last executing test programs: 54.41151094s ago: executing program 2 (id=619): r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) (async) r1 = socket(0x28, 0x5, 0x0) setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000180)={0x1, 0x5}, 0x8) (async) socket$nl_route(0x10, 0x3, 0x0) (async) syz_emit_ethernet(0xf87, &(0x7f0000001180)={@local, @multicast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0xf51, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[@routing={0x84, 0x0, 0x0, 0x6}], "223427d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f481a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d762975b5b33ef141b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a6bac5836dd5720e559bcb82a4926734c5c3b1287c5fec219a99f71eb398430001f007306e9232c269c2886357f75d935e8de054341ac36f1df1fc77fbc347d90660f4d5658cfeb9e289f70968a7c0b38ae34c4bfa46b47964e223ac34f472e3231e8c285add5713592c76c062c3477beb55b279846f04f8d6a5ce2743c6a2020f0c5164953b8dca7e57239dc8a7f507bcf77767ab0b4602437171a09c8e80f5a165c4c37eaae386cfcb927dd1a935fa717fa1608792b34bafbc20cf11a678455894ede62788309ab7a7075535847a2b48260a613e521b01d75648263ad78e6176528dbf3e6c4e4d72066e617be5387183a51dd97d2e846c5d173b51e17a4c8d78a49c914cbe44236c52c78de45b44f9d80bc6f77c75135922a84579bce77baa71311889f5b7b90c5124b8298d5e9c81c442d60df00795854d3213a1ac254c8963c109f68b3ff5451c381f6fb56c116f86b71f988d1e9f732280cbf3d4e9791fefc4bdec5dc293fb77b02d5aab6bd8cd179b7e425126b7f78c0d004bc6470ecc2bbc422bd06a6bd8f717009509e6a88b01347b7a62b9dea6f7a7446a371f422499a6e66eeb6a7b0beb4a86a61f875a9bfe0f5d5f0d0e4c85852afaea97d74ebc80d6491a8a1c998c4b5bc34b3edaeba2df902cd5e14e016720e6c3c8b15287b2471c34251e26dc442720cd5d984e30b110b7370f233f865b9ac129fdf49ff02b303d7d4f91039d3bb58a9d64d7a72d8b8eba6b45a000370d4f0e9c0d411768441372e7112e5d4e7d70a9d6b428b8b85ee6209d6f73e7b024740c052166deeb843e4ab78d1d354d75a5827ff0d49d8964e75785f3594c7299c0917b48f3b2efb81a4c3a7d6e0f1cf50efe0360963c2e3ee390ed2a4c39f42e856eced0f2ee7beacd2ecbece493e911ca0460584323ea6d4a0c00864693c979cae38f0c5841bfaeebf609d1075163c120fea0bd0207d2dd07e5e2e0a5afe3efee0ee6bb9a926a8dba7a27a82c5421a5b20bfb5dbdef532a12435fcd899f15603209831711e0dcfaaf2104b2016f087fce44848c70b65a34b9be83df2064391fc5a8d169dc1943d226e57ab5ba06c656273d4efba73a8a61aae19df4d2445f3ce7e649af1b4ffc86106c9092ddd0aafeb45653d181cb32b06a1dd41573495f15c3b8c0019ba72a2eb163dfcbdbb235322ae27d7116af506f295c2424ab9191aa8ce0e4617b212af21983f8d2b19d7fdeec881f6fa448acc7c3e133b6f281583fad4467c05801e69f6ffc1ae2e1f54655534d884c2f8f60303da33ccbe47a293643edb61c7d9fad4e3e54028bc64be8e5b1da53446869b136660b8e96ff96c48641ece275967b27b291c5c240b3399b5b901b699227735f821938bc88ded45bada2b257b1a4bcab7ed6647f2027e5680c87329e9cfdba6bde2f2a9b676be016001702bebbabb2eae3eba01d6f49ab70245a4c5ef0e136b531e1843487b3f69c5b811217d6d2f5e71b47f40c28117bd09a88bb21887a06e2cc164d4281d0df47cbd5781f1524098d89ccae32f24c5f9d86469106685fdc683ad5e873030b621dc00354e0621106da90aca69bb53848dd57251a45bc1898aca9bc84c9a8d2f8aabeed888560771c8cb03aab02620430fec8e9740880790060ccbffd5b8edaa219ca61587eff1b1b03ae8af53059f121efdec8b3ee8aba06f494a5b4575bc848d5a9773d2346f75811cb82a078fc960c9bd374555d78b1b4ba0b438ef00e8aa75810ca5efc5c70936e2cb0e515912cb7f625a2130a9ad58f29e58ae6eac5c3f15f22f0163ee6dead6947c4390b92c8dfb146fec7bfc0b37e8ff2c9de90c30f2d8b5e334107f9835bc47fbc193c60ebd5ac4e677c7fd5b6261ff96e97c185c726ec02941bc2336946f181fd2aff43f0e95f06105a049fcb8e4e3738407d6356856f533f17fae281a3be9f2050ae3d19d1b8350d424087ac9b7875824a9b7e098775b53d6ec960fc052ecd165d17a7897de75f15316a072bb9ccf6ce1ec085bb5356c271b985a437a32f12308fc927410fd444bcded9859e7b8a3cfaaf29ebfb92cc7cbfad2559bbe4f90e189e8708e93827b221869cc78fa41fd5bcb6577b7dfe4c3927dc25a58aa84419f76e71d1f3c10cbb5e52ab2bebe0d39bdffda0fa1b55fe3a03683f882a82dd58498d62b101acd710fd436aa7409fe3cf5352dffb399d560323e14d564bdb3121b89c1f43fc9a892b799cd32f7ce2ededb868920b4547735ef0bf3e148251a4f65dddb7f96b2f33734522a8cffdc51520ac98926b3406e96618cf15a042a67239e755afc70ec6a9c99f8e08ec2946e5901364d85223a63d49572519137d93b6b0798e72acf9da120e706ee73367dec1450a68def886c149bcd734469e10b933899501011cd548e99d638821d5709fde050ab382d4896ecfd7999d40ea9c690c26d396545224c8f9e19705593df2688eb592e2476a0193f7054ab6f703d41c545a80bf285bbc7cc735bd306c9ea5eb64f40752fd4c741d9b6e03cd41b636ef8f5e810047a21c0b24c6fde1f2e98f2f27730c90d93af9e7564e4e209a61ff626b666fcc4f75f7d560da688169ff0af5e674a0b89a99fb54bb438a65f953c2db0faec2ce09cec33b6d25620b5a0393ac473fed48a38beaca5223997419876d571ce969b83b5b3ae54de83dd89fd92ed2a93c087828bef49a24ed1a97778c47fdc691a94fd5b437dfe494b5c6fadf499d9d15583b0439d3d5ecb61a32a2508a6960be6009accfd1d5d75a16dbc4121c6ef07bda12646792449c18a56e7aa3893f3f0e55a8e09ca64193dd29ea24ed8614ee8e717f046dd99a8e3750506655331125a502aa89c0d7e8e30c36a4be22cd911322695144d3bf034f38ef32d49431d50da583d08a3e4c5862483cdd52d031b12c89fdaafc3334e877e464134baece883d301193a9c27311a987d4dae82a061f48182cc747cd64441e88b68e26e4975f0fdde3129a9e6af80009962581d5349676df9c73b81514b175709d9193749660f480bd4009b528c1db4f76f42b6a175126603c39a374e890f871c97b2eebb4500451d827cc15497dc5ae89edc6f47f25db7efa4b4b2afbbb2ee543e3db8d20fe93faf300247f59075921e8b2f2a025af8a1d46f274e0c6cb4be0293c7c16c88e98d7d189e9733e4c0e3b96be4aa3fa6ecf42732e0b1432d38aeaf2330d92713cd5580ce42bfe47fb98fea64783de23f456300dd193008211a5ba408d32dedbf12aa8237a6e1a2c9890a2c1011855241fea186906a5139d1c300be57dc7ff493de80010520d10fc3eda0ee9cd413e075d3dc02258fdab567a16e43edbeecc366a69d8d75512f43a2b79cbb9132cdcd00c531730d05f1eabf66613d6e7ebb8c4c3f4f7efd415d41049786352808b22a3bde40121968af39c8f00296001662adc72b7963c8bafab4a496b50f3237a29d19ad4a51a62b1c77a04c14004734189cf7ec49e3d041a1e5658d080f09df77f39782e7133968c1f39ab3ae2a5f24a60073288f3c5825dafd614a379b8b905aaf961caa14ffa38de0d632918d31e4a9291b0f0789248e232e4276840a1ed0257300e522d83111dffd424b1b33148981e3794b2b649ba9174e6697bcc96049f4f3dcc7cf4ca97e2006ec8a146014bb49184632e4fb159a34b6530e959e60a6b4e0427cc697f14cfe6bb7a662a6f5012744f3cf2307abc19c58449864d98fcfebc5d598cd32a1c38c207896468fe8da75eb1edb1d6e7cb1eab671e4e92f139c81d79f15df2a2dc075acc982dec769e2f49aad0fdf594cb590e054616e4f4582b6c4a149ae45d844903ef68d211df2a180178e178b7c7a5012ccf8a1e677586588620365e6111f5192ecfdbd97e2284128de02e08ebc13d4bb4d114faa1e6c16c51c12da2c52d68f73640ce866ce4e794b9fafdc392c91c1f824bc301b3069a02b9c86d2ffac3ed63ddee130cbc248d6a3345d3f9553db78077072d569a6633f8bdbdb1a209a8be9b6830225994f9021b57ddd6a44e8ea40b205c6cf437f45bffaef053a5916dcc6de62ee02bdb8ce3acec8ad97fc95dab1307d254790c71f32e4678957cf0121dccabe73a03c6cacbcbdaad8801b04d9836555a982c357a06e2db7e9bf62aed8cdebbb7a71a2410b929015b61f16e54bffd038996a717b9c7cc3696d8a1205e8266bf782c3a45b0e31461d6a3ed62396088833f69248b24fbf6f81dcc08b98826c3bd2325ade54f614f2d4a153e3e3527d93978483f2bfeada6b64bc43f2a725c30e843d13e6ab34cfc38d488b3ef50cd04318fac1f89905f017644cfa2de058ad399871d1316264813c2289d0b6cfeddfbca36ce93fd4a1bfc93bb74453cfbb9c6ca22320ffc9cb0a3fff046a5678c066e617cd3ac024dfead04b99877f448b78208938585c7563efe815ff0cc47da5fff521d9730ddc89f4aeceadd06f2ea6b9ae72c9407aa550a0155db3b4bc6aaa382a30552f699cb6a1af9972a8ccc483f98952dfbde3d712ea8673eacdbb77490d833fc90f0f02e7c073d2917db70831496a88defc10667dc4c1b7399191bdc7857eb090e79c332bf9f71bb5377178e6232800c93d22318dc5ab8d5dfa2f074a6c23acb61c89f2f078ec91e9817e11a4c8295c19634b5ca2df74"}}}}}, 0x0) (async) connect$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0xffffffff, @private0, 0x3}, 0x20) 54.411085567s ago: executing program 2 (id=620): r0 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x800) getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000000000)=""/11, &(0x7f0000000040)=0xb) io_setup(0x7fffffff, &(0x7f0000000080)=0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) io_pgetevents(r1, 0xfffffffffffffffb, 0x2, &(0x7f00000000c0)=[{}, {}], &(0x7f0000000140)={r2, r3+60000000}, 0x0) r4 = fcntl$getown(r0, 0x9) sched_rr_get_interval(r4, &(0x7f0000000180)) clock_nanosleep(0x5, 0x1, &(0x7f00000001c0)={0x0, 0x989680}, &(0x7f0000000200)) clock_gettime(0x6, &(0x7f0000000240)) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x44, 0x2, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0x2}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e24}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x8004}, 0x4000) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000480)={'\x00', &(0x7f00000003c0)=@ethtool_rx_ntuple={0x35, {0x6, @tcp_ip4_spec={@local, @local, 0x4e20, 0x4e21, 0x6}, @ah_ip4_spec={@private=0xa010100, @loopback, 0x19a1a9b5, 0xe}, 0x3, 0x9, 0xfffffffffffffffc, 0x6, 0xfffffffffffffffe}}}) r5 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000004c0), 0x1, 0x0) ioctl$IOC_WATCH_QUEUE_SET_SIZE(r5, 0x5760, 0x0) r6 = dup(r0) r7 = socket$nl_generic(0x10, 0x3, 0x10) rt_sigtimedwait(&(0x7f0000000500)={[0x7]}, &(0x7f0000000540), &(0x7f00000005c0), 0x8) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), r6) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r6, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x20, r8, 0x20, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x3, 0x53}}}}, ["", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x18}, 0x40) sendmmsg$inet6(r5, &(0x7f0000000c00)=[{{&(0x7f0000000740)={0xa, 0x4e24, 0xfb, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x6}, 0x1c, &(0x7f00000009c0)=[{&(0x7f0000000780)="22f8e270f07e8c228c2b14f5457c1dc5d00b3abadc36ebaa8bfc5f5c02a411c9cbf37935e73953a92925f47a41e8ad949adcde54fd8160ba4475c18ddc3380ec6a5cb16c1c174e516c79245bca31339929d1b130120a290410", 0x59}, {&(0x7f0000000800)="5cfcfcb6b10e8babb8058d3b76b47912ef5ea3b50c3346012ffbdc52e2a2ff10d9e5f8e04ed35dd79956468ca0f9b1b35b5958628e61e125e330deff2807c78492f5c7337af1e39f44124a509acb57729e46a73cb81ba58caf55fd6b9602d176a80c613b63b461ca4bb8adfb07ede8728afe2f1176622c85908b1e4ecd93b97a18e4573fc5c5c83d04b008fa45f8596706e17a9a1541e82bd07f95f4e2944a9f905623688f43b5f0b604caf64b4d1973349dbb8956ac8edb1d493138ea60903bdab609d90925d728f08c96ce9abd54c0173ddede8dbe2c4ef856df84d097bd96c5d3ee3cb6eaeb9b4ae15b542778d6d26d72f3849343ca54", 0xf8}, {&(0x7f0000000900)="4756484b147b442a29f5e073168330836354ae27c4cf6eef41ee0f9e3c6fd84c5d592ec32bb0b0df86d1a4e292430f3e0b141f1b685849aba6b9f9a8ebe51c6639021b7077a0271afc", 0x49}, {&(0x7f0000000980)="8713b7c3a33f8a0e485f55146437828c457cba4639ba61155c35", 0x1a}], 0x4, &(0x7f0000000a00)=[@rthdrdstopts={{0xe8, 0x29, 0x37, {0x21, 0x19, '\x00', [@enc_lim={0x4, 0x1, 0x2}, @pad1, @jumbo={0xc2, 0x4, 0x9}, @generic={0xbd, 0x35, "37c1a193fbd840fcd9461af509cc5873e6fb5b7c0f3ade2d568981d6946c02d1f2389d2bc540903d79ba8abeae3aa11de517581618"}, @generic={0xa, 0x6e, "61b79783dbadb7cf27e4e20b79f484d6e0e77e946fcb729d055a5582fa92a7b869b86e4372a82882dce3ebe5b77d65239f8be22f7582f1b4255db671abf9671f440e09cc157c76b4bad3fefbd5726b3d9190990afa352f9a504d6fda0f5fb40b2969e037ba3567448576c3827582"}, @hao={0xc9, 0x10, @empty}, @ra={0x5, 0x2, 0x7b2}]}}}, @hopopts_2292={{0x40, 0x29, 0x36, {0x36, 0x4, '\x00', [@ra={0x5, 0x2, 0x2}, @enc_lim={0x4, 0x1, 0x4d}, @ra={0x5, 0x2, 0x9}, @ra={0x5, 0x2, 0x4}, @jumbo={0xc2, 0x4, 0x1}, @hao={0xc9, 0x10, @remote}]}}}, @hopopts_2292={{0x20, 0x29, 0x36, {0x3c, 0x0, '\x00', [@ra={0x5, 0x2, 0x5}]}}}, @rthdrdstopts={{0x90, 0x29, 0x37, {0x2c, 0xf, '\x00', [@pad1, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @mcast1}, @jumbo={0xc2, 0x4, 0x5e95}, @pad1, @calipso={0x7, 0x38, {0x2, 0xc, 0x5, 0x6ed3, [0x67, 0x5, 0x4da2, 0x7fffffff, 0x401, 0x7c5]}}, @pad1, @enc_lim={0x4, 0x1, 0x8}, @hao={0xc9, 0x10, @empty}]}}}], 0x1d8}}], 0x1, 0x4001) clock_adjtime(0x2, &(0x7f0000000c40)={0x1, 0x6364, 0x6, 0x800, 0x9, 0x2, 0x8, 0x5, 0x5, 0x1000, 0x66c7, 0x101, 0x0, 0x5, 0x7fff, 0x6, 0x7, 0x1, 0x0, 0x5, 0x200, 0x81f, 0x4, 0xeb, 0xec, 0x9}) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$batadv(&(0x7f0000000d80), r5) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000dc0)={'batadv0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000e00)={'batadv_slave_1\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000e40)={'batadv_slave_1\x00', 0x0}) sendmsg$BATADV_CMD_TP_METER(r9, &(0x7f0000000f40)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000f00)={&(0x7f0000000e80)={0x5c, r10, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r11}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r12}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r13}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x4004000) read$alg(r0, &(0x7f0000000f80)=""/182, 0xb6) clock_adjtime(0x7, &(0x7f0000001040)={0x3726, 0xff, 0x0, 0x0, 0xf2, 0x7, 0x4, 0x7f, 0x203, 0x3, 0x4, 0xc5, 0x7, 0x401, 0xffffffffffffffff, 0x2, 0x1, 0x9, 0x1, 0x2, 0x3b, 0x3, 0xfffffffffffffffd, 0x40, 0xffffffffffffffff, 0x6}) syz_io_uring_setup(0x25b7, &(0x7f0000001140)={0x0, 0x4acc, 0x4000, 0x1, 0x224, 0x0, r6}, &(0x7f00000011c0), &(0x7f0000001200)=0x0) syz_io_uring_submit(0x0, r14, &(0x7f0000001300)=@IORING_OP_UNLINKAT={0x24, 0x20, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000012c0)='./file0\x00'}) 54.341629838s ago: executing program 2 (id=621): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x48) mkdir(&(0x7f00000000c0)='./bus\x00', 0x18e) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (fail_nth: 7) 54.231498337s ago: executing program 2 (id=622): r0 = socket$kcm(0x21, 0x2, 0xa) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$UI_BEGIN_FF_ERASE(r1, 0xc00c55ca, &(0x7f0000000040)={0xa, 0x1000, 0x6a38}) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000400)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r5 = dup(r4) write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x40}}, 0x18) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000280)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(r6, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a80)={0x44, r7, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x185}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x4}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x79c2}]}, 0x44}, 0x1, 0x0, 0x0, 0x40041}, 0x0) write$FUSE_DIRENTPLUS(r5, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0) write$FUSE_DIRENTPLUS(r5, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10) lgetxattr(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)=@known='trusted.overlay.nlink\x00', &(0x7f00000006c0)=""/195, 0xc3) write$FUSE_DIRENTPLUS(r5, &(0x7f0000000280)=ANY=[@ANYBLOB="a8"], 0xa8) r9 = socket$inet6(0x10, 0x2, 0x6) setsockopt$SO_ATTACH_FILTER(r9, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xffeffffc}, {0x16}]}, 0x10) sendto$inet6(r9, &(0x7f00000002c0)="100000001200050f0c1000000049b23e", 0x10, 0x0, 0x0, 0x0) write$FUSE_ENTRY(r5, &(0x7f0000000440)={0x90, 0x0, 0x0, {0x80000000000, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8}}}, 0x90) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@posixacl}]}}) openat2(r5, &(0x7f0000000200)='./file0/../file0\x00', &(0x7f0000000280)={0x200, 0x101}, 0x18) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000380)='keyring\x00', 0xffffffffffffffff) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/cgroup', 0x0, 0x0) lseek(r10, 0x600000000000, 0x0) sendmsg$kcm(r0, &(0x7f0000000300)={&(0x7f0000000600)=@nl=@unspec, 0x80, 0x0, 0x0, &(0x7f0000000400)=ANY=[], 0xb8}, 0x43480) 54.231027778s ago: executing program 2 (id=623): r0 = syz_socket_connect_nvme_tcp() sendmsg(r0, &(0x7f0000002380)={&(0x7f0000000000)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000080)="8e48b1aeee9b564c3d8efeac6cd91946cd61293d661287189d27af6ffd1f8ddec5c29732eebc90694a05f231b1937eb026a9e54f85c35d4fc1725be98fdb3ab1c79959ee12c18cf277b1d56f7910", 0x4e}], 0x1, &(0x7f0000000140)=[{0x100, 0x1, 0x2, "1132de3887199c95a6edf70e8abcaedab684b3fac5516d00fdab88a134e0b925ccd551715a88e5995666b04ff9f12f284238dd813e3d2897cdd5f1ea3ce4ae459c5b30f8634fcb34967d4ca97b2f18cf60b7e596d0e8604cda02adcb6fec54a8393bf6b5715a15ca8f3564d5a9612245a94b55ad5cdcd627b0996e5f52981a160efa7a2a556315d04dca6f12f9fcd18f6bf38ea01b74b849b11e4084e8aad1a700d9d658178a9c9078f4bbb702700adca7a4ed6ad62084171b4e312f23d0f415800731fda1ff436d1abbf6bd64a94ed0239609e092816258c0443e92456332107305af973ee27a9a60d2b4"}, {0x1010, 0x10e, 0x2, "f831b01b3c8863190725dc6a6802a803a324a9134f4b2213e52dde1b087b822675a191d798a40820be2619ed638332380e35a2fd8d83c429f1d60fc61532505ee2ef446b5852416f25ffdf3be32c16064e0747f1b4c9ec70476a49cc8e34e2c1381db20ebcfad217e41efb267c5c799c3ebaa518ea91bf8b998eab034eb33623fe25244df47e76c3e0eab03ae837c7a3ad6b5920c8c974e556acf85878fadff91693bb0f88a6aa5d001d3c60018d3c05f1108dfc7d3675aced007222f9e64bd52a83f185cd831c75a4358e0e5075bff8da006032db01b99d65f120dfa170c076c6020938cfd3aa24fb6c79c6f8097ac586a6b3a2913c233716be4b44461eb0a80ad7e363dcf21fcb44f604184c0b36e73ce7cd0767791662c573fff5b13564d1410936312bed73d282e34c6bfacd3e1a58645d2241e3a9fb5170ba979d892c188894f8004c4ef51f1380b24a77ddccaa4cf5b0d05ed00317df9f0f2327aaf55d2e9332d8c614b3d8817a488253a7d077682514c09978a9adcd68d2f6ebcdc9799ae943474cca4ae4586ee01c5ed699d07965d57447e6ae9f0618c73178255f5f71835c435dad78b981b1ddf0bcc7c5148f93e0648ab8bf7abeb803d230e9ee89e0f4be586c698a1ee629f7289453fb15645fe7c72f2ea5611eef8b3c6a2d4ce6a9746ec084731ccfab606b4b34048591c490711c32cca43990eefa1ae26cc2c477a5e6378a3c0dca37ef95a35bd0bb4020ff929a664dfdfc73e8e46fef6d904e038b19fd2b386e2ce2cda5fc96b079d2ecfc00f496d53c44f518ed2dfe7c3096da9da2f067a515ba6e572052d67f03c7785b487cc822b5cdd9ea7f2f38ae6ac5dcfd11ed58c1e90b3cbb097826cfae9981d8a68224e92799055f9550fdd6ce4618f9fdad65a29867d4e65535791e06d8ae3ce6d1cb11f43bbb6835f54faf347bbfbed02ec68955d39ee654ab5e8e2cae66b875110d491dbf23ca7e6b249e89fd3142a29c5e5dcfa398bade802fa9862d44860ca9ea2bf523ad912c45dbca77f93b89addb46a5f2864bcf2a737432d0fa510294378af858727ba4b9e34614fd9c257f9ffac3dd29a557cc4ffba81f72b4d504a2646d00e9fbcaaa128e8aa6a5e5c412855f1e82c2a23202f634e5ae666a4e64bdf4fee4d5d31d03ac476d57273fd4f635d0c740fa37b06fdfe5377841b73c8e40342c8adc2b79ba9b667086270e9e5cbf246fe8edf9c4de03cc3b6e96a7acaa0579676f24af7e3bb0baae8ba1efa3b709d27097bba97d52cb8f1e3bf127aa761b3f900e9dead88e7ef3bea6368f6da73c3320c13107bc6db2add31b598171708e2efecaa03573ae0a7b5654eb5a4298913b25c1219f396c4dd213f515f12346033b15070b9c0c6bb0ca4df923201688ce5974340f4e928dae8b1c749af15f10fdf4c1f445f99f1301a299d491427dae46f2e402b1d924589475ab0b288d3005e42ab28257e85d5b9f80e596a853a8935d0ecdf81ed025c1d2a6e286bc0a45abd9b48ec4e4e091bd3f616131940fdebd2441681bb48134894ee04bf3e8eccf4613689c6c7a8a26ab89c252fa3db95d23c5cb713a54141b0e5ef7372bc7480e31f626716de461e2a84ef239cbbd9932c5a730b1d59c067c2438476b275d8deca3ac9fa8acdcb1c26b7fc90b4fd1ccc44d6682e4a6c90c41f8e05473c26dafeab5230555d58f0af23b9dea5b3de0357f825de7f0e8d6ddf07c27304b04ed6c32e91bb5244c5b26ffcfbd4aa8e13b2eeb20f368dead6fdf8362a029e854d1d15cfd599a6a6870cbb6c883fe3a51f05aaf2f3fc47e17c8e4dff3bf5f31c583f7fbf3c0533b01c2d5a4a2c4b91435095ad0d2a243888126f0a23cdbce296bc3edd9b53d4739c31bcc625107ad715980f793f2871f5a804a30b0bb31b393322be61273f4ae39c08d3025ed6d94f4498f0d6c6f40d645c612d15775a732e1c5ae12be008733cb5b361fbe2e9de89edd118b5b939015a8330f1664d9dd33a09f350cfdf0baa61587a8ba09286ba59f93673284217374e0a2e48d20a150b6414d070d5a0581930dc1d242c6dd5f51db9ad00c0ba9d993ed42cf53e9f507d859f1e58de084fcc45714975518a137d5bcecf390243cbb8b4ddff6d879ca5fdc859908e5a5076084777b98486e02565ecf1ee33e7899307a5c9c702c386875561994d261ca3d5d3d8f1e4c3b93e96f15b41d20c5908c2fe5155da0fc41f174d7ae29272ca1d30eb74b931e335b530628c74d8bda75a80fb17c4911ae5910dd23220c4adf0891e749149f79e944b15ecb872474a9955865d9b1eb9ab188ba6319a01dd7c013509af3599dae6f2cf6f58cc88a1857a61b0e552bea2b5be191d57f6e5ae7573735471ed98d14a1d4a33a3e6435af14c9223122c1c909dc435809b79887803778978910e05a2c0a38aa63a3b07f07643120d0f3cd61d5ed5125d5977da3e3de3d02cf4b00d2a4b2fc37e741a4168b185387b5ad99f31b137951e9a3fd1979df33d0dc64382a90b843f8936a2b5665cc320b89442a4088d9414e57c9203dcecef49c9f8550eba66268d652d194faca52e427244e2566fb3db8ba1aba1aa18953aeac4253327084a0cbfe3c1db8ea58124d953bec65ba73a295fb7cee7c991ee8d8cf427919ec14c876dd0e17741267fa0e47566560dc8459dd03118f900a1c709c55aca0da73c03f544d74774ea978a892b59422747f8d51ac07c51ff88c78f20de363481947b68dade83f46d9ef527b49be55a29f23bec55d0656cd718f1cc187bed06be34ff92fcab0ecfd012895eca6b96dcfd6f32b8480e0dc45685f91c564b8539b4e0481931bee0e73758f2f3f72ce17787f10e9088bd96a88e1d92288080d2dca3542ad253ce4f68836644bfd01a745bc061cb7b15994afd5b83264c0d1b49f9706fc834fb7a1a03264f149d977ce2f8cc81f3f905770aeabc37a88aad6e0ec7c62bdbb14deef8fd6a60e31ae8f6a3790332848fd6a2adac1b7c0cffd19ae1ab268fd03e1a4eb5a4c0d60d8978209499e168a194d30ec3428ab477431376c85e584ad1817434d19c5acb1d0adfccb3bc1fd7b6f0231c82423a175d6197ba16cdfb593b2e9a4b2308d6c8467ed9a1c94e0922af5109d8a0c615324ce5a0c31076941190d0276bcd1def2e638b21aec9782577d0182e92dca8d1bd9e8a83d40acc66c8563587b756ca5d080b638e1730e7f85795f6225f16e7dce5de66674baecf00694b1beacc518cfbd91eeebaa392fef943e1ef17d459c8f10b79bc4948bb826163327f05cbd376054c09796e0a1a76df8dbead4748d381dd647d087db47192f5e6dd23bc73fb253c14e92db318c8e856f7ed13465c8938cf020ee657f6bce70bbc4e18cf5fd9506171c8d0209a3f344f3f0d74430fbb47b8adb2ecc33218e998abced822382bdc823759a58595cbaaa4b80ead0d15d07346736047e593f1f6d32821b3a016de6dc0df98824afb78ed19a283548e421a1ad278b6c3fbcdc96aecda7f26cedaca28174ba1edca262976846c572ea06884c62e90f56d508c78d72f518bd55cf5ea4183794817b5ed1622046fad70f60409565324873c31b44bc27c73b070c4b6437486c20d83025c95c8c14c4590fc40393895eda5375aa7ba5123e8e6ee9a26a439db8a5a3427d025b8f1942b7a8d03802a0c0e685fc4f343df671796f06c28200aeac06864255f3c0983f48755d1532c7932ce4d69ae85f57c3c71da30d195c50caf13c1eef0dc427d58d72753a21a5d34e397cdd5fb6a83af941763f8ee5d02e186dd4b4a69b63ae57b9c94d45f2d22d8142ab20713945d81d670795c9c06134ae4299e593e991d052967b7f8665dc2e9d9ddcf6a1d3c969f6cf9d0ada333f6eae0d0022ef48057bac39e6f4235921d54ec9e8eb564927481c155eddb538204ef913b9bd52a143898bee651aef1ef481458d0eaefc1dcab018b4f8e37cc190ce01e999350de0b0244f52bd4ca49657c58a6c3a7be5612c329ea521c6d0cb95e1866f978c6d6141fdfc903f1057166cf75f77a14ee18229c9c7147c9a321e3dded321761e666f5db3c36fd0dc94f731ffce0b936dfafd42e3c62df10621232e0185241bcf81d4174feb02e60e2153b6ec60818c00b37bc6ea3e08b562d2f85905280ed012bd015e1533d42c4ab41c1eee05603d5b90eeb4920dc48b051484a525efcfd58751fdc7cb479b383bfa9153ed24cf30fe64ffb8018b1777077484fae246ba2adf0045c60e5ce7a6e13ad6e8bbf8893ccd5610d79f0569266918a517eaf9c3634145b204d2949c002fae134054b53017381792c0b1bb0d0aa01b5d04d18e3f15335db4ab9c4a41ea41c89d623ef58d55d9f2ea765ff1f64529395139d939448b171d47f9947864180ccc5817f8ca96c66d9435eeb4f3154d95e0b5bb842ff3f81cacb2e54a0fc2ec8bfb73b3a2101b943a3aab2c847aff76dc27f82f796ceee3c392c459cff88b8700ca24b7b8606077907afc7a2a8d7970cfb08b9654a40524cf7eb5d6550480c05d330bfbf9c50e93cc61f13e5487ad43320d371ccc9b0be780b084ae4dd2553ae91b474c3852d3a66f6fb1548b93653e465557e11edf61ed200c29268d8ffe8cb2281a57481bc3978a95a980bf4fd22735c70b050128cc3ee368b9bf2f58cfb66b5cead3982da4e4d57a8b8a213a9b31caef0f48ee964e15ab21a8621347368c9005f78ca26e6b36b706261da26be84bc474070c114cf5af4522f8652298d8ea68825b2787a22230e160459015aad741ce44eca6110b8353180ed7be79a2582f3db3d43701123da2f5397763fefe08a5684d8c42b58baa51a21beacf7bd7374b1b737ebeb9e5a66ac824bff6f774195157cc60063e28f8ece5f1bcfa76bacd8ac8e61c83f6cb45530651a87f9e6a801bf37b70e9ce1b3c2dfa3cbfa501c45789d82a3e37ead72e78e27df368757ac45b5c0d4948d25d6da327438700408e7a7360990b43429f6c62a09cd214649644605eaa821f7f56ecd5548bf4beb3947b1ddb51e5f90a616628cfd11c4cccf4e3d4cbf00110c367022b35d24256d2bd73d72c5b43fd6dbdc74d7aaadaaaed2abe3e001400dad35c994a36fdcc357a8911ca859b5dc3049b89c20656fa976a8cbf42030e9945204b06637693651724b1aa06efe284415c4122bb6aabcf897a86acf84b9ab8a6c5402770ffa9e513ae3fe8496d05b0ca3742e184438c914ac1711c61846dac58f7fe71be87101e536f5b8d251eb0e458d1d4ee65811be070ed8c08636b7ea1a0b2eac36200b837f28e60560c16672f12fae9af7768a5694320003a34b1d059b7a3d9bbf10ba6d7c2600001c42681c401a832d5fd1d24bdb18eb9ff4923eb305fe848c43be056722718e557a19469a57be58eeab93746ca484661d8ae2a126db2951649e7d95380691f212fcdef123d3a62960d729be627cdea37fcb92c843d61dcceabe759a3d16839ebb771671a6b48f696f323dfdf7d8c844db0479190a05eecd1d96c2bbf1529ef39422a9eede13273c52fdbde011e8652bfe374f5ff2a73d7aa56cddd130ee3d0b1123cfe43275a143077df7626c7877f968aadbe7511c1162df226a63bf1b4e29a5c84e4df9433fa1a2f521fcda033fe469d5c690b57f5635428077459da5a1245bb451640b5a3b2f08cb89c771c35f19706be59a2a9e49da53b51925374e41b584c56a8308e129d49438316ca9cce377952599187870329a01fbbefda1e346b5b44c730406f262a2e9bca8d88d5119298004a1c0453739722bce4f6f6"}, {0x68, 0x119, 0x6, "89c48f2b64ccbbf5e4e37d8bda385a0f97d03a35b522e7675b64ab5c5338c7800149304b832cb736fe7d4c161be93aeb9fe26c48afd39e3120006b8c98778aabc052f9a93d470ce11ed30e0d1b9ffda49976f064ad2058f1"}, {0x1010, 0x111, 0x5, "1351fe1dfab7ae7aaddc435b4210916010481b39165c9ff0f87ca1d25c40a1dc5f927e25b57f017ea5e684e5c5e5a94c8d3eed4cb336861093b244e254e1be3e07e0cfe67be3da608c62818aca74dae074c40a6de1267f297ede249d365637b9d0c4558886110e08cb94341e0c2ac59e710975df58d71706a1d6d04a0cc073beaf46d2e02210ee909c83c47b6472e8a517b14b174e5d469a248a5f3a0bcc47d29b813120ec3244b59ad13b8e1cf6e6a7a30c9f3a03426dce585a73d375215aaece488397b0c8c58411a2f654cf1b561fe180c165207a8a9ca38e791ce492f8af959e06291fc2093ad2fdbdb12b034da0fd1f58d9603ba7e88b4bd5ed4229407fc3930e9bda66dc875173491ff8e7c500562ebd471390aad25a8d5ad0e08fc1d8f2a1e97a25e8360c1bb891cbc29683cc7a4d74b0997aaedc5ca7050a3784c81d428c6960245d8d54eea7c027b206f4fb3c4a072afbab5abad7b329080a60ff879fead6cb840f19a5d0bad0d87fd0b3bb9eb0588983a14161279834681c52c721087c616b43ad001e7afab02a5c517cb9d5f0fc7593129da72c139ffa6cfb78a6feb95b30b5f398982c77ff445563189d7acb0f44be3676c8cc646e0ac695483f392a94a263a36228bd3279a83fd16522de0fb7aac2de6490119a7807e6681ba03ce5d335fc43366f92997a4528827da988fee85fb3e451349f9fb9b3960e80d97a367a68713076dc9eae323c49a6d49cd2fb5b8e9c2397280a7d2b7f1e7634db1c4069a9e6f6fcf3812e2c8bf0e1fa4d716a2c943b78e1df4963c473e995a590e71a4b194a0f6a128a7dfff64efc1bd7ee7c8a0191c3545dcca565bc3542f5084d3b6801e1a92608971b0f6b199bc110d0bb23ec2824ff1122718d2c1921ad134e1cd60d08841fe647ab7dfa4dc59f5460f6c914a1cabe93d1bedd050c1b908499a5d677596e732909ae9e6a6f47dcec6a08273c57341d17775014359b8c1de961cf549656cc3f425c01837a348b34b949ae0aed7a7baa03fe8e7c8569b38f1569b0efdabbb06f0013d615dc79ce0d325288fd229243dd5af9f2d485117054192ab91ed591f899eb06da2ed5a97cb624e619707dabdefecf371182a85da354a3e456930c5662a8a8ca01d2fb9a7495165cdda58a237193a082fa4a111ee99090ec77934c5644b2b4dd0714ef763735a3b040f4ab55f1f7f65e5f6a42208e7cde6bfc1764676e4ba5d115c55ea4fa424c370a827c918c7b8096f1ebeffbda74b4b1b93549d45e301bcab33c50c39ced2761c2cd6f88b6617c8e4db6b57e15e3e2e1c957ee722e1eac3a91e6900c0017cdcfa1cfd123b4284bdc32b7a8ca6ecf7cd641d4ab4b70d9edd2472994064e48bc9aba58d737972e66da91699fcdfcac3d36aa194d9b7a9a24feafb9d9d7e66c6505662583ed58589c13b3d082d8f2750cecadb8b2152bdc09d2f83629e92a0ecfe53afedc0c08c1665074e5f46af2bcef4e7bbbd4210e06bc01b0bac179c3c633b29c0055ebbaf2b9424209b863b615d1fc3012a1cd59e02639fc3f73939c93188ed5d64730a879515396bbabfef610b0d92aa965dccbce95a5919cb4e9f52b4edac78bb487ff965623fd95e3d4d9d65e8ca0b368738e7ffcaec27ddcd1f628e51edd4e71c1b63e7a7e8e2726e5682dd541acdb187ef2c9ebf98e4305b29aedd25e6bcbe9b2c68ceb52a04e1bd20108640837a2b07b49bdc067eb9ed0448c7f9f37fa2efccf4b82fb5f607343b5b36296d970c8605b577e7611588bb7656d510d3300bfbb18590e6ce3dcb5c5f4676a060adcdd7ff26081614ab21d3fc9b5dfe01514e90fe63242535ae72dd2b60714709f39d154a94b4a1d67d3ee1a7f9fac069d59683550cb12054a7e35237509d92fe3a276bb065abb0690581f838771e96759f952a5e5aab4d9180e8251e3e8b5bdd2adaa683fc9947f2c816b6427b41af6ca4aa75543da9a06a72739f9583e990fa46dd3e2162fa76057f5f82f586aef323c322bd7da062e01f6f9d39cc66286145cb12aa5b5746a1b81937e9d5e1b0bdd163658300976e9274b64d064932e7959cf76cf3357fd6c5d0118fef215154e3f6f8ab4343cf7ca53b252db99abb84030596d43035b00664caf9cb037e0a3dbc359a6e05017bcd30cc3c80d0acd494f32d78bee31e9360648fdc96cc1c50c3439a8d9ae01331aac5e94015ae8ae9831b621e9bf3480bf20149a847b3421fec3ae2af71008ecd7b125afd173bc162cdce2b1b7a703b0ebf011b504570c09e26edf95092663135ef7ceb961daf875fd7dd61412ab67d0c1b486d24f376c7cf1b89bf8d189b6700030e4f31275d657e4a36972861fc9634a979cb662e9b2bd1e714baca5c3be9c08e9eaa360ae5ce66d3beb624ed4f830ba2c68fe366c6738597a15ea33f95a4d2fc5beb23c3e7c946ecce508bf9b34fcd80c8eb9e718b959bf7c53205a2a5732ed53905a96fcd3cbeb73dbe023f327c3bbf478162f2fac90d39d5e0ea7de05b99a7ae5dbd6c395a00d781d7035be5f43e0a8cc9b06cdc0a4ba1bae9da274a0f8762159e94ce43ec3cd713d714b892a4bf0db134932d29f752d3869b04fe68f7f02bb7f740ec831e783959c1ff3586c606a4dc37e3b88d829683910e27072bf5dbe57d4ed6bc94c7474e979bb738818c495c04181d7a0a4ad54dd93eafe21919a12150f6d0021ee73906157d4c9253302bb1e98b8e22cf57503ea41c2dabb6f947650e11aeb855ebb964e55ee2360ca18580f7a42c3e336cdcfd495e4b4f3b9a3e594457680875050ed174dc2949c3924e1aef23f1da16631af65962fb015df0f96deb3b6f2e170f8f2cf21c0f33c4087d94eaa8653c5543dbb1db00d0bfacd2ef1bdea71e9ccf60e16e8fa10384d947924b5fc79597421b1aceb8f53c966c8d52d08f3306b6b61ee1d14ea246dd5cb9d65d42371e83efa53110de1c82580c62115438d6624cc7d57b55e91d7f452428fe64f6a1c2446a8d4c247ef43ff4470283377118b8c455621799a119bd1a25cf56407559e592d8f59a8ae91526a75bc3371f35443dbbf4f3ddf0afe7da933a150ba27af93e93442ec373f8c4fe5d2110bb4e0ce692b9e432252e69cf86ade6c5a848705e572f78f402a75e45e158674281027c9db1dbc59334ba5e9a78f1cc37b586b6694aeec034208890f1e4c4b0d3a54c6a204b5f4f84bd419d71c4f797929a63294159fa59f8f693e7bc683b1d94971c4f20b35afabc179a680ffe1042b885a5abb21de510450892cd22e0a939ac33fe26838b8d6098f7d91f44feefd62a1e1bcc1db4825c4206b7134454fc507b9f0f62eb96dbb0ae6c7eced04bb4c4382158d59bd96d15c51f5146d39b5f90cdc0acb2a41dfbae6b64ddfb725015e8850d1ff1218584cea113d2738b30f719bd217bdf1a18398f05ccae61fdcdc94c0ac0e853c86167a347c7549bb4e6439b3a40b3a9cbe5b1a1cc682d45e80a852327c59775f09f204c8ab5c62c90c6b293b2ab1587471afbe6b0429a33157e72d4b09e952a8a07cc26aad10df8fe8c920b6d69067d966b59c6094a4605ed9447f4dc859ec7e8531aa6afc3516dcb2d8be0def7a884d809bfe6035ddbe2c9e274dca3159eb06b6ef6b7d7b960e8b35f29ba7101ca0d13ca82ea2f267d7ee67ca43b77c72312185da1e08b8f513c1a464ce0df9809573b4bdb91db6ef8c312881904de1089b7c827fc2f9c50378faf8ff897a353f00ff43898cdf7339f025a6864a733092064584b5006b92a1dd32808bca34b658c4307e83ba3a0825274ca688db0f00a73a2ed9df7deb026aabae445ca3b5d5f09beb615393d2eadb0720afa0a6c899f37656c10404efde0d72175ec5187b65f36a03eb4f482641466dfd9aafc81fa03106f6cd9e3e1714b2baf69bcda460bcfd3d958360cbff49b80f5c391b6a7171fe40fbc29af88998d331af44ab568a01a92756aa2474cdbce2d10f469044199276806ebf782b3e8babc11d42259c76da5922c62472489fc92180b51a51b616ff7c82347f29ab71ab7b77f53bb2d87e0b421436d779d36addd2cd2f101eddf8b42c15ab12595c4887f46a53b5d95bd9bea5faa7b1312b83726c8477dbfc2a11d58ffb21de958ddc699f0c1f2f39210eb212fa3ffd5bbe90e824962c217eee6c15721aa078a447daa579596c9b6b909500f6d6f49c95ea63b3ef57b06991a025cb634a588132afe4c7ff4841d6a9ac83d2651db7367ceaba3dbec59719bd4d684c6506825c37395964687e200d0b4a9b375d23a779658f9be2fad297d3308d506e413ac4acfe95487593735dc072ce0f7dab9bfe57ddb6be0c6c32b15896ddd2e379083049afec20291fabde7b6fcc6fcbebeaf11e7ee42f682edd19056f70a65f2d01c242e6dcf6afa8b0687f3b088da76756e8ea1c8a3f150bd9503aba00a0d7f8c1996782e3cf9ff3ae7f08cf2ccd723d79954610ba92254521097b03a48d33a9acb0961dafa61a80f7b96977a43b2d756138ca0c378044408e73ea73f09d80e43480191c637786fbe63b91ef8ce7ecabe5ce5d32c1fec932ab81ee2bb8719d9b7358735e8eaf672be950aff30cd565cb638ee10d12231eb824efc7201cdd15d9aaa26d37e77d5c1af14522e4f103c1119584051672427f8bb524a9e91b4b42728cfc87f75192058ea916f476e663410a2d9b173fd17f237db322fe673b6803f4025c035bcc95cb7e849176701142c64d7df48091d62d66961c468e438e6ca1d2e2b8905c95f9e2232579e6a9d02da39dc284230de526aebf05ea83eaad798ce7621883e2a6221346bb1dfb9045024afe4f6cbedb4fa0b27102f4104ce8be43f2ab390e724f453ee763632e177a7fe65570d023dfbc78c79a36120a208ea4b8afaae162767ee3fbbb36c926c2f1fce0941a0cfaec864049532bf7596fe741140156f827ba7a49f23485605b4a057716974324899ee2011ceba3c54dda04e26561ed41236fea7bc22bd75428e92ecef01018a8fd2cc8d0a2f24612c410500776dbb10e284df017bbd8f85190397e1b4218662892715a05825d3e12a8949bb1c78b63afcec724987e6cbe8acbabea0ece21ac39d9ed15095490159d4ec4d95ea8ccd0d92bbaeb3a96e4b72a51d9dec6cac47a5c1d20f878f4b4baf8a974fa3f6fdd616e83b8565bb9211dc55d52f92b2527e6b9f63aa0b28f45f813b4d862287c532f981baafb79bf5e507e64ddbbb4a92ee4cab7f2a2b7741b0068d39fbddaace718b2b6ffd56b217803b54e13ae350b0e9894fdecb693eed50c70842763c8f5a12e818edebc2634f7d333c6853c5a7e8e979d09e24ca08f143e006300d73820c348d9413945fd8214a50d3cf1163258c699b74e5bef2ebb519fc1c71986afb2259031c461a44ecc882dd70251f83cb25caa0f40ea4bba49665ae67d49ab1bb7b570d9872021c2316badee06b569007d2b1945bde0ea4351a35b86abe78800e778c31970c16b722445d6388140c79b6f3d51d5ef9dfc6ac54c0960136d24213856c001536fb3fd069dcbae6e8fd73b499d7878ae54387ad86d441b2c99bbfc1f2884e914c2d06c3113d76e84c51b2976f947af2af2d8610fdca4dec1f34a5d868be674264deb84da9994e611a3cd60776f6c3bc09c25842b266386a0fc8c3a1d6d271c77a40fc9daaaf30800c929adc6440ded5cdd7e6e9837ece480af43804c2ac7a50f58288a87f2786c18dd80be8e91936bb9fdb10c97b927b02dca96cfe202a8fb2dcc3eebeaf21bc683b8156644cc318b1e4ba1eda2f88087"}, {0x50, 0x11, 0x4, "efcfc7b63082c0c2b3fad9fa7869223eadd431fac90a97cf626b6c3db4a75cac6e28f7836fdab679110021c04638910e656a589b49d1473e76214c7922e0"}, {0x50, 0xff, 0xfffffff7, "9e7f5273ae74355a45b074420a419fc7ad4c4740d3edb7e696f70fc717a7891dcb615dd72acc24fd46b025335d23c4f547d27369152c6f46c7"}], 0x2228}, 0x24000801) (async) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1e) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000023c0)={0x1fe, 0x4, 0xdddd0000, 0x2000, &(0x7f0000ffc000/0x2000)=nil}) lsetxattr$trusted_overlay_opaque(&(0x7f0000002400)='./file0\x00', &(0x7f0000002440), &(0x7f0000002480), 0x2, 0x2) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000024c0)={[0x746, 0xffffffffffffffff, 0x7, 0x9, 0x7, 0x5, 0x8000, 0x101, 0x81, 0x3, 0x1000, 0x9, 0x468, 0x7, 0x1, 0x5], 0x0, 0x111082}) (async, rerun: 32) r3 = syz_open_dev$loop(&(0x7f0000002580), 0x1982, 0x400000) (async, rerun: 32) r4 = syz_io_uring_complete(0x0) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000025c0)={r4, 0x7b0e, {0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x5b4, 0x0, 0x12, 0xb, 0x0, "044300cd32482cdbb7528d442b91d04cea641959949646d9e6ed3be0268487b1e641426cfc8c699e49a5061b70ba661a71c776440b99e97995a51bcc8336eb35", "efda362f9c12e204e6901394f9e8220f714f161d0f04970e49f7ad3ad6b3fe62691794484f1560aa9de749090dd25aacf65003913a637ab5b6dca1e3b5cb99e8", "4a7218678d19e5c9fe5d79030f3982af1ff33df75088d68fc00a19d46d78b25c", [0x0, 0x9]}}) (async, rerun: 64) getsockopt$inet_sctp_SCTP_INITMSG(r4, 0x84, 0x2, &(0x7f0000002700), &(0x7f0000002740)=0x8) (async, rerun: 64) getpeername$unix(r4, &(0x7f0000002780)=@abs, &(0x7f0000002800)=0x6e) (async, rerun: 32) read$FUSE(r4, &(0x7f0000002880)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) (rerun: 32) sendmsg$nl_generic(r4, &(0x7f0000004980)={&(0x7f0000002840)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000004940)={&(0x7f00000048c0)={0x48, 0x3f, 0x214, 0x70bd25, 0x25dfdbfd, {0x9}, [@nested={0x10, 0x20, 0x0, 0x1, [@nested={0x4, 0x13e}, @nested={0x4, 0x122}, @nested={0x4, 0x121}]}, @typed={0x8, 0x12d, 0x0, 0x0, @u32=0xfffffe00}, @nested={0x10, 0xff, 0x0, 0x1, [@typed={0x8, 0xbd, 0x0, 0x0, @pid=r5}, @nested={0x4, 0x35}]}, @typed={0x4, 0x13b}, @typed={0x8, 0xc4, 0x0, 0x0, @uid=0xee00}]}, 0x48}, 0x1, 0x0, 0x0, 0x8001}, 0x804) (async) r6 = openat$cgroup_ro(r4, &(0x7f00000049c0)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r6, 0xc018937a, &(0x7f0000004a00)={{0x1, 0x1, 0x18, r6, {0x3}}, './file0\x00'}) (async) capset(&(0x7f0000004a40)={0x20080522, r5}, &(0x7f0000004a80)={0x4, 0x9, 0xb0e, 0x6, 0x10001, 0x6}) r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1f) ioctl$KVM_XEN_HVM_CONFIG(r8, 0x4038ae7a, &(0x7f0000004c40)={0x80000001, 0x1b0, &(0x7f0000004ac0)="f80c6208029eb5554d94716f9823c2c9cd33ce759d3a9c50553ccb5cd8ee8a9ceb9d0d84565de074c3c746fdc1fdf22c5b084701adaebca341fe02903ee0db5f0e700214aa2847a24ed6c7dc51c65bdfe4325a68bd5a4088ba3967278243b746674aae969db2ae83da7c0680f4f1007fd3bb4a623017b237bcdb61160257339131982dd7e123da04b5cf23d8e8420c7aa02e2c7e", &(0x7f0000004b80)="90f92e54770f1aca4d9c5d0384b4870fca51861a42a4a3f5a5c39d2abe77d6979e756b7a718c1da44e619d7b8ddb48a8ef67bd8a15dfd34c36f8123a87efba65ffaf2763db595ea9c283e023bb5ac79523b62a126e0eb966544af7603edd7809f28241a463ad83f9d41072e4ab93fbd7908010639e44712043362416135904f977c515991fa808d711890dd6959360ebf53917e8b79ed47e74d26187f502ce6e0dec49d256cfd1", 0x94, 0xa7}) (async) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r4, 0x84, 0x1c, &(0x7f0000004c80), &(0x7f0000004cc0)=0x4) (async) r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000004d40), r4) sendmsg$IPVS_CMD_GET_INFO(r7, &(0x7f0000004ec0)={&(0x7f0000004d00)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000004e80)={&(0x7f0000004d80)={0xdc, r9, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x58, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x32}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x3c, 0x8}}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'rr\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x88}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x100}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8}]}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x9}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x10000}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x6}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x5}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@broadcast}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x8c0a}]}]}, 0xdc}, 0x1, 0x0, 0x0, 0x55}, 0x4010) (async) r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000004f00)='/sys/kernel/kexec_crash_size', 0x80000, 0x100) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000004f80)={&(0x7f0000004f40)='inet_sock_set_state\x00', r7, 0x0, 0x6}, 0x18) (async, rerun: 32) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000004fc0)) (rerun: 32) socket$inet6_mptcp(0xa, 0x1, 0x106) (async) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000005000)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r10, 0x40182103, &(0x7f0000005080)={r11, 0x2, 0xffffffffffffffff, 0x268}) (async) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000005100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_QOS_MAP(r10, &(0x7f0000005240)={&(0x7f00000050c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000005200)={&(0x7f0000005140)={0x98, 0x0, 0x10, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_QOS_MAP={0x2e, 0xc7, {[{0x2, 0x3}, {0x9, 0x1}, {0xff}, {0xe, 0x2}, {0x5, 0x3}, {0x9, 0x3}, {0x37, 0x3}, {0x6, 0x1}, {0x1, 0x6}, {0xe, 0x6}, {0x2}, {0x6, 0x6}, {0x9, 0x6}, {0x8a, 0x3}, {0x6, 0x7}, {0x1, 0x6}, {0xf, 0x2}], "0fc0b6e922fe324a"}}, @NL80211_ATTR_QOS_MAP={0x24, 0xc7, {[{0x7, 0x7}, {0x81, 0x5}, {0x2, 0x2}, {0xf7, 0x2}, {0x6, 0x1}, {0x2, 0x3}, {0xc, 0x1}, {0xd6, 0x3}, {0x2, 0x5}, {0xc}, {0x1, 0x7}, {0x0, 0x2}], "39913620b7be5f92"}}, @NL80211_ATTR_QOS_MAP={0x26, 0xc7, {[{0x0, 0x4}, {0x5, 0x6}, {0x81}, {0x8}, {0x2, 0x3}, {0x8, 0x1}, {0x7, 0x5}, {0x7, 0x6}, {0x4, 0x2}, {0x14}, {0xa, 0x1}, {0x7, 0x1}, {0x4}], "843dd673e02e78f3"}}]}, 0x98}, 0x1, 0x0, 0x0, 0x20040810}, 0x44090) 53.930652172s ago: executing program 2 (id=634): r0 = socket$netlink(0x10, 0x3, 0x4) write(r0, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f75080039", 0x27) (async, rerun: 64) r1 = socket(0x10, 0x3, 0x0) (rerun: 64) write(r1, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24) 53.853078084s ago: executing program 32 (id=634): r0 = socket$netlink(0x10, 0x3, 0x4) write(r0, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f75080039", 0x27) (async, rerun: 64) r1 = socket(0x10, 0x3, 0x0) (rerun: 64) write(r1, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24) 9.390337924s ago: executing program 1 (id=1367): socket$kcm(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r0, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24040084}, 0x4000004) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001a00)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000480)="b9ff0307683a268cb8f8ffff888e", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) socket$kcm(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r0, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24040084}, 0x4000004) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001a00)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000480)="b9ff0307683a268cb8f8ffff888e", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) (async) 9.169387495s ago: executing program 1 (id=1369): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00') fchdir(r0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x2, 0x4, 0x7, 0x9}, 0x50) (async) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x2, 0x4, 0x7, 0x9}, 0x50) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xd, 0x3, 0x4, 0x1, 0x0, r1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r2}, &(0x7f0000000840), &(0x7f0000000040)=r1}, 0x20) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r2}, &(0x7f0000000840), &(0x7f0000000040)=r1}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000e80)={r2, &(0x7f0000000d40), 0x0}, 0x20) r3 = socket$can_j1939(0x1d, 0x2, 0x7) recvmsg$can_j1939(r3, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x2000) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r4) (async) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r4) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_DAT_CACHE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r5, 0x303, 0x70bd28, 0x0, {0x6}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0) (async) sendmsg$BATADV_CMD_GET_DAT_CACHE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r5, 0x303, 0x70bd28, 0x0, {0x6}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 9.169017989s ago: executing program 1 (id=1370): r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0) syz_usb_disconnect(r1) r2 = syz_usb_connect(0x5, 0x3f, &(0x7f0000000140)=ANY=[], 0x0) syz_usb_control_io(r2, 0x0, &(0x7f0000000b80)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2000528323ba2fb62b7d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r3, 0x0, 0x0) syz_usb_disconnect(r2) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000540)=[@in6={0xa, 0x4e21, 0xae70, @empty, 0x9}, @in6={0xa, 0x4e23, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7ff}, @in6={0xa, 0x4e21, 0x5, @local, 0x100}, @in={0x2, 0x4e24, @multicast1}], 0x64) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000500)={0x9, 0x4, 0x7, 0x8001}, 0x8) r4 = socket$kcm(0x10, 0x3, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x2}, 0x94) r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100002e0001b7b70000000000000001"], 0x114}], 0x1, 0x0, 0x0, 0x8c4}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000002c0)='snd_soc_dapm_connected\x00', r5, 0x0, 0xfffffffffffffffa}, 0x18) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610448000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x1, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd8b, 0xffffffffffffffff}, 0x48) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x1000000, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f91124fc60", 0x8c0}], 0x1}, 0x0) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000000c0)={0x4, 0x4, 0x1, 0x9}, 0x10) r7 = socket(0x21, 0x80000, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x2, 0x0}}]}, &(0x7f0000000340)=0x10) link(&(0x7f0000000300)='./file0\x00', &(0x7f00000003c0)='./file0\x00') getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000001080)=0x8) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r7, 0x84, 0x18, &(0x7f0000000500)={r8, 0x1}, 0x8) ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000280)) sendmsg$inet_sctp(r0, &(0x7f0000000200)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0x6, @private0, 0x1204}, 0x1c, &(0x7f0000000080)=[{&(0x7f0000000100)="d07e730761a3317e0f6d53e5f99422498e7d54b6e47d1e4785f257c08249b15927d1c207869c988015b37ffc62094a6ccb2ef035193ca00def9914e62a54199eb547dda22b445d12c3670bc4acae00546e42891236b2b3383f2fe37c2ebeb4980436c6b02cbc5421d38ce790ed48d19bc96a8986fce58bcd6b7008ffac8e5cdb409614d3647185bbc92b2620c6bb8edee9ab2c64738a16cd0cca903d52c3ff25378107e59e9e", 0xa6}], 0x1, &(0x7f0000000440)=[@sndinfo={0x20, 0x84, 0x2, {0x7, 0x208, 0x6, 0x77, r8}}, @sndinfo={0x20, 0x84, 0x2, {0x0, 0x204, 0x1, 0x59, r8}}], 0x40, 0x24004844}, 0x4000) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000240)=@in6={0xa, 0x4e23, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x6}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x0) 6.449235257s ago: executing program 1 (id=1389): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x15) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x7e) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) init_module(&(0x7f0000000200)=ANY=[@ANYBLOB="7f454c46000000000000000007000000000000000000000000000000000000000000000000000000000000000000000038000000000000000000531ca1c2279e67a5c07b9b525039b2f2a09d5d7ff6abd91e2d66bcb276a3844680889facafbf816b851c06e4c1139b21a8d52f0685ebf7ed8de4ebc93f8b426661148f1278bfb5632e901975e881d2d01a69f096a2c7eeb2b4"], 0xaf, 0x0) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001400000018"], 0x44}}, 0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$FS_IOC_GETFSLABEL(r3, 0x400452c8, &(0x7f0000000100)) ioctl$FS_IOC_GETFSLABEL(r1, 0x400452c9, &(0x7f0000000100)) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000540)=0x9) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x3) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7e) readahead(r0, 0x9, 0xc) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ifreq(r4, 0x8943, &(0x7f0000000400)={'netdevsim0\x00', @ifru_settings={0xb21, 0x0, @te1=0x0}}) 6.446995253s ago: executing program 1 (id=1391): creat(&(0x7f00000002c0)='./file0\x00', 0x109) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x2) r2 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="03040000b50000000100fefffeefffff"], 0xc8) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1) getsockname$packet(r1, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01"], 0x3c}}, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18e9ff0003001266e848a4b03c000000950000000000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x50, '\x00', r3, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x10000, 0x4], 0x0, 0x0, 0x2, 0x1}}, 0x40) r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) ioctl$TUNSETLINK(r6, 0x400454cd, 0x118) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r7 = open(&(0x7f0000000140)='./file0\x00', 0x800, 0x70) mknodat$loop(r7, &(0x7f0000001600)='./file1\x00', 0x1, 0x0) chdir(&(0x7f0000000140)='./bus\x00') link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') lremovexattr(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)=@known='trusted.overlay.impure\x00') r8 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f00000001c0)={'syzkaller1\x00', @broadcast}) write$tun(r7, &(0x7f0000000480)=ANY=[@ANYRESHEX=r0, @ANYRES64=r1], 0x152) r9 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r9, 0xc0405602, &(0x7f0000000280)={0x6, 0x1, 0x0, "cb9649f4ad7d527a0e7447de4048315cdd8a771b391c208d2bd399e0a56bade4"}) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0) 6.159166445s ago: executing program 1 (id=1396): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000580)={0x18c, r3, 0x100, 0x70bd27, 0x25dfdbfe, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0xfff}, {0x6, 0x11, 0xff}, {0x8, 0x15, 0x80000000}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x4}, {0x6}, {0x8, 0x15, 0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}, {0x6, 0x11, 0x3}, {0x8, 0x15, 0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x1}, {0x8, 0x15, 0x8}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0xe}, {0x8, 0x15, 0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x7ff}, {0x8, 0x15, 0x4}}]}, 0x18c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000040) sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r2, {0xffff, 0x15}, {0x1, 0x5}, {0xfff2, 0x4}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4002}, 0x90) socket$nl_route(0x10, 0x3, 0x0) (async) socket$can_j1939(0x1d, 0x2, 0x7) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00'}) (async) bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) (async) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) (async) syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) (async) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000580)={0x18c, r3, 0x100, 0x70bd27, 0x25dfdbfe, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0xfff}, {0x6, 0x11, 0xff}, {0x8, 0x15, 0x80000000}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x4}, {0x6}, {0x8, 0x15, 0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}, {0x6, 0x11, 0x3}, {0x8, 0x15, 0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x1}, {0x8, 0x15, 0x8}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0xe}, {0x8, 0x15, 0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x7ff}, {0x8, 0x15, 0x4}}]}, 0x18c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000040) (async) sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081) (async) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r2, {0xffff, 0x15}, {0x1, 0x5}, {0xfff2, 0x4}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4002}, 0x90) (async) 1.481022585s ago: executing program 4 (id=1437): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff008}, {0x6}]}, 0x10) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netstat\x00') write$nbd(r1, 0x0, 0x0) ioctl$KVM_CAP_VM_COPY_ENC_CONTEXT_FROM(r1, 0x4068aea3, &(0x7f00000000c0)={0xc5, 0x0, r1}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) (async) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff008}, {0x6}]}, 0x10) (async) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netstat\x00') (async) write$nbd(r1, 0x0, 0x0) (async) ioctl$KVM_CAP_VM_COPY_ENC_CONTEXT_FROM(r1, 0x4068aea3, &(0x7f00000000c0)={0xc5, 0x0, r1}) (async) 1.410785335s ago: executing program 4 (id=1438): r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x181942, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) r2 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x420040, 0x0) r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$uinput_user_dev(r3, &(0x7f0000000380)={'syz0\x00', {0xff, 0x6, 0x7fff, 0x8d5}, 0x24, [0x10000, 0xeba, 0x7, 0xe6a, 0x8, 0x1, 0x1, 0x7ff, 0x54, 0x7fffdfff, 0x2, 0xc, 0x8, 0x9, 0x9, 0xfffffff7, 0x7, 0x40000, 0xa, 0x23, 0x2, 0x0, 0x3ff, 0xfffffff4, 0x1, 0xda6, 0x3, 0xe49f, 0xeb36, 0x2, 0x19, 0x76c9, 0x200, 0x3, 0x1, 0x1, 0x5, 0x800009, 0x80000005, 0x9, 0x10, 0x80000000, 0x10, 0xb50, 0x0, 0x7, 0x3, 0xffffffff, 0x3, 0xfffffffe, 0x5, 0x8, 0x24, 0x7ffb, 0x8, 0xfffffffd, 0x20200, 0x0, 0x0, 0x7f, 0x964e, 0x2d5, 0x6, 0x1], [0x66ac, 0xfffffff9, 0x4, 0x3, 0x6, 0x7, 0x13e, 0x9, 0x4, 0x2, 0x0, 0x7, 0x6, 0x8001, 0x9, 0x8, 0x2, 0x5, 0x40, 0x7ff, 0x7ff, 0x1, 0x9, 0xc00, 0x89, 0x7ff, 0x0, 0x1, 0xfffffff7, 0x9, 0x9, 0x4d26, 0x10000, 0x8, 0x1, 0x7, 0x0, 0x4, 0x4c, 0x9, 0x8, 0x8000, 0xe66, 0x8, 0x2, 0x81, 0x4b, 0x583c, 0x6, 0xb, 0x4, 0x400000fc, 0x2, 0x8d1, 0x8fd, 0xfffffffa, 0xe0, 0x8e, 0x10001, 0x4, 0x401, 0xadd, 0x7f, 0x9], [0x8396, 0x7, 0xffff6a0b, 0x9, 0x8000, 0x1, 0x3, 0xe88, 0x28, 0x6, 0x0, 0x400, 0x1000, 0x9, 0x6e, 0x8000, 0xb, 0x3, 0x6, 0x5, 0x3, 0xc9, 0x2, 0x3, 0x47d8a7f1, 0x2, 0x3, 0xc, 0x4, 0xb0f, 0x22, 0x3, 0x800, 0x8, 0x9, 0x3, 0x4, 0xf4, 0x4, 0xe, 0xffffffff, 0x6, 0x2ee, 0x7ff, 0x1ff, 0x6, 0x87ff, 0x2, 0xbc0, 0xffffffff, 0x4, 0xffff, 0xd5d, 0xa0d787d, 0xffffff4e, 0x9, 0x4, 0x7, 0x3, 0x0, 0x6, 0x9, 0x4, 0x3], [0x10000010, 0xb, 0x9, 0x5, 0xa5e, 0xfe, 0xff, 0x3, 0x80000000, 0x0, 0xe, 0x2, 0x0, 0xa, 0x7, 0x0, 0xfffffffd, 0xfffffff8, 0xdaa, 0x2004, 0x7, 0x103, 0x6, 0x4c, 0x6, 0x4000400, 0x1fffe0, 0xfffffffb, 0x40, 0x80000002, 0x4, 0xb, 0xfff, 0x3c, 0x9, 0x0, 0x9, 0x1, 0x0, 0x7, 0x8ac1, 0x3, 0x5, 0x80000002, 0x80000002, 0xff, 0x6, 0x3, 0x80000000, 0xffffffff, 0x7, 0xfffffff8, 0xd, 0x7, 0x10, 0x9, 0x6eaf, 0x0, 0x401, 0x5e02, 0x2, 0x3, 0x5, 0x400]}, 0x45c) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x15) ioctl$UI_DEV_CREATE(r3, 0x5501) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000180)={0xc180000000000000, 0x6000, 0x7, 0x0, 0x1f}) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000040)={0x0, 0xffff, 0x30, 0x0, 0x8000}, &(0x7f00000000c0)=0x18) setsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r4, 0x4) mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x1002}}) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x181942, 0x0) (async) openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) (async) openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x420040, 0x0) (async) openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async) write$uinput_user_dev(r3, &(0x7f0000000380)={'syz0\x00', {0xff, 0x6, 0x7fff, 0x8d5}, 0x24, [0x10000, 0xeba, 0x7, 0xe6a, 0x8, 0x1, 0x1, 0x7ff, 0x54, 0x7fffdfff, 0x2, 0xc, 0x8, 0x9, 0x9, 0xfffffff7, 0x7, 0x40000, 0xa, 0x23, 0x2, 0x0, 0x3ff, 0xfffffff4, 0x1, 0xda6, 0x3, 0xe49f, 0xeb36, 0x2, 0x19, 0x76c9, 0x200, 0x3, 0x1, 0x1, 0x5, 0x800009, 0x80000005, 0x9, 0x10, 0x80000000, 0x10, 0xb50, 0x0, 0x7, 0x3, 0xffffffff, 0x3, 0xfffffffe, 0x5, 0x8, 0x24, 0x7ffb, 0x8, 0xfffffffd, 0x20200, 0x0, 0x0, 0x7f, 0x964e, 0x2d5, 0x6, 0x1], [0x66ac, 0xfffffff9, 0x4, 0x3, 0x6, 0x7, 0x13e, 0x9, 0x4, 0x2, 0x0, 0x7, 0x6, 0x8001, 0x9, 0x8, 0x2, 0x5, 0x40, 0x7ff, 0x7ff, 0x1, 0x9, 0xc00, 0x89, 0x7ff, 0x0, 0x1, 0xfffffff7, 0x9, 0x9, 0x4d26, 0x10000, 0x8, 0x1, 0x7, 0x0, 0x4, 0x4c, 0x9, 0x8, 0x8000, 0xe66, 0x8, 0x2, 0x81, 0x4b, 0x583c, 0x6, 0xb, 0x4, 0x400000fc, 0x2, 0x8d1, 0x8fd, 0xfffffffa, 0xe0, 0x8e, 0x10001, 0x4, 0x401, 0xadd, 0x7f, 0x9], [0x8396, 0x7, 0xffff6a0b, 0x9, 0x8000, 0x1, 0x3, 0xe88, 0x28, 0x6, 0x0, 0x400, 0x1000, 0x9, 0x6e, 0x8000, 0xb, 0x3, 0x6, 0x5, 0x3, 0xc9, 0x2, 0x3, 0x47d8a7f1, 0x2, 0x3, 0xc, 0x4, 0xb0f, 0x22, 0x3, 0x800, 0x8, 0x9, 0x3, 0x4, 0xf4, 0x4, 0xe, 0xffffffff, 0x6, 0x2ee, 0x7ff, 0x1ff, 0x6, 0x87ff, 0x2, 0xbc0, 0xffffffff, 0x4, 0xffff, 0xd5d, 0xa0d787d, 0xffffff4e, 0x9, 0x4, 0x7, 0x3, 0x0, 0x6, 0x9, 0x4, 0x3], [0x10000010, 0xb, 0x9, 0x5, 0xa5e, 0xfe, 0xff, 0x3, 0x80000000, 0x0, 0xe, 0x2, 0x0, 0xa, 0x7, 0x0, 0xfffffffd, 0xfffffff8, 0xdaa, 0x2004, 0x7, 0x103, 0x6, 0x4c, 0x6, 0x4000400, 0x1fffe0, 0xfffffffb, 0x40, 0x80000002, 0x4, 0xb, 0xfff, 0x3c, 0x9, 0x0, 0x9, 0x1, 0x0, 0x7, 0x8ac1, 0x3, 0x5, 0x80000002, 0x80000002, 0xff, 0x6, 0x3, 0x80000000, 0xffffffff, 0x7, 0xfffffff8, 0xd, 0x7, 0x10, 0x9, 0x6eaf, 0x0, 0x401, 0x5e02, 0x2, 0x3, 0x5, 0x400]}, 0x45c) (async) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x15) (async) ioctl$UI_DEV_CREATE(r3, 0x5501) (async) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000180)={0xc180000000000000, 0x6000, 0x7, 0x0, 0x1f}) (async) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000040)={0x0, 0xffff, 0x30, 0x0, 0x8000}, &(0x7f00000000c0)=0x18) (async) setsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r4, 0x4) (async) mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x1002}}) (async) 1.280914405s ago: executing program 4 (id=1439): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000080)={0x30, 0x5, 0x0, {0x0, 0x1, 0x6, 0x9}}, 0x30) syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000015000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a10000000000000000000000000000000000000000000000000000000000000000000000000000000093160000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffff3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f40000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff0000000000000000000000000000002000", 0x2000, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.230970606s ago: executing program 4 (id=1440): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) r1 = socket(0x2a, 0x2, 0x6) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x1a3, 0x655c, 0x4, 0x40, 0x7fffffff, 0x7fffffff, 0x80, 0xffffffff, 0x1}}}}]}, 0x58}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000080)="30a0", 0x2}], 0x1}, 0x4040001) recvmsg$unix(r3, &(0x7f00000038c0)={0x0, 0x0, 0x0}, 0x1) recvmsg$unix(r3, &(0x7f0000000bc0)={0x0, 0x1100, &(0x7f0000000ac0)=[{&(0x7f00000000c0)=""/109, 0x6d}], 0x1}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x10}, {}, {0x8, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x100}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4080}, 0x4000) r5 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x2, 0x12, r0, 0x0) r6 = gettid() mlockall(0x0) sigaltstack(&(0x7f00000000c0)={&(0x7f0000002400)=""/4095, 0x0, 0xfff}, 0x0) rt_sigqueueinfo(r6, 0x21, &(0x7f0000000000)) r7 = syz_genetlink_get_family_id$gtp(&(0x7f0000000380), r0) r8 = ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r7, 0x10, 0x70bd26, 0x25dfdbfd, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r8}, @GTPA_PEER_ADDRESS={0x8, 0x4, @local}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000041}, 0x800) 1.169836886s ago: executing program 4 (id=1441): r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000700)='source', &(0x7f0000000780)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael\x11\xa6\x06\xe3G\xb1\x1d$\xc2;\x8f\xf3\x13\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~\x04/\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x13\xe9F\xa0\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xae\x9c\xba\x1c\xfa\xbc\xa8\xbf\xff\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&t&A0\xa7\xef\x9cL\x8e1K', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) syz_clone3(&(0x7f00000001c0)={0x10000, &(0x7f0000000000)=0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080), {0x2f}, &(0x7f00000000c0)=""/42, 0x2a, &(0x7f0000000100)=""/102, &(0x7f0000000180)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2}, 0x58) pidfd_getfd(r2, r1, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) setreuid(0xee01, 0xee01) r3 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r3, &(0x7f0000001640)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x120, 0x0) fcntl$setlease(r3, 0x400, 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000700)='source', &(0x7f0000000780)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael\x11\xa6\x06\xe3G\xb1\x1d$\xc2;\x8f\xf3\x13\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~\x04/\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x13\xe9F\xa0\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xae\x9c\xba\x1c\xfa\xbc\xa8\xbf\xff\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&\xc1&A0\xa7\xef\x9cL\x8e1K', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) 720.353175ms ago: executing program 0 (id=1451): r0 = syz_open_dev$video(&(0x7f0000000000), 0x485, 0x40000) ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000040)={0x9, 0x100, 0x0, {0xffffffff, 0xbde, 0x400, 0x10000}}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=@newtaction={0x6c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_TCINDEX={0x6, 0x5, @val=0xa800}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) 649.694311ms ago: executing program 0 (id=1452): r0 = socket(0x10, 0x803, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0xfffd}}}]}, 0x38}}, 0x0) r4 = socket(0x400000000010, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xfff1, 0xfff3}, {}, {0xffff, 0x4}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4c, 0x2, [@TCA_CGROUP_POLICE={0x48, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0x2, 0x7, 0x8d, 0x0, 0x5, {0x5, 0x0, 0x7, 0x2, 0xcb1}, {0x48, 0x2, 0x33d5, 0xfffe, 0x2}, 0x4, 0x2431, 0xb44e}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x3c}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x7}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x4) r5 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x101802, 0x0) read$dsp(r5, &(0x7f00000001c0)=""/208, 0xd0) ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f0000000140)=0x5d01) ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000000040)=0x4) 649.266476ms ago: executing program 3 (id=1453): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x202, 0x0) write$sequencer(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="810100"], 0x8) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000480), r1) sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r1, &(0x7f0000000540)={0x0, 0xffffffffffffff4d, &(0x7f0000000500)={&(0x7f00000001c0)={0x14, r2, 0x72b, 0x0, 0x25dfdbfd}, 0x14}}, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup/syz1\x00', 0x200002, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f0000000240)={0x3, 0x200, 0x0, 0x7fff}, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_NETID(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r5, 0x1, 0x70bd28, 0x25dfdbfe}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20008000) r6 = shmget$private(0x0, 0x1000, 0x800, &(0x7f0000ff8000/0x1000)=nil) r7 = socket(0x2, 0x5, 0x0) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r7, 0x84, 0x8, &(0x7f0000000000), &(0x7f0000000040)=0x4) r8 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r8, &(0x7f0000000080)="246106efc2d23b17524b58ad94980b77d790fbbcbc009ff386ec296678321c548bf47d10c2ce21484889dc3a550220b50d5858c95b19499cea826a6d25817d9be1c0aeb49744d087659cbfa1380086f0058ec52b28ea86c89427ce2ab7310042fe763602bec4c4c4aded42eb8aae9bb42487f8387593d07e0925edb658", 0x7d, 0xc000, &(0x7f0000000100)={0x2, 0x4e24, @broadcast}, 0x10) r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r7, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="f8000000", @ANYRES16=r9, @ANYBLOB="000329bd7000ffdbdf251c000000080001007063690011000200303030303a30303a31302e300000000008000b00000000000e0001002ad9faa2171ecc6e657464657673696d0000000f0002006e657464657673696d30000008000b00010001000e0001006e657464657673696d0000000f0002006e657464757673696d30000008000b00090000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b0001000100080001007063690011000200303030303a30303a31302e300000000008000b00fffffeff080001007063690011000200303030303a30303a31302e300000000008000b00ff0700"], 0xf8}, 0x1, 0x0, 0x0, 0x4010}, 0x4) shmat(r6, &(0x7f0000ff9000/0x4000)=nil, 0x6000) getsockopt$inet_sctp_SCTP_MAX_BURST(r8, 0x84, 0x14, &(0x7f0000000140), &(0x7f0000000180)=0x4) 580.472293ms ago: executing program 3 (id=1454): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000080)={0x30, 0x5, 0x0, {0x0, 0x1, 0x6, 0x9}}, 0x30) syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000015000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a10000000000000000000000000000000000000000000000000000000000000000000000000000000093160000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffff3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f40000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff0000000000000000000000000000002000", 0x2000, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 579.619208ms ago: executing program 3 (id=1455): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x201, 0xa, 0x2}) (async) ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000500)=@multiplanar_userptr={0x9, 0xa, 0x4, 0x20, 0x4, {0x0, 0xea60}, {0x1, 0x8, 0x7, 0x82, 0xe, 0x0, "bc8feb13"}, 0x8, 0x2, {&(0x7f0000000440)=[{0x8001, 0x7fffffff, {0x0}, 0x1000}, {0x3, 0xdf9, {0x0}, 0xd90b}]}, 0x6}) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) fcntl$setlease(r3, 0x400, 0x0) (async) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x103000, 0x18f) (async) openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0) (async) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/vmstat\x00', 0x0, 0x0) (async) truncate(&(0x7f0000000000)='./file1\x00', 0x8) (async) r5 = socket$netlink(0x10, 0x3, 0x0) (async) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r7, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) (async) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r8, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0) (async) r9 = socket$nl_route(0x10, 0x3, 0x0) (async) r10 = socket(0x1, 0x803, 0x0) getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001000090600000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="a7ffa888000000001c00128009000100766c616e000000000c000280060001000100000008000500", @ANYRES32=r11, @ANYBLOB="9904534569038e8414a97c83910b90cf180a7e2b3c6c744324c9d6ef817034b2ba871c4722956baab3beb2438f596ef4be876002cc921efd9691faed3e896d3433b99584ede1a2e4421a961a26d81842adfdf12b5bfda7758080559aa66869705c1c2a6f068966b3a717bd6808d8b838386c0d021a5d55fb870b6744cc3a319ec9c54845"], 0x44}}, 0x0) (async) r12 = socket(0x10, 0x803, 0x8) sendmsg$IPVS_CMD_SET_INFO(r12, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r13], 0x5c}}, 0x40) (async) pread64(r4, &(0x7f0000001440)=""/126, 0x7e, 0x41) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2) (async) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) 510.962016ms ago: executing program 0 (id=1456): r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000980), 0x400, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r1, 0x890c, &(0x7f0000000140)={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x11}}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x4, 0x8000, 0x40, 0x400, 0x1000, 0x41dc013e}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000009c0)=0x12) 510.726825ms ago: executing program 3 (id=1457): r0 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x3501) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {0x0, 0x1}, 0x0, 0x1, &(0x7f0000000040)={0x5, 0xf, 0x8, 0x2, 0x4}, 0x8, 0xea, 0x8000, 0x0, 0x0, 0x0, 0x0}) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x10000028, 0x200000, 0x0, 0xb49, 0x9, 0x10, 0xfffffc5f, 0x3}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = eventfd(0x1008c66) r4 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000100)) r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200), 0xa2442, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000400)={&(0x7f0000000540)=@ipv4_newaddr={0x78, 0x14, 0x400, 0x70bd25, 0x25dfdbff, {0x2, 0x18, 0x8, 0xc8}, [@IFA_RT_PRIORITY={0x8, 0x9, 0x8}, @IFA_FLAGS={0x8, 0x8, 0x20}, @IFA_CACHEINFO={0x14, 0x6, {0x4, 0xc45, 0x0, 0x9}}, @IFA_LABEL={0x14, 0x3, 'ipvlan0\x00'}, @IFA_FLAGS={0x8, 0x8, 0x1a6}, @IFA_RT_PRIORITY={0x8, 0x9, 0x4}, @IFA_ADDRESS={0x8, 0x1, @remote}, @IFA_TARGET_NETNSID={0x8, 0xa, 0x4}, @IFA_RT_PRIORITY={0x8, 0x9, 0xff}]}, 0x78}, 0x1, 0x0, 0x0, 0x880}, 0x44) r6 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0x1a3c65) write$dsp(r5, &(0x7f00000004c0)='\x00', 0x1) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r6, 0xc0884113, &(0x7f0000000240)={0x1, 0x5, 0x4002, 0x8, 0x8000000000000002, 0x10000, 0xfffdfffffffffefb, 0x4, 0x2, 0x7, 0xfffffffd}) ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r6, 0xc0984124, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000140)={0xfffffffffffffffc, 0x0, 0x1, r3, 0x8}) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000040)={0xfffffffffffff001, 0x0, 0x1, r3, 0xc}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') r8 = socket(0x1, 0x803, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14) r10 = socket$nl_route(0x10, 0x3, 0x0) r11 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="2800000010000104feffff7f0300000000000006", @ANYRES32=r12, @ANYBLOB="600000008008000008000300", @ANYRES32=r9], 0x28}, 0x1, 0xd, 0x0, 0x480c5}, 0x10) r13 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r13, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r13, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, &(0x7f00000002c0)={0x13f, @tick=0xc, 0x1d, {0x8f}}) socket$inet6_tcp(0xa, 0x1, 0x0) 510.117782ms ago: executing program 0 (id=1458): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80e02, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x58}}, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000cce000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x4d, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000200)={0x2, 0x1, 0x2000, 0x1000, &(0x7f0000cd0000/0x1000)=nil}) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_MSG_GETCHAIN(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000940)=ANY=[@ANYBLOB="48010000040a0500000000000000000002000008680004801400030076657468315f6d616376746170000000080001400000000014000300766972745f77696669300000000000000800014000000000080002404129e15b1400030076657468315f6d616376746170000000080001400000000408000240623f7f890900030073797a300000000008000540000000005c00048014000300776c616e300000000000000000000000080002405258b37f14000300776730000000000000000000000000001400030076657468315f746f5f62617461647600140003006970766c616e3000000000000000000008000540fffffffb0900010073797a300000000008000b40000000040900030073797a32"], 0x148}, 0x1, 0x0, 0x0, 0x24041005}, 0x2c77edc509eea7a8) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x103001, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x4}) close_range(r6, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000003c40)='./file0\x00', &(0x7f0000000040)='cifs\x00', 0x0, &(0x7f0000003cc0)='gid=1\x00nk]e') fsetxattr$security_ima(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000005f00)={'wlan0\x00', 0x0}) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000006000)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="01002dbd0600ffdbdb252100000008000300", @ANYRES32=r9, @ANYBLOB="0600eb00000800000400ec000a00060008021100000100000600f70000ff000008009e"], 0x44}, 0x1, 0x0, 0x0, 0x4048020}, 0x28000) 260.926105ms ago: executing program 3 (id=1459): r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0xa8102, 0x0) ioctl$VT_RELDISP(r0, 0x5605) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async, rerun: 32) r3 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x1c, r2, 0x1, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x41}, 0x4004850) (async) r5 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r5, &(0x7f0000000200)={0x10, 0x0, 0x25dfdbfe, 0x2}, 0xc) (async) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r1) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r5, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)={0x188, r6, 0x4, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x89}]}, @TIPC_NLA_LINK={0xfc, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x25}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa88}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xf}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xd2}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x52a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}]}]}, @TIPC_NLA_SOCK={0x60, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}]}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0xff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x100}]}]}]}, 0x188}, 0x1, 0x0, 0x0, 0x24000054}, 0x0) (async) bind$netlink(r5, &(0x7f0000000140)={0x10, 0x0, 0x25dfdbfe}, 0xc) (async) pipe2$watch_queue(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) (async, rerun: 32) ioctl$IOC_WATCH_QUEUE_SET_FILTER(r7, 0x5761, &(0x7f0000000f40)={0x5, 0x0, [{0x8000, 0x7, 0xfffff714, [0x9, 0x9, 0x1af, 0xb9a2, 0x1, 0x10, 0x8, 0x2]}, {0xfffff78a, 0x6, 0x9, [0x9f7, 0x3, 0x1, 0x0, 0x4, 0xf, 0x8, 0x200]}, {0x1ff, 0x9, 0x1ff, [0x94f, 0x1, 0x73e5d9cb, 0x9, 0x0, 0x9, 0xfffffff7, 0x400]}, {0x5, 0x7fffffff, 0xf, [0xbf, 0x100, 0x0, 0x10000, 0x8001, 0xca, 0x100, 0xf08b9bb]}, {0x2e, 0x3, 0x8, [0x8, 0x6, 0xb1, 0x7, 0x7, 0x0, 0x100, 0x4]}]}) (async, rerun: 32) ioctl$FS_IOC_GETFLAGS(r5, 0x80086601, &(0x7f0000000000)) 260.616532ms ago: executing program 4 (id=1460): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401001186eee2000905821704"], 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$FS_IOC_GETFSLABEL(r1, 0x400452c9, &(0x7f0000000100)) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040), 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r2}, 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x6, &(0x7f0000000640)=@framed={{}, [@map_fd={0x18, 0x0, 0x2, 0x0, r2}, @ldst={0x1, 0x2, 0x3}]}, &(0x7f0000000d40)='syzkaller\x00'}, 0x90) r3 = socket$netlink(0x10, 0x3, 0xa) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) mount$tmpfs(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000280), 0x810000, &(0x7f0000000340)={[{@uid={'uid', 0x3d, r4}}], [{@fowner_gt}]}) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x44, &(0x7f0000001ac0)={[{0x3a, 0x4e00, "832f3e7f2fe21d40504c25f59bc753fba8064bba0e78bf230a8920ccad9b4ff98fd91ffdb6eb576989b61828ed536650626fe3d12da63ce6d411"}, {}]}) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x0, 0xfffffffffffffffe) 199.381818ms ago: executing program 3 (id=1461): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000080)="66b80d000f00d00f01c466bad004ecc4c2fd1786000000000fc79aa1100000c744240068000000c744240200000080ff1c24f2f30f00502f48b805000000000000000f23c80f21f8350000c0000f23f8670f01cf0f01c9", 0x57}], 0x1, 0x42, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC_PROXY(r4, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x1, "028a3f6c58b274e6c834000000e42811fc347b00f422feffffff00000100", 0xb2, 0xfffffff7, 0x1000006, 0x6}, 0x3c) 935.974µs ago: executing program 0 (id=1462): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async) socket$nl_xfrm(0x10, 0x3, 0x6) (async) r1 = syz_open_procfs(0x0, &(0x7f0000000240)='projid_map\x00') writev(r1, &(0x7f0000001580)=[{&(0x7f0000001440)="e679", 0x2}], 0x1) (async) connect$pppl2tp(r1, &(0x7f0000000180)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x2, 0xfffe, 0x1, 0x1, {0xa, 0x4e23, 0x9, @local, 0xfffffffe}}}, 0x32) (async) r2 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0xc, &(0x7f0000000340)=0x6, 0x4) (async) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x24000000}, 0x20008090) (async) eventfd(0x2) r3 = io_uring_setup(0x681d, &(0x7f0000000040)={0x0, 0x1b73, 0x1, 0x3, 0x3c5}) (async) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_DEFAULT_PVID={0x6}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000) (async) r5 = syz_open_dev$usbmon(&(0x7f0000000040), 0xfffe, 0x800) read$usbmon(r5, 0x0, 0x0) (async) syz_io_uring_setup(0x713a, &(0x7f0000000440)={0x0, 0xb550, 0x26, 0x6, 0x2d7, 0x0, r3}, 0x0, 0x0) 0s ago: executing program 0 (id=1463): r0 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) (rerun: 32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) (async, rerun: 64) r2 = fcntl$dupfd(r1, 0x0, r1) (rerun: 64) ioctl$TCFLSH(r2, 0x400455c8, 0x2) (async, rerun: 64) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000140)=0xffffffc0) (rerun: 64) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0xfc) (async) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'dummy0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000900)=@delchain={0x24, 0x11, 0x1, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r4, {0x10, 0xf}, {0x0, 0xc}, {0x9, 0x1}}}, 0x24}}, 0x0) kernel console output (not intermixed with test programs): 0 [ 84.798600][ T7910] bond4: (slave batadv0): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open [ 85.174212][ T7931] FAULT_INJECTION: forcing a failure. [ 85.174212][ T7931] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 85.178242][ T7931] CPU: 0 UID: 0 PID: 7931 Comm: syz.1.594 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 85.178257][ T7931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.178264][ T7931] Call Trace: [ 85.178268][ T7931] [ 85.178272][ T7931] dump_stack_lvl+0x16c/0x1f0 [ 85.178292][ T7931] should_fail_ex+0x512/0x640 [ 85.178313][ T7931] _copy_from_user+0x2e/0xd0 [ 85.178326][ T7931] copy_mount_options+0x76/0x190 [ 85.178343][ T7931] __x64_sys_mount+0x1ac/0x310 [ 85.178357][ T7931] ? __pfx___x64_sys_mount+0x10/0x10 [ 85.178375][ T7931] do_syscall_64+0xcd/0x4c0 [ 85.178393][ T7931] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.178405][ T7931] RIP: 0033:0x7fc81cf8eb69 [ 85.178414][ T7931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.178425][ T7931] RSP: 002b:00007fc81dd3e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 85.178436][ T7931] RAX: ffffffffffffffda RBX: 00007fc81d1b5fa0 RCX: 00007fc81cf8eb69 [ 85.178443][ T7931] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000 [ 85.178450][ T7931] RBP: 00007fc81dd3e090 R08: 0000200000000a00 R09: 0000000000000000 [ 85.178456][ T7931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 85.178462][ T7931] R13: 0000000000000000 R14: 00007fc81d1b5fa0 R15: 00007fffabfb7058 [ 85.178475][ T7931] [ 85.179648][ T7931] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 85.322626][ T7949] overlayfs: conflicting lowerdir path [ 85.750420][ T7963] vlan3: entered promiscuous mode [ 85.902515][ T7879] netlink: 'syz.0.576': attribute type 10 has an invalid length. [ 85.904989][ T7879] netlink: 40 bytes leftover after parsing attributes in process `syz.0.576'. [ 86.072229][ T7975] FAULT_INJECTION: forcing a failure. [ 86.072229][ T7975] name failslab, interval 1, probability 0, space 0, times 0 [ 86.076239][ T7975] CPU: 1 UID: 0 PID: 7975 Comm: syz.0.604 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 86.076254][ T7975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.076261][ T7975] Call Trace: [ 86.076265][ T7975] [ 86.076269][ T7975] dump_stack_lvl+0x16c/0x1f0 [ 86.076302][ T7975] should_fail_ex+0x512/0x640 [ 86.076323][ T7975] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 86.076336][ T7975] should_failslab+0xc2/0x120 [ 86.076349][ T7975] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 86.076359][ T7975] ? __might_fault+0xe3/0x190 [ 86.076369][ T7975] ? __might_fault+0xe3/0x190 [ 86.076378][ T7975] ? getname_flags.part.0+0x4c/0x550 [ 86.076397][ T7975] getname_flags.part.0+0x4c/0x550 [ 86.076415][ T7975] getname_flags+0x93/0xf0 [ 86.076426][ T7975] user_path_at+0x24/0x60 [ 86.076437][ T7975] __x64_sys_mount+0x1fc/0x310 [ 86.076452][ T7975] ? __pfx___x64_sys_mount+0x10/0x10 [ 86.076470][ T7975] do_syscall_64+0xcd/0x4c0 [ 86.076488][ T7975] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.076499][ T7975] RIP: 0033:0x7fe34178eb69 [ 86.076508][ T7975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.076518][ T7975] RSP: 002b:00007fe3426b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 86.076529][ T7975] RAX: ffffffffffffffda RBX: 00007fe3419b5fa0 RCX: 00007fe34178eb69 [ 86.076536][ T7975] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000 [ 86.076543][ T7975] RBP: 00007fe3426b7090 R08: 0000200000000a00 R09: 0000000000000000 [ 86.076549][ T7975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.076555][ T7975] R13: 0000000000000000 R14: 00007fe3419b5fa0 R15: 00007fff768a0f08 [ 86.076569][ T7975] [ 86.137581][ C1] vkms_vblank_simulate: vblank timer overrun [ 86.158366][ T7977] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 86.165225][ T7977] netlink: 'syz.0.605': attribute type 4 has an invalid length. [ 86.169789][ T7977] netlink: 'syz.0.605': attribute type 4 has an invalid length. [ 86.224945][ T7984] overlayfs: failed to resolve './file1': -2 [ 86.251194][ T40] kauditd_printk_skb: 124 callbacks suppressed [ 86.251203][ T40] audit: type=1400 audit(1754220794.117:583): avc: denied { name_bind } for pid=7988 comm="syz.0.610" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 86.260591][ T40] audit: type=1400 audit(1754220794.127:584): avc: denied { getopt } for pid=7988 comm="syz.0.610" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 86.276167][ T40] audit: type=1400 audit(1754220794.147:585): avc: denied { execute } for pid=7993 comm="syz.2.611" dev="hugetlbfs" ino=21296 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 86.282919][ T40] audit: type=1400 audit(1754220794.147:586): avc: denied { execute_no_trans } for pid=7993 comm="syz.2.611" path=2F6D656D66643AA39F6EB4645204693502ACCEE1889D5B4038D7CE1F2039497F151D933DB5E75C274CE6D28EBC294A7454447181CF81BAE531F520C8103EC95C85174CBFCF91DF4DF3025E542A202864656C6574656429 dev="hugetlbfs" ino=21296 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 86.408589][ T40] audit: type=1400 audit(1754220794.277:587): avc: denied { mounton } for pid=8012 comm="syz.2.616" path="/syzcgroup/unified/syz2" dev="cgroup2" ino=67 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 86.409810][ T8013] gfs2: not a GFS2 filesystem [ 86.439270][ T40] audit: type=1400 audit(1754220794.307:588): avc: denied { read write } for pid=8014 comm="syz.0.617" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 86.446991][ T40] audit: type=1400 audit(1754220794.307:589): avc: denied { open } for pid=8014 comm="syz.0.617" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 86.457846][ T40] audit: type=1400 audit(1754220794.317:590): avc: denied { read } for pid=8016 comm="syz.2.618" name="btrfs-control" dev="devtmpfs" ino=1342 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 86.466076][ T40] audit: type=1400 audit(1754220794.317:591): avc: denied { open } for pid=8016 comm="syz.2.618" path="/dev/btrfs-control" dev="devtmpfs" ino=1342 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 86.474020][ T40] audit: type=1400 audit(1754220794.317:592): avc: denied { watch watch_reads } for pid=8016 comm="syz.2.618" path="/142" dev="tmpfs" ino=829 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 86.555755][ T8030] FAULT_INJECTION: forcing a failure. [ 86.555755][ T8030] name failslab, interval 1, probability 0, space 0, times 0 [ 86.559603][ T8030] CPU: 0 UID: 0 PID: 8030 Comm: syz.2.621 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 86.559618][ T8030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.559625][ T8030] Call Trace: [ 86.559629][ T8030] [ 86.559633][ T8030] dump_stack_lvl+0x16c/0x1f0 [ 86.559655][ T8030] should_fail_ex+0x512/0x640 [ 86.559673][ T8030] ? fs_reclaim_acquire+0xae/0x150 [ 86.559689][ T8030] ? tomoyo_encode2+0x100/0x3e0 [ 86.559702][ T8030] should_failslab+0xc2/0x120 [ 86.559715][ T8030] __kmalloc_noprof+0xd2/0x510 [ 86.559730][ T8030] tomoyo_encode2+0x100/0x3e0 [ 86.559745][ T8030] tomoyo_encode+0x29/0x50 [ 86.559759][ T8030] tomoyo_mount_acl+0x144/0x850 [ 86.559771][ T8030] ? bpf_ksym_find+0x127/0x1c0 [ 86.559787][ T8030] ? is_bpf_text_address+0x94/0x1a0 [ 86.559799][ T8030] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 86.559811][ T8030] ? __kernel_text_address+0xd/0x40 [ 86.559824][ T8030] ? unwind_get_return_address+0x59/0xa0 [ 86.559837][ T8030] ? arch_stack_walk+0xa6/0x100 [ 86.559868][ T8030] ? tomoyo_domain+0xbb/0x150 [ 86.559883][ T8030] ? tomoyo_profile+0x47/0x60 [ 86.559901][ T8030] tomoyo_mount_permission+0x16d/0x420 [ 86.559913][ T8030] ? tomoyo_mount_permission+0x14f/0x420 [ 86.559927][ T8030] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 86.559948][ T8030] security_sb_mount+0x9b/0x260 [ 86.559961][ T8030] path_mount+0x15f/0x1fd0 [ 86.559979][ T8030] ? __pfx_path_mount+0x10/0x10 [ 86.559993][ T8030] ? kmem_cache_free+0x2d1/0x4d0 [ 86.560003][ T8030] ? putname+0x154/0x1a0 [ 86.560019][ T8030] ? putname+0x154/0x1a0 [ 86.560034][ T8030] ? __x64_sys_mount+0x28d/0x310 [ 86.560047][ T8030] __x64_sys_mount+0x28d/0x310 [ 86.560061][ T8030] ? __pfx___x64_sys_mount+0x10/0x10 [ 86.560079][ T8030] do_syscall_64+0xcd/0x4c0 [ 86.560097][ T8030] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.560109][ T8030] RIP: 0033:0x7f88e3b8eb69 [ 86.560118][ T8030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.560129][ T8030] RSP: 002b:00007f88e4a3a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 86.560140][ T8030] RAX: ffffffffffffffda RBX: 00007f88e3db5fa0 RCX: 00007f88e3b8eb69 [ 86.560147][ T8030] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000 [ 86.560153][ T8030] RBP: 00007f88e4a3a090 R08: 0000200000000a00 R09: 0000000000000000 [ 86.560160][ T8030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.560166][ T8030] R13: 0000000000000000 R14: 00007f88e3db5fa0 R15: 00007fffe8b7f6f8 [ 86.560179][ T8030] [ 86.696379][ T8034] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 86.742833][ T5972] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 86.770621][ T8038] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.626'. [ 86.777544][ T8042] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 86.780774][ T8042] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 86.785204][ T8042] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 86.787898][ T8042] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 86.791353][ T8042] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 86.795289][ T8042] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 86.803276][ T8042] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 86.805999][ T8042] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 86.809079][ T8042] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 86.811760][ T8042] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 86.814995][ T8042] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 86.817882][ T8042] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 86.821822][ T8042] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 86.825852][ T8042] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 86.980051][ T8060] netlink: 24 bytes leftover after parsing attributes in process `syz.3.633'. [ 87.006795][ T6936] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 87.010090][ T6936] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.025373][ T8062] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 87.030346][ T8062] overlayfs: statfs failed on './file0' [ 87.116934][ T6936] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 87.120262][ T6936] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.189877][ T63] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.194250][ T63] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.197125][ T63] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.200140][ T63] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.204083][ T63] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.205313][ T8077] netlink: 20 bytes leftover after parsing attributes in process `syz.0.640'. [ 87.225389][ T6936] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 87.228593][ T6936] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.241463][ T8079] xfrm0 speed is unknown, defaulting to 1000 [ 87.269231][ T8087] FAULT_INJECTION: forcing a failure. [ 87.269231][ T8087] name failslab, interval 1, probability 0, space 0, times 0 [ 87.273147][ T8087] CPU: 0 UID: 0 PID: 8087 Comm: syz.3.639 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 87.273163][ T8087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.273169][ T8087] Call Trace: [ 87.273173][ T8087] [ 87.273178][ T8087] dump_stack_lvl+0x16c/0x1f0 [ 87.273197][ T8087] should_fail_ex+0x512/0x640 [ 87.273215][ T8087] ? fs_reclaim_acquire+0xae/0x150 [ 87.273231][ T8087] ? tomoyo_encode2+0x100/0x3e0 [ 87.273245][ T8087] should_failslab+0xc2/0x120 [ 87.273257][ T8087] __kmalloc_noprof+0xd2/0x510 [ 87.273268][ T8087] ? d_absolute_path+0x136/0x1a0 [ 87.273286][ T8087] tomoyo_encode2+0x100/0x3e0 [ 87.273302][ T8087] tomoyo_encode+0x29/0x50 [ 87.273315][ T8087] tomoyo_realpath_from_path+0x18f/0x6e0 [ 87.273333][ T8087] tomoyo_mount_acl+0x1ae/0x850 [ 87.273346][ T8087] ? bpf_ksym_find+0x127/0x1c0 [ 87.273362][ T8087] ? is_bpf_text_address+0x94/0x1a0 [ 87.273374][ T8087] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 87.273386][ T8087] ? __kernel_text_address+0xd/0x40 [ 87.273399][ T8087] ? unwind_get_return_address+0x59/0xa0 [ 87.273412][ T8087] ? arch_stack_walk+0xa6/0x100 [ 87.273438][ T8087] ? tomoyo_domain+0xbb/0x150 [ 87.273454][ T8087] ? tomoyo_profile+0x47/0x60 [ 87.273471][ T8087] tomoyo_mount_permission+0x16d/0x420 [ 87.273484][ T8087] ? tomoyo_mount_permission+0x14f/0x420 [ 87.273497][ T8087] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 87.273519][ T8087] security_sb_mount+0x9b/0x260 [ 87.273533][ T8087] path_mount+0x15f/0x1fd0 [ 87.273550][ T8087] ? __pfx_path_mount+0x10/0x10 [ 87.273564][ T8087] ? kmem_cache_free+0x2d1/0x4d0 [ 87.273574][ T8087] ? putname+0x154/0x1a0 [ 87.273590][ T8087] ? putname+0x154/0x1a0 [ 87.273605][ T8087] ? __x64_sys_mount+0x28d/0x310 [ 87.273618][ T8087] __x64_sys_mount+0x28d/0x310 [ 87.273632][ T8087] ? __pfx___x64_sys_mount+0x10/0x10 [ 87.273650][ T8087] do_syscall_64+0xcd/0x4c0 [ 87.273668][ T8087] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.273679][ T8087] RIP: 0033:0x7f176198eb69 [ 87.273688][ T8087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.273699][ T8087] RSP: 002b:00007f17628bc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 87.273710][ T8087] RAX: ffffffffffffffda RBX: 00007f1761bb5fa0 RCX: 00007f176198eb69 [ 87.273717][ T8087] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000 [ 87.273723][ T8087] RBP: 00007f17628bc090 R08: 0000200000000a00 R09: 0000000000000000 [ 87.273729][ T8087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 87.273736][ T8087] R13: 0000000000000000 R14: 00007f1761bb5fa0 R15: 00007fff51fc59f8 [ 87.273749][ T8087] [ 87.273759][ T8087] ERROR: Out of memory at tomoyo_realpath_from_path. [ 87.340659][ T8079] chnl_net:caif_netlink_parms(): no params data found [ 87.390265][ T6936] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 87.393672][ T6936] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.431389][ T8102] ieee802154 phy1 wpan1: encryption failed: -22 [ 87.555702][ T8109] misc userio: Can't change port type on an already running userio instance [ 87.559686][ T8079] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.562437][ T8079] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.564851][ T8079] bridge_slave_0: entered allmulticast mode [ 87.567414][ T8079] bridge_slave_0: entered promiscuous mode [ 87.575630][ T8109] kernel read not supported for file /memory.events (pid: 8109 comm: syz.3.648) [ 87.578689][ T8079] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.580997][ T8079] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.581065][ T8079] bridge_slave_1: entered allmulticast mode [ 87.581739][ T8079] bridge_slave_1: entered promiscuous mode [ 87.623794][ T8079] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.627108][ T6936] bridge_slave_1: left allmulticast mode [ 87.629001][ T6936] bridge_slave_1: left promiscuous mode [ 87.631427][ T6936] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.636302][ T6936] bridge_slave_0: left allmulticast mode [ 87.638078][ T6936] bridge_slave_0: left promiscuous mode [ 87.640421][ T6936] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.728016][ T6936] bond1 (unregistering): (slave gretap1): Releasing active interface [ 87.862566][ T10] usb 6-1: new full-speed USB device number 9 using dummy_hcd [ 88.003266][ T6936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 88.007260][ T6936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 88.011016][ T6936] bond0 (unregistering): Released all slaves [ 88.016941][ T6936] bond1 (unregistering): Released all slaves [ 88.022978][ T6936] bond2 (unregistering): Released all slaves [ 88.027529][ T10] usb 6-1: unable to get BOS descriptor or descriptor too short [ 88.031695][ T10] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 88.032113][ T8079] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.034260][ T10] usb 6-1: can't read configurations, error -71 [ 88.079410][ T8079] team0: Port device team_slave_0 added [ 88.082821][ T8079] team0: Port device team_slave_1 added [ 88.118579][ T8079] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.120821][ T8079] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.128786][ T8079] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.133468][ T8079] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.135641][ T8079] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.144011][ T8079] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.151617][ T8118] netlink: 36 bytes leftover after parsing attributes in process `syz.3.649'. [ 88.174005][ T8118] hsr_slave_0: left promiscuous mode [ 88.176177][ T8118] hsr_slave_1: left promiscuous mode [ 88.214705][ T8079] hsr_slave_0: entered promiscuous mode [ 88.216912][ T8079] hsr_slave_1: entered promiscuous mode [ 88.328461][ T8133] FAULT_INJECTION: forcing a failure. [ 88.328461][ T8133] name failslab, interval 1, probability 0, space 0, times 0 [ 88.332405][ T8133] CPU: 2 UID: 0 PID: 8133 Comm: syz.3.653 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 88.332426][ T8133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.332436][ T8133] Call Trace: [ 88.332451][ T8133] [ 88.332457][ T8133] dump_stack_lvl+0x16c/0x1f0 [ 88.332480][ T8133] should_fail_ex+0x512/0x640 [ 88.332497][ T8133] ? fs_reclaim_acquire+0xae/0x150 [ 88.332514][ T8133] ? tomoyo_encode2+0x100/0x3e0 [ 88.332527][ T8133] should_failslab+0xc2/0x120 [ 88.332540][ T8133] __kmalloc_noprof+0xd2/0x510 [ 88.332554][ T8133] tomoyo_encode2+0x100/0x3e0 [ 88.332570][ T8133] tomoyo_encode+0x29/0x50 [ 88.332583][ T8133] tomoyo_mount_acl+0x314/0x850 [ 88.332596][ T8133] ? bpf_ksym_find+0x127/0x1c0 [ 88.332612][ T8133] ? is_bpf_text_address+0x94/0x1a0 [ 88.332625][ T8133] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 88.332637][ T8133] ? __kernel_text_address+0xd/0x40 [ 88.332649][ T8133] ? unwind_get_return_address+0x59/0xa0 [ 88.332662][ T8133] ? arch_stack_walk+0xa6/0x100 [ 88.332690][ T8133] ? tomoyo_domain+0xbb/0x150 [ 88.332705][ T8133] ? tomoyo_profile+0x47/0x60 [ 88.332722][ T8133] tomoyo_mount_permission+0x16d/0x420 [ 88.332735][ T8133] ? tomoyo_mount_permission+0x14f/0x420 [ 88.332748][ T8133] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 88.332770][ T8133] security_sb_mount+0x9b/0x260 [ 88.332784][ T8133] path_mount+0x15f/0x1fd0 [ 88.332802][ T8133] ? __pfx_path_mount+0x10/0x10 [ 88.332816][ T8133] ? kmem_cache_free+0x2d1/0x4d0 [ 88.332826][ T8133] ? putname+0x154/0x1a0 [ 88.332847][ T8133] ? putname+0x154/0x1a0 [ 88.332862][ T8133] ? __x64_sys_mount+0x28d/0x310 [ 88.332874][ T8133] __x64_sys_mount+0x28d/0x310 [ 88.332889][ T8133] ? __pfx___x64_sys_mount+0x10/0x10 [ 88.332907][ T8133] do_syscall_64+0xcd/0x4c0 [ 88.332924][ T8133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.332936][ T8133] RIP: 0033:0x7f176198eb69 [ 88.332945][ T8133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.332956][ T8133] RSP: 002b:00007f17628bc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 88.332966][ T8133] RAX: ffffffffffffffda RBX: 00007f1761bb5fa0 RCX: 00007f176198eb69 [ 88.332973][ T8133] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000 [ 88.332979][ T8133] RBP: 00007f17628bc090 R08: 0000200000000a00 R09: 0000000000000000 [ 88.332986][ T8133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 88.332992][ T8133] R13: 0000000000000000 R14: 00007f1761bb5fa0 R15: 00007fff51fc59f8 [ 88.333006][ T8133] [ 88.442214][ T6936] hsr_slave_0: left promiscuous mode [ 88.444821][ T6936] hsr_slave_1: left promiscuous mode [ 88.446457][ T8142] syz.3.657: attempt to access beyond end of device [ 88.446457][ T8142] nbd3: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 88.446838][ T6936] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 88.451231][ T8142] gfs2: error -5 reading superblock [ 88.453141][ T6936] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 88.478219][ T6936] veth1_macvtap: left promiscuous mode [ 88.480099][ T6936] veth0_macvtap: left promiscuous mode [ 88.481980][ T6936] veth1_vlan: left promiscuous mode [ 88.484107][ T6936] veth0_vlan: left promiscuous mode [ 88.916923][ T6936] team0 (unregistering): Port device team_slave_1 removed [ 88.966681][ T6936] team0 (unregistering): Port device team_slave_0 removed [ 89.223921][ T63] Bluetooth: hci2: command tx timeout [ 89.353283][ T8191] gre0: Master is either lo or non-ether device [ 89.408486][ T8079] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 89.417943][ T8079] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 89.433057][ T8079] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 89.446960][ T8079] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 89.478738][ T8220] FAULT_INJECTION: forcing a failure. [ 89.478738][ T8220] name failslab, interval 1, probability 0, space 0, times 0 [ 89.489490][ T8223] overlayfs: missing 'lowerdir' [ 89.491097][ T8220] CPU: 0 UID: 0 PID: 8220 Comm: syz.0.672 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 89.491112][ T8220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.491119][ T8220] Call Trace: [ 89.491123][ T8220] [ 89.491127][ T8220] dump_stack_lvl+0x16c/0x1f0 [ 89.491147][ T8220] should_fail_ex+0x512/0x640 [ 89.491165][ T8220] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 89.491184][ T8220] should_failslab+0xc2/0x120 [ 89.491197][ T8220] __kmalloc_cache_noprof+0x6a/0x3e0 [ 89.491214][ T8220] ? ovl_init_fs_context+0x96/0x5f0 [ 89.491225][ T8220] ? kasan_save_track+0x14/0x30 [ 89.491237][ T8220] ovl_init_fs_context+0x96/0x5f0 [ 89.491248][ T8220] ? __pfx_ovl_init_fs_context+0x10/0x10 [ 89.491259][ T8220] alloc_fs_context+0x54d/0x9c0 [ 89.491275][ T8220] path_mount+0xbbf/0x1fd0 [ 89.491292][ T8220] ? __pfx_path_mount+0x10/0x10 [ 89.491306][ T8220] ? kmem_cache_free+0x2d1/0x4d0 [ 89.491316][ T8220] ? putname+0x154/0x1a0 [ 89.491332][ T8220] ? putname+0x154/0x1a0 [ 89.491347][ T8220] ? __x64_sys_mount+0x28d/0x310 [ 89.491360][ T8220] __x64_sys_mount+0x28d/0x310 [ 89.491374][ T8220] ? __pfx___x64_sys_mount+0x10/0x10 [ 89.491392][ T8220] do_syscall_64+0xcd/0x4c0 [ 89.491410][ T8220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.491421][ T8220] RIP: 0033:0x7fe34178eb69 [ 89.491430][ T8220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.491441][ T8220] RSP: 002b:00007fe3426b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 89.491452][ T8220] RAX: ffffffffffffffda RBX: 00007fe3419b5fa0 RCX: 00007fe34178eb69 [ 89.491459][ T8220] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000 [ 89.491465][ T8220] RBP: 00007fe3426b7090 R08: 0000200000000a00 R09: 0000000000000000 [ 89.491472][ T8220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 89.491478][ T8220] R13: 0000000000000000 R14: 00007fe3419b5fa0 R15: 00007fff768a0f08 [ 89.491492][ T8220] [ 89.500561][ T8079] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.593179][ T8079] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.599208][ T6933] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.601955][ T6933] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.611722][ T6928] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.615307][ T6928] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.615920][ T8226] 9pnet_virtio: no channels available for device syz [ 89.733096][ T8079] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.764211][ T8254] netlink: 4388 bytes leftover after parsing attributes in process `syz.3.681'. [ 89.804313][ T8260] netlink: 20 bytes leftover after parsing attributes in process `syz.3.683'. [ 89.810381][ T8260] netlink: 20 bytes leftover after parsing attributes in process `syz.3.683'. [ 89.817098][ T8265] afs: Unknown parameter '' [ 89.817168][ T8260] netlink: 20 bytes leftover after parsing attributes in process `syz.3.683'. [ 89.823885][ T8260] netlink: 8 bytes leftover after parsing attributes in process `syz.3.683'. [ 89.866393][ T8079] veth0_vlan: entered promiscuous mode [ 89.883294][ T8079] veth1_vlan: entered promiscuous mode [ 89.900419][ T8079] veth0_macvtap: entered promiscuous mode [ 89.904686][ T8079] veth1_macvtap: entered promiscuous mode [ 89.914719][ T8286] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 89.917086][ T8079] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.917869][ T8286] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 89.921378][ T8079] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.931631][ T6934] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.944253][ T6934] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.950340][ T6934] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.955207][ T6934] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.011797][ T8300] [U]  [ 90.012580][ T6936] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.015481][ T6936] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.040222][ T8303] 0: reclassify loop, rule prio 0, protocol 800 [ 90.043578][ T8302] 0: reclassify loop, rule prio 0, protocol 800 [ 90.052797][ T6934] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.055259][ T6934] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.060764][ T8309] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer. [ 90.072576][ C1] 0: reclassify loop, rule prio 0, protocol 800 [ 90.089320][ T8317] fuse: Bad value for 'fd' [ 90.127969][ T8324] i2c i2c-1: Invalid block write size 34 [ 90.163682][ T8331] netlink: 'syz.0.699': attribute type 15 has an invalid length. [ 90.245591][ T8354] openvswitch: netlink: IP tunnel TTL not specified. [ 90.251149][ T8354] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 90.300325][ T8365] 0: reclassify loop, rule prio 0, protocol 800 [ 90.302579][ C1] 0: reclassify loop, rule prio 0, protocol 800 [ 90.402087][ T8383] usb usb8: usbfs: process 8383 (syz.4.712) did not claim interface 0 before use [ 90.406455][ T8383] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 90.427291][ T8385] netlink: 'syz.1.713': attribute type 1 has an invalid length. [ 90.435671][ T8385] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 90.544367][ T8403] block nbd1: shutting down sockets [ 90.605451][ T8415] syz.1.721: attempt to access beyond end of device [ 90.605451][ T8415] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 90.609539][ T8415] FAT-fs (nbd1): unable to read boot sector [ 90.732536][ C1] 0: reclassify loop, rule prio 0, protocol 800 [ 90.737045][ T8425] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 90.807056][ T8429] kAFS: unparsable volume name [ 90.864403][ T8437] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 90.988509][ T8450] __nla_validate_parse: 3 callbacks suppressed [ 90.988519][ T8450] netlink: 28 bytes leftover after parsing attributes in process `syz.4.732'. [ 90.996582][ T8450] netlink: 20 bytes leftover after parsing attributes in process `syz.4.732'. [ 91.173964][ T8464] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 91.229801][ T8466] could not allocate digest TFM handle cryptd(blake2b-160) [ 91.253971][ T8460] input: syz0 as /devices/virtual/input/input13 [ 91.259504][ T8476] syz.3.739: attempt to access beyond end of device [ 91.259504][ T8476] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 91.259547][ T40] kauditd_printk_skb: 135 callbacks suppressed [ 91.259555][ T40] audit: type=1400 audit(1754220799.127:728): avc: denied { read } for pid=5360 comm="acpid" name="js0" dev="devtmpfs" ino=2995 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 91.263622][ T8476] FAT-fs (nbd3): unable to read boot sector [ 91.274778][ T40] audit: type=1400 audit(1754220799.127:729): avc: denied { open } for pid=5360 comm="acpid" path="/dev/input/js0" dev="devtmpfs" ino=2995 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 91.281827][ T40] audit: type=1400 audit(1754220799.127:730): avc: denied { ioctl } for pid=5360 comm="acpid" path="/dev/input/js0" dev="devtmpfs" ino=2995 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 91.281853][ T40] audit: type=1400 audit(1754220799.147:731): avc: denied { read } for pid=8477 comm="syz.1.747" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 91.281876][ T40] audit: type=1400 audit(1754220799.147:732): avc: denied { open } for pid=8477 comm="syz.1.747" path="/dev/loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 91.303369][ T63] Bluetooth: hci2: command tx timeout [ 91.314801][ T40] audit: type=1400 audit(1754220799.187:733): avc: denied { write } for pid=8483 comm="syz.0.741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 91.321284][ T8487] netlink: 'syz.1.742': attribute type 10 has an invalid length. [ 91.326206][ T8487] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 91.397793][ T40] audit: type=1400 audit(1754220799.267:734): avc: denied { create } for pid=8495 comm="syz.4.745" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 91.404187][ T40] audit: type=1400 audit(1754220799.277:735): avc: denied { write } for pid=8495 comm="syz.4.745" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 91.405609][ T8496] netlink: 60 bytes leftover after parsing attributes in process `syz.4.745'. [ 91.413371][ T8497] netlink: 60 bytes leftover after parsing attributes in process `syz.4.745'. [ 91.418729][ T40] audit: type=1400 audit(1754220799.287:736): avc: denied { mount } for pid=8495 comm="syz.4.745" name="/" dev="autofs" ino=24566 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 91.419651][ T8496] syzkaller1: entered promiscuous mode [ 91.426746][ T8501] syz.1.748 (8501): /proc/8500/oom_adj is deprecated, please use /proc/8500/oom_score_adj instead. [ 91.427482][ T8496] syzkaller1: entered allmulticast mode [ 91.461835][ T8506] team0: left allmulticast mode [ 91.463979][ T8506] team_slave_1: left allmulticast mode [ 91.465829][ T8506] bridge0: port 3(team0) entered disabled state [ 91.475215][ T8506] bridge_slave_0: left allmulticast mode [ 91.477053][ T8506] bridge_slave_0: left promiscuous mode [ 91.478934][ T8506] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.485494][ T8506] bridge_slave_1: left allmulticast mode [ 91.487292][ T8506] bridge_slave_1: left promiscuous mode [ 91.489124][ T8506] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.498744][ T8506] bond0: (slave bond_slave_0): Releasing backup interface [ 91.507069][ T40] audit: type=1400 audit(1754220799.377:737): avc: denied { unmount } for pid=8079 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 91.513338][ T8506] bond0: (slave bond_slave_1): Releasing backup interface [ 91.518457][ T8506] team_slave_1: left promiscuous mode [ 91.531854][ T8506] team0: Port device team_slave_1 removed [ 91.556388][ T8506] bond4: (slave veth3): Releasing active interface [ 91.569337][ T8511] vlan0: entered promiscuous mode [ 91.576088][ T8511] team0: Port device vlan0 added [ 91.597337][ T8521] netlink: 'syz.4.755': attribute type 4 has an invalid length. [ 91.826309][ T8540] netlink: 4 bytes leftover after parsing attributes in process `syz.4.762'. [ 91.826401][ T8540] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 91.868400][ T8543] 9pnet: Unknown protocol version 9p200 [ 91.876623][ T8540] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 91.940899][ T8546] bond4: entered promiscuous mode [ 91.943137][ T8546] 8021q: adding VLAN 0 to HW filter on device bond4 [ 92.055285][ T8557] netlink: 8 bytes leftover after parsing attributes in process `syz.1.769'. [ 92.058139][ T8557] netlink: 12 bytes leftover after parsing attributes in process `syz.1.769'. [ 92.075903][ T8557] syz.1.769 (8557) used greatest stack depth: 20424 bytes left [ 92.143010][ T8568] syz.0.766: attempt to access beyond end of device [ 92.143010][ T8568] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 92.146903][ T8568] FAT-fs (nbd0): unable to read boot sector [ 92.308094][ T8596] 9pnet: Unknown protocol version 9p200 [ 92.439302][ T8615] netlink: 'syz.1.782': attribute type 1 has an invalid length. [ 92.441770][ T8615] netlink: 244 bytes leftover after parsing attributes in process `syz.1.782'. [ 92.567406][ T8633] netlink: 48 bytes leftover after parsing attributes in process `syz.3.788'. [ 92.610924][ T8642] netlink: 4 bytes leftover after parsing attributes in process `syz.0.791'. [ 92.902561][ T9] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 93.052522][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 93.055383][ T9] usb 5-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 93.058192][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.061905][ T9] usb 5-1: config 0 descriptor?? [ 93.067129][ T9] as10x_usb: device has been detected [ 93.069943][ T9] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 93.080767][ T9] usb 5-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 93.094350][ T9] as10x_usb: error during firmware upload part1 [ 93.096578][ T9] Registered device nBox DVB-T Dongle [ 93.271335][ T53] usb 5-1: USB disconnect, device number 6 [ 93.283983][ T53] Unregistered device nBox DVB-T Dongle [ 93.284659][ T53] as10x_usb: device has been disconnected [ 93.382745][ T63] Bluetooth: hci2: command tx timeout [ 93.549243][ T8672] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer. [ 93.606400][ T8675] netlink: 'syz.1.803': attribute type 10 has an invalid length. [ 93.900260][ T8695] xfrm0 speed is unknown, defaulting to 1000 [ 94.214745][ T8713] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=8713 comm=syz.0.816 [ 94.218863][ T8713] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8713 comm=syz.0.816 [ 94.224960][ T8713] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=8713 comm=syz.0.816 [ 94.507250][ T8760] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 94.510778][ T8760] qnx6: wrong signature (magic) in superblock #1. [ 94.512934][ T8760] qnx6: unable to read the first superblock [ 94.513848][ T8762] netlink: 'syz.3.832': attribute type 14 has an invalid length. [ 94.529675][ T8766] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 94.706803][ T8801] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 94.716633][ T8803] syz.4.844: attempt to access beyond end of device [ 94.716633][ T8803] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0 [ 94.721098][ T8803] FAT-fs (nbd4): unable to read boot sector [ 95.473229][ T5972] Bluetooth: hci2: command tx timeout [ 95.543797][ T8875] bridge0: entered promiscuous mode [ 95.545482][ T8875] bridge0: entered allmulticast mode [ 95.669863][ T8884] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 95.790966][ T8893] netlink: 'syz.0.878': attribute type 16 has an invalid length. [ 95.900217][ T5972] Bluetooth: hci3: unexpected Set CIG Parameters response data [ 95.903384][ T5972] Bluetooth: hci3: unexpected event for opcode 0x2062 [ 95.970658][ T8911] net_ratelimit: 4 callbacks suppressed [ 95.970668][ T8911] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 95.976974][ T8911] bridge0: port 3(veth0_to_bridge) entered blocking state [ 95.979317][ T8911] bridge0: port 3(veth0_to_bridge) entered disabled state [ 95.981615][ T8911] veth0_to_bridge: entered allmulticast mode [ 95.984381][ T8911] veth0_to_bridge: entered promiscuous mode [ 95.986316][ T8911] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 95.990814][ T8911] bridge0: port 3(veth0_to_bridge) entered blocking state [ 95.993604][ T8911] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 96.026549][ T8915] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 96.058375][ T8918] __nla_validate_parse: 12 callbacks suppressed [ 96.058384][ T8918] netlink: 20 bytes leftover after parsing attributes in process `syz.4.885'. [ 96.063517][ T8918] netlink: 'syz.4.885': attribute type 1 has an invalid length. [ 96.075749][ T8918] 8021q: adding VLAN 0 to HW filter on device bond1 [ 96.082735][ T8918] pim6reg: entered allmulticast mode [ 96.085062][ T8918] pim6reg: left allmulticast mode [ 96.261857][ T8932] No control pipe specified [ 96.266909][ T40] kauditd_printk_skb: 41 callbacks suppressed [ 96.266919][ T40] audit: type=1400 audit(1754220804.137:779): avc: denied { watch } for pid=8931 comm="syz.1.888" path="/216" dev="tmpfs" ino=1264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 96.276569][ T40] audit: type=1400 audit(1754220804.137:780): avc: denied { watch_sb } for pid=8931 comm="syz.1.888" path="/216" dev="tmpfs" ino=1264 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 96.295270][ T8930] block nbd4: shutting down sockets [ 96.299310][ T40] audit: type=1400 audit(1754220804.167:781): avc: denied { read write } for pid=8933 comm="syz.3.889" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 96.306646][ T40] audit: type=1400 audit(1754220804.167:782): avc: denied { open } for pid=8933 comm="syz.3.889" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 96.315451][ T8927] netlink: 48 bytes leftover after parsing attributes in process `syz.4.886'. [ 96.369264][ T8945] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 96.404242][ T40] audit: type=1400 audit(1754220804.277:783): avc: denied { create } for pid=8949 comm="syz.3.894" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1 [ 96.549729][ T40] audit: type=1326 audit(1754220804.417:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8960 comm="syz.3.898" exe="/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f176198eb69 code=0x7ff00000 [ 96.557054][ T40] audit: type=1326 audit(1754220804.417:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8960 comm="syz.3.898" exe="/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f17619c33c9 code=0x7ff00000 [ 96.564103][ T40] audit: type=1326 audit(1754220804.417:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8960 comm="syz.3.898" exe="/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f176198fe52 code=0x7ff00000 [ 96.570962][ T40] audit: type=1326 audit(1754220804.417:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8960 comm="syz.3.898" exe="/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f176198eb69 code=0x7ff00000 [ 96.578265][ T40] audit: type=1326 audit(1754220804.417:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8960 comm="syz.3.898" exe="/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f1761946187 code=0x7ff00000 [ 97.534654][ T5968] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 97.552666][ T5968] Bluetooth: hci2: command 0x0405 tx timeout [ 97.577255][ T9013] nfs4: Unknown parameter ':{#ù~' [ 97.629156][ T9020] netlink: 4 bytes leftover after parsing attributes in process `syz.4.916'. [ 97.737802][ T9028] netlink: 14593 bytes leftover after parsing attributes in process `syz.4.917'. [ 98.428746][ T9083] SELinux: failed to load policy [ 98.486222][ T9093] : entered promiscuous mode [ 98.499194][ T9093] binder: BINDER_SET_CONTEXT_MGR already set [ 98.501200][ T9093] binder: 9092:9093 ioctl 4018620d 200000000040 returned -16 [ 98.513452][ T63] Bluetooth: hci1: command tx timeout [ 98.525019][ T9100] : renamed from bridge_slave_0 [ 98.565137][ T9105] netlink: 'syz.0.942': attribute type 10 has an invalid length. [ 98.568269][ T9105] netlink: 40 bytes leftover after parsing attributes in process `syz.0.942'. [ 98.618175][ T9112] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x5 [ 99.062830][ T9] usb 9-1: new full-speed USB device number 2 using dummy_hcd [ 99.171881][ T9177] tipc: Failed to remove unknown binding: 66,1,1/0:1140448029/1140448031 [ 99.176541][ T9177] tipc: Failed to remove unknown binding: 66,1,1/0:1140448029/1140448031 [ 99.179243][ T9177] tipc: Failed to remove unknown binding: 66,1,1/0:1140448029/1140448031 [ 99.226052][ T9] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 99.230475][ T9] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 99.236357][ T9] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 99.244422][ T9] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 99.250751][ T9] usb 9-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 99.254673][ T9] usb 9-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 99.257209][ T9] usb 9-1: Manufacturer: syz [ 99.260321][ T9] usb 9-1: config 0 descriptor?? [ 99.512553][ T9] rc_core: IR keymap rc-hauppauge not found [ 99.514445][ T9] Registered IR keymap rc-empty [ 99.516257][ T9] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 99.533618][ T9] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 99.559069][ T9128] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 99.561096][ T9128] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 99.564589][ T9] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0 [ 99.565364][ T9128] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 99.570018][ T9128] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 99.575396][ T9] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0/input14 [ 99.577987][ T9198] tmpfs: Bad value for 'mpol' [ 99.580917][ T9] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 99.584756][ T9128] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 99.586651][ T9128] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 99.604100][ T9] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 99.623555][ T9] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 99.626567][ T9128] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 99.629242][ T9128] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 99.634490][ T9198] program syz.3.966 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 99.653805][ T9] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 99.672616][ T9] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 99.692549][ T9] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 99.712874][ T9] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 99.743395][ T9] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 99.750024][ T9207] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22 [ 99.752883][ T9207] netdevsim netdevsim3: Direct firmware load for . failed with error -22 [ 99.756132][ T9207] netdevsim netdevsim3: Falling back to sysfs fallback for: . [ 99.772526][ T9] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 99.792583][ T9] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 99.824062][ T9] mceusb 9-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 99.826919][ T9] mceusb 9-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 99.938186][ T9230] netlink: 28 bytes leftover after parsing attributes in process `syz.1.971'. [ 100.007997][ T53] usb 9-1: USB disconnect, device number 2 [ 100.107066][ T9247] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 100.543404][ T9269] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 100.625340][ T9280] tipc: Started in network mode [ 100.626935][ T9280] tipc: Node identity 46ea8218df33, cluster identity 4711 [ 100.629279][ T9280] tipc: Enabled bearer , priority 0 [ 100.640314][ T9280] tipc: Disabling bearer [ 100.693501][ T9288] netlink: 'syz.4.980': attribute type 3 has an invalid length. [ 100.696042][ T9288] netlink: 220 bytes leftover after parsing attributes in process `syz.4.980'. [ 100.709467][ T9290] bond5 (unregistering): Released all slaves [ 100.783229][ T9297] IPVS: length: 184 != 24 [ 100.806766][ T9303] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 100.810061][ T9303] overlayfs: overlapping lowerdir path [ 100.836362][ T9306] netlink: 84 bytes leftover after parsing attributes in process `syz.1.989'. [ 100.930198][ T9317] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0. [ 100.977667][ T9324] 9pnet_virtio: no channels available for device syz [ 100.980593][ T9324] FAULT_INJECTION: forcing a failure. [ 100.980593][ T9324] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 100.984959][ T9324] CPU: 0 UID: 0 PID: 9324 Comm: syz.1.995 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 100.984975][ T9324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 100.984982][ T9324] Call Trace: [ 100.984986][ T9324] [ 100.984990][ T9324] dump_stack_lvl+0x16c/0x1f0 [ 100.985025][ T9324] should_fail_ex+0x512/0x640 [ 100.985047][ T9324] ? page_copy_sane+0xcd/0x2d0 [ 100.985058][ T9324] copy_folio_from_iter_atomic+0x375/0x1aa0 [ 100.985078][ T9324] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 100.985091][ T9324] ? shmem_write_begin+0x176/0x300 [ 100.985104][ T9324] ? __pfx_shmem_write_begin+0x10/0x10 [ 100.985114][ T9324] ? timestamp_truncate+0x21e/0x2d0 [ 100.985128][ T9324] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 100.985148][ T9324] generic_perform_write+0x221/0x900 [ 100.985170][ T9324] ? __pfx_generic_perform_write+0x10/0x10 [ 100.985188][ T9324] ? inode_needs_update_time.part.0+0x191/0x270 [ 100.985206][ T9324] shmem_file_write_iter+0x10e/0x140 [ 100.985221][ T9324] vfs_write+0x6c4/0x1150 [ 100.985232][ T9324] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 100.985246][ T9324] ? __pfx___mutex_lock+0x10/0x10 [ 100.985269][ T9324] ? __pfx_vfs_write+0x10/0x10 [ 100.985289][ T9324] ksys_write+0x12a/0x250 [ 100.985300][ T9324] ? __pfx_ksys_write+0x10/0x10 [ 100.985315][ T9324] do_syscall_64+0xcd/0x4c0 [ 100.985333][ T9324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.985344][ T9324] RIP: 0033:0x7fc81cf8eb69 [ 100.985353][ T9324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.985364][ T9324] RSP: 002b:00007fc81dd3e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 100.985375][ T9324] RAX: ffffffffffffffda RBX: 00007fc81d1b5fa0 RCX: 00007fc81cf8eb69 [ 100.985382][ T9324] RDX: 0000000000000002 RSI: 0000200000000300 RDI: 0000000000000003 [ 100.985389][ T9324] RBP: 00007fc81dd3e090 R08: 0000000000000000 R09: 0000000000000000 [ 100.985409][ T9324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.985415][ T9324] R13: 0000000000000000 R14: 00007fc81d1b5fa0 R15: 00007fffabfb7058 [ 100.985429][ T9324] [ 101.075495][ T9327] ip_vti0: entered promiscuous mode [ 101.077491][ T9327] netlink: 12 bytes leftover after parsing attributes in process `syz.1.997'. [ 101.080615][ T9327] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check. [ 101.238130][ T9356] vivid-003: disconnect [ 101.239205][ T9357] kernel profiling enabled (shift: 17) [ 101.275410][ T9362] 9pnet_virtio: no channels available for device syz [ 101.278550][ T9362] FAULT_INJECTION: forcing a failure. [ 101.278550][ T9362] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 101.283179][ T9362] CPU: 1 UID: 0 PID: 9362 Comm: syz.0.1005 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 101.283194][ T9362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 101.283201][ T9362] Call Trace: [ 101.283217][ T9362] [ 101.283221][ T9362] dump_stack_lvl+0x16c/0x1f0 [ 101.283241][ T9362] should_fail_ex+0x512/0x640 [ 101.283261][ T9362] _copy_to_user+0x32/0xd0 [ 101.283274][ T9362] simple_read_from_buffer+0xcb/0x170 [ 101.283294][ T9362] proc_fail_nth_read+0x197/0x240 [ 101.283307][ T9362] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 101.283321][ T9362] ? rw_verify_area+0xcf/0x6c0 [ 101.283337][ T9362] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 101.283349][ T9362] vfs_read+0x1e4/0xc60 [ 101.283362][ T9362] ? __pfx___mutex_lock+0x10/0x10 [ 101.283379][ T9362] ? __pfx_vfs_read+0x10/0x10 [ 101.283393][ T9362] ? __fget_files+0x20e/0x3c0 [ 101.283409][ T9362] ksys_read+0x12a/0x250 [ 101.283419][ T9362] ? __pfx_ksys_read+0x10/0x10 [ 101.283458][ T9362] do_syscall_64+0xcd/0x4c0 [ 101.283482][ T9362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.283493][ T9362] RIP: 0033:0x7fe34178d57c [ 101.283502][ T9362] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 101.283513][ T9362] RSP: 002b:00007fe3426b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 101.283523][ T9362] RAX: ffffffffffffffda RBX: 00007fe3419b5fa0 RCX: 00007fe34178d57c [ 101.283530][ T9362] RDX: 000000000000000f RSI: 00007fe3426b70a0 RDI: 0000000000000004 [ 101.283536][ T9362] RBP: 00007fe3426b7090 R08: 0000000000000000 R09: 0000000000000000 [ 101.283542][ T9362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 101.283549][ T9362] R13: 0000000000000000 R14: 00007fe3419b5fa0 R15: 00007fff768a0f08 [ 101.283563][ T9362] [ 101.301082][ T9356] input: syz1 as /devices/virtual/input/input15 [ 101.309105][ T40] kauditd_printk_skb: 32729 callbacks suppressed [ 101.309114][ T40] audit: type=1400 audit(1754220809.177:33515): avc: denied { bind } for pid=9363 comm="syz.0.1006" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 101.342821][ T9371] binder: Bad value for 'max' [ 101.412880][ T9379] .: renamed from bond0 [ 101.415751][ T9379] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1009'. [ 101.415785][ T9380] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1009'. [ 101.426622][ T9379] sp0: Synchronizing with TNC [ 101.429134][ T40] audit: type=1400 audit(1754220809.297:33516): avc: denied { read } for pid=9378 comm="syz.0.1009" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 101.437280][ T9355] vivid-003: reconnect [ 101.444068][ T40] audit: type=1400 audit(1754220809.297:33517): avc: denied { ioctl } for pid=9378 comm="syz.0.1009" path="/dev/ndctl0" dev="devtmpfs" ino=109 ioctlcmd=0xae80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 101.529732][ T9398] fuse: Unknown parameter 'group_id' [ 101.570182][ T40] audit: type=1400 audit(1754220809.437:33518): avc: denied { setopt } for pid=9397 comm="syz.1.1012" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 101.672676][ T40] audit: type=1326 audit(1754220809.547:33519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9406 comm="syz.1.1015" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc81cf8eb69 code=0x0 [ 101.713806][ T40] audit: type=1400 audit(1754220809.587:33520): avc: denied { create } for pid=9413 comm="syz.0.1017" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 101.867565][ T9431] 9pnet_virtio: no channels available for device syz [ 101.900224][ T9435] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 101.907447][ T9435] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1023'. [ 101.908078][ T9434] bond0: entered promiscuous mode [ 101.911864][ T9434] bond_slave_0: entered promiscuous mode [ 101.914131][ T9434] bond_slave_1: entered promiscuous mode [ 101.981293][ T9440] netlink: 'syz.4.1026': attribute type 7 has an invalid length. [ 101.992275][ T9440] : entered promiscuous mode [ 102.049456][ T9453] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.094782][ T40] audit: type=1400 audit(1754220809.967:33521): avc: denied { getopt } for pid=9454 comm="syz.3.1028" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 102.205904][ T9479] netlink: 'syz.4.1032': attribute type 2 has an invalid length. [ 102.208375][ T9479] netlink: 'syz.4.1032': attribute type 8 has an invalid length. [ 102.210771][ T9479] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1032'. [ 102.240919][ T9485] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1036'. [ 102.249694][ T40] audit: type=1400 audit(1754220810.117:33522): avc: denied { create } for pid=9483 comm="syz.0.1036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 102.256686][ T40] audit: type=1400 audit(1754220810.117:33523): avc: denied { write } for pid=9483 comm="syz.0.1036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 102.309392][ T40] audit: type=1400 audit(1754220810.177:33524): avc: denied { ioctl } for pid=9497 comm="syz.4.1041" path="socket:[27607]" dev="sockfs" ino=27607 ioctlcmd=0x7210 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 102.346321][ T9505] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1043'. [ 102.349154][ T9505] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1043'. [ 102.351920][ T9505] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1043'. [ 102.354806][ T9505] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1043'. [ 102.447028][ T9520] smc: net device bond0 applied user defined pnetid SYZ2 [ 102.452507][ T1348] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 102.459433][ T9520] 8021q: adding VLAN 0 to HW filter on device bond2 [ 102.468189][ T9520] bond2: (slave batadv1): Opening slave failed [ 102.946550][ T9557] netlink: 'syz.0.1050': attribute type 142 has an invalid length. [ 103.063051][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 103.063156][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 103.068461][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 103.072195][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 103.077110][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 103.080702][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 103.085468][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 103.089075][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 103.413614][ T9577] tmpfs: Bad value for 'huge' [ 103.416130][ T9577] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=63769 sclass=netlink_route_socket pid=9577 comm=syz.1.1057 [ 103.995050][ T9614] Invalid source name [ 103.996385][ T9614] UBIFS error (pid: 9614): cannot open "/dev/sg0", error -22 [ 104.194325][ T9631] fuse: Bad value for 'fd' [ 104.648948][ T9643] syz.1.1073 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 104.669004][ T9648] netlink: 'syz.0.1074': attribute type 20 has an invalid length. [ 104.672290][ T9648] netlink: 'syz.0.1074': attribute type 7 has an invalid length. [ 104.758147][ T9652] binder: 9651:9652 ioctl 400c620e 200000001580 returned -22 [ 104.764504][ T9655] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 104.768735][ T9657] binder: 9656:9657 ioctl c0603d0f 2000000001c0 returned -22 [ 104.918137][ T9665] netlink: 'syz.1.1081': attribute type 1 has an invalid length. [ 104.939331][ T9665] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address [ 104.943599][ T9665] bond5: (slave vxcan3): Error -95 calling set_mac_address [ 105.048991][ T9665] gretap1: entered promiscuous mode [ 105.053731][ T9665] bond5: (slave gretap1): making interface the new active one [ 105.056328][ T9665] bond5: (slave gretap1): Enslaving as an active interface with an up link [ 105.206425][ T9682] netlink: 'syz.4.1085': attribute type 2 has an invalid length. [ 105.747111][ T9717] mkiss: ax0: crc mode is auto. [ 106.045797][ T9745] netlink: 'syz.4.1105': attribute type 2 has an invalid length. [ 106.082482][ C0] net_ratelimit: 43653 callbacks suppressed [ 106.082493][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 106.082808][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 106.084529][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 106.088241][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 106.091831][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 106.095541][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 106.099220][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 106.103262][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 106.106559][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 106.110243][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 106.340894][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 106.340906][ T40] audit: type=1400 audit(1754221070.203:33542): avc: denied { connect } for pid=9756 comm="syz.1.1108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 106.447072][ T9765] wg2: entered promiscuous mode [ 106.448676][ T9765] wg2: entered allmulticast mode [ 106.754528][ T9786] gtp0: entered promiscuous mode [ 106.758133][ T9786] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9786 comm=syz.3.1117 [ 106.917968][ T40] audit: type=1400 audit(1754221070.783:33543): avc: denied { mounton } for pid=9787 comm="syz.0.1118" path="/bus" dev="ramfs" ino=31506 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1 [ 107.031621][ T40] audit: type=1400 audit(1754221070.893:33544): avc: denied { write } for pid=9795 comm="syz.4.1120" name="card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 107.042402][ T40] audit: type=1400 audit(1754221070.913:33545): avc: denied { setattr } for pid=9790 comm="syz.0.1119" name="/" dev="9p" ino=35913862 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 107.052185][ T9791] comedi comedi0: Minor -2147450880 is invalid! [ 107.286403][ T40] audit: type=1400 audit(1754221071.153:33546): avc: denied { name_bind } for pid=9805 comm="syz.1.1124" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 107.435260][ T9821] 9pnet_virtio: no channels available for device syz [ 107.684571][ T40] audit: type=1400 audit(1754221071.553:33547): avc: denied { open } for pid=9825 comm="syz.3.1128" path="/dev/ptyqb" dev="devtmpfs" ino=138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 107.691956][ T40] audit: type=1400 audit(1754221071.553:33548): avc: denied { ioctl } for pid=9825 comm="syz.3.1128" path="/dev/ptyqb" dev="devtmpfs" ino=138 ioctlcmd=0x5430 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 107.692505][ T1348] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 107.733317][ T9809] block nbd1: Device being setup by another task [ 107.737659][ T9805] block nbd1: shutting down sockets [ 107.872417][ T1348] usb 9-1: config index 0 descriptor too short (expected 23569, got 27) [ 107.876870][ T1348] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 107.880727][ T1348] usb 9-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 107.884911][ T1348] usb 9-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 107.887456][ T1348] usb 9-1: Manufacturer: syz [ 107.890640][ T1348] usb 9-1: config 0 descriptor?? [ 107.943867][ T1348] rc_core: IR keymap rc-hauppauge not found [ 107.945829][ T1348] Registered IR keymap rc-empty [ 107.950330][ T1348] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0 [ 107.954886][ T1348] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0/input16 [ 108.104256][ T1348] usb 9-1: USB disconnect, device number 3 [ 108.195700][ T9861] __nla_validate_parse: 8 callbacks suppressed [ 108.195712][ T9861] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1137'. [ 108.211250][ T9861] netlink: 'syz.0.1137': attribute type 13 has an invalid length. [ 108.215702][ T9861] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1137'. [ 108.322640][ T6032] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 108.472606][ T6032] usb 6-1: Using ep0 maxpacket: 32 [ 108.475592][ T6032] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 108.480485][ T6032] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 108.483548][ T6032] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 108.486088][ T6032] usb 6-1: Product: syz [ 108.487424][ T6032] usb 6-1: Manufacturer: syz [ 108.488890][ T6032] usb 6-1: SerialNumber: syz [ 108.491688][ T6032] usb 6-1: config 0 descriptor?? [ 108.493941][ T9853] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 108.751675][ T1348] usb 6-1: USB disconnect, device number 11 [ 111.092549][ C0] net_ratelimit: 60626 callbacks suppressed [ 111.092566][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 111.092678][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 111.094631][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 111.098364][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 111.101972][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 111.105732][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 111.109397][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 111.113424][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 111.116754][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 111.120435][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 116.102515][ C0] net_ratelimit: 62289 callbacks suppressed [ 116.102527][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 116.102672][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 116.104555][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 116.108260][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 116.111843][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 116.115607][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 116.119251][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 116.125182][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 116.126595][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 116.130341][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 118.513933][ T9888] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1142'. [ 118.756694][ T9914] jfs: Unknown parameter 'syz' [ 118.796823][ T9911] input: syz0 as /devices/virtual/input/input17 [ 118.907424][ T9919] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1152'. [ 118.958971][ T40] audit: type=1400 audit(1754221082.823:33549): avc: denied { write } for pid=9925 comm="syz.4.1154" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 118.974040][ T40] audit: type=1400 audit(1754221082.823:33550): avc: denied { open } for pid=9925 comm="syz.4.1154" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 118.991817][ T40] audit: type=1400 audit(1754221082.833:33551): avc: denied { connect } for pid=9925 comm="syz.4.1154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 119.016594][ T40] audit: type=1400 audit(1754221082.833:33552): avc: denied { ioctl } for pid=9925 comm="syz.4.1154" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 119.038832][ T40] audit: type=1400 audit(1754221082.843:33553): avc: denied { ioctl } for pid=9922 comm="syz.3.1153" path="socket:[32594]" dev="sockfs" ino=32594 ioctlcmd=0xf50b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 119.068807][ T9942] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.1158'. [ 119.081913][ T40] audit: type=1400 audit(1754221082.943:33554): avc: denied { write } for pid=9938 comm="syz.1.1158" name="usbmon6" dev="devtmpfs" ino=756 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 119.135326][ T9944] bridge0: port 2(bridge_slave_1) entered disabled state [ 119.233807][ T9956] xfrm0 speed is unknown, defaulting to 1000 [ 119.292735][ T6032] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 119.439071][ T9968] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1165'. [ 119.453137][ T6032] usb 8-1: too many configurations: 9, using maximum allowed: 8 [ 119.456361][ T6032] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 119.459117][ T6032] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 119.462589][ T6032] usb 8-1: config 0 interface 0 has no altsetting 0 [ 119.465486][ T6032] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 119.468352][ T6032] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 119.471708][ T6032] usb 8-1: config 0 interface 0 has no altsetting 0 [ 119.474670][ T6032] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 119.477426][ T6032] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 119.480746][ T6032] usb 8-1: config 0 interface 0 has no altsetting 0 [ 119.483693][ T6032] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 119.486433][ T6032] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 119.489754][ T6032] usb 8-1: config 0 interface 0 has no altsetting 0 [ 119.492592][ T6032] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 119.495336][ T6032] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 119.498668][ T6032] usb 8-1: config 0 interface 0 has no altsetting 0 [ 119.501561][ T6032] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 119.504394][ T6032] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 119.507721][ T6032] usb 8-1: config 0 interface 0 has no altsetting 0 [ 119.510738][ T6032] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 119.517780][ T6032] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 119.521235][ T6032] usb 8-1: config 0 interface 0 has no altsetting 0 [ 119.524588][ T6032] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 119.527375][ T6032] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 119.532503][ T6032] usb 8-1: config 0 interface 0 has no altsetting 0 [ 119.539305][ T6032] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 119.542237][ T6032] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 119.545422][ T6032] usb 8-1: Product: syz [ 119.546750][ T6032] usb 8-1: Manufacturer: syz [ 119.548220][ T6032] usb 8-1: SerialNumber: syz [ 119.564707][ T6032] usb 8-1: config 0 descriptor?? [ 119.568641][ T6032] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0 [ 119.781985][ T40] audit: type=1400 audit(1754221083.643:33555): avc: denied { read } for pid=9936 comm="syz.3.1157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 119.783171][ T9985] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1170'. [ 119.790710][ T9985] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1170'. [ 119.797970][ T9985] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1170'. [ 119.801007][ T9985] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1170'. [ 119.835873][ T40] audit: type=1400 audit(1754221083.703:33556): avc: denied { mounton } for pid=9936 comm="syz.3.1157" path="/266/file0" dev="devtmpfs" ino=726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:removable_device_t tclass=blk_file permissive=1 [ 120.148929][ T40] audit: type=1326 audit(1754221084.013:33557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10003 comm="syz.1.1174" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc81cf8eb69 code=0x0 [ 120.155999][ T40] audit: type=1400 audit(1754221084.023:33558): avc: denied { write } for pid=10005 comm="syz.4.1179" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 120.170815][T10006] futex_wake_op: syz.4.1179 tries to shift op by 32; fix this program [ 120.176162][T10006] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 120.407091][T10020] netlink: 'syz.4.1184': attribute type 2 has an invalid length. [ 120.439021][T10022] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56344 sclass=netlink_route_socket pid=10022 comm=syz.4.1185 [ 120.527484][T10026] netlink: 92 bytes leftover after parsing attributes in process `syz.4.1186'. [ 120.582463][ C1] sched: DL replenish lagged too much [ 120.641272][T10030] 9pnet: Unknown protocol version 9p2000.Üx©á3Í×rD]ñuÏæ [ 120.641272][T10030] (Ró^úQdœþS«¦²Uô!QÛ³î©Ü \¶AR΃q@¸3©ÏÈdŒœë£…;G‰œ(Ñ.\}ÃÒ^™T”qf\^œQÞñzc¹Õ`eUù×Å€˜í¨‚aiÉZpøÜ‹*#è£`ÅQúw¾ÑGEÖûÍk†1k.ŒC`ûØXÇ[ [ 120.650608][T10030] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1188'. [ 120.892612][T10041] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10041 comm=syz.0.1191 [ 121.112531][ C0] net_ratelimit: 82438 callbacks suppressed [ 121.112542][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 121.112674][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 121.114608][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 121.114691][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 121.118413][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 121.122137][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 121.125977][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 121.129546][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 121.133231][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 121.136939][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 121.503872][T10059] geneve2: entered promiscuous mode [ 121.505548][T10059] geneve2: entered allmulticast mode [ 121.683566][T10072] netlink: 'syz.4.1204': attribute type 10 has an invalid length. [ 122.066848][ T34] usb 8-1: USB disconnect, device number 8 [ 122.071114][ T34] yurex 8-1:0.0: USB YUREX #0 now disconnected [ 122.278170][T10096] cgroup: No subsys list or none specified [ 122.320399][T10098] syz.3.1213: attempt to access beyond end of device [ 122.320399][T10098] nbd3: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 122.325111][T10098] XFS (nbd3): SB validate failed with error -5. [ 122.572974][T10115] 9pnet_virtio: no channels available for device syz [ 122.578328][T10115] 9pnet_virtio: no channels available for device syz [ 122.580676][T10115] 9pnet_virtio: no channels available for device syz [ 122.583324][T10115] 9pnet_virtio: no channels available for device syz [ 122.585652][T10115] 9pnet_virtio: no channels available for device syz [ 122.588018][T10115] 9pnet_virtio: no channels available for device syz [ 122.590338][T10115] 9pnet_virtio: no channels available for device syz [ 122.592947][T10115] 9pnet_virtio: no channels available for device syz [ 122.595412][T10115] 9pnet_virtio: no channels available for device syz [ 122.598622][T10115] 9pnet_virtio: no channels available for device syz [ 122.600975][T10115] 9pnet_virtio: no channels available for device syz [ 122.604253][T10115] 9pnet_virtio: no channels available for device syz [ 122.606581][T10115] 9pnet_virtio: no channels available for device syz [ 122.608911][T10115] 9pnet_virtio: no channels available for device syz [ 122.615088][T10115] 9pnet_virtio: no channels available for device syz [ 122.621392][T10115] 9pnet_virtio: no channels available for device syz [ 122.625272][T10115] 9pnet_virtio: no channels available for device syz [ 122.631535][T10115] 9pnet_virtio: no channels available for device syz [ 122.634059][T10115] 9pnet_virtio: no channels available for device syz [ 122.641649][T10115] 9pnet_virtio: no channels available for device syz [ 122.644049][T10115] 9pnet_virtio: no channels available for device syz [ 122.648598][T10115] 9pnet_virtio: no channels available for device syz [ 122.651176][T10115] 9pnet_virtio: no channels available for device syz [ 122.653683][T10115] 9pnet_virtio: no channels available for device syz [ 122.655988][T10115] 9pnet_virtio: no channels available for device syz [ 122.658319][T10115] 9pnet_virtio: no channels available for device syz [ 122.660638][T10115] 9pnet_virtio: no channels available for device syz [ 122.667894][T10115] 9pnet_virtio: no channels available for device syz [ 122.691159][T10115] 9pnet_virtio: no channels available for device syz [ 122.693748][T10115] 9pnet_virtio: no channels available for device syz [ 122.698593][T10115] 9pnet_virtio: no channels available for device syz [ 122.700921][T10115] 9pnet_virtio: no channels available for device syz [ 122.703499][T10115] 9pnet_virtio: no channels available for device syz [ 122.705822][T10115] 9pnet_virtio: no channels available for device syz [ 122.708163][T10115] 9pnet_virtio: no channels available for device syz [ 122.710513][T10115] 9pnet_virtio: no channels available for device syz [ 122.713134][T10115] 9pnet_virtio: no channels available for device syz [ 122.715505][T10115] 9pnet_virtio: no channels available for device syz [ 122.717839][T10115] 9pnet_virtio: no channels available for device syz [ 122.720173][T10115] 9pnet_virtio: no channels available for device syz [ 122.722794][T10115] 9pnet_virtio: no channels available for device syz [ 122.725082][T10115] 9pnet_virtio: no channels available for device syz [ 122.727441][T10115] 9pnet_virtio: no channels available for device syz [ 122.729751][T10115] 9pnet_virtio: no channels available for device syz [ 122.732004][T10115] 9pnet_virtio: no channels available for device syz [ 122.734649][T10115] 9pnet_virtio: no channels available for device syz [ 122.736976][T10115] 9pnet_virtio: no channels available for device syz [ 122.741190][T10115] 9pnet_virtio: no channels available for device syz [ 122.743612][T10115] 9pnet_virtio: no channels available for device syz [ 122.745993][T10115] 9pnet_virtio: no channels available for device syz [ 122.748383][T10115] 9pnet_virtio: no channels available for device syz [ 122.750742][T10115] 9pnet_virtio: no channels available for device syz [ 122.756146][T10115] 9pnet_virtio: no channels available for device syz [ 122.758560][T10115] 9pnet_virtio: no channels available for device syz [ 122.760936][T10115] 9pnet_virtio: no channels available for device syz [ 122.763378][T10115] 9pnet_virtio: no channels available for device syz [ 122.765860][T10115] 9pnet_virtio: no channels available for device syz [ 122.768288][T10115] 9pnet_virtio: no channels available for device syz [ 122.770673][T10115] 9pnet_virtio: no channels available for device syz [ 122.773547][T10115] 9pnet_virtio: no channels available for device syz [ 122.775936][T10115] 9pnet_virtio: no channels available for device syz [ 122.778350][T10115] 9pnet_virtio: no channels available for device syz [ 122.780734][T10115] 9pnet_virtio: no channels available for device syz [ 122.783170][T10115] 9pnet_virtio: no channels available for device syz [ 122.818644][T10129] bridge2: entered promiscuous mode [ 122.852139][T10131] geneve2: entered promiscuous mode [ 122.853914][T10131] geneve2: entered allmulticast mode [ 122.856386][ T6928] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 122.859355][ T6928] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 122.873366][ T6928] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 122.876260][ T6928] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 122.877285][T10131] netlink: 'syz.1.1221': attribute type 3 has an invalid length. [ 122.998833][T10137] can0: slcan on ptm0. [ 123.010033][T10137] syz.1.1223: attempt to access beyond end of device [ 123.010033][T10137] nbd1: rw=0, sector=64, nr_sectors = 1 limit=0 [ 123.015951][T10137] syz.1.1223: attempt to access beyond end of device [ 123.015951][T10137] nbd1: rw=0, sector=256, nr_sectors = 1 limit=0 [ 123.029607][T10137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 123.033375][T10137] syz.1.1223: attempt to access beyond end of device [ 123.033375][T10137] nbd1: rw=0, sector=512, nr_sectors = 1 limit=0 [ 123.037625][T10137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 123.040603][T10137] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 123.044333][T10137] UDF-fs: Scanning with blocksize 512 failed [ 123.046897][T10137] syz.1.1223: attempt to access beyond end of device [ 123.046897][T10137] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0 [ 123.051089][T10137] syz.1.1223: attempt to access beyond end of device [ 123.051089][T10137] nbd1: rw=0, sector=512, nr_sectors = 2 limit=0 [ 123.055666][T10137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 123.068031][T10144] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 123.070313][T10144] overlayfs: failed to set xattr on upper [ 123.071432][T10137] syz.1.1223: attempt to access beyond end of device [ 123.071432][T10137] nbd1: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 123.072194][T10144] overlayfs: ...falling back to redirect_dir=nofollow. [ 123.080045][T10144] overlayfs: ...falling back to metacopy=off. [ 123.082047][T10144] overlayfs: ...falling back to index=off. [ 123.087051][T10144] overlayfs: ...falling back to uuid=null. [ 123.089006][T10144] overlayfs: conflicting lowerdir path [ 123.091384][T10137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 123.094634][T10137] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 123.097097][T10137] UDF-fs: Scanning with blocksize 1024 failed [ 123.099445][T10137] syz.1.1223: attempt to access beyond end of device [ 123.099445][T10137] nbd1: rw=0, sector=64, nr_sectors = 4 limit=0 [ 123.104724][T10137] syz.1.1223: attempt to access beyond end of device [ 123.104724][T10137] nbd1: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 123.108835][T10137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 123.111888][T10137] syz.1.1223: attempt to access beyond end of device [ 123.111888][T10137] nbd1: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 123.116338][T10137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 123.119382][T10137] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 123.121776][T10137] UDF-fs: Scanning with blocksize 2048 failed [ 123.126270][T10137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 123.129410][T10137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 123.132399][T10137] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 123.135052][T10137] UDF-fs: Scanning with blocksize 4096 failed [ 123.137070][T10137] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1) [ 123.451889][T10161] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 123.465453][T10136] can0 (unregistered): slcan off ptm0. [ 123.548680][T10170] SELinux: ebitmap start bit (1932485487) is not a multiple of the map unit size (64) [ 123.555032][T10172] __nla_validate_parse: 11 callbacks suppressed [ 123.555042][T10172] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1229'. [ 123.558856][T10170] SELinux: failed to load policy [ 123.565620][T10172] xfrm1: entered promiscuous mode [ 123.567369][T10172] xfrm1: entered allmulticast mode [ 123.610257][T10178] usb usb8: usbfs: process 10178 (syz.1.1231) did not claim interface 0 before use [ 123.626250][T10182] 9pnet: Unknown protocol version 9p2000.u18446744073709551615 [ 123.695703][T10189] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1280 sclass=netlink_route_socket pid=10189 comm=syz.1.1233 [ 123.700328][T10190] netlink: 'syz.1.1233': attribute type 1 has an invalid length. [ 123.840818][T10200] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1236'. [ 123.869604][T10202] tipc: Enabling of bearer rejected, already enabled [ 124.221198][T10209] netlink: 'syz.0.1239': attribute type 1 has an invalid length. [ 124.348079][T10210] veth7: entered promiscuous mode [ 124.492188][ T40] kauditd_printk_skb: 18 callbacks suppressed [ 124.492198][ T40] audit: type=1400 audit(1754221344.354:33577): avc: denied { accept } for pid=10223 comm="syz.3.1243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 124.502031][ T40] audit: type=1400 audit(1754221344.364:33578): avc: denied { read } for pid=10223 comm="syz.3.1243" path="socket:[34403]" dev="sockfs" ino=34403 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 124.517048][ T40] audit: type=1400 audit(1754221344.364:33579): avc: denied { write } for pid=10223 comm="syz.3.1243" path="socket:[34403]" dev="sockfs" ino=34403 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 124.541306][T10232] netlink: 'syz.3.1245': attribute type 5 has an invalid length. [ 124.544611][T10232] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1245'. [ 124.707327][T10244] netlink: 'syz.4.1249': attribute type 1 has an invalid length. [ 124.775959][T10244] bond3: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 124.782686][T10244] 8021q: adding VLAN 0 to HW filter on device bond3 [ 124.821636][T10251] netlink: 4768 bytes leftover after parsing attributes in process `syz.3.1253'. [ 124.824804][T10251] Device name not specified. [ 124.824804][T10251] [ 124.897918][T10263] IPVS: set_ctl: invalid protocol: 44 172.20.20.187:20004 [ 125.105250][T10286] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1264'. [ 125.117383][ T40] audit: type=1400 audit(1754221344.984:33580): avc: denied { bind } for pid=10287 comm="syz.3.1265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 125.117661][T10286] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1264'. [ 125.128283][T10286] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.1264'. [ 125.183902][ T40] audit: type=1400 audit(1754221345.054:33581): avc: denied { listen } for pid=10287 comm="syz.3.1265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 125.206327][T10288] IPv6: sit1: Disabled Multicast RS [ 125.215093][T10293] vivid-000: ================= START STATUS ================= [ 125.217860][ T40] audit: type=1400 audit(1754221345.084:33582): avc: denied { create } for pid=10277 comm="syz.0.1261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmsvc_socket permissive=1 [ 125.221258][T10293] vivid-000: Test Pattern: 75% Colorbar [ 125.225971][T10293] vivid-000: Fill Percentage of Frame: 100 [ 125.227898][T10293] vivid-000: Horizontal Movement: No Movement [ 125.230539][T10293] vivid-000: Vertical Movement: No Movement [ 125.235747][T10293] vivid-000: OSD Text Mode: All [ 125.237319][T10293] vivid-000: Show Border: false [ 125.240028][T10293] vivid-000: Show Square: false [ 125.241630][T10293] vivid-000: Sensor Flipped Horizontally: false [ 125.243803][T10293] vivid-000: Sensor Flipped Vertically: false [ 125.245715][T10293] vivid-000: Insert SAV Code in Image: false [ 125.247600][T10293] vivid-000: Insert EAV Code in Image: false [ 125.249514][T10293] vivid-000: Insert Video Guard Band: false [ 125.256738][T10293] vivid-000: Reduced Framerate: false [ 125.258440][T10293] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 125.260809][T10293] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator [ 125.263896][T10293] vivid-000: Enable Capture Cropping: true grabbed [ 125.266371][T10293] vivid-000: Enable Capture Composing: true grabbed [ 125.268637][T10293] vivid-000: Enable Capture Scaler: true grabbed [ 125.270678][T10293] vivid-000: Timestamp Source: End of Frame [ 125.272111][T10297] random: crng reseeded on system resumption [ 125.274002][T10293] vivid-000: Colorspace: sRGB [ 125.276252][T10293] vivid-000: Transfer Function: Default [ 125.278107][T10293] vivid-000: Y'CbCr Encoding: Default [ 125.279901][T10293] vivid-000: HSV Encoding: Hue 0-179 [ 125.281595][ T40] audit: type=1400 audit(1754221345.144:33583): avc: denied { ioctl } for pid=10295 comm="syz.1.1266" path="/dev/snapshot" dev="devtmpfs" ino=98 ioctlcmd=0x3312 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 125.289676][T10293] vivid-000: Quantization: Default [ 125.291340][T10293] vivid-000: Apply Alpha To Red Only: false [ 125.293237][T10293] vivid-000: Standard Aspect Ratio: 4x3 [ 125.294996][T10293] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 125.297390][T10293] vivid-000: DV Timings: 640x480p59 inactive [ 125.299270][T10293] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 125.301612][T10293] vivid-000: Maximum EDID Blocks: 2 [ 125.303411][T10293] vivid-000: Limited RGB Range (16-235): false [ 125.305298][T10293] vivid-000: Rx RGB Quantization Range: Automatic [ 125.307800][T10293] vivid-000: Power Present: 0x00000001 [ 125.309696][T10293] tpg source WxH: 320x180 (R'G'B) [ 125.311396][T10293] tpg field: 1 [ 125.313019][T10293] tpg crop: (0,0)/320x180 [ 125.315248][T10293] tpg compose: (0,0)/320x180 [ 125.316805][T10293] tpg colorspace: 8 [ 125.318028][T10293] tpg transfer function: 0/2 [ 125.318067][T10299] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 125.319496][T10293] tpg quantization: 0/1 [ 125.319516][T10293] tpg RGB range: 0/2 [ 125.319522][T10293] vivid-000: ================== END STATUS ================== [ 125.330680][T10290] netlink: 'syz.4.1260': attribute type 3 has an invalid length. [ 125.334147][T10290] netlink: 'syz.4.1260': attribute type 3 has an invalid length. [ 125.391366][ T40] audit: type=1400 audit(1754221345.254:33584): avc: denied { mount } for pid=10302 comm="syz.4.1267" name="/" dev="rpc_pipefs" ino=33631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1 [ 125.401241][ T40] audit: type=1400 audit(1754221345.264:33585): avc: denied { checkpoint_restore } for pid=10302 comm="syz.4.1267" capability=40 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 125.593611][T10311] fuse: Bad value for 'fd' [ 125.600063][ T40] audit: type=1400 audit(1754221345.464:33586): avc: denied { ioctl } for pid=10309 comm="syz.3.1269" path="/dev/fuse" dev="devtmpfs" ino=105 ioctlcmd=0x942c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 125.608412][T10311] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1269'. [ 125.896432][T10324] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1272'. [ 125.974465][T10329] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1539 sclass=netlink_route_socket pid=10329 comm=syz.0.1275 [ 125.978585][T10329] netlink: 'syz.0.1275': attribute type 1 has an invalid length. [ 125.991307][T10329] 8021q: adding VLAN 0 to HW filter on device bond5 [ 126.032252][T10329] bond5: (slave veth7): Enslaving as an active interface with a down link [ 126.122533][ C0] net_ratelimit: 102805 callbacks suppressed [ 126.122536][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 126.122544][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 126.122638][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 126.124651][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 126.128242][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 126.131894][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 126.135612][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 126.139262][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 126.143096][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 126.146830][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 126.678637][T10351] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1281'. [ 126.789220][T10357] 9pnet_fd: Insufficient options for proto=fd [ 127.081814][T10387] sctp: [Deprecated]: syz.0.1294 (pid 10387) Use of struct sctp_assoc_value in delayed_ack socket option. [ 127.081814][T10387] Use struct sctp_sack_info instead [ 127.087810][T10387] overlayfs: missing 'lowerdir' [ 127.126881][T10386] xfrm0 speed is unknown, defaulting to 1000 [ 127.657225][T10427] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 127.695439][T10429] netlink: 'syz.1.1311': attribute type 1 has an invalid length. [ 127.698640][T10429] netlink: 'syz.1.1311': attribute type 2 has an invalid length. [ 127.705345][T10431] comedi comedi2: dt2814: a I/O base address must be specified [ 127.759594][T10431] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.813712][T10439] sp0: Synchronizing with TNC [ 127.905389][T10431] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.094324][T10445] xfrm0 speed is unknown, defaulting to 1000 [ 128.204280][T10431] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.472643][ T1348] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 128.482497][T10431] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.569158][ T6937] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.597567][ T6937] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.600253][ T6937] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.603385][ T6937] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.622510][ T1348] usb 6-1: Using ep0 maxpacket: 8 [ 128.625357][ T1348] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 128.627933][ T1348] usb 6-1: config 179 has no interface number 0 [ 128.629889][ T1348] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 128.643349][ T1348] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 128.657084][ T1348] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 128.660544][ T1348] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 128.682626][ T1348] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 128.685451][ T1348] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.699876][T10458] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 128.913047][T10458] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 128.915866][T10458] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 128.918603][T10458] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 128.957217][T10458] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 128.960136][T10458] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 128.972869][T10458] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 128.975726][T10458] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 128.978462][T10458] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 129.004274][T10458] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 129.010411][T10458] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 129.094109][T10482] __nla_validate_parse: 7 callbacks suppressed [ 129.094120][T10482] netlink: 404 bytes leftover after parsing attributes in process `syz.3.1325'. [ 129.118329][ T1348] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:179.65/input/input18 [ 129.276724][ T6011] usb 6-1: USB disconnect, device number 12 [ 129.276786][ C3] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 129.281479][ C3] dummy_hcd dummy_hcd.1: timer fired with no URBs pending? [ 129.416185][T10496] ufs: You didn't specify the type of your ufs filesystem [ 129.416185][T10496] [ 129.416185][T10496] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 129.416185][T10496] [ 129.416185][T10496] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 129.425991][T10496] ufs: ufstype=old is supported read-only [ 129.429430][T10496] ufs: ufs_fill_super(): bad magic number [ 129.835123][T10513] 9pnet: Could not find request transport: virtiosion=9p2000.u [ 129.854855][T10513] 9pnet: Could not find request transport: virtiosion=9p2000.u [ 129.876002][T10513] 9pnet: Could not find request transport: virtiosion=9p2000.u [ 129.899500][T10513] 9pnet: Could not find request transport: virtiosion=9p2000.u [ 129.905509][T10513] 9pnet: Could not find request transport: virtiosion=9p2000.u [ 129.950788][ T40] kauditd_printk_skb: 12 callbacks suppressed [ 129.950797][ T40] audit: type=1400 audit(1754221349.814:33599): avc: denied { map } for pid=10525 comm="syz.1.1339" path="socket:[36218]" dev="sockfs" ino=36218 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 130.041902][T10539] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1342'. [ 130.062635][ T6011] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 130.111530][T10545] sp0: Synchronizing with TNC [ 130.136710][T10542] [U] è [ 130.212572][ T6011] usb 5-1: Using ep0 maxpacket: 8 [ 130.216179][ T6011] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 130.222710][ T6011] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 130.228877][ T6011] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 130.244475][ T6011] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 130.248029][ T6011] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 130.250906][ T6011] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 130.265958][ T6011] hub 5-1:1.0: bad descriptor, ignoring hub [ 130.270145][ T6011] hub 5-1:1.0: probe with driver hub failed with error -5 [ 130.274971][ T6011] cdc_wdm 5-1:1.0: skipping garbage [ 130.278935][ T6011] cdc_wdm 5-1:1.0: skipping garbage [ 130.285127][ T6011] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 130.289103][ T6011] cdc_wdm 5-1:1.0: Unknown control protocol [ 130.436102][T10559] program syz.4.1345 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 130.464351][ T40] audit: type=1400 audit(1754221350.334:33600): avc: denied { read write } for pid=10511 comm="syz.0.1335" name="cdc-wdm0" dev="devtmpfs" ino=3072 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1 [ 130.489830][ T40] audit: type=1400 audit(1754221350.334:33601): avc: denied { open } for pid=10511 comm="syz.0.1335" path="/dev/cdc-wdm0" dev="devtmpfs" ino=3072 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1 [ 130.681113][ T40] audit: type=1400 audit(1754221350.544:33602): avc: denied { ioctl } for pid=10574 comm="syz.4.1350" path="/dev/usbmon7" dev="devtmpfs" ino=759 ioctlcmd=0x9205 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 130.752660][ T1348] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 130.854785][T10512] usb 5-1: reset high-speed USB device number 7 using dummy_hcd [ 131.020589][T10512] usb 5-1: device firmware changed [ 131.043698][ T6011] usb 5-1: USB disconnect, device number 7 [ 131.043843][T10512] cdc_wdm 5-1:1.0: Error autopm - -16 [ 131.047583][T10565] cdc_wdm 5-1:1.0: Error autopm - -16 [ 131.098422][T10604] tmpfs: Bad value for 'mpol' [ 131.100111][T10604] tmpfs: Bad value for 'mpol' [ 131.128844][T10610] /dev/sg0: Can't lookup blockdev [ 131.132536][ C0] net_ratelimit: 108283 callbacks suppressed [ 131.132546][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 131.132568][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 131.134522][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 131.138243][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 131.141891][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 131.145526][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 131.149143][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 131.152829][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 131.156508][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 131.160527][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 131.172537][ T6011] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 131.321734][T10615] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1356'. [ 131.352551][ T6011] usb 5-1: Using ep0 maxpacket: 8 [ 131.355407][ T6011] usb 5-1: config 1 has an invalid descriptor of length 101, skipping remainder of the config [ 131.358706][ T6011] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 131.361586][ T6011] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 131.365790][ T6011] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 131.368618][ T6011] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.379148][ T6011] hub 5-1:1.0: bad descriptor, ignoring hub [ 131.381080][ T6011] hub 5-1:1.0: probe with driver hub failed with error -5 [ 131.384543][ T6011] cdc_wdm 5-1:1.0: skipping garbage [ 131.386206][ T6011] cdc_wdm 5-1:1.0: skipping garbage [ 131.387861][ T6011] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22 [ 131.517778][T10640] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1366'. [ 131.521293][T10640] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1366'. [ 131.557061][T10645] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1368'. [ 131.569141][T10645] 8021q: adding VLAN 0 to HW filter on device bond4 [ 131.575091][T10645] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10645 comm=syz.4.1368 [ 131.576332][T10512] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 131.584386][T10512] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 131.612810][T10645] 8021q: adding VLAN 0 to HW filter on device bond4 [ 131.615081][T10645] bond4: (slave vcan1): The slave device specified does not support setting the MAC address [ 131.618873][T10645] bond4: (slave vcan1): Error -95 calling set_mac_address [ 131.702555][ T1348] usb 8-1: device descriptor read/64, error -71 [ 131.852548][ T6011] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 131.889285][T10655] sp0: Synchronizing with TNC [ 131.952634][ T1348] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 131.975822][T10655] mkiss: ax0: crc mode is auto. [ 132.002506][ T6011] usb 6-1: Using ep0 maxpacket: 32 [ 132.005460][ T6011] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 132.008054][ T6011] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 132.010790][ T6011] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 132.013746][ T6011] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 132.016792][ T6011] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 132.019757][ T6011] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 132.023834][ T6011] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 132.026623][ T6011] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.030546][ T6011] usb 6-1: config 0 descriptor?? [ 132.036521][ T5995] usb 5-1: USB disconnect, device number 8 [ 132.113783][ T1348] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 132.117119][ T1348] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 132.120155][ T1348] usb 8-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 132.123249][ T1348] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.129594][ T1348] usb 8-1: config 0 descriptor?? [ 132.134752][T10658] dvmrp0: entered allmulticast mode [ 132.236239][ T6011] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 13 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 132.242198][ T6011] usb 6-1: USB disconnect, device number 13 [ 132.246459][ T6011] usblp0: removed [ 132.346332][T10628] 8021q: adding VLAN 0 to HW filter on device bond0 [ 132.348755][T10628] bond0: (slave ip6tnl0): The slave device specified does not support setting the MAC address [ 132.352690][T10628] bond0: (slave ip6tnl0): Error -95 calling set_mac_address [ 132.372815][ T1348] usbhid 8-1:0.0: can't add hid device: -71 [ 132.374763][ T1348] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 132.385408][ T1348] usb 8-1: USB disconnect, device number 10 [ 132.505192][ T1424] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.618100][ T40] audit: type=1400 audit(1754221352.484:33603): avc: denied { accept } for pid=10676 comm="syz.0.1376" lport=52141 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1 [ 132.672566][ T6011] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 132.736530][T10684] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65352 sclass=netlink_route_socket pid=10684 comm=syz.0.1378 [ 132.744651][T10684] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1378'. [ 132.749869][ T40] audit: type=1400 audit(1754221352.614:33604): avc: denied { read } for pid=10683 comm="syz.0.1378" path="socket:[35750]" dev="sockfs" ino=35750 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 132.832713][ T6011] usb 6-1: Using ep0 maxpacket: 32 [ 132.838297][ T6011] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 132.841151][ T6011] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 132.844919][ T6011] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 132.847819][ T6011] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 132.850909][ T6011] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 132.856238][ T6011] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 132.860633][ T40] audit: type=1400 audit(1754221352.724:33605): avc: denied { setopt } for pid=10683 comm="syz.0.1378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 132.868661][ T6011] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 132.871536][ T6011] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.877681][ T6011] usb 6-1: config 0 descriptor?? [ 133.053803][T10695] xfrm0 speed is unknown, defaulting to 1000 [ 133.082835][ T6011] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 14 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 133.286241][ T40] audit: type=1400 audit(1754221353.144:33606): avc: denied { read write } for pid=10650 comm="syz.1.1370" name="lp0" dev="devtmpfs" ino=3086 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 133.309683][ T40] audit: type=1400 audit(1754221353.144:33607): avc: denied { open } for pid=10650 comm="syz.1.1370" path="/dev/usb/lp0" dev="devtmpfs" ino=3086 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 133.339163][ C2] usblp0: nonzero read bulk status received: -71 [ 133.339891][ T1348] usb 6-1: USB disconnect, device number 14 [ 133.343297][T10651] usblp0: error -71 reading from printer [ 133.704151][T10650] usblp0: removed [ 134.090016][T10717] netlink: 348 bytes leftover after parsing attributes in process `syz.4.1383'. [ 134.150711][ T40] audit: type=1400 audit(1754221354.014:33608): avc: denied { mount } for pid=10720 comm="syz.0.1384" name="/" dev="securityfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1 [ 134.156971][T10721] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1384'. [ 134.265892][T10723] syzkaller1: entered promiscuous mode [ 134.267663][T10723] syzkaller1: entered allmulticast mode [ 134.276656][T10723] bridge_slave_0: left allmulticast mode [ 134.278437][T10723] bridge_slave_0: left promiscuous mode [ 134.286406][T10723] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.308486][T10723] bridge_slave_1: left allmulticast mode [ 134.310341][T10723] bridge_slave_1: left promiscuous mode [ 134.313694][T10723] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.320062][T10732] Invalid ELF header type: 0 != 1 [ 134.335023][T10723] bond0: (slave bond_slave_0): Releasing backup interface [ 134.358169][T10723] bond0: (slave bond_slave_1): Releasing backup interface [ 134.368751][T10723] team0: Port device team_slave_0 removed [ 134.375161][T10723] team0: Port device team_slave_1 removed [ 134.377141][T10723] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 134.386011][T10723] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 134.441088][T10739] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1391'. [ 134.497059][T10741] tmpfs: User quota inode hardlimit too large. [ 134.504395][T10739] overlay: ./file0 is not a directory [ 134.509124][T10739] syzkaller1: entered promiscuous mode [ 134.510908][T10739] syzkaller1: entered allmulticast mode [ 134.568185][T10746] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 134.572212][T10746] overlayfs: overlapping lowerdir path [ 134.580435][T10746] netlink: 'syz.3.1394': attribute type 4 has an invalid length. [ 134.592108][T10746] netlink: 124 bytes leftover after parsing attributes in process `syz.3.1394'. [ 134.606618][T10748] kvm: kvm [10747]: vcpu0, guest rIP: 0x8000000 Unhandled WRMSR(0x4000006f) = 0x0 [ 134.736013][T10752] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1396'. [ 134.823997][T10759] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 134.862382][T10761] vim2m vim2m.0: Fourcc format (0x47524247) invalid. [ 135.204840][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 135.204851][ T40] audit: type=1400 audit(1754221355.074:33612): avc: denied { connect } for pid=10766 comm="syz.0.1400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 135.222883][ T40] audit: type=1400 audit(1754221355.074:33613): avc: denied { getopt } for pid=10766 comm="syz.0.1400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 135.383986][ T40] audit: type=1400 audit(1754221355.254:33614): avc: denied { ioctl } for pid=10774 comm="syz.0.1402" path="socket:[36787]" dev="sockfs" ino=36787 ioctlcmd=0x942a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 135.449586][T10775] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1402'. [ 135.586858][T10787] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1406'. [ 135.831248][ T1348] libceph: connect (1)[c::]:6789 error -22 [ 135.834490][ T1348] libceph: mon0 (1)[c::]:6789 connect error [ 135.875534][ T1348] libceph: connect (1)[c::]:6789 error -22 [ 135.877472][ T1348] libceph: mon0 (1)[c::]:6789 connect error [ 136.097497][ T1348] libceph: connect (1)[c::]:6789 error -22 [ 136.099489][ T1348] libceph: mon0 (1)[c::]:6789 connect error [ 136.132852][ T1348] libceph: connect (1)[c::]:6789 error -22 [ 136.134942][ T1348] libceph: mon0 (1)[c::]:6789 connect error [ 136.142542][ C0] net_ratelimit: 107303 callbacks suppressed [ 136.142543][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 136.142552][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 136.144544][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 136.148231][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 136.151873][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 136.155641][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 136.159415][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 136.162982][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 136.166640][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 136.170288][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:7e:98:3a:ce:6a:2e, vlan:0) [ 136.424498][T10797] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1408'. [ 136.428330][T10797] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1408'. [ 136.432011][T10798] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1408'. [ 136.435458][T10798] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1408'. [ 136.477974][T10802] bio_check_eod: 3 callbacks suppressed [ 136.477985][T10802] syz.3.1409: attempt to access beyond end of device [ 136.477985][T10802] nbd3: rw=0, sector=0, nr_sectors = 2 limit=0 [ 136.484894][T10802] befs: (nbd3): unable to read superblock [ 136.549734][ T40] audit: type=1400 audit(1754221356.414:33615): avc: denied { bind } for pid=10808 comm="syz.3.1411" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 136.604699][ T1348] libceph: connect (1)[c::]:6789 error -22 [ 136.607234][ T1348] libceph: mon0 (1)[c::]:6789 connect error [ 136.609975][T10811] netlink: 'syz.3.1411': attribute type 10 has an invalid length. [ 136.614416][T10811] team0: Port device geneve0 added [ 136.616503][ T6937] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.619309][ T6937] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.622217][ T6937] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.625085][ T6937] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.642968][ T1348] libceph: connect (1)[c::]:6789 error -22 [ 136.644967][ T1348] libceph: mon0 (1)[c::]:6789 connect error [ 136.684025][T10792] ceph: No mds server is up or the cluster is laggy [ 136.685357][T10789] ceph: No mds server is up or the cluster is laggy [ 136.770817][T10815] tmpfs: Unknown parameter 'grpquota_block_^ardlimit' [ 137.220106][T10824] hsr_slave_0 (unregistering): left promiscuous mode [ 137.474064][T10830] netdevsim netdevsim3 netdevsim0: left allmulticast mode [ 138.168518][T10841] program syz.4.1422 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 138.305013][T10846] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 138.308443][ T40] audit: type=1400 audit(1754221358.174:33616): avc: denied { mounton } for pid=10845 comm="syz.3.1424" path="/335/file0" dev="securityfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=dir permissive=1 [ 138.331547][ T40] audit: type=1400 audit(1754221358.194:33617): avc: denied { unmount } for pid=5961 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1 [ 138.441298][T10850] veth1_to_bond: entered allmulticast mode [ 138.500402][T10854] comedi comedi3: board detection failed [ 138.544997][T10850] .: (slave bond_slave_1): Releasing backup interface [ 138.617952][T10850] veth1_to_bond (unregistering): left allmulticast mode [ 138.635434][T10856] bridge1: entered promiscuous mode [ 138.720680][ T40] audit: type=1804 audit(1754221358.584:33618): pid=10868 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.1432" name="file0" dev="ramfs" ino=38194 res=1 errno=0 [ 138.773318][ T40] audit: type=1400 audit(1754221358.644:33619): avc: denied { map } for pid=10865 comm="syz.3.1431" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 138.963620][T10879] overlay: Unknown parameter 'euid<00000000000000000000' [ 139.533569][T10893] input: syz0 as /devices/virtual/input/input19 [ 139.803905][ T9] libceph: connect (1)[c::]:6789 error -22 [ 139.808241][ T40] audit: type=1400 audit(1754221359.674:33620): avc: denied { create } for pid=10907 comm="syz.3.1443" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 139.817099][ T40] audit: type=1400 audit(1754221359.684:33621): avc: denied { setopt } for pid=10907 comm="syz.3.1443" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 139.980391][T10926] __nla_validate_parse: 6 callbacks suppressed [ 139.980402][T10926] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.1447'. [ 139.990784][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 140.082928][ T1348] libceph: connect (1)[c::]:6789 error -22 [ 140.084900][ T1348] libceph: mon0 (1)[c::]:6789 connect error [ 140.278233][T10945] sctp: [Deprecated]: syz.3.1453 (pid 10945) Use of int in max_burst socket option. [ 140.278233][T10945] Use struct sctp_assoc_value instead [ 140.311603][ T9] libceph: connect (1)[c::]:6789 error -22 [ 140.347044][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 140.356358][ T1348] libceph: connect (1)[c::]:6789 error -22 [ 140.360794][ T1348] libceph: mon0 (1)[c::]:6789 connect error [ 140.394266][T10955] [U] ^R [ 140.425374][T10956] all: renamed from lo [ 140.507118][T10959] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1458'. [ 140.582046][T10931] ceph: No mds server is up or the cluster is laggy [ 140.582058][T10902] ceph: No mds server is up or the cluster is laggy [ 140.885992][ T1348] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 140.952028][T10979] Oops: general protection fault, probably for non-canonical address 0xdffffc000000005f: 0000 [#1] SMP KASAN NOPTI [ 140.955800][T10979] KASAN: null-ptr-deref in range [0x00000000000002f8-0x00000000000002ff] [ 140.959153][T10979] CPU: 3 UID: 0 PID: 10979 Comm: syz.0.1463 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) [ 140.963492][T10979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 140.966838][T10979] RIP: 0010:h5_recv+0x104/0x950 [ 140.968404][T10979] Code: c1 e8 03 4c 01 f0 48 89 44 24 08 48 8d 83 08 03 00 00 48 89 44 24 30 48 c1 e8 03 48 89 44 24 10 e8 a1 d2 41 f9 48 8b 44 24 08 <80> 38 00 0f 85 ae 01 00 00 48 89 ea 48 89 e9 4c 8b bb f8 02 00 00 [ 140.974383][T10979] RSP: 0018:ffffc90006dffc00 EFLAGS: 00010293 [ 140.976302][T10979] RAX: dffffc000000005f RBX: 0000000000000000 RCX: ffffffff8879b59a [ 140.978765][T10979] RDX: ffff888063262440 RSI: ffffffff8879b5df RDI: 0000000000000005 [ 140.981234][T10979] RBP: ffffc90006dffd88 R08: 0000000000000005 R09: 0000000000000000 [ 140.983699][T10979] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001 [ 140.986162][T10979] R13: 0000000000000001 R14: dffffc0000000000 R15: ffffffff8cb44e20 [ 140.988628][T10979] FS: 00007fe3426756c0(0000) GS:ffff8880d69c8000(0000) knlGS:0000000000000000 [ 140.991383][T10979] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.993478][T10979] CR2: 00007fe342674f98 CR3: 00000000360ed000 CR4: 0000000000352ef0 [ 140.995995][T10979] Call Trace: [ 140.997078][T10979] [ 140.998029][T10979] ? __pfx_h5_recv+0x10/0x10 [ 140.999511][T10979] hci_uart_tty_receive+0x254/0x7e0 [ 141.001176][T10979] ? __pfx_hci_uart_tty_receive+0x10/0x10 [ 141.002975][T10979] tty_ioctl+0x583/0x1680 [ 141.004396][T10979] ? __pfx_tty_ioctl+0x10/0x10 [ 141.005928][T10979] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 141.008111][T10979] ? hook_file_ioctl_common+0x145/0x410 [ 141.009867][T10979] ? selinux_file_ioctl+0x180/0x270 [ 141.011525][T10979] ? selinux_file_ioctl+0xb4/0x270 [ 141.013156][T10979] ? __pfx_tty_ioctl+0x10/0x10 [ 141.014692][T10979] __x64_sys_ioctl+0x18b/0x210 [ 141.016235][T10979] do_syscall_64+0xcd/0x4c0 [ 141.017689][T10979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.019533][T10979] RIP: 0033:0x7fe34178eb69 [ 141.020929][T10979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.026830][T10979] RSP: 002b:00007fe342675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 141.029425][T10979] RAX: ffffffffffffffda RBX: 00007fe3419b6160 RCX: 00007fe34178eb69 [ 141.031899][T10979] RDX: 0000200000000140 RSI: 0000000000005412 RDI: 0000000000000045 [ 141.034372][T10979] RBP: 00007fe341811df1 R08: 0000000000000000 R09: 0000000000000000 [ 141.036845][T10979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 141.039310][T10979] R13: 0000000000000001 R14: 00007fe3419b6160 R15: 00007fff768a0f08 [ 141.041775][T10979] [ 141.042761][T10979] Modules linked in: [ 141.044094][ C3] vkms_vblank_simulate: vblank timer overrun [ 141.046021][T10979] ---[ end trace 0000000000000000 ]--- [ 141.049724][T10979] RIP: 0010:h5_recv+0x104/0x950 [ 141.050280][ T40] kauditd_printk_skb: 1 callbacks suppressed [ 141.050288][ T40] audit: type=1400 audit(1754221360.914:33623): avc: denied { read } for pid=5357 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 141.051299][T10979] Code: c1 e8 03 4c 01 f0 48 89 44 24 08 48 8d 83 08 03 00 00 48 89 44 24 30 48 c1 e8 03 48 89 44 24 10 e8 a1 d2 41 f9 48 8b 44 24 08 <80> 38 00 0f 85 ae 01 00 00 48 89 ea 48 89 e9 4c 8b bb f8 02 00 00 [ 141.051313][T10979] RSP: 0018:ffffc90006dffc00 EFLAGS: 00010293 [ 141.051323][T10979] RAX: dffffc000000005f RBX: 0000000000000000 RCX: ffffffff8879b59a [ 141.051330][T10979] RDX: ffff888063262440 RSI: ffffffff8879b5df RDI: 0000000000000005 [ 141.051337][T10979] RBP: ffffc90006dffd88 R08: 0000000000000005 R09: 0000000000000000 [ 141.051344][T10979] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001 [ 141.055522][ T40] audit: type=1400 audit(1754221360.914:33624): avc: denied { search } for pid=5357 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 141.060043][T10979] R13: 0000000000000001 R14: dffffc0000000000 R15: ffffffff8cb44e20 [ 141.066861][ T40] audit: type=1400 audit(1754221360.914:33625): avc: denied { search } for pid=5357 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 141.068751][T10979] FS: 00007fe3426756c0(0000) GS:ffff8880d68c8000(0000) knlGS:0000000000000000 [ 141.070703][ T40] audit: type=1400 audit(1754221360.914:33626): avc: denied { add_name } for pid=5357 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 141.073147][T10979] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.073157][T10979] CR2: 00007fe342675d58 CR3: 00000000360ed000 CR4: 0000000000352ef0 [ 141.073166][T10979] Kernel panic - not syncing: Fatal exception [ 141.073705][T10979] Kernel Offset: disabled VM DIAGNOSIS: 11:34:08 Registers: info registers vcpu 0 CPU#0 RAX=1ffff11008f7cb18 RBX=ffff888047be5800 RCX=ffff888047be58c0 RDX=ffff88801da8c880 RSI=ffffffff8a418cac RDI=0000000000000005 RBP=dffffc0000000000 RSP=ffffc900000068d0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000002c10 R12=ffff888047be5864 R13=ffffc90000006bd8 R14=0000000000000001 R15=0000000000000000 RIP=ffffffff8a418cba RFL=00000a06 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d66c8000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fbc07263d58 CR3=0000000026eab000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbc065874a8 00007fbc065874a0 00007fbc06587498 00007fbc06587470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbc070ed100 00007fbc06587460 00007fbc06587478 00007fbc065874c0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbc065874b8 00007fbc065874b0 00007fbc065874a8 00007fbc065874a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff8a6eb5c5 RDX=ffff888021df2440 RSI=0000000000000000 RDI=0000000000000005 RBP=ffffffff8cf96830 RSP=ffffc9000069fff8 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000002c10 R12=ffff88802709ce18 R13=0000000000000000 R14=dffffc0000000000 R15=0000000000000001 RIP=ffffffff8b956be0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d67c8000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000000000 CR3=00000000385b2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000010000000 Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c4491045a5627927 100574fe071e6db8 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73026b8b3937372e cdd90759e607a3da ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4c24cc0439a7b09d 82c4788a050a37dc ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 568fd45093a58fac 386ad2442ef5ff22 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000003900 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9fdc51a11f760000 00545eb8000000bb ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5b54c10d73fb0000 6ccf0000ba1e0000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b03e00000000014a 00545e5bb6ea71f2 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0054600b00546060 ae740000ee4d5ea2 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d618172d463575f8 c01acdad8e25dd24 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e3204074d57fa441 6576b49c775ac1dc ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=ce7c4f46b34be4d5 12b8678a53c14be4 ce7c4f46b34be4d5 12b8678a53c14be4 ce7c4f46b34be4d5 12b8678a53c14be4 ce7c4f46b34be4d5 12b8678a53c14be4 ZMM18=0abd5de512ce86a1 1e16b094dec2d508 0abd5de512ce86a1 1e16b094dec2d508 0abd5de512ce86a1 1e16b094dec2d508 0abd5de512ce86a1 1e16b094dec2d508 ZMM19=9b08000000000000 0000000000000005 9b08000000000000 0000000000000004 9b08000000000000 0000000000000003 9b08000000000000 0000000000000002 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000c00000010 0000001400000018 0000001c00000020 0000003400000028 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000800000000 000000000000014a 000000000243d580 000000140000001c ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000e0014000c 000000080004001c 000e000000000000 0000000000000581 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0007000800060300 0000000600050006 00060700fffffffa 03000000ffffffe6 ZMM25=c4606d40c4606d40 c4606d40c4606d40 c4606d40c4606d40 c4606d40c4606d40 c4606d40c4606d40 c4606d40c4606d40 c4606d40c4606d40 c4606d40c4606d40 ZMM26=3e87a6973e87a697 3e87a6973e87a697 3e87a6973e87a697 3e87a6973e87a697 3e87a6973e87a697 3e87a6973e87a697 3e87a6973e87a697 3e87a6973e87a697 ZMM27=a1adb8c2a1adb8c2 a1adb8c2a1adb8c2 a1adb8c2a1adb8c2 a1adb8c2a1adb8c2 a1adb8c2a1adb8c2 a1adb8c2a1adb8c2 a1adb8c2a1adb8c2 a1adb8c2a1adb8c2 ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=dd060000dd060000 dd060000dd060000 dd060000dd060000 dd060000dd060000 dd060000dd060000 dd060000dd060000 dd060000dd060000 dd060000dd060000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88806a741e80 RCX=ffffffff81af8aa1 RDX=ffff888029e94880 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90007f9f880 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=ffffffff9b0ec340 R12=dffffc0000000000 R13=ffffed100d4e83d1 R14=0000000000000001 R15=0000000000000003 RIP=ffffffff81bb8880 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d68c8000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fe342675d58 CR3=000000000e380000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=00000000e0000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff768a1416 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff768a1416 00007fff768a141c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe341812e0a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe341812e17 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe341812e11 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe341812e25 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe341812eab ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe341812f89 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3419874a8 00007fe3419874a0 00007fe341987498 00007fe341987470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3424ed100 00007fe341987460 00007fe341987478 00007fe3419874c0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3419874b8 00007fe3419874b0 00007fe3419874a8 00007fe3419874a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85634155 RDI=ffffffff9b1120e0 RBP=ffffffff9b1120a0 RSP=ffffc90006dff570 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552033203a555043 R12=0000000000000000 R13=0000000000000039 R14=ffffffff9b1120a0 R15=ffffffff856340f0 RIP=ffffffff8563417f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007fe3426756c0 ffffffff 00c00000 GS =0000 ffff8880d69c8000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fe342674f98 CR3=00000000360ed000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff768a1416 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff768a1416 00007fff768a141c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe341812e0a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe341812e17 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe341812e11 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe341812e25 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe341812eab ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe341812f89 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3419874a8 00007fe3419874a0 00007fe341987498 00007fe341987470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3424ed100 00007fe341987460 00007fe341987478 00007fe3419874c0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3419874b8 00007fe3419874b0 00007fe3419874a8 00007fe3419874a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000