last executing test programs: 6.080550328s ago: executing program 0 (id=51): r0 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f00000001c0)=0x0, &(0x7f0000000040)=0x0) mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs\x00', &(0x7f0000001e00), 0x8800, &(0x7f0000000000)=ANY=[@ANYBLOB='max=+00']) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x48, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r3}}) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r6, 0xc0d05604, &(0x7f0000000040)={0x1, @vbi={0x2, 0x1000, 0x3, 0x3247504d, [0xfffffb65, 0x4], [0x8], 0x108}}) (async) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r7, &(0x7f0000000000), 0x208e24b) r8 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r8, &(0x7f0000000c80)=[{{&(0x7f0000000100)={0xa, 0x4e24, 0x1, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000800)=',', 0x1}], 0x1}}], 0x1, 0x0) (async) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r8, 0x84, 0x6, &(0x7f0000000340)={0x0, @in={{0x2, 0x4e24, @private=0xa010101}}}, 0x84) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0) (async) r9 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) ioctl$SOUND_MIXER_WRITE_RECSRC(r9, 0xc0044dff, &(0x7f0000000480)=0xffff8001) (async, rerun: 32) preadv(r7, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) (async, rerun: 32) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$vim2m_VIDIOC_QBUF(r6, 0xc058560f, &(0x7f00000004c0)=@multiplanar_userptr={0x9, 0x2, 0x4, 0x0, 0xfff, {0x77359400}, {0x4, 0x1, 0x5, 0x8, 0xae, 0x8, "e65aad36"}, 0xfffffffa, 0x2, {&(0x7f0000000280)=[{0x3, 0xffff, {&(0x7f0000000200)}, 0x2}, {0x6b8ff68, 0x8, {&(0x7f0000000240)}, 0x9b12}]}, 0x3, 0x0, r7}) (async, rerun: 64) r10 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (rerun: 64) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) (async, rerun: 64) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) (async, rerun: 64) ioctl$KVM_RUN(r10, 0xae80, 0x0) (async, rerun: 32) r11 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 32) sendmsg$NFULNL_MSG_CONFIG(r11, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, 0x1, 0x4, 0x401, 0x0, 0x0, {0x7, 0x0, 0x7}, [@NFULA_CFG_CMD={0x5, 0x1, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24004840}, 0x1080) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 5.790568074s ago: executing program 0 (id=63): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)={0x38, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x8, 0x3, 0x0, 0x1, [{0x4}]}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}]}]}, 0x38}}, 0x0) 5.710711327s ago: executing program 0 (id=65): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x2007, 0x6631, 0x9}) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) r2 = dup(r1) ioctl$TCSETAF(r2, 0x5408, &(0x7f0000000080)={0x4, 0x0, 0x0, 0x7, 0x4, "75429effa66f00"}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r0, 0xc01064c2, &(0x7f0000001440)={0x0, 0x1, r2}) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r0, 0x100000000) r3 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000100)='tasks\x00', 0x2, 0x0) readv(r3, &(0x7f00000013c0)=[{&(0x7f0000000140)=""/165, 0xa5}, {&(0x7f0000000200)=""/63, 0x3f}, {&(0x7f0000000240)=""/181, 0xb5}, {&(0x7f0000000300)=""/135, 0x87}, {&(0x7f00000003c0)=""/4096, 0x1000}], 0x5) syz_clone(0x0, 0x0, 0xff7a, 0x0, 0x0, 0x0) r4 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) setsockopt$packet_int(r4, 0x107, 0xb, &(0x7f00000000c0)=0x6, 0x4) 4.579469942s ago: executing program 0 (id=80): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, 0x0, 0x0) getsockopt$inet6_buf(r0, 0x29, 0x30, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_auto}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file1'}}]}) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = creat(0x0, 0x0) write(r1, 0x0, 0x0) write$uinput_user_dev(r1, 0x0, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fdinfo\x00') fchdir(r2) creat(&(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x1000000000006005, 0x1) r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x10) r4 = dup2(r3, r3) ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0xa, 0x8003, 0x0, 0x4}) ioctl$BLKTRACESETUP(r4, 0x1276, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) r5 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0) syz_usb_control_io(r5, 0x0, 0x0) r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ppoll(&(0x7f0000000080)=[{r6, 0x32b}], 0x1, &(0x7f0000000400), 0x0, 0x0) socket$kcm(0x29, 0x2, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) 3.140103954s ago: executing program 0 (id=99): r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x2c, r0, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0x18, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x200}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2002c041}, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') r3 = open(&(0x7f0000000080)='./bus\x00', 0x107842, 0x0) write$binfmt_script(r3, 0x0, 0xffffff3c) openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x40, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setsockopt$inet6_buf(r2, 0x29, 0x20, &(0x7f0000000000)="0bbb268d0200a808ed90cfcf000000000000210d0000aaa8fa017242ba9380d424000000000000002900000002000000", 0x30) 1.499689306s ago: executing program 2 (id=131): r0 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0) write$binfmt_elf32(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c466000002ed8e4f97765ce27b90300060000000000000000b738000000000035f4c38422a3bc8220000500000004020300b300000000002a002400b3d7c52ebf31a8d5c8c3c6cb00000009e500d5ffffff05ffffff03000000110000000d60390170f74f9ef4"], 0xd8) (async) write$binfmt_elf32(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c466000002ed8e4f97765ce27b90300060000000000000000b738000000000035f4c38422a3bc8220000500000004020300b300000000002a002400b3d7c52ebf31a8d5c8c3c6cb00000009e500d5ffffff05ffffff03000000110000000d60390170f74f9ef4"], 0xd8) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100)) (async) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100)) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) (async) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x1000000, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x1000000, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r4 = dup3(r3, r2, 0x0) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000005c0)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000040)) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000000)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x28, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000880)={@flat=@weak_handle={0x77682a85, 0x10b, 0x1}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x0, 0x1}, @fda={0x66646185, 0x2, 0xfffffffffffffffe, 0x2000000}}, &(0x7f0000000240)={0x0, 0x18, 0x40}}, 0x400}], 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r1, 0x80089419, &(0x7f00000001c0)) (async) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r1, 0x80089419, &(0x7f00000001c0)) ioctl$CDROM_CHANGER_NSLOTS(r1, 0x5328) 1.36046571s ago: executing program 2 (id=133): r0 = syz_open_dev$mouse(&(0x7f0000002800), 0x10000, 0x60040) ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, &(0x7f0000002a40)) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='percpu_alloc_percpu\x00', r2}, 0x10) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r5 = timerfd_create(0x0, 0x0) timerfd_settime(r5, 0x3, &(0x7f0000000140), 0x0) clock_adjtime(0x0, &(0x7f0000000000)={0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b9ac9ff}) timerfd_settime(r5, 0x3, &(0x7f0000000000)={{0x77359400}, {0x77359400}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='percpu_alloc_percpu\x00', r4}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) close(r3) 1.358756266s ago: executing program 2 (id=134): openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0xd5) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000848000/0x4000)=nil, 0x4000, 0x17) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) pipe2(&(0x7f0000000040), 0x4000) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) r3 = dup3(r2, r1, 0x80000) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 1.265922857s ago: executing program 2 (id=135): mkdir(&(0x7f00000000c0)='./file0\x00', 0x122) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000001bc0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@bridge_dellink={0x34, 0x13, 0x5, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x4, 0x0, 0x1, {0xc, 0x3, 0x0, 0x1, [{0x8, 0x1}]}}]}]}, 0x34}}, 0x0) quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000440)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000540)='./file0/../file0\x00') r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240), 0xffffffffffffffff) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) write$binfmt_aout(r5, &(0x7f0000000180)=ANY=[], 0xff2e) ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"}) r6 = syz_open_pts(r5, 0x0) r7 = dup3(r6, r5, 0x0) ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000000)=0x12) r8 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r9 = dup(r8) write$6lowpan_enable(r9, &(0x7f0000000000)='0', 0xfffffd2c) r10 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r9}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r11, r12, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r10, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r13 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) read$nci(r13, 0x0, 0x0) r14 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ioctl$TCSETS(r5, 0x5402, &(0x7f0000000100)={0x8, 0x6, 0x1, 0x8, 0x5, "42ba1ebc79d4a455f226f9d36eace7ba612233"}) write$UHID_CREATE2(r14, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r14, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8924, &(0x7f00000000c0)={'wlan0\x00', @local}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x8000000, 0x6, 0x7ff, 0x460e, r7, 0x9, '\x00', 0x0, r14, 0x5, 0x0, 0x3, 0xf, @void, @value, @void, @value}, 0x50) sendmsg$TIPC_CMD_SET_LINK_TOL(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x68, r4, 0x1, 0x70bd26, 0x25dfdbfd, {{}, {}, {0x4c, 0x18, {0xf0, @media='ib\x00'}}}}, 0x68}, 0x1, 0x0, 0x0, 0x40841}, 0x400c8d0) 570.517903ms ago: executing program 1 (id=148): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) write$qrtrtun(r1, &(0x7f0000000180)="5354f8ea90d169190124029ec15b0bdb3bace5e97aa3524acd51bf8a1a950e8e16c6453317d5064b84296e1e458c5798a9b1a5db936d9b0be376a92a2fc30fe1b97e65678b6e723eaafca593ea9aa9e1dff0cce2ef931162a17f979916", 0x5d) write$qrtrtun(r1, &(0x7f0000000300)="25375468d806d8f5816b445fb370e854ee95642b03712ea8a1fefe9858217350a60bd72487386e5fed8ee07cb6f6b4ecc8fa57dfe088cc678b", 0x39) write$qrtrtun(r1, &(0x7f0000000640)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e8466e6f5f76e0e4e781bfca4c928c956321dd514877569805db6602f1584a8bd051f13bad8bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26ce40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a6b657ff95930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299deb9eddb917fc0070600406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d00000000009d4bbd821684ef8356985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725416101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c5", 0x22c) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x1}}, 0x40) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) r5 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r4, @ANYBLOB="00000000000000601c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0) 518.997347ms ago: executing program 1 (id=151): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000340)={0x0, 0x1, 0x9d, 0x0, @vifc_lcl_ifindex, @private}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = accept4$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14, 0x80800) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = userfaultfd(0x1) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000000)) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0) preadv(r6, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="300000102a100bdf00000000ffc4df250800000008000300", @ANYRES32=r2, @ANYBLOB="14001c0000000000000000000000000000000001"], 0x30}, 0x1, 0x0, 0x0, 0xc8c5}, 0x4000050) 420.456915ms ago: executing program 3 (id=153): openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0xd5) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000848000/0x4000)=nil, 0x4000, 0x17) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) pipe2(&(0x7f0000000040), 0x4000) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(0xffffffffffffffff, r1, 0x80000) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 420.197439ms ago: executing program 2 (id=154): r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000000)={0x0, 0xcd64, 0x30, 0xd, 0x8000000000000000}, &(0x7f0000000040)=0x18) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000100)={r1, 0xb}, &(0x7f0000000140)=0x8) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x2, 0x330, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000580], 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000002000000000000feffffff0100000019000000000000000000726f7365300000000000000000000000726f736530000000cc002000000000007465616d5f736c6176655f310000000064756d6d7930000000000000000000000180c2000000000000000000ffffffffffff0000000000000000d00000000801000038010000706b74747970650000000000000000000000000000000000000000000000000008000000000000000000000000000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000006d61726b0000000000000000000000000000000000000000000000000000000010000000000000000000000000000000ddffffff00000000726564697265637400000000396c27db39b2eedb0000000000000000000000000800000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0100000003000000000000008b357665746831000000000000000000000074756e6c30000000000000000000000074756e6c300000000005000000000000006c616e300000000000000000000000aaaaaaaaaabb000000000000aaaaaaaaaa0000000000000000000001000000010000380100006367726f75700000000000000000000000000000000000000000000000000000080000000000000000000000000000006172700000000000000000000000000000000000000000000000000000000000380000000000000000000000000000000000000000000b00007f0000010000000072ce35f34121000000000000000000000000000000000000eaffffff00000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000fdffffff000000"]}, 0x3a8) 360.6301ms ago: executing program 3 (id=155): bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff02000000ffa0000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef) 280.944ms ago: executing program 2 (id=156): r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) move_pages(0x0, 0x10, &(0x7f0000000140)=[&(0x7f0000000000/0x1000)=nil], &(0x7f0000000040)=[0x1], 0x0, 0x0) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='batadv0\x00', 0x10) sendto$inet6(r2, &(0x7f0000000140)="8f06bca2", 0x4, 0x3b00, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0x4) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000bc0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r3, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000040)={0x44, r4, 0x1, 0x70bd29, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_SEC_OUT_KEY_ID={0x28, 0x2b, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x1c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}]}]}]}, 0x44}}, 0x0) r6 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) ioctl$NBD_DO_IT(r0, 0xab03) memfd_create(0x0, 0x5) ioctl$NBD_CLEAR_SOCK(r6, 0xab04) 277.301766ms ago: executing program 3 (id=157): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x5be7, 0x4) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @empty}, 0x10) syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000800), 0x2, 0x0) ioctl$VIDIOC_TRY_ENCODER_CMD(r2, 0xc028564e, &(0x7f0000000000)={0x1, 0x1, [0x6, 0x1, 0x1, 0x451, 0x4, 0x80000000, 0xffffffff, 0xe]}) r3 = socket(0x1, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800e000100697036677265746170000000080002800400120008000300", @ANYRES32=r4, @ANYBLOB="5b763a91c3574ebd59fdf4b75e11f70cd18d6a155f5119c3e50a267367def94522cc3a942004f8a866c3ad570e41da03150ef0f7f31026935addc214ba2af7de4dab22347f0be34d4afdab9688289871e15a2e37dfa30b60426e84cdc57c483f0b01a87c1d7045c7d73beeee74686079573a808e6d5ede3d3a"], 0x44}}, 0x0) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) 151.012823ms ago: executing program 1 (id=158): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=@newlink={0x34, 0x10, 0x40d, 0x70bd2a, 0x4, {0x0, 0x0, 0x0, 0x0, 0x20021}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x1611}, 0x10) 150.859266ms ago: executing program 3 (id=159): r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) (async) madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19) (async, rerun: 64) syz_clone(0x40000, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64) ioctl$I2C_PEC(r0, 0x708, 0x40) (async, rerun: 32) ioctl$I2C_SMBUS(r0, 0x720, &(0x7f0000000100)={0x0, 0x0, 0x2, &(0x7f0000000040)={0x0, "0a0dffbff342de086d0ecd551ee7b16eab815e6234c7dece48bacf6f78c7da6647"}}) (rerun: 32) 80.220913ms ago: executing program 0 (id=160): r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) move_pages(r1, 0x1, &(0x7f0000000740)=[&(0x7f00007c7000/0x3000)=nil], 0x0, 0x0, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0) r5 = dup3(r3, r4, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)=@nat={'nat\x00', 0x19, 0x1, 0x1b8, [0x20000080, 0x0, 0x0, 0x200000b0, 0x20000208], 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="000000000000a2da8114a0c26fbc00000003000a1000000000000000000000000000000000000000ffffffff00000000000000000000000a065f18a00f8b822400000000000000007fffffff000000000000020000000000ffffffff0100000003000000000000000000726f736530020000000000000000000069705f767469300000000000000000fc687064647001003800000000000000007465716c30000000000000000000eddcaaaaaaaaaa00fffffff35d6e000005ffffef00020000ddff0000f0000000f0000000280100003830325f33000000000dbf057b31e34dc6000000000000000000000000bf0600080000000000000000000180000003006e666163637400000000fbfaffffffffffffff0008000000000000bbf90000002800000000000000737905000000000000001eb21ad800000000050000000000000000000000000000000000000300"]}, 0x1c7) ioctl$MON_IOCG_STATS(r5, 0xc0109207, &(0x7f00000001c0)) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_COMPAT_GET(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0xb, 0x301, 0x0, 0x0, {0x3, 0x0, 0x3}, [@NFTA_COMPAT_TYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44000}, 0x20044012) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r8 = dup(r7) ioctl$KVM_SET_MSRS(r8, 0x4018aee2, &(0x7f0000000040)=ANY=[]) bind$bt_hci(r8, &(0x7f0000000240)={0x1f, 0xffff, 0x4}, 0x6) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x37, 0x301, 0x270bd20, 0x25dfdbfc, {0x9}}, 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x4) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x23, &(0x7f0000000180)=0xffffdd40, 0x4) write$bt_hci(r2, &(0x7f0000000040)={0x1, @remote_oob_data_neg_reply={{0x433, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}}}, 0xa) recvmmsg(r2, &(0x7f0000000600), 0x204083acb88ff8b, 0x2, 0x0) 79.403998ms ago: executing program 1 (id=161): r0 = syz_open_dev$mouse(&(0x7f0000002800), 0x10000, 0x60040) ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, &(0x7f0000002a40)) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='percpu_alloc_percpu\x00', r2}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = timerfd_create(0x0, 0x0) timerfd_settime(r4, 0x3, &(0x7f0000000140), 0x0) clock_adjtime(0x0, &(0x7f0000000000)={0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b9ac9ff}) timerfd_settime(r4, 0x3, &(0x7f0000000000)={{0x77359400}, {0x77359400}}, 0x0) close(r3) 79.008531ms ago: executing program 3 (id=162): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) write$qrtrtun(r1, &(0x7f0000000180)="5354f8ea90d169190124029ec15b0bdb3bace5e97aa3524acd51bf8a1a950e8e16c6453317d5064b84296e1e458c5798a9b1a5db936d9b0be376a92a2fc30fe1b97e65678b6e723eaafca593ea9aa9e1dff0cce2ef931162a17f979916", 0x5d) write$qrtrtun(r1, &(0x7f0000000300)="25375468d806d8f5816b445fb370e854ee95642b03712ea8a1fefe9858217350a60bd72487386e5fed8ee07cb6f6b4ecc8fa57dfe088cc678b", 0x39) write$qrtrtun(r1, &(0x7f0000000640)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e8466e6f5f76e0e4e781bfca4c928c956321dd514877569805db6602f1584a8bd051f13bad8bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26ce40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a6b657ff95930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299deb9eddb917fc0070600406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d00000000009d4bbd821684ef8356985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725416101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c5", 0x22c) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x1}}, 0x40) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) r5 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r4, @ANYBLOB="00000000000058651c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0) 78.82517ms ago: executing program 1 (id=163): openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0xd5) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000848000/0x4000)=nil, 0x4000, 0x17) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) pipe2(&(0x7f0000000040), 0x4000) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(0xffffffffffffffff, r1, 0x80000) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 246.348µs ago: executing program 3 (id=164): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b05, &(0x7f0000000000)={'wlan1\x00'}) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x0, 0x0) r1 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000280)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, &(0x7f00000002c0)={0x0}) r4 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r4, 0xc00864bf, &(0x7f0000000140)={0x0}) syz_usb_connect$hid(0x4, 0x3f, &(0x7f00000003c0)=ANY=[@ANYBLOB="1201000000000040ac053f0200000000000109022d00fb0000000609040000410b00000009210000000122230609058103000020000509050203ff03047f003f6aef84bf3d74aa928bffbf800cfd03813b31ac9d12f03024f3e3b6fde9bdc965bafc5fb4a7ab5243ed7daad24aa6666b953c66d920dd7438"], 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r6 = syz_io_uring_setup(0x6440, &(0x7f0000000240)={0x0, 0x49cb, 0x10100, 0x1, 0x193}, &(0x7f0000000600)=0x0, &(0x7f0000000540)=0x0) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r9, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r9, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r6, 0x2d3e, 0x0, 0x0, 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_WAIT(r4, 0xc02864c3, &(0x7f0000000080)={&(0x7f0000000000)=[r5], 0x80000000002, 0x4000000000000370, 0xb}) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(r1, 0xc01064c5, &(0x7f0000000340)={&(0x7f0000000300)=[r2, r3, r5], 0x3}) mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f0000000200), 0x80000, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./control\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@redirect_dir_off}, {@redirect_dir_nofollow}, {@metacopy_off}], [{@fsmagic={'fsmagic', 0x3d, 0x7}}, {@smackfshat}, {@obj_type={'obj_type', 0x3d, '#\x00'}}, {@appraise_type}, {@smackfsfloor}, {@smackfshat={'smackfshat', 0x3d, '\x0f'}}, {@obj_user={'obj_user', 0x3d, ')%*'}}, {@seclabel}]}) 0s ago: executing program 1 (id=165): r0 = socket(0x10, 0x803, 0x0) r1 = socket$kcm(0x10, 0x2, 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e0000000000000003"], 0x48) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) close(r2) setsockopt$sock_attach_bpf(r3, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000001c0)="39000000140081ae0000dc676f97daf01e2357f9ffffffffffffff0521018701546fabca1b4e8a06a6580e88370200c54c1960b89c40ebb373", 0x39}], 0x1}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r4, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r5], 0x3c}}, 0x0) kernel console output (not intermixed with test programs): [ 40.200165][ T39] audit: type=1400 audit(1734439179.581:83): avc: denied { read } for pid=5329 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 40.205974][ T39] audit: type=1400 audit(1734439179.581:84): avc: denied { append } for pid=5329 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 40.212000][ T39] audit: type=1400 audit(1734439179.581:85): avc: denied { open } for pid=5329 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 40.217555][ T39] audit: type=1400 audit(1734439179.581:86): avc: denied { getattr } for pid=5329 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Warning: Permanently added '[localhost]:42170' (ED25519) to the list of known hosts. [ 40.390065][ T39] audit: type=1400 audit(1734439179.761:87): avc: denied { name_bind } for pid=5917 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 42.240437][ T5919] cgroup: Unknown subsys name 'net' [ 42.423685][ T5919] cgroup: Unknown subsys name 'cpuset' [ 42.427756][ T5919] cgroup: Unknown subsys name 'rlimit' [ 42.630922][ T5924] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 43.319977][ T5919] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.104810][ T39] kauditd_printk_skb: 17 callbacks suppressed [ 45.104825][ T39] audit: type=1400 audit(1734439184.481:105): avc: denied { execmem } for pid=5926 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 45.269921][ T39] audit: type=1400 audit(1734439184.641:106): avc: denied { create } for pid=5930 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.276432][ T39] audit: type=1400 audit(1734439184.641:107): avc: denied { read write } for pid=5930 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 45.284864][ T39] audit: type=1400 audit(1734439184.641:108): avc: denied { open } for pid=5930 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 45.290903][ T39] audit: type=1400 audit(1734439184.651:109): avc: denied { ioctl } for pid=5930 comm="syz-executor" path="socket:[3737]" dev="sockfs" ino=3737 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.311674][ T65] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 45.326018][ T5934] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 45.328647][ T5934] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 45.331355][ T5934] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 45.335005][ T5934] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 45.335712][ T5941] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 45.337240][ T5934] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 45.340108][ T5941] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 45.343094][ T5934] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 45.343808][ T5941] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 45.345758][ T5934] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 45.347909][ T5941] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 45.349756][ T5934] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 45.352293][ T5941] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 45.354080][ T5934] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 45.355450][ T5941] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 45.357580][ T5934] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 45.359623][ T5941] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 45.365522][ T5944] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 45.368075][ T39] audit: type=1400 audit(1734439184.741:110): avc: denied { read } for pid=5930 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 45.374268][ T39] audit: type=1400 audit(1734439184.741:111): avc: denied { open } for pid=5930 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 45.380418][ T39] audit: type=1400 audit(1734439184.741:112): avc: denied { mounton } for pid=5930 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 45.381434][ T5945] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 45.387258][ T5944] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 45.387554][ T5944] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 45.394850][ T5945] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 45.397297][ T5945] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 45.554367][ T39] audit: type=1400 audit(1734439184.931:113): avc: denied { module_request } for pid=5930 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 45.582737][ T5930] chnl_net:caif_netlink_parms(): no params data found [ 45.606855][ T5931] chnl_net:caif_netlink_parms(): no params data found [ 45.612662][ T5937] chnl_net:caif_netlink_parms(): no params data found [ 45.645300][ T5940] chnl_net:caif_netlink_parms(): no params data found [ 45.685506][ T5930] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.687705][ T5930] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.689596][ T5930] bridge_slave_0: entered allmulticast mode [ 45.691923][ T5930] bridge_slave_0: entered promiscuous mode [ 45.695191][ T5930] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.697006][ T5930] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.698794][ T5930] bridge_slave_1: entered allmulticast mode [ 45.701074][ T5930] bridge_slave_1: entered promiscuous mode [ 45.826862][ T5931] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.829402][ T5931] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.832426][ T5931] bridge_slave_0: entered allmulticast mode [ 45.835305][ T5931] bridge_slave_0: entered promiscuous mode [ 45.857893][ T5930] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.861619][ T5930] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.879035][ T5931] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.880983][ T5931] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.883001][ T5931] bridge_slave_1: entered allmulticast mode [ 45.885074][ T5931] bridge_slave_1: entered promiscuous mode [ 45.887114][ T5940] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.888936][ T5940] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.891176][ T5940] bridge_slave_0: entered allmulticast mode [ 45.893194][ T5940] bridge_slave_0: entered promiscuous mode [ 45.910864][ T5937] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.912746][ T5937] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.914744][ T5937] bridge_slave_0: entered allmulticast mode [ 45.917333][ T5937] bridge_slave_0: entered promiscuous mode [ 45.930287][ T5940] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.932596][ T5940] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.934592][ T5940] bridge_slave_1: entered allmulticast mode [ 45.937137][ T5940] bridge_slave_1: entered promiscuous mode [ 45.941949][ T5930] team0: Port device team_slave_0 added [ 45.943716][ T5937] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.945932][ T5937] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.947811][ T5937] bridge_slave_1: entered allmulticast mode [ 45.950288][ T5937] bridge_slave_1: entered promiscuous mode [ 45.980521][ T5930] team0: Port device team_slave_1 added [ 45.991768][ T5937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.996033][ T5931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.037858][ T5937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.041123][ T5931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.045092][ T5940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.049118][ T5940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.052168][ T5930] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.053946][ T5930] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.060575][ T5930] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.100111][ T5930] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.101934][ T5930] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.108586][ T5930] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.124739][ T5931] team0: Port device team_slave_0 added [ 46.141323][ T5937] team0: Port device team_slave_0 added [ 46.145623][ T5931] team0: Port device team_slave_1 added [ 46.148604][ T5940] team0: Port device team_slave_0 added [ 46.151177][ T5940] team0: Port device team_slave_1 added [ 46.162753][ T5937] team0: Port device team_slave_1 added [ 46.214421][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.216157][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.222671][ T5931] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.234257][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.236481][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.244720][ T5940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.248903][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.250792][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.257097][ T5937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.261112][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.262854][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.269129][ T5931] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.281858][ T5930] hsr_slave_0: entered promiscuous mode [ 46.283737][ T5930] hsr_slave_1: entered promiscuous mode [ 46.287975][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.290314][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.298464][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.302489][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.304242][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.310778][ T5937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.350897][ T5937] hsr_slave_0: entered promiscuous mode [ 46.352931][ T5937] hsr_slave_1: entered promiscuous mode [ 46.354894][ T5937] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.356968][ T5937] Cannot create hsr debugfs directory [ 46.425850][ T5940] hsr_slave_0: entered promiscuous mode [ 46.428366][ T5940] hsr_slave_1: entered promiscuous mode [ 46.430728][ T5940] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.433161][ T5940] Cannot create hsr debugfs directory [ 46.446962][ T5931] hsr_slave_0: entered promiscuous mode [ 46.448865][ T5931] hsr_slave_1: entered promiscuous mode [ 46.451463][ T5931] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.454011][ T5931] Cannot create hsr debugfs directory [ 46.657621][ T5937] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 46.662224][ T5937] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 46.668009][ T5937] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 46.673588][ T5937] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 46.685065][ T5930] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 46.688223][ T5930] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 46.692197][ T5930] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 46.695066][ T5930] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 46.713873][ T5931] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 46.719652][ T5931] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 46.723071][ T5931] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 46.726152][ T5931] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 46.747194][ T5940] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 46.751579][ T5940] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 46.755493][ T5940] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 46.760075][ T5940] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 46.801011][ T5930] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.812609][ T5937] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.823594][ T5930] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.832028][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.834180][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.843489][ T5931] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.845978][ T5937] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.849506][ T1196] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.851935][ T1196] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.863376][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.865160][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.870857][ T5931] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.875861][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.879620][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.881435][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.888037][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.889920][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.901508][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.903265][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.908441][ T5940] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.914515][ T5930] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 46.926391][ T97] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.928243][ T97] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.937065][ T1196] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.938834][ T1196] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.947083][ T39] audit: type=1400 audit(1734439186.321:114): avc: denied { sys_module } for pid=5930 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 46.952130][ T5931] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 46.955005][ T5931] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 46.974445][ T5940] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 46.998653][ T5930] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.014280][ T5930] veth0_vlan: entered promiscuous mode [ 47.019766][ T5930] veth1_vlan: entered promiscuous mode [ 47.034177][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.038186][ T5931] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.056410][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.061187][ T5930] veth0_macvtap: entered promiscuous mode [ 47.072753][ T5930] veth1_macvtap: entered promiscuous mode [ 47.080204][ T5937] veth0_vlan: entered promiscuous mode [ 47.092279][ T5931] veth0_vlan: entered promiscuous mode [ 47.098095][ T5937] veth1_vlan: entered promiscuous mode [ 47.103207][ T5930] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.108974][ T5930] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.112168][ T5931] veth1_vlan: entered promiscuous mode [ 47.123105][ T5940] veth0_vlan: entered promiscuous mode [ 47.125248][ T5930] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.128158][ T5930] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.131918][ T5930] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.134711][ T5930] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.146066][ T5940] veth1_vlan: entered promiscuous mode [ 47.158430][ T5937] veth0_macvtap: entered promiscuous mode [ 47.165565][ T5937] veth1_macvtap: entered promiscuous mode [ 47.185470][ T5940] veth0_macvtap: entered promiscuous mode [ 47.192510][ T5931] veth0_macvtap: entered promiscuous mode [ 47.195271][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.197870][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.201419][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.207018][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.209639][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.212722][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.217500][ T5940] veth1_macvtap: entered promiscuous mode [ 47.219790][ T5931] veth1_macvtap: entered promiscuous mode [ 47.223493][ T1196] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.225618][ T1196] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.229149][ T5937] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.232136][ T5937] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.234568][ T5937] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.237201][ T5937] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.247561][ T5931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.250349][ T5931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.252745][ T5931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.255269][ T5931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.258159][ T5931] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.266507][ T5931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.269313][ T5931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.272060][ T5931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.274752][ T5931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.277599][ T5931] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.282271][ T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.282391][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.284583][ T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.287982][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.293540][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.297025][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.301288][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.304551][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.308529][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.312983][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.316468][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.319668][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.323229][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.326053][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.328951][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.331840][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.336888][ T5931] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.339169][ T5931] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.341558][ T5931] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.343767][ T5931] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.350701][ T5940] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.353436][ T5940] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.356109][ T5940] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.358835][ T5940] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.383802][ T97] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.386080][ T97] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.398255][ T5930] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 47.403604][ T5936] Bluetooth: hci2: command tx timeout [ 47.403610][ T5945] Bluetooth: hci1: command tx timeout [ 47.403998][ T5936] Bluetooth: hci0: command tx timeout [ 47.412849][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.416816][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.429982][ T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.431996][ T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.443668][ T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.446193][ T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.458445][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.458461][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.483234][ T1196] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.483246][ T1196] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.490130][ T5936] Bluetooth: hci3: command tx timeout [ 47.537710][ T6000] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 47.540567][ T5994] sctp: [Deprecated]: syz.2.3 (pid 5994) Use of struct sctp_assoc_value in delayed_ack socket option. [ 47.540567][ T5994] Use struct sctp_sack_info instead [ 47.584491][ T6003] tipc: Started in network mode [ 47.585959][ T6003] tipc: Node identity 7f000001, cluster identity 4711 [ 47.589230][ T6003] tipc: Enabled bearer , priority 10 [ 47.639813][ T6009] Zero length message leads to an empty skb [ 47.753533][ T6013] 9pnet_fd: Insufficient options for proto=fd [ 47.793290][ T6017] syz.3.9 uses obsolete (PF_INET,SOCK_PACKET) [ 47.913475][ T6011] syz.2.7 (6011): drop_caches: 2 [ 47.915468][ T6015] syz.2.7 (6015): drop_caches: 2 [ 48.016757][ T6036] tipc: Started in network mode [ 48.018276][ T6036] tipc: Node identity 7f000001, cluster identity 4711 [ 48.021452][ T6036] tipc: Enabled bearer , priority 10 [ 48.710802][ T5973] tipc: Node number set to 2130706433 [ 49.150133][ T5942] tipc: Node number set to 2130706433 [ 49.480000][ T65] Bluetooth: hci2: command tx timeout [ 49.480746][ T5945] Bluetooth: hci0: command tx timeout [ 49.481278][ T5936] Bluetooth: hci1: command tx timeout [ 49.560020][ T5945] Bluetooth: hci3: command tx timeout [ 51.560334][ T5945] Bluetooth: hci1: command tx timeout [ 51.560476][ T65] Bluetooth: hci0: command tx timeout [ 51.570365][ T65] Bluetooth: hci2: command tx timeout [ 51.640030][ T65] Bluetooth: hci3: command tx timeout [ 53.640759][ T65] Bluetooth: hci1: command tx timeout [ 53.640870][ T5945] Bluetooth: hci2: command tx timeout [ 53.640979][ T5936] Bluetooth: hci0: command tx timeout [ 53.720022][ T5945] Bluetooth: hci3: command tx timeout [ 61.621728][ T6067] netlink: 8 bytes leftover after parsing attributes in process `syz.0.23'. [ 61.624664][ T6067] netlink: 12 bytes leftover after parsing attributes in process `syz.0.23'. [ 61.630106][ T39] kauditd_printk_skb: 1567 callbacks suppressed [ 61.630116][ T39] audit: type=1400 audit(1734439201.001:1676): avc: denied { setopt } for pid=6068 comm="syz.2.25" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 61.636374][ T39] audit: type=1400 audit(1734439201.011:1677): avc: denied { create } for pid=6070 comm="syz.3.26" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 61.641392][ T39] audit: type=1400 audit(1734439201.011:1678): avc: denied { write } for pid=6070 comm="syz.3.26" path="socket:[8190]" dev="sockfs" ino=8190 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 61.647116][ T39] audit: type=1400 audit(1734439201.011:1679): avc: denied { nlmsg_read } for pid=6070 comm="syz.3.26" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 61.652445][ T39] audit: type=1400 audit(1734439201.021:1680): avc: denied { write } for pid=6071 comm="syz.1.24" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 61.710797][ T39] audit: type=1400 audit(1734439201.091:1681): avc: denied { bind } for pid=6068 comm="syz.2.25" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 61.715619][ T39] audit: type=1400 audit(1734439201.091:1682): avc: denied { write } for pid=6068 comm="syz.2.25" path="socket:[10518]" dev="sockfs" ino=10518 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 61.777916][ T6086] wg1: entered promiscuous mode [ 61.786421][ T39] audit: type=1400 audit(1734439201.161:1683): avc: denied { write } for pid=6088 comm="syz.1.30" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 61.792434][ T39] audit: type=1400 audit(1734439201.161:1684): avc: denied { open } for pid=6088 comm="syz.1.30" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 61.798526][ T39] audit: type=1400 audit(1734439201.161:1685): avc: denied { ioctl } for pid=6088 comm="syz.1.30" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x127f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 61.842145][ T6099] overlayfs: upper fs does not support tmpfile. [ 61.901926][ T6102] netlink: 8 bytes leftover after parsing attributes in process `syz.2.34'. [ 61.904388][ T6102] netlink: 12 bytes leftover after parsing attributes in process `syz.2.34'. [ 61.936935][ T6104] netlink: 32 bytes leftover after parsing attributes in process `syz.2.35'. [ 61.999694][ T6118] syzkaller1: entered promiscuous mode [ 62.002138][ T6118] syzkaller1: entered allmulticast mode [ 62.101247][ T6125] netlink: 8 bytes leftover after parsing attributes in process `syz.2.40'. [ 62.201928][ T6140] netlink: 56 bytes leftover after parsing attributes in process `syz.1.44'. [ 62.222189][ T6146] vxcan1: tx address claim with dest, not broadcast [ 62.277513][ T6151] netlink: 24 bytes leftover after parsing attributes in process `syz.0.47'. [ 62.437362][ T6152] netlink: 28 bytes leftover after parsing attributes in process `syz.2.48'. [ 62.440555][ T6152] netlink: 28 bytes leftover after parsing attributes in process `syz.2.48'. [ 62.645547][ T6215] random: crng reseeded on system resumption [ 62.682748][ T6217] XFS (nullb0): Invalid superblock magic number [ 62.732231][ T6227] ntfs3(nbd3): try to read out of volume at offset 0x0 [ 62.757204][ T6229] capability: warning: `syz.2.64' uses deprecated v2 capabilities in a way that may be insecure [ 62.762431][ T6227] mac80211_hwsim hwsim8 ÿÿÿÿÿÿ: renamed from wlan1 (while UP) [ 62.839042][ T6239] Bluetooth: MGMT ver 1.23 [ 62.903654][ T6239] kvm: emulating exchange as write [ 63.779905][ T5991] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 63.799899][ T5945] Bluetooth: hci3: command tx timeout [ 63.922628][ T6284] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 63.926529][ T6284] overlayfs: fs on './file0' does not support file handles, falling back to xino=off. [ 63.942532][ T5991] usb 6-1: Using ep0 maxpacket: 8 [ 63.946941][ T5991] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 63.949033][ T5991] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 63.951736][ T5991] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 63.954370][ T5991] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 63.956798][ T5991] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 63.960443][ T5991] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 63.962713][ T5991] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.079914][ T5298] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 64.171101][ T5991] usb 6-1: usb_control_msg returned -32 [ 64.172679][ T5991] usbtmc 6-1:16.0: can't read capabilities [ 64.180630][ T62] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 64.232396][ T5298] usb 8-1: config index 0 descriptor too short (expected 23569, got 27) [ 64.234923][ T5298] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 64.238573][ T5298] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 64.241509][ T5298] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 64.243761][ T5298] usb 8-1: Manufacturer: syz [ 64.250454][ T5298] usb 8-1: config 0 descriptor?? [ 64.289906][ T5298] rc_core: IR keymap rc-hauppauge not found [ 64.291749][ T5298] Registered IR keymap rc-empty [ 64.294391][ T5298] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0 [ 64.298468][ T5298] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input5 [ 64.339907][ T62] usb 5-1: Using ep0 maxpacket: 8 [ 64.342404][ T62] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 97, changing to 10 [ 64.345064][ T62] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 24905, setting to 1024 [ 64.347955][ T62] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 64.350212][ T62] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.353346][ T62] usb 5-1: config 0 descriptor?? [ 64.471339][ T6280] xt_TPROXY: Can be used only with -p tcp or -p udp [ 64.478663][ T5298] usb 8-1: USB disconnect, device number 2 [ 64.563170][ T62] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1 [ 64.726670][ T6305] overlay: Bad value for 'metacopy' [ 64.782493][ T5942] usb 5-1: USB disconnect, device number 2 [ 64.815210][ T6313] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 65.071450][ T6330] netlink: 'syz.2.91': attribute type 1 has an invalid length. [ 65.157964][ T6337] mkiss: ax0: crc mode is auto. [ 65.414368][ T6357] netfs: Couldn't get user pages (rc=-14) [ 65.421643][ T6359] xt_hashlimit: size too large, truncated to 1048576 [ 65.902556][ T6373] tmpfs: Unknown parameter '__inohes' [ 65.951565][ T6282] syz.0.65 (6282) used greatest stack depth: 18528 bytes left [ 66.151197][ T6381] process 'syz.3.107' launched './file0' with NULL argv: empty string added [ 66.261440][ T6386] netlink: 'syz.3.109': attribute type 2 has an invalid length. [ 66.600202][ T65] Bluetooth: hci4: command 0x1003 tx timeout [ 66.604164][ T5945] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 66.650128][ T35] usb 6-1: USB disconnect, device number 2 [ 66.673754][ T39] kauditd_printk_skb: 117 callbacks suppressed [ 66.673768][ T39] audit: type=1400 audit(1734439206.051:1803): avc: denied { remount } for pid=6404 comm="syz.1.115" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 66.673935][ T6405] binder: Binderfs stats mode cannot be changed during a remount [ 66.692523][ T39] audit: type=1400 audit(1734439206.071:1804): avc: denied { read write } for pid=6409 comm="syz.2.116" name="vhost-vsock" dev="devtmpfs" ino=1301 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 66.697996][ T6410] SELinux: syz.2.116 (6410) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 66.701813][ T39] audit: type=1400 audit(1734439206.071:1805): avc: denied { open } for pid=6409 comm="syz.2.116" path="/dev/vhost-vsock" dev="devtmpfs" ino=1301 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 66.714782][ T39] audit: type=1400 audit(1734439206.071:1806): avc: denied { ioctl } for pid=6409 comm="syz.2.116" path="/dev/vhost-vsock" dev="devtmpfs" ino=1301 ioctlcmd=0xaf00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 66.725732][ T6413] ptm ptm1: ldisc open failed (-12), clearing slot 1 [ 66.785607][ T39] audit: type=1400 audit(1734439206.161:1807): avc: denied { map } for pid=6425 comm="syz.2.121" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 66.803317][ T39] audit: type=1400 audit(1734439206.181:1808): avc: denied { read } for pid=6427 comm="syz.1.122" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 66.803786][ T6428] program syz.1.122 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 66.819248][ T6428] capability: warning: `syz.1.122' uses 32-bit capabilities (legacy support in use) [ 66.819499][ T39] audit: type=1400 audit(1734439206.181:1809): avc: denied { open } for pid=6427 comm="syz.1.122" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 66.857364][ T39] audit: type=1400 audit(1734439206.231:1810): avc: denied { append } for pid=6433 comm="syz.1.125" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 66.866078][ T6432] cgroup2: Unknown parameter 'euid' [ 66.868594][ T39] audit: type=1400 audit(1734439206.241:1811): avc: denied { watch } for pid=6431 comm="syz.2.124" path="/46" dev="tmpfs" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 66.898707][ T6436] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 66.939322][ T6444] ======================================================= [ 66.939322][ T6444] WARNING: The mand mount option has been deprecated and [ 66.939322][ T6444] and is ignored by this kernel. Remove the mand [ 66.939322][ T6444] option from the mount to silence this warning. [ 66.939322][ T6444] ======================================================= [ 67.000057][ T76] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 67.036972][ T6447] binder: BINDER_SET_CONTEXT_MGR already set [ 67.039176][ T6447] binder: 6446:6447 ioctl 4018620d 20000100 returned -16 [ 67.074242][ T39] audit: type=1400 audit(1734439206.451:1812): avc: denied { read append } for pid=6456 comm="syz.1.132" name="mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 67.084272][ T6447] binder: BINDER_SET_CONTEXT_MGR already set [ 67.086568][ T6447] binder: 6446:6447 ioctl 4018620d 20000040 returned -16 [ 67.150435][ T76] usb 8-1: Using ep0 maxpacket: 32 [ 67.154861][ T76] usb 8-1: config 4 has an invalid interface number: 8 but max is 0 [ 67.157061][ T76] usb 8-1: config 4 has no interface number 0 [ 67.158644][ T76] usb 8-1: config 4 interface 8 has no altsetting 0 [ 67.163855][ T76] usb 8-1: New USB device found, idVendor=065a, idProduct=0009, bcdDevice=60.65 [ 67.167320][ T76] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 67.170703][ T76] usb 8-1: Product: syz [ 67.172270][ T76] usb 8-1: Manufacturer: syz [ 67.173955][ T76] usb 8-1: SerialNumber: syz [ 67.393279][ T76] opticon 8-1:4.8: opticon converter detected [ 67.407783][ T76] usb 8-1: opticon converter now attached to ttyUSB0 [ 67.419450][ T76] usb 8-1: USB disconnect, device number 3 [ 67.432767][ T76] opticon ttyUSB0: opticon converter now disconnected from ttyUSB0 [ 67.435531][ T76] opticon 8-1:4.8: device disconnected [ 67.728936][ T6497] binder: BINDER_SET_CONTEXT_MGR already set [ 67.731739][ T6497] binder: 6496:6497 ioctl 4018620d 200002c0 returned -16 [ 67.857190][ T6501] pim6reg1: entered promiscuous mode [ 67.858695][ T6501] pim6reg1: entered allmulticast mode [ 67.980728][ T6509] raw_sendmsg: syz.3.150 forgot to set AF_INET. Fix it! [ 68.090829][ T6517] binder: BINDER_SET_CONTEXT_MGR already set [ 68.092809][ T6517] binder: 6516:6517 ioctl 4018620d 200002c0 returned -16 [ 68.398184][ T6534] mmap: syz.2.156 (6534) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 68.467368][ T6543] binder: BINDER_SET_CONTEXT_MGR already set [ 68.469391][ T6543] binder: 6542:6543 ioctl 4018620d 200002c0 returned -16 [ 68.490452][ T6525] nbd2: detected capacity change from 0 to 8 [ 68.515186][ T6549] __nla_validate_parse: 7 callbacks suppressed [ 68.515201][ T6549] netlink: 4 bytes leftover after parsing attributes in process `syz.1.165'. [ 68.526061][ T6534] block nbd2: shutting down sockets [ 68.526970][ T6549] erspan0: entered promiscuous mode [ 68.530430][ T6549] macvtap1: entered promiscuous mode [ 68.531892][ T6549] macvtap1: entered allmulticast mode [ 68.531959][ C0] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 68.533291][ T6549] erspan0: entered allmulticast mode [ 68.536547][ C0] Buffer I/O error on dev nbd2, logical block 0, async page read [ 68.540688][ T6076] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 68.543241][ T6076] Buffer I/O error on dev nbd2, logical block 0, async page read [ 68.545356][ T6076] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 68.547986][ T6076] Buffer I/O error on dev nbd2, logical block 0, async page read [ 68.550597][ T6076] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 68.552953][ T6076] Buffer I/O error on dev nbd2, logical block 0, async page read [ 68.555076][ T6076] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 68.557468][ T6076] Buffer I/O error on dev nbd2, logical block 0, async page read [ 68.561022][ T6076] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 68.562589][ T6546] ------------[ cut here ]------------ [ 68.563765][ T6076] Buffer I/O error on dev nbd2, logical block 0, async page read [ 68.565287][ T6546] WARNING: CPU: 0 PID: 6546 at mm/page_alloc.c:4727 __alloc_pages_noprof+0xeff/0x25b0 [ 68.567411][ T6076] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 68.570567][ T6546] Modules linked in: [ 68.575883][ T6076] Buffer I/O error on dev nbd2, logical block 0, async page read [ 68.576153][ T6546] CPU: 0 UID: 0 PID: 6546 Comm: syz.3.164 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 68.578728][ T6076] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 68.581871][ T6546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.584529][ T6076] Buffer I/O error on dev nbd2, logical block 0, async page read [ 68.587761][ T6546] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0 [ 68.587792][ T6546] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 0e b3 fe ff e9 69 f9 ff ff c6 05 38 c3 57 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 2f b3 0c 00 8b 14 24 e9 [ 68.587809][ T6546] RSP: 0018:ffffc900034cf898 EFLAGS: 00010246 [ 68.590307][ T6076] ldm_validate_partition_table(): Disk read failed. [ 68.590372][ T6076] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 68.590386][ T6076] Buffer I/O error on dev nbd2, logical block 0, async page read [ 68.592470][ T6546] [ 68.592478][ T6546] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 68.598939][ T6076] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 68.601204][ T6546] RDX: 0000000000000000 RSI: 0000000000000014 RDI: 0000000000040cc0 [ 68.603222][ T6076] Buffer I/O error on dev nbd2, logical block 0, async page read [ 68.605917][ T6546] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 68.608485][ T6076] Dev nbd2: unable to read RDB block 0 [ 68.608949][ T6546] R10: 00000000200000c0 R11: 0000000000000000 R12: 0000000000000014 [ 68.608960][ T6546] R13: 0000000000040cc0 R14: 1ffff92000699f27 R15: ffffffff853addf7 [ 68.608967][ T6546] FS: 00007f6e90bf66c0(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000 [ 68.615569][ T6076] nbd2: unable to read partition table [ 68.616247][ T6546] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 68.619057][ T6076] nbd2: partition table beyond EOD, [ 68.621148][ T6546] CR2: 000000002000009c CR3: 000000004dd60000 CR4: 0000000000352ef0 [ 68.623073][ T6076] truncated [ 68.624983][ T6546] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 68.624993][ T6546] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 68.625001][ T6546] Call Trace: [ 68.625004][ T6546] [ 68.625009][ T6546] ? __warn+0xea/0x3c0 [ 68.642536][ T6076] ldm_validate_partition_table(): Disk read failed. [ 68.643697][ T6546] ? __alloc_pages_noprof+0xeff/0x25b0 [ 68.645281][ T6076] Dev nbd2: unable to read RDB block 0 [ 68.645382][ T6546] ? report_bug+0x3c0/0x580 [ 68.646855][ T6076] nbd2: unable to read partition table [ 68.648149][ T6546] ? handle_bug+0x54/0xa0 [ 68.655319][ T6546] ? exc_invalid_op+0x17/0x50 [ 68.656559][ T6546] ? asm_exc_invalid_op+0x1a/0x20 [ 68.657889][ T6546] ? drm_syncobj_array_find+0x37/0x3b0 [ 68.659586][ T6546] ? __alloc_pages_noprof+0xeff/0x25b0 [ 68.660298][ T6076] nbd2: partition table beyond EOD, truncated [ 68.661135][ T6546] ? hlock_class+0x4e/0x130 [ 68.663882][ T6546] ? __lock_acquire+0xcc5/0x3c40 [ 68.665181][ T6546] ? hlock_class+0x4e/0x130 [ 68.666411][ T6546] ? mark_lock+0xb5/0xc60 [ 68.667561][ T6546] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 68.669154][ T6546] ? mark_lock+0xb5/0xc60 [ 68.670446][ T6546] ? hlock_class+0x4e/0x130 [ 68.671790][ T6546] ? __pfx_mark_lock+0x10/0x10 [ 68.673019][ T6546] ? find_held_lock+0x2d/0x110 [ 68.674256][ T6546] ? hlock_class+0x4e/0x130 [ 68.675428][ T6546] ? __lock_acquire+0x15a9/0x3c40 [ 68.676727][ T6546] ? drm_syncobj_array_find+0x37/0x3b0 [ 68.678145][ T6546] ___kmalloc_large_node+0x84/0x1b0 [ 68.679527][ T6546] __kmalloc_large_node_noprof+0x1c/0x70 [ 68.681135][ T6546] ? __pfx___lock_acquire+0x10/0x10 [ 68.682479][ T6546] __kmalloc_noprof.cold+0xc/0x61 [ 68.683804][ T6546] drm_syncobj_array_find+0x37/0x3b0 [ 68.685171][ T6546] ? find_held_lock+0x2d/0x110 [ 68.686439][ T6546] drm_syncobj_wait_ioctl+0x23a/0x390 [ 68.687837][ T6546] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 68.689411][ T6546] ? drm_dev_enter+0x4c/0x170 [ 68.690757][ T6546] drm_ioctl_kernel+0x1e6/0x3d0 [ 68.692028][ T6546] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 68.693550][ T6546] ? __might_fault+0xe3/0x190 [ 68.694799][ T6546] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 68.696225][ T6546] ? __might_fault+0xe3/0x190 [ 68.697450][ T6546] drm_ioctl+0x5d6/0xc00 [ 68.698555][ T6546] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 68.700256][ T6546] ? __pfx_drm_ioctl+0x10/0x10 [ 68.701506][ T6546] ? __pfx_lock_release+0x10/0x10 [ 68.702829][ T6546] ? selinux_file_ioctl+0x180/0x270 [ 68.704222][ T6546] ? selinux_file_ioctl+0xb4/0x270 [ 68.705568][ T6546] ? __pfx_drm_ioctl+0x10/0x10 [ 68.706817][ T6546] __x64_sys_ioctl+0x190/0x200 [ 68.708082][ T6546] do_syscall_64+0xcd/0x250 [ 68.709307][ T6546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.711336][ T6546] RIP: 0033:0x7f6e92d85d29 [ 68.712670][ T6546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.718234][ T6546] RSP: 002b:00007f6e90bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 68.721362][ T6546] RAX: ffffffffffffffda RBX: 00007f6e92f75fa0 RCX: 00007f6e92d85d29 [ 68.724128][ T6546] RDX: 0000000020000080 RSI: 00000000c02864c3 RDI: 0000000000000005 [ 68.726901][ T6546] RBP: 00007f6e92e01a20 R08: 0000000000000000 R09: 0000000000000000 [ 68.729665][ T6546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 68.732648][ T6546] R13: 0000000000000000 R14: 00007f6e92f75fa0 R15: 00007ffc0c0b3d48 [ 68.735388][ T6546] [ 68.736481][ T6546] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 68.738998][ T6546] CPU: 0 UID: 0 PID: 6546 Comm: syz.3.164 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 68.742613][ T6546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.746385][ T6546] Call Trace: [ 68.747568][ T6546] [ 68.748612][ T6546] dump_stack_lvl+0x3d/0x1f0 [ 68.750240][ T6546] panic+0x71d/0x800 [ 68.751609][ T6546] ? __pfx_panic+0x10/0x10 [ 68.753160][ T6546] ? show_trace_log_lvl+0x29d/0x3d0 [ 68.755009][ T6546] ? __alloc_pages_noprof+0xeff/0x25b0 [ 68.756905][ T6546] check_panic_on_warn+0xab/0xb0 [ 68.758607][ T6546] __warn+0xf6/0x3c0 [ 68.759979][ T6546] ? __alloc_pages_noprof+0xeff/0x25b0 [ 68.761869][ T6546] report_bug+0x3c0/0x580 [ 68.763367][ T6546] handle_bug+0x54/0xa0 [ 68.764825][ T6546] exc_invalid_op+0x17/0x50 [ 68.766387][ T6546] asm_exc_invalid_op+0x1a/0x20 [ 68.768033][ T6546] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0 [ 68.770108][ T6546] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 0e b3 fe ff e9 69 f9 ff ff c6 05 38 c3 57 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 2f b3 0c 00 8b 14 24 e9 [ 68.776669][ T6546] RSP: 0018:ffffc900034cf898 EFLAGS: 00010246 [ 68.778739][ T6546] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 68.781394][ T6546] RDX: 0000000000000000 RSI: 0000000000000014 RDI: 0000000000040cc0 [ 68.784074][ T6546] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 68.786761][ T6546] R10: 00000000200000c0 R11: 0000000000000000 R12: 0000000000000014 [ 68.789467][ T6546] R13: 0000000000040cc0 R14: 1ffff92000699f27 R15: ffffffff853addf7 [ 68.792137][ T6546] ? drm_syncobj_array_find+0x37/0x3b0 [ 68.794036][ T6546] ? hlock_class+0x4e/0x130 [ 68.795618][ T6546] ? __lock_acquire+0xcc5/0x3c40 [ 68.797343][ T6546] ? hlock_class+0x4e/0x130 [ 68.799035][ T6546] ? mark_lock+0xb5/0xc60 [ 68.800523][ T6546] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 68.802541][ T6546] ? mark_lock+0xb5/0xc60 [ 68.804035][ T6546] ? hlock_class+0x4e/0x130 [ 68.805593][ T6546] ? __pfx_mark_lock+0x10/0x10 [ 68.807226][ T6546] ? find_held_lock+0x2d/0x110 [ 68.808878][ T6546] ? hlock_class+0x4e/0x130 [ 68.810461][ T6546] ? __lock_acquire+0x15a9/0x3c40 [ 68.812195][ T6546] ? drm_syncobj_array_find+0x37/0x3b0 [ 68.814055][ T6546] ___kmalloc_large_node+0x84/0x1b0 [ 68.815844][ T6546] __kmalloc_large_node_noprof+0x1c/0x70 [ 68.817737][ T6546] ? __pfx___lock_acquire+0x10/0x10 [ 68.819509][ T6546] __kmalloc_noprof.cold+0xc/0x61 [ 68.821248][ T6546] drm_syncobj_array_find+0x37/0x3b0 [ 68.823052][ T6546] ? find_held_lock+0x2d/0x110 [ 68.824679][ T6546] drm_syncobj_wait_ioctl+0x23a/0x390 [ 68.826516][ T6546] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 68.828537][ T6546] ? drm_dev_enter+0x4c/0x170 [ 68.830138][ T6546] drm_ioctl_kernel+0x1e6/0x3d0 [ 68.831811][ T6546] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 68.833802][ T6546] ? __might_fault+0xe3/0x190 [ 68.835417][ T6546] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 68.837237][ T6546] ? __might_fault+0xe3/0x190 [ 68.838853][ T6546] drm_ioctl+0x5d6/0xc00 [ 68.840357][ T6546] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 68.842396][ T6546] ? __pfx_drm_ioctl+0x10/0x10 [ 68.844077][ T6546] ? __pfx_lock_release+0x10/0x10 [ 68.845839][ T6546] ? selinux_file_ioctl+0x180/0x270 [ 68.847645][ T6546] ? selinux_file_ioctl+0xb4/0x270 [ 68.849429][ T6546] ? __pfx_drm_ioctl+0x10/0x10 [ 68.851113][ T6546] __x64_sys_ioctl+0x190/0x200 [ 68.852773][ T6546] do_syscall_64+0xcd/0x250 [ 68.854346][ T6546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.856365][ T6546] RIP: 0033:0x7f6e92d85d29 [ 68.857887][ T6546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.864442][ T6546] RSP: 002b:00007f6e90bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 68.867321][ T6546] RAX: ffffffffffffffda RBX: 00007f6e92f75fa0 RCX: 00007f6e92d85d29 [ 68.870010][ T6546] RDX: 0000000020000080 RSI: 00000000c02864c3 RDI: 0000000000000005 [ 68.872713][ T6546] RBP: 00007f6e92e01a20 R08: 0000000000000000 R09: 0000000000000000 [ 68.875440][ T6546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 68.878138][ T6546] R13: 0000000000000000 R14: 00007f6e92f75fa0 R15: 00007ffc0c0b3d48 [ 68.880838][ T6546] [ 68.882426][ T6546] Kernel Offset: disabled [ 68.883989][ T6546] Rebooting in 86400 seconds.. VM DIAGNOSIS: 12:40:08 Registers: info registers vcpu 0 CPU#0 RAX=0000000000038356 RBX=0000000000000012 RCX=ffffc9000cb01000 RDX=0000000000080000 RSI=ffffffff8179c3e6 RDI=0000000000000001 RBP=1ffff92000699ea0 RSP=ffffc900034cf4f0 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=0000000000000001 R13=0000000000000200 R14=ffff888022f28000 R15=ffffc900034cf5d8 RIP=ffffffff8179c3e8 RFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f6e90bf66c0 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002000009c CR3=000000004dd60000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fffff800 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000500000038 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e92e029b2 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e92e029bf ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e92e029b9 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e92e029cd ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e92e02a53 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e92e02b31 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000332e63 64755f796d6d7564 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffffea0000a32b40 RCX=ffffffff81e39d19 RDX=ffff888021488000 RSI=ffffffff81e2979a RDI=ffffea0000a32b40 RBP=8000000028cad027 RSP=ffffc900036ef658 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000003 R12=dffffc0000000000 R13=0000000000000000 R14=0000000000000000 R15=ffffc900036efaa8 RIP=ffffffff81e2979a RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c40bc09 CR3=000000003229e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555560e6ce58 0000555560e6c760 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555560e64490 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555560e64678 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555560e6a798 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1bcaab6f54018701 2105ffffffffffff fff957231ef0da97 6f67dc0000ae8100 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1400000039720807 80030780040e8003 0e800401a0030008 0001900303ffffff ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff0401800312fa10 00068004028e0800 049e080001000006 08060a015a880108 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0006800301000004 0806020102ec0801 8806050801800405 0180040008000210 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 003c100008015be6 0190100006800400 1000060102840300 0000000000001e12 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0006800301000004 0806020102ec0801 8806050801800405 0180040008000210 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff0401800312fa10 00068004028e0800 049e080001000006 08060a015a880108 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100100002800401 00000a0806060154 9c00080002e00300 100002d003001000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000001520001 RCX=ffffffff8206492d RDX=ffff888025154880 RSI=000000000000001f RDI=0000000000000003 RBP=ffff88801e19fe60 RSP=ffffc90003d7f4f8 R8 =0000000000000003 R9 =000000000000001f R10=0000000000000000 R11=00000000000a292d R12=0000000007ca038e R13=0000000000000001 R14=0000000000000000 R15=0000000006f40368 RIP=ffffffff819a1440 RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000555582340500 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c36c555 CR3=000000002964c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc9f069190 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff6472029b2 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff6472029bf ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff6472029b9 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff6472029cd ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff647202a53 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff647202b31 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000088 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000088 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=dffffc0000000000 RBX=0000000000000001 RCX=0000000000000000 RDX=1ffff92000961eac RSI=ffffffff81fc9033 RDI=ffffc90004b0f528 RBP=ffffc90004b0f570 RSP=ffffc90004b0f4b8 R8 =ffffc90004b0f55c R9 =ffffffff90f69cf8 R10=ffffc90004b0f528 R11=00000000000085d4 R12=ffffffff8185d1f0 R13=ffffc90004b0f528 R14=0000000000000000 R15=ffff8880237c0000 RIP=ffffffff81493fbe RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f5195f67500 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c40bc09 CR3=000000002a0fe000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000005000001 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=00000000fffbffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff66aa4ac0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c5f5f0045544156 4952505f4342494c ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000042494c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e6f63007325 203a726f72726520 64656e7275746572 2072657672657300 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40514b4a46005600 051f574a57574005 41404b5750514057 0557405357405600 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3638302e37362020 205b3e363c0a4942 2020726461656962 2020373434365420 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3638302e32342020 2037362020004320 202000313d646362 2020373434363020 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f66636c55786269 3779796b66697e2a 7e556f69637c6f6e 556f797f65673078 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f5e444549555e4f 5955584f4e444348 2a30786f6e646368 2a573d3e3e3c5e2a ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000