last executing test programs: 8.4553014s ago: executing program 1 (id=410): syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x34}}, 0x0) ioctl$PPPIOCSFLAGS1(0xffffffffffffffff, 0x40047459, &(0x7f0000000280)=0x4545508) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000a000007"], 0x14}}, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0), 0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a40), 0x40400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x3, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1c, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000300)={0x70001, 0x0, [0x40000000000, 0x64f, 0x6, 0x6, 0xfffffffffffffffc, 0x4ffff, 0x29]}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000000)="f20f1c0166b864912c870f23c80f21f866350c0080000f23f80f01fc0f20e06635000010000f22e00f20c06635000000400f22c00f1c9700000f01c566b9a001000066b80400000066ba000000000f30c0dbb6660f3adf932700de", 0x5b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 8.149246883s ago: executing program 1 (id=413): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000020601080000000000001f00000000080c00078008000640200000000500010006000000050005000a00000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x50}}, 0x20040000) 8.148786386s ago: executing program 1 (id=416): io_uring_setup(0x10d7, &(0x7f00000000c0)={0x0, 0x6a72, 0x1, 0x2, 0x1d}) r0 = userfaultfd(0x801) r1 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@getstat={0xe0, 0x15, 0x0, 0x70bd29, 0x0, {{'digest_null-generic\x00'}, '\x00', '\x00', 0x0, 0x2400}}, 0xe0}}, 0x0) sendmsg$nl_crypto(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="f0000000120003"], 0xf0}}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0100000003000000080000000700000040010000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000e05c88a834697e841716644535000000000000000000"], 0x50) socket$inet6(0xa, 0x3, 0x7f) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000280), 0x8, r2}, 0x38) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x0) write(r4, &(0x7f0000000200)="2d96ca0ef085a53b1543998492ecd8e6ab3b25dd1eaaa4af35c355112b521c1726a7e884eb0f17ea5f25d65fa7e0547cd2f4e0a57a276a568f1f27c0a8fec54a0ff29c0b2aa15144d30c8e47049ee8430759b79645c2b50e82f8240d937452582f59a390ff0ec17a9fae714e3f4a84326be57c8f86d1258a93a2e97ea0ccfe288fe9f64f3846a372c4a0cc3a325855", 0x8f) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10) r5 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x1, 0x64ad01) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r5, 0xc008551a, &(0x7f0000001100)=ANY=[@ANYBLOB="020000001000"/24]) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)) r6 = socket$nl_audit(0x10, 0x3, 0x9) r7 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x800) syz_open_dev$sndpcmp(&(0x7f0000000340), 0x9, 0x391000) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r7, 0xc0045516, &(0x7f0000000000)=0xf80) read(r7, &(0x7f0000000700)=""/247, 0xf7) setsockopt$sock_int(r6, 0x1, 0x6, &(0x7f0000000180)=0xfff, 0x4) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ioctl$RTC_EPOCH_SET(0xffffffffffffffff, 0x4008700e, 0xfffffffffffff81d) 7.917569717s ago: executing program 1 (id=419): r0 = fsopen(&(0x7f0000000100)='debugfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000001c0)='\x00\x00\x00\x0f \x00\x00\xeb\xe8H\x8e\x9d`a]YW\x80\"\xbeq,\x01\xcc\xc9\xe79\xc9', &(0x7f0000000080)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='ramfs\x00', 0x10, 0x0) chdir(&(0x7f0000000080)='./file1\x00') syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00') openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0/..\x00', &(0x7f0000000300)={0x410002, 0x11, 0xb}, 0x18) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') open(&(0x7f0000000100)='.\x00', 0x5d5481, 0x0) openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x6ea4, @private=0xa010102}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x11, 0x0, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000000)={0x9, 0x100009b}, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x101c00) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) set_mempolicy(0x3, &(0x7f0000000000)=0x5, 0x8) r2 = userfaultfd(0x801) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}}) 7.789676773s ago: executing program 1 (id=423): r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_misc(r1, &(0x7f0000000040), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000f00", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}}) 7.510534139s ago: executing program 1 (id=429): openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x6ea4, @private=0xa010102}, 0x10) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x11, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) set_mempolicy(0x3, &(0x7f0000000000)=0x5, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000f40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670800000000005601000000ff07ad6706000002000000070300000ee60000bf250000000000002d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56600a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8ddaf2cdad3d1a74a2f078aa6402483856a6e495408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae06e394c9639564f000fc3cdd05a157544d0200000000000000ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f88e80ef80c6ed3e1ff91ff111000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcbacec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0ddd932d838ff651023853d42210642986f8bbc7340bc8393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d68124674478186edd036f15bf847c33f79e1a0ad3d2b5080ecb01420c9f1b534e969fce97ffff07000009000000bfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861220799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a823e28f359608ea326c77a1aa17318f392a0ec6c188916f4149c503027feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe481a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8e68f076c659f56d6c7f97a94d604f45cfe88b30c170000000001000000ef931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db223f0400000000000000d23b48bb38b31a14ffcddd92c38f6b6d86a0e56d47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f1300007d6072f0cf120ad2ba519afdd43a14000000000000000000000000007ef2f3c58d045f0700000094069acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d000000000000000000007758b1267669ded883b5867c5916a74843b784955108f750c57744c76a09629dd0aaca5cb0f14f49db80a1aa2692c18fbb31cbdb3f2e138e6d5ba3491fc3617b511f24bad26466407e39000000000000d7a1bf4624d31c13a6840f45a7f4e01a50d790132abb36915e35b1ac35bf3921357f638684bba17b8fe1e2123153ecd6d1f76820d4f8fa0b96b50c457ae8d5f2351cdb7bc8170380557bc11cf6ee3395974e37018a2a7473312cb32affb8ff72a253e0d36099e460f13694b9891af526d9608271838e83d17103887f34210dd4c0cf60dec608b4ca5ba2f3037bf381e7b5d5b27820000000000000000000000b719bd34f3244730f708fdd532640edc6b82dd4ad72ecbaccafef806f5447aba2246d56a601bbd8c24ba1e16dda3296ce10de6830"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (fail_nth: 9) 7.466823155s ago: executing program 32 (id=429): openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x6ea4, @private=0xa010102}, 0x10) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x11, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) set_mempolicy(0x3, &(0x7f0000000000)=0x5, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000f40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670800000000005601000000ff07ad6706000002000000070300000ee60000bf250000000000002d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56600a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8ddaf2cdad3d1a74a2f078aa6402483856a6e495408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae06e394c9639564f000fc3cdd05a157544d0200000000000000ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f88e80ef80c6ed3e1ff91ff111000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcbacec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0ddd932d838ff651023853d42210642986f8bbc7340bc8393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d68124674478186edd036f15bf847c33f79e1a0ad3d2b5080ecb01420c9f1b534e969fce97ffff07000009000000bfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861220799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a823e28f359608ea326c77a1aa17318f392a0ec6c188916f4149c503027feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe481a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8e68f076c659f56d6c7f97a94d604f45cfe88b30c170000000001000000ef931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db223f0400000000000000d23b48bb38b31a14ffcddd92c38f6b6d86a0e56d47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f1300007d6072f0cf120ad2ba519afdd43a14000000000000000000000000007ef2f3c58d045f0700000094069acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d000000000000000000007758b1267669ded883b5867c5916a74843b784955108f750c57744c76a09629dd0aaca5cb0f14f49db80a1aa2692c18fbb31cbdb3f2e138e6d5ba3491fc3617b511f24bad26466407e39000000000000d7a1bf4624d31c13a6840f45a7f4e01a50d790132abb36915e35b1ac35bf3921357f638684bba17b8fe1e2123153ecd6d1f76820d4f8fa0b96b50c457ae8d5f2351cdb7bc8170380557bc11cf6ee3395974e37018a2a7473312cb32affb8ff72a253e0d36099e460f13694b9891af526d9608271838e83d17103887f34210dd4c0cf60dec608b4ca5ba2f3037bf381e7b5d5b27820000000000000000000000b719bd34f3244730f708fdd532640edc6b82dd4ad72ecbaccafef806f5447aba2246d56a601bbd8c24ba1e16dda3296ce10de6830"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (fail_nth: 9) 1.550152003s ago: executing program 3 (id=537): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) mkdir(&(0x7f00000004c0)='./bus\x00', 0x92) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a80)={[{@redirect_dir_nofollow}, {@verity_require}]}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00004bd000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000100), 0xffffffffffffffff) r3 = syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_pidfd_open(r3, 0x0) setns(r4, 0x20000000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, &(0x7f0000000140)) sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x6c, r2, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @dev={0xac, 0x14, 0x14, 0xf}}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_TYPE={0x5, 0x4, 0x3}, @FOU_ATTR_PEER_V6={0x14, 0x9, @ipv4={'\x00', '\xff\xff', @multicast2}}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e20}, @FOU_ATTR_IPPROTO={0x5, 0x3, 0x2c}, @FOU_ATTR_PEER_V6={0x14, 0x9, @local}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40850}, 0x4048840) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000f40)=@filter={'filter\x00', 0x4, 0x4, 0x470, 0xffffffff, 0x0, 0x0, 0x0, 0xfeffffff, 0xffffffff, 0x3a0, 0x3a0, 0x3a0, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5}}}, {{@ipv6={@private2, @empty, [], [], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0xf0, 0x130, 0x0, {}, [@common=@dst={{0x48}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x57, {0x2000000}}}}, {{@ipv6={@empty, @mcast1, [], [0x0, 0xffffff00], 'ip6tnl0\x00', 'dvmrp0\x00'}, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x180, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @dev, @private1, [0x0, 0x0, 0xff], [], [], 0x843}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4d0) 1.387870522s ago: executing program 2 (id=543): r0 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x2000, 0x0, 0x2ffffffff}, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002800)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, 0x2, 0x1, 0x101, 0x0, 0x3a00, {0x0, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x8094}, 0x4) 1.32043735s ago: executing program 3 (id=544): openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', 0x0}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400000000001f000000000000", @ANYRES32=r2, @ANYBLOB="00000000000000005c001280110001006272696467655f736c61766500000000440005800500050000000000050020000100000005000800000000000600", @ANYRES8=r0], 0x7c}}, 0x0) 1.320136733s ago: executing program 2 (id=545): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x1c0}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x1) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x7d) ioctl$UFFDIO_COPY(r1, 0xc028aa03, 0x0) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000040)) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newtaction={0x78, 0x30, 0xffff, 0x0, 0x0, {}, [{0x64, 0x1, [@m_ife={0x60, 0x1, 0x0, 0x0, {{0x8}, {0x38, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}, @TCA_IFE_SMAC={0xa, 0x4, @broadcast}, @TCA_IFE_DMAC={0xa, 0x3, @multicast}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) (async) userfaultfd(0x801) (async) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x1c0}) (async) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) (async) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x1) (async) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x7d) (async) ioctl$UFFDIO_COPY(r1, 0xc028aa03, 0x0) (async) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000040)) (async) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newtaction={0x78, 0x30, 0xffff, 0x0, 0x0, {}, [{0x64, 0x1, [@m_ife={0x60, 0x1, 0x0, 0x0, {{0x8}, {0x38, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}, @TCA_IFE_SMAC={0xa, 0x4, @broadcast}, @TCA_IFE_DMAC={0xa, 0x3, @multicast}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}}, 0x0) (async) 1.268104748s ago: executing program 3 (id=546): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1220}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_ALL_TARGETS={0x8}]}}}]}, 0x3c}}, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0) preadv2(r1, &(0x7f0000000100)=[{&(0x7f0000000140)=""/125, 0x7d}], 0x1, 0x8, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x0) 1.267954712s ago: executing program 3 (id=547): r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r0, 0x29, 0x42, 0x0, &(0x7f00007d0000)) r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) clock_getres(0xfffffffffffffffe, 0x0) ioctl$sock_ifreq(r1, 0x8930, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'}) socket$inet6_udp(0xa, 0x2, 0x0) (async) getsockopt$inet6_int(r0, 0x29, 0x42, 0x0, &(0x7f00007d0000)) (async) syz_init_net_socket$x25(0x9, 0x5, 0x0) (async) socket$inet_icmp_raw(0x2, 0x3, 0x1) (async) clock_getres(0xfffffffffffffffe, 0x0) (async) ioctl$sock_ifreq(r1, 0x8930, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'}) (async) 1.190144029s ago: executing program 3 (id=548): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1, 0x0, 0x0, 0x27}, 0x0) 1.18990354s ago: executing program 2 (id=549): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r0}, 0x10) ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) socket$nl_rdma(0x10, 0x3, 0x14) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="6115440000000000611350ffffffc000bfa00000000000001503000008004e002d3501000000000095004100000000006916480000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d00180000032c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472fc445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea25940790deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3d3f43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e813161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe00000000000000000000000000c5201233489defaaac665fe9adc67c38af110de35b65a008125b0b9c8d5c23eed0c360ec22596d79ff75e2be697f7ba58cf772c9a23f1a2b5aae1928f3c7c607dbc766159c2ee07f788a58fcbfa3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x13, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 1.139583532s ago: executing program 2 (id=550): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, 0x1480, 0x2104}}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80) (async) write$binfmt_register(0xffffffffffffffff, &(0x7f0000000480)={0x3a, 'syz0', 0x3a, 'M', 0x3a, 0x7, 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, '', 0x3a, './file0'}, 0x12f) r2 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2) (async) r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) close(r3) (async) ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f00000000c0)=0x3) 1.133737846s ago: executing program 3 (id=552): syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[], 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\t\x00', @ANYRES16=r1, @ANYBLOB="000228bd7000fbdbdf250200000005003d000600000008003f"], 0x24}, 0x1, 0x0, 0x0, 0x4008091}, 0x41) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010020000000000000000200000008000300", @ANYRES32=r2], 0x28}}, 0x0) 1.069873148s ago: executing program 4 (id=554): sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000089000000080003", @ANYRES32, @ANYBLOB="18009d"], 0x34}}, 0x0) ioctl$PPPIOCSFLAGS1(0xffffffffffffffff, 0x40047459, &(0x7f0000000280)=0x4545508) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000a000007"], 0x14}}, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0), 0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a40), 0x40400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x3, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1c, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000300)={0x70001, 0x0, [0x40000000000, 0x64f, 0x6, 0x6, 0xfffffffffffffffc, 0x4ffff, 0x29]}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000000)="f20f1c0166b864912c870f23c80f21f866350c0080000f23f80f01fc0f20e06635000010000f22e00f20c06635000000400f22c00f1c9700000f01c566b9a001000066b80400000066ba000000000f30c0dbb6660f3adf932700de", 0x5b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 864.013447ms ago: executing program 2 (id=558): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000180)=@req3={0x10004, 0xffffffff, 0x10001, 0x6, 0x0, 0x7, 0x8}, 0x1c) (async) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) (async) mmap(&(0x7f00009e9000/0x4000)=nil, 0x4000, 0x3000000, 0x4000010, r0, 0x51cb0000) preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x18, 0x8, 0x0) (async) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x8) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0x9}, 0x18) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) write$binfmt_aout(r4, &(0x7f0000000240)=ANY=[], 0xff2e) ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000dc0)={0x0, 0xf03d, 0xb, 0x2, 0x4, "0000000000000000000000001ad6dd3d00"}) (async) r5 = syz_open_pts(r4, 0x0) r6 = dup3(r5, r4, 0x0) ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000000)=0x17) (async) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x59, 0x0, 0x0) 737.522816ms ago: executing program 2 (id=560): syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000) write$char_usb(r0, &(0x7f0000001300)='7', 0x1) syz_emit_ethernet(0x3b6, &(0x7f00000003c0)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x380, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x7, [{0x3, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0302"}, {0x0, 0x1, "000000050000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177304c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b03452dccf81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b104185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x1f, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x7, "b8a3e100908f61640000006f00fec0ffff00000000000000ff0bc0fe000000000000000002000002d9a0274500040000000013eaf40000"}, {0x0, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c"}, {0x0, 0x3, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0) 588.45951ms ago: executing program 0 (id=561): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, 0x0) r1 = creat(0x0, 0xa) r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000080)={0xc}) ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r2, 0x3b70, &(0x7f0000000000)={0x18}) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000001680)={0x2020}, 0x2020) mlockall(0x1) mlockall(0x5) r3 = socket$nl_route(0x10, 0x3, 0x0) read$FUSE(r1, 0x0, 0x0) write$FUSE_ATTR(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffe0}, {0xfff9, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0x1ff}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40085}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076"], 0x50}}, 0x20008844) memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0) r4 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$CDROMSUBCHNL(r4, 0x530b, &(0x7f0000000100)={0x1, 0x9, 0x0, 0x6, 0x4, 0x81, @msf={0xff, 0xd, 0x60}, @msf={0xf7, 0x8, 0x4}}) ioctl$NBD_DO_IT(0xffffffffffffffff, 0xab03) 504.636636ms ago: executing program 4 (id=562): r0 = syz_open_dev$video(&(0x7f0000000000), 0x101, 0xab02) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sloppy_tcp\x00', 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000340)={0x3, 0x9, 0x4, 0x0, 0x6058234e, {r1, r2/1000+60000}, {0x4, 0xc, 0x1, 0x4, 0x6, 0x6, "156f0cee"}, 0x7, 0x4, {}, 0xffffffff, 0x0, r3}) r4 = syz_io_uring_setup(0x9f, &(0x7f00000002c0)={0x0, 0xc980, 0x10, 0x2, 0x19, 0x0, r3}, &(0x7f0000000000)=0x0, &(0x7f0000000140)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffb, 0x0, 0x4) io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0) 430.101773ms ago: executing program 4 (id=563): r0 = socket$packet(0x11, 0x2, 0x300) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000140)='hfsplus\x00', 0x204001, 0x0) (async) mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000140)='hfsplus\x00', 0x204001, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) close(r1) (async) close(r1) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x4b, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f00003e1000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x40, 0x0, 0x0) (async) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f00003e1000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x40, 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000340)={[0x3ffffd, 0x3, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7, 0x100000000], 0x3000, 0x80384}) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0) (async) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) mprotect(&(0x7f00005cc000/0x3000)=nil, 0x3000, 0x1) syz_open_dev$tty1(0xc, 0x4, 0x1) r4 = socket(0x22, 0x2, 0x3) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="050025bd7000ffdbdf2509000000"], 0x14}}, 0x4000) getsockopt$inet_buf(r4, 0x0, 0x20, &(0x7f0000000400)=""/4096, &(0x7f0000000000)=0x1000) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) sendto$packet(r0, &(0x7f0000000180)="0b0322", 0x3, 0xffffffffffffc117, 0x0, 0x0) 359.135471ms ago: executing program 0 (id=564): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) sendmmsg(r2, &(0x7f00000057c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000040)="ee", 0x1}], 0x1}}], 0x1, 0x0) recvmmsg(r2, &(0x7f00000048c0), 0x4000000000001a1, 0x10103, 0x0) readv(r2, &(0x7f0000000000)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000000000000081ffffffffffffff000000c00500000000000000"]) syz_emit_ethernet(0x5e, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000098580086dd6000004000280600fe8000000000067795941f3059ec208f8eb3897b09260000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="a0c2000090780000131223f39b62b1578fcd9033f177370213380000"], 0x0) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080), 0x80101, 0x0) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000540)={0x0, 0xfffffffffffffffe, 0xc0, 0x5, @buffer={0x0, 0xd7, &(0x7f0000000400)=""/215}, &(0x7f0000000300)="1020bcc388e7edbd64d9d2566796c05484c5b018470834c79f19b8d00b28a3ecc06d25fbdf833eab3df689900defcaf0480fa855bb687f083f40e67738117923c457c7d1e9b48089d3ecba0e430c32000b2f73e9ab4652ae82cba5af00a74acd5bc851b25508ee395570fa146832c16725f423da6324e267afb212986f6a775594584caa7f44ee036b6dc74bcd4139fbb4a5b1af2abbf444f5643a09eca158c9a80863ded4d3c845a34806d18ebab89f33fe8c9be39d4ffddaf5fd300f3b047b", &(0x7f0000000100)=""/110, 0x400, 0x14, 0xffffffffffffffff, &(0x7f0000000500)}) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000f40)=@filter={'filter\x00', 0x4, 0x4, 0x470, 0xffffffff, 0x0, 0x0, 0x0, 0xfeffffff, 0xffffffff, 0x3a0, 0x3a0, 0x3a0, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5}}}, {{@ipv6={@private2, @empty, [], [], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0xf0, 0x130, 0x0, {}, [@common=@dst={{0x48}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x57, {0x2000000}}}}, {{@ipv6={@empty, @mcast1, [], [0x0, 0xffffff00], 'ip6tnl0\x00', 'dvmrp0\x00'}, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x180, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @dev, @private1, [0x0, 0x0, 0xff], [], [], 0x843}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4d0) 260.254901ms ago: executing program 0 (id=565): openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', 0x0}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c00000010000104000000000000030000000000", @ANYRES32=r2, @ANYBLOB="00000000000000005c001280110001006272696467655f736c61766500000000440005800500050000000000050020000100000005000800000000000600", @ANYRES8=r0], 0x7c}}, 0x0) 186.979208ms ago: executing program 0 (id=566): chdir(&(0x7f0000000540)='./cgroup\x00') fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3) mkdir(&(0x7f00000003c0)='./file0\x00', 0xff0c) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x3, 0x328, 0x188, 0x1170, 0x1398, 0x0, 0x1170, 0x258, 0x1398, 0x1398, 0x258, 0x1398, 0x3, 0x0, {[{{@ipv6={@empty, @mcast1, [], [], 'ip6tnl0\x00', 'veth0_to_hsr\x00', {}, {}, 0x6, 0xfe}, 0x0, 0x120, 0x188, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x40]}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00', {0xfffffffffffffffc}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x388) chdir(&(0x7f0000000540)='./cgroup\x00') (async) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3) (async) mkdir(&(0x7f00000003c0)='./file0\x00', 0xff0c) (async) socket$inet6_tcp(0xa, 0x1, 0x0) (async) ioctl$TIOCL_GETKMSGREDIRECT(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) (async) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x3, 0x328, 0x188, 0x1170, 0x1398, 0x0, 0x1170, 0x258, 0x1398, 0x1398, 0x258, 0x1398, 0x3, 0x0, {[{{@ipv6={@empty, @mcast1, [], [], 'ip6tnl0\x00', 'veth0_to_hsr\x00', {}, {}, 0x6, 0xfe}, 0x0, 0x120, 0x188, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x40]}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00', {0xfffffffffffffffc}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x388) (async) 186.813496ms ago: executing program 0 (id=567): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f00000002c0)=0x100, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', 0x0}) r4 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r4, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$XDP_RX_RING(r4, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', 0x0}) creat(&(0x7f0000000440)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='hugetlbfs\x00', 0x0, 0x0) setsockopt$XDP_UMEM_FILL_RING(r4, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4) bind$xdp(r4, &(0x7f0000000100)={0x2c, 0x0, r6}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xe}, {}, {0x7}}}, 0x24}}, 0x0) 90.246306ms ago: executing program 4 (id=568): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1, 0x0, 0x0, 0x60}, 0x0) 357.444µs ago: executing program 4 (id=569): r0 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x6, @mcast2, 0x6}, 0x1c) sendto$inet6(r0, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ppoll(&(0x7f0000000040)=[{r1, 0x2002}], 0x1, &(0x7f0000000100), 0x0, 0x0) r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x3, 0x2a2281) getsockopt$ARPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x63, &(0x7f00000000c0)={'ipvs\x00'}, &(0x7f0000000100)=0x1e) ioctl$USBDEVFS_RELEASEINTERFACE(r2, 0x80045510, &(0x7f0000000040)=0x1) ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f0000000500)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000240)={@host, 0x2}) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000280), 0x4) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="051606aa57cc493310"], 0x9) 99.468µs ago: executing program 4 (id=570): socket$inet6_udp(0xa, 0x2, 0x0) syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = getpgid(0x0) r1 = syz_pidfd_open(r0, 0x0) pidfd_send_signal(r1, 0x11, 0x0, 0x4) socket$pppl2tp(0x18, 0x1, 0x1) syz_emit_ethernet(0x122, &(0x7f0000000140)={@link_local, @random="3e660800f85a", @void, {@ipv6={0x86dd, @tipc_packet={0x8, 0x6, "a65c10", 0xec, 0x6, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @remote, {[@routing={0x3, 0x6, 0x1, 0x0, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, @empty]}], @name_distributor={{0xb4, 0x0, 0x0, 0x0, 0x0, 0xa, 0xb, 0x2, 0x6, 0x0, 0x1, 0xfffd, 0x4, 0x3, 0x4e23, 0x4e20, 0x1, 0x2, 0x0, 0x0, 0x1}, [{0xc5, 0x1, 0x3, 0x5, 0xc02, 0x4, 0x6, 0xe6}, {0x6, 0x3, 0x7, 0x1bc6, 0x2, 0x1, 0xd, 0x2}, {0x7f, 0x5, 0x2, 0x800, 0x6, 0x1, 0xe, 0x1ff}, {0x8, 0x7, 0xcc, 0x40, 0x1a, 0xca2f, 0x7, 0xfff}, {0x7, 0x4, 0x8, 0xffffff41, 0x0, 0xc, 0x7, 0xfffff55}]}}}}}}, 0x0) 0s ago: executing program 0 (id=571): r0 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x2000, 0x0, 0x2ffffffff}, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002800)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, 0x2, 0x1, 0x101, 0x0, 0x97ff, {0x0, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x8094}, 0x4) kernel console output (not intermixed with test programs): [ 44.078516][ T40] audit: type=1400 audit(1749071572.053:60): avc: denied { rlimitinh } for pid=5843 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.085016][ T40] audit: type=1400 audit(1749071572.053:61): avc: denied { siginh } for pid=5843 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:40070' (ED25519) to the list of known hosts. [ 44.975472][ T40] audit: type=1400 audit(1749071572.973:62): avc: denied { name_bind } for pid=5867 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 45.001829][ T40] audit: type=1400 audit(1749071572.993:63): avc: denied { write } for pid=5868 comm="sh" path="pipe:[3870]" dev="pipefs" ino=3870 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 45.021140][ T40] audit: type=1400 audit(1749071573.013:64): avc: denied { execute } for pid=5868 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 45.028180][ T40] audit: type=1400 audit(1749071573.013:65): avc: denied { execute_no_trans } for pid=5868 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 46.942088][ T40] audit: type=1400 audit(1749071574.933:66): avc: denied { mounton } for pid=5868 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 46.952761][ T5868] cgroup: Unknown subsys name 'net' [ 47.098323][ T5868] cgroup: Unknown subsys name 'cpuset' [ 47.106395][ T5868] cgroup: Unknown subsys name 'rlimit' [ 47.312324][ T5922] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 48.180975][ T5868] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 51.816360][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 51.816376][ T40] audit: type=1400 audit(1749071579.813:80): avc: denied { execmem } for pid=5931 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 52.056260][ T40] audit: type=1400 audit(1749071580.053:81): avc: denied { create } for pid=5935 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.062407][ T40] audit: type=1400 audit(1749071580.053:82): avc: denied { read write } for pid=5935 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 52.074947][ T40] audit: type=1400 audit(1749071580.053:83): avc: denied { open } for pid=5935 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 52.082312][ T40] audit: type=1400 audit(1749071580.073:84): avc: denied { ioctl } for pid=5935 comm="syz-executor" path="socket:[5005]" dev="sockfs" ino=5005 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.112381][ T5940] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 52.116751][ T5940] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 52.119410][ T5940] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 52.122419][ T5940] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 52.124173][ T5948] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 52.125281][ T5940] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 52.127788][ T5948] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 52.129381][ T5940] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 52.131698][ T5948] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 52.136346][ T5948] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 52.136838][ T5950] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 52.139313][ T5940] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 52.142416][ T5950] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 52.142666][ T40] audit: type=1400 audit(1749071580.133:85): avc: denied { read } for pid=5935 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.142693][ T40] audit: type=1400 audit(1749071580.133:86): avc: denied { open } for pid=5935 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.142714][ T40] audit: type=1400 audit(1749071580.133:87): avc: denied { mounton } for pid=5935 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 52.142747][ T5949] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 52.143264][ T5949] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 52.144137][ T5940] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 52.148017][ T5299] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 52.163031][ T5940] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 52.168260][ T5299] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 52.181535][ T5299] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 52.402920][ T40] audit: type=1400 audit(1749071580.403:88): avc: denied { module_request } for pid=5935 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 52.447830][ T5936] chnl_net:caif_netlink_parms(): no params data found [ 52.453006][ T5935] chnl_net:caif_netlink_parms(): no params data found [ 52.518051][ T5944] chnl_net:caif_netlink_parms(): no params data found [ 52.701487][ T5936] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.704329][ T5936] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.707140][ T5936] bridge_slave_0: entered allmulticast mode [ 52.709842][ T5936] bridge_slave_0: entered promiscuous mode [ 52.716833][ T5935] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.719057][ T5935] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.721387][ T5935] bridge_slave_0: entered allmulticast mode [ 52.726380][ T5935] bridge_slave_0: entered promiscuous mode [ 52.729845][ T5936] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.732123][ T5936] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.734464][ T5936] bridge_slave_1: entered allmulticast mode [ 52.738022][ T5936] bridge_slave_1: entered promiscuous mode [ 52.742920][ T5945] chnl_net:caif_netlink_parms(): no params data found [ 52.754777][ T5935] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.757745][ T5935] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.760751][ T5935] bridge_slave_1: entered allmulticast mode [ 52.765056][ T5935] bridge_slave_1: entered promiscuous mode [ 52.866803][ T5935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.970477][ T5935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.975814][ T5936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.979555][ T5944] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.983192][ T5944] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.986627][ T5944] bridge_slave_0: entered allmulticast mode [ 52.990543][ T5944] bridge_slave_0: entered promiscuous mode [ 53.039601][ T5936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.057520][ T5944] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.059820][ T5944] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.063197][ T5944] bridge_slave_1: entered allmulticast mode [ 53.066163][ T5944] bridge_slave_1: entered promiscuous mode [ 53.078556][ T5935] team0: Port device team_slave_0 added [ 53.098368][ T5936] team0: Port device team_slave_0 added [ 53.161014][ T5935] team0: Port device team_slave_1 added [ 53.178765][ T5936] team0: Port device team_slave_1 added [ 53.182130][ T5944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.187504][ T5944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.190816][ T5945] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.193522][ T5945] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.195961][ T5945] bridge_slave_0: entered allmulticast mode [ 53.198981][ T5945] bridge_slave_0: entered promiscuous mode [ 53.267340][ T5945] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.270110][ T5945] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.273486][ T5945] bridge_slave_1: entered allmulticast mode [ 53.276541][ T5945] bridge_slave_1: entered promiscuous mode [ 53.294246][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.296777][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.306697][ T5935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.311201][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.314230][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.326190][ T5936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.375022][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.377917][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.386206][ T5935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.390824][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.393104][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.402224][ T5936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.421750][ T5944] team0: Port device team_slave_0 added [ 53.426179][ T5945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.433956][ T5945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.455288][ T5944] team0: Port device team_slave_1 added [ 53.555179][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.558082][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.568267][ T5944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.573683][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.576159][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.586631][ T5944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.594253][ T5945] team0: Port device team_slave_0 added [ 53.644630][ T5936] hsr_slave_0: entered promiscuous mode [ 53.648881][ T5936] hsr_slave_1: entered promiscuous mode [ 53.653659][ T5945] team0: Port device team_slave_1 added [ 53.684095][ T5935] hsr_slave_0: entered promiscuous mode [ 53.687427][ T5935] hsr_slave_1: entered promiscuous mode [ 53.690377][ T5935] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 53.695803][ T5935] Cannot create hsr debugfs directory [ 53.823390][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.825627][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.833909][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.885437][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.887703][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.895977][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.930682][ T5944] hsr_slave_0: entered promiscuous mode [ 53.933227][ T5944] hsr_slave_1: entered promiscuous mode [ 53.935320][ T5944] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 53.937653][ T5944] Cannot create hsr debugfs directory [ 54.047927][ T5945] hsr_slave_0: entered promiscuous mode [ 54.050357][ T5945] hsr_slave_1: entered promiscuous mode [ 54.052633][ T5945] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 54.055161][ T5945] Cannot create hsr debugfs directory [ 54.223394][ T5943] Bluetooth: hci3: command tx timeout [ 54.225441][ T5943] Bluetooth: hci1: command tx timeout [ 54.227284][ T5943] Bluetooth: hci0: command tx timeout [ 54.229173][ T5299] Bluetooth: hci2: command tx timeout [ 54.332936][ T5935] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 54.341465][ T5935] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 54.348772][ T5935] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 54.364348][ T5935] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 54.395300][ T5936] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 54.400466][ T5936] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 54.408001][ T5936] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 54.426764][ T5936] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 54.496460][ T5944] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 54.507069][ T5944] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 54.515080][ T5944] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 54.526057][ T5944] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 54.594633][ T5945] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 54.599455][ T5945] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 54.609108][ T5945] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 54.614817][ T5945] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 54.631535][ T5935] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.665488][ T5935] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.678043][ T5936] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.686480][ T79] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.689119][ T79] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.710906][ T79] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.714129][ T79] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.754318][ T5936] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.769970][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.773011][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.796368][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.799385][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.813241][ T5944] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.863952][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.869311][ T5944] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.885132][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.888163][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.892195][ T40] audit: type=1400 audit(1749071582.883:89): avc: denied { sys_module } for pid=5935 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 54.894632][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.903143][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.926169][ T5945] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.943546][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.946183][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.960462][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.962671][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.002098][ T5935] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.042138][ T5935] veth0_vlan: entered promiscuous mode [ 55.048040][ T5935] veth1_vlan: entered promiscuous mode [ 55.068862][ T5936] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.075596][ T5935] veth0_macvtap: entered promiscuous mode [ 55.080076][ T5935] veth1_macvtap: entered promiscuous mode [ 55.097743][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.107691][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.113940][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.120321][ T5935] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.124611][ T5935] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.127726][ T5935] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.130413][ T5935] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.159587][ T5936] veth0_vlan: entered promiscuous mode [ 55.179941][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.185205][ T5936] veth1_vlan: entered promiscuous mode [ 55.200178][ T5944] veth0_vlan: entered promiscuous mode [ 55.214304][ T102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.217013][ T102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.227820][ T5944] veth1_vlan: entered promiscuous mode [ 55.239345][ T5936] veth0_macvtap: entered promiscuous mode [ 55.252195][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.253688][ T5936] veth1_macvtap: entered promiscuous mode [ 55.255116][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.278050][ T5945] veth0_vlan: entered promiscuous mode [ 55.281078][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.284823][ T5944] veth0_macvtap: entered promiscuous mode [ 55.292523][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.296730][ T5945] veth1_vlan: entered promiscuous mode [ 55.298969][ T5935] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 55.300023][ T5944] veth1_macvtap: entered promiscuous mode [ 55.311723][ T5936] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.315510][ T5936] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.318343][ T5936] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.321071][ T5936] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.336765][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.354918][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.367717][ T5944] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.370473][ T5944] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.373906][ T5944] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.376730][ T5944] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.381809][ T5945] veth0_macvtap: entered promiscuous mode [ 55.396897][ T5945] veth1_macvtap: entered promiscuous mode [ 55.421119][ T79] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.425373][ T79] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.451838][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.464272][ T102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.470266][ T102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.476672][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.499014][ T1143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.502170][ T1143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.503326][ T5945] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.508320][ T5945] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.511017][ T5945] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.514288][ T5945] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.549602][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.555471][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.633660][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.636528][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.670785][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.671733][ T5998] overlay: ./file0 is not a directory [ 55.673632][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.695445][ T5998] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 55.708032][ T5998] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 55.714113][ T6002] (syz.1.2,6002,0):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 55.714129][ T5998] trusted_key: encrypted_key: insufficient parameters specified [ 55.716963][ T6002] (syz.1.2,6002,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 55.733101][ T5997] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 55.736858][ T5997] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 55.754045][ T6009] netlink: 'syz.0.1': attribute type 39 has an invalid length. [ 56.292823][ T5299] Bluetooth: hci1: command tx timeout [ 56.292922][ T5943] Bluetooth: hci3: command tx timeout [ 56.292968][ T5942] Bluetooth: hci2: command tx timeout [ 56.293008][ T5942] Bluetooth: hci0: command tx timeout [ 56.506241][ T837] cfg80211: failed to load regulatory.db [ 56.602601][ T6028] netlink: 288 bytes leftover after parsing attributes in process `syz.1.11'. [ 56.690608][ T6029] SELinux: Context system_u:object_r:shell_exec_t:s0 is not valid (left unmapped). [ 56.822939][ T837] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 56.866350][ T40] kauditd_printk_skb: 49 callbacks suppressed [ 56.866363][ T40] audit: type=1400 audit(1749071584.863:139): avc: denied { create } for pid=6031 comm="syz.0.12" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 56.870579][ T6032] QAT: Stopping all acceleration devices. [ 56.935182][ T40] audit: type=1400 audit(1749071584.933:140): avc: denied { setopt } for pid=6031 comm="syz.0.12" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 56.943460][ T40] audit: type=1400 audit(1749071584.933:141): avc: denied { shutdown } for pid=6031 comm="syz.0.12" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 56.989984][ T40] audit: type=1400 audit(1749071584.983:142): avc: denied { getopt } for pid=6031 comm="syz.0.12" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 56.996658][ T837] usb 7-1: Using ep0 maxpacket: 8 [ 56.998312][ T40] audit: type=1400 audit(1749071584.993:143): avc: denied { ioctl } for pid=6031 comm="syz.0.12" path="socket:[7098]" dev="sockfs" ino=7098 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 57.000652][ T837] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 57.010916][ T1143] Bluetooth: hci4: Frame reassembly failed (-84) [ 57.010993][ T837] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 57.018467][ T837] usb 7-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 57.023469][ T837] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 57.025819][ T837] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 57.029588][ T837] usb 7-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 57.042774][ T837] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 57.045432][ T837] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 57.049924][ T837] usb 7-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 57.056035][ T837] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 57.058939][ T837] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 57.061657][ T837] usb 7-1: Product: syz [ 57.065580][ T837] usb 7-1: Manufacturer: syz [ 57.067075][ T837] usb 7-1: SerialNumber: syz [ 57.074558][ T40] audit: type=1400 audit(1749071585.073:144): avc: denied { read write } for pid=6035 comm="syz.3.13" name="video7" dev="devtmpfs" ino=975 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 57.080955][ T6036] syz.3.13 uses obsolete (PF_INET,SOCK_PACKET) [ 57.083413][ T40] audit: type=1400 audit(1749071585.073:145): avc: denied { open } for pid=6035 comm="syz.3.13" path="/dev/video7" dev="devtmpfs" ino=975 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 57.083439][ T40] audit: type=1400 audit(1749071585.073:146): avc: denied { ioctl } for pid=6035 comm="syz.3.13" path="/dev/video7" dev="devtmpfs" ino=975 ioctlcmd=0x5605 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 57.110389][ T40] audit: type=1400 audit(1749071585.103:147): avc: denied { create } for pid=6035 comm="syz.3.13" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 57.112027][ T6036] syz.3.13: attempt to access beyond end of device [ 57.112027][ T6036] nbd3: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 57.116503][ T40] audit: type=1400 audit(1749071585.103:148): avc: denied { mounton } for pid=6035 comm="syz.3.13" path="/4/bus" dev="tmpfs" ino=39 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 57.121933][ T6036] EXT4-fs (nbd3): unable to read superblock [ 57.145463][ T6036] ªªªªªªaaaaaaaaa: renamed from lo (while UP) [ 57.429447][ T837] adutux 7-1:168.0: interrupt endpoints not found [ 57.437261][ T837] usb 7-1: USB disconnect, device number 2 [ 57.757900][ T6051] loop2: detected capacity change from 0 to 7 [ 57.763027][ T5937] Dev loop2: unable to read RDB block 7 [ 57.764917][ T5937] loop2: AHDI p1 p2 p3 [ 57.766260][ T5937] loop2: partition table partially beyond EOD, truncated [ 57.769364][ T5937] loop2: p1 start 1601398130 is beyond EOD, truncated [ 57.771500][ T5937] loop2: p2 start 1702059890 is beyond EOD, truncated [ 57.778012][ T6051] Dev loop2: unable to read RDB block 7 [ 57.779811][ T6051] loop2: AHDI p1 p2 p3 [ 57.781185][ T6051] loop2: partition table partially beyond EOD, truncated [ 57.783754][ T6051] loop2: p1 start 1601398130 is beyond EOD, truncated [ 57.785939][ T6051] loop2: p2 start 1702059890 is beyond EOD, truncated [ 58.026635][ T6056] netlink: 8 bytes leftover after parsing attributes in process `syz.2.19'. [ 58.030002][ T6056] netlink: 24 bytes leftover after parsing attributes in process `syz.2.19'. [ 58.107939][ T6063] netlink: 72 bytes leftover after parsing attributes in process `syz.1.21'. [ 58.191894][ T6074] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 58.310398][ T6082] program syz.1.27 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 58.363029][ T6086] program syz.1.27 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 58.373129][ T5299] Bluetooth: hci0: command tx timeout [ 58.373143][ T5940] Bluetooth: hci2: command tx timeout [ 58.373165][ T5940] Bluetooth: hci1: command tx timeout [ 58.375425][ T5299] Bluetooth: hci3: command tx timeout [ 58.427142][ T6089] netlink: 4388 bytes leftover after parsing attributes in process `syz.2.30'. [ 58.589427][ T6095] netlink: 8 bytes leftover after parsing attributes in process `syz.1.31'. [ 58.592230][ T6095] netlink: 24 bytes leftover after parsing attributes in process `syz.1.31'. [ 58.953049][ T6132] loop2: detected capacity change from 0 to 7 [ 58.956703][ T6132] Dev loop2: unable to read RDB block 7 [ 58.959078][ T6132] loop2: AHDI p1 p2 p3 [ 58.961087][ T6132] loop2: partition table partially beyond EOD, truncated [ 58.965211][ T6132] loop2: p1 start 1601398130 is beyond EOD, truncated [ 58.968239][ T6132] loop2: p2 start 1702059890 is beyond EOD, truncated [ 59.002031][ T5299] Bluetooth: hci0: ACL packet for unknown connection handle 1 [ 59.012541][ T5943] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 59.013069][ T5299] Bluetooth: hci4: command 0x1003 tx timeout [ 59.110908][ T6145] netlink: 'syz.3.47': attribute type 6 has an invalid length. [ 59.114248][ T6145] netlink: 32 bytes leftover after parsing attributes in process `syz.3.47'. [ 59.157502][ T6151] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0 [ 59.438072][ T6171] netlink: 'syz.2.57': attribute type 6 has an invalid length. [ 59.440454][ T6171] netlink: 32 bytes leftover after parsing attributes in process `syz.2.57'. [ 59.675051][ T6186] netlink: 11 bytes leftover after parsing attributes in process `syz.2.61'. [ 59.690339][ T6190] netlink: 'syz.3.63': attribute type 10 has an invalid length. [ 59.699829][ T6190] dummy0: entered promiscuous mode [ 59.704135][ T6190] bridge0: port 3(dummy0) entered blocking state [ 59.706679][ T6190] bridge0: port 3(dummy0) entered disabled state [ 59.711987][ T6190] dummy0: entered allmulticast mode [ 59.726838][ T6190] bridge0: port 3(dummy0) entered blocking state [ 59.729978][ T6190] bridge0: port 3(dummy0) entered forwarding state [ 59.811763][ T6197] netlink: 'syz.3.66': attribute type 6 has an invalid length. [ 59.919896][ T6207] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 59.922654][ T6207] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 59.927817][ T6207] vhci_hcd vhci_hcd.0: Device attached [ 59.935509][ T6208] vhci_hcd: cannot find a urb of seqnum 4294967226 max seqnum 0 [ 59.941839][ T12] vhci_hcd: stop threads [ 59.944112][ T12] vhci_hcd: release socket [ 59.945926][ T12] vhci_hcd: disconnect device [ 60.046113][ T6221] input: syz1 as /devices/virtual/input/input5 [ 60.055500][ T6225] loop2: detected capacity change from 0 to 7 [ 60.060622][ T5944] Dev loop2: unable to read RDB block 7 [ 60.064656][ T5944] loop2: AHDI p1 p2 p3 [ 60.066573][ T5944] loop2: partition table partially beyond EOD, truncated [ 60.069721][ T5944] loop2: p1 start 1601398130 is beyond EOD, truncated [ 60.073605][ T5944] loop2: p2 start 1702059890 is beyond EOD, truncated [ 60.077897][ T6225] Dev loop2: unable to read RDB block 7 [ 60.080305][ T6225] loop2: AHDI p1 p2 p3 [ 60.081937][ T6225] loop2: partition table partially beyond EOD, truncated [ 60.086208][ T6225] loop2: p1 start 1601398130 is beyond EOD, truncated [ 60.088755][ T6225] loop2: p2 start 1702059890 is beyond EOD, truncated [ 60.125547][ T6231] xt_CT: You must specify a L4 protocol and not use inversions on it [ 60.298019][ T6244] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 60.304278][ T6244] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 60.348708][ T6250] capability: warning: `syz.1.86' uses 32-bit capabilities (legacy support in use) [ 60.454330][ T5943] Bluetooth: hci0: command tx timeout [ 60.454374][ T5299] Bluetooth: hci3: command tx timeout [ 60.456155][ T5943] Bluetooth: hci2: command tx timeout [ 60.458364][ T5299] Bluetooth: hci1: command tx timeout [ 60.465354][ T6255] netlink: 'syz.1.88': attribute type 1 has an invalid length. [ 60.484597][ T6255] 8021q: adding VLAN 0 to HW filter on device bond1 [ 60.507396][ T6255] bond1: (slave gretap1): making interface the new active one [ 60.511736][ T6255] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 60.750218][ T6288] trusted_key: encrypted_key: hex blob is missing [ 60.835156][ T6293] netlink: 'syz.1.100': attribute type 6 has an invalid length. [ 60.911350][ T6300] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 60.911633][ T6299] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 60.920071][ T6299] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 60.925405][ T6299] overlayfs: failed to get uuid (/file1, err=-95); falling back to uuid=null. [ 61.043431][ T6312] team0: Device gtp0 is of different type [ 61.072709][ T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 61.232729][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 61.236800][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 61.241372][ T10] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 61.247180][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.252637][ T10] usb 5-1: config 0 descriptor?? [ 61.461806][ T10] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 61.661664][ T837] usb 5-1: USB disconnect, device number 2 [ 71.095865][ T1424] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.098134][ T1424] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.309793][ T6329] netlink: 'syz.3.113': attribute type 1 has an invalid length. [ 76.313662][ T6329] __nla_validate_parse: 4 callbacks suppressed [ 76.313700][ T6329] netlink: 224 bytes leftover after parsing attributes in process `syz.3.113'. [ 76.320774][ T40] kauditd_printk_skb: 155 callbacks suppressed [ 76.320787][ T40] audit: type=1400 audit(1749071604.313:304): avc: denied { create } for pid=6331 comm="syz.1.111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 76.333028][ T40] audit: type=1400 audit(1749071604.313:305): avc: denied { connect } for pid=6331 comm="syz.1.111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 76.349395][ T40] audit: type=1400 audit(1749071604.323:306): avc: denied { write } for pid=6331 comm="syz.1.111" laddr=fe80::11 lport=1 faddr=ff02::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 76.361698][ T40] audit: type=1400 audit(1749071604.343:307): avc: denied { ioctl } for pid=6331 comm="syz.1.111" path="socket:[13357]" dev="sockfs" ino=13357 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 76.373024][ T40] audit: type=1400 audit(1749071604.343:308): avc: denied { setopt } for pid=6331 comm="syz.1.111" laddr=fe80::11 lport=1 faddr=ff02::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 76.402345][ T5940] Bluetooth: hci1: ISO packet for unknown connection handle 1558 [ 76.402627][ T6339] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 76.469807][ T6347] netlink: 'syz.2.116': attribute type 6 has an invalid length. [ 76.473554][ T6347] netlink: 32 bytes leftover after parsing attributes in process `syz.2.116'. [ 76.573246][ T40] audit: type=1400 audit(1749071604.573:309): avc: denied { bind } for pid=6357 comm="syz.3.121" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 76.582536][ T40] audit: type=1400 audit(1749071604.573:310): avc: denied { write } for pid=6357 comm="syz.3.121" path="socket:[10703]" dev="sockfs" ino=10703 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 76.730154][ T6383] netlink: 'syz.0.130': attribute type 1 has an invalid length. [ 76.734368][ T6383] netlink: 224 bytes leftover after parsing attributes in process `syz.0.130'. [ 76.756685][ T6382] netlink: 'syz.1.129': attribute type 6 has an invalid length. [ 76.759306][ T6382] netlink: 32 bytes leftover after parsing attributes in process `syz.1.129'. [ 76.761209][ T40] audit: type=1400 audit(1749071604.753:311): avc: denied { read write } for pid=6386 comm="syz.2.131" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 76.768613][ T6387] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 76.774201][ T40] audit: type=1400 audit(1749071604.753:312): avc: denied { open } for pid=6386 comm="syz.2.131" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 76.781540][ T6390] netdevsim netdevsim0: Direct firmware load for É failed with error -2 [ 76.787646][ T40] audit: type=1400 audit(1749071604.773:313): avc: denied { create } for pid=6389 comm="syz.0.132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 76.790309][ T6390] netdevsim netdevsim0: Falling back to sysfs fallback for: É [ 76.906850][ T6408] process 'syz.3.139' launched '/dev/fd/84' with NULL argv: empty string added [ 77.045250][ T6417] ipt_REJECT: TCP_RESET invalid for non-tcp [ 77.113662][ T10] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 77.138424][ T6423] netlink: 'syz.1.144': attribute type 6 has an invalid length. [ 77.141270][ T6423] netlink: 32 bytes leftover after parsing attributes in process `syz.1.144'. [ 77.282626][ T10] usb 7-1: Using ep0 maxpacket: 8 [ 77.285656][ T10] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 77.288307][ T10] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 77.291291][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 77.294591][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 77.297662][ T10] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 77.301622][ T10] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 77.304763][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.519689][ T10] usb 7-1: usb_control_msg returned -32 [ 77.521833][ T10] usbtmc 7-1:16.0: can't read capabilities [ 77.857027][ T6444] loop2: detected capacity change from 0 to 7 [ 77.863394][ T6404] Dev loop2: unable to read RDB block 7 [ 77.866080][ T6404] loop2: AHDI p1 p2 p3 [ 77.867816][ T6404] loop2: partition table partially beyond EOD, truncated [ 77.870729][ T6404] loop2: p1 start 1601398130 is beyond EOD, truncated [ 77.873328][ T6404] loop2: p2 start 1702059890 is beyond EOD, truncated [ 77.877426][ T6444] Dev loop2: unable to read RDB block 7 [ 77.879186][ T6444] loop2: AHDI p1 p2 p3 [ 77.880541][ T6444] loop2: partition table partially beyond EOD, truncated [ 77.885873][ T6444] loop2: p1 start 1601398130 is beyond EOD, truncated [ 77.888421][ T6444] loop2: p2 start 1702059890 is beyond EOD, truncated [ 78.042199][ T6452] syzkaller0: entered promiscuous mode [ 78.046523][ T6452] syzkaller0: entered allmulticast mode [ 78.088146][ T6458] netlink: 14528 bytes leftover after parsing attributes in process `syz.3.157'. [ 78.146948][ T5940] Bluetooth: hci0: ISO packet for unknown connection handle 1558 [ 78.206170][ T6474] A link change request failed with some changes committed already. Interface ªªªªªªaaaaaaaaa may have been left with an inconsistent configuration, please check. [ 78.218594][ T6474] netlink: 28 bytes leftover after parsing attributes in process `syz.3.161'. [ 78.224743][ T6475] bond_slave_1: mtu less than device minimum [ 78.294333][ T6483] loop2: detected capacity change from 0 to 7 [ 78.298611][ T6483] Dev loop2: unable to read RDB block 7 [ 78.300490][ T6483] loop2: AHDI p1 p2 p3 [ 78.301888][ T6483] loop2: partition table partially beyond EOD, truncated [ 78.309330][ T6483] loop2: p1 start 1601398130 is beyond EOD, truncated [ 78.311590][ T6483] loop2: p2 start 1702059890 is beyond EOD, truncated [ 78.432661][ T1147] bond0: (slave bond_slave_0): interface is now down [ 78.435739][ T1147] bond0: (slave bond_slave_1): interface is now down [ 78.439317][ T1147] bond0: now running without any active interface! [ 78.472325][ T5940] Bluetooth: hci0: ISO packet for unknown connection handle 1558 [ 78.475429][ T6504] syz.1.171: attempt to access beyond end of device [ 78.475429][ T6504] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 78.475528][ T6504] FAT-fs (nbd1): unable to read boot sector [ 78.534108][ T6509] loop2: detected capacity change from 0 to 7 [ 78.537658][ T6404] Dev loop2: unable to read RDB block 7 [ 78.539556][ T6404] loop2: AHDI p1 p2 p3 [ 78.540940][ T6404] loop2: partition table partially beyond EOD, truncated [ 78.543803][ T6404] loop2: p1 start 1601398130 is beyond EOD, truncated [ 78.545892][ T6404] loop2: p2 start 1702059890 is beyond EOD, truncated [ 78.549028][ T6509] Dev loop2: unable to read RDB block 7 [ 78.550800][ T6509] loop2: AHDI p1 p2 p3 [ 78.552141][ T6509] loop2: partition table partially beyond EOD, truncated [ 78.554694][ T6509] loop2: p1 start 1601398130 is beyond EOD, truncated [ 78.556756][ T6509] loop2: p2 start 1702059890 is beyond EOD, truncated [ 78.832546][ T5940] Bluetooth: hci1: ISO packet for unknown connection handle 1558 [ 78.911477][ T6534] openvswitch: netlink: IPv4 tunnel dst address is zero [ 78.920702][ T6536] support for the xor transformation has been removed. [ 78.955936][ T6539] netlink: 'syz.0.184': attribute type 1 has an invalid length. [ 78.966966][ T6540] syz.1.185 (6540): attempted to duplicate a private mapping with mremap. This is not supported. [ 78.971488][ T6539] 8021q: adding VLAN 0 to HW filter on device bond1 [ 79.006149][ T6539] bond1: (slave veth3): Enslaving as an active interface with a down link [ 79.016270][ T6539] vlan2: entered allmulticast mode [ 79.017920][ T6539] veth1: entered allmulticast mode [ 79.019912][ T6539] veth1: entered promiscuous mode [ 79.021927][ T6539] veth1: left promiscuous mode [ 79.027104][ T6539] bond1: (slave vlan2): making interface the new active one [ 79.029983][ T6539] veth1: entered promiscuous mode [ 79.031964][ T6539] vlan2: entered promiscuous mode [ 79.034072][ T6539] bond1: (slave vlan2): Enslaving as an active interface with an up link [ 79.134889][ T5940] Bluetooth: hci3: ISO packet for unknown connection handle 1558 [ 79.161812][ T6549] netlink: 'syz.3.187': attribute type 4 has an invalid length. [ 79.871111][ T5999] usb 7-1: USB disconnect, device number 3 [ 80.159733][ T6608] netlink: 'syz.1.207': attribute type 6 has an invalid length. [ 80.162214][ T6608] netlink: 32 bytes leftover after parsing attributes in process `syz.1.207'. [ 80.227285][ T6620] netlink: 124 bytes leftover after parsing attributes in process `syz.1.214'. [ 80.231278][ T6620] netlink: 8 bytes leftover after parsing attributes in process `syz.1.214'. [ 80.251022][ T6620] efs: device does not support 512 byte blocks [ 80.253861][ T6620] device does not support 512 byte blocks [ 80.253861][ T6620] [ 80.257026][ T5940] Bluetooth: hci3: ISO packet for unknown connection handle 1558 [ 80.320504][ T6634] netlink: zone id is out of range [ 80.322253][ T6634] netlink: zone id is out of range [ 80.325924][ T6634] netlink: zone id is out of range [ 80.328863][ T6634] netlink: zone id is out of range [ 80.349506][ T6634] netlink: set zone limit has 4 unknown bytes [ 80.434606][ T5940] Bluetooth: hci3: ISO packet for unknown connection handle 1558 [ 80.570633][ T6665] tipc: Started in network mode [ 80.572900][ T6665] tipc: Node identity , cluster identity 4711 [ 80.575306][ T6665] tipc: Failed to set node id, please configure manually [ 80.577944][ T6665] tipc: Enabling of bearer rejected, failed to enable media [ 80.661504][ T5940] Bluetooth: hci2: ISO packet for unknown connection handle 1558 [ 80.708619][ T6680] capability: warning: `syz.0.239' uses deprecated v2 capabilities in a way that may be insecure [ 80.716624][ T6678] tipc: Started in network mode [ 80.718372][ T6678] tipc: Node identity ac14142f, cluster identity 4711 [ 80.720591][ T6678] tipc: New replicast peer: 0.0.0.0 [ 80.722371][ T6678] tipc: Enabled bearer , priority 10 [ 80.727518][ T6678] tipc: New replicast peer: fc02:0000:0000:0000:0000:0000:0000:0000 [ 80.901225][ T5940] Bluetooth: hci0: ISO packet for unknown connection handle 1558 [ 80.940276][ T6706] overlayfs: missing 'lowerdir' [ 81.144047][ T6723] netlink: 'syz.2.253': attribute type 10 has an invalid length. [ 81.167462][ T6723] team0: Port device geneve0 added [ 81.245593][ T6732] netlink: 'syz.3.256': attribute type 11 has an invalid length. [ 81.256567][ T6732] Bluetooth: MGMT ver 1.23 [ 81.313412][ T6736] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 81.313412][ T6736] The task syz.2.255 (6736) triggered the difference, watch for misbehavior. [ 81.587950][ T40] kauditd_printk_skb: 89 callbacks suppressed [ 81.587961][ T40] audit: type=1400 audit(1749071609.583:403): avc: denied { ioctl } for pid=6747 comm="syz.0.262" path="socket:[14709]" dev="sockfs" ino=14709 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 81.636954][ T6755] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=6755 comm=syz.0.265 [ 81.690823][ T40] audit: type=1400 audit(1749071609.683:404): avc: denied { create } for pid=6758 comm="syz.0.267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 81.699159][ T40] audit: type=1400 audit(1749071609.683:405): avc: denied { setopt } for pid=6758 comm="syz.0.267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 81.708703][ T40] audit: type=1400 audit(1749071609.683:406): avc: denied { create } for pid=6758 comm="syz.0.267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 81.711731][ T6761] loop6: detected capacity change from 0 to 524287999 [ 81.714837][ T40] audit: type=1400 audit(1749071609.703:407): avc: denied { read write } for pid=6758 comm="syz.0.267" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 81.724292][ T40] audit: type=1400 audit(1749071609.703:408): avc: denied { open } for pid=6758 comm="syz.0.267" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 81.724989][ T6761] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.725005][ T5999] tipc: Node number set to 2886997039 [ 81.731896][ T40] audit: type=1400 audit(1749071609.703:409): avc: denied { append } for pid=6758 comm="syz.0.267" name="loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 81.744658][ T6761] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.747295][ T6761] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.749752][ T6761] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.753910][ T6761] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.756572][ T6761] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.759034][ T6761] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.761484][ T6761] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.765194][ T6761] ldm_validate_partition_table(): Disk read failed. [ 81.767351][ T6761] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.769836][ T6761] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.772349][ T6761] Dev loop6: unable to read RDB block 0 [ 81.774710][ T6761] loop6: unable to read partition table [ 81.776751][ T6761] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 81.809798][ T6765] __nla_validate_parse: 3 callbacks suppressed [ 81.809814][ T6765] netlink: 20 bytes leftover after parsing attributes in process `syz.3.268'. [ 81.819536][ T6765] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 81.835116][ T6765] IPv6: sit1: Disabled Multicast RS [ 81.989787][ T40] audit: type=1400 audit(1749071609.983:410): avc: denied { listen } for pid=6767 comm="syz.1.270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 82.046917][ T6779] netlink: 4 bytes leftover after parsing attributes in process `syz.1.273'. [ 82.050572][ T6779] netlink: 12 bytes leftover after parsing attributes in process `syz.1.273'. [ 82.066577][ T6779] netlink: 28 bytes leftover after parsing attributes in process `syz.1.273'. [ 82.070305][ T6779] netlink: 28 bytes leftover after parsing attributes in process `syz.1.273'. [ 82.081153][ T6779] ======================================================= [ 82.081153][ T6779] WARNING: The mand mount option has been deprecated and [ 82.081153][ T6779] and is ignored by this kernel. Remove the mand [ 82.081153][ T6779] option from the mount to silence this warning. [ 82.081153][ T6779] ======================================================= [ 82.092542][ T40] audit: type=1400 audit(1749071610.073:411): avc: denied { mount } for pid=6778 comm="syz.1.273" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 82.102988][ T6779] tmpfs: Cannot change global quota limit on remount [ 82.108039][ T40] audit: type=1400 audit(1749071610.073:412): avc: denied { remount } for pid=6778 comm="syz.1.273" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 82.117507][ T6792] netlink: 12 bytes leftover after parsing attributes in process `syz.3.275'. [ 82.141180][ T5940] Bluetooth: hci0: unexpected cc 0x2007 length: 100 > 2 [ 82.207850][ T6796] netlink: 'syz.3.277': attribute type 6 has an invalid length. [ 82.210835][ T6796] netlink: 32 bytes leftover after parsing attributes in process `syz.3.277'. [ 82.258390][ T6802] netlink: 8 bytes leftover after parsing attributes in process `syz.3.279'. [ 82.261425][ T6802] netlink: 12 bytes leftover after parsing attributes in process `syz.3.279'. [ 82.274299][ T6802] netlink: 4 bytes leftover after parsing attributes in process `syz.3.279'. [ 82.336202][ T6802] team0: Port device team_slave_0 removed [ 82.555841][ T6811] gretap0: entered promiscuous mode [ 82.560631][ T6811] gretap0: left promiscuous mode [ 82.587454][ T6814] loop2: detected capacity change from 0 to 7 [ 82.592974][ T6814] Dev loop2: unable to read RDB block 7 [ 82.596033][ T6814] loop2: AHDI p1 p2 p3 [ 82.597886][ T6814] loop2: partition table partially beyond EOD, truncated [ 82.601315][ T6814] loop2: p1 start 1601398130 is beyond EOD, truncated [ 82.604944][ T6814] loop2: p2 start 1702059890 is beyond EOD, truncated [ 82.777639][ T6820] netlink: 'syz.2.287': attribute type 6 has an invalid length. [ 82.789479][ T6823] openvswitch: netlink: Multiple metadata blocks provided [ 82.793727][ T6823] Zero length message leads to an empty skb [ 82.830398][ T6825] netlink: 'syz.2.289': attribute type 5 has an invalid length. [ 83.438528][ T837] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 83.551506][ T6897] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 83.582767][ T837] usb 7-1: Using ep0 maxpacket: 32 [ 83.586583][ T837] usb 7-1: config 0 has no interfaces? [ 83.594918][ T837] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 83.598623][ T837] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 83.602051][ T837] usb 7-1: Product: syz [ 83.606269][ T837] usb 7-1: Manufacturer: syz [ 83.609063][ T837] usb 7-1: SerialNumber: syz [ 83.616833][ T837] usb 7-1: config 0 descriptor?? [ 83.933163][ T837] usb 7-1: USB disconnect, device number 4 [ 83.962655][ T838] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 83.964033][ T6939] syzkaller0: entered promiscuous mode [ 83.967478][ T6939] syzkaller0: entered allmulticast mode [ 84.089420][ T6944] FAULT_INJECTION: forcing a failure. [ 84.089420][ T6944] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 84.093777][ T6944] CPU: 0 UID: 0 PID: 6944 Comm: syz.0.324 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) [ 84.093792][ T6944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 84.093809][ T6944] Call Trace: [ 84.093814][ T6944] [ 84.093819][ T6944] dump_stack_lvl+0x16c/0x1f0 [ 84.093848][ T6944] should_fail_ex+0x512/0x640 [ 84.093862][ T6944] _copy_from_user+0x2e/0xd0 [ 84.093875][ T6944] __sys_bpf+0x21d/0x4d80 [ 84.093893][ T6944] ? __pfx___sys_bpf+0x10/0x10 [ 84.093907][ T6944] ? ksys_write+0x190/0x250 [ 84.093923][ T6944] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 84.093948][ T6944] ? fput+0x70/0xf0 [ 84.093957][ T6944] ? ksys_write+0x1ac/0x250 [ 84.093970][ T6944] ? __pfx_ksys_write+0x10/0x10 [ 84.093985][ T6944] __x64_sys_bpf+0x78/0xc0 [ 84.093999][ T6944] ? lockdep_hardirqs_on+0x7c/0x110 [ 84.094015][ T6944] do_syscall_64+0xcd/0x4c0 [ 84.094025][ T6944] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.094036][ T6944] RIP: 0033:0x7fc099d8e929 [ 84.094044][ T6944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.094054][ T6944] RSP: 002b:00007fc09ab8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 84.094064][ T6944] RAX: ffffffffffffffda RBX: 00007fc099fb5fa0 RCX: 00007fc099d8e929 [ 84.094072][ T6944] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005 [ 84.094081][ T6944] RBP: 00007fc09ab8e090 R08: 0000000000000000 R09: 0000000000000000 [ 84.094089][ T6944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.094097][ T6944] R13: 0000000000000000 R14: 00007fc099fb5fa0 R15: 00007fffec9c7f68 [ 84.094114][ T6944] [ 84.132637][ T838] usb 8-1: Using ep0 maxpacket: 8 [ 84.171412][ T838] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 84.175348][ T838] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 84.179113][ T838] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 84.183025][ T838] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 84.186872][ T838] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 84.189941][ T838] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.196727][ T838] hub 8-1:1.0: bad descriptor, ignoring hub [ 84.198843][ T838] hub 8-1:1.0: probe with driver hub failed with error -5 [ 84.201844][ T838] cdc_wdm 8-1:1.0: skipping garbage [ 84.203805][ T838] cdc_wdm 8-1:1.0: skipping garbage [ 84.208531][ T838] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 84.209381][ T6941] openvswitch: netlink: VXLAN extension message has 1 unknown bytes. [ 84.210635][ T838] cdc_wdm 8-1:1.0: Unknown control protocol [ 84.310011][ T6950] netlink: set zone limit has 4 unknown bytes [ 84.383766][ T6954] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 84.513289][ T838] usb 8-1: USB disconnect, device number 2 [ 84.853111][ T24] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 85.022768][ T24] usb 8-1: Using ep0 maxpacket: 16 [ 85.029254][ T24] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 85.033461][ T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 85.036957][ T24] usb 8-1: Product: syz [ 85.038792][ T24] usb 8-1: Manufacturer: syz [ 85.040888][ T24] usb 8-1: SerialNumber: syz [ 85.044404][ T24] usb 8-1: config 0 descriptor?? [ 85.280440][ T6916] mkiss: ax0: crc mode is auto. [ 85.283169][ T6974] overlayfs: lower data-only dirs require metacopy support. [ 85.525445][ T6985] syzkaller0: entered promiscuous mode [ 85.527841][ T6985] syzkaller0: entered allmulticast mode [ 85.654694][ T34] usb 8-1: USB disconnect, device number 3 [ 86.224529][ T5940] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 86.227771][ T5940] Bluetooth: hci0: Injecting HCI hardware error event [ 86.230959][ T5940] Bluetooth: hci0: hardware error 0x00 [ 86.384380][ T7007] warning: `syz.1.349' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 86.422604][ T24] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 86.483798][ T7017] 9pnet_virtio: no channels available for device syz [ 86.487039][ T7017] 9pnet_virtio: no channels available for device syz [ 86.490183][ T7017] 9pnet_virtio: no channels available for device syz [ 86.493266][ T7017] 9pnet_virtio: no channels available for device syz [ 86.496209][ T7017] 9pnet_virtio: no channels available for device syz [ 86.499496][ T7017] 9pnet_virtio: no channels available for device syz [ 86.503771][ T7017] 9pnet_virtio: no channels available for device syz [ 86.506980][ T7017] 9pnet_virtio: no channels available for device syz [ 86.510106][ T7017] 9pnet_virtio: no channels available for device syz [ 86.513422][ T7017] 9pnet_virtio: no channels available for device syz [ 86.516395][ T7017] 9pnet_virtio: no channels available for device syz [ 86.519438][ T7017] 9pnet_virtio: no channels available for device syz [ 86.522609][ T7017] 9pnet_virtio: no channels available for device syz [ 86.525586][ T7017] 9pnet_virtio: no channels available for device syz [ 86.528918][ T7017] 9pnet_virtio: no channels available for device syz [ 86.532093][ T7017] 9pnet_virtio: no channels available for device syz [ 86.535672][ T7017] 9pnet_virtio: no channels available for device syz [ 86.538744][ T7017] 9pnet_virtio: no channels available for device syz [ 86.541750][ T7017] 9pnet_virtio: no channels available for device syz [ 86.545863][ T7017] 9pnet_virtio: no channels available for device syz [ 86.548496][ T7017] 9pnet_virtio: no channels available for device syz [ 86.551656][ T7017] 9pnet_virtio: no channels available for device syz [ 86.554280][ T7017] 9pnet_virtio: no channels available for device syz [ 86.556874][ T7017] 9pnet_virtio: no channels available for device syz [ 86.559806][ T7017] 9pnet_virtio: no channels available for device syz [ 86.562133][ T7017] 9pnet_virtio: no channels available for device syz [ 86.564937][ T7017] 9pnet_virtio: no channels available for device syz [ 86.567248][ T7017] 9pnet_virtio: no channels available for device syz [ 86.569762][ T7017] 9pnet_virtio: no channels available for device syz [ 86.572123][ T7017] 9pnet_virtio: no channels available for device syz [ 86.574570][ T7017] 9pnet_virtio: no channels available for device syz [ 86.576877][ T7017] 9pnet_virtio: no channels available for device syz [ 86.584887][ T24] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 86.587998][ T24] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 86.591996][ T24] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 86.595214][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.762594][ T5999] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 86.805408][ T24] usb 7-1: usb_control_msg returned -32 [ 86.808212][ T24] usbtmc 7-1:16.0: can't read capabilities [ 86.808509][ T6993] netlink: 'syz.2.344': attribute type 28 has an invalid length. [ 86.816593][ T6993] netlink: 'syz.2.344': attribute type 3 has an invalid length. [ 86.819760][ T6993] __nla_validate_parse: 9 callbacks suppressed [ 86.819770][ T6993] netlink: 132 bytes leftover after parsing attributes in process `syz.2.344'. [ 86.833270][ T7028] sch_fq: defrate 0 ignored. [ 86.912861][ T5999] usb 8-1: Using ep0 maxpacket: 32 [ 86.916055][ T5999] usb 8-1: config 0 has no interfaces? [ 86.919426][ T5999] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 86.922294][ T5999] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 86.926377][ T5999] usb 8-1: Product: syz [ 86.927740][ T5999] usb 8-1: Manufacturer: syz [ 86.929159][ T5999] usb 8-1: SerialNumber: syz [ 86.932163][ T5999] usb 8-1: config 0 descriptor?? [ 87.027749][ T7035] FAULT_INJECTION: forcing a failure. [ 87.027749][ T7035] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 87.032436][ T7035] CPU: 3 UID: 0 PID: 7035 Comm: syz.1.361 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) [ 87.032461][ T7035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.032470][ T7035] Call Trace: [ 87.032484][ T7035] [ 87.032489][ T7035] dump_stack_lvl+0x16c/0x1f0 [ 87.032524][ T7035] should_fail_ex+0x512/0x640 [ 87.032542][ T7035] should_fail_alloc_page+0xe7/0x130 [ 87.032560][ T7035] prepare_alloc_pages+0x3c2/0x610 [ 87.032573][ T7035] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 87.032590][ T7035] ? find_held_lock+0x2b/0x80 [ 87.032604][ T7035] ? is_bpf_text_address+0x8a/0x1a0 [ 87.032617][ T7035] ? bpf_ksym_find+0x127/0x1c0 [ 87.032633][ T7035] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 87.032646][ T7035] ? is_bpf_text_address+0x94/0x1a0 [ 87.032659][ T7035] ? __kernel_text_address+0xd/0x40 [ 87.032670][ T7035] ? unwind_get_return_address+0x59/0xa0 [ 87.032691][ T7035] ? interleave_nodes+0x16b/0x410 [ 87.032708][ T7035] ? policy_nodemask+0xea/0x4e0 [ 87.032724][ T7035] alloc_pages_mpol+0x1fb/0x550 [ 87.032740][ T7035] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 87.032754][ T7035] ? kasan_save_stack+0x33/0x60 [ 87.032767][ T7035] ? __kasan_kmalloc+0xaa/0xb0 [ 87.032778][ T7035] ? __get_vm_area_node+0x101/0x330 [ 87.032792][ T7035] alloc_pages_noprof+0x131/0x390 [ 87.032807][ T7035] get_free_pages_noprof+0x10/0xb0 [ 87.032823][ T7035] kasan_populate_vmalloc+0x89/0x1f0 [ 87.032839][ T7035] alloc_vmap_area+0x959/0x29c0 [ 87.032855][ T7035] ? __pfx_alloc_vmap_area+0x10/0x10 [ 87.032872][ T7035] __get_vm_area_node+0x1ca/0x330 [ 87.032886][ T7035] __vmalloc_node_range_noprof+0x271/0x14b0 [ 87.032898][ T7035] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 87.032910][ T7035] ? find_held_lock+0x2b/0x80 [ 87.032923][ T7035] ? avc_has_perm_noaudit+0x117/0x3b0 [ 87.032937][ T7035] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 87.032952][ T7035] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 87.032964][ T7035] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 87.032979][ T7035] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 87.032990][ T7035] __vmalloc_node_noprof+0xad/0xf0 [ 87.033001][ T7035] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 87.033014][ T7035] bpf_prog_alloc_no_stats+0x54/0x630 [ 87.033026][ T7035] ? security_capable+0x7e/0x260 [ 87.033042][ T7035] bpf_prog_alloc+0x3b/0x230 [ 87.033052][ T7035] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 87.033066][ T7035] bpf_prog_load+0x1a04/0x2490 [ 87.033083][ T7035] ? __pfx_bpf_prog_load+0x10/0x10 [ 87.033096][ T7035] ? avc_has_perm_noaudit+0x149/0x3b0 [ 87.033118][ T7035] ? selinux_bpf+0xde/0x130 [ 87.033131][ T7035] ? bpf_lsm_bpf+0x9/0x10 [ 87.033143][ T7035] __sys_bpf+0x433c/0x4d80 [ 87.033159][ T7035] ? __pfx___sys_bpf+0x10/0x10 [ 87.033173][ T7035] ? ksys_write+0x190/0x250 [ 87.033189][ T7035] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 87.033214][ T7035] ? fput+0x70/0xf0 [ 87.033223][ T7035] ? ksys_write+0x1ac/0x250 [ 87.033236][ T7035] ? __pfx_ksys_write+0x10/0x10 [ 87.033251][ T7035] __x64_sys_bpf+0x78/0xc0 [ 87.033266][ T7035] ? lockdep_hardirqs_on+0x7c/0x110 [ 87.033281][ T7035] do_syscall_64+0xcd/0x4c0 [ 87.033291][ T7035] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.033302][ T7035] RIP: 0033:0x7f4a33b8e929 [ 87.033311][ T7035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.033320][ T7035] RSP: 002b:00007f4a349b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 87.033330][ T7035] RAX: ffffffffffffffda RBX: 00007f4a33db5fa0 RCX: 00007f4a33b8e929 [ 87.033336][ T7035] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005 [ 87.033342][ T7035] RBP: 00007f4a349b4090 R08: 0000000000000000 R09: 0000000000000000 [ 87.033348][ T7035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 87.033353][ T7035] R13: 0000000000000000 R14: 00007f4a33db5fa0 R15: 00007ffc79a65be8 [ 87.033366][ T7035] [ 87.175934][ T7035] syz.1.361: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 87.183306][ T7035] CPU: 2 UID: 0 PID: 7035 Comm: syz.1.361 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) [ 87.183348][ T7035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.183358][ T7035] Call Trace: [ 87.183364][ T7035] [ 87.183370][ T7035] dump_stack_lvl+0x16c/0x1f0 [ 87.183401][ T7035] warn_alloc+0x248/0x3a0 [ 87.183426][ T7035] ? __pfx_warn_alloc+0x10/0x10 [ 87.183449][ T7035] ? kfree+0x2b4/0x4d0 [ 87.183471][ T7035] ? __get_vm_area_node+0x208/0x330 [ 87.183492][ T7035] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 87.183511][ T7035] ? find_held_lock+0x2b/0x80 [ 87.183531][ T7035] ? avc_has_perm_noaudit+0x117/0x3b0 [ 87.183554][ T7035] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 87.183580][ T7035] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 87.183605][ T7035] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 87.183627][ T7035] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 87.183643][ T7035] __vmalloc_node_noprof+0xad/0xf0 [ 87.183660][ T7035] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 87.183679][ T7035] bpf_prog_alloc_no_stats+0x54/0x630 [ 87.183695][ T7035] ? security_capable+0x7e/0x260 [ 87.183719][ T7035] bpf_prog_alloc+0x3b/0x230 [ 87.183736][ T7035] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 87.183756][ T7035] bpf_prog_load+0x1a04/0x2490 [ 87.183784][ T7035] ? __pfx_bpf_prog_load+0x10/0x10 [ 87.183805][ T7035] ? avc_has_perm_noaudit+0x149/0x3b0 [ 87.183841][ T7035] ? selinux_bpf+0xde/0x130 [ 87.183862][ T7035] ? bpf_lsm_bpf+0x9/0x10 [ 87.183881][ T7035] __sys_bpf+0x433c/0x4d80 [ 87.183907][ T7035] ? __pfx___sys_bpf+0x10/0x10 [ 87.183931][ T7035] ? ksys_write+0x190/0x250 [ 87.183956][ T7035] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 87.183994][ T7035] ? fput+0x70/0xf0 [ 87.184009][ T7035] ? ksys_write+0x1ac/0x250 [ 87.184029][ T7035] ? __pfx_ksys_write+0x10/0x10 [ 87.184055][ T7035] __x64_sys_bpf+0x78/0xc0 [ 87.184077][ T7035] ? lockdep_hardirqs_on+0x7c/0x110 [ 87.184100][ T7035] do_syscall_64+0xcd/0x4c0 [ 87.184117][ T7035] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.184134][ T7035] RIP: 0033:0x7f4a33b8e929 [ 87.184147][ T7035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.184162][ T7035] RSP: 002b:00007f4a349b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 87.184178][ T7035] RAX: ffffffffffffffda RBX: 00007f4a33db5fa0 RCX: 00007f4a33b8e929 [ 87.184187][ T7035] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005 [ 87.184195][ T7035] RBP: 00007f4a349b4090 R08: 0000000000000000 R09: 0000000000000000 [ 87.184204][ T7035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 87.184212][ T7035] R13: 0000000000000000 R14: 00007f4a33db5fa0 R15: 00007ffc79a65be8 [ 87.184230][ T7035] [ 87.184235][ T7035] Mem-Info: [ 87.190262][ T7036] usbtmc 7-1:16.0: usbtmc_ioctl_request failed -32 [ 87.192806][ T7035] active_anon:16610 inactive_anon:0 isolated_anon:0 [ 87.192806][ T7035] active_file:883 inactive_file:47004 isolated_file:0 [ 87.192806][ T7035] unevictable:1768 dirty:211 writeback:0 [ 87.192806][ T7035] slab_reclaimable:11526 slab_unreclaimable:70074 [ 87.192806][ T7035] mapped:24728 shmem:2394 pagetables:1251 [ 87.192806][ T7035] sec_pagetables:305 bounce:0 [ 87.192806][ T7035] kernel_misc_reclaimable:0 [ 87.192806][ T7035] free:457218 free_pcp:16126 free_cma:0 [ 87.192850][ T7035] Node 0 active_anon:66440kB inactive_anon:0kB active_file:3532kB inactive_file:187768kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:98868kB dirty:836kB writeback:0kB shmem:6040kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11856kB pagetables:4828kB sec_pagetables:1220kB all_unreclaimable? no Balloon:0kB [ 87.285341][ T836] usb 8-1: USB disconnect, device number 4 [ 87.285523][ T7035] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:248kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:44kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:112kB pagetables:176kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 87.324447][ T7035] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 87.333610][ T7035] lowmem_reserve[]: 0 1235 1235 1235 1235 [ 87.335586][ T7035] Node 0 DMA32 free:220348kB boost:0kB min:27516kB low:34392kB high:41268kB reserved_highatomic:0KB free_highatomic:0KB active_anon:66452kB inactive_anon:0kB active_file:3532kB inactive_file:187768kB unevictable:3536kB writepending:836kB present:2080628kB managed:1264892kB mlocked:0kB bounce:0kB free_pcp:39148kB local_pcp:17840kB free_cma:0kB [ 87.345898][ T7035] lowmem_reserve[]: 0 0 0 0 0 [ 87.347772][ T7035] Node 1 Normal free:1593080kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:248kB unevictable:3536kB writepending:8kB present:2097152kB managed:1781948kB mlocked:0kB bounce:0kB free_pcp:25560kB local_pcp:6848kB free_cma:0kB [ 87.357891][ T7035] lowmem_reserve[]: 0 0 0 0 0 [ 87.359666][ T7035] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 87.364019][ T7035] Node 0 DMA32: 39*4kB (UM) 407*8kB (UME) 251*16kB (UM) 285*32kB (UME) 173*64kB (UM) 62*128kB (UM) 13*256kB (UM) 10*512kB (UME) 10*1024kB (UM) 5*2048kB (M) 38*4096kB (UM) = 220132kB [ 87.369779][ T7035] Node 1 Normal: 4*4kB (UME) 17*8kB (UME) 26*16kB (UME) 24*32kB (UE) 15*64kB (UME) 10*128kB (UME) 5*256kB (UE) 6*512kB (UME) 2*1024kB (UE) 1*2048kB (M) 386*4096kB (M) = 1593080kB [ 87.375668][ T7035] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 87.378764][ T7035] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 87.381739][ T7035] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 87.385500][ T7035] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 87.388408][ T7035] 50278 total pagecache pages [ 87.389964][ T7035] 0 pages in swap cache [ 87.391423][ T7035] Free swap = 124996kB [ 87.393306][ T7035] Total swap = 124996kB [ 87.394888][ T7035] 1048443 pages RAM [ 87.396177][ T7035] 0 pages HighMem/MovableOnly [ 87.397663][ T7035] 282893 pages reserved [ 87.398979][ T7035] 0 pages cma reserved [ 87.451649][ T40] kauditd_printk_skb: 38 callbacks suppressed [ 87.451664][ T40] audit: type=1400 audit(1749071615.443:451): avc: denied { shutdown } for pid=7041 comm="syz.0.363" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 87.459819][ T7043] IPVS: set_ctl: invalid protocol: 7745 100.1.1.2:20003 [ 87.542190][ T40] audit: type=1400 audit(1749071615.533:452): avc: denied { call } for pid=7046 comm="syz.0.364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 87.574352][ T7051] netlink: 'syz.0.366': attribute type 10 has an invalid length. [ 87.577832][ T7051] macvlan0: entered promiscuous mode [ 87.579745][ T7051] macvlan0: entered allmulticast mode [ 87.585470][ T7051] veth1_vlan: entered allmulticast mode [ 87.591575][ T7051] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 87.627961][ T5943] Bluetooth: hci1: ISO packet for unknown connection handle 1558 [ 87.699996][ T7061] FAULT_INJECTION: forcing a failure. [ 87.699996][ T7061] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 87.705901][ T7061] CPU: 2 UID: 0 PID: 7061 Comm: syz.0.371 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) [ 87.705924][ T7061] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.705934][ T7061] Call Trace: [ 87.705940][ T7061] [ 87.705946][ T7061] dump_stack_lvl+0x16c/0x1f0 [ 87.705978][ T7061] should_fail_ex+0x512/0x640 [ 87.705998][ T7061] should_fail_alloc_page+0xe7/0x130 [ 87.706025][ T7061] prepare_alloc_pages+0x3c2/0x610 [ 87.706047][ T7061] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 87.706074][ T7061] ? rcu_is_watching+0x12/0xc0 [ 87.706095][ T7061] ? trace_mm_page_alloc+0x11f/0x1a0 [ 87.706113][ T7061] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 87.706138][ T7061] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 87.706164][ T7061] ? is_bpf_text_address+0x8a/0x1a0 [ 87.706185][ T7061] ? bpf_ksym_find+0x127/0x1c0 [ 87.706210][ T7061] ? is_bpf_text_address+0x94/0x1a0 [ 87.706233][ T7061] ? __kernel_text_address+0xd/0x40 [ 87.706251][ T7061] ? unwind_get_return_address+0x59/0xa0 [ 87.706287][ T7061] alloc_pages_bulk_noprof+0x71c/0x1410 [ 87.706312][ T7061] ? policy_nodemask+0xea/0x4e0 [ 87.706340][ T7061] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 87.706364][ T7061] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 87.706399][ T7061] kasan_populate_vmalloc+0xf1/0x1f0 [ 87.706424][ T7061] alloc_vmap_area+0x959/0x29c0 [ 87.706451][ T7061] ? __pfx_alloc_vmap_area+0x10/0x10 [ 87.706474][ T7061] __get_vm_area_node+0x1ca/0x330 [ 87.706496][ T7061] __vmalloc_node_range_noprof+0x271/0x14b0 [ 87.706515][ T7061] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 87.706536][ T7061] ? find_held_lock+0x2b/0x80 [ 87.706557][ T7061] ? avc_has_perm_noaudit+0x117/0x3b0 [ 87.706580][ T7061] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 87.706605][ T7061] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 87.706625][ T7061] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 87.706649][ T7061] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 87.706667][ T7061] __vmalloc_node_noprof+0xad/0xf0 [ 87.706686][ T7061] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 87.706708][ T7061] bpf_prog_alloc_no_stats+0x54/0x630 [ 87.706742][ T7061] ? security_capable+0x7e/0x260 [ 87.706764][ T7061] bpf_prog_alloc+0x3b/0x230 [ 87.706781][ T7061] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 87.706802][ T7061] bpf_prog_load+0x1a04/0x2490 [ 87.706830][ T7061] ? __pfx_bpf_prog_load+0x10/0x10 [ 87.706859][ T7061] ? avc_has_perm_noaudit+0x149/0x3b0 [ 87.706897][ T7061] ? selinux_bpf+0xde/0x130 [ 87.706917][ T7061] ? bpf_lsm_bpf+0x9/0x10 [ 87.706937][ T7061] __sys_bpf+0x433c/0x4d80 [ 87.706964][ T7061] ? __pfx___sys_bpf+0x10/0x10 [ 87.706988][ T7061] ? ksys_write+0x190/0x250 [ 87.707013][ T7061] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 87.707054][ T7061] ? fput+0x70/0xf0 [ 87.707069][ T7061] ? ksys_write+0x1ac/0x250 [ 87.707090][ T7061] ? __pfx_ksys_write+0x10/0x10 [ 87.707116][ T7061] __x64_sys_bpf+0x78/0xc0 [ 87.707139][ T7061] ? lockdep_hardirqs_on+0x7c/0x110 [ 87.707164][ T7061] do_syscall_64+0xcd/0x4c0 [ 87.707181][ T7061] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.707198][ T7061] RIP: 0033:0x7fc099d8e929 [ 87.707212][ T7061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.707228][ T7061] RSP: 002b:00007fc09ab8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 87.707244][ T7061] RAX: ffffffffffffffda RBX: 00007fc099fb5fa0 RCX: 00007fc099d8e929 [ 87.707254][ T7061] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005 [ 87.707264][ T7061] RBP: 00007fc09ab8e090 R08: 0000000000000000 R09: 0000000000000000 [ 87.707274][ T7061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 87.707284][ T7061] R13: 0000000000000000 R14: 00007fc099fb5fa0 R15: 00007fffec9c7f68 [ 87.707306][ T7061] [ 87.858757][ T7064] loop2: detected capacity change from 0 to 7 [ 87.862311][ T7064] Dev loop2: unable to read RDB block 7 [ 87.865359][ T7064] loop2: AHDI p1 p2 p3 [ 87.867080][ T7064] loop2: partition table partially beyond EOD, truncated [ 87.870407][ T7064] loop2: p1 start 1601398130 is beyond EOD, truncated [ 87.873548][ T7064] loop2: p2 start 1702059890 is beyond EOD, truncated [ 87.904896][ T40] audit: type=1400 audit(1749071615.903:453): avc: denied { map } for pid=7065 comm="syz.0.373" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 87.912021][ T40] audit: type=1400 audit(1749071615.903:454): avc: denied { execute } for pid=7065 comm="syz.0.373" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 88.080708][ T40] audit: type=1400 audit(1749071616.073:455): avc: denied { map } for pid=7077 comm="syz.0.376" path="/dev/tty21" dev="devtmpfs" ino=40 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1 [ 88.228957][ T40] audit: type=1400 audit(1749071616.223:456): avc: denied { setopt } for pid=7085 comm="syz.0.380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 88.292541][ T5940] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 88.366848][ T7088] netlink: 'syz.0.381': attribute type 29 has an invalid length. [ 88.371008][ T7088] netlink: 'syz.0.381': attribute type 29 has an invalid length. [ 88.373866][ T7088] netlink: 500 bytes leftover after parsing attributes in process `syz.0.381'. [ 88.549894][ T7097] syzkaller0: entered promiscuous mode [ 88.551986][ T7097] syzkaller0: entered allmulticast mode [ 88.597830][ T7099] netlink: 'syz.0.385': attribute type 11 has an invalid length. [ 88.731472][ T7106] evm: overlay not supported [ 88.769814][ T40] audit: type=1400 audit(1749071616.763:457): avc: denied { read } for pid=7109 comm="syz.0.387" name="msr" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 88.780210][ T40] audit: type=1400 audit(1749071616.763:458): avc: denied { open } for pid=7109 comm="syz.0.387" path="/dev/cpu/2/msr" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 88.847453][ T7118] netlink: 4 bytes leftover after parsing attributes in process `syz.0.390'. [ 89.042039][ T7129] loop2: detected capacity change from 0 to 7 [ 89.046949][ T6404] Dev loop2: unable to read RDB block 7 [ 89.048866][ T6404] loop2: AHDI p1 p2 p3 [ 89.050199][ T6404] loop2: partition table partially beyond EOD, truncated [ 89.052692][ T6404] loop2: p1 start 1601398130 is beyond EOD, truncated [ 89.054925][ T6404] loop2: p2 start 1702059890 is beyond EOD, truncated [ 89.058699][ T7129] Dev loop2: unable to read RDB block 7 [ 89.060515][ T7129] loop2: AHDI p1 p2 p3 [ 89.061864][ T7129] loop2: partition table partially beyond EOD, truncated [ 89.065568][ T7129] loop2: p1 start 1601398130 is beyond EOD, truncated [ 89.067775][ T7129] loop2: p2 start 1702059890 is beyond EOD, truncated [ 89.176023][ T5940] Bluetooth: hci1: ISO packet for unknown connection handle 1558 [ 89.218433][ T7137] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=341 sclass=netlink_route_socket pid=7137 comm=syz.1.396 [ 89.227741][ T7137] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7137 comm=syz.1.396 [ 89.238196][ T7137] raw_sendmsg: syz.1.396 forgot to set AF_INET. Fix it! [ 89.243969][ T34] usb 7-1: USB disconnect, device number 5 [ 89.383420][ T7149] loop2: detected capacity change from 0 to 7 [ 89.388119][ T6404] Dev loop2: unable to read RDB block 7 [ 89.390486][ T6404] loop2: AHDI p1 p2 p3 [ 89.393284][ T6404] loop2: partition table partially beyond EOD, truncated [ 89.396835][ T6404] loop2: p1 start 1601398130 is beyond EOD, truncated [ 89.399588][ T6404] loop2: p2 start 1702059890 is beyond EOD, truncated [ 89.406023][ T7149] Dev loop2: unable to read RDB block 7 [ 89.407998][ T7149] loop2: AHDI p1 p2 p3 [ 89.409634][ T7149] loop2: partition table partially beyond EOD, truncated [ 89.412113][ T7149] loop2: p1 start 1601398130 is beyond EOD, truncated [ 89.415550][ T7149] loop2: p2 start 1702059890 is beyond EOD, truncated [ 89.457572][ T40] audit: type=1400 audit(1749071617.453:459): avc: denied { getopt } for pid=7150 comm="syz.0.402" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 89.467942][ T7151] vxcan1 speed is unknown, defaulting to 1000 [ 89.473953][ T7151] vxcan1 speed is unknown, defaulting to 1000 [ 89.478119][ T7151] vxcan1 speed is unknown, defaulting to 1000 [ 89.536886][ T7157] could not open pipe file descriptor [ 89.553680][ T7158] syzkaller0: entered promiscuous mode [ 89.556642][ T7158] syzkaller0: entered allmulticast mode [ 89.605554][ T7161] netlink: 'syz.3.406': attribute type 6 has an invalid length. [ 89.608034][ T7161] netlink: 32 bytes leftover after parsing attributes in process `syz.3.406'. [ 89.706386][ T40] audit: type=1400 audit(1749071617.703:460): avc: denied { map } for pid=7165 comm="syz.3.407" path="/96/file0/pids.current" dev="9p" ino=35913986 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 89.714645][ T7166] netfs: Couldn't get user pages (rc=-14) [ 89.735750][ T7151] infiniband syz0: set active [ 89.738719][ T10] vxcan1 speed is unknown, defaulting to 1000 [ 89.740578][ T7151] infiniband syz0: added vxcan1 [ 89.751992][ T7170] support for the xor transformation has been removed. [ 89.776507][ T7151] RDS/IB: syz0: added [ 89.778725][ T7151] smc: adding ib device syz0 with port count 1 [ 89.781423][ T7151] smc: ib device syz0 port 1 has pnetid [ 89.787039][ T24] vxcan1 speed is unknown, defaulting to 1000 [ 89.794370][ T7151] vxcan1 speed is unknown, defaulting to 1000 [ 89.906767][ T7182] loop2: detected capacity change from 0 to 7 [ 89.910079][ T6344] Dev loop2: unable to read RDB block 7 [ 89.912025][ T6344] loop2: AHDI p1 p2 p3 [ 89.913389][ T7151] vxcan1 speed is unknown, defaulting to 1000 [ 89.915446][ T6344] loop2: partition table partially beyond EOD, truncated [ 89.917829][ T6344] loop2: p1 start 1601398130 is beyond EOD, truncated [ 89.919988][ T6344] loop2: p2 start 1702059890 is beyond EOD, truncated [ 89.925556][ T7182] Dev loop2: unable to read RDB block 7 [ 89.927373][ T7182] loop2: AHDI p1 p2 p3 [ 89.928704][ T7182] loop2: partition table partially beyond EOD, truncated [ 89.931285][ T7182] loop2: p1 start 1601398130 is beyond EOD, truncated [ 89.933596][ T7182] loop2: p2 start 1702059890 is beyond EOD, truncated [ 89.998553][ T7190] netlink: 16 bytes leftover after parsing attributes in process `syz.1.416'. [ 90.021768][ T7190] netlink: 8 bytes leftover after parsing attributes in process `syz.1.416'. [ 90.025580][ T7190] netlink: 24 bytes leftover after parsing attributes in process `syz.1.416'. [ 90.053800][ T7189] netlink: 'syz.2.415': attribute type 6 has an invalid length. [ 90.056304][ T7189] netlink: 32 bytes leftover after parsing attributes in process `syz.2.415'. [ 90.077962][ T7151] vxcan1 speed is unknown, defaulting to 1000 [ 90.133410][ T7197] syzkaller0: entered promiscuous mode [ 90.135277][ T7197] syzkaller0: entered allmulticast mode [ 90.245698][ T7201] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 90.248645][ T7201] overlayfs: failed to set xattr on upper [ 90.251182][ T7201] overlayfs: ...falling back to redirect_dir=nofollow. [ 90.255108][ T7201] overlayfs: ...falling back to index=off. [ 90.257586][ T7201] overlayfs: ...falling back to uuid=null. [ 90.288053][ T7151] vxcan1 speed is unknown, defaulting to 1000 [ 90.323965][ T1143] vlan2: left promiscuous mode [ 90.400845][ T7204] netlink: 48 bytes leftover after parsing attributes in process `syz.2.421'. [ 90.547641][ T7215] netlink: 'syz.0.426': attribute type 1 has an invalid length. [ 90.551038][ T7215] netlink: 44 bytes leftover after parsing attributes in process `syz.0.426'. [ 90.569054][ T7215] tmpfs: Unknown parameter 'usrquotrdlimit' [ 90.757717][ T7228] netlink: 'syz.0.432': attribute type 6 has an invalid length. [ 90.802634][ T838] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 90.835620][ T5943] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 90.840239][ T5943] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 90.843594][ T5943] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 90.847348][ T5943] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 90.850312][ T5943] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 90.878907][ T7239] vxcan1 speed is unknown, defaulting to 1000 [ 90.942633][ T838] usb 8-1: device descriptor read/64, error -71 [ 91.064179][ T7256] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 91.068063][ T7256] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 91.084486][ T7239] chnl_net:caif_netlink_parms(): no params data found [ 91.182576][ T838] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 91.194917][ T7239] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.197989][ T7239] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.200989][ T7239] bridge_slave_0: entered allmulticast mode [ 91.205788][ T7239] bridge_slave_0: entered promiscuous mode [ 91.210474][ T7239] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.213631][ T7239] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.216709][ T7239] bridge_slave_1: entered allmulticast mode [ 91.220362][ T7239] bridge_slave_1: entered promiscuous mode [ 91.270765][ T7239] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.276473][ T7239] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.317910][ T838] usb 8-1: device descriptor read/64, error -71 [ 91.319132][ T7239] team0: Port device team_slave_0 added [ 91.326970][ T7239] team0: Port device team_slave_1 added [ 91.369385][ T7270] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 91.372717][ T7276] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 91.384298][ T7239] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.386553][ T7239] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.395079][ T7239] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.400343][ T7239] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.402565][ T7239] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.410708][ T7239] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.426971][ T838] usb usb8-port1: attempt power cycle [ 91.455312][ T7278] netlink: 'syz.2.448': attribute type 6 has an invalid length. [ 91.461373][ T7239] hsr_slave_0: entered promiscuous mode [ 91.463974][ T7239] hsr_slave_1: entered promiscuous mode [ 91.466323][ T7239] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 91.468718][ T7239] Cannot create hsr debugfs directory [ 91.594172][ T7285] vxcan1 speed is unknown, defaulting to 1000 [ 91.633283][ T7239] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 91.639133][ T7239] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 91.645206][ T7239] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 91.652290][ T7239] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 91.713028][ T7239] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.726721][ T7239] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.733103][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.736270][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.745055][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.747393][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.764004][ T838] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 91.783325][ T838] usb 8-1: device descriptor read/8, error -71 [ 91.873029][ T7239] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.023566][ T838] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 92.027644][ T7239] veth0_vlan: entered promiscuous mode [ 92.032279][ T7239] veth1_vlan: entered promiscuous mode [ 92.052244][ T7239] veth0_macvtap: entered promiscuous mode [ 92.053402][ T838] usb 8-1: device descriptor read/8, error -71 [ 92.058792][ T7239] veth1_macvtap: entered promiscuous mode [ 92.075983][ T7239] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.087042][ T7239] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.091950][ T7239] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.096853][ T7239] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.099930][ T7239] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.104525][ T7239] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.162801][ T838] usb usb8-port1: unable to enumerate USB device [ 92.170813][ T79] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.174364][ T79] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.193298][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.196298][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.500352][ T7329] vxcan1 speed is unknown, defaulting to 1000 [ 92.613351][ T40] kauditd_printk_skb: 18 callbacks suppressed [ 92.613367][ T40] audit: type=1400 audit(1749071620.613:479): avc: denied { block_suspend } for pid=7333 comm="syz.4.460" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 92.889116][ T40] audit: type=1400 audit(1749071620.883:480): avc: denied { nlmsg_write } for pid=7356 comm="syz.4.467" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 92.936531][ T5940] Bluetooth: hci1: command tx timeout [ 93.091921][ T7367] __nla_validate_parse: 2 callbacks suppressed [ 93.091933][ T7367] netlink: 48 bytes leftover after parsing attributes in process `syz.4.468'. [ 93.373254][ T10] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 93.442060][ T40] audit: type=1400 audit(1749071621.433:481): avc: denied { read } for pid=7393 comm="syz.0.477" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 93.528976][ T10] usb 7-1: Using ep0 maxpacket: 32 [ 93.534738][ T10] usb 7-1: config 0 has no interfaces? [ 93.539527][ T10] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 93.543998][ T10] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 93.547475][ T10] usb 7-1: Product: syz [ 93.549454][ T10] usb 7-1: Manufacturer: syz [ 93.551433][ T10] usb 7-1: SerialNumber: syz [ 93.556061][ T10] usb 7-1: config 0 descriptor?? [ 93.639540][ T7404] netlink: 'syz.3.480': attribute type 6 has an invalid length. [ 93.642857][ T7404] netlink: 32 bytes leftover after parsing attributes in process `syz.3.480'. [ 93.727349][ T7411] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 93.736734][ T7411] netlink: 36 bytes leftover after parsing attributes in process `syz.3.482'. [ 93.854867][ T5940] Bluetooth: hci3: ISO packet for unknown connection handle 1558 [ 93.969885][ T7433] FAULT_INJECTION: forcing a failure. [ 93.969885][ T7433] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 93.974190][ T7433] CPU: 3 UID: 0 PID: 7433 Comm: syz.3.491 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) [ 93.974211][ T7433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 93.974220][ T7433] Call Trace: [ 93.974226][ T7433] [ 93.974232][ T7433] dump_stack_lvl+0x16c/0x1f0 [ 93.974284][ T7433] should_fail_ex+0x512/0x640 [ 93.974305][ T7433] _copy_from_iter+0x29f/0x16f0 [ 93.974317][ T7433] ? bpf_ksym_find+0x127/0x1c0 [ 93.974333][ T7433] ? __pfx__copy_from_iter+0x10/0x10 [ 93.974346][ T7433] ? find_held_lock+0x2b/0x80 [ 93.974359][ T7433] ? rawv6_sendmsg+0xb73/0x47a0 [ 93.974373][ T7433] rawv6_sendmsg+0x2334/0x47a0 [ 93.974389][ T7433] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 93.974400][ T7433] ? avc_has_perm_noaudit+0x149/0x3b0 [ 93.974416][ T7433] ? avc_has_perm+0x11a/0x1c0 [ 93.974428][ T7433] ? __pfx_avc_has_perm+0x10/0x10 [ 93.974441][ T7433] ? __lock_acquire+0x622/0x1c90 [ 93.974467][ T7433] ? __fget_files+0x20e/0x3c0 [ 93.974482][ T7433] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 93.974494][ T7433] ? inet_sendmsg+0x119/0x140 [ 93.974513][ T7433] inet_sendmsg+0x119/0x140 [ 93.974528][ T7433] __sys_sendto+0x43c/0x520 [ 93.974546][ T7433] ? __pfx___sys_sendto+0x10/0x10 [ 93.974583][ T7433] ? ksys_write+0x1ac/0x250 [ 93.974599][ T7433] ? __pfx_ksys_write+0x10/0x10 [ 93.974613][ T7433] __x64_sys_sendto+0xe0/0x1c0 [ 93.974627][ T7433] ? do_syscall_64+0x91/0x4c0 [ 93.974636][ T7433] ? lockdep_hardirqs_on+0x7c/0x110 [ 93.974652][ T7433] do_syscall_64+0xcd/0x4c0 [ 93.974662][ T7433] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.974672][ T7433] RIP: 0033:0x7f977f38e929 [ 93.974681][ T7433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 93.974691][ T7433] RSP: 002b:00007f9780200038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 93.974701][ T7433] RAX: ffffffffffffffda RBX: 00007f977f5b5fa0 RCX: 00007f977f38e929 [ 93.974707][ T7433] RDX: 000000000000001f RSI: 0000200000000300 RDI: 0000000000000003 [ 93.974713][ T7433] RBP: 00007f9780200090 R08: 0000000000000000 R09: fffffffffffffdfd [ 93.974719][ T7433] R10: 0000000000003b00 R11: 0000000000000246 R12: 0000000000000001 [ 93.974724][ T7433] R13: 0000000000000000 R14: 00007f977f5b5fa0 R15: 00007ffd692a4838 [ 93.974737][ T7433] [ 94.174598][ T7445] netlink: 48 bytes leftover after parsing attributes in process `syz.3.494'. [ 94.450807][ T40] audit: type=1400 audit(1749071622.443:482): avc: denied { connect } for pid=7456 comm="syz.3.500" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 94.458559][ T40] audit: type=1400 audit(1749071622.443:483): avc: denied { setopt } for pid=7456 comm="syz.3.500" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 94.467026][ T40] audit: type=1400 audit(1749071622.443:484): avc: denied { read } for pid=7456 comm="syz.3.500" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 94.590636][ T7465] binder: Bad value for 'max' [ 94.591195][ T7466] binder: Bad value for 'max' [ 94.627007][ T7470] loop2: detected capacity change from 0 to 7 [ 94.630800][ T7470] Dev loop2: unable to read RDB block 7 [ 94.633208][ T7470] loop2: AHDI p1 p2 p3 [ 94.634650][ T7470] loop2: partition table partially beyond EOD, truncated [ 94.639403][ T7470] loop2: p1 start 1601398130 is beyond EOD, truncated [ 94.642251][ T7470] loop2: p2 start 1702059890 is beyond EOD, truncated [ 94.682262][ T7463] netlink: 'syz.3.502': attribute type 11 has an invalid length. [ 94.684842][ T7463] netlink: 132 bytes leftover after parsing attributes in process `syz.3.502'. [ 94.764069][ T7476] netlink: 8 bytes leftover after parsing attributes in process `syz.0.506'. [ 94.766874][ T7476] netlink: 12 bytes leftover after parsing attributes in process `syz.0.506'. [ 94.780153][ T40] audit: type=1400 audit(1749071622.773:485): avc: denied { write } for pid=7482 comm="syz.4.508" name="renderD128" dev="devtmpfs" ino=634 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 94.811938][ T40] audit: type=1400 audit(1749071622.803:486): avc: denied { watch } for pid=7484 comm="syz.4.509" path="/21/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=126 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 94.824581][ T40] audit: type=1400 audit(1749071622.803:487): avc: denied { watch_sb watch_reads } for pid=7484 comm="syz.4.509" path="/21/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=126 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 94.868481][ T7488] tmpfs: Unknown parameter 'usrquota_nodeúÔ”Pdlimit' [ 95.012594][ T5940] Bluetooth: hci1: command tx timeout [ 95.537027][ T7501] loop2: detected capacity change from 0 to 7 [ 95.540059][ T7501] Dev loop2: unable to read RDB block 7 [ 95.541814][ T7501] loop2: AHDI p1 p2 p3 [ 95.543735][ T7501] loop2: partition table partially beyond EOD, truncated [ 95.546607][ T7501] loop2: p1 start 1601398130 is beyond EOD, truncated [ 95.549374][ T7501] loop2: p2 start 1702059890 is beyond EOD, truncated [ 95.675529][ T40] audit: type=1400 audit(1749071623.673:488): avc: denied { read } for pid=7510 comm="syz.3.519" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 95.787064][ T7518] random: crng reseeded on system resumption [ 95.801216][ T7522] netlink: 'syz.0.522': attribute type 10 has an invalid length. [ 95.816322][ T7522] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 95.892703][ T838] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 95.957276][ T7527] netlink: 8 bytes leftover after parsing attributes in process `syz.3.524'. [ 95.960141][ T7527] netlink: 12 bytes leftover after parsing attributes in process `syz.3.524'. [ 96.042564][ T838] usb 9-1: Using ep0 maxpacket: 8 [ 96.046462][ T838] usb 9-1: config 168 descriptor has 1 excess byte, ignoring [ 96.048898][ T838] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 96.052424][ T838] usb 9-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 96.064264][ T838] usb 9-1: config 168 descriptor has 1 excess byte, ignoring [ 96.066583][ T838] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 96.070060][ T838] usb 9-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 96.078009][ T838] usb 9-1: config 168 descriptor has 1 excess byte, ignoring [ 96.080449][ T838] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 96.084165][ T838] usb 9-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 96.089495][ T5999] usb 7-1: USB disconnect, device number 6 [ 96.090089][ T838] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 96.095233][ T838] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 96.097829][ T838] usb 9-1: Product: syz [ 96.099293][ T838] usb 9-1: Manufacturer: syz [ 96.100790][ T838] usb 9-1: SerialNumber: syz [ 96.127711][ T7539] Bluetooth: MGMT ver 1.23 [ 96.182702][ T7547] netlink: 'syz.2.529': attribute type 11 has an invalid length. [ 96.194408][ T7539] netlink: 8 bytes leftover after parsing attributes in process `syz.3.527'. [ 96.380467][ T7509] netlink: 'syz.4.518': attribute type 1 has an invalid length. [ 96.384661][ T7509] netlink: 'syz.4.518': attribute type 2 has an invalid length. [ 96.436846][ T7560] netlink: 'syz.2.533': attribute type 6 has an invalid length. [ 96.456670][ T838] adutux 9-1:168.0: interrupt endpoints not found [ 96.467448][ T838] usb 9-1: USB disconnect, device number 2 [ 96.537334][ T7567] usb usb3: usbfs: interface 0 claimed by hub while 'syz.2.536' sets config #1 [ 96.578569][ T7571] netlink: 'syz.2.538': attribute type 10 has an invalid length. [ 96.579051][ T7569] overlayfs: conflicting options: verity=require,redirect_dir=nofollow [ 96.592056][ T7571] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 96.670536][ T7577] loop2: detected capacity change from 0 to 7 [ 96.675154][ T6404] Dev loop2: unable to read RDB block 7 [ 96.676997][ T6404] loop2: AHDI p1 p2 p3 [ 96.678336][ T6404] loop2: partition table partially beyond EOD, truncated [ 96.681563][ T6404] loop2: p1 start 1601398130 is beyond EOD, truncated [ 96.684145][ T6404] loop2: p2 start 1702059890 is beyond EOD, truncated [ 96.687133][ T7577] Dev loop2: unable to read RDB block 7 [ 96.688983][ T7577] loop2: AHDI p1 p2 p3 [ 96.690300][ T7577] loop2: partition table partially beyond EOD, truncated [ 96.693051][ T7577] loop2: p1 start 1601398130 is beyond EOD, truncated [ 96.695868][ T7577] loop2: p2 start 1702059890 is beyond EOD, truncated [ 96.757934][ T7583] Process accounting resumed [ 96.824043][ T7589] netlink: 'syz.3.544': attribute type 6 has an invalid length. [ 96.940065][ T7608] netlink: 'syz.3.548': attribute type 10 has an invalid length. [ 96.964107][ T7608] bond0: (slave wlan1): Enslaving as an active interface with a down link [ 96.996815][ T7616] loop2: detected capacity change from 0 to 7 [ 96.999550][ T7615] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 97.001903][ T7615] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 97.001933][ T7616] Dev loop2: unable to read RDB block 7 [ 97.006110][ T7616] loop2: AHDI p1 p2 p3 [ 97.007632][ T7616] loop2: partition table partially beyond EOD, truncated [ 97.008185][ T7615] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 97.010678][ T7616] loop2: p1 start 1601398130 is beyond EOD, truncated [ 97.016639][ T7616] loop2: p2 start 1702059890 is beyond EOD, truncated [ 97.018116][ T7615] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 97.102708][ T5940] Bluetooth: hci1: command tx timeout [ 97.227911][ T7634] set match dimension is over the limit! [ 97.278093][ T7636] sctp: [Deprecated]: syz.0.557 (pid 7636) Use of int in maxseg socket option. [ 97.278093][ T7636] Use struct sctp_assoc_value instead [ 97.282597][ T837] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 97.422634][ T837] usb 8-1: device descriptor read/64, error -71 [ 97.662827][ T837] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 97.692668][ T34] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 97.705219][ T7656] hfsplus: unable to find HFS+ superblock [ 97.718573][ T7657] hfsplus: unable to find HFS+ superblock [ 97.740433][ T40] kauditd_printk_skb: 6 callbacks suppressed [ 97.740444][ T40] audit: type=1400 audit(1749071625.733:495): avc: denied { map } for pid=7655 comm="syz.4.563" path="socket:[21482]" dev="sockfs" ino=21482 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 97.751025][ T40] audit: type=1400 audit(1749071625.743:496): avc: denied { create } for pid=7655 comm="syz.4.563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 97.757034][ T40] audit: type=1400 audit(1749071625.743:497): avc: denied { getopt } for pid=7655 comm="syz.4.563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 97.794650][ T837] usb 8-1: device descriptor read/64, error -71 [ 97.863969][ T34] usb 7-1: too many configurations: 9, using maximum allowed: 8 [ 97.867427][ T34] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 97.870219][ T34] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 97.873654][ T34] usb 7-1: config 0 interface 0 has no altsetting 0 [ 97.876437][ T34] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 97.879202][ T34] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 97.882700][ T34] usb 7-1: config 0 interface 0 has no altsetting 0 [ 97.885483][ T34] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 97.887370][ T7662] netlink: 'syz.0.565': attribute type 6 has an invalid length. [ 97.888234][ T34] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 97.895152][ T34] usb 7-1: config 0 interface 0 has no altsetting 0 [ 97.898831][ T34] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 97.901614][ T34] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 97.905086][ T34] usb 7-1: config 0 interface 0 has no altsetting 0 [ 97.908275][ T34] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 97.911069][ T34] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 97.913369][ T837] usb usb8-port1: attempt power cycle [ 97.914492][ T34] usb 7-1: config 0 interface 0 has no altsetting 0 [ 97.919628][ T34] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 97.922401][ T34] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 97.925702][ T7665] No such timeout policy "syz1" [ 97.925787][ T34] usb 7-1: config 0 interface 0 has no altsetting 0 [ 97.930781][ T34] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 97.933724][ T34] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 97.937034][ T34] usb 7-1: config 0 interface 0 has no altsetting 0 [ 97.940309][ T34] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 97.943151][ T34] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 97.946452][ T34] usb 7-1: config 0 interface 0 has no altsetting 0 [ 97.949995][ T34] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 97.952913][ T34] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 97.955476][ T34] usb 7-1: Product: syz [ 97.956785][ T34] usb 7-1: Manufacturer: syz [ 97.958237][ T34] usb 7-1: SerialNumber: syz [ 97.961072][ T34] usb 7-1: config 0 descriptor?? [ 97.967799][ T34] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0 [ 97.985293][ T40] audit: type=1400 audit(1749071625.973:498): avc: denied { mount } for pid=7669 comm="syz.0.567" name="/" dev="hugetlbfs" ino=23701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 97.987302][ T7670] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 97.994848][ T40] audit: type=1400 audit(1749071625.983:499): avc: denied { bind } for pid=7669 comm="syz.0.567" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 98.040666][ T7670] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 98.092957][ T7672] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 98.131767][ T5940] Bluetooth: hci1: ISO packet for unknown connection handle 1558 [ 98.167400][ T7647] ------------[ cut here ]------------ [ 98.169293][ T7647] UBSAN: array-index-out-of-bounds in ./include/net/ipv6.h:616:34 [ 98.171754][ T7647] index 20 is out of range for type '__u8 [16]' SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 98.174031][ T7647] CPU: 3 UID: 0 PID: 7647 Comm: syz.2.560 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) [ 98.174045][ T7647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 98.174052][ T7647] Call Trace: [ 98.174057][ T7647] [ 98.174063][ T7647] dump_stack_lvl+0x16c/0x1f0 [ 98.174090][ T7647] __ubsan_handle_out_of_bounds+0x11c/0x160 [ 98.174111][ T7647] ipv6_addr_prefix+0xf2/0x110 [ 98.174132][ T7647] ip6_route_info_create+0x4b6/0x870 [ 98.174156][ T7647] ip6_route_add+0x26/0x1d0 [ 98.174177][ T7647] addrconf_prefix_route+0x2fd/0x510 [ 98.174194][ T7647] ? __pfx_addrconf_prefix_route+0x10/0x10 [ 98.174217][ T7647] ? lock_acquire+0x179/0x350 [ 98.174233][ T7647] ? __pfx_addrconf_get_prefix_route+0x10/0x10 [ 98.174249][ T7647] ? find_held_lock+0x2b/0x80 [ 98.174262][ T7647] ? addrconf_prefix_rcv+0xa7e/0x1f70 [ 98.174276][ T7647] addrconf_prefix_rcv+0x1808/0x1f70 [ 98.174293][ T7647] ? __pfx_addrconf_prefix_rcv+0x10/0x10 [ 98.174305][ T7647] ? __ipv6_chk_addr_and_flags+0x2f4/0x750 [ 98.174317][ T7647] ? neigh_remove_one+0x240/0x310 [ 98.174337][ T7647] ? ndisc_router_discovery+0x1c49/0x3550 [ 98.174358][ T7647] ndisc_router_discovery+0x1c49/0x3550 [ 98.174384][ T7647] ? ip6t_do_table+0xbf5/0x1c30 [ 98.174406][ T7647] ? __pfx_ndisc_router_discovery+0x10/0x10 [ 98.174430][ T7647] ? __lock_acquire+0x622/0x1c90 [ 98.174466][ T7647] ? skb_checksum+0x81f/0x980 [ 98.174492][ T7647] ndisc_rcv+0x3fa/0x620 [ 98.174515][ T7647] icmpv6_rcv+0x17c6/0x1c50 [ 98.174540][ T7647] ? __pfx_icmpv6_rcv+0x10/0x10 [ 98.174558][ T7647] ip6_protocol_deliver_rcu+0xf86/0x1520 [ 98.174590][ T7647] ip6_input_finish+0x102/0x180 [ 98.174612][ T7647] ip6_input+0x105/0x2f0 [ 98.174632][ T7647] ip6_mc_input+0x465/0xfd0 [ 98.174655][ T7647] ? __pfx_ip6_mc_input+0x10/0x10 [ 98.174677][ T7647] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 98.174701][ T7647] ? __pfx_ip6_mc_input+0x10/0x10 [ 98.174722][ T7647] ipv6_rcv+0x45d/0x680 [ 98.174735][ T7647] ? __pfx_ipv6_rcv+0x10/0x10 [ 98.174748][ T7647] __netif_receive_skb_one_core+0x12d/0x1e0 [ 98.174763][ T7647] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 98.174778][ T7647] ? lock_acquire+0x179/0x350 [ 98.174795][ T7647] ? __phys_addr+0xe8/0x180 [ 98.174808][ T7647] __netif_receive_skb+0x1d/0x160 [ 98.174823][ T7647] netif_receive_skb+0x137/0x7b0 [ 98.174837][ T7647] ? __pfx_netif_receive_skb+0x10/0x10 [ 98.174855][ T7647] tun_rx_batched.isra.0+0x3ee/0x740 [ 98.174868][ T7647] ? __pfx_tun_rx_batched.isra.0+0x10/0x10 [ 98.174882][ T7647] ? tun_get_user+0x1c0d/0x3b80 [ 98.174893][ T7647] ? rcu_is_watching+0x12/0xc0 [ 98.174908][ T7647] tun_get_user+0x28a2/0x3b80 [ 98.174919][ T7647] ? preempt_schedule_common+0x20/0xc0 [ 98.174940][ T7647] ? __pfx_tun_get_user+0x10/0x10 [ 98.174950][ T7647] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 98.174965][ T7647] ? find_held_lock+0x2b/0x80 [ 98.175002][ T7647] ? tun_get+0x191/0x370 [ 98.175022][ T7647] tun_chr_write_iter+0xdc/0x210 [ 98.175035][ T7647] vfs_write+0x6c4/0x1150 [ 98.175049][ T7647] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 98.175062][ T7647] ? __pfx_vfs_write+0x10/0x10 [ 98.175074][ T7647] ? find_held_lock+0x2b/0x80 [ 98.175094][ T7647] ksys_write+0x12a/0x250 [ 98.175107][ T7647] ? __pfx_ksys_write+0x10/0x10 [ 98.175124][ T7647] do_syscall_64+0xcd/0x4c0 [ 98.175135][ T7647] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.175150][ T7647] RIP: 0033:0x7fee2858d3df [ 98.175163][ T7647] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 98.175179][ T7647] RSP: 002b:00007fee2938e000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 98.175195][ T7647] RAX: ffffffffffffffda RBX: 00007fee287b5fa0 RCX: 00007fee2858d3df [ 98.175206][ T7647] RDX: 00000000000003b6 RSI: 00002000000003c0 RDI: 00000000000000c8 [ 98.175216][ T7647] RBP: 00007fee28610b39 R08: 0000000000000000 R09: 0000000000000000 [ 98.175248][ T7647] R10: 00000000000003b6 R11: 0000000000000293 R12: 0000000000000000 [ 98.175258][ T7647] R13: 0000000000000000 R14: 00007fee287b5fa0 R15: 00007ffeea1b7318 [ 98.175279][ T7647] [ 98.175299][ T7647] ---[ end trace ]--- [ 98.177466][ T40] audit: type=1400 audit(1749071626.173:500): avc: denied { write } for pid=5868 comm="syz-executor" path="pipe:[3871]" dev="pipefs" ino=3871 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 98.179857][ T7647] Kernel panic - not syncing: UBSAN: panic_on_warn set ... [ 98.179868][ T7647] CPU: 3 UID: 0 PID: 7647 Comm: syz.2.560 Not tainted 6.15.0-syzkaller-11802-g1af80d00e1e0 #0 PREEMPT(full) [ 98.179881][ T7647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 98.179888][ T7647] Call Trace: [ 98.179893][ T7647] [ 98.179897][ T7647] dump_stack_lvl+0x3d/0x1f0 [ 98.179919][ T7647] panic+0x71c/0x800 [ 98.179936][ T7647] ? __pfx_panic+0x10/0x10 [ 98.179953][ T7647] ? __pfx__printk+0x10/0x10 [ 98.179966][ T7647] ? check_panic_on_warn+0x1f/0xb0 [ 98.179983][ T7647] check_panic_on_warn+0xab/0xb0 [ 98.180000][ T7647] __ubsan_handle_out_of_bounds+0x143/0x160 [ 98.180016][ T7647] ipv6_addr_prefix+0xf2/0x110 [ 98.180032][ T7647] ip6_route_info_create+0x4b6/0x870 [ 98.180050][ T7647] ip6_route_add+0x26/0x1d0 [ 98.180066][ T7647] addrconf_prefix_route+0x2fd/0x510 [ 98.180083][ T7647] ? __pfx_addrconf_prefix_route+0x10/0x10 [ 98.180114][ T7647] ? lock_acquire+0x179/0x350 [ 98.180135][ T7647] ? __pfx_addrconf_get_prefix_route+0x10/0x10 [ 98.180152][ T7647] ? find_held_lock+0x2b/0x80 [ 98.180165][ T7647] ? addrconf_prefix_rcv+0xa7e/0x1f70 [ 98.180179][ T7647] addrconf_prefix_rcv+0x1808/0x1f70 [ 98.180197][ T7647] ? __pfx_addrconf_prefix_rcv+0x10/0x10 [ 98.180210][ T7647] ? __ipv6_chk_addr_and_flags+0x2f4/0x750 [ 98.180222][ T7647] ? neigh_remove_one+0x240/0x310 [ 98.180237][ T7647] ? ndisc_router_discovery+0x1c49/0x3550 [ 98.180252][ T7647] ndisc_router_discovery+0x1c49/0x3550 [ 98.180271][ T7647] ? ip6t_do_table+0xbf5/0x1c30 [ 98.180285][ T7647] ? __pfx_ndisc_router_discovery+0x10/0x10 [ 98.180300][ T7647] ? __lock_acquire+0x622/0x1c90 [ 98.180323][ T7647] ? skb_checksum+0x81f/0x980 [ 98.180340][ T7647] ndisc_rcv+0x3fa/0x620 [ 98.180356][ T7647] icmpv6_rcv+0x17c6/0x1c50 [ 98.180371][ T7647] ? __pfx_icmpv6_rcv+0x10/0x10 [ 98.180384][ T7647] ip6_protocol_deliver_rcu+0xf86/0x1520 [ 98.180404][ T7647] ip6_input_finish+0x102/0x180 [ 98.180420][ T7647] ip6_input+0x105/0x2f0 [ 98.180434][ T7647] ip6_mc_input+0x465/0xfd0 [ 98.180450][ T7647] ? __pfx_ip6_mc_input+0x10/0x10 [ 98.180466][ T7647] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 98.180483][ T7647] ? __pfx_ip6_mc_input+0x10/0x10 [ 98.180497][ T7647] ipv6_rcv+0x45d/0x680 [ 98.180512][ T7647] ? __pfx_ipv6_rcv+0x10/0x10 [ 98.180525][ T7647] __netif_receive_skb_one_core+0x12d/0x1e0 [ 98.180540][ T7647] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 98.180556][ T7647] ? lock_acquire+0x179/0x350 [ 98.180573][ T7647] ? __phys_addr+0xe8/0x180 [ 98.180586][ T7647] __netif_receive_skb+0x1d/0x160 [ 98.180601][ T7647] netif_receive_skb+0x137/0x7b0 [ 98.180616][ T7647] ? __pfx_netif_receive_skb+0x10/0x10 [ 98.180634][ T7647] tun_rx_batched.isra.0+0x3ee/0x740 [ 98.180647][ T7647] ? __pfx_tun_rx_batched.isra.0+0x10/0x10 [ 98.180661][ T7647] ? tun_get_user+0x1c0d/0x3b80 [ 98.180672][ T7647] ? rcu_is_watching+0x12/0xc0 [ 98.180687][ T7647] tun_get_user+0x28a2/0x3b80 [ 98.180699][ T7647] ? preempt_schedule_common+0x20/0xc0 [ 98.180724][ T7647] ? __pfx_tun_get_user+0x10/0x10 [ 98.180735][ T7647] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 98.180750][ T7647] ? find_held_lock+0x2b/0x80 [ 98.180763][ T7647] ? tun_get+0x191/0x370 [ 98.180776][ T7647] tun_chr_write_iter+0xdc/0x210 [ 98.180789][ T7647] vfs_write+0x6c4/0x1150 [ 98.180804][ T7647] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 98.180817][ T7647] ? __pfx_vfs_write+0x10/0x10 [ 98.180829][ T7647] ? find_held_lock+0x2b/0x80 [ 98.180849][ T7647] ksys_write+0x12a/0x250 [ 98.180862][ T7647] ? __pfx_ksys_write+0x10/0x10 [ 98.180880][ T7647] do_syscall_64+0xcd/0x4c0 [ 98.180891][ T7647] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.180902][ T7647] RIP: 0033:0x7fee2858d3df [ 98.180911][ T7647] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 98.180921][ T7647] RSP: 002b:00007fee2938e000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 98.180932][ T7647] RAX: ffffffffffffffda RBX: 00007fee287b5fa0 RCX: 00007fee2858d3df [ 98.180939][ T7647] RDX: 00000000000003b6 RSI: 00002000000003c0 RDI: 00000000000000c8 [ 98.180946][ T7647] RBP: 00007fee28610b39 R08: 0000000000000000 R09: 0000000000000000 [ 98.180953][ T7647] R10: 00000000000003b6 R11: 0000000000000293 R12: 0000000000000000 [ 98.180959][ T7647] R13: 0000000000000000 R14: 00007fee287b5fa0 R15: 00007ffeea1b7318 [ 98.180971][ T7647] [ 98.183956][ T7647] Kernel Offset: disabled VM DIAGNOSIS: 21:13:46 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000000 RBX=ffffc90003907cc0 RCX=0000000000000000 RDX=1ffff92000720f9b RSI=ffffffffffffffff RDI=0000000000000000 RBP=0000000000000000 RSP=ffffc900039077d8 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000003 R11=0000000000000001 R12=0000000000000001 R13=ffffffffffffffff R14=dffffc0000000000 R15=00000000000000d3 RIP=ffffffff81bc11d0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6765000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f378909bf98 CR3=00000000559f2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000007 Opmask02=0000000002fefefe Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc114ae360 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3788211b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3788211b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3788211b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3788211b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3788211bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3788211c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000002f 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000020878 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000002f 0000000000000000 0000000000000000 0000000000020878 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000001 RBX=00000000ffffffff RCX=ffffffff820fb280 RDX=00000000ffffffff RSI=00000000ffffffff RDI=0000000000000000 RBP=0000000000000001 RSP=ffffc90003f577d8 R8 =0000000000000001 R9 =fffff94000097696 R10=ffffea00004bb4b3 R11=0000000000000001 R12=ffffea00004bb480 R13=ffff888035e6ba40 R14=0000000000000000 R15=00000000000001b7 RIP=ffffffff81bc11aa RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6865000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fa4d0ce7d60 CR3=00000000222b3000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002020004 Opmask01=00000000000000ff Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa4d01846a3 00007fa4d01846a3 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe28791cd0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556b2178a0 000055556b217810 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556b21e977 000055556b21e770 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556b20fd84 000055556b20fd80 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 80040e80030e8004 0fa0030008000f90 030fffffffffffff 040f800300100002 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010810000f800401 0000020806060159 dc0482a808000fe0 030010000fd00300 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 10000fc003021000 0fb0032810000e90 03040484000ca403 0002000ca2030002 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000ca00304dffe08 000c98030008000c 9003048204000c8c 030202000c8a0304 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 02000c8803280800 0c80030c80040e80 030e80040fa00300 08000f90030fffff ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffffc900037277f8 RCX=0000000000000001 RDX=0000000000000000 RSI=0000000000000014 RDI=ffffc90003727718 RBP=ffffc90003727718 RSP=ffffc900037276e0 R8 =0000000000000001 R9 =0000000000000000 R10=ffffc90003727958 R11=0000000000000001 R12=ffffc90003727928 R13=0000000000000000 R14=ffffc90003727928 R15=dffffc0000000000 RIP=ffffffff84daf4e0 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f378909c6c0 ffffffff 00c00000 GS =0000 ffff8880d6965000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000555559780808 CR3=000000005b004000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffec9c82f0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc099e11b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc099e11b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc099e11b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc099e11b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc099e11bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc099e11c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85598b15 RDI=ffffffff9b077320 RBP=ffffffff9b0772e0 RSP=ffffc90003a06ac0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000034 R14=ffffffff9b0772e0 R15=ffffffff85598ab0 RIP=ffffffff85598b3f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fee2938e6c0 ffffffff 00c00000 GS =0000 ffff8880d6a65000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000001300 CR3=000000002ab37000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000020100001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee2938dbf0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee28611b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee28611b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee28611b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee28611b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee28611bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee28611c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a732520656c6261 7462650064656c69 61662029736e7465 6e28736e74657300 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1f56000540494744 514740004140494c 4443050c564b5140 4b0d564b51405600 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 000000000000004c ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000