[ 51.820291][ T39] audit: type=1400 audit(1662861786.624:74): avc: denied { write } for pid=3661 comm="sh" path="pipe:[1883]" dev="pipefs" ino=1883 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1 Warning: Permanently added '[localhost]:27450' (ECDSA) to the list of known hosts. [ 53.951454][ T39] audit: type=1400 audit(1662861788.774:75): avc: denied { execute } for pid=3674 comm="sh" name="syz-fuzzer" dev="sda1" ino=1134 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 53.967987][ T39] audit: type=1400 audit(1662861788.774:76): avc: denied { execute_no_trans } for pid=3674 comm="sh" path="/syz-fuzzer" dev="sda1" ino=1134 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 2022/09/11 02:03:08 fuzzer started 2022/09/11 02:03:09 dialing manager at localhost:34515 [ 54.859369][ T39] audit: type=1400 audit(1662861789.674:77): avc: denied { mounton } for pid=3684 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1136 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 54.865912][ T3684] cgroup: Unknown subsys name 'net' [ 54.874238][ T39] audit: type=1400 audit(1662861789.684:78): avc: denied { mount } for pid=3684 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 54.893770][ T39] audit: type=1400 audit(1662861789.714:79): avc: denied { unmount } for pid=3684 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 55.149987][ T3684] cgroup: Unknown subsys name 'rlimit' [ 55.299544][ T39] audit: type=1400 audit(1662861790.114:80): avc: denied { mounton } for pid=3684 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 2022/09/11 02:03:10 syscalls: 3774 2022/09/11 02:03:10 code coverage: enabled 2022/09/11 02:03:10 comparison tracing: enabled 2022/09/11 02:03:10 extra coverage: enabled 2022/09/11 02:03:10 delay kcov mmap: enabled 2022/09/11 02:03:10 setuid sandbox: enabled 2022/09/11 02:03:10 namespace sandbox: enabled 2022/09/11 02:03:10 Android sandbox: enabled 2022/09/11 02:03:10 fault injection: enabled 2022/09/11 02:03:10 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2022/09/11 02:03:10 net packet injection: enabled 2022/09/11 02:03:10 net device setup: enabled 2022/09/11 02:03:10 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/11 02:03:10 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/11 02:03:10 USB emulation: enabled 2022/09/11 02:03:10 hci packet injection: enabled 2022/09/11 02:03:10 wifi device emulation: failed to parse kernel version (6.0.0-rc4-syzkaller-00302-gb96fbd602d35) 2022/09/11 02:03:10 802.15.4 emulation: enabled 2022/09/11 02:03:10 fetching corpus: 0, signal 0/2000 (executing program) [ 55.313734][ T39] audit: type=1400 audit(1662861790.114:81): avc: denied { mount } for pid=3684 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 55.335296][ T39] audit: type=1400 audit(1662861790.124:82): avc: denied { setattr } for pid=3684 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 2022/09/11 02:03:10 fetching corpus: 50, signal 45748/49478 (executing program) 2022/09/11 02:03:10 fetching corpus: 100, signal 58265/63745 (executing program) 2022/09/11 02:03:10 fetching corpus: 150, signal 71502/78653 (executing program) 2022/09/11 02:03:10 fetching corpus: 200, signal 85132/93807 (executing program) 2022/09/11 02:03:11 fetching corpus: 250, signal 97854/108025 (executing program) 2022/09/11 02:03:11 fetching corpus: 300, signal 107794/119449 (executing program) 2022/09/11 02:03:11 fetching corpus: 350, signal 113929/127076 (executing program) 2022/09/11 02:03:11 fetching corpus: 400, signal 121707/136269 (executing program) 2022/09/11 02:03:12 fetching corpus: 450, signal 130027/145953 (executing program) 2022/09/11 02:03:12 fetching corpus: 500, signal 134196/151578 (executing program) 2022/09/11 02:03:12 fetching corpus: 550, signal 139512/158284 (executing program) 2022/09/11 02:03:12 fetching corpus: 600, signal 145602/165733 (executing program) 2022/09/11 02:03:12 fetching corpus: 650, signal 149391/170898 (executing program) 2022/09/11 02:03:13 fetching corpus: 700, signal 154004/176802 (executing program) 2022/09/11 02:03:13 fetching corpus: 750, signal 157712/181826 (executing program) 2022/09/11 02:03:13 fetching corpus: 800, signal 160027/185515 (executing program) 2022/09/11 02:03:13 fetching corpus: 850, signal 165465/192157 (executing program) 2022/09/11 02:03:13 fetching corpus: 900, signal 170601/198433 (executing program) 2022/09/11 02:03:14 fetching corpus: 950, signal 174091/203165 (executing program) 2022/09/11 02:03:14 fetching corpus: 1000, signal 177416/207747 (executing program) 2022/09/11 02:03:14 fetching corpus: 1050, signal 180320/211914 (executing program) 2022/09/11 02:03:14 fetching corpus: 1100, signal 184140/216882 (executing program) 2022/09/11 02:03:14 fetching corpus: 1150, signal 186597/220565 (executing program) 2022/09/11 02:03:15 fetching corpus: 1200, signal 189116/224303 (executing program) 2022/09/11 02:03:15 fetching corpus: 1250, signal 192612/228900 (executing program) 2022/09/11 02:03:15 fetching corpus: 1300, signal 194882/232372 (executing program) 2022/09/11 02:03:15 fetching corpus: 1350, signal 196857/235573 (executing program) 2022/09/11 02:03:16 fetching corpus: 1400, signal 199419/239324 (executing program) 2022/09/11 02:03:16 fetching corpus: 1450, signal 201870/242872 (executing program) 2022/09/11 02:03:16 fetching corpus: 1500, signal 204920/247010 (executing program) 2022/09/11 02:03:16 fetching corpus: 1550, signal 207263/250447 (executing program) 2022/09/11 02:03:16 fetching corpus: 1600, signal 209755/253998 (executing program) 2022/09/11 02:03:17 fetching corpus: 1650, signal 211850/257195 (executing program) 2022/09/11 02:03:17 fetching corpus: 1700, signal 214175/260562 (executing program) 2022/09/11 02:03:17 fetching corpus: 1750, signal 216639/264080 (executing program) 2022/09/11 02:03:17 fetching corpus: 1800, signal 218531/267043 (executing program) 2022/09/11 02:03:17 fetching corpus: 1850, signal 220783/270341 (executing program) 2022/09/11 02:03:17 fetching corpus: 1900, signal 222446/273105 (executing program) 2022/09/11 02:03:18 fetching corpus: 1950, signal 224700/276372 (executing program) 2022/09/11 02:03:18 fetching corpus: 2000, signal 226607/279303 (executing program) 2022/09/11 02:03:18 fetching corpus: 2050, signal 228573/282311 (executing program) 2022/09/11 02:03:18 fetching corpus: 2100, signal 231471/286082 (executing program) 2022/09/11 02:03:18 fetching corpus: 2150, signal 233856/289375 (executing program) 2022/09/11 02:03:18 fetching corpus: 2200, signal 236628/293078 (executing program) 2022/09/11 02:03:19 fetching corpus: 2250, signal 238458/295823 (executing program) 2022/09/11 02:03:19 fetching corpus: 2300, signal 240941/299233 (executing program) 2022/09/11 02:03:19 fetching corpus: 2350, signal 244253/303290 (executing program) 2022/09/11 02:03:19 fetching corpus: 2400, signal 245933/305979 (executing program) 2022/09/11 02:03:19 fetching corpus: 2450, signal 248007/308977 (executing program) 2022/09/11 02:03:20 fetching corpus: 2500, signal 250361/312158 (executing program) 2022/09/11 02:03:20 fetching corpus: 2550, signal 251707/314486 (executing program) 2022/09/11 02:03:20 fetching corpus: 2600, signal 253389/317080 (executing program) 2022/09/11 02:03:20 fetching corpus: 2650, signal 255053/319606 (executing program) 2022/09/11 02:03:20 fetching corpus: 2700, signal 257508/322861 (executing program) 2022/09/11 02:03:20 fetching corpus: 2750, signal 259832/325965 (executing program) 2022/09/11 02:03:20 fetching corpus: 2800, signal 261321/328325 (executing program) 2022/09/11 02:03:21 fetching corpus: 2850, signal 262502/330444 (executing program) 2022/09/11 02:03:21 fetching corpus: 2900, signal 264128/332912 (executing program) 2022/09/11 02:03:21 fetching corpus: 2950, signal 265409/335112 (executing program) 2022/09/11 02:03:21 fetching corpus: 3000, signal 267760/338154 (executing program) 2022/09/11 02:03:21 fetching corpus: 3050, signal 269386/340608 (executing program) 2022/09/11 02:03:22 fetching corpus: 3100, signal 270584/342761 (executing program) 2022/09/11 02:03:22 fetching corpus: 3150, signal 272777/345733 (executing program) 2022/09/11 02:03:22 fetching corpus: 3200, signal 274098/347884 (executing program) 2022/09/11 02:03:22 fetching corpus: 3250, signal 275795/350381 (executing program) 2022/09/11 02:03:22 fetching corpus: 3300, signal 277671/353006 (executing program) 2022/09/11 02:03:23 fetching corpus: 3350, signal 279065/355272 (executing program) 2022/09/11 02:03:23 fetching corpus: 3400, signal 281803/358540 (executing program) 2022/09/11 02:03:23 fetching corpus: 3450, signal 282671/360374 (executing program) 2022/09/11 02:03:23 fetching corpus: 3500, signal 283984/362491 (executing program) 2022/09/11 02:03:23 fetching corpus: 3550, signal 285497/364771 (executing program) 2022/09/11 02:03:24 fetching corpus: 3600, signal 286663/366759 (executing program) 2022/09/11 02:03:24 fetching corpus: 3650, signal 288544/369289 (executing program) 2022/09/11 02:03:24 fetching corpus: 3700, signal 290017/371539 (executing program) 2022/09/11 02:03:24 fetching corpus: 3750, signal 291030/373349 (executing program) 2022/09/11 02:03:24 fetching corpus: 3800, signal 292600/375629 (executing program) 2022/09/11 02:03:25 fetching corpus: 3850, signal 293842/377646 (executing program) 2022/09/11 02:03:25 fetching corpus: 3900, signal 295927/380290 (executing program) 2022/09/11 02:03:25 fetching corpus: 3950, signal 297795/382724 (executing program) 2022/09/11 02:03:25 fetching corpus: 4000, signal 299033/384632 (executing program) 2022/09/11 02:03:25 fetching corpus: 4050, signal 300171/386544 (executing program) 2022/09/11 02:03:26 fetching corpus: 4100, signal 301708/388819 (executing program) 2022/09/11 02:03:26 fetching corpus: 4150, signal 302951/390743 (executing program) 2022/09/11 02:03:26 fetching corpus: 4200, signal 303824/392377 (executing program) 2022/09/11 02:03:26 fetching corpus: 4250, signal 304686/394060 (executing program) 2022/09/11 02:03:26 fetching corpus: 4300, signal 305722/395883 (executing program) 2022/09/11 02:03:27 fetching corpus: 4350, signal 306832/397681 (executing program) 2022/09/11 02:03:27 fetching corpus: 4400, signal 308141/399658 (executing program) 2022/09/11 02:03:27 fetching corpus: 4450, signal 308841/401192 (executing program) 2022/09/11 02:03:27 fetching corpus: 4500, signal 309683/402880 (executing program) 2022/09/11 02:03:27 fetching corpus: 4550, signal 311067/404916 (executing program) 2022/09/11 02:03:28 fetching corpus: 4600, signal 312141/406702 (executing program) 2022/09/11 02:03:28 fetching corpus: 4650, signal 313501/408678 (executing program) 2022/09/11 02:03:28 fetching corpus: 4700, signal 314421/410385 (executing program) 2022/09/11 02:03:28 fetching corpus: 4750, signal 315996/412493 (executing program) 2022/09/11 02:03:28 fetching corpus: 4800, signal 317478/414496 (executing program) 2022/09/11 02:03:29 fetching corpus: 4850, signal 318450/416165 (executing program) 2022/09/11 02:03:29 fetching corpus: 4900, signal 319686/418023 (executing program) 2022/09/11 02:03:29 fetching corpus: 4950, signal 320496/419537 (executing program) 2022/09/11 02:03:29 fetching corpus: 5000, signal 321494/421210 (executing program) 2022/09/11 02:03:29 fetching corpus: 5050, signal 322303/422757 (executing program) 2022/09/11 02:03:29 fetching corpus: 5100, signal 323487/424578 (executing program) 2022/09/11 02:03:29 fetching corpus: 5150, signal 324424/426175 (executing program) 2022/09/11 02:03:30 fetching corpus: 5200, signal 325538/427966 (executing program) 2022/09/11 02:03:30 fetching corpus: 5249, signal 326479/429529 (executing program) 2022/09/11 02:03:30 fetching corpus: 5299, signal 327348/431100 (executing program) 2022/09/11 02:03:30 fetching corpus: 5349, signal 328275/432705 (executing program) 2022/09/11 02:03:30 fetching corpus: 5399, signal 329240/434292 (executing program) 2022/09/11 02:03:31 fetching corpus: 5449, signal 330449/436034 (executing program) 2022/09/11 02:03:31 fetching corpus: 5499, signal 331396/437597 (executing program) 2022/09/11 02:03:31 fetching corpus: 5549, signal 332813/439477 (executing program) 2022/09/11 02:03:31 fetching corpus: 5599, signal 333627/440967 (executing program) 2022/09/11 02:03:31 fetching corpus: 5649, signal 335182/442937 (executing program) [ 77.243806][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 77.248202][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 2022/09/11 02:03:32 fetching corpus: 5699, signal 336412/444696 (executing program) 2022/09/11 02:03:32 fetching corpus: 5749, signal 337510/446325 (executing program) 2022/09/11 02:03:32 fetching corpus: 5799, signal 338778/448036 (executing program) 2022/09/11 02:03:32 fetching corpus: 5849, signal 339984/449740 (executing program) 2022/09/11 02:03:32 fetching corpus: 5899, signal 340960/451262 (executing program) 2022/09/11 02:03:33 fetching corpus: 5949, signal 342106/452947 (executing program) 2022/09/11 02:03:33 fetching corpus: 5999, signal 343191/454507 (executing program) 2022/09/11 02:03:33 fetching corpus: 6049, signal 344004/455925 (executing program) 2022/09/11 02:03:33 fetching corpus: 6099, signal 344616/457235 (executing program) 2022/09/11 02:03:33 fetching corpus: 6149, signal 345501/458662 (executing program) 2022/09/11 02:03:34 fetching corpus: 6199, signal 346466/460156 (executing program) 2022/09/11 02:03:34 fetching corpus: 6249, signal 347189/461497 (executing program) 2022/09/11 02:03:34 fetching corpus: 6299, signal 348264/463054 (executing program) 2022/09/11 02:03:35 fetching corpus: 6349, signal 349338/464643 (executing program) 2022/09/11 02:03:35 fetching corpus: 6399, signal 350091/465945 (executing program) 2022/09/11 02:03:35 fetching corpus: 6449, signal 350823/467312 (executing program) 2022/09/11 02:03:35 fetching corpus: 6499, signal 351924/468885 (executing program) 2022/09/11 02:03:35 fetching corpus: 6549, signal 352972/470391 (executing program) 2022/09/11 02:03:35 fetching corpus: 6599, signal 353904/471851 (executing program) 2022/09/11 02:03:36 fetching corpus: 6649, signal 354627/473140 (executing program) 2022/09/11 02:03:36 fetching corpus: 6699, signal 355375/474451 (executing program) 2022/09/11 02:03:36 fetching corpus: 6749, signal 356248/475835 (executing program) 2022/09/11 02:03:36 fetching corpus: 6799, signal 356929/477096 (executing program) 2022/09/11 02:03:36 fetching corpus: 6849, signal 357815/478494 (executing program) 2022/09/11 02:03:37 fetching corpus: 6899, signal 359220/480157 (executing program) 2022/09/11 02:03:37 fetching corpus: 6949, signal 360133/481580 (executing program) 2022/09/11 02:03:37 fetching corpus: 6999, signal 360888/482860 (executing program) 2022/09/11 02:03:37 fetching corpus: 7049, signal 361648/484121 (executing program) 2022/09/11 02:03:37 fetching corpus: 7099, signal 362204/485297 (executing program) 2022/09/11 02:03:37 fetching corpus: 7148, signal 363041/486624 (executing program) 2022/09/11 02:03:38 fetching corpus: 7198, signal 363841/487935 (executing program) 2022/09/11 02:03:38 fetching corpus: 7248, signal 364716/489244 (executing program) 2022/09/11 02:03:38 fetching corpus: 7298, signal 365495/490506 (executing program) 2022/09/11 02:03:38 fetching corpus: 7348, signal 366193/491769 (executing program) 2022/09/11 02:03:38 fetching corpus: 7398, signal 366882/492985 (executing program) 2022/09/11 02:03:39 fetching corpus: 7448, signal 367720/494329 (executing program) 2022/09/11 02:03:39 fetching corpus: 7498, signal 368619/495639 (executing program) 2022/09/11 02:03:39 fetching corpus: 7548, signal 369530/496917 (executing program) 2022/09/11 02:03:39 fetching corpus: 7598, signal 370277/498120 (executing program) 2022/09/11 02:03:39 fetching corpus: 7648, signal 371069/499388 (executing program) 2022/09/11 02:03:39 fetching corpus: 7698, signal 371773/500562 (executing program) 2022/09/11 02:03:40 fetching corpus: 7748, signal 372602/501845 (executing program) 2022/09/11 02:03:40 fetching corpus: 7798, signal 373333/503057 (executing program) 2022/09/11 02:03:40 fetching corpus: 7848, signal 374031/504250 (executing program) 2022/09/11 02:03:40 fetching corpus: 7898, signal 374856/505448 (executing program) 2022/09/11 02:03:40 fetching corpus: 7948, signal 375786/506715 (executing program) 2022/09/11 02:03:40 fetching corpus: 7998, signal 376504/507940 (executing program) 2022/09/11 02:03:41 fetching corpus: 8048, signal 376975/508980 (executing program) 2022/09/11 02:03:41 fetching corpus: 8098, signal 377787/510183 (executing program) 2022/09/11 02:03:41 fetching corpus: 8148, signal 378833/511497 (executing program) 2022/09/11 02:03:41 fetching corpus: 8198, signal 380059/512908 (executing program) 2022/09/11 02:03:41 fetching corpus: 8248, signal 380813/514034 (executing program) 2022/09/11 02:03:41 fetching corpus: 8298, signal 381566/515179 (executing program) 2022/09/11 02:03:42 fetching corpus: 8348, signal 382653/516508 (executing program) 2022/09/11 02:03:42 fetching corpus: 8398, signal 383315/517665 (executing program) [ 87.484574][ T172] cfg80211: failed to load regulatory.db 2022/09/11 02:03:42 fetching corpus: 8448, signal 384174/518860 (executing program) 2022/09/11 02:03:42 fetching corpus: 8498, signal 385034/520069 (executing program) 2022/09/11 02:03:42 fetching corpus: 8548, signal 385947/521311 (executing program) 2022/09/11 02:03:43 fetching corpus: 8598, signal 386944/522576 (executing program) 2022/09/11 02:03:43 fetching corpus: 8648, signal 387738/523698 (executing program) 2022/09/11 02:03:43 fetching corpus: 8698, signal 388688/524875 (executing program) 2022/09/11 02:03:43 fetching corpus: 8748, signal 389507/525980 (executing program) 2022/09/11 02:03:43 fetching corpus: 8798, signal 390258/527074 (executing program) 2022/09/11 02:03:43 fetching corpus: 8848, signal 390932/528166 (executing program) 2022/09/11 02:03:44 fetching corpus: 8898, signal 391357/529077 (executing program) 2022/09/11 02:03:44 fetching corpus: 8948, signal 391900/530132 (executing program) 2022/09/11 02:03:44 fetching corpus: 8998, signal 392700/531234 (executing program) 2022/09/11 02:03:44 fetching corpus: 9048, signal 393457/532392 (executing program) 2022/09/11 02:03:44 fetching corpus: 9098, signal 393955/533353 (executing program) 2022/09/11 02:03:45 fetching corpus: 9148, signal 394719/534420 (executing program) 2022/09/11 02:03:45 fetching corpus: 9198, signal 395227/535405 (executing program) 2022/09/11 02:03:45 fetching corpus: 9248, signal 396006/536495 (executing program) 2022/09/11 02:03:45 fetching corpus: 9298, signal 396497/537420 (executing program) 2022/09/11 02:03:45 fetching corpus: 9348, signal 397162/538459 (executing program) 2022/09/11 02:03:45 fetching corpus: 9398, signal 397835/539480 (executing program) 2022/09/11 02:03:46 fetching corpus: 9448, signal 398671/540564 (executing program) 2022/09/11 02:03:46 fetching corpus: 9498, signal 399263/541542 (executing program) 2022/09/11 02:03:46 fetching corpus: 9548, signal 400089/542626 (executing program) 2022/09/11 02:03:46 fetching corpus: 9598, signal 400905/543730 (executing program) 2022/09/11 02:03:47 fetching corpus: 9648, signal 401612/544727 (executing program) 2022/09/11 02:03:47 fetching corpus: 9698, signal 402318/545730 (executing program) 2022/09/11 02:03:47 fetching corpus: 9748, signal 403112/546749 (executing program) 2022/09/11 02:03:47 fetching corpus: 9798, signal 403766/547781 (executing program) 2022/09/11 02:03:47 fetching corpus: 9848, signal 404314/548708 (executing program) 2022/09/11 02:03:47 fetching corpus: 9898, signal 404806/549595 (executing program) 2022/09/11 02:03:48 fetching corpus: 9948, signal 405415/550530 (executing program) 2022/09/11 02:03:48 fetching corpus: 9998, signal 406171/551583 (executing program) 2022/09/11 02:03:48 fetching corpus: 10048, signal 406614/552484 (executing program) 2022/09/11 02:03:48 fetching corpus: 10098, signal 407415/553514 (executing program) 2022/09/11 02:03:49 fetching corpus: 10148, signal 408090/554502 (executing program) 2022/09/11 02:03:49 fetching corpus: 10198, signal 408971/555521 (executing program) 2022/09/11 02:03:49 fetching corpus: 10248, signal 409564/556491 (executing program) 2022/09/11 02:03:49 fetching corpus: 10298, signal 410134/557393 (executing program) 2022/09/11 02:03:49 fetching corpus: 10348, signal 410863/558348 (executing program) 2022/09/11 02:03:50 fetching corpus: 10398, signal 411545/559288 (executing program) 2022/09/11 02:03:50 fetching corpus: 10448, signal 412109/560211 (executing program) 2022/09/11 02:03:50 fetching corpus: 10498, signal 412724/561134 (executing program) 2022/09/11 02:03:50 fetching corpus: 10548, signal 413265/562004 (executing program) 2022/09/11 02:03:50 fetching corpus: 10598, signal 414037/563025 (executing program) 2022/09/11 02:03:50 fetching corpus: 10648, signal 414596/563910 (executing program) 2022/09/11 02:03:51 fetching corpus: 10698, signal 415028/564755 (executing program) 2022/09/11 02:03:51 fetching corpus: 10748, signal 415553/565625 (executing program) 2022/09/11 02:03:51 fetching corpus: 10798, signal 416056/566469 (executing program) 2022/09/11 02:03:51 fetching corpus: 10848, signal 416646/567332 (executing program) 2022/09/11 02:03:51 fetching corpus: 10898, signal 417499/568270 (executing program) 2022/09/11 02:03:51 fetching corpus: 10948, signal 418058/569134 (executing program) 2022/09/11 02:03:52 fetching corpus: 10997, signal 418660/569983 (executing program) 2022/09/11 02:03:52 fetching corpus: 11047, signal 419116/570805 (executing program) 2022/09/11 02:03:52 fetching corpus: 11097, signal 419865/571742 (executing program) 2022/09/11 02:03:52 fetching corpus: 11147, signal 420494/572618 (executing program) 2022/09/11 02:03:52 fetching corpus: 11197, signal 421127/573463 (executing program) 2022/09/11 02:03:52 fetching corpus: 11247, signal 421753/574322 (executing program) 2022/09/11 02:03:53 fetching corpus: 11297, signal 422108/575113 (executing program) 2022/09/11 02:03:53 fetching corpus: 11347, signal 422622/575927 (executing program) 2022/09/11 02:03:53 fetching corpus: 11397, signal 423271/576750 (executing program) 2022/09/11 02:03:53 fetching corpus: 11447, signal 423910/577613 (executing program) 2022/09/11 02:03:53 fetching corpus: 11497, signal 424533/578433 (executing program) 2022/09/11 02:03:53 fetching corpus: 11547, signal 425142/579256 (executing program) 2022/09/11 02:03:54 fetching corpus: 11597, signal 425709/580082 (executing program) 2022/09/11 02:03:54 fetching corpus: 11647, signal 426364/580920 (executing program) 2022/09/11 02:03:54 fetching corpus: 11697, signal 426968/581714 (executing program) 2022/09/11 02:03:54 fetching corpus: 11747, signal 427661/582570 (executing program) 2022/09/11 02:03:54 fetching corpus: 11797, signal 428205/583348 (executing program) 2022/09/11 02:03:55 fetching corpus: 11847, signal 428785/584128 (executing program) 2022/09/11 02:03:55 fetching corpus: 11897, signal 429292/584888 (executing program) 2022/09/11 02:03:55 fetching corpus: 11947, signal 429953/585712 (executing program) 2022/09/11 02:03:55 fetching corpus: 11997, signal 430568/586503 (executing program) 2022/09/11 02:03:55 fetching corpus: 12047, signal 431034/587248 (executing program) 2022/09/11 02:03:56 fetching corpus: 12097, signal 431814/588057 (executing program) 2022/09/11 02:03:56 fetching corpus: 12147, signal 432486/588880 (executing program) 2022/09/11 02:03:56 fetching corpus: 12197, signal 433477/589764 (executing program) 2022/09/11 02:03:56 fetching corpus: 12247, signal 433899/590482 (executing program) 2022/09/11 02:03:56 fetching corpus: 12297, signal 434297/591183 (executing program) 2022/09/11 02:03:56 fetching corpus: 12347, signal 434847/591936 (executing program) 2022/09/11 02:03:57 fetching corpus: 12397, signal 435400/592656 (executing program) 2022/09/11 02:03:57 fetching corpus: 12447, signal 435884/593412 (executing program) 2022/09/11 02:03:57 fetching corpus: 12497, signal 436358/594168 (executing program) 2022/09/11 02:03:57 fetching corpus: 12547, signal 436943/594890 (executing program) 2022/09/11 02:03:57 fetching corpus: 12597, signal 437561/595658 (executing program) 2022/09/11 02:03:58 fetching corpus: 12647, signal 438070/596399 (executing program) 2022/09/11 02:03:58 fetching corpus: 12697, signal 438726/597173 (executing program) 2022/09/11 02:03:58 fetching corpus: 12747, signal 439075/597824 (executing program) 2022/09/11 02:03:58 fetching corpus: 12797, signal 439569/598521 (executing program) 2022/09/11 02:03:58 fetching corpus: 12847, signal 440112/599245 (executing program) 2022/09/11 02:03:59 fetching corpus: 12897, signal 440812/599999 (executing program) 2022/09/11 02:03:59 fetching corpus: 12947, signal 441223/600722 (executing program) 2022/09/11 02:03:59 fetching corpus: 12997, signal 441733/601441 (executing program) 2022/09/11 02:03:59 fetching corpus: 13047, signal 442479/602164 (executing program) 2022/09/11 02:03:59 fetching corpus: 13097, signal 442956/602858 (executing program) 2022/09/11 02:03:59 fetching corpus: 13147, signal 443586/603565 (executing program) 2022/09/11 02:04:00 fetching corpus: 13197, signal 444245/604243 (executing program) 2022/09/11 02:04:00 fetching corpus: 13247, signal 444848/604940 (executing program) 2022/09/11 02:04:00 fetching corpus: 13297, signal 445453/605653 (executing program) 2022/09/11 02:04:00 fetching corpus: 13347, signal 445946/606332 (executing program) 2022/09/11 02:04:00 fetching corpus: 13397, signal 446422/606987 (executing program) 2022/09/11 02:04:00 fetching corpus: 13447, signal 447017/607643 (executing program) 2022/09/11 02:04:01 fetching corpus: 13497, signal 447431/608248 (executing program) 2022/09/11 02:04:01 fetching corpus: 13547, signal 448013/608954 (executing program) 2022/09/11 02:04:01 fetching corpus: 13597, signal 448414/609579 (executing program) 2022/09/11 02:04:01 fetching corpus: 13647, signal 448840/610205 (executing program) 2022/09/11 02:04:01 fetching corpus: 13697, signal 449347/610876 (executing program) 2022/09/11 02:04:02 fetching corpus: 13747, signal 449732/611537 (executing program) 2022/09/11 02:04:02 fetching corpus: 13797, signal 450149/612197 (executing program) 2022/09/11 02:04:02 fetching corpus: 13847, signal 450858/612899 (executing program) 2022/09/11 02:04:02 fetching corpus: 13897, signal 451761/613598 (executing program) 2022/09/11 02:04:02 fetching corpus: 13947, signal 452193/614236 (executing program) 2022/09/11 02:04:02 fetching corpus: 13997, signal 452590/614893 (executing program) 2022/09/11 02:04:03 fetching corpus: 14047, signal 453137/615554 (executing program) 2022/09/11 02:04:03 fetching corpus: 14097, signal 453546/616168 (executing program) 2022/09/11 02:04:03 fetching corpus: 14147, signal 454060/616802 (executing program) 2022/09/11 02:04:03 fetching corpus: 14197, signal 454551/617420 (executing program) 2022/09/11 02:04:03 fetching corpus: 14247, signal 455304/618084 (executing program) 2022/09/11 02:04:04 fetching corpus: 14297, signal 455880/618683 (executing program) 2022/09/11 02:04:04 fetching corpus: 14347, signal 456406/619273 (executing program) 2022/09/11 02:04:04 fetching corpus: 14397, signal 456804/619881 (executing program) 2022/09/11 02:04:04 fetching corpus: 14447, signal 457216/620482 (executing program) 2022/09/11 02:04:04 fetching corpus: 14497, signal 457831/621111 (executing program) 2022/09/11 02:04:04 fetching corpus: 14547, signal 458338/621729 (executing program) 2022/09/11 02:04:05 fetching corpus: 14597, signal 459077/622337 (executing program) 2022/09/11 02:04:05 fetching corpus: 14647, signal 459456/622922 (executing program) 2022/09/11 02:04:05 fetching corpus: 14697, signal 459921/623497 (executing program) 2022/09/11 02:04:05 fetching corpus: 14747, signal 460560/624093 (executing program) 2022/09/11 02:04:05 fetching corpus: 14797, signal 461078/624685 (executing program) 2022/09/11 02:04:05 fetching corpus: 14847, signal 461608/625246 (executing program) 2022/09/11 02:04:06 fetching corpus: 14897, signal 461994/625837 (executing program) 2022/09/11 02:04:06 fetching corpus: 14947, signal 462462/626410 (executing program) 2022/09/11 02:04:06 fetching corpus: 14997, signal 462986/626987 (executing program) 2022/09/11 02:04:06 fetching corpus: 15047, signal 463477/627552 (executing program) 2022/09/11 02:04:06 fetching corpus: 15097, signal 463890/628111 (executing program) 2022/09/11 02:04:07 fetching corpus: 15147, signal 464440/628652 (executing program) 2022/09/11 02:04:07 fetching corpus: 15197, signal 464965/629215 (executing program) 2022/09/11 02:04:07 fetching corpus: 15247, signal 465752/629804 (executing program) 2022/09/11 02:04:07 fetching corpus: 15297, signal 466304/630384 (executing program) 2022/09/11 02:04:07 fetching corpus: 15347, signal 466905/630928 (executing program) 2022/09/11 02:04:07 fetching corpus: 15397, signal 467405/631470 (executing program) 2022/09/11 02:04:08 fetching corpus: 15447, signal 467976/631993 (executing program) 2022/09/11 02:04:08 fetching corpus: 15497, signal 468494/632606 (executing program) 2022/09/11 02:04:08 fetching corpus: 15547, signal 468800/633157 (executing program) 2022/09/11 02:04:08 fetching corpus: 15597, signal 469191/633686 (executing program) 2022/09/11 02:04:08 fetching corpus: 15647, signal 469794/634218 (executing program) 2022/09/11 02:04:09 fetching corpus: 15697, signal 470119/634776 (executing program) 2022/09/11 02:04:09 fetching corpus: 15747, signal 470700/635316 (executing program) 2022/09/11 02:04:09 fetching corpus: 15797, signal 471270/635869 (executing program) 2022/09/11 02:04:09 fetching corpus: 15847, signal 471897/636387 (executing program) 2022/09/11 02:04:10 fetching corpus: 15897, signal 472437/636531 (executing program) 2022/09/11 02:04:10 fetching corpus: 15947, signal 472855/636531 (executing program) 2022/09/11 02:04:10 fetching corpus: 15997, signal 473297/636531 (executing program) 2022/09/11 02:04:10 fetching corpus: 16047, signal 473684/636531 (executing program) 2022/09/11 02:04:10 fetching corpus: 16097, signal 474256/636531 (executing program) 2022/09/11 02:04:10 fetching corpus: 16147, signal 474554/636532 (executing program) 2022/09/11 02:04:11 fetching corpus: 16197, signal 475468/636532 (executing program) 2022/09/11 02:04:11 fetching corpus: 16247, signal 476016/636532 (executing program) 2022/09/11 02:04:11 fetching corpus: 16297, signal 476729/636532 (executing program) 2022/09/11 02:04:11 fetching corpus: 16347, signal 477408/636533 (executing program) 2022/09/11 02:04:11 fetching corpus: 16397, signal 477972/636533 (executing program) 2022/09/11 02:04:12 fetching corpus: 16447, signal 478415/636533 (executing program) 2022/09/11 02:04:12 fetching corpus: 16497, signal 478882/636533 (executing program) 2022/09/11 02:04:12 fetching corpus: 16547, signal 479243/636533 (executing program) 2022/09/11 02:04:12 fetching corpus: 16597, signal 479886/636533 (executing program) 2022/09/11 02:04:12 fetching corpus: 16647, signal 480652/636533 (executing program) 2022/09/11 02:04:12 fetching corpus: 16697, signal 481041/636533 (executing program) 2022/09/11 02:04:13 fetching corpus: 16747, signal 481381/636533 (executing program) 2022/09/11 02:04:13 fetching corpus: 16797, signal 481790/636533 (executing program) 2022/09/11 02:04:13 fetching corpus: 16847, signal 482114/636533 (executing program) 2022/09/11 02:04:13 fetching corpus: 16897, signal 482542/636533 (executing program) 2022/09/11 02:04:13 fetching corpus: 16947, signal 483147/636533 (executing program) 2022/09/11 02:04:13 fetching corpus: 16997, signal 483599/636533 (executing program) 2022/09/11 02:04:14 fetching corpus: 17047, signal 484043/636533 (executing program) 2022/09/11 02:04:14 fetching corpus: 17097, signal 484519/636533 (executing program) 2022/09/11 02:04:14 fetching corpus: 17147, signal 484820/636533 (executing program) 2022/09/11 02:04:14 fetching corpus: 17197, signal 485185/636533 (executing program) 2022/09/11 02:04:14 fetching corpus: 17247, signal 485553/636533 (executing program) 2022/09/11 02:04:14 fetching corpus: 17297, signal 485861/636533 (executing program) 2022/09/11 02:04:15 fetching corpus: 17347, signal 486244/636533 (executing program) 2022/09/11 02:04:15 fetching corpus: 17397, signal 486650/636533 (executing program) 2022/09/11 02:04:15 fetching corpus: 17447, signal 487107/636533 (executing program) 2022/09/11 02:04:15 fetching corpus: 17497, signal 487568/636533 (executing program) 2022/09/11 02:04:15 fetching corpus: 17547, signal 487999/636533 (executing program) 2022/09/11 02:04:15 fetching corpus: 17597, signal 488338/636533 (executing program) 2022/09/11 02:04:16 fetching corpus: 17647, signal 488775/636533 (executing program) 2022/09/11 02:04:16 fetching corpus: 17697, signal 489060/636533 (executing program) 2022/09/11 02:04:16 fetching corpus: 17747, signal 489470/636533 (executing program) 2022/09/11 02:04:16 fetching corpus: 17797, signal 489892/636533 (executing program) 2022/09/11 02:04:16 fetching corpus: 17847, signal 490257/636533 (executing program) 2022/09/11 02:04:17 fetching corpus: 17897, signal 490961/636533 (executing program) 2022/09/11 02:04:17 fetching corpus: 17947, signal 491319/636533 (executing program) 2022/09/11 02:04:17 fetching corpus: 17997, signal 491675/636533 (executing program) 2022/09/11 02:04:17 fetching corpus: 18047, signal 492027/636533 (executing program) 2022/09/11 02:04:17 fetching corpus: 18097, signal 492422/636533 (executing program) 2022/09/11 02:04:17 fetching corpus: 18147, signal 492809/636533 (executing program) 2022/09/11 02:04:18 fetching corpus: 18197, signal 493175/636539 (executing program) 2022/09/11 02:04:18 fetching corpus: 18247, signal 493581/636539 (executing program) 2022/09/11 02:04:18 fetching corpus: 18297, signal 493848/636539 (executing program) 2022/09/11 02:04:18 fetching corpus: 18347, signal 494168/636539 (executing program) 2022/09/11 02:04:18 fetching corpus: 18397, signal 494574/636539 (executing program) 2022/09/11 02:04:18 fetching corpus: 18447, signal 495249/636539 (executing program) 2022/09/11 02:04:18 fetching corpus: 18497, signal 495860/636539 (executing program) 2022/09/11 02:04:19 fetching corpus: 18547, signal 496277/636539 (executing program) 2022/09/11 02:04:19 fetching corpus: 18597, signal 496672/636539 (executing program) 2022/09/11 02:04:19 fetching corpus: 18647, signal 497265/636539 (executing program) 2022/09/11 02:04:19 fetching corpus: 18697, signal 497805/636539 (executing program) 2022/09/11 02:04:19 fetching corpus: 18747, signal 498299/636539 (executing program) 2022/09/11 02:04:20 fetching corpus: 18797, signal 498611/636539 (executing program) 2022/09/11 02:04:20 fetching corpus: 18847, signal 498956/636539 (executing program) 2022/09/11 02:04:20 fetching corpus: 18897, signal 499296/636539 (executing program) 2022/09/11 02:04:20 fetching corpus: 18947, signal 499622/636539 (executing program) 2022/09/11 02:04:20 fetching corpus: 18997, signal 500001/636539 (executing program) 2022/09/11 02:04:20 fetching corpus: 19047, signal 500228/636539 (executing program) 2022/09/11 02:04:21 fetching corpus: 19097, signal 500713/636539 (executing program) 2022/09/11 02:04:21 fetching corpus: 19147, signal 501125/636539 (executing program) 2022/09/11 02:04:21 fetching corpus: 19197, signal 501471/636539 (executing program) 2022/09/11 02:04:21 fetching corpus: 19247, signal 501997/636539 (executing program) 2022/09/11 02:04:21 fetching corpus: 19297, signal 502523/636539 (executing program) 2022/09/11 02:04:21 fetching corpus: 19347, signal 502994/636539 (executing program) 2022/09/11 02:04:21 fetching corpus: 19397, signal 503558/636539 (executing program) 2022/09/11 02:04:22 fetching corpus: 19447, signal 503791/636539 (executing program) 2022/09/11 02:04:22 fetching corpus: 19497, signal 504230/636539 (executing program) 2022/09/11 02:04:22 fetching corpus: 19547, signal 504611/636539 (executing program) 2022/09/11 02:04:22 fetching corpus: 19597, signal 504949/636539 (executing program) 2022/09/11 02:04:22 fetching corpus: 19647, signal 505311/636539 (executing program) 2022/09/11 02:04:23 fetching corpus: 19697, signal 505797/636539 (executing program) 2022/09/11 02:04:23 fetching corpus: 19747, signal 506262/636539 (executing program) 2022/09/11 02:04:23 fetching corpus: 19797, signal 506659/636539 (executing program) 2022/09/11 02:04:23 fetching corpus: 19847, signal 507035/636539 (executing program) 2022/09/11 02:04:23 fetching corpus: 19897, signal 507350/636541 (executing program) 2022/09/11 02:04:23 fetching corpus: 19947, signal 507817/636541 (executing program) 2022/09/11 02:04:24 fetching corpus: 19997, signal 508144/636541 (executing program) 2022/09/11 02:04:24 fetching corpus: 20047, signal 508504/636541 (executing program) 2022/09/11 02:04:24 fetching corpus: 20097, signal 509216/636541 (executing program) 2022/09/11 02:04:24 fetching corpus: 20147, signal 509515/636541 (executing program) 2022/09/11 02:04:24 fetching corpus: 20197, signal 509912/636541 (executing program) 2022/09/11 02:04:24 fetching corpus: 20247, signal 510235/636541 (executing program) 2022/09/11 02:04:24 fetching corpus: 20297, signal 510675/636541 (executing program) 2022/09/11 02:04:25 fetching corpus: 20347, signal 510964/636541 (executing program) 2022/09/11 02:04:25 fetching corpus: 20397, signal 511212/636541 (executing program) 2022/09/11 02:04:25 fetching corpus: 20447, signal 511641/636541 (executing program) 2022/09/11 02:04:25 fetching corpus: 20497, signal 511949/636541 (executing program) 2022/09/11 02:04:25 fetching corpus: 20547, signal 512332/636541 (executing program) 2022/09/11 02:04:26 fetching corpus: 20597, signal 512628/636541 (executing program) 2022/09/11 02:04:26 fetching corpus: 20647, signal 512957/636541 (executing program) 2022/09/11 02:04:26 fetching corpus: 20697, signal 513307/636541 (executing program) 2022/09/11 02:04:26 fetching corpus: 20747, signal 513632/636541 (executing program) 2022/09/11 02:04:26 fetching corpus: 20797, signal 514019/636541 (executing program) 2022/09/11 02:04:27 fetching corpus: 20847, signal 514374/636541 (executing program) 2022/09/11 02:04:27 fetching corpus: 20897, signal 514793/636541 (executing program) 2022/09/11 02:04:27 fetching corpus: 20947, signal 515160/636541 (executing program) 2022/09/11 02:04:27 fetching corpus: 20997, signal 515441/636541 (executing program) 2022/09/11 02:04:27 fetching corpus: 21047, signal 515721/636541 (executing program) 2022/09/11 02:04:27 fetching corpus: 21097, signal 516049/636541 (executing program) 2022/09/11 02:04:28 fetching corpus: 21147, signal 516427/636542 (executing program) 2022/09/11 02:04:28 fetching corpus: 21197, signal 516888/636542 (executing program) 2022/09/11 02:04:28 fetching corpus: 21247, signal 517374/636542 (executing program) 2022/09/11 02:04:28 fetching corpus: 21297, signal 517733/636542 (executing program) 2022/09/11 02:04:28 fetching corpus: 21347, signal 518172/636542 (executing program) 2022/09/11 02:04:28 fetching corpus: 21397, signal 518584/636542 (executing program) 2022/09/11 02:04:29 fetching corpus: 21447, signal 519040/636542 (executing program) 2022/09/11 02:04:29 fetching corpus: 21497, signal 519372/636542 (executing program) 2022/09/11 02:04:30 fetching corpus: 21547, signal 519661/636542 (executing program) 2022/09/11 02:04:30 fetching corpus: 21597, signal 519969/636542 (executing program) 2022/09/11 02:04:30 fetching corpus: 21647, signal 520383/636542 (executing program) 2022/09/11 02:04:30 fetching corpus: 21697, signal 520664/636542 (executing program) 2022/09/11 02:04:30 fetching corpus: 21747, signal 521077/636542 (executing program) 2022/09/11 02:04:30 fetching corpus: 21797, signal 521303/636542 (executing program) 2022/09/11 02:04:30 fetching corpus: 21847, signal 521629/636542 (executing program) 2022/09/11 02:04:31 fetching corpus: 21897, signal 522038/636542 (executing program) 2022/09/11 02:04:31 fetching corpus: 21947, signal 522469/636542 (executing program) 2022/09/11 02:04:31 fetching corpus: 21997, signal 522804/636542 (executing program) 2022/09/11 02:04:31 fetching corpus: 22047, signal 523067/636542 (executing program) 2022/09/11 02:04:31 fetching corpus: 22097, signal 523446/636542 (executing program) 2022/09/11 02:04:31 fetching corpus: 22147, signal 523801/636542 (executing program) 2022/09/11 02:04:32 fetching corpus: 22197, signal 524292/636542 (executing program) 2022/09/11 02:04:32 fetching corpus: 22247, signal 524668/636542 (executing program) 2022/09/11 02:04:32 fetching corpus: 22297, signal 525044/636542 (executing program) 2022/09/11 02:04:32 fetching corpus: 22347, signal 525545/636542 (executing program) 2022/09/11 02:04:32 fetching corpus: 22397, signal 525940/636542 (executing program) 2022/09/11 02:04:32 fetching corpus: 22447, signal 526235/636542 (executing program) 2022/09/11 02:04:33 fetching corpus: 22497, signal 526447/636542 (executing program) 2022/09/11 02:04:33 fetching corpus: 22547, signal 526870/636542 (executing program) 2022/09/11 02:04:33 fetching corpus: 22597, signal 527100/636542 (executing program) [ 138.683531][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.689673][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 2022/09/11 02:04:33 fetching corpus: 22647, signal 527310/636542 (executing program) 2022/09/11 02:04:33 fetching corpus: 22697, signal 527579/636542 (executing program) 2022/09/11 02:04:33 fetching corpus: 22747, signal 527853/636542 (executing program) 2022/09/11 02:04:34 fetching corpus: 22797, signal 528584/636542 (executing program) 2022/09/11 02:04:34 fetching corpus: 22847, signal 528857/636542 (executing program) 2022/09/11 02:04:34 fetching corpus: 22897, signal 529117/636542 (executing program) 2022/09/11 02:04:34 fetching corpus: 22947, signal 529386/636542 (executing program) 2022/09/11 02:04:34 fetching corpus: 22997, signal 530088/636542 (executing program) 2022/09/11 02:04:34 fetching corpus: 23047, signal 530387/636542 (executing program) 2022/09/11 02:04:35 fetching corpus: 23097, signal 530666/636542 (executing program) 2022/09/11 02:04:35 fetching corpus: 23147, signal 531030/636542 (executing program) 2022/09/11 02:04:35 fetching corpus: 23197, signal 531528/636542 (executing program) 2022/09/11 02:04:35 fetching corpus: 23247, signal 531965/636542 (executing program) 2022/09/11 02:04:35 fetching corpus: 23297, signal 532269/636542 (executing program) 2022/09/11 02:04:35 fetching corpus: 23347, signal 532546/636542 (executing program) 2022/09/11 02:04:35 fetching corpus: 23397, signal 532879/636542 (executing program) 2022/09/11 02:04:36 fetching corpus: 23447, signal 533203/636542 (executing program) 2022/09/11 02:04:36 fetching corpus: 23497, signal 533571/636542 (executing program) 2022/09/11 02:04:36 fetching corpus: 23547, signal 534036/636542 (executing program) 2022/09/11 02:04:36 fetching corpus: 23597, signal 534279/636542 (executing program) 2022/09/11 02:04:36 fetching corpus: 23647, signal 534650/636542 (executing program) 2022/09/11 02:04:37 fetching corpus: 23697, signal 535030/636542 (executing program) 2022/09/11 02:04:37 fetching corpus: 23747, signal 535400/636542 (executing program) 2022/09/11 02:04:37 fetching corpus: 23797, signal 535975/636542 (executing program) 2022/09/11 02:04:37 fetching corpus: 23847, signal 536352/636555 (executing program) 2022/09/11 02:04:37 fetching corpus: 23897, signal 536651/636555 (executing program) 2022/09/11 02:04:38 fetching corpus: 23947, signal 537011/636555 (executing program) 2022/09/11 02:04:38 fetching corpus: 23997, signal 537314/636555 (executing program) 2022/09/11 02:04:38 fetching corpus: 24047, signal 537659/636555 (executing program) 2022/09/11 02:04:38 fetching corpus: 24097, signal 537982/636555 (executing program) 2022/09/11 02:04:38 fetching corpus: 24147, signal 538355/636555 (executing program) 2022/09/11 02:04:39 fetching corpus: 24197, signal 538733/636555 (executing program) 2022/09/11 02:04:39 fetching corpus: 24247, signal 539128/636555 (executing program) 2022/09/11 02:04:39 fetching corpus: 24297, signal 539403/636555 (executing program) 2022/09/11 02:04:39 fetching corpus: 24347, signal 539792/636555 (executing program) 2022/09/11 02:04:39 fetching corpus: 24397, signal 540149/636555 (executing program) 2022/09/11 02:04:39 fetching corpus: 24447, signal 540373/636555 (executing program) 2022/09/11 02:04:40 fetching corpus: 24497, signal 540647/636555 (executing program) 2022/09/11 02:04:40 fetching corpus: 24547, signal 541024/636555 (executing program) 2022/09/11 02:04:40 fetching corpus: 24597, signal 541282/636555 (executing program) 2022/09/11 02:04:40 fetching corpus: 24647, signal 541676/636555 (executing program) 2022/09/11 02:04:40 fetching corpus: 24697, signal 541942/636555 (executing program) 2022/09/11 02:04:40 fetching corpus: 24747, signal 542206/636555 (executing program) 2022/09/11 02:04:41 fetching corpus: 24797, signal 542536/636555 (executing program) 2022/09/11 02:04:41 fetching corpus: 24847, signal 542929/636555 (executing program) 2022/09/11 02:04:41 fetching corpus: 24897, signal 543194/636555 (executing program) 2022/09/11 02:04:42 fetching corpus: 24947, signal 543672/636555 (executing program) 2022/09/11 02:04:42 fetching corpus: 24997, signal 543975/636555 (executing program) 2022/09/11 02:04:42 fetching corpus: 25047, signal 544238/636555 (executing program) 2022/09/11 02:04:42 fetching corpus: 25097, signal 544573/636555 (executing program) 2022/09/11 02:04:42 fetching corpus: 25147, signal 544753/636555 (executing program) 2022/09/11 02:04:43 fetching corpus: 25197, signal 545024/636555 (executing program) 2022/09/11 02:04:43 fetching corpus: 25247, signal 545245/636555 (executing program) 2022/09/11 02:04:43 fetching corpus: 25297, signal 545629/636555 (executing program) 2022/09/11 02:04:43 fetching corpus: 25347, signal 545893/636555 (executing program) 2022/09/11 02:04:43 fetching corpus: 25397, signal 546249/636557 (executing program) 2022/09/11 02:04:43 fetching corpus: 25447, signal 546526/636557 (executing program) 2022/09/11 02:04:44 fetching corpus: 25497, signal 546910/636557 (executing program) 2022/09/11 02:04:44 fetching corpus: 25547, signal 547183/636557 (executing program) 2022/09/11 02:04:44 fetching corpus: 25597, signal 547471/636557 (executing program) 2022/09/11 02:04:44 fetching corpus: 25647, signal 547853/636557 (executing program) 2022/09/11 02:04:44 fetching corpus: 25697, signal 548124/636557 (executing program) 2022/09/11 02:04:45 fetching corpus: 25747, signal 548474/636557 (executing program) 2022/09/11 02:04:45 fetching corpus: 25797, signal 548771/636557 (executing program) 2022/09/11 02:04:45 fetching corpus: 25847, signal 549021/636557 (executing program) 2022/09/11 02:04:45 fetching corpus: 25897, signal 549319/636557 (executing program) 2022/09/11 02:04:45 fetching corpus: 25947, signal 549796/636557 (executing program) 2022/09/11 02:04:45 fetching corpus: 25997, signal 550142/636557 (executing program) 2022/09/11 02:04:45 fetching corpus: 26047, signal 550493/636557 (executing program) 2022/09/11 02:04:46 fetching corpus: 26097, signal 550883/636557 (executing program) 2022/09/11 02:04:46 fetching corpus: 26147, signal 551212/636557 (executing program) 2022/09/11 02:04:46 fetching corpus: 26197, signal 551459/636557 (executing program) 2022/09/11 02:04:46 fetching corpus: 26247, signal 551751/636592 (executing program) 2022/09/11 02:04:46 fetching corpus: 26297, signal 552160/636595 (executing program) 2022/09/11 02:04:47 fetching corpus: 26347, signal 552435/636595 (executing program) 2022/09/11 02:04:47 fetching corpus: 26397, signal 552704/636595 (executing program) 2022/09/11 02:04:47 fetching corpus: 26447, signal 552924/636595 (executing program) 2022/09/11 02:04:47 fetching corpus: 26497, signal 553194/636595 (executing program) 2022/09/11 02:04:47 fetching corpus: 26547, signal 553417/636595 (executing program) 2022/09/11 02:04:48 fetching corpus: 26597, signal 553767/636595 (executing program) 2022/09/11 02:04:48 fetching corpus: 26647, signal 553990/636595 (executing program) 2022/09/11 02:04:48 fetching corpus: 26697, signal 554232/636595 (executing program) 2022/09/11 02:04:48 fetching corpus: 26747, signal 554529/636595 (executing program) 2022/09/11 02:04:48 fetching corpus: 26797, signal 554841/636595 (executing program) 2022/09/11 02:04:48 fetching corpus: 26847, signal 555180/636595 (executing program) 2022/09/11 02:04:49 fetching corpus: 26897, signal 555436/636595 (executing program) 2022/09/11 02:04:49 fetching corpus: 26947, signal 555812/636595 (executing program) 2022/09/11 02:04:49 fetching corpus: 26997, signal 556122/636595 (executing program) 2022/09/11 02:04:49 fetching corpus: 27047, signal 556383/636595 (executing program) 2022/09/11 02:04:49 fetching corpus: 27097, signal 556754/636595 (executing program) 2022/09/11 02:04:49 fetching corpus: 27147, signal 556989/636595 (executing program) 2022/09/11 02:04:50 fetching corpus: 27197, signal 557255/636595 (executing program) 2022/09/11 02:04:50 fetching corpus: 27247, signal 557463/636595 (executing program) 2022/09/11 02:04:50 fetching corpus: 27297, signal 557873/636595 (executing program) 2022/09/11 02:04:50 fetching corpus: 27347, signal 558144/636595 (executing program) 2022/09/11 02:04:50 fetching corpus: 27397, signal 558393/636595 (executing program) 2022/09/11 02:04:51 fetching corpus: 27447, signal 558650/636595 (executing program) 2022/09/11 02:04:51 fetching corpus: 27497, signal 558943/636595 (executing program) 2022/09/11 02:04:51 fetching corpus: 27547, signal 559282/636595 (executing program) 2022/09/11 02:04:51 fetching corpus: 27596, signal 559504/636598 (executing program) 2022/09/11 02:04:55 fetching corpus: 27646, signal 559785/636610 (executing program) 2022/09/11 02:04:55 fetching corpus: 27696, signal 560161/636614 (executing program) 2022/09/11 02:04:55 fetching corpus: 27746, signal 560604/636614 (executing program) 2022/09/11 02:04:56 fetching corpus: 27796, signal 560957/636614 (executing program) 2022/09/11 02:04:56 fetching corpus: 27846, signal 561207/636614 (executing program) 2022/09/11 02:04:56 fetching corpus: 27896, signal 561516/636614 (executing program) 2022/09/11 02:04:56 fetching corpus: 27946, signal 561858/636614 (executing program) 2022/09/11 02:04:56 fetching corpus: 27994, signal 562202/636624 (executing program) 2022/09/11 02:04:57 fetching corpus: 28044, signal 562470/636624 (executing program) 2022/09/11 02:04:57 fetching corpus: 28094, signal 562784/636624 (executing program) 2022/09/11 02:04:57 fetching corpus: 28144, signal 563088/636624 (executing program) 2022/09/11 02:04:57 fetching corpus: 28194, signal 563380/636624 (executing program) 2022/09/11 02:04:57 fetching corpus: 28244, signal 563697/636624 (executing program) 2022/09/11 02:04:57 fetching corpus: 28294, signal 564132/636624 (executing program) 2022/09/11 02:04:58 fetching corpus: 28344, signal 564507/636624 (executing program) 2022/09/11 02:04:58 fetching corpus: 28394, signal 564856/636624 (executing program) 2022/09/11 02:04:58 fetching corpus: 28444, signal 565263/636624 (executing program) 2022/09/11 02:04:58 fetching corpus: 28494, signal 565500/636624 (executing program) 2022/09/11 02:04:58 fetching corpus: 28544, signal 565732/636626 (executing program) 2022/09/11 02:04:58 fetching corpus: 28594, signal 566096/636626 (executing program) 2022/09/11 02:04:59 fetching corpus: 28644, signal 566279/636626 (executing program) 2022/09/11 02:04:59 fetching corpus: 28694, signal 566666/636626 (executing program) 2022/09/11 02:04:59 fetching corpus: 28744, signal 566857/636626 (executing program) 2022/09/11 02:04:59 fetching corpus: 28794, signal 567097/636626 (executing program) 2022/09/11 02:04:59 fetching corpus: 28844, signal 567338/636626 (executing program) 2022/09/11 02:05:00 fetching corpus: 28894, signal 567570/636626 (executing program) 2022/09/11 02:05:00 fetching corpus: 28944, signal 567805/636629 (executing program) 2022/09/11 02:05:00 fetching corpus: 28994, signal 568079/636629 (executing program) 2022/09/11 02:05:00 fetching corpus: 29044, signal 568406/636629 (executing program) 2022/09/11 02:05:00 fetching corpus: 29094, signal 568769/636629 (executing program) 2022/09/11 02:05:01 fetching corpus: 29144, signal 568995/636629 (executing program) 2022/09/11 02:05:01 fetching corpus: 29194, signal 569482/636629 (executing program) 2022/09/11 02:05:01 fetching corpus: 29244, signal 569758/636629 (executing program) 2022/09/11 02:05:01 fetching corpus: 29294, signal 569957/636629 (executing program) 2022/09/11 02:05:01 fetching corpus: 29344, signal 570312/636629 (executing program) 2022/09/11 02:05:01 fetching corpus: 29394, signal 570720/636629 (executing program) 2022/09/11 02:05:02 fetching corpus: 29444, signal 571059/636629 (executing program) 2022/09/11 02:05:02 fetching corpus: 29494, signal 571283/636629 (executing program) 2022/09/11 02:05:02 fetching corpus: 29544, signal 571568/636629 (executing program) 2022/09/11 02:05:02 fetching corpus: 29594, signal 571916/636629 (executing program) 2022/09/11 02:05:02 fetching corpus: 29644, signal 572297/636633 (executing program) 2022/09/11 02:05:02 fetching corpus: 29694, signal 572531/636633 (executing program) 2022/09/11 02:05:03 fetching corpus: 29744, signal 572876/636633 (executing program) 2022/09/11 02:05:03 fetching corpus: 29794, signal 573223/636633 (executing program) 2022/09/11 02:05:03 fetching corpus: 29844, signal 573569/636633 (executing program) 2022/09/11 02:05:03 fetching corpus: 29894, signal 573880/636633 (executing program) 2022/09/11 02:05:03 fetching corpus: 29944, signal 574079/636633 (executing program) 2022/09/11 02:05:03 fetching corpus: 29994, signal 574295/636633 (executing program) 2022/09/11 02:05:04 fetching corpus: 30044, signal 574511/636633 (executing program) 2022/09/11 02:05:04 fetching corpus: 30094, signal 574747/636633 (executing program) 2022/09/11 02:05:04 fetching corpus: 30144, signal 575017/636633 (executing program) 2022/09/11 02:05:05 fetching corpus: 30194, signal 575354/636636 (executing program) 2022/09/11 02:05:05 fetching corpus: 30244, signal 575658/636637 (executing program) 2022/09/11 02:05:05 fetching corpus: 30294, signal 575884/636637 (executing program) 2022/09/11 02:05:05 fetching corpus: 30344, signal 576187/636637 (executing program) 2022/09/11 02:05:05 fetching corpus: 30394, signal 576441/636637 (executing program) 2022/09/11 02:05:06 fetching corpus: 30444, signal 576631/636637 (executing program) 2022/09/11 02:05:06 fetching corpus: 30494, signal 577039/636637 (executing program) 2022/09/11 02:05:06 fetching corpus: 30544, signal 577272/636637 (executing program) 2022/09/11 02:05:06 fetching corpus: 30594, signal 577562/636637 (executing program) 2022/09/11 02:05:06 fetching corpus: 30644, signal 577800/636637 (executing program) 2022/09/11 02:05:06 fetching corpus: 30693, signal 578062/636637 (executing program) 2022/09/11 02:05:07 fetching corpus: 30743, signal 578487/636637 (executing program) 2022/09/11 02:05:07 fetching corpus: 30793, signal 578714/636637 (executing program) 2022/09/11 02:05:07 fetching corpus: 30843, signal 578938/636637 (executing program) 2022/09/11 02:05:07 fetching corpus: 30893, signal 579304/636637 (executing program) 2022/09/11 02:05:07 fetching corpus: 30943, signal 579561/636637 (executing program) 2022/09/11 02:05:07 fetching corpus: 30993, signal 579766/636637 (executing program) 2022/09/11 02:05:08 fetching corpus: 31043, signal 580001/636637 (executing program) 2022/09/11 02:05:08 fetching corpus: 31093, signal 580193/636637 (executing program) 2022/09/11 02:05:08 fetching corpus: 31143, signal 580389/636637 (executing program) 2022/09/11 02:05:08 fetching corpus: 31193, signal 580686/636637 (executing program) 2022/09/11 02:05:08 fetching corpus: 31243, signal 580936/636637 (executing program) 2022/09/11 02:05:08 fetching corpus: 31293, signal 581295/636637 (executing program) 2022/09/11 02:05:08 fetching corpus: 31343, signal 581525/636637 (executing program) 2022/09/11 02:05:09 fetching corpus: 31393, signal 581761/636637 (executing program) 2022/09/11 02:05:09 fetching corpus: 31443, signal 581948/636637 (executing program) 2022/09/11 02:05:09 fetching corpus: 31493, signal 582257/636637 (executing program) 2022/09/11 02:05:09 fetching corpus: 31543, signal 582540/636637 (executing program) 2022/09/11 02:05:09 fetching corpus: 31593, signal 582822/636637 (executing program) 2022/09/11 02:05:09 fetching corpus: 31643, signal 583059/636637 (executing program) 2022/09/11 02:05:10 fetching corpus: 31693, signal 583226/636637 (executing program) 2022/09/11 02:05:10 fetching corpus: 31743, signal 583443/636637 (executing program) 2022/09/11 02:05:10 fetching corpus: 31793, signal 583770/636637 (executing program) 2022/09/11 02:05:10 fetching corpus: 31843, signal 584006/636637 (executing program) 2022/09/11 02:05:10 fetching corpus: 31893, signal 584327/636637 (executing program) 2022/09/11 02:05:10 fetching corpus: 31943, signal 584590/636637 (executing program) 2022/09/11 02:05:11 fetching corpus: 31993, signal 585148/636637 (executing program) 2022/09/11 02:05:11 fetching corpus: 32043, signal 585374/636637 (executing program) 2022/09/11 02:05:11 fetching corpus: 32093, signal 585640/636637 (executing program) 2022/09/11 02:05:11 fetching corpus: 32143, signal 585868/636665 (executing program) 2022/09/11 02:05:11 fetching corpus: 32193, signal 586066/636665 (executing program) 2022/09/11 02:05:12 fetching corpus: 32243, signal 586425/636665 (executing program) 2022/09/11 02:05:12 fetching corpus: 32293, signal 586635/636665 (executing program) 2022/09/11 02:05:12 fetching corpus: 32343, signal 587038/636665 (executing program) 2022/09/11 02:05:12 fetching corpus: 32393, signal 587274/636665 (executing program) 2022/09/11 02:05:12 fetching corpus: 32443, signal 587468/636665 (executing program) 2022/09/11 02:05:13 fetching corpus: 32492, signal 587750/636665 (executing program) 2022/09/11 02:05:13 fetching corpus: 32542, signal 587969/636665 (executing program) 2022/09/11 02:05:13 fetching corpus: 32592, signal 588271/636665 (executing program) 2022/09/11 02:05:13 fetching corpus: 32642, signal 588509/636693 (executing program) 2022/09/11 02:05:13 fetching corpus: 32692, signal 588710/636693 (executing program) 2022/09/11 02:05:13 fetching corpus: 32742, signal 588874/636693 (executing program) 2022/09/11 02:05:14 fetching corpus: 32792, signal 589085/636693 (executing program) 2022/09/11 02:05:14 fetching corpus: 32842, signal 589397/636693 (executing program) 2022/09/11 02:05:14 fetching corpus: 32892, signal 590571/636693 (executing program) 2022/09/11 02:05:14 fetching corpus: 32942, signal 590874/636696 (executing program) 2022/09/11 02:05:14 fetching corpus: 32992, signal 591110/636696 (executing program) 2022/09/11 02:05:14 fetching corpus: 33042, signal 591302/636696 (executing program) 2022/09/11 02:05:14 fetching corpus: 33092, signal 591456/636696 (executing program) 2022/09/11 02:05:14 fetching corpus: 33142, signal 591702/636699 (executing program) 2022/09/11 02:05:15 fetching corpus: 33192, signal 591987/636699 (executing program) 2022/09/11 02:05:15 fetching corpus: 33242, signal 592207/636699 (executing program) 2022/09/11 02:05:15 fetching corpus: 33292, signal 592519/636699 (executing program) 2022/09/11 02:05:15 fetching corpus: 33342, signal 592733/636700 (executing program) 2022/09/11 02:05:15 fetching corpus: 33392, signal 592970/636700 (executing program) 2022/09/11 02:05:16 fetching corpus: 33442, signal 593190/636700 (executing program) 2022/09/11 02:05:16 fetching corpus: 33492, signal 593456/636700 (executing program) 2022/09/11 02:05:16 fetching corpus: 33542, signal 593790/636702 (executing program) 2022/09/11 02:05:16 fetching corpus: 33592, signal 594058/636702 (executing program) 2022/09/11 02:05:16 fetching corpus: 33642, signal 594523/636702 (executing program) 2022/09/11 02:05:16 fetching corpus: 33692, signal 594819/636702 (executing program) 2022/09/11 02:05:17 fetching corpus: 33742, signal 594967/636702 (executing program) 2022/09/11 02:05:17 fetching corpus: 33792, signal 595184/636702 (executing program) 2022/09/11 02:05:17 fetching corpus: 33842, signal 595374/636702 (executing program) 2022/09/11 02:05:17 fetching corpus: 33892, signal 595612/636702 (executing program) 2022/09/11 02:05:17 fetching corpus: 33942, signal 595868/636702 (executing program) 2022/09/11 02:05:17 fetching corpus: 33992, signal 596100/636702 (executing program) 2022/09/11 02:05:18 fetching corpus: 34042, signal 596300/636702 (executing program) 2022/09/11 02:05:18 fetching corpus: 34092, signal 596529/636702 (executing program) 2022/09/11 02:05:18 fetching corpus: 34142, signal 596797/636702 (executing program) 2022/09/11 02:05:18 fetching corpus: 34192, signal 597093/636702 (executing program) 2022/09/11 02:05:18 fetching corpus: 34242, signal 597337/636702 (executing program) 2022/09/11 02:05:18 fetching corpus: 34292, signal 597622/636702 (executing program) 2022/09/11 02:05:19 fetching corpus: 34342, signal 597968/636702 (executing program) 2022/09/11 02:05:19 fetching corpus: 34392, signal 598290/636702 (executing program) 2022/09/11 02:05:19 fetching corpus: 34442, signal 598513/636702 (executing program) 2022/09/11 02:05:19 fetching corpus: 34492, signal 598852/636702 (executing program) 2022/09/11 02:05:19 fetching corpus: 34542, signal 599107/636727 (executing program) 2022/09/11 02:05:19 fetching corpus: 34592, signal 599391/636727 (executing program) 2022/09/11 02:05:20 fetching corpus: 34642, signal 599689/636727 (executing program) 2022/09/11 02:05:20 fetching corpus: 34692, signal 599938/636727 (executing program) 2022/09/11 02:05:20 fetching corpus: 34742, signal 600170/636727 (executing program) 2022/09/11 02:05:20 fetching corpus: 34792, signal 600413/636728 (executing program) 2022/09/11 02:05:20 fetching corpus: 34842, signal 600614/636728 (executing program) 2022/09/11 02:05:21 fetching corpus: 34892, signal 600932/636728 (executing program) 2022/09/11 02:05:21 fetching corpus: 34942, signal 601314/636728 (executing program) 2022/09/11 02:05:21 fetching corpus: 34992, signal 601612/636730 (executing program) 2022/09/11 02:05:21 fetching corpus: 35042, signal 601971/636730 (executing program) 2022/09/11 02:05:21 fetching corpus: 35092, signal 602243/636730 (executing program) 2022/09/11 02:05:22 fetching corpus: 35142, signal 602536/636730 (executing program) 2022/09/11 02:05:22 fetching corpus: 35192, signal 602750/636730 (executing program) 2022/09/11 02:05:22 fetching corpus: 35242, signal 603040/636730 (executing program) 2022/09/11 02:05:22 fetching corpus: 35292, signal 603245/636731 (executing program) 2022/09/11 02:05:22 fetching corpus: 35342, signal 603502/636731 (executing program) 2022/09/11 02:05:23 fetching corpus: 35392, signal 603731/636731 (executing program) 2022/09/11 02:05:23 fetching corpus: 35442, signal 603968/636756 (executing program) 2022/09/11 02:05:23 fetching corpus: 35492, signal 604329/636756 (executing program) 2022/09/11 02:05:23 fetching corpus: 35542, signal 604552/636756 (executing program) 2022/09/11 02:05:23 fetching corpus: 35592, signal 604795/636777 (executing program) 2022/09/11 02:05:24 fetching corpus: 35642, signal 605203/636777 (executing program) 2022/09/11 02:05:24 fetching corpus: 35692, signal 605433/636777 (executing program) 2022/09/11 02:05:24 fetching corpus: 35742, signal 605669/636777 (executing program) 2022/09/11 02:05:24 fetching corpus: 35792, signal 605912/636777 (executing program) 2022/09/11 02:05:24 fetching corpus: 35842, signal 606168/636777 (executing program) 2022/09/11 02:05:24 fetching corpus: 35892, signal 606424/636777 (executing program) 2022/09/11 02:05:25 fetching corpus: 35942, signal 606773/636777 (executing program) 2022/09/11 02:05:25 fetching corpus: 35992, signal 607061/636777 (executing program) 2022/09/11 02:05:25 fetching corpus: 36042, signal 607381/636777 (executing program) 2022/09/11 02:05:25 fetching corpus: 36092, signal 607592/636789 (executing program) 2022/09/11 02:05:25 fetching corpus: 36142, signal 607812/636789 (executing program) 2022/09/11 02:05:26 fetching corpus: 36192, signal 608069/636789 (executing program) 2022/09/11 02:05:26 fetching corpus: 36242, signal 608317/636789 (executing program) 2022/09/11 02:05:26 fetching corpus: 36292, signal 608569/636789 (executing program) 2022/09/11 02:05:26 fetching corpus: 36342, signal 608794/636789 (executing program) 2022/09/11 02:05:26 fetching corpus: 36392, signal 609010/636789 (executing program) 2022/09/11 02:05:26 fetching corpus: 36442, signal 609411/636789 (executing program) 2022/09/11 02:05:27 fetching corpus: 36492, signal 609627/636789 (executing program) 2022/09/11 02:05:27 fetching corpus: 36542, signal 609939/636789 (executing program) 2022/09/11 02:05:27 fetching corpus: 36592, signal 610123/636789 (executing program) 2022/09/11 02:05:27 fetching corpus: 36642, signal 610576/636789 (executing program) 2022/09/11 02:05:27 fetching corpus: 36692, signal 610855/636789 (executing program) 2022/09/11 02:05:28 fetching corpus: 36742, signal 611084/636789 (executing program) 2022/09/11 02:05:28 fetching corpus: 36792, signal 611291/636789 (executing program) 2022/09/11 02:05:28 fetching corpus: 36842, signal 611544/636789 (executing program) 2022/09/11 02:05:28 fetching corpus: 36892, signal 611883/636789 (executing program) 2022/09/11 02:05:28 fetching corpus: 36942, signal 612094/636789 (executing program) 2022/09/11 02:05:29 fetching corpus: 36992, signal 612336/636789 (executing program) 2022/09/11 02:05:29 fetching corpus: 37042, signal 612556/636789 (executing program) 2022/09/11 02:05:29 fetching corpus: 37092, signal 612803/636789 (executing program) 2022/09/11 02:05:29 fetching corpus: 37142, signal 613032/636789 (executing program) 2022/09/11 02:05:29 fetching corpus: 37192, signal 613214/636789 (executing program) 2022/09/11 02:05:29 fetching corpus: 37242, signal 613430/636789 (executing program) 2022/09/11 02:05:30 fetching corpus: 37292, signal 613657/636789 (executing program) 2022/09/11 02:05:30 fetching corpus: 37342, signal 613965/636789 (executing program) 2022/09/11 02:05:30 fetching corpus: 37392, signal 614151/636789 (executing program) 2022/09/11 02:05:30 fetching corpus: 37442, signal 614377/636789 (executing program) 2022/09/11 02:05:30 fetching corpus: 37492, signal 614615/636789 (executing program) 2022/09/11 02:05:30 fetching corpus: 37542, signal 614891/636789 (executing program) 2022/09/11 02:05:30 fetching corpus: 37592, signal 615046/636789 (executing program) 2022/09/11 02:05:31 fetching corpus: 37642, signal 615252/636789 (executing program) 2022/09/11 02:05:31 fetching corpus: 37692, signal 615520/636789 (executing program) 2022/09/11 02:05:31 fetching corpus: 37742, signal 615767/636802 (executing program) 2022/09/11 02:05:31 fetching corpus: 37792, signal 615975/636802 (executing program) 2022/09/11 02:05:31 fetching corpus: 37842, signal 616200/636802 (executing program) 2022/09/11 02:05:31 fetching corpus: 37892, signal 616468/636802 (executing program) 2022/09/11 02:05:31 fetching corpus: 37942, signal 616728/636802 (executing program) 2022/09/11 02:05:32 fetching corpus: 37977, signal 616892/636802 (executing program) 2022/09/11 02:05:32 fetching corpus: 37978, signal 616893/636803 (executing program) 2022/09/11 02:05:32 fetching corpus: 37978, signal 616893/636803 (executing program) [ 200.122670][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 200.128188][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 2022/09/11 02:05:35 starting 4 fuzzer processes 02:05:35 executing program 0: r0 = timerfd_create(0x1, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000000000)={{0x77359400}}, 0x0) 02:05:35 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f00000001c0)=""/221, 0x1a, 0xdd, 0x1}, 0x20) 02:05:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000002040), r0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x9, 0x0, 0xfffffdce) r1 = shmget(0x2, 0x2000, 0x2, &(0x7f0000ffe000/0x2000)=nil) shmat(r1, &(0x7f0000fff000/0x1000)=nil, 0x4000) shmget(0x0, 0x2000, 0x800, &(0x7f0000ffe000/0x2000)=nil) openat$fuse(0xffffffffffffff9c, &(0x7f00000030c0), 0x2, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) read$FUSE(r2, 0x0, 0x0) read$FUSE(r2, &(0x7f0000000000)={0x2020}, 0x2020) 02:05:35 executing program 3: r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x2}}) [ 200.400930][ T39] kauditd_printk_skb: 3 callbacks suppressed [ 200.400964][ T39] audit: type=1400 audit(1662861935.224:86): avc: denied { execmem } for pid=3711 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 200.645184][ T39] audit: type=1400 audit(1662861935.464:87): avc: denied { mounton } for pid=3716 comm="syz-executor.3" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 200.660434][ T39] audit: type=1400 audit(1662861935.464:88): avc: denied { mounton } for pid=3715 comm="syz-executor.2" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 200.677003][ T39] audit: type=1400 audit(1662861935.464:89): avc: denied { mount } for pid=3715 comm="syz-executor.2" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 200.690410][ T39] audit: type=1400 audit(1662861935.464:91): avc: denied { create } for pid=3716 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 200.703235][ T39] audit: type=1400 audit(1662861935.464:90): avc: denied { create } for pid=3715 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 200.715428][ T39] audit: type=1400 audit(1662861935.464:92): avc: denied { read write } for pid=3715 comm="syz-executor.2" name="vhci" dev="devtmpfs" ino=1104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 200.730702][ T39] audit: type=1400 audit(1662861935.464:93): avc: denied { read write } for pid=3716 comm="syz-executor.3" name="vhci" dev="devtmpfs" ino=1104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 200.745986][ T39] audit: type=1400 audit(1662861935.464:94): avc: denied { open } for pid=3715 comm="syz-executor.2" path="/dev/vhci" dev="devtmpfs" ino=1104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 200.761346][ T39] audit: type=1400 audit(1662861935.464:95): avc: denied { open } for pid=3716 comm="syz-executor.3" path="/dev/vhci" dev="devtmpfs" ino=1104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 201.758814][ T3723] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 201.759991][ T3724] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 201.763843][ T3728] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 201.767348][ T3728] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 201.771130][ T3723] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 201.772003][ T3724] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 201.772813][ T3724] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 201.773066][ T3724] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 201.773370][ T3724] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 201.774162][ T3724] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 201.774887][ T3724] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 201.775135][ T3724] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 201.775313][ T3724] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 201.776006][ T3724] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 201.777253][ T3728] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 201.777788][ T3728] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 201.781363][ T3729] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 201.786587][ T3723] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 201.791277][ T3729] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 201.797291][ T3724] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 201.797499][ T3728] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 201.799719][ T3729] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 201.801202][ T63] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 201.811033][ T3728] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 202.148141][ T3717] chnl_net:caif_netlink_parms(): no params data found [ 202.161312][ T3718] chnl_net:caif_netlink_parms(): no params data found [ 202.450725][ T3715] chnl_net:caif_netlink_parms(): no params data found [ 202.463318][ T3717] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.469237][ T3717] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.475986][ T3717] device bridge_slave_0 entered promiscuous mode [ 202.484115][ T3718] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.489139][ T3718] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.495412][ T3718] device bridge_slave_0 entered promiscuous mode [ 202.502708][ T3716] chnl_net:caif_netlink_parms(): no params data found [ 202.547942][ T3717] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.553398][ T3717] bridge0: port 2(bridge_slave_1) entered disabled state [ 202.559788][ T3717] device bridge_slave_1 entered promiscuous mode [ 202.565589][ T3718] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.569681][ T3718] bridge0: port 2(bridge_slave_1) entered disabled state [ 202.578874][ T3718] device bridge_slave_1 entered promiscuous mode [ 202.733360][ T3718] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 202.749044][ T3717] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 202.767579][ T3717] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 202.777167][ T3718] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 202.935025][ T3716] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.939626][ T3716] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.945908][ T3716] device bridge_slave_0 entered promiscuous mode [ 202.952233][ T3715] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.957817][ T3715] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.963762][ T3715] device bridge_slave_0 entered promiscuous mode [ 202.996119][ T3717] team0: Port device team_slave_0 added [ 203.021278][ T3716] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.026891][ T3716] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.033456][ T3716] device bridge_slave_1 entered promiscuous mode [ 203.038828][ T3715] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.044154][ T3715] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.050616][ T3715] device bridge_slave_1 entered promiscuous mode [ 203.059097][ T3717] team0: Port device team_slave_1 added [ 203.095387][ T3718] team0: Port device team_slave_0 added [ 203.200886][ T3718] team0: Port device team_slave_1 added [ 203.258418][ T3715] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 203.266082][ T3717] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 203.270947][ T3717] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.289873][ T3717] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 203.321392][ T3716] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 203.330778][ T3715] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 203.346055][ T3717] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 203.351277][ T3717] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.368618][ T3717] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 203.383263][ T3718] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 203.389034][ T3718] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.409574][ T3718] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 203.437876][ T3716] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 203.465961][ T3718] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 203.470926][ T3718] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.490337][ T3718] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 203.549641][ T3716] team0: Port device team_slave_0 added [ 203.565887][ T3715] team0: Port device team_slave_0 added [ 203.575581][ T3716] team0: Port device team_slave_1 added [ 203.622849][ T3715] team0: Port device team_slave_1 added [ 203.717963][ T3716] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 203.724084][ T3716] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.748810][ T3716] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 203.763285][ T3717] device hsr_slave_0 entered promiscuous mode [ 203.768711][ T3717] device hsr_slave_1 entered promiscuous mode [ 203.799214][ T3715] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 203.806028][ T3715] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.827909][ T3715] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 203.835766][ T3716] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 203.840917][ T3716] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.858421][ T3716] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 203.874462][ T3718] device hsr_slave_0 entered promiscuous mode [ 203.882719][ T974] Bluetooth: hci3: command 0x0409 tx timeout [ 203.887966][ T3718] device hsr_slave_1 entered promiscuous mode [ 203.890294][ T172] Bluetooth: hci0: command 0x0409 tx timeout [ 203.896048][ T3718] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 203.896697][ T172] Bluetooth: hci2: command 0x0409 tx timeout [ 203.902903][ T3718] Cannot create hsr debugfs directory [ 203.913073][ T3715] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 203.917592][ T3715] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.938372][ T3715] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 203.970159][ T34] Bluetooth: hci1: command 0x0409 tx timeout [ 204.072137][ T3716] device hsr_slave_0 entered promiscuous mode [ 204.077787][ T3716] device hsr_slave_1 entered promiscuous mode [ 204.082583][ T3716] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 204.087442][ T3716] Cannot create hsr debugfs directory [ 204.158665][ T3715] device hsr_slave_0 entered promiscuous mode [ 204.163800][ T3715] device hsr_slave_1 entered promiscuous mode [ 204.168315][ T3715] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 204.173493][ T3715] Cannot create hsr debugfs directory [ 204.582528][ T3717] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 204.597295][ T3717] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 204.616793][ T3717] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 204.632237][ T3717] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 204.644730][ T3718] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 204.652008][ T3718] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 204.662489][ T3718] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 204.670500][ T3718] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 204.734924][ T3716] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 204.749150][ T3716] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 204.767117][ T3716] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 204.779751][ T3716] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 204.871683][ T3715] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 204.879106][ T3715] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 204.895417][ T3715] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 204.902211][ T3715] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 204.920616][ T3717] 8021q: adding VLAN 0 to HW filter on device bond0 [ 204.947638][ T3718] 8021q: adding VLAN 0 to HW filter on device bond0 [ 204.962682][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 204.969565][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 204.983423][ T3717] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.007431][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 205.017838][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 205.024160][ T15] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.032756][ T15] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.041888][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 205.047188][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 205.069168][ T3718] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.085210][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 205.092667][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 205.099586][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 205.106084][ T172] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.111296][ T172] bridge0: port 2(bridge_slave_1) entered forwarding state [ 205.117326][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 205.124004][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 205.130757][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 205.137162][ T172] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.142770][ T172] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.172582][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 205.178959][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 205.203495][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 205.211204][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 205.217732][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 205.235019][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 205.243072][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 205.249547][ T40] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.254621][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state [ 205.262310][ T3716] 8021q: adding VLAN 0 to HW filter on device bond0 [ 205.285140][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 205.291699][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 205.298073][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 205.305955][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 205.312392][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 205.318818][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 205.325376][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 205.340309][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 205.346913][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 205.353079][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 205.358529][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 205.373713][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 205.379756][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 205.386442][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 205.392205][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 205.397186][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 205.403650][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 205.422778][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 205.433603][ T3716] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.444542][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 205.450949][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 205.458055][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 205.463468][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 205.469287][ T3757] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.474641][ T3757] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.482882][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 205.497294][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 205.503679][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 205.508961][ T3757] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.513266][ T3757] bridge0: port 2(bridge_slave_1) entered forwarding state [ 205.519206][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 205.528635][ T3715] 8021q: adding VLAN 0 to HW filter on device bond0 [ 205.556687][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 205.564252][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 205.570800][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 205.576695][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 205.584077][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 205.591428][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 205.607820][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 205.613614][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 205.619032][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 205.624600][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 205.630745][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 205.643523][ T3717] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 205.650451][ T3715] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.658754][ T3754] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 205.664709][ T3754] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 205.669560][ T3754] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 205.677038][ T3754] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 205.692684][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 205.699679][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 205.705871][ T3757] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.710409][ T3757] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.715636][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 205.722950][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 205.728516][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 205.740330][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 205.746776][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 205.752833][ T971] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.757391][ T971] bridge0: port 2(bridge_slave_1) entered forwarding state [ 205.769138][ T3718] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 205.778183][ T3716] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 205.789488][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 205.821390][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 205.827734][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 205.834832][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 205.840684][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 205.846913][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 205.862225][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 205.867492][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 205.874783][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 205.880571][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 205.886672][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 205.902703][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 205.909220][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 205.941925][ T3717] device veth0_vlan entered promiscuous mode [ 205.947050][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 205.953956][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 205.959660][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 205.960463][ T3756] Bluetooth: hci3: command 0x041b tx timeout [ 205.965870][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 205.976091][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 205.981190][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 205.990757][ T15] Bluetooth: hci2: command 0x041b tx timeout [ 205.992680][ T3715] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 205.994597][ T15] Bluetooth: hci0: command 0x041b tx timeout [ 206.004042][ T3716] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 206.007020][ T3718] device veth0_vlan entered promiscuous mode [ 206.025384][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 206.031220][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 206.036501][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 206.040590][ T3756] Bluetooth: hci1: command 0x041b tx timeout [ 206.042341][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 206.056294][ T3717] device veth1_vlan entered promiscuous mode [ 206.062987][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 206.069726][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 206.077741][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 206.097687][ T3718] device veth1_vlan entered promiscuous mode [ 206.133594][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 206.139977][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 206.146014][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 206.153426][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 206.158427][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 206.168470][ T3715] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 206.183729][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 206.192101][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 206.226094][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 206.233597][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 206.240744][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 206.247886][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 206.255749][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 206.265119][ T971] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 206.275231][ T3718] device veth0_macvtap entered promiscuous mode [ 206.283081][ T3717] device veth0_macvtap entered promiscuous mode [ 206.300750][ T3717] device veth1_macvtap entered promiscuous mode [ 206.311940][ T3716] device veth0_vlan entered promiscuous mode [ 206.319735][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 206.326215][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 206.333196][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 206.339521][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 206.346954][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 206.356269][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 206.363471][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 206.371964][ T3718] device veth1_macvtap entered promiscuous mode [ 206.399283][ T3717] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 206.412570][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 206.418766][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 206.431005][ T3716] device veth1_vlan entered promiscuous mode [ 206.444982][ T3717] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 206.457725][ T3715] device veth0_vlan entered promiscuous mode [ 206.468528][ T3718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 206.477341][ T3718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.485603][ T3718] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 206.492314][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 206.498892][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 206.506100][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 206.513283][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 206.519487][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 206.528375][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 206.536649][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 206.545079][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 206.565809][ T3717] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.573165][ T3717] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.579936][ T3717] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.587283][ T3717] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.606013][ T3718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 206.613544][ T3718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.621278][ T3718] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 206.629043][ T3715] device veth1_vlan entered promiscuous mode [ 206.636938][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 206.642411][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 206.647797][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 206.658436][ T3718] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.666171][ T3718] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.673283][ T3718] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.680809][ T3718] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.744555][ T39] kauditd_printk_skb: 4 callbacks suppressed [ 206.744568][ T39] audit: type=1400 audit(1662861941.564:100): avc: denied { mounton } for pid=3717 comm="syz-executor.1" path="/dev/binderfs" dev="devtmpfs" ino=2383 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 206.757109][ T3716] device veth0_macvtap entered promiscuous mode [ 206.773141][ T39] audit: type=1400 audit(1662861941.594:101): avc: denied { mount } for pid=3717 comm="syz-executor.1" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 206.781310][ T3716] device veth1_macvtap entered promiscuous mode [ 206.802932][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 206.809935][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 206.818771][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 206.825269][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 206.842713][ T3715] device veth0_macvtap entered promiscuous mode [ 206.851555][ T3715] device veth1_macvtap entered promiscuous mode [ 206.853558][ T39] audit: type=1400 audit(1662861941.674:102): avc: denied { read write } for pid=3717 comm="syz-executor.1" name="loop1" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 206.872200][ T3715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 206.872241][ T3715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.872248][ T3715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 206.872256][ T3715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 02:05:41 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000300)={'tunl0\x00', &(0x7f00000001c0)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast1, @remote}}}}) [ 206.873488][ T3715] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 206.878979][ T39] audit: type=1400 audit(1662861941.674:103): avc: denied { open } for pid=3717 comm="syz-executor.1" path="/dev/loop1" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 206.924991][ T39] audit: type=1400 audit(1662861941.674:104): avc: denied { ioctl } for pid=3717 comm="syz-executor.1" path="/dev/loop1" dev="devtmpfs" ino=657 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 206.933765][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 206.945893][ T39] audit: type=1400 audit(1662861941.704:105): avc: denied { bpf } for pid=3764 comm="syz-executor.1" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 206.973135][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 206.980986][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 206.987304][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 206.997213][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 207.005224][ T3756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 207.015010][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 207.024039][ T3715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 207.034313][ T3715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.042273][ T3715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 207.049279][ T3715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.058688][ T3715] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 207.069434][ T3716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 02:05:41 executing program 1: mlockall(0x3) mlockall(0x6) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) [ 207.076733][ T3716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.083986][ T3716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 207.092863][ T3716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.101393][ T3716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 02:05:41 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='dctcp\x00', 0x6) [ 207.110898][ T3716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.124832][ T3716] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 207.137036][ T3763] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 207.155327][ T3763] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 02:05:41 executing program 0: r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) fstat(r0, &(0x7f0000000000)) [ 207.163501][ T3763] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 207.172597][ T3763] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready 02:05:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x40, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 207.182286][ T3715] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.189388][ T3715] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.196922][ T3715] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.202631][ T39] audit: type=1400 audit(1662861942.024:106): avc: denied { read } for pid=3777 comm="syz-executor.0" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 207.204064][ T3715] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.218691][ T3778] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 207.227782][ T39] audit: type=1400 audit(1662861942.024:107): avc: denied { open } for pid=3777 comm="syz-executor.0" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 207.247409][ T3716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 207.256139][ T39] audit: type=1400 audit(1662861942.024:108): avc: denied { ioctl } for pid=3777 comm="syz-executor.0" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 207.260696][ T3716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.283293][ T3716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 207.289468][ T3716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.295554][ T3716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 207.303183][ T3716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 207.312432][ T3716] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 207.352329][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 207.358219][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 207.370868][ T3716] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.376622][ T3716] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.382917][ T3716] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.389371][ T3716] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 02:05:42 executing program 0: socketpair(0x2, 0x3, 0x1f, &(0x7f0000000000)) [ 207.457528][ T39] audit: type=1400 audit(1662861942.274:109): avc: denied { read write } for pid=3783 comm="syz-executor.2" name="fuse" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 02:05:42 executing program 2: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) r2 = socket$packet(0x11, 0x2, 0x300) sendto(r2, 0x0, 0x0, 0x4001, &(0x7f0000000200)=@ll={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x80) 02:05:42 executing program 0: request_key(&(0x7f0000000080)='logon\x00', &(0x7f00000000c0)={'syz', 0x1, 0x2}, 0x0, 0x0) 02:05:42 executing program 2: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x1, &(0x7f00000000c0)=@raw=[@alu], &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 02:05:42 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1e, 0x0, 0x8, 0x80}, 0x48) 02:05:42 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000200)={'ip6tnl0\x00', &(0x7f0000000180)={'ip6tnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @mcast2, @empty}}) 02:05:42 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000180)={'sit0\x00', &(0x7f0000000100)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x29, 0x0, @private, @empty}}}}) 02:05:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x0, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:05:42 executing program 2: r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000000)='asymmetric\x00', &(0x7f0000000540)=@secondary) add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000100)="85", 0x1, r0) r1 = add_key(&(0x7f0000000180)='dns_resolver\x00', &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000280)="6662844f2b20798fa53b8b066242f2596f3ae3f3555a9617c19ce868ca9403369a0f62321c35f8ed67c8d7545f845ebe4c327c5ea674c3b94d89e35e498adaee54a871723eccb449b7b353c6d17d45acfaaf25489c296442d86e849bb294fa1f8ff99b6e2cadadb594467a85c1bc583a8f63f9826b03a588833972645062c30dab71ce33eb6765b8ae77c32859fd8b7f2485af7c9cdb49873e1551a40d8925f32a594a1344b13421a0abf1bf2b9c601ed76097618cbdebf8534565eaabd419cf4be0213e56b4df7956a1b9793907b32db21ffb2cfd0b28eed563ca85d0a5be86acfa5b4bf8bf7ed54d3170a4a7aa3350d6a8", 0xf2, r0) r2 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$read(0xb, r2, &(0x7f0000000440)=""/200, 0xc8) r3 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f00000000c0)={'fscrypt:', @desc2}, &(0x7f0000000100)={0x0, "2fc8c85a32e6f94d638bc35ca21dc57c281808da66161265c673f09655bd6e5182869a15a7ddfdbb599adebbd2d23059ac8e788f7920efa0ad790a23d2bc8a4a"}, 0x48, 0xfffffffffffffffc) keyctl$setperm(0x5, r3, 0x0) r4 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f00000000c0)={'fscrypt:', @desc2}, &(0x7f0000000100)={0x0, "2fc8c85a32e6f94d638bc35ca21dc57c281808da66161265c673f09655bd6e5182869a15a7ddfdbb599adebbd2d23059ac8e788f7920efa0ad790a23d2bc8a4a"}, 0x48, 0xfffffffffffffffc) keyctl$setperm(0x5, r4, 0x0) add_key$user(&(0x7f0000000580), &(0x7f00000005c0)={'syz', 0x2}, &(0x7f0000000600)="c9722a9370de675e40bd2afb2202561cac8969690dd666a981af7cfffd87f0f620365cf3f61763e668c5b09af5a5995169892896561c18605a5d7cf81bbbef17d8a112644bc938f30f29efb7f46e59804bddc3f0a1daaa14a9487917df2652f425505a869c41d0eb672e47817baca3eb182080d55e0bcab446a7f684", 0x7c, r4) keyctl$search(0xa, r1, &(0x7f0000000200)='rxrpc_s\x00', &(0x7f0000000380)={'syz', 0x1}, r3) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_DAEMON(r5, &(0x7f0000000780)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x14}, 0x14}}, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000140)={0x0, 'vlan0\x00', {}, 0x4}) 02:05:42 executing program 1: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x2, &(0x7f0000000080)=@raw=[@map_val], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x8b, &(0x7f0000000140)=""/139, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 02:05:42 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv4_getaddr={0x18, 0x16, 0x1}, 0x18}}, 0x0) 02:05:42 executing program 1: memfd_create(&(0x7f0000000200)='/dev/udmabuf\x00', 0x0) 02:05:42 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1e, 0x0, 0x8, 0x80, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x48) 02:05:42 executing program 2: r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000000)='asymmetric\x00', &(0x7f0000000540)=@secondary) add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000100)="85", 0x1, r0) r1 = add_key(&(0x7f0000000180)='dns_resolver\x00', &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000280)="6662844f2b20798fa53b8b066242f2596f3ae3f3555a9617c19ce868ca9403369a0f62321c35f8ed67c8d7545f845ebe4c327c5ea674c3b94d89e35e498adaee54a871723eccb449b7b353c6d17d45acfaaf25489c296442d86e849bb294fa1f8ff99b6e2cadadb594467a85c1bc583a8f63f9826b03a588833972645062c30dab71ce33eb6765b8ae77c32859fd8b7f2485af7c9cdb49873e1551a40d8925f32a594a1344b13421a0abf1bf2b9c601ed76097618cbdebf8534565eaabd419cf4be0213e56b4df7956a1b9793907b32db21ffb2cfd0b28eed563ca85d0a5be86acfa5b4bf8bf7ed54d3170a4a7aa3350d6a8", 0xf2, r0) r2 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$read(0xb, r2, &(0x7f0000000440)=""/200, 0xc8) r3 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f00000000c0)={'fscrypt:', @desc2}, &(0x7f0000000100)={0x0, "2fc8c85a32e6f94d638bc35ca21dc57c281808da66161265c673f09655bd6e5182869a15a7ddfdbb599adebbd2d23059ac8e788f7920efa0ad790a23d2bc8a4a"}, 0x48, 0xfffffffffffffffc) keyctl$setperm(0x5, r3, 0x0) r4 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f00000000c0)={'fscrypt:', @desc2}, &(0x7f0000000100)={0x0, "2fc8c85a32e6f94d638bc35ca21dc57c281808da66161265c673f09655bd6e5182869a15a7ddfdbb599adebbd2d23059ac8e788f7920efa0ad790a23d2bc8a4a"}, 0x48, 0xfffffffffffffffc) keyctl$setperm(0x5, r4, 0x0) add_key$user(&(0x7f0000000580), &(0x7f00000005c0)={'syz', 0x2}, &(0x7f0000000600)="c9722a9370de675e40bd2afb2202561cac8969690dd666a981af7cfffd87f0f620365cf3f61763e668c5b09af5a5995169892896561c18605a5d7cf81bbbef17d8a112644bc938f30f29efb7f46e59804bddc3f0a1daaa14a9487917df2652f425505a869c41d0eb672e47817baca3eb182080d55e0bcab446a7f684", 0x7c, r4) keyctl$search(0xa, r1, &(0x7f0000000200)='rxrpc_s\x00', &(0x7f0000000380)={'syz', 0x1}, r3) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_DAEMON(r5, &(0x7f0000000780)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x14}, 0x14}}, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000140)={0x0, 'vlan0\x00', {}, 0x4}) 02:05:42 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000000080)={0x0, 0x0, 0xfffffffffffffffe}, 0x0) 02:05:42 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@ipv6_newnexthop={0x1c, 0x68, 0x11, 0x0, 0x0, {}, [@NHA_RES_GROUP={0x4}]}, 0x1c}}, 0x0) [ 208.072914][ T3759] Bluetooth: hci3: command 0x040f tx timeout [ 208.076854][ T3761] Bluetooth: hci2: command 0x040f tx timeout [ 208.079674][ T15] Bluetooth: hci0: command 0x040f tx timeout [ 208.096985][ T3804] kvm: pic: non byte read [ 208.106590][ T3804] kvm: pic: level sensitive irq not supported [ 208.107068][ T3804] kvm: pic: non byte read [ 208.116420][ T3804] kvm: pic: non byte read [ 208.121406][ T3804] kvm: pic: non byte read [ 208.127490][ T3804] kvm: pic: non byte read [ 208.128397][ T3759] Bluetooth: hci1: command 0x040f tx timeout [ 208.132691][ T3804] kvm: pic: non byte read [ 208.141131][ T3804] kvm: pic: non byte read [ 208.145848][ T3804] kvm: pic: non byte read [ 208.151208][ T3804] kvm: pic: non byte read [ 208.155242][ T3804] kvm: pic: non byte read 02:05:43 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)=@ipv4_newroute={0x34, 0x18, 0x1, 0x0, 0x0, {}, [@RTA_DPORT={0x6}, @RTA_PREFSRC={0x8, 0x7, @multicast2}, @RTA_OIF={0x8}]}, 0x34}}, 0x0) 02:05:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0x40049409, 0x20) 02:05:43 executing program 2: r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000000)='asymmetric\x00', &(0x7f0000000540)=@secondary) add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000100)="85", 0x1, r0) r1 = add_key(&(0x7f0000000180)='dns_resolver\x00', &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000280)="6662844f2b20798fa53b8b066242f2596f3ae3f3555a9617c19ce868ca9403369a0f62321c35f8ed67c8d7545f845ebe4c327c5ea674c3b94d89e35e498adaee54a871723eccb449b7b353c6d17d45acfaaf25489c296442d86e849bb294fa1f8ff99b6e2cadadb594467a85c1bc583a8f63f9826b03a588833972645062c30dab71ce33eb6765b8ae77c32859fd8b7f2485af7c9cdb49873e1551a40d8925f32a594a1344b13421a0abf1bf2b9c601ed76097618cbdebf8534565eaabd419cf4be0213e56b4df7956a1b9793907b32db21ffb2cfd0b28eed563ca85d0a5be86acfa5b4bf8bf7ed54d3170a4a7aa3350d6a8", 0xf2, r0) r2 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$read(0xb, r2, &(0x7f0000000440)=""/200, 0xc8) r3 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f00000000c0)={'fscrypt:', @desc2}, &(0x7f0000000100)={0x0, "2fc8c85a32e6f94d638bc35ca21dc57c281808da66161265c673f09655bd6e5182869a15a7ddfdbb599adebbd2d23059ac8e788f7920efa0ad790a23d2bc8a4a"}, 0x48, 0xfffffffffffffffc) keyctl$setperm(0x5, r3, 0x0) r4 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f00000000c0)={'fscrypt:', @desc2}, &(0x7f0000000100)={0x0, "2fc8c85a32e6f94d638bc35ca21dc57c281808da66161265c673f09655bd6e5182869a15a7ddfdbb599adebbd2d23059ac8e788f7920efa0ad790a23d2bc8a4a"}, 0x48, 0xfffffffffffffffc) keyctl$setperm(0x5, r4, 0x0) add_key$user(&(0x7f0000000580), &(0x7f00000005c0)={'syz', 0x2}, &(0x7f0000000600)="c9722a9370de675e40bd2afb2202561cac8969690dd666a981af7cfffd87f0f620365cf3f61763e668c5b09af5a5995169892896561c18605a5d7cf81bbbef17d8a112644bc938f30f29efb7f46e59804bddc3f0a1daaa14a9487917df2652f425505a869c41d0eb672e47817baca3eb182080d55e0bcab446a7f684", 0x7c, r4) keyctl$search(0xa, r1, &(0x7f0000000200)='rxrpc_s\x00', &(0x7f0000000380)={'syz', 0x1}, r3) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_DAEMON(r5, &(0x7f0000000780)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x14}, 0x14}}, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000140)={0x0, 'vlan0\x00', {}, 0x4}) 02:05:43 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@ipv4_delrule={0x1b, 0x21, 0x1}, 0x1c}}, 0x0) 02:05:43 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x0, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:05:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x0, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:05:43 executing program 2: r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000000)='asymmetric\x00', &(0x7f0000000540)=@secondary) add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000100)="85", 0x1, r0) r1 = add_key(&(0x7f0000000180)='dns_resolver\x00', &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000280)="6662844f2b20798fa53b8b066242f2596f3ae3f3555a9617c19ce868ca9403369a0f62321c35f8ed67c8d7545f845ebe4c327c5ea674c3b94d89e35e498adaee54a871723eccb449b7b353c6d17d45acfaaf25489c296442d86e849bb294fa1f8ff99b6e2cadadb594467a85c1bc583a8f63f9826b03a588833972645062c30dab71ce33eb6765b8ae77c32859fd8b7f2485af7c9cdb49873e1551a40d8925f32a594a1344b13421a0abf1bf2b9c601ed76097618cbdebf8534565eaabd419cf4be0213e56b4df7956a1b9793907b32db21ffb2cfd0b28eed563ca85d0a5be86acfa5b4bf8bf7ed54d3170a4a7aa3350d6a8", 0xf2, r0) r2 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$read(0xb, r2, &(0x7f0000000440)=""/200, 0xc8) r3 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f00000000c0)={'fscrypt:', @desc2}, &(0x7f0000000100)={0x0, "2fc8c85a32e6f94d638bc35ca21dc57c281808da66161265c673f09655bd6e5182869a15a7ddfdbb599adebbd2d23059ac8e788f7920efa0ad790a23d2bc8a4a"}, 0x48, 0xfffffffffffffffc) keyctl$setperm(0x5, r3, 0x0) r4 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f00000000c0)={'fscrypt:', @desc2}, &(0x7f0000000100)={0x0, "2fc8c85a32e6f94d638bc35ca21dc57c281808da66161265c673f09655bd6e5182869a15a7ddfdbb599adebbd2d23059ac8e788f7920efa0ad790a23d2bc8a4a"}, 0x48, 0xfffffffffffffffc) keyctl$setperm(0x5, r4, 0x0) add_key$user(&(0x7f0000000580), &(0x7f00000005c0)={'syz', 0x2}, &(0x7f0000000600)="c9722a9370de675e40bd2afb2202561cac8969690dd666a981af7cfffd87f0f620365cf3f61763e668c5b09af5a5995169892896561c18605a5d7cf81bbbef17d8a112644bc938f30f29efb7f46e59804bddc3f0a1daaa14a9487917df2652f425505a869c41d0eb672e47817baca3eb182080d55e0bcab446a7f684", 0x7c, r4) keyctl$search(0xa, r1, &(0x7f0000000200)='rxrpc_s\x00', &(0x7f0000000380)={'syz', 0x1}, r3) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_DAEMON(r5, &(0x7f0000000780)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x14}, 0x14}}, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000140)={0x0, 'vlan0\x00', {}, 0x4}) 02:05:43 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x7ff, 0x7, 0x7e9, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48) 02:05:43 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000100)={'sit0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast2, @remote}}}}) [ 208.943829][ T3836] kvm: pic: level sensitive irq not supported 02:05:43 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1e, 0x0, 0x8, 0xffff, 0x8}, 0x48) 02:05:43 executing program 1: syz_clone(0xc964100, 0x0, 0xfffffffffffffdc1, 0x0, 0x0, 0x0) 02:05:44 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000140)={'gre0\x00', &(0x7f0000000040)=ANY=[]}) 02:05:44 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0x20, 0x4) 02:05:44 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x0, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:05:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x0, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:05:44 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_PAN_ID(r0, &(0x7f0000000380)={0xfffffffffffffffd, 0x0, &(0x7f0000000340)={0x0, 0x20}}, 0x0) 02:05:44 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1e, 0x0, 0x8, 0x80, 0x1008}, 0x48) [ 209.006134][ T3837] kvm: pic: level sensitive irq not supported 02:05:44 executing program 2: bpf$PROG_LOAD_XDP(0x5, &(0x7f00000011c0)={0x6, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xff3, &(0x7f0000001900)=""/4083, 0x0, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) r1 = memfd_create(&(0x7f0000000300)='U\xffA\x05\xd6\xe7\xfc\xa3\xb0\x04\xe2\x1b\\by\xdc2`U6;\xe3ZoL\x14\xa7\x8c\'\xa3\xcf\xff\xf0+9\xac\\\xa4\xa5=\\\xcc\xf6\xc4R\x88A\x95\xe0\xff\xff\xffX\x91\x1au\x83V\xc1H\xd3\rZ\x01!b\xc0\xaeW\xc5\x1f\xec\xfd\xe3\xc1\a\xeb\\,\x98P \xf2\xfe\xc5\xf9\xd4\x9a\x16\xa6\xb2\xde\x82\xa8\xf9\xcb{\xa9m\x83\xfb\x84\x8e\xef\xe3#\xcf$Df\x89\xe2?`\x96E=-\xd6\x91,4yEE\x1d\x81\x9c\x00\x00\x00\x00\x00\x001N\x1a\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\xcc\xb8o7\t\x0e4$Lb\xf9e\x8dv\xd0Y\x86\x18\v\xd6\xf9\\-\xdc\x00\x00\x00\x00\x00\x00\x00\x00\x8fe\x01m\x00\x00\a4\xf2\x8c\x19\x1e\xf0\xb5_\x93\x98\xb8\xcc\xc2\xc6\x15?\xa44\xd4\x12\xed\xa1\xf1!\xbch\x94\xd6\xf0\x98u\xd0#\x95y\x10\x06^\xde\x0563\x9dX\xdcI\x06\xfe6\x1e^\"\x90\xbf\xa7&\xa3\xb5\x8d\\\xcf\xa1T\v\xd1\x92oV\x8d\xbcGd\x82\xaeD\xe0D\x10\xa9\xdb[\\eN\xbc\xb26-\xcd\xeat\xfa)\xc8\x00\x91<0\xbcf\x8b\xd5\xdb\xd9AC\xf5', 0x1) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000580)='?', 0x1}], 0x1, 0x81806, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, 0x0, 0x24002da8) r2 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r2, r0, &(0x7f0000000000)=0x8001, 0x72) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4320100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@delnexthop={0x30, 0x69, 0x200, 0x70bd27, 0x25dfdbff, {}, [{0x8}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x20008010) 02:05:44 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x0, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:05:44 executing program 1: r0 = syz_mount_image$tmpfs(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000001e40)=@v1={0x0, @aes128, 0x0, @desc1}) chdir(&(0x7f0000000000)='./file0\x00') add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f00000001c0)={'fscrypt:', @desc1}, &(0x7f00000002c0)={0x0, "615a091a55a8c9a640115d99d981b3886420589c6685d4982a83b71b906769e737201ac6b7a7804454156569cbf3a5be811debc957b5831b89b59d703e748c7c", 0x10}, 0x48, 0xffffffffffffffff) r2 = open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) r5 = dup2(0xffffffffffffffff, r4) r6 = openat(r5, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r6, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) sendmsg$NFT_MSG_GETTABLE(r6, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r6, 0xc0189376, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0x6}}, '.\x00'}) open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x3c1, 0x3, 0x430, 0x0, 0xc8, 0x8, 0x1c0, 0x5803, 0x360, 0x2e8, 0x2e8, 0x360, 0x2e8, 0x3, 0x0, {[{{@ipv6={@remote, @mcast1, [], [], 'erspan0\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x2}}, @common=@inet=@socket1={{0x28}, 0x2}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0x138, 0x1a0, 0x0, {}, [@common=@unspec=@rateest={{0x68}, {'bond0\x00', 'veth1_virt_wifi\x00'}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x490) sendfile(r2, r3, 0x0, 0x8000000a) [ 209.819274][ T3870] kvm: pic: level sensitive irq not supported [ 210.070344][ T3892] syz-executor.1 (pid 3892) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 210.077198][ T3890] loop7: detected capacity change from 0 to 1036 [ 210.120807][ T40] Bluetooth: hci3: command 0x0419 tx timeout [ 210.121784][ T3761] Bluetooth: hci2: command 0x0419 tx timeout [ 210.130757][ T15] Bluetooth: hci0: command 0x0419 tx timeout [ 210.189867][ T3897] fs-verity: sha512 using implementation "sha512-avx2" [ 210.202004][ T40] Bluetooth: hci1: command 0x0419 tx timeout [ 210.282795][ T3893] kvm: pic: level sensitive irq not supported [ 210.337255][ T3897] fs-verity (sda1, inode 1135): Malformed file signature [ 210.387337][ T3897] xt_socket: unknown flags 0x2 02:05:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x0, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:05:45 executing program 2: bpf$PROG_LOAD_XDP(0x5, &(0x7f00000011c0)={0x6, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xff3, &(0x7f0000001900)=""/4083, 0x0, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) (async) r1 = memfd_create(&(0x7f0000000300)='U\xffA\x05\xd6\xe7\xfc\xa3\xb0\x04\xe2\x1b\\by\xdc2`U6;\xe3ZoL\x14\xa7\x8c\'\xa3\xcf\xff\xf0+9\xac\\\xa4\xa5=\\\xcc\xf6\xc4R\x88A\x95\xe0\xff\xff\xffX\x91\x1au\x83V\xc1H\xd3\rZ\x01!b\xc0\xaeW\xc5\x1f\xec\xfd\xe3\xc1\a\xeb\\,\x98P \xf2\xfe\xc5\xf9\xd4\x9a\x16\xa6\xb2\xde\x82\xa8\xf9\xcb{\xa9m\x83\xfb\x84\x8e\xef\xe3#\xcf$Df\x89\xe2?`\x96E=-\xd6\x91,4yEE\x1d\x81\x9c\x00\x00\x00\x00\x00\x001N\x1a\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\xcc\xb8o7\t\x0e4$Lb\xf9e\x8dv\xd0Y\x86\x18\v\xd6\xf9\\-\xdc\x00\x00\x00\x00\x00\x00\x00\x00\x8fe\x01m\x00\x00\a4\xf2\x8c\x19\x1e\xf0\xb5_\x93\x98\xb8\xcc\xc2\xc6\x15?\xa44\xd4\x12\xed\xa1\xf1!\xbch\x94\xd6\xf0\x98u\xd0#\x95y\x10\x06^\xde\x0563\x9dX\xdcI\x06\xfe6\x1e^\"\x90\xbf\xa7&\xa3\xb5\x8d\\\xcf\xa1T\v\xd1\x92oV\x8d\xbcGd\x82\xaeD\xe0D\x10\xa9\xdb[\\eN\xbc\xb26-\xcd\xeat\xfa)\xc8\x00\x91<0\xbcf\x8b\xd5\xdb\xd9AC\xf5', 0x1) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000580)='?', 0x1}], 0x1, 0x81806, 0x0) (async) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) (async) sendfile(r0, r0, 0x0, 0x24002da8) r2 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r2, r0, &(0x7f0000000000)=0x8001, 0x72) (async, rerun: 64) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4320100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@delnexthop={0x30, 0x69, 0x200, 0x70bd27, 0x25dfdbff, {}, [{0x8}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x20008010) (rerun: 64) 02:05:45 executing program 2: bpf$PROG_LOAD_XDP(0x5, &(0x7f00000011c0)={0x6, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xff3, &(0x7f0000001900)=""/4083, 0x0, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) r1 = memfd_create(&(0x7f0000000300)='U\xffA\x05\xd6\xe7\xfc\xa3\xb0\x04\xe2\x1b\\by\xdc2`U6;\xe3ZoL\x14\xa7\x8c\'\xa3\xcf\xff\xf0+9\xac\\\xa4\xa5=\\\xcc\xf6\xc4R\x88A\x95\xe0\xff\xff\xffX\x91\x1au\x83V\xc1H\xd3\rZ\x01!b\xc0\xaeW\xc5\x1f\xec\xfd\xe3\xc1\a\xeb\\,\x98P \xf2\xfe\xc5\xf9\xd4\x9a\x16\xa6\xb2\xde\x82\xa8\xf9\xcb{\xa9m\x83\xfb\x84\x8e\xef\xe3#\xcf$Df\x89\xe2?`\x96E=-\xd6\x91,4yEE\x1d\x81\x9c\x00\x00\x00\x00\x00\x001N\x1a\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\xcc\xb8o7\t\x0e4$Lb\xf9e\x8dv\xd0Y\x86\x18\v\xd6\xf9\\-\xdc\x00\x00\x00\x00\x00\x00\x00\x00\x8fe\x01m\x00\x00\a4\xf2\x8c\x19\x1e\xf0\xb5_\x93\x98\xb8\xcc\xc2\xc6\x15?\xa44\xd4\x12\xed\xa1\xf1!\xbch\x94\xd6\xf0\x98u\xd0#\x95y\x10\x06^\xde\x0563\x9dX\xdcI\x06\xfe6\x1e^\"\x90\xbf\xa7&\xa3\xb5\x8d\\\xcf\xa1T\v\xd1\x92oV\x8d\xbcGd\x82\xaeD\xe0D\x10\xa9\xdb[\\eN\xbc\xb26-\xcd\xeat\xfa)\xc8\x00\x91<0\xbcf\x8b\xd5\xdb\xd9AC\xf5', 0x1) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000580)='?', 0x1}], 0x1, 0x81806, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, 0x0, 0x24002da8) r2 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r2, r0, &(0x7f0000000000)=0x8001, 0x72) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4320100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@delnexthop={0x30, 0x69, 0x200, 0x70bd27, 0x25dfdbff, {}, [{0x8}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x20008010) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000011c0)={0x6, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xff3, &(0x7f0000001900)=""/4083, 0x0, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async) syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) (async) memfd_create(&(0x7f0000000300)='U\xffA\x05\xd6\xe7\xfc\xa3\xb0\x04\xe2\x1b\\by\xdc2`U6;\xe3ZoL\x14\xa7\x8c\'\xa3\xcf\xff\xf0+9\xac\\\xa4\xa5=\\\xcc\xf6\xc4R\x88A\x95\xe0\xff\xff\xffX\x91\x1au\x83V\xc1H\xd3\rZ\x01!b\xc0\xaeW\xc5\x1f\xec\xfd\xe3\xc1\a\xeb\\,\x98P \xf2\xfe\xc5\xf9\xd4\x9a\x16\xa6\xb2\xde\x82\xa8\xf9\xcb{\xa9m\x83\xfb\x84\x8e\xef\xe3#\xcf$Df\x89\xe2?`\x96E=-\xd6\x91,4yEE\x1d\x81\x9c\x00\x00\x00\x00\x00\x001N\x1a\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\xcc\xb8o7\t\x0e4$Lb\xf9e\x8dv\xd0Y\x86\x18\v\xd6\xf9\\-\xdc\x00\x00\x00\x00\x00\x00\x00\x00\x8fe\x01m\x00\x00\a4\xf2\x8c\x19\x1e\xf0\xb5_\x93\x98\xb8\xcc\xc2\xc6\x15?\xa44\xd4\x12\xed\xa1\xf1!\xbch\x94\xd6\xf0\x98u\xd0#\x95y\x10\x06^\xde\x0563\x9dX\xdcI\x06\xfe6\x1e^\"\x90\xbf\xa7&\xa3\xb5\x8d\\\xcf\xa1T\v\xd1\x92oV\x8d\xbcGd\x82\xaeD\xe0D\x10\xa9\xdb[\\eN\xbc\xb26-\xcd\xeat\xfa)\xc8\x00\x91<0\xbcf\x8b\xd5\xdb\xd9AC\xf5', 0x1) (async) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000580)='?', 0x1}], 0x1, 0x81806, 0x0) (async) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) (async) sendfile(r0, r0, 0x0, 0x24002da8) (async) socket$nl_route(0x10, 0x3, 0x0) (async) sendfile(r2, r0, &(0x7f0000000000)=0x8001, 0x72) (async) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4320100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@delnexthop={0x30, 0x69, 0x200, 0x70bd27, 0x25dfdbff, {}, [{0x8}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x20008010) (async) 02:05:45 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCDELRT(r0, 0x890c, 0x0) 02:05:45 executing program 1: r0 = syz_mount_image$tmpfs(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64) r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) (rerun: 64) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000001e40)=@v1={0x0, @aes128, 0x0, @desc1}) (async) chdir(&(0x7f0000000000)='./file0\x00') (async) add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f00000001c0)={'fscrypt:', @desc1}, &(0x7f00000002c0)={0x0, "615a091a55a8c9a640115d99d981b3886420589c6685d4982a83b71b906769e737201ac6b7a7804454156569cbf3a5be811debc957b5831b89b59d703e748c7c", 0x10}, 0x48, 0xffffffffffffffff) (async) r2 = open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0) (async) r3 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) (async) r4 = socket$inet6_udp(0xa, 0x2, 0x0) r5 = dup2(0xffffffffffffffff, r4) r6 = openat(r5, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r6, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) (async) sendmsg$NFT_MSG_GETTABLE(r6, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_READY(r6, 0xc0189376, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0x6}}, '.\x00'}) (async) open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0) (async, rerun: 64) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) (async, rerun: 64) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)) (async) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x3c1, 0x3, 0x430, 0x0, 0xc8, 0x8, 0x1c0, 0x5803, 0x360, 0x2e8, 0x2e8, 0x360, 0x2e8, 0x3, 0x0, {[{{@ipv6={@remote, @mcast1, [], [], 'erspan0\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x2}}, @common=@inet=@socket1={{0x28}, 0x2}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0x138, 0x1a0, 0x0, {}, [@common=@unspec=@rateest={{0x68}, {'bond0\x00', 'veth1_virt_wifi\x00'}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x490) (async) sendfile(r2, r3, 0x0, 0x8000000a) 02:05:45 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x40, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:05:45 executing program 1: r0 = syz_mount_image$tmpfs(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) (async) r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000001e40)=@v1={0x0, @aes128, 0x0, @desc1}) (async) chdir(&(0x7f0000000000)='./file0\x00') (async) add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f00000001c0)={'fscrypt:', @desc1}, &(0x7f00000002c0)={0x0, "615a091a55a8c9a640115d99d981b3886420589c6685d4982a83b71b906769e737201ac6b7a7804454156569cbf3a5be811debc957b5831b89b59d703e748c7c", 0x10}, 0x48, 0xffffffffffffffff) (async) r2 = open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) (async) r4 = socket$inet6_udp(0xa, 0x2, 0x0) r5 = dup2(0xffffffffffffffff, r4) r6 = openat(r5, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r6, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) (async) sendmsg$NFT_MSG_GETTABLE(r6, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_READY(r6, 0xc0189376, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0x6}}, '.\x00'}) open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0) (async) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x3c1, 0x3, 0x430, 0x0, 0xc8, 0x8, 0x1c0, 0x5803, 0x360, 0x2e8, 0x2e8, 0x360, 0x2e8, 0x3, 0x0, {[{{@ipv6={@remote, @mcast1, [], [], 'erspan0\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x2}}, @common=@inet=@socket1={{0x28}, 0x2}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0x138, 0x1a0, 0x0, {}, [@common=@unspec=@rateest={{0x68}, {'bond0\x00', 'veth1_virt_wifi\x00'}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x490) (async) sendfile(r2, r3, 0x0, 0x8000000a) 02:05:45 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x24, &(0x7f00000000c0)=0x3, 0x4) [ 210.852915][ T3909] kvm: pic: level sensitive irq not supported [ 211.180275][ T3948] xt_socket: unknown flags 0x2 02:05:46 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000340)={&(0x7f00000002c0)={0x2, 0x4e22}, 0x10, 0x0, 0x0, &(0x7f0000000800)=[@ip_retopts={{0x14, 0x0, 0x7, {[@rr={0x7, 0x3}]}}}, @ip_ttl={{0x14}}], 0x30}, 0x0) [ 211.192850][ T3947] fs-verity (sda1, inode 1135): Malformed file signature [ 211.310707][ T3940] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 211.539198][ T3940] kvm: pic: single mode not supported [ 211.543301][ T3940] kvm: pic: single mode not supported [ 211.563520][ T3940] kvm: pic: single mode not supported 02:05:46 executing program 1: r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r1, &(0x7f0000000440)={&(0x7f0000000340), 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x14, r0, 0xc5d7fd4e9c433cdb}, 0x14}}, 0x0) [ 211.599137][ T3940] kvm: pic: single mode not supported [ 211.654239][ T3940] kvm: pic: single mode not supported [ 211.656821][ T3959] loop2: detected capacity change from 0 to 16 02:05:46 executing program 2: syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000600)=[{&(0x7f0000000240)="eb3c8f000000732e66617400020101000240008080f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fallocate(r0, 0x100000001, 0x0, 0x2811fdff) io_submit(0x0, 0x0, 0x0) 02:05:46 executing program 0: bpf$PROG_LOAD(0x8, 0x0, 0x1c) 02:05:46 executing program 1: r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r1, &(0x7f0000000440)={&(0x7f0000000340), 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x14, r0, 0xc5d7fd4e9c433cdb}, 0x14}}, 0x0) [ 211.659075][ T3940] kvm: pic: level sensitive irq not supported [ 211.733310][ T3940] kvm: pic: single mode not supported [ 211.748262][ T3940] kvm: pic: single mode not supported [ 211.752522][ T3940] kvm: pic: level sensitive irq not supported [ 211.755861][ T39] kauditd_printk_skb: 16 callbacks suppressed [ 211.755872][ T39] audit: type=1400 audit(1662861946.574:126): avc: denied { unmount } for pid=3715 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 211.759880][ T3940] kvm: pic: single mode not supported [ 211.787122][ T3940] kvm: pic: single mode not supported [ 211.806422][ T3940] kvm: pic: single mode not supported [ 211.810821][ T3940] kvm: pic: level sensitive irq not supported 02:05:47 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000340)={&(0x7f00000002c0)={0x2, 0x4e22}, 0x10, 0x0, 0x0, &(0x7f0000000800)=[@ip_retopts={{0x14, 0x0, 0x7, {[@rr={0x7, 0x3}]}}}], 0x18}, 0x0) 02:05:47 executing program 2: add_key(&(0x7f0000000140)='pkcs7_test\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd) request_key(&(0x7f0000000080)='asymmetric\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)='encrypted\x00', 0x0) 02:05:47 executing program 1: r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r1, &(0x7f0000000440)={&(0x7f0000000340), 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x14, r0, 0xc5d7fd4e9c433cdb}, 0x14}}, 0x0) 02:05:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x40, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:05:47 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x40, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:05:47 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) sendmsg$inet(r0, &(0x7f0000001a40)={&(0x7f00000005c0)={0x2, 0x0, @broadcast}, 0x10, 0x0}, 0x0) 02:05:47 executing program 1: r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r1, &(0x7f0000000440)={&(0x7f0000000340), 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x14, r0, 0xc5d7fd4e9c433cdb}, 0x14}}, 0x0) [ 211.837882][ T3940] kvm: pic: level sensitive irq not supported [ 213.243954][ T3987] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 213.295408][ T3978] picdev_read: 177 callbacks suppressed [ 213.295425][ T3978] kvm: pic: non byte read [ 213.323962][ T3978] kvm: pic: non byte read [ 213.357804][ T3978] kvm: pic: non byte read 02:05:48 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000100), 0x10001, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, 0xffffffffffffffff) [ 213.420612][ T3978] kvm: pic: non byte read 02:05:48 executing program 0: openat$vfio(0xffffffffffffff9c, &(0x7f0000000000), 0x6041, 0x0) 02:05:48 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x40, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 213.452693][ T39] audit: type=1400 audit(1662861948.274:127): avc: denied { write } for pid=3991 comm="syz-executor.0" name="vfio" dev="devtmpfs" ino=713 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vfio_device_t tclass=chr_file permissive=1 [ 213.456419][ T3978] kvm: pic: non byte read 02:05:48 executing program 0: openat$vfio(0xffffffffffffff9c, &(0x7f0000000000), 0x6041, 0x0) [ 213.515283][ T39] audit: type=1400 audit(1662861948.274:128): avc: denied { open } for pid=3991 comm="syz-executor.0" path="/dev/vfio/vfio" dev="devtmpfs" ino=713 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vfio_device_t tclass=chr_file permissive=1 02:05:48 executing program 1: r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = pidfd_open(r0, 0x0) pidfd_send_signal(r1, 0x4000, 0x0, 0x0) [ 213.633025][ T3978] kvm: pic: non byte read [ 213.652171][ T3978] kvm: pic: non byte read [ 213.673974][ T3978] kvm: pic: non byte read [ 213.682626][ T3978] kvm: pic: non byte read [ 213.687729][ T3978] kvm: pic: non byte read 02:05:49 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x5, 0x4) 02:05:49 executing program 0: openat$vfio(0xffffffffffffff9c, &(0x7f0000000000), 0x6041, 0x0) 02:05:49 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x40, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 213.863555][ T3978] kvm: pic: level sensitive irq not supported [ 214.412209][ T4011] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns 02:05:49 executing program 0: openat$vfio(0xffffffffffffff9c, &(0x7f0000000000), 0x6041, 0x0) 02:05:49 executing program 1: r0 = socket$igmp6(0xa, 0x3, 0x2) sendto(r0, 0x0, 0x0, 0x0, &(0x7f0000000280)=@can, 0x80) 02:05:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x40, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 214.727877][ T39] audit: type=1400 audit(1662861949.544:129): avc: denied { write } for pid=4014 comm="syz-executor.1" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 02:05:49 executing program 1: r0 = socket$igmp6(0xa, 0x3, 0x2) sendto(r0, 0x0, 0x0, 0x0, &(0x7f0000000280)=@can, 0x80) 02:05:49 executing program 1: r0 = socket$igmp6(0xa, 0x3, 0x2) sendto(r0, 0x0, 0x0, 0x0, &(0x7f0000000280)=@can, 0x80) 02:05:49 executing program 1: r0 = socket$igmp6(0xa, 0x3, 0x2) sendto(r0, 0x0, 0x0, 0x0, &(0x7f0000000280)=@can, 0x80) [ 214.994569][ T4022] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns 02:05:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x20) 02:05:50 executing program 0: r0 = socket$igmp6(0xa, 0x3, 0x2) sendto(r0, 0x0, 0x0, 0x0, &(0x7f0000000280)=@can, 0x80) 02:05:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x40, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:05:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x40, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:05:50 executing program 0: r0 = socket$igmp6(0xa, 0x3, 0x2) sendto(r0, 0x0, 0x0, 0x0, &(0x7f0000000280)=@can, 0x80) [ 215.558031][ T4036] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 215.596439][ T4042] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 215.765048][ T4035] kvm: pic: level sensitive irq not supported 02:05:50 executing program 0: r0 = socket$igmp6(0xa, 0x3, 0x2) sendto(r0, 0x0, 0x0, 0x0, &(0x7f0000000280)=@can, 0x80) 02:05:50 executing program 3: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1}, 0x48) 02:05:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x40, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:05:50 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000340)={&(0x7f00000002c0)={0x2, 0x4e22}, 0x10, 0x0, 0x0, &(0x7f0000000800)=[@ip_retopts={{0x18, 0x0, 0x7, {[@rr={0x7, 0x3, 0xfb}, @lsrr={0x83, 0x3, 0x7b}]}}}, @ip_ttl={{0x14}}], 0x30}, 0x0) [ 215.820468][ T4035] kvm: pic: level sensitive irq not supported 02:05:50 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB='\t'], 0x30}}, 0x0) [ 215.980740][ T4035] kvm: pic: level sensitive irq not supported [ 216.004473][ T4052] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns 02:05:50 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000340)={&(0x7f00000002c0)={0x2, 0x4e22}, 0x10, 0x0, 0x0, &(0x7f0000000800)=[@ip_retopts={{0x14, 0x0, 0x7, {[@rr={0x7, 0x3, 0xfb}]}}}, @ip_ttl={{0x14}}], 0x30}, 0x0) [ 216.235550][ T4035] kvm: pic: level sensitive irq not supported [ 216.512737][ T4052] kvm: pic: level sensitive irq not supported [ 216.539884][ T4052] kvm: pic: level sensitive irq not supported [ 216.613366][ T4052] pic_ioport_write: 24 callbacks suppressed [ 216.613467][ T4052] kvm: pic: single mode not supported [ 216.626355][ T4052] kvm: pic: single mode not supported [ 216.639486][ T4052] kvm: pic: single mode not supported [ 216.645491][ T4052] kvm: pic: single mode not supported [ 216.652573][ T4052] kvm: pic: single mode not supported [ 216.658465][ T4052] kvm: pic: single mode not supported [ 216.675558][ T4052] kvm: pic: single mode not supported [ 216.685827][ T4052] kvm: pic: single mode not supported [ 216.697851][ T4052] kvm: pic: single mode not supported 02:05:51 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000080), 0x7, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, "29496c15ab72b348f3e9bcd67a1d93119d7700ed62dc39ae447b034893cc8fae1e3d076271b80e708d33ff42a3ffe29938d6cceb029042f60f871d1b729347b3", "1508d8f838cedfab81c58c68e06b54341150be9fa6cdc32a2c542dcb89bb0edbccf1d4fe52c78ff5c73931acc4c9c058bfbe29cbf1fc31923afa59334c0d14cf", "94520f598d9db18443510bdcc93f06c738d7dcf6e125d37e4a57bbfbae80dbdf", [0x0, 0x4]}) 02:05:51 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) read$FUSE(r0, &(0x7f0000002240)={0x2020}, 0xffffffffffffff43) 02:05:51 executing program 3: r0 = syz_clone(0x20100000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = pidfd_open(r0, 0x0) pidfd_send_signal(r1, 0x0, 0x0, 0x0) 02:05:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x40, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:05:51 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000340)={&(0x7f00000002c0)={0x2, 0x4e22}, 0x10, 0x0, 0x0, &(0x7f0000000800)=[@ip_retopts={{0x14, 0x0, 0x7, {[@rr={0x7, 0x3, 0xfb}]}}}], 0x18}, 0x0) 02:05:51 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000100), 0x14) [ 216.723488][ T4052] kvm: pic: single mode not supported 02:05:52 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) recvfrom(r0, &(0x7f0000000000)=""/105, 0x69, 0x0, 0x0, 0x0) 02:05:52 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x16, 0x0, 0x7, 0x4, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4}, 0x48) 02:05:52 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x7ff, 0x7, 0x7e9, 0x1, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48) [ 217.262964][ T39] audit: type=1400 audit(1662861952.074:130): avc: denied { read } for pid=4075 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 02:05:52 executing program 3: syz_clone(0xe75af667cace14b7, 0x0, 0x0, 0x0, 0x0, 0x0) 02:05:52 executing program 2: r0 = syz_mount_image$tmpfs(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000001e40)=@v1={0x0, @aes128, 0x0, @desc1}) chdir(&(0x7f0000000000)='./file0\x00') add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f00000001c0)={'fscrypt:', @desc1}, &(0x7f00000002c0)={0x0, "615a091a55a8c9a640115d99d981b3886420589c6685d4982a83b71b906769e737201ac6b7a7804454156569cbf3a5be811debc957b5831b89b59d703e748c7c", 0x10}, 0x48, 0xffffffffffffffff) r2 = open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) r5 = dup2(0xffffffffffffffff, r4) r6 = openat(r5, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r6, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) sendmsg$NFT_MSG_GETTABLE(r6, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r6, 0xc0189376, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0x6}}, '.\x00'}) open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x3c1, 0x3, 0x430, 0x0, 0xc8, 0x8, 0x1c0, 0x5803, 0x360, 0x2e8, 0x2e8, 0x360, 0x2e8, 0x3, 0x0, {[{{@ipv6={@remote, @mcast1, [], [], 'erspan0\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x2}}, @common=@inet=@socket1={{0x28}, 0x2}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0x138, 0x1a0, 0x0, {}, [@common=@unspec=@rateest={{0x68}, {'bond0\x00', 'veth1_virt_wifi\x00'}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x490) sendfile(r2, r3, 0x0, 0x8000000a) [ 217.574040][ T4090] fs-verity (sda1, inode 1135): Malformed file signature [ 217.633996][ T4090] xt_socket: unknown flags 0x2 02:05:52 executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f00000011c0)={0x6, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xff3, &(0x7f0000001900)=""/4083, 0x0, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) r1 = memfd_create(&(0x7f0000000300)='U\xffA\x05\xd6\xe7\xfc\xa3\xb0\x04\xe2\x1b\\by\xdc2`U6;\xe3ZoL\x14\xa7\x8c\'\xa3\xcf\xff\xf0+9\xac\\\xa4\xa5=\\\xcc\xf6\xc4R\x88A\x95\xe0\xff\xff\xffX\x91\x1au\x83V\xc1H\xd3\rZ\x01!b\xc0\xaeW\xc5\x1f\xec\xfd\xe3\xc1\a\xeb\\,\x98P \xf2\xfe\xc5\xf9\xd4\x9a\x16\xa6\xb2\xde\x82\xa8\xf9\xcb{\xa9m\x83\xfb\x84\x8e\xef\xe3#\xcf$Df\x89\xe2?`\x96E=-\xd6\x91,4yEE\x1d\x81\x9c\x00\x00\x00\x00\x00\x001N\x1a\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\xcc\xb8o7\t\x0e4$Lb\xf9e\x8dv\xd0Y\x86\x18\v\xd6\xf9\\-\xdc\x00\x00\x00\x00\x00\x00\x00\x00\x8fe\x01m\x00\x00\a4\xf2\x8c\x19\x1e\xf0\xb5_\x93\x98\xb8\xcc\xc2\xc6\x15?\xa44\xd4\x12\xed\xa1\xf1!\xbch\x94\xd6\xf0\x98u\xd0#\x95y\x10\x06^\xde\x0563\x9dX\xdcI\x06\xfe6\x1e^\"\x90\xbf\xa7&\xa3\xb5\x8d\\\xcf\xa1T\v\xd1\x92oV\x8d\xbcGd\x82\xaeD\xe0D\x10\xa9\xdb[\\eN\xbc\xb26-\xcd\xeat\xfa)\xc8\x00\x91<0\xbcf\x8b\xd5\xdb\xd9AC\xf5', 0x1) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000580)='?', 0x1}], 0x1, 0x81806, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, 0x0, 0x24002da8) r2 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r2, r0, &(0x7f0000000000)=0x8001, 0x72) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4320100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@delnexthop={0x30, 0x69, 0x200, 0x70bd27, 0x25dfdbff, {}, [{0x8}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x20008010) 02:05:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x40, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:05:52 executing program 0: bpf$PROG_LOAD_XDP(0x5, &(0x7f00000011c0)={0x6, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xff3, &(0x7f0000001900)=""/4083, 0x0, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) r1 = memfd_create(&(0x7f0000000300)='U\xffA\x05\xd6\xe7\xfc\xa3\xb0\x04\xe2\x1b\\by\xdc2`U6;\xe3ZoL\x14\xa7\x8c\'\xa3\xcf\xff\xf0+9\xac\\\xa4\xa5=\\\xcc\xf6\xc4R\x88A\x95\xe0\xff\xff\xffX\x91\x1au\x83V\xc1H\xd3\rZ\x01!b\xc0\xaeW\xc5\x1f\xec\xfd\xe3\xc1\a\xeb\\,\x98P \xf2\xfe\xc5\xf9\xd4\x9a\x16\xa6\xb2\xde\x82\xa8\xf9\xcb{\xa9m\x83\xfb\x84\x8e\xef\xe3#\xcf$Df\x89\xe2?`\x96E=-\xd6\x91,4yEE\x1d\x81\x9c\x00\x00\x00\x00\x00\x001N\x1a\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\xcc\xb8o7\t\x0e4$Lb\xf9e\x8dv\xd0Y\x86\x18\v\xd6\xf9\\-\xdc\x00\x00\x00\x00\x00\x00\x00\x00\x8fe\x01m\x00\x00\a4\xf2\x8c\x19\x1e\xf0\xb5_\x93\x98\xb8\xcc\xc2\xc6\x15?\xa44\xd4\x12\xed\xa1\xf1!\xbch\x94\xd6\xf0\x98u\xd0#\x95y\x10\x06^\xde\x0563\x9dX\xdcI\x06\xfe6\x1e^\"\x90\xbf\xa7&\xa3\xb5\x8d\\\xcf\xa1T\v\xd1\x92oV\x8d\xbcGd\x82\xaeD\xe0D\x10\xa9\xdb[\\eN\xbc\xb26-\xcd\xeat\xfa)\xc8\x00\x91<0\xbcf\x8b\xd5\xdb\xd9AC\xf5', 0x1) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000580)='?', 0x1}], 0x1, 0x81806, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, 0x0, 0x24002da8) r2 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r2, r0, &(0x7f0000000000)=0x8001, 0x72) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4320100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@delnexthop={0x30, 0x69, 0x200, 0x70bd27, 0x25dfdbff, {}, [{0x8}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x20008010) 02:05:52 executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f00000011c0)={0x6, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xff3, &(0x7f0000001900)=""/4083, 0x0, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) r1 = memfd_create(&(0x7f0000000300)='U\xffA\x05\xd6\xe7\xfc\xa3\xb0\x04\xe2\x1b\\by\xdc2`U6;\xe3ZoL\x14\xa7\x8c\'\xa3\xcf\xff\xf0+9\xac\\\xa4\xa5=\\\xcc\xf6\xc4R\x88A\x95\xe0\xff\xff\xffX\x91\x1au\x83V\xc1H\xd3\rZ\x01!b\xc0\xaeW\xc5\x1f\xec\xfd\xe3\xc1\a\xeb\\,\x98P \xf2\xfe\xc5\xf9\xd4\x9a\x16\xa6\xb2\xde\x82\xa8\xf9\xcb{\xa9m\x83\xfb\x84\x8e\xef\xe3#\xcf$Df\x89\xe2?`\x96E=-\xd6\x91,4yEE\x1d\x81\x9c\x00\x00\x00\x00\x00\x001N\x1a\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\xcc\xb8o7\t\x0e4$Lb\xf9e\x8dv\xd0Y\x86\x18\v\xd6\xf9\\-\xdc\x00\x00\x00\x00\x00\x00\x00\x00\x8fe\x01m\x00\x00\a4\xf2\x8c\x19\x1e\xf0\xb5_\x93\x98\xb8\xcc\xc2\xc6\x15?\xa44\xd4\x12\xed\xa1\xf1!\xbch\x94\xd6\xf0\x98u\xd0#\x95y\x10\x06^\xde\x0563\x9dX\xdcI\x06\xfe6\x1e^\"\x90\xbf\xa7&\xa3\xb5\x8d\\\xcf\xa1T\v\xd1\x92oV\x8d\xbcGd\x82\xaeD\xe0D\x10\xa9\xdb[\\eN\xbc\xb26-\xcd\xeat\xfa)\xc8\x00\x91<0\xbcf\x8b\xd5\xdb\xd9AC\xf5', 0x1) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000580)='?', 0x1}], 0x1, 0x81806, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, 0x0, 0x24002da8) r2 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r2, r0, &(0x7f0000000000)=0x8001, 0x72) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4320100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@delnexthop={0x30, 0x69, 0x200, 0x70bd27, 0x25dfdbff, {}, [{0x8}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x20008010) [ 217.779048][ T4094] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns 02:05:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x4, 0x40, 0x0, 0x0, 0x0, 0x7d], 0x0, 0x600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 218.022958][ T4094] kvm: pic: level sensitive irq not supported 02:05:52 executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f00000011c0)={0x6, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xff3, &(0x7f0000001900)=""/4083, 0x0, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) r1 = memfd_create(&(0x7f0000000300)='U\xffA\x05\xd6\xe7\xfc\xa3\xb0\x04\xe2\x1b\\by\xdc2`U6;\xe3ZoL\x14\xa7\x8c\'\xa3\xcf\xff\xf0+9\xac\\\xa4\xa5=\\\xcc\xf6\xc4R\x88A\x95\xe0\xff\xff\xffX\x91\x1au\x83V\xc1H\xd3\rZ\x01!b\xc0\xaeW\xc5\x1f\xec\xfd\xe3\xc1\a\xeb\\,\x98P \xf2\xfe\xc5\xf9\xd4\x9a\x16\xa6\xb2\xde\x82\xa8\xf9\xcb{\xa9m\x83\xfb\x84\x8e\xef\xe3#\xcf$Df\x89\xe2?`\x96E=-\xd6\x91,4yEE\x1d\x81\x9c\x00\x00\x00\x00\x00\x001N\x1a\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\xcc\xb8o7\t\x0e4$Lb\xf9e\x8dv\xd0Y\x86\x18\v\xd6\xf9\\-\xdc\x00\x00\x00\x00\x00\x00\x00\x00\x8fe\x01m\x00\x00\a4\xf2\x8c\x19\x1e\xf0\xb5_\x93\x98\xb8\xcc\xc2\xc6\x15?\xa44\xd4\x12\xed\xa1\xf1!\xbch\x94\xd6\xf0\x98u\xd0#\x95y\x10\x06^\xde\x0563\x9dX\xdcI\x06\xfe6\x1e^\"\x90\xbf\xa7&\xa3\xb5\x8d\\\xcf\xa1T\v\xd1\x92oV\x8d\xbcGd\x82\xaeD\xe0D\x10\xa9\xdb[\\eN\xbc\xb26-\xcd\xeat\xfa)\xc8\x00\x91<0\xbcf\x8b\xd5\xdb\xd9AC\xf5', 0x1) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000580)='?', 0x1}], 0x1, 0x81806, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, 0x0, 0x24002da8) r2 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r2, r0, &(0x7f0000000000)=0x8001, 0x72) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4320100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@delnexthop={0x30, 0x69, 0x200, 0x70bd27, 0x25dfdbff, {}, [{0x8}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x20008010) 02:05:53 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) recvfrom(r0, 0x0, 0x0, 0x2242, 0x0, 0x0) 02:05:53 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000380)={@empty, 0x0, r2}) 02:05:53 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@getlink={0x20, 0x12, 0x1}, 0x20}}, 0x0) 02:05:53 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x0, 0x0, 0x7e9, 0x0, 0x1}, 0x48) 02:05:53 executing program 2: syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="00400000ec1f00001320000012000000000000000020000000010000f8c4a42ee10000001e000000000000000010cc030200010052654973457233467300000002000000020001000200012000000000010000001231231212331233123112341341241273797a6b616c6c65720000000000000001001e0061fb1963004eed00", 0x80, 0x10000}, {&(0x7f0000010080)="000000000000000000000000010000000300"/32, 0x20, 0x100c0}, {&(0x7f00000100a0)="ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0f00"/1056, 0x420, 0x11000}, {&(0x7f00000104c0)="ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x800, 0x11800}, {&(0x7f0000010cc0)="00000000000000000000000012000000000000000020000000010000f8c4a42ee10000001e00"/64, 0x40, 0x2012000}, {&(0x7f0000010d00)="010002005c0f0000000000000000000000000000000000000100000002000000000000000000000000002c00d40f0100010000000200000001000000f401000002003000a40f00"/96, 0x60, 0x2013000}, {&(0x7f0000010d60)="0000000001000000010000000200000028000400020000000000000001000000200004002e2e0000000000002e00000000000000ed41000003000000300000000000000080761000535f010061fb196361fb196361fb19630100000000000000", 0x60, 0x2013fa0}], 0x0, &(0x7f0000010dc0)) syz_mount_image$gfs2(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xfff, 0x1, &(0x7f00000000c0)=[{&(0x7f00000002c0)="9d64f1778e778896629150137321f3f9a4dc70a561b04df57bdc64d56c55092c6a5e21d93235fd973096d1b418ba5a89a481be36aa927b4443875be6bf55441186474b52034feab47bfa1db1eafc26ac736a4c53050484e4350a5c7ea67d2f8d1676ef75d952b658665a7ad797c270883fe9c6185a2fa6c797d30c2ccdcb9cc1db9297f17b6dea688d7f217c462ee126c7fd14e46666a53371ab8d14af961c40abea801aac77b469328479baf40754608c444c0f903915de92a04c528873c147255b6cff491fc49651aba5240f32209f4d9559871a0322bc5cd7137a21007ef6e443", 0xe2, 0x8000000000000000}], 0x1004041, &(0x7f0000000140)={[{@barrier}, {@norgrplvb}, {@norgrplvb}, {@quota}], [{@subj_role={'subj_role', 0x3d, '-+\\.#'}}, {@smackfshat={'smackfshat', 0x3d, 'reiserfs\x00'}}, {@smackfsdef={'smackfsdef', 0x3d, 'reiserfs\x00'}}, {@fscontext={'fscontext', 0x3d, 'root'}}]}) [ 218.027822][ T4094] kvm: pic: level sensitive irq not supported [ 218.789884][ T4130] loop2: detected capacity change from 0 to 131391 02:05:53 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) ioctl$KVM_ASSIGN_SET_INTX_MASK(r2, 0x4040aea4, &(0x7f0000000080)={0x7fff, 0x8, 0x3ff, 0x4, 0x5}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup2(0xffffffffffffffff, r3) r5 = openat(r4, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r5, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) sendmsg$NFT_MSG_GETTABLE(r5, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r7 = socket$inet6_udp(0xa, 0x2, 0x0) r8 = dup2(0xffffffffffffffff, r7) r9 = openat(r8, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r9, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) sendmsg$NFT_MSG_GETTABLE(r9, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="71e3c0239cf138bec07cf52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22083a51a2ada29dfca789e9f987d7002f56822cfecdd2381866a0d54d95bd87a9a2adff11ca57fde65e0471ebe7085b203c369ba40bd08a15fc5fe758ee6800c8af7a6eb9802b2db0a293b7e88c64a5e9f322e459ef65fa2a17c13b3d7e"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) syz_kvm_setup_cpu$x86(r9, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x0, &(0x7f00000000c0)=[@dstype0, @flags={0x3, 0x41000}], 0x2) ioctl$KVM_RUN(r6, 0xae80, 0x0) [ 218.846008][ T4130] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 218.891321][ T4130] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 218.905803][ T4130] REISERFS (device loop2): using ordered data mode [ 218.934785][ T4130] reiserfs: using flush barriers [ 218.990360][ T4130] REISERFS (device loop2): journal params: device loop2, size 8192, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 219.011774][ T4137] fs-verity (sda1, inode 1135): Malformed file signature [ 219.061205][ T4133] fs-verity (sda1, inode 1135): Malformed file signature [ 219.065188][ T4130] REISERFS (device loop2): checking transaction log (loop2) 02:05:53 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000340)={&(0x7f00000002c0)={0x2, 0x4e22}, 0x10, 0x0, 0x0, &(0x7f0000000800)=[@ip_ttl={{0x14}}], 0x18}, 0x0) 02:05:54 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_GET(r0, &(0x7f0000000240)={&(0x7f0000000040), 0xffffff82, &(0x7f0000000200)={&(0x7f0000000080)={0x170, 0x0, 0x0, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {@pci={{0x8}, {0x11}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {@pci={{0x8}, {0x11}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {@pci={{0x8}, {0x11}}, {0x8}}]}, 0x170}}, 0x0) 02:05:54 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1e, 0x0, 0x8, 0xffff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2}, 0x48) 02:05:54 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) ioctl$KVM_ASSIGN_SET_INTX_MASK(r2, 0x4040aea4, &(0x7f0000000080)={0x7fff, 0x8, 0x3ff, 0x4, 0x5}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup2(0xffffffffffffffff, r3) r5 = openat(r4, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r5, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) (async) sendmsg$NFT_MSG_GETTABLE(r5, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) (async) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r7 = socket$inet6_udp(0xa, 0x2, 0x0) r8 = dup2(0xffffffffffffffff, r7) r9 = openat(r8, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r9, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) (async) sendmsg$NFT_MSG_GETTABLE(r9, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="71e3c0239cf138bec07cf52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22083a51a2ada29dfca789e9f987d7002f56822cfecdd2381866a0d54d95bd87a9a2adff11ca57fde65e0471ebe7085b203c369ba40bd08a15fc5fe758ee6800c8af7a6eb9802b2db0a293b7e88c64a5e9f322e459ef65fa2a17c13b3d7e"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) (async) syz_kvm_setup_cpu$x86(r9, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x0, &(0x7f00000000c0)=[@dstype0, @flags={0x3, 0x41000}], 0x2) ioctl$KVM_RUN(r6, 0xae80, 0x0) 02:05:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 02:05:54 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) ioctl$KVM_ASSIGN_SET_INTX_MASK(r2, 0x4040aea4, &(0x7f0000000080)={0x7fff, 0x8, 0x3ff, 0x4, 0x5}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup2(0xffffffffffffffff, r3) r5 = openat(r4, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r5, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) sendmsg$NFT_MSG_GETTABLE(r5, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r7 = socket$inet6_udp(0xa, 0x2, 0x0) r8 = dup2(0xffffffffffffffff, r7) r9 = openat(r8, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r9, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) sendmsg$NFT_MSG_GETTABLE(r9, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="71e3c0239cf138bec07cf52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22083a51a2ada29dfca789e9f987d7002f56822cfecdd2381866a0d54d95bd87a9a2adff11ca57fde65e0471ebe7085b203c369ba40bd08a15fc5fe758ee6800c8af7a6eb9802b2db0a293b7e88c64a5e9f322e459ef65fa2a17c13b3d7e"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) syz_kvm_setup_cpu$x86(r9, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x0, &(0x7f00000000c0)=[@dstype0, @flags={0x3, 0x41000}], 0x2) ioctl$KVM_RUN(r6, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) (async) ioctl$KVM_ASSIGN_SET_INTX_MASK(r2, 0x4040aea4, &(0x7f0000000080)={0x7fff, 0x8, 0x3ff, 0x4, 0x5}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) socket$inet6_udp(0xa, 0x2, 0x0) (async) dup2(0xffffffffffffffff, r3) (async) openat(r4, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) (async) ioctl$FS_IOC_ENABLE_VERITY(r5, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) (async) sendmsg$NFT_MSG_GETTABLE(r5, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) (async) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async) socket$inet6_udp(0xa, 0x2, 0x0) (async) dup2(0xffffffffffffffff, r7) (async) openat(r8, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) (async) ioctl$FS_IOC_ENABLE_VERITY(r9, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) (async) sendmsg$NFT_MSG_GETTABLE(r9, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="71e3c0239cf138bec07cf52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22083a51a2ada29dfca789e9f987d7002f56822cfecdd2381866a0d54d95bd87a9a2adff11ca57fde65e0471ebe7085b203c369ba40bd08a15fc5fe758ee6800c8af7a6eb9802b2db0a293b7e88c64a5e9f322e459ef65fa2a17c13b3d7e"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) (async) syz_kvm_setup_cpu$x86(r9, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x0, &(0x7f00000000c0)=[@dstype0, @flags={0x3, 0x41000}], 0x2) (async) ioctl$KVM_RUN(r6, 0xae80, 0x0) (async) [ 220.960263][ T4130] REISERFS (device loop2): Using rupasov hash to sort names [ 220.968590][ T4130] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 220.990764][ T39] audit: type=1400 audit(1662861955.804:131): avc: denied { mount } for pid=4129 comm="syz-executor.2" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 221.030273][ T39] audit: type=1400 audit(1662861955.844:132): avc: denied { unmount } for pid=3715 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 221.301652][ T39] audit: type=1400 audit(1662861956.124:133): avc: denied { create } for pid=4159 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 02:05:56 executing program 1: socketpair(0x26, 0x5, 0x6, &(0x7f0000000100)) 02:05:56 executing program 2: syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="00400000ec1f00001320000012000000000000000020000000010000f8c4a42ee10000001e000000000000000010cc030200010052654973457233467300000002000000020001000200012000000000010000001231231212331233123112341341241273797a6b616c6c65720000000000000001001e0061fb1963004eed00", 0x80, 0x10000}, {&(0x7f0000010080)="000000000000000000000000010000000300"/32, 0x20, 0x100c0}, {&(0x7f00000100a0)="ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0f00"/1056, 0x420, 0x11000}, {&(0x7f00000104c0)="ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x800, 0x11800}, {&(0x7f0000010cc0)="00000000000000000000000012000000000000000020000000010000f8c4a42ee10000001e00"/64, 0x40, 0x2012000}, {&(0x7f0000010d00)="010002005c0f0000000000000000000000000000000000000100000002000000000000000000000000002c00d40f0100010000000200000001000000f401000002003000a40f00"/96, 0x60, 0x2013000}, {&(0x7f0000010d60)="0000000001000000010000000200000028000400020000000000000001000000200004002e2e0000000000002e00000000000000ed41000003000000300000000000000080761000535f010061fb196361fb196361fb19630100000000000000", 0x60, 0x2013fa0}], 0x0, &(0x7f0000010dc0)) syz_mount_image$gfs2(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xfff, 0x1, &(0x7f00000000c0)=[{&(0x7f00000002c0)="9d64f1778e778896629150137321f3f9a4dc70a561b04df57bdc64d56c55092c6a5e21d93235fd973096d1b418ba5a89a481be36aa927b4443875be6bf55441186474b52034feab47bfa1db1eafc26ac736a4c53050484e4350a5c7ea67d2f8d1676ef75d952b658665a7ad797c270883fe9c6185a2fa6c797d30c2ccdcb9cc1db9297f17b6dea688d7f217c462ee126c7fd14e46666a53371ab8d14af961c40abea801aac77b469328479baf40754608c444c0f903915de92a04c528873c147255b6cff491fc49651aba5240f32209f4d9559871a0322bc5cd7137a21007ef6e443", 0xe2, 0x8000000000000000}], 0x1004041, &(0x7f0000000140)={[{@barrier}, {@norgrplvb}, {@norgrplvb}, {@quota}], [{@subj_role={'subj_role', 0x3d, '-+\\.#'}}, {@smackfshat={'smackfshat', 0x3d, 'reiserfs\x00'}}, {@smackfsdef={'smackfsdef', 0x3d, 'reiserfs\x00'}}, {@fscontext={'fscontext', 0x3d, 'root'}}]}) syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="00400000ec1f00001320000012000000000000000020000000010000f8c4a42ee10000001e000000000000000010cc030200010052654973457233467300000002000000020001000200012000000000010000001231231212331233123112341341241273797a6b616c6c65720000000000000001001e0061fb1963004eed00", 0x80, 0x10000}, {&(0x7f0000010080)="000000000000000000000000010000000300"/32, 0x20, 0x100c0}, {&(0x7f00000100a0)="ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0f00"/1056, 0x420, 0x11000}, {&(0x7f00000104c0)="ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x800, 0x11800}, {&(0x7f0000010cc0)="00000000000000000000000012000000000000000020000000010000f8c4a42ee10000001e00"/64, 0x40, 0x2012000}, {&(0x7f0000010d00)="010002005c0f0000000000000000000000000000000000000100000002000000000000000000000000002c00d40f0100010000000200000001000000f401000002003000a40f00"/96, 0x60, 0x2013000}, {&(0x7f0000010d60)="0000000001000000010000000200000028000400020000000000000001000000200004002e2e0000000000002e00000000000000ed41000003000000300000000000000080761000535f010061fb196361fb196361fb19630100000000000000", 0x60, 0x2013fa0}], 0x0, &(0x7f0000010dc0)) (async) syz_mount_image$gfs2(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xfff, 0x1, &(0x7f00000000c0)=[{&(0x7f00000002c0)="9d64f1778e778896629150137321f3f9a4dc70a561b04df57bdc64d56c55092c6a5e21d93235fd973096d1b418ba5a89a481be36aa927b4443875be6bf55441186474b52034feab47bfa1db1eafc26ac736a4c53050484e4350a5c7ea67d2f8d1676ef75d952b658665a7ad797c270883fe9c6185a2fa6c797d30c2ccdcb9cc1db9297f17b6dea688d7f217c462ee126c7fd14e46666a53371ab8d14af961c40abea801aac77b469328479baf40754608c444c0f903915de92a04c528873c147255b6cff491fc49651aba5240f32209f4d9559871a0322bc5cd7137a21007ef6e443", 0xe2, 0x8000000000000000}], 0x1004041, &(0x7f0000000140)={[{@barrier}, {@norgrplvb}, {@norgrplvb}, {@quota}], [{@subj_role={'subj_role', 0x3d, '-+\\.#'}}, {@smackfshat={'smackfshat', 0x3d, 'reiserfs\x00'}}, {@smackfsdef={'smackfsdef', 0x3d, 'reiserfs\x00'}}, {@fscontext={'fscontext', 0x3d, 'root'}}]}) (async) [ 221.384156][ T4157] fs-verity (sda1, inode 1135): Malformed file signature [ 221.398451][ T4157] fs-verity (sda1, inode 1135): Malformed file signature [ 221.423115][ T4167] loop2: detected capacity change from 0 to 131391 [ 221.436853][ T4167] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 221.446685][ T4167] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 221.454890][ T4167] REISERFS (device loop2): using ordered data mode [ 221.459582][ T4167] reiserfs: using flush barriers [ 221.465467][ T4167] REISERFS (device loop2): journal params: device loop2, size 8192, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 221.479364][ T4167] REISERFS (device loop2): checking transaction log (loop2) 02:05:56 executing program 1: add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f00000001c0)='1', 0x1, 0xfffffffffffffffc) 02:05:56 executing program 1: add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f00000001c0)='1', 0x1, 0xfffffffffffffffc) 02:05:56 executing program 0: r0 = syz_open_dev$vcsu(&(0x7f0000000040), 0x20, 0x0) read$msr(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl2\x00', &(0x7f0000000080)={'ip6tnl0\x00', 0x0, 0x29, 0x8, 0x0, 0x6, 0x28, @loopback, @ipv4={'\x00', '\xff\xff', @remote}, 0x700, 0x1, 0xfb41, 0x7e}}) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000002200)=ANY=[@ANYBLOB="d51d02006400000127bd7002fedbdf2500000000", @ANYRES32=r1, @ANYBLOB="f2ff10000e000700f1ff0f000c0001007463696e64657800d81c02000800040001000000140506003c000100050000000800000001000000000000000400000081020500c7da001009000000040100008100f9ff0200000007000000ff000000ff0f000008000400000000000c000800975e0000000000003c00010008000000000000000500000005000000f9ffffff0002ff070700050003000000010101003c00a47c090000000500000015000000b42965483c000100030000000000002008000000040000000010000007010000000008008760b44fb7020300010402000800000004000000410f0000060000003c00010005000000020000007f0000000700000000000000030001010d5d0800000000000502080001f8070008000000ff01000002000000010000000404020000040000030000000000000402000000020000000300000004000000000400000800000004000000090000000600000000000000030000000101000001000000020000000700000000000080050000000180000003000000060000000600000096d7000000080000fdffffffe60000000000010000020000000800000100000005000000c440000060000000fcffffff81b3000060b5140009000000ca00000009000000010000803c0000003f0000000001000001000000000000000000000002000000020000000000000001040000abb8ffff0200000007000000faffffff00000000030000000700000003000000fb00000001000000feffffff07000000020000003f0000000100000006000000cb00000000000000e341000000000000ffffff7f05000000040000000104000008000000200000000400000006000000000000000008000000000000ad38000000010000010001000600000000000000e762000005000000aa0000000500000086fc00000000ffff06000000c1d4000000000000ffffffff01800000ff7f000000000000010000000100000009000000ac4d0000008000000900000001010000050000005d00000000800000ffff0000ff7f0000da0000000400000009000000060000007900000000000000090000000000000006000000990000000600000008000000000000001000000003000000010400000000000006000000ff010000000010000000000000000000ffffff7f07000000040000000300000001000000010100000300000000010000000000001f000000090000007f0000008300000001000000020000001f00000007000000307c000002000000030000000900000000000000ff0f00000600000001000100090000007fffffff001000004000000004000000010000000500000003000000391d0000f8ffffff3f000000000400000600000008000000e019000005000000ffffffff4c000000060000000600000001000100050000000100000000800000d2000000000000000100000000080000310800000100000001000100d400000009000000050000000900000009000000030000000800000004000000e00200008000000006000000ff0300000acd00000001000003000000ff070000c0ffffff8a0e0000fcffffff0100008006000000000000004e060000450600000000000000000000070000002500000009000000fdffffff46ffffff3f00000001000000010100000180000000100000020000000000000007000000810000000300000009000000ff0f000000000000060000005008000000040000040000000200000000000000075b000001040000030000000100000055b5000001000080550000000100000033000000008000000000000006000000010000801f00000051000000080005000300000008000400000000000800050009000f00100006000c000900840000000000000074130700900008000c000100736b6265646974004c0002800600040040000000060007000200000008000300f3ff01000600040000010000080003000000f2ff06000400090000000800030007000200060007000200000008000500020000001b00060054afd02c1d1192c1051f46f30795b7f807167b700d0311000c00070001000000000000000c0008000100000007000000900101000c000100736b62656469740064000280060004000300000008000300f3ffe0ff080005000000000008000500e8570000060004001e000000180002008a8bde750600000008000000080000007f00000018000200ffff00000900000000000020010100001e010000060004000700000003010600da213397dd0b9f3f6dff1c21679e27a15ad01d024585149ee76acc414b914e95f60efc0ba0b5d5cff38c4af709533361297b4d37ef62db6d1e457b262fd021688afe29fef9e5ac1be0f63cbfbea27ff6789015da3fb38a5b8dc09dc998e12af313259a069d2067839da5fbb1a4c85efc384210887bc4d41da669f7a14610df0f337dbe34c115568e4013d9e053b4ac59819c4a4b585d91cf1a6f87296cd4366076e119c37c5c76040a5a96615f046c1186ff29901025dfebda389ca540e22ab7930ad4d1673de17708eb1845212265f3b0fca3103e65ef3a89ca2cb0ba0c838cf0e2e4a84068d113ff96656b46922ff0ccd7170854fa3dcf177a9f5ed1bbeb000c00070000000000010000000c0008000200000002000000100108000b00010073696d706c65000074000280080003005c5b2a0014000300200100000000000000000000000000010f0003002f6465762f7663737523000018000200090000000000000000000000ffffff7f010100000c00030073797a746e6c310007000300242a000018000200050000000e000000fffffffff8ffffff0400000072000600974bbcc2d4f1aa4e5cfa0ad4cdbf2e6bfa3c50e687bbe3569f9fd236682397fc1a98e36bb2d82801cc23e6b4208ed726cf823324a6a342d573f0a9c73256a4d8e27777ce216927392b5fdd851d8f2201e24cfdcc1881b784b4c84162a339f77e26153483bd563f9db42b7c9c110a00000c00070001000000010000000c00080001000000030000004010090007000100637400001800028014000700832a1d9dd90bf1dcf41efc46506648c604100600a80162db4a983ee717f359623547574916b625e0b0cec94fa663f32e1e4d81e605a5af241d9feb22d811af67a9c84db53241b6f89184b098034a4d4c3b821bf4ccc1392093d4bda5c8529eeb1e019f7604c6f08d095d94b5739ffb6c11f3da1117413452eacbe902e75697946a89c74d2430630c21c1807707236fdb63d43bc579941badc361a4c5a1418d1e17301e37af9166a264d704eac97ee9db0b37f78c8ed1f86b6cb47f96bc2ff8f4a5b88ed518ad74ad314433e02bcd4bbc3a9a57829326bb82e6e64fc2931656d4aeafe8566bdcc17faf1acd80ab624d4ce84379784b3cd46e635fb52c246dc1654d72f627c4138b587bef468bee9629b4024451830ce5ebd45d58ba43046021298add1749a3dfcefa251b2179b1b25ba567f3ebc6eccb21189b95b8c8436f96212cbcdaf3a41641126d5591f9d0af94f075bc954bdee80b56d0d4891d654c93079f1dec7c160d43d8c94a0e4577186b586c61a356c1c34227794c64b93ba2a027865ad1dd666a41d0f8878f5ccae3341e978f6d730d0dc5dc1c04effbd0c614fbed046d9bd51ddab97b054d894447e4688dbd137c9d3e71c53e349e87053f541df77acf434951a6e915ba117aa190fcb72311b2cb25fe342f9088e4d2b261356f5336b4ef66fed994abe7b373a94836e5acd47f6a8a908365c2848dbd297295a4f0c026f1ef1a5e3e969d8a150aaa8b50874e554325902b0d0f00a40fcc503a62ab816b67b88fa24114fa0ce5bfa0722bd1fe1d3d7718ba175f68e50cbe12825afdbdd934eb5e8c708f62cbecffde90585d47fe618e1aad881990711423ed4c6efb67998a6adb2e5cbc199b1a271437124d2dd5957e79e98e7008312538d17aa09fc3aaba0de6a3f2f5429c0b1d2fd0bf740840d782168f5e6fe3a9686e7a4adde7e4449fb4c3065760cc9df2451d12507e08f93a5d0e3d6e8d39ab15dce33203692d3318428dcc7a23d3e9112700ab6511d18be6857da490b5febdf8d138256740ea5ed7fb890b56f011ffecf6223c98448ffc2d8382ac9cf54fad54b437664d15ca0c2efcf133e73cc66e573c134ea1dbe84db5c2e785caf216344644029e300916246df0993e5d5143e0cfdc180c74fc0204fe8d7412892864bda0fb167520daba55891939986a322de9906f0b5e6b9e76352571bfcdf0cf448ff059c044decb536ec2741a732878601c5faa4da14fb24deaa56f55af8bb4775ca07b483dc1ef657778744d730eaa9281e2d89476e2938a8a97862eff3e88ae0adf7bb450fc7c4ffbe5edc429fdb301dc7917036ac09a7d302387c01ad62ce9ea023ed825b26e6a851048a1e707b89c7e232d473b9f640d83f4db85b445c7888d25b4c82832bfe2aef251c64e9c17445b87dc0557bcf6ad5d6be5c165275ae00cd0b30b1e299db12ad14b5e3b28a242d9f19b999ff40b2946a96c6eb6711cdb4e74969031451baa2c960669d19a840490d5d740b9c241bce14a6c25c9cee63616933011875faab1f26afd6608be71dbd767e932fb22f55924df199d9e5aeec0ea120204af4f2bc567253fcffe638d5959999ae411cc2c20969453a02783291c6fe9afe4af4dd01db4a2351296c486c15c1b41ed740fbf0da2ee902f65d2768f9f40f45aef73a06cbf75f5129e8ea1549a0abe0c0cae447ab08a009a4c428d241500676471662733079affb61cd7efc804111676eb72e043ff0389312f5810e9c2b7f4a8e7db630fc791db7f78aa886493aa5484879d3a00b93108e024be7fc1adc90127e33ea13b4d122feb18c5f4f8d252edc65b9c3296ec88e089ccc8614d57b5d5ce9c08223e41893738e8da4505ed757542f64217a791b114aaf9869942fc620dfca8faaca093dcd3777bbae0e5220cb66caacbeea6df75eca902fd0d1e308c9e508011ec018821d04c84db215d18272651a58b38797a2a0dc499f079c1a09d9c39151ae2518e872e91fd79c609eb4b01bc58ac50d51c4216479bbf2844625832b60e4fc91597bc28299a97ff5f1f0e4b53c58eead6923135c3026dd23044f3cb03ead802b23c25a573c3c5a2aa84c04e09b323b312d977f0af42d14e4c687f595438dbd857bb7450fc3fdaea91cc9a4c6a8b7b66eda64dbfdabe015893430f5ea58103ec36e6a6f531ddd8bf5c3bc4cc6ce77dbbd25ed5d349c145afdefa112b1278ca07b7a63429c7908465df7085fd116e0115a6331d0eec7eb062d22ba13e9d75b625c699e278624711cbf4cad96764b99fa70a0c789d389fd69aedb5d517d496477d19782ad428d1a540e710cc263d458b3a33aaf58f87bea0b66fd2aeb85897c13664108093de5e1ef50a9677de55fc57d6c49bfbacf75fe3afdc9d1b5d891b035e423f19a91f050d9a00ab4b8b2dd803a9eef4b059c7848858ea722212fba3f15352fbd10033268fc72bcadfd8dccf17f8994790c6cdf6ece1129333a4fe57844168b40e8a8773c892ab67a96dce64f8e97b464ca4b5cfb66989d2c1f53bde2be826639c605e696055f39d021b6b53c57d9dc1e64042746bfdd45da3293dd20fb1c36c5e8bef20b10db4ef10881785580d07bb2f65591fa16e2897642de4ecd111dd370e9d87960614f67c7f25c53bb0b7def7a2c29d20c7d378becc004aa25bdaf51d3b64b6fe93ce6c3fa39b7371c9de6aa258b3a0f132f2979de59bc34667ca7cbde12d786103a6a4e547f1ae9bae68c716252b8d65f860f26ca4748650a8f769a06f7228b140c9d2e9538807550aaa3db82cc2ac1c132bcb8c4a9c0b3fc504310fc5fddea3a5e570119973b887db6bcd7d08969a24a05167c96618edf7b26886207521c346bdf6cd5d94f0fdaba75a5daacb5526469b0df50399607b1d2d0d80386e763e4dce1689971d15bac9c8027a57996062cc3b9099e6690505435578bac36659030716158194abacdd6186218a3a5d0dcdc06ffd75344964c0f25dafc97c0b2ca53309333bc2e3cfb85f53bfb82bf6e95b88ef995805db24a6c927e69d85edd4a075e0230f3d8a38e8c85e2d39caf08526fbae71c87e6bb5143d7880859ecb2044245612621d9af709c45c0dfd9accceab28c4d6d14524e56665c07402a98e87729f30ec2bcbd4092e26f7b303e23ea711ff4b2d7fa800281e4fd32423688c5494515cfa3c97b287e1967af9af269e4dbc7f5a15b81fc9f20b7abd407b4e10e7f5b919abe7dfa7bc1444cd760482cd6c81a7f69993e9bb1d0b0109ea997654ea5b33e19bb9408fc7387fc61c02319136fac7a5b989abaa19b8ab1d1afd4b57cc87f293675b79bf46d51c3cefbf4b893350f0e928a9b539aa0462a2efd698c4e48096531a651fa117c8b8dbd9f51621c1fb5b9d9305fcb71fade4487922558b5452bbdde2375b2146786c47c5a784c530480b72b481b266c80bf779219a9756e0a6d7086260d906823a6d4b7f3cb504253fe5937eaac74a7fe4dad639440c375364b23dba53516be920161d9f6ca46c2ba83972a9aaf7cb1fac8900edd03f46f5a6a4ceb86d22437499e82d3dc67b1c2c45c743f498213276ce4861f6b6915416aec026fefbff10788db9e28456a0799e4ded1a0b188c532e0cbd3b371773f4f61ec171c982e771c27316ac47a3c63900076e5fac2803dd9a07fe84f72bc72f70daa0ad16cb231f62a09317ea9806e1f2f12743fa30c191ac3d8885c30f356c4d7a0de6b6863ea53755abbc0099a1eeeb2a1ba3481eff7f1d34f6c65c11648c5f0fca72262a221272e976e6c2d0bbb5ed208e4c77c9a161268acee401880ddec9375f21f3492d5f432a9119035bf7a523a116d57e97a93ec675981c15fc47e1a9584919ce418e9603df37998f643bf593db544c95c02e7512b348fdba2459780ca1885d81e6352fb4e70ab63ab7c1c46cf054169636d9d858b11268b2db929b61519cdaa61232193c3b2a565e90825f003f7296f8431fe577dd4d2de52ee528eb3d7dd945d7ec95815404713f1a551a06f56aeef17183109012463bcfaf301bcd5164699b43db8bbe3181f7331eca14ebf034b6653594152adc5ed49238a9eed6ab0bd32bdad77da6f10afe8945dda1edf571a77a9f425cb1385e965676ed8c491e0cb75d89adc7b89cfa13c88da39b8727b583fcd2d43cca1e0691e40d28883ce0b4f6a8f088e73643c6bda34c12412eba2188caa882d763a6cd81ef9c20db25baf4303b9d38c1077f5171122b1d09dc05f5dc1ecbf9ad44e827b1bce4ef8f484fb93684f1e175ee7efa0da53eea89c118133dde334dfd3bab602b51d20da16b44f9b776703c5b12c5fd92a467e0b7db47e41a846d5cb1fd1611639b6ac8d6c4b27d2dea49ae09068efaed9a8a9b11d125b027843ca30b410b55f1427e604bc1abc3225c14b5f7a9783f83014bcb5d6195955801bc765159079277aec572e1c3ab1632b165460da2e4bfe32b33b2473bc4c517ebb72d068a642d4216fc3ad3c0af673b2a621105cfc7e5a5391cafee93b87db8df616648ceb620f23f90bd137527d4cb4e1ff137dd5e35f129ebef1b7a6423af2769823524bfc889cdd8b95fbb3ca0d70f084eb92d0e62cd1a918a0b06415e3d4f3a1d56f6fe46ad8277b87d18a6781c0741dd6b96bacee981779addb0d79b310025520700bc62fc96b31cb4c1203a07860c929028cdc46487487731428119774e20ae03d1abe2128eec4889102560b25c1204609035b0a0c8d6605bb118ff12ed19bfc1bc4e8cb511f302a7b35a82310db96c57f34bc28fa90343cd3b15c25a5935ec0da9bce1f25f93e72caefd6f3b6a34d6b28c835df1083125722136420e76d14abeeaf012a511105c9e85b99d0beed74daf5a8ed66c5c6c1741c82a9e58acae72a1171502b45569387d3ff82118fcbaec25794fae54100aa5a803a9de3901e3341c143b32c829d2d9c6c685384e89ffe729262fbe51cfaa7aa7552de41b775165fff28ba5b844081dd32a12f8bbc6fd02d5f3f0110f3b251240a4ce2a74eedc7da7899c4bb3f7aa00d7bd64ce4322890d894bc77a0649a8f44b6ee3a805b008e4f636f54eb400a8249cec37b2541587e2b683221cf53eabf6258f05017e7e55c04848b7e66d85b765a9aa6b4f8304ce8ead3fb65c31f4fc7dc4c0c69761655ab7a70253771362b7a4ae1135cd38ca9691fed3a64e86593f4bc2749318f4a9c7e6d3c99ee7f85bd107e9259e632c5825da504de5deac2fac222dc335e0214791e38ebaaf7f18eabdb7d8ec8c4dfa6c62a51c1a5698040020c79912d45023d5730c462c0cc75d1a82eb69541adc909f47f0d700d41f5dfcdc19158a8c9d2306b605718e5472d44e097e3b57bc680f7d885634c6d731dfd5f4f7b18ca7cad81c2d45d08c13e3509ff839886879997993e0135a06be8d749ee7c57a3be113f5ada4be3248135147df0208b0880fbbb80efec2110599c369458ab42ade4a74018f33ddd8b4c9cf9f6cf7280fcc072208bf5bc0560217a168e51f951681469c4fa956d68f6aa1b3f2e411b03fe4face1d6ef8ebdf74c7b8ff5bd9e8e7302bad1b59799a62aab5b9dc73a2c95be7d4467407ad2877087a3fafcfbc2cb80224b1504617e6979fd99bef9f3254d5874567eddab4e8d6da7d3f281b2e8af2eeaee6a73058704ed8fc48f898e74d75968210bb58ab2598ca8afdd08e3ff50c9f97295361ea06dbc81279316e587a9ece28988bfb53665fff64c0ce40664a4766f51415bdf02a6d49c98c86480d7136a9adc0c7930952be203b68f35b45a13d3246b39a5cc8fc28963886b74678ad8c0074309cf494cee562066520f25aaa5d0c00070001000000010000000c000800000000000100000006000200050000001404060004040300fcffffff060000000500000003000000090000001f0400000000010000000000ff000000050000000004000098af000002000000010001007a000000980800000008000002000000ffff000005000000080000002a00000041a30000010000002d8cf26e0600000002000000070000000600000081000000000000007aeb0000ff00000005000000010000000000000003000000010000000000008001800000660c0000040000000700000001010000000000003400000005000000090000000600000099080000ffff0000e30e00009b0000001f00000006000000d70000000700000000000100f9ffffff02000000030000000800000003000000ffffffff058d000071000000db080000e5630000553c183e00000000060000000600000008000000400000000100000007000000000000000080000003000000fbffffff04000000fbffffff8200000076000000eed2ffff02000000010001000500000008000000060000000101000007000000090000006a0a00000300000003000000ffffffff06000000000000000180000091000000010000007f0000000200000001800000ffffffff09000000020000000400000002000000018000000500000004000000080000008100000009000000050000000000000008000000b7000000080000000200000000000000ff00000004000000020000000200000095d20000000001000180000002000000ff01000006000000018000000800000080020000040000001d000000070000000800000062000000050000007fffffffff030000ff0f00000900000001000080e1ffffff09000000ff070000010000000000f8ff05000000000000000000000000000080010001000100000002000000000000c0020000000400000000000080ffffffff0104000003000000030000000400000007000000030000000400000080000000070000000900000000000000030000001d02000008000000000000000180000005000000008000009f000000feffffff0000010000000000010400000100000001010000000000000001000000040000b000000001000080000000000080000003000000ff0f000001000000030000002a4f000001000000050000000500000001000000f8ffffff05000000008000000700000006000000050000008715000004000000060000001f000000c7090000040000000700000005000000ff070000400000000100000000000000000200000100000001000000800000000800000020000000981b00000000000000000000dde6000000020000010001000300000006000000698400000002000001040000ff00000005000000de0a00000300000009000000ffff000007000000000200001f000000090000000800000002000000000100000000000040000000010000000c000800c0ffffffffffffff0800030000000000060005002c0800000600050009910000"], 0x1d18}, 0x1, 0x0, 0x0, 0x4004000}, 0x45) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'ip6tnl0\x00', &(0x7f0000000200)={'ip6tnl0\x00', r1, 0x4, 0x5, 0x7f, 0x7, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2={0xfc, 0x2, '\x00', 0x1}, 0x8000, 0x20, 0x80000000, 0xb4a}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'ip6gre0\x00', r2, 0x2f, 0x5d, 0x4, 0x6, 0x1, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8000, 0x7800, 0x80001, 0x3}}) r3 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'team_slave_1\x00', 0x0}) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000600)={0x5a, {{0x2, 0x4e21, @remote}}}, 0x88) r6 = dup2(0xffffffffffffffff, r5) r7 = openat(r6, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r7, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) sendmsg$NFT_MSG_GETTABLE(r7, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) listen(r7, 0x8001) r8 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000500), 0x242600, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r8, 0x89f2, &(0x7f00000005c0)={'syztnl2\x00', &(0x7f0000000540)={'syztnl0\x00', r2, 0x29, 0x8, 0x7f, 0xfffffffe, 0x38, @dev={0xfe, 0x80, '\x00', 0x20}, @mcast1, 0x80, 0x700, 0x8, 0x8}}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000700)=ANY=[@ANYRESDEC, @ANYRES32=r3, @ANYRESDEC=r0], 0x34}}, 0x4091) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000140)='highspeed\x00', 0xa) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000400)={'ip6tnl0\x00', &(0x7f0000000380)={'syztnl2\x00', r4, 0x2f, 0x4, 0x97, 0x800, 0x20, @ipv4={'\x00', '\xff\xff', @multicast2}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8001, 0x40, 0x5, 0x1}}) 02:05:56 executing program 3: add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000200)="8d", 0x1, 0xfffffffffffffffc) 02:05:56 executing program 1: add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f00000001c0)='1', 0x1, 0xfffffffffffffffc) [ 221.579099][ T4176] syz-executor.0 uses obsolete (PF_INET,SOCK_PACKET) 02:05:56 executing program 1: add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f00000001c0)='1', 0x1, 0xfffffffffffffffc) [ 221.594908][ T39] audit: type=1400 audit(1662861956.414:134): avc: denied { ioctl } for pid=4175 comm="syz-executor.0" path="socket:[36103]" dev="sockfs" ino=36103 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 221.608628][ T4176] fs-verity (sda1, inode 1135): Malformed file signature 02:05:56 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="12000000", @ANYRES16=r1, @ANYBLOB='\t'], 0x30}}, 0x0) [ 221.654958][ T39] audit: type=1400 audit(1662861956.454:135): avc: denied { setopt } for pid=4175 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 222.608125][ T4167] REISERFS (device loop2): Using rupasov hash to sort names [ 222.614750][ T4167] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. 02:05:59 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa}, 0x48) 02:05:59 executing program 2: syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="00400000ec1f00001320000012000000000000000020000000010000f8c4a42ee10000001e000000000000000010cc030200010052654973457233467300000002000000020001000200012000000000010000001231231212331233123112341341241273797a6b616c6c65720000000000000001001e0061fb1963004eed00", 0x80, 0x10000}, {&(0x7f0000010080)="000000000000000000000000010000000300"/32, 0x20, 0x100c0}, {&(0x7f00000100a0)="ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0f00"/1056, 0x420, 0x11000}, {&(0x7f00000104c0)="ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x800, 0x11800}, {&(0x7f0000010cc0)="00000000000000000000000012000000000000000020000000010000f8c4a42ee10000001e00"/64, 0x40, 0x2012000}, {&(0x7f0000010d00)="010002005c0f0000000000000000000000000000000000000100000002000000000000000000000000002c00d40f0100010000000200000001000000f401000002003000a40f00"/96, 0x60, 0x2013000}, {&(0x7f0000010d60)="0000000001000000010000000200000028000400020000000000000001000000200004002e2e0000000000002e00000000000000ed41000003000000300000000000000080761000535f010061fb196361fb196361fb19630100000000000000", 0x60, 0x2013fa0}], 0x0, &(0x7f0000010dc0)) (async) syz_mount_image$gfs2(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xfff, 0x1, &(0x7f00000000c0)=[{&(0x7f00000002c0)="9d64f1778e778896629150137321f3f9a4dc70a561b04df57bdc64d56c55092c6a5e21d93235fd973096d1b418ba5a89a481be36aa927b4443875be6bf55441186474b52034feab47bfa1db1eafc26ac736a4c53050484e4350a5c7ea67d2f8d1676ef75d952b658665a7ad797c270883fe9c6185a2fa6c797d30c2ccdcb9cc1db9297f17b6dea688d7f217c462ee126c7fd14e46666a53371ab8d14af961c40abea801aac77b469328479baf40754608c444c0f903915de92a04c528873c147255b6cff491fc49651aba5240f32209f4d9559871a0322bc5cd7137a21007ef6e443", 0xe2, 0x8000000000000000}], 0x1004041, &(0x7f0000000140)={[{@barrier}, {@norgrplvb}, {@norgrplvb}, {@quota}], [{@subj_role={'subj_role', 0x3d, '-+\\.#'}}, {@smackfshat={'smackfshat', 0x3d, 'reiserfs\x00'}}, {@smackfsdef={'smackfsdef', 0x3d, 'reiserfs\x00'}}, {@fscontext={'fscontext', 0x3d, 'root'}}]}) 02:05:59 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000100), 0x9c) 02:05:59 executing program 0: r0 = syz_open_dev$vcsu(&(0x7f0000000040), 0x20, 0x0) read$msr(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl2\x00', &(0x7f0000000080)={'ip6tnl0\x00', 0x0, 0x29, 0x8, 0x0, 0x6, 0x28, @loopback, @ipv4={'\x00', '\xff\xff', @remote}, 0x700, 0x1, 0xfb41, 0x7e}}) [ 224.466652][ T4191] loop2: detected capacity change from 0 to 8192 sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000002200)=ANY=[@ANYBLOB="d51d02006400000127bd7002fedbdf2500000000", @ANYRES32=r1, @ANYBLOB="f2ff10000e000700f1ff0f000c0001007463696e64657800d81c02000800040001000000140506003c000100050000000800000001000000000000000400000081020500c7da001009000000040100008100f9ff0200000007000000ff000000ff0f000008000400000000000c000800975e0000000000003c00010008000000000000000500000005000000f9ffffff0002ff070700050003000000010101003c00a47c090000000500000015000000b42965483c000100030000000000002008000000040000000010000007010000000008008760b44fb7020300010402000800000004000000410f0000060000003c00010005000000020000007f0000000700000000000000030001010d5d0800000000000502080001f8070008000000ff01000002000000010000000404020000040000030000000000000402000000020000000300000004000000000400000800000004000000090000000600000000000000030000000101000001000000020000000700000000000080050000000180000003000000060000000600000096d7000000080000fdffffffe60000000000010000020000000800000100000005000000c440000060000000fcffffff81b3000060b5140009000000ca00000009000000010000803c0000003f0000000001000001000000000000000000000002000000020000000000000001040000abb8ffff0200000007000000faffffff00000000030000000700000003000000fb00000001000000feffffff07000000020000003f0000000100000006000000cb00000000000000e341000000000000ffffff7f05000000040000000104000008000000200000000400000006000000000000000008000000000000ad38000000010000010001000600000000000000e762000005000000aa0000000500000086fc00000000ffff06000000c1d4000000000000ffffffff01800000ff7f000000000000010000000100000009000000ac4d0000008000000900000001010000050000005d00000000800000ffff0000ff7f0000da0000000400000009000000060000007900000000000000090000000000000006000000990000000600000008000000000000001000000003000000010400000000000006000000ff010000000010000000000000000000ffffff7f07000000040000000300000001000000010100000300000000010000000000001f000000090000007f0000008300000001000000020000001f00000007000000307c000002000000030000000900000000000000ff0f00000600000001000100090000007fffffff001000004000000004000000010000000500000003000000391d0000f8ffffff3f000000000400000600000008000000e019000005000000ffffffff4c000000060000000600000001000100050000000100000000800000d2000000000000000100000000080000310800000100000001000100d400000009000000050000000900000009000000030000000800000004000000e00200008000000006000000ff0300000acd00000001000003000000ff070000c0ffffff8a0e0000fcffffff0100008006000000000000004e060000450600000000000000000000070000002500000009000000fdffffff46ffffff3f00000001000000010100000180000000100000020000000000000007000000810000000300000009000000ff0f000000000000060000005008000000040000040000000200000000000000075b000001040000030000000100000055b5000001000080550000000100000033000000008000000000000006000000010000801f00000051000000080005000300000008000400000000000800050009000f00100006000c000900840000000000000074130700900008000c000100736b6265646974004c0002800600040040000000060007000200000008000300f3ff01000600040000010000080003000000f2ff06000400090000000800030007000200060007000200000008000500020000001b00060054afd02c1d1192c1051f46f30795b7f807167b700d0311000c00070001000000000000000c0008000100000007000000900101000c000100736b62656469740064000280060004000300000008000300f3ffe0ff080005000000000008000500e8570000060004001e000000180002008a8bde750600000008000000080000007f00000018000200ffff00000900000000000020010100001e010000060004000700000003010600da213397dd0b9f3f6dff1c21679e27a15ad01d024585149ee76acc414b914e95f60efc0ba0b5d5cff38c4af709533361297b4d37ef62db6d1e457b262fd021688afe29fef9e5ac1be0f63cbfbea27ff6789015da3fb38a5b8dc09dc998e12af313259a069d2067839da5fbb1a4c85efc384210887bc4d41da669f7a14610df0f337dbe34c115568e4013d9e053b4ac59819c4a4b585d91cf1a6f87296cd4366076e119c37c5c76040a5a96615f046c1186ff29901025dfebda389ca540e22ab7930ad4d1673de17708eb1845212265f3b0fca3103e65ef3a89ca2cb0ba0c838cf0e2e4a84068d113ff96656b46922ff0ccd7170854fa3dcf177a9f5ed1bbeb000c00070000000000010000000c0008000200000002000000100108000b00010073696d706c65000074000280080003005c5b2a0014000300200100000000000000000000000000010f0003002f6465762f7663737523000018000200090000000000000000000000ffffff7f010100000c00030073797a746e6c310007000300242a000018000200050000000e000000fffffffff8ffffff0400000072000600974bbcc2d4f1aa4e5cfa0ad4cdbf2e6bfa3c50e687bbe3569f9fd236682397fc1a98e36bb2d82801cc23e6b4208ed726cf823324a6a342d573f0a9c73256a4d8e27777ce216927392b5fdd851d8f2201e24cfdcc1881b784b4c84162a339f77e26153483bd563f9db42b7c9c110a00000c00070001000000010000000c00080001000000030000004010090007000100637400001800028014000700832a1d9dd90bf1dcf41efc46506648c604100600a80162db4a983ee717f359623547574916b625e0b0cec94fa663f32e1e4d81e605a5af241d9feb22d811af67a9c84db53241b6f89184b098034a4d4c3b821bf4ccc1392093d4bda5c8529eeb1e019f7604c6f08d095d94b5739ffb6c11f3da1117413452eacbe902e75697946a89c74d2430630c21c1807707236fdb63d43bc579941badc361a4c5a1418d1e17301e37af9166a264d704eac97ee9db0b37f78c8ed1f86b6cb47f96bc2ff8f4a5b88ed518ad74ad314433e02bcd4bbc3a9a57829326bb82e6e64fc2931656d4aeafe8566bdcc17faf1acd80ab624d4ce84379784b3cd46e635fb52c246dc1654d72f627c4138b587bef468bee9629b4024451830ce5ebd45d58ba43046021298add1749a3dfcefa251b2179b1b25ba567f3ebc6eccb21189b95b8c8436f96212cbcdaf3a41641126d5591f9d0af94f075bc954bdee80b56d0d4891d654c93079f1dec7c160d43d8c94a0e4577186b586c61a356c1c34227794c64b93ba2a027865ad1dd666a41d0f8878f5ccae3341e978f6d730d0dc5dc1c04effbd0c614fbed046d9bd51ddab97b054d894447e4688dbd137c9d3e71c53e349e87053f541df77acf434951a6e915ba117aa190fcb72311b2cb25fe342f9088e4d2b261356f5336b4ef66fed994abe7b373a94836e5acd47f6a8a908365c2848dbd297295a4f0c026f1ef1a5e3e969d8a150aaa8b50874e554325902b0d0f00a40fcc503a62ab816b67b88fa24114fa0ce5bfa0722bd1fe1d3d7718ba175f68e50cbe12825afdbdd934eb5e8c708f62cbecffde90585d47fe618e1aad881990711423ed4c6efb67998a6adb2e5cbc199b1a271437124d2dd5957e79e98e7008312538d17aa09fc3aaba0de6a3f2f5429c0b1d2fd0bf740840d782168f5e6fe3a9686e7a4adde7e4449fb4c3065760cc9df2451d12507e08f93a5d0e3d6e8d39ab15dce33203692d3318428dcc7a23d3e9112700ab6511d18be6857da490b5febdf8d138256740ea5ed7fb890b56f011ffecf6223c98448ffc2d8382ac9cf54fad54b437664d15ca0c2efcf133e73cc66e573c134ea1dbe84db5c2e785caf216344644029e300916246df0993e5d5143e0cfdc180c74fc0204fe8d7412892864bda0fb167520daba55891939986a322de9906f0b5e6b9e76352571bfcdf0cf448ff059c044decb536ec2741a732878601c5faa4da14fb24deaa56f55af8bb4775ca07b483dc1ef657778744d730eaa9281e2d89476e2938a8a97862eff3e88ae0adf7bb450fc7c4ffbe5edc429fdb301dc7917036ac09a7d302387c01ad62ce9ea023ed825b26e6a851048a1e707b89c7e232d473b9f640d83f4db85b445c7888d25b4c82832bfe2aef251c64e9c17445b87dc0557bcf6ad5d6be5c165275ae00cd0b30b1e299db12ad14b5e3b28a242d9f19b999ff40b2946a96c6eb6711cdb4e74969031451baa2c960669d19a840490d5d740b9c241bce14a6c25c9cee63616933011875faab1f26afd6608be71dbd767e932fb22f55924df199d9e5aeec0ea120204af4f2bc567253fcffe638d5959999ae411cc2c20969453a02783291c6fe9afe4af4dd01db4a2351296c486c15c1b41ed740fbf0da2ee902f65d2768f9f40f45aef73a06cbf75f5129e8ea1549a0abe0c0cae447ab08a009a4c428d241500676471662733079affb61cd7efc804111676eb72e043ff0389312f5810e9c2b7f4a8e7db630fc791db7f78aa886493aa5484879d3a00b93108e024be7fc1adc90127e33ea13b4d122feb18c5f4f8d252edc65b9c3296ec88e089ccc8614d57b5d5ce9c08223e41893738e8da4505ed757542f64217a791b114aaf9869942fc620dfca8faaca093dcd3777bbae0e5220cb66caacbeea6df75eca902fd0d1e308c9e508011ec018821d04c84db215d18272651a58b38797a2a0dc499f079c1a09d9c39151ae2518e872e91fd79c609eb4b01bc58ac50d51c4216479bbf2844625832b60e4fc91597bc28299a97ff5f1f0e4b53c58eead6923135c3026dd23044f3cb03ead802b23c25a573c3c5a2aa84c04e09b323b312d977f0af42d14e4c687f595438dbd857bb7450fc3fdaea91cc9a4c6a8b7b66eda64dbfdabe015893430f5ea58103ec36e6a6f531ddd8bf5c3bc4cc6ce77dbbd25ed5d349c145afdefa112b1278ca07b7a63429c7908465df7085fd116e0115a6331d0eec7eb062d22ba13e9d75b625c699e278624711cbf4cad96764b99fa70a0c789d389fd69aedb5d517d496477d19782ad428d1a540e710cc263d458b3a33aaf58f87bea0b66fd2aeb85897c13664108093de5e1ef50a9677de55fc57d6c49bfbacf75fe3afdc9d1b5d891b035e423f19a91f050d9a00ab4b8b2dd803a9eef4b059c7848858ea722212fba3f15352fbd10033268fc72bcadfd8dccf17f8994790c6cdf6ece1129333a4fe57844168b40e8a8773c892ab67a96dce64f8e97b464ca4b5cfb66989d2c1f53bde2be826639c605e696055f39d021b6b53c57d9dc1e64042746bfdd45da3293dd20fb1c36c5e8bef20b10db4ef10881785580d07bb2f65591fa16e2897642de4ecd111dd370e9d87960614f67c7f25c53bb0b7def7a2c29d20c7d378becc004aa25bdaf51d3b64b6fe93ce6c3fa39b7371c9de6aa258b3a0f132f2979de59bc34667ca7cbde12d786103a6a4e547f1ae9bae68c716252b8d65f860f26ca4748650a8f769a06f7228b140c9d2e9538807550aaa3db82cc2ac1c132bcb8c4a9c0b3fc504310fc5fddea3a5e570119973b887db6bcd7d08969a24a05167c96618edf7b26886207521c346bdf6cd5d94f0fdaba75a5daacb5526469b0df50399607b1d2d0d80386e763e4dce1689971d15bac9c8027a57996062cc3b9099e6690505435578bac36659030716158194abacdd6186218a3a5d0dcdc06ffd75344964c0f25dafc97c0b2ca53309333bc2e3cfb85f53bfb82bf6e95b88ef995805db24a6c927e69d85edd4a075e0230f3d8a38e8c85e2d39caf08526fbae71c87e6bb5143d7880859ecb2044245612621d9af709c45c0dfd9accceab28c4d6d14524e56665c07402a98e87729f30ec2bcbd4092e26f7b303e23ea711ff4b2d7fa800281e4fd32423688c5494515cfa3c97b287e1967af9af269e4dbc7f5a15b81fc9f20b7abd407b4e10e7f5b919abe7dfa7bc1444cd760482cd6c81a7f69993e9bb1d0b0109ea997654ea5b33e19bb9408fc7387fc61c02319136fac7a5b989abaa19b8ab1d1afd4b57cc87f293675b79bf46d51c3cefbf4b893350f0e928a9b539aa0462a2efd698c4e48096531a651fa117c8b8dbd9f51621c1fb5b9d9305fcb71fade4487922558b5452bbdde2375b2146786c47c5a784c530480b72b481b266c80bf779219a9756e0a6d7086260d906823a6d4b7f3cb504253fe5937eaac74a7fe4dad639440c375364b23dba53516be920161d9f6ca46c2ba83972a9aaf7cb1fac8900edd03f46f5a6a4ceb86d22437499e82d3dc67b1c2c45c743f498213276ce4861f6b6915416aec026fefbff10788db9e28456a0799e4ded1a0b188c532e0cbd3b371773f4f61ec171c982e771c27316ac47a3c63900076e5fac2803dd9a07fe84f72bc72f70daa0ad16cb231f62a09317ea9806e1f2f12743fa30c191ac3d8885c30f356c4d7a0de6b6863ea53755abbc0099a1eeeb2a1ba3481eff7f1d34f6c65c11648c5f0fca72262a221272e976e6c2d0bbb5ed208e4c77c9a161268acee401880ddec9375f21f3492d5f432a9119035bf7a523a116d57e97a93ec675981c15fc47e1a9584919ce418e9603df37998f643bf593db544c95c02e7512b348fdba2459780ca1885d81e6352fb4e70ab63ab7c1c46cf054169636d9d858b11268b2db929b61519cdaa61232193c3b2a565e90825f003f7296f8431fe577dd4d2de52ee528eb3d7dd945d7ec95815404713f1a551a06f56aeef17183109012463bcfaf301bcd5164699b43db8bbe3181f7331eca14ebf034b6653594152adc5ed49238a9eed6ab0bd32bdad77da6f10afe8945dda1edf571a77a9f425cb1385e965676ed8c491e0cb75d89adc7b89cfa13c88da39b8727b583fcd2d43cca1e0691e40d28883ce0b4f6a8f088e73643c6bda34c12412eba2188caa882d763a6cd81ef9c20db25baf4303b9d38c1077f5171122b1d09dc05f5dc1ecbf9ad44e827b1bce4ef8f484fb93684f1e175ee7efa0da53eea89c118133dde334dfd3bab602b51d20da16b44f9b776703c5b12c5fd92a467e0b7db47e41a846d5cb1fd1611639b6ac8d6c4b27d2dea49ae09068efaed9a8a9b11d125b027843ca30b410b55f1427e604bc1abc3225c14b5f7a9783f83014bcb5d6195955801bc765159079277aec572e1c3ab1632b165460da2e4bfe32b33b2473bc4c517ebb72d068a642d4216fc3ad3c0af673b2a621105cfc7e5a5391cafee93b87db8df616648ceb620f23f90bd137527d4cb4e1ff137dd5e35f129ebef1b7a6423af2769823524bfc889cdd8b95fbb3ca0d70f084eb92d0e62cd1a918a0b06415e3d4f3a1d56f6fe46ad8277b87d18a6781c0741dd6b96bacee981779addb0d79b310025520700bc62fc96b31cb4c1203a07860c929028cdc46487487731428119774e20ae03d1abe2128eec4889102560b25c1204609035b0a0c8d6605bb118ff12ed19bfc1bc4e8cb511f302a7b35a82310db96c57f34bc28fa90343cd3b15c25a5935ec0da9bce1f25f93e72caefd6f3b6a34d6b28c835df1083125722136420e76d14abeeaf012a511105c9e85b99d0beed74daf5a8ed66c5c6c1741c82a9e58acae72a1171502b45569387d3ff82118fcbaec25794fae54100aa5a803a9de3901e3341c143b32c829d2d9c6c685384e89ffe729262fbe51cfaa7aa7552de41b775165fff28ba5b844081dd32a12f8bbc6fd02d5f3f0110f3b251240a4ce2a74eedc7da7899c4bb3f7aa00d7bd64ce4322890d894bc77a0649a8f44b6ee3a805b008e4f636f54eb400a8249cec37b2541587e2b683221cf53eabf6258f05017e7e55c04848b7e66d85b765a9aa6b4f8304ce8ead3fb65c31f4fc7dc4c0c69761655ab7a70253771362b7a4ae1135cd38ca9691fed3a64e86593f4bc2749318f4a9c7e6d3c99ee7f85bd107e9259e632c5825da504de5deac2fac222dc335e0214791e38ebaaf7f18eabdb7d8ec8c4dfa6c62a51c1a5698040020c79912d45023d5730c462c0cc75d1a82eb69541adc909f47f0d700d41f5dfcdc19158a8c9d2306b605718e5472d44e097e3b57bc680f7d885634c6d731dfd5f4f7b18ca7cad81c2d45d08c13e3509ff839886879997993e0135a06be8d749ee7c57a3be113f5ada4be3248135147df0208b0880fbbb80efec2110599c369458ab42ade4a74018f33ddd8b4c9cf9f6cf7280fcc072208bf5bc0560217a168e51f951681469c4fa956d68f6aa1b3f2e411b03fe4face1d6ef8ebdf74c7b8ff5bd9e8e7302bad1b59799a62aab5b9dc73a2c95be7d4467407ad2877087a3fafcfbc2cb80224b1504617e6979fd99bef9f3254d5874567eddab4e8d6da7d3f281b2e8af2eeaee6a73058704ed8fc48f898e74d75968210bb58ab2598ca8afdd08e3ff50c9f97295361ea06dbc81279316e587a9ece28988bfb53665fff64c0ce40664a4766f51415bdf02a6d49c98c86480d7136a9adc0c7930952be203b68f35b45a13d3246b39a5cc8fc28963886b74678ad8c0074309cf494cee562066520f25aaa5d0c00070001000000010000000c000800000000000100000006000200050000001404060004040300fcffffff060000000500000003000000090000001f0400000000010000000000ff000000050000000004000098af000002000000010001007a000000980800000008000002000000ffff000005000000080000002a00000041a30000010000002d8cf26e0600000002000000070000000600000081000000000000007aeb0000ff00000005000000010000000000000003000000010000000000008001800000660c0000040000000700000001010000000000003400000005000000090000000600000099080000ffff0000e30e00009b0000001f00000006000000d70000000700000000000100f9ffffff02000000030000000800000003000000ffffffff058d000071000000db080000e5630000553c183e00000000060000000600000008000000400000000100000007000000000000000080000003000000fbffffff04000000fbffffff8200000076000000eed2ffff02000000010001000500000008000000060000000101000007000000090000006a0a00000300000003000000ffffffff06000000000000000180000091000000010000007f0000000200000001800000ffffffff09000000020000000400000002000000018000000500000004000000080000008100000009000000050000000000000008000000b7000000080000000200000000000000ff00000004000000020000000200000095d20000000001000180000002000000ff01000006000000018000000800000080020000040000001d000000070000000800000062000000050000007fffffffff030000ff0f00000900000001000080e1ffffff09000000ff070000010000000000f8ff05000000000000000000000000000080010001000100000002000000000000c0020000000400000000000080ffffffff0104000003000000030000000400000007000000030000000400000080000000070000000900000000000000030000001d02000008000000000000000180000005000000008000009f000000feffffff0000010000000000010400000100000001010000000000000001000000040000b000000001000080000000000080000003000000ff0f000001000000030000002a4f000001000000050000000500000001000000f8ffffff05000000008000000700000006000000050000008715000004000000060000001f000000c7090000040000000700000005000000ff070000400000000100000000000000000200000100000001000000800000000800000020000000981b00000000000000000000dde6000000020000010001000300000006000000698400000002000001040000ff00000005000000de0a00000300000009000000ffff000007000000000200001f000000090000000800000002000000000100000000000040000000010000000c000800c0ffffffffffffff0800030000000000060005002c0800000600050009910000"], 0x1d18}, 0x1, 0x0, 0x0, 0x4004000}, 0x45) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'ip6tnl0\x00', &(0x7f0000000200)={'ip6tnl0\x00', r1, 0x4, 0x5, 0x7f, 0x7, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2={0xfc, 0x2, '\x00', 0x1}, 0x8000, 0x20, 0x80000000, 0xb4a}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'ip6gre0\x00', r2, 0x2f, 0x5d, 0x4, 0x6, 0x1, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8000, 0x7800, 0x80001, 0x3}}) r3 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'team_slave_1\x00', 0x0}) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000600)={0x5a, {{0x2, 0x4e21, @remote}}}, 0x88) r6 = dup2(0xffffffffffffffff, r5) r7 = openat(r6, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r7, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) sendmsg$NFT_MSG_GETTABLE(r7, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) listen(r7, 0x8001) r8 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000500), 0x242600, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r8, 0x89f2, &(0x7f00000005c0)={'syztnl2\x00', &(0x7f0000000540)={'syztnl0\x00', r2, 0x29, 0x8, 0x7f, 0xfffffffe, 0x38, @dev={0xfe, 0x80, '\x00', 0x20}, @mcast1, 0x80, 0x700, 0x8, 0x8}}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000700)=ANY=[@ANYRESDEC, @ANYRES32=r3, @ANYRESDEC=r0], 0x34}}, 0x4091) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000140)='highspeed\x00', 0xa) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000400)={'ip6tnl0\x00', &(0x7f0000000380)={'syztnl2\x00', r4, 0x2f, 0x4, 0x97, 0x800, 0x20, @ipv4={'\x00', '\xff\xff', @multicast2}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8001, 0x40, 0x5, 0x1}}) syz_open_dev$vcsu(&(0x7f0000000040), 0x20, 0x0) (async) read$msr(0xffffffffffffffff, 0x0, 0x0) (async) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl2\x00', &(0x7f0000000080)={'ip6tnl0\x00', 0x0, 0x29, 0x8, 0x0, 0x6, 0x28, @loopback, @ipv4={'\x00', '\xff\xff', @remote}, 0x700, 0x1, 0xfb41, 0x7e}}) (async) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000002200)=ANY=[@ANYBLOB="d51d02006400000127bd7002fedbdf2500000000", @ANYRES32=r1, @ANYBLOB="f2ff10000e000700f1ff0f000c0001007463696e64657800d81c02000800040001000000140506003c000100050000000800000001000000000000000400000081020500c7da001009000000040100008100f9ff0200000007000000ff000000ff0f000008000400000000000c000800975e0000000000003c00010008000000000000000500000005000000f9ffffff0002ff070700050003000000010101003c00a47c090000000500000015000000b42965483c000100030000000000002008000000040000000010000007010000000008008760b44fb7020300010402000800000004000000410f0000060000003c00010005000000020000007f0000000700000000000000030001010d5d0800000000000502080001f8070008000000ff01000002000000010000000404020000040000030000000000000402000000020000000300000004000000000400000800000004000000090000000600000000000000030000000101000001000000020000000700000000000080050000000180000003000000060000000600000096d7000000080000fdffffffe60000000000010000020000000800000100000005000000c440000060000000fcffffff81b3000060b5140009000000ca00000009000000010000803c0000003f0000000001000001000000000000000000000002000000020000000000000001040000abb8ffff0200000007000000faffffff00000000030000000700000003000000fb00000001000000feffffff07000000020000003f0000000100000006000000cb00000000000000e341000000000000ffffff7f05000000040000000104000008000000200000000400000006000000000000000008000000000000ad38000000010000010001000600000000000000e762000005000000aa0000000500000086fc00000000ffff06000000c1d4000000000000ffffffff01800000ff7f000000000000010000000100000009000000ac4d0000008000000900000001010000050000005d00000000800000ffff0000ff7f0000da0000000400000009000000060000007900000000000000090000000000000006000000990000000600000008000000000000001000000003000000010400000000000006000000ff010000000010000000000000000000ffffff7f07000000040000000300000001000000010100000300000000010000000000001f000000090000007f0000008300000001000000020000001f00000007000000307c000002000000030000000900000000000000ff0f00000600000001000100090000007fffffff001000004000000004000000010000000500000003000000391d0000f8ffffff3f000000000400000600000008000000e019000005000000ffffffff4c000000060000000600000001000100050000000100000000800000d2000000000000000100000000080000310800000100000001000100d400000009000000050000000900000009000000030000000800000004000000e00200008000000006000000ff0300000acd00000001000003000000ff070000c0ffffff8a0e0000fcffffff0100008006000000000000004e060000450600000000000000000000070000002500000009000000fdffffff46ffffff3f00000001000000010100000180000000100000020000000000000007000000810000000300000009000000ff0f000000000000060000005008000000040000040000000200000000000000075b000001040000030000000100000055b5000001000080550000000100000033000000008000000000000006000000010000801f00000051000000080005000300000008000400000000000800050009000f00100006000c000900840000000000000074130700900008000c000100736b6265646974004c0002800600040040000000060007000200000008000300f3ff01000600040000010000080003000000f2ff06000400090000000800030007000200060007000200000008000500020000001b00060054afd02c1d1192c1051f46f30795b7f807167b700d0311000c00070001000000000000000c0008000100000007000000900101000c000100736b62656469740064000280060004000300000008000300f3ffe0ff080005000000000008000500e8570000060004001e000000180002008a8bde750600000008000000080000007f00000018000200ffff00000900000000000020010100001e010000060004000700000003010600da213397dd0b9f3f6dff1c21679e27a15ad01d024585149ee76acc414b914e95f60efc0ba0b5d5cff38c4af709533361297b4d37ef62db6d1e457b262fd021688afe29fef9e5ac1be0f63cbfbea27ff6789015da3fb38a5b8dc09dc998e12af313259a069d2067839da5fbb1a4c85efc384210887bc4d41da669f7a14610df0f337dbe34c115568e4013d9e053b4ac59819c4a4b585d91cf1a6f87296cd4366076e119c37c5c76040a5a96615f046c1186ff29901025dfebda389ca540e22ab7930ad4d1673de17708eb1845212265f3b0fca3103e65ef3a89ca2cb0ba0c838cf0e2e4a84068d113ff96656b46922ff0ccd7170854fa3dcf177a9f5ed1bbeb000c00070000000000010000000c0008000200000002000000100108000b00010073696d706c65000074000280080003005c5b2a0014000300200100000000000000000000000000010f0003002f6465762f7663737523000018000200090000000000000000000000ffffff7f010100000c00030073797a746e6c310007000300242a000018000200050000000e000000fffffffff8ffffff0400000072000600974bbcc2d4f1aa4e5cfa0ad4cdbf2e6bfa3c50e687bbe3569f9fd236682397fc1a98e36bb2d82801cc23e6b4208ed726cf823324a6a342d573f0a9c73256a4d8e27777ce216927392b5fdd851d8f2201e24cfdcc1881b784b4c84162a339f77e26153483bd563f9db42b7c9c110a00000c00070001000000010000000c00080001000000030000004010090007000100637400001800028014000700832a1d9dd90bf1dcf41efc46506648c604100600a80162db4a983ee717f359623547574916b625e0b0cec94fa663f32e1e4d81e605a5af241d9feb22d811af67a9c84db53241b6f89184b098034a4d4c3b821bf4ccc1392093d4bda5c8529eeb1e019f7604c6f08d095d94b5739ffb6c11f3da1117413452eacbe902e75697946a89c74d2430630c21c1807707236fdb63d43bc579941badc361a4c5a1418d1e17301e37af9166a264d704eac97ee9db0b37f78c8ed1f86b6cb47f96bc2ff8f4a5b88ed518ad74ad314433e02bcd4bbc3a9a57829326bb82e6e64fc2931656d4aeafe8566bdcc17faf1acd80ab624d4ce84379784b3cd46e635fb52c246dc1654d72f627c4138b587bef468bee9629b4024451830ce5ebd45d58ba43046021298add1749a3dfcefa251b2179b1b25ba567f3ebc6eccb21189b95b8c8436f96212cbcdaf3a41641126d5591f9d0af94f075bc954bdee80b56d0d4891d654c93079f1dec7c160d43d8c94a0e4577186b586c61a356c1c34227794c64b93ba2a027865ad1dd666a41d0f8878f5ccae3341e978f6d730d0dc5dc1c04effbd0c614fbed046d9bd51ddab97b054d894447e4688dbd137c9d3e71c53e349e87053f541df77acf434951a6e915ba117aa190fcb72311b2cb25fe342f9088e4d2b261356f5336b4ef66fed994abe7b373a94836e5acd47f6a8a908365c2848dbd297295a4f0c026f1ef1a5e3e969d8a150aaa8b50874e554325902b0d0f00a40fcc503a62ab816b67b88fa24114fa0ce5bfa0722bd1fe1d3d7718ba175f68e50cbe12825afdbdd934eb5e8c708f62cbecffde90585d47fe618e1aad881990711423ed4c6efb67998a6adb2e5cbc199b1a271437124d2dd5957e79e98e7008312538d17aa09fc3aaba0de6a3f2f5429c0b1d2fd0bf740840d782168f5e6fe3a9686e7a4adde7e4449fb4c3065760cc9df2451d12507e08f93a5d0e3d6e8d39ab15dce33203692d3318428dcc7a23d3e9112700ab6511d18be6857da490b5febdf8d138256740ea5ed7fb890b56f011ffecf6223c98448ffc2d8382ac9cf54fad54b437664d15ca0c2efcf133e73cc66e573c134ea1dbe84db5c2e785caf216344644029e300916246df0993e5d5143e0cfdc180c74fc0204fe8d7412892864bda0fb167520daba55891939986a322de9906f0b5e6b9e76352571bfcdf0cf448ff059c044decb536ec2741a732878601c5faa4da14fb24deaa56f55af8bb4775ca07b483dc1ef657778744d730eaa9281e2d89476e2938a8a97862eff3e88ae0adf7bb450fc7c4ffbe5edc429fdb301dc7917036ac09a7d302387c01ad62ce9ea023ed825b26e6a851048a1e707b89c7e232d473b9f640d83f4db85b445c7888d25b4c82832bfe2aef251c64e9c17445b87dc0557bcf6ad5d6be5c165275ae00cd0b30b1e299db12ad14b5e3b28a242d9f19b999ff40b2946a96c6eb6711cdb4e74969031451baa2c960669d19a840490d5d740b9c241bce14a6c25c9cee63616933011875faab1f26afd6608be71dbd767e932fb22f55924df199d9e5aeec0ea120204af4f2bc567253fcffe638d5959999ae411cc2c20969453a02783291c6fe9afe4af4dd01db4a2351296c486c15c1b41ed740fbf0da2ee902f65d2768f9f40f45aef73a06cbf75f5129e8ea1549a0abe0c0cae447ab08a009a4c428d241500676471662733079affb61cd7efc804111676eb72e043ff0389312f5810e9c2b7f4a8e7db630fc791db7f78aa886493aa5484879d3a00b93108e024be7fc1adc90127e33ea13b4d122feb18c5f4f8d252edc65b9c3296ec88e089ccc8614d57b5d5ce9c08223e41893738e8da4505ed757542f64217a791b114aaf9869942fc620dfca8faaca093dcd3777bbae0e5220cb66caacbeea6df75eca902fd0d1e308c9e508011ec018821d04c84db215d18272651a58b38797a2a0dc499f079c1a09d9c39151ae2518e872e91fd79c609eb4b01bc58ac50d51c4216479bbf2844625832b60e4fc91597bc28299a97ff5f1f0e4b53c58eead6923135c3026dd23044f3cb03ead802b23c25a573c3c5a2aa84c04e09b323b312d977f0af42d14e4c687f595438dbd857bb7450fc3fdaea91cc9a4c6a8b7b66eda64dbfdabe015893430f5ea58103ec36e6a6f531ddd8bf5c3bc4cc6ce77dbbd25ed5d349c145afdefa112b1278ca07b7a63429c7908465df7085fd116e0115a6331d0eec7eb062d22ba13e9d75b625c699e278624711cbf4cad96764b99fa70a0c789d389fd69aedb5d517d496477d19782ad428d1a540e710cc263d458b3a33aaf58f87bea0b66fd2aeb85897c13664108093de5e1ef50a9677de55fc57d6c49bfbacf75fe3afdc9d1b5d891b035e423f19a91f050d9a00ab4b8b2dd803a9eef4b059c7848858ea722212fba3f15352fbd10033268fc72bcadfd8dccf17f8994790c6cdf6ece1129333a4fe57844168b40e8a8773c892ab67a96dce64f8e97b464ca4b5cfb66989d2c1f53bde2be826639c605e696055f39d021b6b53c57d9dc1e64042746bfdd45da3293dd20fb1c36c5e8bef20b10db4ef10881785580d07bb2f65591fa16e2897642de4ecd111dd370e9d87960614f67c7f25c53bb0b7def7a2c29d20c7d378becc004aa25bdaf51d3b64b6fe93ce6c3fa39b7371c9de6aa258b3a0f132f2979de59bc34667ca7cbde12d786103a6a4e547f1ae9bae68c716252b8d65f860f26ca4748650a8f769a06f7228b140c9d2e9538807550aaa3db82cc2ac1c132bcb8c4a9c0b3fc504310fc5fddea3a5e570119973b887db6bcd7d08969a24a05167c96618edf7b26886207521c346bdf6cd5d94f0fdaba75a5daacb5526469b0df50399607b1d2d0d80386e763e4dce1689971d15bac9c8027a57996062cc3b9099e6690505435578bac36659030716158194abacdd6186218a3a5d0dcdc06ffd75344964c0f25dafc97c0b2ca53309333bc2e3cfb85f53bfb82bf6e95b88ef995805db24a6c927e69d85edd4a075e0230f3d8a38e8c85e2d39caf08526fbae71c87e6bb5143d7880859ecb2044245612621d9af709c45c0dfd9accceab28c4d6d14524e56665c07402a98e87729f30ec2bcbd4092e26f7b303e23ea711ff4b2d7fa800281e4fd32423688c5494515cfa3c97b287e1967af9af269e4dbc7f5a15b81fc9f20b7abd407b4e10e7f5b919abe7dfa7bc1444cd760482cd6c81a7f69993e9bb1d0b0109ea997654ea5b33e19bb9408fc7387fc61c02319136fac7a5b989abaa19b8ab1d1afd4b57cc87f293675b79bf46d51c3cefbf4b893350f0e928a9b539aa0462a2efd698c4e48096531a651fa117c8b8dbd9f51621c1fb5b9d9305fcb71fade4487922558b5452bbdde2375b2146786c47c5a784c530480b72b481b266c80bf779219a9756e0a6d7086260d906823a6d4b7f3cb504253fe5937eaac74a7fe4dad639440c375364b23dba53516be920161d9f6ca46c2ba83972a9aaf7cb1fac8900edd03f46f5a6a4ceb86d22437499e82d3dc67b1c2c45c743f498213276ce4861f6b6915416aec026fefbff10788db9e28456a0799e4ded1a0b188c532e0cbd3b371773f4f61ec171c982e771c27316ac47a3c63900076e5fac2803dd9a07fe84f72bc72f70daa0ad16cb231f62a09317ea9806e1f2f12743fa30c191ac3d8885c30f356c4d7a0de6b6863ea53755abbc0099a1eeeb2a1ba3481eff7f1d34f6c65c11648c5f0fca72262a221272e976e6c2d0bbb5ed208e4c77c9a161268acee401880ddec9375f21f3492d5f432a9119035bf7a523a116d57e97a93ec675981c15fc47e1a9584919ce418e9603df37998f643bf593db544c95c02e7512b348fdba2459780ca1885d81e6352fb4e70ab63ab7c1c46cf054169636d9d858b11268b2db929b61519cdaa61232193c3b2a565e90825f003f7296f8431fe577dd4d2de52ee528eb3d7dd945d7ec95815404713f1a551a06f56aeef17183109012463bcfaf301bcd5164699b43db8bbe3181f7331eca14ebf034b6653594152adc5ed49238a9eed6ab0bd32bdad77da6f10afe8945dda1edf571a77a9f425cb1385e965676ed8c491e0cb75d89adc7b89cfa13c88da39b8727b583fcd2d43cca1e0691e40d28883ce0b4f6a8f088e73643c6bda34c12412eba2188caa882d763a6cd81ef9c20db25baf4303b9d38c1077f5171122b1d09dc05f5dc1ecbf9ad44e827b1bce4ef8f484fb93684f1e175ee7efa0da53eea89c118133dde334dfd3bab602b51d20da16b44f9b776703c5b12c5fd92a467e0b7db47e41a846d5cb1fd1611639b6ac8d6c4b27d2dea49ae09068efaed9a8a9b11d125b027843ca30b410b55f1427e604bc1abc3225c14b5f7a9783f83014bcb5d6195955801bc765159079277aec572e1c3ab1632b165460da2e4bfe32b33b2473bc4c517ebb72d068a642d4216fc3ad3c0af673b2a621105cfc7e5a5391cafee93b87db8df616648ceb620f23f90bd137527d4cb4e1ff137dd5e35f129ebef1b7a6423af2769823524bfc889cdd8b95fbb3ca0d70f084eb92d0e62cd1a918a0b06415e3d4f3a1d56f6fe46ad8277b87d18a6781c0741dd6b96bacee981779addb0d79b310025520700bc62fc96b31cb4c1203a07860c929028cdc46487487731428119774e20ae03d1abe2128eec4889102560b25c1204609035b0a0c8d6605bb118ff12ed19bfc1bc4e8cb511f302a7b35a82310db96c57f34bc28fa90343cd3b15c25a5935ec0da9bce1f25f93e72caefd6f3b6a34d6b28c835df1083125722136420e76d14abeeaf012a511105c9e85b99d0beed74daf5a8ed66c5c6c1741c82a9e58acae72a1171502b45569387d3ff82118fcbaec25794fae54100aa5a803a9de3901e3341c143b32c829d2d9c6c685384e89ffe729262fbe51cfaa7aa7552de41b775165fff28ba5b844081dd32a12f8bbc6fd02d5f3f0110f3b251240a4ce2a74eedc7da7899c4bb3f7aa00d7bd64ce4322890d894bc77a0649a8f44b6ee3a805b008e4f636f54eb400a8249cec37b2541587e2b683221cf53eabf6258f05017e7e55c04848b7e66d85b765a9aa6b4f8304ce8ead3fb65c31f4fc7dc4c0c69761655ab7a70253771362b7a4ae1135cd38ca9691fed3a64e86593f4bc2749318f4a9c7e6d3c99ee7f85bd107e9259e632c5825da504de5deac2fac222dc335e0214791e38ebaaf7f18eabdb7d8ec8c4dfa6c62a51c1a5698040020c79912d45023d5730c462c0cc75d1a82eb69541adc909f47f0d700d41f5dfcdc19158a8c9d2306b605718e5472d44e097e3b57bc680f7d885634c6d731dfd5f4f7b18ca7cad81c2d45d08c13e3509ff839886879997993e0135a06be8d749ee7c57a3be113f5ada4be3248135147df0208b0880fbbb80efec2110599c369458ab42ade4a74018f33ddd8b4c9cf9f6cf7280fcc072208bf5bc0560217a168e51f951681469c4fa956d68f6aa1b3f2e411b03fe4face1d6ef8ebdf74c7b8ff5bd9e8e7302bad1b59799a62aab5b9dc73a2c95be7d4467407ad2877087a3fafcfbc2cb80224b1504617e6979fd99bef9f3254d5874567eddab4e8d6da7d3f281b2e8af2eeaee6a73058704ed8fc48f898e74d75968210bb58ab2598ca8afdd08e3ff50c9f97295361ea06dbc81279316e587a9ece28988bfb53665fff64c0ce40664a4766f51415bdf02a6d49c98c86480d7136a9adc0c7930952be203b68f35b45a13d3246b39a5cc8fc28963886b74678ad8c0074309cf494cee562066520f25aaa5d0c00070001000000010000000c000800000000000100000006000200050000001404060004040300fcffffff060000000500000003000000090000001f0400000000010000000000ff000000050000000004000098af000002000000010001007a000000980800000008000002000000ffff000005000000080000002a00000041a30000010000002d8cf26e0600000002000000070000000600000081000000000000007aeb0000ff00000005000000010000000000000003000000010000000000008001800000660c0000040000000700000001010000000000003400000005000000090000000600000099080000ffff0000e30e00009b0000001f00000006000000d70000000700000000000100f9ffffff02000000030000000800000003000000ffffffff058d000071000000db080000e5630000553c183e00000000060000000600000008000000400000000100000007000000000000000080000003000000fbffffff04000000fbffffff8200000076000000eed2ffff02000000010001000500000008000000060000000101000007000000090000006a0a00000300000003000000ffffffff06000000000000000180000091000000010000007f0000000200000001800000ffffffff09000000020000000400000002000000018000000500000004000000080000008100000009000000050000000000000008000000b7000000080000000200000000000000ff00000004000000020000000200000095d20000000001000180000002000000ff01000006000000018000000800000080020000040000001d000000070000000800000062000000050000007fffffffff030000ff0f00000900000001000080e1ffffff09000000ff070000010000000000f8ff05000000000000000000000000000080010001000100000002000000000000c0020000000400000000000080ffffffff0104000003000000030000000400000007000000030000000400000080000000070000000900000000000000030000001d02000008000000000000000180000005000000008000009f000000feffffff0000010000000000010400000100000001010000000000000001000000040000b000000001000080000000000080000003000000ff0f000001000000030000002a4f000001000000050000000500000001000000f8ffffff05000000008000000700000006000000050000008715000004000000060000001f000000c7090000040000000700000005000000ff070000400000000100000000000000000200000100000001000000800000000800000020000000981b00000000000000000000dde6000000020000010001000300000006000000698400000002000001040000ff00000005000000de0a00000300000009000000ffff000007000000000200001f000000090000000800000002000000000100000000000040000000010000000c000800c0ffffffffffffff0800030000000000060005002c0800000600050009910000"], 0x1d18}, 0x1, 0x0, 0x0, 0x4004000}, 0x45) (async) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'ip6tnl0\x00', &(0x7f0000000200)={'ip6tnl0\x00', r1, 0x4, 0x5, 0x7f, 0x7, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2={0xfc, 0x2, '\x00', 0x1}, 0x8000, 0x20, 0x80000000, 0xb4a}}) (async) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'ip6gre0\x00', r2, 0x2f, 0x5d, 0x4, 0x6, 0x1, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8000, 0x7800, 0x80001, 0x3}}) (async) socket$inet(0x2, 0xa, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'team_slave_1\x00'}) (async) socket$inet6_udp(0xa, 0x2, 0x0) (async) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000600)={0x5a, {{0x2, 0x4e21, @remote}}}, 0x88) (async) dup2(0xffffffffffffffff, r5) (async) openat(r6, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) (async) ioctl$FS_IOC_ENABLE_VERITY(r7, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) (async) sendmsg$NFT_MSG_GETTABLE(r7, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) (async) listen(r7, 0x8001) (async) openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000500), 0x242600, 0x0) (async) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r8, 0x89f2, &(0x7f00000005c0)={'syztnl2\x00', &(0x7f0000000540)={'syztnl0\x00', r2, 0x29, 0x8, 0x7f, 0xfffffffe, 0x38, @dev={0xfe, 0x80, '\x00', 0x20}, @mcast1, 0x80, 0x700, 0x8, 0x8}}) (async) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000700)=ANY=[@ANYRESDEC, @ANYRES32=r3, @ANYRESDEC=r0], 0x34}}, 0x4091) (async) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000140)='highspeed\x00', 0xa) (async) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000400)={'ip6tnl0\x00', &(0x7f0000000380)={'syztnl2\x00', r4, 0x2f, 0x4, 0x97, 0x800, 0x20, @ipv4={'\x00', '\xff\xff', @multicast2}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8001, 0x40, 0x5, 0x1}}) (async) [ 224.481809][ T4191] ======================================================= 02:05:59 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) recvfrom(r0, 0x0, 0x0, 0x4360f3684e6c1ed9, 0x0, 0x0) 02:05:59 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_GET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01a30000b9dd0000000001"], 0x14}}, 0x0) [ 224.481809][ T4191] WARNING: The mand mount option has been deprecated and [ 224.481809][ T4191] and is ignored by this kernel. Remove the mand [ 224.481809][ T4191] option from the mount to silence this warning. [ 224.481809][ T4191] ======================================================= [ 224.507523][ T4193] fs-verity (sda1, inode 1135): Malformed file signature [ 224.535674][ T4191] gfs2: Unknown parameter 'subj_role' 02:05:59 executing program 0: r0 = syz_open_dev$vcsu(&(0x7f0000000040), 0x20, 0x0) read$msr(0xffffffffffffffff, 0x0, 0x0) (async) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl2\x00', &(0x7f0000000080)={'ip6tnl0\x00', 0x0, 0x29, 0x8, 0x0, 0x6, 0x28, @loopback, @ipv4={'\x00', '\xff\xff', @remote}, 0x700, 0x1, 0xfb41, 0x7e}}) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000002200)=ANY=[@ANYBLOB="d51d02006400000127bd7002fedbdf2500000000", @ANYRES32=r1, @ANYBLOB="f2ff10000e000700f1ff0f000c0001007463696e64657800d81c02000800040001000000140506003c000100050000000800000001000000000000000400000081020500c7da001009000000040100008100f9ff0200000007000000ff000000ff0f000008000400000000000c000800975e0000000000003c00010008000000000000000500000005000000f9ffffff0002ff070700050003000000010101003c00a47c090000000500000015000000b42965483c000100030000000000002008000000040000000010000007010000000008008760b44fb7020300010402000800000004000000410f0000060000003c00010005000000020000007f0000000700000000000000030001010d5d0800000000000502080001f8070008000000ff01000002000000010000000404020000040000030000000000000402000000020000000300000004000000000400000800000004000000090000000600000000000000030000000101000001000000020000000700000000000080050000000180000003000000060000000600000096d7000000080000fdffffffe60000000000010000020000000800000100000005000000c440000060000000fcffffff81b3000060b5140009000000ca00000009000000010000803c0000003f0000000001000001000000000000000000000002000000020000000000000001040000abb8ffff0200000007000000faffffff00000000030000000700000003000000fb00000001000000feffffff07000000020000003f0000000100000006000000cb00000000000000e341000000000000ffffff7f05000000040000000104000008000000200000000400000006000000000000000008000000000000ad38000000010000010001000600000000000000e762000005000000aa0000000500000086fc00000000ffff06000000c1d4000000000000ffffffff01800000ff7f000000000000010000000100000009000000ac4d0000008000000900000001010000050000005d00000000800000ffff0000ff7f0000da0000000400000009000000060000007900000000000000090000000000000006000000990000000600000008000000000000001000000003000000010400000000000006000000ff010000000010000000000000000000ffffff7f07000000040000000300000001000000010100000300000000010000000000001f000000090000007f0000008300000001000000020000001f00000007000000307c000002000000030000000900000000000000ff0f00000600000001000100090000007fffffff001000004000000004000000010000000500000003000000391d0000f8ffffff3f000000000400000600000008000000e019000005000000ffffffff4c000000060000000600000001000100050000000100000000800000d2000000000000000100000000080000310800000100000001000100d400000009000000050000000900000009000000030000000800000004000000e00200008000000006000000ff0300000acd00000001000003000000ff070000c0ffffff8a0e0000fcffffff0100008006000000000000004e060000450600000000000000000000070000002500000009000000fdffffff46ffffff3f00000001000000010100000180000000100000020000000000000007000000810000000300000009000000ff0f000000000000060000005008000000040000040000000200000000000000075b000001040000030000000100000055b5000001000080550000000100000033000000008000000000000006000000010000801f00000051000000080005000300000008000400000000000800050009000f00100006000c000900840000000000000074130700900008000c000100736b6265646974004c0002800600040040000000060007000200000008000300f3ff01000600040000010000080003000000f2ff06000400090000000800030007000200060007000200000008000500020000001b00060054afd02c1d1192c1051f46f30795b7f807167b700d0311000c00070001000000000000000c0008000100000007000000900101000c000100736b62656469740064000280060004000300000008000300f3ffe0ff080005000000000008000500e8570000060004001e000000180002008a8bde750600000008000000080000007f00000018000200ffff00000900000000000020010100001e010000060004000700000003010600da213397dd0b9f3f6dff1c21679e27a15ad01d024585149ee76acc414b914e95f60efc0ba0b5d5cff38c4af709533361297b4d37ef62db6d1e457b262fd021688afe29fef9e5ac1be0f63cbfbea27ff6789015da3fb38a5b8dc09dc998e12af313259a069d2067839da5fbb1a4c85efc384210887bc4d41da669f7a14610df0f337dbe34c115568e4013d9e053b4ac59819c4a4b585d91cf1a6f87296cd4366076e119c37c5c76040a5a96615f046c1186ff29901025dfebda389ca540e22ab7930ad4d1673de17708eb1845212265f3b0fca3103e65ef3a89ca2cb0ba0c838cf0e2e4a84068d113ff96656b46922ff0ccd7170854fa3dcf177a9f5ed1bbeb000c00070000000000010000000c0008000200000002000000100108000b00010073696d706c65000074000280080003005c5b2a0014000300200100000000000000000000000000010f0003002f6465762f7663737523000018000200090000000000000000000000ffffff7f010100000c00030073797a746e6c310007000300242a000018000200050000000e000000fffffffff8ffffff0400000072000600974bbcc2d4f1aa4e5cfa0ad4cdbf2e6bfa3c50e687bbe3569f9fd236682397fc1a98e36bb2d82801cc23e6b4208ed726cf823324a6a342d573f0a9c73256a4d8e27777ce216927392b5fdd851d8f2201e24cfdcc1881b784b4c84162a339f77e26153483bd563f9db42b7c9c110a00000c00070001000000010000000c00080001000000030000004010090007000100637400001800028014000700832a1d9dd90bf1dcf41efc46506648c604100600a80162db4a983ee717f359623547574916b625e0b0cec94fa663f32e1e4d81e605a5af241d9feb22d811af67a9c84db53241b6f89184b098034a4d4c3b821bf4ccc1392093d4bda5c8529eeb1e019f7604c6f08d095d94b5739ffb6c11f3da1117413452eacbe902e75697946a89c74d2430630c21c1807707236fdb63d43bc579941badc361a4c5a1418d1e17301e37af9166a264d704eac97ee9db0b37f78c8ed1f86b6cb47f96bc2ff8f4a5b88ed518ad74ad314433e02bcd4bbc3a9a57829326bb82e6e64fc2931656d4aeafe8566bdcc17faf1acd80ab624d4ce84379784b3cd46e635fb52c246dc1654d72f627c4138b587bef468bee9629b4024451830ce5ebd45d58ba43046021298add1749a3dfcefa251b2179b1b25ba567f3ebc6eccb21189b95b8c8436f96212cbcdaf3a41641126d5591f9d0af94f075bc954bdee80b56d0d4891d654c93079f1dec7c160d43d8c94a0e4577186b586c61a356c1c34227794c64b93ba2a027865ad1dd666a41d0f8878f5ccae3341e978f6d730d0dc5dc1c04effbd0c614fbed046d9bd51ddab97b054d894447e4688dbd137c9d3e71c53e349e87053f541df77acf434951a6e915ba117aa190fcb72311b2cb25fe342f9088e4d2b261356f5336b4ef66fed994abe7b373a94836e5acd47f6a8a908365c2848dbd297295a4f0c026f1ef1a5e3e969d8a150aaa8b50874e554325902b0d0f00a40fcc503a62ab816b67b88fa24114fa0ce5bfa0722bd1fe1d3d7718ba175f68e50cbe12825afdbdd934eb5e8c708f62cbecffde90585d47fe618e1aad881990711423ed4c6efb67998a6adb2e5cbc199b1a271437124d2dd5957e79e98e7008312538d17aa09fc3aaba0de6a3f2f5429c0b1d2fd0bf740840d782168f5e6fe3a9686e7a4adde7e4449fb4c3065760cc9df2451d12507e08f93a5d0e3d6e8d39ab15dce33203692d3318428dcc7a23d3e9112700ab6511d18be6857da490b5febdf8d138256740ea5ed7fb890b56f011ffecf6223c98448ffc2d8382ac9cf54fad54b437664d15ca0c2efcf133e73cc66e573c134ea1dbe84db5c2e785caf216344644029e300916246df0993e5d5143e0cfdc180c74fc0204fe8d7412892864bda0fb167520daba55891939986a322de9906f0b5e6b9e76352571bfcdf0cf448ff059c044decb536ec2741a732878601c5faa4da14fb24deaa56f55af8bb4775ca07b483dc1ef657778744d730eaa9281e2d89476e2938a8a97862eff3e88ae0adf7bb450fc7c4ffbe5edc429fdb301dc7917036ac09a7d302387c01ad62ce9ea023ed825b26e6a851048a1e707b89c7e232d473b9f640d83f4db85b445c7888d25b4c82832bfe2aef251c64e9c17445b87dc0557bcf6ad5d6be5c165275ae00cd0b30b1e299db12ad14b5e3b28a242d9f19b999ff40b2946a96c6eb6711cdb4e74969031451baa2c960669d19a840490d5d740b9c241bce14a6c25c9cee63616933011875faab1f26afd6608be71dbd767e932fb22f55924df199d9e5aeec0ea120204af4f2bc567253fcffe638d5959999ae411cc2c20969453a02783291c6fe9afe4af4dd01db4a2351296c486c15c1b41ed740fbf0da2ee902f65d2768f9f40f45aef73a06cbf75f5129e8ea1549a0abe0c0cae447ab08a009a4c428d241500676471662733079affb61cd7efc804111676eb72e043ff0389312f5810e9c2b7f4a8e7db630fc791db7f78aa886493aa5484879d3a00b93108e024be7fc1adc90127e33ea13b4d122feb18c5f4f8d252edc65b9c3296ec88e089ccc8614d57b5d5ce9c08223e41893738e8da4505ed757542f64217a791b114aaf9869942fc620dfca8faaca093dcd3777bbae0e5220cb66caacbeea6df75eca902fd0d1e308c9e508011ec018821d04c84db215d18272651a58b38797a2a0dc499f079c1a09d9c39151ae2518e872e91fd79c609eb4b01bc58ac50d51c4216479bbf2844625832b60e4fc91597bc28299a97ff5f1f0e4b53c58eead6923135c3026dd23044f3cb03ead802b23c25a573c3c5a2aa84c04e09b323b312d977f0af42d14e4c687f595438dbd857bb7450fc3fdaea91cc9a4c6a8b7b66eda64dbfdabe015893430f5ea58103ec36e6a6f531ddd8bf5c3bc4cc6ce77dbbd25ed5d349c145afdefa112b1278ca07b7a63429c7908465df7085fd116e0115a6331d0eec7eb062d22ba13e9d75b625c699e278624711cbf4cad96764b99fa70a0c789d389fd69aedb5d517d496477d19782ad428d1a540e710cc263d458b3a33aaf58f87bea0b66fd2aeb85897c13664108093de5e1ef50a9677de55fc57d6c49bfbacf75fe3afdc9d1b5d891b035e423f19a91f050d9a00ab4b8b2dd803a9eef4b059c7848858ea722212fba3f15352fbd10033268fc72bcadfd8dccf17f8994790c6cdf6ece1129333a4fe57844168b40e8a8773c892ab67a96dce64f8e97b464ca4b5cfb66989d2c1f53bde2be826639c605e696055f39d021b6b53c57d9dc1e64042746bfdd45da3293dd20fb1c36c5e8bef20b10db4ef10881785580d07bb2f65591fa16e2897642de4ecd111dd370e9d87960614f67c7f25c53bb0b7def7a2c29d20c7d378becc004aa25bdaf51d3b64b6fe93ce6c3fa39b7371c9de6aa258b3a0f132f2979de59bc34667ca7cbde12d786103a6a4e547f1ae9bae68c716252b8d65f860f26ca4748650a8f769a06f7228b140c9d2e9538807550aaa3db82cc2ac1c132bcb8c4a9c0b3fc504310fc5fddea3a5e570119973b887db6bcd7d08969a24a05167c96618edf7b26886207521c346bdf6cd5d94f0fdaba75a5daacb5526469b0df50399607b1d2d0d80386e763e4dce1689971d15bac9c8027a57996062cc3b9099e6690505435578bac36659030716158194abacdd6186218a3a5d0dcdc06ffd75344964c0f25dafc97c0b2ca53309333bc2e3cfb85f53bfb82bf6e95b88ef995805db24a6c927e69d85edd4a075e0230f3d8a38e8c85e2d39caf08526fbae71c87e6bb5143d7880859ecb2044245612621d9af709c45c0dfd9accceab28c4d6d14524e56665c07402a98e87729f30ec2bcbd4092e26f7b303e23ea711ff4b2d7fa800281e4fd32423688c5494515cfa3c97b287e1967af9af269e4dbc7f5a15b81fc9f20b7abd407b4e10e7f5b919abe7dfa7bc1444cd760482cd6c81a7f69993e9bb1d0b0109ea997654ea5b33e19bb9408fc7387fc61c02319136fac7a5b989abaa19b8ab1d1afd4b57cc87f293675b79bf46d51c3cefbf4b893350f0e928a9b539aa0462a2efd698c4e48096531a651fa117c8b8dbd9f51621c1fb5b9d9305fcb71fade4487922558b5452bbdde2375b2146786c47c5a784c530480b72b481b266c80bf779219a9756e0a6d7086260d906823a6d4b7f3cb504253fe5937eaac74a7fe4dad639440c375364b23dba53516be920161d9f6ca46c2ba83972a9aaf7cb1fac8900edd03f46f5a6a4ceb86d22437499e82d3dc67b1c2c45c743f498213276ce4861f6b6915416aec026fefbff10788db9e28456a0799e4ded1a0b188c532e0cbd3b371773f4f61ec171c982e771c27316ac47a3c63900076e5fac2803dd9a07fe84f72bc72f70daa0ad16cb231f62a09317ea9806e1f2f12743fa30c191ac3d8885c30f356c4d7a0de6b6863ea53755abbc0099a1eeeb2a1ba3481eff7f1d34f6c65c11648c5f0fca72262a221272e976e6c2d0bbb5ed208e4c77c9a161268acee401880ddec9375f21f3492d5f432a9119035bf7a523a116d57e97a93ec675981c15fc47e1a9584919ce418e9603df37998f643bf593db544c95c02e7512b348fdba2459780ca1885d81e6352fb4e70ab63ab7c1c46cf054169636d9d858b11268b2db929b61519cdaa61232193c3b2a565e90825f003f7296f8431fe577dd4d2de52ee528eb3d7dd945d7ec95815404713f1a551a06f56aeef17183109012463bcfaf301bcd5164699b43db8bbe3181f7331eca14ebf034b6653594152adc5ed49238a9eed6ab0bd32bdad77da6f10afe8945dda1edf571a77a9f425cb1385e965676ed8c491e0cb75d89adc7b89cfa13c88da39b8727b583fcd2d43cca1e0691e40d28883ce0b4f6a8f088e73643c6bda34c12412eba2188caa882d763a6cd81ef9c20db25baf4303b9d38c1077f5171122b1d09dc05f5dc1ecbf9ad44e827b1bce4ef8f484fb93684f1e175ee7efa0da53eea89c118133dde334dfd3bab602b51d20da16b44f9b776703c5b12c5fd92a467e0b7db47e41a846d5cb1fd1611639b6ac8d6c4b27d2dea49ae09068efaed9a8a9b11d125b027843ca30b410b55f1427e604bc1abc3225c14b5f7a9783f83014bcb5d6195955801bc765159079277aec572e1c3ab1632b165460da2e4bfe32b33b2473bc4c517ebb72d068a642d4216fc3ad3c0af673b2a621105cfc7e5a5391cafee93b87db8df616648ceb620f23f90bd137527d4cb4e1ff137dd5e35f129ebef1b7a6423af2769823524bfc889cdd8b95fbb3ca0d70f084eb92d0e62cd1a918a0b06415e3d4f3a1d56f6fe46ad8277b87d18a6781c0741dd6b96bacee981779addb0d79b310025520700bc62fc96b31cb4c1203a07860c929028cdc46487487731428119774e20ae03d1abe2128eec4889102560b25c1204609035b0a0c8d6605bb118ff12ed19bfc1bc4e8cb511f302a7b35a82310db96c57f34bc28fa90343cd3b15c25a5935ec0da9bce1f25f93e72caefd6f3b6a34d6b28c835df1083125722136420e76d14abeeaf012a511105c9e85b99d0beed74daf5a8ed66c5c6c1741c82a9e58acae72a1171502b45569387d3ff82118fcbaec25794fae54100aa5a803a9de3901e3341c143b32c829d2d9c6c685384e89ffe729262fbe51cfaa7aa7552de41b775165fff28ba5b844081dd32a12f8bbc6fd02d5f3f0110f3b251240a4ce2a74eedc7da7899c4bb3f7aa00d7bd64ce4322890d894bc77a0649a8f44b6ee3a805b008e4f636f54eb400a8249cec37b2541587e2b683221cf53eabf6258f05017e7e55c04848b7e66d85b765a9aa6b4f8304ce8ead3fb65c31f4fc7dc4c0c69761655ab7a70253771362b7a4ae1135cd38ca9691fed3a64e86593f4bc2749318f4a9c7e6d3c99ee7f85bd107e9259e632c5825da504de5deac2fac222dc335e0214791e38ebaaf7f18eabdb7d8ec8c4dfa6c62a51c1a5698040020c79912d45023d5730c462c0cc75d1a82eb69541adc909f47f0d700d41f5dfcdc19158a8c9d2306b605718e5472d44e097e3b57bc680f7d885634c6d731dfd5f4f7b18ca7cad81c2d45d08c13e3509ff839886879997993e0135a06be8d749ee7c57a3be113f5ada4be3248135147df0208b0880fbbb80efec2110599c369458ab42ade4a74018f33ddd8b4c9cf9f6cf7280fcc072208bf5bc0560217a168e51f951681469c4fa956d68f6aa1b3f2e411b03fe4face1d6ef8ebdf74c7b8ff5bd9e8e7302bad1b59799a62aab5b9dc73a2c95be7d4467407ad2877087a3fafcfbc2cb80224b1504617e6979fd99bef9f3254d5874567eddab4e8d6da7d3f281b2e8af2eeaee6a73058704ed8fc48f898e74d75968210bb58ab2598ca8afdd08e3ff50c9f97295361ea06dbc81279316e587a9ece28988bfb53665fff64c0ce40664a4766f51415bdf02a6d49c98c86480d7136a9adc0c7930952be203b68f35b45a13d3246b39a5cc8fc28963886b74678ad8c0074309cf494cee562066520f25aaa5d0c00070001000000010000000c000800000000000100000006000200050000001404060004040300fcffffff060000000500000003000000090000001f0400000000010000000000ff000000050000000004000098af000002000000010001007a000000980800000008000002000000ffff000005000000080000002a00000041a30000010000002d8cf26e0600000002000000070000000600000081000000000000007aeb0000ff00000005000000010000000000000003000000010000000000008001800000660c0000040000000700000001010000000000003400000005000000090000000600000099080000ffff0000e30e00009b0000001f00000006000000d70000000700000000000100f9ffffff02000000030000000800000003000000ffffffff058d000071000000db080000e5630000553c183e00000000060000000600000008000000400000000100000007000000000000000080000003000000fbffffff04000000fbffffff8200000076000000eed2ffff02000000010001000500000008000000060000000101000007000000090000006a0a00000300000003000000ffffffff06000000000000000180000091000000010000007f0000000200000001800000ffffffff09000000020000000400000002000000018000000500000004000000080000008100000009000000050000000000000008000000b7000000080000000200000000000000ff00000004000000020000000200000095d20000000001000180000002000000ff01000006000000018000000800000080020000040000001d000000070000000800000062000000050000007fffffffff030000ff0f00000900000001000080e1ffffff09000000ff070000010000000000f8ff05000000000000000000000000000080010001000100000002000000000000c0020000000400000000000080ffffffff0104000003000000030000000400000007000000030000000400000080000000070000000900000000000000030000001d02000008000000000000000180000005000000008000009f000000feffffff0000010000000000010400000100000001010000000000000001000000040000b000000001000080000000000080000003000000ff0f000001000000030000002a4f000001000000050000000500000001000000f8ffffff05000000008000000700000006000000050000008715000004000000060000001f000000c7090000040000000700000005000000ff070000400000000100000000000000000200000100000001000000800000000800000020000000981b00000000000000000000dde6000000020000010001000300000006000000698400000002000001040000ff00000005000000de0a00000300000009000000ffff000007000000000200001f000000090000000800000002000000000100000000000040000000010000000c000800c0ffffffffffffff0800030000000000060005002c0800000600050009910000"], 0x1d18}, 0x1, 0x0, 0x0, 0x4004000}, 0x45) (async) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'ip6tnl0\x00', &(0x7f0000000200)={'ip6tnl0\x00', r1, 0x4, 0x5, 0x7f, 0x7, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2={0xfc, 0x2, '\x00', 0x1}, 0x8000, 0x20, 0x80000000, 0xb4a}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'ip6gre0\x00', r2, 0x2f, 0x5d, 0x4, 0x6, 0x1, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8000, 0x7800, 0x80001, 0x3}}) (async) r3 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'team_slave_1\x00', 0x0}) (async) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000600)={0x5a, {{0x2, 0x4e21, @remote}}}, 0x88) r6 = dup2(0xffffffffffffffff, r5) r7 = openat(r6, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r7, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) (async) sendmsg$NFT_MSG_GETTABLE(r7, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) listen(r7, 0x8001) r8 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000500), 0x242600, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r8, 0x89f2, &(0x7f00000005c0)={'syztnl2\x00', &(0x7f0000000540)={'syztnl0\x00', r2, 0x29, 0x8, 0x7f, 0xfffffffe, 0x38, @dev={0xfe, 0x80, '\x00', 0x20}, @mcast1, 0x80, 0x700, 0x8, 0x8}}) (async) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000700)=ANY=[@ANYRESDEC, @ANYRES32=r3, @ANYRESDEC=r0], 0x34}}, 0x4091) (async) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000140)='highspeed\x00', 0xa) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000400)={'ip6tnl0\x00', &(0x7f0000000380)={'syztnl2\x00', r4, 0x2f, 0x4, 0x97, 0x800, 0x20, @ipv4={'\x00', '\xff\xff', @multicast2}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8001, 0x40, 0x5, 0x1}}) 02:05:59 executing program 2: syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x44f, 0xb323, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0xa0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) 02:05:59 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000001300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="8b", 0x1) recvmmsg(r1, &(0x7f0000006100)=[{{&(0x7f0000000100)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000000300), 0x0, &(0x7f0000000340)=""/120, 0x6f}}], 0x4000000000003b8, 0x0, 0x0) [ 224.593989][ T39] audit: type=1400 audit(1662861959.414:136): avc: denied { bind } for pid=4202 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 224.594875][ T4204] "syz-executor.1" (4204) uses obsolete ecb(arc4) skcipher 02:05:59 executing program 0: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = dup(0xffffffffffffffff) write$6lowpan_enable(r0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='cgroup.events\x00', 0x275a, 0x0) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000140012800b0001006261746164760000031902800a000100bbbbbbbbbbbb"], 0x40}}, 0x0) [ 224.640296][ T39] audit: type=1400 audit(1662861959.434:137): avc: denied { read write } for pid=4210 comm="syz-executor.2" name="raw-gadget" dev="devtmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 224.669625][ T39] audit: type=1400 audit(1662861959.434:138): avc: denied { open } for pid=4210 comm="syz-executor.2" path="/dev/raw-gadget" dev="devtmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 224.697942][ T39] audit: type=1400 audit(1662861959.434:139): avc: denied { ioctl } for pid=4210 comm="syz-executor.2" path="/dev/raw-gadget" dev="devtmpfs" ino=760 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 224.722613][ T39] audit: type=1400 audit(1662861959.484:140): avc: denied { accept } for pid=4202 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 224.740243][ T39] audit: type=1400 audit(1662861959.494:141): avc: denied { setopt } for pid=4202 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 224.758148][ T39] audit: type=1400 audit(1662861959.504:142): avc: denied { read } for pid=4202 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 224.774351][ T39] audit: type=1400 audit(1662861959.504:143): avc: denied { prog_run } for pid=4194 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 224.776227][ T4213] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. 02:05:59 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000001300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="8b", 0x1) recvmmsg(r1, &(0x7f0000006100)=[{{&(0x7f0000000100)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000000300), 0x0, &(0x7f0000000340)=""/120, 0x6f}}], 0x4000000000003b8, 0x0, 0x0) [ 224.828155][ T4216] "syz-executor.1" (4216) uses obsolete ecb(arc4) skcipher 02:05:59 executing program 3: r0 = syz_io_uring_setup(0x184, &(0x7f00000002c0), &(0x7f00001e7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x3938700}, 0x1, 0x1}, 0x0) io_uring_enter(r0, 0x3dfd, 0x0, 0x0, 0x0, 0x0) [ 224.854609][ T39] audit: type=1400 audit(1662861959.674:144): avc: denied { create } for pid=4217 comm="syz-executor.3" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 224.874876][ T39] audit: type=1400 audit(1662861959.674:145): avc: denied { map } for pid=4217 comm="syz-executor.3" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=35043 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 224.900838][ T3763] usb 7-1: new high-speed USB device number 2 using dummy_hcd 02:05:59 executing program 1: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x5) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 02:05:59 executing program 3: r0 = syz_io_uring_setup(0x184, &(0x7f00000002c0), &(0x7f00001e7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x3938700}, 0x1, 0x1}, 0x0) io_uring_enter(r0, 0x3dfd, 0x0, 0x0, 0x0, 0x0) [ 225.079894][ T4220] mkiss: ax0: crc mode is auto. [ 225.152410][ T3763] usb 7-1: Using ep0 maxpacket: 8 02:06:00 executing program 0: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = dup(0xffffffffffffffff) write$6lowpan_enable(r0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='cgroup.events\x00', 0x275a, 0x0) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000140012800b0001006261746164760000031902800a000100bbbbbbbbbbbb"], 0x40}}, 0x0) [ 225.270864][ T3763] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 225.278977][ T3763] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 225.300715][ T4225] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 225.530315][ T3763] usb 7-1: string descriptor 0 read error: -22 [ 225.535189][ T3763] usb 7-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.40 [ 225.542332][ T3763] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 225.608286][ T3763] usbhid 7-1:1.0: can't add hid device: -22 [ 225.612477][ T3763] usbhid: probe of 7-1:1.0 failed with error -22 [ 225.813836][ T3761] usb 7-1: USB disconnect, device number 2 02:06:01 executing program 1: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x5) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 02:06:01 executing program 0: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_writev(0x0, &(0x7f0000000580)=[{&(0x7f0000000480)=""/44, 0x2c}, {&(0x7f00000004c0)=""/142, 0x8e}], 0x2, &(0x7f0000000700)=[{&(0x7f00000005c0)=""/237, 0xed}, {&(0x7f00000006c0)=""/19, 0x13}], 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x724) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x184, &(0x7f00000002c0), &(0x7f00001e7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x3938700}, 0x1, 0x1}, 0x0) io_uring_enter(r2, 0x3dfd, 0x0, 0x0, 0x0, 0x0) 02:06:01 executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='cgroup.events\x00', 0x275a, 0x0) ioctl$FITRIM(r2, 0xc0185879, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), r1) dup(0xffffffffffffffff) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000140012800b0001006261746164760000031902800a000100bbbb"], 0x40}}, 0x0) 02:06:01 executing program 3: r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x4f, 0x92, 0xb9, 0x8, 0x1557, 0x7720, 0xb7eb, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x27, 0x85, 0xe6}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000001340)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)={0x40, 0x13, 0x6, @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000740)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="800002"], 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000500)={0x2c, &(0x7f0000000280)={0x0, 0x0, 0x1, "a1"}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) [ 226.363725][ T4229] mkiss: ax0: crc mode is auto. [ 226.382115][ T4232] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. 02:06:01 executing program 1: syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x44f, 0xb323, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}, {{}, [{}]}}}]}}]}}, 0x0) [ 226.650113][ T3761] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 226.780318][ T974] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 226.910491][ T3761] usb 8-1: Using ep0 maxpacket: 8 [ 227.033662][ T3761] usb 8-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 227.039482][ T974] usb 6-1: Using ep0 maxpacket: 8 [ 227.043600][ T3761] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.070844][ T3761] usb 8-1: config 0 descriptor?? [ 227.160274][ T974] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 227.340742][ T974] usb 6-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.40 [ 227.349872][ T974] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 227.359802][ T974] usb 6-1: Product: syz [ 227.363815][ T974] usb 6-1: Manufacturer: syz [ 227.367724][ T974] usb 6-1: SerialNumber: syz 02:06:02 executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='cgroup.events\x00', 0x275a, 0x0) ioctl$FITRIM(r2, 0xc0185879, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), r1) dup(0xffffffffffffffff) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000140012800b0001006261746164760000031902800a000100bbbb"], 0x40}}, 0x0) 02:06:02 executing program 0: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_writev(0x0, &(0x7f0000000580)=[{&(0x7f0000000480)=""/44, 0x2c}, {&(0x7f00000004c0)=""/142, 0x8e}], 0x2, &(0x7f0000000700)=[{&(0x7f00000005c0)=""/237, 0xed}, {&(0x7f00000006c0)=""/19, 0x13}], 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x724) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x184, &(0x7f00000002c0), &(0x7f00001e7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x3938700}, 0x1, 0x1}, 0x0) io_uring_enter(r2, 0x3dfd, 0x0, 0x0, 0x0, 0x0) [ 227.412774][ T974] usbhid 6-1:1.0: couldn't find an input interrupt endpoint [ 227.440880][ T4240] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 227.614785][ T974] usb 6-1: USB disconnect, device number 2 02:06:02 executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_writev(0x0, &(0x7f0000000580)=[{&(0x7f0000000480)=""/44, 0x2c}, {&(0x7f00000004c0)=""/142, 0x8e}], 0x2, &(0x7f0000000700)=[{&(0x7f00000005c0)=""/237, 0xed}, {&(0x7f00000006c0)=""/19, 0x13}], 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x724) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x184, &(0x7f00000002c0), &(0x7f00001e7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x3938700}, 0x1, 0x1}, 0x0) io_uring_enter(r2, 0x3dfd, 0x0, 0x0, 0x0, 0x0) 02:06:03 executing program 0: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_writev(0x0, &(0x7f0000000580)=[{&(0x7f0000000480)=""/44, 0x2c}, {&(0x7f00000004c0)=""/142, 0x8e}], 0x2, &(0x7f0000000700)=[{&(0x7f00000005c0)=""/237, 0xed}, {&(0x7f00000006c0)=""/19, 0x13}], 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x724) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x184, &(0x7f00000002c0), &(0x7f00001e7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x3938700}, 0x1, 0x1}, 0x0) io_uring_enter(r2, 0x3dfd, 0x0, 0x0, 0x0, 0x0) [ 230.210350][ T3761] asix 8-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 230.216785][ T3761] asix 8-1:0.0 (unnamed net_device) (uninitialized): Failed to write Medium Mode mode to 0x0306: ffffffb9 [ 230.225426][ T3761] asix: probe of 8-1:0.0 failed with error -71 [ 230.232617][ T3761] usb 8-1: USB disconnect, device number 2 02:06:05 executing program 3: syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x44f, 0xb323, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x4, 0x1, 0x3, 0x1, 0x6, 0x1, {0x9, 0x21, 0xd0}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x8, 0x80}}}}}]}}]}}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x2, [{0x2, &(0x7f0000000100)=@string={0x2}}, {0x4, &(0x7f0000000200)=@lang_id={0x4}}]}) 02:06:05 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000001c0), 0x82, 0x0) write$FUSE_GETXATTR(r0, &(0x7f00000000c0)={0x18}, 0xffffff54) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0xc004500a, &(0x7f0000000100)) r1 = syz_io_uring_setup(0x1229, &(0x7f0000000240), &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ee9000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000040)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}, 0x0) io_uring_enter(r1, 0x450e, 0x0, 0x0, 0x0, 0x0) r3 = open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0) sendfile(r3, 0xffffffffffffffff, 0x0, 0x8000000a) 02:06:05 executing program 1: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_writev(0x0, &(0x7f0000000580)=[{&(0x7f0000000480)=""/44, 0x2c}, {&(0x7f00000004c0)=""/142, 0x8e}], 0x2, &(0x7f0000000700)=[{&(0x7f00000005c0)=""/237, 0xed}, {&(0x7f00000006c0)=""/19, 0x13}], 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x724) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x184, &(0x7f00000002c0), &(0x7f00001e7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x3938700}, 0x1, 0x1}, 0x0) io_uring_enter(r2, 0x3dfd, 0x0, 0x0, 0x0, 0x0) 02:06:05 executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='cgroup.events\x00', 0x275a, 0x0) ioctl$FITRIM(r2, 0xc0185879, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), r1) dup(0xffffffffffffffff) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000140012800b0001006261746164760000031902800a000100bbbb"], 0x40}}, 0x0) [ 230.756440][ T4261] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 230.923663][ T39] kauditd_printk_skb: 7 callbacks suppressed [ 230.923675][ T39] audit: type=1800 audit(1662861965.744:153): pid=4266 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1164 res=0 errno=0 02:06:05 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f00000003c0)=[{&(0x7f00000002c0)="eb3c906d6b66732e6661740002", 0xd}, {&(0x7f0000000300)="8f5907ec998d453faf3a923325e49974de1c53e55793a8bf29681a7e1e1d02b624a80440c629a85ed97b23ae432e287f56a5be984e4326ad71bc04c758e7b236e9551a2f139da667b449f54683", 0x4d, 0x2}], 0x2040000, 0x0) chdir(0x0) creat(&(0x7f0000000440)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x81) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r0, 0x800) lseek(r0, 0x200, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) r1 = open(&(0x7f0000000140)='./bus\x00', 0xac102, 0x0) sendfile(r0, r1, 0x0, 0x10000) open_tree(0xffffffffffffffff, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) [ 231.001248][ T39] audit: type=1800 audit(1662861965.824:154): pid=4268 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1165 res=0 errno=0 [ 231.015553][ T3761] usb 8-1: new high-speed USB device number 3 using dummy_hcd 02:06:05 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f00000003c0)=[{0x0}, {&(0x7f0000000300)="8f5907ec998d453faf3a923325e49974de1c53e55793a8bf29681a7e1e1d02b624a80440c629a85ed97b23ae432e287f56a5be984e4326ad71bc04c758e7b236e9551a2f139da667b449f54683", 0x4d, 0x2}], 0x2040000, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') creat(&(0x7f0000000440)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x81) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000020850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='rxrpc_abort\x00', r2}, 0x10) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x80) r3 = open(&(0x7f0000000140)='./bus\x00', 0xac102, 0x0) sendfile(r1, r3, 0x0, 0x10000) open_tree(0xffffffffffffffff, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) [ 231.234800][ T39] audit: type=1800 audit(1662861966.054:155): pid=4272 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1167 res=0 errno=0 [ 231.280965][ T3761] usb 8-1: Using ep0 maxpacket: 8 [ 231.420559][ T3761] usb 8-1: config 1 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 231.431060][ T3761] usb 8-1: config 1 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0 [ 231.438071][ T3761] usb 8-1: config 1 interface 0 has no altsetting 0 [ 231.480536][ T3761] usb 8-1: language id specifier not provided by device, defaulting to English [ 231.600541][ T3761] usb 8-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.40 [ 231.617712][ T3761] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 231.630366][ T3761] usb 8-1: Product: syz [ 231.635386][ T3761] usb 8-1: SerialNumber: syz 02:06:06 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000001c0), 0x82, 0x0) write$FUSE_GETXATTR(r0, &(0x7f00000000c0)={0x18}, 0xffffff54) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0xc004500a, &(0x7f0000000100)) r1 = syz_io_uring_setup(0x1229, &(0x7f0000000240), &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ee9000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000040)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}, 0x0) io_uring_enter(r1, 0x450e, 0x0, 0x0, 0x0, 0x0) r3 = open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0) sendfile(r3, 0xffffffffffffffff, 0x0, 0x8000000a) 02:06:06 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f00000003c0)=[{&(0x7f00000002c0)="eb3c906d6b66732e6661740002", 0xd}, {&(0x7f0000000300)="8f5907ec998d453faf3a923325e49974de1c53e55793a8bf29681a7e1e1d02b624a80440c629a85ed97b23ae432e287f56a5be984e4326ad71bc04c758e7b236e9551a2f139da667b449f54683", 0x4d, 0x2}], 0x2040000, 0x0) chdir(0x0) creat(&(0x7f0000000440)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x81) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r0, 0x800) lseek(r0, 0x200, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) r1 = open(&(0x7f0000000140)='./bus\x00', 0xac102, 0x0) sendfile(r0, r1, 0x0, 0x10000) open_tree(0xffffffffffffffff, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) [ 231.848025][ T39] audit: type=1800 audit(1662861966.664:156): pid=4278 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1164 res=0 errno=0 [ 231.963388][ T3761] usbhid 8-1:1.0: can't add hid device: -22 [ 231.967822][ T3761] usbhid: probe of 8-1:1.0 failed with error -22 [ 231.976422][ T3761] usb 8-1: USB disconnect, device number 3 [ 231.997323][ T39] audit: type=1800 audit(1662861966.814:157): pid=4280 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1160 res=0 errno=0 02:06:07 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f00000003c0)=[{0x0}, {&(0x7f0000000300)="8f5907ec998d453faf3a923325e49974de1c53e55793a8bf29681a7e1e1d02b624a80440c629a85ed97b23ae432e287f56a5be984e4326ad71bc04c758e7b236e9551a2f139da667b449f54683", 0x4d, 0x2}], 0x2040000, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') creat(&(0x7f0000000440)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x81) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000020850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='rxrpc_abort\x00', r2}, 0x10) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x80) r3 = open(&(0x7f0000000140)='./bus\x00', 0xac102, 0x0) sendfile(r1, r3, 0x0, 0x10000) open_tree(0xffffffffffffffff, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) [ 232.383443][ T39] audit: type=1800 audit(1662861967.204:158): pid=4284 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1167 res=0 errno=0 02:06:07 executing program 3: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000001c0), 0x82, 0x0) write$FUSE_GETXATTR(r0, &(0x7f00000000c0)={0x18}, 0xffffff54) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0xc004500a, &(0x7f0000000100)) r1 = syz_io_uring_setup(0x1229, &(0x7f0000000240), &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ee9000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000040)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}, 0x0) io_uring_enter(r1, 0x450e, 0x0, 0x0, 0x0, 0x0) r3 = open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0) sendfile(r3, 0xffffffffffffffff, 0x0, 0x8000000a) 02:06:07 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000001c0), 0x82, 0x0) write$FUSE_GETXATTR(r0, &(0x7f00000000c0)={0x18}, 0xffffff54) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0xc004500a, &(0x7f0000000100)) r1 = syz_io_uring_setup(0x1229, &(0x7f0000000240), &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ee9000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000040)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}, 0x0) io_uring_enter(r1, 0x450e, 0x0, 0x0, 0x0, 0x0) r3 = open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0) sendfile(r3, 0xffffffffffffffff, 0x0, 0x8000000a) [ 232.788085][ T39] audit: type=1800 audit(1662861967.604:159): pid=4294 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1164 res=0 errno=0 [ 232.819192][ T39] audit: type=1800 audit(1662861967.634:160): pid=4295 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1168 res=0 errno=0 02:06:08 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e2205091440"], 0x25) 02:06:08 executing program 2: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000001c0), 0x82, 0x0) write$FUSE_GETXATTR(r0, &(0x7f00000000c0)={0x18}, 0xffffff54) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0xc004500a, &(0x7f0000000100)) r1 = syz_io_uring_setup(0x1229, &(0x7f0000000240), &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ee9000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000040)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}, 0x0) io_uring_enter(r1, 0x450e, 0x0, 0x0, 0x0, 0x0) r3 = open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0) sendfile(r3, 0xffffffffffffffff, 0x0, 0x8000000a) 02:06:08 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e2205091440"], 0x25) 02:06:08 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e2205091440"], 0x25) 02:06:08 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e2205091440"], 0x25) [ 233.458271][ T39] audit: type=1800 audit(1662861968.274:161): pid=4308 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1159 res=0 errno=0 02:06:08 executing program 1: 02:06:08 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000001c0), 0x82, 0x0) write$FUSE_GETXATTR(r0, &(0x7f00000000c0)={0x18}, 0xffffff54) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0xc004500a, &(0x7f0000000100)) r1 = syz_io_uring_setup(0x1229, &(0x7f0000000240), &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ee9000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000040)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}, 0x0) io_uring_enter(r1, 0x450e, 0x0, 0x0, 0x0, 0x0) r3 = open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0) sendfile(r3, 0xffffffffffffffff, 0x0, 0x8000000a) 02:06:08 executing program 3: prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setattr(r0, &(0x7f0000000100)={0x38, 0x6, 0x0, 0x0, 0xc6, 0x0, 0x101, 0x0, 0x0, 0x2}, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000003b80)={0x9, 0x5, &(0x7f0000002300)=ANY=[@ANYBLOB="180000000300000000e7"], &(0x7f0000003a40)='GPL\x00', 0xfd, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x6, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000003b40)}, 0x80) r3 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000940)='./file0\x00', 0x100000000000, 0x2, &(0x7f00000000c0)=[{&(0x7f0000000340)="eb3c906d8d6673fdd2617400028001000240000004f801", 0x17}, {&(0x7f0000000000)="57595a3a030000000000004f1df1df001c006f267ae49a0000000000002db4cc7e0000e2ff", 0x25, 0x600}], 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB]) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x0) [ 233.749599][ T4315] loop3: detected capacity change from 0 to 264192 [ 233.846941][ T39] audit: type=1800 audit(1662861968.664:162): pid=4317 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1161 res=0 errno=0 02:06:09 executing program 1: 02:06:09 executing program 1: 02:06:09 executing program 1: syz_emit_vhci(0x0, 0x25) 02:06:09 executing program 2: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000001c0), 0x82, 0x0) write$FUSE_GETXATTR(r0, &(0x7f00000000c0)={0x18}, 0xffffff54) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0xc004500a, &(0x7f0000000100)) r1 = syz_io_uring_setup(0x1229, &(0x7f0000000240), &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ee9000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000040)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}, 0x0) io_uring_enter(r1, 0x450e, 0x0, 0x0, 0x0, 0x0) r3 = open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0) sendfile(r3, 0xffffffffffffffff, 0x0, 0x8000000a) 02:06:09 executing program 1: syz_emit_vhci(0x0, 0x25) 02:06:09 executing program 3: prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setattr(r0, &(0x7f0000000100)={0x38, 0x6, 0x0, 0x0, 0xc6, 0x0, 0x101, 0x0, 0x0, 0x2}, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000003b80)={0x9, 0x5, &(0x7f0000002300)=ANY=[@ANYBLOB="180000000300000000e7"], &(0x7f0000003a40)='GPL\x00', 0xfd, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x6, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000003b40)}, 0x80) r3 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000940)='./file0\x00', 0x100000000000, 0x2, &(0x7f00000000c0)=[{&(0x7f0000000340)="eb3c906d8d6673fdd2617400028001000240000004f801", 0x17}, {&(0x7f0000000000)="57595a3a030000000000004f1df1df001c006f267ae49a0000000000002db4cc7e0000e2ff", 0x25, 0x600}], 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB]) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x0) 02:06:09 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000080), 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "29496c15ab72b348f3e9bcd67a1d93119d7700ed62dc39ae447b034893cc8fae1e3d076271b80e708d33ff42a3ffe29938d6cceb029042f60f871d1b729347b3", "1508d8f838cedfab81c58c68e06b54341150be9fa6cdc32a2c542dcb89bb0edbccf1d4fe52c78ff5c73931acc4c9c058bfbe29cbf1fc31923afa59334c0d14cf", "94520f598d9db18443510bdcc93f06c738d7dcf6e125d37e4a57bbfbae80dbdf"}) 02:06:09 executing program 1: syz_emit_vhci(0x0, 0x25) [ 234.815307][ T4335] loop3: detected capacity change from 0 to 264192 02:06:10 executing program 2: syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1}}]}}, &(0x7f0000000440)={0x0, 0x0, 0x11, &(0x7f00000000c0)={0x5, 0xf, 0x11, 0x1, [@ssp_cap={0xc}]}}) 02:06:10 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0x25) 02:06:10 executing program 0: syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x44f, 0xb323, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) 02:06:10 executing program 3: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x184, &(0x7f00000002c0), &(0x7f00001e7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x3938700}, 0x1, 0x1}, 0x0) io_uring_enter(r2, 0x3dfd, 0x0, 0x0, 0x0, 0x0) 02:06:10 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0x25) 02:06:10 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0x25) 02:06:10 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0x25) 02:06:11 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0x25) [ 236.280365][ T172] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 236.280667][ T3761] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 236.540337][ T172] usb 7-1: Using ep0 maxpacket: 16 [ 236.570231][ T3761] usb 5-1: Using ep0 maxpacket: 8 [ 236.704253][ T3761] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 236.750461][ T172] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 236.933238][ T172] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 236.940517][ T172] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 236.949732][ T172] usb 7-1: Product: syz [ 236.964615][ T172] usb 7-1: Manufacturer: syz [ 236.970921][ T172] usb 7-1: SerialNumber: syz [ 237.010577][ T3761] usb 5-1: string descriptor 0 read error: -22 [ 237.015428][ T3761] usb 5-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.40 [ 237.023349][ T3761] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 237.081890][ T3761] usbhid 5-1:1.0: couldn't find an input interrupt endpoint [ 237.224895][ T971] usb 7-1: USB disconnect, device number 3 [ 237.284020][ T29] usb 5-1: USB disconnect, device number 2 02:06:12 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0x25) 02:06:13 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000001c0), 0x82, 0x0) write$FUSE_GETXATTR(r0, &(0x7f00000000c0)={0x18}, 0xffffff54) r1 = syz_io_uring_setup(0x0, &(0x7f0000000240), &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ee9000/0x4000)=nil, 0x0, &(0x7f0000000040)) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) io_uring_enter(r1, 0x450e, 0x0, 0x0, 0x0, 0x0) 02:06:13 executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x184, &(0x7f00000002c0), &(0x7f00001e7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x3938700}, 0x1, 0x1}, 0x0) io_uring_enter(r2, 0x3dfd, 0x0, 0x0, 0x0, 0x0) 02:06:13 executing program 3: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x184, &(0x7f00000002c0), &(0x7f00001e7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x3938700}, 0x1, 0x1}, 0x0) io_uring_enter(r2, 0x3dfd, 0x0, 0x0, 0x0, 0x0) 02:06:13 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e2205"], 0x25) 02:06:13 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e2205"], 0x25) 02:06:14 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x4c}]}}, &(0x7f00000001c0)=""/236, 0x2a, 0xec, 0x1}, 0x20) 02:06:14 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e2205"], 0x25) 02:06:14 executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x14, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 02:06:14 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0xa000000}]}}, &(0x7f00000001c0)=""/236, 0x2a, 0xec, 0x1}, 0x20) 02:06:14 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x0, 0x0, 0x7}]}}, &(0x7f00000001c0)=""/236, 0x2a, 0xec, 0x1}, 0x20) 02:06:14 executing program 2: r0 = socket(0x1, 0x2, 0x0) r1 = epoll_create(0x6) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140)) 02:06:14 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e22050914"], 0x25) 02:06:14 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00', 0x2}) write$tun(r0, &(0x7f00000001c0)={@val, @void, @mpls={[], @ipv6=@udp={0x0, 0x6, "0e7bce", 0x48, 0x11, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', {[], {0x0, 0x0, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "d3615f912ccac417ede31c983a1223e3027ac9cf2ae93ec9", "55cfbde33731e4300f838872934da38f7b7711da8c9f34625e56f5f7ba8fb6cd"}}}}}}, 0x74) 02:06:14 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e22050914"], 0x25) 02:06:14 executing program 2: socket$inet6(0xa, 0xfa0ce09652f3f35f, 0x0) 02:06:14 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1e, 0x0, 0x8, 0xffff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xf000000}, 0x48) 02:06:14 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000140)={'team0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r1, 0x1, 0x6, @link_local}, 0x10) 02:06:14 executing program 1: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e22050914"], 0x25) [ 239.613950][ T4388] device team0 entered promiscuous mode [ 239.618699][ T4388] device team_slave_0 entered promiscuous mode [ 239.624913][ T4388] device team_slave_1 entered promiscuous mode [ 239.630702][ T4386] device team0 left promiscuous mode [ 239.635684][ T4386] device team_slave_0 left promiscuous mode [ 239.644947][ T4386] device team_slave_1 left promiscuous mode [ 239.941401][ T4398] device team0 entered promiscuous mode [ 239.947517][ T39] kauditd_printk_skb: 1 callbacks suppressed 02:06:14 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000140)={@rand_addr, @multicast2}, 0xc) 02:06:14 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000140)={'team0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r1, 0x1, 0x6, @link_local}, 0x10) 02:06:14 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000c40), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)={0x2c, r1, 0x1, 0x0, 0x0, {0xd}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}}, 0x0) [ 239.947528][ T39] audit: type=1400 audit(1662861974.764:164): avc: denied { setopt } for pid=4395 comm="syz-executor.3" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 239.950394][ T4398] device team_slave_0 entered promiscuous mode [ 239.980337][ T4398] device team_slave_1 entered promiscuous mode [ 239.991965][ T4397] device team0 left promiscuous mode [ 240.009427][ T4397] device team_slave_0 left promiscuous mode [ 240.014309][ T4397] device team_slave_1 left promiscuous mode 02:06:14 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000140)={'team0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r1, 0x1, 0x6, @link_local}, 0x10) 02:06:14 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000c40), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)={0x2c, r1, 0x1, 0x0, 0x0, {0xd}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}}, 0x0) 02:06:14 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)={0x20, r1, 0x1, 0x0, 0x0, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0xc}]}]}, 0x20}}, 0x0) 02:06:14 executing program 1: syz_emit_ethernet(0xfc0, &(0x7f0000000300)={@dev, @random="2cfb6bd82784", @val={@void}, {@mpls_mc={0x8848, {[], @ipv4=@gre={{0x5, 0x4, 0x0, 0x0, 0xfae, 0x0, 0x0, 0x0, 0x2f, 0x0, @remote, @private}, {{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [], "520061b7a07ab95a8bbb04cc05e32a74128879c904fece72ee1a16873f0038bac39e44873bf262e9d95db33c3938db1f00adb3a5579880c3d537e26062cf56ec87d11bdc108b19293f5cfad9d5ab0e6b78e83f204d4f7f446a903cf8ea029b933b18d875ad37dfc934eaa728a6315a5be5746a95796198dfc028a6008a5052a6f6fa407d009f313249dc0ed39bc0404bee2e79b9c4e8780f6862b4f78cecfd67c000d55c5fc25d43a842aa7b6d1810e7093521e03d292eb8653eb1bdf5866c99cbd84bfa4c99475fb5e927c22e4a286d55a15cfaa0e933796a8f09e6b6f925bd724ddc153db0ff40e2b3ecb2d02c7642ad876b4172433bc3601298a9b55ceec1b1fd6e80d913c88fad08e8cfb46f6fb0bf19d98a946d7be9de561b1186820bbd3a0351a850eee312526ffdd33a919f1f44df41197970f9cdbcbc8af53e7815cf4fa6f1f94c86cb06b8412f29cab1807a10135f199cee802d59d76fa97781bf21e8c131fc2aca5edfa47a377c31368114eba79eace275dfdf829c5de627cb85114d1ae21b95d343ec874fd0978074fcd9e93d09306a2e73b5059ef8d95178c82dfcce97fddff3236e0334aab8a6462d779f8af97dcb24ea7d5698efe3cc34b806368a20fed98988bf6b82eb2b24f9b6a102352a94f7c7298d66331566104d8dd88048ab3d57122206a5dabe47fd40d5ab14b9cf62a0d6170bbb8b73d36cf0c21e8b308c5efaf66575747168edf45bea615988fce1acc183699c013b90a8705d6011012d65ed336ebc6593b3a24d6957a63cff01db23b3de0d511889ac9e82b69f6038884ce1e3b102841784f72aec642d5e8aad895805a0f20e58e87095a681d27a71cb009356490be95ea3748ca1f6d2a9628a35fbf93c4df9bb01767d6af045b32f2fda9f445eb93c36d8961f03eb86bf01c039b3159618246ab03267d66184ab051a1abc8357b3110078cd845fe340153befe44d5f378dff3f2d94ba41da69907700a7b5abee1f67fdc1951527909e7aa1209960726849e71283767c769fac9b43b22b3428fa736a7506b12650987c06fa026f25cf218a685ad14b34fba796ace9152f25fe19c04e6607e0eb7cd8cb53ad11c98829aecbb4262e5d7360f4b53aa483487af4213852c4c46adad1ddb2026dfccd4e21add84b6f7a6a9c7227caf319153f8c23f4c1c13eca59d815c46326cc79fb901ca612141cc13a5418ae162bcc0a879d21944efaf6279de0045741ec53fb606e0f3f2762046f2af7975f30d5fb0bda23de0c8fbdf68e3b081c893524f449a94a98111a75c72c160f34d23a2cb0fa0cbf7e1b4e5a53937be4e75071980b1eb6093cb0b08b80a9ef4f4481cc02473819aeac3edc0836bb5fcb3c55c5102f24e21d948b70bbc4e4e8619b38deb85cbcb56ca35ff098b8a903eb785089eaa5731c59a7deff11624e5829ee7d944b9ef7e263483e24be1312789161734721a666e1540f7b70583d4ad315a3820e5574aceb5311e8194da05152572a02f7eb65397a10a381876c672ad4b868aa5efbadab54e0702753b30ab677aa711e3b83c27cb615a32eb04c3411374a9b335093b22a73f1f5921b837d0ab5953e7a079f27aeb749218a31503687d00d3e65684219b8e993dccba4ba15a7bc944f3d9b30d7d72e8e02ec5da846a32cbdbebbea6dad412a8cfc9b9632f9bf5603736131c4da3a5211607029a742c4292166bacbe3630bb10c5247990e2ff5359145162b2f8c7c3313ebf9379709ad38c9bc8108f43f09c3267b4dc8a7945a03ec4c21f7df789670ca03bc845a48ea10da4dfcfb8e05bf309fb15bf0ff8930d3b70d2f93d03a8245419ad63e64eca8cdb96bcb04be224e1b8d422ee36e1ad35ffba541fdb0750d0c5dbc5ad02cd017cdc9f7d79d3b9d916da30a16ebfd7318502550e5b058fe1cd12401fa90ad8555ea735208cb2599f2a1b42f637c165414fcb3226787fea57bb39c9fc14641b2da7e168af4b5ac227029ab6b5adcf514a162a2eaf067d63fe7060a41b517143580432fbb1a30b54616635182c3ad9b73a07b428222e2b6e6a8d147330eafb3f334136eb1898dfecf62d874a6ae6b20cedfa52e78a7a61edfc379c14b7aa99e7e59eccdf076ec263b66a0121f7bb72d2645b55553f1a6fd3ee9535c3896c38fd3aa6a37be874da8da8556eee55216d7eec3cff82abf9506adbbc86c5061e670a978801839da31da085431f17f77de74204b73090f30dc33e3046bb018b3eaa7520234fa3384fa596d2b7aafbcacf388d5d403461981c242afbaea15810a284e4ccb413fa3e5314e4fe0801a6326b9a4bffde64ce7992a728c7b46b12f9fbcba60272aa03631bcfbaa90cfc485b90ee7930532a81881df1be59c81cd2cf3c6441fe959cb4c49ec158193c77731946921caac2ab54ef79ef331fc2b0780320fe2adaaea1775d3b694e15a9ac7d94f922cbda8c952e9b928b4ac86acf9fed7fea2a79eece394e1eac0d7c857568cf035bf453bed3c0b8ba7c3fe6af5a2fe7d23fed0530374103e5e533e68754ff7cfc8bd4e29aedd99ef4c28e22d97b65f0ff9589c17e535b2f5a2f8115fc81bb3ea701566df09c52e6409bd573c671cebb60fe8215915308b17251c3ca72be7fee05a7e0255ef811b2b6373f0ddf57d6b40073c73e6ae50431410c702df599b70710ab27e1f834f6e36b56bd195221bf0a18aa64c8cb75218eb584cc1a80888e0130dd68dbf22cfe233e13209b7ed8b1f55e5dffe61ce297fb5bd7dac533f8ce418f03a5d700fa9b1fda1ea3252b8c872c241ee76b5207dbe1a1c37e5d3b05b6bfd4863f6aa5e0c7efdd25b1094f73988209145073cbe53469e654b25d5321754dbcd13430a40d7d4fcb729a7ded2980ca4046a3f896aa9563c41edd962bc7765ac19969e4c958697f2f444fc0fafa95da782bcf162985f6726ed1c8abba13d65ca30c73842455edc581481bb8b2014965d88ef6f53acf93c1b8b4524f74e8697a2e4352ed7ae6821321563058f03647ec1702d296c8dae0868d33ef846ccdbcf8218f5ff42ded80fd81abd83cb4baafd56e2b32bfe37bc299f11bebf0286a192cf16aaf1c096c683f41e3c512d58213bcaba60d9c2b95654dc8d4f5d8366aa3712ddbbb302a7e8aa41f86c379668c1970c663c059eafb28fe24cf1cbb26c1bef2b6601ec5d010717e88da8b32c84e0fa27b7a98b204a953d3bf97decdf597cf39607254a3ae4d6d525b94be7a7a25f0a1b20ecfd9cd58c20c11139bd6f55032d75c6cf176a3fb9a0f42f73ea056a3caa758ec64189640b5a4d87d69f96d688f9f0d44064bab482198fdb9aa336b4a015636cd8662526da3fc719eb4912e2ad05cb1dce2a5d8fb885e4df89af199a4d04bba0b589324cbfa67f8553cc7bdffb33477fbf57d84a279d5591b56b90fc2cebc9dbb50de57790ceb1d02c1d4be6ff946e6c489235c46620335d68fb271f7158a2b7370406f022dea9105ae37c1457019549bdb5c843d481b8507e2c5300d2eb3f4f50a26152eafdba09fa4b9132d833a1bfe45b89ed1ee8454d1d86edcd5dbc79d1b38da3b019f270344e50bcb464f308fe4568aef02dc91f6e0234d96a79d1d97606861963648c92a3669e27338677fa557d5d0c468689c2ac438b7638c7c56f643d8437e8fdd3bd2c15469a60d539f3d985709f95e2082ca9976a96cf5ea98a35dc7c230efa207eda016fd54d097ce277b0e2a7fdfad6f6f0c0c91babee5209355d589407e5f4c7d1b8ec6b9100f91d513f011eb9e3b29bc481637c253da2b6037021f037b14d8b711b700dce62f71b9113f8534354e9e2328cb83d607d5d1d5ddc9b3f2f0082ab7882604aaeb7143cd8e60fb26f1254f30c15eae7e0931972c3732a42764c3d54f649c4f92ed05504344e92803a62c318788cc5973b2f2f1555ebe3934517bef9040d200c8f602cd224c3742469330d11ac867ba9def02fae68d80721054409566ecc859a84a28cae9429082d020ea685ffdafd07e8ca93de365b1b0cbfd568d5b377f6f89127f32c70509b853fffe66065e041ca7b5bfdf19c65a5bb35d31d02a99577c412c3f5b1b0801661fae420dacac2a8123558249ccf754cb7341dbbe72fae301e1fd96418d94dc8974ea8da243abbbe56a83b7587e493c865291330397163173a051e2d76f7672bd57251412926155225ade3c564f3f7391e2d821b02ce7c9f9aeb65487aeb87392bf7b5e56135279bfa97b272b5f161185b721591d947d991c9e214da98311b4b746a14a2ce0a61d9c125199a30ba42340a110813934495d8ac96d09d9c5ee820a7fa664a1b62ff343f7ee702e40a29c9654647dc1e6b8f029000df86786c1ea14af686fc5ad49b1f866d70e2dbff368a5b18ffc8af7f4a6b2fdf1b6c52c392e4092ba71bb5f33965c3554ea1c5dffef44b9f326f1bafb69cf62f6f64fb36041396e8fef38b04dd6fe23de39c6bb7369a79c68776c34169e9db98ac527a192c82923dbedf682bbb2468e6e548c8555d85b0952165063980561f2be22e4f0c55325e483240dad1dcf9e799aea96253748b3ad093cf1c2a95eba02f29c63d14d69f361803780cc397974b893d6f7ed8441c4011eb7cb61a21932cfa91cfc4f4f37fd23e24b1565bab55b60684cbdd09520b8325b8a014ea7b6ea7231c352b44b295775ffbeb4620fdd33829f3edfb78fa2750a87c12c29dc24ae2f79224dbcb19db38779a3be9345676e32319524aec9661179734dbf3a399954e57c274162a92b7c5bddb17413c45e1a65e0f31c13da6262a20e9a11fc31346f4238221c58854225e7ead431ba12a607ae75e1ecdd33d2618dbf25462578978f385c9923095c0649c886c0c769e3e70d1a62b8b89d635394168a69493df21b3b68fd911b819f0e3c4af7b82cbe67b4bd27b28d3cab4b21067316534e96f48a00baa8f5f59e369d5851ef16e99ded3a720f854c695b2608dd354d4eba8bbf3b6b624ed5548cba0db6be8eb0fb772d8783b677018b457bc59a9e56f5e22b973e55ad434fbc24535287ed466e1c6293ca11c8be98028227dd0c2fa7bfebac2bf97be9e726ed983b2261f058ddd47ea39bde1946a47163ce4754e4e087482c2c52059f8fdb28365380acb2c3902e5547c5bba68f1f22f585e9dc9ced16f5cd614f27877fcab90a95e4d21906b04031ff753c5db26672bee52b968a65bccafaba3ba605a6dd78aeb75881d9fd84c29fe7710e66367a49167201c7c9b501b8cc0096d50ed127e4e1bba3f64e9835c87cc45e50904309ff1b60e3b83f61f97318183727a42df240acfc749f96625f138c7de2bdeef47fa178f7de39b0c95b4af03c7af40cc4acedfc234f3cb92343c1663df5c9d9b6cb6aba65050708c4ef24938c9f8a41d96bf25098a1aa2db254930feb35a7e087d974e36d06ff811a4830c5c"}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [0x0, 0x0]}, {}, {}, {0x8, 0x6558, 0x0, "8ec116efd8152ff351e57afe411216fce9e6dc174258c7b0ea986dd0137ffd38e486c0d22636174c13dfb0f470b5bc24a5cc5c5ac38768eba6ef5f54615fdfceae94611d219a1c159fdbded70d0b2083419b"}}}}}}}, 0x0) [ 240.125383][ T4402] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 240.129764][ T4403] device team0 entered promiscuous mode [ 240.137109][ T4403] device team_slave_0 entered promiscuous mode [ 240.145110][ T4403] device team_slave_1 entered promiscuous mode 02:06:14 executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x9, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x5}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) [ 240.166239][ T4401] device team0 left promiscuous mode [ 240.178077][ T4401] device team_slave_0 left promiscuous mode 02:06:15 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_cred(r0, 0x1, 0x1c, 0x0, &(0x7f0000000040)) [ 240.190109][ T4401] device team_slave_1 left promiscuous mode 02:06:15 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000c40), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)={0x2c, r1, 0x1, 0x0, 0x0, {0xd}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}}, 0x0) [ 240.241934][ T39] audit: type=1400 audit(1662861975.064:165): avc: denied { getopt } for pid=4410 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 02:06:15 executing program 1: syz_emit_ethernet(0xdf, &(0x7f0000000000)=ANY=[@ANYRES64], 0x0) 02:06:15 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)={0x14, r1, 0x1, 0x0, 0x0, {0x14}}, 0x14}}, 0x0) 02:06:15 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000c40), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)={0x2c, r1, 0x1, 0x0, 0x0, {0xd}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}}, 0x0) 02:06:15 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000140)={'team0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r1, 0x1, 0x6, @link_local}, 0x10) 02:06:15 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e22050914"], 0x25) 02:06:15 executing program 1: r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_ifreq(r0, 0x8931, &(0x7f0000000100)={'ipvlan0\x00', @ifru_addrs=@generic={0x1f, "e8fc0b84a3fde5d01135b6686db3"}}) [ 240.500166][ T4421] device team0 entered promiscuous mode [ 240.505541][ T4421] device team_slave_0 entered promiscuous mode 02:06:15 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e22050914"], 0x25) [ 240.535195][ T4421] device team_slave_1 entered promiscuous mode [ 240.555143][ T4420] device team0 left promiscuous mode [ 240.559152][ T4420] device team_slave_0 left promiscuous mode 02:06:15 executing program 1: bpf$BPF_BTF_GET_NEXT_ID(0x5, 0x0, 0x0) 02:06:15 executing program 0: r0 = socket(0x2, 0x805, 0x0) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000280)) 02:06:15 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e22050914"], 0x25) [ 240.590292][ T4420] device team_slave_1 left promiscuous mode 02:06:15 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_EXPBUF(r0, 0xc0405610, 0x0) 02:06:15 executing program 3: 02:06:15 executing program 0: socketpair(0x2a, 0x0, 0x0, &(0x7f00000001c0)) 02:06:15 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0) timer_delete(r0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) fsmount(0xffffffffffffffff, 0x0, 0x1) [ 240.606462][ T39] audit: type=1400 audit(1662861975.424:166): avc: denied { read write } for pid=4434 comm="syz-executor.1" name="vbi5" dev="devtmpfs" ino=924 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 240.632046][ T39] audit: type=1400 audit(1662861975.424:167): avc: denied { open } for pid=4434 comm="syz-executor.1" path="/dev/vbi5" dev="devtmpfs" ino=924 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 02:06:15 executing program 3: 02:06:15 executing program 0: socket(0x29, 0x2, 0x1) 02:06:15 executing program 2: r0 = socket(0x1, 0x805, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000001500)) [ 240.656141][ T39] audit: type=1400 audit(1662861975.424:168): avc: denied { ioctl } for pid=4434 comm="syz-executor.1" path="/dev/vbi5" dev="devtmpfs" ino=924 ioctlcmd=0x5610 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 240.671976][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:15 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0) timer_delete(r0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) fsmount(0xffffffffffffffff, 0x0, 0x1) 02:06:15 executing program 2: openat$drirender128(0xffffffffffffff9c, &(0x7f00000000c0), 0x44801, 0x0) 02:06:15 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0) timer_delete(r0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) fsmount(0xffffffffffffffff, 0x0, 0x1) [ 240.703737][ T39] audit: type=1400 audit(1662861975.474:169): avc: denied { create } for pid=4436 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 240.708663][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:15 executing program 3: [ 240.720719][ T39] audit: type=1400 audit(1662861975.544:170): avc: denied { create } for pid=4443 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 240.743371][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 240.767343][ T39] audit: type=1400 audit(1662861975.584:171): avc: denied { write } for pid=4450 comm="syz-executor.2" name="renderD128" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 240.812755][ T39] audit: type=1400 audit(1662861975.584:172): avc: denied { open } for pid=4450 comm="syz-executor.2" path="/dev/dri/renderD128" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 02:06:15 executing program 3: syz_emit_vhci(0x0, 0x25) 02:06:15 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0) timer_delete(r0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) fsmount(0xffffffffffffffff, 0x0, 0x1) 02:06:15 executing program 0: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DESTROY(r0, &(0x7f0000002300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x14, 0x15, 0x3, 0x0, 0x0, {0x3}}, 0x14}}, 0x0) 02:06:15 executing program 2: bpf$BPF_BTF_GET_NEXT_ID(0x15, 0x0, 0x0) 02:06:16 executing program 3: syz_emit_vhci(0x0, 0x25) 02:06:16 executing program 2: r0 = socket(0x2, 0x803, 0x1) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000100)) [ 241.270873][ T39] audit: type=1400 audit(1662861976.094:173): avc: denied { create } for pid=4457 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 241.294628][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:16 executing program 3: syz_emit_vhci(0x0, 0x25) 02:06:16 executing program 2: r0 = socket(0x2, 0x805, 0x0) getsockopt$PNPIPE_ENCAP(r0, 0x113, 0x1, 0x0, 0x0) 02:06:16 executing program 0: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DESTROY(r0, &(0x7f0000002300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x14, 0x15, 0x3, 0x0, 0x0, {0x3}}, 0x14}}, 0x0) 02:06:16 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0x25) 02:06:16 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0) timer_delete(r0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 241.431503][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:16 executing program 2: r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x1401, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x8}]}, 0x18}}, 0x0) 02:06:16 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0x25) [ 241.459264][ T4478] netlink: 'syz-executor.2': attribute type 8 has an invalid length. 02:06:16 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0) timer_delete(r0) 02:06:16 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0x25) 02:06:16 executing program 2: socketpair(0x2b, 0x0, 0x1, &(0x7f0000000300)) [ 241.564784][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:16 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0) timer_delete(r0) 02:06:16 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0x25) [ 241.613353][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:16 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0x25) 02:06:16 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0) timer_delete(r0) 02:06:16 executing program 0: r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000001c0)='./binderfs/binder1\x00', 0x0, 0x0) ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, 0x0) 02:06:16 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0x25) [ 241.898768][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 241.909070][ T4495] binder: 4494:4495 ioctl 40046205 0 returned -22 02:06:16 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$SIOCX25SSUBSCRIP(0xffffffffffffffff, 0x89e1, &(0x7f00000003c0)={'batadv_slave_1\x00'}) connect$inet(0xffffffffffffffff, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000040)=[{0x0}, {0x0}], 0x2, 0x6, 0x93) r3 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x80200, 0x0) write(r3, &(0x7f0000001400)="bb8f9f640903127a53527c6fbfe65d43b0e0586f2d40c7e7df58cac83420e83662d6e39bb6d5430622431454eedeeaee423d8f210bc3525fa7927c18d5fbc91ab13c2041136047d8da9375934d00f325499bfe7712208d387d41c31821c2a22d1325b556528e9b790b74053d1ed631c6ec8126d37c87216173138c00cef396868029af5b76bebac5e38b74d8bbc6ae66b6e202b6d505710377710ea7d43edf00e1a4c1c670bb4c263ce777da81abdd5ba5a5c82f67232f9b4d6f21b2e6afa8b38e4642b0daa2acbc0478d89b88e8b2094d4248855e5e81992e60be3afff0f3c3799350615489a901a659abdeca0c615a622ebf64175f990320e0356d4a11ed62eff72b709c23dd65942e8b534d7d775d370c1e435654a2634e6ee3649c4c3bcbe39e866f1eb9972af1a9cef42e701798a53dc92a242aadbac343e1765cf8ea5665e22deda69777e52b1e9e5d3edc022256939e1eee013448294911139d5b9c6241049fecdf9b31f4cdf6cff65d71b5071ef70e1798347c8846aa5b905e83050e3e606986ed3f603d18c5cdeb11cda1ce3abddea9376231af130e19fc7601ec1ab8cb5a7de9e2174547f18225b09a54fc8720dbb91eb69c1be88e601c3c9df4f2758f39a5151951b9c6dbb419ffd783a34c9fad10f201b8724d31865e2fc1fcf48db2be713053b43a0e3943c1e2b08e8a26e946c439d891db2a80b5ffa054bc8d0177d3214056250c61a537d2ec7630fb90395df2cd6aa9c5e573365db580520bdc3f1c6b2be992e1516a4b810a11935dc780699e461d9715f70c6d103ff49bf168f3cff4c0d0d6ba5671fcd2975450b0e1a3474139cb0f2d3476fcd87a8bccbeb2f5f8a821017b879aa5b9d1fafa9f4c429a74cd2da782114d97bf031746a817dd0293c4eddc3a9ecb5afe496f4971474ccd827449409f07cf94dda2e7dbe8520b5afff10a7e3b0b4289a167fc692635b5b7426d9e771b95860b09a3e752c867213c772e48ba30a78feecc7ff26e63e1749c62b52d377ac5cc52db830c965e04ccfcfb24ceacc69cfdc2094124dd27b2d68f699476a2562bab1de117ffc2b0702ee8b0b77f85fecec3a25b37ab7eb06232c9a73b4470f1727c82581d81942abf42d3ea37957927ad3dbd0ebe46678a9f4d25c47acaac83c14210a54b71fed40df017e2be27f01e3e6ea3ea381ca14efd202858e6535ad4f79a8cdf47e385b740a70c14e3651731a45cc0ca4a56f2e903cad0384efcc364caf67e09551d35c682ebc90a9286c4d274ba1b8ced742ede4e55a62db7ef9a96fde2add05b41599fd72a79ba280cc125cb266ef21b7eeafe3ee6aa78eef33fc66454549c3ec298cb683a55a32208cf6ce88b560166159d59e65f30540f62c5437652ea7f2a02f87ca242dd2250f58e75938a9a3ded51ae6598c2aba53287ff5cdaab17be7f4310f8e07e310d52778de79e1c2e4391b254be38910aa1cf6e1ca0e75d24be97d59f7025f16c6fbd549529b74e319c58f50438765ef0e3dc394eeb75dec41b3d80435b17520c97f5cd7ee692fb86d188fb0089fbf737dc1b96b9cc49be23a38a8cd92e5075f349993d7866369dd25eccbe1481477a05fee14e0edd1617921d7fcaa8fdc642e63b64388fa5b63442ff1466b1938d02546750b01ed9c980282ccbe10f204741249aed88c555ed6fdf7f68af9209807a71bbf4f31bef5a4223466da74ba8b034df529aef6ec6610a0d25973961e50e02af22d0ca8be1b9804a5918acbdb536e8f2f441ec9d640ed15133ee747440c86fc4526c9195954528673d25c8390170f3c19cb0b0c30b9e634c7ebae96946ae97c19eabca92226da925d22be37abbe0740938ea899ec42fd529a3b1063981e4c154219df5cf5af60a29b5a8ee530905725a14b28900eae937e705401ba8f632a7bca00d9724a992afdc9ed14aac71b8e3a7ee5ca095888feb195b4e083c3b611a1c2f8d092febe3b9f5f0df61e8d3c31a643c935b76bc1ad4265164e755484beb06610510bc51e8c6da8d71123bbe83a5e4128f41cf5c486d6a60496c300c406f990bee485cbdef794f2663ee66d2b18d8e55210c25c04b1a0c6d9c5f904e72806d2d4f5e5439bcdf146343cdffe4d0d70d42a9959cff9bd50c37cd478b0b0add16aae4dc839b46bca2ac7547144b6a422aed5e2db661bcb31a82bc0fc678e71a6cb090ef772860f3008b4152b5d281033be4a77b367baec3ab8ce7c83c601b11c8199bafcd15161a5454a6a982dbc3c2e3a5172b6a63e4904817075754eccbb0188c9cb2e5da9600f567485014887463b40f189b7ec3c5c0f36d502509e402c285765c78417ce6b3aab130ee79622dcd8ada842233e73a14554ee5e4995e32b3fe4075e247eb9bdeef64d1a7436c9b5782fb2f84f74e4c6e976289729c37b5bb8200a9480d181a6b11f5ec229b818134b8334967ae935ac1d81be4776fae4cb68b6fa330e93bd8de388b38455d569159bcd166df030a6dfedf28caf4608de7243f5df2c76f6680c301d819dc67d24d2f780432a931700a253b0a5b075195c6dbfd1fe17a1c11a3dffa872a07b877adc66d069fffb6d8326e1998c5a337c3d530250cae335ceffcf81dc438a47e73490d050a053813dbe6674e42c91ae94b4a88144f36adc1b08b4bcd6ddf4058c4e08d4dc83d5fbd843ee27eaf50b297c220350260d9abbeeb6deb921e50cae0ea590cfb6f00fb3c71520f565bb769705e2481ef27cf537d29f163c9fe3d39ed9fd18dc8b0c976cd302283e430807a9d751357f89092532d89fe280c69ad36e3541b5da9dea13fd19d0434c760fe295dfd9b9e63453c7853914c50b1b77ccd4b33c8b1f31fcb1aec040ffe2f9d728d8ea84297bac2e22230ebd1488c503b05b2e433cc37ce9fc123b7d3eb244b4549e9a841e73b664c8f6621ea5a4c9ff9c1da032255311f2c063a682baf4c97e7ba552bf71af4bd64f43872b846d15c65c487089be272cfa24a33f8c50930ea0bc4b089505fb8e97ded0e7e64a5ce897da6b940df4c3dddb8b4871d773f6ebf02058518c55c19aadb0f266caf18777ae68d2bfcfb2225961fcd10538ba664fd053a443320072707533ab761b9397bd0559126b84fe9196463ae50633017ea2d80940311d9c867102b1017f34af1965d8eb61be616a0d40656e2bbb750aee6f74f788c8acb2578e8686f5f8da6a19e979c152b7ee7c7f16902120588e2ff630144b5f929ffc593e946d9717c5968aa16c2d73d689fb5cce117acda3e23e5e0116de1cb6bddfa1a84cefb22c1e2c3753017696f27b9aec5d44f15411247643b84dd4410e784b4eb5b9c68fea671976f9b51c6526e2ddb40659611b0b3bcc7e249c77396fdb8c864ea9318f9de7fd3936fcbdc732c2f8b9556ec9afeb15d5e2df890351d66074d53dddc6e8dba8c91d733623ac95a49eb69c7de37ff2364ccddb01f6500750a012c2acf32a9f6bbd9e92d17ef858fbc34575db414ea42ad87a65b11ae5506469db256c421328f45aec73bdf18562447dc2840bbe9fc84dedd0fe6276fa174f21210d40193530ec7a70a9e60bfd6b00cba4d483be59950f16fa0dbd089b5fd0bb078badfcf42270cc62fe37be22b0d81f755263d74636fa466d2574ca62b58c649936d21e949de73ea45df3acade6609413f56fc218d6f11947bf1fd629d38d8acce90ee3c1a51117601ae126bec537e3e76ce7ecc53cfeefee8aaa104aa853a65aadf27bac9849ee0122793b11cd8e4f32fb07afa39e439cb738c30a6df958160aac15c26032a61aaf614b2e6601581fb0ab8d115e045005dee3df8ea42643cbcbb0b111130c42c94b7e874cfee50d5c2eb13b3a38c417fce9d740b7d43120431a7d44bc3934ee87b112401cbee3553837b6a0b4b3faaceb46eca4064301c8060870350e256ac9d5557f674536b9d9717a82fa211e7dfb52ca410d8a4f2f6b733c2a082f247538a6c40f56cf64204e62515db692f32733ff6f4b0787ef305d5e80881375467ae603ac3600e688c42f89a4fea4fdda09a8d59e19457c654a98c8129a8c65bae3310af2b170729e18400c915d0a2f4c4fc51747846630b95ec181228bda7ef48ad389815aa82de6c4a3b0746c28c01f9ec697ff17f095e1cf9d2fe78fdab9cbb1ca7aefc8af6a0cd98444735fad79e394a8f9c2fd358c3cde4ca6d57a620d0bb52dc6ff93f034b596f407c21511cc2c5ec8b0ede7f5c0acca61939ac7f2cad820c15133e69507eaa739e9a88936f4a74f0ad1574a1591f31f582a76157d89805cb3ba5e8d10509bf7a08e928653b4f05ba797a06765b74c8759fc34178624c08a2b99e59bcff5d33af2b0f9176b56c35f4da31c751a4c2fd88a1997cd9fc9bbf78220731d4c8cea23be1fd29c36b34d8458b7021ebcfafdc7e54096e517da3eb684298f742532d776164d9c9658e5faca0a3b08afca1bc27ed357884f49fe51bd0c38057f4288f1917e36e3865310b5eed140aef6150ae363293cf7467abd5e06cd7af5e2c49e7c5253a1155741e380bccb023a0faed93d9a64512d72436f1ef4ac0904a413e45164c23413bd57274a0a951c41a9a43aed094d4ea5c480ce64663cc9d36723179e2b19a48e9277a6591bbd888a06e0f2f142cd4495be4ba7274d69ba32a2788b935b2f18c5f336cb9de062829e2e0bb476efb36c3f53a766c14314f31637a464ac59d378ad7f51bef8d88715613653a427038e0d3e4dc3948bb1d70eb55c91c92f7510b1c0387253b458d2c90d17238f9eb239c680179a6c1e0759be367963e3b4d7395fd3911626582a094e6a8d0e746242f94267a4c57d5b2360ce3a6f7f3e3c10e124a54ed24d1585bc7b731cf731c94ee00ebf070b999b9bf28d76bfec9dcf12fcce2b9c4444c706ec6b943b5f39e9151a764ba1cd0cd6c1c7cdc3aa824cf17da705be27a18fbee41be39d6ae4dd4312f5f4bfee2c5bb21d941666f9d79b0f80c9b1bace84a05d2b0e3be1c3fd04d72b4b0124595c435813969d413960fddc858730a433383f3bc0472cb7683ea569e001f00"/3584, 0xe00) sendfile(r3, r4, 0x0, 0x11f06) 02:06:16 executing program 0: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0xa, &(0x7f0000000040)={0x0, @in, 0x0, 0x0, 0xa}, 0x98) 02:06:16 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e22"], 0x25) 02:06:16 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:16 executing program 0: r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, r0) keyctl$unlink(0x9, r1, r0) [ 241.996118][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:18 executing program 2: r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, r0) keyctl$unlink(0x9, r1, r0) 02:06:18 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e22"], 0x25) 02:06:18 executing program 0: r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, r0) keyctl$unlink(0x9, r1, r0) [ 244.146627][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:18 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:18 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e22"], 0x25) 02:06:18 executing program 0: r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, r0) keyctl$unlink(0x9, r1, r0) 02:06:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="0fd8d29a0000050067c126000f01dfb8cd008ec8670f798b55000000ea9febad00800062b83f010f00d80f017310", 0x2e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x40], 0x0, 0x600}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 244.298694][ T4524] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns 02:06:19 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e220509"], 0x25) 02:06:19 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$inet(r0, &(0x7f00000014c0)={0x0, 0x0, &(0x7f00000013c0)=[{0x0}, {&(0x7f0000001100)='k', 0x1}], 0x2}, 0x0) 02:06:19 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 244.580896][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:19 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e220509"], 0x25) 02:06:19 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 244.611739][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 245.657297][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:20 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:20 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e220509"], 0x25) 02:06:20 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x2a, 0x0, 0xd, 0xd, 0x2, [@datasec={0x0, 0x0, 0x0, 0xf, 0x1, [], "92"}]}}, &(0x7f0000000240)=""/143, 0x2a, 0x8f, 0x1}, 0x20) 02:06:20 executing program 2: timer_create(0x7, &(0x7f0000001540)={0x0, 0x31, 0x0, @thr={0x0, 0x0}}, &(0x7f0000001580)) 02:06:20 executing program 1: timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:20 executing program 0: futex(&(0x7f0000000000), 0x4, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000000080), 0x2) socket$inet6_udp(0xa, 0x2, 0x0) 02:06:20 executing program 2: syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1}}]}}, &(0x7f00000001c0)={0x0, 0x0, 0x5, &(0x7f00000000c0)={0x5, 0xf, 0x5, 0x18}, 0x1, [{0x4, &(0x7f0000000100)=@lang_id={0x4}}]}) 02:06:20 executing program 1: timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 246.007313][ T39] kauditd_printk_skb: 12 callbacks suppressed [ 246.007325][ T39] audit: type=1400 audit(1662861980.824:186): avc: denied { create } for pid=4552 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 02:06:20 executing program 0: r0 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r0, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x3, 0x0, 0x0, 0x2, {0xa, 0x4e24, 0xff, @private2={0xfc, 0x2, '\x00', 0x1}, 0x47fff}}}, 0x3a) 02:06:20 executing program 1: timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 246.028316][ T39] audit: type=1400 audit(1662861980.844:187): avc: denied { connect } for pid=4552 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 02:06:20 executing program 1: syz_emit_vhci(0x0, 0x0) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:20 executing program 3: syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e220509"], 0x25) 02:06:20 executing program 0: r0 = shmget$private(0x0, 0x4000, 0x100, &(0x7f0000ffc000/0x4000)=nil) shmat(r0, &(0x7f0000ffd000/0x3000)=nil, 0x5000) 02:06:20 executing program 3: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 246.091264][ T3719] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 246.270473][ T40] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 246.510657][ T40] usb 7-1: Using ep0 maxpacket: 16 [ 246.711519][ T40] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 246.892405][ T40] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 246.900391][ T40] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 246.907212][ T40] usb 7-1: Product: syz [ 246.911154][ T40] usb 7-1: Manufacturer: syz [ 246.915397][ T40] usb 7-1: SerialNumber: syz [ 247.174425][ T3761] usb 7-1: USB disconnect, device number 4 02:06:23 executing program 0: syz_emit_ethernet(0x3f, &(0x7f00000001c0)={@broadcast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "e24754", 0x9, 0x3a, 0x0, @dev, @local, {[], @echo_request={0x80, 0x0, 0x0, 0x0, 0x0, 'g'}}}}}}, 0x0) [ 248.511667][ T3719] Bluetooth: hci1: ACL packet for unknown connection handle 0 02:06:23 executing program 3: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:23 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x123041, 0x0) write$tun(r0, 0x0, 0x0) 02:06:23 executing program 1: syz_emit_vhci(0x0, 0x0) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:23 executing program 2: r0 = syz_open_dev$media(&(0x7f0000000040), 0x4, 0x0) ioctl$MEDIA_IOC_ENUM_ENTITIES(r0, 0xc1007c01, &(0x7f0000000780)) 02:06:23 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000001c0)={'gretap0\x00', 0x0}) 02:06:23 executing program 1: syz_emit_vhci(0x0, 0x0) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:23 executing program 3: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 248.579769][ T3719] Bluetooth: hci1: ACL packet for unknown connection handle 0 02:06:23 executing program 0: syz_emit_ethernet(0x3f, &(0x7f00000001c0)={@broadcast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "e24754", 0x9, 0x3a, 0x0, @dev, @local, {[], @echo_request={0x80, 0x0, 0x0, 0x0, 0x0, 'g'}}}}}}, 0x0) 02:06:23 executing program 3: syz_emit_ethernet(0x7a, &(0x7f0000000100)={@link_local, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "eb18e5", 0x44, 0x2f, 0x0, @ipv4, @mcast1, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6558}}}}}}}, 0x0) 02:06:23 executing program 2: syz_emit_ethernet(0x46, &(0x7f0000000180)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "f93c42", 0x10, 0x11, 0x0, @remote, @local, {[@srh={0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9}], {0x0, 0x0, 0x8}}}}}}, 0x0) 02:06:23 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:23 executing program 3: syz_emit_ethernet(0x102, &(0x7f00000001c0)={@broadcast, @dev, @val={@void}, {@ipv4={0x800, @udp={{0x15, 0x4, 0x0, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x11, 0x0, @dev, @local, {[@timestamp_addr={0x44, 0x24, 0x0, 0x1, 0x0, [{@initdev={0xac, 0x1e, 0x0, 0x0}}, {}, {@remote}, {@multicast2}]}, @timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@multicast1}, {@multicast1}, {@multicast2}]}]}}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "8cf1a3122079c2a218d68c75a151bd7afff1f79b6f6b567bc25fba0573a9c710", "005ea48d62296f051a7f9eb5897beb564e9b60655fb6fb9a528d8d27696581d03c4740bc8e992b4c00", "2495d8926b4f4df11dd28e75fc79aee2c5294acd963c9921334d1aba", {"606a8f2ba802882427d2b1b3fc28d6a1", "9ef6728605898615142428ae6bd7f3bb"}}}}}}}, 0x0) 02:06:23 executing program 0: syz_emit_ethernet(0x3f, &(0x7f00000001c0)={@broadcast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "e24754", 0x9, 0x3a, 0x0, @dev, @local, {[], @echo_request={0x80, 0x0, 0x0, 0x0, 0x0, 'g'}}}}}}, 0x0) [ 248.640507][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:23 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x34, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6}]}, @IPVS_CMD_ATTR_SERVICE={0x4}]}, 0x34}}, 0x0) 02:06:23 executing program 3: syz_emit_ethernet(0x7a, &(0x7f0000000100)=ANY=[@ANYBLOB="0180c200000000000000000086dd60eb18e500442f0000000000000000000000ffff00ff01000000000000000d"], 0x0) [ 248.680248][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:23 executing program 3: clock_getres(0x6a661d89b092ac66, 0x0) 02:06:23 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 248.750391][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 248.839426][ T4606] loop3: detected capacity change from 0 to 12 [ 248.843906][ T3733] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 02:06:23 executing program 0: syz_emit_ethernet(0x3f, &(0x7f00000001c0)={@broadcast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "e24754", 0x9, 0x3a, 0x0, @dev, @local, {[], @echo_request={0x80, 0x0, 0x0, 0x0, 0x0, 'g'}}}}}}, 0x0) 02:06:23 executing program 3: syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000001480)=[{0x0, 0x0, 0xc49}, {&(0x7f0000000480)="e937db4d825da195cb71d6af7ffc72d7b5be5fda20e68f8cf79c8150208051f59ef33d0916532a7839dbcd453c15dc53373a0b5f9b09a1b130a43173bbdd13fa2d9d9ede1cc4db130e0eac93cba35a1a5e271944cfc76c6ba105489ae29717c1a6a8bcd6e54085a4826ccb9c3acd6ce68b771b66be21b85e3639ceaa92d637d49938900e191daaa47e4184a882244beb4e1477ac293b0453829b6247d0609e1ff3f39c3e17bd11e3e886384a251f6ba9f371e411591ece565bfe42c986b15b0fcb5ae09c4cfcbf80b5583c9205f160655b2ad7999f239793f63e2e1640c02bb7485ff706d97956a5a9d58fe200e3c29d61f36e9f3eca414a76b7020ebf911dfa7292da427aafd03753b5b062b17003973d34260046b5757c93200437312f4bb34e4ee296082e11c1102d6876c4ac67a6a9a7f2cbdfc4728932560c01d2ac6b35e066082b60b38dc7599420b8e1008b0e8cfa78ec81ada21b8583f7a29ef39730108da0bcb1f62c58d01964b4605b3ab242496a6236e91a1b5314f7962dac6ce41c89511bc9b457bdde16cce82528e5c4efa8b6e23c0c0e1da1a9124cd1a9ca279b5a3d38694753f1fc313a41a9b8e6cb28c73d0963cbb4cc538da93d727e3a54f4fa55b573259647d27778", 0x1cb, 0x9}], 0x0, &(0x7f0000001540)) 02:06:23 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:23 executing program 0: syz_emit_ethernet(0x0, 0x0, 0x0) 02:06:23 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x6a}, @l2cap_cid_signaling={{0x66}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}]}}, 0x6f) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:23 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 248.878572][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 248.883296][ T4606] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 248.889853][ T4606] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 02:06:23 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x45}, @l2cap_cid_signaling={{0x41}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}]}}, 0x4a) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:23 executing program 0: syz_emit_ethernet(0x0, 0x0, 0x0) 02:06:23 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 248.912168][ T4606] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 248.917480][ T4606] UDF-fs: Scanning with blocksize 512 failed [ 248.923824][ T4606] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 248.935464][ T4606] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 248.946977][ T4606] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 248.953652][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 248.953987][ T4606] UDF-fs: Scanning with blocksize 1024 failed [ 248.963955][ T4606] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 249.001115][ T4606] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 249.009389][ T4606] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 249.018040][ T4606] UDF-fs: Scanning with blocksize 2048 failed [ 249.027246][ T4606] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 249.035253][ T4606] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 249.043467][ T4606] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 249.049823][ T4606] UDF-fs: Scanning with blocksize 4096 failed [ 249.056968][ T4606] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1) 02:06:24 executing program 0: syz_emit_ethernet(0x0, 0x0, 0x0) [ 249.469971][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 249.476759][ T4627] loop3: detected capacity change from 0 to 1 [ 249.488611][ T4627] BFS-fs: bfs_fill_super(): No BFS filesystem on loop3 (magic=00000000) 02:06:24 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x45}, @l2cap_cid_signaling={{0x41}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}]}}, 0x4a) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:24 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:24 executing program 3: syz_mount_image$bfs(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, 0x2, &(0x7f00000018c0)=[{&(0x7f0000000600)="193c28909a1a3810746b1dfa8190c37cc29945c1cd1f58a522246757d8949619ef7cea8503ab364d14d2c1f073a7cec0e5187f33367ea09e0d5a096f9507fd1b194056a05097acef47ebee7697499789d0c4dbfd17fcd0fc075dbbe47974076ec925cfebe8dd7ba14b5b911bf3b21f777aa6c965e7ee28bca079c449cfb8d3d914667d99cd17743d61ebe8be5472f2411af911b9dfc3be74a53826f5bba037685e081e094f94290d84f8619d2f6b8ab53925a14a7b6bda55ba5b99e163032fa17564f2ff69f23d7ef938d02502632995724ee32c011dff59823033c98c6abb1ba66b630c5b4d5be00aad27", 0xeb, 0x100}, {&(0x7f0000000800)="2d313b795a2b63041dc13110e8cf7ca72e3a672307791c6596e270eaa06f260b238878c782f1119fa90b26d4cce2f0f3d571fe8e48dbdad41b278575881a4aec84cc480d156223a13b721a29f9562bfd6edec5345185a6eb6317da3b8aa2d47b329c652d497b03a77fc98e6cc0a0e5016e4392bc6f284705b8d4f87112df8439f1f75b314c8cdb3c97a2c2a04d5fe0945664b11bb54729f0cdfdb3867b174958c69860ca5d20452c085f30e7c66182c2e600056a2e78f265ca22bb914a1b287b78372eec147e90297326b76fd3293603611c804c5d98be4014f92eb209ced9f3e2bc", 0xe2, 0x100}], 0x0, &(0x7f0000001940)) 02:06:24 executing program 2: ioctl$VIDIOC_QUERYBUF_DMABUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:24 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x45}, @l2cap_cid_signaling={{0x41}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}]}}, 0x4a) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:24 executing program 0: syz_emit_ethernet(0x3e, &(0x7f00000001c0)={@broadcast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "e24754", 0x8, 0x3a, 0x0, @dev, @local, {[], @echo_request}}}}}, 0x0) [ 249.530785][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 249.809911][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:24 executing program 3: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc058560f, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:24 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x3e}, @l2cap_cid_signaling={{0x3a}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}]}}, 0x43) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:24 executing program 2: ioctl$VIDIOC_QUERYBUF_DMABUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:24 executing program 2: ioctl$VIDIOC_QUERYBUF_DMABUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:24 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x25}, @l2cap_cid_signaling={{0x21}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}]}}, 0x2a) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 249.909769][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:24 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x25}, @l2cap_cid_signaling={{0x21}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}]}}, 0x2a) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:24 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:24 executing program 3: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0x7, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:24 executing program 3: r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder1\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x8, 0x0, &(0x7f0000000140)=[@release], 0x0, 0x0, 0x0}) 02:06:24 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:24 executing program 3: shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0x7000) [ 250.037901][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:24 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:25 executing program 3: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585611, &(0x7f0000000080)={0x0, 0x4, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:25 executing program 0: memfd_create(&(0x7f00000000c0)='\xba\xeeIYT\xbct\xce\x1e\xf2\xfd\x18\a\xcd>\xa2 sj\x85-\x1aT\xa5\x84\xf4\xbc/\x81\xf6\xbd\xa4\x86\x06g\x02\x85`\xdbb&\xdf]\x8a4\xd9\xb1\xde^\xe1P\a\xbd\xadg\xcf\xcaQ\x16\xca\xb7\xdc\xc1\xcd\xd0\x8a^a\xe6\xd7U\x85..X\xee4\xeb\xd0\x92\x8a\xb6\x9b\x18Wk\\!\x96\x9a@X\x1d\xc7\xdd^d7P\xc4-\xa1\x9e\xf3\xfb\xe7<\x99!\x8b\xf1\x89\x8b\x90>}9\xdcq@\xf2\xff\x8f\x00', 0x0) 02:06:25 executing program 2: openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:25 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000040)={'ip_vti0\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x0, 0x7800, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @local}}}}) 02:06:25 executing program 0: r0 = syz_open_dev$media(&(0x7f00000011c0), 0x99, 0x0) ioctl$MEDIA_IOC_SETUP_LINK(r0, 0xc0347c03, &(0x7f0000001ec0)) 02:06:25 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x1d}, @l2cap_cid_signaling={{0x19}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}]}}, 0x22) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:25 executing program 2: openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:25 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x1d}, @l2cap_cid_signaling={{0x19}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}]}}, 0x22) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 250.219377][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 250.243128][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:25 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x1d}, @l2cap_cid_signaling={{0x19}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}]}}, 0x22) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:25 executing program 0: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) 02:06:25 executing program 3: syz_emit_ethernet(0x7a, &(0x7f0000000100)={@link_local, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "eb18e5", 0x44, 0x2b, 0x0, @ipv4, @mcast1}}}}, 0x0) 02:06:25 executing program 2: openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 250.306951][ T39] audit: type=1400 audit(1662861985.124:188): avc: denied { create } for pid=4676 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 250.322278][ T4677] RDS: rds_bind could not find a transport for ::ffff:172.30.0.1, load rds_tcp or rds_rdma? [ 250.330660][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:25 executing program 3: syz_emit_ethernet(0xea, &(0x7f00000001c0)={@broadcast, @dev, @val={@void}, {@ipv4={0x800, @udp={{0xf, 0x4, 0x0, 0x0, 0xd8, 0x0, 0x0, 0x0, 0x11, 0x0, @dev, @local, {[@timestamp_addr={0x44, 0x24, 0x15, 0x1, 0x0, [{@initdev={0xac, 0x1e, 0x0, 0x0}}, {}, {@remote}, {@multicast2}]}, @timestamp_addr={0x44, 0x4}]}}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "8cf1a3122079c2a218d68c75a151bd7afff1f79b6f6b567bc25fba0573a9c710", "005ea48d62296f051a7f9eb5897beb564e9b60655fb6fb9a528d8d27696581d03c4740bc8e992b4c00", "2495d8926b4f4df11dd28e75fc79aee2c5294acd963c9921334d1aba", {"606a8f2ba802882427d2b1b3fc28d6a1", "9ef6728605898615142428ae6bd7f3bb"}}}}}}}, 0x0) 02:06:25 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x25}, @l2cap_cid_signaling={{0x21}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}, {0xde, 0x8000}}]}}, 0x2a) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:25 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, 0x0) 02:06:25 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, 0x0) [ 250.368492][ T39] audit: type=1400 audit(1662861985.144:189): avc: denied { bind } for pid=4676 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 02:06:25 executing program 3: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0205648, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 250.398260][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:25 executing program 0: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:25 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, 0x0) 02:06:25 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x25}, @l2cap_cid_signaling={{0x21}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}, {0xde, 0x8000}}]}}, 0x2a) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 250.457205][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:25 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x25}, @l2cap_cid_signaling={{0x21}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}, {0xde, 0x8000}}]}}, 0x2a) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:25 executing program 0: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:25 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:25 executing program 3: syz_emit_ethernet(0x7a, &(0x7f0000000180)=ANY=[@ANYBLOB="0180c200000000000000000086dd60eb18e500442f0000000000000000000000ffffebfffffffe"], 0x0) 02:06:25 executing program 3: syz_emit_ethernet(0x12bb, &(0x7f0000000180)=ANY=[], 0x0) r0 = syz_open_dev$audion(&(0x7f0000000000), 0x92f, 0x0) read$ptp(r0, &(0x7f0000000280)=""/4096, 0x1000) [ 250.669015][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:25 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x25}, @l2cap_cid_signaling={{0x21}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}, {0x0, 0x8000}}]}}, 0x2a) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 250.775208][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:25 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:25 executing program 0: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:25 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x25}, @l2cap_cid_signaling={{0x21}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x2a) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 250.849485][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:25 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:25 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x25}, @l2cap_cid_signaling={{0x21}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x2a) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:25 executing program 0: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 250.910843][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 251.585775][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:26 executing program 0: ioctl$VIDIOC_QUERYBUF_DMABUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:26 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x25}, @l2cap_cid_signaling={{0x21}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x2a) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:26 executing program 3: syz_emit_ethernet(0x12bb, &(0x7f0000000180)=ANY=[], 0x0) r0 = syz_open_dev$audion(&(0x7f0000000000), 0x92f, 0x0) read$ptp(r0, &(0x7f0000000280)=""/4096, 0x1000) 02:06:26 executing program 2: syz_emit_ethernet(0x5a, &(0x7f0000000080)={@broadcast, @dev, @val={@void}, {@canfd={0x8864, {{}, 0x0, 0x0, 0x0, 0x0, "c8022e720d67651092f8b298342af38d61000437136ee8055997f5dbc59cd2c49ce5da119d42cfa5e06c2ab0099c426fa608068c172e11e11a953164bfa931da"}}}}, 0x0) 02:06:26 executing program 0: ioctl$VIDIOC_QUERYBUF_DMABUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:26 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}, {0x0, 0x8000}}]}}, 0x21) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:26 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0205648, &(0x7f0000000080)={0x0, 0x4, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:26 executing program 0: ioctl$VIDIOC_QUERYBUF_DMABUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 251.795337][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:26 executing program 0: r0 = openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:26 executing program 2: syz_emit_ethernet(0xe, &(0x7f0000000080)={@broadcast, @dev, @val={@void, {0x892f}}, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "c8022e720d67651092f8b298342af38d61000437136ee8055997f5dbc59cd2c49ce5da119d42cfa5e06c2ab0099c426fa608068c172e11e11a953164bfa931da"}}}}, 0x0) 02:06:27 executing program 3: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) 02:06:27 executing program 2: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmat(r0, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(0x0, &(0x7f0000ffd000/0x3000)=nil, 0x5000) 02:06:27 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x21) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:27 executing program 0: r0 = openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 252.596975][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 252.598748][ T4751] RDS: rds_bind could not find a transport for ::ffff:172.30.1.4, load rds_tcp or rds_rdma? 02:06:27 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x21) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:27 executing program 2: syz_emit_ethernet(0x3a, &(0x7f0000000100)={@broadcast, @dev, @val={@void, {0x8864}}, {@ipv6={0x86dd, @generic={0x0, 0x6, "b97ae6", 0x0, 0x0, 0x0, @loopback, @remote}}}}, 0x0) [ 252.769744][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 253.016281][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:27 executing program 0: r0 = openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:27 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x21) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:27 executing program 3: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xe, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:27 executing program 0: openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:27 executing program 3: syz_emit_ethernet(0x77, &(0x7f0000000180)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "f93c42", 0x41, 0x11, 0x0, @remote, @local, {[@srh={0x0, 0x0, 0x4, 0x0, 0x0, 0x40, 0x9}], {0x0, 0x0, 0x39, 0x0, @opaque="2fbafdb66b111a3c4615407ead08cbd5ef3c5530a47891affa51f5c81a1dff4e3562f4a15cfb24d8d65db398e784a7a3b5"}}}}}}, 0x0) 02:06:27 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x0) ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0x0) 02:06:27 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x19) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 253.065943][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:27 executing program 3: syz_emit_ethernet(0x26, &(0x7f0000000100)={@broadcast, @local, @val={@void, {0x8100, 0x6}}, {@generic={0x800, "c72db58960f4b5c3f038d4b3a106e82d2a205273"}}}, 0x0) [ 253.089074][ T39] audit: type=1400 audit(1662861987.904:190): avc: denied { read } for pid=4763 comm="syz-executor.2" name="uinput" dev="devtmpfs" ino=863 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 253.136744][ T39] audit: type=1400 audit(1662861987.904:191): avc: denied { open } for pid=4763 comm="syz-executor.2" path="/dev/uinput" dev="devtmpfs" ino=863 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 253.161970][ T39] audit: type=1400 audit(1662861987.934:192): avc: denied { ioctl } for pid=4763 comm="syz-executor.2" path="/dev/uinput" dev="devtmpfs" ino=863 ioctlcmd=0x5566 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 253.271646][ T3719] Bluetooth: hci1: ACL packet for unknown connection handle 0 02:06:28 executing program 3: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x0, 0x99}, @l2cap_cid_signaling={{0x95}, [@l2cap_conn_req={{0x2, 0x2, 0x4}, {0x401, 0x1}}, @l2cap_disconn_rsp={{0x7, 0x4, 0x4}, {0x1, 0x8}}, @l2cap_create_chan_req={{0xc, 0x1c, 0x5}, {0x24, 0x6, 0x7}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xde, 0x8000}}, @l2cap_conf_rsp={{0x5, 0x5, 0x15}, {0x8, 0xfc01, 0x1, [@l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0xff, 0x81, 0x7, 0xfffa, 0x6}}]}}, @l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x400, 0x4}}, @l2cap_conf_rsp={{0x5, 0x9, 0x21}, {0x3f, 0x5, 0x3, [@l2cap_conf_rfc={0x4, 0x9, {0x0, 0xe0, 0x2, 0x8, 0x0, 0x80}}, @l2cap_conf_mtu={0x1, 0x2, 0x100}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}]}}, @l2cap_conf_rsp={{0x5, 0x1, 0x2b}, {0x4, 0x4, 0x0, [@l2cap_conf_ews={0x7, 0x2, 0xb}, @l2cap_conf_flushto={0x2, 0x2, 0x200}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x4, 0x0, 0x3ff, 0xcf, 0x3}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7f, 0x5, 0x0, 0x3, 0x1}}, @l2cap_conf_flushto={0x2, 0x2, 0x101}]}}]}}, 0x9e) timer_create(0x3, 0x0, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:28 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r0, 0xc1105518, &(0x7f00000001c0)={{0x0, 0x2, 0x0, 0x1, 'syz1\x00'}, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 'syz1\x00', 0x0}) 02:06:28 executing program 0: openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:28 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x3, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:28 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="00400000ec1f00001320000012000000000000000020000000010000f8c4a42ee10000001e000000000000000010cc030200010052654973457233467300000002000000020001000200012000000000010000001231231212331233123112341341241273797a6b616c6c65720000000000000001001e0061fb1963004eed00", 0x80, 0x10000}, {&(0x7f0000010080)="000000000000000000000000010000000300"/32, 0x20, 0x100c0}, {&(0x7f00000100a0)="ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0f00"/1056, 0x420, 0x11000}, {&(0x7f00000104c0)="ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x800, 0x11800}, {&(0x7f0000010cc0)="00000000000000000000000012000000000000000020000000010000f8c4a42ee10000001e00"/64, 0x40, 0x2012000}, {&(0x7f0000010d00)="010002005c0f0000000000000000000000000000000000000100000002000000000000000000000000002c00d40f0100010000000200000001000000f401000002003000a40f00"/96, 0x60, 0x2013000}, {&(0x7f0000010d60)="0000000001000000010000000200000028000400020000000000000001000000200004002e2e0000000000002e00000000000000ed41000003000000300000000000000080761000535f010061fb196361fb196361fb19630100000000000000", 0x60, 0x2013fa0}], 0x0, &(0x7f0000010dc0)) syz_mount_image$gfs2(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xfff, 0x1, &(0x7f00000000c0)=[{&(0x7f00000002c0)="9d64f1778e778896629150137321f3f9a4dc70a561b04df57bdc64d56c55092c6a5e21d93235fd973096d1b418ba5a89a481be36aa927b4443875be6bf55441186474b52034feab47bfa1db1eafc26ac736a4c53050484e4350a5c7ea67d2f8d1676ef75d952b658665a7ad797c270883fe9c6185a2fa6c797d30c2ccdcb9cc1db9297f17b6dea688d7f217c462ee126c7fd14e46666a53371ab8d14af961c40abea801aac77b469328479baf40754608c444c0f903915de92a04c528873c147255b6cff491fc49651aba5240f32209f4d9559871a0322bc5cd7137a21007ef6e443", 0xe2, 0x8000000000000000}], 0x1004041, &(0x7f0000000140)={[{@barrier}, {@norgrplvb}, {@norgrplvb}, {@quota}], [{@subj_role={'subj_role', 0x3d, '-+\\.#'}}, {@smackfshat={'smackfshat', 0x3d, 'reiserfs\x00'}}, {@smackfsdef={'smackfsdef', 0x3d, 'reiserfs\x00'}}, {@fscontext={'fscontext', 0x3d, 'root'}}]}) [ 253.460128][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:28 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) ioctl$KVM_ASSIGN_SET_INTX_MASK(r2, 0x4040aea4, &(0x7f0000000080)={0x7fff, 0x8, 0x3ff, 0x4, 0x5}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup2(0xffffffffffffffff, r3) r5 = openat(r4, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r5, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) sendmsg$NFT_MSG_GETTABLE(r5, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r7 = socket$inet6_udp(0xa, 0x2, 0x0) r8 = dup2(0xffffffffffffffff, r7) r9 = openat(r8, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r9, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) sendmsg$NFT_MSG_GETTABLE(r9, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="71e3c0239cf138bec07cf52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22083a51a2ada29dfca789e9f987d7002f56822cfecdd2381866a0d54d95bd87a9a2adff11ca57fde65e0471ebe7085b203c369ba40bd08a15fc5fe758ee6800c8af7a6eb9802b2db0a293b7e88c64a5e9f322e459ef65fa2a17c13b3d7e"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) syz_kvm_setup_cpu$x86(r9, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x0, &(0x7f00000000c0)=[@dstype0, @flags={0x3, 0x41000}], 0x2) ioctl$KVM_RUN(r6, 0xae80, 0x0) [ 253.465026][ T4780] loop3: detected capacity change from 0 to 131391 02:06:28 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:28 executing program 0: openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 253.501125][ T4780] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 253.512781][ T4780] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 253.514343][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:28 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 253.525473][ T4780] REISERFS (device loop3): using ordered data mode [ 253.534070][ T4780] reiserfs: using flush barriers [ 253.549006][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 253.551613][ T4790] fs-verity (sda1, inode 1135): Malformed file signature [ 253.558921][ T4780] REISERFS (device loop3): journal params: device loop3, size 8192, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 253.598323][ T4780] REISERFS (device loop3): checking transaction log (loop3) [ 253.637927][ T4783] fs-verity (sda1, inode 1135): Malformed file signature 02:06:28 executing program 0: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, 0x0) 02:06:28 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x541b, 0x0) 02:06:28 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 254.255793][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 256.299878][ T4780] REISERFS (device loop3): Using rupasov hash to sort names [ 256.308717][ T4780] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 256.667531][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:31 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:31 executing program 3: syz_emit_ethernet(0x2a, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040001"], 0x0) 02:06:31 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r0, 0xc1105518, &(0x7f0000000080)={{0x0, 0x2, 0x200, 0x0, 'syz0\x00'}, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 'syz1\x00', 0x0}) 02:06:31 executing program 0: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, 0x0) 02:06:31 executing program 3: syz_emit_ethernet(0x5a, &(0x7f0000000080)={@broadcast, @dev, @val={@void}, {@canfd={0x8848, {{}, 0x0, 0x0, 0x0, 0x0, "c8022e720d67651092f8b298342af38d61000437136ee8055997f5dbc59cd2c49ce5da119d42cfa5e06c2ab0099c426fa608068c172e11e11a953164bfa931da"}}}}, 0x0) 02:06:31 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0285628, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:31 executing program 0: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, 0x0) 02:06:31 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) [ 256.702950][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:31 executing program 0: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:31 executing program 3: syz_emit_ethernet(0x5a, &(0x7f0000000080)={@broadcast, @dev, @val={@void}, {@canfd={0x8848, {{}, 0x0, 0x0, 0x0, 0x0, "c8022e720d67651092f8b298342af38d61000437136ee8055997f5dbc59cd2c49ce5da119d42cfa5e06c2ab0099c426fa608068c172e11e11a953164bfa931da"}}}}, 0x0) 02:06:31 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:31 executing program 2: syz_emit_ethernet(0x5a, &(0x7f0000000080)={@broadcast, @dev, @val={@void}, {@canfd={0x8847, {{}, 0x0, 0x0, 0x0, 0x0, "c8022e720d67651092f8b298342af38d61000437136ee8055997f5dbc59cd2c49ce5da119d42cfa5e06c2ab0099c426fa608068c172e11e11a953164bfa931da"}}}}, 0x0) 02:06:31 executing program 0: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 256.739273][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:31 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(0x0, 0x0) 02:06:31 executing program 2: syz_mount_image$bfs(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, 0x2, &(0x7f00000018c0)=[{&(0x7f0000000600)="193c28909a1a3810746b1dfa8190c37cc29945c1cd1f58a522246757d8949619ef7cea8503ab364d14d2c1f073a7cec0e5187f33367ea09e0d5a096f9507fd1b194056a05097acef47ebee7697499789d0c4dbfd17fcd0fc075dbbe47974076ec925cfebe8dd7ba14b5b911bf3b21f777aa6c965e7ee28bca079c449cfb8d3d914667d99cd17743d61ebe8be5472f2411af911b9dfc3be74a53826f5bba037685e081e094f94290d84f8619d2f6b8ab53925a14a7b6bda55ba5b99e163032fa17564f2ff69f23d7ef938d02502632995724ee32c011dff59823033c98c6abb1ba66b63", 0xe3, 0x100}, {&(0x7f0000000800)="2d313b795a2b63041dc13110e8cf7ca72e3a672307791c6596e270eaa06f260b238878c782f1119fa90b26d4cce2f0f3d571fe8e48dbdad41b278575881a4aec84cc480d156223a13b721a29f9562bfd6edec5345185a6eb6317da3b8aa2d47b329c652d497b03a77fc98e6cc0a0e5016e4392bc6f284705b8d4f87112df8439f1f75b314c8cdb3c97a2c2a04d5fe0945664b11bb54729f0cdfdb3867b174958c69860ca5d20452c085f30e7c66182c2e600056a2e78f265ca22bb914a1b287b78372eec147e90297326b76fd3293603611c804c5d98be4014f92eb209ced9", 0xdf, 0x102}], 0x0, &(0x7f0000001940)) [ 256.756450][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 256.767171][ T4830] loop2: detected capacity change from 0 to 1 02:06:31 executing program 3: syz_emit_ethernet(0x82, &(0x7f00000017c0)={@multicast, @dev, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "83bafa", 0x4c, 0x2f, 0x0, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {[@fragment={0x961af3f1bf0fb370}]}}}}}, 0x0) [ 256.777794][ T4830] BFS-fs: bfs_fill_super(): No BFS filesystem on loop2 (magic=00000000) 02:06:31 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(0x0, 0x0) 02:06:31 executing program 0: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 256.799922][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:31 executing program 3: syz_emit_ethernet(0x82, &(0x7f00000017c0)={@multicast, @dev, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "83bafa", 0x4c, 0x2f, 0x0, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {[@fragment={0x961af3f1bf0fb370}]}}}}}, 0x0) 02:06:31 executing program 1: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(0x0, 0x0) [ 256.836578][ T3719] Bluetooth: hci2: ACL packet for unknown connection handle 0 02:06:31 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc058565d, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:31 executing program 3: syz_emit_ethernet(0x82, &(0x7f00000017c0)={@multicast, @dev, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "83bafa", 0x4c, 0x2f, 0x0, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {[@fragment={0x961af3f1bf0fb370}]}}}}}, 0x0) 02:06:31 executing program 0: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:31 executing program 3: syz_emit_ethernet(0x82, &(0x7f00000017c0)={@multicast, @dev, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "83bafa", 0x4c, 0x2f, 0x0, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {[@fragment={0x961af3f1bf0fb370}]}}}}}, 0x0) 02:06:31 executing program 1: syz_emit_ethernet(0x7a, &(0x7f0000000100)={@link_local, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x2, "eb18e5", 0x44, 0x2f, 0x0, @ipv4, @mcast1}}}}, 0x0) 02:06:31 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @mcast2, @private1}}) 02:06:32 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_ZERO(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB=' '], 0xf8}}, 0x0) 02:06:32 executing program 1: syz_emit_ethernet(0x76, &(0x7f0000000180)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "f93c42", 0x40, 0x11, 0x0, @remote, @local, {[@srh={0x0, 0x0, 0x4, 0x0, 0x0, 0x40}], {0x0, 0x0, 0x38, 0x0, @opaque="2fbafdb66b111a3c4615407ead08cbd5ef3c5530a47891affa51f5c81a1dff4e3562f4a15cfb24d8d65db398e784a7a3"}}}}}}, 0x0) 02:06:32 executing program 3: syz_emit_ethernet(0x0, 0x0, 0x0) 02:06:32 executing program 2: syz_emit_ethernet(0x7a, &(0x7f0000000100)={@link_local, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "eb18e5", 0x44, 0x2f, 0x0, @ipv4, @mcast1, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x892f}}}}}}}, 0x0) 02:06:32 executing program 0: syz_emit_ethernet(0x7a, &(0x7f0000000100)={@link_local, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "eb18e5", 0x44, 0x29, 0x0, @ipv4, @mcast1}}}}, 0x0) 02:06:32 executing program 3: syz_emit_ethernet(0x0, 0x0, 0x0) 02:06:32 executing program 1: shmget$private(0x0, 0x3000, 0x78000912, &(0x7f0000ffc000/0x3000)=nil) 02:06:32 executing program 3: syz_emit_ethernet(0x0, 0x0, 0x0) 02:06:32 executing program 2: r0 = socket$igmp6(0xa, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8923, &(0x7f00000000c0)={'vcan0\x00'}) 02:06:32 executing program 0: syz_emit_ethernet(0x2a, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040001aac6aaaaaaaaaa"], 0x0) 02:06:32 executing program 1: syz_emit_ethernet(0x14, &(0x7f0000000100)={@random="d8f337909a99", @dev, @val={@void, {0x8100, 0x0, 0x1}}, {@generic={0x88be, "65c9"}}}, 0x0) 02:06:32 executing program 3: syz_emit_ethernet(0x7a, &(0x7f00000017c0)={@multicast, @dev, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "83bafa", 0x44, 0x2f, 0x0, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}}, 0x0) [ 257.741160][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:32 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x1d}, @hci_evt_le_cis_established={{}, {0x0, 0xc8, 'Y*S', "1b55e9", "c302b5", "4c628a", 0x4, 0x1, 0x4, 0x6, 0x1, 0x8, 0x40, 0x8, 0x8}}}}, 0x20) 02:06:32 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) (fail_nth: 1) 02:06:32 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) (async, rerun: 64) timer_create(0x0, 0x0, &(0x7f0000000200)) (rerun: 64) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) (async) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x1d}, @hci_evt_le_cis_established={{}, {0x0, 0xc8, 'Y*S', "1b55e9", "c302b5", "4c628a", 0x4, 0x1, 0x4, 0x6, 0x1, 0x8, 0x40, 0x8, 0x8}}}}, 0x20) [ 257.751336][ T3719] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:200' [ 257.765787][ T3719] CPU: 2 PID: 3719 Comm: kworker/u19:1 Not tainted 6.0.0-rc4-syzkaller-00302-gb96fbd602d35 #0 [ 257.774293][ T3719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 257.780573][ T3719] Workqueue: hci0 hci_rx_work [ 257.783873][ T3719] Call Trace: [ 257.786067][ T3719] [ 257.787911][ T3719] dump_stack_lvl+0xcd/0x134 [ 257.791402][ T3719] sysfs_warn_dup.cold+0x1c/0x29 [ 257.794648][ T3719] sysfs_create_dir_ns+0x233/0x290 [ 257.798783][ T3719] ? sysfs_create_mount_point+0xb0/0xb0 [ 257.803066][ T3719] ? rwlock_bug.part.0+0x90/0x90 [ 257.806983][ T3719] ? do_raw_spin_unlock+0x171/0x230 [ 257.810522][ T3719] kobject_add_internal+0x2c9/0x8f0 [ 257.814553][ T3719] ? kvasprintf+0xd1/0x150 [ 257.818160][ T3719] kobject_add+0x150/0x1c0 [ 257.821992][ T3719] ? kset_create_and_add+0x1a0/0x1a0 [ 257.825437][ T3719] ? kfree+0x25b/0x390 [ 257.830156][ T3719] ? kfree+0x25b/0x390 [ 257.830922][ T4880] ERROR: Out of memory at tomoyo_realpath_from_path. [ 257.833383][ T3719] ? lockdep_hardirqs_on+0x79/0x100 [ 257.843584][ T3719] device_add+0x368/0x1e90 [ 257.849469][ T3719] ? dev_set_name+0xbb/0xf0 [ 257.853105][ T3719] ? device_initialize+0x540/0x540 [ 257.857606][ T3719] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 257.863361][ T3719] ? hci_le_cis_estabilished_evt+0x1ee/0xae0 [ 257.869995][ T3719] ? lock_downgrade+0x6e0/0x6e0 [ 257.874675][ T3719] ? hci_event_packet+0x425/0xfd0 [ 257.878636][ T3719] hci_conn_add_sysfs+0x9b/0x1b0 [ 257.882164][ T3719] hci_le_cis_estabilished_evt+0x57c/0xae0 [ 257.886787][ T3719] ? hci_cc_le_set_random_addr+0x290/0x290 [ 257.891332][ T3719] ? wait_for_completion_io_timeout+0x20/0x20 [ 257.895825][ T3719] hci_le_meta_evt+0x2b8/0x510 [ 257.899004][ T3719] ? hci_cc_le_set_random_addr+0x290/0x290 [ 257.902771][ T3719] hci_event_packet+0x63d/0xfd0 [ 257.906363][ T3719] ? hci_conn_drop+0x2f0/0x2f0 [ 257.909577][ T3719] ? hci_cs_create_conn+0x3a0/0x3a0 [ 257.913251][ T3719] ? kcov_remote_start+0x156/0x7a0 [ 257.917063][ T3719] hci_rx_work+0xae7/0x1230 [ 257.921528][ T3719] process_one_work+0x991/0x1610 [ 257.925450][ T3719] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 257.929711][ T3719] ? rwlock_bug.part.0+0x90/0x90 [ 257.933352][ T3719] ? _raw_spin_lock_irq+0x41/0x50 [ 257.939584][ T3719] worker_thread+0x665/0x1080 [ 257.943614][ T3719] ? process_one_work+0x1610/0x1610 [ 257.948429][ T3719] kthread+0x2e4/0x3a0 [ 257.951144][ T3719] ? kthread_complete_and_exit+0x40/0x40 [ 257.954691][ T3719] ret_from_fork+0x1f/0x30 [ 257.957784][ T3719] [ 257.961863][ T3719] kobject_add_internal failed for hci0:200 with -EEXIST, don't try to register things with the same name in the same directory. [ 257.970915][ T3719] Bluetooth: hci0: failed to register connection device [ 257.983373][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 257.988624][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 257.993898][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.002553][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.008711][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.016886][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.022269][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.028798][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.035123][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:32 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) (fail_nth: 1) [ 258.041085][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:32 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) (fail_nth: 2) [ 258.050379][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.058219][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.067538][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.075583][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.083233][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.091944][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:32 executing program 3: syz_mount_image$bfs(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, 0x2, &(0x7f00000018c0)=[{&(0x7f0000000600)="193c28909a1a3810746b1dfa8190c37cc29945c1cd1f58a522246757d8949619ef7cea8503ab364d14d2c1f073a7cec0e5187f33367ea09e0d5a096f9507fd1b194056a05097acef47ebee7697499789d0c4dbfd17fcd0fc075dbbe47974076ec925cfebe8dd7ba14b5b911bf3b21f777aa6c965e7ee28bca079c449cfb8d3d914667d99cd17743d61ebe8be5472f2411af911b9dfc3be74a53826f5bba037685e081e094f94290d84f8619d2f6b8ab53925a14a7b6bda55ba5b99e163032fa17564f2ff69f23d7ef938d02502632995724ee32c011dff59823033c98c6abb1ba66b630c5b4d5be00aad27", 0xeb, 0x100}, {&(0x7f0000000800)="2d313b795a2b63041dc13110e8cf7ca72e3a672307791c6596e270eaa06f260b238878c782f1119fa90b26d4cce2f0f3d571fe8e48dbdad41b278575881a4aec84cc480d156223a13b721a29f9562bfd6edec5345185a6eb6317da3b8aa2d47b329c652d497b03a77fc98e6cc0a0e5016e4392bc6f284705b8d4f87112df8439f1f75b314c8cdb3c97a2c2a04d5fe0945664b11bb54729f0cdfdb3867b174958c69860ca5d20452c085f30e7c66182c2e600056a2e78f265ca22bb914a1b287b78372eec147e90297326b76fd3293603611c804c5d98be4014f92eb209ced9f3e2", 0xe1, 0x100}], 0x0, &(0x7f0000001940)) [ 258.094151][ T4887] ERROR: Out of memory at tomoyo_realpath_from_path. [ 258.098952][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.106006][ T4889] loop3: detected capacity change from 0 to 1 02:06:32 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) (fail_nth: 3) [ 258.112605][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.125809][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:32 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) (async) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) (async) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x1d}, @hci_evt_le_cis_established={{}, {0x0, 0xc8, 'Y*S', "1b55e9", "c302b5", "4c628a", 0x4, 0x1, 0x4, 0x6, 0x1, 0x8, 0x40, 0x8, 0x8}}}}, 0x20) [ 258.132544][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.140918][ T4889] BFS-fs: bfs_fill_super(): No BFS filesystem on loop3 (magic=00000000) [ 258.147924][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.152708][ T4891] FAULT_INJECTION: forcing a failure. [ 258.152708][ T4891] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 258.152854][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.170661][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.177096][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.180361][ T4891] CPU: 0 PID: 4891 Comm: syz-executor.2 Not tainted 6.0.0-rc4-syzkaller-00302-gb96fbd602d35 #0 [ 258.182810][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.189765][ T4891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 258.189779][ T4891] Call Trace: [ 258.195874][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.201983][ T4891] [ 258.201995][ T4891] dump_stack_lvl+0xcd/0x134 [ 258.202021][ T4891] should_fail.cold+0x5/0xa [ 258.202051][ T4891] _copy_from_user+0x2a/0x170 [ 258.205838][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.212817][ T4891] video_usercopy+0xbb9/0x16b0 [ 258.215433][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.218805][ T4891] ? v4l_print_control+0x60/0x60 [ 258.223409][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.226430][ T4891] ? selinux_inode_getsecctx+0x90/0x90 [ 258.233335][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.237591][ T4891] ? v4l_enumstd+0x60/0x60 [ 258.245457][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.249576][ T4891] ? __ct_user_exit+0xff/0x150 [ 258.255540][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.259791][ T4891] ? lock_downgrade+0x6cb/0x6e0 [ 258.265098][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.267866][ T4891] v4l2_ioctl+0x1b3/0x250 [ 258.273649][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.277593][ T4891] ? v4l2_read+0x2b0/0x2b0 [ 258.284279][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.287579][ T4891] __x64_sys_ioctl+0x193/0x200 [ 258.294303][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.297242][ T4891] do_syscall_64+0x35/0xb0 [ 258.303394][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.306943][ T4891] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 258.313857][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.318363][ T4891] RIP: 0033:0x7f2aed2893c9 [ 258.325549][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.328529][ T4891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 258.333610][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.336832][ T4891] RSP: 002b:00007f2aee3cd168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 258.342071][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.344775][ T4891] RAX: ffffffffffffffda RBX: 00007f2aed39bf80 RCX: 00007f2aed2893c9 [ 258.349247][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.365993][ T4891] RDX: 0000000020000080 RSI: 00000000c0585609 RDI: 0000000000000003 [ 258.366010][ T4891] RBP: 00007f2aee3cd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 258.366018][ T4891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 258.366027][ T4891] R13: 00007ffc47aa5c6f R14: 00007f2aee3cd300 R15: 0000000000022000 [ 258.366038][ T4891] [ 258.428380][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.436040][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.442560][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.447733][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.457547][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.462605][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.471332][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.477082][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.482048][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.487813][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.493673][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.499458][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.508153][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.514548][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.520248][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.526610][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.533479][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:33 executing program 3: mq_unlink(&(0x7f0000000000)='.&[#\\&:}\x00') 02:06:33 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x2, 0x64}}]}}, 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000080)={{r0, r1+60000000}, {0x77359400}}, &(0x7f00000000c0)) 02:06:33 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) (fail_nth: 2) 02:06:33 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x2, 0x64}}]}}, 0x11) (async) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) (async) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000080)={{r0, r1+60000000}, {0x77359400}}, &(0x7f00000000c0)) [ 258.540532][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.547396][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:33 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) (fail_nth: 4) [ 258.552515][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:33 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) (fail_nth: 3) [ 258.558571][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.561701][ T4902] FAULT_INJECTION: forcing a failure. [ 258.561701][ T4902] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 258.564211][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.578434][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.583878][ T3719] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:200' [ 258.589536][ T4902] CPU: 0 PID: 4902 Comm: syz-executor.2 Not tainted 6.0.0-rc4-syzkaller-00302-gb96fbd602d35 #0 [ 258.596447][ T4902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 258.602395][ T4902] Call Trace: [ 258.604545][ T4902] [ 258.607170][ T4902] dump_stack_lvl+0xcd/0x134 [ 258.610552][ T4902] should_fail.cold+0x5/0xa [ 258.613628][ T4902] _copy_from_user+0x2a/0x170 [ 258.617248][ T4902] video_usercopy+0xbb9/0x16b0 [ 258.621380][ T4902] ? v4l_print_control+0x60/0x60 [ 258.625071][ T4902] ? selinux_inode_getsecctx+0x90/0x90 [ 258.629083][ T4902] ? v4l_enumstd+0x60/0x60 [ 258.631826][ T4902] ? __ct_user_exit+0xff/0x150 [ 258.634815][ T4902] ? lock_downgrade+0x6cb/0x6e0 [ 258.638834][ T4902] v4l2_ioctl+0x1b3/0x250 [ 258.641602][ T4902] ? v4l2_read+0x2b0/0x2b0 [ 258.644541][ T4902] __x64_sys_ioctl+0x193/0x200 [ 258.648300][ T4902] do_syscall_64+0x35/0xb0 [ 258.651989][ T4902] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 258.657139][ T4902] RIP: 0033:0x7f2aed2893c9 [ 258.661643][ T4902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 258.675255][ T4902] RSP: 002b:00007f2aee3cd168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 258.681268][ T4902] RAX: ffffffffffffffda RBX: 00007f2aed39bf80 RCX: 00007f2aed2893c9 [ 258.686193][ T4902] RDX: 0000000020000080 RSI: 00000000c0585609 RDI: 0000000000000003 [ 258.691670][ T4902] RBP: 00007f2aee3cd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 258.696697][ T4902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 258.701592][ T4902] R13: 00007ffc47aa5c6f R14: 00007f2aee3cd300 R15: 0000000000022000 [ 258.706400][ T4902] [ 258.709203][ T3719] CPU: 2 PID: 3719 Comm: kworker/u19:1 Not tainted 6.0.0-rc4-syzkaller-00302-gb96fbd602d35 #0 [ 258.716402][ T3719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 258.722595][ T3719] Workqueue: hci0 hci_rx_work [ 258.726079][ T3719] Call Trace: [ 258.728269][ T3719] [ 258.730244][ T3719] dump_stack_lvl+0xcd/0x134 [ 258.735425][ T3719] sysfs_warn_dup.cold+0x1c/0x29 [ 258.739060][ T3719] sysfs_create_dir_ns+0x233/0x290 [ 258.743003][ T3719] ? sysfs_create_mount_point+0xb0/0xb0 [ 258.749555][ T3719] ? rwlock_bug.part.0+0x90/0x90 [ 258.754309][ T3719] ? do_raw_spin_unlock+0x171/0x230 [ 258.759282][ T3719] kobject_add_internal+0x2c9/0x8f0 [ 258.763042][ T3719] kobject_add+0x150/0x1c0 [ 258.766133][ T3719] ? kset_create_and_add+0x1a0/0x1a0 [ 258.770556][ T3719] ? lockdep_init_map_type+0x21a/0x7f0 [ 258.775288][ T3719] ? __raw_spin_lock_init+0x36/0x110 [ 258.779437][ T3719] device_add+0x368/0x1e90 [ 258.782970][ T3719] ? dev_set_name+0xbb/0xf0 [ 258.790420][ T3719] ? device_initialize+0x540/0x540 [ 258.795884][ T3719] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 258.801214][ T3719] ? hci_le_cis_estabilished_evt+0x1ee/0xae0 [ 258.805735][ T4909] FAULT_INJECTION: forcing a failure. [ 258.805735][ T4909] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 258.807036][ T3719] ? lock_downgrade+0x6e0/0x6e0 [ 258.807060][ T3719] ? hci_event_packet+0x425/0xfd0 [ 258.807075][ T3719] hci_conn_add_sysfs+0x9b/0x1b0 [ 258.807089][ T3719] hci_le_cis_estabilished_evt+0x57c/0xae0 [ 258.834632][ T3719] ? hci_cc_le_set_random_addr+0x290/0x290 [ 258.839589][ T3719] ? wait_for_completion_io_timeout+0x20/0x20 [ 258.844235][ T3719] hci_le_meta_evt+0x2b8/0x510 [ 258.848796][ T3719] ? hci_cc_le_set_random_addr+0x290/0x290 [ 258.853861][ T3719] hci_event_packet+0x63d/0xfd0 [ 258.859026][ T3719] ? hci_conn_drop+0x2f0/0x2f0 [ 258.862680][ T3719] ? hci_cs_create_conn+0x3a0/0x3a0 [ 258.867102][ T3719] ? kcov_remote_start+0x156/0x7a0 [ 258.871851][ T3719] hci_rx_work+0xae7/0x1230 [ 258.875442][ T3719] process_one_work+0x991/0x1610 [ 258.878763][ T3719] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 258.883310][ T3719] ? rwlock_bug.part.0+0x90/0x90 [ 258.887741][ T3719] ? _raw_spin_lock_irq+0x41/0x50 [ 258.891115][ T3719] worker_thread+0x665/0x1080 [ 258.895493][ T3719] ? process_one_work+0x1610/0x1610 [ 258.900282][ T3719] kthread+0x2e4/0x3a0 [ 258.904843][ T3719] ? kthread_complete_and_exit+0x40/0x40 [ 258.909762][ T3719] ret_from_fork+0x1f/0x30 [ 258.912879][ T3719] [ 258.920204][ T4909] CPU: 1 PID: 4909 Comm: syz-executor.1 Not tainted 6.0.0-rc4-syzkaller-00302-gb96fbd602d35 #0 [ 258.920269][ T3719] kobject_add_internal failed for hci0:200 with -EEXIST, don't try to register things with the same name in the same directory. [ 258.929922][ T4909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 258.929936][ T4909] Call Trace: [ 258.942029][ T3719] Bluetooth: hci0: failed to register connection device [ 258.953395][ T4909] [ 258.953407][ T4909] dump_stack_lvl+0xcd/0x134 [ 258.953432][ T4909] should_fail.cold+0x5/0xa [ 258.953447][ T4909] _copy_from_user+0x2a/0x170 [ 258.953480][ T4909] video_usercopy+0xbb9/0x16b0 [ 258.953495][ T4909] ? v4l_print_control+0x60/0x60 [ 258.953508][ T4909] ? selinux_inode_getsecctx+0x90/0x90 [ 258.953521][ T4909] ? v4l_enumstd+0x60/0x60 [ 258.953534][ T4909] ? __ct_user_exit+0xff/0x150 [ 258.953547][ T4909] ? lock_downgrade+0x6cb/0x6e0 [ 258.953562][ T4909] v4l2_ioctl+0x1b3/0x250 [ 258.956591][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 258.961629][ T4909] ? v4l2_read+0x2b0/0x2b0 [ 258.961668][ T4909] __x64_sys_ioctl+0x193/0x200 [ 258.961714][ T4909] do_syscall_64+0x35/0xb0 [ 258.961741][ T4909] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 258.961766][ T4909] RIP: 0033:0x7fdcc36893c9 [ 258.961785][ T4909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 258.964374][ T3719] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:200' [ 258.967809][ T4909] RSP: 002b:00007fdcc4880168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 259.065710][ T4909] RAX: ffffffffffffffda RBX: 00007fdcc379bf80 RCX: 00007fdcc36893c9 [ 259.072904][ T4909] RDX: 0000000020000080 RSI: 00000000c0585609 RDI: 0000000000000003 [ 259.079505][ T4909] RBP: 00007fdcc48801d0 R08: 0000000000000000 R09: 0000000000000000 [ 259.089630][ T4909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 259.097599][ T4909] R13: 00007ffd3625d71f R14: 00007fdcc4880300 R15: 0000000000022000 [ 259.107410][ T4909] [ 259.110309][ T3719] CPU: 2 PID: 3719 Comm: kworker/u19:1 Not tainted 6.0.0-rc4-syzkaller-00302-gb96fbd602d35 #0 [ 259.118108][ T3719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 259.124118][ T3719] Workqueue: hci0 hci_rx_work [ 259.127334][ T3719] Call Trace: [ 259.130064][ T3719] [ 259.132671][ T3719] dump_stack_lvl+0xcd/0x134 [ 259.135879][ T3719] sysfs_warn_dup.cold+0x1c/0x29 [ 259.139189][ T3719] sysfs_create_dir_ns+0x233/0x290 [ 259.142558][ T3719] ? sysfs_create_mount_point+0xb0/0xb0 [ 259.152894][ T3719] ? rwlock_bug.part.0+0x90/0x90 [ 259.157169][ T3719] ? do_raw_spin_unlock+0x171/0x230 [ 259.161754][ T3719] kobject_add_internal+0x2c9/0x8f0 [ 259.166117][ T3719] ? asm_exc_stack_segment+0x11/0x30 [ 259.170601][ T3719] kobject_add+0x150/0x1c0 [ 259.174300][ T3719] ? kset_create_and_add+0x1a0/0x1a0 02:06:33 executing program 3: mq_unlink(&(0x7f0000000000)='.&[#\\&:}\x00') [ 259.179628][ T3719] ? lockdep_init_map_type+0x21a/0x7f0 [ 259.183832][ T3719] ? __raw_spin_lock_init+0x36/0x110 [ 259.187184][ T3719] device_add+0x368/0x1e90 02:06:34 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) (fail_nth: 5) [ 259.190659][ T3719] ? dev_set_name+0xbb/0xf0 [ 259.194331][ T3719] ? device_initialize+0x540/0x540 [ 259.197315][ T3719] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 259.201420][ T3719] ? hci_le_cis_estabilished_evt+0x1ee/0xae0 [ 259.206087][ T3719] ? lock_downgrade+0x6e0/0x6e0 [ 259.210855][ T3719] ? hci_event_packet+0x425/0xfd0 [ 259.213963][ T3719] hci_conn_add_sysfs+0x9b/0x1b0 [ 259.218512][ T3719] hci_le_cis_estabilished_evt+0x57c/0xae0 [ 259.224080][ T3719] ? hci_cc_le_set_random_addr+0x290/0x290 [ 259.228681][ T3719] ? wait_for_completion_io_timeout+0x20/0x20 [ 259.232794][ T3719] hci_le_meta_evt+0x2b8/0x510 [ 259.235811][ T3719] ? hci_cc_le_set_random_addr+0x290/0x290 [ 259.239141][ T3719] hci_event_packet+0x63d/0xfd0 [ 259.242756][ T3719] ? hci_conn_drop+0x2f0/0x2f0 [ 259.246510][ T3719] ? hci_cs_create_conn+0x3a0/0x3a0 [ 259.249866][ T3719] ? kcov_remote_start+0x156/0x7a0 [ 259.253926][ T3719] hci_rx_work+0xae7/0x1230 [ 259.256901][ T3719] process_one_work+0x991/0x1610 [ 259.260182][ T3719] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 259.264457][ T3719] ? rwlock_bug.part.0+0x90/0x90 [ 259.268011][ T3719] ? _raw_spin_lock_irq+0x41/0x50 [ 259.271671][ T3719] worker_thread+0x665/0x1080 [ 259.275315][ T3719] ? process_one_work+0x1610/0x1610 [ 259.279575][ T3719] kthread+0x2e4/0x3a0 [ 259.282847][ T3719] ? kthread_complete_and_exit+0x40/0x40 [ 259.287227][ T3719] ret_from_fork+0x1f/0x30 [ 259.291127][ T3719] 02:06:34 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x2, 0x64}}]}}, 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) (async) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000080)={{r0, r1+60000000}, {0x77359400}}, &(0x7f00000000c0)) [ 259.300981][ T3719] kobject_add_internal failed for hci0:200 with -EEXIST, don't try to register things with the same name in the same directory. [ 259.306023][ T4914] ERROR: Out of memory at tomoyo_realpath_from_path. [ 259.309672][ T3719] Bluetooth: hci0: failed to register connection device [ 259.319572][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 259.324631][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 259.329277][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 259.374582][ T39] audit: type=1400 audit(1662861994.194:193): avc: denied { rename } for pid=3114 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 259.397151][ T39] audit: type=1400 audit(1662861994.194:194): avc: denied { unlink } for pid=3114 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 259.420257][ T39] audit: type=1400 audit(1662861994.194:195): avc: denied { create } for pid=3114 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 02:06:34 executing program 3: syz_emit_ethernet(0x7a, &(0x7f0000000100)={@link_local, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "eb18e5", 0x44, 0x2f, 0x0, @ipv4, @mcast1, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8864}}}}}}}, 0x0) 02:06:34 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) (fail_nth: 6) [ 259.781133][ T4920] FAULT_INJECTION: forcing a failure. [ 259.781133][ T4920] name fail_usercopy, interval 1, probability 0, space 0, times 0 02:06:34 executing program 3: shmat(0x0, &(0x7f0000ffd000/0x3000)=nil, 0xd000) 02:06:34 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) (fail_nth: 4) [ 259.812124][ T4920] CPU: 2 PID: 4920 Comm: syz-executor.2 Not tainted 6.0.0-rc4-syzkaller-00302-gb96fbd602d35 #0 [ 259.819661][ T4920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 259.825609][ T4924] ERROR: Out of memory at tomoyo_realpath_from_path. [ 259.825636][ T4920] Call Trace: [ 259.825645][ T4920] [ 259.835226][ T4920] dump_stack_lvl+0xcd/0x134 [ 259.838033][ T4920] should_fail.cold+0x5/0xa [ 259.840918][ T4920] _copy_from_user+0x2a/0x170 [ 259.845107][ T4920] video_usercopy+0xbb9/0x16b0 [ 259.849107][ T4920] ? v4l_print_control+0x60/0x60 [ 259.852431][ T4920] ? selinux_inode_getsecctx+0x90/0x90 [ 259.857618][ T4926] loop3: detected capacity change from 0 to 15 [ 259.857907][ T4920] ? v4l_enumstd+0x60/0x60 [ 259.857941][ T4920] ? __ct_user_exit+0xff/0x150 [ 259.857966][ T4920] ? lock_downgrade+0x6cb/0x6e0 [ 259.874624][ T4920] v4l2_ioctl+0x1b3/0x250 [ 259.880337][ T4920] ? v4l2_read+0x2b0/0x2b0 [ 259.883563][ T4920] __x64_sys_ioctl+0x193/0x200 [ 259.886650][ T4920] do_syscall_64+0x35/0xb0 [ 259.887476][ T4926] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 259.890003][ T4920] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 259.890034][ T4920] RIP: 0033:0x7f2aed2893c9 02:06:34 executing program 3: syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x2, &(0x7f0000002340)=[{0x0, 0x0, 0xfff}, {&(0x7f00000001c0)="e6e895d37501a17e32dc99115f56595531dbf8282f78c47d447c69dfce1af6873085d509b5fc388372e8de96d7393adf629356be17dad2687b1a3b74b3290c85aed488ff10835c9c0af6d9ea65b095899464096c98074a3a453f0d92a57115a0b730ae6f262ea4cd9ed5a9af70c779c9f64b60e3da762d643c9b4198ca660c7028d4ba7128a11517c44b88575189f9ce3779b4f4f015cfd103c6c5f580222d221232c292566963e838e3fbeca588690c881d6905b37336044d5b89f26a7ef418beb3feca73a29dfc4124ca5ae4740a2e6e5f981a579b1b4409df82c17627f477e679169ef7beb59993e883274a5c1433f0ba64a34ea5c6cd12ffb0ba27ce553ad5ceb2b8f68748c21a3c56e27971084df2310e67d64d312dcf2669b8766c518e2a9193a131ad8cd250e5a3adb5a39e0f4a985734976f122dbe25c9f71fca81e07f16ba42064ffdcc60d83aab3b26acd1dea5ffed59c3b10b52020e3102663b8a1b4f4e67716e5dff84ae94f7ff22f5d89be75fdae6213d656932e0adaf7b625131d993fc7ca59ef719af5c550f71da71360eaafd7f36ec4854f22cf00b8227e29aa895c4a88567cb555914f834d49514ff5668bd3e9c30cc164db927021407a158ca34", 0x1c3, 0x7}], 0x4200001, &(0x7f0000002400)) 02:06:34 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) (fail_nth: 5) [ 259.890048][ T4920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 259.890065][ T4920] RSP: 002b:00007f2aee3cd168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 259.890084][ T4920] RAX: ffffffffffffffda RBX: 00007f2aed39bf80 RCX: 00007f2aed2893c9 [ 259.890097][ T4920] RDX: 0000000020000080 RSI: 00000000c0585609 RDI: 0000000000000003 [ 259.890108][ T4920] RBP: 00007f2aee3cd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 259.890119][ T4920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 259.890130][ T4920] R13: 00007ffc47aa5c6f R14: 00007f2aee3cd300 R15: 0000000000022000 [ 259.903957][ T4926] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 259.908342][ T4920] [ 259.918591][ T4928] FAULT_INJECTION: forcing a failure. [ 259.918591][ T4928] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 259.940234][ T4926] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 259.971927][ T4928] CPU: 0 PID: 4928 Comm: syz-executor.1 Not tainted 6.0.0-rc4-syzkaller-00302-gb96fbd602d35 #0 [ 259.975983][ T4926] UDF-fs: Scanning with blocksize 512 failed [ 259.984223][ T4928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 259.984242][ T4928] Call Trace: [ 259.984251][ T4928] [ 259.984260][ T4928] dump_stack_lvl+0xcd/0x134 [ 259.984314][ T4928] should_fail.cold+0x5/0xa [ 259.984381][ T4928] _copy_from_user+0x2a/0x170 [ 259.984407][ T4928] video_usercopy+0xbb9/0x16b0 [ 260.033590][ T4928] ? v4l_print_control+0x60/0x60 [ 260.037380][ T4928] ? selinux_inode_getsecctx+0x90/0x90 [ 260.041421][ T4928] ? v4l_enumstd+0x60/0x60 [ 260.046042][ T4928] ? __ct_user_exit+0xff/0x150 [ 260.050956][ T4928] ? lock_downgrade+0x6cb/0x6e0 [ 260.054774][ T4928] v4l2_ioctl+0x1b3/0x250 [ 260.058485][ T4928] ? v4l2_read+0x2b0/0x2b0 [ 260.062225][ T4928] __x64_sys_ioctl+0x193/0x200 [ 260.065587][ T4928] do_syscall_64+0x35/0xb0 [ 260.071229][ T4928] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 260.077625][ T4928] RIP: 0033:0x7fdcc36893c9 [ 260.081725][ T4928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 260.102453][ T4928] RSP: 002b:00007fdcc4880168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 260.110846][ T4928] RAX: ffffffffffffffda RBX: 00007fdcc379bf80 RCX: 00007fdcc36893c9 [ 260.116860][ T4928] RDX: 0000000020000080 RSI: 00000000c0585609 RDI: 0000000000000003 [ 260.122722][ T4928] RBP: 00007fdcc48801d0 R08: 0000000000000000 R09: 0000000000000000 [ 260.129541][ T4928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 260.139402][ T4928] R13: 00007ffd3625d71f R14: 00007fdcc4880300 R15: 0000000000022000 [ 260.145072][ T4928] [ 260.150308][ T4926] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 260.168786][ T4926] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 260.183838][ T4926] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 260.192538][ T4926] UDF-fs: Scanning with blocksize 1024 failed [ 260.198698][ T4926] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 260.220240][ T4926] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 260.230809][ T4926] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 260.239544][ T4926] UDF-fs: Scanning with blocksize 2048 failed [ 260.245577][ T4926] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 260.257387][ T4926] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 02:06:35 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) (fail_nth: 6) 02:06:35 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) (fail_nth: 7) 02:06:35 executing program 0: r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040), 0xa7c8277d9807d0d1, 0x0) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000080)={0x1, 0x4, 0x0, 0x1000, @vifc_lcl_addr=@broadcast, @private=0xa010101}, 0x10) syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="0200000c00080001000600040000000000d37fc461d23a2ced914fdd66750007ec8309d34b2c0937dce314dccdc81ec5d75c1c92747d5939955c3f1434c4356588a5217f31ae1aa5686ec830615ed6ab35efe1e21014a5f2356fa123755576d8c6c6d8b3e709db7830cee9a554db336cddd8e1a086b9d730d81e719fd423926bfec90b52d33b3df9814f0647d280c44962a97085650de4ca9968fb0c2f52e7ebe6d89ed21a5ca72c0971fa179ba43de6da625f59d5acdc7965d7fc79d5023ad5aac519b2c064ec91656337b31e5b78af742de8837bf9bcf8b11e6aafe9c8"], 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = dup2(0xffffffffffffffff, r1) r3 = openat(r2, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r3, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) sendmsg$NFT_MSG_GETTABLE(r3, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x800000, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@afid={'afid', 0x3d, 0xe6}}, {@cache_fscache}, {@version_u}, {@msize={'msize', 0x3d, 0x5294}}, {@debug={'debug', 0x3d, 0x7}}, {@uname={'uname', 0x3d, '\x00'}}, {@noextend}, {@noextend}], [{@permit_directio}, {@obj_type={'obj_type', 0x3d, '/dev/dlm-monitor\x00'}}]}}) [ 260.257632][ T4932] FAULT_INJECTION: forcing a failure. [ 260.257632][ T4932] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 260.257725][ T4931] FAULT_INJECTION: forcing a failure. [ 260.257725][ T4931] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 260.257841][ T4931] CPU: 1 PID: 4931 Comm: syz-executor.2 Not tainted 6.0.0-rc4-syzkaller-00302-gb96fbd602d35 #0 [ 260.257857][ T4931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 260.257864][ T4931] Call Trace: [ 260.257869][ T4931] [ 260.257874][ T4931] dump_stack_lvl+0xcd/0x134 [ 260.257895][ T4931] should_fail.cold+0x5/0xa [ 260.257910][ T4931] _copy_to_user+0x2a/0x140 [ 260.257926][ T4931] simple_read_from_buffer+0xcc/0x160 [ 260.257976][ T4931] proc_fail_nth_read+0x187/0x220 [ 260.257999][ T4931] ? proc_fault_inject_read+0x220/0x220 [ 260.258012][ T4931] ? security_file_permission+0xab/0xd0 [ 260.258040][ T4931] vfs_read+0x257/0x930 [ 260.258075][ T4931] ? proc_fault_inject_read+0x220/0x220 [ 260.258088][ T4931] ? kernel_read+0x1c0/0x1c0 [ 260.258103][ T4931] ? __fget_files+0x26a/0x440 [ 260.258120][ T4931] ksys_read+0x127/0x250 [ 260.258172][ T4931] ? vfs_write+0xdd0/0xdd0 [ 260.258196][ T4931] ? syscall_enter_from_user_mode+0x22/0xb0 [ 260.258216][ T4931] do_syscall_64+0x35/0xb0 [ 260.258231][ T4931] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 260.258247][ T4931] RIP: 0033:0x7f2aed23bf7c [ 260.258258][ T4931] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 260.258270][ T4931] RSP: 002b:00007f2aee3cd160 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 260.258285][ T4931] RAX: ffffffffffffffda RBX: 00007f2aed39bf80 RCX: 00007f2aed23bf7c [ 260.258294][ T4931] RDX: 000000000000000f RSI: 00007f2aee3cd1e0 RDI: 0000000000000004 [ 260.258303][ T4931] RBP: 00007f2aee3cd1d0 R08: 0000000000000000 R09: 0000000000000000 [ 260.258311][ T4931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 260.258319][ T4931] R13: 00007ffc47aa5c6f R14: 00007f2aee3cd300 R15: 0000000000022000 [ 260.258329][ T4931] [ 260.268510][ T4926] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 260.275274][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 260.282739][ T4926] UDF-fs: Scanning with blocksize 4096 failed [ 260.300373][ T4932] CPU: 2 PID: 4932 Comm: syz-executor.1 Not tainted 6.0.0-rc4-syzkaller-00302-gb96fbd602d35 #0 [ 260.310154][ T4926] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1) [ 260.312213][ T4932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 260.331193][ T4934] fs-verity (sda1, inode 1135): Malformed file signature [ 260.333409][ T4932] Call Trace: [ 260.333420][ T4932] [ 260.333425][ T4932] dump_stack_lvl+0xcd/0x134 [ 260.333448][ T4932] should_fail.cold+0x5/0xa [ 260.333464][ T4932] _copy_from_user+0x2a/0x170 [ 260.333479][ T4932] video_usercopy+0xbb9/0x16b0 [ 260.481809][ T4932] ? v4l_print_control+0x60/0x60 [ 260.485538][ T4932] ? selinux_inode_getsecctx+0x90/0x90 [ 260.493413][ T4932] ? v4l_enumstd+0x60/0x60 [ 260.496714][ T4932] ? __ct_user_exit+0xff/0x150 [ 260.500331][ T4932] ? lock_downgrade+0x6cb/0x6e0 [ 260.504145][ T4932] v4l2_ioctl+0x1b3/0x250 [ 260.508176][ T4932] ? v4l2_read+0x2b0/0x2b0 [ 260.511427][ T4932] __x64_sys_ioctl+0x193/0x200 [ 260.516039][ T4932] do_syscall_64+0x35/0xb0 [ 260.521026][ T4932] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 260.527540][ T4932] RIP: 0033:0x7fdcc36893c9 [ 260.531282][ T4932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 260.549823][ T4932] RSP: 002b:00007fdcc4880168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 260.555573][ T4932] RAX: ffffffffffffffda RBX: 00007fdcc379bf80 RCX: 00007fdcc36893c9 [ 260.561970][ T4932] RDX: 0000000020000080 RSI: 00000000c0585609 RDI: 0000000000000003 [ 260.568561][ T4932] RBP: 00007fdcc48801d0 R08: 0000000000000000 R09: 0000000000000000 [ 260.574554][ T4932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 260.579875][ T4932] R13: 00007ffd3625d71f R14: 00007fdcc4880300 R15: 0000000000022000 [ 260.585080][ T4932] [ 260.674697][ T4939] ntfs: (device loop3): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1. [ 260.684322][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:35 executing program 3: syz_mount_image$ntfs(&(0x7f0000000080), &(0x7f00000002c0)='./file0\x00', 0x0, 0x5, &(0x7f00000007c0), 0x0, &(0x7f0000000880)={[{@case_sensitive_yes}, {@umask}, {@mft_zone_multiplier}, {@errors_remount}, {@disable_sparse_no}, {@errors_remount}, {@errors_remount}, {@disable_sparse_yes}, {@errors_continue}, {@fmask}]}) 02:06:35 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:35 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) (fail_nth: 7) 02:06:35 executing program 0: r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040), 0xa7c8277d9807d0d1, 0x0) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000080)={0x1, 0x4, 0x0, 0x1000, @vifc_lcl_addr=@broadcast, @private=0xa010101}, 0x10) syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="0200000c00080001000600040000000000d37fc461d23a2ced914fdd66750007ec8309d34b2c0937dce314dccdc81ec5d75c1c92747d5939955c3f1434c4356588a5217f31ae1aa5686ec830615ed6ab35efe1e21014a5f2356fa123755576d8c6c6d8b3e709db7830cee9a554db336cddd8e1a086b9d730d81e719fd423926bfec90b52d33b3df9814f0647d280c44962a97085650de4ca9968fb0c2f52e7ebe6d89ed21a5ca72c0971fa179ba43de6da625f59d5acdc7965d7fc79d5023ad5aac519b2c064ec91656337b31e5b78af742de8837bf9bcf8b11e6aafe9c8"], 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = dup2(0xffffffffffffffff, r1) r3 = openat(r2, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r3, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) sendmsg$NFT_MSG_GETTABLE(r3, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x800000, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@afid={'afid', 0x3d, 0xe6}}, {@cache_fscache}, {@version_u}, {@msize={'msize', 0x3d, 0x5294}}, {@debug={'debug', 0x3d, 0x7}}, {@uname={'uname', 0x3d, '\x00'}}, {@noextend}, {@noextend}], [{@permit_directio}, {@obj_type={'obj_type', 0x3d, '/dev/dlm-monitor\x00'}}]}}) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040), 0xa7c8277d9807d0d1, 0x0) (async) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000080)={0x1, 0x4, 0x0, 0x1000, @vifc_lcl_addr=@broadcast, @private=0xa010101}, 0x10) (async) syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="0200000c00080001000600040000000000d37fc461d23a2ced914fdd66750007ec8309d34b2c0937dce314dccdc81ec5d75c1c92747d5939955c3f1434c4356588a5217f31ae1aa5686ec830615ed6ab35efe1e21014a5f2356fa123755576d8c6c6d8b3e709db7830cee9a554db336cddd8e1a086b9d730d81e719fd423926bfec90b52d33b3df9814f0647d280c44962a97085650de4ca9968fb0c2f52e7ebe6d89ed21a5ca72c0971fa179ba43de6da625f59d5acdc7965d7fc79d5023ad5aac519b2c064ec91656337b31e5b78af742de8837bf9bcf8b11e6aafe9c8"], 0x11) (async) timer_create(0x0, 0x0, &(0x7f0000000200)) (async) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) (async) socket$inet6_udp(0xa, 0x2, 0x0) (async) dup2(0xffffffffffffffff, r1) (async) openat(r2, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) (async) ioctl$FS_IOC_ENABLE_VERITY(r3, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) (async) sendmsg$NFT_MSG_GETTABLE(r3, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) (async) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x800000, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@afid={'afid', 0x3d, 0xe6}}, {@cache_fscache}, {@version_u}, {@msize={'msize', 0x3d, 0x5294}}, {@debug={'debug', 0x3d, 0x7}}, {@uname={'uname', 0x3d, '\x00'}}, {@noextend}, {@noextend}], [{@permit_directio}, {@obj_type={'obj_type', 0x3d, '/dev/dlm-monitor\x00'}}]}}) (async) [ 260.693342][ T4939] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 260.693907][ T4942] FAULT_INJECTION: forcing a failure. [ 260.693907][ T4942] name fail_usercopy, interval 1, probability 0, space 0, times 0 02:06:35 executing program 3: syz_mount_image$ntfs(&(0x7f0000000080), &(0x7f00000002c0)='./file0\x00', 0x0, 0x5, &(0x7f00000007c0), 0x0, &(0x7f0000000880)={[{@case_sensitive_yes}, {@umask}, {@mft_zone_multiplier}, {@errors_remount}, {@disable_sparse_no}, {@errors_remount}, {@errors_remount}, {@disable_sparse_yes}, {@errors_continue}, {@fmask}]}) [ 260.715292][ T4942] CPU: 1 PID: 4942 Comm: syz-executor.1 Not tainted 6.0.0-rc4-syzkaller-00302-gb96fbd602d35 #0 [ 260.723131][ T4942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 260.729897][ T4942] Call Trace: [ 260.732119][ T4942] 02:06:35 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x2, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 260.734329][ T4942] dump_stack_lvl+0xcd/0x134 [ 260.737919][ T4942] should_fail.cold+0x5/0xa [ 260.739396][ T4940] fs-verity (sda1, inode 1135): Malformed file signature [ 260.741348][ T4942] _copy_to_user+0x2a/0x140 [ 260.741383][ T4942] simple_read_from_buffer+0xcc/0x160 [ 260.741414][ T4942] proc_fail_nth_read+0x187/0x220 [ 260.741438][ T4942] ? proc_fault_inject_read+0x220/0x220 [ 260.758790][ T4942] ? security_file_permission+0xab/0xd0 [ 260.761997][ T4942] vfs_read+0x257/0x930 [ 260.764563][ T4942] ? proc_fault_inject_read+0x220/0x220 [ 260.767969][ T4942] ? kernel_read+0x1c0/0x1c0 [ 260.770767][ T4942] ? __fget_files+0x26a/0x440 [ 260.773721][ T4942] ksys_read+0x127/0x250 [ 260.776429][ T4942] ? vfs_write+0xdd0/0xdd0 [ 260.779113][ T4942] ? syscall_enter_from_user_mode+0x22/0xb0 [ 260.782683][ T4942] do_syscall_64+0x35/0xb0 [ 260.785718][ T4942] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 260.789718][ T4942] RIP: 0033:0x7fdcc363bf7c [ 260.795263][ T4942] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 260.807880][ T4942] RSP: 002b:00007fdcc4880160 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 260.813390][ T4942] RAX: ffffffffffffffda RBX: 00007fdcc379bf80 RCX: 00007fdcc363bf7c [ 260.818285][ T4942] RDX: 000000000000000f RSI: 00007fdcc48801e0 RDI: 0000000000000004 [ 260.823294][ T4942] RBP: 00007fdcc48801d0 R08: 0000000000000000 R09: 0000000000000000 [ 260.830122][ T4942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 260.835559][ T4942] R13: 00007ffd3625d71f R14: 00007fdcc4880300 R15: 0000000000022000 [ 260.841785][ T4942] [ 260.850491][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 260.859347][ T4953] ntfs: (device loop3): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1. [ 260.869176][ T4953] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 261.003052][ T4960] ntfs: (device loop3): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1. 02:06:35 executing program 3: syz_mount_image$ntfs(&(0x7f0000000080), &(0x7f00000002c0)='./file0\x00', 0x0, 0x5, &(0x7f00000007c0), 0x0, &(0x7f0000000880)={[{@case_sensitive_yes}, {@umask}, {@mft_zone_multiplier}, {@errors_remount}, {@disable_sparse_no}, {@errors_remount}, {@errors_remount}, {@disable_sparse_yes}, {@errors_continue}, {@fmask}]}) 02:06:35 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x10, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:35 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:35 executing program 0: r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040), 0xa7c8277d9807d0d1, 0x0) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000080)={0x1, 0x4, 0x0, 0x1000, @vifc_lcl_addr=@broadcast, @private=0xa010101}, 0x10) (async) syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="0200000c00080001000600040000000000d37fc461d23a2ced914fdd66750007ec8309d34b2c0937dce314dccdc81ec5d75c1c92747d5939955c3f1434c4356588a5217f31ae1aa5686ec830615ed6ab35efe1e21014a5f2356fa123755576d8c6c6d8b3e709db7830cee9a554db336cddd8e1a086b9d730d81e719fd423926bfec90b52d33b3df9814f0647d280c44962a97085650de4ca9968fb0c2f52e7ebe6d89ed21a5ca72c0971fa179ba43de6da625f59d5acdc7965d7fc79d5023ad5aac519b2c064ec91656337b31e5b78af742de8837bf9bcf8b11e6aafe9c8"], 0x11) (async) timer_create(0x0, 0x0, &(0x7f0000000200)) (async) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) (async, rerun: 64) r1 = socket$inet6_udp(0xa, 0x2, 0x0) (rerun: 64) r2 = dup2(0xffffffffffffffff, r1) r3 = openat(r2, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x44) ioctl$FS_IOC_ENABLE_VERITY(r3, 0x40806685, &(0x7f0000000280)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000240)="deef8d"}) sendmsg$NFT_MSG_GETTABLE(r3, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="71e3c0239cf138bec07cd52735139e669aa60edeb1d160743c84ffb0c4b80dea8f0e011bd65aa7d811d55fb247770b5a5e2e16b9d0d8a6658cd8778cc3141e7a4c9f5391b7d5a1de0f50d574d7af365601140e4c28248be7733cff32af7e22d2a3b34a1fe9bfe1ad7acfff7f6bfd1dcc6dcf30ab34fcd78feb225c65a8ab8be9a32644dcc7d1c483485512a57f7d37e356664a22"], 0x1a0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x800000, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@afid={'afid', 0x3d, 0xe6}}, {@cache_fscache}, {@version_u}, {@msize={'msize', 0x3d, 0x5294}}, {@debug={'debug', 0x3d, 0x7}}, {@uname={'uname', 0x3d, '\x00'}}, {@noextend}, {@noextend}], [{@permit_directio}, {@obj_type={'obj_type', 0x3d, '/dev/dlm-monitor\x00'}}]}}) [ 261.020667][ T4960] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 02:06:35 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x4b47, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:35 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x2, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:35 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x10, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:35 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x4b49, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:35 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x4b47, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:35 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x9f}, "68e11db0a9ca688c69572f609bfbcd88c15e889937a8ea9a424fe171489491ef7216e63ee77a8b6b0158d963ad63b5f161fa6222d6b6133fe63c5cd5ca805fe30a0ae28ed4a7c67d9074fa7c852c4c1c58e9c923dc10847fa5c3bc3e62e26a9f5f3e7d60e4da7e5d98ff506947ea9774f3d31f838d2afa4897c2d5de0f45164cddd8756f4f9b7b0bbe36e114c1f31f94eb0a7a77c9760994312abfe3159882"}, 0xa3) [ 261.085403][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:35 executing program 3: syz_mount_image$ntfs(&(0x7f0000000080), &(0x7f00000002c0)='./file0\x00', 0x0, 0x5, &(0x7f00000007c0), 0x0, &(0x7f0000000880)={[{@case_sensitive_yes}, {@umask}, {@mft_zone_multiplier}, {@errors_remount}, {@disable_sparse_no}, {@errors_remount}, {@errors_remount}, {@disable_sparse_yes}, {@errors_continue}, {@fmask}]}) 02:06:35 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x541b, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:35 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) (async, rerun: 64) timer_create(0x0, 0x0, &(0x7f0000000200)) (async, rerun: 64) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x9f}, "68e11db0a9ca688c69572f609bfbcd88c15e889937a8ea9a424fe171489491ef7216e63ee77a8b6b0158d963ad63b5f161fa6222d6b6133fe63c5cd5ca805fe30a0ae28ed4a7c67d9074fa7c852c4c1c58e9c923dc10847fa5c3bc3e62e26a9f5f3e7d60e4da7e5d98ff506947ea9774f3d31f838d2afa4897c2d5de0f45164cddd8756f4f9b7b0bbe36e114c1f31f94eb0a7a77c9760994312abfe3159882"}, 0xa3) 02:06:35 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x4b49, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 261.132261][ T4981] ntfs: (device loop3): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1. 02:06:35 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x5421, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:35 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x5450, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 261.156375][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.162285][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.167361][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:36 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x541b, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 261.172816][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:36 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) (async) timer_create(0x0, 0x0, &(0x7f0000000200)) (async) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) (async) syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x9f}, "68e11db0a9ca688c69572f609bfbcd88c15e889937a8ea9a424fe171489491ef7216e63ee77a8b6b0158d963ad63b5f161fa6222d6b6133fe63c5cd5ca805fe30a0ae28ed4a7c67d9074fa7c852c4c1c58e9c923dc10847fa5c3bc3e62e26a9f5f3e7d60e4da7e5d98ff506947ea9774f3d31f838d2afa4897c2d5de0f45164cddd8756f4f9b7b0bbe36e114c1f31f94eb0a7a77c9760994312abfe3159882"}, 0xa3) [ 261.182577][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.197168][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.203527][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.208373][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.214543][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.219561][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.225304][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.229907][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.238350][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.243474][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.248334][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.253554][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.258272][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.262898][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.267910][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.272979][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.277709][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.282446][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.289325][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.297264][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.304885][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.311895][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.319202][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.325823][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.331378][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.337317][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.344188][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.349384][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.355022][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.363010][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.369260][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.374775][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.381727][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.388398][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.398458][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.406101][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.411294][ T3761] Bluetooth: hci0: command 0x206e tx timeout [ 261.415419][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.421270][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.426648][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.431328][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.441511][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.447447][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.453693][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.460298][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.465834][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.472227][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.478361][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:36 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x5421, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:36 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x5451, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:36 executing program 3: syz_mount_image$ntfs(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f00000007c0), 0x0, &(0x7f0000000880)={[{@case_sensitive_yes}, {@umask}, {@mft_zone_multiplier}, {@errors_remount}, {@disable_sparse_no}, {@errors_remount}, {@errors_remount}, {@disable_sparse_yes}, {@errors_continue}, {@fmask}]}) [ 261.484185][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:36 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x5450, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:36 executing program 3: syz_mount_image$ntfs(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f00000007c0), 0x0, &(0x7f0000000880)={[{@case_sensitive_yes}, {@umask}, {@mft_zone_multiplier}, {@errors_remount}, {@disable_sparse_no}, {@errors_remount}, {@errors_remount}, {@disable_sparse_yes}, {@errors_continue}, {@fmask}]}) [ 261.491366][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:36 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x5452, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 261.498556][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.505831][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.512827][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:36 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x5451, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 261.519461][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.528045][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.534403][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.539152][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:36 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x5460, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 261.544893][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.551124][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:36 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x5452, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 261.556786][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.563124][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.563948][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.567313][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.572218][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:36 executing program 3: syz_mount_image$ntfs(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f00000007c0), 0x0, &(0x7f0000000880)={[{@case_sensitive_yes}, {@umask}, {@mft_zone_multiplier}, {@errors_remount}, {@disable_sparse_no}, {@errors_remount}, {@errors_remount}, {@disable_sparse_yes}, {@errors_continue}, {@fmask}]}) 02:06:36 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x5460, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:36 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x8933, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:36 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x400448c9, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:36 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x8933, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:36 executing program 3: syz_mount_image$ntfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f00000007c0), 0x0, &(0x7f0000000880)={[{@case_sensitive_yes}, {@umask}, {@mft_zone_multiplier}, {@errors_remount}, {@disable_sparse_no}, {@errors_remount}, {@errors_remount}, {@disable_sparse_yes}, {@errors_continue}, {@fmask}]}) 02:06:36 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xb}, @l2cap_cid_signaling={{0x7}, [@l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x4d, 0xf8}}]}}, 0x10) timer_create(0x0, 0x0, &(0x7f0000000200)=0x0) syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x2, 0xa}, {0x4, 0x20, 0x7, 0xd148, 0x8}}}}, 0x17) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) timer_settime(r0, 0x0, &(0x7f0000000080), &(0x7f00000000c0)) [ 261.862728][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:36 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x400448c9, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:36 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x400448dd, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:36 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xb}, @l2cap_cid_signaling={{0x7}, [@l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x4d, 0xf8}}]}}, 0x10) (async) timer_create(0x0, 0x0, &(0x7f0000000200)=0x0) (async, rerun: 64) syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x2, 0xa}, {0x4, 0x20, 0x7, 0xd148, 0x8}}}}, 0x17) (rerun: 64) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) (async, rerun: 32) timer_settime(r0, 0x0, &(0x7f0000000080), &(0x7f00000000c0)) (rerun: 32) [ 261.908148][ T3719] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 262.097504][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:36 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x400454ca, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:36 executing program 3: syz_mount_image$ntfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f00000007c0), 0x0, &(0x7f0000000880)={[{@case_sensitive_yes}, {@umask}, {@mft_zone_multiplier}, {@errors_remount}, {@disable_sparse_no}, {@errors_remount}, {@errors_remount}, {@disable_sparse_yes}, {@errors_continue}, {@fmask}]}) 02:06:36 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xb}, @l2cap_cid_signaling={{0x7}, [@l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x4d, 0xf8}}]}}, 0x10) timer_create(0x0, 0x0, &(0x7f0000000200)=0x0) syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x2, 0xa}, {0x4, 0x20, 0x7, 0xd148, 0x8}}}}, 0x17) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) timer_settime(r0, 0x0, &(0x7f0000000080), &(0x7f00000000c0)) syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xb}, @l2cap_cid_signaling={{0x7}, [@l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x4d, 0xf8}}]}}, 0x10) (async) timer_create(0x0, 0x0, &(0x7f0000000200)) (async) syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x2, 0xa}, {0x4, 0x20, 0x7, 0xd148, 0x8}}}}, 0x17) (async) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) (async) timer_settime(r0, 0x0, &(0x7f0000000080), &(0x7f00000000c0)) (async) 02:06:36 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x400448dd, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 262.123816][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:37 executing program 3: syz_mount_image$ntfs(&(0x7f0000000080), 0x0, 0x0, 0x0, &(0x7f00000007c0), 0x0, &(0x7f0000000880)={[{@case_sensitive_yes}, {@umask}, {@mft_zone_multiplier}, {@errors_remount}, {@disable_sparse_no}, {@errors_remount}, {@errors_remount}, {@disable_sparse_yes}, {@errors_continue}, {@fmask}]}) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x40049409, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x400454ca, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x40086602, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x40049409, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)=0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_phy_link_complete={{0x40, 0x2}, {0x6, 0xc8}}}, 0x5) syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0x21}, @l2cap_cid_signaling={{0x1d}, [@l2cap_disconn_req={{0x6, 0x7, 0x4}, {0x5, 0x40}}, @l2cap_move_chan_req={{0xe, 0x97, 0x3}, {0x1, 0x1f}}, @l2cap_cmd_rej_unk={{0x1, 0x6, 0x2}, {0x3}}, @l2cap_conn_req={{0x2, 0x72, 0x4}, {0x8, 0x6}}]}}, 0x26) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f0000000080)={{r1, r2+10000000}, {0x77359400}}, &(0x7f00000000c0)) [ 262.221760][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 262.405578][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x40086602, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 3: syz_mount_image$ntfs(&(0x7f0000000080), &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)={[{@case_sensitive_yes}, {@umask}, {@mft_zone_multiplier}, {@errors_remount}, {@disable_sparse_no}, {@errors_remount}, {@errors_remount}, {@disable_sparse_yes}, {@errors_continue}, {@fmask}]}) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x40087602, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x40087602, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) (async) timer_create(0x0, 0x0, &(0x7f0000000200)=0x0) (async) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) (async) syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_phy_link_complete={{0x40, 0x2}, {0x6, 0xc8}}}, 0x5) (async) syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0x21}, @l2cap_cid_signaling={{0x1d}, [@l2cap_disconn_req={{0x6, 0x7, 0x4}, {0x5, 0x40}}, @l2cap_move_chan_req={{0xe, 0x97, 0x3}, {0x1, 0x1f}}, @l2cap_cmd_rej_unk={{0x1, 0x6, 0x2}, {0x3}}, @l2cap_conn_req={{0x2, 0x72, 0x4}, {0x8, 0x6}}]}}, 0x26) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f0000000080)={{r1, r2+10000000}, {0x77359400}}, &(0x7f00000000c0)) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x40186366, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 3: syz_mount_image$ntfs(&(0x7f0000000080), &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)={[{@case_sensitive_yes}, {@umask}, {@mft_zone_multiplier}, {@errors_remount}, {@disable_sparse_no}, {@errors_remount}, {@errors_remount}, {@disable_sparse_yes}, {@errors_continue}, {@fmask}]}) 02:06:37 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) (async) timer_create(0x0, 0x0, &(0x7f0000000200)=0x0) (async, rerun: 64) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) (async, rerun: 64) syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_phy_link_complete={{0x40, 0x2}, {0x6, 0xc8}}}, 0x5) (async) syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0x21}, @l2cap_cid_signaling={{0x1d}, [@l2cap_disconn_req={{0x6, 0x7, 0x4}, {0x5, 0x40}}, @l2cap_move_chan_req={{0xe, 0x97, 0x3}, {0x1, 0x1f}}, @l2cap_cmd_rej_unk={{0x1, 0x6, 0x2}, {0x3}}, @l2cap_conn_req={{0x2, 0x72, 0x4}, {0x8, 0x6}}]}}, 0x26) (async) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f0000000080)={{r1, r2+10000000}, {0x77359400}}, &(0x7f00000000c0)) 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x40186366, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x401c5820, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 3: syz_mount_image$ntfs(&(0x7f0000000080), &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)={[{@case_sensitive_yes}, {@umask}, {@mft_zone_multiplier}, {@errors_remount}, {@disable_sparse_no}, {@errors_remount}, {@errors_remount}, {@disable_sparse_yes}, {@errors_continue}, {@fmask}]}) 02:06:37 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x4020940d, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 262.470691][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x401c5820, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 262.577077][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 262.584084][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 262.615518][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 262.696481][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 262.727904][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 262.734727][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 262.786393][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 262.798721][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 262.838489][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:37 executing program 3: syz_mount_image$ntfs(&(0x7f0000000080), &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f00000007c0), 0x0, 0x0) 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x80086301, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) (async) syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2) (async) timer_create(0x0, 0x0, &(0x7f0000000200)) (async) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) (async) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x4020940d, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) (async) syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x80086601, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x80086301, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 3: syz_mount_image$ntfs(&(0x7f0000000080), &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f00000007c0), 0x0, 0x0) 02:06:37 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04350636d5b4d82aff"], 0x9) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x80086601, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04350636d5b4d82aff"], 0x9) syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) (async) timer_create(0x0, 0x0, &(0x7f0000000200)) (async) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04350636d5b4d82aff"], 0x9) (async) 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x80087601, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04350636d5b4d82aff"], 0x9) syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) (async) timer_create(0x0, 0x0, &(0x7f0000000200)) (async) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04350636d5b4d82aff"], 0x9) (async) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x80087601, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 3: syz_mount_image$ntfs(&(0x7f0000000080), &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f00000007c0), 0x0, 0x0) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x801c581f, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0x801c581f, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 0: syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x1f}, @l2cap_cid_signaling={{0x1b}, [@l2cap_create_chan_req={{0xc, 0x5, 0x5}, {0x7, 0x44f5, 0x9}}, @l2cap_create_chan_rsp={{0xd, 0x61, 0x8}, {0xffff, 0x0, 0x4, 0xfffa}}, @l2cap_cmd_rej_unk={{0x1, 0x7, 0x2}}]}}, 0x24) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0045878, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0045878, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 0: syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x1f}, @l2cap_cid_signaling={{0x1b}, [@l2cap_create_chan_req={{0xc, 0x5, 0x5}, {0x7, 0x44f5, 0x9}}, @l2cap_create_chan_rsp={{0xd, 0x61, 0x8}, {0xffff, 0x0, 0x4, 0xfffa}}, @l2cap_cmd_rej_unk={{0x1, 0x7, 0x2}}]}}, 0x24) (async) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0045878, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 3: syz_mount_image$ntfs(&(0x7f0000000080), &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f00000007c0), 0x0, &(0x7f0000000880)={[{@case_sensitive_yes}, {@umask}, {@mft_zone_multiplier}, {@errors_remount}, {@disable_sparse_no}, {@errors_remount}, {@errors_remount}, {@disable_sparse_yes}, {@errors_continue}]}) 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0045878, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0189436, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 262.893630][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0189436, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 0: syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x1f}, @l2cap_cid_signaling={{0x1b}, [@l2cap_create_chan_req={{0xc, 0x5, 0x5}, {0x7, 0x44f5, 0x9}}, @l2cap_create_chan_rsp={{0xd, 0x61, 0x8}, {0xffff, 0x0, 0x4, 0xfffa}}, @l2cap_cmd_rej_unk={{0x1, 0x7, 0x2}}]}}, 0x24) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0205647, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 262.924600][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 263.020167][ T3728] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 263.033704][ T3728] ================================================================== [ 263.039623][ T3728] BUG: KASAN: use-after-free in __list_del_entry_valid+0xf2/0x110 [ 263.045039][ T3728] Read of size 8 at addr ffff8880153c1068 by task kworker/u19:6/3728 [ 263.054890][ T3728] [ 263.057261][ T3728] CPU: 1 PID: 3728 Comm: kworker/u19:6 Not tainted 6.0.0-rc4-syzkaller-00302-gb96fbd602d35 #0 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0205647, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0205649, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc020660b, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0205649, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x0, 0xc9, 0xab}}}, 0x7) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0x9) 02:06:37 executing program 3: syz_mount_image$ntfs(&(0x7f0000000080), &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f00000007c0), 0x0, &(0x7f0000000880)={[{@case_sensitive_yes}, {@umask}, {@mft_zone_multiplier}, {@errors_remount}, {@disable_sparse_no}, {@errors_remount}, {@errors_remount}, {@disable_sparse_yes}, {@errors_continue}]}) 02:06:37 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) (async, rerun: 32) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x0, 0xc9, 0xab}}}, 0x7) (rerun: 32) timer_create(0x0, 0x0, &(0x7f0000000200)) (async) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0x9) 02:06:37 executing program 1: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc020660b, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) 02:06:37 executing program 2: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0285628, &(0x7f0000000080)={0x0, 0xd, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "74aa5386"}}) [ 263.064591][ T3728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 263.072693][ T3728] Workqueue: hci0 hci_rx_work [ 263.075663][ T3728] Call Trace: [ 263.077769][ T3728] [ 263.079677][ T3728] dump_stack_lvl+0xcd/0x134 [ 263.082600][ T3728] print_report.cold+0x2ba/0x6e9 02:06:37 executing program 0: syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x0, 0xc9, 0xab}}}, 0x7) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0x9) syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}}]}}, 0x11) (async) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x0, 0xc9, 0xab}}}, 0x7) (async) timer_create(0x0, 0x0, &(0x7f0000000200)) (async) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0x9) (async) [ 263.085956][ T3728] ? __list_del_entry_valid+0xf2/0x110 [ 263.090125][ T3728] kasan_report+0xb1/0x1e0 [ 263.092844][ T3728] ? lock_release+0x780/0x780 [ 263.095910][ T3728] ? __list_del_entry_valid+0xf2/0x110 [ 263.099407][ T3728] __list_del_entry_valid+0xf2/0x110 [ 263.102796][ T3728] klist_release+0x66/0x480 [ 263.106150][ T3728] ? put_device+0x30/0x30 [ 263.110076][ T3728] klist_put+0x151/0x1d0 [ 263.113150][ T3728] device_del+0x243/0xc80 [ 263.115919][ T3728] ? __device_link_del+0x380/0x380 [ 263.119036][ T3728] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 263.123104][ T3728] hci_conn_del_sysfs+0xdc/0x180 [ 263.127136][ T3728] hci_conn_cleanup+0x315/0x7b0 [ 263.130788][ T3728] hci_conn_del+0x29b/0x790 [ 263.133509][ T3728] hci_disconn_complete_evt+0x833/0xeb0 [ 263.136819][ T3728] ? skb_pull_data+0xf7/0x130 [ 263.139957][ T3728] hci_event_packet+0x952/0xfd0 [ 263.142969][ T3728] ? hci_cc_le_set_adv_enable+0x5b0/0x5b0 [ 263.147187][ T3728] ? hci_cs_create_conn+0x3a0/0x3a0 [ 263.151383][ T3728] ? kcov_remote_start+0x156/0x7a0 [ 263.155280][ T3728] hci_rx_work+0xae7/0x1230 [ 263.157975][ T3728] process_one_work+0x991/0x1610 [ 263.161013][ T3728] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 263.164323][ T3728] ? rwlock_bug.part.0+0x90/0x90 [ 263.168159][ T3728] ? _raw_spin_lock_irq+0x41/0x50 [ 263.171561][ T3728] worker_thread+0x665/0x1080 [ 263.174511][ T3728] ? process_one_work+0x1610/0x1610 [ 263.177899][ T3728] kthread+0x2e4/0x3a0 [ 263.181073][ T3728] ? kthread_complete_and_exit+0x40/0x40 [ 263.185582][ T3728] ret_from_fork+0x1f/0x30 [ 263.188843][ T3728] [ 263.191272][ T3728] [ 263.192920][ T3728] Allocated by task 5178: [ 263.195995][ T3728] kasan_save_stack+0x1e/0x40 [ 263.199114][ T3728] __kasan_kmalloc+0xa6/0xd0 [ 263.202329][ T3728] __alloc_skb+0xd9/0x2f0 [ 263.205039][ T3728] vhci_write+0xbd/0x460 [ 263.207766][ T3728] vfs_write+0x9e9/0xdd0 [ 263.210704][ T3728] ksys_write+0x127/0x250 [ 263.213688][ T3728] do_syscall_64+0x35/0xb0 [ 263.216655][ T3728] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 263.220723][ T3728] [ 263.222210][ T3728] The buggy address belongs to the object at ffff8880153c1000 [ 263.222210][ T3728] which belongs to the cache kmalloc-512 of size 512 [ 263.230759][ T3728] The buggy address is located 104 bytes inside of [ 263.230759][ T3728] 512-byte region [ffff8880153c1000, ffff8880153c1200) [ 263.239183][ T3728] [ 263.240679][ T3728] The buggy address belongs to the physical page: [ 263.244611][ T3728] page:ffffea000054f040 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x153c1 [ 263.251575][ T3728] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff) [ 263.257212][ T3728] raw: 00fff00000000200 ffffea000079d388 ffffea00006e1048 ffff888011840600 [ 263.262558][ T3728] raw: 0000000000000000 ffff8880153c1000 0000000100000004 0000000000000000 [ 263.267875][ T3728] page dumped because: kasan: bad access detected [ 263.271645][ T3728] page_owner tracks the page as allocated [ 263.275382][ T3728] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2c20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_THISNODE), pid 3133, tgid 3133 (udevadm), ts 29468100484, free_ts 29467984114 [ 263.288589][ T3728] get_page_from_freelist+0x109b/0x2ce0 [ 263.292082][ T3728] __alloc_pages+0x1c7/0x510 [ 263.294977][ T3728] cache_grow_begin+0x75/0x360 [ 263.298084][ T3728] cache_alloc_refill+0x27f/0x380 [ 263.301268][ T3728] kmem_cache_alloc_node_trace+0x50a/0x570 [ 263.305050][ T3728] __kmalloc_node_track_caller+0x38/0x60 [ 263.308396][ T3728] __alloc_skb+0xd9/0x2f0 [ 263.310822][ T3728] alloc_uevent_skb+0x7b/0x210 [ 263.314136][ T3728] kobject_uevent_env+0xc2e/0x1640 [ 263.317686][ T3728] kobject_synth_uevent+0x701/0x850 [ 263.320925][ T3728] bus_uevent_store+0x46/0x90 [ 263.324142][ T3728] bus_attr_store+0x72/0xa0 [ 263.326815][ T3728] sysfs_kf_write+0x110/0x160 [ 263.330315][ T3728] kernfs_fop_write_iter+0x3f8/0x610 [ 263.333656][ T3728] vfs_write+0x9e9/0xdd0 [ 263.336090][ T3728] ksys_write+0x127/0x250 [ 263.338938][ T3728] page last free stack trace: [ 263.341909][ T3728] free_pcp_prepare+0x5e4/0xd20 [ 263.344922][ T3728] free_unref_page+0x19/0x4d0 [ 263.348211][ T3728] inode_doinit_with_dentry+0x868/0x12e0 [ 263.351723][ T3728] selinux_d_instantiate+0x23/0x30 [ 263.355569][ T3728] security_d_instantiate+0x50/0xe0 [ 263.359205][ T3728] d_splice_alias+0x8c/0xc80 [ 263.362796][ T3728] kernfs_iop_lookup+0x27f/0x320 [ 263.366390][ T3728] lookup_open.isra.0+0x76a/0x12a0 [ 263.369888][ T3728] path_openat+0x996/0x28f0 [ 263.372732][ T3728] do_filp_open+0x1b6/0x400 [ 263.375681][ T3728] do_sys_openat2+0x16d/0x4c0 [ 263.378950][ T3728] __x64_sys_openat+0x13f/0x1f0 [ 263.382611][ T3728] do_syscall_64+0x35/0xb0 [ 263.385603][ T3728] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 263.389480][ T3728] [ 263.390986][ T3728] Memory state around the buggy address: [ 263.394485][ T3728] ffff8880153c0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 263.399562][ T3728] ffff8880153c0f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 263.404542][ T3728] >ffff8880153c1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 263.409748][ T3728] ^ [ 263.414231][ T3728] ffff8880153c1080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 263.419243][ T3728] ffff8880153c1100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 263.424049][ T3728] ================================================================== [ 263.429227][ T3728] Kernel panic - not syncing: panic_on_warn set ... [ 263.434320][ T3728] CPU: 1 PID: 3728 Comm: kworker/u19:6 Not tainted 6.0.0-rc4-syzkaller-00302-gb96fbd602d35 #0 [ 263.442836][ T3728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 263.449631][ T3728] Workqueue: hci0 hci_rx_work [ 263.452718][ T3728] Call Trace: [ 263.455438][ T3728] [ 263.460627][ T3728] dump_stack_lvl+0xcd/0x134 [ 263.463871][ T3728] panic+0x2c8/0x627 [ 263.466473][ T3728] ? panic_print_sys_info.part.0+0x10b/0x10b [ 263.470183][ T3728] ? __list_del_entry_valid+0xf2/0x110 [ 263.473784][ T3728] end_report.part.0+0x3f/0x7c [ 263.477025][ T3728] kasan_report.cold+0xa/0xf [ 263.480348][ T3728] ? lock_release+0x780/0x780 [ 263.483229][ T3728] ? __list_del_entry_valid+0xf2/0x110 [ 263.486947][ T3728] __list_del_entry_valid+0xf2/0x110 [ 263.490249][ T3728] klist_release+0x66/0x480 [ 263.493147][ T3728] ? put_device+0x30/0x30 [ 263.496348][ T3728] klist_put+0x151/0x1d0 [ 263.499170][ T3728] device_del+0x243/0xc80 [ 263.501848][ T3728] ? __device_link_del+0x380/0x380 [ 263.505436][ T3728] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 263.509804][ T3728] hci_conn_del_sysfs+0xdc/0x180 [ 263.512909][ T3728] hci_conn_cleanup+0x315/0x7b0 [ 263.516512][ T3728] hci_conn_del+0x29b/0x790 [ 263.519620][ T3728] hci_disconn_complete_evt+0x833/0xeb0 [ 263.523242][ T3728] ? skb_pull_data+0xf7/0x130 [ 263.526566][ T3728] hci_event_packet+0x952/0xfd0 [ 263.530076][ T3728] ? hci_cc_le_set_adv_enable+0x5b0/0x5b0 [ 263.533609][ T3728] ? hci_cs_create_conn+0x3a0/0x3a0 [ 263.537437][ T3728] ? kcov_remote_start+0x156/0x7a0 [ 263.540830][ T3728] hci_rx_work+0xae7/0x1230 [ 263.543908][ T3728] process_one_work+0x991/0x1610 [ 263.547811][ T3728] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 263.551385][ T3728] ? rwlock_bug.part.0+0x90/0x90 [ 263.554675][ T3728] ? _raw_spin_lock_irq+0x41/0x50 [ 263.558671][ T3728] worker_thread+0x665/0x1080 [ 263.561481][ T3728] ? process_one_work+0x1610/0x1610 [ 263.564810][ T3728] kthread+0x2e4/0x3a0 [ 263.567755][ T3728] ? kthread_complete_and_exit+0x40/0x40 [ 263.572087][ T3728] ret_from_fork+0x1f/0x30 [ 263.574791][ T3728] [ 263.578114][ T3728] Kernel Offset: disabled [ 263.580822][ T3728] Rebooting in 86400 seconds.. VM DIAGNOSIS: 02:06:38 Registers: info registers vcpu 0 RAX=ffff88801b7f2c02 RBX=1ffff920005d1e31 RCX=0000000000000001 RDX=dffffc0000000000 RSI=ffff88801b7f2be0 RDI=ffff88801b7f2c02 RBP=ffffffff908e1560 RSP=ffffc90002e8f150 R8 =0000000000000000 R9 =ffffffff908df947 R10=fffffbfff211bf28 R11=ffff88807ffd6760 R12=ffff88801b7f2be0 R13=0000000000000008 R14=0000000000000002 R15=0000000000048000 RIP=ffffffff815e2133 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f82395a2800 ffffffff 00c00000 GS =0000 ffff88802c800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f823989ba49 CR3=000000001cc23000 CR4=00150ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a XMM01=000000000000000000ffff0000000000 XMM02=000000000000000000ffff0000000000 XMM03=203a68746f6f7465756c42205d383237 XMM04=65203830203432203434203938203834 XMM05=6666206666203066203030206433203e XMM06=38302034322063372062382030632039 XMM07=20383420383120343220343520623820 XMM08=2e32363220205b3e3300003020656c64 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000079 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff846162a1 RDI=ffffffff91486000 RBP=ffffffff91485fc0 RSP=ffffc9000301f3e0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3335313038386552 R12=0000000000000000 R13=0000000000000079 R14=ffffffff84616240 R15=0000000000000000 RIP=ffffffff846162cb RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c900000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fffb4122028 CR3=00000000718ec000 CR4=00150ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 2 RAX=0000000000000003 RBX=0000000000000001 RCX=000000000003f5c7 RDX=0000000000011aa9 RSI=ffffffff821aa999 RDI=ffffffff8f02afd8 RBP=ffffc90002e9f5b0 RSP=ffffc90002e9f4f8 R8 =ffffffff8be023e0 R9 =ffffc90002e9f59c R10=fffff520005d3eb8 R11=000000000008c07c R12=ffffc90002e9f59d R13=ffffc90002e9f568 R14=ffffffff821aa998 R15=0000000000011aa9 RIP=ffffffff8135edfc RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00005555570cd400 ffffffff 00c00000 GS =0000 ffff88802ca00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005555570d6848 CR3=000000007199d000 CR4=00150ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000a60ce07b00000000cec3662e XMM01=00000000000000003edb82166b77a12c XMM02=00000000000000005931608782dc365e XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 3 RAX=0000000080000000 RBX=000000000000002c RCX=ffffffff83c4c036 RDX=ffff888014b5e000 RSI=0000000000000000 RDI=0000000000000003 RBP=dffffc0000000000 RSP=ffffc90002edf768 R8 =0000000000000003 R9 =00000000000000ff R10=000000000000002c R11=000000000008c07c R12=ffffc90002edf860 R13=ffff888015412e00 R14=ffff888015412e30 R15=000000000000002c RIP=ffffffff817b33b1 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f0f5a914840 ffffffff 00c00000 GS =0000 ffff88802cb00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f1763197000 CR3=0000000022e8b000 CR4=00150ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00ff000000000000ff00000000000000 XMM02=ffffffffffff00000000000000000000 XMM03=00000000000000000000ff00ff0000ff XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=ffff000000000000ffff000000000000 XMM06=ffffffffffff0000ffffffffffffffff XMM07=00000000000000000000000000000000 XMM08=65726168732f6372732f2e2e2f2e2e00 XMM09=00000000000000000000000000000000 XMM10=73737373737371f2737373435c021e73 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000