last executing test programs: 24.950595039s ago: executing program 0 (id=24): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="060000cbb86b717d5026c72c0bf884891753ee3f050000"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='uid_map\x00') r3 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0) r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0) dup3(r4, r3, 0x0) writev(r2, &(0x7f0000001380)=[{&(0x7f0000000340)="f5", 0x1}], 0x1) ioctl$TUNSETTXFILTER(r2, 0x400454d1, &(0x7f0000000080)=ANY=[@ANYBLOB="010004000180c200000e9a9bc819a59faaaaaaaaaa0faaaaaaaaaabb"]) bind$inet(r1, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10) sendmmsg$inet(r1, &(0x7f00000039c0)=[{{&(0x7f0000000800)={0x2, 0x6e20, @multicast1}, 0x10, 0x0}}], 0x1, 0x2000c044) sendto$inet(r1, &(0x7f0000000c80)="e8", 0x6200, 0x12000000, 0x0, 0x0) 24.872943259s ago: executing program 0 (id=29): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000001580), 0x138a09f12d160b2d, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000140003800800014000000000080002400000000050000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000001c00038018000380140001007465616d300000000000000000000000080007"], 0xd8}, 0x1, 0x0, 0x0, 0x4008005}, 0x8d4) socket$nl_netfilter(0x10, 0x3, 0xc) (async) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000200)=0x12) (async) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000200)=0x12) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)) 24.819778445s ago: executing program 0 (id=31): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x587001, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x4d, 0x800000, 0x8, 0x5, 0x80}) prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x23) write$bt_hci(r1, &(0x7f0000000080)=ANY=[], 0x6) r2 = socket(0x2000000000000021, 0x2, 0x2) shutdown(r2, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0xa0, 0x76}, [@call={0x27}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3f) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58"}, 0x28) sendmsg$inet(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000240)='n', 0x1}], 0x1}, 0x40) r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CAP_EXIT_ON_EMULATION_FAILURE(r5, 0x4068aea3, &(0x7f0000000180)) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r8) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000400)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r11, @ANYBLOB="25003300d0000000080211000001080211000000505050505050d00003"], 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x0) r12 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r12, 0x402, 0x3c) mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a) ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000f5000040"]) 24.698868125s ago: executing program 0 (id=34): syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') renameat2(0xffffffffffffff9c, &(0x7f00000008c0)='./file4\x00', 0xffffffffffffff9c, &(0x7f0000000900)='./file7\x00', 0x0) mknod$loop(&(0x7f0000000400)='./file4\x00', 0x6000, 0x0) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x8001, 0x2, 0x0, "ea313b8110365d466bcad30edfa0a0234cede1cc937381608a5d0329e4771185", 0x31384142}) r1 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000000380), 0x2002, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0) process_vm_writev(r2, &(0x7f0000000480)=[{&(0x7f0000000200)=""/145, 0x91}], 0x1, &(0x7f00000007c0)=[{&(0x7f00000004c0)=""/41, 0x29}], 0x1, 0x0) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f00000003c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000100)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="310300000000000000000900000008000600", @ANYRES32=r3, @ANYBLOB="08000300", @ANYRES64=r5], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x80) 24.489630219s ago: executing program 0 (id=38): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = fcntl$getown(r0, 0x9) r2 = syz_open_procfs(r1, &(0x7f0000000140)='net/xfrm_stat\x00') pread64(r2, &(0x7f000001a240)=""/102400, 0x19000, 0x100008) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000040)={@private, @empty, 0x0}, &(0x7f00000000c0)=0xc) bind$packet(r2, &(0x7f0000000100)={0x11, 0x19, r3, 0x1, 0x6, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x14) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f0000000280)={0x1d, 0x5, 0xfffffffb}) ioctl$EVIOCGKEYCODE_V2(r2, 0x80284504, &(0x7f00000001c0)=""/173) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000004300090000000000000000000300000008000200", @ANYRES32=r0], 0x1c}}, 0x24000044) 24.039453647s ago: executing program 0 (id=44): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYRESHEX], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x46) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x4b) close(r1) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r3, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000600)={r4, 0x0, 0x1000, 0x10000, 0x3, [0x0, 0x0, 0x0, 0x0], [0x800000, 0x800, 0xfffffffd], [0x0, 0x1001000, 0xfffffffc], [0x0, 0x0, 0xe8a6]}) r7 = creat(&(0x7f0000000040)='./file0\x00', 0x4b) close(r7) r8 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r9, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r7, 0xc06864ce, &(0x7f0000000600)={r10, 0x0, 0x1000, 0x10000, 0x3, [0x0, 0x0, 0x0, 0x0], [0x800000, 0x800, 0xfffffffd], [0x0, 0x1001000, 0xfffffffc], [0x0, 0x0, 0xe8a6]}) ioctl$DRM_IOCTL_MODE_ADDFB2(r7, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x1, [r11, 0x0, 0x0, r12], [0x2b8], [0x0, 0x0, 0x0, 0x1]}) ioctl$DRM_IOCTL_MODE_ADDFB2(r1, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x1, [r5, 0x0, r11, r6], [0x2b8, 0x0, 0x0, 0x9], [0x1, 0x0, 0x0, 0x1], [0x0, 0x0, 0x800]}) ioctl$KVM_GET_CLOCK(r1, 0x8030ae7c, &(0x7f00000000c0)) pwritev2(r2, &(0x7f0000000800)=[{&(0x7f0000000280)="80ff94076dfd466c7c00cc7b332aaa03b15b16260df5a530f84782e9e9097f7d26edd347511521d5c27d12", 0x2b}, {&(0x7f0000000440)="e6177e6a75302d87ea31c66a6894127ac2dd344ad7fe9721d22840ddaa327a2b959b1c4e5a4087b1fb63b7b58469d1446fc09984890a84fb517486ed94c234f788ecec441d5d98cac2643f6d96bbb801717142670f7176adacf2bbecae5be9796d743850bc", 0x65}, {&(0x7f00000004c0)="6cac6399dab997e81a44dfd44e73f24d79aa673c110e5cbb935a1dff10a7fe7b4af1518ae528c1b54430d642c8ca0d7f7abe39a4f8a36d1a935c76e9e9d0c9f6bb773a639980bfc77603e532276ceb9b76706984130a1aea7cda7f151517289c3ddead81032097ed9c20364906f9a0ccd04ba8c48b9d20926553f44f8baf08663d725116cc49aa98dccd7310f618a9cc12381541b2d05eddd2f55475cf699a332d9ca2a8a3344fdc8a2b46ac6a2de9", 0xaf}, {&(0x7f0000000580)="126ed521cd43f0c1fbd6fa0bcc15e51aafc9b31e61aeb5093fbdd11f18d1964f5ab1549a56c585336df7ebc7290175590c2a66ab1b0fc7bfdce4b7058dca1f203c032c217cfbbff5f85c1015bc63b66efeab5b9b5e1d5aa8a76f6138e2fbe3614152efef2fe2bf997b47582da831", 0x6e}, {&(0x7f0000000ec0)="401898bb6245b5ca8cdeead3efe7622493e8eb8a5feec19bd828f0675aeb42169fcf65eb4055f3277d34d4c33e376fcdab203da58c2714c41414f2fefd587e644a0d5cda783608f413658b7e890f03ee68e31da4c420597486ac4ebcc513e06fa9348d60e5c13b54f5ab188990c35e53fc2ab6a2a26efb0295475dbe4ecc145b2e9103282eeec73c7f6fd4d9b828593c3873b6bea499b0cb8332b4e473684da42137b70cb36e71c190dd68081281621a7b44e6480bb2676556e4de15be028f97dd9a3da4d542ac20403f3ddd4ad737d71eb187100126462a5115e48c78fce58aa5973e9c3ed9f33fcf5aa7378f8cf74ca8ded5c7f3b976f702b0e8e9dd5f9b17c5bcc0339ea2591d0451dc29faa6dba764034d8f444e32f9e8ea77b4965427d0bb4ea1ecfbd03128aa4a9f9e134da62ec5fab9df58b58e44e4ec938430eb9b08a864b725c0d007e91388063f77a7c0ba75586a186dd2530704bb6307c87a608dd391a4d2e9f4f69c3c51b9ce37834c85674da2a8f34137243ec5740f4408fec1ec7ce97d19a6542e2a0132f934be36996f39aceea4086edc519698701796d5da40590ba45bc4cffad27cd380b5be11112fbf574a720763c04d3fe6ce4685d278e7c5ee7f25d825775b6e8dab27f717d049adf91b77cb9721f0a9da710ae67adf7a5300639b2c6df2947ffe22b3e60f545fc664828d00d4ca3adb26bd1ca93bc0ffc73f847dfdf834c822c9ba802db94c6b601286b9d10f5008cc7ade9e53b2060d101e5c57042b16b0ed7742d3b6912bfcddcb9cacf0c98d38bf060354824c528a6158d739015cfda51cce8f68912cedf8979399e5594c4e4141303895317800d30d14cc5d239ce0e6ee8e53ee2b9ff376be1b03c1aa8fcec52db814b9799aec54cc38e2fde768b4591389b246b4d6a9e12a2276a52d6b68421dff2f51b32280a6cb132424acfd8241dc15217f1a843ebd5dfdcfc4b43956a621399893952ebb45bd1f3c0bad5c586c66c97692a4d8cfa39d6791ed21dbbbbeb82cdc783c5346624dd5270a3e071691c48392996423b2533111a4fd4bf8f1254864728b008a318b17d318f0fec265a8a3e4393f7fc4b705e6104a37e4624e19a73788bc10c496e7a805e8c865f2508f46a9c5b6d62ad1b7942120839d2e7d2c9579ef3eb94136c23b790975a03099e8e0f696904ccef5305f284c90b0f95eae8e06acee03a9f1aab9cb323c3e7651a01d6a2bde70d9dd03219d581b901c84ca5ea325a716fc5a4117ab17d4f2d2391864cbcc6260a860e70eac91978b2b4ca1ed97b99ee1bc7e0d994fe347ac167ef1485c77d7126e98d910e381f778b4023da5e3dd9cdfa858cf6230e6c4ba5176a760ef701ce01a9508e865137e43d29a1ee1750e7e9066c54c8d1b8038415005bdf1b1619baed5c37f0e3b7a2f781b58ad2a349a286f3e640b5ed66c69cc46cb6ef8c819309c11baf0e362451f53bf0fa48e712abf12f7ab7cf46636235c5cbdbda6535f7fd4e10d43e0c37cb36087e2f96ab7b4ac30b6a524b8f8bc4cf090c2fc2bb82cd54e0da1fd27bd060a4a6a6b740f9d133fcb0ccebc70e4a54989e4c280784887d9a7501452bc3f84044c8f7f1d1afc097f9177e6ed227df55c46a7cd7141a077db3841f8370cb358089d800bf91f68204eaeb232c140e5e592f489d069707cff4bcacfb516a133353c94fb58c02280f2a94f1342a5eddd41a494589bf1ccf8d2093bd31e17eb66f190548916a35f75a9eab7cc6f6240ca62fae6f82bada793bbc2553948ef6e04c0aea3aa9222bd200315be2f7c8e933360272dfb5c35c34cb3b4adadfcc1082e9a21a323ececa7915caf5f5857770f1f6df37bac2b756e0504ce97e19a49e3855357fe181b76ea83cb9cd21a435a1908cdbbba7719a67cfc5118cfe20ad7365df50745e2b50b619d442d5f7f98b8d03fae05ccaf120e5948dc92038311b5ccba1b8aabd8fd6ab80004979e3e38bd57a408eaf69c1fc5c7e0b2dfa9622f7b0e4201928ac4d363eb30df301c6f0434b11629f8393668ebf0b5f86c1da3e292ea8c76958c53385f701c6a03f4bc796ee1d46f73b3e59b762a4d5f62822c17634346f8d2c01822f994f1a0e905961535c3023ae4638ea27b6f2bd7099218b37d0ed162ee25339a194561319d7fd347e13f514b6cc5229bdb7f35f7158356088d72142ad9db2f380219a1e8935c067d5ef2eff3557219ca4ddc18ae3ccaf4603fdc239eb1c516ca0cea7c8394355d2e286464be95a703d50c274c1e7972969a5296933846d6132443da1724c05733ed68ada2c7c24d1050aed37acee13f196f7b1a165f02c5db54a1808308ee8aafff061b02dd78e76996a4bd177fd879ab811981d4586872d896897d7b8ce3964f87e774ca8ff1234dc1fe1b18052d3ebd6c2bf1b8217463a4ab778804f5c479ec60527690d6007a4ed4b0a8f7f61253090e36ad66d8bc023302b67233ccf0da691939e138a23f798e8a64990cccd92bfecd22e91b0bd8656e87c2e38f7a86bbc4d9f363f3645678f69d0a9545acfc6d34eae914748ee0681de2bd5c71de4628c5fcf66ab4b8be31762004faecaa23667a1d68c4e47f47de88bd2ac2850266083956a00a3f1d84aaf1c472a0a63ed9ce7d4c9d2c2412623f3a26922d2b61dda8ee242d85f7bb65413349e88f8ecbd26e53f5f69747c36ae53afdf73f302a2d3996917f9b8809daaef051c2a68452a0d025f8e38b6f5adc9003df802788b452f3bc069b214f9013df8b7e1385ce945bc5a026bd446ad2d4d3d858229c5f4565acd7763c6a9fbded2476b304c06597f9478ba12d0d921a82d877b88cb0ad8f94508bc766dbb651ce5921f9ca962513765209e5287ce2cb2d034df17694783de9482f327e391313440ece5a7877dcfb97299e56c480d989f0a9b0560d260048a1b8e6a2cbbd84e742c503930d0abbd461733f29403c628679d75470b5f59bd6afb97cb0e06bffc9e3d580042c56998e957ebcb764726c2d43b8440b09d3d243bdac165f8cef7891d884da15a6c72540e533b17b9742afd097947a356389772228d8ecb1e7e58a9d3684b087d910ee6cf42199d66da23939cff179fd3b3f2a1987fdfe4d5c47490402df660f07cc460226e88d0e9d2f5996662704ce592aaa8feb8fb309d3600c2d20e524862c9d6a40847f1c539053c9a282c979173387c95321a84791bd30eb0a02eb6e1c75a430860840d2a5493a331ec3a6f0aa76462208a9c5daf05af30bd4ee7bc54c0d8e9aa57ba7b55a23375a8877e9ba46e27c6da074838af1cd5456da033f7e60fe051d139babc61d50329641ea75c8b90640d7abaecb8d790a78dea2000762b809c1c27501ad879e9afb77d72e515c42e7bcd01f4a5958b01a58d6c3a53a564ea14e80ceb1f1960073007d58f9f567977217a66c69aa30a7e54cfa6e020eb57e304f339b89a2f55476cb65d17bbe41da4a5f1354742d783ae0acc0bee4c1b5eb9de17d03e8054a9b7a815aab433d06f93d322e23aa150dbb9394eabfd89a70ec5de8f67cfd3e84a9a01b2476135be31bc65cc798791b109bef195ca450731a3cbeb8da692447a02a1c2c8ac89b05caef44fe588379c5476dc699ca47fe4e25032f44da7dce49ec9835c4c5e0a8c7d3e8e86cd30052531df2c5c3f448aced9dbe07481366e8ff25b7ff5f6ed8b27bf70a11ab95b16327722cf80684649a0b6e924f2b534dfeb8b1b5f5ec440ca64ef9d84d81ffacbe30e006d7ad0fbce6fcabd5bac4b76849e8b01c30f4e1c76c56916375a2962186989462bef8e8bf1dfd8975a22dec08dfa9d470e348d37446567e6b74cc25e3550553d6c0759548a7fcc36e30e3eea8d231e5ddac4dda047728ccbebf70253bb0ff64d68af21332301e53acc1627313575c90a5fd4365815352d0d475d50a1e55e9f06c8f2bb85afac3e2bc2cb4c9bcba13f17e3e28532c95ca71567be8d162662294fd7266308da80214d2bc8a007f6c07d4e49c202f316e021d7f2edad3c60d8153bff841f1e6c6cc4e008553ad57806fa6ae458f6577122605d146d09c340e2f90e2e7eb6a71c421976daf41329ef136ccbc672b25470b8bb6e4d87234fd13d9a80ca801c033876b9a0667e8277a53738b033d313587a5a0438e5128642cecd4da7d7087cee506ebb68f6992b532cc4db5e4955439d235e5b68fb579d99bd46c22dee9c2ebd37ca90e872d37412791dca3edd2384cc39a043fab2a010338012ae1003683107f3fcd766d0d3f3fd62d46ffd8d7084a0d2898b6c5c468cedcbe870376f1f8b2678f09d10123a97093c14a3e6738f4fd34193b9e2c1b3f083eea324dd12affe737ed4ab60e37f9ecba67b1bd0e7fcd1274caaefb5204eaaeab9479c3687987df07ccdfee7b672557d105912bf4db1db80541a9e8145d4deb2772900b95c8a133b6eb2d62c3892039c07baf5aad0f72b306768f11db6c08c5ab6338a4935532732396318fe629b3ef0247ff71ded06ee168fa5a5382723ae87ace716550c7327ae274435e4ad6648e4c2c118bd9dddf5f8160fef5c83bfe44195a3f7aadeb19b8d4dda37806ba09c7d853862218ca2dce912275825c092ce3ff5771e37b9be2f433c046d9fa6fe1694c21b24611f5184b7dd5d031ec10a361c56ec1a9bdd0bfc7680ab10d59f3b070ad8692f7e7bfc56cf9bd0d7445ce498cc5981421ffddcd3da431dca9cf1009e7da6fcf10fa1e05035e5fba09757f5d349cb9cb874801920043931e5bbcb477fe0507251fc0acdf08335a9cb364507243acbaf5febb1f9477b2c8246514c92609a53a640f49be1bcec9805c83deac5a82a0e210accd1440005b088b61cd666c8731b3381d41b48463e125b3b0bec0fd79fd849abe6a1fc255a735495bd9d6209268e97420aae02da98c087a14a41a73999d7cbdf473c4475024a3f86ca50a6d9c354f27fbe1d91061c46093885178ef07dab1fc92cb198b6155fdbc7be94430a73773e27520add16999d303d52a22d30e5620fb2fb799c4fd52688c609a7ec5d62e1323a63e110a91fc4dc141c3d2cc4c451aa871e0a9aa99e9a2cc95a17d0f711ea23c02f4372a91d8a87187d4d11342e90550d0467e2e84422cd62816b5be3361e2b8a35f504b9f28dc49e31f258354bc8d0b9c11b95e46983c2b9ed70dc10504f7f95d36b01dc891ee67518153d164f3d888363a48a652bb14376bbbd79814e951a01f2c9a26b4cb0903dd65b815171caa76a096c8938c2fc0142f18e317cf7e8faf8e9a87d7c796501d5db827c14805f9f40ae84c13e495b96b3d9dc55333154cd66b03e6774ec6b3b4d4d8adcf19006ef3ba50134c33f7f5ef79b20468f14ed923da633afaf45cb0513fee232cab75a9d8333c5227b3dedc314dac8fb1203b67acd40d96f8465e505e549c98c2de306d8dd19158cadf6ea0c6c7fccd9aa49fcb3dc03c0e773cbb5e24289ecd600fc88f85b89dd62b5d511f826cf7b53a60639b4c62c55ec9ac5a135dc238b91784a2238c75741e18b3aadae9a2d6d09631da4f84f25bd6265704a5b1716c219a879e1918f83a04edc1fa6d9836628b3bacd3c3e983543f4c05b2761dadea180c34cdb5d9e920be9a6a47e965c092ddb61b1f41ca374c76d0c6e7cc73787f8a26c38a748d6bae2eff8a90bbb63126df30678369083ec9031add65f13c49e9f848f31626f9a37f44e6d2565114813a443500cd388c346ed5772d59aba6ad3ab07e6575e9988dfa258fa229a50b2a150fb69594eac982136afcb4bc58f1d6671f284e9df85c2099", 0x1000}, {&(0x7f00000002c0)="e956bd035f0a35f82e57686faaa2b98e3f02281740ebd474569c5e08", 0x1c}, {&(0x7f0000000680)="cc3977da0d6dcf759882ab05a6656f40c53055f4ac8fcac490815fca03fb895c1b14e773f840fd8f4597c5caca877eaf15016b1bad75a21cdb4b82c0659b066f0ff9d13a53ee7c92b82adb1b0c2f6495c66a6cf56c0776cd24b224932f0183c48f31889e3362a94c6e17865938396c", 0x6f}, {&(0x7f0000000700)="91cd84e5153173a82adddbf1abbc6903136b4b8641902aba83d1c41bcbf79079f70d3785f84424400b9f43877056d5f19c5df821820d3244b745253ea6f9b1dc592f793a505c", 0x46}, {&(0x7f0000000780)="d823fd0261a7ee6ddabf90517ffcf425783214d2ed26f24702c451d657bb8f89f5b1ce274e926d28968e9bbb523e9b7363600611a3adcf9e2b95b02e2335672211b982", 0x43}], 0x9, 0xd, 0x31, 0x4) mount$bpf(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000180), 0x4010, 0x0) chdir(&(0x7f0000000140)='./file0\x00') bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000400)=@generic={&(0x7f0000000080)='./file0\x00', r0}, 0x18) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)) 23.900920705s ago: executing program 32 (id=44): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYRESHEX], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x46) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x4b) close(r1) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r3, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000600)={r4, 0x0, 0x1000, 0x10000, 0x3, [0x0, 0x0, 0x0, 0x0], [0x800000, 0x800, 0xfffffffd], [0x0, 0x1001000, 0xfffffffc], [0x0, 0x0, 0xe8a6]}) r7 = creat(&(0x7f0000000040)='./file0\x00', 0x4b) close(r7) r8 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r9, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r7, 0xc06864ce, &(0x7f0000000600)={r10, 0x0, 0x1000, 0x10000, 0x3, [0x0, 0x0, 0x0, 0x0], [0x800000, 0x800, 0xfffffffd], [0x0, 0x1001000, 0xfffffffc], [0x0, 0x0, 0xe8a6]}) ioctl$DRM_IOCTL_MODE_ADDFB2(r7, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x1, [r11, 0x0, 0x0, r12], [0x2b8], [0x0, 0x0, 0x0, 0x1]}) ioctl$DRM_IOCTL_MODE_ADDFB2(r1, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x1, [r5, 0x0, r11, r6], [0x2b8, 0x0, 0x0, 0x9], [0x1, 0x0, 0x0, 0x1], [0x0, 0x0, 0x800]}) ioctl$KVM_GET_CLOCK(r1, 0x8030ae7c, &(0x7f00000000c0)) pwritev2(r2, &(0x7f0000000800)=[{&(0x7f0000000280)="80ff94076dfd466c7c00cc7b332aaa03b15b16260df5a530f84782e9e9097f7d26edd347511521d5c27d12", 0x2b}, {&(0x7f0000000440)="e6177e6a75302d87ea31c66a6894127ac2dd344ad7fe9721d22840ddaa327a2b959b1c4e5a4087b1fb63b7b58469d1446fc09984890a84fb517486ed94c234f788ecec441d5d98cac2643f6d96bbb801717142670f7176adacf2bbecae5be9796d743850bc", 0x65}, {&(0x7f00000004c0)="6cac6399dab997e81a44dfd44e73f24d79aa673c110e5cbb935a1dff10a7fe7b4af1518ae528c1b54430d642c8ca0d7f7abe39a4f8a36d1a935c76e9e9d0c9f6bb773a639980bfc77603e532276ceb9b76706984130a1aea7cda7f151517289c3ddead81032097ed9c20364906f9a0ccd04ba8c48b9d20926553f44f8baf08663d725116cc49aa98dccd7310f618a9cc12381541b2d05eddd2f55475cf699a332d9ca2a8a3344fdc8a2b46ac6a2de9", 0xaf}, {&(0x7f0000000580)="126ed521cd43f0c1fbd6fa0bcc15e51aafc9b31e61aeb5093fbdd11f18d1964f5ab1549a56c585336df7ebc7290175590c2a66ab1b0fc7bfdce4b7058dca1f203c032c217cfbbff5f85c1015bc63b66efeab5b9b5e1d5aa8a76f6138e2fbe3614152efef2fe2bf997b47582da831", 0x6e}, {&(0x7f0000000ec0)="401898bb6245b5ca8cdeead3efe7622493e8eb8a5feec19bd828f0675aeb42169fcf65eb4055f3277d34d4c33e376fcdab203da58c2714c41414f2fefd587e644a0d5cda783608f413658b7e890f03ee68e31da4c420597486ac4ebcc513e06fa9348d60e5c13b54f5ab188990c35e53fc2ab6a2a26efb0295475dbe4ecc145b2e9103282eeec73c7f6fd4d9b828593c3873b6bea499b0cb8332b4e473684da42137b70cb36e71c190dd68081281621a7b44e6480bb2676556e4de15be028f97dd9a3da4d542ac20403f3ddd4ad737d71eb187100126462a5115e48c78fce58aa5973e9c3ed9f33fcf5aa7378f8cf74ca8ded5c7f3b976f702b0e8e9dd5f9b17c5bcc0339ea2591d0451dc29faa6dba764034d8f444e32f9e8ea77b4965427d0bb4ea1ecfbd03128aa4a9f9e134da62ec5fab9df58b58e44e4ec938430eb9b08a864b725c0d007e91388063f77a7c0ba75586a186dd2530704bb6307c87a608dd391a4d2e9f4f69c3c51b9ce37834c85674da2a8f34137243ec5740f4408fec1ec7ce97d19a6542e2a0132f934be36996f39aceea4086edc519698701796d5da40590ba45bc4cffad27cd380b5be11112fbf574a720763c04d3fe6ce4685d278e7c5ee7f25d825775b6e8dab27f717d049adf91b77cb9721f0a9da710ae67adf7a5300639b2c6df2947ffe22b3e60f545fc664828d00d4ca3adb26bd1ca93bc0ffc73f847dfdf834c822c9ba802db94c6b601286b9d10f5008cc7ade9e53b2060d101e5c57042b16b0ed7742d3b6912bfcddcb9cacf0c98d38bf060354824c528a6158d739015cfda51cce8f68912cedf8979399e5594c4e4141303895317800d30d14cc5d239ce0e6ee8e53ee2b9ff376be1b03c1aa8fcec52db814b9799aec54cc38e2fde768b4591389b246b4d6a9e12a2276a52d6b68421dff2f51b32280a6cb132424acfd8241dc15217f1a843ebd5dfdcfc4b43956a621399893952ebb45bd1f3c0bad5c586c66c97692a4d8cfa39d6791ed21dbbbbeb82cdc783c5346624dd5270a3e071691c48392996423b2533111a4fd4bf8f1254864728b008a318b17d318f0fec265a8a3e4393f7fc4b705e6104a37e4624e19a73788bc10c496e7a805e8c865f2508f46a9c5b6d62ad1b7942120839d2e7d2c9579ef3eb94136c23b790975a03099e8e0f696904ccef5305f284c90b0f95eae8e06acee03a9f1aab9cb323c3e7651a01d6a2bde70d9dd03219d581b901c84ca5ea325a716fc5a4117ab17d4f2d2391864cbcc6260a860e70eac91978b2b4ca1ed97b99ee1bc7e0d994fe347ac167ef1485c77d7126e98d910e381f778b4023da5e3dd9cdfa858cf6230e6c4ba5176a760ef701ce01a9508e865137e43d29a1ee1750e7e9066c54c8d1b8038415005bdf1b1619baed5c37f0e3b7a2f781b58ad2a349a286f3e640b5ed66c69cc46cb6ef8c819309c11baf0e362451f53bf0fa48e712abf12f7ab7cf46636235c5cbdbda6535f7fd4e10d43e0c37cb36087e2f96ab7b4ac30b6a524b8f8bc4cf090c2fc2bb82cd54e0da1fd27bd060a4a6a6b740f9d133fcb0ccebc70e4a54989e4c280784887d9a7501452bc3f84044c8f7f1d1afc097f9177e6ed227df55c46a7cd7141a077db3841f8370cb358089d800bf91f68204eaeb232c140e5e592f489d069707cff4bcacfb516a133353c94fb58c02280f2a94f1342a5eddd41a494589bf1ccf8d2093bd31e17eb66f190548916a35f75a9eab7cc6f6240ca62fae6f82bada793bbc2553948ef6e04c0aea3aa9222bd200315be2f7c8e933360272dfb5c35c34cb3b4adadfcc1082e9a21a323ececa7915caf5f5857770f1f6df37bac2b756e0504ce97e19a49e3855357fe181b76ea83cb9cd21a435a1908cdbbba7719a67cfc5118cfe20ad7365df50745e2b50b619d442d5f7f98b8d03fae05ccaf120e5948dc92038311b5ccba1b8aabd8fd6ab80004979e3e38bd57a408eaf69c1fc5c7e0b2dfa9622f7b0e4201928ac4d363eb30df301c6f0434b11629f8393668ebf0b5f86c1da3e292ea8c76958c53385f701c6a03f4bc796ee1d46f73b3e59b762a4d5f62822c17634346f8d2c01822f994f1a0e905961535c3023ae4638ea27b6f2bd7099218b37d0ed162ee25339a194561319d7fd347e13f514b6cc5229bdb7f35f7158356088d72142ad9db2f380219a1e8935c067d5ef2eff3557219ca4ddc18ae3ccaf4603fdc239eb1c516ca0cea7c8394355d2e286464be95a703d50c274c1e7972969a5296933846d6132443da1724c05733ed68ada2c7c24d1050aed37acee13f196f7b1a165f02c5db54a1808308ee8aafff061b02dd78e76996a4bd177fd879ab811981d4586872d896897d7b8ce3964f87e774ca8ff1234dc1fe1b18052d3ebd6c2bf1b8217463a4ab778804f5c479ec60527690d6007a4ed4b0a8f7f61253090e36ad66d8bc023302b67233ccf0da691939e138a23f798e8a64990cccd92bfecd22e91b0bd8656e87c2e38f7a86bbc4d9f363f3645678f69d0a9545acfc6d34eae914748ee0681de2bd5c71de4628c5fcf66ab4b8be31762004faecaa23667a1d68c4e47f47de88bd2ac2850266083956a00a3f1d84aaf1c472a0a63ed9ce7d4c9d2c2412623f3a26922d2b61dda8ee242d85f7bb65413349e88f8ecbd26e53f5f69747c36ae53afdf73f302a2d3996917f9b8809daaef051c2a68452a0d025f8e38b6f5adc9003df802788b452f3bc069b214f9013df8b7e1385ce945bc5a026bd446ad2d4d3d858229c5f4565acd7763c6a9fbded2476b304c06597f9478ba12d0d921a82d877b88cb0ad8f94508bc766dbb651ce5921f9ca962513765209e5287ce2cb2d034df17694783de9482f327e391313440ece5a7877dcfb97299e56c480d989f0a9b0560d260048a1b8e6a2cbbd84e742c503930d0abbd461733f29403c628679d75470b5f59bd6afb97cb0e06bffc9e3d580042c56998e957ebcb764726c2d43b8440b09d3d243bdac165f8cef7891d884da15a6c72540e533b17b9742afd097947a356389772228d8ecb1e7e58a9d3684b087d910ee6cf42199d66da23939cff179fd3b3f2a1987fdfe4d5c47490402df660f07cc460226e88d0e9d2f5996662704ce592aaa8feb8fb309d3600c2d20e524862c9d6a40847f1c539053c9a282c979173387c95321a84791bd30eb0a02eb6e1c75a430860840d2a5493a331ec3a6f0aa76462208a9c5daf05af30bd4ee7bc54c0d8e9aa57ba7b55a23375a8877e9ba46e27c6da074838af1cd5456da033f7e60fe051d139babc61d50329641ea75c8b90640d7abaecb8d790a78dea2000762b809c1c27501ad879e9afb77d72e515c42e7bcd01f4a5958b01a58d6c3a53a564ea14e80ceb1f1960073007d58f9f567977217a66c69aa30a7e54cfa6e020eb57e304f339b89a2f55476cb65d17bbe41da4a5f1354742d783ae0acc0bee4c1b5eb9de17d03e8054a9b7a815aab433d06f93d322e23aa150dbb9394eabfd89a70ec5de8f67cfd3e84a9a01b2476135be31bc65cc798791b109bef195ca450731a3cbeb8da692447a02a1c2c8ac89b05caef44fe588379c5476dc699ca47fe4e25032f44da7dce49ec9835c4c5e0a8c7d3e8e86cd30052531df2c5c3f448aced9dbe07481366e8ff25b7ff5f6ed8b27bf70a11ab95b16327722cf80684649a0b6e924f2b534dfeb8b1b5f5ec440ca64ef9d84d81ffacbe30e006d7ad0fbce6fcabd5bac4b76849e8b01c30f4e1c76c56916375a2962186989462bef8e8bf1dfd8975a22dec08dfa9d470e348d37446567e6b74cc25e3550553d6c0759548a7fcc36e30e3eea8d231e5ddac4dda047728ccbebf70253bb0ff64d68af21332301e53acc1627313575c90a5fd4365815352d0d475d50a1e55e9f06c8f2bb85afac3e2bc2cb4c9bcba13f17e3e28532c95ca71567be8d162662294fd7266308da80214d2bc8a007f6c07d4e49c202f316e021d7f2edad3c60d8153bff841f1e6c6cc4e008553ad57806fa6ae458f6577122605d146d09c340e2f90e2e7eb6a71c421976daf41329ef136ccbc672b25470b8bb6e4d87234fd13d9a80ca801c033876b9a0667e8277a53738b033d313587a5a0438e5128642cecd4da7d7087cee506ebb68f6992b532cc4db5e4955439d235e5b68fb579d99bd46c22dee9c2ebd37ca90e872d37412791dca3edd2384cc39a043fab2a010338012ae1003683107f3fcd766d0d3f3fd62d46ffd8d7084a0d2898b6c5c468cedcbe870376f1f8b2678f09d10123a97093c14a3e6738f4fd34193b9e2c1b3f083eea324dd12affe737ed4ab60e37f9ecba67b1bd0e7fcd1274caaefb5204eaaeab9479c3687987df07ccdfee7b672557d105912bf4db1db80541a9e8145d4deb2772900b95c8a133b6eb2d62c3892039c07baf5aad0f72b306768f11db6c08c5ab6338a4935532732396318fe629b3ef0247ff71ded06ee168fa5a5382723ae87ace716550c7327ae274435e4ad6648e4c2c118bd9dddf5f8160fef5c83bfe44195a3f7aadeb19b8d4dda37806ba09c7d853862218ca2dce912275825c092ce3ff5771e37b9be2f433c046d9fa6fe1694c21b24611f5184b7dd5d031ec10a361c56ec1a9bdd0bfc7680ab10d59f3b070ad8692f7e7bfc56cf9bd0d7445ce498cc5981421ffddcd3da431dca9cf1009e7da6fcf10fa1e05035e5fba09757f5d349cb9cb874801920043931e5bbcb477fe0507251fc0acdf08335a9cb364507243acbaf5febb1f9477b2c8246514c92609a53a640f49be1bcec9805c83deac5a82a0e210accd1440005b088b61cd666c8731b3381d41b48463e125b3b0bec0fd79fd849abe6a1fc255a735495bd9d6209268e97420aae02da98c087a14a41a73999d7cbdf473c4475024a3f86ca50a6d9c354f27fbe1d91061c46093885178ef07dab1fc92cb198b6155fdbc7be94430a73773e27520add16999d303d52a22d30e5620fb2fb799c4fd52688c609a7ec5d62e1323a63e110a91fc4dc141c3d2cc4c451aa871e0a9aa99e9a2cc95a17d0f711ea23c02f4372a91d8a87187d4d11342e90550d0467e2e84422cd62816b5be3361e2b8a35f504b9f28dc49e31f258354bc8d0b9c11b95e46983c2b9ed70dc10504f7f95d36b01dc891ee67518153d164f3d888363a48a652bb14376bbbd79814e951a01f2c9a26b4cb0903dd65b815171caa76a096c8938c2fc0142f18e317cf7e8faf8e9a87d7c796501d5db827c14805f9f40ae84c13e495b96b3d9dc55333154cd66b03e6774ec6b3b4d4d8adcf19006ef3ba50134c33f7f5ef79b20468f14ed923da633afaf45cb0513fee232cab75a9d8333c5227b3dedc314dac8fb1203b67acd40d96f8465e505e549c98c2de306d8dd19158cadf6ea0c6c7fccd9aa49fcb3dc03c0e773cbb5e24289ecd600fc88f85b89dd62b5d511f826cf7b53a60639b4c62c55ec9ac5a135dc238b91784a2238c75741e18b3aadae9a2d6d09631da4f84f25bd6265704a5b1716c219a879e1918f83a04edc1fa6d9836628b3bacd3c3e983543f4c05b2761dadea180c34cdb5d9e920be9a6a47e965c092ddb61b1f41ca374c76d0c6e7cc73787f8a26c38a748d6bae2eff8a90bbb63126df30678369083ec9031add65f13c49e9f848f31626f9a37f44e6d2565114813a443500cd388c346ed5772d59aba6ad3ab07e6575e9988dfa258fa229a50b2a150fb69594eac982136afcb4bc58f1d6671f284e9df85c2099", 0x1000}, {&(0x7f00000002c0)="e956bd035f0a35f82e57686faaa2b98e3f02281740ebd474569c5e08", 0x1c}, {&(0x7f0000000680)="cc3977da0d6dcf759882ab05a6656f40c53055f4ac8fcac490815fca03fb895c1b14e773f840fd8f4597c5caca877eaf15016b1bad75a21cdb4b82c0659b066f0ff9d13a53ee7c92b82adb1b0c2f6495c66a6cf56c0776cd24b224932f0183c48f31889e3362a94c6e17865938396c", 0x6f}, {&(0x7f0000000700)="91cd84e5153173a82adddbf1abbc6903136b4b8641902aba83d1c41bcbf79079f70d3785f84424400b9f43877056d5f19c5df821820d3244b745253ea6f9b1dc592f793a505c", 0x46}, {&(0x7f0000000780)="d823fd0261a7ee6ddabf90517ffcf425783214d2ed26f24702c451d657bb8f89f5b1ce274e926d28968e9bbb523e9b7363600611a3adcf9e2b95b02e2335672211b982", 0x43}], 0x9, 0xd, 0x31, 0x4) mount$bpf(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000180), 0x4010, 0x0) chdir(&(0x7f0000000140)='./file0\x00') bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000400)=@generic={&(0x7f0000000080)='./file0\x00', r0}, 0x18) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)) 14.96995863s ago: executing program 4 (id=134): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x5c, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x2}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x5c}}, 0x0) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000040601020000000000000000020000020500010007", @ANYRESHEX=r1, @ANYRES32=0x0], 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x5) 14.875822425s ago: executing program 4 (id=135): ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f00000000c0)={0x1, 'veth0_to_team\x00', {}, 0xff91}) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x20}, 0xc) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000040)=0x12, 0x4) sendto$inet6(r1, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback, 0x7fff}, 0x1c) sendto$inet6(r0, &(0x7f00000001c0)="0e301400b680048852c52f8a3bc8aa587a505073d135a3bd2c0ca0207e95a9656fc570b7fc210a3550f809a891d7114b", 0x30, 0x40000, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback, 0x2}, 0x1c) sendmmsg$sock(r0, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)='Zz', 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000280)="a6", 0x1}], 0x1}}], 0x2, 0x40080) shutdown(r0, 0x1) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x5) syz_open_dev$media(&(0x7f0000000040), 0x2, 0x102) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, &(0x7f0000000040)='\x00') ioctl$KVM_SET_CPUID2(r4, 0x4048aecb, &(0x7f00000000c0)=ANY=[@ANYBLOB="070000000000000007000000ffffffff"]) 14.737656105s ago: executing program 4 (id=139): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x3c, r1, 0x1, 0x0, 0x0, {0x7}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040000}, 0x4000000000000000) 14.737407775s ago: executing program 4 (id=140): r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local}) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x92) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r3 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x103a42, 0x32) ftruncate(r3, 0x6000000) copy_file_range(r3, 0x0, r3, &(0x7f00000004c0)=0x100, 0x9, 0x0) r4 = syz_io_uring_setup(0x24fe, &(0x7f0000000300)={0x0, 0xf36e, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x20}}, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000240)=""/122, 0x7a}], 0x1) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<'], 0x38}}, 0x80) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r7, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x10, 0x0, @fd_index=0x8, 0xfff, 0x0, 0x6, 0x0, 0x1}) io_uring_enter(r4, 0x2d3e, 0x2936, 0x0, 0x0, 0x0) r8 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r8, 0x107, 0x9, &(0x7f0000000080)=0x1, 0x4) setsockopt$packet_rx_ring(r8, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) write$tun(r1, &(0x7f0000000140)=ANY=[@ANYRES16=0x0], 0xfdef) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000170000009500000000000080bb33e3c94378b1a6b5befa1ba8dfad5ac1dadf63cd134018e15e57dffb27a6915e7fcce606c13ec8be3c02babc09a95e88f4804ae57c4d9ab6f476ba3e529e500a64ff8f855c4142aca5468a8877facc7dd5c7f5f2ba21872e000000000000000000000000004b56c156b40f2933733d256673237a64ee9d35ea2778cdb729506a5e7fb6552c27"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 14.579247384s ago: executing program 4 (id=142): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r2 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_qrtr_TIOCOUTQ(r2, 0x5411, &(0x7f00000003c0)) r3 = accept4$x25(r1, &(0x7f0000000000)={0x9, @remote}, &(0x7f0000000040)=0xfffffffffffffe7f, 0x80000) r4 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000002500), 0x420, 0x0) read$FUSE(r4, &(0x7f00000004c0)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'vlan1\x00', 0x0}) r10 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002940)=ANY=[@ANYRESOCT=r6, @ANYRES16=r5, @ANYRES16=r0], 0x34}}, 0x0) r11 = dup(r7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r11, 0x0) r12 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000002780)={@ifindex, 0x11, 0x1, 0xffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f00000025c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000002580)=[0x0, 0x0, 0x0], &(0x7f0000002540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0}, 0x40) r14 = fsopen(&(0x7f0000000100)='fuse\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r14, 0x1, &(0x7f0000000000)='source', &(0x7f0000000200)='c:::\x00', 0x0) r15 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x20, &(0x7f0000000080)={&(0x7f0000000300)=""/231, 0xe7, 0x0, &(0x7f0000000180)=""/158, 0x9e}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="0e0008000051620002000000000010001200009c595d19a2021550ed8784397ae299cde426ce8293e1a64e8c2500", @ANYRES32=r15], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r17 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x282800, 0x0) connect$inet6(r17, &(0x7f0000000040)={0xa, 0x4e21, 0x7f, @dev={0xfe, 0x80, '\x00', 0xd}, 0xfff}, 0x1c) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002700)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0xdb0, '\x00', r9, r11, 0x5, 0x4, 0x1, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000002880)={0x1e, 0x23, &(0x7f0000002a80)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, [@map_idx={0x18, 0x4, 0x5, 0x0, 0x9}, @initr0={0x18, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0xa9}, @call={0x85, 0x0, 0x0, 0x99}, @tail_call, @ringbuf_output={{}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ldst={0x3, 0x3, 0x6, 0x6, 0x6, 0xffffffffffffffff, 0x10}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000002c0)='GPL\x00', 0x3ff, 0xa8, &(0x7f0000002600)=""/168, 0x41000, 0x0, '\x00', r9, @sk_lookup, r12, 0x8, &(0x7f0000000300)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000026c0)={0x0, 0x10, 0x1}, 0x10, r16, r11, 0x9, &(0x7f0000002580), &(0x7f00000027c0)=[{0x3, 0x3, 0xf}, {0x5, 0x3, 0xa, 0x4}, {0x2, 0x4, 0x7, 0x8}, {0x3, 0x2, 0xf, 0x3}, {0x2, 0x3, 0x9, 0xa}, {0x4, 0x5, 0x2, 0x2}, {0x0, 0x5, 0x9, 0xc}, {0x3, 0x2, 0x4, 0x8}, {0x0, 0x2, 0x5, 0x6}], 0x10, 0x2, @void, @value}, 0x94) fsconfig$FSCONFIG_SET_STRING(r14, 0x1, &(0x7f0000000040)='source', &(0x7f0000000240)='ceph\x00', 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000380)=ANY=[@ANYRES32=r14, @ANYRES32=r11, @ANYBLOB='#\x00\x00\x00\"\x00\x00\x00', @ANYRES32=r12, @ANYBLOB="126b16bed9160f7f416dd94110fe24f521a5c4928c06dc4e7e5e4bc67c8cc6d86f05eae92f9eb26ec859be5ab4a7c41d6d0cecf84bfbb63bd483c9b79d19a1bd56f9b75c46c1a0ab6523af61f06267cd33ceebd69f5ce5456989def00e2cb527b13f1c2b94e349329489513d5e10fcc994284403b91c6ae5a046477e88a8c0b28b8859cd4cdcff89c00ac269a1144746bf888e1a05a6cafbcaf8c625327ddf0aa6d5950f5e79263dfbb33900ac53aa04e007867decbb051477de3217a191688cc4da3401aaeff744f3abb6f54f48a553b30501de938d1e44b220e87d53b08042e4f725a126b9b5dc57a0bd10f91276639d2c35483f616b94", @ANYRES32=0x0, @ANYRES64=r13], 0x20) ioctl$SIOCX25SFACILITIES(r3, 0x89e3, &(0x7f00000000c0)={0x22, 0x1, 0x8, 0xb, 0x10000, 0x81}) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r0, &(0x7f0000000340)="0a000300010001", 0x7) 14.025653954s ago: executing program 4 (id=151): r0 = syz_open_dev$video4linux(&(0x7f0000000040), 0xeb000000000, 0x4403) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000200)={0x0, 0x0, {0xfffffffb, 0x24d457e6, 0x100c, 0x8, 0x7, 0xe, 0x3, 0x4}}) (async) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000200)={0x0, 0x0, {0xfffffffb, 0x24d457e6, 0x100c, 0x8, 0x7, 0xe, 0x3, 0x4}}) bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r0}, 0x8) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xd, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050100fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b81714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347383a352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd21142525815fee328b1edd667acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb10000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x78, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000000)={0xffffffff}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r1, 0xffffffffffffffff, 0x4, 0x0, @void}, 0x10) (async) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r1, 0xffffffffffffffff, 0x4, 0x0, @void}, 0x10) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/uevent_helper', 0x149a82, 0x100) sendfile(r2, r2, 0x0, 0x5) accept4(r2, &(0x7f0000000140)=@ethernet={0x0, @broadcast}, &(0x7f0000000280)=0x80, 0x0) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) (async) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) bind$alg(r3, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha256-neon)\x00'}, 0x58) 13.920768094s ago: executing program 33 (id=151): r0 = syz_open_dev$video4linux(&(0x7f0000000040), 0xeb000000000, 0x4403) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000200)={0x0, 0x0, {0xfffffffb, 0x24d457e6, 0x100c, 0x8, 0x7, 0xe, 0x3, 0x4}}) (async) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000200)={0x0, 0x0, {0xfffffffb, 0x24d457e6, 0x100c, 0x8, 0x7, 0xe, 0x3, 0x4}}) bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r0}, 0x8) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xd, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050100fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b81714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347383a352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd21142525815fee328b1edd667acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb10000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x78, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000000)={0xffffffff}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r1, 0xffffffffffffffff, 0x4, 0x0, @void}, 0x10) (async) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r1, 0xffffffffffffffff, 0x4, 0x0, @void}, 0x10) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/uevent_helper', 0x149a82, 0x100) sendfile(r2, r2, 0x0, 0x5) accept4(r2, &(0x7f0000000140)=@ethernet={0x0, @broadcast}, &(0x7f0000000280)=0x80, 0x0) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) (async) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) bind$alg(r3, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha256-neon)\x00'}, 0x58) 3.490392557s ago: executing program 2 (id=260): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="170000003600"/20, @ANYRES32=0x1], 0x50) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0182101, &(0x7f00000004c0)) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000f4000040"]) 2.407659833s ago: executing program 2 (id=284): r0 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000000280)={0x10, 0x0, 0x0, 0x400000}, 0xc) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r2, &(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc) r3 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r3, &(0x7f00000001c0)={0x10, 0x0, 0xa03, 0x200}, 0xc) r4 = socket$netlink(0x10, 0x3, 0x15) bind$netlink(r4, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x810000}, 0xc) r5 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r5, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc) r6 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r6, &(0x7f0000000280)={0x10, 0x0, 0x0, 0x4140045e}, 0xc) r7 = socket$netlink(0x10, 0x3, 0x2) bind$netlink(r7, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x22ffffffff}, 0xc) r8 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r8, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x400}, 0xc) r9 = socket$netlink(0x10, 0x3, 0x4) bind$netlink(r9, &(0x7f0000000200)={0x10, 0x0, 0x25dfdbff, 0x200000}, 0xc) r10 = socket$netlink(0x10, 0x3, 0x8) bind$netlink(r10, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x22ffffffff}, 0xc) r11 = socket$netlink(0x10, 0x3, 0x14) bind$netlink(r11, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x200}, 0xc) r12 = socket$netlink(0x10, 0x3, 0x4) bind$netlink(r12, &(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc) r13 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r13, &(0x7f0000000280)={0x10, 0x0, 0x25dfdbfe, 0x200}, 0xc) bind$netlink(r1, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x20000}, 0xc) r14 = socket$netlink(0x10, 0x3, 0x4) writev(r14, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422001f00000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1) 2.407541005s ago: executing program 2 (id=285): timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x5e37, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) io_uring_setup(0x4d25, &(0x7f0000000200)={0x0, 0xd43f, 0x2, 0x3, 0x3e4, 0x0, r0}) (fail_nth: 21) 2.260309982s ago: executing program 2 (id=287): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000f4000040"]) (fail_nth: 7) 1.970052176s ago: executing program 2 (id=294): syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x3) socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0xe44344, 0x0) r1 = dup(r0) openat$vnet(0xffffffffffffff9c, &(0x7f00000038c0), 0x2, 0x0) eventfd(0x2) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x511e36599023629, 0x100000, 0x0, 0x4000000, 0xffffffff, 0x1, 0x0, 0x0, 0x5, 0x4}) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r2, 0x40a85321, &(0x7f00000004c0)={{0x80}, 'port0\x00', 0x8, 0x100075, 0xffefffff, 0x4, 0x1ff, 0x0, 0x0, 0x0, 0x6}) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e24, 0x1, @mcast1, 0x6}}, 0x400004, 0xc, 0x7fff, 0xfffffffe, 0x8, 0x4, 0xaf}, &(0x7f00000005c0)=0x9c) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r3, 0x107, 0x11, &(0x7f0000000100)=0x5, 0x4) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'geneve0\x00', 0x0}) sendto$packet(r3, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r1, r1, 0x2d, 0x0, @val=@tracing={0x0, 0x3}}, 0x20) socket$packet(0x11, 0x2, 0x300) r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f00000001c0)={0x1f, 0x0, @none}, &(0x7f0000000280)=0xe, 0x80800) dup3(r0, r7, 0x0) sendmsg$nl_generic(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000340009000000000039dcb50cebbeffb0"], 0x14}, 0x1, 0x0, 0x0, 0x4841}, 0x4000010) r8 = syz_clone(0x2202080, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r8) ptrace$peeksig(0x4209, r8, &(0x7f0000000480)={0x7, 0x1}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) 1.898371132s ago: executing program 2 (id=296): r0 = syz_io_uring_complete(0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={0xffffffffffffffff}, 0x106}}, 0x20) syz_usb_connect(0x5, 0x6a2, &(0x7f0000000080)={{0x12, 0x1, 0x300, 0xe4, 0x78, 0x29, 0xff, 0x4f2, 0xb5eb, 0x4913, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x690, 0x3, 0x1, 0x36, 0xa0, 0x7, [{{0x9, 0x4, 0xe, 0x2d, 0x10, 0xe, 0x1, 0x0, 0x6, [@uac_control={{0xa, 0x24, 0x1, 0x462b, 0x6}}, @cdc_ecm={{0x6, 0x24, 0x6, 0x0, 0x0, "a2"}, {0x5, 0x24, 0x0, 0x8001}, {0xd, 0x24, 0xf, 0x1, 0x80000000, 0x8, 0x4, 0x7}, [@obex={0x5, 0x24, 0x15, 0x9}]}], [{{0x9, 0x5, 0x4, 0x0, 0x8, 0x81, 0x81, 0x2}}, {{0x9, 0x5, 0xc, 0x0, 0x200, 0x79, 0xf, 0xc2, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x2, 0x67da}]}}, {{0x9, 0x5, 0x5, 0x0, 0x10, 0x1, 0x0, 0x8, [@generic={0x54, 0x10, "4340563b4c97973a7ba0e513027c0f92f39bc76d397d799242712de9af2b6a7a2e0cb4a469ae6a6dd5808de1487759f08d572f92df24a3acc097b2564910b926f364dc48792d82560997385590b8be95488f"}, @generic={0x83, 0xe, "4e5e3b6c26a4856159624e77dac072282b24e608f5c4b011e6baa1160d161a812d264c5ea1fa80958555aa9816cdf7f593dda3fc07fb196c18906623ad2988f6c35e9f8ec410743f77e93f3e2710f4d410263fc161c964ae8b959eea185e5e533031a8b2790105ea631f5f015e9efbb0020e9d88a7588092b306da287098f9f4fd"}]}}, {{0x9, 0x5, 0x0, 0x10, 0x8, 0x1, 0x9, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0xfc, 0xff}]}}, {{0x9, 0x5, 0x6, 0x8, 0x10, 0x1, 0x6, 0xff}}, {{0x9, 0x5, 0x8, 0x10, 0x3ff, 0x2, 0x8c, 0xa, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x6, 0x7f}, @generic={0x44, 0xf, "30f13aed15fc113b5399687fadb71d3fa2fd2eb58570e6bc0aab57c5a54b75220030426b5e42686bcde48660d74777356075a14c0dcd574b22c22ca7538ba702c843"}]}}, {{0x9, 0x5, 0xc, 0xc, 0x8, 0x8, 0x1, 0x18}}, {{0x9, 0x5, 0xc, 0xc, 0x400, 0x9, 0x58, 0x40}}, {{0x9, 0x5, 0x80, 0x0, 0x10, 0xf9, 0x84, 0x43}}, {{0x9, 0x5, 0xf, 0x10, 0x40, 0x5, 0x8, 0xc}}, {{0x9, 0x5, 0x0, 0x1, 0x40, 0x3, 0x5, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x6, 0xfa}]}}, {{0x9, 0x5, 0xc, 0x0, 0x8, 0x2, 0xd, 0x8}}, {{0x9, 0x5, 0xa, 0x2, 0x20, 0x8, 0x12, 0x3, [@generic={0x64, 0xe, "1600feb35d0979e9fd5b3e5d0dc3ff8879f4fbd0831c8ff6ca656874f06f2472bcf3b6aae60e6a86b209a6d29d308ed33a68bce99c3a4763fc01401984a05d0dcaff97b689da969528c68f9f0ea97384bfac58e700e59efad28a8caaed7beb42ed02"}, @generic={0xeb, 0x23, "cb81a17084183376a123a68ac0f7abc3b862919737cf6672e458577c9eb42a884c187be1a6e03ec761a28fda41387d7cce7e5cc11d68a1dfd4298dfa5332112ba6a0d2914d45c24a43db6e38bfc039d34b21298a2888c99f1d956ba238ee10675ba633091c22359baf202e58ea93db6e29c7814801596134cfa60bc13855cfa11f7876217a213193c43086f68dbff44b10fdc9b0fffbb117c2a72572dd834d248f6cc351621cf4d1f02ff5c126c6b8bda8594f04b8a993e3fc543b06e151a3799559afde842083f846501365bb21a4f2aca40152b6ffb9f672674162e092d81e01715cf0fe9f7635cd"}]}}, {{0x9, 0x5, 0x80, 0xc, 0x40, 0x3, 0x8, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x4d, 0x9}]}}, {{0x9, 0x5, 0x4, 0x0, 0x20, 0xe, 0x1, 0x6}}, {{0x9, 0x5, 0xc, 0x10, 0x400, 0x7f, 0x7, 0x1, [@generic={0x77, 0x6, "e5e0066b7c06e224daa1b4df4a5b68f414a264e62d45a450a22fee3f098ba3322c6dd16053723a1c68d32e3e46b4ca4bce98417aa01f92143548cedc952c03b330015bcbaaaadcf3348975be1d623a7c2c5ddb9c98d6c2cbfe95f2f0f16f0dd7b07e807b27a45ec08e1abf67a12aaad7bd1a7a1261"}, @generic={0x4f, 0x6, "cb15117585c0f2190dc48d7c6df2e75386514c29c6a7e2eee1a1b360a44999dbf4ec149f74e92b84b6d3af384bbb34c93fe33135d7db5238a39e038f0a49433fcdebecdcea92be06b30855a8ec"}]}}]}}, {{0x9, 0x4, 0x93, 0x8, 0x8, 0xa5, 0x15, 0xf2, 0xb, [@cdc_ncm={{0xa, 0x24, 0x6, 0x0, 0x1, "2f2f01ba19"}, {0x5, 0x24, 0x0, 0x2d74}, {0xd, 0x24, 0xf, 0x1, 0x981, 0x0, 0x9, 0x3}, {0x6, 0x24, 0x1a, 0x7, 0x22}, [@mbim={0xc, 0x24, 0x1b, 0x7f, 0xf89c, 0x2, 0x7, 0x7, 0x6}, @network_terminal={0x7, 0x24, 0xa, 0xb, 0x1, 0xc, 0x6}, @mdlm_detail={0x5c, 0x24, 0x13, 0x1, "c5fd74dcca046a6a15c77fab9f4845ea041b49f2473ed1c5d332593c25fa0e9242735f9faed311383a2eb8e241afa3830c0c8dc086d39aa0c3f69c36746754ed46a43ab547e8a7cdb8d98c6bbb9853810263ec6ecc55cc64"}, @country_functional={0x10, 0x24, 0x7, 0x7, 0xc8, [0x8, 0x8, 0x7, 0x0, 0x2]}, @mdlm={0x15, 0x24, 0x12, 0x401}]}, @generic={0x24, 0x23, "475491e08eb578b57d26fcc87c71f09c0aaf1c42c763de7f65fd7df70333d32708a4"}], [{{0x9, 0x5, 0x80, 0x2, 0x8, 0x7, 0x6, 0x9}}, {{0x9, 0x5, 0x0, 0x2bd21d3809b21e1d, 0x3ff, 0x1, 0x9, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x5, 0xcfce}]}}, {{0x9, 0x5, 0x5, 0x3, 0x200, 0x4, 0xfc, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0xef, 0xfffd}]}}, {{0x9, 0x5, 0x5, 0x0, 0x3bf, 0x5, 0x5, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x0, 0x4}]}}, {{0x9, 0x5, 0x1, 0x1, 0x3ff, 0x7, 0xe, 0x80, [@generic={0xc9, 0xd, "a91d2451405449f736b3787ef44e2802aed6e20c72c3d87a60edc21797b85dd650cff1b0f35ec54f56e6d0f4c254573f6ef34c208fa11d36193f2976ca6b576e78cfd196144012bc25490ce2968d101f4f5d8f02bfee28fa16b0077c172c0b125ef3ea69a0c9b124c48fc9e4ceb46145d2d08ef35a90d619533ec7ecdfaab1d596cf7577d7bac0d779247fa0f7a03c92ec86b1fb554b8bbaf71c7f3b4cbfa6fa88ccc5c7d75fe9f68d12e61af4661c7c54f80aefb1f565e6af1330059124ca0aca5cda6281edee"}, @uac_iso={0x7, 0x25, 0x1, 0x3, 0x6, 0xffc0}]}}, {{0x9, 0x5, 0x4, 0x4, 0x200, 0x6f, 0xff, 0xff, [@generic={0x41, 0x21, "14ac2c624eed17ce11fc4964d74ac3cfb6f044116fd55757e8134454b417fdfa7b0144a093742081abec92f5a69cc733d3df686cdb453183da2004c971df14"}]}}, {{0x9, 0x5, 0x4, 0x10, 0x7ff, 0xbf, 0xb, 0x3}}, {{0x9, 0x5, 0x0, 0x4, 0x8, 0xf6, 0x5, 0xe5, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x4, 0x9}]}}]}}, {{0x9, 0x4, 0xde, 0x8, 0x0, 0xc6, 0x22, 0x54, 0x8, [@uac_as={[@format_type_ii_discrete={0xb, 0x24, 0x2, 0x2, 0x7, 0xfffa, 0x9, "92f7"}, @format_type_i_discrete={0x9, 0x24, 0x2, 0x1, 0x0, 0x3, 0x9, 0xe6, "c3"}]}]}}]}}]}}, &(0x7f0000000800)={0xa, &(0x7f0000000740)={0xa, 0x6, 0x328, 0x34, 0x9, 0x6, 0x10, 0x3}, 0x1a, &(0x7f0000000780)={0x5, 0xf, 0x1a, 0x3, [@ptm_cap={0x3}, @ext_cap={0x7, 0x10, 0x2, 0xa, 0x5, 0xb}, @wireless={0xb, 0x10, 0x1, 0x8, 0x2, 0x67, 0x40, 0x9, 0xb}]}, 0x1, [{0x4, &(0x7f00000007c0)=@lang_id={0x4, 0x3, 0x422}}]}) ioctl$F2FS_IOC_DECOMPRESS_FILE(r0, 0xf517, 0x0) sendmsg$AUDIT_DEL_RULE(r0, &(0x7f0000000d00)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000880)={0x42c, 0x3f4, 0x200, 0x70bd2c, 0x25dfdbfc, {0x0, 0x1, 0xd, [0x80000001, 0x1, 0x800, 0xaf4, 0x1, 0x6, 0x2, 0x9, 0x40, 0x30000, 0x3, 0x9, 0x2f27, 0x8, 0x7ff, 0x40, 0x1, 0x2, 0x8, 0xa9, 0x9, 0x7, 0xf, 0x200, 0x8, 0x3ff, 0x2, 0x3, 0x0, 0x7, 0x0, 0x10001, 0x8, 0x5, 0x4, 0x1, 0x200, 0xff8000, 0xfa4, 0x2, 0x5, 0x9a7c, 0x7cf51f10, 0x95, 0x716, 0x4, 0xaa, 0x5, 0x9, 0x6d, 0x9, 0x9, 0x1, 0x6, 0x0, 0x7, 0xf, 0x5, 0x1, 0x19, 0x2, 0x10f, 0xfe, 0x200], [0x100, 0x8, 0x1, 0x5, 0x7, 0xffffffff, 0x2, 0x8, 0xa141, 0x2, 0xfffffff4, 0x3, 0x4, 0xfffffffd, 0x7, 0xffffffff, 0x9, 0x0, 0x8637, 0x1, 0xf, 0x8, 0x11, 0x2, 0x0, 0x4e, 0x1, 0xfffffffd, 0x1, 0x4, 0xffff, 0xfffffe00, 0x1, 0x2, 0x3, 0xfffffffe, 0x4, 0x10, 0x2, 0x400, 0xfffffffe, 0x800, 0x951, 0x8, 0x9, 0x0, 0x5, 0x4, 0x9, 0xfe, 0x0, 0x7, 0x8, 0x2, 0x326, 0x7, 0x4, 0x5, 0x6, 0x9, 0x40, 0x2, 0x0, 0x770], [0x8, 0x7, 0xb64, 0xd, 0x3, 0x1, 0x800, 0xff, 0x1, 0x6, 0x1, 0x8, 0x5f9, 0x5f, 0xfffffff9, 0x5, 0x8, 0x5, 0x80, 0xb923, 0x1, 0x1, 0x73a, 0x80010, 0xfff, 0x401, 0x3, 0x2, 0x10000, 0x5, 0xb176, 0x1, 0xff, 0x6, 0xb5e0, 0x8001, 0xb, 0x7b1bd24, 0x2, 0xac, 0x5, 0xfffffffb, 0x2, 0x200, 0x6, 0x6, 0x2, 0x101, 0x572, 0x6, 0x4, 0x0, 0xfffffffa, 0x10001, 0x2, 0x1000, 0x654, 0xc621, 0xf, 0x1, 0x8be5, 0x5551, 0x9, 0x4], [0xffffffff, 0x44c3db40, 0x401, 0x57000000, 0x0, 0x1e, 0x2, 0x0, 0x1, 0x6, 0x480, 0x8, 0x3ff, 0x4, 0x7, 0x4, 0x0, 0x6, 0x3, 0x1, 0x1000, 0xff, 0x6, 0x4, 0x3, 0x2, 0x2, 0x9, 0xb, 0x1, 0xffffffff, 0x2, 0x0, 0xfffffffd, 0x2, 0xa74, 0x1, 0x7fffffff, 0x6698e56e, 0x4, 0x420, 0x5, 0xbd, 0x2a08, 0x4df, 0x227, 0x4, 0x4, 0x401, 0x7, 0x5, 0x400, 0x0, 0x6, 0x94d, 0x10001, 0x8e, 0x9, 0x5, 0x7f9, 0xa991, 0x1, 0x6, 0x3], 0x9, ['\x00', '\x00', '\x00', ':^\\(\x00', '\x00']}, ["", ""]}, 0x42c}, 0x1, 0x0, 0x0, 0x20000000}, 0x50) sendmsg$RDMA_NLDEV_CMD_SYS_GET(r0, &(0x7f0000000e00)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d80)={0x38, 0x1406, 0x200, 0x70bd28, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x44044}, 0x0) lstat(&(0x7f0000000e40)='./file0\x00', &(0x7f0000000e80)={0x0, 0x0, 0x0, 0x0, 0x0}) r3 = getegid() ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000f00)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r2, r3}}, './file0\x00'}) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r4, &(0x7f0000001140)={0x5, 0x10, 0xfa00, {&(0x7f0000000f40), r1}}, 0x18) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001180)='/sys/power/mem_sleep', 0x54440, 0x40) quotactl$Q_GETINFO(0xffffffff80000501, &(0x7f00000011c0)=@loop={'/dev/loop', 0x0}, r2, &(0x7f0000001200)) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001280), r4) sendmsg$NL80211_CMD_SET_WIPHY(r6, &(0x7f0000001340)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001300)={&(0x7f00000012c0)={0x24, r7, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0xa031}, @NL80211_ATTR_WIPHY_RETRY_LONG={0x5, 0x3e, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x2200c055}, 0x800) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000013c0), r4) sendmsg$NL80211_CMD_SET_PMK(r0, &(0x7f0000001500)={&(0x7f0000001380)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000014c0)={&(0x7f0000001400)={0x9c, r8, 0x100, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_PMK={0x14, 0xfe, "7be85517a30cc5431c3892c1b809d0f6"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "5c7801aa68d49336059d2b14d2be4a5a"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "95238ede49affa64934290fe37f09c9d"}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "1736ffa6e5dd85edfa443df8693d3b61"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "b1887ad7688fcace8c7a0d73a9eb95d1"}]}, 0x9c}, 0x1, 0x0, 0x0, 0x4000000}, 0x801) r9 = syz_io_uring_setup(0x6640, &(0x7f0000001540)={0x0, 0xb71, 0x200, 0x3, 0x2a7, 0x0, r0}, &(0x7f00000015c0), &(0x7f0000001600)) r10 = openat$incfs(r0, &(0x7f0000001640)='.pending_reads\x00', 0x400000, 0x30) recvfrom$rose(r4, &(0x7f0000001680)=""/175, 0xaf, 0x140, &(0x7f0000001740)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, 0x1, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, 0x1c) ioctl$FS_IOC_GETFSUUID(r10, 0x80111500, &(0x7f0000001780)) r11 = socket$inet6(0xa, 0xa, 0x8001) ioctl$FS_IOC_FSGETXATTR(r11, 0x801c581f, &(0x7f00000017c0)={0xbb7, 0x24f, 0x5fc, 0x7, 0x7}) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000001840)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000001b40)={&(0x7f0000001800)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001b00)={&(0x7f0000001880)={0x25c, 0x0, 0x800, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0xb0, 0x7e87126}}}}, [@NL80211_ATTR_REKEY_DATA={0x18, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="0c9e49abc9d83ca58247137ba99f5bd5"}]}, @NL80211_ATTR_REKEY_DATA={0x54, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0xfff}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="afc68e05594e08c37f11864b3da306627b978978d4ede7c4c120f83dda33362b"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="d845e33cc53a9f1b3441ba62b930b7dc66c21dac81536db0022c516197fe7ff3"}]}, @NL80211_ATTR_REKEY_DATA={0x24, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="140ba6c7b178a6aaa7f067de02b5d898"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "0588749a93b6eda6"}]}, @NL80211_ATTR_REKEY_DATA={0x50, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x3}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x1000}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="644ad0484254ef60ab976b481489cd3effb657b63af84144"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "cf71533e6a1734bb"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="8dc1bb71919e86a9b2d6ea2168739391"}]}, @NL80211_ATTR_REKEY_DATA={0xb4, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="3283a7f62f761b7cd5483e4adaaa6407de33574802c4032376c465f8548b3cab"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="8e81fd7b6ef78d4f952a0abca87b634f"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x3}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="2521d5ef10fcc5512860907206cacfe0f486fd89c7314060ef4b03b18aea0161"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "d997cbfd01c2e6b2"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="d0fd100c77cde86a6d57b8d2d8802ff2838e900ff2e8ea6a0d3106a72554bfe8"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x8}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="65bd9aa54aba59a0ffffc9d7c9ebb59f"}]}, @NL80211_ATTR_REKEY_DATA={0x58, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="8c987ee959e75f34626ab60a27df1ab3"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="661033780967813542df42389101a15c05a611f70114fa4bbec8864b418c7cf2"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x7fff}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "da8939cabe897fe3"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x80000001}]}, @NL80211_ATTR_REKEY_DATA={0x1c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "1acc33ce634effc8"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "f75e37eb9d9b04be"}]}, @NL80211_ATTR_REKEY_DATA={0x2c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x4}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x1}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "b5220cfb4a658866"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "6c0ee3030d7e19b6"}]}]}, 0x25c}, 0x1, 0x0, 0x0, 0x20048040}, 0x41) write$RDMA_USER_CM_CMD_NOTIFY(r5, &(0x7f0000001b80)={0xf, 0x8, 0xfa00, {r1, 0x10}}, 0x10) shutdown(r11, 0x1) ioctl$TIOCSWINSZ(r10, 0x5414, &(0x7f0000001bc0)={0x6, 0x400, 0x7, 0x5}) bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=@base={0x21, 0x4, 0xc, 0x10000, 0x60010, r0, 0xcc, '\x00', 0x0, r9, 0x3, 0x2, 0x3, 0x0, @void, @value, @void, @value}, 0x50) 897.65619ms ago: executing program 1 (id=330): syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr, 0x2}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x4000) sendmsg$WG_CMD_GET_DEVICE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000002e80)={&(0x7f0000000340)=ANY=[], 0x2b08}}, 0x4004006) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000100)=@ccm_128={{0x304}, "2697312e4e898ca7", "35e23ca3a988def7dfbd438c536346cd", "11398f4a", "50cc97386065eda9"}, 0x28) recvmmsg(r0, &(0x7f0000001040)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17}, 0x2004}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f00000007c0)=""/106, 0x6a}], 0x1}, 0x4}], 0x2, 0x40000002, 0x0) 660.575559ms ago: executing program 5 (id=333): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r0, &(0x7f0000000340)="0a000300010095", 0x7) 660.450473ms ago: executing program 5 (id=334): r0 = syz_open_dev$swradio(&(0x7f0000000040), 0x0, 0x2) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f00000000c0)={0xf0f040, 0xa60}) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="6d706f6c3d62696e643a302d313a4e005318e8e9f1dd223b713a2a613291b22f97d18c5aba4ffcdd0e6c976938cd63a2339121dc932fcc"]) 569.832007ms ago: executing program 5 (id=335): syz_80211_inject_frame(0x0, 0x0, 0xb5) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e0000fe10008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) 569.223864ms ago: executing program 3 (id=336): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @broadcast}, {0x0, @link_local}, 0x4a, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'veth0_to_team\x00'}) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000280)={0x3}, 0x10) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) read$FUSE(r3, &(0x7f0000000580)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_DIRENTPLUS(r3, &(0x7f00000029c0)={0x658, 0x0, r4, [{{0x0, 0x2, 0x8001, 0x46, 0xff, 0x2, {0x6, 0xfa9, 0xfffffffffffffff9, 0xfff, 0x2, 0x3, 0x4, 0x0, 0xed07, 0xa000, 0x8, r5, 0x0, 0x55fd, 0x80000001}}, {0x0, 0x3, 0x6, 0x5, 'vcan0\x00'}}, {{0x6, 0x0, 0x5, 0xffffffffffffffc0, 0x3, 0x200, {0x3, 0x2, 0x5, 0xffffffffffffff01, 0xf, 0x7, 0xffff, 0x2, 0xfffffe01, 0x3000, 0x2, r5, r6, 0x5, 0x4c18}}, {0x0, 0x10001, 0x8, 0xb, '%pB \x00'}}, {{0x1, 0x0, 0xffffffff, 0x7, 0xf425, 0x2, {0x6, 0x7, 0x2, 0xf, 0xffffffffffffffff, 0x1, 0x2, 0x8, 0x9461, 0xe000, 0x7, r5, r6, 0x8000, 0x1ff8000}}, {0x1, 0xd0a9, 0xa, 0x9a5e, '/dev/cuse\x00'}}, {{0x6, 0x2, 0x5f, 0x4, 0x4, 0x1, {0x0, 0x7, 0x1000, 0xfffffffffffffff9, 0x8001, 0x0, 0x800, 0x80000000, 0xb83, 0xc000, 0x80000001, r5, r6, 0x28a, 0x7}}, {0x5, 0x4, 0x1, 0xa, '\x00'}}, {{0x5, 0x2, 0x8, 0x8001, 0xd, 0x6, {0x6, 0x184, 0x587, 0x8000, 0x8, 0x0, 0xffffffff, 0x6, 0x10, 0x2000, 0xb, r5, r6, 0x80000000, 0xb}}, {0x2, 0x8, 0x1, 0xa2, '('}}, {{0x2, 0x1, 0x9, 0x6, 0xfffffff8, 0x7fff, {0x5, 0x1, 0xc, 0xa, 0x6, 0x6, 0x3, 0x6, 0x7, 0x8000, 0x8, r5, r6, 0x5, 0x3}}, {0x3, 0x2, 0x1, 0x9, ','}}, {{0x6, 0x0, 0x5dd5, 0x3, 0x5, 0x81, {0x3, 0x100000001, 0x5, 0x2, 0x1, 0x2, 0x6, 0x69504f9e, 0x80000000, 0x2000, 0x6, r5, r6, 0x6, 0x5}}, {0x0, 0xfffffffffffffffc, 0x6, 0x4, '&\'.:&('}}, {{0x2, 0x1, 0x401, 0x5, 0x80, 0x4, {0x5, 0x404, 0x5, 0x4, 0x801, 0xff, 0x6, 0xd7a2, 0x7fff, 0x4000, 0x7f, 0x0, 0x0, 0x7fffffff, 0xc6}}, {0x4, 0x100000001, 0x4, 0xf4f, '\\--,'}}, {{0x5, 0x1, 0x7ff, 0x4, 0x3d, 0x7f, {0x6, 0x7, 0x5, 0x3, 0x59ec, 0x5, 0x4, 0xf6c, 0x80000000, 0x4000, 0x80, r5, r6, 0x6, 0x6a4a}}, {0x2, 0x54f, 0x8, 0x3ff, 'nl80211\x00'}}, {{0x5, 0x2, 0x2, 0x49f, 0x7fff, 0x65, {0x5, 0xbe4a, 0x707, 0x4b3, 0x0, 0x3, 0x10001, 0xfffff800, 0x6, 0x4000, 0x4b4cca3e, 0xee00, r6, 0x1, 0x62e2}}, {0x2, 0x101, 0x1, 0x3, '\xad'}}]}, 0x658) setuid(r5) sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20000000120051"], 0x26}}, 0x0) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000080)={{0x2, 0x0, @broadcast}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xb}}, 0x8, {0x2, 0x0, @empty}, 'team_slave_1\x00'}) r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_SET_XSAVE(r8, 0x5000aea5, &(0x7f00000002c0)={[0x7, 0x6, 0x200, 0x7fffffff, 0x80, 0xfffffff7, 0x0, 0x0, 0xfffffff7, 0xffff, 0x7a9252d1, 0x200, 0x1ff, 0x9, 0x2, 0x180, 0x43, 0x5, 0xfffffffa, 0x2, 0xb, 0x9, 0x57c, 0x4, 0x40, 0x5, 0x2, 0xffffbe71, 0x6, 0x2, 0x1, 0x3fd, 0x1, 0x0, 0x6, 0xd53, 0x2, 0x4, 0x4, 0x400, 0x8f3, 0x4d1b, 0x4, 0x8001, 0x7fffffff, 0x3e5, 0x81e0, 0x800, 0x2, 0x2, 0x90a, 0x1, 0xfffffff7, 0x1, 0x8, 0x8f0, 0x7, 0x7, 0x2, 0x2, 0x7, 0xffffff80, 0x4e, 0x6, 0x6, 0x2, 0x401, 0x1, 0x1, 0x7, 0x7, 0x7ff, 0x3, 0x0, 0x7, 0x8, 0x1000, 0x8, 0x93, 0xb, 0x313bbc80, 0x3, 0x1, 0x6, 0x9, 0x0, 0xfd, 0x6, 0x5, 0x13f9, 0x800, 0x3, 0xfffffffd, 0xffff, 0x5, 0x1ff, 0x80, 0x8001, 0xffffe2ed, 0x5, 0x40, 0x7, 0x1, 0x4, 0x2, 0x9, 0x8, 0x5, 0x2, 0x1, 0xf, 0x4, 0x1, 0xfffffffd, 0x6, 0x4, 0x4, 0x0, 0x9, 0x80000001, 0x10, 0x6, 0xc0, 0x9, 0x2, 0x10000, 0xe, 0x7, 0xffff2ba3, 0x6, 0x3, 0x4, 0x7, 0x8, 0x2, 0x3, 0x1, 0x3401, 0x7ff, 0x2, 0x3, 0x2, 0x4f, 0x800, 0x9, 0x2, 0x9, 0x6, 0x5, 0x1c000, 0x40, 0x9749, 0x6, 0x3, 0x1, 0xe58c, 0x7, 0x7, 0x4, 0x1, 0x8, 0x4, 0x3d5, 0xe, 0x2, 0x1, 0x9, 0x6, 0x200, 0xb, 0x8, 0x800, 0x6, 0x8000, 0xfff, 0x7, 0x4, 0x5, 0x367f0607, 0x7, 0x7fffffff, 0x2, 0x0, 0x2, 0x3, 0x8, 0x100, 0x4, 0x401, 0x401, 0x8, 0x5, 0x1, 0x5, 0x9, 0x5, 0x3, 0x1, 0x7, 0x8, 0x2, 0x6, 0x1aa, 0x1, 0x2, 0x4, 0x1, 0xa, 0x400, 0x0, 0x4, 0x7, 0x8, 0x100, 0x9, 0x9, 0xb25, 0x5, 0x2, 0xc1f, 0x6, 0x7, 0x3, 0x7, 0x100, 0x4, 0x100, 0xfffffff9, 0xb9a4, 0x2, 0x2, 0xb, 0x8000, 0xfe37, 0x6, 0x1, 0x4, 0x6, 0x4, 0x1, 0x6e6, 0x100, 0x5, 0xfffffffd, 0x8, 0x1, 0x651, 0x7fff, 0x1, 0xbe73, 0xc1d, 0x1, 0x5, 0x3, 0x280, 0x8, 0x3, 0xffff0001, 0x9, 0x2, 0x4, 0x1, 0x7, 0x2, 0xe4, 0x6, 0x8000, 0x800, 0x101, 0x0, 0x4, 0x8, 0x5c5, 0x1, 0x4, 0x2, 0x58, 0x6, 0x5, 0x5, 0x17, 0x80000000, 0xffff, 0x7, 0x8, 0x2, 0x7, 0x2, 0x3, 0x9, 0x4, 0xb5, 0xfffffc4d, 0xc, 0x0, 0x7, 0xa, 0x4, 0x9, 0xffffffff, 0x6, 0x3, 0x0, 0xf3, 0x3b, 0x40, 0x52eb, 0x80000001, 0x3, 0x1, 0x6, 0x2, 0x3ff, 0x60e, 0x4d8, 0x4, 0x8000, 0x6, 0x8, 0x58c8, 0x0, 0xc, 0x8, 0x6, 0xe, 0x4, 0x3ee6, 0x7, 0x80000000, 0x8, 0x36e, 0x8, 0x2f, 0xecb, 0x4, 0x7, 0xf, 0x7fff, 0x4, 0x5, 0xffff189c, 0xd, 0x3a, 0x8046, 0x7, 0x2a, 0x100, 0x7, 0x539e9c0f, 0xd, 0x4, 0x100, 0x6, 0x7, 0x6, 0x2, 0x3ff, 0x6, 0x7, 0x2, 0x6, 0x6, 0x0, 0x3, 0x9, 0x7, 0x6, 0x10000, 0x3, 0x5, 0x5, 0x1a0, 0x6, 0x80000000, 0xfff, 0x3, 0xffffffff, 0x6, 0x9, 0x10001, 0x8, 0x3, 0x9, 0x3, 0xa, 0x5, 0x9, 0x0, 0x4, 0x7, 0xffffffb8, 0x3, 0xd6, 0x5, 0x4000000, 0x0, 0x8, 0x8, 0xffff, 0x1, 0x3, 0x9, 0x6, 0x8001, 0x1, 0x8, 0x7, 0x6, 0xa401, 0x4, 0x80000001, 0x3, 0x4136, 0x1, 0x6, 0x9, 0x5, 0x8000, 0x8, 0x7, 0x8, 0xfffffffe, 0xb1f0, 0x1, 0x1, 0x4, 0x10, 0x3, 0x1, 0x1, 0xffffffff, 0xc53b, 0xe32, 0x2, 0x2, 0x3, 0x10, 0xbc, 0x7, 0x8, 0x8, 0x3, 0x7f, 0x4d, 0x1, 0x4, 0x7ff, 0xfffffff7, 0x0, 0x9, 0x7, 0x10000, 0x7c, 0x7, 0x0, 0x7, 0x3, 0x800, 0x6, 0x7, 0x8, 0x40, 0x1ff, 0x5, 0x1ea, 0x1, 0x0, 0xffff, 0x3ff, 0x0, 0x6, 0x0, 0x9, 0x10001, 0xa, 0x5, 0x800, 0x1, 0x2, 0x0, 0x54, 0x8, 0x60758b5, 0x80000000, 0x6, 0x500, 0x40, 0x0, 0x6, 0x200, 0x3ff, 0x401, 0x0, 0x9, 0x9, 0x7ff, 0xbaf, 0x7f, 0x6, 0x9, 0x4, 0x7fff, 0x4, 0x8, 0xfdf, 0x0, 0xff, 0x87d, 0x29018039, 0x0, 0x7, 0x0, 0xfffffffa, 0x0, 0x7, 0x5, 0x8, 0x4, 0x1, 0xfffffffe, 0x8001, 0x7cdd222, 0x6, 0x8, 0xf63f, 0xc7a4, 0x5, 0x8, 0x5, 0x8, 0x97, 0xc, 0x80000000, 0x54d58159, 0x10000, 0x2, 0x400, 0x7e1b5756, 0x6, 0x3, 0x2, 0xc000000, 0xd, 0x3, 0xd, 0x4, 0xfff, 0x80000000, 0x7, 0x7, 0x2, 0x0, 0x6, 0x24c6, 0xb6f, 0x7, 0x3ff, 0x2, 0x5, 0x10b3, 0x3ff, 0x4f57, 0x5, 0xb, 0x8, 0x5, 0x2, 0x80000000, 0x7fffffff, 0x2, 0xe3, 0x1, 0x6a, 0x1000, 0x0, 0x2, 0x0, 0x2fa6, 0xfffffffd, 0x5, 0xa9a, 0x7fff, 0x0, 0x9, 0xfffffffd, 0xffffffff, 0x200, 0x6, 0x0, 0x7, 0x4, 0x1, 0x2, 0x6, 0x784, 0x3, 0x8, 0xd, 0x1, 0x9, 0x40, 0x9, 0x11d, 0x2a10, 0xe79, 0x7, 0x2, 0x80000000, 0x10001, 0x6, 0xfff, 0x100, 0x8, 0x9, 0x8, 0x6, 0xfff, 0x21a7, 0x9, 0xfffffff9, 0xb, 0xfffffff7, 0x8, 0xa, 0x401, 0x8000, 0x7, 0x5, 0x2, 0xc, 0x81, 0x0, 0x0, 0x10001, 0x3, 0x1, 0x849, 0x81, 0x80000000, 0x8, 0x81, 0xd, 0x1, 0x12000000, 0x600000, 0x2, 0x4, 0x8, 0x4, 0x9, 0x5, 0x9, 0xc, 0x10000, 0x3, 0x2, 0x5, 0x8, 0x1, 0x6, 0x3ff, 0x0, 0xfffffffa, 0x3, 0x1, 0xf, 0x9, 0xb270, 0xc, 0xefe, 0x89e7, 0x7ff, 0x6, 0xfffffffb, 0xaf7, 0x5, 0xb, 0x3, 0x1ff, 0x200, 0x1eaa, 0x0, 0xfffffffe, 0x4, 0x9, 0x7, 0x2434, 0xff, 0x72b, 0x4, 0xffff, 0x1ff, 0x2, 0x4, 0x34c0, 0x9f07, 0x80000000, 0x9, 0x8001, 0x8, 0x0, 0x9f90, 0x8f56, 0xa47, 0x34d1d304, 0x8001, 0x6, 0x0, 0x5, 0x1, 0x0, 0x1, 0x5, 0x3, 0x7e, 0x3, 0x6, 0x6, 0x2, 0x7128, 0x0, 0x7, 0x10001, 0x7, 0x80000000, 0x0, 0x81, 0xff, 0x0, 0x0, 0x2, 0xfffffffe, 0x4, 0xfff, 0x7, 0x1, 0x1, 0x6b, 0x9, 0x5, 0xb, 0x6, 0x3, 0xffffff01, 0x40, 0x8, 0xfffffff3, 0x4f3abaaa, 0x9, 0x0, 0x9, 0x6, 0x1, 0x6, 0x6, 0x4, 0x8, 0x5, 0xa, 0x0, 0x9, 0x1000, 0x4, 0xff, 0x6, 0x5, 0x4, 0x6, 0x3, 0x4, 0x3, 0x4, 0x5, 0x7, 0x8, 0xffffffff, 0x8, 0x0, 0x80, 0x5, 0xc7c7, 0x5, 0x101, 0x8, 0xffffffff, 0x8, 0x0, 0x3, 0x39ee, 0x1, 0xfffffe01, 0x5, 0x8, 0x3, 0x6, 0x7, 0xce, 0x10, 0x3, 0x3, 0x10001, 0xf, 0x33f8, 0x3, 0x7, 0x5, 0x4, 0xfffffffa, 0xd, 0x7, 0x8, 0x80000000, 0x8, 0x9b, 0xfffffffd, 0x88, 0x9, 0x99, 0x5, 0x7fff, 0x0, 0x4, 0x2, 0x0, 0x1, 0x40, 0x3, 0x9, 0x1, 0x3, 0x7, 0x1, 0x2, 0x9, 0x7, 0x1, 0x7d8, 0x9, 0x6, 0x3, 0x3, 0x7ff, 0x4, 0xcb, 0xffffffff, 0x413, 0x1, 0x2, 0x7f, 0x8, 0x6, 0x8, 0x8, 0x0, 0x5, 0x7f, 0x2, 0x3, 0x4, 0x2, 0x9d8, 0x7, 0xdf19, 0x9, 0x8, 0x8, 0x3, 0x17, 0x7, 0x783, 0xfffffffc, 0xff, 0x5, 0x5, 0x1, 0x8, 0x8, 0x2, 0x7f, 0x8, 0x0, 0x80, 0x9, 0x3, 0x2, 0x2, 0x20000000, 0x7ff, 0x1, 0x9, 0xfffffe00, 0x100, 0x2, 0x2, 0xeff, 0x7, 0x80, 0xfffffffe, 0x10000, 0x6b, 0x3ff, 0x9, 0x1, 0x3c0, 0x3, 0x0, 0x7, 0x0, 0x5, 0x5, 0x5, 0x2, 0x7, 0x853, 0x63, 0x4, 0x1, 0xffffffc0, 0x0, 0x4, 0x800, 0x3, 0x4, 0x1, 0x2, 0x0, 0xba, 0x9, 0x6, 0xd64e, 0x505, 0x1, 0xff, 0x0, 0x6, 0x9, 0x4, 0xe, 0x0, 0xcd, 0x7fff, 0x1000, 0xe, 0xb7, 0x8, 0xf9, 0x4, 0x3, 0x8, 0x5, 0x7fff, 0xb0c, 0x3, 0x40, 0x9, 0x7, 0x0, 0x8a, 0xe, 0x8, 0x234, 0x3ff, 0x7, 0x309, 0x3, 0x848, 0x3d0, 0x4, 0x424ebbbf, 0x9, 0xbc98, 0x1, 0x6, 0x8, 0xb6, 0x8001, 0x9, 0xff, 0x2, 0x4, 0xd9, 0x4, 0xb69, 0x101, 0x9, 0xffffffff, 0x9, 0x5, 0x7, 0x2, 0x9, 0x40, 0xfffffff9, 0x8, 0x9, 0x54, 0x2, 0x1, 0x8, 0x6, 0x3, 0x8, 0x5a, 0x2, 0x6, 0x7, 0x9, 0x9, 0x5, 0xffffff25, 0xb8, 0x3, 0x7, 0x9, 0xd, 0xfbf7, 0x5, 0x8459, 0x6, 0x2, 0x8, 0x2, 0xa]}) ioctl$KVM_SET_MSRS(r8, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000006010040"]) 447.023538ms ago: executing program 3 (id=337): getpid() mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x2, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) r0 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) chdir(&(0x7f0000000300)='./file0\x00') r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000000080)={0xfffffff7, 0x7f}) ptrace$ARCH_SHSTK_STATUS(0x1e, r0, &(0x7f0000000040), 0x5005) read$ptp(0xffffffffffffffff, 0x0, 0x0) 446.897922ms ago: executing program 3 (id=338): getpid() mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x2, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) r0 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) chdir(&(0x7f0000000300)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) (fail_nth: 25) 358.845908ms ago: executing program 1 (id=339): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_DEL_VIF(r0, 0xa000000, 0xcb, &(0x7f0000000180)={0x0, 0x8, 0x1, 0x401, @vifc_lcl_addr=@rand_addr=0x64010102, @broadcast}, 0x10) 358.493254ms ago: executing program 1 (id=340): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) socket$packet(0x11, 0x3, 0x300) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="68377863ac6ea61666eaa696435a75f1626fe3a3acedcaf71527ff51d446daac757559d2d6fc2b90952355ec6c61d718c91784312b1b4771888a0811895b02ffb658934b0bbd6466c9cc04cc7252f1f1deea5a8b9c6797c8f1263db526cf88899f7ecab544662eb34743cefb660a78cb9468d2900b3cda4cca9d89ab6d341d145acf249276dda272407bc98d9e5431316d468b9e4750f2316589dc4de3157592d27fd723a512c85b08035842b75ec422346f9696f4bb3226b0ca75d135ebd8cae46fb83b71c103e1fdcb1934fd1d28b4916abe2c44e26ea72be426c27052e816212096000155788943b846746ccb492175fc9e", 0xf3}, {0x0}, {&(0x7f0000000640)="d48c8225ddfdf2c06c27763617468581389d34126760ba3dd0fe077a7c2ce378dd62cafeeb4ba1493766d09fd561d69a5bf8109ffcd3e43d8c16b9c3fa92d4439c5af1fa4775d01dcf0748a24ab51b52fbe75287a4b9aaa18fd479bdd154b4efe531a242d90a1ca2799c242bfd4ddd8271448d3415bd3a907ad340dc2fa2471393212d02eb25242808cffdc4e7a646211c18ac8602f5fc1e4f82b72871a8d42f37988365ff226c1523bf01617976641421438e16378094c94f2e55a44150d9a358d92606afb12f21a63daadbb143d6ccdae88d53521b9fe51ffa", 0xda}, {&(0x7f0000000040)="f96be6c391f1f8b23ae44a70a75f4a5ed0e013f80882907ab089ee65d16a6c6f5c666dad31257fb48b66d940a3819d0809971ea8274a65901b", 0x39}, {&(0x7f0000000740)="f52ec22aafecc37a6d9995f1afb5c1727f223f9b84451a110b1dfbf19cc7ed183ba93f6d55645001887fc999262b9c938e22ef5ec46b4b1b535060dcca5cff1f0e5a1d9b32cef2b6e0a61af7968dc1759c4d901867d7d6e9f2521f6a1578e1cc2fbf58837a2633c0b8299192718c61227412dafd01e899723b33735bbec3e1429117362acc4139fc3565f183bd5568f47f4bc416adb360fdd9c497c2ad2ffe1ad738f4c073f1378d2b455e61844076a4a97ac1e13e2fb300ae69d55c501f96dcc39bf7ed835cc866f0fbd8e936e8374a484f111919dc610e0a36a0ee3df2ab1dc3", 0xe1}], 0x5}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="acc870bde54caaeacb0000108cef4fa7bf44702b284b2e80cb32d33a86853c8c28797c", 0x23}, {&(0x7f0000000e80)="5be3b011e12323e4ab88c0472f0700000000000000e71ba6231f303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf646e72f8fe", 0x75}], 0x2}}], 0x2, 0xc0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f00000007c0)='usrquota') chdir(&(0x7f0000000100)='./file1\x00') r1 = open(&(0x7f0000000080)='./bus\x00', 0x4001410c2, 0x766c618eb221465a) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x38, 0x38, 0x2, [@var={0x4, 0x0, 0x0, 0x11, 0x3}, @const={0x0, 0x0, 0x0, 0x2}, @func_proto={0x2, 0x0, 0x0, 0x13, 0x2}, @var={0x2, 0x0, 0x0, 0xe, 0x3, 0x2}]}}, 0x0, 0x52, 0x0, 0x4, 0x0, 0x0, @void, @value}, 0x28) quotactl_fd$Q_SETINFO(r1, 0xffffffff80000600, 0x0, &(0x7f0000000040)={0xfffffffffffffffe, 0xfffffffffffffff8, 0x0, 0x1}) 290.212635ms ago: executing program 3 (id=341): r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000001480), 0x8000, 0x0) ioctl$CDROMPLAYTRKIND(r0, 0x2284, &(0x7f00000014c0)={0x1, 0x2, 0x8, 0x86}) 170.069143ms ago: executing program 1 (id=342): r0 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000001ac0)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200"}}) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38) 169.836028ms ago: executing program 1 (id=343): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r2) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000040)={'syztnl0\x00', &(0x7f00000001c0)={'syztnl1\x00', 0x0, 0x2f, 0x1, 0x81, 0xc56, 0x10, @local, @empty, 0x80, 0x7, 0x4, 0xfffffffd}}) sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x30, r3, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x30}}, 0x4000000) sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYRES32=r1, @ANYRES16=r3, @ANYBLOB="01002dbd7000fedbdf252c000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x20048881}, 0x2000c800) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="4b978f608116b0afb08cf4d4acec8826877d6cc7dda1cfa0800a60a4183a7c5e5549b66fdca64a409b3b80ca515e6c5dabb120bb8efe0249b8569c55942b4d66372bf9ddc27468594dfad277f7f83a0fda3294a22949df4c7b99d27b6420fd75d334080000000000000000"]) 69.845306ms ago: executing program 3 (id=344): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x4800, 0x0) r1 = fsopen(&(0x7f0000000340)='afs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000000c0)='source', &(0x7f0000000280)='source', 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r3, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x1}, 0x1c) r4 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r4, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x40, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x30, 0x20, 0x301, 0x70bd2a, 0x25dfdbff, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@FRA_GENERIC_POLICY=@FRA_OIFNAME={0x14, 0x11, 'ip6erspan0\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x200080d5}, 0x8080) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, 0x0}) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=@newtaction={0x1f4, 0x30, 0x48b, 0x0, 0x0, {}, [{0x1e0, 0x1, [@m_csum={0x1dc, 0x1, 0x0, 0x0, {{0x9}, {0xe4, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x3, 0xfffffe45, 0x6, 0x8, 0x7fff}, 0xe}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0xfffffc01, 0x3, 0xda3, 0x7fffffff}, 0x48}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x8, 0x5, 0x3, 0x10}, 0x5}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x20, 0x7, 0x7, 0x1, 0x5}, 0x1c}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0xfffffffa, 0xb7, 0x4, 0x9, 0x5}, 0x6d}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x3b868d20, 0x8, 0x20000000, 0x6620e0cc, 0xffff}, 0x22}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x15e, 0x80000001, 0x20000000, 0x80000000, 0x7}, 0x6c}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x0, 0x200, 0x2, 0x3, 0xfffffff7}, 0x4c}}]}, {0xce, 0x6, "dcd24d2cc214839e628cac9705a91eadf1819c6ba68b82f03efef1412ab1f7d5a61b8e8265c60b7c955073f51735f46e04794505b81baf8788b0affc964392bc55ad9f239816a26ecb20c83a15766d024247121ac64087d82c9644aaaf2e01d81b3b9b4f0191552326583d59883d0eb40ea85ebcc5ef55aaea95e0b4262114ad284dd3dbaf737f0f38741144cb434e9e470087614a4c49a510bc46aee6994a0dd0b8b64795d4782702debdfb1234915e5e3efb68982e3145a7cd364b2e8c2e84cae6a428fd00b2c2d719"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x1f4}}, 0x20000050) ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, &(0x7f0000000040)={0xc}) ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f00000000c0)={0x20, r5, 0xfffffffffffffe90, 0x0, 0x0}) r7 = syz_open_dev$evdev(&(0x7f0000000080), 0x7, 0x20080) ioctl$EVIOCGNAME(r7, 0x80404506, &(0x7f0000000140)=""/187) openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x4800, 0x0) (async) fsopen(&(0x7f0000000340)='afs\x00', 0x0) (async) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000000c0)='source', &(0x7f0000000280)='source', 0x0) (async) socket$nl_route(0x10, 0x3, 0x0) (async) socket$inet6(0xa, 0x2, 0x0) (async) bind$inet6(r3, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x1}, 0x1c) (async) socket$inet6(0xa, 0x2, 0x0) (async) bind$inet6(r4, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c) (async) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x40, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x30, 0x20, 0x301, 0x70bd2a, 0x25dfdbff, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@FRA_GENERIC_POLICY=@FRA_OIFNAME={0x14, 0x11, 'ip6erspan0\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x200080d5}, 0x8080) (async) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc}) (async) socket$netlink(0x10, 0x3, 0x0) (async) sendmsg$nl_route_sched(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=@newtaction={0x1f4, 0x30, 0x48b, 0x0, 0x0, {}, [{0x1e0, 0x1, [@m_csum={0x1dc, 0x1, 0x0, 0x0, {{0x9}, {0xe4, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x3, 0xfffffe45, 0x6, 0x8, 0x7fff}, 0xe}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0xfffffc01, 0x3, 0xda3, 0x7fffffff}, 0x48}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x8, 0x5, 0x3, 0x10}, 0x5}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x20, 0x7, 0x7, 0x1, 0x5}, 0x1c}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0xfffffffa, 0xb7, 0x4, 0x9, 0x5}, 0x6d}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x3b868d20, 0x8, 0x20000000, 0x6620e0cc, 0xffff}, 0x22}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x15e, 0x80000001, 0x20000000, 0x80000000, 0x7}, 0x6c}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x0, 0x200, 0x2, 0x3, 0xfffffff7}, 0x4c}}]}, {0xce, 0x6, "dcd24d2cc214839e628cac9705a91eadf1819c6ba68b82f03efef1412ab1f7d5a61b8e8265c60b7c955073f51735f46e04794505b81baf8788b0affc964392bc55ad9f239816a26ecb20c83a15766d024247121ac64087d82c9644aaaf2e01d81b3b9b4f0191552326583d59883d0eb40ea85ebcc5ef55aaea95e0b4262114ad284dd3dbaf737f0f38741144cb434e9e470087614a4c49a510bc46aee6994a0dd0b8b64795d4782702debdfb1234915e5e3efb68982e3145a7cd364b2e8c2e84cae6a428fd00b2c2d719"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x1f4}}, 0x20000050) (async) ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, &(0x7f0000000040)={0xc}) (async) ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f00000000c0)={0x20, r5, 0xfffffffffffffe90, 0x0, 0x0}) (async) syz_open_dev$evdev(&(0x7f0000000080), 0x7, 0x20080) (async) ioctl$EVIOCGNAME(r7, 0x80404506, &(0x7f0000000140)=""/187) (async) 69.646023ms ago: executing program 5 (id=345): r0 = socket$netlink(0x10, 0x3, 0x15) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)="3900000013000b4700bb65e1c3e4ffff01000000350000005600000225", 0x1d}], 0x1) syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r0) 69.513294ms ago: executing program 3 (id=346): timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x5e37, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) io_uring_setup(0x4d25, &(0x7f0000000200)={0x0, 0xd43f, 0x2, 0x3, 0x3e4, 0x0, r0}) (fail_nth: 22) 68.614884ms ago: executing program 1 (id=347): sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000841}, 0x4000040) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="043d0e0000000c0000a1cad7949b2231002167a737000b30cfceb7a729d24f4571f50b53de736ced75baf0eeccd85454e18515b60654bc205fe4cf18341fec7768cefe000000"], 0x11) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0) write$binfmt_elf64(r2, &(0x7f0000000600)={{0x7f, 0x45, 0x4c, 0x46, 0x2, 0x0, 0x5, 0x7, 0x7, 0x1, 0x6, 0x1, 0x322, 0x40, 0x361, 0x9, 0x4, 0x38, 0x2, 0x8000, 0x4, 0x3}, [{0x3, 0x2, 0x3, 0x3, 0x7, 0x5, 0xffffffffced16e30, 0x3}, {0x2, 0x8, 0xfffffffffffffffa, 0x2, 0x1, 0x0, 0x7, 0x4}], "3cdbf9a7bdde7a3c1a90158febfdbce41a6dce725f320264bb164c027d176bad75d2d06b4ac992b5b71934253066fdce6ce350142e2eb3660cea368b355d1f92cd5d74f02fdeb2164e17e6041ca3f14d2bdee4943293a99e691cdab71a922523d9b7cfc7410e2805438be5fa8caca81e050e840a6b014917608aca08486e51e1359a972ad033a1840db9470365f4e59d137d1d76f27bfedafdd51bc2919cadf4cd863521823b3bffbc709d633bdb2150c51c80cebb2ad5f2c99f057aa2a0aa0b14decc915931be46d475a9f6a4d9b7f9355fd58c05a4543dcba5b44014b58e42cf0130f286", ['\x00', '\x00', '\x00', '\x00']}, 0x595) r4 = socket$vsock_stream(0x28, 0x1, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file1\x00', &(0x7f0000000100), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}}) bind$vsock_stream(r3, &(0x7f0000000240)={0x28, 0x0, 0x0, @hyper}, 0x10) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',']) read$FUSE(r5, &(0x7f0000002140)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r5, &(0x7f0000000440)={0x50, 0x0, r6}, 0x50) r7 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x1) ioctl$TIOCGPTPEER(r7, 0x4004092b, 0x8) 155.893µs ago: executing program 5 (id=348): mount$cgroup(0x0, &(0x7f0000000600)='.\x00', &(0x7f0000000640), 0x2008000, &(0x7f0000000080)={[{@noprefix}]}) r0 = semget$private(0x0, 0x207, 0x53) syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010102, @local}, {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x800}}}}}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_DEL(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)={0x14, 0x2, 0x9, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x44080) semctl$GETALL(r0, 0x0, 0xd, &(0x7f00000002c0)=""/119) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000020000000000000000000000850000004100000085000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 0s ago: executing program 5 (id=349): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000580)={'\x00', 0x5, 0x1000, 0x3, 0x0, 0x6, 0xeeef0000, 0xdddd0000, '\x00', 0xfffffff9}) kernel console output (not intermixed with test programs): 2688][ T5937] veth0_vlan: entered promiscuous mode [ 54.505339][ T5937] veth1_vlan: entered promiscuous mode [ 54.509294][ T5938] veth0_vlan: entered promiscuous mode [ 54.521313][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.533585][ T5945] veth0_macvtap: entered promiscuous mode [ 54.536637][ T5938] veth1_vlan: entered promiscuous mode [ 54.549740][ T5945] veth1_macvtap: entered promiscuous mode [ 54.556387][ T5937] veth0_macvtap: entered promiscuous mode [ 54.562265][ T5937] veth1_macvtap: entered promiscuous mode [ 54.585148][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.593867][ T5938] veth0_macvtap: entered promiscuous mode [ 54.600322][ T5949] veth0_vlan: entered promiscuous mode [ 54.604536][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.610014][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.613759][ T5938] veth1_macvtap: entered promiscuous mode [ 54.625242][ T5945] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.628347][ T5945] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.631937][ T5945] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.635529][ T5945] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.641304][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.658543][ T5949] veth1_vlan: entered promiscuous mode [ 54.661941][ T5937] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.665536][ T5937] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.669755][ T5937] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.673218][ T5937] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.681178][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.704688][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.720279][ T5938] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.723922][ T5938] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.728591][ T5938] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.731985][ T5938] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.766632][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.769189][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.778888][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.781555][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.814760][ T5949] veth0_macvtap: entered promiscuous mode [ 54.823395][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.826201][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.835480][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.836160][ T5949] veth1_macvtap: entered promiscuous mode [ 54.838295][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.859957][ T1155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.862995][ T1155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.872109][ T5945] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 54.881452][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.898534][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.905641][ T5949] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.906466][ T1149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.911491][ T1149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.912143][ T5949] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.917763][ T5949] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.921263][ T5949] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.997835][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.000501][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.031883][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.035533][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.109125][ T6029] sctp: [Deprecated]: syz.1.2 (pid 6029) Use of int in max_burst socket option deprecated. [ 55.109125][ T6029] Use struct sctp_assoc_value instead [ 55.124476][ T6029] process 'syz.1.2' launched './file0' with NULL argv: empty string added [ 55.198948][ T6044] vlan2: entered promiscuous mode [ 55.201046][ T6044] bridge0: entered promiscuous mode [ 55.203056][ T6044] vlan2: entered allmulticast mode [ 55.204652][ T6044] bridge0: entered allmulticast mode [ 55.215740][ T6044] gretap0: refused to change device tx_queue_len [ 55.218294][ T6044] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 55.299672][ T6048] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 55.316164][ T6051] fuse: Bad value for 'fd' [ 55.756031][ T5952] Bluetooth: hci3: command tx timeout [ 55.766158][ T5952] Bluetooth: hci2: command tx timeout [ 55.766574][ T5303] Bluetooth: hci1: command tx timeout [ 55.967610][ T6041] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 55.969678][ T6041] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 55.973734][ T6041] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 55.977283][ T6041] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 55.979279][ T6041] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 55.981664][ T6041] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 55.984371][ T6041] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 55.987071][ T6041] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 55.990793][ T6041] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 55.994607][ T6041] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 55.997450][ T6041] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 56.001941][ T6041] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 56.128775][ T6063] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14'. [ 56.133815][ T6063] netlink: 'syz.2.14': attribute type 30 has an invalid length. [ 56.137139][ T6063] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14'. [ 56.215656][ T6073] FAULT_INJECTION: forcing a failure. [ 56.215656][ T6073] name failslab, interval 1, probability 0, space 0, times 1 [ 56.220762][ T6073] CPU: 3 UID: 0 PID: 6073 Comm: syz.3.16 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 56.220778][ T6073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 56.220785][ T6073] Call Trace: [ 56.220789][ T6073] [ 56.220793][ T6073] dump_stack_lvl+0x16c/0x1f0 [ 56.220814][ T6073] should_fail_ex+0x512/0x640 [ 56.220828][ T6073] ? fs_reclaim_acquire+0xae/0x150 [ 56.220840][ T6073] ? tomoyo_encode2+0x100/0x3e0 [ 56.220856][ T6073] should_failslab+0xc2/0x120 [ 56.220872][ T6073] __kmalloc_noprof+0xd2/0x510 [ 56.220889][ T6073] tomoyo_encode2+0x100/0x3e0 [ 56.220906][ T6073] tomoyo_encode+0x29/0x50 [ 56.220921][ T6073] tomoyo_realpath_from_path+0x18f/0x6e0 [ 56.220937][ T6073] ? tomoyo_profile+0x47/0x60 [ 56.220956][ T6073] tomoyo_path_number_perm+0x245/0x580 [ 56.220968][ T6073] ? tomoyo_path_number_perm+0x237/0x580 [ 56.220982][ T6073] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 56.220996][ T6073] ? find_held_lock+0x2b/0x80 [ 56.221021][ T6073] ? find_held_lock+0x2b/0x80 [ 56.221033][ T6073] ? hook_file_ioctl_common+0x145/0x410 [ 56.221046][ T6073] ? __fget_files+0x20e/0x3c0 [ 56.221063][ T6073] security_file_ioctl+0x9b/0x240 [ 56.221079][ T6073] __x64_sys_ioctl+0xb7/0x210 [ 56.221092][ T6073] do_syscall_64+0xcd/0x4c0 [ 56.221110][ T6073] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.221121][ T6073] RIP: 0033:0x7f80a738e929 [ 56.221129][ T6073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.221139][ T6073] RSP: 002b:00007f80a81be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 56.221150][ T6073] RAX: ffffffffffffffda RBX: 00007f80a75b5fa0 RCX: 00007f80a738e929 [ 56.221156][ T6073] RDX: 0000200000000040 RSI: 00000000c008ae88 RDI: 0000000000000005 [ 56.221162][ T6073] RBP: 00007f80a81be090 R08: 0000000000000000 R09: 0000000000000000 [ 56.221168][ T6073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 56.221174][ T6073] R13: 0000000000000000 R14: 00007f80a75b5fa0 R15: 00007ffe2ffa2478 [ 56.221187][ T6073] [ 56.221196][ T6073] ERROR: Out of memory at tomoyo_realpath_from_path. [ 56.337029][ T6069] kvm: kvm [6060]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0xae00 [ 56.341051][ T6069] kvm: kvm [6060]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0xee00 [ 56.345112][ T6069] kvm: kvm [6060]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xae00 [ 56.347893][ T6008] e1000 0000:00:06.0 eth0: Reset adapter [ 56.348979][ T6069] kvm: kvm [6060]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xee00 [ 56.374642][ T6069] kvm: kvm [6060]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0xae00 [ 56.378594][ T6069] kvm: kvm [6060]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xee00 [ 56.397699][ T6069] kvm: kvm [6060]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0xfe0000ae00 [ 56.400806][ T6069] kvm: kvm [6060]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0xfe0000ee00 [ 56.404696][ T6069] kvm: kvm [6060]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0xfe0000ae00 [ 56.408713][ T6069] kvm: kvm [6060]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0xfe0000ee00 [ 56.444373][ T40] kauditd_printk_skb: 69 callbacks suppressed [ 56.444387][ T40] audit: type=1400 audit(1749928621.529:159): avc: denied { read write } for pid=6082 comm="syz.2.18" name="rdma_cm" dev="devtmpfs" ino=1295 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 56.460110][ T40] audit: type=1400 audit(1749928621.539:160): avc: denied { open } for pid=6082 comm="syz.2.18" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1295 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 56.477185][ T6008] e1000 0000:00:06.0 eth0: Reset adapter [ 56.485714][ T40] audit: type=1400 audit(1749928621.569:161): avc: denied { write } for pid=6084 comm="syz.3.20" name="vmci" dev="devtmpfs" ino=708 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 56.495926][ T40] audit: type=1400 audit(1749928621.579:162): avc: denied { ioctl } for pid=6084 comm="syz.3.20" path="/dev/vmci" dev="devtmpfs" ino=708 ioctlcmd=0x79f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 56.503221][ T40] audit: type=1400 audit(1749928621.589:163): avc: denied { create } for pid=6084 comm="syz.3.20" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 56.510345][ T40] audit: type=1400 audit(1749928621.589:164): avc: denied { write } for pid=6084 comm="syz.3.20" path="socket:[9517]" dev="sockfs" ino=9517 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 56.517278][ T40] audit: type=1400 audit(1749928621.589:165): avc: denied { read } for pid=6084 comm="syz.3.20" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 56.565098][ T6092] Bluetooth: MGMT ver 1.23 [ 56.567297][ T40] audit: type=1400 audit(1749928621.649:166): avc: denied { bind } for pid=6091 comm="syz.2.22" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 56.582245][ T40] audit: type=1400 audit(1749928621.649:167): avc: denied { write } for pid=6091 comm="syz.2.22" path="socket:[10416]" dev="sockfs" ino=10416 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 56.582274][ T40] audit: type=1400 audit(1749928621.659:168): avc: denied { add_name } for pid=6088 comm="syz.3.21" name="file4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 56.629155][ T5987] e1000 0000:00:06.0 eth0: Reset adapter [ 56.644791][ T6096] virtio-fs: tag not found [ 57.285929][ T5303] Bluetooth: hci0: command 0x040f tx timeout [ 57.918214][ T1155] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.996905][ T5303] Bluetooth: hci2: command 0x0419 tx timeout [ 57.997077][ T5952] Bluetooth: hci1: command 0x0419 tx timeout [ 58.057258][ T1155] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.133534][ T1155] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.214554][ T1155] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.319484][ T1155] bridge_slave_1: left allmulticast mode [ 58.321910][ T1155] bridge_slave_1: left promiscuous mode [ 58.324703][ T1155] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.332750][ T1155] bridge_slave_0: left allmulticast mode [ 58.335029][ T1155] bridge_slave_0: left promiscuous mode [ 58.337803][ T1155] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.584863][ T1155] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 58.589403][ T1155] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 58.592855][ T1155] bond0 (unregistering): Released all slaves [ 58.799956][ T5828] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 58.909429][ T1155] hsr_slave_0: left promiscuous mode [ 58.911825][ T1155] hsr_slave_1: left promiscuous mode [ 58.913920][ T1155] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 58.917270][ T1155] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 58.920300][ T1155] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 58.922665][ T1155] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 58.938102][ T1155] veth1_macvtap: left promiscuous mode [ 58.940007][ T1155] veth0_macvtap: left promiscuous mode [ 58.941809][ T1155] veth1_vlan: left promiscuous mode [ 58.943541][ T1155] veth0_vlan: left promiscuous mode [ 59.330224][ T1155] team0 (unregistering): Port device team_slave_1 removed [ 59.356190][ T5952] Bluetooth: hci0: command 0x040f tx timeout [ 59.376546][ T1155] team0 (unregistering): Port device team_slave_0 removed [ 60.076006][ T5952] Bluetooth: hci1: command 0x0419 tx timeout [ 60.076046][ T5303] Bluetooth: hci2: command 0x0419 tx timeout [ 61.446441][ T5303] Bluetooth: hci0: command 0x040f tx timeout [ 62.157018][ T5303] Bluetooth: hci2: command 0x0419 tx timeout [ 62.166737][ T5303] Bluetooth: hci1: command 0x0419 tx timeout [ 63.516102][ T5303] Bluetooth: hci0: command 0x040f tx timeout [ 64.235959][ T5303] Bluetooth: hci1: command 0x0419 tx timeout [ 64.236176][ T5952] Bluetooth: hci2: command 0x0419 tx timeout [ 65.595999][ T5952] Bluetooth: hci0: command 0x040f tx timeout [ 65.769554][ T40] kauditd_printk_skb: 16 callbacks suppressed [ 65.769565][ T40] audit: type=1400 audit(1749928630.859:185): avc: denied { name_bind } for pid=6205 comm="syz.2.26" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 65.789298][ T40] audit: type=1400 audit(1749928630.869:186): avc: denied { setopt } for pid=6208 comm="syz.0.24" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 65.809960][ T40] audit: type=1400 audit(1749928630.869:187): avc: denied { node_bind } for pid=6205 comm="syz.2.26" saddr=172.20.20.170 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 65.860561][ T5303] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 65.863493][ T5303] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 65.866355][ T5303] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 65.869152][ T5303] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 65.872088][ T5303] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 65.906606][ T6227] Bluetooth: MGMT ver 1.23 [ 65.909235][ T40] audit: type=1400 audit(1749928630.999:188): avc: denied { create } for pid=6226 comm="syz.0.31" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 65.915646][ T40] audit: type=1400 audit(1749928630.999:189): avc: denied { shutdown } for pid=6226 comm="syz.0.31" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 65.922564][ T40] audit: type=1400 audit(1749928630.999:190): avc: denied { ioctl } for pid=6226 comm="syz.0.31" path="socket:[10568]" dev="sockfs" ino=10568 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 65.932183][ T40] audit: type=1400 audit(1749928631.019:191): avc: denied { watch } for pid=6226 comm="syz.0.31" path="/6" dev="tmpfs" ino=44 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 66.020657][ T40] audit: type=1400 audit(1749928631.109:192): avc: denied { remove_name } for pid=6235 comm="syz.0.34" name="file4" dev="9p" ino=35913985 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 66.029428][ T40] audit: type=1400 audit(1749928631.109:193): avc: denied { rename } for pid=6235 comm="syz.0.34" name="file4" dev="9p" ino=35913985 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1 [ 66.030080][ T6219] chnl_net:caif_netlink_parms(): no params data found [ 66.061919][ T40] audit: type=1400 audit(1749928631.149:194): avc: denied { sys_module } for pid=6238 comm="syz.2.35" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 66.079557][ T6243] loop6: detected capacity change from 0 to 524287999 [ 66.189136][ T6219] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.193878][ T6219] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.197717][ T6219] bridge_slave_0: entered allmulticast mode [ 66.201260][ T6219] bridge_slave_0: entered promiscuous mode [ 66.204792][ T6219] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.207577][ T6219] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.209931][ T6219] bridge_slave_1: entered allmulticast mode [ 66.212940][ T6219] bridge_slave_1: entered promiscuous mode [ 66.309305][ T6219] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.314356][ T6219] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.388555][ T6255] capability: warning: `syz.2.39' uses deprecated v2 capabilities in a way that may be insecure [ 66.422201][ T6219] team0: Port device team_slave_0 added [ 66.427970][ T6255] capability: warning: `syz.2.39' uses 32-bit capabilities (legacy support in use) [ 66.461148][ T6219] team0: Port device team_slave_1 added [ 66.536574][ T6219] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.539217][ T6219] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.547613][ T6219] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.559568][ T6261] : entered promiscuous mode [ 66.563396][ T6219] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.568025][ T6219] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.578671][ T6219] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.601025][ T6264] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 66.601086][ T6265] CIFS mount error: No usable UNC path provided in device string! [ 66.601086][ T6265] [ 66.611604][ T6264] CIFS mount error: No usable UNC path provided in device string! [ 66.611604][ T6264] [ 66.616978][ T6265] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 66.619973][ T6264] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 66.687000][ T6219] hsr_slave_0: entered promiscuous mode [ 66.690013][ T6219] hsr_slave_1: entered promiscuous mode [ 66.691865][ T6269] netlink: 276 bytes leftover after parsing attributes in process `syz.2.43'. [ 66.692547][ T6219] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 66.699194][ T6219] Cannot create hsr debugfs directory [ 66.774770][ T1145] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.844125][ T1145] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.939197][ T1145] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.953407][ T5303] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 66.956801][ T5303] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 66.959413][ T5303] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 66.962408][ T5303] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 66.965486][ T5303] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 67.046491][ T1145] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.186929][ T6304] Bluetooth: MGMT ver 1.23 [ 67.317110][ T6318] fuse: Bad value for 'fd' [ 67.354156][ T6281] chnl_net:caif_netlink_parms(): no params data found [ 67.358954][ T1145] bridge_slave_1: left allmulticast mode [ 67.360757][ T1145] bridge_slave_1: left promiscuous mode [ 67.362593][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.368991][ T1145] bridge_slave_0: left allmulticast mode [ 67.370973][ T1145] bridge_slave_0: left promiscuous mode [ 67.372820][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.576156][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 67.580705][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 67.585320][ T1145] bond0 (unregistering): Released all slaves [ 67.668001][ T6281] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.670377][ T6281] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.672557][ T6281] bridge_slave_0: entered allmulticast mode [ 67.675198][ T6281] bridge_slave_0: entered promiscuous mode [ 67.685167][ T6281] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.687524][ T6281] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.689796][ T6281] bridge_slave_1: entered allmulticast mode [ 67.692957][ T6281] bridge_slave_1: entered promiscuous mode [ 67.744999][ T6281] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.751506][ T6281] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.786659][ T6281] team0: Port device team_slave_0 added [ 67.798971][ T6281] team0: Port device team_slave_1 added [ 67.850599][ T6281] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.852766][ T6281] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.864051][ T6281] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.870184][ T6281] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.873099][ T6281] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.883700][ T6281] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.928493][ T5952] Bluetooth: hci3: command tx timeout [ 67.960957][ T1145] hsr_slave_0: left promiscuous mode [ 67.967309][ T1145] hsr_slave_1: left promiscuous mode [ 67.969573][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 67.971945][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 67.975167][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 67.979243][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 68.010512][ T1145] veth1_macvtap: left promiscuous mode [ 68.013005][ T1145] veth0_macvtap: left promiscuous mode [ 68.015369][ T1145] veth1_vlan: left promiscuous mode [ 68.019657][ T1145] veth0_vlan: left promiscuous mode [ 68.642972][ T1145] team0 (unregistering): Port device team_slave_1 removed [ 68.704975][ T1145] team0 (unregistering): Port device team_slave_0 removed [ 69.035917][ T5952] Bluetooth: hci0: command tx timeout [ 69.146332][ T6281] hsr_slave_0: entered promiscuous mode [ 69.148938][ T6281] hsr_slave_1: entered promiscuous mode [ 69.151446][ T6281] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 69.154515][ T6281] Cannot create hsr debugfs directory [ 69.389996][ T6389] Cannot find set identified by id 0 to match [ 69.519549][ T6219] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 69.523535][ T6219] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 69.534989][ T6219] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 69.540186][ T6219] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 69.585021][ T6281] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 69.591791][ T6281] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 69.600767][ T6281] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 69.607614][ T6281] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 69.609247][ T6416] Zero length message leads to an empty skb [ 69.639608][ T6404] block device autoloading is deprecated and will be removed. [ 69.665471][ T6219] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.678045][ T6219] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.678375][ T6398] md2: using deprecated bitmap file support [ 69.682703][ T6398] md2: error: bitmap file is already in use [ 69.684412][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.686964][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.690285][ T5952] Bluetooth: hci2: Dropping invalid advertising data [ 69.692582][ T5952] Bluetooth: hci2: Malformed LE Event: 0x02 [ 69.697301][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.699704][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.734311][ T6281] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.753325][ T6281] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.759994][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.762212][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.776771][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.779067][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.884064][ T6219] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 69.909656][ T6219] veth0_vlan: entered promiscuous mode [ 69.916399][ T6219] veth1_vlan: entered promiscuous mode [ 69.932574][ T6281] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 69.952502][ T6219] veth0_macvtap: entered promiscuous mode [ 69.956620][ T6219] veth1_macvtap: entered promiscuous mode [ 69.965066][ T6219] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 69.969516][ T6219] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 69.973060][ T6219] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.981556][ T6219] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.984222][ T6219] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.988264][ T6219] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.995904][ T5952] Bluetooth: hci3: command tx timeout [ 70.059888][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.062848][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.091367][ T94] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.093817][ T94] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.142690][ T6281] veth0_vlan: entered promiscuous mode [ 70.154413][ T6281] veth1_vlan: entered promiscuous mode [ 70.179626][ T6281] veth0_macvtap: entered promiscuous mode [ 70.185514][ T6281] veth1_macvtap: entered promiscuous mode [ 70.201581][ T6281] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.212315][ T6281] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.219582][ T6281] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.223521][ T6281] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.228646][ T6281] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.231588][ T6281] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.276359][ T6009] usb 6-1: new low-speed USB device number 2 using dummy_hcd [ 70.279839][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.282872][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.298947][ T1155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.301865][ T1155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.376231][ T5987] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 70.439692][ T6009] usb 6-1: No LPM exit latency info found, disabling LPM. [ 70.447688][ T6009] usb 6-1: config 4 has an invalid interface number: 132 but max is 2 [ 70.450406][ T6009] usb 6-1: config 4 has an invalid interface number: 142 but max is 2 [ 70.453062][ T6009] usb 6-1: config 4 contains an unexpected descriptor of type 0x1, skipping [ 70.457114][ T6009] usb 6-1: config 4 has an invalid interface number: 120 but max is 2 [ 70.459835][ T6009] usb 6-1: config 4 has no interface number 0 [ 70.461968][ T6009] usb 6-1: config 4 has no interface number 1 [ 70.463961][ T6009] usb 6-1: config 4 has no interface number 2 [ 70.466158][ T6009] usb 6-1: config 4 interface 132 altsetting 195 has an endpoint descriptor with address 0x67, changing to 0x7 [ 70.470230][ T6009] usb 6-1: config 4 interface 132 altsetting 195 endpoint 0x7 has invalid maxpacket 1024, setting to 8 [ 70.473745][ T6009] usb 6-1: config 4 interface 132 altsetting 195 endpoint 0x8 has invalid maxpacket 1024, setting to 8 [ 70.477900][ T6009] usb 6-1: config 4 interface 132 altsetting 195 endpoint 0x3 has invalid maxpacket 1024, setting to 8 [ 70.481435][ T6009] usb 6-1: config 4 interface 132 altsetting 195 endpoint 0x9 has an invalid bInterval 19, changing to 4 [ 70.484942][ T6009] usb 6-1: config 4 interface 132 altsetting 195 endpoint 0x9 has invalid maxpacket 512, setting to 0 [ 70.488638][ T6009] usb 6-1: config 4 interface 132 altsetting 195 has a duplicate endpoint with address 0x9, skipping [ 70.492020][ T6009] usb 6-1: config 4 interface 132 altsetting 195 endpoint 0x6 is Bulk; changing to Interrupt [ 70.495253][ T6009] usb 6-1: config 4 interface 132 altsetting 195 has a duplicate endpoint with address 0x3, skipping [ 70.499010][ T6009] usb 6-1: config 4 interface 132 altsetting 195 endpoint 0xA has invalid maxpacket 64, setting to 8 [ 70.502344][ T6009] usb 6-1: config 4 interface 132 altsetting 195 endpoint 0x4 has invalid maxpacket 1024, setting to 8 [ 70.505932][ T6009] usb 6-1: config 4 interface 132 altsetting 195 has an invalid descriptor for endpoint zero, skipping [ 70.509374][ T6009] usb 6-1: config 4 interface 132 altsetting 195 has a duplicate endpoint with address 0x7, skipping [ 70.512646][ T6009] usb 6-1: config 4 interface 132 altsetting 195 has an endpoint descriptor with address 0xF5, changing to 0x85 [ 70.517748][ T6009] usb 6-1: config 4 interface 132 altsetting 195 endpoint 0x85 has invalid maxpacket 512, setting to 8 [ 70.521236][ T6009] usb 6-1: config 4 interface 132 altsetting 195 endpoint 0xF has invalid maxpacket 512, setting to 8 [ 70.524733][ T6009] usb 6-1: config 4 interface 132 altsetting 195 endpoint 0x8D has invalid maxpacket 1024, setting to 8 [ 70.528173][ T6009] usb 6-1: config 4 interface 142 altsetting 128 has a duplicate endpoint with address 0xD, skipping [ 70.531464][ T6009] usb 6-1: config 4 interface 142 altsetting 128 has a duplicate endpoint with address 0x5, skipping [ 70.534807][ T6009] usb 6-1: config 4 interface 142 altsetting 128 endpoint 0xC has invalid maxpacket 512, setting to 8 [ 70.536954][ T5987] usb 8-1: Using ep0 maxpacket: 8 [ 70.538590][ T6009] usb 6-1: config 4 interface 142 altsetting 128 has a duplicate endpoint with address 0xC, skipping [ 70.538612][ T6009] usb 6-1: config 4 interface 142 altsetting 128 endpoint 0xE has invalid maxpacket 1023, setting to 8 [ 70.538632][ T6009] usb 6-1: config 4 interface 142 altsetting 128 has a duplicate endpoint with address 0xF, skipping [ 70.538649][ T6009] usb 6-1: config 4 interface 142 altsetting 128 endpoint 0x2 has invalid maxpacket 32, setting to 0 [ 70.538668][ T6009] usb 6-1: config 4 interface 142 altsetting 128 has an invalid descriptor for endpoint zero, skipping [ 70.538684][ T6009] usb 6-1: config 4 interface 142 altsetting 128 has a duplicate endpoint with address 0xD, skipping [ 70.538700][ T6009] usb 6-1: config 4 interface 142 altsetting 128 has 9 endpoint descriptors, different from the interface descriptor's value: 8 [ 70.538730][ T6009] usb 6-1: config 4 interface 120 altsetting 2 has a duplicate endpoint with address 0xF, skipping [ 70.538747][ T6009] usb 6-1: config 4 interface 120 altsetting 2 has a duplicate endpoint with address 0x5, skipping [ 70.538761][ T6009] usb 6-1: config 4 interface 120 altsetting 2 has a duplicate endpoint with address 0x3, skipping [ 70.538777][ T6009] usb 6-1: config 4 interface 120 altsetting 2 has a duplicate endpoint with address 0xA, skipping [ 70.538794][ T6009] usb 6-1: config 4 interface 120 altsetting 2 has a duplicate endpoint with address 0x4, skipping [ 70.538811][ T6009] usb 6-1: config 4 interface 120 altsetting 2 has a duplicate endpoint with address 0x9, skipping [ 70.538828][ T6009] usb 6-1: config 4 interface 120 altsetting 2 has a duplicate endpoint with address 0xD, skipping [ 70.538843][ T6009] usb 6-1: config 4 interface 120 altsetting 2 has a duplicate endpoint with address 0x3, skipping [ 70.538854][ T6009] usb 6-1: config 4 interface 120 altsetting 2 endpoint 0x1 has invalid maxpacket 1023, setting to 8 [ 70.538867][ T6009] usb 6-1: config 4 interface 120 altsetting 2 has a duplicate endpoint with address 0xD, skipping [ 70.538878][ T6009] usb 6-1: config 4 interface 132 has no altsetting 0 [ 70.538887][ T6009] usb 6-1: config 4 interface 142 has no altsetting 0 [ 70.538896][ T6009] usb 6-1: config 4 interface 120 has no altsetting 0 [ 70.541931][ T6009] usb 6-1: language id specifier not provided by device, defaulting to English [ 70.557792][ T5987] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 70.567015][ T6009] usb 6-1: New USB device found, idVendor=2c7c, idProduct=0800, bcdDevice=ab.b2 [ 70.575624][ T5987] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 70.588606][ T6009] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 70.593621][ T5987] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 70.596030][ T6009] usb 6-1: Product: Ⰷ [ 70.603341][ T5987] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 70.604318][ T6009] usb 6-1: Manufacturer: ࠉ [ 70.611179][ T5987] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 70.612223][ T6009] usb 6-1: SerialNumber: 倊 [ 70.615053][ T5987] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 70.615078][ T5987] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.631033][ T6463] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 70.671526][ T6463] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 70.780852][ T6512] vlan2: entered promiscuous mode [ 70.783111][ T6512] bridge0: entered promiscuous mode [ 70.784895][ T6512] vlan2: entered allmulticast mode [ 70.786823][ T6512] bridge0: entered allmulticast mode [ 70.794499][ T6512] gretap0: refused to change device tx_queue_len [ 70.797161][ T6512] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 70.841637][ T5987] usb 8-1: GET_CAPABILITIES returned 0 [ 70.843581][ T5987] usbtmc 8-1:16.0: can't read capabilities [ 70.939755][ T40] kauditd_printk_skb: 49 callbacks suppressed [ 70.939766][ T40] audit: type=1400 audit(1749928636.029:244): avc: denied { mounton } for pid=6462 comm="syz.1.81" path="/21/file0" dev="9p" ino=35913879 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 70.939773][ T6518] fuse: Bad value for 'max_read' [ 70.958234][ T40] audit: type=1400 audit(1749928636.049:245): avc: denied { create } for pid=6462 comm="syz.1.81" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 71.046722][ T40] audit: type=1400 audit(1749928636.139:246): avc: denied { sqpoll } for pid=6475 comm="syz.3.27" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 71.052595][ T6476] usb 8-1: usbtmc_ioctl_clear_in_halt returned -32 [ 71.130824][ T5952] Bluetooth: hci0: command tx timeout [ 71.134074][ T1424] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.138534][ T1424] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.550256][ T6508] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 71.552631][ T6508] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 71.554897][ T6508] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 71.558680][ T6508] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 71.562468][ T6508] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 71.568202][ T6508] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 71.570924][ T6508] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 71.574069][ T6508] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 71.619315][ T5998] usb 8-1: USB disconnect, device number 2 [ 71.720813][ T40] audit: type=1400 audit(1749928636.809:247): avc: denied { create } for pid=6549 comm="syz.3.89" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 71.723228][ T6550] netlink: 8 bytes leftover after parsing attributes in process `syz.3.89'. [ 71.730445][ T40] audit: type=1400 audit(1749928636.809:248): avc: denied { bind } for pid=6549 comm="syz.3.89" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 71.743330][ T6550] team0: No ports can be present during mode change [ 71.747178][ T6553] netlink: 8 bytes leftover after parsing attributes in process `syz.3.89'. [ 71.768766][ T6548] loop6: detected capacity change from 0 to 63 [ 71.773804][ T6548] Buffer I/O error on dev loop6, logical block 0, async page read [ 71.775885][ T40] audit: type=1400 audit(1749928636.859:249): avc: denied { map } for pid=6546 comm="syz.4.88" path="/dev/loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 71.778680][ T6548] Buffer I/O error on dev loop6, logical block 1, async page read [ 71.789632][ T6548] Buffer I/O error on dev loop6, logical block 2, async page read [ 71.792482][ T6548] Buffer I/O error on dev loop6, logical block 3, async page read [ 71.797207][ T6548] Buffer I/O error on dev loop6, logical block 0, async page read [ 71.800250][ T6548] Buffer I/O error on dev loop6, logical block 1, async page read [ 71.802894][ T6548] Buffer I/O error on dev loop6, logical block 2, async page read [ 71.805431][ T6548] Buffer I/O error on dev loop6, logical block 3, async page read [ 71.805920][ T40] audit: type=1400 audit(1749928636.859:250): avc: denied { execute } for pid=6546 comm="syz.4.88" path="/dev/loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 71.810519][ T6546] Buffer I/O error on dev loop6, logical block 0, async page read [ 71.821608][ T6546] Buffer I/O error on dev loop6, logical block 1, async page read [ 71.872821][ T40] audit: type=1400 audit(1749928636.959:251): avc: denied { write } for pid=6561 comm="syz.3.91" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 71.879379][ T40] audit: type=1400 audit(1749928636.959:252): avc: denied { read } for pid=6561 comm="syz.3.91" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 71.936208][ T40] audit: type=1400 audit(1749928637.019:253): avc: denied { read write } for pid=6561 comm="syz.3.91" name="sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 71.938774][ T6563] ata1.00: invalid multi_count 1 ignored [ 71.944593][ T6009] option 6-1:4.132: GSM modem (1-port) converter detected [ 71.966878][ T6009] usb 6-1: USB disconnect, device number 2 [ 71.979446][ T6009] option 6-1:4.132: device disconnected [ 71.987180][ T6568] netlink: 276 bytes leftover after parsing attributes in process `syz.4.92'. [ 72.206922][ T6585] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 72.264796][ T6592] `: renamed from vcan0 (while UP) [ 72.605732][ T6604] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 72.806091][ T5952] Bluetooth: hci1: command 0x0419 tx timeout [ 72.986485][ T6618] openvswitch: netlink: Missing key (keys=40, expected=80) [ 73.052615][ T6622] netlink: 16 bytes leftover after parsing attributes in process `syz.1.102'. [ 73.071545][ T6625] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 73.074578][ T6625] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 73.175160][ T6633] binder: 6632:6633 ioctl c0306201 200000000540 returned -22 [ 73.201232][ T6638] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 73.233428][ T6640] binder: 6632:6640 ioctl c0306201 200000000640 returned -22 [ 73.275248][ T6644] 9pnet_fd: Insufficient options for proto=fd [ 73.475930][ T6198] usb 8-1: new low-speed USB device number 3 using dummy_hcd [ 73.566014][ T52] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 73.596014][ T5952] Bluetooth: hci0: command 0x0419 tx timeout [ 73.596056][ T5303] Bluetooth: hci3: command 0x0419 tx timeout [ 73.596171][ T5946] Bluetooth: hci2: command 0x0419 tx timeout [ 73.637758][ T6198] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 73.641047][ T6198] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 73.645590][ T6198] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 73.650821][ T6198] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 73.655538][ T6198] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 73.661617][ T6198] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 73.664867][ T6198] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 73.669528][ T6198] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 73.674972][ T6198] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 73.680054][ T6198] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 73.685888][ T6198] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 73.689021][ T6198] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 73.693347][ T6198] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 73.698320][ T6198] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 73.702819][ T6198] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 73.710197][ T6198] usb 8-1: string descriptor 0 read error: -22 [ 73.712846][ T6198] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 73.715877][ T52] usb 7-1: Using ep0 maxpacket: 8 [ 73.716642][ T6198] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.720363][ T52] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 73.726084][ T52] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 73.730145][ T52] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 73.734262][ T52] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 73.738048][ T6198] adutux 8-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 73.740377][ T52] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 73.746842][ T52] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.961037][ T52] usb 7-1: GET_CAPABILITIES returned 0 [ 73.963028][ T52] usbtmc 7-1:16.0: can't read capabilities [ 74.075126][ T6650] syz.1.112: attempt to access beyond end of device [ 74.075126][ T6650] nbd1: rw=0, sector=6, nr_sectors = 2 limit=0 [ 74.079434][ T6650] ADFS-fs (nbd1): error: unable to read block 3, try 0 [ 74.088052][ T6650] netlink: 248 bytes leftover after parsing attributes in process `syz.1.112'. [ 74.123398][ T6654] macvlan2: entered promiscuous mode [ 74.125678][ T6654] macvlan2: entered allmulticast mode [ 74.214186][ T6659] Cannot find add_set index 0 as target [ 74.231213][ T6656] 9pnet_fd: Insufficient options for proto=fd [ 74.276783][ T6663] FAULT_INJECTION: forcing a failure. [ 74.276783][ T6663] name failslab, interval 1, probability 0, space 0, times 0 [ 74.280849][ T6663] CPU: 3 UID: 0 PID: 6663 Comm: syz.1.115 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 74.280865][ T6663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.280871][ T6663] Call Trace: [ 74.280876][ T6663] [ 74.280880][ T6663] dump_stack_lvl+0x16c/0x1f0 [ 74.280901][ T6663] should_fail_ex+0x512/0x640 [ 74.280916][ T6663] ? fs_reclaim_acquire+0xae/0x150 [ 74.280928][ T6663] should_failslab+0xc2/0x120 [ 74.280944][ T6663] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 74.280959][ T6663] ? p9_tag_alloc+0x9c/0x640 [ 74.280978][ T6663] p9_tag_alloc+0x9c/0x640 [ 74.280995][ T6663] ? __pfx_p9_tag_alloc+0x10/0x10 [ 74.281010][ T6663] ? stack_depot_save_flags+0x3e0/0xa40 [ 74.281031][ T6663] p9_client_prepare_req+0x19b/0x4d0 [ 74.281048][ T6663] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 74.281064][ T6663] ? __x64_sys_openat+0x174/0x210 [ 74.281078][ T6663] ? __lock_acquire+0xb8a/0x1c90 [ 74.281097][ T6663] p9_client_rpc+0x1c4/0xc50 [ 74.281114][ T6663] ? node_tag_clear+0x105/0x290 [ 74.281127][ T6663] ? __pfx_p9_client_rpc+0x10/0x10 [ 74.281145][ T6663] ? idr_alloc_u32+0x20f/0x2f0 [ 74.281163][ T6663] ? idr_preload_end+0xc2/0x230 [ 74.281179][ T6663] ? rcu_is_watching+0x12/0xc0 [ 74.281195][ T6663] p9_client_walk+0x1ab/0x530 [ 74.281206][ T6663] ? v9fs_fid_lookup+0xb1e/0xeb0 [ 74.281216][ T6663] ? __pfx_p9_client_walk+0x10/0x10 [ 74.281227][ T6663] ? do_raw_spin_unlock+0x172/0x230 [ 74.281239][ T6663] ? v9fs_fid_lookup+0xe9/0xeb0 [ 74.281251][ T6663] v9fs_vfs_lookup+0x206/0x5b0 [ 74.281266][ T6663] ? __pfx_v9fs_vfs_lookup+0x10/0x10 [ 74.281279][ T6663] ? selinux_determine_inode_label+0x2b8/0x400 [ 74.281297][ T6663] ? may_create+0x286/0x440 [ 74.281313][ T6663] v9fs_vfs_atomic_open+0x4cc/0x920 [ 74.281329][ T6663] ? __pfx_v9fs_vfs_atomic_open+0x10/0x10 [ 74.281343][ T6663] ? security_inode_permission+0xbf/0x260 [ 74.281360][ T6663] ? __pfx_v9fs_vfs_atomic_open+0x10/0x10 [ 74.281374][ T6663] lookup_open.isra.0+0x83d/0x1580 [ 74.281394][ T6663] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 74.281414][ T6663] ? __pfx_down_write+0x10/0x10 [ 74.281423][ T6663] ? mnt_get_write_access+0x20c/0x300 [ 74.281437][ T6663] path_openat+0x893/0x2cb0 [ 74.281456][ T6663] ? __pfx_path_openat+0x10/0x10 [ 74.281471][ T6663] ? __lock_acquire+0xb8a/0x1c90 [ 74.281489][ T6663] do_filp_open+0x20b/0x470 [ 74.281504][ T6663] ? __pfx_do_filp_open+0x10/0x10 [ 74.281528][ T6663] ? alloc_fd+0x471/0x7d0 [ 74.281546][ T6663] do_sys_openat2+0x11b/0x1d0 [ 74.281556][ T6663] ? __pfx_do_sys_openat2+0x10/0x10 [ 74.281567][ T6663] ? __fget_files+0x20e/0x3c0 [ 74.281584][ T6663] __x64_sys_openat+0x174/0x210 [ 74.281594][ T6663] ? __pfx___x64_sys_openat+0x10/0x10 [ 74.281604][ T6663] ? ksys_write+0x1ac/0x250 [ 74.281622][ T6663] do_syscall_64+0xcd/0x4c0 [ 74.281640][ T6663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.281651][ T6663] RIP: 0033:0x7fecd7f8e929 [ 74.281659][ T6663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.281669][ T6663] RSP: 002b:00007fecd8e82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 74.281679][ T6663] RAX: ffffffffffffffda RBX: 00007fecd81b5fa0 RCX: 00007fecd7f8e929 [ 74.281686][ T6663] RDX: 000000000000275a RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 74.281692][ T6663] RBP: 00007fecd8e82090 R08: 0000000000000000 R09: 0000000000000000 [ 74.281698][ T6663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 74.281704][ T6663] R13: 0000000000000000 R14: 00007fecd81b5fa0 R15: 00007ffe3bc888c8 [ 74.281717][ T6663] [ 74.700842][ T840] IPVS: starting estimator thread 0... [ 74.794151][ T6672] xt_hashlimit: size too large, truncated to 1048576 [ 74.796005][ T6668] IPVS: using max 42 ests per chain, 100800 per kthread [ 74.983114][ T6678] geneve3: entered promiscuous mode [ 74.984905][ T6678] geneve3: entered allmulticast mode [ 75.290100][ T6688] 9pnet_rdma: rdma_create_trans (6688): problem binding to privport: 13 [ 75.481710][ T6705] Cannot find add_set index 0 as target [ 75.538421][ T6707] FAULT_INJECTION: forcing a failure. [ 75.538421][ T6707] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 75.544280][ T6707] CPU: 2 UID: 0 PID: 6707 Comm: syz.4.131 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 75.544306][ T6707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.544316][ T6707] Call Trace: [ 75.544323][ T6707] [ 75.544331][ T6707] dump_stack_lvl+0x16c/0x1f0 [ 75.544361][ T6707] should_fail_ex+0x512/0x640 [ 75.544389][ T6707] _copy_from_user+0x2e/0xd0 [ 75.544415][ T6707] ? __pfx_do_get_msr+0x10/0x10 [ 75.544441][ T6707] memdup_user+0x6b/0xe0 [ 75.544467][ T6707] msr_io+0xea/0x2a0 [ 75.544488][ T6707] ? __pfx_msr_io+0x10/0x10 [ 75.544504][ T6707] ? arch_stack_walk+0xa6/0x100 [ 75.544525][ T6707] kvm_arch_vcpu_ioctl+0x7fb/0x5120 [ 75.544542][ T6707] ? kvm_arch_vcpu_ioctl+0x7d2/0x5120 [ 75.544561][ T6707] ? stack_trace_save+0x8e/0xc0 [ 75.544587][ T6707] ? stack_depot_save_flags+0x28/0xa40 [ 75.544610][ T6707] ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10 [ 75.544627][ T6707] ? __lock_acquire+0xb8a/0x1c90 [ 75.544657][ T6707] ? kasan_save_stack+0x42/0x60 [ 75.544678][ T6707] ? kasan_save_stack+0x33/0x60 [ 75.544699][ T6707] ? kasan_save_track+0x14/0x30 [ 75.544719][ T6707] ? kasan_save_free_info+0x3b/0x60 [ 75.544736][ T6707] ? __kasan_slab_free+0x51/0x70 [ 75.544757][ T6707] ? kfree+0x2b4/0x4d0 [ 75.544773][ T6707] ? tomoyo_path_number_perm+0x470/0x580 [ 75.544794][ T6707] ? security_file_ioctl+0x9b/0x240 [ 75.544815][ T6707] ? __x64_sys_ioctl+0xb7/0x210 [ 75.544833][ T6707] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.544854][ T6707] ? __lock_acquire+0xb8a/0x1c90 [ 75.544889][ T6707] ? __mutex_trylock_common+0xe9/0x250 [ 75.544916][ T6707] ? __pfx___mutex_trylock_common+0x10/0x10 [ 75.544945][ T6707] ? __pfx___might_resched+0x10/0x10 [ 75.544966][ T6707] ? rcu_is_watching+0x12/0xc0 [ 75.544986][ T6707] ? trace_contention_end+0xdd/0x130 [ 75.545013][ T6707] ? __mutex_lock+0x1ca/0xb90 [ 75.545039][ T6707] ? kvm_vcpu_ioctl+0x280/0x1690 [ 75.545060][ T6707] ? __pfx___mutex_lock+0x10/0x10 [ 75.545106][ T6707] ? tomoyo_path_number_perm+0x18d/0x580 [ 75.545129][ T6707] ? kvm_vcpu_ioctl+0x1236/0x1690 [ 75.545163][ T6707] kvm_vcpu_ioctl+0x1236/0x1690 [ 75.545186][ T6707] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 75.545213][ T6707] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 75.545242][ T6707] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 75.545276][ T6707] ? hook_file_ioctl_common+0x145/0x410 [ 75.545302][ T6707] ? selinux_file_ioctl+0x180/0x270 [ 75.545324][ T6707] ? selinux_file_ioctl+0xb4/0x270 [ 75.545349][ T6707] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 75.545371][ T6707] __x64_sys_ioctl+0x18e/0x210 [ 75.545394][ T6707] do_syscall_64+0xcd/0x4c0 [ 75.545422][ T6707] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.545440][ T6707] RIP: 0033:0x7f251f78e929 [ 75.545454][ T6707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.545471][ T6707] RSP: 002b:00007f2520675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 75.545488][ T6707] RAX: ffffffffffffffda RBX: 00007f251f9b5fa0 RCX: 00007f251f78e929 [ 75.545498][ T6707] RDX: 0000200000000040 RSI: 00000000c008ae88 RDI: 0000000000000005 [ 75.545508][ T6707] RBP: 00007f2520675090 R08: 0000000000000000 R09: 0000000000000000 [ 75.545518][ T6707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 75.545527][ T6707] R13: 0000000000000000 R14: 00007f251f9b5fa0 R15: 00007ffcc4e53888 [ 75.545547][ T6707] [ 75.680489][ T5303] Bluetooth: hci0: command 0x0419 tx timeout [ 75.680576][ T5952] Bluetooth: hci3: command 0x0419 tx timeout [ 75.774555][ T6711] FAULT_INJECTION: forcing a failure. [ 75.774555][ T6711] name failslab, interval 1, probability 0, space 0, times 0 [ 75.778723][ T6711] CPU: 1 UID: 0 PID: 6711 Comm: syz.1.133 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 75.778739][ T6711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.778745][ T6711] Call Trace: [ 75.778749][ T6711] [ 75.778754][ T6711] dump_stack_lvl+0x16c/0x1f0 [ 75.778774][ T6711] should_fail_ex+0x512/0x640 [ 75.778788][ T6711] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 75.778803][ T6711] should_failslab+0xc2/0x120 [ 75.778819][ T6711] __kmalloc_cache_noprof+0x6a/0x3e0 [ 75.778831][ T6711] ? io_sq_offload_create+0x4d5/0x1330 [ 75.778849][ T6711] io_sq_offload_create+0x4d5/0x1330 [ 75.778866][ T6711] ? __pfx_io_sq_offload_create+0x10/0x10 [ 75.778882][ T6711] ? bpf_lsm_capable+0x9/0x10 [ 75.778893][ T6711] ? security_capable+0x7e/0x260 [ 75.778907][ T6711] io_uring_setup+0x1514/0x2120 [ 75.778922][ T6711] ? __pfx_io_uring_setup+0x10/0x10 [ 75.778959][ T6711] ? ksys_write+0x1ac/0x250 [ 75.778973][ T6711] ? __pfx_ksys_write+0x10/0x10 [ 75.778989][ T6711] __x64_sys_io_uring_setup+0xc2/0x170 [ 75.779002][ T6711] do_syscall_64+0xcd/0x4c0 [ 75.779020][ T6711] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.779032][ T6711] RIP: 0033:0x7fecd7f8e929 [ 75.779040][ T6711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.779051][ T6711] RSP: 002b:00007fecd8e82038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 75.779061][ T6711] RAX: ffffffffffffffda RBX: 00007fecd81b5fa0 RCX: 00007fecd7f8e929 [ 75.779067][ T6711] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000004d25 [ 75.779073][ T6711] RBP: 00007fecd8e82090 R08: 0000000000000000 R09: 0000000000000000 [ 75.779079][ T6711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 75.779085][ T6711] R13: 0000000000000000 R14: 00007fecd81b5fa0 R15: 00007ffe3bc888c8 [ 75.779098][ T6711] [ 75.902602][ T6719] netlink: 'syz.1.137': attribute type 3 has an invalid length. [ 75.992914][ T40] kauditd_printk_skb: 36 callbacks suppressed [ 75.992930][ T40] audit: type=1400 audit(1749928641.079:289): avc: denied { map } for pid=6724 comm="syz.4.140" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 76.012288][ T6725] syz.4.140 uses obsolete (PF_INET,SOCK_PACKET) [ 76.024537][ T40] audit: type=1400 audit(1749928641.109:290): avc: denied { unlink } for pid=6724 comm="syz.4.140" name="#1" dev="tmpfs" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 76.034787][ T40] audit: type=1400 audit(1749928641.119:291): avc: denied { mount } for pid=6724 comm="syz.4.140" name="/" dev="overlay" ino=107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 76.050269][ T6725] evm: overlay not supported [ 76.054089][ T40] audit: type=1400 audit(1749928641.139:292): avc: denied { mount } for pid=6726 comm="syz.1.141" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 76.063286][ T40] audit: type=1400 audit(1749928641.139:293): avc: denied { execute } for pid=6724 comm="syz.4.140" path="/17/bus/cpu.stat" dev="overlay" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 76.081059][ T840] usb 8-1: USB disconnect, device number 3 [ 76.094956][ T6198] usb 7-1: USB disconnect, device number 2 [ 76.122524][ T40] audit: type=1400 audit(1749928641.209:294): avc: denied { unmount } for pid=5937 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 76.313733][ T6733] IPv6: NLM_F_REPLACE set, but no existing node found! [ 76.435342][ T40] audit: type=1400 audit(1749928641.519:295): avc: denied { mount } for pid=6736 comm="syz.3.146" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 76.450254][ T6097] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 76.455017][ T94] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.550573][ T94] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.581116][ T40] audit: type=1400 audit(1749928641.669:296): avc: denied { unmount } for pid=6219 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 76.605933][ T6097] usb 6-1: Using ep0 maxpacket: 32 [ 76.610031][ T6097] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 76.611726][ T94] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.617974][ T6097] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 76.622255][ T6097] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 76.626038][ T6097] usb 6-1: Product: syz [ 76.628420][ T6097] usb 6-1: Manufacturer: syz [ 76.634126][ T6097] usb 6-1: SerialNumber: syz [ 76.641532][ T6097] usb 6-1: config 0 descriptor?? [ 76.644720][ T6731] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 76.703755][ T94] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.827330][ T40] audit: type=1400 audit(1749928641.919:297): avc: denied { getopt } for pid=6751 comm="syz.3.159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 76.840794][ T40] audit: type=1400 audit(1749928641.929:298): avc: denied { ioctl } for pid=6751 comm="syz.3.159" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0x7459 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 76.876290][ T94] bridge_slave_1: left allmulticast mode [ 76.878843][ T94] bridge_slave_1: left promiscuous mode [ 76.882149][ T94] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.898547][ T94] bridge_slave_0: left allmulticast mode [ 76.901024][ T94] bridge_slave_0: left promiscuous mode [ 76.903726][ T94] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.910729][ T5828] usb 6-1: USB disconnect, device number 3 [ 76.937605][ T5303] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 76.943318][ T5303] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 76.946531][ T5303] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 76.950594][ T5303] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 76.953779][ T5303] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.177868][ T94] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 77.182143][ T94] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 77.186187][ T94] bond0 (unregistering): Released all slaves [ 77.377040][ T6755] chnl_net:caif_netlink_parms(): no params data found [ 77.500466][ T94] hsr_slave_0: left promiscuous mode [ 77.502938][ T94] hsr_slave_1: left promiscuous mode [ 77.504900][ T94] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 77.507762][ T94] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 77.510502][ T94] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 77.513116][ T94] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 77.531635][ T94] veth1_macvtap: left promiscuous mode [ 77.533533][ T94] veth0_macvtap: left promiscuous mode [ 77.535651][ T94] veth1_vlan: left promiscuous mode [ 77.539052][ T94] veth0_vlan: left promiscuous mode [ 77.765965][ T5952] Bluetooth: hci3: command 0x0419 tx timeout [ 77.888683][ T10] usb 6-1: new low-speed USB device number 4 using dummy_hcd [ 78.057385][ T10] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 78.059806][ T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 78.063428][ T10] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 78.067344][ T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 78.070820][ T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 78.078183][ T10] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 78.080499][ T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 78.086054][ T10] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 78.089611][ T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 78.093049][ T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 78.097495][ T10] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 78.099927][ T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 78.103673][ T10] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 78.107760][ T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 78.111363][ T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 78.119888][ T10] usb 6-1: string descriptor 0 read error: -22 [ 78.122111][ T10] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 78.125033][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 78.135337][ T94] team0 (unregistering): Port device team_slave_1 removed [ 78.136903][ T10] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 78.189297][ T94] team0 (unregistering): Port device team_slave_0 removed [ 78.618365][ T6772] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 78.630977][ T52] usb 6-1: USB disconnect, device number 4 [ 78.657787][ T6755] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.662080][ T6755] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.665115][ T6755] bridge_slave_0: entered allmulticast mode [ 78.671163][ T6755] bridge_slave_0: entered promiscuous mode [ 78.687099][ T6755] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.690238][ T6755] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.693239][ T6755] bridge_slave_1: entered allmulticast mode [ 78.699659][ T6755] bridge_slave_1: entered promiscuous mode [ 78.787082][ T6755] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.791799][ T6790] smc: net device bond0 applied user defined pnetid SYZ2 [ 78.794563][ T6755] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.796077][ T6790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=6790 comm=syz.3.156 [ 78.818966][ T6790] netlink: 20 bytes leftover after parsing attributes in process `syz.3.156'. [ 78.854859][ T6790] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 78.919761][ T6755] team0: Port device team_slave_0 added [ 78.924219][ T6755] team0: Port device team_slave_1 added [ 78.984387][ T6755] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.987291][ T6755] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.998407][ T6755] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.004380][ T6755] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.007503][ T6755] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.019526][ T6755] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.035996][ T5952] Bluetooth: hci0: command tx timeout [ 79.123073][ T6755] hsr_slave_0: entered promiscuous mode [ 79.125278][ T6755] hsr_slave_1: entered promiscuous mode [ 79.128924][ T6755] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.131686][ T6755] Cannot create hsr debugfs directory [ 79.227773][ T6821] overlayfs: conflicting options: userxattr,redirect_dir=on [ 79.267351][ T6823] binder: 6822:6823 ioctl c018620c 200000000a80 returned -1 [ 79.371732][ T6755] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 79.378893][ T6755] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 79.384516][ T6755] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 79.395149][ T6755] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 79.620697][ T6755] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.648992][ T6755] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.657963][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.660234][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.665825][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.668057][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.753447][ T6860] netlink: 'syz.3.171': attribute type 39 has an invalid length. [ 79.809281][ T6755] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.835933][ T5952] Bluetooth: hci3: command 0x0419 tx timeout [ 79.862203][ T6868] trusted_key: syz.2.172 sent an empty control message without MSG_MORE. [ 79.929240][ T6886] netlink: 28 bytes leftover after parsing attributes in process `syz.1.175'. [ 79.933378][ T6886] netlink: 28 bytes leftover after parsing attributes in process `syz.1.175'. [ 79.990503][ T6755] veth0_vlan: entered promiscuous mode [ 80.010003][ T6755] veth1_vlan: entered promiscuous mode [ 80.018242][ T6894] netlink: 8 bytes leftover after parsing attributes in process `syz.3.177'. [ 80.026311][ T6755] veth0_macvtap: entered promiscuous mode [ 80.036414][ T6755] veth1_macvtap: entered promiscuous mode [ 80.040573][ T6900] syz.1.176: attempt to access beyond end of device [ 80.040573][ T6900] nbd1: rw=0, sector=6, nr_sectors = 2 limit=0 [ 80.044489][ T6900] ADFS-fs (nbd1): error: unable to read block 3, try 0 [ 80.045267][ T6755] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.054312][ T6755] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.054864][ T6891] netlink: 248 bytes leftover after parsing attributes in process `syz.1.176'. [ 80.060346][ T6755] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.063129][ T6755] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.066898][ T6755] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.069684][ T6755] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.121810][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.124669][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.155539][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.158774][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.387870][ T6935] xt_hashlimit: size too large, truncated to 1048576 [ 80.446023][ T6469] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 80.619632][ T6469] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 80.623294][ T6469] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 80.628634][ T6469] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 80.632224][ T6469] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 80.640095][ T6469] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 80.646708][ T6469] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 80.650204][ T6469] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 80.653309][ T6469] usb 6-1: Product: syz [ 80.655135][ T6469] usb 6-1: Manufacturer: syz [ 80.665173][ T6469] cdc_wdm 6-1:1.0: skipping garbage [ 80.667908][ T6469] cdc_wdm 6-1:1.0: skipping garbage [ 80.672322][ T6469] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 80.674549][ T6469] cdc_wdm 6-1:1.0: Unknown control protocol [ 80.989889][ T6962] @: renamed from vlan0 (while UP) [ 81.002053][ T40] kauditd_printk_skb: 26 callbacks suppressed [ 81.002069][ T40] audit: type=1400 audit(1749928646.089:325): avc: denied { write } for pid=6961 comm="syz.5.193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 81.126686][ T5952] Bluetooth: hci0: command tx timeout [ 81.194213][ T6975] geneve2: entered promiscuous mode [ 81.196789][ T6975] geneve2: entered allmulticast mode [ 81.239215][ T6977] FAULT_INJECTION: forcing a failure. [ 81.239215][ T6977] name failslab, interval 1, probability 0, space 0, times 0 [ 81.248590][ T6977] CPU: 2 UID: 0 PID: 6977 Comm: syz.5.199 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 81.248616][ T6977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.248625][ T6977] Call Trace: [ 81.248632][ T6977] [ 81.248639][ T6977] dump_stack_lvl+0x16c/0x1f0 [ 81.248671][ T6977] should_fail_ex+0x512/0x640 [ 81.248695][ T6977] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 81.248720][ T6977] should_failslab+0xc2/0x120 [ 81.248747][ T6977] __kmalloc_cache_noprof+0x6a/0x3e0 [ 81.248767][ T6977] ? kvm_hv_vcpu_init+0xa4/0x7a0 [ 81.248792][ T6977] kvm_hv_vcpu_init+0xa4/0x7a0 [ 81.248816][ T6977] kvm_hv_get_msr_common+0xfe/0x1a90 [ 81.248843][ T6977] ? __pfx_kvm_hv_get_msr_common+0x10/0x10 [ 81.248873][ T6977] kvm_get_msr_common+0x13bf/0x2370 [ 81.248900][ T6977] vmx_get_msr+0x7c0/0x1330 [ 81.248923][ T6977] __kvm_get_msr+0x23b/0x310 [ 81.248952][ T6977] ? __pfx___kvm_get_msr+0x10/0x10 [ 81.248986][ T6977] kvm_get_msr_ignored_check+0x30/0x430 [ 81.249015][ T6977] ? __pfx_do_get_msr+0x10/0x10 [ 81.249042][ T6977] msr_io+0x17e/0x2a0 [ 81.249062][ T6977] ? __pfx_msr_io+0x10/0x10 [ 81.249078][ T6977] ? arch_stack_walk+0xa6/0x100 [ 81.249102][ T6977] kvm_arch_vcpu_ioctl+0x7fb/0x5120 [ 81.249120][ T6977] ? kvm_arch_vcpu_ioctl+0x7d2/0x5120 [ 81.249139][ T6977] ? stack_trace_save+0x8e/0xc0 [ 81.249164][ T6977] ? stack_depot_save_flags+0x28/0xa40 [ 81.249187][ T6977] ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10 [ 81.249206][ T6977] ? __lock_acquire+0xb8a/0x1c90 [ 81.249236][ T6977] ? kasan_save_stack+0x42/0x60 [ 81.249257][ T6977] ? kasan_save_stack+0x33/0x60 [ 81.249279][ T6977] ? kasan_save_track+0x14/0x30 [ 81.249298][ T6977] ? kasan_save_free_info+0x3b/0x60 [ 81.249316][ T6977] ? __kasan_slab_free+0x51/0x70 [ 81.249343][ T6977] ? kfree+0x2b4/0x4d0 [ 81.249360][ T6977] ? tomoyo_path_number_perm+0x470/0x580 [ 81.249379][ T6977] ? security_file_ioctl+0x9b/0x240 [ 81.249403][ T6977] ? __x64_sys_ioctl+0xb7/0x210 [ 81.249421][ T6977] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.249443][ T6977] ? __lock_acquire+0xb8a/0x1c90 [ 81.249477][ T6977] ? __mutex_trylock_common+0xe9/0x250 [ 81.249508][ T6977] ? __pfx___mutex_trylock_common+0x10/0x10 [ 81.249535][ T6977] ? __pfx___might_resched+0x10/0x10 [ 81.249560][ T6977] ? rcu_is_watching+0x12/0xc0 [ 81.249582][ T6977] ? trace_contention_end+0xdd/0x130 [ 81.249609][ T6977] ? __mutex_lock+0x1ca/0xb90 [ 81.249638][ T6977] ? kvm_vcpu_ioctl+0x280/0x1690 [ 81.249661][ T6977] ? __pfx___mutex_lock+0x10/0x10 [ 81.249695][ T6977] ? tomoyo_path_number_perm+0x18d/0x580 [ 81.249719][ T6977] ? kvm_vcpu_ioctl+0x1236/0x1690 [ 81.249738][ T6977] kvm_vcpu_ioctl+0x1236/0x1690 [ 81.249761][ T6977] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 81.249791][ T6977] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 81.249818][ T6977] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 81.249872][ T6977] ? hook_file_ioctl_common+0x145/0x410 [ 81.249897][ T6977] ? selinux_file_ioctl+0x180/0x270 [ 81.249919][ T6977] ? selinux_file_ioctl+0xb4/0x270 [ 81.249943][ T6977] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 81.249966][ T6977] __x64_sys_ioctl+0x18e/0x210 [ 81.249989][ T6977] do_syscall_64+0xcd/0x4c0 [ 81.250017][ T6977] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.250035][ T6977] RIP: 0033:0x7f9ece98e929 [ 81.250050][ T6977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.250067][ T6977] RSP: 002b:00007f9ecf7b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 81.250084][ T6977] RAX: ffffffffffffffda RBX: 00007f9ecebb5fa0 RCX: 00007f9ece98e929 [ 81.250096][ T6977] RDX: 0000200000000040 RSI: 00000000c008ae88 RDI: 0000000000000005 [ 81.250107][ T6977] RBP: 00007f9ecf7b5090 R08: 0000000000000000 R09: 0000000000000000 [ 81.250117][ T6977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.250127][ T6977] R13: 0000000000000000 R14: 00007f9ecebb5fa0 R15: 00007ffd838095b8 [ 81.250151][ T6977] [ 81.412119][ T839] cfg80211: failed to load regulatory.db [ 81.527033][ T40] audit: type=1400 audit(1749928646.619:326): avc: denied { create } for pid=6988 comm="syz.5.203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 81.539406][ T40] audit: type=1400 audit(1749928646.629:327): avc: denied { write } for pid=6988 comm="syz.5.203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 81.541082][ T6989] xfrm0 speed is unknown, defaulting to 1000 [ 81.549855][ T6989] xfrm0 speed is unknown, defaulting to 1000 [ 81.553211][ T6989] xfrm0 speed is unknown, defaulting to 1000 [ 81.559868][ T6989] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 81.567930][ T6989] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 81.585716][ T6989] xfrm0 speed is unknown, defaulting to 1000 [ 81.590432][ T6989] xfrm0 speed is unknown, defaulting to 1000 [ 81.591915][ T40] audit: type=1400 audit(1749928646.679:328): avc: denied { create } for pid=6988 comm="syz.5.203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 81.593374][ T6989] xfrm0 speed is unknown, defaulting to 1000 [ 81.599025][ T6992] ieee802154 phy1 wpan1: encryption failed: -22 [ 81.600710][ T40] audit: type=1400 audit(1749928646.679:329): avc: denied { write } for pid=6988 comm="syz.5.203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 81.607349][ T6989] xfrm0 speed is unknown, defaulting to 1000 [ 81.610860][ T5952] Bluetooth: hci0: Dropping invalid advertising data [ 81.610892][ T5952] Bluetooth: hci0: Dropping invalid advertising data [ 81.610899][ T5952] Bluetooth: hci0: Dropping invalid advertising data [ 81.610906][ T5952] Bluetooth: hci0: Malformed LE Event: 0x02 [ 81.613035][ T40] audit: type=1400 audit(1749928646.699:330): avc: denied { connect } for pid=6988 comm="syz.5.203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 81.634041][ T40] audit: type=1400 audit(1749928646.699:331): avc: denied { write } for pid=6988 comm="syz.5.203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 81.699075][ T6994] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 81.701273][ T6994] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 81.704837][ T6994] vhci_hcd vhci_hcd.0: Device attached [ 81.731760][ T6995] vhci_hcd: connection closed [ 81.732677][ T1254] vhci_hcd: stop threads [ 81.736542][ T1254] vhci_hcd: release socket [ 81.738148][ T1254] vhci_hcd: disconnect device [ 81.961952][ T40] audit: type=1400 audit(1749928647.049:332): avc: denied { ioctl } for pid=6999 comm="syz.3.207" path="/dev/cdc-wdm0" dev="devtmpfs" ino=2867 ioctlcmd=0x5b0e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1 [ 82.500187][ T40] audit: type=1400 audit(1749928647.589:333): avc: denied { append } for pid=7017 comm="syz.2.210" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 82.734103][ T7023] loop9: detected capacity change from 0 to 7 [ 82.755162][ T7023] loop6: detected capacity change from 0 to 63 [ 82.763409][ T6214] buffer_io_error: 682 callbacks suppressed [ 82.763424][ T6214] Buffer I/O error on dev loop6, logical block 0, async page read [ 82.769962][ T6214] Buffer I/O error on dev loop6, logical block 0, async page read [ 82.773583][ T6214] Buffer I/O error on dev loop6, logical block 0, async page read [ 82.777547][ T6214] Buffer I/O error on dev loop6, logical block 0, async page read [ 82.781927][ T6214] Buffer I/O error on dev loop6, logical block 0, async page read [ 82.791852][ T6214] Buffer I/O error on dev loop6, logical block 0, async page read [ 82.796514][ T6214] Buffer I/O error on dev loop6, logical block 3, async page read [ 82.920015][ T7026] loop6: detected capacity change from 0 to 524287999 [ 83.205986][ T5952] Bluetooth: hci0: command tx timeout [ 83.213578][ C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 83.215855][ C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 83.220221][ T6469] usb 6-1: USB disconnect, device number 5 [ 83.346507][ T40] audit: type=1400 audit(1749928648.439:334): avc: denied { audit_read } for pid=7027 comm="syz.1.214" capability=37 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 83.433588][ T7035] gretap0: refused to change device tx_queue_len [ 83.436852][ T7035] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 84.206522][ T7033] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 84.209175][ T7033] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 84.211755][ T7033] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 84.214350][ T7033] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 84.217325][ T7033] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 84.223690][ T7033] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 84.314301][ T7092] FAULT_INJECTION: forcing a failure. [ 84.314301][ T7092] name failslab, interval 1, probability 0, space 0, times 0 [ 84.318883][ T7092] CPU: 1 UID: 0 PID: 7092 Comm: syz.2.226 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 84.318898][ T7092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 84.318905][ T7092] Call Trace: [ 84.318910][ T7092] [ 84.318914][ T7092] dump_stack_lvl+0x16c/0x1f0 [ 84.318949][ T7092] should_fail_ex+0x512/0x640 [ 84.318970][ T7092] should_failslab+0xc2/0x120 [ 84.318987][ T7092] __kmalloc_cache_noprof+0x6a/0x3e0 [ 84.319000][ T7092] ? __pfx___might_resched+0x10/0x10 [ 84.319014][ T7092] ? __hw_addr_add_ex+0x3c9/0x7c0 [ 84.319029][ T7092] __hw_addr_add_ex+0x3c9/0x7c0 [ 84.319042][ T7092] ? __pfx___hw_addr_add_ex+0x10/0x10 [ 84.319054][ T7092] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 84.319075][ T7092] ? __pfx_geneve_setup+0x10/0x10 [ 84.319089][ T7092] dev_addr_init+0x161/0x250 [ 84.319102][ T7092] ? __pfx_dev_addr_init+0x10/0x10 [ 84.319125][ T7092] alloc_netdev_mqs+0x3d2/0x1570 [ 84.319145][ T7092] rtnl_create_link+0xc08/0xf90 [ 84.319164][ T7092] rtnl_newlink+0xb69/0x2000 [ 84.319184][ T7092] ? __pfx_rtnl_newlink+0x10/0x10 [ 84.319200][ T7092] ? find_held_lock+0x2b/0x80 [ 84.319214][ T7092] ? avc_has_perm_noaudit+0x117/0x3b0 [ 84.319227][ T7092] ? avc_has_perm_noaudit+0x149/0x3b0 [ 84.319239][ T7092] ? cred_has_capability.isra.0+0x193/0x2f0 [ 84.319264][ T7092] ? find_held_lock+0x2b/0x80 [ 84.319276][ T7092] ? __pfx_rtnl_newlink+0x10/0x10 [ 84.319291][ T7092] ? __pfx_rtnl_newlink+0x10/0x10 [ 84.319307][ T7092] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 84.319324][ T7092] ? __pfx_rtnl_newlink+0x10/0x10 [ 84.319341][ T7092] rtnetlink_rcv_msg+0x95b/0xe90 [ 84.319359][ T7092] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 84.319381][ T7092] ? ref_tracker_free+0x37c/0x830 [ 84.319398][ T7092] netlink_rcv_skb+0x155/0x420 [ 84.319410][ T7092] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 84.319428][ T7092] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 84.319444][ T7092] ? netlink_deliver_tap+0x1ae/0xd30 [ 84.319457][ T7092] netlink_unicast+0x53d/0x7f0 [ 84.319470][ T7092] ? __pfx_netlink_unicast+0x10/0x10 [ 84.319485][ T7092] netlink_sendmsg+0x8d1/0xdd0 [ 84.319499][ T7092] ? __pfx_netlink_sendmsg+0x10/0x10 [ 84.319516][ T7092] ____sys_sendmsg+0xa95/0xc70 [ 84.319529][ T7092] ? copy_msghdr_from_user+0x10a/0x160 [ 84.319544][ T7092] ? __pfx_____sys_sendmsg+0x10/0x10 [ 84.319562][ T7092] ___sys_sendmsg+0x134/0x1d0 [ 84.319579][ T7092] ? __pfx____sys_sendmsg+0x10/0x10 [ 84.319593][ T7092] ? __lock_acquire+0x622/0x1c90 [ 84.319626][ T7092] __sys_sendmsg+0x16d/0x220 [ 84.319642][ T7092] ? __pfx___sys_sendmsg+0x10/0x10 [ 84.319667][ T7092] do_syscall_64+0xcd/0x4c0 [ 84.319684][ T7092] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.319695][ T7092] RIP: 0033:0x7f8ac118e929 [ 84.319704][ T7092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.319715][ T7092] RSP: 002b:00007f8ac203a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 84.319725][ T7092] RAX: ffffffffffffffda RBX: 00007f8ac13b5fa0 RCX: 00007f8ac118e929 [ 84.319732][ T7092] RDX: 0000000000004000 RSI: 00002000000002c0 RDI: 0000000000000003 [ 84.319738][ T7092] RBP: 00007f8ac203a090 R08: 0000000000000000 R09: 0000000000000000 [ 84.319757][ T7092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.319764][ T7092] R13: 0000000000000000 R14: 00007f8ac13b5fa0 R15: 00007fff74dc2dd8 [ 84.319777][ T7092] [ 84.749496][ T6469] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 84.831626][ T7121] FAULT_INJECTION: forcing a failure. [ 84.831626][ T7121] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 84.837100][ T7121] CPU: 3 UID: 0 PID: 7121 Comm: syz.3.230 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 84.837125][ T7121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 84.837136][ T7121] Call Trace: [ 84.837142][ T7121] [ 84.837148][ T7121] dump_stack_lvl+0x16c/0x1f0 [ 84.837180][ T7121] should_fail_ex+0x512/0x640 [ 84.837206][ T7121] _copy_from_user+0x2e/0xd0 [ 84.837232][ T7121] restore_altstack+0x93/0x170 [ 84.837258][ T7121] ? __pfx_restore_altstack+0x10/0x10 [ 84.837283][ T7121] ? _raw_spin_unlock_irq+0x23/0x50 [ 84.837306][ T7121] ? lockdep_hardirqs_on+0x7c/0x110 [ 84.837330][ T7121] ? _raw_spin_unlock_irq+0x2e/0x50 [ 84.837351][ T7121] ? set_current_blocked+0xdd/0x120 [ 84.837369][ T7121] __do_sys_rt_sigreturn+0x13c/0x230 [ 84.837390][ T7121] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 84.837417][ T7121] do_syscall_64+0xcd/0x4c0 [ 84.837445][ T7121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.837462][ T7121] RIP: 0033:0x7f9a8852ab19 [ 84.837476][ T7121] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25 [ 84.837493][ T7121] RSP: 002b:00007f9a893ad340 EFLAGS: 00000206 ORIG_RAX: 000000000000000f [ 84.837509][ T7121] RAX: ffffffffffffffda RBX: 00007f9a887b5fa0 RCX: 00007f9a8852ab19 [ 84.837521][ T7121] RDX: 00007f9a893ad340 RSI: 00007f9a893ad470 RDI: 0000000000000021 [ 84.837531][ T7121] RBP: 00007f9a893ae090 R08: 0000000000000000 R09: 0000000000000000 [ 84.837541][ T7121] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 84.837551][ T7121] R13: 0000000000000000 R14: 00007f9a887b5fa0 R15: 00007ffe826f98c8 [ 84.837572][ T7121] [ 84.895950][ T6469] usb 6-1: Using ep0 maxpacket: 16 [ 84.897185][ C3] vkms_vblank_simulate: vblank timer overrun [ 84.902215][ T6469] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0 [ 84.913012][ T6469] usb 6-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0 [ 84.917525][ T6469] usb 6-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 84.921593][ T6469] usb 6-1: config 1 interface 0 has no altsetting 0 [ 84.925540][ T6469] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 84.929314][ T6469] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.932610][ T6469] usb 6-1: Product: syz [ 84.934445][ T6469] usb 6-1: Manufacturer: syz [ 84.936983][ T6469] usb 6-1: SerialNumber: syz [ 85.143977][ T6469] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8 [ 85.176988][ T7130] vlan2: entered promiscuous mode [ 85.178852][ T7130] bridge0: entered promiscuous mode [ 85.180905][ T7130] vlan2: entered allmulticast mode [ 85.182748][ T7130] bridge0: entered allmulticast mode [ 85.188914][ T7130] gretap0: refused to change device tx_queue_len [ 85.191458][ T7130] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 85.348498][ T5828] usb 6-1: USB disconnect, device number 6 [ 85.354390][ T5828] usblp0: removed [ 85.951457][ T7129] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 85.953888][ T7129] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 85.956076][ T7129] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 85.958333][ T7129] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 86.050875][ T7143] loop6: detected capacity change from 0 to 63 [ 86.060440][ T6214] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.064893][ T6214] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.071473][ T6214] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.106600][ T40] kauditd_printk_skb: 5 callbacks suppressed [ 86.106611][ T40] audit: type=1400 audit(1749928651.189:339): avc: denied { read write } for pid=7148 comm="syz.3.239" name="uhid" dev="devtmpfs" ino=1297 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 86.116789][ T40] audit: type=1400 audit(1749928651.199:340): avc: denied { open } for pid=7148 comm="syz.3.239" path="/dev/uhid" dev="devtmpfs" ino=1297 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 86.129167][ T7155] ata1.00: invalid multi_count 1 ignored [ 86.156644][ T40] audit: type=1400 audit(1749928651.249:341): avc: denied { nlmsg_write } for pid=7157 comm="syz.3.242" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 86.199900][ T40] audit: type=1400 audit(1749928651.289:342): avc: denied { bind } for pid=7147 comm="syz.2.241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 86.209269][ T7161] netlink: 24 bytes leftover after parsing attributes in process `syz.3.243'. [ 86.256561][ T7164] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 86.269474][ T40] audit: type=1400 audit(1749928651.359:343): avc: denied { read append } for pid=7163 comm="syz.2.244" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 86.280319][ T40] audit: type=1400 audit(1749928651.359:344): avc: denied { open } for pid=7163 comm="syz.2.244" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 86.290292][ T40] audit: type=1400 audit(1749928651.369:345): avc: denied { map } for pid=7163 comm="syz.2.244" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 86.300019][ T40] audit: type=1400 audit(1749928651.369:346): avc: denied { write execute } for pid=7163 comm="syz.2.244" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 86.322495][ T40] audit: type=1400 audit(1749928651.409:347): avc: denied { name_bind } for pid=7163 comm="syz.2.244" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 86.440733][ T7168] vlan2: entered promiscuous mode [ 86.442870][ T7168] bridge0: entered promiscuous mode [ 86.444846][ T7168] vlan2: entered allmulticast mode [ 86.446777][ T7168] bridge0: entered allmulticast mode [ 86.452133][ T7168] gretap0: refused to change device tx_queue_len [ 86.454355][ T7168] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 86.517349][ T7172] usb usb9: usbfs: interface 0 claimed by hub while 'syz.2.247' resets device [ 86.521488][ T40] audit: type=1400 audit(1749928651.609:348): avc: denied { create } for pid=7171 comm="syz.2.247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 86.833627][ T7183] FAULT_INJECTION: forcing a failure. [ 86.833627][ T7183] name failslab, interval 1, probability 0, space 0, times 0 [ 86.838572][ T7183] CPU: 1 UID: 0 PID: 7183 Comm: syz.2.250 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 86.838587][ T7183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.838594][ T7183] Call Trace: [ 86.838598][ T7183] [ 86.838602][ T7183] dump_stack_lvl+0x16c/0x1f0 [ 86.838622][ T7183] should_fail_ex+0x512/0x640 [ 86.838637][ T7183] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 86.838654][ T7183] should_failslab+0xc2/0x120 [ 86.838670][ T7183] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 86.838684][ T7183] ? vm_area_dup+0x27/0x8d0 [ 86.838699][ T7183] vm_area_dup+0x27/0x8d0 [ 86.838712][ T7183] dup_mmap+0x877/0x21d0 [ 86.838727][ T7183] ? __pfx_dup_mmap+0x10/0x10 [ 86.838748][ T7183] copy_process+0x4081/0x76a0 [ 86.838769][ T7183] ? __pfx_copy_process+0x10/0x10 [ 86.838789][ T7183] kernel_clone+0xfc/0x960 [ 86.838804][ T7183] ? __pfx_kernel_clone+0x10/0x10 [ 86.838824][ T7183] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 86.838854][ T7183] __do_sys_clone+0xce/0x120 [ 86.838869][ T7183] ? __pfx___do_sys_clone+0x10/0x10 [ 86.838888][ T7183] ? ksys_write+0x1ac/0x250 [ 86.838902][ T7183] ? __pfx_ksys_write+0x10/0x10 [ 86.838920][ T7183] do_syscall_64+0xcd/0x4c0 [ 86.838937][ T7183] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.838949][ T7183] RIP: 0033:0x7f8ac118e929 [ 86.838958][ T7183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.838969][ T7183] RSP: 002b:00007f8ac2039fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 86.838979][ T7183] RAX: ffffffffffffffda RBX: 00007f8ac13b5fa0 RCX: 00007f8ac118e929 [ 86.838986][ T7183] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 86.838992][ T7183] RBP: 00007f8ac203a090 R08: 0000000000000000 R09: 0000000000000000 [ 86.839000][ T7183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 86.839006][ T7183] R13: 0000000000000000 R14: 00007f8ac13b5fa0 R15: 00007fff74dc2dd8 [ 86.839019][ T7183] [ 86.875037][ T7185] binder: 7184:7185 ioctl c0306201 200000000140 returned -22 [ 87.099958][ T7207] fuse: Bad value for 'fd' [ 87.214993][ T7167] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 87.217764][ T7167] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 87.220448][ T7167] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 87.223184][ T7167] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 87.272589][ T5952] Bluetooth: hci0: unexpected event for opcode 0x2028 [ 87.589065][ T7254] FAULT_INJECTION: forcing a failure. [ 87.589065][ T7254] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 87.595011][ T7254] CPU: 1 UID: 0 PID: 7254 Comm: syz.1.275 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 87.595035][ T7254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.595045][ T7254] Call Trace: [ 87.595052][ T7254] [ 87.595058][ T7254] dump_stack_lvl+0x16c/0x1f0 [ 87.595089][ T7254] should_fail_ex+0x512/0x640 [ 87.595114][ T7254] _copy_from_user+0x2e/0xd0 [ 87.595138][ T7254] kstrtouint_from_user+0xd6/0x1d0 [ 87.595156][ T7254] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 87.595174][ T7254] ? __lock_acquire+0xb8a/0x1c90 [ 87.595210][ T7254] proc_fail_nth_write+0x83/0x250 [ 87.595232][ T7254] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 87.595265][ T7254] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 87.595284][ T7254] vfs_write+0x2a0/0x1150 [ 87.595309][ T7254] ? __pfx___mutex_lock+0x10/0x10 [ 87.595334][ T7254] ? __pfx_vfs_write+0x10/0x10 [ 87.595361][ T7254] ? __fget_files+0x20e/0x3c0 [ 87.595390][ T7254] ksys_write+0x12a/0x250 [ 87.595410][ T7254] ? __pfx_ksys_write+0x10/0x10 [ 87.595437][ T7254] do_syscall_64+0xcd/0x4c0 [ 87.595464][ T7254] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.595480][ T7254] RIP: 0033:0x7fecd7f8d3df [ 87.595493][ T7254] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 87.595509][ T7254] RSP: 002b:00007fecd8e82030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 87.595524][ T7254] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fecd7f8d3df [ 87.595534][ T7254] RDX: 0000000000000001 RSI: 00007fecd8e820a0 RDI: 0000000000000003 [ 87.595544][ T7254] RBP: 00007fecd8e82090 R08: 0000000000000000 R09: 0000000000000000 [ 87.595554][ T7254] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 87.595563][ T7254] R13: 0000000000000000 R14: 00007fecd81b5fa0 R15: 00007ffe3bc888c8 [ 87.595585][ T7254] [ 87.690933][ T7258] FAULT_INJECTION: forcing a failure. [ 87.690933][ T7258] name failslab, interval 1, probability 0, space 0, times 0 [ 87.697662][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.697677][ T7258] CPU: 0 UID: 0 PID: 7258 Comm: syz.1.277 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 87.697697][ T7258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.697706][ T7258] Call Trace: [ 87.697712][ T7258] [ 87.697718][ T7258] dump_stack_lvl+0x16c/0x1f0 [ 87.697748][ T7258] should_fail_ex+0x512/0x640 [ 87.697771][ T7258] ? __kmalloc_noprof+0xbf/0x510 [ 87.697821][ T7258] ? __d_alloc+0x640/0xaa0 [ 87.697847][ T7258] should_failslab+0xc2/0x120 [ 87.697873][ T7258] __kmalloc_noprof+0xd2/0x510 [ 87.697896][ T7258] ? __d_alloc+0x31/0xaa0 [ 87.697921][ T7258] ? stack_trace_save+0x8e/0xc0 [ 87.697939][ T7258] __d_alloc+0x640/0xaa0 [ 87.697957][ T7258] d_alloc+0x4a/0x1e0 [ 87.697974][ T7258] d_alloc_parallel+0xe3/0x12e0 [ 87.697990][ T7258] ? find_held_lock+0x2b/0x80 [ 87.698010][ T7258] ? __pfx_d_alloc_parallel+0x10/0x10 [ 87.698024][ T7258] ? __d_lookup+0x266/0x4a0 [ 87.698040][ T7258] lookup_open.isra.0+0x665/0x1580 [ 87.698056][ T7258] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 87.698076][ T7258] ? __pfx_down_write+0x10/0x10 [ 87.698086][ T7258] ? mnt_get_write_access+0x20c/0x300 [ 87.698100][ T7258] path_openat+0x893/0x2cb0 [ 87.698117][ T7258] ? do_syscall_64+0xcd/0x4c0 [ 87.698133][ T7258] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.698145][ T7258] ? __pfx_path_openat+0x10/0x10 [ 87.698163][ T7258] do_filp_open+0x20b/0x470 [ 87.698178][ T7258] ? __pfx_do_filp_open+0x10/0x10 [ 87.698202][ T7258] ? _raw_spin_unlock+0x28/0x50 [ 87.698216][ T7258] ? alloc_fd+0x471/0x7d0 [ 87.698234][ T7258] do_sys_openat2+0x11b/0x1d0 [ 87.698244][ T7258] ? __pfx_do_sys_openat2+0x10/0x10 [ 87.698257][ T7258] ? __fget_files+0x20e/0x3c0 [ 87.698275][ T7258] __x64_sys_creat+0xcc/0x120 [ 87.698286][ T7258] ? __pfx___x64_sys_creat+0x10/0x10 [ 87.698296][ T7258] ? __pfx_ksys_write+0x10/0x10 [ 87.698311][ T7258] ? rcu_is_watching+0x12/0xc0 [ 87.698324][ T7258] ? do_syscall_64+0x91/0x4c0 [ 87.698341][ T7258] do_syscall_64+0xcd/0x4c0 [ 87.698358][ T7258] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.698368][ T7258] RIP: 0033:0x7fecd7f8e929 [ 87.698377][ T7258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.698388][ T7258] RSP: 002b:00007fecd8e82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 87.698398][ T7258] RAX: ffffffffffffffda RBX: 00007fecd81b5fa0 RCX: 00007fecd7f8e929 [ 87.698407][ T7258] RDX: 0000000000000000 RSI: 00000000000001ab RDI: 0000200000001dc0 [ 87.698417][ T7258] RBP: 00007fecd8e82090 R08: 0000000000000000 R09: 0000000000000000 [ 87.698427][ T7258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 87.698437][ T7258] R13: 0000000000000000 R14: 00007fecd81b5fa0 R15: 00007ffe3bc888c8 [ 87.698462][ T7258] [ 87.805216][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.807723][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.810183][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.812574][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.814857][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.817378][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.819778][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.822149][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.824561][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.827074][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.829363][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.832060][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.834418][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.836817][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.839084][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.841889][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.844932][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.848035][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.850902][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.853656][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.855997][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.858343][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.860966][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.863968][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.866660][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.869645][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.872458][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.875322][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.878456][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.881425][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.884444][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.887600][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.890583][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.893491][ T840] hid-generic 0200:0008:0001.0002: unknown main item tag 0x0 [ 87.900654][ T840] hid-generic 0200:0008:0001.0002: hidraw1: HID v0.09 Device [syz0] on syz1 [ 87.937596][ T7260] fido_id[7260]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 87.941959][ T7262] loop6: detected capacity change from 0 to 524287999 [ 87.960554][ T7262] FAULT_INJECTION: forcing a failure. [ 87.960554][ T7262] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 87.966107][ T7262] CPU: 1 UID: 0 PID: 7262 Comm: syz.1.278 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 87.966122][ T7262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.966129][ T7262] Call Trace: [ 87.966134][ T7262] [ 87.966138][ T7262] dump_stack_lvl+0x16c/0x1f0 [ 87.966159][ T7262] should_fail_ex+0x512/0x640 [ 87.966177][ T7262] should_fail_alloc_page+0xe7/0x130 [ 87.966194][ T7262] prepare_alloc_pages+0x3c2/0x610 [ 87.966220][ T7262] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 87.966237][ T7262] ? psi_task_switch+0x201/0x8e0 [ 87.966256][ T7262] ? __lock_acquire+0xb8a/0x1c90 [ 87.966273][ T7262] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 87.966289][ T7262] ? kvm_sched_clock_read+0x11/0x20 [ 87.966313][ T7262] ? __lock_acquire+0x622/0x1c90 [ 87.966332][ T7262] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 87.966346][ T7262] ? policy_nodemask+0xea/0x4e0 [ 87.966362][ T7262] alloc_pages_mpol+0x1fb/0x550 [ 87.966378][ T7262] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 87.966393][ T7262] ? page_table_check_set+0x627/0x750 [ 87.966412][ T7262] alloc_pages_noprof+0x131/0x390 [ 87.966428][ T7262] pte_alloc_one+0x1c/0x3a0 [ 87.966439][ T7262] __pte_alloc+0x6d/0x3c0 [ 87.966455][ T7262] ? __pfx___pte_alloc+0x10/0x10 [ 87.966474][ T7262] __handle_mm_fault+0x4358/0x5490 [ 87.966490][ T7262] ? __pfx___handle_mm_fault+0x10/0x10 [ 87.966502][ T7262] ? folio_mark_accessed+0xc1/0xc00 [ 87.966517][ T7262] ? __pfx_folio_mark_accessed+0x10/0x10 [ 87.966532][ T7262] ? vm_normal_page+0x152/0x2e0 [ 87.966548][ T7262] ? find_held_lock+0x2b/0x80 [ 87.966560][ T7262] ? find_held_lock+0x2b/0x80 [ 87.966580][ T7262] handle_mm_fault+0x589/0xd10 [ 87.966595][ T7262] __get_user_pages+0x589/0x3b80 [ 87.966611][ T7262] ? __pfx___get_user_pages+0x10/0x10 [ 87.966621][ T7262] ? __pfx_down_read_killable+0x10/0x10 [ 87.966634][ T7262] ? __lock_acquire+0x622/0x1c90 [ 87.966652][ T7262] __gup_longterm_locked+0x20d/0x1850 [ 87.966667][ T7262] ? __pfx___gup_longterm_locked+0x10/0x10 [ 87.966679][ T7262] ? find_held_lock+0x2b/0x80 [ 87.966692][ T7262] ? sanity_check_pinned_pages+0x23/0x1200 [ 87.966712][ T7262] gup_fast_fallback+0x1ab3/0x29e0 [ 87.966732][ T7262] ? __pfx_gup_fast_fallback+0x10/0x10 [ 87.966742][ T7262] ? blkdev_write_iter+0x6fd/0xdf0 [ 87.966755][ T7262] ? vfs_write+0x6c4/0x1150 [ 87.966772][ T7262] ? ksys_write+0x12a/0x250 [ 87.966788][ T7262] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.966813][ T7262] pin_user_pages_fast+0xa7/0xf0 [ 87.966827][ T7262] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 87.966842][ T7262] iov_iter_extract_pages+0x3a2/0x1ed0 [ 87.966863][ T7262] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 87.966881][ T7262] ? find_held_lock+0x2b/0x80 [ 87.966894][ T7262] ? bio_associate_blkg_from_css+0x394/0x13e0 [ 87.966910][ T7262] bio_iov_iter_get_pages+0x384/0x10d0 [ 87.966922][ T7262] ? bio_associate_blkg+0x137/0x2a0 [ 87.966938][ T7262] ? __pfx_bio_iov_iter_get_pages+0x10/0x10 [ 87.966949][ T7262] ? __pfx_bio_alloc_bioset+0x10/0x10 [ 87.966966][ T7262] ? submit_bio_noacct+0x50d/0x1eb0 [ 87.966981][ T7262] blkdev_direct_IO+0x1409/0x1ff0 [ 87.967001][ T7262] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 87.967017][ T7262] ? filemap_check_errors+0xa9/0x160 [ 87.967032][ T7262] blkdev_write_iter+0x6fd/0xdf0 [ 87.967049][ T7262] vfs_write+0x6c4/0x1150 [ 87.967063][ T7262] ? __pfx_blkdev_write_iter+0x10/0x10 [ 87.967078][ T7262] ? __pfx_vfs_write+0x10/0x10 [ 87.967090][ T7262] ? find_held_lock+0x2b/0x80 [ 87.967111][ T7262] ksys_write+0x12a/0x250 [ 87.967138][ T7262] ? __pfx_ksys_write+0x10/0x10 [ 87.967152][ T7262] ? fd_install+0x244/0x750 [ 87.967169][ T7262] do_syscall_64+0xcd/0x4c0 [ 87.967187][ T7262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.967197][ T7262] RIP: 0033:0x7fecd7f8e929 [ 87.967207][ T7262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.967217][ T7262] RSP: 002b:00007fecd8e82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 87.967227][ T7262] RAX: ffffffffffffffda RBX: 00007fecd81b5fa0 RCX: 00007fecd7f8e929 [ 87.967234][ T7262] RDX: 00000000fffffe38 RSI: 0000200000001c00 RDI: 0000000000000005 [ 87.967240][ T7262] RBP: 00007fecd8e82090 R08: 0000000000000000 R09: 0000000000000000 [ 87.967246][ T7262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 87.967253][ T7262] R13: 0000000000000000 R14: 00007fecd81b5fa0 R15: 00007ffe3bc888c8 [ 87.967266][ T7262] [ 88.124838][ T7266] tty tty2: ldisc open failed (-12), clearing slot 1 [ 88.155531][ T7269] xt_hashlimit: size too large, truncated to 1048576 [ 88.294253][ T7279] FAULT_INJECTION: forcing a failure. [ 88.294253][ T7279] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 88.299937][ T7279] CPU: 3 UID: 0 PID: 7279 Comm: syz.1.283 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 88.299961][ T7279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.299971][ T7279] Call Trace: [ 88.299978][ T7279] [ 88.299985][ T7279] dump_stack_lvl+0x16c/0x1f0 [ 88.300017][ T7279] should_fail_ex+0x512/0x640 [ 88.300045][ T7279] _copy_to_user+0x32/0xd0 [ 88.300070][ T7279] simple_read_from_buffer+0xcb/0x170 [ 88.300094][ T7279] proc_fail_nth_read+0x197/0x270 [ 88.300116][ T7279] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 88.300140][ T7279] ? rw_verify_area+0xcf/0x680 [ 88.300158][ T7279] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 88.300179][ T7279] vfs_read+0x1e1/0xc60 [ 88.300203][ T7279] ? __pfx___mutex_lock+0x10/0x10 [ 88.300228][ T7279] ? __pfx_vfs_read+0x10/0x10 [ 88.300259][ T7279] ? __fget_files+0x20e/0x3c0 [ 88.300289][ T7279] ksys_read+0x12a/0x250 [ 88.300320][ T7279] ? __pfx_ksys_read+0x10/0x10 [ 88.300341][ T7279] ? fput+0x70/0xf0 [ 88.300369][ T7279] do_syscall_64+0xcd/0x4c0 [ 88.300397][ T7279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.300414][ T7279] RIP: 0033:0x7fecd7f8d33c [ 88.300428][ T7279] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 88.300444][ T7279] RSP: 002b:00007fecd8e82030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 88.300460][ T7279] RAX: ffffffffffffffda RBX: 00007fecd81b5fa0 RCX: 00007fecd7f8d33c [ 88.300472][ T7279] RDX: 000000000000000f RSI: 00007fecd8e820a0 RDI: 0000000000000006 [ 88.300482][ T7279] RBP: 00007fecd8e82090 R08: 0000000000000000 R09: 0000000000000000 [ 88.300492][ T7279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.300502][ T7279] R13: 0000000000000000 R14: 00007fecd81b5fa0 R15: 00007ffe3bc888c8 [ 88.300525][ T7279] [ 88.381240][ C3] vkms_vblank_simulate: vblank timer overrun [ 88.485999][ T5952] Bluetooth: hci1: command 0x0419 tx timeout [ 88.489036][ T7286] loop6: detected capacity change from 0 to 63 [ 88.499477][ T7288] FAULT_INJECTION: forcing a failure. [ 88.499477][ T7288] name failslab, interval 1, probability 0, space 0, times 0 [ 88.503359][ T6225] buffer_io_error: 4 callbacks suppressed [ 88.503372][ T6225] Buffer I/O error on dev loop6, logical block 0, async page read [ 88.507077][ T7288] CPU: 1 UID: 0 PID: 7288 Comm: syz.2.287 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 88.507094][ T7288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.507101][ T7288] Call Trace: [ 88.507106][ T7288] [ 88.507110][ T7288] dump_stack_lvl+0x16c/0x1f0 [ 88.507131][ T7288] should_fail_ex+0x512/0x640 [ 88.507145][ T7288] ? __kmalloc_node_noprof+0xc5/0x500 [ 88.507165][ T7288] should_failslab+0xc2/0x120 [ 88.507187][ T7288] __kmalloc_node_noprof+0xd8/0x500 [ 88.507201][ T7288] ? ___slab_alloc+0x66/0x1940 [ 88.507213][ T7288] ? alloc_slab_obj_exts+0x41/0xa0 [ 88.507227][ T7288] alloc_slab_obj_exts+0x41/0xa0 [ 88.507238][ T7288] __memcg_slab_post_alloc_hook+0x255/0x960 [ 88.507265][ T7288] ? kasan_unpoison+0x27/0x60 [ 88.507282][ T7288] __kmalloc_cache_noprof+0x33b/0x3e0 [ 88.507300][ T7288] ? kvm_hv_vcpu_init+0xa4/0x7a0 [ 88.507327][ T7288] kvm_hv_vcpu_init+0xa4/0x7a0 [ 88.507341][ T7288] kvm_hv_get_msr_common+0xfe/0x1a90 [ 88.507356][ T7288] ? __pfx_kvm_hv_get_msr_common+0x10/0x10 [ 88.507380][ T7288] kvm_get_msr_common+0x13bf/0x2370 [ 88.507404][ T7288] vmx_get_msr+0x7c0/0x1330 [ 88.507424][ T7288] __kvm_get_msr+0x23b/0x310 [ 88.507443][ T7288] ? __pfx___kvm_get_msr+0x10/0x10 [ 88.507472][ T7288] kvm_get_msr_ignored_check+0x30/0x430 [ 88.507498][ T7288] ? __pfx_do_get_msr+0x10/0x10 [ 88.507521][ T7288] msr_io+0x17e/0x2a0 [ 88.507539][ T7288] ? __pfx_msr_io+0x10/0x10 [ 88.507550][ T7288] ? arch_stack_walk+0xa6/0x100 [ 88.507570][ T7288] kvm_arch_vcpu_ioctl+0x7fb/0x5120 [ 88.507585][ T7288] ? kvm_arch_vcpu_ioctl+0x7d2/0x5120 [ 88.507603][ T7288] ? stack_trace_save+0x8e/0xc0 [ 88.507624][ T7288] ? stack_depot_save_flags+0x28/0xa40 [ 88.507643][ T7288] ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10 [ 88.507658][ T7288] ? __lock_acquire+0xb8a/0x1c90 [ 88.507685][ T7288] ? kasan_save_stack+0x42/0x60 [ 88.507702][ T7288] ? kasan_save_stack+0x33/0x60 [ 88.507719][ T7288] ? kasan_save_track+0x14/0x30 [ 88.507737][ T7288] ? kasan_save_free_info+0x3b/0x60 [ 88.507752][ T7288] ? __kasan_slab_free+0x51/0x70 [ 88.507771][ T7288] ? kfree+0x2b4/0x4d0 [ 88.507783][ T7288] ? tomoyo_path_number_perm+0x470/0x580 [ 88.507799][ T7288] ? security_file_ioctl+0x9b/0x240 [ 88.507820][ T7288] ? __x64_sys_ioctl+0xb7/0x210 [ 88.507837][ T7288] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.507857][ T7288] ? __lock_acquire+0xb8a/0x1c90 [ 88.507888][ T7288] ? __mutex_trylock_common+0xe9/0x250 [ 88.507909][ T7288] ? __pfx___mutex_trylock_common+0x10/0x10 [ 88.507935][ T7288] ? __pfx___might_resched+0x10/0x10 [ 88.507956][ T7288] ? rcu_is_watching+0x12/0xc0 [ 88.507975][ T7288] ? trace_contention_end+0xdd/0x130 [ 88.507998][ T7288] ? __mutex_lock+0x1ca/0xb90 [ 88.508021][ T7288] ? kvm_vcpu_ioctl+0x280/0x1690 [ 88.508041][ T7288] ? __pfx___mutex_lock+0x10/0x10 [ 88.508073][ T7288] ? tomoyo_path_number_perm+0x18d/0x580 [ 88.508095][ T7288] ? kvm_vcpu_ioctl+0x1236/0x1690 [ 88.508107][ T7288] kvm_vcpu_ioctl+0x1236/0x1690 [ 88.508130][ T7288] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 88.508155][ T7288] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 88.508186][ T7288] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 88.508212][ T7288] ? hook_file_ioctl_common+0x145/0x410 [ 88.508235][ T7288] ? selinux_file_ioctl+0x180/0x270 [ 88.508254][ T7288] ? selinux_file_ioctl+0xb4/0x270 [ 88.508277][ T7288] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 88.508296][ T7288] __x64_sys_ioctl+0x18e/0x210 [ 88.508319][ T7288] do_syscall_64+0xcd/0x4c0 [ 88.508341][ T7288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.508357][ T7288] RIP: 0033:0x7f8ac118e929 [ 88.508371][ T7288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.508386][ T7288] RSP: 002b:00007f8ac203a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 88.508402][ T7288] RAX: ffffffffffffffda RBX: 00007f8ac13b5fa0 RCX: 00007f8ac118e929 [ 88.508413][ T7288] RDX: 0000200000000040 RSI: 00000000c008ae88 RDI: 0000000000000005 [ 88.508421][ T7288] RBP: 00007f8ac203a090 R08: 0000000000000000 R09: 0000000000000000 [ 88.508427][ T7288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.508436][ T7288] R13: 0000000000000000 R14: 00007f8ac13b5fa0 R15: 00007fff74dc2dd8 [ 88.508459][ T7288] [ 88.681269][ T7286] Buffer I/O error on dev loop6, logical block 0, async page read [ 88.684919][ T6225] Buffer I/O error on dev loop6, logical block 0, async page read [ 88.689168][ T7286] Buffer I/O error on dev loop6, logical block 0, async page read [ 88.692475][ T6225] Buffer I/O error on dev loop6, logical block 0, async page read [ 88.698810][ T6225] Buffer I/O error on dev loop6, logical block 0, async page read [ 88.702706][ T6225] Buffer I/O error on dev loop6, logical block 0, async page read [ 88.706351][ T6225] Buffer I/O error on dev loop6, logical block 0, async page read [ 88.710522][ T6225] Buffer I/O error on dev loop6, logical block 3, async page read [ 88.727867][ T7303] netlink: 12 bytes leftover after parsing attributes in process `syz.5.293'. [ 88.895506][ T7320] macvlan2: entered promiscuous mode [ 88.899374][ T7320] macvlan2: entered allmulticast mode [ 89.036063][ T6007] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 89.083903][ T7345] netlink: 'syz.1.310': attribute type 5 has an invalid length. [ 89.168787][ T6007] usb 7-1: device descriptor read/64, error -71 [ 89.184778][ T7340] netlink: 'syz.5.308': attribute type 10 has an invalid length. [ 89.275993][ T5952] Bluetooth: hci3: command 0x0419 tx timeout [ 89.276022][ T5303] Bluetooth: hci2: command 0x0419 tx timeout [ 89.405930][ T6007] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 89.536923][ T6007] usb 7-1: device descriptor read/64, error -71 [ 89.647818][ T7386] syz.5.327: attempt to access beyond end of device [ 89.647818][ T7386] nbd5: rw=0, sector=6, nr_sectors = 2 limit=0 [ 89.648291][ T6007] usb usb7-port1: attempt power cycle [ 89.651673][ T7386] ADFS-fs (nbd5): error: unable to read block 3, try 0 [ 89.659352][ T7386] netlink: 248 bytes leftover after parsing attributes in process `syz.5.327'. [ 89.875254][ T7398] hsr0: entered promiscuous mode [ 89.877888][ T7398] macsec1: entered allmulticast mode [ 89.879820][ T7398] hsr0: entered allmulticast mode [ 89.881508][ T7398] hsr_slave_0: entered allmulticast mode [ 89.883438][ T7398] hsr_slave_1: entered allmulticast mode [ 90.008186][ T6007] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 90.027351][ T6007] usb 7-1: device descriptor read/8, error -71 [ 90.076914][ T7407] tmpfs: Bad value for 'mpol' [ 90.118867][ T7408] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 90.131842][ T7411] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 90.266124][ T6007] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 90.286614][ T6007] usb 7-1: device descriptor read/8, error -71 [ 90.354302][ T7417] FAULT_INJECTION: forcing a failure. [ 90.354302][ T7417] name failslab, interval 1, probability 0, space 0, times 0 [ 90.359949][ T7417] CPU: 2 UID: 0 PID: 7417 Comm: syz.3.338 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 90.359975][ T7417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.359986][ T7417] Call Trace: [ 90.359992][ T7417] [ 90.359998][ T7417] dump_stack_lvl+0x16c/0x1f0 [ 90.360034][ T7417] should_fail_ex+0x512/0x640 [ 90.360058][ T7417] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 90.360080][ T7417] should_failslab+0xc2/0x120 [ 90.360106][ T7417] __kmalloc_cache_noprof+0x6a/0x3e0 [ 90.360125][ T7417] ? kasan_quarantine_put+0x10a/0x240 [ 90.360146][ T7417] ? p9_client_stat+0x97/0x250 [ 90.360166][ T7417] p9_client_stat+0x97/0x250 [ 90.360181][ T7417] ? __pfx_p9_client_stat+0x10/0x10 [ 90.360206][ T7417] v9fs_inode_from_fid+0x76/0x550 [ 90.360228][ T7417] ? __pfx_v9fs_inode_from_fid+0x10/0x10 [ 90.360251][ T7417] ? v9fs_fid_lookup+0xe9/0xeb0 [ 90.360272][ T7417] v9fs_vfs_lookup+0x480/0x5b0 [ 90.360294][ T7417] ? __pfx_v9fs_vfs_lookup+0x10/0x10 [ 90.360314][ T7417] ? selinux_determine_inode_label+0x2b8/0x400 [ 90.360343][ T7417] ? may_create+0x286/0x440 [ 90.360370][ T7417] v9fs_vfs_atomic_open+0x4cc/0x920 [ 90.360394][ T7417] ? __pfx_v9fs_vfs_atomic_open+0x10/0x10 [ 90.360417][ T7417] ? security_inode_permission+0xbf/0x260 [ 90.360443][ T7417] ? __pfx_v9fs_vfs_atomic_open+0x10/0x10 [ 90.360467][ T7417] lookup_open.isra.0+0x83d/0x1580 [ 90.360494][ T7417] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 90.360528][ T7417] ? __pfx_down_write+0x10/0x10 [ 90.360544][ T7417] ? mnt_get_write_access+0x20c/0x300 [ 90.360567][ T7417] path_openat+0x893/0x2cb0 [ 90.360599][ T7417] ? __pfx_path_openat+0x10/0x10 [ 90.360624][ T7417] ? __lock_acquire+0xb8a/0x1c90 [ 90.360655][ T7417] do_filp_open+0x20b/0x470 [ 90.360678][ T7417] ? __pfx_do_filp_open+0x10/0x10 [ 90.360721][ T7417] ? alloc_fd+0x471/0x7d0 [ 90.360752][ T7417] do_sys_openat2+0x11b/0x1d0 [ 90.360769][ T7417] ? __pfx_do_sys_openat2+0x10/0x10 [ 90.360788][ T7417] ? __fget_files+0x20e/0x3c0 [ 90.360816][ T7417] __x64_sys_openat+0x174/0x210 [ 90.360832][ T7417] ? __pfx___x64_sys_openat+0x10/0x10 [ 90.360849][ T7417] ? ksys_write+0x1ac/0x250 [ 90.360879][ T7417] do_syscall_64+0xcd/0x4c0 [ 90.360907][ T7417] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.360925][ T7417] RIP: 0033:0x7f9a8858e929 [ 90.360940][ T7417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.360958][ T7417] RSP: 002b:00007f9a893ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 90.360976][ T7417] RAX: ffffffffffffffda RBX: 00007f9a887b5fa0 RCX: 00007f9a8858e929 [ 90.360986][ T7417] RDX: 000000000000275a RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 90.360997][ T7417] RBP: 00007f9a893ae090 R08: 0000000000000000 R09: 0000000000000000 [ 90.361007][ T7417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 90.361017][ T7417] R13: 0000000000000000 R14: 00007f9a887b5fa0 R15: 00007ffe826f98c8 [ 90.361046][ T7417] [ 90.362995][ T7419] tmpfs: Unknown parameter 'usrquota5eUhK`ė­/8s7+E^a@vz>/' [ 90.396011][ T6007] usb usb7-port1: unable to enumerate USB device [ 90.613954][ T7427] kAFS: unparsable volume name [ 90.623060][ T7427] kAFS: unparsable volume name [ 90.681955][ T7438] cgroup: noprefix used incorrectly [ 90.702067][ T7434] FAULT_INJECTION: forcing a failure. [ 90.702067][ T7434] name failslab, interval 1, probability 0, space 0, times 0 [ 90.706052][ T7434] CPU: 0 UID: 0 PID: 7434 Comm: syz.3.346 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 90.706068][ T7434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.706075][ T7434] Call Trace: [ 90.706080][ T7434] [ 90.706084][ T7434] dump_stack_lvl+0x16c/0x1f0 [ 90.706104][ T7434] should_fail_ex+0x512/0x640 [ 90.706119][ T7434] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 90.706134][ T7434] should_failslab+0xc2/0x120 [ 90.706150][ T7434] __kmalloc_cache_noprof+0x6a/0x3e0 [ 90.706162][ T7434] ? __percpu_counter_init_many+0x2c1/0x3b0 [ 90.706175][ T7434] ? io_uring_alloc_task_context+0x469/0x650 [ 90.706195][ T7434] io_uring_alloc_task_context+0x469/0x650 [ 90.706213][ T7434] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 90.706231][ T7434] ? lockdep_hardirqs_on+0x7c/0x110 [ 90.706250][ T7434] io_sq_offload_create+0xd9e/0x1330 [ 90.706267][ T7434] ? __pfx_io_sq_offload_create+0x10/0x10 [ 90.706284][ T7434] ? bpf_lsm_capable+0x9/0x10 [ 90.706295][ T7434] ? security_capable+0x7e/0x260 [ 90.706310][ T7434] io_uring_setup+0x1514/0x2120 [ 90.706324][ T7434] ? __pfx_io_uring_setup+0x10/0x10 [ 90.706346][ T7434] ? ksys_write+0x1ac/0x250 [ 90.706360][ T7434] ? __pfx_ksys_write+0x10/0x10 [ 90.706376][ T7434] __x64_sys_io_uring_setup+0xc2/0x170 [ 90.706389][ T7434] do_syscall_64+0xcd/0x4c0 [ 90.706408][ T7434] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.706419][ T7434] RIP: 0033:0x7f9a8858e929 [ 90.706429][ T7434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.706440][ T7434] RSP: 002b:00007f9a893ae038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 90.706450][ T7434] RAX: ffffffffffffffda RBX: 00007f9a887b5fa0 RCX: 00007f9a8858e929 [ 90.706457][ T7434] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000004d25 [ 90.706463][ T7434] RBP: 00007f9a893ae090 R08: 0000000000000000 R09: 0000000000000000 [ 90.706469][ T7434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 90.706475][ T7434] R13: 0000000000000000 R14: 00007f9a887b5fa0 R15: 00007ffe826f98c8 [ 90.706488][ T7434] [ 90.708019][ T7434] ------------[ cut here ]------------ [ 90.775299][ T7434] ODEBUG: free active (active state 1) object: ffff888024829790 object type: rcu_head hint: 0x0 [ 90.779806][ T7434] WARNING: CPU: 1 PID: 7434 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 [ 90.783847][ T7434] Modules linked in: [ 90.788056][ T7434] CPU: 1 UID: 0 PID: 7434 Comm: syz.3.346 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 90.793170][ T7434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.798200][ T7434] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 90.801137][ T7434] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 00 8a 15 8c 4c 89 e6 48 c7 c7 80 7e 15 8c e8 bf 33 99 fc 90 <0f> 0b 90 90 58 83 05 56 99 c6 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 90.808104][ T7434] RSP: 0018:ffffc90003967a78 EFLAGS: 00010282 [ 90.810066][ T7434] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817ae248 [ 90.812528][ T7434] RDX: ffff88802482a440 RSI: ffffffff817ae255 RDI: 0000000000000001 [ 90.814945][ T7434] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 90.817994][ T7434] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c158520 [ 90.820457][ T7434] R13: ffffffff8baeb4a0 R14: 0000000000000000 R15: ffffc90003967b78 [ 90.822950][ T7434] FS: 00007f9a893ae6c0(0000) GS:ffff8880d6853000(0000) knlGS:0000000000000000 [ 90.825922][ T7434] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.827994][ T7434] CR2: 0000200000337000 CR3: 0000000026676000 CR4: 0000000000352ef0 [ 90.830488][ T7434] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 90.833372][ T7434] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 90.836071][ T7434] Call Trace: [ 90.837127][ T7434] [ 90.838092][ T7434] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 90.839950][ T7434] debug_check_no_obj_freed+0x4b7/0x600 [ 90.841745][ T7434] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 90.843722][ T7434] ? __memcg_slab_free_hook+0xd0/0x5d0 [ 90.845447][ T7434] ? __memcg_slab_free_hook+0xda/0x5d0 [ 90.847969][ T7434] kmem_cache_free+0x2ac/0x4d0 [ 90.849488][ T7434] ? io_sq_offload_create+0xe4b/0x1330 [ 90.851309][ T7434] ? io_sq_offload_create+0xe24/0x1330 [ 90.853020][ T7434] io_sq_offload_create+0xe4b/0x1330 [ 90.854786][ T7434] ? io_sq_offload_create+0xe24/0x1330 [ 90.857184][ T7434] ? __pfx_io_sq_offload_create+0x10/0x10 [ 90.859073][ T7434] ? bpf_lsm_capable+0x9/0x10 [ 90.860598][ T7434] ? security_capable+0x7e/0x260 [ 90.862293][ T7434] io_uring_setup+0x1514/0x2120 [ 90.864369][ T7434] ? __pfx_io_uring_setup+0x10/0x10 [ 90.866665][ T7434] ? ksys_write+0x1ac/0x250 [ 90.868592][ T7434] ? __pfx_ksys_write+0x10/0x10 [ 90.870662][ T7434] __x64_sys_io_uring_setup+0xc2/0x170 [ 90.872942][ T7434] do_syscall_64+0xcd/0x4c0 [ 90.875324][ T7434] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.878344][ T7434] RIP: 0033:0x7f9a8858e929 [ 90.880851][ T7434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.888789][ T7434] RSP: 002b:00007f9a893ae038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 90.892304][ T7434] RAX: ffffffffffffffda RBX: 00007f9a887b5fa0 RCX: 00007f9a8858e929 [ 90.896217][ T7434] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000004d25 [ 90.899537][ T7434] RBP: 00007f9a893ae090 R08: 0000000000000000 R09: 0000000000000000 [ 90.902829][ T7434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 90.906216][ T7434] R13: 0000000000000000 R14: 00007f9a887b5fa0 R15: 00007ffe826f98c8 [ 90.909507][ T7434] [ 90.911384][ T7434] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 90.914400][ T7434] CPU: 1 UID: 0 PID: 7434 Comm: syz.3.346 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) [ 90.919351][ T7434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.923815][ T7434] Call Trace: [ 90.925237][ T7434] [ 90.926528][ T7434] dump_stack_lvl+0x3d/0x1f0 [ 90.928491][ T7434] panic+0x71c/0x800 [ 90.930167][ T7434] ? __pfx_panic+0x10/0x10 [ 90.932059][ T7434] ? show_trace_log_lvl+0x29b/0x3e0 [ 90.934260][ T7434] ? check_panic_on_warn+0x1f/0xb0 [ 90.936415][ T7434] ? debug_print_object+0x1a2/0x2b0 [ 90.938625][ T7434] check_panic_on_warn+0xab/0xb0 [ 90.940732][ T7434] __warn+0xf6/0x3c0 [ 90.942418][ T7434] ? debug_print_object+0x1a2/0x2b0 [ 90.944599][ T7434] report_bug+0x3c3/0x580 [ 90.946441][ T7434] ? debug_print_object+0x1a2/0x2b0 [ 90.948628][ T7434] handle_bug+0x184/0x210 [ 90.950463][ T7434] exc_invalid_op+0x17/0x50 [ 90.952375][ T7434] asm_exc_invalid_op+0x1a/0x20 [ 90.954451][ T7434] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 90.956826][ T7434] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 00 8a 15 8c 4c 89 e6 48 c7 c7 80 7e 15 8c e8 bf 33 99 fc 90 <0f> 0b 90 90 58 83 05 56 99 c6 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 90.964544][ T7434] RSP: 0018:ffffc90003967a78 EFLAGS: 00010282 [ 90.967075][ T7434] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817ae248 [ 90.970339][ T7434] RDX: ffff88802482a440 RSI: ffffffff817ae255 RDI: 0000000000000001 [ 90.973579][ T7434] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 90.976850][ T7434] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c158520 [ 90.980023][ T7434] R13: ffffffff8baeb4a0 R14: 0000000000000000 R15: ffffc90003967b78 [ 90.983138][ T7434] ? __warn_printk+0x198/0x350 [ 90.985089][ T7434] ? __warn_printk+0x1a5/0x350 [ 90.987046][ T7434] ? debug_print_object+0x1a1/0x2b0 [ 90.989144][ T7434] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 90.991587][ T7434] debug_check_no_obj_freed+0x4b7/0x600 [ 90.993909][ T7434] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 90.996434][ T7434] ? __memcg_slab_free_hook+0xd0/0x5d0 [ 90.998730][ T7434] ? __memcg_slab_free_hook+0xda/0x5d0 [ 91.001027][ T7434] kmem_cache_free+0x2ac/0x4d0 [ 91.003078][ T7434] ? io_sq_offload_create+0xe4b/0x1330 [ 91.005092][ T7434] ? io_sq_offload_create+0xe24/0x1330 [ 91.006867][ T7434] io_sq_offload_create+0xe4b/0x1330 [ 91.008581][ T7434] ? io_sq_offload_create+0xe24/0x1330 [ 91.010319][ T7434] ? __pfx_io_sq_offload_create+0x10/0x10 [ 91.012113][ T7434] ? bpf_lsm_capable+0x9/0x10 [ 91.013635][ T7434] ? security_capable+0x7e/0x260 [ 91.015263][ T7434] io_uring_setup+0x1514/0x2120 [ 91.016896][ T7434] ? __pfx_io_uring_setup+0x10/0x10 [ 91.018618][ T7434] ? ksys_write+0x1ac/0x250 [ 91.020083][ T7434] ? __pfx_ksys_write+0x10/0x10 [ 91.021674][ T7434] __x64_sys_io_uring_setup+0xc2/0x170 [ 91.023476][ T7434] do_syscall_64+0xcd/0x4c0 [ 91.024994][ T7434] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.026973][ T7434] RIP: 0033:0x7f9a8858e929 [ 91.028388][ T7434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.034512][ T7434] RSP: 002b:00007f9a893ae038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 91.037099][ T7434] RAX: ffffffffffffffda RBX: 00007f9a887b5fa0 RCX: 00007f9a8858e929 [ 91.039618][ T7434] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000004d25 [ 91.042116][ T7434] RBP: 00007f9a893ae090 R08: 0000000000000000 R09: 0000000000000000 [ 91.044630][ T7434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 91.047255][ T7434] R13: 0000000000000000 R14: 00007f9a887b5fa0 R15: 00007ffe826f98c8 [ 91.049790][ T7434] [ 91.051469][ T7434] Kernel Offset: disabled [ 91.052897][ T7434] Rebooting in 86400 seconds.. VM DIAGNOSIS: 19:17:36 Registers: info registers vcpu 0 CPU#0 RAX=ffffffff9adc7800 RBX=0000000000000001 RCX=0000000000000002 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff8e5c4840 RBP=ffff888030714880 RSP=ffffc9000169f928 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000002 R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff81985797 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f12862a0c80 ffffffff 00c00000 GS =0000 ffff8880d6753000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000001000 CR3=000000003074c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000f0400000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055df581c4600 000055df581c4600 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffee41d9ad0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 31363a632e737463 656a626f67756265 642f62696c207461 2034333437203a44 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3834203130203938 2034362038642037 6620666620666620 6666203861203163 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2037632038342033 6320313020333720 6666206666203066 203130206433203e ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 38343c2035302066 3020383020343220 6334206238206334 2038632039382064 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3420326320393820 6434206163203938 2038342036642039 3820383420376620 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000035 RBX=0000000000000000 RCX=ffffffff87c2d37f RDX=ffff88802482a440 RSI=ffffffff8160258c RDI=0000000000000000 RBP=0000000000000035 RSP=ffffc900006a0b58 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000026 R11=0000000000000001 R12=0000000000000006 R13=0000000000000000 R14=000000000000000a R15=0000000000000026 RIP=ffffffff81602592 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f9a893ae6c0 ffffffff 00c00000 GS =0000 ffff8880d6853000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000337000 CR3=0000000026676000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe826f9c50 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a88611b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a88611b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a88611b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a88611b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a88611bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a88611c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=ffffffff95d3fb00 RBX=0000000000000009 RCX=0000000000020000 RDX=0000000000000200 RSI=ffff88803206af58 RDI=ffff88803206a440 RBP=ffffc90003977a08 RSP=ffffc90003977970 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000028 R11=0000000000000001 R12=ffff88803206af58 R13=0000000000000200 R14=0000000000000000 R15=ffff88803206a440 RIP=ffffffff81984f3a RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000555581008500 ffffffff 00c00000 GS =0000 ffff8880d6953000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000337000 CR3=0000000026676000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a88611b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a88611b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a88611b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a88611b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a88611bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a88611c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a88784488 00007f9a88784480 00007f9a88784478 00007f9a88784450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a892ed100 00007f9a88784440 00007f9a88784458 0000000700080006 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a88784498 00007f9a88784490 00007f9a88784488 00007f9a88784480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000001 RBX=ffff88804930d280 RCX=ffffc900044e9000 RDX=0000000000080000 RSI=ffffffff81525d71 RDI=0000000000000005 RBP=1ffff92000a9ef0a RSP=ffffc900054f7838 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000200 R13=0000000000000001 R14=0000000000000001 R15=00000000000051ff RIP=ffffffff81525d8f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fecd8e826c0 ffffffff 00c00000 GS =0000 ffff8880d6a53000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fecd8e80568 CR3=00000000500eb000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000010000 0000000000030000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecd8011b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecd8011b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecd8011b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecd8011b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecd8011bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecd8011c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecd8184488 00007fecd8184480 00007fecd8184478 00007fecd8184450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecd8ced100 00007fecd8184440 00007fecd8184458 00007fecd81844a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecd8184498 00007fecd8184490 00007fecd8184488 00007fecd8184480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000