ 76.968009][ T6595] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.971957][ T6595] Buffer I/O error on dev loop7, logical block 0, async page read [ 76.975475][ T6595] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.978819][ T6595] Buffer I/O error on dev loop7, logical block 0, async page read [ 76.981849][ T6595] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.985022][ T6595] Buffer I/O error on dev loop7, logical block 0, async page read [ 76.991186][ T6595] ldm_validate_partition_table(): Disk read failed. [ 76.995292][ T6595] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.998846][ T5356] Bluetooth: Unexpected start frame (len 18) [ 77.000826][ T5356] Bluetooth: Wrong link type (-71) [ 77.013456][ T6595] Buffer I/O error on dev loop7, logical block 0, async page read [ 77.019110][ T6595] Buffer I/O error on dev loop7, logical block 0, async page read [ 77.022128][ T6595] Dev loop7: unable to read RDB block 0 [ 77.024766][ T6595] loop7: unable to read partition table [ 77.026885][ T6595] loop_reread_partitions: partition scan of loop7 (K>i) /480# $qZI[u@3bj!5MM]z) failed (rc=-5) [ 77.166838][ T39] kauditd_printk_skb: 48 callbacks suppressed [ 77.166848][ T39] audit: type=1326 audit(1728498694.109:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6601 comm="syz.2.163" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 77.185269][ T39] audit: type=1326 audit(1728498694.109:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6601 comm="syz.2.163" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 77.195697][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 77.209403][ T39] audit: type=1326 audit(1728498694.149:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6601 comm="syz.2.163" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf744e579 code=0x0 [ 77.271439][ T39] audit: type=1326 audit(1728498694.209:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6601 comm="syz.2.163" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 77.280601][ T39] audit: type=1326 audit(1728498694.209:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6601 comm="syz.2.163" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 77.286552][ T39] audit: type=1326 audit(1728498694.209:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6601 comm="syz.2.163" exe="/syz-executor" sig=0 arch=40000003 syscall=146 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 77.293777][ T39] audit: type=1326 audit(1728498694.209:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6601 comm="syz.2.163" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 77.304082][ T39] audit: type=1326 audit(1728498694.209:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6601 comm="syz.2.163" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 77.310630][ T39] audit: type=1326 audit(1728498694.219:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6601 comm="syz.2.163" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 77.316514][ T39] audit: type=1326 audit(1728498694.219:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6601 comm="syz.2.163" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 78.235411][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 78.848358][ T6635] FAULT_INJECTION: forcing a failure. [ 78.848358][ T6635] name failslab, interval 1, probability 0, space 0, times 0 [ 78.856176][ T6635] CPU: 3 UID: 0 PID: 6635 Comm: syz.3.172 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 78.858981][ T6635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 78.862292][ T6635] Call Trace: [ 78.863487][ T6635] [ 78.864549][ T6635] dump_stack_lvl+0x16c/0x1f0 [ 78.866230][ T6635] should_fail_ex+0x497/0x5b0 [ 78.867877][ T6635] ? fs_reclaim_acquire+0xae/0x160 [ 78.869667][ T6635] should_failslab+0xc2/0x120 [ 78.871293][ T6635] __kmalloc_noprof+0xcb/0x410 [ 78.872936][ T6635] tipc_nl_compat_doit+0x1ee/0x670 [ 78.874711][ T6635] ? __pfx_tipc_nl_compat_doit+0x10/0x10 [ 78.876672][ T6635] ? security_capable+0x7e/0x260 [ 78.878085][ T6636] netlink: 'syz.2.171': attribute type 21 has an invalid length. [ 78.878398][ T6635] ? ns_capable+0xd7/0x110 [ 78.882661][ T6635] tipc_nl_compat_recv+0x746/0xc00 [ 78.884506][ T6635] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 78.886506][ T6635] ? __pfx_tipc_nl_node_reset_link_stats+0x10/0x10 [ 78.888803][ T6635] ? __pfx_tipc_nl_compat_link_reset_stats+0x10/0x10 [ 78.891143][ T6635] ? __mutex_trylock_common+0xea/0x250 [ 78.893034][ T6635] ? rcu_is_watching+0x12/0xc0 [ 78.894728][ T6635] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 78.897244][ T6635] genl_family_rcv_msg_doit+0x202/0x2f0 [ 78.899087][ T6635] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 78.900762][ T6635] ? __radix_tree_lookup+0x21f/0x2c0 [ 78.902584][ T6635] genl_rcv_msg+0x565/0x800 [ 78.904227][ T6635] ? __pfx_genl_rcv_msg+0x10/0x10 [ 78.906051][ T6635] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 78.907557][ T6635] netlink_rcv_skb+0x165/0x410 [ 78.908805][ T6635] ? __pfx_genl_rcv_msg+0x10/0x10 [ 78.910375][ T6635] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 78.912195][ T6635] ? down_read+0xc9/0x330 [ 78.913597][ T6635] ? __pfx_down_read+0x10/0x10 [ 78.914842][ T6635] ? netlink_deliver_tap+0x1ae/0xcf0 [ 78.916204][ T6635] genl_rcv+0x28/0x40 [ 78.917279][ T6635] netlink_unicast+0x53c/0x7f0 [ 78.918542][ T6635] ? __pfx_netlink_unicast+0x10/0x10 [ 78.919932][ T6635] ? __phys_addr_symbol+0x30/0x80 [ 78.921390][ T6635] ? __check_object_size+0x488/0x710 [ 78.923268][ T6635] netlink_sendmsg+0x8b8/0xd70 [ 78.924508][ T6635] ? __pfx_netlink_sendmsg+0x10/0x10 [ 78.925892][ T6635] ? lock_acquire+0x2f/0xb0 [ 78.927102][ T6635] ____sys_sendmsg+0x9ae/0xb40 [ 78.928348][ T6635] ? __pfx_____sys_sendmsg+0x10/0x10 [ 78.929738][ T6635] ? get_compat_msghdr+0x11b/0x170 [ 78.931092][ T6635] ? __pfx___lock_acquire+0x10/0x10 [ 78.932768][ T6635] ___sys_sendmsg+0x135/0x1e0 [ 78.934299][ T6635] ? __pfx____sys_sendmsg+0x10/0x10 [ 78.935729][ T6635] ? lock_acquire+0x2f/0xb0 [ 78.936961][ T6635] ? __fget_files+0x40/0x3f0 [ 78.938186][ T6635] ? fdget+0x176/0x210 [ 78.939257][ T6635] __sys_sendmsg+0x117/0x1f0 [ 78.940532][ T6635] ? __pfx___sys_sendmsg+0x10/0x10 [ 78.942231][ T6635] ? __fget_files+0x244/0x3f0 [ 78.943708][ T6635] __do_fast_syscall_32+0x73/0x120 [ 78.945553][ T6635] do_fast_syscall_32+0x32/0x80 [ 78.947150][ T6635] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 78.948794][ T6635] RIP: 0023:0xf73de579 [ 78.949876][ T6635] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 78.954912][ T6635] RSP: 002b:00000000f56a556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 78.957089][ T6635] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000100 [ 78.959143][ T6635] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 78.961285][ T6635] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 78.963365][ T6635] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 78.965418][ T6635] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 78.967510][ T6635] [ 79.224978][ T6645] netlink: 32 bytes leftover after parsing attributes in process `syz.0.174'. [ 79.276377][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 79.291217][ T6640] netlink: 20 bytes leftover after parsing attributes in process `syz.3.173'. [ 79.346826][ T5330] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 79.665384][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 79.806093][ T6659] block device autoloading is deprecated and will be removed. [ 80.046448][ T6657] md0: using deprecated bitmap file support [ 80.048826][ T6657] md0: error: failed to get bitmap file [ 80.313958][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 80.317307][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 80.515749][ T5330] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 80.567135][ T6674] netlink: 32 bytes leftover after parsing attributes in process `syz.3.183'. [ 80.768936][ T6679] fuse: Unknown parameter 'user_i00000000000000000000' [ 80.836546][ T6681] netlink: 'syz.2.185': attribute type 1 has an invalid length. [ 80.839601][ T6681] netlink: 88156 bytes leftover after parsing attributes in process `syz.2.185'. [ 81.048276][ T6688] Bluetooth: MGMT ver 1.23 [ 81.345418][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 81.957838][ T6711] netlink: 32 bytes leftover after parsing attributes in process `syz.1.192'. [ 81.965284][ T978] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 82.096035][ T978] usb 5-1: device descriptor read/64, error -71 [ 82.214371][ T6722] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 82.335301][ T978] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 82.385551][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 82.465266][ T978] usb 5-1: device descriptor read/64, error -71 [ 82.575590][ T978] usb usb5-port1: attempt power cycle [ 82.915277][ T978] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 82.937973][ T978] usb 5-1: device descriptor read/8, error -71 [ 83.030383][ T6735] capability: warning: `syz.3.198' uses deprecated v2 capabilities in a way that may be insecure [ 83.175955][ T978] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 83.196722][ T978] usb 5-1: device descriptor read/8, error -71 [ 83.247415][ T5356] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 83.312829][ T978] usb usb5-port1: unable to enumerate USB device [ 83.345864][ T978] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 83.435996][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 83.585291][ T5402] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 83.755101][ T5402] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 83.767903][ T5402] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 83.779853][ T5402] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 83.788181][ T5402] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 83.802580][ T6746] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 83.823295][ T5402] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 84.465396][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 84.557940][ T25] usb 7-1: USB disconnect, device number 4 [ 84.627449][ T6756] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 84.627718][ T6756] overlayfs: failed to set xattr on upper [ 84.627725][ T6756] overlayfs: ...falling back to redirect_dir=nofollow. [ 84.627729][ T6756] overlayfs: ...falling back to index=off. [ 85.393192][ T6773] input: syz0 as /devices/virtual/input/input8 [ 85.395772][ T6773] input: failed to attach handler leds to device input8, error: -6 [ 85.515469][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 85.643006][ T39] kauditd_printk_skb: 7 callbacks suppressed [ 85.643022][ T39] audit: type=1326 audit(1728498702.579:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6780 comm="syz.1.210" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x0 [ 85.871937][ T6800] netlink: 32 bytes leftover after parsing attributes in process `syz.0.211'. [ 86.019295][ T6806] FAULT_INJECTION: forcing a failure. [ 86.019295][ T6806] name failslab, interval 1, probability 0, space 0, times 0 [ 86.022721][ T6806] CPU: 2 UID: 0 PID: 6806 Comm: syz.1.213 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 86.025546][ T6806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.028357][ T6806] Call Trace: [ 86.029254][ T6806] [ 86.030055][ T6806] dump_stack_lvl+0x16c/0x1f0 [ 86.031438][ T6806] should_fail_ex+0x497/0x5b0 [ 86.033111][ T6806] ? fs_reclaim_acquire+0xae/0x160 [ 86.034927][ T6806] should_failslab+0xc2/0x120 [ 86.036589][ T6806] __kmalloc_node_noprof+0xd1/0x440 [ 86.038432][ T6806] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 86.040352][ T6806] __kvmalloc_node_noprof+0xad/0x1a0 [ 86.042019][ T6806] pfifo_fast_init+0x125/0x3b0 [ 86.043290][ T6806] ? __pfx_pfifo_fast_init+0x10/0x10 [ 86.044684][ T6806] qdisc_create_dflt+0x101/0x440 [ 86.046008][ T6806] mq_init+0x329/0x470 [ 86.047095][ T6806] ? __pfx_mq_init+0x10/0x10 [ 86.048320][ T6806] qdisc_create_dflt+0x101/0x440 [ 86.049635][ T6806] dev_activate+0xaa1/0x12b0 [ 86.050854][ T6806] ? __dev_open+0x38e/0x4e0 [ 86.052498][ T6806] ? __pfx_dev_activate+0x10/0x10 [ 86.054353][ T6806] ? __dev_open+0x38e/0x4e0 [ 86.055647][ T6806] ? __local_bh_enable_ip+0xa4/0x120 [ 86.057046][ T6806] __dev_open+0x396/0x4e0 [ 86.058223][ T6806] ? __pfx___dev_open+0x10/0x10 [ 86.059523][ T6806] ? __local_bh_enable_ip+0xa4/0x120 [ 86.060929][ T6806] __dev_change_flags+0x561/0x720 [ 86.062689][ T6806] ? __pfx___dev_change_flags+0x10/0x10 [ 86.064633][ T6806] ? __mutex_trylock_common+0xea/0x250 [ 86.066444][ T6806] ? __pfx___mutex_trylock_common+0x10/0x10 [ 86.068009][ T6806] dev_change_flags+0x8f/0x160 [ 86.069274][ T6806] dev_ifsioc+0x9c8/0x10b0 [ 86.070475][ T6806] ? __pfx_dev_ifsioc+0x10/0x10 [ 86.072035][ T6806] ? dev_ioctl+0x213/0x10c0 [ 86.073661][ T6806] ? __pfx___mutex_lock+0x10/0x10 [ 86.075473][ T6806] ? __pfx_lock_release+0x10/0x10 [ 86.077463][ T6806] ? netdev_name_node_lookup_rcu+0xf0/0x140 [ 86.079439][ T6806] dev_ioctl+0x224/0x10c0 [ 86.080914][ T6806] sock_do_ioctl+0x19e/0x280 [ 86.082569][ T6806] ? __pfx_sock_do_ioctl+0x10/0x10 [ 86.084339][ T6806] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 86.086237][ T6806] ? unix_ioctl+0x2c6/0x5c0 [ 86.087608][ T6806] ? __pfx_unix_ioctl+0x10/0x10 [ 86.089214][ T6806] compat_sock_ioctl+0x318/0x7e0 [ 86.090545][ T6806] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 86.092389][ T6806] ? __fget_files+0x244/0x3f0 [ 86.094161][ T6806] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 86.095990][ T6806] __do_compat_sys_ioctl+0x259/0x2b0 [ 86.097977][ T6806] __do_fast_syscall_32+0x73/0x120 [ 86.099687][ T6806] do_fast_syscall_32+0x32/0x80 [ 86.101429][ T6806] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 86.103650][ T6806] RIP: 0023:0xf746e579 [ 86.105003][ T6806] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 86.111544][ T6806] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 86.114565][ T6806] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000008914 [ 86.117020][ T6806] RDX: 0000000020000a40 RSI: 0000000000000000 RDI: 0000000000000000 [ 86.119794][ T6806] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 86.122555][ T6806] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 86.125143][ T6806] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 86.127567][ T6806] [ 86.140704][ T6806] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 86.147670][ T6806] syzkaller0: entered promiscuous mode [ 86.152190][ T6806] syzkaller0: entered allmulticast mode [ 86.158031][ T6811] netlink: 8 bytes leftover after parsing attributes in process `syz.0.214'. [ 86.161212][ T6811] netlink: 12 bytes leftover after parsing attributes in process `syz.0.214'. [ 86.386942][ T978] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 86.555401][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 86.738491][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 87.186251][ T6826] FAULT_INJECTION: forcing a failure. [ 87.186251][ T6826] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 87.191073][ T6826] CPU: 1 UID: 0 PID: 6826 Comm: syz.2.218 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 87.194876][ T6826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.198707][ T6826] Call Trace: [ 87.199917][ T6826] [ 87.200987][ T6826] dump_stack_lvl+0x16c/0x1f0 [ 87.202717][ T6826] should_fail_ex+0x497/0x5b0 [ 87.204404][ T6826] _copy_from_user+0x30/0xf0 [ 87.206091][ T6826] userfaultfd_ioctl+0xe08/0x3830 [ 87.207892][ T6826] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 87.209462][ T6826] ? __pfx_userfaultfd_ioctl+0x10/0x10 [ 87.210950][ T6826] ? __fget_files+0x244/0x3f0 [ 87.212174][ T6826] ? __pfx_userfaultfd_ioctl+0x10/0x10 [ 87.213613][ T6826] ? compat_ptr_ioctl+0x6b/0xa0 [ 87.214940][ T6826] compat_ptr_ioctl+0x6b/0xa0 [ 87.216168][ T6826] ? __pfx_compat_ptr_ioctl+0x10/0x10 [ 87.217579][ T6826] __do_compat_sys_ioctl+0x259/0x2b0 [ 87.219005][ T6826] __do_fast_syscall_32+0x73/0x120 [ 87.220384][ T6826] do_fast_syscall_32+0x32/0x80 [ 87.221731][ T6826] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 87.223326][ T6826] RIP: 0023:0xf744e579 [ 87.224341][ T6826] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 87.229715][ T6826] RSP: 002b:00000000f571556c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 87.232696][ T6826] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c020aa07 [ 87.235556][ T6826] RDX: 0000000020000180 RSI: 0000000000000000 RDI: 0000000000000000 [ 87.238415][ T6826] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 87.241231][ T6826] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 87.244049][ T6826] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 87.246780][ T6826] [ 87.357513][ T6817] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 87.432819][ T6834] netlink: 32 bytes leftover after parsing attributes in process `syz.2.222'. [ 87.503028][ T6835] misc userio: Invalid payload size [ 87.509983][ T6835] misc userio: No port type given on /dev/userio [ 87.585420][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 87.591055][ T6840] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 87.610007][ T6840] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 87.630980][ T6840] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 87.637561][ T6840] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 87.670379][ T6835] FAULT_INJECTION: forcing a failure. [ 87.670379][ T6835] name failslab, interval 1, probability 0, space 0, times 0 [ 87.683645][ T6835] CPU: 0 UID: 0 PID: 6835 Comm: syz.0.220 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 87.687730][ T6835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.691809][ T6835] Call Trace: [ 87.693083][ T6835] [ 87.694192][ T6835] dump_stack_lvl+0x16c/0x1f0 [ 87.695966][ T6835] should_fail_ex+0x497/0x5b0 [ 87.697794][ T6835] ? fs_reclaim_acquire+0xae/0x160 [ 87.699736][ T6835] should_failslab+0xc2/0x120 [ 87.701528][ T6835] __kmalloc_noprof+0xcb/0x410 [ 87.703304][ T6835] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 87.705384][ T6835] tomoyo_realpath_from_path+0xbf/0x710 [ 87.707484][ T6835] ? tomoyo_path_number_perm+0x232/0x5b0 [ 87.709607][ T6835] tomoyo_path_number_perm+0x245/0x5b0 [ 87.711658][ T6835] ? tomoyo_path_number_perm+0x232/0x5b0 [ 87.713866][ T6835] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 87.716143][ T6835] ? trace_lock_acquire+0x14a/0x1d0 [ 87.718081][ T6835] ? lock_acquire+0x2f/0xb0 [ 87.719772][ T6835] ? __fget_files+0x40/0x3f0 [ 87.721508][ T6835] ? __fget_files+0x244/0x3f0 [ 87.723348][ T6835] security_file_ioctl_compat+0x9b/0x240 [ 87.725474][ T6835] __do_compat_sys_ioctl+0x52/0x2b0 [ 87.727492][ T6835] do_int80_emulation+0x104/0x200 [ 87.729590][ T6835] asm_int80_emulation+0x1a/0x20 [ 87.731770][ T6835] RIP: 0023:0xf73ce579 [ 87.733440][ T6835] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 87.740511][ T6835] RSP: 002b:00000000f569556c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 87.743582][ T6835] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000c0506107 [ 87.746553][ T6835] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000 [ 87.749613][ T6835] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 87.752504][ T6835] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 87.755411][ T6835] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 87.758589][ T6835] [ 87.761703][ T6835] ERROR: Out of memory at tomoyo_realpath_from_path. [ 87.857692][ T6846] netlink: 52 bytes leftover after parsing attributes in process `syz.2.225'. [ 87.919198][ T6848] misc userio: Invalid payload size [ 87.922019][ T6848] misc userio: No port type given on /dev/userio [ 88.184785][ T6852] netlink: 104 bytes leftover after parsing attributes in process `syz.2.227'. [ 88.212470][ T6852] netlink: 'syz.2.227': attribute type 8 has an invalid length. [ 88.215377][ T6852] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.227'. [ 88.489371][ T6864] netlink: 32 bytes leftover after parsing attributes in process `syz.3.232'. [ 88.714600][ T39] audit: type=1326 audit(1728498705.649:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6870 comm="syz.3.233" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x0 [ 89.454908][ T6881] batadv_slave_1: entered promiscuous mode [ 89.586554][ T6891] fuse: Invalid rootmode [ 89.599517][ T39] audit: type=1804 audit(1728498706.539:92): pid=6888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.237" name="/newroot/58/file0/bus" dev="9p" ino=36050091 res=1 errno=0 [ 89.665602][ T56] net_ratelimit: 34 callbacks suppressed [ 89.665618][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 89.712245][ T6893] netlink: 24 bytes leftover after parsing attributes in process `syz.2.238'. [ 89.906712][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 90.175955][ T6880] batadv_slave_1: left promiscuous mode [ 90.366118][ T6882] [U]  [ 90.705427][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 91.089851][ T6926] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 91.093985][ T1098] Bluetooth: hci4: Frame reassembly failed (-84) [ 91.096340][ T1098] Bluetooth: hci4: Frame reassembly failed (-84) [ 91.112919][ T6927] netlink: 104 bytes leftover after parsing attributes in process `syz.0.248'. [ 91.136497][ T6927] netlink: 'syz.0.248': attribute type 8 has an invalid length. [ 91.139263][ T6927] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.248'. [ 91.435720][ T6931] netlink: 104 bytes leftover after parsing attributes in process `syz.1.249'. [ 91.477595][ T6931] netlink: 'syz.1.249': attribute type 8 has an invalid length. [ 91.480489][ T6931] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.249'. [ 92.697044][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 92.791285][ T978] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 92.945411][ T5347] Bluetooth: hci3: command 0x0405 tx timeout [ 93.105553][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 93.297397][ T6948] FAULT_INJECTION: forcing a failure. [ 93.297397][ T6948] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 93.300922][ T6948] CPU: 0 UID: 0 PID: 6948 Comm: syz.2.255 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 93.303661][ T6948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 93.306487][ T6948] Call Trace: [ 93.307399][ T6948] [ 93.308220][ T6948] dump_stack_lvl+0x16c/0x1f0 [ 93.309510][ T6948] should_fail_ex+0x497/0x5b0 [ 93.310716][ T6948] _copy_from_user+0x30/0xf0 [ 93.311931][ T6948] kstrtouint_from_user+0xd7/0x1c0 [ 93.313305][ T6948] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 93.314806][ T6948] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 93.316265][ T6948] proc_fail_nth_write+0x84/0x250 [ 93.317568][ T6948] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 93.319040][ T6948] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 93.320520][ T6948] vfs_write+0x28e/0x1140 [ 93.321682][ T6948] ? __fget_files+0x23a/0x3f0 [ 93.322919][ T6948] ? fdget_pos+0x24c/0x360 [ 93.324173][ T6948] ? __pfx_lock_release+0x10/0x10 [ 93.325503][ T6948] ? trace_lock_acquire+0x14a/0x1d0 [ 93.326762][ T6948] ? __pfx_vfs_write+0x10/0x10 [ 93.327967][ T6948] ? __pfx___mutex_lock+0x10/0x10 [ 93.329308][ T6948] ? __fget_files+0x244/0x3f0 [ 93.330554][ T6948] ksys_write+0x12f/0x260 [ 93.331705][ T6948] ? __pfx_ksys_write+0x10/0x10 [ 93.333117][ T6948] __do_fast_syscall_32+0x73/0x120 [ 93.334540][ T6948] do_fast_syscall_32+0x32/0x80 [ 93.335821][ T6948] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 93.337498][ T6948] RIP: 0023:0xf744e579 [ 93.338574][ T6948] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 93.343520][ T6948] RSP: 002b:00000000f57365a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 93.345702][ T6948] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5736620 [ 93.347745][ T6948] RDX: 0000000000000001 RSI: 00000000f743bff4 RDI: 0000000000000000 [ 93.349802][ T6948] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 93.351863][ T6948] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 93.354011][ T6948] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 93.356082][ T6948] [ 93.402046][ T6953] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 93.624906][ T39] audit: type=1804 audit(1728498710.559:93): pid=6958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.259" name="/newroot/63/file0/bus" dev="9p" ino=36050091 res=1 errno=0 [ 93.755495][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 93.854927][ T6963] FAULT_INJECTION: forcing a failure. [ 93.854927][ T6963] name failslab, interval 1, probability 0, space 0, times 0 [ 93.858494][ T6963] CPU: 0 UID: 0 PID: 6963 Comm: syz.1.261 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 93.861215][ T6963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 93.863978][ T6963] Call Trace: [ 93.864865][ T6963] [ 93.865678][ T6963] dump_stack_lvl+0x16c/0x1f0 [ 93.866913][ T6963] should_fail_ex+0x497/0x5b0 [ 93.868144][ T6963] ? fs_reclaim_acquire+0xae/0x160 [ 93.869505][ T6963] should_failslab+0xc2/0x120 [ 93.870736][ T6963] __kmalloc_noprof+0xcb/0x410 [ 93.871988][ T6963] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 93.873495][ T6963] tomoyo_realpath_from_path+0xbf/0x710 [ 93.874947][ T6963] ? tomoyo_path_perm+0x25f/0x480 [ 93.876266][ T6963] tomoyo_path_perm+0x273/0x480 [ 93.877582][ T6963] ? tomoyo_path_perm+0x25f/0x480 [ 93.878893][ T6963] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 93.880289][ T6963] ? filename_lookup+0x3ea/0x5b0 [ 93.881610][ T6963] security_inode_getattr+0x116/0x290 [ 93.883008][ T6963] vfs_getattr+0x36/0xb0 [ 93.884121][ T6963] vfs_statx_path+0x36/0x390 [ 93.885354][ T6963] vfs_statx+0x145/0x1e0 [ 93.886470][ T6963] ? __pfx_vfs_statx+0x10/0x10 [ 93.887722][ T6963] ? getname_flags.part.0+0x1c5/0x550 [ 93.889121][ T6963] vfs_fstatat+0x9f/0x160 [ 93.890272][ T6963] __do_compat_sys_ia32_fstatat64+0xa2/0x130 [ 93.891833][ T6963] ? __pfx___do_compat_sys_ia32_fstatat64+0x10/0x10 [ 93.893585][ T6963] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 93.895078][ T6963] ? ksys_write+0x1ad/0x260 [ 93.896267][ T6963] ? __pfx_ksys_write+0x10/0x10 [ 93.897562][ T6963] __do_fast_syscall_32+0x73/0x120 [ 93.898895][ T6963] do_fast_syscall_32+0x32/0x80 [ 93.900165][ T6963] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 93.901828][ T6963] RIP: 0023:0xf746e579 [ 93.902905][ T6963] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 93.907880][ T6963] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 000000000000012c [ 93.910064][ T6963] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000200000c0 [ 93.912125][ T6963] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 93.914206][ T6963] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 93.916264][ T6963] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 93.918322][ T6963] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 93.920375][ T6963] [ 93.922363][ T6963] ERROR: Out of memory at tomoyo_realpath_from_path. [ 93.935477][ T6963] cgroup: No subsys list or none specified [ 93.950750][ T6968] cgroup: No subsys list or none specified [ 94.185244][ T5402] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 94.275988][ T6980] netlink: 12 bytes leftover after parsing attributes in process `syz.0.266'. [ 94.366680][ T5402] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 94.370240][ T5402] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 94.372565][ T5402] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.384165][ T5402] usb 6-1: config 0 descriptor?? [ 94.392355][ T5402] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 94.795515][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 95.223112][ T6985] FAULT_INJECTION: forcing a failure. [ 95.223112][ T6985] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 95.232181][ T6985] CPU: 3 UID: 0 PID: 6985 Comm: syz.2.268 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 95.236285][ T6985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.240183][ T6985] Call Trace: [ 95.241458][ T6985] [ 95.242573][ T6985] dump_stack_lvl+0x16c/0x1f0 [ 95.244340][ T6985] should_fail_ex+0x497/0x5b0 [ 95.246139][ T6985] _copy_from_user+0x30/0xf0 [ 95.247890][ T6985] binder_thread_write+0x18b7/0x4c60 [ 95.249893][ T6985] ? kasan_save_free_info+0x3b/0x60 [ 95.251810][ T6985] ? __kasan_slab_free+0x51/0x70 [ 95.253689][ T6985] ? __pfx_binder_thread_write+0x10/0x10 [ 95.255780][ T6985] ? find_held_lock+0x2d/0x110 [ 95.257591][ T6985] ? lock_acquire+0x2f/0xb0 [ 95.259304][ T6985] ? __might_fault+0xe3/0x190 [ 95.261059][ T6985] ? __might_fault+0xe3/0x190 [ 95.262850][ T6985] binder_ioctl+0x268b/0x7050 [ 95.264639][ T6985] ? tomoyo_path_number_perm+0x467/0x5b0 [ 95.266721][ T6985] ? tomoyo_path_number_perm+0x190/0x5b0 [ 95.268827][ T6985] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 95.271085][ T6985] ? __pfx_binder_ioctl+0x10/0x10 [ 95.273000][ T6985] ? do_vfs_ioctl+0x513/0x1950 [ 95.274814][ T6985] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 95.276713][ T6985] ? __fget_files+0x244/0x3f0 [ 95.278496][ T6985] ? __pfx_binder_ioctl+0x10/0x10 [ 95.280348][ T6985] compat_ptr_ioctl+0x6b/0xa0 [ 95.282150][ T6985] ? __pfx_compat_ptr_ioctl+0x10/0x10 [ 95.284152][ T6985] __do_compat_sys_ioctl+0x259/0x2b0 [ 95.286139][ T6985] __do_fast_syscall_32+0x73/0x120 [ 95.288045][ T6985] do_fast_syscall_32+0x32/0x80 [ 95.289893][ T6985] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 95.292256][ T6985] RIP: 0023:0xf744e579 [ 95.293837][ T6985] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 95.300906][ T6985] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 95.303975][ T6985] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0306201 [ 95.306888][ T6985] RDX: 0000000020000880 RSI: 0000000000000000 RDI: 0000000000000000 [ 95.309827][ T6985] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 95.312752][ T6985] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 95.315708][ T6985] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 95.318694][ T6985] [ 95.325811][ T6985] binder: 6984:6985 ioctl c0306201 20000880 returned -14 [ 95.396720][ T6993] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 95.442142][ T6997] FAULT_INJECTION: forcing a failure. [ 95.442142][ T6997] name failslab, interval 1, probability 0, space 0, times 0 [ 95.445566][ T6997] CPU: 0 UID: 0 PID: 6997 Comm: syz.0.274 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 95.448360][ T6997] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.451137][ T6997] Call Trace: [ 95.452177][ T6997] [ 95.453129][ T6997] dump_stack_lvl+0x16c/0x1f0 [ 95.454356][ T6997] should_fail_ex+0x497/0x5b0 [ 95.455589][ T6997] ? fs_reclaim_acquire+0xae/0x160 [ 95.456946][ T6997] should_failslab+0xc2/0x120 [ 95.458283][ T6997] kmem_cache_alloc_node_noprof+0x71/0x310 [ 95.459808][ T6997] ? __alloc_skb+0x2b3/0x380 [ 95.461037][ T6997] __alloc_skb+0x2b3/0x380 [ 95.462258][ T6997] ? __pfx___alloc_skb+0x10/0x10 [ 95.463556][ T6997] ? aa_sk_perm+0x2f5/0xb20 [ 95.464853][ T6997] ? __might_fault+0x13b/0x190 [ 95.466106][ T6997] ? __pfx_aa_sk_perm+0x10/0x10 [ 95.467375][ T6997] pfkey_sendmsg+0x16e/0x840 [ 95.468581][ T6997] ____sys_sendmsg+0x9ae/0xb40 [ 95.469920][ T6997] ? __pfx_____sys_sendmsg+0x10/0x10 [ 95.471286][ T6997] ? get_compat_msghdr+0x11b/0x170 [ 95.472735][ T6997] ? __pfx___lock_acquire+0x10/0x10 [ 95.474161][ T6997] ___sys_sendmsg+0x135/0x1e0 [ 95.475389][ T6997] ? __pfx____sys_sendmsg+0x10/0x10 [ 95.476743][ T6997] ? lock_acquire+0x2f/0xb0 [ 95.477935][ T6997] ? __fget_files+0x40/0x3f0 [ 95.479141][ T6997] ? fdget+0x176/0x210 [ 95.480211][ T6997] __sys_sendmsg+0x117/0x1f0 [ 95.481590][ T6997] ? __pfx___sys_sendmsg+0x10/0x10 [ 95.482945][ T6997] ? __fget_files+0x244/0x3f0 [ 95.484172][ T6997] __do_fast_syscall_32+0x73/0x120 [ 95.485516][ T6997] do_fast_syscall_32+0x32/0x80 [ 95.486980][ T6997] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 95.488628][ T6997] RIP: 0023:0xf73ce579 [ 95.489705][ T6997] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 95.496496][ T6997] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 95.499511][ T6997] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0 [ 95.502298][ T6997] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 95.505051][ T6997] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 95.507736][ T6997] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 95.510484][ T6997] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 95.513270][ T6997] [ 95.703075][ T7004] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 95.705747][ T7004] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 95.710999][ T7004] vhci_hcd vhci_hcd.0: Device attached [ 95.715268][ T7005] vhci_hcd: connection closed [ 95.717138][ T1103] vhci_hcd: stop threads [ 95.719993][ T1103] vhci_hcd: release socket [ 95.721203][ T1103] vhci_hcd: disconnect device [ 95.825589][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 95.828398][ T978] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 96.853193][ T5353] usb 6-1: USB disconnect, device number 3 [ 96.870491][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 97.133372][ T7028] netlink: 32 bytes leftover after parsing attributes in process `syz.3.285'. [ 97.173766][ T7028] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 97.775275][ T5356] Bluetooth: unknown link type 193 [ 97.776863][ T5356] Bluetooth: hci2: connection err: -111 [ 97.915554][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 98.030227][ T7041] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 98.033302][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 98.138806][ T7043] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 98.141161][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 98.143904][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 98.719076][ T7050] netlink: 12 bytes leftover after parsing attributes in process `syz.3.291'. [ 98.734130][ T7050] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 98.737892][ T7050] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 98.741217][ T7050] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 98.744435][ T7050] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 98.752411][ T7050] vxlan0: entered promiscuous mode [ 99.260469][ T7059] fuse: Unknown parameter 'user_i00000000000000000000' [ 99.591442][ T7066] input: syz0 as /devices/virtual/input/input10 [ 99.601760][ T7066] input: syz0 as /devices/virtual/input/input11 [ 99.996264][ T5353] net_ratelimit: 10 callbacks suppressed [ 99.996307][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 100.159022][ T5330] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 100.799763][ T5402] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 101.025630][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 101.233540][ T7104] netlink: 104 bytes leftover after parsing attributes in process `syz.2.308'. [ 101.322754][ T7104] netlink: 'syz.2.308': attribute type 8 has an invalid length. [ 101.325863][ T7104] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.308'. [ 101.426413][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 101.435365][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 102.076619][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 102.769399][ T7117] mmap: syz.0.310 (7117) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 102.912266][ T7120] fuse: Unknown parameter 'user_i00000000000000000000' [ 102.992910][ T7122] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 102.996234][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 103.105660][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 103.274226][ T7122] usb 1-1: USB disconnect, device number 2 [ 104.447475][ T7136] Process accounting resumed [ 104.466560][ T7144] netlink: 'syz.1.318': attribute type 10 has an invalid length. [ 104.471621][ T7144] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.475669][ T7144] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.486385][ T7144] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.489075][ T7144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 104.492469][ T7144] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.495110][ T7144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.509134][ T7144] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 104.517365][ T7143] netlink: 4 bytes leftover after parsing attributes in process `syz.1.318'. [ 104.520556][ T7143] bridge_slave_1: left allmulticast mode [ 104.522625][ T7143] bridge_slave_1: left promiscuous mode [ 104.524796][ T7143] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.535564][ T7143] bridge_slave_0: left allmulticast mode [ 104.537709][ T7143] bridge_slave_0: left promiscuous mode [ 104.539796][ T7143] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.560730][ T7143] bond0: (slave bridge0): Releasing backup interface [ 104.695475][ T5402] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 104.861024][ T5402] usb 6-1: not running at top speed; connect to a high speed hub [ 104.866014][ T5402] usb 6-1: config 1 interface 0 altsetting 9 endpoint 0x2 has invalid maxpacket 1023, setting to 64 [ 104.870209][ T5402] usb 6-1: config 1 interface 0 has no altsetting 0 [ 104.879518][ T5402] usb 6-1: New USB device found, idVendor=05ac, idProduct=0264, bcdDevice= 0.40 [ 104.883202][ T5402] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.886183][ T5402] usb 6-1: Product: 桶덧尙㉃ꂜ倴᧴ⴚ潻훿姊錬㥪됱鷎褬蘀ࠒ閟ꔸ⣋Ꮐ즦咻钕₪娰狂ꢡ暶랕엑䳒譜⪋ᘁ淥轅㾅뱤쳷蓂迭薀庉친瞔ᕞ쵹㶿츫脨ఢ鰆镥䗜ꖍ⩼郎䲔녂䦠堊䊚ᴣ̢䧯絹儣젇 [ 104.894313][ T5402] usb 6-1: Manufacturer: 뺔=﷮⇬榺φﲄ統ਏ⽩♌枰掗춣샰ퟋ젗䒮✢뒩ሳ䠶럁鿺覔살̍燜䶒뺆窣䲛㘿﬏춇鬽ว墳慮ꙭ잶藥着鳲뱐抑ꠛ⯨ꆍ赥许Ṵ誏辳㠻ᛥ랯᤼ᴷ☺梣듥롥㨪궜ꈋ鏡Ὓ㝯鄥쯊䤖욐孥竃櫯勚㓦ﺫ䀎ᒿ砆꣆ᩄ忱綼渃⎩⣩崑៺⇒Nj说鲅풂䁬꘯㘤⎖פֿ [ 104.905309][ T5402] usb 6-1: SerialNumber: 嚻鄭◵Ⰱ恳섈䀙㹹麕뀃웷舟ꎾ඀뇁ꌙ姷궸ላ髓얳ꮡ盭䭵蔻胍飦邭Һ漫ᕶ먫痥ࣵ뗊肠ᚹ咦ꢦ岮苍彵醼뇗㆒ﹻ䂋쁛䭑෡繁珆ⶆᜫ [ 104.917311][ T7142] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 105.132723][ T5402] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/input/input12 [ 105.140637][ T4822] bcm5974 6-1:1.0: could not read from device [ 105.144329][ T4822] bcm5974 6-1:1.0: could not read from device [ 105.146024][ T5402] usb 6-1: USB disconnect, device number 4 [ 105.153610][ T4822] bcm5974 6-1:1.0: could not read from device [ 105.176534][ T5608] udevd[5608]: Error opening device "/dev/input/event3": No such file or directory [ 105.185784][ T5353] net_ratelimit: 4 callbacks suppressed [ 105.185793][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 105.189572][ T5608] udevd[5608]: Unable to EVIOCGABS device "/dev/input/event3" [ 105.191548][ T5608] udevd[5608]: Unable to EVIOCGABS device "/dev/input/event3" [ 105.193599][ T5608] udevd[5608]: Unable to EVIOCGABS device "/dev/input/event3" [ 105.196174][ T5608] udevd[5608]: Unable to EVIOCGABS device "/dev/input/event3" [ 105.212488][ T7147] [U]  [ 106.235398][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 107.049946][ T7194] FAULT_INJECTION: forcing a failure. [ 107.049946][ T7194] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 107.053551][ T7194] CPU: 2 UID: 0 PID: 7194 Comm: syz.3.332 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 107.056320][ T7194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 107.059083][ T7194] Call Trace: [ 107.059936][ T7194] [ 107.060716][ T7194] dump_stack_lvl+0x16c/0x1f0 [ 107.061970][ T7194] should_fail_ex+0x497/0x5b0 [ 107.063205][ T7194] _copy_from_user+0x30/0xf0 [ 107.064428][ T7194] input_event_from_user+0x22d/0x3b0 [ 107.065843][ T7194] ? __pfx_input_event_from_user+0x10/0x10 [ 107.067364][ T7194] ? input_inject_event+0x193/0x370 [ 107.068719][ T7194] evdev_write+0x377/0x750 [ 107.069889][ T7194] ? __pfx_evdev_write+0x10/0x10 [ 107.071162][ T7194] ? bpf_lsm_file_permission+0x9/0x10 [ 107.072592][ T7194] ? security_file_permission+0x71/0x210 [ 107.074100][ T7194] ? __pfx_evdev_write+0x10/0x10 [ 107.075382][ T7194] vfs_write+0x28e/0x1140 [ 107.076511][ T7194] ? __fget_files+0x23a/0x3f0 [ 107.077746][ T7194] ? __pfx_lock_release+0x10/0x10 [ 107.079059][ T7194] ? trace_lock_acquire+0x14a/0x1d0 [ 107.080416][ T7194] ? __pfx_vfs_write+0x10/0x10 [ 107.081673][ T7194] ? lock_acquire+0x2f/0xb0 [ 107.082838][ T7194] ? __fget_files+0x40/0x3f0 [ 107.084076][ T7194] ? __fget_files+0x244/0x3f0 [ 107.085351][ T7194] ksys_write+0x1fa/0x260 [ 107.086497][ T7194] ? __pfx_ksys_write+0x10/0x10 [ 107.087793][ T7194] __do_fast_syscall_32+0x73/0x120 [ 107.089168][ T7194] do_fast_syscall_32+0x32/0x80 [ 107.090377][ T7194] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 107.092047][ T7194] RIP: 0023:0xf73de579 [ 107.093158][ T7194] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 107.098269][ T7194] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 107.100513][ T7194] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040 [ 107.102599][ T7194] RDX: 00000000000012d8 RSI: 0000000000000000 RDI: 0000000000000000 [ 107.104689][ T7194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 107.106778][ T7194] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 107.108869][ T7194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 107.110963][ T7194] [ 107.265555][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 107.516928][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 108.305628][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 108.346240][ T7216] netlink: 16 bytes leftover after parsing attributes in process `syz.1.339'. [ 108.348573][ T7216] netlink: 20 bytes leftover after parsing attributes in process `syz.1.339'. [ 108.419235][ T7217] netlink: 16 bytes leftover after parsing attributes in process `syz.1.339'. [ 108.422558][ T7217] netlink: 20 bytes leftover after parsing attributes in process `syz.1.339'. [ 108.819435][ T39] audit: type=1326 audit(1728498725.759:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7225 comm="syz.2.341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 108.835064][ T39] audit: type=1326 audit(1728498725.759:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7225 comm="syz.2.341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 108.844150][ T39] audit: type=1326 audit(1728498725.769:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7225 comm="syz.2.341" exe="/syz-executor" sig=0 arch=40000003 syscall=277 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 108.851735][ T39] audit: type=1326 audit(1728498725.769:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7225 comm="syz.2.341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 108.859306][ T39] audit: type=1326 audit(1728498725.769:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7225 comm="syz.2.341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 108.865474][ T39] audit: type=1326 audit(1728498725.779:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7225 comm="syz.2.341" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 108.871625][ T39] audit: type=1326 audit(1728498725.779:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7225 comm="syz.2.341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 108.882816][ T39] audit: type=1326 audit(1728498725.779:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7225 comm="syz.2.341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 108.891008][ T39] audit: type=1326 audit(1728498725.789:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7225 comm="syz.2.341" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 108.900995][ T39] audit: type=1326 audit(1728498725.789:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7225 comm="syz.2.341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 108.994802][ T5356] Bluetooth: hci2: ACL packet for unknown connection handle 172 [ 109.221724][ T7238] netlink: 'syz.1.345': attribute type 322 has an invalid length. [ 109.345899][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 110.395394][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 110.397666][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 110.558180][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 110.964026][ T7265] netlink: 64 bytes leftover after parsing attributes in process `syz.1.354'. [ 111.029571][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 111.295260][ T56] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 111.425543][ T5353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 111.446852][ T56] usb 7-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 111.449243][ T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 111.456800][ T56] usb 7-1: config 0 descriptor?? [ 111.468215][ T56] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input13 [ 111.662823][ T8] usb 7-1: USB disconnect, device number 5 [ 111.675383][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 112.465500][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 112.772571][ T7300] netlink: 4 bytes leftover after parsing attributes in process `syz.1.363'. [ 112.781866][ T7300] netlink: 12 bytes leftover after parsing attributes in process `syz.1.363'. [ 113.508542][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 114.288200][ T7326] xt_CT: You must specify a L4 protocol and not use inversions on it [ 114.330859][ T7328] netlink: 8 bytes leftover after parsing attributes in process `syz.3.371'. [ 114.546491][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 114.706389][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 115.586953][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 116.625564][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 117.184527][ T7376] netfs: Couldn't get user pages (rc=-14) [ 117.511334][ T7380] FAULT_INJECTION: forcing a failure. [ 117.511334][ T7380] name failslab, interval 1, probability 0, space 0, times 0 [ 117.518651][ T5345] Bluetooth: hci3: command 0x0405 tx timeout [ 117.523247][ T7380] CPU: 3 UID: 0 PID: 7380 Comm: syz.2.389 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 117.526051][ T7380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 117.528814][ T7380] Call Trace: [ 117.529674][ T7380] [ 117.530450][ T7380] dump_stack_lvl+0x16c/0x1f0 [ 117.531662][ T7380] should_fail_ex+0x497/0x5b0 [ 117.532892][ T7380] ? fs_reclaim_acquire+0xae/0x160 [ 117.534242][ T7380] should_failslab+0xc2/0x120 [ 117.535582][ T7380] __kmalloc_cache_node_noprof+0x6e/0x360 [ 117.537100][ T7380] ? __get_vm_area_node+0xe1/0x2d0 [ 117.538424][ T7380] ? is_bpf_text_address+0x30/0x1a0 [ 117.539794][ T7380] __get_vm_area_node+0xe1/0x2d0 [ 117.541109][ T7380] __vmalloc_node_range_noprof+0x26a/0x15a0 [ 117.542677][ T7380] ? bpf_prog_calc_tag+0x100/0x780 [ 117.544024][ T7380] ? bpf_prog_calc_tag+0x100/0x780 [ 117.545411][ T7380] ? __pfx_stack_trace_save+0x10/0x10 [ 117.546815][ T7380] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 117.548465][ T7380] ? kasan_save_stack+0x42/0x60 [ 117.549752][ T7380] ? kasan_save_stack+0x33/0x60 [ 117.551040][ T7380] ? kasan_save_track+0x14/0x30 [ 117.552323][ T7380] ? __kasan_kmalloc+0xaa/0xb0 [ 117.553619][ T7380] ? bpf_prog_calc_tag+0x100/0x780 [ 117.555004][ T7380] vmalloc_noprof+0x6b/0x90 [ 117.556205][ T7380] ? bpf_prog_calc_tag+0x100/0x780 [ 117.557558][ T7380] bpf_prog_calc_tag+0x100/0x780 [ 117.558863][ T7380] ? __pfx_bpf_prog_calc_tag+0x10/0x10 [ 117.560301][ T7380] ? __pfx_add_subprog+0x10/0x10 [ 117.561617][ T7380] ? add_subprog_and_kfunc+0x5e5/0x1b80 [ 117.563194][ T7380] resolve_pseudo_ldimm64+0xcd/0x2950 [ 117.564702][ T7380] ? __pfx_add_subprog_and_kfunc+0x10/0x10 [ 117.566241][ T7380] ? __pfx_resolve_pseudo_ldimm64+0x10/0x10 [ 117.567778][ T7380] ? trace_kmalloc+0x2d/0xe0 [ 117.568992][ T7380] ? __kmalloc_node_noprof+0x22f/0x440 [ 117.570434][ T7380] ? __pfx_bpf_lsm_binder_transaction+0x1/0x10 [ 117.572042][ T7380] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 117.573444][ T7380] ? check_subprogs+0x57c/0x7d0 [ 117.574675][ T7380] bpf_check+0x72cb/0xc7c0 [ 117.575873][ T7380] ? __pfx_bpf_check+0x10/0x10 [ 117.577128][ T7380] ? find_held_lock+0x2d/0x110 [ 117.578383][ T7380] ? ktime_get_with_offset+0x13a/0x240 [ 117.579802][ T7380] ? trace_lock_acquire+0x14a/0x1d0 [ 117.581164][ T7380] ? ktime_get_with_offset+0x13a/0x240 [ 117.582569][ T7380] ? timekeeping_debug_get_ns+0x3e0/0x5b0 [ 117.584022][ T7380] ? lockdep_hardirqs_on+0x7c/0x110 [ 117.585304][ T7380] ? bpf_obj_name_cpy+0x156/0x1b0 [ 117.586609][ T7380] bpf_prog_load+0xe3f/0x2670 [ 117.587836][ T7380] ? __pfx_bpf_prog_load+0x10/0x10 [ 117.589172][ T7380] ? find_held_lock+0x2d/0x110 [ 117.590428][ T7380] __sys_bpf+0x4c8c/0x5780 [ 117.591573][ T7380] ? ksys_write+0x21e/0x260 [ 117.592772][ T7380] ? __pfx___sys_bpf+0x10/0x10 [ 117.594034][ T7380] ? vfs_write+0x14d/0x1140 [ 117.595256][ T7380] ? __mutex_unlock_slowpath+0x164/0x650 [ 117.596726][ T7380] ? fput+0x30/0x390 [ 117.597771][ T7380] ? ksys_write+0x1ad/0x260 [ 117.598969][ T7380] ? __pfx_ksys_write+0x10/0x10 [ 117.600239][ T7380] __ia32_sys_bpf+0x76/0xe0 [ 117.601441][ T7380] __do_fast_syscall_32+0x73/0x120 [ 117.602779][ T7380] do_fast_syscall_32+0x32/0x80 [ 117.604055][ T7380] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 117.605851][ T7380] RIP: 0023:0xf744e579 [ 117.607031][ T7380] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 117.612009][ T7380] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 117.614196][ T7380] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200004c0 [ 117.616285][ T7380] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000 [ 117.618345][ T7380] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 117.620382][ T7380] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 117.622433][ T7380] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 117.624483][ T7380] [ 117.626307][ T7380] syz.2.389: vmalloc error: size 192, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 117.633584][ T7380] CPU: 3 UID: 0 PID: 7380 Comm: syz.2.389 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0 [ 117.636365][ T7380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 117.639157][ T7380] Call Trace: [ 117.640040][ T7380] [ 117.640816][ T7380] dump_stack_lvl+0x16c/0x1f0 [ 117.642064][ T7380] warn_alloc+0x24d/0x3a0 [ 117.643203][ T7380] ? __pfx_warn_alloc+0x10/0x10 [ 117.644487][ T7380] ? rcu_is_watching+0x12/0xc0 [ 117.645759][ T7380] ? trace_kmalloc+0x2d/0xe0 [ 117.646985][ T7380] ? __kasan_kmalloc+0x8a/0xb0 [ 117.648250][ T7380] ? __get_vm_area_node+0x1bc/0x2d0 [ 117.649625][ T7380] __vmalloc_node_range_noprof+0xd27/0x15a0 [ 117.651179][ T7380] ? bpf_prog_calc_tag+0x100/0x780 [ 117.652517][ T7380] ? __pfx_stack_trace_save+0x10/0x10 [ 117.653943][ T7380] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 117.655715][ T7380] ? kasan_save_stack+0x42/0x60 [ 117.657005][ T7380] ? kasan_save_stack+0x33/0x60 [ 117.658296][ T7380] ? kasan_save_track+0x14/0x30 [ 117.659573][ T7380] ? __kasan_kmalloc+0xaa/0xb0 [ 117.660829][ T7380] ? bpf_prog_calc_tag+0x100/0x780 [ 117.662147][ T7380] vmalloc_noprof+0x6b/0x90 [ 117.663345][ T7380] ? bpf_prog_calc_tag+0x100/0x780 [ 117.664684][ T7380] bpf_prog_calc_tag+0x100/0x780 [ 117.665401][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 117.665987][ T7380] ? __pfx_bpf_prog_calc_tag+0x10/0x10 [ 117.669576][ T7380] ? __pfx_add_subprog+0x10/0x10 [ 117.670903][ T7380] ? add_subprog_and_kfunc+0x5e5/0x1b80 [ 117.672348][ T7380] resolve_pseudo_ldimm64+0xcd/0x2950 [ 117.673777][ T7380] ? __pfx_add_subprog_and_kfunc+0x10/0x10 [ 117.675343][ T7380] ? __pfx_resolve_pseudo_ldimm64+0x10/0x10 [ 117.676894][ T7380] ? trace_kmalloc+0x2d/0xe0 [ 117.678129][ T7380] ? __kmalloc_node_noprof+0x22f/0x440 [ 117.679557][ T7380] ? __pfx_bpf_lsm_binder_transaction+0x1/0x10 [ 117.681177][ T7380] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 117.682605][ T7380] ? check_subprogs+0x57c/0x7d0 [ 117.683871][ T7380] bpf_check+0x72cb/0xc7c0 [ 117.685009][ T7380] ? __pfx_bpf_check+0x10/0x10 [ 117.686234][ T7380] ? find_held_lock+0x2d/0x110 [ 117.687455][ T7380] ? ktime_get_with_offset+0x13a/0x240 [ 117.688895][ T7380] ? trace_lock_acquire+0x14a/0x1d0 [ 117.690270][ T7380] ? ktime_get_with_offset+0x13a/0x240 [ 117.691712][ T7380] ? timekeeping_debug_get_ns+0x3e0/0x5b0 [ 117.693230][ T7380] ? lockdep_hardirqs_on+0x7c/0x110 [ 117.694601][ T7380] ? bpf_obj_name_cpy+0x156/0x1b0 [ 117.695969][ T7380] bpf_prog_load+0xe3f/0x2670 [ 117.697222][ T7380] ? __pfx_bpf_prog_load+0x10/0x10 [ 117.698568][ T7380] ? find_held_lock+0x2d/0x110 [ 117.699841][ T7380] __sys_bpf+0x4c8c/0x5780 [ 117.701020][ T7380] ? ksys_write+0x21e/0x260 [ 117.702226][ T7380] ? __pfx___sys_bpf+0x10/0x10 [ 117.703490][ T7380] ? vfs_write+0x14d/0x1140 [ 117.704848][ T7380] ? __mutex_unlock_slowpath+0x164/0x650 [ 117.705646][ T7385] netlink: 104 bytes leftover after parsing attributes in process `syz.0.391'. [ 117.709412][ T7380] ? fput+0x30/0x390 [ 117.709441][ T7380] ? ksys_write+0x1ad/0x260 [ 117.709456][ T7380] ? __pfx_ksys_write+0x10/0x10 [ 117.713828][ T7380] __ia32_sys_bpf+0x76/0xe0 [ 117.715382][ T7380] __do_fast_syscall_32+0x73/0x120 [ 117.716810][ T7380] do_fast_syscall_32+0x32/0x80 [ 117.718089][ T7380] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 117.719723][ T7380] RIP: 0023:0xf744e579 [ 117.720785][ T7380] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 117.725773][ T7380] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 117.727924][ T7380] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200004c0 [ 117.729967][ T7380] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000 [ 117.732013][ T7380] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 117.734196][ T7380] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 117.736578][ T7380] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 117.739026][ T7380] [ 117.741178][ T7380] Mem-Info: [ 117.741999][ T7380] active_anon:7208 inactive_anon:27 isolated_anon:0 [ 117.741999][ T7380] active_file:5388 inactive_file:38656 isolated_file:0 [ 117.741999][ T7380] unevictable:781 dirty:529 writeback:1 [ 117.741999][ T7380] slab_reclaimable:4876 slab_unreclaimable:50984 [ 117.741999][ T7380] mapped:20088 shmem:3765 pagetables:689 [ 117.741999][ T7380] sec_pagetables:319 bounce:0 [ 117.741999][ T7380] kernel_misc_reclaimable:0 [ 117.741999][ T7380] free:88844 free_pcp:3526 free_cma:0 [ 117.756892][ T7380] Node 0 active_anon:0kB inactive_anon:20kB active_file:0kB inactive_file:428kB unevictable:1588kB isolated(anon):0kB isolated(file):0kB mapped:6464kB dirty:28kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9484kB pagetables:1348kB sec_pagetables:1244kB all_unreclaimable? no [ 117.757754][ T5330] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 117.765500][ T7380] Node 1 active_anon:28832kB inactive_anon:88kB active_file:21188kB inactive_file:154576kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:73888kB dirty:2088kB writeback:4kB shmem:13524kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1820kB pagetables:1408kB sec_pagetables:32kB all_unreclaimable? no [ 117.776115][ T7380] Node 0 DMA free:932kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:52kB writepending:0kB present:15992kB managed:15360kB mlocked:52kB bounce:0kB free_pcp:108kB local_pcp:8kB free_cma:0kB [ 117.784781][ T7380] lowmem_reserve[]: 0 273 0 0 0 [ 117.787079][ T7380] Node 0 DMA32 free:21268kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:4096KB active_anon:0kB inactive_anon:20kB active_file:124kB inactive_file:288kB unevictable:1536kB writepending:28kB present:1032196kB managed:306280kB mlocked:0kB bounce:0kB free_pcp:3464kB local_pcp:192kB free_cma:0kB [ 117.797790][ T7380] lowmem_reserve[]: 0 0 0 0 0 [ 117.799196][ T7380] Node 1 DMA32 free:332620kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:28832kB inactive_anon:88kB active_file:21188kB inactive_file:154576kB unevictable:1536kB writepending:2092kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:11280kB local_pcp:320kB free_cma:0kB [ 117.807499][ T7380] lowmem_reserve[]: 0 0 0 0 0 [ 117.809063][ T7380] Node 0 DMA: 1*4kB (U) 2*8kB (U) 3*16kB (U) 28*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 964kB [ 117.812777][ T7380] Node 0 DMA32: 227*4kB (UMH) 99*8kB (UMEH) 35*16kB (UMEH) 100*32kB (UMEH) 45*64kB (UMEH) 25*128kB (UMEH) 8*256kB (UM) 9*512kB (UM) 3*1024kB (M) 0*2048kB 0*4096kB = 21268kB [ 117.818273][ T7380] Node 1 DMA32: 3*4kB (UME) 1*8kB (M) 31*16kB (UME) 26*32kB (UE) 36*64kB (UME) 55*128kB (UME) 36*256kB (UM) 8*512kB (UM) 5*1024kB (UM) 4*2048kB (M) 72*4096kB (UME) = 332228kB [ 117.823438][ T7380] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 117.826199][ T7380] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 117.828773][ T7380] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 117.831358][ T7380] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 117.833503][ T7385] netlink: 'syz.0.391': attribute type 8 has an invalid length. [ 117.833837][ T7380] 48791 total pagecache pages [ 117.836255][ T7385] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.391'. [ 117.837571][ T7380] 967 pages in swap cache [ 117.840841][ T7380] Free swap = 110976kB [ 117.842029][ T7380] Total swap = 124996kB [ 117.843233][ T7380] 524155 pages RAM [ 117.844225][ T7380] 0 pages HighMem/MovableOnly [ 117.845755][ T7380] 206682 pages reserved [ 117.847176][ T7380] 0 pages cma reserved [ 118.019591][ T7395] Bluetooth: MGMT ver 1.23 [ 118.708811][ T45] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 118.711576][ T5384] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 118.716539][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 118.720136][ T7392] block nbd2: shutting down sockets [ 118.723165][ T7393] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 118.725767][ T7393] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 118.739644][ T7393] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 118.745521][ T7393] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 118.747888][ T7393] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 118.752140][ T7393] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 118.763623][ T7393] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 118.767410][ T7393] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 118.769844][ T7393] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 118.773514][ T7393] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 119.006502][ T7412] input: syz0 as /devices/virtual/input/input14 [ 119.756530][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog SYZFAIL: ShmemBuilder: too large output offset size=214093077 consumed=-1330490898 (errno 11: Resource temporarily unavailable) [ 120.006265][ T5356] Bluetooth: hci1: command 0x0c1a tx timeout [ 120.399347][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 120.402219][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.512566][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 120.516378][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.596792][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 120.599505][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.635825][ T45] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 120.638682][ T5330] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 120.642727][ T5402] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 120.709782][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 120.713277][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.785558][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 120.795671][ T45] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 120.802103][ T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 120.806288][ T5330] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 120.835523][ T12] bridge_slave_1: left allmulticast mode [ 120.837267][ T12] bridge_slave_1: left promiscuous mode [ 120.840401][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.848158][ T12] bridge_slave_0: left allmulticast mode [ 120.850143][ T12] bridge_slave_0: left promiscuous mode [ 120.852006][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 121.120306][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 121.126641][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 121.131591][ T12] bond0 (unregistering): Released all slaves [ 121.367290][ T12] hsr_slave_0: left promiscuous mode [ 121.369960][ T12] hsr_slave_1: left promiscuous mode [ 121.372672][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 121.375799][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 121.379236][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 121.381811][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 121.409300][ T12] veth1_macvtap: left promiscuous mode [ 121.411562][ T12] veth0_macvtap: left promiscuous mode [ 121.413235][ T12] veth1_vlan: left promiscuous mode [ 121.415109][ T12] veth0_vlan: left promiscuous mode [ 121.828230][ T56] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 122.100152][ T12] team0 (unregistering): Port device team_slave_1 removed [ 122.182156][ T12] team0 (unregistering): Port device team_slave_0 removed [ 122.876733][ T5394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 123.066581][ T12] IPVS: stop unused estimator thread 0... [ 123.153119][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.221580][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.305745][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.378158][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.473404][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.547669][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.618408][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.679967][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.812854][ T12] bridge_slave_1: left allmulticast mode [ 123.814903][ T12] bridge_slave_1: left promiscuous mode [ 123.817879][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 123.826925][ T12] bridge_slave_0: left allmulticast mode [ 123.828398][ T12] bridge_slave_0: left promiscuous mode [ 123.829918][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 124.268111][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 124.273745][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 124.278698][ T12] bond0 (unregistering): Released all slaves [ 124.369672][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 124.375721][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 124.380572][ T12] bond0 (unregistering): Released all slaves [ 124.386391][ T12] bond1 (unregistering): Released all slaves [ 124.812432][ T12] hsr_slave_0: left promiscuous mode [ 124.814504][ T12] hsr_slave_1: left promiscuous mode [ 124.816946][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 124.818987][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 124.821380][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 124.823429][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 124.833133][ T12] hsr_slave_0: left promiscuous mode [ 124.836022][ T12] hsr_slave_1: left promiscuous mode [ 124.838701][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 124.841451][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 124.844733][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 124.850372][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 124.886019][ T12] veth1_macvtap: left promiscuous mode [ 124.887566][ T12] veth0_macvtap: left promiscuous mode [ 124.889267][ T12] veth1_vlan: left promiscuous mode [ 124.890709][ T12] veth0_vlan: left promiscuous mode [ 124.892753][ T12] veth1_macvtap: left promiscuous mode [ 124.894250][ T12] veth0_macvtap: left promiscuous mode [ 124.895919][ T12] veth1_vlan: left promiscuous mode [ 124.897460][ T12] veth0_vlan: left promiscuous mode [ 125.534361][ T12] team0 (unregistering): Port device team_slave_1 removed [ 125.616114][ T12] team0 (unregistering): Port device team_slave_0 removed [ 126.578044][ T12] team0 (unregistering): Port device team_slave_1 removed [ 126.642406][ T12] team0 (unregistering): Port device team_slave_0 removed [ 127.748886][ T12] IPVS: stop unused estimator thread 0... VM DIAGNOSIS: 18:32:17 Registers: info registers vcpu 0 CPU#0 RAX=ffffffff90b8ecc6 RBX=ffffffff9034d920 RCX=dffffc0000000000 RDX=fffffffff1a25f62 RSI=0000000000000000 RDI=ffffffff9034d920 RBP=ffffffff9034d920 RSP=ffffc90002fd6f30 R8 =ffffffff90b8eccc R9 =ffffffff90b8dfda R10=ffffc90002fd6fe0 R11=000000000000d743 R12=ffffffff9034d920 R13=ffffffff81d743a2 R14=ffffffff9034d920 R15=ffffffff9034d920 RIP=ffffffff813cf356 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fe9e1f81d00 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000056040c516000 CR3=0000000000152000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=333996e7333996e7 333996e7333996e7 333996e7333996e7 333996e7333996e7 333996e7333996e7 333996e7333996e7 333996e7333996e7 333996e7333996e7 ZMM22=bf061b16bf061b16 bf061b16bf061b16 bf061b16bf061b16 bf061b16bf061b16 bf061b16bf061b16 bf061b16bf061b16 bf061b16bf061b16 bf061b16bf061b16 ZMM23=b37fd2b8b37fd2b8 b37fd2b8b37fd2b8 b37fd2b8b37fd2b8 b37fd2b8b37fd2b8 b37fd2b8b37fd2b8 b37fd2b8b37fd2b8 b37fd2b8b37fd2b8 b37fd2b8b37fd2b8 ZMM24=bbc6b7b3bbc6b7b3 bbc6b7b3bbc6b7b3 bbc6b7b3bbc6b7b3 bbc6b7b3bbc6b7b3 bbc6b7b3bbc6b7b3 bbc6b7b3bbc6b7b3 bbc6b7b3bbc6b7b3 bbc6b7b3bbc6b7b3 ZMM25=f1b554f8f1b554f8 f1b554f8f1b554f8 f1b554f8f1b554f8 f1b554f8f1b554f8 f1b554f8f1b554f8 f1b554f8f1b554f8 f1b554f8f1b554f8 f1b554f8f1b554f8 ZMM26=6a176a116a176a11 6a176a116a176a11 6a176a116a176a11 6a176a116a176a11 6a176a116a176a11 6a176a116a176a11 6a176a116a176a11 6a176a116a176a11 ZMM27=e5efedffe5efedff e5efedffe5efedff e5efedffe5efedff e5efedffe5efedff e5efedffe5efedff e5efedffe5efedff e5efedffe5efedff e5efedffe5efedff ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=7704000077040000 7704000077040000 7704000077040000 7704000077040000 7704000077040000 7704000077040000 7704000077040000 7704000077040000 info registers vcpu 1 CPU#1 RAX=fffffbfff2d31588 RBX=fffffbfff2d31589 RCX=ffffffff8169f9ab RDX=0000000000000001 RSI=0000000000000008 RDI=ffffffff9698ac40 RBP=fffffbfff2d31588 RSP=ffffc900032a74a8 R8 =0000000000000000 R9 =fffffbfff2d31588 R10=ffffffff9698ac47 R11=0000000000000000 R12=dffffc0000000000 R13=0000000000000002 R14=0000000000000002 R15=ffff88802329c880 RIP=ffffffff81edfb4b RFL=00000083 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7f86e40 CR3=00000000296a6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f741bff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000000 RBX=000000006259d298 RCX=ffffffff813e9b87 RDX=1ffff11007fff4d8 RSI=ffffffff813e99a6 RDI=0000000000000000 RBP=ffffea000000000f RSP=ffffc900035276d8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffff88803fffa6c0 R13=0000000000000002 R14=0000000000000000 R15=0000000000000040 RIP=ffffffff813e99ce RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f720b850 CR3=000000005bf6e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000004fffffff3 0000012800000094 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000002 RCX=ffffffff81cb0256 RDX=ffff8880200d8000 RSI=0000000000000001 RDI=0000000000000005 RBP=ffff88801ac71920 RSP=ffffc90000e477b0 R8 =0000000000000005 R9 =0000000000000001 R10=0000000000000002 R11=0000000000000000 R12=ffff88801ac71900 R13=dffffc0000000000 R14=0000000000000002 R15=ffff8880404de000 RIP=ffffffff818cb982 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000031b0aff8 CR3=0000000062f50000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000