last executing test programs: 1.29006308s ago: executing program 1 (id=774): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r5, {0x8, 0x7}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x22044028}, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r6, {0x8, 0x7}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0xffe0, 0xb}}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x22044028}, 0x0) 1.109066348s ago: executing program 1 (id=777): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000800)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {}, {0x2, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}]}]}}]}, 0x3c}}, 0x20040040) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.108131658s ago: executing program 1 (id=780): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x10}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001300)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {}, {0xa}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x2}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) 1.049576482s ago: executing program 3 (id=781): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="38000000b003d8"], 0x48) (async) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) (async) r1 = add_key$user(&(0x7f0000000040), &(0x7f0000000180)={'syz', 0x0}, &(0x7f0000000080)='\x00', 0x1, 0xfffffffffffffffb) (async, rerun: 64) pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) (rerun: 64) ioctl$IOC_WATCH_QUEUE_SET_SIZE(r2, 0x5760, 0x1f) (async) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x5, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000500)={0x0, 0x8, 0x20, 0x4, 0x5}, &(0x7f0000000540)=0x18) (async, rerun: 64) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'veth0_to_hsr\x00', 0x0}) (rerun: 64) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x50, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x24, 0x2, [@TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x6}, @TCA_HTB_INIT={0x18, 0x2, {0x3, 0xfffffffe, 0x5}}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r5, {0xb, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0xd, 0x7}}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x40) (async) keyctl$KEYCTL_WATCH_KEY(0x20, r1, r2, 0x100000000000f7) keyctl$revoke(0x3, r1) (async) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000300)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x4, 0x6, 0x0, @remote, @local}, {0x1, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0xfe}}}}}}}, 0x0) (async) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4) (async, rerun: 32) ioctl$USBDEVFS_FREE_STREAMS(r0, 0xc0105500, &(0x7f0000000000)=ANY=[@ANYBLOB="a1"]) (rerun: 32) 1.013967315s ago: executing program 1 (id=782): r0 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x10, 0x803, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd26, 0x8000002, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {}, {0x7, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x24008004}, 0x0) 840.610411ms ago: executing program 1 (id=784): r0 = socket$inet6_udp(0xa, 0x2, 0x0) syz_clone(0x5948000, 0x0, 0x0, 0x0, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) shmget$private(0x0, 0x4000, 0x2, &(0x7f0000ff9000/0x4000)=nil) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x4, @local, 0x9}, 0x1c) syz_emit_ethernet(0x7e, &(0x7f0000000300)={@local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x48, 0x11, 0x0, @remote, @local, {[], {0x4e20, 0xe22, 0x48, 0x0, @wg=@cookie={0x3, 0x2, "88c73b21f267636d01dbe5712c1c941e1cdafbbb43f09c70", "e13808ca72381f41e5fff9620915b6f78670dfaf9a2038083179cf6b7931c9b4"}}}}}}}, 0x0) syz_emit_ethernet(0x7e, &(0x7f0000000300)={@local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x48, 0x11, 0x0, @remote, @local, {[], {0x4e20, 0xe22, 0x48, 0x0, @wg=@cookie={0x3, 0x2, "88c73b21f267636d01dbe5712c1c941e1cdafbbb43f09c70", "e13808ca72381f41e5fff9620915b6f78670dfaf9a2038083179cf6b7931c9b4"}}}}}}}, 0x0) 840.470549ms ago: executing program 0 (id=785): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r5, {0x8, 0x7}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x22044028}, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r6, {0x8, 0x7}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0xffe0, 0xb}}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x22044028}, 0x0) 840.31222ms ago: executing program 1 (id=786): r0 = socket$inet_udp(0x2, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) write$qrtrtun(r1, &(0x7f0000001c40)="ffaa67e28763ee43349868608cab05224315cf52b885c6e0730f68a07f0d63c95a7c1190d23dc9d5202a975f54da12e610efd4e149a6aae54bc5c37091977d7d0ae14d56b6f45e72a9f771eb055f37be0ac2a6966257052318a549fa3cf6dca2c0ac08e4cace054a05bc491c81383ed6b51c266b31c0f312c4c5428b84495ee1e2da1f789c3bfe73d4f621561e67eb804586400e5ecb977acaf77c2cf141daac847086c38f269b828767bcc1f9c33df111603c96fb05a5ac27faa41d225f0bc77425ca1e78a98b0893bf3ea84e04a7bda2e17a60fb72c255a58a1247b55caee33824c5081fcb6be61b2677a1f8ef81b8ccac39ad0fbdd63c8653daeaa29a849c977dfc819e4608cb52bd7775925d2d5485ea582f077aebdd85150f8f92a6a20c6010a3a6920df820db86220ad5e27f8704d775ff85b011ea1b422b1314c76f756e50445007121efb2e813156f83ed3a92da6c5341f4fb76204d7f2c6ccd18b56ccfeb8e1931d903a6e8298e5eb93643944656dc63cc837fdbf69b8368698386ea3a738620a9076b24a2507b07f5619ba0aa3b885eb4b33dc6f5450da8dd80b2e2130741c065505b60a733787d2e22ee40aebc96d38ced8f5bbaba0a4f51b42b929efa289da6249dc232083bd8ab08c0cf3b0bb1da38a27d55c2e21d15008ce1172033c5299683d1f84f77264dd1d8e6ab79e04e03a155542f1dc01f4400b9b7e56b2d9ec4188a88d9eb7cf1bab4ea01e955cb2249df1b4c15a35b55c4a6f0ef2ae0e561b1a77dba22143550e584f55941669d135a3c2feb50b35df53158a5a8d8889154f1c51ca2943a8d5343b162bd6a29dfd22bb7cedcbb248e2b68c5d74d25394894c970e93ecfa6d387e71d1f3ce6c9c5171675afd0449d72217f34f5dbfb555f63f03069e572756c80c11987e485d77888108b476c2780e959947fdd4239c57fa6f7949bddcd4e1405539c49615f1c7c7d7740c781d5c536d737eaf85ee9112d0943b3e19deb205c721dc34f2f7d6505bd44ace750da266ab0806e8916ee713285758a1fefccc7e843f383c881498b3119a1d30e30816002464a6b7ca12db3e619406d598ddaaae9dfbb77efcacde9248d4f1e734d08842d5f27ab6161444607b2bce28f9488199dd0361f12cb1d3286f518ddccd802c348a0b6a06338eb9db72f1000fa919dc82d7d8439742263ac236240df28e507d1d9378cfc0b3c3549e1f9c68c4483f8929bd7413b9b1f9bdacc490c783eb19020afdca2514dd53df1043e37e5f7ad98b6be1f8fa72d661962b557cef15f0ba9a536adcd4810ded99a1c8909427b0a444a9658ed71ba601ca618b1abe31abc2b3c6a80c27c51a6314aaa95af40446e6a0f4395806e2e9c954fed80c5d733bd9476a3c4dba15a2959f0eb26564c180c033aa172b5e1fa29c12a09813a38c7e6e501c581218446aaa45", 0x401) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10) connect$inet(r0, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10) openat$cgroup_ro(r1, &(0x7f0000000080)='blkio.bfq.empty_time\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2000000, 0x0) chdir(&(0x7f0000000480)='./file0\x00') creat(&(0x7f0000000300)='./bus\x00', 0x15d) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x0) r3 = open(&(0x7f0000000000)='./file0\x00', 0x143042, 0xfe) ftruncate(r3, 0x2008002) r4 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0) writev(r4, &(0x7f0000000100)=[{&(0x7f0000000200)="b107016b474388815ab4f4b99fcc946c1e9e3d1288703bb615076962a6262ec4d8253df8bd64d5fe00c8abe90917d2ea0742daa58ca6311a7f00660208bdb240aa22ec828e3baa6807330201952298ff40c2a344e9aaea4b0cc4293776cbcbc9322aec286554007e5419cf0b9da977f660ca3e00000000000000", 0x7a}, {&(0x7f0000000000)="23932b6589be6d2bb6c9ea63a7469c676a5e1b268a51e6cab0746813387c53f21b66f723991974fdde9011bc80647b848f4d2b7e488fce186c87bab97a9a92b74d7d2709000000653dc3d70f41d7aa3fe571b9dd484341ad2074b62c750132a5dc5d4cf8993efb7aab82f9aebd0e0e9fb5d951c39e36588cb6", 0x79}, {&(0x7f0000000180)="a5271fcd6cad7369ec7a26b933bddd94a17f7765d9a890a0d5aab74b5997310100000053474171e0d49bc1ae85bb2101092f88ecf58a39078a6af6f8460c73079fb1a7c5226129452921be0d2eefb3a1382a970476527a274c82051f1f3c0453cb959572a9", 0x65}, {&(0x7f0000000480)="441f80b89173548020a61ea5fa6fadac1238a791afd22a616afd504ff044dffc39b48810af4bca37065a4a9b0e3be7e29421e5cafd530728b051bf3f46d5fb868849ba154091f12febefc71d660ed0f879b64b640bccebac4bda11b2c266a7b7ed88908927ca49091d939158fa44268e679084ed7d9bd9be0d47df55e3dd61df810c34e11861ee20fa13158d8c2daedffa19ec4944be908f19c988660904a4994d37db826af33065c6be7798e84f7d3c2c6e418402e754e9b48b42a1692db57787ddcfd765ce9e46c542f00b34f815f216aaafce6b84e909e3ec2a8a30246d162bc4bb399d3694f072896f363f19f63ce7bb40a43be6e61b17a69f90d134448e6e12eb0853012da57177be1a227c16649aba2547caada20b5295776fdf57e2d14972a969aa15d348e749b7fc1ddf1600dc68d7d31d77b7278460b2241823f39c56b967dee6734e4e3cf7834575ad457d98f06e686081f487a66c1bc87e72a59e0c2e03c311ea01207c7a4efbbaa93307b2c62f2654d27c57946146633d6a0f597bb854cdc3d0cef5f25d18f0a0b378e77f3724556345035d9a7f6e0849a827ab0c77f3f708f670f588e0e0256e6e7a68472e27c061e2b0d29fda8f3102ba9637a38d5a90517dd6b01b8e02296429", 0x1ce}], 0x4) sync_file_range(r4, 0x3, 0xd, 0x6) sendfile(r2, r3, 0x0, 0x80000001) prctl$PR_SET_SECUREBITS(0x1c, 0x1d) prctl$PR_SET_SECUREBITS(0x1c, 0x0) sendmmsg$inet(r0, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x7e1f, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x300}}], 0x3, 0x0) 770.67108ms ago: executing program 3 (id=787): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x6, 0x401, 0x0, 0x2}) read$FUSE(r1, &(0x7f0000001680)={0x2020}, 0x2020) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x22, 0xe1d9, 0x1101, 0xff}) r2 = socket(0x400000000010, 0x3, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) r4 = syz_open_dev$dri(&(0x7f0000000380), 0x800, 0x800) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f00000003c0)={0xffff8000, 0xa04, 0x9}) getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000001480), &(0x7f00000014c0)=0x4) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x24, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040004}, 0x80) sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000900000000000008000003000000040004001c000180180010"], 0x34}}, 0x84) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001000810500000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="14d00400000000004cd75188f9fc00001400028008001f00ffff5d17cb8cde66e0280000"], 0x44}, 0x1, 0x0, 0x0, 0x20004002}, 0x0) r7 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x10}}}, 0xfffffffffffffc6b}}, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) syz_clone3(&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x2}, 0xa0) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25017c0000100036800c00020004000500000000000c000180060006008e"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) r10 = syz_open_procfs(0x0, &(0x7f0000000340)='fdinfo/3\x00') read$FUSE(r10, &(0x7f0000001640)={0x2020}, 0x2020) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$PPPIOCSPASS(r10, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000140)=[{0xfff7, 0x7, 0x7, 0x41df}, {0x1, 0x7f, 0xe, 0x9}, {0x6, 0x8, 0x9, 0x8001}, {0xc10, 0xd9, 0x0, 0x2}, {0x9, 0x1, 0xf2, 0x7}, {0xfffa, 0x4, 0x1, 0x8001}, {0x9, 0x1, 0x41, 0xb69}, {0xe, 0x1, 0x3, 0x6}, {0x401, 0x40, 0x10, 0x2}]}) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r10}, &(0x7f0000000280), &(0x7f00000002c0)=r10}, 0x20) 770.259485ms ago: executing program 2 (id=788): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) setreuid(0xee01, 0xffffffffffffffff) r2 = getuid() setfsuid(r2) faccessat2(0xffffffffffffffff, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x3, 0x0, 0x0, 0x0, 0x4, 0xc, 0x0, 0x5, 0xff, 0x1f}, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x9}, {0x0, 0x0, 0x3c, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]}) r4 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000000c0), 0xc000, 0x0) ioctl$DVD_AUTH(r4, 0x5390, &(0x7f0000000040)=@hsc={0x1, 0x0, "4dd0e755d4689e438b81"}) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000003800010329bd7000fadbdb2504"], 0x14}}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000100)=0x4) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_CAP_HYPERV_DIRECT_TLBFLUSH(r6, 0x4068aea3, &(0x7f0000000240)) getpeername$packet(r6, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000600)=0x14) io_setup(0x4, &(0x7f00000001c0)) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_SET(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, r8, 0x1, 0x70bd29, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x6, 0x4, 0xffff}}]}, 0x44}, 0x1, 0x0, 0x0, 0x48081}, 0x44) sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r5, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f0000000440)={0x160, r8, 0x200, 0x70bd26, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7fffffff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x401}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xae42}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xb}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x9}}, {@pci={{0x8}, {0x11}}, {0x8}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xa3}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x4}}, {@pci={{0x8}, {0x11}}, {0x8}}]}, 0x160}, 0x1, 0x0, 0x0, 0x800}, 0x20000000) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) migrate_pages(0x0, 0x5, &(0x7f0000000000)=0x9, &(0x7f0000000080)=0x272) ioctl$KVM_RUN(r6, 0xae80, 0x0) 690.597221ms ago: executing program 0 (id=789): setreuid(0xee01, 0xffffffffffffffff) r0 = getuid() syz_open_dev$hidraw(&(0x7f0000002400), 0x0, 0x67400) setfsuid(r0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_emit_ethernet(0x4e, &(0x7f0000000780)={@local, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00 \x00', 0x18, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @local, {[], @mld={0x187, 0x0, 0x0, 0x0, 0x0, @local}}}}}}, 0x0) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) 610.669974ms ago: executing program 0 (id=790): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000ac0), r1) sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000003c0)={0x20, r2, 0x5, 0x0, 0x0, {0x22}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}}, 0x2000c094) sendmsg$IEEE802154_LIST_PHY(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r2, 0x200, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8080}, 0x40094) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) r4 = syz_genetlink_get_family_id$nbd(&(0x7f00000007c0), r0) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010026bd7000fbdbdf2501009e6e939efc2c44320200e3000000000000000c00050004000000000000008c3a77e085debe0f8430f2ab4a4ca2cef9f542f61a1410021424bda6a4800151e5ac9550cda524349cd0c2644c2e6c29673988d3131a08fa4d55936adc1741b1a9275eacffd22bffb477c61199048cf24c364f16702130cc6e415a9792448d960e248d61c7454260a72749d2a8d586eff2da1cf2b19b4decc2e82c1f652c2f0f4dfb32b7988c141d1eddf3b0c7da8de37ffdbfa157e6fc6678addfb339ae380cc8710ffe2935fd015fb8"], 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x1004c) 610.450339ms ago: executing program 3 (id=791): r0 = socket$inet6(0xa, 0x3, 0x1) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'pim6reg\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588) syz_emit_ethernet(0x4e, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd604dd30800180601fe80000000000000000000000007", @ANYRES32=0x41424344], 0x0) 510.599686ms ago: executing program 3 (id=792): r0 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x10, 0x803, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd26, 0x8000002, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {}, {0x7, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x24008004}, 0x0) 510.439764ms ago: executing program 0 (id=793): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000800)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {}, {0x2, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}]}]}}]}, 0x3c}}, 0x20040040) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) (fail_nth: 4) 459.801348ms ago: executing program 2 (id=794): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) (async, rerun: 32) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (rerun: 32) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000004c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r1, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000}) (async) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x400452c8, 0x0) (async) syz_clone(0x4808280, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 32) chdir(&(0x7f0000000540)='./cgroup\x00') (rerun: 32) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r2 = landlock_create_ruleset(0x0, 0x0, 0x0) landlock_restrict_self(r2, 0x0) r3 = open(&(0x7f0000000280)='.\x00', 0x141080, 0x0) (async) socket$inet6_udp(0xa, 0x2, 0x0) (async, rerun: 64) socket$netlink(0x10, 0x3, 0x0) (rerun: 64) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async) r5 = socket(0x400000000010, 0x3, 0x0) (async) r6 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r8 = socket(0x400000000010, 0x3, 0x0) (async) r9 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r10, {0x0, 0x8}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) (async, rerun: 32) sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r7, {0x8, 0x7}, {}, {0xa, 0xfff2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x4}, @TCA_FLOWER_KEY_ENC_OPTS={0x4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x22044028}, 0x0) (async, rerun: 32) fcntl$notify(r3, 0x402, 0x8000003d) (async) landlock_restrict_self(r2, 0x0) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="5800000010000104000000000300000000000000", @ANYRES32=0x0, @ANYBLOB="2b030000008002002400128009000100626f6e640000000014000280080008807f0000010800a990f234ef8228bf9522a0c31509000200000014003500626f6e54aed38e7447dd3b024195998bf33382c7ba5ea44d979a2746667d6c5db608b2bf76354da2f8c48156a76c230304920a14c96cc9997160c3ac0625a4f6097fd469adfef21cb09fa4308172932cabbcee7b8bad5e7fde9510960f69a5bb4c4f75ec972477291eba845d2f315b2b0701084b5943f930cb67306d70109bff5462f8d86fa583e06a82201bb04d25cb6d5af3a45a4fc3bd286a6223066e7e8d757107992e9207569e8214b68c99c8a22246fab521dac2bb8d93b5f4ad1237367600151b"], 0x58}, 0x1, 0x0, 0x0, 0x24048800}, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r1}) 380.650478ms ago: executing program 0 (id=795): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000800)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {}, {0x2, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}]}]}}]}, 0x3c}}, 0x20040040) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x11) 379.967489ms ago: executing program 3 (id=796): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000800)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {}, {0x2, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}]}]}}]}, 0x3c}}, 0x20040040) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'geneve1\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=@newlink={0x60, 0x10, 0x403, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x4, 0x0, 0x300, 0x8002}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x28, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x2}, @IFLA_VLAN_EGRESS_QOS={0x1c, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x5}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x8}}]}]}}}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x60}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_QUANTUM={0x8, 0x3, 0x1}]}}]}, 0x38}}, 0x10) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 379.610746ms ago: executing program 0 (id=797): openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) pipe(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) r4 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r4, 0x110, 0x3) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = socket(0x10, 0x3, 0x0) r7 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newqdisc={0x40, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_DROP_BATCH_SIZE={0x8, 0x8, 0x3}]}}]}, 0x40}}, 0x80c4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000300)='rxrpc_client\x00', r5}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000140)='rxrpc_client\x00', r5, 0x0, 0x5}, 0x18) connect$rxrpc(r4, &(0x7f0000000000)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, 0x24) sendmsg$inet(r4, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0) read(r3, &(0x7f0000000340)=""/254, 0xfe) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/45, 0x44, 0x0, 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000000)="48050000150019", 0x7}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000622c, 0x0) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0xd012}) readv(r10, &(0x7f00000001c0)=[{&(0x7f0000000200)=""/235, 0xeb}], 0x1) r11 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r11, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local}) dup(r9) 330.80631ms ago: executing program 2 (id=798): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r5, {0x8, 0x7}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x22044028}, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r6, {0x8, 0x7}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0xffe0, 0xb}}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x22044028}, 0x0) 330.400168ms ago: executing program 3 (id=799): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f00000009c0)=ANY=[@ANYBLOB="340000006800010900000000000000000000000000000000060003000a000000140002"], 0x34}}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='q\x00\x00\n\x00\x00\x00']) r4 = openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd) quotactl_fd$Q_GETQUOTA(r4, 0xffffffff80000701, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00'}) syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100001d906e20501dc6609b620103000109021b0001000010000904f7000176246700090582020002"], 0x0) r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) preadv(r5, &(0x7f0000000180)=[{&(0x7f0000000080)=""/181, 0xb5}], 0x1, 0x1ff, 0x8) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="201900001310790b68120c52", @ANYRES16=r1, @ANYBLOB="020000000000000000001a0000000c0001800800030000000000"], 0x20}, 0x1, 0x0, 0x0, 0x4000800}, 0x40000) 230.634255ms ago: executing program 2 (id=800): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x10}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001300)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {}, {0xa}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x2}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) 191.014605ms ago: executing program 2 (id=801): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x10}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001300)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {}, {0xa}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x2}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) (fail_nth: 2) 0s ago: executing program 2 (id=802): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) setreuid(0xee01, 0xffffffffffffffff) r2 = getuid() setfsuid(r2) faccessat2(0xffffffffffffffff, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x3, 0x0, 0x0, 0x0, 0x4, 0xc, 0x0, 0x5, 0xff, 0x1f}, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x9}, {0x0, 0x0, 0x3c, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]}) r4 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000000c0), 0xc000, 0x0) ioctl$DVD_AUTH(r4, 0x5390, &(0x7f0000000040)=@hsc={0x1, 0x0, "4dd0e755d4689e438b81"}) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000003800010329bd7000fadbdb2504"], 0x14}}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000100)=0x4) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_CAP_HYPERV_DIRECT_TLBFLUSH(r6, 0x4068aea3, &(0x7f0000000240)) getpeername$packet(r6, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000600)=0x14) io_setup(0x4, &(0x7f00000001c0)) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_SET(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, r8, 0x1, 0x70bd29, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x6, 0x4, 0xffff}}]}, 0x44}, 0x1, 0x0, 0x0, 0x48081}, 0x44) sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r5, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f0000000440)={0x160, r8, 0x200, 0x70bd26, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7fffffff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x401}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xae42}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xb}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x9}}, {@pci={{0x8}, {0x11}}, {0x8}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xa3}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x4}}, {@pci={{0x8}, {0x11}}, {0x8}}]}, 0x160}, 0x1, 0x0, 0x0, 0x800}, 0x20000000) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) migrate_pages(0x0, 0x5, &(0x7f0000000000)=0x9, &(0x7f0000000080)=0x272) ioctl$KVM_RUN(r6, 0xae80, 0x0) kernel console output (not intermixed with test programs): [ 38.105814][ T40] audit: type=1400 audit(1748219547.560:64): avc: denied { rlimitinh } for pid=5834 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 38.112576][ T40] audit: type=1400 audit(1748219547.560:65): avc: denied { siginh } for pid=5834 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:16792' (ED25519) to the list of known hosts. [ 40.137543][ T40] audit: type=1400 audit(1748219549.610:66): avc: denied { name_bind } for pid=5841 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 40.159912][ T40] audit: type=1400 audit(1748219549.630:67): avc: denied { write } for pid=5842 comm="sh" path="pipe:[1697]" dev="pipefs" ino=1697 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 40.173407][ T40] audit: type=1400 audit(1748219549.650:68): avc: denied { execute } for pid=5842 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 40.180147][ T40] audit: type=1400 audit(1748219549.650:69): avc: denied { execute_no_trans } for pid=5842 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 42.056699][ T40] audit: type=1400 audit(1748219551.530:70): avc: denied { mounton } for pid=5842 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 42.059169][ T5842] cgroup: Unknown subsys name 'net' [ 42.225909][ T5842] cgroup: Unknown subsys name 'cpuset' [ 42.230003][ T5842] cgroup: Unknown subsys name 'rlimit' [ 42.496421][ T5907] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 43.145262][ T5842] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 46.066740][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 46.066751][ T40] audit: type=1400 audit(1748219555.540:84): avc: denied { execmem } for pid=5922 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 46.252813][ T40] audit: type=1400 audit(1748219555.720:85): avc: denied { create } for pid=5926 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 46.259003][ T40] audit: type=1400 audit(1748219555.730:86): avc: denied { read write } for pid=5926 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 46.266437][ T40] audit: type=1400 audit(1748219555.730:87): avc: denied { open } for pid=5926 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 46.273697][ T40] audit: type=1400 audit(1748219555.730:88): avc: denied { ioctl } for pid=5927 comm="syz-executor" path="socket:[856]" dev="sockfs" ino=856 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 46.317168][ T5939] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 46.320046][ T5939] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 46.323236][ T5939] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 46.325976][ T5939] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 46.328532][ T5939] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 46.331033][ T5939] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 46.332082][ T5941] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 46.334901][ T5940] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 46.340889][ T40] audit: type=1400 audit(1748219555.810:89): avc: denied { read } for pid=5926 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 46.340972][ T5941] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 46.341654][ T5942] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 46.344175][ T5942] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 46.344836][ T5942] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 46.345090][ T5942] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 46.346432][ T5942] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 46.346728][ T5942] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 46.347280][ T5942] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 46.347474][ T40] audit: type=1400 audit(1748219555.810:90): avc: denied { open } for pid=5926 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 46.348489][ T5934] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 46.350848][ T5941] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 46.351844][ T40] audit: type=1400 audit(1748219555.810:91): avc: denied { mounton } for pid=5926 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 46.363665][ T5941] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 46.385885][ T5941] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 46.504288][ T40] audit: type=1400 audit(1748219555.980:92): avc: denied { module_request } for pid=5936 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 46.528227][ T5936] chnl_net:caif_netlink_parms(): no params data found [ 46.620901][ T5926] chnl_net:caif_netlink_parms(): no params data found [ 46.671845][ T5929] chnl_net:caif_netlink_parms(): no params data found [ 46.693752][ T5936] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.696007][ T5936] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.698311][ T5936] bridge_slave_0: entered allmulticast mode [ 46.701329][ T5936] bridge_slave_0: entered promiscuous mode [ 46.734730][ T5936] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.737489][ T5936] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.739793][ T5936] bridge_slave_1: entered allmulticast mode [ 46.742501][ T5936] bridge_slave_1: entered promiscuous mode [ 46.845098][ T5936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.851661][ T5926] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.853999][ T5926] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.856756][ T5926] bridge_slave_0: entered allmulticast mode [ 46.859393][ T5926] bridge_slave_0: entered promiscuous mode [ 46.864021][ T5936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.869197][ T5927] chnl_net:caif_netlink_parms(): no params data found [ 46.891026][ T5926] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.893397][ T5926] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.895676][ T5926] bridge_slave_1: entered allmulticast mode [ 46.898280][ T5926] bridge_slave_1: entered promiscuous mode [ 46.972300][ T5926] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.982319][ T5936] team0: Port device team_slave_0 added [ 46.986533][ T5936] team0: Port device team_slave_1 added [ 46.988597][ T5929] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.990859][ T5929] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.993423][ T5929] bridge_slave_0: entered allmulticast mode [ 46.996082][ T5929] bridge_slave_0: entered promiscuous mode [ 46.999848][ T5926] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.042291][ T5929] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.045060][ T5929] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.047419][ T5929] bridge_slave_1: entered allmulticast mode [ 47.050499][ T5929] bridge_slave_1: entered promiscuous mode [ 47.071019][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.073359][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.081545][ T5936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.086422][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.088671][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.097182][ T5936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.154020][ T5929] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.158669][ T5926] team0: Port device team_slave_0 added [ 47.190542][ T5927] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.192975][ T5927] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.195844][ T5927] bridge_slave_0: entered allmulticast mode [ 47.198509][ T5927] bridge_slave_0: entered promiscuous mode [ 47.202144][ T5927] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.204534][ T5927] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.206776][ T5927] bridge_slave_1: entered allmulticast mode [ 47.210093][ T5927] bridge_slave_1: entered promiscuous mode [ 47.214380][ T5929] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.218476][ T5926] team0: Port device team_slave_1 added [ 47.292666][ T5926] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.294845][ T5926] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.303058][ T5926] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.368773][ T5929] team0: Port device team_slave_0 added [ 47.371688][ T5926] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.374003][ T5926] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.381830][ T5926] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.388237][ T5936] hsr_slave_0: entered promiscuous mode [ 47.390961][ T5936] hsr_slave_1: entered promiscuous mode [ 47.396873][ T5927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.400932][ T5929] team0: Port device team_slave_1 added [ 47.421140][ T5927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.464604][ T5929] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.467348][ T5929] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.478291][ T5929] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.521394][ T5927] team0: Port device team_slave_0 added [ 47.523974][ T5929] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.526149][ T5929] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.534421][ T5929] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.560231][ T5926] hsr_slave_0: entered promiscuous mode [ 47.562481][ T5926] hsr_slave_1: entered promiscuous mode [ 47.564568][ T5926] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.567002][ T5926] Cannot create hsr debugfs directory [ 47.571179][ T5927] team0: Port device team_slave_1 added [ 47.659019][ T5927] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.661298][ T5927] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.669622][ T5927] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.678117][ T5927] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.680366][ T5927] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.691243][ T5927] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.719675][ T5929] hsr_slave_0: entered promiscuous mode [ 47.721892][ T5929] hsr_slave_1: entered promiscuous mode [ 47.724035][ T5929] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.726309][ T5929] Cannot create hsr debugfs directory [ 47.796554][ T5927] hsr_slave_0: entered promiscuous mode [ 47.798774][ T5927] hsr_slave_1: entered promiscuous mode [ 47.800809][ T5927] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.803221][ T5927] Cannot create hsr debugfs directory [ 48.026190][ T5936] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 48.033797][ T5936] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 48.039711][ T5936] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 48.049998][ T5936] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 48.077583][ T5926] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 48.082234][ T5926] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 48.088359][ T5926] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 48.093322][ T5926] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 48.130980][ T5929] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 48.138912][ T5929] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 48.143082][ T5929] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 48.147177][ T5929] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 48.183628][ T5927] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 48.193996][ T5927] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 48.197752][ T5927] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 48.202818][ T5927] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 48.218647][ T5936] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.249720][ T5936] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.255381][ T5926] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.266282][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.268643][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.286137][ T85] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.288345][ T85] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.293764][ T5926] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.305603][ T85] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.307917][ T85] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.321180][ T85] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.323491][ T85] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.331449][ T5929] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.350427][ T5927] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.355147][ T5929] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.364979][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.367227][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.379933][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.382165][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.391409][ T5927] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.403087][ T5941] Bluetooth: hci0: command tx timeout [ 48.403091][ T5932] Bluetooth: hci1: command tx timeout [ 48.403316][ T5932] Bluetooth: hci3: command tx timeout [ 48.404682][ T5939] Bluetooth: hci2: command tx timeout [ 48.425694][ T85] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.426037][ T40] audit: type=1400 audit(1748219557.900:93): avc: denied { sys_module } for pid=5936 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 48.427877][ T85] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.437342][ T85] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.439507][ T85] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.496233][ T5936] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.521768][ T5936] veth0_vlan: entered promiscuous mode [ 48.529996][ T5936] veth1_vlan: entered promiscuous mode [ 48.549465][ T5936] veth0_macvtap: entered promiscuous mode [ 48.557745][ T5936] veth1_macvtap: entered promiscuous mode [ 48.569140][ T5929] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.574107][ T5926] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.587182][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.594654][ T5927] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.598772][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.608932][ T5936] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.611719][ T5936] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.614693][ T5936] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.617439][ T5936] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.629156][ T5926] veth0_vlan: entered promiscuous mode [ 48.650550][ T5926] veth1_vlan: entered promiscuous mode [ 48.682633][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.685143][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.695187][ T5929] veth0_vlan: entered promiscuous mode [ 48.703678][ T5926] veth0_macvtap: entered promiscuous mode [ 48.709414][ T5929] veth1_vlan: entered promiscuous mode [ 48.714435][ T5927] veth0_vlan: entered promiscuous mode [ 48.716846][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.719270][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.725145][ T5926] veth1_macvtap: entered promiscuous mode [ 48.732343][ T5927] veth1_vlan: entered promiscuous mode [ 48.739534][ T5926] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.748611][ T5926] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.755434][ T5926] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.757047][ T5936] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 48.758128][ T5926] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.765586][ T5926] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.768265][ T5926] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.781672][ T5929] veth0_macvtap: entered promiscuous mode [ 48.788581][ T5927] veth0_macvtap: entered promiscuous mode [ 48.794308][ T5929] veth1_macvtap: entered promiscuous mode [ 48.804952][ T5927] veth1_macvtap: entered promiscuous mode [ 48.820270][ T85] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.826508][ T85] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.832185][ T5927] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.847497][ T5991] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.851760][ T5991] bond0: (slave rose0): Enslaving as an active interface with an up link [ 48.856746][ T5927] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.863500][ T5929] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.868012][ T5929] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.872141][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.873918][ T5929] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.874893][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.877220][ T5929] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.887346][ T5929] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.890233][ T5929] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.895696][ T5927] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.898317][ T5927] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.901212][ T5927] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.901230][ T5927] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.998270][ T6006] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7'. [ 49.026672][ T6004] veth0_virt_wifi: entered promiscuous mode [ 49.031022][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.034929][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.049581][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.052038][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.075143][ T85] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.077571][ T85] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.109298][ T6016] netlink: 'syz.3.9': attribute type 1 has an invalid length. [ 49.110811][ T85] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.115433][ T85] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.202806][ T6016] veth3: entered promiscuous mode [ 49.204635][ T6016] bridge0: port 3(veth3) entered blocking state [ 49.206694][ T6016] bridge0: port 3(veth3) entered disabled state [ 49.208724][ T6016] veth3: entered allmulticast mode [ 49.226166][ T6016] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9'. [ 49.470193][ T6043] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5 [ 49.522186][ T6048] x_tables: duplicate underflow at hook 1 [ 49.525444][ T6048] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 49.873537][ T6070] netlink: 'syz.3.15': attribute type 1 has an invalid length. [ 50.018970][ T6025] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 50.021967][ T6025] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 50.119434][ T6025] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 50.122009][ T6025] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 50.200201][ T6025] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 50.203449][ T6025] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 50.244143][ T6025] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 50.246396][ T6025] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 50.376153][ T6004] Set syz1 is full, maxelem 65536 reached [ 50.405902][ T6100] Cannot find add_set index 4 as target [ 50.408723][ T6100] [U] [ 50.409684][ T6100] [U] [ 50.410644][ T6100] [U] [ 50.411508][ T6100] [U] [ 50.414554][ T6100] [U] [ 50.415443][ T6100] [U] [ 50.416328][ T6100] [U] [ 50.417208][ T6100] [U] [ 50.418296][ T6100] [U] [ 50.419454][ T6100] [U] [ 50.420549][ T6100] [U] [ 50.421649][ T6100] [U] [ 50.422720][ T6102] netlink: 48 bytes leftover after parsing attributes in process `syz.3.24'. [ 50.426424][ T6100] [U] [ 50.427560][ T6100] [U] [ 50.428659][ T6100] [U] [ 50.429752][ T6100] [U] [ 50.433984][ T6099] [U] [ 50.537274][ T6113] netlink: 'syz.0.29': attribute type 1 has an invalid length. [ 50.701316][ T6125] x_tables: duplicate underflow at hook 1 [ 50.712696][ T5988] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 50.714431][ T6125] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 50.865333][ T5988] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 50.872740][ T5988] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 50.875643][ T5988] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 50.878115][ T5988] usb 7-1: Product: syz [ 50.879460][ T5988] usb 7-1: Manufacturer: syz [ 50.880914][ T5988] usb 7-1: SerialNumber: syz [ 50.922073][ T6144] netlink: 'syz.1.41': attribute type 1 has an invalid length. [ 50.923540][ T6145] Zero length message leads to an empty skb [ 50.957010][ T6147] netlink: 'syz.0.43': attribute type 1 has an invalid length. [ 51.027541][ T6150] veth3: entered promiscuous mode [ 51.075448][ T6147] netlink: 28 bytes leftover after parsing attributes in process `syz.0.43'. [ 51.090054][ T6155] netlink: 12 bytes leftover after parsing attributes in process `syz.1.46'. [ 51.099699][ T5988] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 51.146282][ T40] kauditd_printk_skb: 85 callbacks suppressed [ 51.146291][ T40] audit: type=1400 audit(1748219560.620:179): avc: denied { create } for pid=6158 comm="syz.1.50" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 51.157422][ T40] audit: type=1400 audit(1748219560.620:180): avc: denied { setopt } for pid=6158 comm="syz.1.50" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 51.167116][ T40] audit: type=1400 audit(1748219560.630:181): avc: denied { create } for pid=6158 comm="syz.1.50" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 51.173657][ T40] audit: type=1400 audit(1748219560.630:182): avc: denied { ioctl } for pid=6158 comm="syz.1.50" path="socket:[10275]" dev="sockfs" ino=10275 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 51.182496][ T40] audit: type=1400 audit(1748219560.640:183): avc: denied { connect } for pid=6158 comm="syz.1.50" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 51.188606][ T40] audit: type=1400 audit(1748219560.640:184): avc: denied { write } for pid=6158 comm="syz.1.50" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 51.275798][ T6168] netlink: 1268 bytes leftover after parsing attributes in process `syz.1.50'. [ 51.301747][ T40] audit: type=1400 audit(1748219560.770:185): avc: denied { read write } for pid=6103 comm="syz.2.25" name="lp0" dev="devtmpfs" ino=2840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 51.309388][ T40] audit: type=1400 audit(1748219560.770:186): avc: denied { open } for pid=6103 comm="syz.2.25" path="/dev/usb/lp0" dev="devtmpfs" ino=2840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 51.335227][ T6183] syz.1.50 uses obsolete (PF_INET,SOCK_PACKET) [ 51.346287][ T6185] netlink: 12 bytes leftover after parsing attributes in process `syz.0.58'. [ 51.416778][ T5988] usb 7-1: USB disconnect, device number 2 [ 51.424322][ T5988] usblp0: removed [ 51.438922][ T6189] veth0_virt_wifi: entered promiscuous mode [ 51.988325][ T6194] netlink: 'syz.2.61': attribute type 1 has an invalid length. [ 52.077360][ T6198] veth3: entered promiscuous mode [ 52.101303][ T6202] netlink: 28 bytes leftover after parsing attributes in process `syz.2.61'. [ 52.109784][ T6201] x_tables: duplicate underflow at hook 1 [ 52.112772][ T6201] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 52.299968][ T6216] netlink: 12 bytes leftover after parsing attributes in process `syz.2.68'. [ 52.356264][ T6189] Set syz1 is full, maxelem 65536 reached [ 52.583880][ T6248] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 52.590541][ T6244] netlink: 1268 bytes leftover after parsing attributes in process `syz.1.75'. [ 52.751534][ T6264] veth0_virt_wifi: entered promiscuous mode [ 52.948420][ T40] audit: type=1400 audit(1748219562.420:187): avc: denied { connect } for pid=6272 comm="syz.3.93" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 52.954624][ T40] audit: type=1400 audit(1748219562.420:188): avc: denied { name_connect } for pid=6272 comm="syz.3.93" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 52.965981][ T6275] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 52.999664][ T6277] xt_hashlimit: size too large, truncated to 1048576 [ 53.332296][ T6291] ptrace attach of "/syz-executor exec"[6292] was attempted by "/syz-executor exec"[6291] [ 53.358889][ T6291] overlayfs: missing 'workdir' [ 53.885683][ T6310] overlayfs: overlapping lowerdir path [ 53.890086][ T6264] Set syz1 is full, maxelem 65536 reached [ 53.891005][ T6310] syz.3.105: attempt to access beyond end of device [ 53.891005][ T6310] loop3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 53.896435][ T6310] efs: cannot read volume header [ 53.898905][ T6310] ======================================================= [ 53.898905][ T6310] WARNING: The mand mount option has been deprecated and [ 53.898905][ T6310] and is ignored by this kernel. Remove the mand [ 53.898905][ T6310] option from the mount to silence this warning. [ 53.898905][ T6310] ======================================================= [ 54.022531][ T6319] xt_hashlimit: size too large, truncated to 1048576 [ 54.164161][ T6331] __nla_validate_parse: 1 callbacks suppressed [ 54.164173][ T6331] netlink: 48 bytes leftover after parsing attributes in process `syz.2.114'. [ 54.185747][ T6327] netlink: 1272 bytes leftover after parsing attributes in process `syz.1.112'. [ 54.395325][ T6346] xt_hashlimit: size too large, truncated to 1048576 [ 54.491843][ T6349] ALSA: mixer_oss: invalid OSS volume '¢' [ 54.545411][ T6356] netlink: 48 bytes leftover after parsing attributes in process `syz.0.125'. [ 54.605344][ T6360] ip6t_srh: unknown srh invflags 7D00 [ 54.609336][ T6361] ip6t_srh: unknown srh invflags 7D00 [ 54.652244][ T6371] xt_hashlimit: size too large, truncated to 1048576 [ 54.835696][ T6385] netlink: 'syz.2.137': attribute type 7 has an invalid length. [ 54.840929][ T6385] netlink: 'syz.2.137': attribute type 7 has an invalid length. [ 54.912610][ T6394] netlink: 48 bytes leftover after parsing attributes in process `syz.2.140'. [ 55.037392][ T6402] xt_hashlimit: size too large, truncated to 1048576 [ 55.303553][ T6430] netlink: 48 bytes leftover after parsing attributes in process `syz.2.155'. [ 55.338678][ T6428] netlink: 1272 bytes leftover after parsing attributes in process `syz.1.152'. [ 55.410237][ T6437] xt_hashlimit: size too large, truncated to 1048576 [ 55.515583][ T6445] tmpfs: User quota block hardlimit too large. [ 55.589207][ T6459] netlink: 48 bytes leftover after parsing attributes in process `syz.0.167'. [ 55.736832][ T6465] xt_hashlimit: size too large, truncated to 1048576 [ 55.921250][ T6485] netlink: 48 bytes leftover after parsing attributes in process `syz.3.178'. [ 56.153223][ T6503] xt_hashlimit: size too large, truncated to 1048576 [ 56.220532][ T40] kauditd_printk_skb: 28 callbacks suppressed [ 56.220542][ T40] audit: type=1400 audit(1748219565.690:217): avc: denied { getopt } for pid=6506 comm="syz.0.187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 56.228551][ T40] audit: type=1400 audit(1748219565.690:218): avc: denied { getopt } for pid=6506 comm="syz.0.187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 56.389739][ T6518] netlink: 48 bytes leftover after parsing attributes in process `syz.0.190'. [ 56.599640][ T6529] netlink: 1268 bytes leftover after parsing attributes in process `syz.0.196'. [ 56.649823][ T6533] xt_hashlimit: size too large, truncated to 1048576 [ 56.704366][ T40] audit: type=1400 audit(1748219566.180:219): avc: denied { create } for pid=6536 comm="syz.1.199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 56.710177][ T40] audit: type=1400 audit(1748219566.180:220): avc: denied { ioctl } for pid=6536 comm="syz.1.199" path="socket:[12551]" dev="sockfs" ino=12551 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 56.717641][ T40] audit: type=1400 audit(1748219566.180:221): avc: denied { getopt } for pid=6536 comm="syz.1.199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 56.723506][ T40] audit: type=1400 audit(1748219566.180:222): avc: denied { setopt } for pid=6536 comm="syz.1.199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 56.729248][ T40] audit: type=1400 audit(1748219566.180:223): avc: denied { append } for pid=6536 comm="syz.1.199" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 56.736567][ T40] audit: type=1400 audit(1748219566.180:224): avc: denied { bind } for pid=6536 comm="syz.1.199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 56.742971][ T40] audit: type=1400 audit(1748219566.180:225): avc: denied { name_bind } for pid=6536 comm="syz.1.199" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 56.749730][ T40] audit: type=1400 audit(1748219566.180:226): avc: denied { node_bind } for pid=6536 comm="syz.1.199" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1 [ 57.171871][ T6564] xt_hashlimit: size too large, truncated to 1048576 [ 57.518236][ T6594] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 58.170890][ T6674] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6674 comm=syz.0.251 [ 58.175580][ T6674] netlink: 'syz.0.251': attribute type 8 has an invalid length. [ 58.179640][ T6674] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6674 comm=syz.0.251 [ 58.180031][ T6676] netlink: 'syz.0.251': attribute type 8 has an invalid length. [ 58.211996][ T6681] hashlimit_mt_check_common: 2 callbacks suppressed [ 58.212021][ T6681] xt_hashlimit: size too large, truncated to 1048576 [ 58.225358][ T6683] xt_policy: input policy not valid in POSTROUTING and OUTPUT [ 58.543724][ T6730] xt_hashlimit: size too large, truncated to 1048576 [ 58.705147][ T6750] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 58.714092][ T6750] CIFS mount error: No usable UNC path provided in device string! [ 58.714092][ T6750] [ 58.717828][ T6750] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 58.980014][ T6769] xt_hashlimit: size too large, truncated to 1048576 [ 59.381723][ T6811] __nla_validate_parse: 14 callbacks suppressed [ 59.381734][ T6811] netlink: 48 bytes leftover after parsing attributes in process `syz.3.293'. [ 59.465018][ T6819] xt_hashlimit: size too large, truncated to 1048576 [ 59.497071][ T6822] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 59.562180][ T6827] netlink: 108 bytes leftover after parsing attributes in process `syz.2.300'. [ 59.567077][ T6827] overlay: Bad value for 'xino' [ 59.573444][ T6827] netlink: 108 bytes leftover after parsing attributes in process `syz.2.300'. [ 59.731808][ T6848] netlink: 48 bytes leftover after parsing attributes in process `syz.2.306'. [ 59.821347][ T6850] xt_hashlimit: size too large, truncated to 1048576 [ 59.878237][ T6860] Invalid logical block size (2) [ 59.909629][ T6855] netlink: 12 bytes leftover after parsing attributes in process `syz.2.309'. [ 59.913041][ T6855] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 59.964913][ T6868] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6868 comm=syz.0.312 [ 60.082631][ T6881] netlink: 48 bytes leftover after parsing attributes in process `syz.0.319'. [ 60.254565][ T6894] netlink: 1268 bytes leftover after parsing attributes in process `syz.1.322'. [ 60.267961][ T6904] xt_hashlimit: size too large, truncated to 1048576 [ 60.430084][ T6920] FAULT_INJECTION: forcing a failure. [ 60.430084][ T6920] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 60.434220][ T6920] CPU: 3 UID: 0 PID: 6920 Comm: syz.2.334 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 60.434235][ T6920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 60.434242][ T6920] Call Trace: [ 60.434246][ T6920] [ 60.434250][ T6920] dump_stack_lvl+0x16c/0x1f0 [ 60.434283][ T6920] should_fail_ex+0x512/0x640 [ 60.434306][ T6920] _copy_to_user+0x32/0xd0 [ 60.434323][ T6920] simple_read_from_buffer+0xcb/0x170 [ 60.434341][ T6920] proc_fail_nth_read+0x197/0x270 [ 60.434359][ T6920] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 60.434377][ T6920] ? rw_verify_area+0xcf/0x680 [ 60.434391][ T6920] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 60.434408][ T6920] vfs_read+0x1e1/0xc70 [ 60.434442][ T6920] ? __pfx___mutex_lock+0x10/0x10 [ 60.434460][ T6920] ? __pfx_vfs_read+0x10/0x10 [ 60.434480][ T6920] ? __fget_files+0x20e/0x3c0 [ 60.434494][ T6920] ksys_read+0x12a/0x240 [ 60.434510][ T6920] ? __pfx_ksys_read+0x10/0x10 [ 60.434530][ T6920] do_syscall_64+0xcd/0x260 [ 60.434547][ T6920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.434558][ T6920] RIP: 0033:0x7fee3058d37c [ 60.434567][ T6920] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 60.434578][ T6920] RSP: 002b:00007fee313ff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 60.434588][ T6920] RAX: ffffffffffffffda RBX: 00007fee307b5fa0 RCX: 00007fee3058d37c [ 60.434595][ T6920] RDX: 000000000000000f RSI: 00007fee313ff0a0 RDI: 0000000000000003 [ 60.434601][ T6920] RBP: 00007fee313ff090 R08: 0000000000000000 R09: 0000000000000000 [ 60.434607][ T6920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 60.434613][ T6920] R13: 0000000000000000 R14: 00007fee307b5fa0 R15: 00007ffd7a9f1518 [ 60.434627][ T6920] [ 60.435960][ T6922] netlink: 48 bytes leftover after parsing attributes in process `syz.0.335'. [ 60.737404][ T6944] xt_hashlimit: size too large, truncated to 1048576 [ 60.801133][ T6943] netlink: 12 bytes leftover after parsing attributes in process `syz.2.344'. [ 60.853539][ T6960] netlink: 48 bytes leftover after parsing attributes in process `syz.2.349'. [ 61.092465][ T838] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 61.210896][ T6980] xt_hashlimit: size too large, truncated to 1048576 [ 61.225422][ T40] kauditd_printk_skb: 45 callbacks suppressed [ 61.225432][ T40] audit: type=1400 audit(1748219570.700:272): avc: denied { read } for pid=6981 comm="cmp" name="resolv.conf" dev="tmpfs" ino=4 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 61.246993][ T40] audit: type=1400 audit(1748219570.720:273): avc: denied { unlink } for pid=6983 comm="rm" name="resolv.conf.dummy0.ipv4ll" dev="tmpfs" ino=3495 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 61.252445][ T838] usb 8-1: Using ep0 maxpacket: 32 [ 61.257864][ T6956] loop2: detected capacity change from 0 to 7 [ 61.268867][ T6715] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 61.272139][ T6715] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 61.274538][ T6715] Dev loop2: unable to read RDB block 7 [ 61.276629][ T6715] loop2: unable to read partition table [ 61.278472][ T6715] loop2: partition table beyond EOD, truncated [ 61.284565][ T6956] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 61.287733][ T6956] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 61.289833][ T6956] Dev loop2: unable to read RDB block 7 [ 61.291651][ T6956] loop2: unable to read partition table [ 61.294101][ T6956] loop2: partition table beyond EOD, truncated [ 61.296412][ T6956] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 61.301017][ T838] usb 8-1: unable to get BOS descriptor or descriptor too short [ 61.308622][ T838] usb 8-1: unable to read config index 0 descriptor/start: -71 [ 61.318078][ T838] usb 8-1: can't read configurations, error -71 [ 61.357256][ T40] audit: type=1400 audit(1748219570.830:274): avc: denied { write } for pid=6991 comm="syz.0.359" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 61.635008][ T40] audit: type=1400 audit(1748219571.110:275): avc: denied { create } for pid=7030 comm="syz.1.368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 61.641133][ T40] audit: type=1400 audit(1748219571.110:276): avc: denied { bind } for pid=7030 comm="syz.1.368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 61.647986][ T40] audit: type=1400 audit(1748219571.110:277): avc: denied { name_bind } for pid=7030 comm="syz.1.368" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 61.654225][ T40] audit: type=1400 audit(1748219571.110:278): avc: denied { node_bind } for pid=7030 comm="syz.1.368" saddr=ff02::1 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 61.660603][ T40] audit: type=1400 audit(1748219571.110:279): avc: denied { accept } for pid=7030 comm="syz.1.368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 61.817446][ T7050] xt_hashlimit: size too large, truncated to 1048576 [ 61.939612][ T40] audit: type=1400 audit(1748219571.410:280): avc: denied { read } for pid=7059 comm="syz.3.377" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 61.946705][ T40] audit: type=1400 audit(1748219571.410:281): avc: denied { open } for pid=7059 comm="syz.3.377" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 61.998719][ T7066] process 'syz.0.379' launched '/dev/fd/3' with NULL argv: empty string added [ 62.157717][ T7081] FAULT_INJECTION: forcing a failure. [ 62.157717][ T7081] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 62.162218][ T7081] CPU: 3 UID: 0 PID: 7081 Comm: syz.3.386 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 62.162233][ T7081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 62.162239][ T7081] Call Trace: [ 62.162250][ T7081] [ 62.162254][ T7081] dump_stack_lvl+0x16c/0x1f0 [ 62.162285][ T7081] should_fail_ex+0x512/0x640 [ 62.162308][ T7081] _copy_from_iter+0x2a4/0x15b0 [ 62.162340][ T7081] ? __pfx__copy_from_iter+0x10/0x10 [ 62.162364][ T7081] copy_page_from_iter+0xa5/0x120 [ 62.162382][ T7081] tun_build_skb.constprop.0+0x292/0x1480 [ 62.162402][ T7081] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 62.162453][ T7081] ? __pfx__kstrtoull+0x10/0x10 [ 62.162469][ T7081] tun_get_user+0x165f/0x3b10 [ 62.162485][ T7081] ? __pfx_tun_get_user+0x10/0x10 [ 62.162495][ T7081] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 62.162516][ T7081] ? find_held_lock+0x2b/0x80 [ 62.162530][ T7081] ? tun_get+0x191/0x370 [ 62.162550][ T7081] tun_chr_write_iter+0xdc/0x210 [ 62.162562][ T7081] vfs_write+0x5ba/0x1180 [ 62.162580][ T7081] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 62.162592][ T7081] ? __pfx_vfs_write+0x10/0x10 [ 62.162607][ T7081] ? find_held_lock+0x2b/0x80 [ 62.162629][ T7081] ksys_write+0x12a/0x240 [ 62.162645][ T7081] ? __pfx_ksys_write+0x10/0x10 [ 62.162665][ T7081] do_syscall_64+0xcd/0x260 [ 62.162684][ T7081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.162696][ T7081] RIP: 0033:0x7f54b618d41f [ 62.162705][ T7081] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 62.162715][ T7081] RSP: 002b:00007f54b6fcf000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 62.162726][ T7081] RAX: ffffffffffffffda RBX: 00007f54b63b5fa0 RCX: 00007f54b618d41f [ 62.162733][ T7081] RDX: 000000000000007e RSI: 0000200000000300 RDI: 00000000000000c8 [ 62.162739][ T7081] RBP: 00007f54b6fcf090 R08: 0000000000000000 R09: 0000000000000000 [ 62.162745][ T7081] R10: 000000000000007e R11: 0000000000000293 R12: 0000000000000001 [ 62.162751][ T7081] R13: 0000000000000000 R14: 00007f54b63b5fa0 R15: 00007fff04772268 [ 62.162764][ T7081] [ 62.313865][ T7089] xt_hashlimit: size too large, truncated to 1048576 [ 62.737509][ T7139] JFS: charset not found [ 62.836280][ T7149] FAULT_INJECTION: forcing a failure. [ 62.836280][ T7149] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 62.840235][ T7149] CPU: 2 UID: 0 PID: 7149 Comm: syz.3.414 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 62.840250][ T7149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 62.840257][ T7149] Call Trace: [ 62.840269][ T7149] [ 62.840274][ T7149] dump_stack_lvl+0x16c/0x1f0 [ 62.840304][ T7149] should_fail_ex+0x512/0x640 [ 62.840327][ T7149] _copy_to_user+0x32/0xd0 [ 62.840345][ T7149] simple_read_from_buffer+0xcb/0x170 [ 62.840364][ T7149] proc_fail_nth_read+0x197/0x270 [ 62.840381][ T7149] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 62.840398][ T7149] ? rw_verify_area+0xcf/0x680 [ 62.840413][ T7149] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 62.840429][ T7149] vfs_read+0x1e1/0xc70 [ 62.840448][ T7149] ? __pfx___mutex_lock+0x10/0x10 [ 62.840464][ T7149] ? __pfx_vfs_read+0x10/0x10 [ 62.840484][ T7149] ? __fget_files+0x20e/0x3c0 [ 62.840498][ T7149] ksys_read+0x12a/0x240 [ 62.840514][ T7149] ? __pfx_ksys_read+0x10/0x10 [ 62.840534][ T7149] do_syscall_64+0xcd/0x260 [ 62.840551][ T7149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.840563][ T7149] RIP: 0033:0x7f54b618d37c [ 62.840572][ T7149] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 62.840582][ T7149] RSP: 002b:00007f54b6fcf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 62.840592][ T7149] RAX: ffffffffffffffda RBX: 00007f54b63b5fa0 RCX: 00007f54b618d37c [ 62.840599][ T7149] RDX: 000000000000000f RSI: 00007f54b6fcf0a0 RDI: 0000000000000004 [ 62.840605][ T7149] RBP: 00007f54b6fcf090 R08: 0000000000000000 R09: 0000000000000000 [ 62.840611][ T7149] R10: 000000000000007e R11: 0000000000000246 R12: 0000000000000001 [ 62.840617][ T7149] R13: 0000000000000000 R14: 00007f54b63b5fa0 R15: 00007fff04772268 [ 62.840631][ T7149] [ 63.501655][ T7209] hashlimit_mt_check_common: 2 callbacks suppressed [ 63.501666][ T7209] xt_hashlimit: size too large, truncated to 1048576 [ 63.643315][ T7223] autofs: Unknown parameter '1èÓÊ‚äÒÍgÓ×*yWòzJX¯‚ G'd¨Ež3ï FS¬Vˆ–Åû9WÃ^õÒöÍO¶eq¬²e^¸9Þƒ¯˜r|µ×`P%t\ÙÅ|QÔN†ã Y¹å_7á:wx#™ã' [ 63.860477][ T7250] xt_hashlimit: size too large, truncated to 1048576 [ 64.387190][ T7297] xt_hashlimit: size too large, truncated to 1048576 [ 64.529746][ T7309] __nla_validate_parse: 13 callbacks suppressed [ 64.529759][ T7309] netlink: 48 bytes leftover after parsing attributes in process `syz.3.473'. [ 64.736936][ T7324] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 64.764501][ T7330] xt_hashlimit: size too large, truncated to 1048576 [ 64.910530][ T7344] netlink: 48 bytes leftover after parsing attributes in process `syz.1.485'. [ 65.212753][ T838] usb 8-1: new low-speed USB device number 4 using dummy_hcd [ 65.264476][ T7376] xt_hashlimit: size too large, truncated to 1048576 [ 65.363208][ T838] usb 8-1: Invalid ep0 maxpacket: 64 [ 65.439572][ T7386] netlink: 48 bytes leftover after parsing attributes in process `syz.2.501'. [ 65.492545][ T838] usb 8-1: new low-speed USB device number 5 using dummy_hcd [ 65.591916][ T7390] netlink: 52 bytes leftover after parsing attributes in process `syz.2.503'. [ 65.595409][ T7390] netlink: 8 bytes leftover after parsing attributes in process `syz.2.503'. [ 65.598179][ T7390] tipc: MTU too low for tipc bearer [ 65.642694][ T838] usb 8-1: Invalid ep0 maxpacket: 64 [ 65.646272][ T838] usb usb8-port1: attempt power cycle [ 65.681417][ T7402] xt_hashlimit: size too large, truncated to 1048576 [ 65.785813][ T7413] netlink: 48 bytes leftover after parsing attributes in process `syz.0.511'. [ 65.982524][ T838] usb 8-1: new low-speed USB device number 6 using dummy_hcd [ 66.001845][ T7433] 9pnet_virtio: no channels available for device syz [ 66.003943][ T838] usb 8-1: Invalid ep0 maxpacket: 64 [ 66.132677][ T838] usb 8-1: new low-speed USB device number 7 using dummy_hcd [ 66.150433][ T7441] netlink: 292 bytes leftover after parsing attributes in process `syz.1.520'. [ 66.163809][ T838] usb 8-1: Invalid ep0 maxpacket: 64 [ 66.166171][ T838] usb usb8-port1: unable to enumerate USB device [ 66.232615][ T836] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 66.309023][ T7448] netlink: 48 bytes leftover after parsing attributes in process `syz.1.523'. [ 66.382744][ T836] usb 5-1: Using ep0 maxpacket: 16 [ 66.386556][ T836] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 66.390422][ T836] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 66.395222][ T836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.399171][ T836] usb 5-1: config 0 descriptor?? [ 66.411450][ T836] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input7 [ 66.423621][ T7454] xt_hashlimit: size too large, truncated to 1048576 [ 66.603454][ T40] kauditd_printk_skb: 40 callbacks suppressed [ 66.603465][ T40] audit: type=1400 audit(1748219576.080:322): avc: denied { sqpoll } for pid=7424 comm="syz.0.515" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 66.611342][ T40] audit: type=1400 audit(1748219576.080:323): avc: denied { write } for pid=7424 comm="syz.0.515" name="mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 66.716658][ T5326] bcm5974 5-1:0.0: could not read from device [ 66.721207][ T836] bcm5974 5-1:0.0: could not read from device [ 66.725353][ T5326] bcm5974 5-1:0.0: could not read from device [ 66.730312][ T836] input: failed to attach handler mousedev to device input7, error: -5 [ 66.735978][ T5326] bcm5974 5-1:0.0: could not read from device [ 66.745388][ T6715] bcm5974 5-1:0.0: could not read from device [ 66.746881][ T836] usb 5-1: USB disconnect, device number 2 [ 66.750201][ T5326] bcm5974 5-1:0.0: could not read from device [ 66.986786][ T40] audit: type=1326 audit(1748219576.460:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7467 comm="syz.2.529" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fee3058e969 code=0x0 [ 67.024277][ T40] audit: type=1400 audit(1748219576.500:325): avc: denied { write } for pid=7469 comm="syz.1.530" name="cgroup.subtree_control" dev="cgroup2" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 67.031869][ T40] audit: type=1400 audit(1748219576.500:326): avc: denied { open } for pid=7469 comm="syz.1.530" path="" dev="cgroup2" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 67.090689][ T40] audit: type=1400 audit(1748219576.560:327): avc: denied { execute } for pid=7467 comm="syz.2.529" path="anon_inode:[kvm-gmem]" dev="anon_inodefs" ino=16214 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 67.098778][ T40] audit: type=1800 audit(1748219576.560:328): pid=7473 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.529" name="[kvm-gmem]" dev="anon_inodefs" ino=16214 res=0 errno=0 [ 67.105447][ T40] audit: type=1400 audit(1748219576.570:329): avc: denied { write } for pid=7467 comm="syz.2.529" name="/" dev="9p" ino=35913887 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 67.112218][ T40] audit: type=1400 audit(1748219576.570:330): avc: denied { add_name } for pid=7467 comm="syz.2.529" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 67.119052][ T40] audit: type=1400 audit(1748219576.570:331): avc: denied { create } for pid=7467 comm="syz.2.529" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 67.151807][ T7475] netlink: 48 bytes leftover after parsing attributes in process `syz.1.532'. [ 67.729264][ T7502] netlink: 48 bytes leftover after parsing attributes in process `syz.0.541'. [ 67.836096][ T7508] xt_hashlimit: size too large, truncated to 1048576 [ 68.292466][ T836] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 68.453059][ T836] usb 5-1: Using ep0 maxpacket: 32 [ 68.463957][ T836] usb 5-1: config 0 has no interfaces? [ 68.468390][ T836] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 68.472108][ T836] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 68.482837][ T836] usb 5-1: Product: syz [ 68.484637][ T836] usb 5-1: Manufacturer: syz [ 68.486605][ T836] usb 5-1: SerialNumber: syz [ 68.519323][ T836] usb 5-1: config 0 descriptor?? [ 68.596423][ T7546] xt_hashlimit: size too large, truncated to 1048576 [ 68.726674][ T5968] usb 5-1: USB disconnect, device number 3 [ 69.294980][ T7512] Set syz1 is full, maxelem 65536 reached [ 69.387865][ T7588] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 69.532220][ T7600] Invalid source name [ 69.534037][ T7600] UBIFS error (pid: 7600): cannot open "/dev/sg0", error -22 [ 69.540793][ T7600] program syz.0.571 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 69.574272][ T7602] xt_hashlimit: size too large, truncated to 1048576 [ 69.650666][ T7608] __nla_validate_parse: 4 callbacks suppressed [ 69.650678][ T7608] netlink: 48 bytes leftover after parsing attributes in process `syz.1.574'. [ 69.788835][ T7626] tmpfs: Bad value for 'mpol' [ 69.831980][ T7631] block device autoloading is deprecated and will be removed. [ 70.034795][ T7646] xt_hashlimit: size too large, truncated to 1048576 [ 70.068062][ T7649] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request [ 70.283335][ T7672] netlink: 12 bytes leftover after parsing attributes in process `syz.1.599'. [ 70.445545][ T7676] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 70.492708][ C2] ata1: illegal qc_active transition (00000000->00004000) [ 70.532516][ T10] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 70.645055][ T7683] xt_hashlimit: size too large, truncated to 1048576 [ 70.706492][ T10] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 70.709342][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 70.714445][ T10] usb 6-1: Product: syz [ 70.715814][ T10] usb 6-1: Manufacturer: syz [ 70.717267][ T10] usb 6-1: SerialNumber: syz [ 70.722799][ T10] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 70.817038][ T1112] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300) [ 70.821913][ T1112] ata1.00: configured for UDMA/100 [ 70.915092][ T5988] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 71.138980][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.141958][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.208672][ T7716] fuse: Unknown parameter 'f$ 127*þŠG^T§"0x0000000000000007' [ 71.375807][ T7724] xt_hashlimit: size too large, truncated to 1048576 [ 71.663885][ T40] kauditd_printk_skb: 80 callbacks suppressed [ 71.663902][ T40] audit: type=1326 audit(1748219581.140:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7738 comm="syz.2.621" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fee3058e969 code=0x0 [ 71.811703][ T40] audit: type=1400 audit(1748219581.280:413): avc: denied { mounton } for pid=7756 comm="syz.1.625" path="/proc/385/cgroup" dev="proc" ino=20639 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 71.822064][ T40] audit: type=1400 audit(1748219581.300:414): avc: denied { write } for pid=7756 comm="syz.1.625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 71.931527][ T7771] xt_hashlimit: size too large, truncated to 1048576 [ 71.932488][ T5988] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 71.936508][ T5988] ath9k_htc: Failed to initialize the device [ 71.959737][ T5988] usb 6-1: ath9k_htc: USB layer deinitialized [ 72.054352][ T40] audit: type=1400 audit(1748219581.530:415): avc: denied { name_connect } for pid=7780 comm="syz.2.633" dest=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1 [ 72.126449][ T7791] Cannot find add_set index 4 as target [ 72.408170][ T7819] xt_hashlimit: size too large, truncated to 1048576 [ 72.488180][ T40] audit: type=1400 audit(1748219581.960:416): avc: denied { ioctl } for pid=7824 comm="syz.1.646" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1294 ioctlcmd=0x4c0a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 72.645869][ T40] audit: type=1400 audit(1748219582.120:417): avc: denied { getopt } for pid=7836 comm="syz.3.650" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 72.706551][ T40] audit: type=1400 audit(1748219582.180:418): avc: denied { read } for pid=7839 comm="syz.0.652" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 72.760486][ T7844] netlink: 192 bytes leftover after parsing attributes in process `syz.3.653'. [ 72.919026][ T7858] binder: BINDER_SET_CONTEXT_MGR already set [ 72.921092][ T7858] binder: 7856:7858 ioctl 4018620d 200000000300 returned -16 [ 72.944594][ T7861] xt_hashlimit: size too large, truncated to 1048576 [ 73.380254][ T7895] netlink: 284 bytes leftover after parsing attributes in process `syz.2.669'. [ 73.402647][ T40] audit: type=1800 audit(1748219582.870:419): pid=7898 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.670" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 73.466481][ T7904] (unnamed net_device) (uninitialized): (slave gretap0): Device is not bonding slave [ 73.469488][ T7904] (unnamed net_device) (uninitialized): option active_slave: invalid value (gretap0) [ 73.476027][ T40] audit: type=1400 audit(1748219582.950:420): avc: denied { allowed } for pid=7903 comm="syz.3.672" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 73.487768][ T7906] xt_hashlimit: size too large, truncated to 1048576 [ 73.645437][ T7927] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=58480 sclass=netlink_route_socket pid=7927 comm=syz.0.680 [ 73.652461][ T40] audit: type=1400 audit(1748219583.120:421): avc: denied { ioctl } for pid=7926 comm="syz.0.680" path="socket:[18870]" dev="sockfs" ino=18870 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 73.806294][ T7947] xt_hashlimit: size too large, truncated to 1048576 [ 73.898326][ T7955] netlink: 36 bytes leftover after parsing attributes in process `syz.3.692'. [ 73.901110][ T7955] netlink: 16 bytes leftover after parsing attributes in process `syz.3.692'. [ 73.904816][ T7955] netlink: 36 bytes leftover after parsing attributes in process `syz.3.692'. [ 73.907661][ T7955] netlink: 36 bytes leftover after parsing attributes in process `syz.3.692'. [ 74.011229][ T7966] (unnamed net_device) (uninitialized): Unable to set down delay as MII monitoring is disabled [ 74.077532][ T7978] xt_hashlimit: size too large, truncated to 1048576 [ 74.105947][ T7980] netlink: 4 bytes leftover after parsing attributes in process `syz.0.702'. [ 74.133524][ T7977] netlink: 1272 bytes leftover after parsing attributes in process `syz.1.697'. [ 74.249179][ T7999] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 74.273952][ T8001] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 74.303884][ C3] vkms_vblank_simulate: vblank timer overrun [ 74.489438][ T8010] Failed to get privilege flags for destination (handle=0x2:0xd) [ 74.538186][ T8014] xt_hashlimit: size too large, truncated to 1048576 [ 74.664297][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.666933][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.670060][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.674178][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x2 [ 74.676691][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.679143][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.681627][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.684883][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.687356][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.689806][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.692257][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.695266][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.697736][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.700183][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.703302][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.705996][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.708433][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.710982][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.714167][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.717422][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.719977][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.726122][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.728588][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.731063][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.734030][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.736649][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.739133][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.741896][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.745195][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.748328][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.751461][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.754939][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.758146][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.761335][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.765123][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.768305][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.771492][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.775267][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.778497][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.781108][ T837] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0 [ 74.787699][ T837] hid-generic 0000:007F:FFFFFFFE.0002: hidraw1: HID v0.00 Device [syz1] on syz0 [ 74.860180][ T8041] fido_id[8041]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 75.045194][ T8056] dlm: no locking on control device [ 75.099582][ T8058] ip6t_srh: unknown srh invflags 7863 [ 75.147453][ T8062] xt_hashlimit: size too large, truncated to 1048576 [ 75.442672][ T8076] __nla_validate_parse: 1 callbacks suppressed [ 75.442684][ T8076] netlink: 1268 bytes leftover after parsing attributes in process `syz.0.731'. [ 75.881662][ T8094] IPVS: Error connecting to the multicast addr [ 75.912211][ T8096] xt_hashlimit: size too large, truncated to 1048576 [ 75.962564][ T8101] vlan2: entered promiscuous mode [ 75.964509][ T8101] veth0_to_team: entered promiscuous mode [ 76.164227][ T8114] FAULT_INJECTION: forcing a failure. [ 76.164227][ T8114] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 76.168691][ T8114] CPU: 2 UID: 0 PID: 8114 Comm: syz.2.749 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 76.168722][ T8114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.168733][ T8114] Call Trace: [ 76.168739][ T8114] [ 76.168747][ T8114] dump_stack_lvl+0x16c/0x1f0 [ 76.168794][ T8114] should_fail_ex+0x512/0x640 [ 76.168831][ T8114] _copy_from_user+0x2e/0xd0 [ 76.168857][ T8114] copy_msghdr_from_user+0x98/0x160 [ 76.168872][ T8114] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 76.168886][ T8114] ? __pfx__kstrtoull+0x10/0x10 [ 76.168901][ T8114] ___sys_sendmsg+0xfe/0x1d0 [ 76.168913][ T8114] ? __pfx____sys_sendmsg+0x10/0x10 [ 76.168932][ T8114] ? find_held_lock+0x2b/0x80 [ 76.168954][ T8114] __sys_sendmmsg+0x200/0x420 [ 76.168968][ T8114] ? __pfx___sys_sendmmsg+0x10/0x10 [ 76.168985][ T8114] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 76.169007][ T8114] ? fput+0x70/0xf0 [ 76.169020][ T8114] ? ksys_write+0x1b9/0x240 [ 76.169036][ T8114] ? __pfx_ksys_write+0x10/0x10 [ 76.169051][ T8114] ? rcu_is_watching+0x12/0xc0 [ 76.169067][ T8114] __x64_sys_sendmmsg+0x9c/0x100 [ 76.169080][ T8114] ? lockdep_hardirqs_on+0x7c/0x110 [ 76.169094][ T8114] do_syscall_64+0xcd/0x260 [ 76.169111][ T8114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.169123][ T8114] RIP: 0033:0x7fee3058e969 [ 76.169132][ T8114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.169142][ T8114] RSP: 002b:00007fee313ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 76.169153][ T8114] RAX: ffffffffffffffda RBX: 00007fee307b5fa0 RCX: 00007fee3058e969 [ 76.169160][ T8114] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004 [ 76.169166][ T8114] RBP: 00007fee313ff090 R08: 0000000000000000 R09: 0000000000000000 [ 76.169173][ T8114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.169179][ T8114] R13: 0000000000000000 R14: 00007fee307b5fa0 R15: 00007ffd7a9f1518 [ 76.169192][ T8114] [ 76.285821][ T8123] mmap: syz.3.752 (8123): VmData 37859328 exceed data ulimit 4. Update limits or use boot option ignore_rlimit_data. [ 76.481036][ T8141] xt_hashlimit: size too large, truncated to 1048576 [ 76.534595][ T8145] netlink: 'syz.3.760': attribute type 3 has an invalid length. [ 76.538728][ T8150] FAULT_INJECTION: forcing a failure. [ 76.538728][ T8150] name failslab, interval 1, probability 0, space 0, times 0 [ 76.543748][ T8150] CPU: 1 UID: 0 PID: 8150 Comm: syz.1.762 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 76.543763][ T8150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.543770][ T8150] Call Trace: [ 76.543774][ T8150] [ 76.543778][ T8150] dump_stack_lvl+0x16c/0x1f0 [ 76.543797][ T8150] should_fail_ex+0x512/0x640 [ 76.543814][ T8150] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 76.543827][ T8150] should_failslab+0xc2/0x120 [ 76.543839][ T8150] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 76.543849][ T8150] ? __alloc_skb+0x2b2/0x380 [ 76.543864][ T8150] __alloc_skb+0x2b2/0x380 [ 76.543874][ T8150] ? __pfx___alloc_skb+0x10/0x10 [ 76.543887][ T8150] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 76.543905][ T8150] netlink_alloc_large_skb+0x69/0x130 [ 76.543920][ T8150] netlink_sendmsg+0x6a1/0xdd0 [ 76.543936][ T8150] ? __pfx_netlink_sendmsg+0x10/0x10 [ 76.543955][ T8150] ____sys_sendmsg+0xa95/0xc70 [ 76.543971][ T8150] ? copy_msghdr_from_user+0x10a/0x160 [ 76.543984][ T8150] ? __pfx_____sys_sendmsg+0x10/0x10 [ 76.544001][ T8150] ? __pfx__kstrtoull+0x10/0x10 [ 76.544017][ T8150] ___sys_sendmsg+0x134/0x1d0 [ 76.544030][ T8150] ? __pfx____sys_sendmsg+0x10/0x10 [ 76.544048][ T8150] ? find_held_lock+0x2b/0x80 [ 76.544071][ T8150] __sys_sendmmsg+0x200/0x420 [ 76.544085][ T8150] ? __pfx___sys_sendmmsg+0x10/0x10 [ 76.544102][ T8150] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 76.544124][ T8150] ? fput+0x70/0xf0 [ 76.544136][ T8150] ? ksys_write+0x1b9/0x240 [ 76.544152][ T8150] ? __pfx_ksys_write+0x10/0x10 [ 76.544168][ T8150] ? rcu_is_watching+0x12/0xc0 [ 76.544183][ T8150] __x64_sys_sendmmsg+0x9c/0x100 [ 76.544196][ T8150] ? lockdep_hardirqs_on+0x7c/0x110 [ 76.544211][ T8150] do_syscall_64+0xcd/0x260 [ 76.544228][ T8150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.544239][ T8150] RIP: 0033:0x7f67ef78e969 [ 76.544248][ T8150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.544258][ T8150] RSP: 002b:00007f67ed5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 76.544268][ T8150] RAX: ffffffffffffffda RBX: 00007f67ef9b5fa0 RCX: 00007f67ef78e969 [ 76.544275][ T8150] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004 [ 76.544282][ T8150] RBP: 00007f67ed5f6090 R08: 0000000000000000 R09: 0000000000000000 [ 76.544288][ T8150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.544294][ T8150] R13: 0000000000000000 R14: 00007f67ef9b5fa0 R15: 00007ffd5f8849d8 [ 76.544319][ T8150] [ 76.661488][ T8154] netlink: 1268 bytes leftover after parsing attributes in process `syz.2.761'. [ 76.682202][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 76.682212][ T40] audit: type=1400 audit(1748219586.150:435): avc: denied { create } for pid=8159 comm="syz.1.765" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 76.704020][ T8160] capability: warning: `syz.1.765' uses 32-bit capabilities (legacy support in use) [ 76.802623][ T40] audit: type=1400 audit(1748219586.280:436): avc: denied { getopt } for pid=8164 comm="syz.3.767" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 76.832897][ T40] audit: type=1400 audit(1748219586.310:437): avc: denied { unlink } for pid=5929 comm="syz-executor" name="file0" dev="tmpfs" ino=982 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 76.850444][ T40] audit: type=1400 audit(1748219586.320:438): avc: denied { read } for pid=8169 comm="syz.1.770" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 76.966191][ T8179] xt_hashlimit: size too large, truncated to 1048576 [ 77.108609][ T8191] netlink: 20 bytes leftover after parsing attributes in process `syz.0.778'. [ 77.136033][ T8194] geneve1: mtu less than device minimum [ 77.182119][ T40] audit: type=1400 audit(1748219586.650:439): avc: denied { read } for pid=8189 comm="syz.0.778" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 77.253087][ T8203] FAULT_INJECTION: forcing a failure. [ 77.253087][ T8203] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 77.257146][ T8203] CPU: 1 UID: 0 PID: 8203 Comm: syz.0.783 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 77.257161][ T8203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.257167][ T8203] Call Trace: [ 77.257171][ T8203] [ 77.257176][ T8203] dump_stack_lvl+0x16c/0x1f0 [ 77.257207][ T8203] should_fail_ex+0x512/0x640 [ 77.257231][ T8203] _copy_from_user+0x2e/0xd0 [ 77.257247][ T8203] copy_msghdr_from_user+0x98/0x160 [ 77.257261][ T8203] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 77.257280][ T8203] ___sys_sendmsg+0xfe/0x1d0 [ 77.257293][ T8203] ? __pfx____sys_sendmsg+0x10/0x10 [ 77.257321][ T8203] __sys_sendmsg+0x16d/0x220 [ 77.257334][ T8203] ? __pfx___sys_sendmsg+0x10/0x10 [ 77.257350][ T8203] ? rcu_is_watching+0x12/0xc0 [ 77.257367][ T8203] do_syscall_64+0xcd/0x260 [ 77.257385][ T8203] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.257397][ T8203] RIP: 0033:0x7f75da98e969 [ 77.257406][ T8203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.257416][ T8203] RSP: 002b:00007f75d87f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 77.257427][ T8203] RAX: ffffffffffffffda RBX: 00007f75dabb5fa0 RCX: 00007f75da98e969 [ 77.257433][ T8203] RDX: 0000000020000000 RSI: 0000200000000000 RDI: 0000000000000004 [ 77.257440][ T8203] RBP: 00007f75d87f6090 R08: 0000000000000000 R09: 0000000000000000 [ 77.257446][ T8203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 77.257452][ T8203] R13: 0000000000000000 R14: 00007f75dabb5fa0 R15: 00007ffdb5141bc8 [ 77.257465][ T8203] [ 77.318543][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.321585][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.324700][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.327657][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.330631][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.333832][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.336784][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.339726][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.342931][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.345854][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.348725][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.351623][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.354886][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.357786][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.360665][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.363702][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.366619][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.369826][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.372858][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.375803][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.378704][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.381571][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.384576][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.387481][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.390348][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.393257][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.396151][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.399004][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.402773][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.406696][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.409718][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.413884][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.416946][ T8198] usb usb9: usbfs: process 8198 (syz.3.781) did not claim interface 44 before use [ 77.434118][ T40] audit: type=1400 audit(1748219586.910:440): avc: denied { associate } for pid=8210 comm="syz.1.786" name="cpuset.effective_cpus" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 77.441318][ T40] audit: type=1400 audit(1748219586.910:441): avc: denied { append } for pid=8210 comm="syz.1.786" path="/197/file0/cpuset.effective_cpus" dev="9p" ino=35913958 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 77.449266][ T40] audit: type=1400 audit(1748219586.920:442): avc: denied { mounton } for pid=8210 comm="syz.1.786" path="/197/file0/file0" dev="9p" ino=35913890 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 77.456777][ T40] audit: type=1400 audit(1748219586.920:443): avc: denied { mount } for pid=8210 comm="syz.1.786" name="/" dev="ramfs" ino=20408 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 77.464204][ T40] audit: type=1400 audit(1748219586.940:444): avc: denied { append } for pid=8210 comm="syz.1.786" name="pmem0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 77.509655][ T8213] sctp: [Deprecated]: syz.3.787 (pid 8213) Use of int in max_burst socket option. [ 77.509655][ T8213] Use struct sctp_assoc_value instead [ 77.520171][ T8213] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes. [ 77.529631][ T8213] netlink: 36 bytes leftover after parsing attributes in process `syz.3.787'. [ 77.535005][ T8213] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 77.617800][ T8224] xt_hashlimit: size too large, truncated to 1048576 [ 77.671361][ T8228] netlink: 'syz.0.790': attribute type 10 has an invalid length. [ 77.681146][ T8228] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 77.695373][ T8225] netlink: 28 bytes leftover after parsing attributes in process `syz.0.790'. [ 77.702461][ T8225] nbd: must specify at least one socket [ 77.728242][ T8232] FAULT_INJECTION: forcing a failure. [ 77.728242][ T8232] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 77.737972][ T8232] CPU: 0 UID: 0 PID: 8232 Comm: syz.0.793 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 77.737988][ T8232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.737994][ T8232] Call Trace: [ 77.737998][ T8232] [ 77.738003][ T8232] dump_stack_lvl+0x16c/0x1f0 [ 77.738022][ T8232] should_fail_ex+0x512/0x640 [ 77.738041][ T8232] _copy_from_iter+0x2a4/0x15b0 [ 77.738059][ T8232] ? __alloc_skb+0x200/0x380 [ 77.738071][ T8232] ? __pfx__copy_from_iter+0x10/0x10 [ 77.738088][ T8232] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 77.738107][ T8232] netlink_sendmsg+0x829/0xdd0 [ 77.738123][ T8232] ? __pfx_netlink_sendmsg+0x10/0x10 [ 77.738142][ T8232] ____sys_sendmsg+0xa95/0xc70 [ 77.738158][ T8232] ? copy_msghdr_from_user+0x10a/0x160 [ 77.738170][ T8232] ? __pfx_____sys_sendmsg+0x10/0x10 [ 77.738188][ T8232] ? __pfx__kstrtoull+0x10/0x10 [ 77.738203][ T8232] ___sys_sendmsg+0x134/0x1d0 [ 77.738215][ T8232] ? __pfx____sys_sendmsg+0x10/0x10 [ 77.738234][ T8232] ? find_held_lock+0x2b/0x80 [ 77.738257][ T8232] __sys_sendmmsg+0x200/0x420 [ 77.738288][ T8232] ? __pfx___sys_sendmmsg+0x10/0x10 [ 77.738307][ T8232] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 77.738329][ T8232] ? fput+0x70/0xf0 [ 77.738341][ T8232] ? ksys_write+0x1b9/0x240 [ 77.738357][ T8232] ? __pfx_ksys_write+0x10/0x10 [ 77.738372][ T8232] ? rcu_is_watching+0x12/0xc0 [ 77.738387][ T8232] __x64_sys_sendmmsg+0x9c/0x100 [ 77.738400][ T8232] ? lockdep_hardirqs_on+0x7c/0x110 [ 77.738414][ T8232] do_syscall_64+0xcd/0x260 [ 77.738431][ T8232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.738443][ T8232] RIP: 0033:0x7f75da98e969 [ 77.738452][ T8232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.738462][ T8232] RSP: 002b:00007f75d87f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 77.738473][ T8232] RAX: ffffffffffffffda RBX: 00007f75dabb5fa0 RCX: 00007f75da98e969 [ 77.738479][ T8232] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004 [ 77.738486][ T8232] RBP: 00007f75d87f6090 R08: 0000000000000000 R09: 0000000000000000 [ 77.738492][ T8232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 77.738498][ T8232] R13: 0000000000000000 R14: 00007f75dabb5fa0 R15: 00007ffdb5141bc8 [ 77.738511][ T8232] [ 77.909630][ T8251] tmpfs: Unknown parameter 'q' [ 78.001532][ T8252] netlink: 1272 bytes leftover after parsing attributes in process `syz.0.797'. [ 78.061123][ T8256] FAULT_INJECTION: forcing a failure. [ 78.061123][ T8256] name failslab, interval 1, probability 0, space 0, times 0 [ 78.065709][ T8256] CPU: 0 UID: 0 PID: 8256 Comm: syz.2.801 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 78.065724][ T8256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 78.065731][ T8256] Call Trace: [ 78.065735][ T8256] [ 78.065739][ T8256] dump_stack_lvl+0x16c/0x1f0 [ 78.065760][ T8256] should_fail_ex+0x512/0x640 [ 78.065775][ T8256] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 78.065792][ T8256] should_failslab+0xc2/0x120 [ 78.065805][ T8256] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 78.065815][ T8256] ? __alloc_skb+0x2b2/0x380 [ 78.065830][ T8256] __alloc_skb+0x2b2/0x380 [ 78.065841][ T8256] ? __pfx___alloc_skb+0x10/0x10 [ 78.065852][ T8256] ? selinux_socket_getpeersec_dgram+0x1a4/0x370 [ 78.065868][ T8256] ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10 [ 78.065887][ T8256] netlink_alloc_large_skb+0x69/0x130 [ 78.065903][ T8256] netlink_sendmsg+0x6a1/0xdd0 [ 78.065919][ T8256] ? __pfx_netlink_sendmsg+0x10/0x10 [ 78.065939][ T8256] ____sys_sendmsg+0xa95/0xc70 [ 78.065955][ T8256] ? copy_msghdr_from_user+0x10a/0x160 [ 78.065967][ T8256] ? __pfx_____sys_sendmsg+0x10/0x10 [ 78.065989][ T8256] ___sys_sendmsg+0x134/0x1d0 [ 78.066002][ T8256] ? __pfx____sys_sendmsg+0x10/0x10 [ 78.066031][ T8256] __sys_sendmsg+0x16d/0x220 [ 78.066043][ T8256] ? __pfx___sys_sendmsg+0x10/0x10 [ 78.066060][ T8256] ? rcu_is_watching+0x12/0xc0 [ 78.066077][ T8256] do_syscall_64+0xcd/0x260 [ 78.066094][ T8256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.066106][ T8256] RIP: 0033:0x7fee3058e969 [ 78.066114][ T8256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.066125][ T8256] RSP: 002b:00007fee313ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 78.066135][ T8256] RAX: ffffffffffffffda RBX: 00007fee307b5fa0 RCX: 00007fee3058e969 [ 78.066142][ T8256] RDX: 0000000020000000 RSI: 0000200000000000 RDI: 0000000000000004 [ 78.066148][ T8256] RBP: 00007fee313ff090 R08: 0000000000000000 R09: 0000000000000000 [ 78.066155][ T8256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 78.066161][ T8256] R13: 0000000000000000 R14: 00007fee307b5fa0 R15: 00007ffd7a9f1518 [ 78.066174][ T8256] [ 78.202428][ T57] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 78.261241][ T8211] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN NOPTI [ 78.265010][ T8211] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 78.269249][ T8211] CPU: 3 UID: 0 PID: 8211 Comm: syz.1.786 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 78.272805][ T8211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 78.276111][ T8211] RIP: 0010:iter_file_splice_write+0xa4e/0x1150 [ 78.278049][ T8211] Code: 00 48 89 fa 48 c1 ea 03 80 3c 1a 00 0f 85 1a 05 00 00 4d 8b 65 10 49 c7 45 10 00 00 00 00 49 8d 7c 24 08 48 89 fa 48 c1 ea 03 <80> 3c 1a 00 0f 85 ee 04 00 00 49 8b 54 24 08 4c 89 ee 4c 89 f7 83 [ 78.283974][ T8211] RSP: 0018:ffffc90003fbf918 EFLAGS: 00010202 [ 78.285863][ T8211] RAX: 0000000000080000 RBX: dffffc0000000000 RCX: ffffc900078d3000 [ 78.288277][ T8211] RDX: 0000000000000001 RSI: ffffffff82434396 RDI: 0000000000000008 [ 78.290718][ T8211] RBP: 0000000000000119 R08: 0000000000000006 R09: 0000000000000000 [ 78.293139][ T8211] R10: 7fffffffffffefff R11: 0000000000000000 R12: 0000000000000000 [ 78.295589][ T8211] R13: ffff88805cf1e968 R14: ffff88802b87bc00 R15: 7fffffffffffefff [ 78.298023][ T8211] FS: 00007f67ed5f66c0(0000) GS:ffff8880d6cda000(0000) knlGS:0000000000000000 [ 78.300791][ T8211] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.302903][ T8211] CR2: 000000110c3f4cd7 CR3: 0000000054932000 CR4: 0000000000352ef0 [ 78.305366][ T8211] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 78.307821][ T8211] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 78.310274][ T8211] Call Trace: [ 78.311332][ T8211] [ 78.312275][ T8211] ? __pfx_iter_file_splice_write+0x10/0x10 [ 78.314153][ T8211] ? __pfx_iter_file_splice_write+0x10/0x10 [ 78.316002][ T8211] direct_splice_actor+0x192/0x6c0 [ 78.317610][ T8211] splice_direct_to_actor+0x342/0xa30 [ 78.319296][ T8211] ? __pfx_direct_splice_actor+0x10/0x10 [ 78.321340][ T8211] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 78.323191][ T8211] ? __pfx___might_resched+0x10/0x10 [ 78.324866][ T8211] do_splice_direct+0x174/0x240 [ 78.326399][ T8211] ? __pfx_do_splice_direct+0x10/0x10 [ 78.328071][ T8211] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 78.329921][ T8211] ? rw_verify_area+0xcf/0x680 [ 78.331423][ T8211] do_sendfile+0xafd/0xe50 [ 78.332829][ T8211] ? __pfx_do_sendfile+0x10/0x10 [ 78.334403][ T8211] ? __x64_sys_futex+0x1e0/0x4c0 [ 78.335960][ T8211] ? __x64_sys_futex+0x1e9/0x4c0 [ 78.337513][ T8211] __x64_sys_sendfile64+0x1d8/0x220 [ 78.339143][ T8211] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 78.340905][ T8211] ? rcu_is_watching+0x12/0xc0 [ 78.342419][ T8211] do_syscall_64+0xcd/0x260 [ 78.343863][ T8211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.345696][ T8211] RIP: 0033:0x7f67ef78e969 [ 78.347099][ T8211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.352957][ T8211] RSP: 002b:00007f67ed5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 78.355525][ T8211] RAX: ffffffffffffffda RBX: 00007f67ef9b5fa0 RCX: 00007f67ef78e969 [ 78.357962][ T8211] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006 [ 78.360407][ T8211] RBP: 00007f67ef810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 78.362849][ T8211] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000000 [ 78.365296][ T8211] R13: 0000000000000000 R14: 00007f67ef9b5fa0 R15: 00007ffd5f8849d8 [ 78.367757][ T8211] [ 78.368739][ T8211] Modules linked in: [ 78.370033][ C3] vkms_vblank_simulate: vblank timer overrun [ 78.372335][ T8211] ---[ end trace 0000000000000000 ]--- [ 78.374705][ T8211] RIP: 0010:iter_file_splice_write+0xa4e/0x1150 [ 78.376682][ T8211] Code: 00 48 89 fa 48 c1 ea 03 80 3c 1a 00 0f 85 1a 05 00 00 4d 8b 65 10 49 c7 45 10 00 00 00 00 49 8d 7c 24 08 48 89 fa 48 c1 ea 03 <80> 3c 1a 00 0f 85 ee 04 00 00 49 8b 54 24 08 4c 89 ee 4c 89 f7 83 [ 78.382805][ T8211] RSP: 0018:ffffc90003fbf918 EFLAGS: 00010202 [ 78.384747][ T8211] RAX: 0000000000080000 RBX: dffffc0000000000 RCX: ffffc900078d3000 [ 78.387276][ T8211] RDX: 0000000000000001 RSI: ffffffff82434396 RDI: 0000000000000008 [ 78.389719][ T8211] RBP: 0000000000000119 R08: 0000000000000006 R09: 0000000000000000 [ 78.392165][ T8211] R10: 7fffffffffffefff R11: 0000000000000000 R12: 0000000000000000 [ 78.394903][ T8211] R13: ffff88805cf1e968 R14: ffff88802b87bc00 R15: 7fffffffffffefff [ 78.397387][ T8211] FS: 00007f67ed5f66c0(0000) GS:ffff8880d6cda000(0000) knlGS:0000000000000000 [ 78.400194][ T8211] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.402240][ T8211] CR2: 000000110c3f4cd7 CR3: 0000000054932000 CR4: 0000000000352ef0 [ 78.404795][ T8211] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 78.407995][ T8211] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 78.410555][ T8211] Kernel panic - not syncing: Fatal exception [ 78.413138][ T8211] Kernel Offset: disabled [ 78.414533][ T8211] Rebooting in 86400 seconds.. VM DIAGNOSIS: 00:33:07 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffff88806a73f740 RCX=ffffc9000c001000 RDX=0000000000080000 RSI=ffffffff81af2e73 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90004c8edb0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed100d4e7ee9 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88806a43b040 RIP=ffffffff81af2e7a RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fee313ff6c0 ffffffff 00c00000 GS =0000 ffff8880d69da000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fee307b7bac CR3=0000000054902000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000040000400 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdb5141f50 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75daa11a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75daa11a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75daa11a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75daa11aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75daa11b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75daa11c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000001 RBX=ffff88806a7415c0 RCX=ffffffff81af2e99 RDX=ffff888024942440 RSI=ffffffff81af2e73 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000369f930 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed100d4e82b9 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88806a53b040 RIP=ffffffff81bb462b RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6ada000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c2c8163 CR3=000000000e180000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000040000400 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff047725f0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f54b6211a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f54b6211a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f54b6211a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f54b6211aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f54b6211b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f54b6211c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000001 RBX=ffff8880327bd040 RCX=ffffffff8b6518e2 RDX=ffff888056a8a440 RSI=ffffffff8b6518ee RDI=ffffffff9affe180 RBP=ffff888033427180 RSP=ffffc9000485f850 R8 =0000000000000001 R9 =fffffbfff35ffc30 R10=0000000000000003 R11=0000000000000001 R12=dffffc0000000000 R13=0000000000000001 R14=0000000000000000 R15=ffff888033427680 RIP=ffffffff81bb4600 RFL=00000207 [-----PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f8635f59880 ffffffff 00c00000 GS =0000 ffff8880d6bda000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f8635f42000 CR3=0000000036ee3000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0d00000 Opmask01=0000000000000001 Opmask02=000000000000ffdf Opmask03=0000000000000000 Opmask04=00000000ffffffbf Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055a437dca800 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055a437ddd438 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055a437dd1178 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f86359f1b20 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffffffff000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffff000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2a2a7f8e1df43b8a 2a2a7f8e1dd9a62a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2a2a55ac1fa06131 2a2a7f8e1dca8685 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 20676e6964616572 004b4f2034366f66 6e695f706f6f6c20 676e696461657200 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 05424b4c41444057 004b4f0511134a43 4b4c5f554a4a4905 424b4c4144405700 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 313030495043412f 30303a5355425953 584e4c2f30303a4d 54535953584e4c2f ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000003c61 0000000000000000 0000000000000000 306d656d702f6b63 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 322e392d3533712d 63707276703a5f39 3030322c39484349 2b3533515f435064 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7261646e6174536e 703a554d45516e76 733a302e3072623a 343130322f31302f ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343064623a312b32 316f70625f322d33 2e36312e312d6e61 696265642d332e36 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000000000d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854fb975 RDI=ffffffff9adfe5a0 RBP=ffffffff9adfe560 RSP=ffffc90003fbf310 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000004153414b R12=0000000000000000 R13=000000000000000d R14=ffffffff9adfe560 R15=ffffffff854fb910 RIP=ffffffff854fb99f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f67ed5f66c0 ffffffff 00c00000 GS =0000 ffff8880d6cda000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c3f4cd7 CR3=0000000054932000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f67ef811a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f67ef811a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f67ef811a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f67ef811aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f67ef811b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f67ef811c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 cca82ae55276067e f0f9815439028425 b14272d32cad572d 4f82d4cc94beb04b ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 040fa3f4c4a4b894 33bc89099d033808 7274013741190004 0008000f0010000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a222850ded53001 da5b72470631efe8 59f6e13e4a636c96 47fe606d3d31be96 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4c1e5131c20b9b72 14a2362c3fb2920e 206b3bc7b57e90a6 43d41d972444b916 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 904ad7468465f922 b136690c82d906e7 dcd5a545b86542ba 4b2b3021cb26ee38 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4769758a80fcf54c 0a222850ded53001 da5b72470631efe8 59f6e13e4a636c96 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47fe606d3d31be96 040fa3f4c4a4b894 33bc89099d033808 7274013741198d27 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 dce4b2daf4700ea5 cdebefab681506e5 709ebe8660fd2433 55082f8b35eb9d0e ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000