last executing test programs: 7.197444784s ago: executing program 3 (id=973): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x109000, 0x0) ioctl$TCGETS2(r0, 0x802c542a, &(0x7f0000000040)) r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0) ioctl$TIOCL_GETSHIFTSTATE(r1, 0x541c, &(0x7f00000000c0)={0x6, 0x4}) ioctl$SNDRV_TIMER_IOCTL_TRIGGER(0xffffffffffffffff, 0x54a6) r2 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$BTRFS_IOC_BALANCE(r1, 0x5000940c, 0x0) r3 = syz_open_dev$MSR(&(0x7f0000000100), 0xff, 0x0) ioctl$BTRFS_IOC_ADD_DEV(r3, 0x5000940a, &(0x7f0000000140)={{r1}, "4b85161a4dd3816363cbfff7721cf0da1be8803dcd08bc53650f912e5c77f0290d6eb05a65f9dababf2a70cdd8e1c1c295f4c18f00f1682e076923eec52d2c107ea0b58f98c40686baaa07874b0cfe4cbee6d2455ee552e373e3769aed9095f3eede4796ebcad050c796314edeb327c0b9ebed9ca6aebe2e1da847df664796860bee9a330ad384e5a6c8f0aafffcc6a2dd4f9dbeca18de1a5b265c327340e779272597e2b314bf62d5005bf2900ca8a38b4295ddbde4563798f1bb73b687aaab6e11cd1a316a8994ccea824dacc3ca3a4430a4441631e1273c4ab5d14c77b4bded2106e3cd141b265cb20571706e264d0ce112233de9d419cfd814c75fb97c760441478cc35855eae6016af2dba34cfa0cba951895fabbc32361a6b1c5a0a60f4dde7172a0e6d6421401f6d7a32c5c47fac245dd82063df6d8136ec9d1db850d3ab709e397884dcc5b85527735df2612a6c1e97861e52f59fa6cdfe85e4ef2f11db4954eaea2fcddbe48484b0d565c0163b9ffcfa4be37ae210b68c0698ba29fbe93186d1cdf5870524a82fb9484d7adae1b984c5cde3194442fb34843422806fa8b08cbac10b729c6c835be13d01fd2739982f267fa23de247a28f063a5e436bdaa7a64bbd23d09fa48610f726ae0001f9018ace221361598d6afcc5a8733d0cae0c0d354327d81c1167de1383656611993358f52c318d2518e53c89df017ad30ee3fb5b236d7db0d331aa46c4681d944c8f71cff08b2428076177046d194adfbf2200301a90806322a511a7b23185163a0b137294970fa5e5007f62fa9f389ccc7830adb34ac420dd07d9566a66fa0beda0f14f1a2664d1e851ca1d3fe097197bddb364be3489224fa6352054f290eda9ef162566af561ed4f76a5c3fd7f6a70131365c97e78f7d892d941a12a4e37938023195e850d60d975394728c095564e63ab31116364eb3f4bb6fe54418ee6ecccd167b1fef32a0c3d63224ea9c30db0ba2f6ebc384aea7455c907a38b669e22aa47211379005ab24127c85608f0ebefb9c4227f6706ddde8881afc9212a111f679f8bec334dd8a71d48f12220af7d87b175e8a31225eed3ad80e3d54593a2f0c5cbfd99096d70ccc8a7d02c17f2efea12e22887889d7e2d03c4c433110bd9de9f363735e3d04451e8fb9e9130e1057269847f4c456fcdad63c1786556f6ff6bdfeac0f4b04d7b1a2197dc4fe31d74e20667d26c468d4d4e8977f8441ff9152c2dd5713107a76cf3cbab28f2ac5e77ec4b1091492cac0a62e3261ad220447a2cb5f1956b0774510b465baa1d263789ef9d64baa1ac5169e52ced6f274fd33c1737dc0d1641bc5f581f34154c4733ac9b821a8009aedcb27255897078abab26c6b089d32df4e66bf6dd153292462a25323a1863006be952a5343dbc4d2eb69e0788062001b1fc4b0c91d0c4f1f127249d28334b9ba35c14a1dcdc5cc141f322170aa3dde2c6f04969fc9de489b97c504c6a2a86cfd61267b82ed71a3b0c18117f03bec549be9e3554dcd01f4c67e2d5b99f738b6ab264915bceca34d4e892fa99a7f8d6436417c15c002c5f697c0426edaa949df6cc8b5aaf35c60423d1bd623cd92366db1e880ec366f9bec9d9cdf4084c30d71a390ed99645e5274c0bfdc2179e823adbba270a5a6ada56c3c5aa1141afbfccc91749822188dcc2518cc7f663feb2555d08f970ee02cec16d30c16bf9f36e27f15fd3e159bc713a6476550d4a8de570eaff0fc901e9fb4c6ef8161b3ad9155252a5ebbefed01eb75ce17ebda5555376e90eccc3c8de7c667de3840402b2b91884669c3b96c28f250680d814f06e8fe44a8fcd685105ff2b05844ea4dd467860152db1659e3203406fef579efb938c3e00d031c4a9e0f72e222bf807cb43263e2c509b7cbdd68b99407679013d582a5fbeb78b0cafa3c0ec55846619ac0e909ce86853eb6edce401a5fc1ef4ecb9a72ea6643c58225606f21c15c0a8741f02aaef789db511882a2dd0d5b2ab943e8465baeb7e5fc292e377582d116f2b9b1dcf7f4b88d46e1ce23facbac515f02c70b47d179363a3b9652ba56f01a9fdcad11e9bea5548f966fb12e16646ed98ce649f2e98cbc7ac05e564e6c3ed41595b1f2e9d970972ad2803cd6cb37242d02b6f805ac7f7f7045a7b3bdd946a6d5b090ff5233b77b1efb54ea3b5501f9c3cdec0cf5941c6f55acbd7dc6c392c73960bef9892264140beda7678d7b0ab1554661aa554fc98a842b4659687991489d914f78caaea22d7f9e69c455dd9caff8fd16428ef289ba80e8e9a7d8a689a162970a4c6021acb2de98cff822d48a77d234fec7362d9b2bce80bc16dbb214d6a5f16407705b8ccf487fa7141ff342740ac33e44c688daef292e1a77695b2ab6b4b07caee181f7cd92e8cc6b85fea28aa1724726033970ce4d59b7b4cbbb0e1b2c085c96780097143986abe88fc62d13d832031ac3d23f918aff324c4ecae5a4e3ac8a67fd93c72610c912d316fe48504dfdc96fbe9c4a264dd877fc79316c4b3f290f83998a349197fe11cccc8a58bcd6b0d5e6cfd1dac66b4be77bbd476bb1890aa06b12e2c221fb1cc063c52c14777017b7cda97a2ef4329b927e470edcbe5ee69b96c4b40ba9778616bc1780557b9de2d8be19a76adebb6754c1928e1decdb248e9e98e8c64316b9eb3a0fd637c8b85b855ee55d0831d32e8b704067bec84c49caf02a0143e51efeb4c305d12c049feeb544047367c75d57e29946cf73bf284d272119c040a6bc81d7ae8ed0eb3e8c4756788a6a32b2c7dee781c3dc504d4b9a8c05bc987837ac0b99d2049daa5cd6b68b36fcbbc61949a9f5cda9dbd0a465c86ca2025dbd90aa0da21f59a9e5aee8dbf2e606a579c34f3f009865f8054b1a0fdab164671991180c0c72b82582cb5e0624476502c07ecd2e40dc13bc94f88983d2cf9575266a5ccafd058211a6453e7f44a3549f9f3ce259730ec003f02a0d220aa1972a1159c6c2d879497e22f9b115eea13334337bff1f39d4956e273b2c3ee22ae1c12289da10419026a477d1aac7218432a5582bffd437a1fda2ad712977451e814971042f8a8608eb5b29140ebde4204fe39bc81055482d3ca719c9a5ef678fe2b6a0d765b71c4866d37f7cbc4e9fb623a37ac18fa629b05508724dd58683b69a372d014b87d70a664e4432824a51c23347c446b8682275842974504e4ace0b82897b1e98f0be05c0fc5feb67941d233aed3cd6bec4850b6a7450aa5f657ad467fe630cac1baa86871872b6bd6125edfae53566fadfc0c83dc630bed3ba9cac57fc26f9f56916c09240d07d2a8c9e96a1d506a1599f174bd077c689e1c8e732371bc5b006053c8a0d08644e27d681b94de1405f224ebf41bab5c96222c0a9783b77d5cb7a00dc066eee1b0dfbf215a20ccc878dc5b18bfee7925600ec5b223476f4c74348b037fcde022a1d88e134ee98a04db39fc1f8dd17c809880aaa54b8d44b8d035e37116fad9222b7ac7e9d71375d955c4eca88bec684b04a914aed28aee9e6817b6ad039868cd13a996ad569139279002fd6f827721516807c4d3a8bc3773ce3357d2b3846a02e043f039ec27efa50c8768b99f4c534ab88289eb526e37b93f958967303ec45b2ecf1b5ddf54e9ab13aeb839d6e62e755be414966e286631ce16294a1d555d82317756ee199582e157093eb36b0ac72f53645873ea0f45f75b0befbae60f5b616bf55d4aeedd7b0df14ef069d927212537e4e0287f6206782685b2eb177674d71276857180e8afbe6a2f9badcffc2f3d6a481ceb1bb272326e458c2c70e109dd78480210e76d40631b9acbbcf0800de3c373f9382dc08aa0a1486684b325b4ac1ca9de94b87fd07c77c12880ba6ddd4dd4ee68ea97f4269d76f6c805abf534e666b01b2cf1fcdf715e655b31cddec23fdfaa1ee8956b294a6988ab5efe372ab39254e606d8a6f6f4f5d488daa67df6069d3f3a69371792fd1b68f82c400c844a167d6b854d8ca5e3d239f8246c81c5e939873757c783c7babfcb2b29df3bca719e7f8a30baa3a4ab9d549950a25feca286152336a7412d33cae7151f0f7ad0c5e6cda52ba698e21263485440708d556607624d0b906ec4acd8b20999d24baf4c910ef73e082db55ce7d382be6ef4da7fc44e204f36ffab1f5dc1c008b7f4093710121105553802dd47073600e9775e717c95d67634592a9c637bed935dc10652c640dc14cd0bd59092c5345b9f5e824bce48b376176ffc2d3317cfe8e6a84e8d2c9410c30a63bd9f79d20e88f4241b95f42c633f73614954a5ea69dbffae0064186ebe6dd1206f058365a8382f7ab7c2333cf932941d5fc629d8459ed47fa021816428117cacf0e7c107118419a85888f42a2b3d0f3c2b0efb89e7fbbdd54ed993cf358ee901aa57bdbd3bada1018c3379625332edf11673def4264cd40d62cde6774e105e96e63aba32a0b46c63c5884770b8f899dd5221a8ecaf857e35e9833623bf2d607a19d75a90ecdf7f00c00b30a5a465666f5e8473111d9f14cc760bf61a3d39e5b8e002299c742b137e235d9c6986fc149b305ee836c21c0f45d9c967dadfc554af671bea54e5c7bb7ee63e36a6695b77d384fb1545b14bd1133694c153b9345ec72e675ccfc59fe516e5b9d548802b757c962be406ff7f69fd0294ddf73c4badb4c564ee70a6595b0c92c4d711a7eb2d5cc1104deae95c5de426d36b11d1b2b26499d7885159ff0bb2cc7410ea4fc006a24a67de890dbc7a4d8ebf3910571d3aefae897457bbb5da80152e84b2b7cbfa124b14df681b39e5cbb51f8760692bd9e3e50b4766cecccaca14ff0c20e08628f09402a3b35fe1c1f0aedb05b3f506853ec1245ba0111b07441f220a6d7a87b02734d9a386bacc1b4a725e8bbad65f080b1afcd80c61c0ff006efd211951e47a12ecabea3ebc84a6e3440a2a41942c95f7ad93a63d7633aa64ace02bb4e66f33195b3fcef3edb8126bca774c2ee471892c2f6ccf98042040ac92fbe3e2a2f03309e78c281cd77c93ee4ef5cbe74ed6647859dd331b06e9f6c86f7f29b36d71a4d85028e0dc04031a615e5805b42574f603ec54d6814589bbdf2ff41c1f87e922af92cdef583a3fa85a3ff90921ae5a24c341c43aed1101e096e283ec9c50ca7f83435373dd32ba63dbe42d9c421f89eb6917ce7a88a04bb49c8de85c8193fd4838a90fe48c05a34c6aec966434325d3318d85509b43878891978a20631f00543b04cbdad439bcff0551db3f13ffc63885b7ef197de345bcea77decc1deecc3501f7ff8f0ff5835cd61cd55747029af7b614da7de8bf228e86c6c8c7ae33a2d09e719568055c2f56993e8e204ebe146ea4df1b6d0bad36cb9d376fb1cf1944be0e8b1a27dec3718ecb6b88916201b88a8140c10289d48ebfbb74cea5f51e3637195d74214f638162fcf91d7590879c2200cf33b7cc6a3c082009f95fe6e109c477aff029988cd179cf174f048d553e6b15016ee9cb4f720568d131441894c24d6baef26ca3a6c7bffe22ac07a29e7fe7f44e732c41a368dc7f59fbc3e432d4de5ad7a65b964e4fe2fdb70f8f92d334562e20f32603d8c105519dffd81b4f438ff7e80b7de1770b3c618d9b2b35d4f2af4f139c01469f8764f0684a265a90bf676d36f5e5ab218192683c7054d2a0ac5a6362bc65fbfcc2300e161d97555f7519f0f63f05a3d6cb3189648723f70eabf6ccb0c74f69271c93988b6f3507e72926e1e27943c8a86eeb62b3201b5f2509d57fbe48aaede"}) r4 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000001140), 0x20002, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r4, 0xc040563e, &(0x7f0000001180)={0x0, 0x0, 0x103, 0x4, {0xccdb, 0x2, 0x80, 0xc91}}) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000001200), r4) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r4, &(0x7f0000001380)={&(0x7f00000011c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001340)={&(0x7f0000001240)={0xd4, r5, 0x200, 0x70bd25, 0x25dfdbfb, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0xffff}, {0x6, 0x16, 0x7}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x5}, {0x6, 0x16, 0x1}, {0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x4}, {0x6, 0x16, 0x101}, {0x5, 0x12, 0x1}}]}, 0xd4}, 0x1, 0x0, 0x0, 0x4080}, 0x20040046) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001400), r4) sendmsg$ETHTOOL_MSG_PAUSE_GET(r4, &(0x7f00000014c0)={&(0x7f00000013c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001480)={&(0x7f0000001440)={0x2c, r6, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x4001) writev(r4, &(0x7f00000015c0)=[{&(0x7f0000001500)="8aa0518ebb4c138001fe9f4fd49bdab5158a91524f18626b67c8a50be24bb382bbd3c27ea954716b53e4d2eb670cf6116c1834736916ee3601a812956b0ac7d4d4ea52f1f0726412d218a4dbf35b4ecbf92da827ac6551b9268b360d82a64ddf75b9336deaf87a02e0b2a9eb2f438415467c0ea643ecabf35a6a1fa9799d23b008b168a3f9a1513e4358ce5e4b6a718c8a0cd85d39651eeb685cd8e89c5394562a155bfac0267e411fb68f5cd896dbeef525", 0xb2}], 0x1) r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001600), 0x793000, 0x0) ioctl$PPPIOCATTCHAN(r7, 0x40047438, &(0x7f0000001640)=0x2) ioctl$USBDEVFS_DISCSIGNAL(r4, 0x8010550e, &(0x7f0000001780)={0x6, &(0x7f0000001680)="412e6b04d1bbd6af584df06ff2f337425c622fe393d1fcd59a8637e48c3b530c68b6edc87a802ff31acb75861e6f3983c2d9ba7faa220327f25760824aedc0e40dca78465ea5e4d11df1156a0ea9dd1a75af8696c7defe88c2d8787f5d79d3e525c310a09661d61c3622eaa52cdb5a3b6ad78b78b3c4e6680f1c7fe50c0d42ca13e04e45550828881bddf4eba7d3349d668f25a96c92f0d4c208a3655617e4460d5ae59bc4dd268335a4e7714831656f5941c04481bf46473f66ac1df8efb7f86fb702d3c1cece306c8a2ef4c97d2992e4c2b7d9f1513a23719545dc26a0fd9da72a1057d4895b1516eee192e1d5e18d5887c27baf85a03dceb35db03a"}) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001800), r4) sendmsg$NL80211_CMD_SET_REG(r4, &(0x7f0000001900)={&(0x7f00000017c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000018c0)={&(0x7f0000001840)={0x44, r8, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x1}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0xb}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'bb\x00'}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x1}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x7c}]}, 0x44}, 0x1, 0x0, 0x0, 0x1000}, 0x810) read$hiddev(r4, &(0x7f0000001940)=""/4096, 0x1000) sendmsg$NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000002a00)={&(0x7f0000002940)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000029c0)={&(0x7f0000002980)={0x14, r8, 0x100, 0x70bd2c, 0x25dfdbff, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4810}, 0x8000) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000002a80)={'vcan0\x00', 0x0}) getsockopt$PNPIPE_IFINDEX(r4, 0x113, 0x2, &(0x7f0000002ac0)=0x0, &(0x7f0000002b00)=0x4) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000002bc0)={r7, 0x58, &(0x7f0000002b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000002c00)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000002cc0)={'syztnl0\x00', &(0x7f0000002c40)={'ip6gre0\x00', 0x0, 0x29, 0xf7, 0x3, 0x5, 0x12, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, 0x700, 0x750, 0x7f, 0x10000}}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000002d00)={'ip6_vti0\x00', 0x0}) sendmsg$ETHTOOL_MSG_COALESCE_GET(r4, &(0x7f0000002fc0)={&(0x7f0000002a40)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000002f80)={&(0x7f0000002e40)={0x11c, r6, 0x8, 0x70bd2a, 0x25dfdbfc, {}, [@HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x4}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}]}]}, 0x11c}, 0x1, 0x0, 0x0, 0x24000001}, 0x40000) 7.128527651s ago: executing program 3 (id=975): syz_io_uring_setup(0x121d, &(0x7f0000000500)={0x0, 0x7d10, 0x80, 0x1, 0x1000034e}, &(0x7f0000000040)=0x0, &(0x7f0000000580)=0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) syz_open_dev$vcsu(&(0x7f00000000c0), 0x0, 0x440200) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) r3 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00') syz_io_uring_submit(r0, r1, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x23457}) timer_create(0x5, &(0x7f0000000000)={0x0, 0x15, 0x1}, &(0x7f00000001c0)) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000440)={'syztnl2\x00', &(0x7f00000003c0)={'ip6gre0\x00', 0x0, 0x29, 0x0, 0xc, 0x6, 0x50, @local, @mcast1, 0x8000, 0x40, 0x40, 0xdf}}) setsockopt$inet_mreqn(r3, 0x0, 0x24, &(0x7f0000000480)={@loopback, @rand_addr=0x64010101, r4}, 0xc) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r5 = creat(&(0x7f0000000000)='./bus\x00', 0x0) write$cgroup_int(r5, &(0x7f0000000540), 0xfffffdd8) r6 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) r7 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$sock_buf(r7, 0x1, 0x19, 0x0, &(0x7f0000000280)) syz_open_dev$mouse(0x0, 0x0, 0x2042) r8 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0) syz_usb_control_io$hid(r8, 0x0, 0x0) syz_usb_control_io$hid(r8, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0422b07123c1c052de3e97980e41caf13a726b657b405d71ba65cff9312c8dba7789dc0eb08a539a8f258e7d34ff9b39db250e3d6696e81cc0ce316f6aa82568696bd88b2acbb1b53328340285a132a099fdfd02b7e4455284cdd50162d6faf9e535ac2d6d7ac875f34871a8511cdc98141e581aff1f8bc5e5dd5043004a49f4d21fa246fe76af8cd0376a1f73f4f01cc71df6f244e8913e5b9039f3f3043560633ced79cc33cbb95da325135555664ad3e29ef3fc0742d47941375ac56b207a2cb7150c2b7830e749594b0cfca3bd117578f62899bcd1b86ca3b9a733fc072195afa2644d0bb568586a73ebba1054a66628c6c81b49fde71a8f47ca394705fb51571bd2af452a9febd099782a9d1042e9d27c0f9a1a506655b033c35941e8e0a8961e07abffa6968a314e6b370b6446c25f81b6a27e9599afe9ab34840816abdd69eae69852e659d40b6fc19bd99c51e0c29878148b7073e38b9054b00c8b0a4a118fd9f86572fb6e2a60fbad246f8a1f1ecffe039d10a603bdfc4b8af945e54574d898a3ca11172fea9a12c13df5e24645f3858e3b749bcd44a6eaa08adc1784201e7d4687bbf3aab6509bb0aedc6f7e63d5a36ea11ffc080e0f6f949dcf6e7fb086b7059f08000000000000009f07c59a9a63f1a69c3f7f9ad0adf29610c802796ec0ef6e524cb85bf50cb4dd838860bdc152a28774ab22bd5bb30b8ba9c3fa4a8fb8b0e785f139a1708f706b7ec9299f983dcde9f9910aa422e9ba04a42ab4edbd70597dd5bb1f837a88e11a2c8fad9d229507ae7357c854"], 0x0}, 0x0) r9 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0) ioctl$HIDIOCSREPORT(r9, 0x81044804, &(0x7f0000000400)={0x1, 0x2}) syz_usb_control_io(r8, &(0x7f0000000280)={0x2c, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="fc020400000004034804"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r8, 0x0, 0x0) bind$inet(0xffffffffffffffff, &(0x7f00000004c0)={0x2, 0x4e21, @remote}, 0x10) 4.00063348s ago: executing program 3 (id=1022): r0 = memfd_create(&(0x7f00000004c0)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\xf3\xeb\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xbd\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfKn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92$\x14a\xf4\x15_\x19Kt\r\xe3\xd9\xb4\x15mWl\xeb', 0x5) fallocate(r0, 0x3, 0x0, 0x3) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="7800000018002507b9409b14ffff00000202be04020506056403040c5c0009003f0020010a0000000d0085a168216b46d32345653600648d27000b000a00080049935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a320004021600080008", 0x65, 0x0, 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r3, &(0x7f0000000000), 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe6, 0x0) writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000040)="4f3bfde51b257f40", 0x8}], 0x1) 3.790492316s ago: executing program 0 (id=1029): r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000000c0), 0x40001, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x101000, 0x80) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000140)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20041, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = dup(r2) futimesat(r1, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={{0x0, 0x2710}}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82) syz_open_dev$sg(&(0x7f0000000280), 0x80000000002, 0x1) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x51, 0x0, 0x0) r5 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0) syz_usb_control_io(r5, 0x0, 0x0) syz_usb_disconnect(0xffffffffffffffff) r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x80000000) poll(&(0x7f0000000140)=[{r6, 0x140}], 0x1, 0x6) r7 = syz_open_procfs(0x0, &(0x7f0000000180)='net/netfilter\x00') pidfd_getfd(r7, 0xffffffffffffffff, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r9, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x6fcef00345e86a0, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) socket$kcm(0x10, 0x2, 0x0) r10 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYRESOCT=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r10, &(0x7f0000002140)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r10, &(0x7f0000000380)={0x50, 0x0, r11, {0x7, 0x27, 0x1, 0x801001a, 0x66d, 0x0, 0x0, 0x400, 0x0, 0x0, 0x40, 0x9}}, 0x50) 3.08044572s ago: executing program 3 (id=1041): r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4) ioctl$sock_bt_bnep_BNEPGETCONNLIST(r0, 0x800442d2, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, @broadcast}, {}]}) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x3, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000ff000000bfa300000000000007030000f0ffffff720af0fff8ffffff71a4f0ff000000002d040200000000001d400500000000004704000001ed00007b030000000000001d440000000000007a0a00fe00ffffffd703000040000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4) (async) ioctl$sock_bt_bnep_BNEPGETCONNLIST(r0, 0x800442d2, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, @broadcast}, {}]}) (async) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x3, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000ff000000bfa300000000000007030000f0ffffff720af0fff8ffffff71a4f0ff000000002d040200000000001d400500000000004704000001ed00007b030000000000001d440000000000007a0a00fe00ffffffd703000040000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) (async) 3.080270673s ago: executing program 3 (id=1042): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0) preadv(r0, &(0x7f0000000740)=[{0x0, 0xfdc5}, {&(0x7f0000000500)=""/97, 0x61}], 0x2, 0x7fff, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x0, 0x3}) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, &(0x7f0000000000)={0x0, 0x8, 0x9}) syz_usb_connect$cdc_ncm(0x1, 0x6e, &(0x7f00000003c0)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x81, 0x60, 0x8, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0xa34a}, {0xd, 0x24, 0xf, 0x1, 0x6, 0xd53f, 0x2, 0xb4}, {0x6, 0x24, 0x1a, 0xb8b, 0x14}}, {{0x9, 0x5, 0x81, 0x3, 0x20, 0x9, 0x3, 0x46}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x7, 0x8, 0x8}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0xf8, 0x18, 0x1}}}}}}}]}}, &(0x7f00000016c0)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0x445}}, {0x4, &(0x7f00000005c0)=@lang_id={0x4, 0x3, 0x83e}}, {0xc1, &(0x7f0000000600)=@string={0xc1, 0x3, "6a5477196df678ea1620bcd37a96eb68b2cb2f8c391099fc557cf06eee92285944f210414eae4f9f0300814bf425364e3fdceeab83f619a5505f8d4a726dc602d5317e4bf7d75769234c27df16a1024c16b06f0fe5fc65c37824178b086b8226f153ceae1f1041215283bf92c67281b7ed754eb0d3bca778e8d10b02be176d11c6c3e154f801a4d9620f758e49e9cb8d59c58e6dc16048ddf784db39a6a6adbddac15685d5126fc497a03f43836034d47033d5c664ed3e75be1d5f467395cb"}}]}) 800.207519ms ago: executing program 1 (id=1065): socket$inet6_udplite(0xa, 0x2, 0x88) (async) close(0x3) (async) r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00') read$FUSE(r1, &(0x7f0000001300)={0x2020}, 0x2020) (async) mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, r0, 0x8, 0x10, r1, 0x0) 795.435773ms ago: executing program 1 (id=1066): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) ioctl$UFFDIO_UNREGISTER(0xffffffffffffffff, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000bde000/0x2000)=nil, 0x2000}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe1, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d", 0x0, 0x8, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00') ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0xc0686611, &(0x7f0000000180)={0x68, 0x0, 0x17, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r2 = socket(0x10, 0x803, 0x0) r3 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0) write$binfmt_register(r3, &(0x7f00000000c0)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x1000, 0x3a, '\\x00#\x00', 0x3a, '/dev/bus/usb/00#/00#\x00', 0x3a, './file0'}, 0x42) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x38, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r5, {0xfff3, 0x4}, {}, {0xd, 0x10}}, [@filter_kind_options=@f_bpf={{0x8}, {0xc, 0x2, [@TCA_BPF_FD={0x8, 0x6, r2}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x400c021}, 0x2004c8d4) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) r7 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r7, 0x107, 0x14, &(0x7f0000000000)=0x8, 0x4) setsockopt$ARPT_SO_SET_REPLACE(r6, 0x0, 0x60, &(0x7f00000008c0)={'filter\x00', 0x2, 0x4, 0x3c8, 0x0, 0x1f8, 0x0, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}, {{@arp={@dev={0xac, 0x14, 0x14, 0x3e}, @dev, 0x0, 0xff0000ff, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x108}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00') preadv(r8, &(0x7f0000000000)=[{&(0x7f0000001840)=""/198, 0xc6}], 0x1, 0x33, 0xfffffffd) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r8, 0x800c6613, &(0x7f00000000c0)=@v2={0x2, @adiantum, 0x4, '\x00', @c}) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x9) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) mount$overlay(0x0, &(0x7f0000006200)='./bus\x00', &(0x7f0000000000), 0x4002, &(0x7f0000000200)={[{@redirect_dir_follow}, {@uuid_on}, {@nfs_export_off}]}) syz_clone3(&(0x7f0000000380)={0x2140000, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0}, 0x58) 700.693042ms ago: executing program 0 (id=1067): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000001180)={0x18, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x4}]}, 0x18}}, 0x0) r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000680)=@base={0xa, 0x16, 0xb4, 0x3}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000280)=@framed={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@map_fd={0x18, 0x0, 0x1, 0x0, r2}, @generic={0x77}]}, &(0x7f0000000000)='GPL\x00', 0x2}, 0x94) 637.219529ms ago: executing program 2 (id=1069): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000440)=[@in={0x2, 0x4e22, @private=0xa010101}]}, &(0x7f00000003c0)=0x10) r3 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x84, &(0x7f0000000480)={r4, @in={{0x2, 0x0, @empty}}}, 0x90) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f00000001c0)={0x2, &(0x7f0000000040)=[{0x50, 0x0, 0x0, 0x806a}, {0x6, 0xfc, 0x0, 0x4}]}, 0x10) write$binfmt_aout(r0, &(0x7f0000000000)=ANY=[], 0xfdef) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/netlink\x00') preadv(r5, &(0x7f0000001400)=[{&(0x7f00000002c0)=""/128, 0x80}], 0x1, 0xc002a0, 0x101) 636.784643ms ago: executing program 0 (id=1070): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @mcast1}, 0x1c) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x2}]}], {0x14}}, 0x98}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000240)='mmap_lock_acquire_returned\x00', r2}, 0x18) munlockall() openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0xfffffffffffffdb2, r5, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x28}, 0x1, 0x0, 0x0, 0x48019}, 0x20000000) 633.266053ms ago: executing program 1 (id=1071): r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mknod(&(0x7f0000000100)='./bus\x00', 0x0, 0x0) r1 = syz_io_uring_setup(0x39, &(0x7f0000001800)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=0x0, &(0x7f0000001880)=0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000780)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0, 0x10042}) io_uring_enter(r1, 0x92, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000)='jffs2\x00', 0x400080, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWFLOWTABLE={0x20, 0x16, 0xa, 0x801, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWCHAIN={0x98, 0x3, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x8}, [@NFTA_CHAIN_HOOK={0x20, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x23c055d2}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth1\x00'}]}, @NFTA_CHAIN_POLICY={0x8}, @NFTA_CHAIN_COUNTERS={0x4c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x918}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0xf7f}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x6}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x80000001}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0xfffffffffffffffe}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x4}]}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x1}, @NFTA_CHAIN_FLAGS={0x8}]}, @NFT_MSG_DELSETELEM={0x20, 0xe, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELTABLE={0x26c, 0x2, 0xa, 0x5, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_USERDATA={0xe, 0x6, "5b96d7a3b16ccc1fa690"}, @NFTA_TABLE_USERDATA={0xf6, 0x6, "f2578afeefb3eaf3eca61da428d8854f6ddcbb2422ff1099be8d35cba0603dc6a8d37f565c6f6ac0da9f47ed4d779893686bc6510158d20f26a455b3e374fad3979b3c2c28b0875195e6bcdad0d1850ff80b8ea382dd7035d59ffa02f14770e306ad02083558f57b1787791e61125f8d8948829245bb309a60aad3f46f3db95a14d38f72d25eb1a9f18551b2f711afc163efffe95d11d4a66247fa3404f108c3f86f5c301f416b8d71cfbcf52e16bb352c9166b3a111d3d4b858972aa3e4ce53dfa7ff18e24c7168deab53dc50ae2c462a9b5348ff35519e4b055dc5200fe900da5fefe5dab50b3c945e1660a249bc7fd3c9"}, @NFTA_TABLE_USERDATA={0x8b, 0x6, "0904621cdaafc4b55ad1494f6aba9ab71aa150c51cc98b041c3fe956fba90c8641182929f3eb03216ca18f3c7c6d55e1ed5c6cfb42041dc5a81bfd58644e7665b2c1fdb383023b5ecc960b3187fa186f30db7b59358e81519df27490fe3c312f82ba86431ac437ab6e20533f0a82265fcff0cbdfda3693877323addaa3ca8969c9bd7bebc7cf0b"}, @NFTA_TABLE_USERDATA={0x44, 0x6, "a8c0d104aebdd0defddc883f434a247f002384e4dd5f06b32d84161119af9256a7c5679d6a93fcf151593c4f4bb836ae7e5a6866c90ed894bef48a5a93e047f4"}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_USERDATA={0x67, 0x6, "a47c60faff2c07fd38c48ad16f445eb3ac58409ed59aa8dc27fb6bf61d593ca09fed78fcf0a260cd13694fb58724a3854bf6f7df0eb39198ebe7dd34f49506bf706bcd87cc88b3707b76180042708bc3de743d1a9650ff7b7d9c8dc49224b0895a6fee"}]}, @NFT_MSG_DELCHAIN={0xe8, 0x5, 0xa, 0x201, 0x0, 0x0, {0x3, 0x0, 0x2}, [@NFTA_CHAIN_USERDATA={0xb0, 0xc, "7e03d8512e8a1a1e9ad6a5139e80d9db9be1287bf228d74c27e25fc86a3213679243534fa441b3959b902b1ca1df6607c9801d4464a428b1b70bf2845a37767029040ce50bbb4c1585e723b7a4769918b468f4d17614e7df5eb4afe416ab3913ba94f61fc72c46bf698fb103e0f7ff5b4485a3adb2c506d386c7db6e661e07771d9f4e10e2553fd0a519ec5c5111296aefeeba70e4fe83f52e570caeee6bec38ade7e343eac1faa78c4490dd"}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x2}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELCHAIN={0x20, 0x5, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_CHAIN_TYPE={0xa, 0x7, 'route\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x38, 0x18, 0xa, 0x201, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x3, 0x0, 0x0, {0x5, 0x0, 0x8}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x4c0}}, 0x14b6deac033214c2) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_COMPAT_GET(r6, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0xb, 0x301, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_COMPAT_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000006c0)={0x2, @vbi={0xf8, 0xbc20, 0x0, 0x32314d59, [0x8, 0x3], [0x5, 0x4], 0x13a}}) 629.965234ms ago: executing program 2 (id=1072): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_MEMORY_ATTRIBUTES(r0, 0x4020aed2, &(0x7f0000000040)={0x4, 0x200000, 0x8}) set_mempolicy(0x2002, &(0x7f0000000000)=0x9, 0x9) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) 625.592832ms ago: executing program 0 (id=1073): syz_init_net_socket$netrom(0x6, 0x5, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000001800090000000000000000001c140000fe0000010000000014000f00"], 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x0) ioctl$F2FS_IOC_COMPRESS_FILE(r0, 0xf518, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x2040, 0x0) r2 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) fcntl$setlease(r1, 0x400, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_CREATE(r5, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000040)=""/3, 0x3, 0x0, 0x4, 0x9, 0x4, 0xc08}}, 0x120) readv(r5, &(0x7f0000000180)=[{&(0x7f0000000080)=""/155, 0x9b}], 0x1) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f00000002c0)={0x5, 0x5}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000700)={'syztnl0\x00', &(0x7f0000000540)={'syztnl2\x00', 0x0, 0x29, 0x4, 0x14, 0x6, 0x18, @remote, @private2={0xfc, 0x2, '\x00', 0x1}, 0x80, 0x8000, 0x3, 0xf}}) sendmmsg(r2, &(0x7f0000001700)=[{{&(0x7f0000000340)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000480)="272416f6bbc5e4c867e92c23a009eb3ec7c5776029dea9db4113fbbe4c2794f5123a12878509f786a9aa42aca20e3f211a0a0662e80e232942f15cd31599ee32fb899037832d5921df479e108ac7b91de08fe5bf7df05dc37399dd26ba27a60d9d652040291f426a009e2bad7cffda2db536bd6ceda859b732840f015b0afc512f170d", 0x83}, {&(0x7f0000000600)="afed70e983f4830d7e5ae29cd41598ef19720e3135d0c9c0e32917c448183b4bd135263107c5f502f37b13006e8bee96d63003411b48355159eabef13197044d4f1600f9bd7f1342eb6f099948ba0e2c1f3141e0111f71072efa703a57de4a37cab8c39558f1ead74a2925b867fbf979efa17fd5eac6d782d267f4b4d7bf0129dd5108d219c0e505428c54fe6bb9b1c9504cc90904d5fba695401826ac0e7b2c7e2386d3d68c00cced653d73219313263ba98ad35bc82c7b8327077169387473d2", 0xc1}, {&(0x7f00000003c0)="24c43a9d962f1158ea49", 0xa}], 0x3}}, {{&(0x7f0000000740)=@xdp={0x2c, 0x9, r6, 0x2}, 0x80, &(0x7f0000000f80)=[{&(0x7f0000000c80)="acef1a37f6e65d0fbcd14ab3c80c818b578f1add62c1d8cc82e1663044997b3a49bc64138da79cef1d7175aa1f80d506d6f1063fa6e3f7ddc8eb37a43bd745a9d4f56192f638b0ddfb2973a648d298d0f3e410c5957131247796f6f5a6fbafe3ce558fcafd6014dba2aeb9ec92be9d863171fd27ce651cca2d546fd8685f9200fe83e05488f9cf0e8da08093730f0372", 0x90}, {&(0x7f0000000d40)="d13b22b01c5a3521be54284fa50e430db45fead1e1cd81ef12bf854e9c7982957ffa9ae3ae5f8f3c5ec19c619eeac8117181d63f16930528b727e40e97aeff017f6c9d531f464259d7f74c644ca7dc2d8d1d8cd662fd630fd973b75c54c3e43140f2c73225813e476ca8d7f55ac1e07d494ca6be4d29e78868dafbe26f3805a74cbb06e8b81ab9237acbd6adb84d077c8bc6e6b55cd9003c49cc18ae1329622f7244c37865af009b8c6e67981151a8272d70ada9eddfbb674ba5aa623440aa2664d41280e52f541332977a6a9c1d42fa10bf53f144676305008feeb6be0f", 0xde}, {&(0x7f0000000e40)="aa0e7f86e3d0a82a26e99ce8befc29c0bc265707a1787e9490cf5b8c7aee24602a72bfa690600875484ace059c09e0e7a454e295229dc175bcbfe1006f5e8fd6be64c0cd8863c208396c94c9c9f7a51b52d026e37b4df579d1e23075c426729c44dc9e6b92172c2f28911c820a81374b8990618ebcdc726b30e195c392f453eb3b5e506c14485e1ec7e652350d01cbd16554ff2d6ccec5d045c2b8c6e588b810dcc02b8453c6036715889bbd487580e8ccc5b23cdff627dea7945030c4fadc6a509e1c5f4ed1e40fe5a3ec3582f6bb18", 0xd0}, {&(0x7f0000000f40)="119f7e4452419f0937249a56a13e40d7b6489360a5c0273a0e245ae11c", 0x1d}], 0x4, &(0x7f00000017c0)=ANY=[@ANYBLOB="30000000000000000d010000010100005dd1981f7426cd944a990a28007a7300147846fe9cf8587ac8aafcef73dac53b80000000000000000000000002000000d6792f81db801a98db50bacf04075147e01ac2e9accf7659d5795a2b189367716ba2af56fe298c37d340637b414f54c6d7f3c63ac61e73806f9b5438eb255dd964e32ff8a57bfa9514eb2c0b12ab9f3e2c034811e853726d39adbcc3dd9ac6938087a4079fa9f2d60c401eed0000000080000000000000000a010000b500000049035ebca82d866da760a38ff7fa39e61bd6bf897b7d2a4b231f4abc49f5ed861fe4f87f39ce1e2b0ce1f70df187faf6270119c35eab58c742f8af1ab336ade0b1d49f4fe6eaec2936f9ca17a2e3a347fd8d009dd1fc3aa1a3967214cba79d2333e93bf5d9f4d3b2ecd253c900000000280000000000000010010000060000006063481d5262a9e645d8f1acae9d93e5e92f420e411c000038000000000000000100000002000000c264ce0ab9daa840542d18c07f0fe3369ecbb27d3805e4bc8fc94a19e0be3118225627290000000048000000000000000f01000008000000246c763e63bfb2c26487da9ad7773cccb780b62c35f15e1d1c06a56d54ba7c8c1487f3ea0d31a052f2d0f7c64fcfcf5a8553560000000000d8000000000000000c0100000a00000082b00c948a38de4bc25cbed397922d7facb122ff699d1c25ca02933e16858668d6b6aba6bb68a52accf4947e7ee7ada1d4f1a4fe00c0d073eb60ddc35847931561217c723e197706b1e6859c02dfdf416e15b730afe2fddf53cfb2bf637281e1c7a13811c33d61dee895b47362d570c9321db89c67021d964ea61313865fe643ca5972fc044f7ea0491dc265f4f6024b2ce2e52788397933db72a232ec5504e9773b00e5e99edd2e14bcc48c864e5577f917bf75b8d174a97025418d27e8bf40ae527bb22d7f27a3479e90207478bf152cc7b2671198de7ec20950d07b9d196991b850"], 0x2b0}}, {{&(0x7f0000001300)=@phonet={0x23, 0x20, 0xc, 0x2}, 0x80, &(0x7f0000001680)=[{&(0x7f0000001380)="ec8da56572399d379f80be0f8a819465cfd404cf1b4c216829cd40aafbe7edecc4c22824d7f42c22ae3b57fa550ad204d36c7dff1911e1d03e4232e7656ad20efc644dcc14ca45fc285302b1927a8155ead2bfb1b6131f6602b82ba4717e6eb7377f8764d7139512b3cf9866811abd3f20", 0x71}, {&(0x7f0000001400)="2fa932acf1e5053e9bea9b9c24d70f868cd64d0999db39310a5d44cc8434e3881e28de823a9347cdef02003be3a849fa2a88d6a00a3b8778a9a176b1393ffcff98537fcba217c995523117cf0f5d820491d5be15ea2f7956a2bb7375a1887f11f2fabb59e7bf708a4b51eeea72618a253d52330d85141ce134a2c5b3dffa4bd18a4d0ce3ca38c747f2e562971c59826ff29b6ba9b27a3082d2c439abd5bb975f3f1b7af164b8413d1e6eb8333081523cd4ff09b03274e721682cff1043ecebdac1b5c300be65947a2d7a764842362c30c17d98bc6a16b96eb31dea883b3255abe931d1ea6a", 0xe5}, {&(0x7f0000001500)="3ea601743ff7045f03a9e3172c5288fafff6d1c53dac017d686d8afd294ba961e8312652c959660ca78c670543841285ea4d0d9a06c2f334508e6a8c201f62a208c108eb88ecd90d5412bd5c002241e8a2e0a7ff3ba478bce68a6599f851ce9ddacb1de8f052b703b07ed91bcd81f60b0367e9487ef15a615861877e785db0", 0x7f}, {&(0x7f0000001580)="f38439dfea5efa87af2fbcbd3039bc680a8a52757f2174e3654693e4fa5fac8d14c2b72e78eb1aa80f72d8c03a1274d4ca891f56d3b54a653e9d95087f1af90dc41e9474", 0x44}, {&(0x7f0000001600)="fbe00678b30db837352d2deb02f5fcacfa4196d81a3327cfbaa8b13dc2148f005fa70b1b57b9e6f7dc668cbc700dc6a8bfb2c44b090d24849c8ed616e097c8e58669706b298d9800d20bd04944c61fac25110de46dfc83e2ece3968766d0d972949038388045ff6cba36fabe4758801e895ca6", 0x73}], 0x5}}], 0x3, 0x50) r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r7, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='netlink_extack\x00', r8}, 0x10) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) ioctl$KVM_CAP_DISABLE_QUIRKS(r10, 0x4068aea3, &(0x7f0000000100)={0x74, 0x0, 0x14}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0) r12 = socket(0x10, 0x803, 0x0) r13 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r12, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r14, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r12, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=@newtfilter={0x44c, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r14, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x420, 0x2, [@TCA_U32_POLICE={0x414, 0x6, [@TCA_POLICE_RATE64={0xc, 0x8, 0xff}, @TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x4, 0x5, 0x1, 0x5, 0x2, 0xfffffffb, 0x3, 0x8001, 0x7, 0x1e9, 0xc, 0x5, 0xfb, 0x93, 0x0, 0x3, 0x2, 0x10001, 0x8, 0x7f7, 0x9, 0x4, 0xffffffff, 0x400, 0x8, 0x2, 0x3, 0x7, 0x7, 0x1, 0x6, 0x0, 0x3ff, 0xc90c, 0xe21, 0xffffff7f, 0x9, 0xc, 0x2e, 0x5, 0x4, 0x5, 0x7, 0xe, 0x5, 0x2, 0x2, 0x3d, 0x525, 0x5, 0x7, 0x6, 0x35, 0x6d, 0x9, 0x5, 0x9, 0x6, 0x7, 0x0, 0x6, 0x3, 0x0, 0xfb5f, 0x401, 0x8, 0x9, 0x7ff, 0x10, 0x4, 0xa, 0x9, 0x3ff, 0x19, 0x7, 0x548e, 0x8000, 0x4, 0x7, 0x0, 0x801, 0xafca, 0x4, 0x6, 0x9, 0x6fd, 0x5b, 0x3, 0x7, 0x7f, 0x3ff, 0x2, 0x10000, 0x7, 0x4, 0x6, 0xfffffffc, 0x7fff, 0x1, 0xb, 0x2, 0x400, 0x1, 0xcb6, 0x9, 0x400, 0x7f, 0x4, 0x9, 0x2, 0x3, 0x80, 0x3, 0x1000, 0x5, 0x3, 0x4c4, 0x3, 0x7, 0x80000001, 0x10, 0x100, 0x4, 0xaa66, 0x3, 0x0, 0xa22, 0x414, 0x9, 0x40, 0x7, 0x11, 0x0, 0x4, 0x7, 0x8, 0xfffffffb, 0x4000003, 0x7, 0x80000000, 0x65, 0xff, 0x4, 0x7d84bb34, 0x2fab, 0x8, 0x4, 0x411e, 0xcf4, 0xfffffff9, 0x2, 0x7, 0x9b3c, 0x3, 0x6ca, 0x88, 0x9, 0x80000001, 0x6, 0x4f48, 0x80000000, 0x3, 0x1, 0x5, 0x6, 0x0, 0x1, 0x200, 0x5, 0x100, 0x2, 0x0, 0x7ff, 0x8, 0x9517, 0xfffffff1, 0x8, 0x401, 0x1, 0x80, 0x6, 0xfff, 0x5, 0x9, 0x7833, 0x605e, 0x8000, 0xc1ef, 0x0, 0x80000000, 0x100, 0x9, 0x0, 0xc753, 0x1, 0xd834, 0x0, 0x2, 0xc21c, 0x8, 0xfbe, 0x1, 0x100, 0x0, 0x9, 0x4, 0xf4, 0x6, 0xcc7, 0x8, 0x2, 0x1, 0x8, 0x3ff, 0x5, 0x1ea8feb0, 0x9, 0x8, 0x5, 0x0, 0x8, 0xd, 0x400, 0x8, 0x78, 0x3, 0x1ff, 0x3ff, 0x19, 0x8, 0x6, 0x7f, 0xffffffff, 0x101, 0x9, 0x10, 0x5, 0xffff, 0x6, 0x120d, 0xd2, 0x7, 0x4, 0x3, 0x80, 0x2, 0x9, 0xfffffff7, 0x9, 0x8, 0xc9, 0xe, 0x2f, 0x6, 0xfffeffff]}]}, @TCA_U32_LINK={0x8, 0x3, 0x80000000}]}}]}, 0x44c}, 0x1, 0x0, 0x0, 0x40}, 0x24040084) ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xc2c, 0x5, 0x7], 0x0, 0x8ab46}) 539.097069ms ago: executing program 2 (id=1074): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"}) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0) write$nbd(r2, &(0x7f00000003c0)=ANY=[], 0x40) write$cgroup_int(r1, &(0x7f0000000200)=0x1, 0x12) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, 0x0, &(0x7f0000000140)='GPL\x00'}, 0x94) mkdir(&(0x7f0000000000)='./cgroup/../file0/file0\x00', 0x0) fchmodat(r1, &(0x7f00000000c0)='./cgroup/../file0\x00', 0x9c) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r3, 0x0, 0x0}, 0x20) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r5, &(0x7f0000000100)=0x1, 0x12) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000730130000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x94) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000180)={r1, 0x20, &(0x7f0000000080)={&(0x7f0000000400)=""/149, 0x95, 0x0, &(0x7f00000004c0)=""/4096, 0x1000}}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x12, 0x6, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085100000010000009500000000000010bfa000000000000095"], &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x13}, 0x94) 537.859244ms ago: executing program 1 (id=1075): r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c00000010000104000000000000000000000200", @ANYRES32=0x0, @ANYBLOB="00000000000000000500210000000000140003007465616d30"], 0x3c}, 0x1, 0x0, 0x0, 0x400c801}, 0x0) r2 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) close(r2) r3 = openat$binfmt(0xffffffffffffff9c, r0, 0x2, 0x0) write(r3, &(0x7f0000000180)="01", 0x1) close(r3) execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0) 537.130204ms ago: executing program 2 (id=1076): r0 = socket$netlink(0x10, 0x3, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/keycreate\x00', 0x2, 0x0) write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', 0x0}) sendmsg$ETHTOOL_MSG_PAUSE_SET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7001ffdbdf25160000000c00018008000100", @ANYRES32=r6, @ANYBLOB="05000200000000000500040000000000"], 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) r8 = socket$netlink(0x10, 0x3, 0x6) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) r12 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000340), r8) r13 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r14 = dup(r13) getsockname$packet(r14, 0x0, &(0x7f00000001c0)) sendmsg$L2TP_CMD_TUNNEL_GET(r9, &(0x7f00000004c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, r12, 0x2, 0x70bd26, 0x25dfdbfb, {}, [@L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x1}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e22}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x7}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'batadv0\x00'}, @L2TP_ATTR_FD={0x8, 0x17, @l2tp=r14}]}, 0x48}}, 0x4000) sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)={0x28, r10, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x7}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x10) sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x54, r7, 0x800, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x1e, 0x13, [{0x16}, {0x6c, 0x1}, {0x0, 0x1}, {0x36}, {0x1}, {0x5, 0x1}, {0x16}, {0x12, 0x1}, {0x3, 0x1}, {0x6, 0x1}, {0x6}, {0x48}, {0x6}, {0x30, 0x1}, {0x12, 0x1}, {0x6, 0x1}, {0x6}, {0x4}, {0x24, 0x1}, {0x6c}, {0x12}, {0xc, 0x1}, {0x6, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x9, 0x1}]}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x101}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000010}, 0x0) r15 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r15, 0x84, 0x64, &(0x7f0000000300)=[@in={0x2, 0x4e24, @empty}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x30}}], 0x20) sendmsg$nl_route_sched(r0, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f00000000c0)=@newtaction={0x9c, 0x30, 0x9, 0x0, 0x0, {}, [{0x88, 0x1, [@m_bpf={0x84, 0x1, 0x0, 0x0, {{0x8}, {0x5c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS={0x4}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {0x35, 0x0, 0x5}, {0x0, 0x0, 0xfe}, {0x0, 0x0, 0x82}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x4}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x0, 0x100, 0x0, 0x3, 0x8}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x9c}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r1) r16 = getpid() syz_pidfd_open(r16, 0x0) syz_open_procfs(r16, &(0x7f0000000540)='net/fib_trie\x00') 530.293238ms ago: executing program 1 (id=1077): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000002740)=ANY=[@ANYBLOB="140000001300015b993dde440113e90006"], 0x14}], 0x1}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x48, 0x24, 0x200, 0x0, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {}, {0x4, 0xffff}, {0xfff3, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x1ff}, @TCA_CAKE_AUTORATE={0x8, 0x9, 0x1}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0xc4014}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000) 410.477186ms ago: executing program 1 (id=1078): rseq(&(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4, 0xfffffffffffffffa, 0x7}, 0x4}, 0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xf, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x4, 0x2, 0x1, 0x4}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r4], 0xfd45}}, 0x0) r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000140)=0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x48802, 0x0) r7 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r7, 0x0, &(0x7f00000000c0)=0x0) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r10) sendmsg$NFC_CMD_DEV_UP(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r8], 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004) write$nci(r7, &(0x7f0000000140)=ANY=[@ANYBLOB="410101", @ANYRES32=r8], 0x4) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000180)=0x0) sendmsg$NFC_CMD_DEV_DOWN(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="10002abd7000fedbdf250300000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r6, @ANYBLOB="08000110", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r12, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) r13 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000540), r0) sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="01ef35b516000000df252500000005002a000600000005002b00000016000a0001007770616e30000000"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x40000) openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) r14 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='rss_stat\x00', r14}, 0x10) madvise(&(0x7f00003c0000/0x1000)=nil, 0x1000, 0x19) 410.07288ms ago: executing program 2 (id=1079): r0 = socket$nl_route(0x10, 0x3, 0x0) (async) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010004b0400000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b0001006272696467650000100002800c00210080000000c8"], 0x40}, 0x1, 0x0, 0x0, 0x34041043}, 0x0) (async) r1 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0) ioctl$VIDIOC_S_SELECTION(r1, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4, 0x86c}}) (async) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840) 408.235808ms ago: executing program 2 (id=1080): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @empty, @val={@void}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x73, 0x0, @private, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="58000000020605000000000000000000000000001400078005001400090000000800124008001f000500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x58}}, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) (async) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='timers\x00') mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x3, 0x100010, r1, 0x18209000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000001840), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r2, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f00000000c0)={0xb4, r3, 0x1, 0x80, 0x0, {}, [{@nsim={{}, {0x0, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x83, 0xff}}, {@nsim={{}, {0x0, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}]}, 0xb4}, 0x1, 0x0, 0x0, 0x81}, 0x0) (async) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r2, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f00000000c0)={0xb4, r3, 0x1, 0x80, 0x0, {}, [{@nsim={{}, {0x0, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x83, 0xff}}, {@nsim={{}, {0x0, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}]}, 0xb4}, 0x1, 0x0, 0x0, 0x81}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) socket$inet(0x2, 0x6, 0x3) syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) (async) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_GET(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000001c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010026bd70000000e6ff24000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2008040}, 0x880) (async) sendmsg$ETHTOOL_MSG_PAUSE_GET(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000001c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010026bd70000000e6ff24000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2008040}, 0x880) read$FUSE(r1, &(0x7f0000000540)={0x2020}, 0x2020) (async) read$FUSE(r1, &(0x7f0000000540)={0x2020}, 0x2020) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) 279.083192ms ago: executing program 0 (id=1081): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_clone3(&(0x7f0000001240)={0x2d000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001200)=[0x0], 0x1}, 0x58) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) close(r0) ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x24}}) ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f0000000000)={{&(0x7f0000bdc000/0x2000)=nil, 0x2000}, 0x1}) 278.871161ms ago: executing program 0 (id=1082): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000000)=@abs={0x80ceb6a4a6505015, 0x0, 0x20000}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) (async) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async) sync() 0s ago: executing program 3 (id=1083): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x840, 0x0) r1 = socket(0x23, 0x80805, 0x0) r2 = dup3(r0, r1, 0x0) ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x6, &(0x7f0000000080)=[{0xc, 0x9, 0x6}, {0x400, 0x100, 0x200}, {0x80000001, 0x1ff, 0x9}, {0x8, 0x7}, {0x4, 0x2, 0x7}, {0x2616489f, 0x7, 0x3}, {0x9, 0x1, 0x9}, {0x4, 0x6b71, 0xfffffffffffffff9}], 0x8, 0x570, 0x1e, 0x24, 0x36, 0x45}) listen(r1, 0x0) accept$ax25(r1, 0x0, 0x0) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f00000002c0)={0x48, 0xc, 0x0, 0x0, 0x0, 0x5fffffffe}) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, 0x0}) socket$nl_route(0x10, 0x3, 0x0) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x2, r3, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xf24}) 0s ago: executing program 3 (id=1084): r0 = socket$nl_route(0x10, 0x3, 0x0) (async) r1 = socket$nl_route(0x10, 0x3, 0x0) (async) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000540)={@mcast1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046, r3}) (async) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', 0x0}) r6 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_inet6_SIOCADDRT(r6, 0x890b, &(0x7f0000000540)={@empty, @rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, r5}) (async, rerun: 64) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001900010000000000000000000a00"], 0x1c}}, 0x0) (async, rerun: 64) r7 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_j1939(r7, &(0x7f0000000340)={0x1d, r8, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) (async) setsockopt$sock_int(r7, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) (async) sendmsg$inet(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000400)="81b641f1f3843704b6", 0x9}], 0x1}, 0x48005) (async) r9 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r7, &(0x7f0000000140)={0x1d, r10, 0x2, {0x0, 0xf0, 0x1}}, 0x18) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f000000c300)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r10, {0xfffd, 0x10}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x840) kernel console output (not intermixed with test programs): v0: Not using interface batadv_slave_1 (retrying later): interface not active [ 370.229148][ T5996] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 370.231335][ T5996] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 370.239225][ T5996] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 370.263982][ T5996] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 370.266205][ T5996] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 370.274068][ T5996] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 370.353695][ T5991] hsr_slave_0: entered promiscuous mode [ 370.356055][ T5991] hsr_slave_1: entered promiscuous mode [ 370.358100][ T5991] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 370.360627][ T5991] Cannot create hsr debugfs directory [ 370.366633][ T5987] hsr_slave_0: entered promiscuous mode [ 370.369301][ T5987] hsr_slave_1: entered promiscuous mode [ 370.371815][ T5987] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 370.374446][ T5987] Cannot create hsr debugfs directory [ 370.442488][ T5996] hsr_slave_0: entered promiscuous mode [ 370.444690][ T5996] hsr_slave_1: entered promiscuous mode [ 370.447019][ T5996] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 370.449449][ T5996] Cannot create hsr debugfs directory [ 370.709324][ T5984] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 370.715998][ T5984] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 370.722999][ T5984] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 370.729032][ T5984] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 370.776447][ T5987] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 370.781159][ T5987] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 370.785951][ T5987] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 370.790255][ T5987] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 370.835494][ T5991] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 370.864475][ T5991] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 370.869348][ T5991] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 370.873699][ T5991] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 370.928627][ T5996] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 370.935864][ T5996] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 370.948573][ T5996] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 370.953001][ T5996] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 370.964876][ T5984] 8021q: adding VLAN 0 to HW filter on device bond0 [ 370.984007][ T5984] 8021q: adding VLAN 0 to HW filter on device team0 [ 370.996130][ T63] Bluetooth: hci2: command tx timeout [ 370.996134][ T5995] Bluetooth: hci1: command tx timeout [ 370.996344][ T5992] Bluetooth: hci0: command tx timeout [ 371.011384][ T6008] bridge0: port 1(bridge_slave_0) entered blocking state [ 371.013819][ T6008] bridge0: port 1(bridge_slave_0) entered forwarding state [ 371.027864][ T6008] bridge0: port 2(bridge_slave_1) entered blocking state [ 371.030857][ T6008] bridge0: port 2(bridge_slave_1) entered forwarding state [ 371.048465][ T5987] 8021q: adding VLAN 0 to HW filter on device bond0 [ 371.075246][ T5992] Bluetooth: hci3: command tx timeout [ 371.092323][ T5987] 8021q: adding VLAN 0 to HW filter on device team0 [ 371.117426][ T5991] 8021q: adding VLAN 0 to HW filter on device bond0 [ 371.124756][ T6008] bridge0: port 1(bridge_slave_0) entered blocking state [ 371.127251][ T6008] bridge0: port 1(bridge_slave_0) entered forwarding state [ 371.132337][ T6008] bridge0: port 2(bridge_slave_1) entered blocking state [ 371.135038][ T6008] bridge0: port 2(bridge_slave_1) entered forwarding state [ 371.159432][ T5991] 8021q: adding VLAN 0 to HW filter on device team0 [ 371.174095][ T6028] bridge0: port 1(bridge_slave_0) entered blocking state [ 371.176349][ T6028] bridge0: port 1(bridge_slave_0) entered forwarding state [ 371.176851][ T40] audit: type=1400 audit(1751440099.583:89): avc: denied { sys_module } for pid=5984 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 371.190935][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 371.193939][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 371.211443][ T5996] 8021q: adding VLAN 0 to HW filter on device bond0 [ 371.236916][ T5996] 8021q: adding VLAN 0 to HW filter on device team0 [ 371.256316][ T6008] bridge0: port 1(bridge_slave_0) entered blocking state [ 371.258570][ T6008] bridge0: port 1(bridge_slave_0) entered forwarding state [ 371.266282][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 371.269380][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 371.298073][ T5984] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 371.330671][ T5987] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 371.349503][ T5984] veth0_vlan: entered promiscuous mode [ 371.358914][ T5984] veth1_vlan: entered promiscuous mode [ 371.377978][ T5987] veth0_vlan: entered promiscuous mode [ 371.384670][ T5991] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 371.392166][ T5987] veth1_vlan: entered promiscuous mode [ 371.414243][ T5984] veth0_macvtap: entered promiscuous mode [ 371.428761][ T5984] veth1_macvtap: entered promiscuous mode [ 371.446757][ T5987] veth0_macvtap: entered promiscuous mode [ 371.456750][ T5984] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 371.460361][ T5987] veth1_macvtap: entered promiscuous mode [ 371.474936][ T5996] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 371.481897][ T5984] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 371.484315][ T5991] veth0_vlan: entered promiscuous mode [ 371.493222][ T5984] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.496585][ T5984] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.499515][ T5984] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.502238][ T5984] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.508915][ T5987] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 371.517569][ T5991] veth1_vlan: entered promiscuous mode [ 371.520896][ T5987] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 371.526837][ T5987] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.530319][ T5987] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.533199][ T5987] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.536249][ T5987] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.592405][ T5991] veth0_macvtap: entered promiscuous mode [ 371.605313][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.605636][ T5991] veth1_macvtap: entered promiscuous mode [ 371.608023][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 371.611713][ T5996] veth0_vlan: entered promiscuous mode [ 371.645105][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.647616][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 371.648688][ T5991] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 371.653004][ T5996] veth1_vlan: entered promiscuous mode [ 371.658456][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.660923][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 371.666069][ T5991] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 371.677338][ T5991] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.680182][ T5991] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.683247][ T5991] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.686705][ T5991] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.696798][ T5984] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 371.711434][ T5996] veth0_macvtap: entered promiscuous mode [ 371.711586][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.716356][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 371.724014][ T5996] veth1_macvtap: entered promiscuous mode [ 371.737920][ T5996] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 371.751143][ T5996] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 371.764248][ T6062] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.765958][ T5996] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.769022][ T6062] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 371.770792][ T5996] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.776131][ T5996] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.778847][ T5996] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.805478][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.808227][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 371.844616][ T6089] 8021q: adding VLAN 0 to HW filter on device bond1 [ 371.852409][ T6062] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.855338][ T6062] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 371.884999][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.888288][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 372.234770][ T6127] netlink: 12 bytes leftover after parsing attributes in process `syz.3.15'. [ 372.243056][ T6129] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20004 [ 372.245989][ T6129] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 372.286560][ T6135] openvswitch: netlink: VXLAN extension message has 1 unknown bytes. [ 372.361887][ T6146] Cannot find set identified by id 0 to match [ 372.364961][ T6147] netlink: 8 bytes leftover after parsing attributes in process `syz.2.22'. [ 372.369104][ T6147] netlink: 12 bytes leftover after parsing attributes in process `syz.2.22'. [ 372.375580][ T6147] netlink: 8 bytes leftover after parsing attributes in process `syz.2.22'. [ 372.378950][ T6147] netlink: 12 bytes leftover after parsing attributes in process `syz.2.22'. [ 372.382659][ T6147] netlink: 8 bytes leftover after parsing attributes in process `syz.2.22'. [ 372.386143][ T6147] netlink: 12 bytes leftover after parsing attributes in process `syz.2.22'. [ 372.415024][ T6151] netlink: 188 bytes leftover after parsing attributes in process `syz.2.23'. [ 372.512652][ T6160] dvmrp1: entered allmulticast mode [ 372.569245][ T6169] dvmrp1: left allmulticast mode [ 372.600589][ T6171] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1025 sclass=netlink_route_socket pid=6171 comm=syz.0.30 [ 372.748920][ T6178] netlink: 20 bytes leftover after parsing attributes in process `syz.0.33'. [ 372.751776][ T6178] netlink: 4 bytes leftover after parsing attributes in process `syz.0.33'. [ 373.075670][ T5992] Bluetooth: hci1: command tx timeout [ 373.077528][ T5992] Bluetooth: hci2: command tx timeout [ 373.077617][ T63] Bluetooth: hci0: command tx timeout [ 373.155505][ T63] Bluetooth: hci3: command tx timeout [ 373.188268][ T6189] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 373.427394][ T6200] capability: warning: `syz.1.41' uses deprecated v2 capabilities in a way that may be insecure [ 373.468606][ T6202] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 373.605491][ T6207] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 373.745360][ T5960] IPVS: starting estimator thread 0... [ 373.747255][ T40] kauditd_printk_skb: 132 callbacks suppressed [ 373.747264][ T40] audit: type=1400 audit(1751440102.153:222): avc: denied { create } for pid=6217 comm="syz.3.48" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 373.800111][ T40] audit: type=1400 audit(1751440102.203:223): avc: denied { setopt } for pid=6217 comm="syz.3.48" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 373.855370][ T6219] IPVS: using max 44 ests per chain, 105600 per kthread [ 373.889026][ T40] audit: type=1400 audit(1751440102.293:224): avc: denied { read write } for pid=6225 comm="syz.0.50" name="event3" dev="devtmpfs" ino=1298 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 373.896638][ T40] audit: type=1400 audit(1751440102.293:225): avc: denied { open } for pid=6225 comm="syz.0.50" path="/dev/input/event3" dev="devtmpfs" ino=1298 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 373.956221][ T6030] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 373.982358][ T6231] Zero length message leads to an empty skb [ 374.010472][ T40] audit: type=1400 audit(1751440102.413:226): avc: denied { ioctl } for pid=6232 comm="syz.0.52" path="socket:[8888]" dev="sockfs" ino=8888 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 374.013302][ T6235] Option '_n'tr1ZQ3-ֵkXv~' to dns_resolver key: bad/missing value [ 374.021530][ T40] audit: type=1400 audit(1751440102.413:227): avc: denied { setopt } for pid=6232 comm="syz.0.52" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 374.029711][ C0] vcan0: j1939_tp_rxtimer: 0xffff888045023000: rx timeout, send abort [ 374.031062][ T40] audit: type=1400 audit(1751440102.413:228): avc: denied { read } for pid=6232 comm="syz.0.52" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 374.033661][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888045023000: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session. [ 374.041546][ T40] audit: type=1400 audit(1751440102.443:229): avc: denied { read } for pid=5325 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 374.053685][ T40] audit: type=1400 audit(1751440102.443:230): avc: denied { search } for pid=5325 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 374.062684][ T40] audit: type=1400 audit(1751440102.443:231): avc: denied { search } for pid=5325 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 374.126198][ T6237] IPv6: Can't replace route, no match found [ 374.141870][ T6030] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 374.145340][ T6030] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 374.148308][ T6030] usb 6-1: Product: syz [ 374.149977][ T6030] usb 6-1: Manufacturer: syz [ 374.151838][ T6030] usb 6-1: SerialNumber: syz [ 374.164970][ T6030] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 374.194088][ T6076] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 374.659426][ T5960] usb 6-1: USB disconnect, device number 2 [ 375.088709][ T6297] fuse: Bad value for 'group_id' [ 375.090321][ T6297] fuse: Bad value for 'group_id' [ 375.155903][ T63] Bluetooth: hci0: command tx timeout [ 375.156027][ T5992] Bluetooth: hci2: command tx timeout [ 375.236154][ T5992] Bluetooth: hci3: command tx timeout [ 375.236458][ T6312] tmpfs: Unknown parameter 'ot~h6&sSyQsV7GM@5w vFcqU~7eC' [ 375.243333][ T6312] netlink: 'syz.2.77': attribute type 1 has an invalid length. [ 375.246788][ T6312] netlink: 'syz.2.77': attribute type 2 has an invalid length. [ 375.329013][ T6318] xt_NFQUEUE: number of total queues is 0 [ 375.342947][ T6320] syzkaller1: entered promiscuous mode [ 375.344967][ T6320] syzkaller1: entered allmulticast mode [ 375.475277][ T6076] usb 6-1: Service connection timeout for: 256 [ 375.477822][ T6076] ath9k_htc 6-1:1.0: ath9k_htc: Unable to initialize HTC services [ 375.481154][ T6076] ath9k_htc: Failed to initialize the device [ 375.483347][ T5960] usb 6-1: ath9k_htc: USB layer deinitialized [ 375.716513][ T5992] Bluetooth: hci1: command tx timeout [ 375.944255][ T6339] netlink: 'syz.0.87': attribute type 2 has an invalid length. [ 375.945260][ T3230] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 375.946784][ T6339] nbd: must specify a device to reconfigure [ 375.978300][ T6341] netlink: 'syz.0.88': attribute type 13 has an invalid length. [ 375.980902][ C2] vcan0: j1939_tp_rxtimer: 0xffff88803c11f400: rx timeout, send abort [ 375.981077][ C2] vcan0: j1939_xtp_rx_abort_one: 0xffff88803c11f400: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session. [ 375.996845][ T6341] gretap0: refused to change device tx_queue_len [ 375.999471][ T6341] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 376.022959][ T6344] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 376.054115][ T6347] netlink: 'syz.0.90': attribute type 29 has an invalid length. [ 376.061135][ T6347] netlink: 'syz.0.90': attribute type 29 has an invalid length. [ 376.067001][ T6347] warning: `syz.0.90' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 376.105427][ T3230] usb 7-1: Using ep0 maxpacket: 16 [ 376.108616][ T3230] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 376.111645][ T3230] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 255, changing to 11 [ 376.116752][ T3230] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid maxpacket 59391, setting to 1024 [ 376.120437][ T3230] usb 7-1: config 0 interface 0 has no altsetting 0 [ 376.124637][ T3230] usb 7-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 376.130773][ T3230] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 376.137580][ T3230] usb 7-1: Product: syz [ 376.140807][ T3230] usb 7-1: Manufacturer: syz [ 376.142641][ T3230] usb 7-1: SerialNumber: syz [ 376.148592][ T3230] usb 7-1: config 0 descriptor?? [ 376.151646][ T6330] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 376.307225][ T6385] xfrm1: entered allmulticast mode [ 376.359951][ T6388] overlayfs: missing 'lowerdir' [ 376.381154][ T6330] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 376.389366][ T3230] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input5 [ 376.637108][ T6428] Cannot find add_set index 0 as target [ 376.642244][ T6425] loop4: detected capacity change from 0 to 7 [ 376.647819][ T5988] Dev loop4: unable to read RDB block 7 [ 376.651150][ T5988] loop4: unable to read partition table [ 376.652874][ T6077] usb 7-1: USB disconnect, device number 2 [ 376.655854][ T5988] loop4: partition table beyond EOD, truncated [ 376.664276][ T6425] Dev loop4: unable to read RDB block 7 [ 376.666134][ T6425] loop4: unable to read partition table [ 376.667925][ T6425] loop4: partition table beyond EOD, truncated [ 376.669813][ T6425] loop_reread_partitions: partition scan of loop4 (被x ) failed (rc=-5) [ 376.885244][ T54] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 376.903618][ T6432] SELinux: Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped). [ 377.046244][ T54] usb 6-1: Using ep0 maxpacket: 8 [ 377.050922][ T54] usb 6-1: config 0 has an invalid interface number: 55 but max is 0 [ 377.054207][ T54] usb 6-1: config 0 has no interface number 0 [ 377.057717][ T54] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 377.065111][ T54] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 377.068704][ T54] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 74, changing to 10 [ 377.072710][ T54] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 377.079563][ T54] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 377.083162][ T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 377.096725][ T54] usb 6-1: config 0 descriptor?? [ 377.104181][ T54] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 377.155778][ T6330] syz.2.84 (6330) used greatest stack depth: 18344 bytes left [ 377.235881][ T5992] Bluetooth: hci0: command tx timeout [ 377.236720][ T63] Bluetooth: hci2: command tx timeout [ 377.239268][ T6454] cgroup: No subsys list or none specified [ 377.331637][ T6456] mkiss: ax0: crc mode is auto. [ 377.462646][ T6472] Bluetooth: MGMT ver 1.23 [ 377.463758][ T6471] netlink: 'syz.2.116': attribute type 1 has an invalid length. [ 377.469528][ T6471] __nla_validate_parse: 14 callbacks suppressed [ 377.469542][ T6471] netlink: 224 bytes leftover after parsing attributes in process `syz.2.116'. [ 377.490342][ C2] vcan0: j1939_tp_rxtimer: 0xffff888028476c00: rx timeout, send abort [ 377.493285][ C2] vcan0: j1939_xtp_rx_abort_one: 0xffff888028476c00: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session. [ 377.523636][ T6477] block nbd2: NBD_DISCONNECT [ 377.527210][ T6478] block nbd2: NBD_DISCONNECT [ 377.582989][ T6483] netlink: 8 bytes leftover after parsing attributes in process `syz.3.119'. [ 377.595495][ T6487] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=46 sclass=netlink_audit_socket pid=6487 comm=syz.0.121 [ 377.613918][ T6487] syzkaller1: entered promiscuous mode [ 377.615861][ T6487] syzkaller1: entered allmulticast mode [ 377.662157][ T6488] Illegal XDP return value 4294967274 on prog (id 15) dev syz_tun, expect packet loss! [ 377.706998][ T6502] ======================================================= [ 377.706998][ T6502] WARNING: The mand mount option has been deprecated and [ 377.706998][ T6502] and is ignored by this kernel. Remove the mand [ 377.706998][ T6502] option from the mount to silence this warning. [ 377.706998][ T6502] ======================================================= [ 377.717897][ T6502] overlayfs: failed to resolve './file0': -2 [ 377.741887][ T6507] xt_hashlimit: size too large, truncated to 1048576 [ 377.846789][ T6517] process 'syz.2.128' launched './file1' with NULL argv: empty string added [ 378.277912][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.280085][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.495180][ T3230] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 378.645237][ T3230] usb 7-1: Using ep0 maxpacket: 8 [ 378.648491][ T3230] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 378.651513][ T3230] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 378.654560][ T3230] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 378.657830][ T3230] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 378.661855][ T3230] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 378.665472][ T3230] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 378.807411][ T6541] netlink: 16 bytes leftover after parsing attributes in process `syz.3.135'. [ 378.872851][ T3230] usb 7-1: GET_CAPABILITIES returned 0 [ 378.874687][ T3230] usbtmc 7-1:16.0: can't read capabilities [ 379.004409][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880287dc000: rx timeout, send abort [ 379.007726][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880287dc000: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session. [ 379.083830][ T6077] usb 7-1: USB disconnect, device number 3 [ 379.207996][ T40] kauditd_printk_skb: 71 callbacks suppressed [ 379.208007][ T40] audit: type=1400 audit(1751440107.613:303): avc: denied { read } for pid=6547 comm="syz.0.137" name="file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 379.216525][ T40] audit: type=1400 audit(1751440107.613:304): avc: denied { open } for pid=6547 comm="syz.0.137" path="/28/file0/file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 379.221335][ T6550] block device autoloading is deprecated and will be removed. [ 379.232514][ T40] audit: type=1400 audit(1751440107.633:305): avc: denied { ioctl } for pid=6547 comm="syz.0.137" path="/28/file0/file0" dev="fuse" ino=64 ioctlcmd=0x932 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 379.234122][ T6550] md: md2 stopped. [ 379.287587][ T40] audit: type=1400 audit(1751440107.693:306): avc: denied { connect } for pid=6551 comm="syz.0.138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 379.293649][ T40] audit: type=1400 audit(1751440107.693:307): avc: denied { write } for pid=6551 comm="syz.0.138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 379.337827][ T40] audit: type=1400 audit(1751440107.743:308): avc: denied { create } for pid=6551 comm="syz.0.138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 379.343835][ T40] audit: type=1400 audit(1751440107.743:309): avc: denied { nlmsg_write } for pid=6551 comm="syz.0.138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 379.498193][ T9] usb 6-1: USB disconnect, device number 3 [ 379.506984][ T9] ldusb 6-1:0.55: LD USB Device #0 now disconnected [ 379.535969][ T40] audit: type=1400 audit(1751440107.933:310): avc: denied { read write } for pid=6564 comm="syz.1.139" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 379.544154][ T40] audit: type=1400 audit(1751440107.933:311): avc: denied { open } for pid=6564 comm="syz.1.139" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 379.554846][ T40] audit: type=1400 audit(1751440107.953:312): avc: denied { bind } for pid=6568 comm="syz.3.140" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 379.635175][ T6576] syz.3.142 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 379.638225][ T6583] fuse: Bad value for 'fd' [ 379.683878][ T6565] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 379.686466][ T6565] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 379.693158][ T6565] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 379.696944][ T6565] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 379.700262][ T6565] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 379.703448][ T6565] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 379.708179][ T6565] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 379.710439][ T6565] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 379.710659][ T6587] netlink: 32 bytes leftover after parsing attributes in process `syz.0.141'. [ 379.716142][ T6587] bridge0: port 2(bridge_slave_1) entered blocking state [ 379.718444][ T6587] bridge0: port 2(bridge_slave_1) entered forwarding state [ 379.722662][ T6565] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 379.728738][ T6565] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 379.730815][ T6565] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 379.740110][ T6565] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 379.799789][ T6597] netlink: 'syz.1.148': attribute type 1 has an invalid length. [ 379.818940][ T6597] netlink: 8 bytes leftover after parsing attributes in process `syz.1.148'. [ 379.838071][ T6597] veth3: entered promiscuous mode [ 379.894351][ T6606] 9p: Unknown access argument 18446744073709551615: -34 [ 380.152838][ T6615] syz.0.152: attempt to access beyond end of device [ 380.152838][ T6615] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 380.159166][ T6615] (syz.0.152,6615,2):ocfs2_get_sector:1714 ERROR: status = -5 [ 380.162354][ T6615] (syz.0.152,6615,2):ocfs2_sb_probe:753 ERROR: status = -5 [ 380.165573][ T6615] (syz.0.152,6615,2):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 380.169187][ T6615] (syz.0.152,6615,2):ocfs2_fill_super:1177 ERROR: status = -5 [ 380.177625][ T6615] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=22528 sclass=netlink_xfrm_socket pid=6615 comm=syz.0.152 [ 380.302080][ T6622] syz.1.156 uses obsolete (PF_INET,SOCK_PACKET) [ 380.524147][ T63] Bluetooth: hci0: unexpected event for opcode 0x080d [ 380.525843][ T6642] netlink: 24 bytes leftover after parsing attributes in process `syz.0.163'. [ 380.737749][ T6655] Falling back ldisc for ttynull. [ 380.896233][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802a3d1400: rx timeout, send abort [ 380.899326][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802a3d1400: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session. [ 381.407389][ T6674] program syz.3.169 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 381.532367][ T6696] netlink: 'syz.1.174': attribute type 23 has an invalid length. [ 381.565152][ T6703] netlink: 28 bytes leftover after parsing attributes in process `syz.1.177'. [ 381.569579][ T6702] cgroup: Invalid name [ 381.573413][ T6702] [U]  [ 381.632570][ T6692] @: renamed from vlan0 (while UP) [ 381.715773][ T63] Bluetooth: hci2: command 0x0c1a tx timeout [ 381.717821][ T63] Bluetooth: hci1: command 0x0c1a tx timeout [ 381.757175][ T6720] netlink: 40 bytes leftover after parsing attributes in process `syz.1.181'. [ 381.762788][ T6720] netlink: 8 bytes leftover after parsing attributes in process `syz.1.181'. [ 381.795204][ T5992] Bluetooth: hci3: command 0x0c1a tx timeout [ 381.824072][ T6732] netlink: 'syz.2.184': attribute type 10 has an invalid length. [ 381.827966][ T6732] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 381.833584][ T6732] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 381.840241][ T6732] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link [ 381.847208][ T6735] netlink: 12 bytes leftover after parsing attributes in process `syz.1.185'. [ 381.951102][ T6743] macsec0: entered promiscuous mode [ 381.986404][ T6076] usb 8-1: new low-speed USB device number 2 using dummy_hcd [ 382.103547][ T6749] overlay: Unknown parameter 'subj_role' [ 382.135210][ T6076] usb 8-1: Invalid ep0 maxpacket: 32 [ 382.265230][ T6076] usb 8-1: new low-speed USB device number 3 using dummy_hcd [ 382.415138][ T6076] usb 8-1: Invalid ep0 maxpacket: 32 [ 382.418474][ T6076] usb usb8-port1: attempt power cycle [ 382.760006][ T6076] usb 8-1: new low-speed USB device number 4 using dummy_hcd [ 382.788961][ T6076] usb 8-1: Invalid ep0 maxpacket: 32 [ 382.861412][ T6775] kAFS: No cell specified [ 382.915183][ T6076] usb 8-1: new low-speed USB device number 5 using dummy_hcd [ 382.945645][ T6076] usb 8-1: Invalid ep0 maxpacket: 32 [ 382.947642][ T6076] usb usb8-port1: unable to enumerate USB device [ 383.468932][ T6789] x_tables: duplicate underflow at hook 1 [ 383.494837][ T6797] __nla_validate_parse: 3 callbacks suppressed [ 383.494849][ T6797] netlink: 256 bytes leftover after parsing attributes in process `syz.0.203'. [ 383.502383][ T6797] unsupported nlmsg_type 40 [ 383.795246][ T63] Bluetooth: hci1: command 0x0c1a tx timeout [ 383.795272][ T5995] Bluetooth: hci2: command 0x0c1a tx timeout [ 383.830183][ T6799] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 383.833408][ T6799] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 383.836514][ T6799] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 383.838493][ T6799] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 383.932054][ T5995] Bluetooth: hci3: unexpected event 0x01 length: 4 > 1 [ 383.934615][ T5995] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 383.939963][ T5995] Bluetooth: hci3: ACL packet for unknown connection handle 201 [ 383.946371][ T5995] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 383.946412][ T5995] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 384.196101][ T6815] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 384.201430][ T6815] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 384.205643][ T6815] vhci_hcd vhci_hcd.0: Device attached [ 384.207962][ T6817] vhci_hcd: cannot find a urb of seqnum 3 max seqnum 0 [ 384.211793][ T6067] vhci_hcd: stop threads [ 384.213598][ T6067] vhci_hcd: release socket [ 384.215046][ T6067] vhci_hcd: disconnect device [ 384.253473][ T40] kauditd_printk_skb: 41 callbacks suppressed [ 384.253485][ T40] audit: type=1400 audit(1751440112.653:354): avc: denied { lock } for pid=6821 comm="syz.2.211" path="socket:[10720]" dev="sockfs" ino=10720 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 384.751782][ T6827] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 384.754755][ T6827] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 384.757936][ T6827] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 384.760573][ T6827] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 384.806677][ T40] audit: type=1400 audit(1751440113.213:355): avc: denied { accept } for pid=6826 comm="syz.1.213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 385.142091][ T6840] netlink: 12 bytes leftover after parsing attributes in process `syz.1.217'. [ 385.232797][ T40] audit: type=1400 audit(1751440113.633:356): avc: denied { getopt } for pid=6853 comm="syz.1.222" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 385.262092][ T6858] FAULT_INJECTION: forcing a failure. [ 385.262092][ T6858] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 385.266425][ T6858] CPU: 2 UID: 0 PID: 6858 Comm: syz.1.223 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) [ 385.266451][ T6858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 385.266458][ T6858] Call Trace: [ 385.266482][ T6858] [ 385.266490][ T6858] dump_stack_lvl+0x16c/0x1f0 [ 385.266529][ T6858] should_fail_ex+0x512/0x640 [ 385.266549][ T6858] _copy_from_user+0x2e/0xd0 [ 385.266564][ T6858] copy_msghdr_from_user+0x98/0x160 [ 385.266580][ T6858] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 385.266601][ T6858] ___sys_sendmsg+0xfe/0x1d0 [ 385.266616][ T6858] ? __pfx____sys_sendmsg+0x10/0x10 [ 385.266628][ T6858] ? __lock_acquire+0x622/0x1c90 [ 385.266661][ T6858] __sys_sendmsg+0x16d/0x220 [ 385.266675][ T6858] ? __pfx___sys_sendmsg+0x10/0x10 [ 385.266698][ T6858] do_syscall_64+0xcd/0x4c0 [ 385.266728][ T6858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 385.266738][ T6858] RIP: 0033:0x7f668f18e929 [ 385.266747][ T6858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 385.266757][ T6858] RSP: 002b:00007f668ffea038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 385.266767][ T6858] RAX: ffffffffffffffda RBX: 00007f668f3b5fa0 RCX: 00007f668f18e929 [ 385.266773][ T6858] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 385.266779][ T6858] RBP: 00007f668ffea090 R08: 0000000000000000 R09: 0000000000000000 [ 385.266784][ T6858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 385.266790][ T6858] R13: 0000000000000000 R14: 00007f668f3b5fa0 R15: 00007ffd53753008 [ 385.266803][ T6858] [ 385.328025][ C2] vkms_vblank_simulate: vblank timer overrun [ 385.365335][ T6862] syz.1.225: attempt to access beyond end of device [ 385.365335][ T6862] nbd1: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 385.370783][ T6862] EXT4-fs (nbd1): unable to read superblock [ 385.483824][ T6870] netlink: 8 bytes leftover after parsing attributes in process `syz.1.227'. [ 385.486733][ T6870] netlink: 8 bytes leftover after parsing attributes in process `syz.1.227'. [ 385.555331][ T5995] Bluetooth: hci4: command 0x1003 tx timeout [ 385.555475][ T5992] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 385.579674][ T6879] netlink: 'syz.1.230': attribute type 83 has an invalid length. [ 385.584011][ T40] audit: type=1400 audit(1751440113.983:357): avc: denied { append } for pid=6878 comm="syz.1.230" name="iommu" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 385.588654][ T6879] Bluetooth: MGMT ver 1.23 [ 385.656615][ T40] audit: type=1400 audit(1751440114.063:358): avc: denied { create } for pid=6882 comm="syz.0.232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 385.662757][ T40] audit: type=1400 audit(1751440114.063:359): avc: denied { ioctl } for pid=6882 comm="syz.0.232" path="socket:[10789]" dev="sockfs" ino=10789 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 385.724145][ T6896] netlink: 328 bytes leftover after parsing attributes in process `syz.1.237'. [ 385.805273][ T5992] Bluetooth: hci0: command 0x0c1a tx timeout [ 385.868650][ T6901] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.238'. [ 385.875362][ T5992] Bluetooth: hci3: command 0x0c1a tx timeout [ 385.875389][ T5995] Bluetooth: hci2: command 0x0c1a tx timeout [ 385.877095][ T63] Bluetooth: hci1: command 0x0c1a tx timeout [ 386.035529][ T61] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 386.035797][ C2] vcan0: j1939_tp_rxtimer: 0xffff88803742d400: rx timeout, send abort [ 386.040604][ C2] vcan0: j1939_xtp_rx_abort_one: 0xffff88803742d400: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session. [ 386.082867][ T40] audit: type=1400 audit(1751440114.483:360): avc: denied { getopt } for pid=6921 comm="syz.3.246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 386.085458][ T6922] netlink: 12 bytes leftover after parsing attributes in process `syz.3.246'. [ 386.097993][ T6922] xfrm1: entered promiscuous mode [ 386.099690][ T6922] xfrm1: entered allmulticast mode [ 386.152595][ T40] audit: type=1400 audit(1751440114.553:361): avc: denied { create } for pid=6930 comm="syz.3.250" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 386.157453][ T6932] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 386.163604][ T6932] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 386.168060][ T40] audit: type=1400 audit(1751440114.553:362): avc: denied { bind } for pid=6930 comm="syz.3.250" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 386.206511][ T61] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 386.212112][ T61] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 386.215722][ T61] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 386.218552][ T61] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 386.222845][ T6899] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 386.228671][ T61] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 386.260599][ T6943] netlink: 'syz.3.253': attribute type 32 has an invalid length. [ 386.265207][ T40] audit: type=1400 audit(1751440114.663:363): avc: denied { write } for pid=6944 comm="syz.0.254" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 386.294080][ T6949] netlink: 'syz.2.255': attribute type 15 has an invalid length. [ 386.433082][ T6959] syz_tun: entered allmulticast mode [ 386.443226][ T6076] usb 6-1: USB disconnect, device number 4 [ 387.167689][ T6954] syz_tun: left allmulticast mode [ 387.875985][ T5995] Bluetooth: hci0: command 0x0c1a tx timeout [ 387.955364][ T5995] Bluetooth: hci3: command 0x0c1a tx timeout [ 389.955447][ T5995] Bluetooth: hci0: command 0x0c1a tx timeout [ 401.311838][ T40] kauditd_printk_skb: 5 callbacks suppressed [ 401.311853][ T40] audit: type=1400 audit(1751440129.713:369): avc: denied { mount } for pid=6968 comm="syz.1.261" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 401.325369][ T40] audit: type=1400 audit(1751440129.713:370): avc: denied { connect } for pid=6971 comm="syz.3.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 401.325407][ T40] audit: type=1400 audit(1751440129.713:371): avc: denied { read } for pid=6971 comm="syz.3.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 401.507473][ T40] audit: type=1400 audit(1751440129.913:372): avc: denied { write } for pid=6982 comm="syz.1.264" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 401.521163][ T6999] bridge_slave_0: left allmulticast mode [ 401.523212][ T6999] bridge_slave_0: left promiscuous mode [ 401.526418][ T6999] bridge0: port 1(bridge_slave_0) entered disabled state [ 401.537494][ T6999] bridge_slave_1: left allmulticast mode [ 401.539577][ T6999] bridge_slave_1: left promiscuous mode [ 401.541766][ T6999] bridge0: port 2(bridge_slave_1) entered disabled state [ 401.550858][ T6999] bond0: (slave bond_slave_0): Releasing backup interface [ 401.557826][ T6999] bond0: (slave bond_slave_1): Releasing backup interface [ 401.572925][ T6999] team0: Port device team_slave_0 removed [ 401.584784][ T6999] team0: Port device team_slave_1 removed [ 401.587893][ T6999] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 401.590450][ T6999] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 401.594839][ T6999] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 401.597292][ T6999] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 401.633387][ T40] audit: type=1400 audit(1751440130.033:373): avc: denied { getopt } for pid=7005 comm="syz.0.271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 401.644748][ T7006] raw_sendmsg: syz.0.271 forgot to set AF_INET. Fix it! [ 401.737791][ T7012] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 402.176632][ T40] audit: type=1400 audit(1751440130.583:374): avc: denied { mount } for pid=7026 comm="syz.2.277" name="/" dev="ramfs" ino=13868 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 402.184034][ T7027] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 402.188123][ T40] audit: type=1400 audit(1751440130.593:375): avc: denied { mounton } for pid=7026 comm="syz.2.277" path="/bus" dev="ramfs" ino=13871 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1 [ 402.189290][ T7027] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 402.197087][ T7027] overlayfs: failed to set xattr on upper [ 402.198920][ T7027] overlayfs: ...falling back to redirect_dir=nofollow. [ 402.201395][ T7027] overlayfs: ...falling back to index=off. [ 402.203229][ T7027] overlayfs: ...falling back to uuid=null. [ 402.205125][ T7027] overlayfs: ...falling back to xino=off. [ 402.205537][ T54] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 402.207231][ T7027] overlayfs: conflicting lowerdir path [ 402.367412][ T54] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 402.371154][ T54] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 402.376182][ T54] usb 5-1: Product: syz [ 402.378029][ T54] usb 5-1: Manufacturer: syz [ 402.380890][ T54] usb 5-1: SerialNumber: syz [ 402.385706][ T54] usb 5-1: config 0 descriptor?? [ 402.610486][ T61] usb 5-1: USB disconnect, device number 2 [ 402.668487][ T7033] netlink: 'syz.1.280': attribute type 3 has an invalid length. [ 402.671866][ T7033] netlink: 'syz.1.280': attribute type 1 has an invalid length. [ 402.675030][ T7033] netlink: 192 bytes leftover after parsing attributes in process `syz.1.280'. [ 402.680238][ T7033] NCSI netlink: No device for ifindex 0 [ 402.768575][ T40] audit: type=1400 audit(1751440131.173:376): avc: denied { read } for pid=7045 comm="syz.1.282" name="msr" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 402.776227][ T40] audit: type=1400 audit(1751440131.173:377): avc: denied { open } for pid=7045 comm="syz.1.282" path="/dev/cpu/3/msr" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 402.801455][ T7051] BIDI support in bsg has been removed. [ 402.803484][ T7051] netlink: 4 bytes leftover after parsing attributes in process `syz.1.283'. [ 402.847693][ T7057] netlink: 32 bytes leftover after parsing attributes in process `syz.1.285'. [ 402.850618][ T7057] bridge0: port 2(bridge_slave_1) entered blocking state [ 402.852778][ T7057] bridge0: port 2(bridge_slave_1) entered forwarding state [ 402.863332][ T40] audit: type=1400 audit(1751440131.263:378): avc: denied { bind } for pid=7059 comm="syz.2.286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 402.962440][ T5995] Bluetooth: hci3: Unknown advertising packet type: 0x74 [ 402.962500][ T5995] Bluetooth: hci3: Malformed LE Event: 0x0d [ 403.395587][ T5960] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 403.497119][ T7081] nd_bus ndbus0: __nd_ioctl:bus unknown input size cmd: cmd_call field: 1 [ 403.502703][ T7081] netlink: 4 bytes leftover after parsing attributes in process `syz.0.295'. [ 403.506890][ T7084] xt_hashlimit: size too large, truncated to 1048576 [ 403.539893][ T7088] xt_CT: You must specify a L4 protocol and not use inversions on it [ 403.544718][ T7088] netlink: 48 bytes leftover after parsing attributes in process `syz.0.297'. [ 404.445819][ T7111] netlink: 'syz.2.304': attribute type 23 has an invalid length. [ 404.458703][ T7102] block nbd3: shutting down sockets [ 404.523859][ T7098] Bluetooth: hci0: expected 2 bytes, got 7 bytes [ 404.534799][ T7117] 9pnet: p9_errstr2errno: server reported unknown error @@ [ 404.603278][ T7120] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 404.605383][ T7120] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 404.609553][ T7120] vhci_hcd vhci_hcd.0: Device attached [ 404.628475][ T7125] vhci_hcd: connection closed [ 404.629450][ T6008] vhci_hcd: stop threads [ 404.633158][ T6008] vhci_hcd: release socket [ 404.634718][ T6008] vhci_hcd: disconnect device [ 404.667191][ T7135] netlink: set zone limit has 4 unknown bytes [ 404.743892][ T7145] ptrace attach of "/syz-executor exec"[5987] was attempted by "/syz-executor exec"[7145] [ 404.803153][ T7150] netlink: 1848 bytes leftover after parsing attributes in process `syz.1.315'. [ 404.806992][ T7150] netlink: 24 bytes leftover after parsing attributes in process `syz.1.315'. [ 404.811004][ T7150] openvswitch: netlink: Message has 16 unknown bytes. [ 404.848175][ T7155] binder: 7154:7155 ioctl c0306201 200000000500 returned -11 [ 404.967240][ T7162] netlink: 4 bytes leftover after parsing attributes in process `syz.3.321'. [ 404.967255][ T7161] netlink: 4 bytes leftover after parsing attributes in process `syz.3.321'. [ 405.303676][ T7167] macsec1: entered promiscuous mode [ 405.305423][ T7167] macsec1: entered allmulticast mode [ 405.341919][ T7170] netlink: 4 bytes leftover after parsing attributes in process `syz.2.324'. [ 405.551316][ T7183] tmpfs: Unknown parameter '#[k#' [ 405.553205][ T7183] tmpfs: Unknown parameter '#[k#' [ 405.724296][ C2] Unknown status report in ack skb [ 406.365169][ T6077] usb 5-1: new low-speed USB device number 3 using dummy_hcd [ 406.520608][ T6077] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 406.523917][ T6077] usb 5-1: config 0 has no interface number 0 [ 406.527562][ T6077] usb 5-1: config 0 interface 1 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 406.531788][ T6077] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 406.535771][ T6077] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 406.544546][ T6077] usb 5-1: config 0 descriptor?? [ 406.554302][ T6077] iowarrior 5-1:0.1: no interrupt-in endpoint found [ 406.665385][ T7242] netlink: 'syz.1.349': attribute type 12 has an invalid length. [ 406.679113][ T7244] overlayfs: failed to clone upperpath [ 406.728657][ T7249] netlink: 'syz.1.352': attribute type 2 has an invalid length. [ 406.729106][ T40] kauditd_printk_skb: 23 callbacks suppressed [ 406.729117][ T40] audit: type=1400 audit(1751440135.133:402): avc: denied { bind } for pid=7250 comm="syz.2.353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 406.731095][ T7249] nbd: must specify a device to reconfigure [ 406.765538][ T40] audit: type=1400 audit(1751440135.163:403): avc: denied { load_policy } for pid=7227 comm="syz.0.344" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 406.769015][ T7228] SELinux: ebitmap start bit (2863311360) is beyond the end of the bitmap (320) [ 406.771735][ T40] audit: type=1400 audit(1751440135.173:404): avc: denied { ioctl } for pid=7253 comm="syz.2.354" path="socket:[14474]" dev="sockfs" ino=14474 ioctlcmd=0x9426 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 406.771764][ T40] audit: type=1400 audit(1751440135.173:405): avc: denied { write } for pid=7253 comm="syz.2.354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 406.777853][ T7228] SELinux: failed to load policy [ 406.794771][ T61] usb 5-1: USB disconnect, device number 3 [ 406.914402][ T7270] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7270 comm=syz.3.359 [ 406.920940][ T7271] loop2: detected capacity change from 0 to 7 [ 406.924632][ T7274] netdevsim netdevsim2 netdevsim2: entered allmulticast mode [ 406.925229][ T6986] Dev loop2: unable to read RDB block 7 [ 406.928775][ T6986] loop2: AHDI p1 p2 p3 [ 406.930127][ T6986] loop2: partition table partially beyond EOD, truncated [ 406.932672][ T6986] loop2: p1 start 1601398130 is beyond EOD, truncated [ 406.934817][ T6986] loop2: p2 start 1702059890 is beyond EOD, truncated [ 406.941059][ T7271] Dev loop2: unable to read RDB block 7 [ 406.943477][ T7271] loop2: AHDI p1 p2 p3 [ 406.944962][ T7271] loop2: partition table partially beyond EOD, truncated [ 406.948501][ T7271] loop2: p1 start 1601398130 is beyond EOD, truncated [ 406.949521][ T7276] capability: warning: `syz.2.361' uses 32-bit capabilities (legacy support in use) [ 406.950988][ T7271] loop2: p2 start 1702059890 is beyond EOD, truncated [ 407.053167][ T40] audit: type=1400 audit(1751440135.453:406): avc: denied { map } for pid=7288 comm="syz.3.365" path="socket:[15476]" dev="sockfs" ino=15476 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 407.063583][ T40] audit: type=1400 audit(1751440135.453:407): avc: denied { read } for pid=7288 comm="syz.3.365" path="socket:[15476]" dev="sockfs" ino=15476 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 407.380250][ T40] audit: type=1400 audit(1751440135.783:408): avc: denied { watch } for pid=7298 comm="syz.0.368" path="/75/file0" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1 [ 407.751268][ T40] audit: type=1400 audit(1751440136.153:409): avc: denied { write } for pid=7303 comm="syz.1.370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 407.838470][ T7310] netlink: 'syz.1.373': attribute type 4 has an invalid length. [ 407.942057][ T7313] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10588 sclass=netlink_route_socket pid=7313 comm=syz.2.375 [ 407.946393][ T7313] netlink: 'syz.2.375': attribute type 4 has an invalid length. [ 407.956970][ T40] audit: type=1400 audit(1751440136.363:410): avc: denied { execmod } for pid=7316 comm="syz.3.374" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=16465 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 408.003321][ T40] audit: type=1400 audit(1751440136.403:411): avc: denied { create } for pid=7321 comm="syz.1.378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 408.019321][ T7330] netlink: 'syz.2.380': attribute type 13 has an invalid length. [ 408.065157][ T7340] veth0: entered promiscuous mode [ 408.067429][ T7339] veth0: left promiscuous mode [ 408.102187][ T7343] team_slave_0: entered promiscuous mode [ 408.104929][ T7343] team_slave_1: entered promiscuous mode [ 408.108555][ T7343] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 408.111046][ T7343] team0: Device macvtap1 is already an upper device of the team interface [ 408.114628][ T7343] team_slave_0: left promiscuous mode [ 408.116548][ T7343] team_slave_1: left promiscuous mode [ 408.205546][ T7346] __nla_validate_parse: 6 callbacks suppressed [ 408.205557][ T7346] netlink: 16 bytes leftover after parsing attributes in process `syz.3.383'. [ 408.376799][ T5995] Bluetooth: hci0: unexpected event for opcode 0x2028 [ 408.384572][ T7370] netlink: 8 bytes leftover after parsing attributes in process `syz.0.392'. [ 408.388626][ T7370] netlink: 20 bytes leftover after parsing attributes in process `syz.0.392'. [ 408.430889][ T5995] Bluetooth: hci0: unexpected event for opcode 0x080b [ 408.458321][ T7355] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 408.467247][ T7355] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 408.474059][ T7355] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 408.477523][ T7355] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 408.654279][ T7389] netlink: 16 bytes leftover after parsing attributes in process `syz.2.399'. [ 408.660237][ T7389] netlink: 16 bytes leftover after parsing attributes in process `syz.2.399'. [ 408.700571][ T5995] Bluetooth: hci1: unexpected cc 0x203e length: 2 > 1 [ 408.702564][ T5995] Bluetooth: hci1: unexpected event for opcode 0x203e [ 408.773704][ T7392] netlink: 'syz.2.400': attribute type 1 has an invalid length. [ 408.851901][ T7397] erspan0: mtu less than device minimum [ 408.960642][ T7403] xt_hashlimit: max too large, truncated to 1048576 [ 408.977081][ T7403] xt_bpf: check failed: parse error [ 409.147335][ T7442] fuse: Unknown parameter 'grup_id' [ 409.220609][ T7417] random: crng reseeded on system resumption [ 409.246873][ T7451] xt_CT: You must specify a L4 protocol and not use inversions on it [ 409.320604][ T5995] Bluetooth: hci0: unexpected event for opcode 0x040e syzkaller syzkaller login: [ 409.835887][ T7468] netlink: 'syz.3.427': attribute type 1 has an invalid length. [ 409.897703][ T7471] evm: overlay not supported [ 410.225944][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.235611][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.238075][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.241035][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.243878][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.246756][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.249454][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.251884][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.254318][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.257082][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.259611][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.262549][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.266747][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.269632][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.270431][ T7495] binder: 7493:7495 ioctl c0306201 200000000080 returned -14 [ 410.272503][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.278837][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.281467][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.285172][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.287368][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.289543][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.292489][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.295517][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.298357][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.301253][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.303617][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.306455][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.309347][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.311626][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.313930][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.316340][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.318645][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.321009][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.324594][ T7505] netlink: 'syz.3.437': attribute type 10 has an invalid length. [ 410.324710][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.329851][ T7499] netlink: 52 bytes leftover after parsing attributes in process `syz.2.435'. [ 410.330551][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.334643][ T7499] netlink: 52 bytes leftover after parsing attributes in process `syz.2.435'. [ 410.336013][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.340152][ T7499] netlink: 52 bytes leftover after parsing attributes in process `syz.2.435'. [ 410.341235][ T7505] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 410.341867][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.350131][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.352310][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.354452][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.356758][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.358950][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.361588][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.364600][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.367638][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.370500][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.373506][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.373698][ T7505] bond0: (slave bridge0): Releasing backup interface [ 410.376458][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.376536][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.376600][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.376668][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.389229][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.391995][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.394905][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.397312][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.397638][ T7511] netlink: 24 bytes leftover after parsing attributes in process `syz.0.438'. [ 410.399463][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.404677][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.407094][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.409245][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.411661][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.413720][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.415935][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.418033][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.418958][ T7516] netlink: 12 bytes leftover after parsing attributes in process `syz.2.439'. [ 410.420415][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.426988][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.429273][ T5995] Bluetooth: hci1: unexpected event for opcode 0x0c7c [ 410.444122][ T7511] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7511 comm=syz.0.438 [ 410.468380][ T7511] netlink: 'syz.0.438': attribute type 10 has an invalid length. [ 410.475016][ T7511] batman_adv: batadv0: Adding interface: team0 [ 410.477212][ T7511] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 410.484708][ T7511] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 410.487819][ T7523] overlay: Unknown parameter 'subj_role' [ 410.515269][ T5995] Bluetooth: hci3: command 0x0c1a tx timeout [ 410.515420][ T5992] Bluetooth: hci2: command 0x0c1a tx timeout [ 410.580020][ T7535] netlink: 'syz.2.446': attribute type 7 has an invalid length. [ 410.589355][ T7535] : entered promiscuous mode [ 410.777900][ T7545] cgroup: noprefix used incorrectly [ 411.217401][ T7598] binder_alloc: binder_alloc_mmap_handler: 7597 200000ff9000-200000ffd000 already mapped failed -16 [ 411.285761][ T7600] netfs: Couldn't get user pages (rc=-14) [ 411.763040][ T40] kauditd_printk_skb: 54 callbacks suppressed [ 411.763051][ T40] audit: type=1400 audit(1751440140.163:466): avc: denied { recv } for pid=5975 comm="syz-executor" saddr=127.0.0.1 src=47316 daddr=127.0.0.1 dest=30000 netif=lo scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 411.788777][ T40] audit: type=1400 audit(1751440140.193:467): avc: denied { getopt } for pid=7618 comm="syz.0.474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 411.806864][ T40] audit: type=1400 audit(1751440140.213:468): avc: denied { recv } for pid=28 comm="ksoftirqd/1" saddr=127.0.0.1 src=30000 daddr=127.0.0.1 dest=47316 netif=lo scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 412.038729][ T7637] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 412.048162][ T40] audit: type=1400 audit(1751440140.453:469): avc: denied { getopt } for pid=7636 comm="syz.2.480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 412.052884][ T7640] netlink: ct family unspecified [ 412.056283][ T7640] openvswitch: netlink: Actions may not be safe on all matching packets [ 412.057911][ T7637] netlink: 'syz.2.480': attribute type 29 has an invalid length. [ 412.062079][ T40] audit: type=1400 audit(1751440140.463:470): avc: denied { mounton } for pid=7639 comm="syz.1.481" path="/102/bus" dev="tmpfs" ino=551 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 412.062129][ T7640] 9pnet_rdma: rdma_create_trans (7640): problem binding to privport: 13 [ 412.062198][ T7637] netlink: 'syz.2.480': attribute type 29 has an invalid length. [ 412.065271][ T7637] openvswitch: netlink: Tunnel attr 14 has unexpected len 2 expected 0 [ 412.142209][ T7647] No control pipe specified [ 412.165190][ T40] audit: type=1400 audit(1751440140.563:471): avc: denied { connect } for pid=7646 comm="syz.2.484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 412.185160][ T40] audit: type=1400 audit(1751440140.583:472): avc: denied { read } for pid=7648 comm="syz.1.485" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 412.346534][ T40] audit: type=1400 audit(1751440140.753:473): avc: denied { mount } for pid=7661 comm="syz.0.489" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 412.358455][ T40] audit: type=1400 audit(1751440140.753:474): avc: denied { unmount } for pid=7661 comm="syz.0.489" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 412.376958][ T40] audit: type=1400 audit(1751440140.783:475): avc: denied { ioctl } for pid=7661 comm="syz.0.489" path="socket:[15000]" dev="sockfs" ino=15000 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 412.629691][ T7678] IPVS: Error joining to the multicast group [ 413.052974][ T7694] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 413.060810][ T7697] SELinux: ebitmap start bit (2863311360) is beyond the end of the bitmap (320) [ 413.070650][ T7697] SELinux: failed to load policy [ 413.367769][ T7721] __nla_validate_parse: 12 callbacks suppressed [ 413.367780][ T7721] netlink: 12 bytes leftover after parsing attributes in process `syz.2.502'. [ 413.378708][ T5992] Bluetooth: hci0: unknown advertising packet type: 0x82 [ 413.378755][ T5992] Bluetooth: hci0: Dropping invalid advertising data [ 413.384521][ T5992] Bluetooth: hci0: Malformed LE Event: 0x02 [ 413.386525][ T7721] 8021q: adding VLAN 0 to HW filter on device bond1 [ 413.393792][ T7725] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 413.393792][ T7725] The task syz.1.506 (7725) triggered the difference, watch for misbehavior. [ 413.404255][ T7721] 8021q: adding VLAN 0 to HW filter on device bond1 [ 413.409345][ T7721] bond1: (slave vcan1): The slave device specified does not support setting the MAC address [ 413.415336][ T7721] bond1: (slave vcan1): Error -95 calling set_mac_address [ 413.446151][ T7729] netlink: 8 bytes leftover after parsing attributes in process `syz.2.502'. [ 413.449639][ T7729] netlink: 12 bytes leftover after parsing attributes in process `syz.2.502'. [ 413.545849][ T7740] No control pipe specified [ 413.563758][ T7742] netlink: 'syz.0.512': attribute type 1 has an invalid length. [ 413.587738][ T7742] netlink: 'syz.0.512': attribute type 1 has an invalid length. [ 413.644573][ T7749] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32 [ 413.852406][ T7761] netlink: 8 bytes leftover after parsing attributes in process `syz.0.519'. [ 413.864962][ T7761] sp0: Synchronizing with TNC [ 414.087496][ T7766] netlink: 'syz.2.521': attribute type 10 has an invalid length. [ 414.100658][ T7766] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 414.252755][ T7775] netlink: 'syz.1.525': attribute type 1 has an invalid length. [ 414.261859][ T7775] netlink: 228 bytes leftover after parsing attributes in process `syz.1.525'. [ 414.267410][ T7775] netlink: 8 bytes leftover after parsing attributes in process `syz.1.525'. [ 414.272818][ T7775] netlink: 28 bytes leftover after parsing attributes in process `syz.1.525'. [ 414.298179][ T7777] netlink: 24 bytes leftover after parsing attributes in process `syz.0.526'. [ 414.347095][ T7778] netlink: 4 bytes leftover after parsing attributes in process `syz.0.526'. [ 414.398329][ T7777] xt_hashlimit: size too large, truncated to 1048576 [ 414.400500][ T7782] xt_hashlimit: size too large, truncated to 1048576 [ 414.518693][ T7797] overlayfs: conflicting options: userxattr,metacopy=on [ 414.550992][ T7799] EXT4-fs (sr0): VFS: Can't find ext4 filesystem [ 414.755904][ T7829] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=147 sclass=netlink_route_socket pid=7829 comm=syz.3.541 [ 415.119847][ T5960] IPVS: starting estimator thread 0... [ 415.205541][ T7851] IPVS: using max 44 ests per chain, 105600 per kthread [ 415.385253][ T7866] binder: 7865:7866 ioctl 80045530 200000000140 returned -22 [ 415.417842][ T7868] af_packet: tpacket_rcv: packet too big, clamped from 9112 to 3952. macoff=96 [ 415.432400][ T7872] tmpfs: Unknown parameter 'nosw' [ 415.432710][ T7873] tmpfs: Unknown parameter 'nosw' [ 415.615327][ T7892] MTD: Attempt to mount non-MTD device "/dev/nbd0" [ 415.619784][ T7892] cramfs: wrong magic [ 415.651558][ T7895] netlink: 40 bytes leftover after parsing attributes in process `syz.3.557'. [ 415.789735][ T7907] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only [ 415.976440][ T7930] netlink: 'syz.2.570': attribute type 10 has an invalid length. [ 415.988418][ T7930] team0: Port device geneve0 added [ 416.038362][ T7939] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 416.232007][ T7961] netlink: 'syz.1.580': attribute type 14 has an invalid length. [ 416.279143][ T7965] tls_set_device_offload_rx: netdev not found [ 416.321777][ T7979] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3 sclass=netlink_route_socket pid=7979 comm=syz.2.585 [ 416.397535][ T7993] loop6: detected capacity change from 0 to 524287999 [ 416.566383][ T8000] fuse: Unknown parameter ' &z׫7*0sסsDZ;1xfO [ 416.566383][ T8000] ֑2fmWxUF~qto<2j.I %7EH$A!&`4@5' [ 416.582172][ T8005] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 416.584454][ T5992] Bluetooth: hci3: unexpected event for opcode 0x200d [ 416.585421][ T8005] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 416.592345][ T8005] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 416.597253][ T8005] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 416.617221][ T8009] 9pnet_virtio: no channels available for device syz [ 416.695694][ T8008] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=8008 comm=syz.2.592 [ 416.780681][ T40] kauditd_printk_skb: 33 callbacks suppressed [ 416.780692][ T40] audit: type=1804 audit(1751440145.183:509): pid=8018 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.596" name="/newroot/146/file0" dev="tmpfs" ino=785 res=1 errno=0 [ 416.881574][ T8023] Unsupported ieee802154 address type: 0 [ 416.887931][ T8027] netlink: 'syz.0.600': attribute type 11 has an invalid length. [ 416.941694][ T40] audit: type=1326 audit(1751440145.343:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8032 comm="syz.1.603" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f668f18e929 code=0x0 [ 417.184885][ T8049] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 417.197061][ T8049] cramfs: wrong magic [ 417.806834][ T8077] sp0: Synchronizing with TNC [ 417.956554][ T8085] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0 [ 417.994970][ T8088] Mount JFS Failure: -22 [ 418.003265][ T40] audit: type=1400 audit(1751440146.403:511): avc: denied { bind } for pid=8087 comm="syz.1.618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 418.025329][ T5960] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 418.041282][ T8090] vivid-003: disconnect [ 418.043912][ T8090] vivid-003: reconnect [ 418.053881][ T8094] overlayfs: failed to clone upperpath [ 418.062097][ T40] audit: type=1400 audit(1751440146.463:512): avc: denied { ioctl } for pid=8093 comm="syz.2.621" path="socket:[19591]" dev="sockfs" ino=19591 ioctlcmd=0x8b32 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 418.062728][ T8094] overlayfs: failed to resolve './file0': -2 [ 418.106450][ T8103] ipvlan2: entered promiscuous mode [ 418.109293][ T8103] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 418.114390][ T8092] netlink: 'syz.3.620': attribute type 1 has an invalid length. [ 418.146203][ T8100] mmap: syz.1.622 (8100): VmData 37728256 exceed data ulimit 31122. Update limits or use boot option ignore_rlimit_data. [ 418.150501][ T8101] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 418.152526][ T8101] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 418.154491][ T8101] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 418.165212][ T8101] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 418.180564][ T5960] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 418.184836][ T5960] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 418.191627][ T5960] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 418.195644][ T8113] ipvlan2: entered promiscuous mode [ 418.198605][ T5960] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 418.204968][ T5960] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 418.209575][ T5960] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 418.220731][ T5960] usb 5-1: config 0 descriptor?? [ 418.260582][ T8120] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=54 sclass=netlink_tcpdiag_socket pid=8120 comm=syz.1.630 [ 418.266578][ T8120] syz.1.630: attempt to access beyond end of device [ 418.266578][ T8120] loop1: rw=0, sector=2, nr_sectors = 2 limit=0 [ 418.270698][ T8120] MINIX-fs: unable to read superblock [ 418.274103][ T8120] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=54 sclass=netlink_tcpdiag_socket pid=8120 comm=syz.1.630 [ 418.304769][ T8127] 0: renamed from hsr0 (while UP) [ 418.308228][ T8127] 0: entered allmulticast mode [ 418.309890][ T8127] hsr_slave_0: entered allmulticast mode [ 418.311996][ T8127] hsr_slave_1: entered allmulticast mode [ 418.314800][ T8127] A link change request failed with some changes committed already. Interface 70 may have been left with an inconsistent configuration, please check. [ 418.363817][ T8129] netlink: 'syz.1.631': attribute type 142 has an invalid length. [ 418.436936][ T8141] __nla_validate_parse: 14 callbacks suppressed [ 418.436947][ T8141] netlink: 20 bytes leftover after parsing attributes in process `syz.2.634'. [ 418.475112][ T40] audit: type=1400 audit(1751440146.873:513): avc: denied { ioctl } for pid=8145 comm="syz.2.638" path="socket:[18631]" dev="sockfs" ino=18631 ioctlcmd=0x6107 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 418.622326][ T8162] netlink: 'syz.1.643': attribute type 23 has an invalid length. [ 418.644270][ T5960] usbhid 5-1:0.0: can't add hid device: -71 [ 418.647634][ T5960] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 418.652355][ T5960] usb 5-1: USB disconnect, device number 4 [ 418.710023][ T5992] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 418.740414][ T8179] openvswitch: netlink: IP tunnel TTL not specified. [ 418.817167][ T40] audit: type=1804 audit(1751440147.223:514): pid=8197 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.652" name="file0" dev="tmpfs" ino=1209 res=1 errno=0 [ 418.875023][ T40] audit: type=1400 audit(1751440147.273:515): avc: denied { read } for pid=8200 comm="syz.0.655" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 418.889780][ T40] audit: type=1400 audit(1751440147.273:516): avc: denied { open } for pid=8200 comm="syz.0.655" path="/dev/loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 418.904069][ T8209] 9pnet_virtio: no channels available for device syz [ 418.905740][ T8207] overlayfs: failed to clone upperpath [ 418.906637][ T40] audit: type=1400 audit(1751440147.273:517): avc: denied { ioctl } for pid=8200 comm="syz.0.655" path="/dev/loop-control" dev="devtmpfs" ino=657 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 418.934692][ T8212] netlink: 52 bytes leftover after parsing attributes in process `syz.0.659'. [ 418.961919][ T8217] netlink: 24 bytes leftover after parsing attributes in process `syz.2.661'. [ 418.985501][ T8217] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8217 comm=syz.2.661 [ 419.086985][ T40] audit: type=1800 audit(1751440147.493:518): pid=8237 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.668" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 419.089287][ T8238] EXT4-fs (sr0): VFS: Can't find ext4 filesystem [ 419.137667][ T8244] netlink: 'syz.3.671': attribute type 1 has an invalid length. [ 419.140301][ T8244] netlink: 'syz.3.671': attribute type 1 has an invalid length. [ 419.259559][ T8257] xt_TCPMSS: Only works on TCP SYN packets [ 419.262112][ T8258] netlink: 24 bytes leftover after parsing attributes in process `syz.2.675'. [ 419.401831][ T8265] veth1_to_batadv: entered promiscuous mode [ 419.802073][ T8278] binder: 8277:8278 ioctl c018620c 200000000300 returned -1 [ 419.829155][ T8280] netlink: 'syz.3.680': attribute type 1 has an invalid length. [ 419.831830][ T8280] netlink: 220 bytes leftover after parsing attributes in process `syz.3.680'. [ 419.836157][ T8280] netlink: 'syz.3.680': attribute type 1 has an invalid length. [ 419.867985][ T8282] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=34 sclass=netlink_tcpdiag_socket pid=8282 comm=syz.3.681 [ 419.935561][ T8286] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 419.994218][ T8291] tmpfs: Cannot disable swap on remount [ 420.169486][ T8305] netlink: 666 bytes leftover after parsing attributes in process `syz.2.689'. [ 420.195243][ T5992] Bluetooth: hci2: command 0x0c1a tx timeout [ 420.195298][ T5995] Bluetooth: hci3: command 0x0c1a tx timeout [ 420.197495][ T63] Bluetooth: hci1: command 0x0c1a tx timeout [ 420.197609][ T5293] Bluetooth: hci0: command 0x0c1a tx timeout [ 420.231768][ T8310] trusted_key: encrypted_key: master key parameter is missing [ 420.333665][ T8326] netlink: 28 bytes leftover after parsing attributes in process `syz.2.696'. [ 420.337691][ T8326] netlink: 27 bytes leftover after parsing attributes in process `syz.2.696'. [ 420.524162][ T6067] Bluetooth: Error in BCSP hdr checksum [ 420.528109][ T6029] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 420.606387][ T8357] CIFS: iocharset name too long [ 420.675302][ T6029] usb 6-1: Using ep0 maxpacket: 8 [ 420.679621][ T6029] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 420.683387][ T6029] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 420.685602][ T8360] overlayfs: failed to clone upperpath [ 420.688924][ T6029] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 420.695267][ T6029] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 420.699770][ T6029] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 420.705777][ T6029] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 420.708926][ T6029] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 420.713475][ T6029] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 420.718368][ T6029] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 420.723016][ T6029] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 420.729203][ T6029] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 420.732289][ T6029] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 420.736676][ T6029] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 420.740588][ T6029] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 420.741496][ T8364] netlink: 'syz.2.707': attribute type 2 has an invalid length. [ 420.744824][ T6029] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 420.747894][ T6029] usb 6-1: string descriptor 0 read error: -22 [ 420.751513][ T8364] netlink: 46 bytes leftover after parsing attributes in process `syz.2.707'. [ 420.754851][ T6029] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 420.761368][ T6029] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 420.779991][ T6029] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 420.842822][ T8374] overlayfs: failed to clone upperpath [ 420.877779][ T8377] netlink: 8 bytes leftover after parsing attributes in process `syz.2.711'. [ 420.881344][ T8377] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 420.983100][ T5992] Bluetooth: hci3: unexpected Set CIG Parameters response data [ 420.988153][ T8314] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 420.993179][ T8314] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 420.993750][ T5992] Bluetooth: hci3: unexpected event for opcode 0x2062 [ 421.013098][ T1336] usb 6-1: USB disconnect, device number 5 [ 421.040944][ T8400] netlink: 'syz.3.715': attribute type 10 has an invalid length. [ 421.048387][ T8400] batman_adv: batadv0: Adding interface: team0 [ 421.050685][ T8400] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 421.061188][ T8400] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 421.105955][ T8400] netlink: 'syz.3.715': attribute type 10 has an invalid length. [ 421.109257][ T8400] team0: entered promiscuous mode [ 421.112164][ T8400] 8021q: adding VLAN 0 to HW filter on device team0 [ 421.116636][ T8400] batman_adv: batadv0: Interface activated: team0 [ 421.118735][ T8400] batman_adv: batadv0: Interface deactivated: team0 [ 421.121264][ T8400] batman_adv: batadv0: Removing interface: team0 [ 422.190687][ T5992] Bluetooth: hci2: unexpected event for opcode 0x2007 [ 422.403072][ T8488] overlayfs: failed to resolve './bus': -2 [ 422.525857][ T40] kauditd_printk_skb: 11 callbacks suppressed [ 422.525868][ T40] audit: type=1326 audit(1751440150.929:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz.2.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1962d8e929 code=0x50000 [ 422.535942][ T40] audit: type=1326 audit(1751440150.929:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz.2.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1962d8e929 code=0x50000 [ 422.543878][ T40] audit: type=1326 audit(1751440150.929:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz.2.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1962d8e929 code=0x50000 [ 422.551270][ T40] audit: type=1326 audit(1751440150.929:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz.2.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1962d8e929 code=0x50000 [ 422.559689][ T40] audit: type=1326 audit(1751440150.929:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz.2.748" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1962d8e929 code=0x50000 [ 422.567127][ T40] audit: type=1326 audit(1751440150.929:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz.2.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1962d8e929 code=0x50000 [ 422.574114][ T40] audit: type=1326 audit(1751440150.929:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz.2.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1962d8e929 code=0x50000 [ 422.581396][ T40] audit: type=1326 audit(1751440150.929:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz.2.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1962d8e929 code=0x50000 [ 422.588520][ T40] audit: type=1326 audit(1751440150.929:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz.2.748" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1962d8e929 code=0x50000 [ 422.595493][ T63] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 422.595513][ T40] audit: type=1326 audit(1751440150.929:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8491 comm="syz.2.748" exe="/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f1962d8e929 code=0x50000 [ 422.605261][ T5992] Bluetooth: hci4: command 0x1003 tx timeout [ 422.912419][ T8515] binder: 8513:8515 ioctl c0306201 200000000500 returned -11 [ 423.038201][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.042041][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.052054][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.056173][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.060225][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.063168][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.067205][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.071622][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.075201][ T5992] Bluetooth: hci3: command 0x0c1a tx timeout [ 423.076776][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.082914][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.088922][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.091950][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.094879][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.106992][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.111960][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.119548][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.124211][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.127503][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.130331][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.133168][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.142683][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.145706][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.148583][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.151947][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.156895][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.159754][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.162316][ T8538] veth0: entered promiscuous mode [ 423.167827][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.171523][ T8537] veth0: left promiscuous mode [ 423.171894][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.179739][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.182705][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.196267][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.199576][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.202425][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.217175][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.222512][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.227272][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.230360][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.233299][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.236448][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.239900][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.243477][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.246922][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.250077][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.253671][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.260074][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.267521][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.271798][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.276418][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.279676][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.282862][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.286176][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.289126][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.292216][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.296670][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.300891][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.303876][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.309477][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.312700][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.316083][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.323247][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.329807][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.334291][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.341620][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.348739][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.353185][ T8529] NILFS (nullb0): couldn't find nilfs on the device [ 423.377517][ T8550] binder: 8549:8550 ioctl c0306201 200000000380 returned -14 [ 423.558401][ T8559] __nla_validate_parse: 5 callbacks suppressed [ 423.558414][ T8559] netlink: 12 bytes leftover after parsing attributes in process `syz.0.770'. [ 423.573714][ T8559] overlayfs: metacopy with no lower data found - abort lookup (/bus) [ 423.659683][ T8561] KVM: debugfs: duplicate directory 8561-5 [ 423.718815][ T8566] Cannot find add_set index 0 as target [ 423.721291][ T8566] Cannot find add_set index 0 as target [ 423.723353][ T8566] Cannot find add_set index 0 as target [ 423.727451][ T8566] Cannot find add_set index 0 as target [ 423.729972][ T8566] Cannot find add_set index 0 as target [ 423.732364][ T8566] Cannot find add_set index 0 as target [ 423.843681][ T8576] netlink: 16 bytes leftover after parsing attributes in process `syz.3.776'. [ 423.848099][ T8576] netlink: 28 bytes leftover after parsing attributes in process `syz.3.776'. [ 423.851805][ T63] Bluetooth: hci1: SCO packet for unknown connection handle 200 [ 423.857721][ T8578] netlink: 8 bytes leftover after parsing attributes in process `syz.1.777'. [ 423.876961][ T8580] dlm: no locking on control device [ 423.921523][ T8585] netlink: 36 bytes leftover after parsing attributes in process `syz.1.779'. [ 423.926680][ T8585] netlink: 16 bytes leftover after parsing attributes in process `syz.1.779'. [ 423.930465][ T8585] netlink: 36 bytes leftover after parsing attributes in process `syz.1.779'. [ 423.933722][ T8585] netlink: 36 bytes leftover after parsing attributes in process `syz.1.779'. [ 423.973842][ T8588] netlink: 'syz.0.781': attribute type 3 has an invalid length. [ 423.977857][ T8588] netlink: 8 bytes leftover after parsing attributes in process `syz.0.781'. [ 423.988916][ T8590] 9pnet_fd: Insufficient options for proto=fd [ 424.244679][ T8602] netlink: 'syz.1.785': attribute type 21 has an invalid length. [ 424.247622][ T8602] netlink: 'syz.1.785': attribute type 6 has an invalid length. [ 424.250087][ T8602] netlink: 132 bytes leftover after parsing attributes in process `syz.1.785'. [ 424.724745][ T8616] netlink: 'syz.1.790': attribute type 27 has an invalid length. [ 424.756717][ T8616] bridge0: port 2(bridge_slave_1) entered disabled state [ 424.759417][ T8616] bridge0: port 1(bridge_slave_0) entered disabled state [ 424.927763][ T8616] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 424.930689][ T8616] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 424.933462][ T8616] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 424.938384][ T8616] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 424.965594][ T8616] xfrm1: left allmulticast mode [ 424.967588][ T8616] veth3: left promiscuous mode [ 424.973516][ T8616] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 424.977754][ T8616] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 424.981565][ T8616] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 424.984584][ T8616] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 424.989933][ T8616] ipvlan2: left promiscuous mode [ 425.006615][ T63] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 425.009340][ T63] Bluetooth: hci3: Injecting HCI hardware error event [ 425.012848][ T5992] Bluetooth: hci3: hardware error 0x00 [ 425.028580][ T8617] 8021q: adding VLAN 0 to HW filter on device bond0 [ 425.031815][ T8617] 8021q: adding VLAN 0 to HW filter on device team0 [ 425.041527][ T8617] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 425.121254][ T8626] misc userio: The device must be registered before sending interrupts [ 425.138023][ T8624] netlink: 'syz.3.793': attribute type 2 has an invalid length. [ 425.165194][ T61] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 425.336531][ T61] usb 5-1: config 0 interface 0 has no altsetting 0 [ 425.338927][ T61] usb 5-1: New USB device found, idVendor=046d, idProduct=c227, bcdDevice= 0.00 [ 425.341915][ T61] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 425.348997][ T61] usb 5-1: config 0 descriptor?? [ 425.492606][ T8645] (syz.3.800,8645,2):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 425.497280][ T8645] (syz.3.800,8645,2):ocfs2_fill_super:1177 ERROR: status = -22 [ 425.605725][ T8660] Cannot find del_set index 128 as target [ 425.705150][ T8666] tmpfs: Bad value for 'mpol' [ 425.936988][ T61] usbhid 5-1:0.0: can't add hid device: -71 [ 425.939201][ T61] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 425.942853][ T61] usb 5-1: USB disconnect, device number 5 [ 426.400775][ T8712] fuse: Bad value for 'rootmode' [ 426.481192][ T8722] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 426.537827][ T8718] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 426.545946][ T8718] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 426.550959][ T8718] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface [ 426.556423][ T8718] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 426.564353][ T8718] bond0 (unregistering): Released all slaves [ 426.595831][ T8727] loop5: detected capacity change from 0 to 524287999 [ 426.629170][ T5995] Bluetooth: hci3: unexpected event for opcode 0x1407 [ 426.713184][ T6981] udevd[6981]: symlink '../../loop5' '/dev/disk/by-diskseq/87.tmp-b7:5' failed: Read-only file system [ 426.744836][ T8746] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8746 comm=syz.1.832 [ 426.795886][ T8751] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 426.798730][ T8751] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 426.806788][ T8754] netlink: 'syz.2.834': attribute type 12 has an invalid length. [ 426.890575][ T8758] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535) [ 427.045203][ T1336] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 427.059750][ T6986] udevd[6986]: symlink '../../loop5' '/dev/disk/by-diskseq/87.tmp-b7:5' failed: Read-only file system [ 427.075235][ T5992] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 427.086906][ T6986] udevd[6986]: symlink '../../loop5' '/dev/disk/by-diskseq/87.tmp-b7:5' failed: Read-only file system [ 427.205684][ T1336] usb 6-1: Using ep0 maxpacket: 32 [ 427.209432][ T1336] usb 6-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 427.212521][ T1336] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 427.218652][ T1336] usb 6-1: config 0 descriptor?? [ 427.227113][ T1336] as10x_usb: device has been detected [ 427.229514][ T1336] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 427.242341][ T1336] usb 6-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 427.261190][ T1336] as10x_usb: error during firmware upload part1 [ 427.263469][ T1336] Registered device nBox DVB-T Dongle [ 427.422192][ T1336] usb 6-1: USB disconnect, device number 6 [ 427.442001][ T1336] Unregistered device nBox DVB-T Dongle [ 427.444043][ T1336] as10x_usb: device has been disconnected [ 427.448894][ T8789] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode broadcast(3) [ 427.592843][ T40] kauditd_printk_skb: 66954 callbacks suppressed [ 427.592859][ T40] audit: type=1400 audit(1751440412.055:67491): avc: denied { getopt } for pid=8795 comm="syz.2.848" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 427.615351][ T3230] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 427.636455][ T5992] Bluetooth: hci2: command 0x0c1a tx timeout [ 427.679778][ T5992] Bluetooth: hci2: unexpected event for opcode 0x0c1c [ 427.725301][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 427.735346][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 427.745995][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 427.750804][ T0] NOHZ tick-stop error: local softirq work is pending, handler #248!!! [ 427.765326][ T3230] usb 5-1: Using ep0 maxpacket: 32 [ 427.769188][ T3230] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 427.774224][ T3230] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 427.777480][ T3230] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 427.780235][ T3230] usb 5-1: Product: syz [ 427.781587][ T3230] usb 5-1: Manufacturer: syz [ 427.783051][ T3230] usb 5-1: SerialNumber: syz [ 427.787593][ T3230] usb 5-1: config 0 descriptor?? [ 427.790450][ T8783] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 427.795884][ T3230] hub 5-1:0.0: bad descriptor, ignoring hub [ 427.797915][ T3230] hub 5-1:0.0: probe with driver hub failed with error -5 [ 428.045997][ T40] audit: type=1400 audit(1751440412.505:67492): avc: denied { mount } for pid=8810 comm="syz.1.852" name="/" dev="configfs" ino=2065 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 428.054849][ T40] audit: type=1400 audit(1751440412.515:67493): avc: denied { search } for pid=8810 comm="syz.1.852" name="/" dev="configfs" ino=2065 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 428.075210][ T40] audit: type=1400 audit(1751440412.535:67494): avc: denied { search } for pid=8810 comm="syz.1.852" name="/" dev="configfs" ino=2065 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 428.075641][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 428.335308][ T3230] usb 5-1: USB disconnect, device number 6 [ 428.456180][ T8834] netlink: 'syz.3.858': attribute type 1 has an invalid length. [ 428.773947][ T40] audit: type=1400 audit(1751440413.235:67495): avc: denied { connect } for pid=8862 comm="syz.0.864" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 428.780063][ T40] audit: type=1400 audit(1751440413.245:67496): avc: denied { setopt } for pid=8862 comm="syz.0.864" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 428.793826][ T8864] 8021q: adding VLAN 0 to HW filter on device bond2 [ 428.809703][ T8861] CUSE: DEVNAME unspecified [ 428.916620][ T8876] sch_fq: defrate 4 ignored. [ 428.953923][ T40] audit: type=1400 audit(1751440413.415:67497): avc: denied { bind } for pid=8875 comm="syz.0.867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 428.960240][ T40] audit: type=1400 audit(1751440413.415:67498): avc: denied { node_bind } for pid=8875 comm="syz.0.867" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 429.027407][ T8878] __nla_validate_parse: 9 callbacks suppressed [ 429.027419][ T8878] netlink: 8 bytes leftover after parsing attributes in process `syz.1.868'. [ 429.091173][ T8878] netlink: 4 bytes leftover after parsing attributes in process `syz.1.868'. [ 429.270249][ T8884] netlink: 'syz.1.869': attribute type 10 has an invalid length. [ 429.272801][ T8884] netlink: 40 bytes leftover after parsing attributes in process `syz.1.869'. [ 429.276493][ T8884] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 429.280241][ T8884] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 429.283482][ T8884] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 429.286478][ T8884] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 429.292995][ T8884] team0: Failed to send port change of device geneve0 via netlink (err -105) [ 429.297667][ T8884] team0: Failed to send options change via netlink (err -105) [ 429.300144][ T8884] team0: Port device geneve0 added [ 429.514679][ T40] audit: type=1400 audit(1751440413.975:67499): avc: denied { accept } for pid=8893 comm="syz.1.873" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 429.518802][ T8894] ufs: You didn't specify the type of your ufs filesystem [ 429.518802][ T8894] [ 429.518802][ T8894] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 429.518802][ T8894] [ 429.518802][ T8894] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 429.532640][ T8853] ceph: No mds server is up or the cluster is laggy [ 429.538384][ T8894] ufs: ufstype=old is supported read-only [ 429.544478][ T8894] syz.1.873: attempt to access beyond end of device [ 429.544478][ T8894] nbd1: rw=0, sector=16, nr_sectors = 2 limit=0 [ 429.602633][ T8896] netlink: 4 bytes leftover after parsing attributes in process `syz.1.874'. [ 429.602939][ T8897] netlink: 12 bytes leftover after parsing attributes in process `syz.1.874'. [ 429.664114][ T40] audit: type=1400 audit(1751440414.125:67500): avc: denied { setattr } for pid=8902 comm="syz.1.876" name="/" dev="9p" ino=7016996765293437283 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1 [ 429.854007][ T8909] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 429.909082][ T8914] bond3: entered allmulticast mode [ 429.924474][ T8911] binfmt_misc: register: failed to install interpreter file ./file0 [ 429.973214][ T8924] netlink: 'syz.0.883': attribute type 5 has an invalid length. [ 429.977038][ T8924] netlink: 'syz.0.883': attribute type 1 has an invalid length. [ 430.038698][ T8926] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 431.113705][ T8972] netlink: 12 bytes leftover after parsing attributes in process `syz.2.898'. [ 431.125227][ T6076] usb 5-1: new low-speed USB device number 7 using dummy_hcd [ 431.287271][ T6076] usb 5-1: No LPM exit latency info found, disabling LPM. [ 431.295141][ T6076] usb 5-1: config 190 has an invalid interface number: 1 but max is 0 [ 431.297718][ T6076] usb 5-1: config 190 has no interface number 0 [ 431.299710][ T6076] usb 5-1: config 190 interface 1 altsetting 7 endpoint 0x8 has invalid maxpacket 64, setting to 8 [ 431.303088][ T6076] usb 5-1: config 190 interface 1 altsetting 7 has an endpoint descriptor with address 0x65, changing to 0x5 [ 431.306817][ T6076] usb 5-1: config 190 interface 1 altsetting 7 endpoint 0x5 is Bulk; changing to Interrupt [ 431.309903][ T6076] usb 5-1: config 190 interface 1 altsetting 7 endpoint 0x6 has invalid maxpacket 32, setting to 8 [ 431.313321][ T6076] usb 5-1: config 190 interface 1 altsetting 7 endpoint 0xC has invalid wMaxPacketSize 0 [ 431.316642][ T6076] usb 5-1: config 190 interface 1 altsetting 7 endpoint 0x1 has invalid maxpacket 64, setting to 8 [ 431.320056][ T6076] usb 5-1: config 190 interface 1 altsetting 7 endpoint 0x7 has invalid maxpacket 64, setting to 8 [ 431.323318][ T6076] usb 5-1: config 190 interface 1 altsetting 7 has an invalid descriptor for endpoint zero, skipping [ 431.326690][ T6076] usb 5-1: config 190 interface 1 altsetting 7 has a duplicate endpoint with address 0xC, skipping [ 431.330224][ T6076] usb 5-1: config 190 interface 1 altsetting 7 has 9 endpoint descriptors, different from the interface descriptor's value: 8 [ 431.330516][ T8984] netlink: 20 bytes leftover after parsing attributes in process `syz.2.903'. [ 431.334350][ T6076] usb 5-1: config 190 interface 1 has no altsetting 0 [ 431.336505][ T6076] usb 5-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=1b.7d [ 431.343359][ T6076] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 431.346198][ T6076] usb 5-1: Product: ࠠ [ 431.347633][ T6076] usb 5-1: Manufacturer: ಼ [ 431.349115][ T6076] usb 5-1: SerialNumber: п [ 431.355999][ T8960] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 431.358530][ T8960] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 431.360893][ T8960] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 431.631295][ T6076] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state. [ 431.634831][ T6076] vp7045: USB control message 'out' went wrong. [ 431.637300][ T6076] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 431.640641][ T6076] dvbdev: DVB: registering new adapter (DigitalNow TinyUSB 2 DVB-t Receiver) [ 431.644735][ T6076] usb 5-1: media controller created [ 431.647886][ T6076] vp7045: USB control message 'out' went wrong. [ 431.649908][ T6076] dvb-usb: MAC address reading failed. [ 431.660554][ T6076] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 431.671088][ T6076] vp7045: USB control message 'out' went wrong. [ 431.674119][ T6076] vp7045: USB control message 'out' went wrong. [ 431.676631][ T6076] vp7045: USB control message 'out' went wrong. [ 431.678733][ T6076] usb 5-1: DVB: registering adapter 1 frontend 0 (Twinhan VP7045/46 USB DVB-T)... [ 431.682001][ T6076] dvbdev: dvb_create_media_entity: media entity 'Twinhan VP7045/46 USB DVB-T' registered. [ 431.745183][ T6076] rc_core: IR keymap rc-twinhan1027 not found [ 431.747180][ T6076] Registered IR keymap rc-empty [ 431.752711][ T6076] rc rc0: DigitalNow TinyUSB 2 DVB-t Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0 [ 431.758830][ T6076] input: DigitalNow TinyUSB 2 DVB-t Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0/input6 [ 431.766097][ T6076] dvb-usb: schedule remote query interval to 400 msecs. [ 431.769195][ T6076] vp7045: USB control message 'out' went wrong. [ 431.771645][ T6076] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver successfully initialized and connected. [ 431.781334][ T6076] usb 5-1: USB disconnect, device number 7 [ 431.828254][ T6076] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver successfully deinitialized and disconnected. [ 432.178144][ T9005] netlink: 24 bytes leftover after parsing attributes in process `syz.0.910'. [ 432.204742][ T9005] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9005 comm=syz.0.910 [ 432.219299][ T9011] xt_l2tp: v2 doesn't support IP mode [ 432.504135][ T9050] overlayfs: metacopy with no lower data found - abort lookup (/bus) [ 432.567529][ T9062] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 432.706134][ T40] kauditd_printk_skb: 11 callbacks suppressed [ 432.706145][ T40] audit: type=1400 audit(1751440417.175:67512): avc: denied { getopt } for pid=9081 comm="syz.3.931" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 432.720799][ T40] audit: type=1400 audit(1751440417.185:67513): avc: denied { read } for pid=9081 comm="syz.3.931" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 432.746676][ T9086] netlink: 12 bytes leftover after parsing attributes in process `syz.2.932'. [ 432.778338][ T9089] netlink: 57 bytes leftover after parsing attributes in process `syz.2.933'. [ 433.027827][ T9111] netlink: 'syz.2.938': attribute type 11 has an invalid length. [ 433.031031][ T9111] netlink: 'syz.2.938': attribute type 10 has an invalid length. [ 433.038303][ T9111] team0: Port device wlan1 added [ 433.040866][ T9110] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 433.318227][ T40] audit: type=1400 audit(1751440417.785:67514): avc: denied { egress } for pid=15 comm="ksoftirqd/0" saddr=fe80::1b daddr=ff02::2 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1 [ 433.326263][ T40] audit: type=1400 audit(1751440417.785:67515): avc: denied { sendto } for pid=15 comm="ksoftirqd/0" saddr=fe80::1b daddr=ff02::2 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1 [ 433.446611][ T9116] 9pnet_virtio: no channels available for device syz [ 433.714985][ T9138] hsr_slave_0 (unregistering): left promiscuous mode [ 434.062480][ T40] audit: type=1400 audit(1751440418.525:67516): avc: denied { setattr } for pid=9183 comm="syz.2.962" name="RAWv6" dev="sockfs" ino=25766 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 434.195264][ T6076] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 434.355162][ T6076] usb 6-1: Using ep0 maxpacket: 16 [ 434.359177][ T6076] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 434.363335][ T6076] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 255, changing to 11 [ 434.368336][ T6076] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid maxpacket 59391, setting to 1024 [ 434.373578][ T6076] usb 6-1: config 0 interface 0 has no altsetting 0 [ 434.379453][ T6076] usb 6-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 434.383228][ T6076] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 434.387173][ T6076] usb 6-1: Product: syz [ 434.389092][ T6076] usb 6-1: Manufacturer: syz [ 434.391318][ T6076] usb 6-1: SerialNumber: syz [ 434.396090][ T6076] usb 6-1: config 0 descriptor?? [ 434.399420][ T9169] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 434.578687][ T40] audit: type=1400 audit(1751440419.045:67517): avc: denied { mount } for pid=9196 comm="syz.2.966" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 434.626759][ T9169] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 434.634232][ T6076] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input7 [ 434.796180][ T9223] __nla_validate_parse: 6 callbacks suppressed [ 434.796197][ T9223] netlink: 8 bytes leftover after parsing attributes in process `syz.0.974'. [ 434.870483][ T40] audit: type=1800 audit(1751440419.335:67518): pid=9169 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=set_data cause=unavailable-hash-algorithm comm="syz.1.958" name="/newroot/219/file0" dev="tmpfs" ino=1169 res=0 errno=0 [ 434.940340][ T1336] usb 6-1: USB disconnect, device number 7 [ 435.285219][ T61] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 435.435607][ T61] usb 5-1: Using ep0 maxpacket: 8 [ 435.438666][ T61] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 435.441426][ T61] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 435.444946][ T61] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 435.448265][ T61] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 435.451648][ T61] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 435.456329][ T61] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 435.459240][ T61] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 435.521922][ T40] audit: type=1400 audit(1751440419.985:67519): avc: denied { getattr } for pid=9241 comm="syz.1.980" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=24980 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 435.545281][ T9247] netlink: 'syz.1.981': attribute type 2 has an invalid length. [ 435.547951][ T9247] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.981'. [ 435.551098][ T9247] nbd: must specify a device to reconfigure [ 435.607271][ T9257] netlink: 'syz.2.984': attribute type 10 has an invalid length. [ 435.610397][ T9257] 0: entered promiscuous mode [ 435.611998][ T9257] 0: left allmulticast mode [ 435.613685][ T9257] hsr_slave_1: left allmulticast mode [ 435.637777][ T9260] mkiss: ax0: crc mode is auto. [ 435.647383][ T40] audit: type=1400 audit(1751440420.115:67520): avc: denied { remount } for pid=9254 comm="syz.1.983" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 435.666330][ T61] usb 5-1: usb_control_msg returned -32 [ 435.668282][ T61] usbtmc 5-1:16.0: can't read capabilities [ 435.670164][ T9258] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 435.872920][ T9267] batadv_slave_1: entered promiscuous mode [ 435.944140][ T9266] batadv_slave_1: left promiscuous mode [ 436.638115][ T9298] netlink: 4 bytes leftover after parsing attributes in process `syz.2.994'. [ 437.039469][ T9339] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1001'. [ 437.504541][ T9381] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1009'. [ 437.580484][ T9394] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1012'. [ 437.621624][ T9399] netlink: 'syz.1.1014': attribute type 62 has an invalid length. [ 437.686501][ T40] audit: type=1400 audit(1751440422.155:67521): avc: denied { read } for pid=9398 comm="syz.1.1014" dev="sockfs" ino=26047 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 437.723213][ T40] audit: type=1400 audit(1751440422.185:67522): avc: denied { audit_read } for pid=9408 comm="syz.2.1017" capability=37 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 437.731130][ T9409] netlink: 'syz.2.1017': attribute type 1 has an invalid length. [ 437.792224][ T9413] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1019'. [ 437.938383][ T6077] usb 5-1: USB disconnect, device number 8 [ 437.970980][ T9434] loop2: detected capacity change from 0 to 7 [ 437.973642][ T40] audit: type=1400 audit(1751440422.435:67523): avc: denied { write } for pid=9432 comm="syz.0.1025" path="socket:[26078]" dev="sockfs" ino=26078 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 437.980308][ T9434] Dev loop2: unable to read RDB block 7 [ 437.984312][ T9434] loop2: AHDI p1 p2 p3 [ 437.987417][ T9434] loop2: partition table partially beyond EOD, truncated [ 437.990672][ T9434] loop2: p1 start 1601398130 is beyond EOD, truncated [ 437.993140][ T9434] loop2: p2 start 1702059890 is beyond EOD, truncated [ 437.993415][ T40] audit: type=1400 audit(1751440422.435:67524): avc: denied { write } for pid=9432 comm="syz.0.1025" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 438.001913][ T7008] udevd[7008]: symlink '../../loop2' '/dev/disk/by-diskseq/90.tmp-b7:2' failed: Read-only file system [ 438.012615][ T9439] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.1026'. [ 438.013241][ T8996] udevd[8996]: symlink '../../loop2' '/dev/disk/by-diskseq/90.tmp-b7:2' failed: Read-only file system [ 438.028393][ T8996] udevd[8996]: symlink '../../loop2' '/dev/disk/by-diskseq/90.tmp-b7:2' failed: Read-only file system [ 438.038703][ T8996] udevd[8996]: symlink '../../loop2' '/dev/disk/by-diskseq/90.tmp-b7:2' failed: Read-only file system [ 438.054468][ T9444] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1028'. [ 438.058493][ T9444] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 438.062290][ T9445] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1028'. [ 438.065392][ T9445] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 438.223732][ T9461] smb3: Unknown parameter 'rdma' [ 438.223736][ T9460] smb3: Unknown parameter 'rdma' [ 438.230669][ T40] audit: type=1400 audit(1751440422.695:67525): avc: denied { ioctl } for pid=9459 comm="syz.2.1032" path="socket:[26087]" dev="sockfs" ino=26087 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 438.269194][ T40] audit: type=1400 audit(1751440422.735:67526): avc: denied { watch } for pid=9462 comm="syz.2.1033" path="/372/file0" dev="tmpfs" ino=2021 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 438.270389][ T9463] trusted_key: syz.2.1033 sent an empty control message without MSG_MORE. [ 438.277232][ T40] audit: type=1400 audit(1751440422.735:67527): avc: denied { watch_sb watch_reads } for pid=9462 comm="syz.2.1033" path="/372/file0" dev="tmpfs" ino=2021 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 438.415329][ T5960] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 438.565781][ T5960] usb 5-1: Using ep0 maxpacket: 32 [ 438.569447][ T5960] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 438.572190][ T5960] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 438.574938][ T5960] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 438.577860][ T5960] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 438.580997][ T5960] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 438.584555][ T5960] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 438.588724][ T5960] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 438.591644][ T5960] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 438.596296][ T5960] usb 5-1: config 0 descriptor?? [ 438.664047][ T9475] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=9475 comm=syz.1.1037 [ 438.732637][ T40] audit: type=1400 audit(1751440423.195:67528): avc: denied { write } for pid=9479 comm="syz.1.1038" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1 [ 438.782192][ T40] audit: type=1400 audit(1751440423.245:67529): avc: denied { bind } for pid=9483 comm="syz.1.1039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 438.805293][ T5960] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 438.805506][ T40] audit: type=1400 audit(1751440423.265:67530): avc: denied { write } for pid=9483 comm="syz.1.1039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 438.835267][ T40] audit: type=1400 audit(1751440423.295:67531): avc: denied { mount } for pid=9488 comm="syz.1.1040" name="/" dev="autofs" ino=24063 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 439.889375][ T9525] __nla_validate_parse: 4 callbacks suppressed [ 439.889393][ T9525] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1051'. [ 440.145772][ T9533] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1053'. [ 440.149455][ T9533] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1053'. [ 440.292758][ T9539] GUP no longer grows the stack in syz.2.1056 (9539): 200000007000-20000000a000 (200000004000) [ 440.298121][ T9539] CPU: 1 UID: 0 PID: 9539 Comm: syz.2.1056 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) [ 440.298148][ T9539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 440.298158][ T9539] Call Trace: [ 440.298171][ T9539] [ 440.298178][ T9539] dump_stack_lvl+0x16c/0x1f0 [ 440.298222][ T9539] gup_vma_lookup+0x1d2/0x220 [ 440.298250][ T9539] __get_user_pages+0x271/0x3b80 [ 440.298271][ T9539] ? kasan_save_stack+0x33/0x60 [ 440.298293][ T9539] ? kasan_save_track+0x14/0x30 [ 440.298314][ T9539] ? __kasan_kmalloc+0xaa/0xb0 [ 440.298334][ T9539] ? __kvmalloc_node_noprof+0x27b/0x620 [ 440.298350][ T9539] ? xdp_umem_create+0x652/0x1270 [ 440.298374][ T9539] ? __pfx___get_user_pages+0x10/0x10 [ 440.298387][ T9539] ? __x64_sys_setsockopt+0xbd/0x160 [ 440.298410][ T9539] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.298434][ T9539] __gup_longterm_locked+0x5e7/0x1840 [ 440.298460][ T9539] ? __pfx___gup_longterm_locked+0x10/0x10 [ 440.298494][ T9539] pin_user_pages+0x13c/0x160 [ 440.298508][ T9539] ? __pfx_pin_user_pages+0x10/0x10 [ 440.298523][ T9539] ? trace_kmalloc+0x2b/0xd0 [ 440.298556][ T9539] ? xdp_umem_create+0x652/0x1270 [ 440.298586][ T9539] xdp_umem_create+0x73c/0x1270 [ 440.298614][ T9539] xsk_setsockopt+0x5b2/0x840 [ 440.298633][ T9539] ? __pfx_xsk_setsockopt+0x10/0x10 [ 440.298648][ T9539] ? __lock_acquire+0x622/0x1c90 [ 440.298667][ T9539] ? selinux_socket_setsockopt+0x6a/0x80 [ 440.298689][ T9539] ? __pfx_xsk_setsockopt+0x10/0x10 [ 440.298708][ T9539] do_sock_setsockopt+0x221/0x470 [ 440.298733][ T9539] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 440.298772][ T9539] __sys_setsockopt+0x1a0/0x230 [ 440.298800][ T9539] __x64_sys_setsockopt+0xbd/0x160 [ 440.298821][ T9539] ? do_syscall_64+0x91/0x4c0 [ 440.298846][ T9539] ? lockdep_hardirqs_on+0x7c/0x110 [ 440.298868][ T9539] do_syscall_64+0xcd/0x4c0 [ 440.298896][ T9539] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.298913][ T9539] RIP: 0033:0x7f1962d8e929 [ 440.298928][ T9539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 440.298946][ T9539] RSP: 002b:00007f1963b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 440.298965][ T9539] RAX: ffffffffffffffda RBX: 00007f1962fb5fa0 RCX: 00007f1962d8e929 [ 440.298976][ T9539] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000003 [ 440.298986][ T9539] RBP: 00007f1962e10b39 R08: 0000000000000020 R09: 0000000000000000 [ 440.298997][ T9539] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 440.299008][ T9539] R13: 0000000000000000 R14: 00007f1962fb5fa0 R15: 00007ffdf39c8f68 [ 440.299049][ T9539] [ 440.406791][ C1] vkms_vblank_simulate: vblank timer overrun [ 440.697801][ T9546] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1059'. [ 441.006343][ T9555] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1062'. [ 441.041373][ T9560] netdevsim netdevsim1: Direct firmware load for . [ 441.041373][ T9560] failed with error -2 [ 441.047620][ T9560] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 441.047620][ T9560] [ 441.200127][ T61] usb 5-1: USB disconnect, device number 9 [ 441.210378][ T61] usblp0: removed [ 441.284108][ T9580] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1070'. [ 441.334775][ T9584] No source specified [ 441.383914][ T6077] hid-generic 0000:0004:0009.0002: unknown main item tag 0x0 [ 441.388510][ T6077] hid-generic 0000:0004:0009.0002: unknown main item tag 0x0 [ 441.390980][ T6077] hid-generic 0000:0004:0009.0002: unknown main item tag 0x0 [ 441.407838][ T6077] hid-generic 0000:0004:0009.0002: hidraw1: HID v0.04 Device [syz0] on syz1 [ 441.430637][ T9594] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1077'. [ 441.484480][ T9597] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9597 comm=syz.2.1076 [ 441.997798][ T9631] ------------[ cut here ]------------ [ 442.000073][ T9631] Voluntary context switch within RCU read-side critical section! [ 442.000152][ T9631] WARNING: CPU: 1 PID: 9631 at kernel/rcu/tree_plugin.h:332 rcu_note_context_switch+0xccc/0x1e00 [ 442.006612][ T9631] Modules linked in: [ 442.008000][ T9631] CPU: 1 UID: 0 PID: 9631 Comm: syz.3.1084 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) [ 442.013556][ T9631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 442.017046][ T9631] RIP: 0010:rcu_note_context_switch+0xccc/0x1e00 [ 442.019094][ T9631] Code: 24 30 4c 8b 54 24 28 4c 8b 44 24 20 8b 4c 24 08 e9 cc 03 00 00 c6 05 b0 72 ed 0e 01 90 48 c7 c7 20 fb ae 8b e8 15 ed d7 ff 90 <0f> 0b 90 90 e9 35 f4 ff ff 38 d0 7f 08 84 c0 0f 85 10 09 00 00 80 [ 442.025237][ T9631] RSP: 0018:ffffc90006507028 EFLAGS: 00010086 [ 442.027294][ T9631] RAX: 0000000000000000 RBX: ffff88806a53b2c0 RCX: ffffffff817ae278 [ 442.030148][ T9631] RDX: ffff88802b4da440 RSI: ffffffff817ae285 RDI: 0000000000000001 [ 442.032915][ T9631] RBP: ffff88802b4da440 R08: 0000000000000001 R09: 0000000000000000 [ 442.035760][ T9631] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 [ 442.038286][ T9631] R13: ffff88802b4da440 R14: ffffffff90a83f44 R15: ffff88806a53a2c0 [ 442.040804][ T9631] FS: 00007fe0f2b966c0(0000) GS:ffff8880d6852000(0000) knlGS:0000000000000000 [ 442.041012][ T9630] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1084'. [ 442.043592][ T9631] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 442.043609][ T9631] CR2: 00007fe0f2b75d58 CR3: 000000004d0f6000 CR4: 0000000000352ef0 [ 442.043617][ T9631] Call Trace: [ 442.043622][ T9631] [ 442.043629][ T9631] ? __pfx___dev_queue_xmit+0x10/0x10 [ 442.055046][ T9631] ? schedule+0xe7/0x3a0 [ 442.056472][ T9631] ? schedule+0xe7/0x3a0 [ 442.057939][ T9631] ? schedule+0xe7/0x3a0 [ 442.059420][ T9631] __schedule+0x2f7/0x5de0 [ 442.060857][ T9631] ? kvm_sched_clock_read+0x11/0x20 [ 442.062655][ T9631] ? sched_clock+0x38/0x60 [ 442.064072][ T9631] ? sched_clock_cpu+0x6c/0x530 [ 442.065617][ T9631] ? arch_scale_cpu_capacity+0x15/0xb0 [ 442.067427][ T9631] ? dl_scaled_delta_exec+0xdb/0x2e0 [ 442.069095][ T9631] ? __pfx___schedule+0x10/0x10 [ 442.070737][ T9631] ? find_held_lock+0x2b/0x80 [ 442.072345][ T9631] ? do_sched_yield+0x1c3/0x300 [ 442.073999][ T9631] schedule+0xe7/0x3a0 [ 442.075417][ T9631] netlink_broadcast_filtered+0xa91/0xf10 [ 442.077449][ T9631] ? __pfx_netlink_broadcast_filtered+0x10/0x10 [ 442.079573][ T9631] ? __pfx___alloc_skb+0x10/0x10 [ 442.081167][ T9631] ? find_held_lock+0x2b/0x80 [ 442.082745][ T9631] nlmsg_notify+0x9e/0x220 [ 442.084324][ T9631] ip6_route_del+0x115c/0x1d70 [ 442.085916][ T9631] ? __pfx_ip6_route_del+0x10/0x10 [ 442.087691][ T9631] ? avc_has_perm_noaudit+0x117/0x3b0 [ 442.089464][ T9631] inet6_rtm_delroute+0x27c/0x3b0 [ 442.091216][ T9631] ? __pfx_inet6_rtm_delroute+0x10/0x10 [ 442.092947][ T9631] ? find_held_lock+0x2b/0x80 [ 442.094435][ T9631] ? __pfx_inet6_rtm_delroute+0x10/0x10 [ 442.096144][ T9631] ? __pfx_inet6_rtm_delroute+0x10/0x10 [ 442.098011][ T9631] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 442.099609][ T9631] ? __pfx_inet6_rtm_delroute+0x10/0x10 [ 442.101321][ T9631] rtnetlink_rcv_msg+0x95b/0xe90 [ 442.102871][ T9631] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 442.104557][ T9631] ? ref_tracker_free+0x37c/0x830 [ 442.106219][ T9631] netlink_rcv_skb+0x155/0x420 [ 442.107765][ T9631] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 442.109477][ T9631] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 442.111153][ T9631] ? netlink_deliver_tap+0x1ae/0xd30 [ 442.112851][ T9631] netlink_unicast+0x53d/0x7f0 [ 442.114344][ T9631] ? __pfx_netlink_unicast+0x10/0x10 [ 442.115983][ T9631] netlink_sendmsg+0x8d1/0xdd0 [ 442.117478][ T9631] ? __pfx_netlink_sendmsg+0x10/0x10 [ 442.119170][ T9631] ____sys_sendmsg+0xa95/0xc70 [ 442.120634][ T9631] ? copy_msghdr_from_user+0x10a/0x160 [ 442.122363][ T9631] ? __pfx_____sys_sendmsg+0x10/0x10 [ 442.124029][ T9631] ? kfree+0x24f/0x4d0 [ 442.125287][ T9631] ? __pfx_futex_wake_mark+0x10/0x10 [ 442.126964][ T9631] ___sys_sendmsg+0x134/0x1d0 [ 442.128436][ T9631] ? __pfx____sys_sendmsg+0x10/0x10 [ 442.130053][ T9631] ? __lock_acquire+0x622/0x1c90 [ 442.131626][ T9631] __sys_sendmsg+0x16d/0x220 [ 442.133046][ T9631] ? __pfx___sys_sendmsg+0x10/0x10 [ 442.134693][ T9631] ? __x64_sys_futex+0x1e0/0x4c0 [ 442.136262][ T9631] do_syscall_64+0xcd/0x4c0 [ 442.137722][ T9631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 442.139714][ T9631] RIP: 0033:0x7fe0f1d8e929 [ 442.141122][ T9631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 442.147211][ T9631] RSP: 002b:00007fe0f2b96038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 442.149804][ T9631] RAX: ffffffffffffffda RBX: 00007fe0f1fb6080 RCX: 00007fe0f1d8e929 [ 442.152264][ T9631] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004 [ 442.154724][ T9631] RBP: 00007fe0f1e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 442.157284][ T9631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 442.159760][ T9631] R13: 0000000000000000 R14: 00007fe0f1fb6080 R15: 00007ffc32e75dd8 [ 442.162235][ T9631] [ 442.163223][ T9631] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 442.165496][ T9631] CPU: 1 UID: 0 PID: 9631 Comm: syz.3.1084 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) [ 442.169309][ T9631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 442.172655][ T9631] Call Trace: [ 442.173726][ T9631] [ 442.174680][ T9631] dump_stack_lvl+0x3d/0x1f0 [ 442.176231][ T9631] panic+0x71c/0x800 [ 442.177513][ T9631] ? __pfx_panic+0x10/0x10 [ 442.178931][ T9631] ? show_trace_log_lvl+0x29b/0x3e0 [ 442.180588][ T9631] ? check_panic_on_warn+0x1f/0xb0 [ 442.182279][ T9631] ? rcu_note_context_switch+0xccc/0x1e00 [ 442.184128][ T9631] check_panic_on_warn+0xab/0xb0 [ 442.185741][ T9631] __warn+0xf6/0x3c0 [ 442.187040][ T9631] ? rcu_note_context_switch+0xccc/0x1e00 [ 442.188888][ T9631] report_bug+0x3c3/0x580 [ 442.190216][ T9631] ? rcu_note_context_switch+0xccc/0x1e00 [ 442.191971][ T9631] handle_bug+0x184/0x210 [ 442.193348][ T9631] exc_invalid_op+0x17/0x50 [ 442.194761][ T9631] asm_exc_invalid_op+0x1a/0x20 [ 442.196230][ T9631] RIP: 0010:rcu_note_context_switch+0xccc/0x1e00 [ 442.198239][ T9631] Code: 24 30 4c 8b 54 24 28 4c 8b 44 24 20 8b 4c 24 08 e9 cc 03 00 00 c6 05 b0 72 ed 0e 01 90 48 c7 c7 20 fb ae 8b e8 15 ed d7 ff 90 <0f> 0b 90 90 e9 35 f4 ff ff 38 d0 7f 08 84 c0 0f 85 10 09 00 00 80 [ 442.204244][ T9631] RSP: 0018:ffffc90006507028 EFLAGS: 00010086 [ 442.206360][ T9631] RAX: 0000000000000000 RBX: ffff88806a53b2c0 RCX: ffffffff817ae278 [ 442.209064][ T9631] RDX: ffff88802b4da440 RSI: ffffffff817ae285 RDI: 0000000000000001 [ 442.211670][ T9631] RBP: ffff88802b4da440 R08: 0000000000000001 R09: 0000000000000000 [ 442.214196][ T9631] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 [ 442.217003][ T9631] R13: ffff88802b4da440 R14: ffffffff90a83f44 R15: ffff88806a53a2c0 [ 442.219602][ T9631] ? __warn_printk+0x198/0x350 [ 442.221222][ T9631] ? __warn_printk+0x1a5/0x350 [ 442.222757][ T9631] ? rcu_note_context_switch+0xccb/0x1e00 [ 442.224550][ T9631] ? __pfx___dev_queue_xmit+0x10/0x10 [ 442.226284][ T9631] ? schedule+0xe7/0x3a0 [ 442.227674][ T9631] ? schedule+0xe7/0x3a0 [ 442.229013][ T9631] ? schedule+0xe7/0x3a0 [ 442.230398][ T9631] __schedule+0x2f7/0x5de0 [ 442.231794][ T9631] ? kvm_sched_clock_read+0x11/0x20 [ 442.233377][ T9631] ? sched_clock+0x38/0x60 [ 442.234805][ T9631] ? sched_clock_cpu+0x6c/0x530 [ 442.236359][ T9631] ? arch_scale_cpu_capacity+0x15/0xb0 [ 442.238216][ T9631] ? dl_scaled_delta_exec+0xdb/0x2e0 [ 442.239900][ T9631] ? __pfx___schedule+0x10/0x10 [ 442.241477][ T9631] ? find_held_lock+0x2b/0x80 [ 442.242984][ T9631] ? do_sched_yield+0x1c3/0x300 [ 442.244526][ T9631] schedule+0xe7/0x3a0 [ 442.245827][ T9631] netlink_broadcast_filtered+0xa91/0xf10 [ 442.247660][ T9631] ? __pfx_netlink_broadcast_filtered+0x10/0x10 [ 442.249753][ T9631] ? __pfx___alloc_skb+0x10/0x10 [ 442.251343][ T9631] ? find_held_lock+0x2b/0x80 [ 442.252831][ T9631] nlmsg_notify+0x9e/0x220 [ 442.254259][ T9631] ip6_route_del+0x115c/0x1d70 [ 442.255737][ T9631] ? __pfx_ip6_route_del+0x10/0x10 [ 442.257338][ T9631] ? avc_has_perm_noaudit+0x117/0x3b0 [ 442.259058][ T9631] inet6_rtm_delroute+0x27c/0x3b0 [ 442.260628][ T9631] ? __pfx_inet6_rtm_delroute+0x10/0x10 [ 442.262392][ T9631] ? find_held_lock+0x2b/0x80 [ 442.263959][ T9631] ? __pfx_inet6_rtm_delroute+0x10/0x10 [ 442.265746][ T9631] ? __pfx_inet6_rtm_delroute+0x10/0x10 [ 442.267530][ T9631] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 442.269143][ T9631] ? __pfx_inet6_rtm_delroute+0x10/0x10 [ 442.270904][ T9631] rtnetlink_rcv_msg+0x95b/0xe90 [ 442.272460][ T9631] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 442.274186][ T9631] ? ref_tracker_free+0x37c/0x830 [ 442.275775][ T9631] netlink_rcv_skb+0x155/0x420 [ 442.277301][ T9631] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 442.279039][ T9631] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 442.280702][ T9631] ? netlink_deliver_tap+0x1ae/0xd30 [ 442.282388][ T9631] netlink_unicast+0x53d/0x7f0 [ 442.283894][ T9631] ? __pfx_netlink_unicast+0x10/0x10 [ 442.285524][ T9631] netlink_sendmsg+0x8d1/0xdd0 [ 442.286871][ T9631] ? __pfx_netlink_sendmsg+0x10/0x10 [ 442.288540][ T9631] ____sys_sendmsg+0xa95/0xc70 [ 442.290033][ T9631] ? copy_msghdr_from_user+0x10a/0x160 [ 442.291719][ T9631] ? __pfx_____sys_sendmsg+0x10/0x10 [ 442.293383][ T9631] ? kfree+0x24f/0x4d0 [ 442.294691][ T9631] ? __pfx_futex_wake_mark+0x10/0x10 [ 442.296358][ T9631] ___sys_sendmsg+0x134/0x1d0 [ 442.297789][ T9631] ? __pfx____sys_sendmsg+0x10/0x10 [ 442.299523][ T9631] ? __lock_acquire+0x622/0x1c90 [ 442.301108][ T9631] __sys_sendmsg+0x16d/0x220 [ 442.302591][ T9631] ? __pfx___sys_sendmsg+0x10/0x10 [ 442.304176][ T9631] ? __x64_sys_futex+0x1e0/0x4c0 [ 442.305715][ T9631] do_syscall_64+0xcd/0x4c0 [ 442.307346][ T9631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 442.309169][ T9631] RIP: 0033:0x7fe0f1d8e929 [ 442.310602][ T9631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 442.316486][ T9631] RSP: 002b:00007fe0f2b96038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 442.319147][ T9631] RAX: ffffffffffffffda RBX: 00007fe0f1fb6080 RCX: 00007fe0f1d8e929 [ 442.321567][ T9631] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004 [ 442.324016][ T9631] RBP: 00007fe0f1e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 442.326445][ T9631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 442.328876][ T9631] R13: 0000000000000000 R14: 00007fe0f1fb6080 R15: 00007ffc32e75dd8 [ 442.331308][ T9631] [ 442.332988][ T9631] Kernel Offset: disabled [ 442.334370][ T9631] Rebooting in 86400 seconds.. VM DIAGNOSIS: 07:09:30 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff81f7a32f RDX=ffff888029e7c880 RSI=ffffffff81f7a339 RDI=0000000000000007 RBP=ffffea00017c1f80 RSP=ffffc90006157328 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=dffffc0000000000 R14=ffffc90006157638 R15=00000000000000ff RIP=ffffffff81bc20b0 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6752000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055557d82f808 CR3=0000000026a40000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc32e76160 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe0f1e11b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe0f1e11b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe0f1e11b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe0f1e11b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe0f1e11bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe0f1e11c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000036 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff855bfc25 RDI=ffffffff9b088320 RBP=ffffffff9b0882e0 RSP=ffffc90006506990 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000036 R14=ffffffff9b0882e0 R15=ffffffff855bfbc0 RIP=ffffffff855bfc4f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fe0f2b966c0 ffffffff 00c00000 GS =0000 ffff8880d6852000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fe0f2b75d58 CR3=000000004d0f6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe0f1e11b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe0f1e11b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe0f1e11b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe0f1e11b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe0f1e11bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe0f1e11c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe0f1f84488 00007fe0f1f84480 00007fe0f1f84478 00007fe0f1f84450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe0f2aed100 00007fe0f1f84440 00007fe0f1f84458 00007fe0f1f844a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe0f1f84498 00007fe0f1f84490 00007fe0f1f84488 00007fe0f1f84480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=1ffff92000c8ee7f RBX=0000000000000005 RCX=ffffffff81f85859 RDX=ffff88802865c880 RSI=ffffffff81f8586b RDI=0000000000000004 RBP=0000000000000005 RSP=ffffc900064771f0 R8 =0000000000000004 R9 =000000000000001f R10=0000000000000005 R11=0000000000000001 R12=ffffc9000647733c R13=dffffc0000000000 R14=ffffc900064773c8 R15=0000000000000000 RIP=ffffffff81f85885 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6952000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fe0f2b74f98 CR3=0000000026a40000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f668f211b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f668f211b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f668f211b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f668f211b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f668f211bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f668f211c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9500000050000000 850000006d000000 850000813b000000 0000000021000001 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f668feed100 00007f668f384440 00007f668f380004 0008000f0010000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f668f384498 00007f668f384490 00007f668f384488 00007f668f384480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000000de201 RBX=0000000000000003 RCX=ffffffff8b80dc69 RDX=0000000000000000 RSI=ffffffff8de1a0ee RDI=ffffffff8c157ca0 RBP=ffffed1003c56000 RSP=ffffc90000197df8 R8 =0000000000000001 R9 =ffffed100d4e6645 R10=ffff88806a73322b R11=0000000000000001 R12=0000000000000003 R13=ffff88801e2b0000 R14=ffffffff90a80d50 R15=0000000000000000 RIP=ffffffff8b80c7cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6a52000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fe0f1d36e40 CR3=0000000026a40000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000001000003 Opmask02=00000000e0000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93c4411b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93c4411b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93c4411b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93c4411b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93c4411bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93c4411c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93c4584488 00007f93c4584480 00007f93c4584478 00007f93c4584450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93c50ed100 00007f93c4584440 00007f93c4584458 00007f93c45844a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93c4584498 00007f93c4584490 00007f93c4584488 00007f93c4584480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000188 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000