last executing test programs: 4.381366234s ago: executing program 2 (id=101): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10) sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, 0x0, 0x0) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) getsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, &(0x7f00000007c0)=0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)) openat$hwrng(0xffffffffffffff9c, 0x0, 0x400, 0x0) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff) chroot(0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) getpid() r2 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r4 = fanotify_init(0x200, 0x0) fanotify_mark(r4, 0x1, 0x4800003e, r3, 0x0) sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, 0x0}, 0x0) write$binfmt_elf32(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000000000000380000000000000000191bda0000200001000000000280000000000003"], 0x69) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000340)=@newtaction={0x70, 0x30, 0x1, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_skbedit={0x58, 0x1, 0x0, 0x0, {{0xc}, {0xfffffffffffffdf9, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_MARK={0x8, 0x3}, @TCA_SKBEDIT_PARMS, @TCA_SKBEDIT_PARMS={0x18}]}, {0x4, 0x6, "f3fd8c26799fc331a0b18a90c832da88d3d9b94eeb094b7679baf7f16c6009c5401c"}, {0xc, 0xa}, {0xc, 0x9, {0xf5}}}}]}]}, 0x70}}, 0x0) close(r2) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 3.368348628s ago: executing program 3 (id=105): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r1, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10) sendmsg$sock(r1, &(0x7f00000034c0)={&(0x7f0000005440)=@caif, 0x20000, 0x0}, 0x0) sendfile(r1, r0, 0x0, 0xffefffff) 3.001705737s ago: executing program 2 (id=106): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cpuset\x00') preadv(r0, &(0x7f0000000840)=[{&(0x7f0000001dc0)=""/4088, 0xff8}], 0x1, 0x1f, 0x0) 2.904153872s ago: executing program 1 (id=107): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000004000)=@newtaction={0xe68, 0x30, 0x0, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0x0, 0x0, 0xffffffffffffffff}, 0x4}, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x7cd}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x6}, {0x9, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x6}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x40}, {}, {0x0, 0xb0, 0x0, 0x0, 0x4}, {}, {}, {}, {0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {0x9}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x800000}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0xffffffff}, {}, {0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) socket$netlink(0x10, 0x3, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000c40), 0xffffffffffffffff) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000740)={0x53, 0x0, 0xa, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000000)="28f8a81b133d", 0x0, 0x0, 0x0, 0x0, 0x0}) socket$nl_netfilter(0x10, 0x3, 0xc) openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) sendmsg$SOCK_DIAG_BY_FAMILY(r2, 0x0, 0x0) setsockopt$SO_J1939_SEND_PRIO(0xffffffffffffffff, 0x6b, 0x3, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vxcan1\x00'}) creat(0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="580000000206010100000000000f00000000000005000100070000000900020073797a30000000000c000780080012400000000011000300686173683a6e65742c6e657400000000050005000a00000005000400000000003bcdf3ff95dbf2c6bd2a1f16ef5fff63485fdecf7f4404719b9edcea206d51045a18fbf13ca0735b41d9acdee002b1ad677afa8a9975d5ba7851045daf334217f7be0ccf5964d98635b60af4b94c884cfd1bece1174f820f6dd348046839d3c568485479e213e4ecda5ffcf94b7656cf6c17c0e390023418a1cb9a96922817eab55a7847ad5be8a342820992509eb2e503b42f9133f7731a"], 0x58}}, 0x0) sendmsg$IPSET_CMD_FLUSH(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="440000000406010100000000ffffffffffffff040500010007"], 0x44}}, 0x0) syz_open_dev$admmidi(0x0, 0x20, 0x0) read$midi(0xffffffffffffffff, 0x0, 0x49) ioctl$SNDCTL_SEQ_PANIC(0xffffffffffffffff, 0x5100) fsopen(&(0x7f0000000300)='gadgetfs\x00', 0x1) 2.903601113s ago: executing program 2 (id=108): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = inotify_init1(0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0020}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000001800)={0x0}) prlimit64(0x0, 0xe, 0x0, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5) socketpair$unix(0x1, 0x4000000000002, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r5, &(0x7f00000000c0)) readv(r5, &(0x7f00000017c0), 0x1000007a) write$binfmt_script(r6, &(0x7f0000001880)={'#! ', './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0xff1) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000001080)={r2, 0x0, r1, 0x4, 0x80000}) ioprio_set$pid(0x1, 0x0, 0x0) r8 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r8, 0x0, 0x0) fcntl$getownex(r0, 0x24, &(0x7f0000000140)) syz_open_dev$sndpcmp(&(0x7f0000000040), 0x0, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000000)) r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r10 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x4a, &(0x7f0000001000)=0xfffffff7, 0x4) sendmmsg$inet6(r10, &(0x7f0000000e40)=[{{&(0x7f0000000000)={0xa, 0x4f23, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x28, 0x7ffffff7}}], 0x1, 0x0) dup(r9) mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_subtree(r11, &(0x7f0000003000), 0x201, 0x0) 2.396875469s ago: executing program 3 (id=111): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SAVE(r0, &(0x7f00000000c0)={0x0, 0x9e, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x8, 0x6, 0x3}, 0x14}}, 0x0) 2.231665825s ago: executing program 3 (id=112): r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) ioctl$EVIOCGSW(r0, 0x80404531, &(0x7f0000000140)=""/4084) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f00000000c0)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000040)={@local}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000500), 0x0) r3 = dup(r2) r4 = syz_io_uring_setup(0x73fd, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000001080), &(0x7f0000000000)=0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r6 = socket$kcm(0xa, 0x2, 0x88) sendmsg$inet(r6, &(0x7f0000001600)={&(0x7f0000001340)={0x2, 0x2, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000001580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x2f}, @multicast1}}}], 0x20}, 0x8000) sendmsg$inet(r6, &(0x7f0000000040)={0x0, 0x33, &(0x7f0000000000), 0x5}, 0x0) clock_gettime(0xa, 0x0) syz_io_uring_setup(0xa94, &(0x7f0000000140), &(0x7f0000000040)=0x0, &(0x7f00000005c0)) syz_io_uring_submit(r7, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r4, 0x48e9, 0x0, 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}}) ioctl$IOCTL_VMCI_DATAGRAM_SEND(r1, 0x7ab, &(0x7f0000000000)={&(0x7f0000000540)={{@host=0x10}, {@host=0x10}, 0x400, "d49e0b1f09a3e05cb898141464441748655937bb34d22f02362479246bb6372d891a3b5dafa58a6abc5a678d6874fc8fb5f8a529c6e30103484f2667c174fb6cda19ea0a9301bc3238eb816e9c3882f243bcd4bd7115b26dacf5923f060498d471cb4f789562fcda119739dd1a5b0e4e1a4a64dbd7b398bd4e7a247d81f968f2e945f293fc3860bf11f0424193fce743067d27f0ac187b44b128a4999547f73d8c35d3c2bd8b51bbc9a31123f773be89e109cc71b8ec29a539083c0cba15b0899c7181ba154c28b3c4e2ebe360ac44f942a703b9a3a37fbbefe9ae0de04a32336a6eba07b2fb6ad426d56e17291bb1a9d1fcdaa939378bab6dd2eac37b369ef163c9e0fc8039352c24d8147fcc2e2559b47066abd21a3a5f83f239a2227d17d4ca90f60ed9acc243ed38818e3883a985106b54dc157b67022525a74e8f9cb99852760359278d5d22294a70433ba4cec5147fbb09b1d0008ba76257f1c5af6b8d6bf3bcfd5a468a566a4e98fe5f264f2663b72cb421c90d8b7883ddfb5749b27a3e146f9d8538706fea61b07c6e064446337439b9d5a5dc82f6c63c57d6ba0e709b7c1b15fa8367f8e6df2cf59b0b30740ef47c5cccffce5911569591ce4ab62275964cd147e87a30cc6e71f7e40e161997cdbadcfbfb6c54e0289ac137508b7b5339414e4ab7afcc420148e37d49b664cc07c8178a3b50f566c5bdd3aa9217ef909805972bd63ee1d729b282cd866c183744b20da3227f9d43843236b571c8d3237408c266e08d0699ebd30e0820362664ab323b15d3ae9896d6120aae6ef9085f53a2b39cc31238b031476c86e6b16d7703fcbacc7269ce8622eab1cfdf82a364209ec4ac912db924bb76bc35ddf8d0e7a3aff0d08a48c07be47303b59653d9409f14dc59ac33cae5e010466f54d86772e43e3680863bb9bf10c971f16a731e601d7fcdbb91d7146e7834d89059ad522d70398c2bacf113ed791e32f933dfa23f5d6d11bfc9d9e0f04a34b0eddd99d16cd9712485e0a5c9aaf1ebf3f14d00005f8960b6145cbb7d4522692ebe1f9491f87a29ed67c5fb60f5e69bde2a758742999fc986a2dbf6199977e9b446691bf9f95d0abd84557c77ea13356c977d0f098ab9fec85acbd6447f2e6893e2fa6a0a7b272dab66e69b7def48f8b3583a53a0941fb3e4367fa8d56e05ee3b265f17ca0439fcdcea276f7f0a9bf4c2a324d7143658007cf4019e8da69ba1b7dff4383714cbcb71dfe6f1b1ac5d5e99394cb2c360ddb1889d92cd36f8fc72ac865f1c6445957b2a57c1af59ef8d2e9fe328ec2bde763d65c4dea965042f540515bf2f879d1b26309ebc1d7f76c569fa88fbe61845e96e93d3b6025b6285777e59495943596c128fdacc545263ce458bf99f57d7e5dc77f65cf650902b5b6d5af9359334759843365bf0dfb244817a40e8cc9030"}, 0x418}) 1.892340479s ago: executing program 2 (id=113): r0 = socket$inet_udp(0x2, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000001f00)=""/102386, 0x18ff2}], 0x1, 0xfffffffe, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00'}, 0x10) prctl$PR_GET_TSC(0x43, 0x0) sysfs$1(0x1, &(0x7f0000000040)='cgroup2\x00') r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0) ioctl$IOCTL_CONFIG_SYS_RESOURCE_PARAMETERS(r3, 0x40096100, &(0x7f0000000780)) r4 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) dup3(0xffffffffffffffff, r4, 0x0) r5 = socket(0x15, 0x5, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.events\x00', 0x275a, 0x0) io_setup(0x20000007, &(0x7f0000000180)) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000300), 0x4) madvise(&(0x7f0000335000/0x1000)=nil, 0x1000, 0xd) getsockopt(r5, 0x200000000114, 0x2718, 0x0, &(0x7f0000000000)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_open_procfs(0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000100)=0xd) openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000100000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000040000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e61740000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000edffffff0000000000"]}, 0x3c0) 1.878846578s ago: executing program 1 (id=114): r0 = socket$inet6(0xa, 0x3, 0x3a) r1 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000001400)=@raw={'raw\x00', 0x8, 0x3, 0x440, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x370, 0xffffffff, 0xffffffff, 0x370, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @multicast2}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x2a0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x0, 0x0, 0xe4416cc2897dff3d, 0x0, 0x0, 0x1000, 0x6}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@ipv4={'\x00', '\xff\xff', @dev}, 'bridge_slave_1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x4a0) setsockopt$inet6_int(r0, 0x29, 0x24, &(0x7f0000000000)=0x400, 0x4) socket(0x10, 0x4, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x88, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x80}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x54, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e63}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x9}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0xf}}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x27}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3f}]}, 0x88}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv4_newrule={0x2c, 0x20, 0x1, 0x0, 0x0, {0x2, 0x20, 0x0, 0x0, 0x1}, [@FRA_DST={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x3c}}, @FRA_GENERIC_POLICY=@FRA_SUPPRESS_IFGROUP={0x8, 0xd, 0x18}]}, 0x2c}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0) getgid() mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) readlink(&(0x7f0000000000)='\x00', &(0x7f00000000c0)=""/62, 0x3e) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000040)) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r5, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000008c0)={0x1b4, 0x5e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @u32=0x1}, @nested={0x199, 0xaf, 0x0, 0x1, [@generic="af51afa1d695353e511f5aa365528b0b09c6caa739caa7cd692d9f00174eef71b79f05f6574b9eee106b9207409e1ef25b921b899da204cd4c650469298c8e7865ccdfdd4c2078945705d3fecd85b9f40d9752247847f0cc85fcc8aa795ca22905", @generic="caa38e5d68e4f553977fccc37ebf6e4299476c736a254dca3034492441ed6b95d5ebecd6107c443d34d5029858d6a6d33997ca21d6e4070f23f1a849b434a29921e3d0c408e8ac5334c7ea4ecaf64a758243f6", @generic="ceb1a3a8c2a77c3b1a0b05d264f111535a314b5ea4452b4b265c06c9a19d1aacfddf35ce7f56fbf4d83055e5ae0c55c86a5b8aca2303904789e184821d9504a844bcf506b48eefe31d449539bb47531214f39d1117f0f9cf84a3e77828a82de404715fb59cff4fb01c3506ffbd69e5f4b996aa1f14948009996a533dde1512862bfd44bcf83387918a4c8c6da2470a98be345d672f7f0227e7ab44c59d6f396b69c419c142225305ee892520b0a6463e5beef6047d77f6974bcc7dd0bc7cb243d6552c456808054b601f070be2717f1eb515733a8c1baf1c92c38814287168245f"]}]}, 0x1b4}], 0x1}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='ext4_es_find_extent_range_exit\x00', r6}, 0x10) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0) ftruncate(r8, 0x8979) ftruncate(r7, 0x8979) write$binfmt_elf64(r8, &(0x7f0000000400)=ANY=[], 0x778) add_key$keyring(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffff9) 1.669341354s ago: executing program 0 (id=115): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r0, &(0x7f00000012c0)={0x24, @short={0x2, 0xffff}}, 0x14) 1.657758211s ago: executing program 0 (id=116): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r0, &(0x7f00000012c0)={0x24, @short={0x2, 0xffff}}, 0x14) (fail_nth: 1) 1.657228432s ago: executing program 1 (id=117): r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0), 0x8042, 0x0) r1 = syz_io_uring_setup(0x24f9, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)) io_uring_enter(r1, 0x7b9f, 0x0, 0x0, 0x0, 0x0) write$vga_arbiter(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="6c6fcfec28c49f78"], 0x8) write$vga_arbiter(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='unlock mem'], 0xb) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') close(r1) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r3 = gettid() r4 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r2, 0x84, 0x16, &(0x7f0000000480)={0x3, [0x4, 0xfff, 0x2]}, &(0x7f00000004c0)=0xa) sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0xfffffffffffffce3, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @empty}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000600)={0xc, @win={{0x40, 0x8, 0x2d3, 0x401}, 0x0, 0x8, &(0x7f00000003c0)={{0x9, 0x0, 0x4, 0x2}, &(0x7f0000000380)={{0x4, 0x9, 0x4, 0x318}}}, 0x2, &(0x7f0000000440)="7db650b71fae54a5e521a05670341c219355ee46292168062b20402a417f6e69b01469d4f5cb89a7eb47737457c6b738610e579e67abec", 0x5}}) r5 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r6 = add_key$user(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000540)="0706675823b8a37f19b37e0f9f120663b78a6a322f28cb301825eddc42c667fc68923d7df9f4c1843c5f11b63d2684fff43955079736fa4c80100487c31c09706b6bf145eb1baf416d2681491bd6a3098fe1a6741d65b085b4075db8419d9e6d17b1eec4dfb860a71d61af753459bcc5ea1f20d6c1c74afda3b0c08bf98886eaac01b08aa753b8727f25773c98cd6a78c06b758992b03b81e2e09cf103dc16a5658a3b58626b457ee4773d41b3548f2258a2e11cc22555da4ef9035cbfe8dc1e", 0xc0, r5) r7 = add_key$user(&(0x7f0000000180), &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000140)="04", 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f00000001c0)={r7, r6, r7}, &(0x7f0000000240)=""/249, 0xf9, &(0x7f0000000400)={&(0x7f0000000100)={'sha512-generic\x00'}}) process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000340), 0x40, 0x0) read$FUSE(r8, &(0x7f0000004180)={0x2020}, 0xfffffffffffffe2f) fsetxattr$security_selinux(r8, &(0x7f0000000500), &(0x7f0000000700)='system_u:object_r:hald_sonypic_exec_t:s0\x00', 0x29, 0x2) 1.635971s ago: executing program 2 (id=118): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cpuset\x00') r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3011, 0x17) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r0, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x234, r2, 0x1, 0x8, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x4f9, 0x12}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x1b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x4b}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0xe}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x47}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_IE={0x1c7, 0x2a, [@cf={0x4, 0x6, {0x9, 0x2, 0x7fff, 0x9}}, @random={0x9, 0x23, "b897dcc41acbe2b47799e649c8f57fce785951d6184e7168b17f1dca34b5287093f6b5"}, @supported_rates, @mesh_chsw={0x76, 0x6, {0x5, 0x6, 0x1c, 0xe44}}, @perr={0x84, 0x10d, {0x5, 0xf, [{{0x0, 0x1}, @broadcast, 0x9, @value=@device_b, 0x30}, {{0x0, 0x1}, @device_a, 0x3, @value=@broadcast, 0x1c}, {{0x0, 0x1}, @device_a, 0x7, @value=@device_b, 0x18}, {{0x0, 0x1}, @broadcast, 0xe07, @value=@device_b, 0x14}, {{0x0, 0x1}, @broadcast, 0x8, @value=@device_b, 0x24}, {{0x0, 0x1}, @device_b, 0x10, @value=@device_b, 0x25}, {{}, @broadcast, 0xa, @void, 0x40}, {{0x0, 0x1}, @device_b, 0x3, @value=@broadcast, 0x26}, {{}, @device_b, 0xe85, @void, 0x32}, {{0x0, 0x1}, @device_a, 0xd75b, @value=@device_b, 0x35}, {{0x0, 0x1}, @device_b, 0x81, @value=@broadcast, 0x6}, {{0x0, 0x1}, @device_a, 0x1713f7a7, @value=@device_b, 0x18}, {{0x0, 0x1}, @device_b, 0x3, @value}, {{}, @broadcast, 0xc24, @void, 0x39}, {{0x0, 0x1}, @device_b, 0x1, @value, 0x8}]}}, @ibss={0x6, 0x2, 0x1}, @erp={0x2a, 0x1, {0x0, 0x0, 0x1}}, @ext_channel_switch={0x3c, 0x4, {0x1, 0x3, 0xb3, 0x1}}, @random_vendor={0xdd, 0x6e, "d079d874e669716d4a6979dc27f3edd663a42c560b96eca40160746504fb3c43488db55f14e5dba37131568296f28e2e87b41fb2dea98da54aca2074dfd62af1cc3364e51c0fecd52650b926c937532ae65eac6ce2107ba2147c0f86af5c6479611df5807663839843daa22e0606"}]}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x47}]}, 0x234}, 0x1, 0x0, 0x0, 0x10040840}, 0x0) r3 = userfaultfd(0x801) ioctl$UFFDIO_API(r3, 0xc018aa3f, 0x0) ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc020aa00, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$UFFDIO_CONTINUE(0xffffffffffffffff, 0xc018aa06, 0x0) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0) bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x800) r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r4) sendmsg$NLBL_MGMT_C_ADD(r4, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)={0x48, r5, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @loopback}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private}, @NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}, @NLBL_MGMT_A_DOMAIN={0x7, 0x1, ':-\x00'}]}, 0x48}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='cdg\x00', 0x4) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000080)='htcp\x00', 0x5) preadv(r0, &(0x7f0000000840)=[{&(0x7f0000001dc0)=""/4088, 0xff8}], 0x1, 0x0, 0x0) 1.579971247s ago: executing program 2 (id=119): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r1, &(0x7f0000000540)='b', 0x1) syz_open_dev$char_usb(0xc, 0xb4, 0x0) (fail_nth: 4) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_disconnect(r0) socket$igmp(0x2, 0x3, 0x2) socket$inet(0x2, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet6_sctp(0xa, 0x0, 0x84) 1.54091158s ago: executing program 1 (id=120): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = inotify_init1(0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0020}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000001800)={0x0}) prlimit64(0x0, 0xe, 0x0, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5) socketpair$unix(0x1, 0x4000000000002, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r5, &(0x7f00000000c0)) readv(r5, &(0x7f00000017c0), 0x1000007a) write$binfmt_script(r6, &(0x7f0000001880)={'#! ', './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0xff1) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000001080)={r2, 0x0, r1, 0x4, 0x80000}) ioprio_set$pid(0x1, 0x0, 0x0) r8 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r8, 0x0, 0x0) fcntl$getownex(r0, 0x24, &(0x7f0000000140)) syz_open_dev$sndpcmp(&(0x7f0000000040), 0x0, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000000)) r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r10 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x4a, &(0x7f0000001000)=0xfffffff7, 0x4) sendmmsg$inet6(r10, &(0x7f0000000e40)=[{{&(0x7f0000000000)={0xa, 0x4f23, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x28, 0x7ffffff7}}], 0x1, 0x0) dup(r9) mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_subtree(r11, &(0x7f0000003000), 0x201, 0x0) 1.488227236s ago: executing program 0 (id=121): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = inotify_init1(0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0020}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000001800)={0x0}) prlimit64(0x0, 0xe, 0x0, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5) socketpair$unix(0x1, 0x4000000000002, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r5, &(0x7f00000000c0)) readv(r5, &(0x7f00000017c0), 0x1000007a) write$binfmt_script(r6, &(0x7f0000001880)={'#! ', './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0xff1) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000001080)={r2, 0x0, r1, 0x4, 0x80000}) ioprio_set$pid(0x1, 0x0, 0x0) r8 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r8, 0x0, 0x0) fcntl$getownex(r0, 0x24, &(0x7f0000000140)) syz_open_dev$sndpcmp(&(0x7f0000000040), 0x0, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000000)) r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r10 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x4a, &(0x7f0000001000)=0xfffffff7, 0x4) sendmmsg$inet6(r10, &(0x7f0000000e40)=[{{&(0x7f0000000000)={0xa, 0x4f23, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x28, 0x7ffffff7}}], 0x1, 0x0) dup(r9) mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_subtree(r11, &(0x7f0000003000), 0x201, 0x0) 1.372340784s ago: executing program 3 (id=122): syz_usb_connect$printer(0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000600)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_CAP_X2APIC_API(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, 0x1}) r4 = dup(r3) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000040)) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000640)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x14, 0x5, 0x0, 0x1, [@IFLA_BRPORT_PRIORITY={0x6}, @IFLA_BRPORT_VLAN_TUNNEL={0x5, 0x1d, 0x1}]}}}]}, 0x4c}}, 0x0) 731.364426ms ago: executing program 3 (id=123): syz_emit_ethernet(0x8a, &(0x7f00000000c0)={@local, @local, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x7c, 0x65, 0x0, 0x0, 0x84, 0x0, @empty, @broadcast}, "16b753ad17c34995f9bbb90cb93eb380a71af00bbad10cc1d117afc72c588522a9447071d230e1bcdf59b591f8d325055f8b0d18b3680cc680d53183496384105b154b9e0a530cd135fee45d8c94592e5a86766ebed9bd1d901d56aaa18ec985be378835507f7800"}}}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000000)={'ip6gre0\x00', 0x0, 0x4, 0x9, 0xc9, 0x2e0bc508, 0x58, @ipv4={'\x00', '\xff\xff', @local}, @private0, 0x8000, 0x8, 0x6b0, 0x31}}) 731.030138ms ago: executing program 3 (id=124): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1, 0x0, {0x0, 0xff}}, 0x18) connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1}, 0x18) sendmsg$can_j1939(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)="4480502ac1216c3f00", 0x9}}, 0x0) setsockopt$sock_int(r0, 0x1, 0x4b, &(0x7f0000000240)=0x7ff, 0x4) recvmsg$can_j1939(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) 607.741794ms ago: executing program 1 (id=125): syz_usb_connect$printer(0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000600)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x300, &(0x7f0000000340)={&(0x7f0000000640)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x14, 0x5, 0x0, 0x1, [@IFLA_BRPORT_PRIORITY={0x6}, @IFLA_BRPORT_VLAN_TUNNEL={0x5, 0x1d, 0x1}]}}}]}, 0x4c}}, 0x0) 603.609998ms ago: executing program 0 (id=126): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async) r0 = getpid() r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000400)=0x1, 0x4) (async) getsockopt$WPAN_SECURITY(r1, 0x0, 0x1, 0x0, &(0x7f00000005c0)) (async) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) (async) r2 = io_uring_setup(0x26ce, &(0x7f0000000100)) (async) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) futex(&(0x7f00000001c0)=0x2, 0x0, 0x2, &(0x7f0000000380)={0x0, r3+60000000}, 0x0, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) (async) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) (async) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) socket(0x840000000002, 0x3, 0x100) (async) socket$inet_smc(0x2b, 0x1, 0x0) (async) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)) r6 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$sock_int(r6, 0x1, 0x1, &(0x7f0000000000)=0x446, 0x4) r7 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_CREATE(r7, &(0x7f0000000240)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000040)=""/2, 0x2}}, 0x120) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0) (async) write$UHID_DESTROY(r7, &(0x7f0000000200), 0x4) 272.247881ms ago: executing program 0 (id=127): r0 = socket$inet_udp(0x2, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000001f00)=""/102386, 0x18ff2}], 0x1, 0xfffffffe, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00'}, 0x10) prctl$PR_GET_TSC(0x43, 0x0) sysfs$1(0x1, &(0x7f0000000040)='cgroup2\x00') r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0) ioctl$IOCTL_CONFIG_SYS_RESOURCE_PARAMETERS(r3, 0x40096100, &(0x7f0000000780)) r4 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) dup3(0xffffffffffffffff, r4, 0x0) r5 = socket(0x15, 0x5, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.events\x00', 0x275a, 0x0) io_setup(0x20000007, &(0x7f0000000180)) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000300), 0x4) madvise(&(0x7f0000335000/0x1000)=nil, 0x1000, 0xd) getsockopt(r5, 0x200000000114, 0x2718, 0x0, &(0x7f0000000000)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_open_procfs(0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000100)=0xd) openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000100000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000040000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e61740000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000edffffff0000000000"]}, 0x3c0) 115.778934ms ago: executing program 0 (id=128): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) socket$nl_route(0x10, 0x3, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)) r0 = socket$nl_rdma(0x10, 0x3, 0x14) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000000)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x7d) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) r6 = socket$kcm(0xa, 0x6, 0x0) setsockopt$sock_attach_bpf(r6, 0x10d, 0x2, &(0x7f00000009c0), 0x4) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@bloom_filter={0x1e, 0x6, 0x666, 0x7, 0x800, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x4}, 0x48) r8 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000200)={'veth0_to_team\x00', 0x0}) sendmmsg$inet(r8, &(0x7f0000003700)=[{{&(0x7f0000000680)={0x2, 0x4e21, @private}, 0x10, 0x0, 0x0, &(0x7f0000000dc0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}}}], 0x20}}], 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000300)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0xc, &(0x7f0000000300)=@raw=[@jmp={0x5, 0x0, 0x0, 0x3, 0xa, 0xfffffffffffffff4, 0x8}, @tail_call, @tail_call={{0x18, 0x2, 0x1, 0x0, r7}}, @alu={0x7, 0x0, 0x7, 0x6, 0x0, 0x100, 0x8}], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r9, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000400)={0x1, 0x7, 0x6, 0x9}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x90) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route_sched(r4, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240), 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001280)=@newtfilter={0xec8, 0x2c, 0xd27, 0x0, 0x0, {0x60, 0x0, 0x0, r10, {0x0, 0x5}, {}, {0xe}}, [@filter_kind_options=@f_basic={{0xa}, {0xe98, 0x2, [@TCA_BASIC_EMATCHES={0xe94, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0xe88, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0xe84, 0x1, 0x0, 0x0, {{0x9, 0x0, 0x3f}, "327091ea23c237bcf7e3ece4691b03c42a47790908e71633e10823d312bb1eccc2edc74c8e8c6a02fcb83f7594f384f44c581a8003fd4db77d58f2525820ff436d133e9f05248e3405e99f669fe18f33cd15d989004bf028daad763688731ec207fbc9937912d5f19011e115bddc2f9bf9ca6bf7bc73cd8443d6cbd8eadf8fadaade2cb47f5b8e94d01c9cf0cd996243045467a6a4de53a104bb7a8539e759ae2ecfcc9bc87ba67b33428d7a4c3aed60b8520b93cc32d67c8a97050667c12f4b1687080c5a29f6d50f20c2f7322f91cf47ffcb73f736b7533dea7bb1bdf74a63a6330c3c83412e7a5ef76424de82fa1dc6174351631f1ac5df2d0d7e4ba2a2e11b97309ae625d876e795409883083af417cedc0a0996e5c76261a2b67da45aa34b072c30c177f1d2d281e3d7fcf2dd940a71d5710a146617e3c190ae79fd0016ba2c21247402cfeac0215b7935d7afd0e69af9afbd2826ee246cecbe9c8daa2bf56b16328284a8286eeb40b6b92c4306db9f1ecf816337d497ebb020f59945f1b37dd5705c7ecee374881b9ca9f1cc914e3d5fa78dd25269104f428ea409078475eaf9364229eaf9bd90245073c46d048ef90c00359b4c77df8d05bac82c03cc6f188b42551c6b9af40d54f553ff0d44883cf3c0038011019d406d41133405ca561eeb764e8806f338aae00d37bbef1fdaf221bd03a959ce955e325bfda6d6622d40bac0ea1385f18bd8a0a86aa425b415145b42beb225c152654af6b91d734bb46a3991d118b1dde1f2932b8202317a52bd1b81ca0eaaa57ea0e9936d4281e8eb79e2c9cb764faa7f10488c0b6f571742a0caf6c24f4d7d6ff86eee835823e24077841c72f4e41ed1115155d99f52d5736e741f1998b8893091be5371d8f905f4a2ebad5cec65348cd6614513798e9149cdfdd86daa364c3c66da73bca83439a58cdc65cb1b065752b0b6e16f333dd59a4e73fa823351c4a633c7adc3928774ff588c86130b8cdd89c0a3c297f8c8fd97da0f48b522a0ae71c0e63ed4e2adb822b4f1721c9115e11e3a303ada75780a1ebec59055a2290aafb33019f591691deea68ee939aa248d1122d97f95ea068eb439d386f3c08f108891de076999ef3c3b1d20b56bb58734e2155c7d264aecba4b80dd31c8886befc85da45022cd65d7ad5efa9fc2f889089ce2c5c815676048ff2fcb45e9e63c2ed78d8f942ead5173ae723bb01c9ac63513b091f1f6be4d3bb01d818eb357bb467f74c8cefa34429edc9f9f35960b6b8a0b1469bb454e6c0376c914f6c1c30449f51d85da43139048be6bf272da3d94f76e98e00f4b6c791bd39e3c998df20a2bc43f6e526f1a5f3241b081f67e2a5bc0b0e7ea80da069862141e280ee94adf24c839e1985cddea7b7a6c4b6cc7840614368d5c8f30a074fcf5825c7e446ffb253161c9d544e2faedf418f507b93f9ce69ad303a4de6295f817faa7c3858522041a16dda1ab99b775a6407b29a25e5b841ddc86310777dd78792ede24367cb6257550566fb22b1443d836f62cb9ce7ca49aa86bdb0c12ec40cace1cfe481cc71e66cf3ec26eebca8e89b9efb5596fd7c7077735f9385361668709b4f963415c189a5da64a0e6a0901a5eaaf53a665359d39129f4ad12caf945cf720694440b1ea2bf5a7d6fec736587d5993e06c106d845a3ea9904a9a2bd2e98862b4c128ba04efdc8663686f4fba9258bbae8d7210db3d159548f1c2f0d2a1b5cf9b8f36b48c526f3a5b58d30c8c05ffcb85fa4f7f6cfb2a7ff412ea6f34497744b816fed0437b1101193865da1988d2e7289a4bc64dd6e743390981b7943c6812783a0b04421a6280c73765d79550a381bacf1263abc5bed9759a74964e4fb689314c430ccd44031b5b14b42fff2d6aa1fab64b5dd55fa58b30e52b3633029ec74ccfe2d92b57cbc2606c752fdae758b855a86ca9d8413f4ed3ac747a7fc75d40e276e97f5f59e67f9f9327909c84a8bf20afeb763f2df7dbcc95fb245481831b77db1154fdfadd63c11737035cf35796e362cd484eccf0bdbd3e5f103687489f7cc6a93f4411e9d2d73d9c0dd94524397e4f875dcdb480ce7d21b5aa00d714e66e0649b9904f05e4907c3461cc7140eb65a7fbc1c0a1bb2a80aac5d7835619f58c48fe9874898005c207a2332d9f3bea1ff6abf53edb5b204c85b280aeb8c56c751aa4768b8d4439b35468b4f945be5f91a396ccb42904e25aced0c8ebb379b16a05ae362ce5a656355284ef11ba9a2250b55358435aa0934bfb89b0258289e8e569b1718f36287bcf12e0182b4cf7a6818b6bc973ff5a70a0c2026e46d58e1c3edbca71c3ef1ee1f96c63ea21bf4387e340d26d9c3cdf188716709f09cb63ccf59c6510eb8f83678df8aa3ffd8b78afd44657b5efa666b96fd40477ce2b0f55dfff29ecaf1d0ab22ca908ee99f076fef9eb9d7047bc46e30a2b9f0395e3f91e9cc0ab9ff82b5bcbdde72bb750ea87678dd33be6f2a3ee50b5bc2cc9bdc492aa30a658e5ecb548912947e11d54dde9f9629db582f3b33311505c33751cb601f0ab47b0b0e51b62bf88bbd56c13067374fae72b7fb3a1228d2b75443a55af1459eec858231e2364603b2eda5ccdea7ffeacb9841b3156649a6820c2b83988ff53394e8696d3545bb9ccb1d6a339f76ab1823030ff477679618451ca7455945f70e18d90aee3d58022a7069998bfea5649eb503e763682c9947b6d03b239d74874d3264d9fb1a0573a2d3c4670cd746c5d8240fa3b70911ab44db82fdd419b53c47eb71f830dba68c726e503de5f27e465fe4ba9022dee6bde5ea12387b6f6305974e26bfdc92d3ce57631bc3c883da21acd8836ebcdef072860d90c8039d306fe439e2839e1d007b067edbf88bd145b760cfeefa7b2dc7206cf895717a49d7c66bf0bdcfa94dd850a4fec6a0cba40ef803f33a47e6565eadfe13e66d54427ede27a43a1bcceb986b20a60d711ac969a7a00e98918c4d94ee40a01055db3e7e00c47ab52f9a5b25b26a20b53ef5774721f49e544c5712f74a83f7f31845bff63dfcc26a7bc8c8cb02cb6ec05c3b913f3f013775944d8e8b8dbf077ce854c389cc14f9a876a5bdcd8fee7ff5d146cd4fa9929267e91fa5234a336b6ed6bf2565c52c733b18971980ce9c72dd15a2a3942d550e9819383682a088a28534ab4ee432340c9bd6df14ccf654bc28b4447f97e139a474f0739a946c3fce7d1c607eb0997b63298227a505795200a180a0cb182db459b5417df478976846c648eb4cd6a3a7636ea9ec4bc8e9fafd877f1081b9b76525d7c23b6dac08f36eef0fff0b45e8c40ebd39caac030c8c70df5b6bfcb8f7ab6b629935fbd093c6e362994d53f41cb2059cf75cd0d6b782ceb1e5a3a9de043a9fc2e46acd8c3ac83d5806fa559651e66fa9529e0d4effd6314eb448bcf735dc7f8a55a5eae19dba2fa275a72ce6de1b86b9a77683c48f409cad49c70cb37497bd3b5b9c1bf77411ea9b7969d6c2834e8b0bd52e5560c01540d5927635d08df82f833f900ebfa913b91a127ee89a92362e0976568038ad10e24c112350b372f747f3ff3efbae14ad34e74c51c906e513ae7e601a891e473ff43589e3a74498bd8b16e08b39504a44e4fe859a660760193641e62d1480faf5c884ac3b5993268861f38188c309bed40d35f2de838741058bd5a4651f3c037c1f22a793c92ce2c1477d6a08cb1e891a1d48d2e89c6c9d319def00b64666e70292ebfe7a930b64dc91000815240133a018303c3f7b703a04e86f7c22331e31299ede23ab095daa4510b79fa8fcbb4d03bc9ea2f6c78b2eea168b47413e461233b790bd4f10d486ecb42835f50b72053f50f28878350d77ef4cdcd5b6b1de5194d72990f0b108b72192c752e825afe4c808691b526c73cd50529b5bf85b018b07e40555b3be17abd9abb256f4d21de7b49dda90d4bd1cc86c9fbe99ad0c7b9c84a3163e19a17299878b979e154dd351b29ecaf4bf597c611bf8a3bdfa1c07fccd11faa1293e835c7ea14f7a1cafb5199d8b0d3ffb1f9bc7331438c2a655c96e6b0cc18a727664c0e57a8c594f097b6bd1e93b93264462a845fac9951f1e347099bb9de9ae00ba10f6e6ef5cf52edddf2dd8dbc73b4146b2c84b4aec53de0dfc31279740bde922d56fdcba9ae9de3c11a0189ecd2ee0f211b9024a824babf937bdd317fa9fafcf368a5cafc13321d20cf59650ee11432d969c79ab7506cbb304c3e146962256494807b221479332ec969efcde23e69702ff26dae565603715862606bca1d859a2504cdab84136e9e8cbaaba69bc82aa8c3332835328eac9616e8451d7a19d8821a475a7fb4ab594709d87102c7014ec24b1248350c5f3760de8a28831313a8fe77490af3833bcb9b51ba5e7347999c3c0b97a8827960a554cd60bd99c2090ae92830f270377be546a76a352591343795b787f63eaa6e26d40ab6017631f3a6aed10336cdb54ce6f6879558831384fa570c34738dd0c718629d3a7b2751720de67cf14cbdcd3bf6d9ce209672a65d4453a386135811fba15e1b830d2b032965bc3b359267c534d5a350344f6b60096fc4cf0c4695d5607aa08e49fd184cb811ca80a379c81b09917ff632d042d7601a2904e30672e537ab17416256d10892d3441580fde6a8e521b742942b4b9b37953788c66c812098f7cfc1c834b67b8cd673168e75ac948346cde90bf76ea5fd6aaf000f1527da1fc83f61564a0a12d311d935643fbd648eba35ac5e10ba393adae4d37c72bfb208ece34cd0fab3cf827a17f9a653cdf2c68283cf163d67a60ddbd670f12cdc0b07439f0ef29b99062c4c612d30406f1ffe4b5bf034a2b0c2278b6dbf918d71ad560d65c259b40396a66c301ef7486a2f9ac369fb75ea4f27036bc959ae34d9e733988dbf7fedae19cdc39161fa2ed9ec0192571b3916c65d676f90419ae22bb8b6181caceced2e06411411d33d7b3c65284d58936bd7ba8c00cc7df70458288e59ea704209ab454eb6f3477f02aeb020831b6d3142ec43a4f7a2f55fa5a5a50b63a5b5331fc6abf4963489a02d91689552b5179f1b2d43978fbeafdcde282cfc003f761a272060d1cb61fe307b3229a10e4e91a850242c497b4340cba2139513670012970dcadbd7bed4ffe8a028f6d321a6789ef776957cf92b3e4a22db855c9e5c986b1534b7807f90f61eca71e087654f4d7780f4639a54ee977475654cce575e"}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x9}}]}]}}]}, 0xec8}}, 0x0) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x1405, 0x1, 0x0, 0x0, "", [{{0x8}, {0x8}}]}, 0x20}}, 0x0) mkdir(&(0x7f0000000200)='./bus\x00', 0x0) accept$unix(0xffffffffffffffff, &(0x7f0000000100), &(0x7f0000000180)=0x6e) r11 = fanotify_init(0x0, 0x0) writev(r11, &(0x7f0000001100)=[{&(0x7f0000000000)='j', 0x1}], 0x1) 0s ago: executing program 1 (id=129): r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0), 0x8042, 0x0) r1 = syz_io_uring_setup(0x24f9, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)) io_uring_enter(r1, 0x7b9f, 0x0, 0x0, 0x0, 0x0) write$vga_arbiter(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="6c6fcfec28c49f78"], 0x8) write$vga_arbiter(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='unlock mem'], 0xb) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') close(r1) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r3 = gettid() r4 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r2, 0x84, 0x16, &(0x7f0000000480)={0x3, [0x4, 0xfff, 0x2]}, &(0x7f00000004c0)=0xa) sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0xfffffffffffffce3, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @empty}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000600)={0xc, @win={{0x40, 0x8, 0x2d3, 0x401}, 0x0, 0x8, &(0x7f00000003c0)={{0x9, 0x0, 0x4, 0x2}, &(0x7f0000000380)={{0x4, 0x9, 0x4, 0x318}}}, 0x2, &(0x7f0000000440)="7db650b71fae54a5e521a05670341c219355ee46292168062b20402a417f6e69b01469d4f5cb89a7eb47737457c6b738610e579e67abec", 0x5}}) r5 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r6 = add_key$user(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000540)="0706675823b8a37f19b37e0f9f120663b78a6a322f28cb301825eddc42c667fc68923d7df9f4c1843c5f11b63d2684fff43955079736fa4c80100487c31c09706b6bf145eb1baf416d2681491bd6a3098fe1a6741d65b085b4075db8419d9e6d17b1eec4dfb860a71d61af753459bcc5ea1f20d6c1c74afda3b0c08bf98886eaac01b08aa753b8727f25773c98cd6a78c06b758992b03b81e2e09cf103dc16a5658a3b58626b457ee4773d41b3548f2258a2e11cc22555da4ef9035cbfe8dc1e", 0xc0, r5) r7 = add_key$user(&(0x7f0000000180), &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000140)="04", 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f00000001c0)={r7, r6, r7}, &(0x7f0000000240)=""/249, 0xf9, &(0x7f0000000400)={&(0x7f0000000100)={'sha512-generic\x00'}}) process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000340), 0x40, 0x0) read$FUSE(r8, &(0x7f0000004180)={0x2020}, 0xfffffffffffffe2f) fsetxattr$security_selinux(r8, &(0x7f0000000500), &(0x7f0000000700)='system_u:object_r:hald_sonypic_exec_t:s0\x00', 0x29, 0x2) kernel console output (not intermixed with test programs): [ 45.030239][ T39] audit: type=1400 audit(1719986528.521:82): avc: denied { siginh } for pid=5120 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 45.334545][ T39] audit: type=1400 audit(1719986528.851:83): avc: denied { write } for pid=5123 comm="sftp-server" path="pipe:[1743]" dev="pipefs" ino=1743 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 45.567820][ T39] audit: type=1400 audit(1719986529.081:84): avc: denied { read } for pid=4675 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 45.584175][ T39] audit: type=1400 audit(1719986529.101:85): avc: denied { append } for pid=4675 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 45.594020][ T39] audit: type=1400 audit(1719986529.101:86): avc: denied { open } for pid=4675 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 45.604153][ T39] audit: type=1400 audit(1719986529.101:87): avc: denied { getattr } for pid=4675 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Warning: Permanently added '[localhost]:27124' (ED25519) to the list of known hosts. [ 46.959305][ T5160] cgroup: Unknown subsys name 'net' [ 47.157480][ T5160] cgroup: Unknown subsys name 'rlimit' [ 47.371836][ T5171] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 48.470184][ T5160] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 49.196712][ T5210] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 49.197963][ T5208] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 49.198331][ T5209] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 49.199376][ T5209] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 49.199506][ T5211] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 49.199863][ T5209] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 49.201222][ T5211] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 49.201718][ T5211] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 49.201750][ T5210] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 49.202446][ T5211] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 49.202990][ T5211] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 49.203880][ T5208] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 49.204289][ T5208] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 49.205219][ T5208] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 49.205930][ T5208] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 49.206847][ T5209] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 49.207368][ T5209] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 49.207606][ T5209] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 49.211301][ T5209] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 49.212180][ T5208] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 49.215510][ T5209] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 49.217255][ T5211] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 49.217487][ T5211] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 49.228814][ T5209] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 49.498257][ T5199] chnl_net:caif_netlink_parms(): no params data found [ 49.724531][ T5199] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.728168][ T5199] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.731595][ T5199] bridge_slave_0: entered allmulticast mode [ 49.735754][ T5199] bridge_slave_0: entered promiscuous mode [ 49.746096][ T5199] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.749319][ T5199] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.752471][ T5199] bridge_slave_1: entered allmulticast mode [ 49.756352][ T5199] bridge_slave_1: entered promiscuous mode [ 49.790030][ T5202] chnl_net:caif_netlink_parms(): no params data found [ 49.815119][ T5198] chnl_net:caif_netlink_parms(): no params data found [ 49.845014][ T5199] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 49.904081][ T5199] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.008728][ T5199] team0: Port device team_slave_0 added [ 50.059851][ T5199] team0: Port device team_slave_1 added [ 50.090699][ T5202] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.093836][ T5202] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.096925][ T5202] bridge_slave_0: entered allmulticast mode [ 50.101087][ T5202] bridge_slave_0: entered promiscuous mode [ 50.110801][ T5197] chnl_net:caif_netlink_parms(): no params data found [ 50.134934][ T5202] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.140505][ T5202] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.143686][ T5202] bridge_slave_1: entered allmulticast mode [ 50.147685][ T5202] bridge_slave_1: entered promiscuous mode [ 50.298710][ T5199] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 50.301771][ T5199] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.313161][ T5199] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 50.320503][ T5199] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 50.323569][ T5199] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.334740][ T5199] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 50.343049][ T5202] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.349133][ T5202] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.428477][ T5198] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.431293][ T5198] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.433967][ T5198] bridge_slave_0: entered allmulticast mode [ 50.437865][ T5198] bridge_slave_0: entered promiscuous mode [ 50.442071][ T5198] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.444737][ T5198] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.447752][ T5198] bridge_slave_1: entered allmulticast mode [ 50.451822][ T5198] bridge_slave_1: entered promiscuous mode [ 50.490004][ T5202] team0: Port device team_slave_0 added [ 50.569785][ T5197] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.572865][ T5197] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.575702][ T5197] bridge_slave_0: entered allmulticast mode [ 50.579922][ T5197] bridge_slave_0: entered promiscuous mode [ 50.586625][ T5202] team0: Port device team_slave_1 added [ 50.644404][ T5198] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.671070][ T5197] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.673711][ T5197] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.676791][ T5197] bridge_slave_1: entered allmulticast mode [ 50.680903][ T5197] bridge_slave_1: entered promiscuous mode [ 50.705196][ T5198] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.796930][ T5202] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 50.800724][ T5202] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.811931][ T5202] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 50.852613][ T5199] hsr_slave_0: entered promiscuous mode [ 50.856191][ T5199] hsr_slave_1: entered promiscuous mode [ 50.884782][ T5202] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 50.887566][ T5202] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.896370][ T5202] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 50.904849][ T5198] team0: Port device team_slave_0 added [ 50.910673][ T5198] team0: Port device team_slave_1 added [ 50.916316][ T5197] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.922987][ T5197] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.047190][ T5197] team0: Port device team_slave_0 added [ 51.071168][ T5198] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 51.074316][ T5198] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.084941][ T5198] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 51.120389][ T5197] team0: Port device team_slave_1 added [ 51.150419][ T5198] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 51.153155][ T5198] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.164554][ T5198] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 51.288833][ T5209] Bluetooth: hci1: command tx timeout [ 51.288867][ T5203] Bluetooth: hci0: command tx timeout [ 51.295432][ T5202] hsr_slave_0: entered promiscuous mode [ 51.298092][ T5203] Bluetooth: hci3: command tx timeout [ 51.298537][ T5209] Bluetooth: hci2: command tx timeout [ 51.303061][ T5202] hsr_slave_1: entered promiscuous mode [ 51.306128][ T5202] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 51.309653][ T5202] Cannot create hsr debugfs directory [ 51.314126][ T5197] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 51.316961][ T5197] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.327447][ T5197] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 51.333380][ T5197] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 51.336729][ T5197] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.347862][ T5197] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 51.503093][ T5198] hsr_slave_0: entered promiscuous mode [ 51.506445][ T5198] hsr_slave_1: entered promiscuous mode [ 51.510011][ T5198] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 51.513414][ T5198] Cannot create hsr debugfs directory [ 51.685568][ T5197] hsr_slave_0: entered promiscuous mode [ 51.689242][ T5197] hsr_slave_1: entered promiscuous mode [ 51.692382][ T5197] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 51.695707][ T5197] Cannot create hsr debugfs directory [ 52.030733][ T5199] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 52.048007][ T5199] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 52.055635][ T5199] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 52.079124][ T5199] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 52.123744][ T5202] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 52.131032][ T5202] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 52.142645][ T5202] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 52.150201][ T5202] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 52.193106][ T5197] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 52.199259][ T5197] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 52.213375][ T5197] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 52.221670][ T5197] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 52.281778][ T5198] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 52.306018][ T5198] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 52.322221][ T5198] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 52.328557][ T5198] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 52.375293][ T5199] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.412931][ T5202] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.430157][ T5199] 8021q: adding VLAN 0 to HW filter on device team0 [ 52.450192][ T5202] 8021q: adding VLAN 0 to HW filter on device team0 [ 52.457076][ T55] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.459825][ T55] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.475931][ T5235] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.479080][ T5235] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.501604][ T5235] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.504273][ T5235] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.509470][ T5235] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.512076][ T5235] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.637430][ T5197] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.657200][ T5198] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.690403][ T5197] 8021q: adding VLAN 0 to HW filter on device team0 [ 52.697442][ T5198] 8021q: adding VLAN 0 to HW filter on device team0 [ 52.699972][ T39] kauditd_printk_skb: 28 callbacks suppressed [ 52.699981][ T39] audit: type=1400 audit(1719986536.221:116): avc: denied { sys_module } for pid=5202 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 52.708192][ T5243] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.713624][ T5243] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.720644][ T5243] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.723066][ T5243] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.737296][ T5245] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.740830][ T5245] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.753560][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.756750][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.843977][ T5202] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.851596][ T5199] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.931407][ T5202] veth0_vlan: entered promiscuous mode [ 52.943938][ T5199] veth0_vlan: entered promiscuous mode [ 52.952068][ T5202] veth1_vlan: entered promiscuous mode [ 52.956804][ T5199] veth1_vlan: entered promiscuous mode [ 53.017447][ T5199] veth0_macvtap: entered promiscuous mode [ 53.025766][ T5199] veth1_macvtap: entered promiscuous mode [ 53.029931][ T5202] veth0_macvtap: entered promiscuous mode [ 53.037546][ T5198] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.044902][ T5197] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.051682][ T5202] veth1_macvtap: entered promiscuous mode [ 53.076761][ T5199] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 53.082780][ T5202] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 53.087547][ T5202] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.094181][ T5202] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 53.139416][ T5199] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 53.146108][ T5202] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 53.151484][ T5202] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.157256][ T5202] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 53.176116][ T5199] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.181239][ T5199] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.184694][ T5199] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.188634][ T5199] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.197325][ T5198] veth0_vlan: entered promiscuous mode [ 53.212012][ T5202] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.215846][ T5202] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.219733][ T5202] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.223405][ T5202] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.233543][ T5198] veth1_vlan: entered promiscuous mode [ 53.315792][ T5197] veth0_vlan: entered promiscuous mode [ 53.345378][ T5197] veth1_vlan: entered promiscuous mode [ 53.378404][ T5209] Bluetooth: hci2: command tx timeout [ 53.378451][ T5203] Bluetooth: hci1: command tx timeout [ 53.378811][ T5207] Bluetooth: hci3: command tx timeout [ 53.378861][ T5207] Bluetooth: hci0: command tx timeout [ 53.382161][ T5198] veth0_macvtap: entered promiscuous mode [ 53.407515][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.413456][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.435119][ T5198] veth1_macvtap: entered promiscuous mode [ 53.445842][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.453178][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.483123][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.486403][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.496537][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.500185][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.502016][ T39] audit: type=1400 audit(1719986537.021:117): avc: denied { mount } for pid=5199 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 53.510378][ T5197] veth0_macvtap: entered promiscuous mode [ 53.513352][ T39] audit: type=1400 audit(1719986537.021:118): avc: denied { mounton } for pid=5199 comm="syz-executor" path="/syzkaller.YQMzTE/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 53.522530][ T5197] veth1_macvtap: entered promiscuous mode [ 53.526605][ T39] audit: type=1400 audit(1719986537.021:119): avc: denied { mount } for pid=5199 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 53.530859][ T5198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 53.542231][ T39] audit: type=1400 audit(1719986537.031:120): avc: denied { unmount } for pid=5199 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 53.543032][ T5198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.551185][ T39] audit: type=1400 audit(1719986537.051:121): avc: denied { mounton } for pid=5199 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=2385 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 53.551233][ T39] audit: type=1400 audit(1719986537.051:122): avc: denied { mount } for pid=5199 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 53.555503][ T5198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 53.579100][ T5198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.584977][ T5198] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 53.591195][ T5198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 53.595533][ T5198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.599779][ T5198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 53.603800][ T5198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.610084][ T5198] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 53.626636][ T5198] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.630244][ T5198] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.633155][ T5198] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.636415][ T5198] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.655614][ T5197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 53.660219][ T5197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.664912][ T39] audit: type=1400 audit(1719986537.181:123): avc: denied { read write } for pid=5199 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 53.666118][ T5197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 53.681920][ T5197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.686629][ T5197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 53.689288][ T39] audit: type=1400 audit(1719986537.181:124): avc: denied { open } for pid=5199 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 53.691251][ T5197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.709694][ T5197] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 53.710631][ T39] audit: type=1400 audit(1719986537.181:125): avc: denied { ioctl } for pid=5199 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 53.732499][ T5197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 53.736926][ T5197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.742849][ T5197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 53.747428][ T5197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.751748][ T5197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 53.755890][ T5197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.761276][ T5197] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 53.761558][ T5268] FAULT_INJECTION: forcing a failure. [ 53.761558][ T5268] name failslab, interval 1, probability 0, space 0, times 1 [ 53.769712][ T5268] CPU: 0 PID: 5268 Comm: syz.3.5 Not tainted 6.10.0-rc6-syzkaller-00055-g734610514cb0 #0 [ 53.770975][ T5197] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.773138][ T5268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 53.776455][ T5197] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.780695][ T5268] Call Trace: [ 53.780707][ T5268] [ 53.780715][ T5268] dump_stack_lvl+0x16c/0x1f0 [ 53.780788][ T5268] should_fail_ex+0x497/0x5b0 [ 53.780816][ T5268] should_failslab+0x9/0x20 [ 53.780843][ T5268] kmalloc_node_track_caller_noprof+0xcf/0x430 [ 53.780863][ T5268] ? nf_ct_ext_add+0x1a7/0x420 [ 53.780891][ T5268] krealloc_noprof+0x5d/0x100 [ 53.780910][ T5268] nf_ct_ext_add+0x1a7/0x420 [ 53.780937][ T5268] init_conntrack.constprop.0+0x5af/0x1080 [ 53.780965][ T5268] ? __pfx_init_conntrack.constprop.0+0x10/0x10 [ 53.780993][ T5268] ? __pfx_hash_conntrack_raw+0x10/0x10 [ 53.781017][ T5268] ? ip6t_do_table+0xd20/0x1d40 [ 53.781036][ T5268] ? __local_bh_enable_ip+0xa4/0x120 [ 53.781057][ T5268] ? ip6t_do_table+0xd50/0x1d40 [ 53.781076][ T5268] nf_conntrack_in+0xa50/0x1860 [ 53.781106][ T5268] ? __pfx_nf_conntrack_in+0x10/0x10 [ 53.781132][ T5268] ? lock_acquire+0x1b1/0x560 [ 53.786380][ T5197] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.787072][ T5268] ? ip6t_do_table+0x6/0x1d40 [ 53.789148][ T5197] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.791047][ T5268] ? __pfx_ipv6_conntrack_in+0x10/0x10 [ 53.833316][ T5268] nf_hook_slow+0xbb/0x200 [ 53.834951][ T5268] nf_hook.constprop.0+0x42e/0x750 [ 53.837121][ T5268] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 53.839447][ T5268] ? __pfx_nf_hook.constprop.0+0x10/0x10 [ 53.842138][ T5268] ? sock_wfree+0x113/0x850 [ 53.844095][ T5268] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 53.846401][ T5268] ? __pfx_ipv6_rcv+0x10/0x10 [ 53.848434][ T5268] ipv6_rcv+0xa4/0x680 [ 53.850224][ T5268] ? __pfx_ipv6_rcv+0x10/0x10 [ 53.852240][ T5268] __netif_receive_skb_one_core+0x12e/0x1e0 [ 53.854743][ T5268] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 53.857403][ T5268] ? timekeeping_debug_get_ns+0x334/0x5b0 [ 53.859928][ T5268] __netif_receive_skb+0x1d/0x160 [ 53.862143][ T5268] netif_receive_skb+0x13f/0x7b0 [ 53.864448][ T5268] ? __pfx_netif_receive_skb+0x10/0x10 [ 53.866963][ T5268] ? __pfx___lock_acquire+0x10/0x10 [ 53.869155][ T5268] ? __tun_build_skb+0x1e5/0x340 [ 53.871022][ T5268] tun_rx_batched+0x429/0x780 [ 53.872627][ T5268] ? __pfx_tun_rx_batched+0x10/0x10 [ 53.874370][ T5268] ? __lock_acquire+0xc5d/0x3b30 [ 53.876226][ T5268] ? tun_get_user+0x1d7d/0x3c30 [ 53.877884][ T5268] tun_get_user+0x2a58/0x3c30 [ 53.879898][ T5268] ? __pfx_tun_get_user+0x10/0x10 [ 53.882223][ T5268] ? find_held_lock+0x2d/0x110 [ 53.884368][ T5268] ? __pfx_lock_release+0x10/0x10 [ 53.886654][ T5268] tun_chr_write_iter+0xe8/0x210 [ 53.888869][ T5268] vfs_write+0x6b6/0x1140 [ 53.890838][ T5268] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 53.893327][ T5268] ? __pfx_vfs_write+0x10/0x10 [ 53.895604][ T5268] ? __fget_files+0x256/0x400 [ 53.897911][ T5268] ? __fget_light+0x173/0x210 [ 53.900003][ T5268] ksys_write+0x12f/0x260 [ 53.901878][ T5268] ? __pfx_ksys_write+0x10/0x10 [ 53.903987][ T5268] do_syscall_64+0xcd/0x250 [ 53.906004][ T5268] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 53.908748][ T5268] RIP: 0033:0x7f3a8017471f [ 53.910758][ T5268] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48 [ 53.919529][ T5268] RSP: 002b:00007f3a80e9a010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 53.923141][ T5268] RAX: ffffffffffffffda RBX: 00007f3a80303f60 RCX: 00007f3a8017471f [ 53.926604][ T5268] RDX: 0000000000000076 RSI: 00000000200004c0 RDI: 00000000000000c8 [ 53.930067][ T5268] RBP: 00007f3a80e9a0a0 R08: 0000000000000000 R09: 0000000000000000 [ 53.933558][ T5268] R10: 0000000000000076 R11: 0000000000000293 R12: 0000000000000001 [ 53.937039][ T5268] R13: 000000000000000b R14: 00007f3a80303f60 R15: 00007ffcad2a9fc8 [ 53.940565][ T5268] [ 54.014047][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.017296][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.062990][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.064269][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.066646][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.069835][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.100824][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.103662][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.174152][ T5278] FAULT_INJECTION: forcing a failure. [ 54.174152][ T5278] name failslab, interval 1, probability 0, space 0, times 0 [ 54.180037][ T5278] CPU: 0 PID: 5278 Comm: syz.1.2 Not tainted 6.10.0-rc6-syzkaller-00055-g734610514cb0 #0 [ 54.180591][ T5279] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 54.183725][ T5278] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 54.193241][ T5278] Call Trace: [ 54.194661][ T5278] [ 54.195696][ T5278] dump_stack_lvl+0x16c/0x1f0 [ 54.197312][ T5278] should_fail_ex+0x497/0x5b0 [ 54.199016][ T5279] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 54.199271][ T5278] should_failslab+0x9/0x20 [ 54.202223][ T5279] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 54.204053][ T5278] kmalloc_node_track_caller_noprof+0xcf/0x430 [ 54.209189][ T5279] vhci_hcd vhci_hcd.0: Device attached [ 54.209966][ T5278] ? sidtab_sid2str_get+0x17a/0x680 [ 54.209998][ T5278] kmemdup_noprof+0x29/0x60 [ 54.210022][ T5278] sidtab_sid2str_get+0x17a/0x680 [ 54.219210][ T5278] sidtab_entry_to_string+0x33/0x110 [ 54.221557][ T5278] security_sid_to_context_core+0x35c/0x640 [ 54.224177][ T5278] avc_audit_post_callback+0x10b/0x8c0 [ 54.226593][ T5278] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 54.229316][ T5278] ? audit_log_format+0xe9/0x130 [ 54.231526][ T5278] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 54.234133][ T5278] ? skb_put+0x138/0x1b0 [ 54.235689][ T5278] ? audit_log_n_string+0x251/0x540 [ 54.237932][ T5278] ? audit_log_n_untrustedstring+0xf2/0x100 [ 54.240436][ T5278] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 54.242594][ T5278] common_lsm_audit+0x260/0x2220 [ 54.244283][ T5278] ? __pfx_common_lsm_audit+0x10/0x10 [ 54.246298][ T5278] ? __pfx_lock_release+0x10/0x10 [ 54.248354][ T5278] ? __pfx_avc_node_free+0x10/0x10 [ 54.250601][ T5278] ? rcu_is_watching+0x12/0xc0 [ 54.252725][ T5278] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 54.255309][ T5278] ? lockdep_hardirqs_on+0x7c/0x110 [ 54.257636][ T5278] ? slow_avc_audit+0x17d/0x210 [ 54.259606][ T5278] slow_avc_audit+0x17d/0x210 [ 54.261778][ T5278] ? __pfx_slow_avc_audit+0x10/0x10 [ 54.263775][ T5278] ? avc_denied+0x138/0x180 [ 54.265424][ T5278] ? avc_has_perm_noaudit+0x2f8/0x3a0 [ 54.267264][ T5278] avc_has_perm+0x18d/0x1c0 [ 54.268815][ T5278] ? __pfx_avc_has_perm+0x10/0x10 [ 54.270649][ T5278] ? __pfx___lock_acquire+0x10/0x10 [ 54.272850][ T5278] ? __pfx_mark_lock+0x10/0x10 [ 54.275033][ T5278] sock_has_perm+0x253/0x2f0 [ 54.277011][ T5278] ? __pfx_sock_has_perm+0x10/0x10 [ 54.279370][ T5278] ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10 [ 54.282173][ T5278] ? __might_fault+0x13b/0x190 [ 54.284229][ T5278] ? __import_iovec+0x1fd/0x6e0 [ 54.286340][ T5278] security_socket_sendmsg+0x75/0xc0 [ 54.288690][ T5278] ____sys_sendmsg+0x7f2/0xc90 [ 54.290831][ T5278] ? copy_msghdr_from_user+0x10b/0x160 [ 54.293284][ T5278] ? __pfx_____sys_sendmsg+0x10/0x10 [ 54.295638][ T5278] ? find_held_lock+0x2d/0x110 [ 54.297810][ T5278] ? __pfx___lock_acquire+0x10/0x10 [ 54.300136][ T5278] ___sys_sendmsg+0x135/0x1e0 [ 54.302208][ T5278] ? __pfx____sys_sendmsg+0x10/0x10 [ 54.304551][ T5278] ? ksys_write+0x21c/0x260 [ 54.306488][ T5278] ? __fget_light+0x173/0x210 [ 54.308487][ T5278] __sys_sendmsg+0x117/0x1f0 [ 54.310272][ T5278] ? __pfx___sys_sendmsg+0x10/0x10 [ 54.312570][ T5278] do_syscall_64+0xcd/0x250 [ 54.314581][ T5278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.317220][ T5278] RIP: 0033:0x7f77d6775b99 [ 54.319198][ T5278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 54.327180][ T5278] RSP: 002b:00007f77d75f2048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 54.330873][ T5278] RAX: ffffffffffffffda RBX: 00007f77d6903f60 RCX: 00007f77d6775b99 [ 54.334123][ T5278] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 54.337614][ T5278] RBP: 00007f77d75f20a0 R08: 0000000000000000 R09: 0000000000000000 [ 54.340977][ T5278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 54.344444][ T5278] R13: 000000000000000b R14: 00007f77d6903f60 R15: 00007ffe0c2b4a28 [ 54.347911][ T5278] [ 54.438841][ T5284] nfs: Unknown parameter 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 54.498358][ T5245] usb 19-1: new high-speed USB device number 2 using vhci_hcd [ 54.703136][ T5304] FAULT_INJECTION: forcing a failure. [ 54.703136][ T5304] name failslab, interval 1, probability 0, space 0, times 0 [ 54.708941][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.709254][ T5304] CPU: 3 PID: 5304 Comm: syz.2.16 Not tainted 6.10.0-rc6-syzkaller-00055-g734610514cb0 #0 [ 54.715909][ T5304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 54.720314][ T5304] Call Trace: [ 54.721581][ T5304] [ 54.722654][ T5304] dump_stack_lvl+0x16c/0x1f0 [ 54.724668][ T5304] should_fail_ex+0x497/0x5b0 [ 54.726587][ T5304] should_failslab+0x9/0x20 [ 54.728553][ T5304] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 54.730840][ T5304] ? skb_clone+0x190/0x3f0 [ 54.732793][ T5304] skb_clone+0x190/0x3f0 [ 54.734613][ T5304] nfnetlink_rcv_batch+0x1d9/0x24d0 [ 54.736766][ T5304] ? __pfx___lock_acquire+0x10/0x10 [ 54.738920][ T5304] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 54.741071][ T5304] ? find_held_lock+0x2d/0x110 [ 54.742988][ T5304] ? avc_has_perm_noaudit+0x119/0x3a0 [ 54.745140][ T5304] ? avc_has_perm_noaudit+0x143/0x3a0 [ 54.747376][ T5304] ? __asan_memset+0x23/0x50 [ 54.749175][ T5304] ? __nla_validate_parse+0x601/0x2880 [ 54.751515][ T5304] ? __pfx___nla_validate_parse+0x10/0x10 [ 54.753869][ T5304] ? cap_capable+0x1cf/0x240 [ 54.755554][ T5304] ? __nla_parse+0x40/0x60 [ 54.757486][ T5304] nfnetlink_rcv+0x3c3/0x430 [ 54.759306][ T5304] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 54.761306][ T5304] netlink_unicast+0x542/0x820 [ 54.763098][ T5304] ? __pfx_netlink_unicast+0x10/0x10 [ 54.764962][ T5304] netlink_sendmsg+0x8b8/0xd70 [ 54.766554][ T5304] ? __pfx_netlink_sendmsg+0x10/0x10 [ 54.768505][ T5304] ? __import_iovec+0x1fd/0x6e0 [ 54.770580][ T5304] ____sys_sendmsg+0xab5/0xc90 [ 54.772696][ T5304] ? copy_msghdr_from_user+0x10b/0x160 [ 54.773551][ T5302] tipc: Failed to obtain node identity [ 54.775080][ T5304] ? __pfx_____sys_sendmsg+0x10/0x10 [ 54.775102][ T5304] ? find_held_lock+0x2d/0x110 [ 54.775124][ T5304] ? __pfx___lock_acquire+0x10/0x10 [ 54.777682][ T5302] tipc: Enabling of bearer rejected, failed to enable media [ 54.779975][ T5304] ___sys_sendmsg+0x135/0x1e0 [ 54.780004][ T5304] ? __pfx____sys_sendmsg+0x10/0x10 [ 54.780028][ T5304] ? ksys_write+0x21c/0x260 [ 54.780055][ T5304] ? __fget_light+0x173/0x210 [ 54.780078][ T5304] __sys_sendmsg+0x117/0x1f0 [ 54.780102][ T5304] ? __pfx___sys_sendmsg+0x10/0x10 [ 54.780127][ T5304] do_syscall_64+0xcd/0x250 [ 54.780153][ T5304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.804698][ T5304] RIP: 0033:0x7f83bbd75b99 [ 54.806696][ T5304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 54.814974][ T5304] RSP: 002b:00007f83bcc2e048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 54.818494][ T5304] RAX: ffffffffffffffda RBX: 00007f83bbf03f60 RCX: 00007f83bbd75b99 [ 54.821948][ T5304] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 54.825399][ T5304] RBP: 00007f83bcc2e0a0 R08: 0000000000000000 R09: 0000000000000000 [ 54.828865][ T5304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 54.832301][ T5304] R13: 000000000000000b R14: 00007f83bbf03f60 R15: 00007ffeff9cd0f8 [ 54.835777][ T5304] [ 54.857968][ T5280] vhci_hcd: connection reset by peer [ 54.862693][ T11] vhci_hcd: stop threads [ 54.864624][ T11] vhci_hcd: release socket [ 54.870555][ T11] vhci_hcd: disconnect device [ 54.879581][ T5305] binder: 5299:5305 ioctl 4b47 20000380 returned -22 [ 54.905471][ T5307] FAULT_INJECTION: forcing a failure. [ 54.905471][ T5307] name failslab, interval 1, probability 0, space 0, times 0 [ 54.912078][ T5307] CPU: 2 PID: 5307 Comm: syz.0.17 Not tainted 6.10.0-rc6-syzkaller-00055-g734610514cb0 #0 [ 54.916310][ T5307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 54.920916][ T5307] Call Trace: [ 54.922226][ T5307] [ 54.923231][ T5307] dump_stack_lvl+0x16c/0x1f0 [ 54.924871][ T5307] should_fail_ex+0x497/0x5b0 [ 54.926854][ T5307] should_failslab+0x9/0x20 [ 54.928474][ T5307] kmalloc_trace_noprof+0x6b/0x300 [ 54.930237][ T5307] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 54.933014][ T5307] ? genl_start+0x1e7/0x950 [ 54.935049][ T5307] genl_start+0x1e7/0x950 [ 54.936934][ T5307] __netlink_dump_start+0x614/0x9b0 [ 54.939146][ T5307] genl_family_rcv_msg_dumpit+0x1e1/0x2e0 [ 54.941571][ T5307] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 54.943932][ T5307] ? __pfx_genl_get_cmd+0x10/0x10 [ 54.945571][ T5307] ? __pfx_genl_start+0x10/0x10 [ 54.947497][ T5307] ? __pfx_genl_dumpit+0x10/0x10 [ 54.949593][ T5307] ? __pfx_genl_done+0x10/0x10 [ 54.951700][ T5307] ? __radix_tree_lookup+0x21f/0x2c0 [ 54.954024][ T5307] genl_rcv_msg+0x470/0x800 [ 54.955808][ T5307] ? __pfx_genl_rcv_msg+0x10/0x10 [ 54.957885][ T5307] ? __pfx___lock_acquire+0x10/0x10 [ 54.960135][ T5307] ? __pfx_tipc_nl_node_dump_monitor+0x10/0x10 [ 54.962621][ T5307] netlink_rcv_skb+0x16b/0x440 [ 54.964745][ T5307] ? __pfx_genl_rcv_msg+0x10/0x10 [ 54.966906][ T5307] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 54.969211][ T5307] ? down_read+0xc9/0x330 [ 54.971109][ T5307] ? __pfx_down_read+0x10/0x10 [ 54.973091][ T5307] ? netlink_deliver_tap+0x1ae/0xd90 [ 54.975219][ T5307] genl_rcv+0x28/0x40 [ 54.977030][ T5307] netlink_unicast+0x542/0x820 [ 54.979056][ T5307] ? __pfx_netlink_unicast+0x10/0x10 [ 54.981212][ T5307] netlink_sendmsg+0x8b8/0xd70 [ 54.983274][ T5307] ? __pfx_netlink_sendmsg+0x10/0x10 [ 54.985222][ T5307] ? __import_iovec+0x1fd/0x6e0 [ 54.987343][ T5307] ____sys_sendmsg+0xab5/0xc90 [ 54.989483][ T5307] ? copy_msghdr_from_user+0x10b/0x160 [ 54.991902][ T5307] ? __pfx_____sys_sendmsg+0x10/0x10 [ 54.994068][ T5307] ? find_held_lock+0x2d/0x110 [ 54.995958][ T5307] ? __pfx___lock_acquire+0x10/0x10 [ 54.997960][ T5307] ___sys_sendmsg+0x135/0x1e0 [ 54.999801][ T5307] ? __pfx____sys_sendmsg+0x10/0x10 [ 55.001811][ T5307] ? ksys_write+0x21c/0x260 [ 55.003683][ T5307] ? __fget_light+0x173/0x210 [ 55.005767][ T5307] __sys_sendmsg+0x117/0x1f0 [ 55.007894][ T5307] ? __pfx___sys_sendmsg+0x10/0x10 [ 55.010110][ T5307] do_syscall_64+0xcd/0x250 [ 55.012229][ T5307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 55.014797][ T5307] RIP: 0033:0x7f15e0f75b99 [ 55.016894][ T5307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 55.025261][ T5307] RSP: 002b:00007f15e1e03048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 55.029070][ T5307] RAX: ffffffffffffffda RBX: 00007f15e1103f60 RCX: 00007f15e0f75b99 [ 55.032444][ T5307] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000008 [ 55.035546][ T5307] RBP: 00007f15e1e030a0 R08: 0000000000000000 R09: 0000000000000000 [ 55.039055][ T5307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 55.042491][ T5307] R13: 000000000000000b R14: 00007f15e1103f60 R15: 00007ffcd86767c8 [ 55.045989][ T5307] [ 55.103862][ T5311] fuse: Bad value for 'fd' [ 55.263700][ T5320] FAULT_INJECTION: forcing a failure. [ 55.263700][ T5320] name failslab, interval 1, probability 0, space 0, times 0 [ 55.270311][ T5320] CPU: 0 PID: 5320 Comm: syz.2.20 Not tainted 6.10.0-rc6-syzkaller-00055-g734610514cb0 #0 [ 55.274669][ T5320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 55.279125][ T5320] Call Trace: [ 55.280381][ T5320] [ 55.281550][ T5320] dump_stack_lvl+0x16c/0x1f0 [ 55.283411][ T5320] should_fail_ex+0x497/0x5b0 [ 55.285197][ T5320] should_failslab+0x9/0x20 [ 55.286786][ T5320] __kmalloc_noprof+0xcf/0x410 [ 55.288635][ T5320] ? d_absolute_path+0x137/0x1b0 [ 55.290667][ T5320] tomoyo_encode2+0x100/0x3e0 [ 55.292687][ T5320] tomoyo_encode+0x29/0x50 [ 55.294616][ T5320] tomoyo_realpath_from_path+0x19d/0x720 [ 55.297163][ T5320] tomoyo_path_number_perm+0x245/0x590 [ 55.299420][ T5320] ? tomoyo_path_number_perm+0x232/0x590 [ 55.301496][ T5320] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 55.303531][ T5320] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 55.305974][ T5320] ? __fget_files+0x256/0x400 [ 55.308101][ T5320] security_file_ioctl+0x75/0xc0 [ 55.310187][ T5320] __x64_sys_ioctl+0xbb/0x220 [ 55.312308][ T5320] do_syscall_64+0xcd/0x250 [ 55.314356][ T5320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 55.316899][ T5320] RIP: 0033:0x7f83bbd75b99 [ 55.318565][ T5320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 55.326023][ T5320] RSP: 002b:00007f83bcc0d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 55.328830][ T5320] RAX: ffffffffffffffda RBX: 00007f83bbf04038 RCX: 00007f83bbd75b99 [ 55.332228][ T5320] RDX: 0000000020000380 RSI: 00000000c0306201 RDI: 0000000000000004 [ 55.335526][ T5320] RBP: 00007f83bcc0d0a0 R08: 0000000000000000 R09: 0000000000000000 [ 55.338915][ T5320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 55.342366][ T5320] R13: 000000000000006e R14: 00007f83bbf04038 R15: 00007ffeff9cd0f8 [ 55.345747][ T5320] [ 55.347588][ T5320] ERROR: Out of memory at tomoyo_realpath_from_path. [ 55.418293][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 55.421873][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 55.425205][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 55.448132][ T5203] Bluetooth: hci1: command tx timeout [ 55.448211][ T5209] Bluetooth: hci0: command tx timeout [ 55.449306][ T5211] Bluetooth: hci3: command tx timeout [ 55.449345][ T5211] Bluetooth: hci2: command tx timeout [ 55.808403][ T5340] netlink: 4 bytes leftover after parsing attributes in process `syz.0.26'. [ 55.818090][ T5340] vxlan0: entered allmulticast mode [ 55.829710][ T5209] Bluetooth: hci2: unexpected event 0x04 length: 14 > 10 [ 56.171911][ T8] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 56.362281][ T8] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11 [ 56.367285][ T8] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 56.372384][ T8] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 56.378477][ T8] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 56.388430][ T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.407660][ T8] usb 7-1: config 0 descriptor?? [ 56.414823][ T5345] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 56.479070][ T5365] SELinux: Context #! ./file0 is not valid (left unmapped). [ 56.496029][ T5365] netlink: 40 bytes leftover after parsing attributes in process `syz.3.35'. [ 56.526944][ T5367] FAULT_INJECTION: forcing a failure. [ 56.526944][ T5367] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 56.546134][ T5367] CPU: 3 PID: 5367 Comm: syz.1.36 Not tainted 6.10.0-rc6-syzkaller-00055-g734610514cb0 #0 [ 56.550683][ T5367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 56.555399][ T5367] Call Trace: [ 56.556925][ T5367] [ 56.558249][ T5367] dump_stack_lvl+0x16c/0x1f0 [ 56.560398][ T5367] should_fail_ex+0x497/0x5b0 [ 56.562328][ T5367] _copy_from_iter+0x2a1/0x1140 [ 56.564426][ T5367] ? __alloc_skb+0x1fe/0x380 [ 56.566311][ T5367] ? __pfx__copy_from_iter+0x10/0x10 [ 56.568477][ T5367] ? __virt_addr_valid+0x5e/0x580 [ 56.570390][ T5367] ? __phys_addr_symbol+0x30/0x80 [ 56.572539][ T5367] ? __check_object_size+0x48e/0x720 [ 56.574583][ T5367] netlink_sendmsg+0x813/0xd70 [ 56.576531][ T5367] ? __pfx_netlink_sendmsg+0x10/0x10 [ 56.578668][ T5367] ? __import_iovec+0x1fd/0x6e0 [ 56.580594][ T5367] ____sys_sendmsg+0xab5/0xc90 [ 56.582469][ T5367] ? copy_msghdr_from_user+0x10b/0x160 [ 56.584599][ T5367] ? __pfx_____sys_sendmsg+0x10/0x10 [ 56.586742][ T5367] ? find_held_lock+0x2d/0x110 [ 56.588721][ T5367] ? __pfx___lock_acquire+0x10/0x10 [ 56.590774][ T5367] ___sys_sendmsg+0x135/0x1e0 [ 56.592642][ T5367] ? __pfx____sys_sendmsg+0x10/0x10 [ 56.594678][ T5367] ? ksys_write+0x21c/0x260 [ 56.596437][ T5367] ? __fget_light+0x173/0x210 [ 56.598130][ T5367] __sys_sendmsg+0x117/0x1f0 [ 56.599737][ T5367] ? __pfx___sys_sendmsg+0x10/0x10 [ 56.601489][ T5367] do_syscall_64+0xcd/0x250 [ 56.603075][ T5367] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.605125][ T5367] RIP: 0033:0x7f77d6775b99 [ 56.606706][ T5367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.614343][ T5367] RSP: 002b:00007f77d75f2048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 56.617529][ T5367] RAX: ffffffffffffffda RBX: 00007f77d6903f60 RCX: 00007f77d6775b99 [ 56.620412][ T5367] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 56.623478][ T5367] RBP: 00007f77d75f20a0 R08: 0000000000000000 R09: 0000000000000000 [ 56.626946][ T5367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 56.630294][ T5367] R13: 000000000000000b R14: 00007f77d6903f60 R15: 00007ffe0c2b4a28 [ 56.633448][ T5367] [ 56.756251][ T5376] netlink: 40 bytes leftover after parsing attributes in process `syz.0.39'. [ 56.760346][ T5376] FAULT_INJECTION: forcing a failure. [ 56.760346][ T5376] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 56.767175][ T5376] CPU: 3 PID: 5376 Comm: syz.0.39 Not tainted 6.10.0-rc6-syzkaller-00055-g734610514cb0 #0 [ 56.770886][ T5376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 56.772806][ T5378] netlink: 12 bytes leftover after parsing attributes in process `syz.3.40'. [ 56.774771][ T5376] Call Trace: [ 56.774797][ T5376] [ 56.774804][ T5376] dump_stack_lvl+0x16c/0x1f0 [ 56.774827][ T5376] should_fail_ex+0x497/0x5b0 [ 56.786665][ T5376] _copy_to_user+0x30/0xc0 [ 56.788910][ T5376] simple_read_from_buffer+0xd0/0x160 [ 56.791763][ T5376] proc_fail_nth_read+0x1b0/0x290 [ 56.794320][ T5376] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 56.797412][ T5376] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 56.800082][ T5376] vfs_read+0x1d4/0xbd0 [ 56.802061][ T5376] ? __fdget_pos+0xeb/0x180 [ 56.804184][ T5376] ? __pfx_vfs_read+0x10/0x10 [ 56.806616][ T5376] ? __pfx___mutex_lock+0x10/0x10 [ 56.809111][ T5376] ? __fget_files+0x256/0x400 [ 56.811451][ T5376] ksys_read+0x12f/0x260 [ 56.813724][ T5376] ? __pfx_ksys_read+0x10/0x10 [ 56.815997][ T5376] do_syscall_64+0xcd/0x250 [ 56.818202][ T5376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.821180][ T5376] RIP: 0033:0x7f15e0f7467c [ 56.823304][ T5376] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 56.832010][ T5376] RSP: 002b:00007f15e1de2040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 56.835951][ T5376] RAX: ffffffffffffffda RBX: 00007f15e1104038 RCX: 00007f15e0f7467c [ 56.839286][ T5376] RDX: 000000000000000f RSI: 00007f15e1de20b0 RDI: 000000000000000c [ 56.842356][ T5376] RBP: 00007f15e1de20a0 R08: 0000000000000000 R09: 0000000000000000 [ 56.845927][ T5376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 56.849558][ T5376] R13: 000000000000006e R14: 00007f15e1104038 R15: 00007ffcd86767c8 [ 56.853192][ T5376] [ 57.038373][ T8] usbhid 7-1:0.0: can't add hid device: -71 [ 57.041111][ T8] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 57.049482][ T8] usb 7-1: USB disconnect, device number 2 [ 57.176145][ T5399] QAT: Device 8 not found [ 57.260601][ T5406] input input5: cannot allocate more than FF_MAX_EFFECTS effects [ 57.404143][ T5411] input: syz1 as /devices/virtual/input/input6 [ 57.528345][ T5209] Bluetooth: hci1: command tx timeout [ 57.538008][ T5209] Bluetooth: hci0: command tx timeout [ 57.540185][ T5209] Bluetooth: hci2: command tx timeout [ 57.542373][ T5203] Bluetooth: hci3: command tx timeout [ 57.743457][ T39] kauditd_printk_skb: 108 callbacks suppressed [ 57.743473][ T39] audit: type=1400 audit(1719986541.261:232): avc: denied { write } for pid=5413 comm="syz.2.49" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 57.819708][ T39] audit: type=1400 audit(1719986541.341:233): avc: denied { prog_run } for pid=5417 comm="syz.3.50" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 57.974836][ T5424] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 58.248001][ T5435] input: syz1 as /devices/virtual/input/input7 [ 58.331888][ T39] audit: type=1400 audit(1719986541.851:234): avc: denied { read } for pid=5433 comm="syz.3.55" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 58.340680][ T39] audit: type=1400 audit(1719986541.851:235): avc: denied { open } for pid=5433 comm="syz.3.55" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 58.513133][ T5441] FAULT_INJECTION: forcing a failure. [ 58.513133][ T5441] name fail_futex, interval 1, probability 0, space 0, times 1 [ 58.521863][ T5441] CPU: 0 PID: 5441 Comm: syz.3.55 Not tainted 6.10.0-rc6-syzkaller-00055-g734610514cb0 #0 [ 58.526179][ T5441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 58.530791][ T5441] Call Trace: [ 58.532266][ T5441] [ 58.533566][ T5441] dump_stack_lvl+0x16c/0x1f0 [ 58.535501][ T5441] should_fail_ex+0x497/0x5b0 [ 58.537611][ T5441] get_futex_key+0xb89/0x1090 [ 58.539722][ T5441] ? __pfx_get_futex_key+0x10/0x10 [ 58.541903][ T5441] futex_wake+0xe8/0x4e0 [ 58.543792][ T5441] ? exit_mm_release+0x19/0x30 [ 58.545895][ T5441] ? __pfx_futex_wake+0x10/0x10 [ 58.548034][ T5441] ? find_held_lock+0x2d/0x110 [ 58.550094][ T5441] do_futex+0x1e5/0x350 [ 58.551955][ T5441] ? __pfx_do_futex+0x10/0x10 [ 58.553994][ T5441] ? exit_robust_list+0x244/0x280 [ 58.556255][ T5441] ? __might_fault+0xe3/0x190 [ 58.558329][ T5441] mm_release+0x24e/0x300 [ 58.560213][ T5441] do_exit+0x883/0x2ba0 [ 58.562035][ T5441] ? __pfx_do_exit+0x10/0x10 [ 58.564078][ T5441] ? preempt_schedule_thunk+0x1a/0x30 [ 58.566415][ T5441] do_group_exit+0xd3/0x2a0 [ 58.568418][ T5441] __x64_sys_exit_group+0x3e/0x50 [ 58.570618][ T5441] do_syscall_64+0xcd/0x250 [ 58.572621][ T5441] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.575195][ T5441] RIP: 0033:0x7f3a80175b99 [ 58.577165][ T5441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 58.585219][ T5441] RSP: 002b:00007f3a7fbdd338 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 58.588813][ T5441] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f3a80175b99 [ 58.592220][ T5441] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000b [ 58.595838][ T5441] RBP: 00007f3a7fbde0a0 R08: 00007f3a7fbdde07 R09: 000000000000000b [ 58.599323][ T5441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 58.602828][ T5441] R13: 000000000000006e R14: 00007f3a803041e8 R15: 00007ffcad2a9fc8 [ 58.606146][ T5441] [ 58.653960][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 58.668058][ T0] NOHZ tick-stop error: local softirq work is pending, handler #2c2!!! [ 58.680429][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 58.758758][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 58.788187][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 58.791822][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 59.080753][ T5448] warning: `syz.0.58' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 59.086716][ T5448] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=60082 sclass=netlink_route_socket pid=5448 comm=syz.0.58 [ 59.099376][ T5448] bridge0: entered allmulticast mode [ 59.103696][ T5448] bridge_slave_1: left allmulticast mode [ 59.106317][ T5448] bridge_slave_1: left promiscuous mode [ 59.110564][ T5448] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.121187][ T5448] bridge_slave_0: left allmulticast mode [ 59.123623][ T5448] bridge_slave_0: left promiscuous mode [ 59.126190][ T5448] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.157342][ T39] audit: type=1400 audit(1719986542.671:236): avc: denied { setopt } for pid=5447 comm="syz.0.58" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 59.159495][ T5448] bridge0 (unregistering): left allmulticast mode [ 59.233663][ T5450] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5450 comm=syz.0.58 [ 59.429193][ T56] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 59.465903][ T39] audit: type=1400 audit(1719986542.981:237): avc: denied { write } for pid=5456 comm="syz.2.61" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1 [ 59.558098][ T826] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 59.610899][ T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11 [ 59.616953][ T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 59.618458][ T5209] Bluetooth: hci2: command tx timeout [ 59.624726][ T56] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 59.633468][ T56] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 59.639624][ T56] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.646492][ T56] usb 6-1: config 0 descriptor?? [ 59.651068][ T5443] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 59.688213][ T5245] vhci_hcd: vhci_device speed not set [ 59.748109][ T826] usb 5-1: Using ep0 maxpacket: 8 [ 59.754332][ T826] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 59.760084][ T826] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 59.765243][ T826] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 59.771645][ T826] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 59.782636][ T826] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 59.786969][ T826] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 59.790744][ T826] usb 5-1: Product: syz [ 59.792748][ T826] usb 5-1: Manufacturer: syz [ 59.794943][ T826] usb 5-1: SerialNumber: syz [ 59.802426][ T826] usb 5-1: rejected 1 configuration due to insufficient available bus power [ 59.806753][ T826] usb 5-1: no configuration chosen from 1 choice [ 60.227151][ T5469] netlink: 12 bytes leftover after parsing attributes in process `syz.2.63'. [ 60.266128][ T56] usbhid 6-1:0.0: can't add hid device: -71 [ 60.270885][ T56] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 60.277136][ T56] usb 6-1: USB disconnect, device number 2 [ 60.422174][ T5478] input: syz1 as /devices/virtual/input/input8 [ 60.464066][ T39] audit: type=1400 audit(1719986543.981:238): avc: denied { create } for pid=5476 comm="syz.3.66" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 60.476369][ T39] audit: type=1400 audit(1719986543.991:239): avc: denied { write } for pid=5476 comm="syz.3.66" name="cgroup.subtree_control" dev="cgroup2" ino=157 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 60.487595][ T39] audit: type=1400 audit(1719986543.991:240): avc: denied { open } for pid=5476 comm="syz.3.66" path="" dev="cgroup2" ino=157 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 60.833202][ T39] audit: type=1400 audit(1719986544.351:241): avc: denied { write } for pid=5491 comm="syz.2.70" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 60.945229][ T5499] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 61.328977][ T5512] input: syz1 as /devices/virtual/input/input9 [ 61.468084][ T56] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 61.655301][ T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11 [ 61.660308][ T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 61.664837][ T56] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 61.671159][ T56] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 61.675057][ T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.680851][ T56] usb 7-1: config 0 descriptor?? [ 61.683589][ T5508] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 61.793702][ T5518] overlayfs: missing 'lowerdir' [ 62.085718][ T55] usb 5-1: USB disconnect, device number 2 [ 62.274377][ T56] usbhid 7-1:0.0: can't add hid device: -71 [ 62.277428][ T56] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 62.288917][ T56] usb 7-1: USB disconnect, device number 3 [ 62.370988][ T5540] input: syz1 as /devices/virtual/input/input10 [ 62.865000][ T5548] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 62.868184][ T5548] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 62.872802][ T5548] hsr_slave_0: left promiscuous mode [ 62.877052][ T5548] hsr_slave_1: left promiscuous mode [ 63.173226][ T39] kauditd_printk_skb: 6 callbacks suppressed [ 63.173240][ T39] audit: type=1400 audit(1719986546.691:248): avc: denied { read } for pid=5555 comm="syz.3.90" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 63.259832][ T5559] overlayfs: conflicting lowerdir path [ 63.277278][ T39] audit: type=1400 audit(1719986546.791:249): avc: denied { listen } for pid=5561 comm="syz.0.92" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 63.334157][ T39] audit: type=1400 audit(1719986546.851:250): avc: denied { mounton } for pid=5555 comm="syz.3.90" path="/24/file0" dev="tmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 63.342658][ T5569] NILFS (nullb0): couldn't find nilfs on the device [ 63.370446][ T5559] overlayfs: missing 'lowerdir' [ 63.388519][ T39] audit: type=1400 audit(1719986546.911:251): avc: denied { create } for pid=5561 comm="syz.0.92" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 63.579896][ T5572] netlink: 12 bytes leftover after parsing attributes in process `syz.0.93'. [ 63.779386][ T39] audit: type=1400 audit(1719986547.301:252): avc: denied { mount } for pid=5577 comm="syz.0.95" name="/" dev="ramfs" ino=8168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 63.794163][ T5578] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 63.951754][ T39] audit: type=1400 audit(1719986547.471:253): avc: denied { unmount } for pid=5199 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 64.014700][ T39] audit: type=1400 audit(1719986547.531:254): avc: denied { create } for pid=5579 comm="syz.0.96" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 64.024596][ T39] audit: type=1400 audit(1719986547.531:255): avc: denied { write } for pid=5579 comm="syz.0.96" path="socket:[9786]" dev="sockfs" ino=9786 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 64.034412][ T39] audit: type=1400 audit(1719986547.531:256): avc: denied { nlmsg_write } for pid=5579 comm="syz.0.96" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 64.068320][ T39] audit: type=1400 audit(1719986547.581:257): avc: denied { setopt } for pid=5579 comm="syz.0.96" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 64.070147][ T5583] Zero length message leads to an empty skb [ 64.245255][ T5590] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 64.264255][ T5590] FAULT_INJECTION: forcing a failure. [ 64.264255][ T5590] name failslab, interval 1, probability 0, space 0, times 0 [ 64.269918][ T5590] CPU: 1 PID: 5590 Comm: syz.0.98 Not tainted 6.10.0-rc6-syzkaller-00055-g734610514cb0 #0 [ 64.274114][ T5590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 64.278526][ T5590] Call Trace: [ 64.280160][ T5590] [ 64.281641][ T5590] dump_stack_lvl+0x16c/0x1f0 [ 64.283745][ T5590] should_fail_ex+0x497/0x5b0 [ 64.285865][ T5590] should_failslab+0x9/0x20 [ 64.287910][ T5590] kmem_cache_alloc_lru_noprof+0x72/0x2f0 [ 64.290513][ T5590] ? __d_alloc+0x31/0xaa0 [ 64.292439][ T5590] __d_alloc+0x31/0xaa0 [ 64.294229][ T5590] ? finish_task_switch.isra.0+0x217/0xcc0 [ 64.296787][ T5590] d_alloc+0x4a/0x1e0 [ 64.298553][ T5590] d_alloc_parallel+0xe9/0x12b0 [ 64.300712][ T5590] ? __pfx_d_alloc_parallel+0x10/0x10 [ 64.303017][ T5590] ? lockdep_init_map_type+0x16d/0x7d0 [ 64.305385][ T5590] ? __pfx___schedule+0x10/0x10 [ 64.307593][ T5590] ? lockdep_init_map_type+0x16d/0x7d0 [ 64.309935][ T5590] __lookup_slow+0x194/0x460 [ 64.311936][ T5590] ? __pfx___lookup_slow+0x10/0x10 [ 64.314175][ T5590] ? __startup_64+0x120/0x2a0 [ 64.316592][ T5590] ? __startup_64+0x120/0x2a0 [ 64.318739][ T5590] ? d_lookup+0xe9/0x180 [ 64.320613][ T5590] lookup_one_unlocked+0x142/0x160 [ 64.322821][ T5590] ? __pfx_lookup_one_unlocked+0x10/0x10 [ 64.325090][ T5590] ovl_lookup_single+0x201/0xf90 [ 64.326959][ T5590] ? __pfx_ovl_lookup_single+0x10/0x10 [ 64.329008][ T5590] ? hlock_class+0x4e/0x130 [ 64.330726][ T5590] ovl_lookup_layer+0x3a9/0x4a0 [ 64.334346][ T5590] ? __pfx_ovl_lookup_layer+0x10/0x10 [ 64.336733][ T5590] ? hlock_class+0x4e/0x130 [ 64.338754][ T5590] ? __lock_acquire+0x14f4/0x3b30 [ 64.341009][ T5590] ovl_lookup+0x4ae/0x21f0 [ 64.342981][ T5590] ? __pfx_ovl_lookup+0x10/0x10 [ 64.345180][ T5590] ? find_held_lock+0x2d/0x110 [ 64.347273][ T5590] ? d_alloc+0x176/0x1e0 [ 64.349226][ T5590] ? __pfx_lock_release+0x10/0x10 [ 64.351413][ T5590] ? do_raw_spin_lock+0x12d/0x2c0 [ 64.353685][ T5590] ? do_raw_spin_unlock+0x172/0x230 [ 64.355975][ T5590] ? _raw_spin_unlock+0x28/0x50 [ 64.358133][ T5590] lookup_one_qstr_excl+0x11d/0x190 [ 64.360422][ T5590] do_renameat2+0x532/0xdc0 [ 64.362447][ T5590] ? __pfx_do_renameat2+0x10/0x10 [ 64.364662][ T5590] ? __check_object_size+0x48e/0x720 [ 64.367035][ T5590] ? strncpy_from_user+0x213/0x300 [ 64.369289][ T5590] ? getname_flags.part.0+0x1e1/0x4f0 [ 64.371614][ T5590] ? __pfx_ksys_write+0x10/0x10 [ 64.373777][ T5590] __x64_sys_rename+0x81/0xa0 [ 64.375883][ T5590] do_syscall_64+0xcd/0x250 [ 64.378245][ T5590] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.380824][ T5590] RIP: 0033:0x7f15e0f75b99 [ 64.382881][ T5590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 64.384829][ T5592] kvm: emulating exchange as write [ 64.390754][ T5590] RSP: 002b:00007f15e1e03048 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 64.390805][ T5590] RAX: ffffffffffffffda RBX: 00007f15e1103f60 RCX: 00007f15e0f75b99 [ 64.390818][ T5590] RDX: 0000000000000000 RSI: 0000000020000f40 RDI: 00000000200003c0 [ 64.390829][ T5590] RBP: 00007f15e1e030a0 R08: 0000000000000000 R09: 0000000000000000 [ 64.390839][ T5590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 64.390850][ T5590] R13: 000000000000000b R14: 00007f15e1103f60 R15: 00007ffcd86767c8 [ 64.390865][ T5590] [ 64.991830][ T5604] netlink: 72 bytes leftover after parsing attributes in process `syz.2.101'. [ 64.995692][ T5604] netlink: 72 bytes leftover after parsing attributes in process `syz.2.101'. [ 65.002110][ T5604] process 'syz.2.101' launched './file0' with NULL argv: empty string added [ 65.074912][ T5603] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 66.238739][ T5641] netlink: 40 bytes leftover after parsing attributes in process `syz.1.107'. [ 67.138607][ T5203] Bluetooth: hci0: command tx timeout [ 67.204988][ T5658] xt_hashlimit: Unknown mode mask 897DFF3D, kernel too old? [ 67.240260][ T5658] netlink: 408 bytes leftover after parsing attributes in process `syz.1.114'. [ 67.347554][ T5662] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 67.429051][ T5670] FAULT_INJECTION: forcing a failure. [ 67.429051][ T5670] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 67.435282][ T5670] CPU: 3 PID: 5670 Comm: syz.0.116 Not tainted 6.10.0-rc6-syzkaller-00055-g734610514cb0 #0 [ 67.439771][ T5670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 67.443909][ T5670] Call Trace: [ 67.445435][ T5670] [ 67.446572][ T5670] dump_stack_lvl+0x16c/0x1f0 [ 67.448310][ T5670] should_fail_ex+0x497/0x5b0 [ 67.450156][ T5670] _copy_from_user+0x30/0xf0 [ 67.452198][ T5670] move_addr_to_kernel+0x68/0x160 [ 67.454466][ T5670] __sys_bind+0xc4/0x220 [ 67.456339][ T5670] ? __pfx___sys_bind+0x10/0x10 [ 67.458463][ T5670] ? __pfx_ksys_write+0x10/0x10 [ 67.460569][ T5670] __x64_sys_bind+0x72/0xb0 [ 67.462286][ T5670] ? lockdep_hardirqs_on+0x7c/0x110 [ 67.463295][ T5668] netlink: 80 bytes leftover after parsing attributes in process `syz.1.117'. [ 67.464389][ T5670] do_syscall_64+0xcd/0x250 [ 67.468377][ T5668] netlink: 80 bytes leftover after parsing attributes in process `syz.1.117'. [ 67.470207][ T5670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.475855][ T5670] RIP: 0033:0x7f15e0f75b99 [ 67.478554][ T5670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 67.494510][ T5670] RSP: 002b:00007f15e1e03048 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 67.497103][ T5668] SELinux: Context system_u:object_r:hald_sonypic_exec_t:s0 is not valid (left unmapped). [ 67.498212][ T5670] RAX: ffffffffffffffda RBX: 00007f15e1103f60 RCX: 00007f15e0f75b99 [ 67.498229][ T5670] RDX: 0000000000000014 RSI: 00000000200012c0 RDI: 0000000000000004 [ 67.498241][ T5670] RBP: 00007f15e1e030a0 R08: 0000000000000000 R09: 0000000000000000 [ 67.498252][ T5670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 67.516269][ T5670] R13: 000000000000000b R14: 00007f15e1103f60 R15: 00007ffcd86767c8 [ 67.519655][ T5670] [ 67.770536][ T5242] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 67.957978][ T5242] usb 7-1: Using ep0 maxpacket: 32 [ 67.962261][ T5242] usb 7-1: config index 0 descriptor too short (expected 156, got 27) [ 67.965798][ T5242] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 67.970585][ T5242] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 67.975753][ T5242] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 67.981502][ T5242] usb 7-1: config 0 interface 0 has no altsetting 0 [ 67.990976][ T5242] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 67.994895][ T5242] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 67.999280][ T5242] usb 7-1: Product: syz [ 68.000968][ T5242] usb 7-1: Manufacturer: syz [ 68.002725][ T5242] usb 7-1: SerialNumber: syz [ 68.006800][ T5242] usb 7-1: config 0 descriptor?? [ 68.012687][ T5242] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 68.022326][ T5242] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 68.270740][ T5684] FAULT_INJECTION: forcing a failure. [ 68.270740][ T5684] name failslab, interval 1, probability 0, space 0, times 0 [ 68.276254][ T5684] CPU: 3 PID: 5684 Comm: syz.2.119 Not tainted 6.10.0-rc6-syzkaller-00055-g734610514cb0 #0 [ 68.280882][ T5684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.285588][ T5684] Call Trace: [ 68.287107][ T5684] [ 68.288443][ T5684] dump_stack_lvl+0x16c/0x1f0 [ 68.290499][ T5684] should_fail_ex+0x497/0x5b0 [ 68.292824][ T5684] should_failslab+0x9/0x20 [ 68.294456][ T5684] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 68.296666][ T5684] ? security_file_alloc+0x41/0x260 [ 68.299000][ T5684] security_file_alloc+0x41/0x260 [ 68.301273][ T5684] init_file+0x99/0x260 [ 68.303131][ T5684] alloc_empty_file+0x91/0x1e0 [ 68.305329][ T5684] path_openat+0xe0/0x2e50 [ 68.307329][ T5684] ? hlock_class+0x4e/0x130 [ 68.309362][ T5684] ? __lock_acquire+0x14f4/0x3b30 [ 68.311339][ T5684] ? __pfx_path_openat+0x10/0x10 [ 68.313077][ T5684] ? __pfx___lock_acquire+0x10/0x10 [ 68.315057][ T5684] ? find_held_lock+0x2d/0x110 [ 68.316742][ T5684] do_filp_open+0x1dc/0x430 [ 68.318538][ T5684] ? __pfx_do_filp_open+0x10/0x10 [ 68.320735][ T5684] ? find_held_lock+0x2d/0x110 [ 68.322907][ T5684] ? _raw_spin_unlock+0x28/0x50 [ 68.325114][ T5684] ? alloc_fd+0x2d7/0x6c0 [ 68.327009][ T5684] do_sys_openat2+0x17a/0x1e0 [ 68.329092][ T5684] ? __pfx_do_sys_openat2+0x10/0x10 [ 68.331285][ T5684] __x64_sys_openat+0x175/0x210 [ 68.333220][ T5684] ? __pfx___x64_sys_openat+0x10/0x10 [ 68.335487][ T5684] ? ksys_write+0x1ab/0x260 [ 68.337404][ T5684] do_syscall_64+0xcd/0x250 [ 68.339309][ T5684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.342460][ T5684] RIP: 0033:0x7f83bbd745d0 [ 68.344509][ T5684] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 79 8d 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 cc 8d 02 00 8b 44 [ 68.345249][ T39] kauditd_printk_skb: 44 callbacks suppressed [ 68.345257][ T39] audit: type=1400 audit(1719986551.861:302): avc: denied { ioctl } for pid=5688 comm="syz.3.124" path="socket:[8879]" dev="sockfs" ino=8879 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 68.353101][ T5684] RSP: 002b:00007f83bcc0cb80 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 68.353126][ T5684] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f83bbd745d0 [ 68.353138][ T5684] RDX: 0000000000000002 RSI: 00007f83bcc0cc20 RDI: 00000000ffffff9c [ 68.353150][ T5684] RBP: 00007f83bcc0cc20 R08: 0000000000000000 R09: 00007f83bcc0c997 [ 68.353163][ T5684] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 68.353174][ T5684] R13: 000000000000006e R14: 00007f83bbf04038 R15: 00007ffeff9cd0f8 [ 68.353189][ T5684] [ 68.373728][ T5674] ldusb 7-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 68.374451][ T56] usb 7-1: USB disconnect, device number 4 [ 68.377127][ T39] audit: type=1400 audit(1719986551.861:303): avc: denied { bind } for pid=5688 comm="syz.3.124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 68.377167][ T39] audit: type=1400 audit(1719986551.861:304): avc: denied { connect } for pid=5688 comm="syz.3.124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 68.377203][ T39] audit: type=1400 audit(1719986551.861:305): avc: denied { write } for pid=5688 comm="syz.3.124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 68.377237][ T39] audit: type=1400 audit(1719986551.881:306): avc: denied { read } for pid=5688 comm="syz.3.124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 68.430568][ T56] ldusb 7-1:0.0: LD USB Device #0 now disconnected [ 68.474669][ T39] audit: type=1400 audit(1719986551.991:307): avc: denied { setopt } for pid=5690 comm="syz.0.126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 68.483307][ T39] audit: type=1400 audit(1719986551.991:308): avc: denied { getopt } for pid=5690 comm="syz.0.126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 68.768481][ T39] audit: type=1400 audit(1719986552.291:309): avc: denied { read } for pid=5701 comm="syz.0.127" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 trawcon="system_u:object_r:hald_sonypic_exec_t:s0" [ 68.778718][ T39] audit: type=1400 audit(1719986552.291:310): avc: denied { open } for pid=5701 comm="syz.0.127" path="/dev/hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 trawcon="system_u:object_r:hald_sonypic_exec_t:s0" [ 68.904637][ T5703] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 69.046613][ T5709] netlink: 80 bytes leftover after parsing attributes in process `syz.1.129'. [ 69.050390][ T5203] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 69.050815][ T5709] netlink: 80 bytes leftover after parsing attributes in process `syz.1.129'. [ 69.054476][ T5203] Bluetooth: hci0: Injecting HCI hardware error event [ 69.062264][ T5209] Bluetooth: hci0: hardware error 0x00 [ 69.074180][ T5209] ------------[ cut here ]------------ [ 69.076232][ T5209] ida_free called for id=8192 which is not allocated. [ 69.079181][ T5209] WARNING: CPU: 1 PID: 5209 at lib/idr.c:525 ida_free+0x1fb/0x2f0 [ 69.082404][ T5209] Modules linked in: [ 69.084669][ T5209] CPU: 1 PID: 5209 Comm: kworker/u33:5 Not tainted 6.10.0-rc6-syzkaller-00055-g734610514cb0 #0 [ 69.091555][ T5209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.096125][ T5209] Workqueue: hci0 hci_error_reset [ 69.098745][ T5209] RIP: 0010:ida_free+0x1fb/0x2f0 [ 69.100892][ T5209] Code: bb f6 41 83 fe 3e 76 73 e8 f2 fa bb f6 48 8b 7c 24 28 4c 89 ee e8 c5 0c 19 00 90 48 c7 c7 e0 2b 81 8c 89 ee e8 96 15 7e f6 90 <0f> 0b 90 90 e8 cc fa bb f6 48 b8 00 00 00 00 00 fc ff df 48 01 c3 [ 69.109711][ T5209] RSP: 0018:ffffc90003affa38 EFLAGS: 00010286 [ 69.112294][ T5209] RAX: 0000000000000000 RBX: 1ffff9200075ff48 RCX: ffffffff81500069 [ 69.127247][ T5209] RDX: ffff88803fa84880 RSI: ffffffff81500076 RDI: 0000000000000001 [ 69.131336][ T39] audit: type=1326 audit(1719986552.651:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5710 comm="syz.1.130" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77d6775b99 code=0x7ffc0000 [ 69.144543][ T5209] RBP: 0000000000002000 R08: 0000000000000001 R09: 0000000000000000 [ 69.147790][ T5209] R10: 0000000000000000 R11: 0000000000000004 R12: 0000000000000000 [ 69.151309][ T5209] R13: 0000000000000293 R14: 0000000000000000 R15: 0000000000000000 [ 69.154611][ T5209] FS: 0000000000000000(0000) GS:ffff88806b100000(0000) knlGS:0000000000000000 [ 69.158443][ T5209] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.161131][ T5209] CR2: 000055555beca808 CR3: 0000000029f56000 CR4: 0000000000350ef0 [ 69.164530][ T5209] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 69.167840][ T5209] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 69.171176][ T5209] Call Trace: [ 69.172611][ T5209] [ 69.173857][ T5209] ? show_regs+0x8c/0xa0 [ 69.175739][ T5209] ? __warn+0xe5/0x3c0 [ 69.177448][ T5209] ? ida_free+0x1fb/0x2f0 [ 69.179283][ T5209] ? report_bug+0x3c0/0x580 [ 69.181165][ T5209] ? handle_bug+0x3d/0x70 [ 69.182957][ T5209] ? exc_invalid_op+0x17/0x50 [ 69.184901][ T5209] ? asm_exc_invalid_op+0x1a/0x20 [ 69.186968][ T5209] ? __warn_printk+0x199/0x350 [ 69.189093][ T5209] ? __warn_printk+0x1a6/0x350 [ 69.191065][ T5209] ? ida_free+0x1fb/0x2f0 [ 69.192916][ T5209] ? ida_free+0x1fa/0x2f0 [ 69.194695][ T5209] ? __pfx_ida_free+0x10/0x10 [ 69.196688][ T5209] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 69.198946][ T5209] hci_conn_del+0x768/0xdb0 [ 69.200851][ T5209] hci_conn_hash_flush+0x18f/0x260 [ 69.203498][ T5209] hci_dev_close_sync+0x591/0x1100 [ 69.205448][ T5209] ? __pfx_bt_err+0x10/0x10 [ 69.207075][ T5209] ? __pfx_hci_dev_close_sync+0x10/0x10 [ 69.209782][ T5209] ? __pfx_lock_acquire+0x10/0x10 [ 69.212039][ T5209] ? __pfx_lock_release+0x10/0x10 [ 69.214220][ T5209] hci_dev_do_close+0x2e/0x90 [ 69.216188][ T5209] hci_error_reset+0xbf/0x320 [ 69.218280][ T5209] process_one_work+0x9c5/0x1b40 [ 69.220448][ T5209] ? __pfx_lock_acquire+0x10/0x10 [ 69.222585][ T5209] ? __pfx_process_one_work+0x10/0x10 [ 69.224785][ T5209] ? assign_work+0x1a0/0x250 [ 69.226754][ T5209] worker_thread+0x6c8/0xf30 [ 69.228841][ T5209] ? __pfx_worker_thread+0x10/0x10 [ 69.231095][ T5209] kthread+0x2c1/0x3a0 [ 69.232857][ T5209] ? _raw_spin_unlock_irq+0x23/0x50 [ 69.234914][ T5209] ? __pfx_kthread+0x10/0x10 [ 69.236878][ T5209] ret_from_fork+0x45/0x80 [ 69.238683][ T5209] ? __pfx_kthread+0x10/0x10 [ 69.240547][ T5209] ret_from_fork_asm+0x1a/0x30 [ 69.242515][ T5209] [ 69.243920][ T5209] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 69.247047][ T5209] CPU: 1 PID: 5209 Comm: kworker/u33:5 Not tainted 6.10.0-rc6-syzkaller-00055-g734610514cb0 #0 [ 69.251319][ T5209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.254876][ T5209] Workqueue: hci0 hci_error_reset [ 69.256944][ T5209] Call Trace: [ 69.258361][ T5209] [ 69.259447][ T5209] dump_stack_lvl+0x3d/0x1f0 [ 69.261254][ T5209] panic+0x6f5/0x7a0 [ 69.262927][ T5209] ? __pfx_panic+0x10/0x10 [ 69.264663][ T5209] ? show_trace_log_lvl+0x363/0x500 [ 69.266821][ T5209] ? check_panic_on_warn+0x1f/0xb0 [ 69.268868][ T5209] ? ida_free+0x1fb/0x2f0 [ 69.270698][ T5209] check_panic_on_warn+0xab/0xb0 [ 69.272654][ T5209] __warn+0xf1/0x3c0 [ 69.274392][ T5209] ? ida_free+0x1fb/0x2f0 [ 69.276335][ T5209] report_bug+0x3c0/0x580 [ 69.278269][ T5209] handle_bug+0x3d/0x70 [ 69.280133][ T5209] exc_invalid_op+0x17/0x50 [ 69.282152][ T5209] asm_exc_invalid_op+0x1a/0x20 [ 69.284368][ T5209] RIP: 0010:ida_free+0x1fb/0x2f0 [ 69.286568][ T5209] Code: bb f6 41 83 fe 3e 76 73 e8 f2 fa bb f6 48 8b 7c 24 28 4c 89 ee e8 c5 0c 19 00 90 48 c7 c7 e0 2b 81 8c 89 ee e8 96 15 7e f6 90 <0f> 0b 90 90 e8 cc fa bb f6 48 b8 00 00 00 00 00 fc ff df 48 01 c3 [ 69.294824][ T5209] RSP: 0018:ffffc90003affa38 EFLAGS: 00010286 [ 69.297482][ T5209] RAX: 0000000000000000 RBX: 1ffff9200075ff48 RCX: ffffffff81500069 [ 69.300920][ T5209] RDX: ffff88803fa84880 RSI: ffffffff81500076 RDI: 0000000000000001 [ 69.304333][ T5209] RBP: 0000000000002000 R08: 0000000000000001 R09: 0000000000000000 [ 69.307653][ T5209] R10: 0000000000000000 R11: 0000000000000004 R12: 0000000000000000 [ 69.311111][ T5209] R13: 0000000000000293 R14: 0000000000000000 R15: 0000000000000000 [ 69.314598][ T5209] ? __warn_printk+0x199/0x350 [ 69.316765][ T5209] ? __warn_printk+0x1a6/0x350 [ 69.318870][ T5209] ? ida_free+0x1fa/0x2f0 [ 69.320490][ T5209] ? __pfx_ida_free+0x10/0x10 [ 69.322125][ T5209] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 69.324020][ T5209] hci_conn_del+0x768/0xdb0 [ 69.325712][ T5209] hci_conn_hash_flush+0x18f/0x260 [ 69.327746][ T5209] hci_dev_close_sync+0x591/0x1100 [ 69.330037][ T5209] ? __pfx_bt_err+0x10/0x10 [ 69.332052][ T5209] ? __pfx_hci_dev_close_sync+0x10/0x10 [ 69.334114][ T5209] ? __pfx_lock_acquire+0x10/0x10 [ 69.336325][ T5209] ? __pfx_lock_release+0x10/0x10 [ 69.338603][ T5209] hci_dev_do_close+0x2e/0x90 [ 69.340728][ T5209] hci_error_reset+0xbf/0x320 [ 69.342818][ T5209] process_one_work+0x9c5/0x1b40 [ 69.345064][ T5209] ? __pfx_lock_acquire+0x10/0x10 [ 69.347293][ T5209] ? __pfx_process_one_work+0x10/0x10 [ 69.349704][ T5209] ? assign_work+0x1a0/0x250 [ 69.351623][ T5209] worker_thread+0x6c8/0xf30 [ 69.353621][ T5209] ? __pfx_worker_thread+0x10/0x10 [ 69.355866][ T5209] kthread+0x2c1/0x3a0 [ 69.357497][ T5209] ? _raw_spin_unlock_irq+0x23/0x50 [ 69.359364][ T5209] ? __pfx_kthread+0x10/0x10 [ 69.361309][ T5209] ret_from_fork+0x45/0x80 [ 69.363287][ T5209] ? __pfx_kthread+0x10/0x10 [ 69.365349][ T5209] ret_from_fork_asm+0x1a/0x30 [ 69.367505][ T5209] [ 69.369527][ T5209] Kernel Offset: disabled [ 69.371557][ T5209] Rebooting in 86400 seconds.. VM DIAGNOSIS: 06:02:32 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000002 RBX=ea5a390ecc06a637 RCX=ffffffff816b9b3a RDX=1ffff11004be5a84 RSI=ffff888025f2d360 RDI=00000000a5a390ee RBP=0000000000000000 RSP=ffffc9000374e7e0 R8 =0000000000000000 R9 =fffffbfff284ce58 R10=ffffffff942672c7 R11=dffffc0000000000 R12=0000000000000000 R13=0000000000000027 R14=ffff888025f2d400 R15=0000000000000027 RIP=ffffffff816b97c1 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f15e1e036c0 ffffffff 00c00000 GS =0000 ffff88806b000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fd77407d440 CR3=000000001f152000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000306e616376 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a801e42fe ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a801e430b ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a801e4305 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a801e4319 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a801e439f ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a801e447d ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a802d4488 00007f3a802d4480 00007f3a802d4478 00007f3a802d4450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a80e3d100 00007f3a802d4440 00007f3a802d0004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3a802d4498 00007f3a802d4490 00007f3a802d4488 00007f3a802d4480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fd2975 RDI=ffffffff94dd91a0 RBP=ffffffff94dd9160 RSP=ffffc90003aff420 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000007 R12=0000000000000000 R13=0000000000000030 R14=ffffffff84fd2910 R15=0000000000000000 RIP=ffffffff84fd299f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055555beca808 CR3=0000000029f56000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000feffffd0 Opmask01=0000000000000003 Opmask02=000000000000ffdf Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000558b1fe18d20 0000558b1fe08040 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000d1 0000000000000000 44455a494c414954 494e495f43455355 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6f742079617272 6120656c75722079 7261726f706d6574 002a3f005b3f2a00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a4a51055c445757 440540495057055c 5744574a55484051 000f1a005b1a0f00 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 0000000000000000 000000003130323a 306963682f306963 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000550045505954 0000000000000021 000000000000302e ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 69305f474f5b647c 6930382432273f39 7b27697a787c7a30 23333a3a38263342 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a3a263e383a3a26 39383a3a2638383a 3a263b383a3a263a 383a3a26493b3a3a ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 info registers vcpu 2 CPU#2 RAX=0000000000081a5b RBX=0000000000000002 RCX=ffffffff8ae75899 RDX=0000000000000000 RSI=ffffffff8b2caf00 RDI=ffffffff8b8ff600 RBP=ffffed1002fd9000 RSP=ffffc90000197e08 R8 =0000000000000001 R9 =ffffed100d646fdd R10=ffff88806b237eeb R11=0000000000000001 R12=0000000000000002 R13=ffff888017ec8000 R14=ffffffff8fe44110 R15=0000000000000000 RIP=ffffffff8ae76c8f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b30b0dff8 CR3=0000000025cc8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000800000 Opmask01=00000000ffffffff Opmask02=00000000fff80000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffed1b0a9b0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c5f5f0045544156 4952505f4342494c ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000042494c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f6e3a6d5e007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4b1f485e005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=ffffc900031ef530 RCX=ffffffff813cde89 RDX=ffff8880422b8000 RSI=0000000000000004 RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc900031ef4a8 R8 =0000000000000001 R9 =0000000000000004 R10=0000000000000002 R11=0000000000000002 R12=ffffffff9072298a R13=ffffc900031efbe0 R14=ffffffff9072298e R15=0000000000000002 RIP=ffffffff818de410 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b30afeff8 CR3=000000003fa02000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcd8676ad0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f15e0fe42fe ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f15e0fe430b ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f15e0fe4305 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f15e0fe4319 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f15e0fe439f ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f15e0fe447d ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000