last executing test programs: 1m18.373041467s ago: executing program 3 (id=1642): mkdir(&(0x7f00000000c0)='./file1\x00', 0x154) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000140)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) fallocate(r1, 0x0, 0x0, 0x1001f3) 1m18.28380232s ago: executing program 3 (id=1643): ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x0, 0xffffffffffffffff}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={0x58, r3, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x44, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3d, 0x4, {'gcm(aes)\x00', 0x15, "94ab4d33da3b0c589fea4278175e03761ddcb6adcc"}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x4000004) sendmsg$TIPC_NL_NAME_TABLE_GET(r1, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x14, r3, 0x800, 0x70bd28, 0x25dfdbfc}, 0x14}}, 0x200c8000) r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r4, 0xc01864c6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0}) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r7 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r6, &(0x7f0000000500)={@val={0x1c, 0xf5}, @val={0x4, 0x3, 0x9, 0x5, 0xf}, @mpls={[{}], @ipv6=@icmpv6={0x7, 0x6, "991ba0", 0x40, 0x3a, 0x0, @private2={0xfc, 0x2, '\x00', 0xfc}, @remote, {[@srh={0x5e, 0x4, 0x4, 0x2, 0x6, 0x70, 0xb6, [@dev={0xfe, 0x80, '\x00', 0x28}, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}]}], @mld={0x83, 0x0, 0x0, 0x4, 0x9bc8, @mcast1}}}}}, 0x7a) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(r4, 0xc00464c9, &(0x7f0000000080)={r5}) ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(r0, 0xc00464c9, &(0x7f0000000080)={r5}) prlimit64(0x0, 0xb, &(0x7f0000000240)={0x2}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1c, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x8d, 0x0, 0x1}]}) r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSBRKP(r9, 0x5425, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000540)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 1m17.227906442s ago: executing program 3 (id=1660): r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000001a40)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x173b2a80, @dev={0xfe, 0x80, '\x00', 0x1b}, 0x19}, 0x1c, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000008c910fc0000000000000000000000800000000000000040000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa3d32221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695ec1891223a53600d5121b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a0100000000000000e28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c251112e2a59ea0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe95bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6c597eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e64103602000000db47d7990d5a007faccb2f86660079f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab92739be0bdf5b76f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d8418351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)="359db6a0d89e8034e1a0754529a0728a11f11d37b40001233d3905dd7e4f4738ae5ec35fc899d4e79ccb856c0db5ce22ced3978cb5202ccd6324ddec210cf0dec172235c0b7a577999c8e74e0982bd1b453de2bb50ad466cb495552c2ce7f6c2e1b76877e09ebc339cd15e48f8a5e9f28a7f5d927456285f07c60eb20a77a701ad916cd9ecca5449c49cf3d9eb6a6332bd9b8e99d41a52cc4adaf50ab35b109ef967e835d616", 0xa6}], 0x1}}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000300)="41009edd55a47514cab22f7546cf63acbe9c6017a0061cf722f9752b6e51e78d18a24307f3810d86efff47b6dfdaff7959aa314eabb5e393965a608060e13b7eec6e4bd7", 0x44}, {&(0x7f00000034c0)="295848b6a25fbd48a07e25949176775744f471c8d90ebbbd784ab85370e7147afe19d79b4fbc3bc61891af6c2a8299011cc93861c6c1d24783a5123df2bbf5dfd84c27101e65e932809d10a50f7f203f4544473c104dba547a89b2905517b43e2f0e78fa5bf26ba0c79b22ecab19fea3b2ecad37382300f6f805e32e57aad498e44345e2c630ac9708ecb725ac09b5f482de5ad2a8a2b26914ac471b534c008317c907687a96a2dc68278271df9c1fbfd1396cd32da7564deb1fa145ddd8a41f3d7be00537dfce0f1183c9aa878ae87119a76a089398d76fd167e50bdbbd4f420df47cb9aa8d20eb77c176fb56ab26913ff4e10f5354b4cea6a90a03c8650185ec1a3d00447747877b068f5a80dfea0676e7b4d8d25bd62419ec1f7f81bb2666878a12a02b0ce67ec1bf93deeeceede65dc9b5119a9cbae8d4c298fc0abf9b311633cfafa742b3b3e7f9ea3cdd644607d1f683dc102088276c857a8ef556b8ce9d09a40fd6e535571ffff5c045243a8215c69b2d1b87c0cfc4a58743f89cf7bf15d649b9b28f9d99bfe053ecb014c51ad6c6ff958f0c9c612d5e19e30da3cc96abea553b7164d54e3b72f43fc13c3e8b03755c7bbea3f5a9a277da8de9869ecc513e12599e81f01beadef88cb0410a61bbcc15b52089ab19ea068e7c069828e1d801dd401fc3abeb987240838c0ffae66d9e0e1d3708241defc229c6d7cbc35f0106387c154746b88120ecb6e57a13414b4f776325da1a8cc97ca56caf2454ffd029172a1ea2be83e3b54d371f88d71d8980003e0e7df3739764039bd170dc73d55c116bf1759b33417ef4e6a7bfa32ec871934f10897d31a05644c2fbd4cf6f6019ac263bce6828a5911a0b056caefcc30ed17d1e91a3aea1d85366a75a9e399bed61ebea574ed9617411b2c6929e14884e37107a84d7203fd11d45a8a6f49d66fdd71dfa793f1dfe3d0328632de311dbf32766892bb950d7ed034957757b6d997b70b86e2a43bd44c56385a6e72a50b9ff764a7c9e78e920cd0c4f3784d9efa501afdbe5cc21b405a12c3b86bb8daabf33d486e2d22dc097df8e94d08c9312af750689b4d9e48d4571340863f68a94986eda65246c9531d82366ca8f8a9951bd2c55ae42f4e92c0f92262cf697956da73a32aac2f51190eac8c128f46fcae512053aabcb2e696a340d5f5947f8011c68b66c65c0a64342dd4c82bc4ca8448f490572d8c65710f9382fb0c4a1e6da455715f17f8111f28114c4109cc72bd33587d6aefd890410646d35b642359440fc0251fefc87a53f229cf9701b7161c4b44858fddf522d38be1a2a0dfbaaeeaec594ead9e83d83a0aba379ccf87f1bfc801a7f03fd4cbe83d850cdad496e91f7913435a88b402ffa0762cc095c229ea7402603b828da1a3837c974babd64fc9fafb6a4963fe8822e4f121e8439de52513995156e45eab82069328b1f4fd10e1796870cf0c52ca98387041fff1d8f01c3dcd3abc778e714877f10d1af170b9aeb551ed3e17538ee0dd4329d0f2dc51f796e6f847b516e6ee0aa032b4c4d38ef553883212271b4f04c592d5ed437250a570323a03382ac075fc563ca02683660ea90dfc06897b2e1e4da76dd9c5fe9f6e5ab6e6e3f0f224094d63762fc30249f495cb58814bd7a7d78a8c870d088b21108165914bdf07223d981a190e018da14908c26dca70d68d05fd9145eed09d0795d0edf411015b6a6ac453cbe85d1652d17bf8eecfd218fef6d", 0x4d7}], 0x2}}], 0x3, 0x28048084) 1m17.22550976s ago: executing program 3 (id=1664): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000680)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb8100220086dd6a6701a702692f00fc000000000000000000000000000000fe88000000000000000000000000000188"], 0x2a3) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00') sendfile(r3, r3, &(0x7f0000000000)=0x2eb4, 0x2000007ff) bpf$MAP_CREATE(0x0, 0x0, 0x48) socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5, 0x0, 0xfffffffffffffffc}, 0x18) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0xe000}, 0x5}], 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14) sendmsg$nl_route_sched(r6, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x5}, 0x2, r8}}]}, {0x4, 0xa}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x68}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=@newtaction={0xf0, 0x30, 0x200, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0xdc, 0x1, [@m_mirred={0xd8, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x4, {{0xffdff7e8}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x0, 0x1, 0x3fc, 0xfffffff7}, 0x2}}]}, {0x69, 0x6, "445be8c156341c241bb17daa0858365a50c5c2080fff29b9688c155a5b7c17efea259fa0e862c724c8d9ba60a144d1738e33ccfa07974c17133e8c65eb3472d11f71c39bfe9ba17f609612228686e9f01fc4517306285d4e42692acb54d0b349957ba9e586"}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 1m17.090109427s ago: executing program 3 (id=1669): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r1, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x80) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x600, &(0x7f0000000840)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000038000001294", 0x2e}], 0x1}, 0x0) 1m16.747521374s ago: executing program 3 (id=1681): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r2, @ANYBLOB="0000fe00000000001c00128009000100626f6e64000000000c0002800800070003"], 0x3c}}, 0x0) 1m16.665198924s ago: executing program 32 (id=1681): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r2, @ANYBLOB="0000fe00000000001c00128009000100626f6e64000000000c0002800800070003"], 0x3c}}, 0x0) 58.42187347s ago: executing program 0 (id=2023): r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0) (async) syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000180)=ANY=[], 0x0) (async) r1 = socket(0x840000000002, 0x3, 0xff) setsockopt$inet_int(r1, 0x0, 0x16, &(0x7f0000000000)=0x9, 0x4) syz_emit_ethernet(0x8a, &(0x7f0000000300)={@local, @local, @void, {@ipv6={0x86dd, @gre_packet={0x3, 0x6, "e0f502", 0x54, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[@hopopts={0x5e, 0x1, '\x00', [@generic={0x1}, @jumbo={0xc2, 0x4, 0xffff}]}], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x100}, {0x0, 0x0, 0x1, 0x1}, {0x8, 0x88be, 0x0, {{0x2, 0x1, 0x3, 0x1, 0x0, 0x3, 0x6, 0x36}, 0x1, {0xd5}}}, {0x8, 0x22eb, 0x0, {{0x4, 0x2, 0x0, 0x1, 0x0, 0x2, 0x5, 0x8}, 0x2, {0x7, 0x5, 0x2, 0x8, 0x1, 0x1, 0x3, 0x1, 0x1}}}, {0x8, 0x6558, 0x3}}}}}}}, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) 57.725390687s ago: executing program 0 (id=2024): mkdir(&(0x7f00000000c0)='./file1\x00', 0x154) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000140)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f0000000280)={0x8, 0x3, 0x8000000000000000, 0x2, 0x9, 0xfffffffffffffffb, 0x0, 0x0, 0x982d}) r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) fallocate(r1, 0x0, 0x0, 0x1001f3) (fail_nth: 15) 57.625785208s ago: executing program 0 (id=2025): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)=@newlink={0x5c, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4e1}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @private2}]}}}]}, 0x5c}, 0x1, 0x0, 0xa000000}, 0x0) 57.625049455s ago: executing program 0 (id=2026): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async) mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x80, &(0x7f0000000340)={[{@grpquota}]}) (async) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket(0xa, 0x801, 0x0) getsockopt(r1, 0x29, 0x40, &(0x7f0000b3ffac)=""/84, &(0x7f0000001ffc)=0x54) (async) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f00000017c0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000003680)={0x28, 0x3, 0x8, 0x401, 0x0, 0x0, {0x7, 0x0, 0x9}, [@CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @gre=[@CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x48}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x3a}]}, 0x28}}, 0x20040890) 57.525122324s ago: executing program 0 (id=2027): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000004c0)={{}, {}, {}, {}, {}, {0x10000000}}) 57.295896606s ago: executing program 0 (id=2029): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r2) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs\x00') preadv(r4, &(0x7f0000000380)=[{&(0x7f00000014c0)=""/223, 0xdf}], 0x2c, 0x8f, 0x0) mknod(&(0x7f0000000000)='./bus\x00', 0x214, 0x6) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000005b80)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f0000005bc0), 0x12) mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100)='ext2\x00', 0x8080, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, r3, 0x4}, 0x38) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) close(r7) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r3, 0x8b34, &(0x7f0000000140)={'vlan0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1e}}) r8 = fanotify_init(0x200, 0x0) fanotify_mark(r8, 0x1, 0x40000032, r0, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f00000003c0)='-', 0x1}], 0x1) 41.634177097s ago: executing program 33 (id=2029): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r2) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs\x00') preadv(r4, &(0x7f0000000380)=[{&(0x7f00000014c0)=""/223, 0xdf}], 0x2c, 0x8f, 0x0) mknod(&(0x7f0000000000)='./bus\x00', 0x214, 0x6) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000005b80)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f0000005bc0), 0x12) mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100)='ext2\x00', 0x8080, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, r3, 0x4}, 0x38) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) close(r7) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r3, 0x8b34, &(0x7f0000000140)={'vlan0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1e}}) r8 = fanotify_init(0x200, 0x0) fanotify_mark(r8, 0x1, 0x40000032, r0, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f00000003c0)='-', 0x1}], 0x1) 1.724507487s ago: executing program 2 (id=3268): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x182804, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000100)="89e7ee", 0x3}, {&(0x7f0000000440)="9c74dfbf77572856c888a886", 0xc}, {&(0x7f00000001c0)='\x00\x00\x00', 0x3}], 0x3) 1.624242175s ago: executing program 1 (id=3270): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r1, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x80) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x600, &(0x7f0000000840)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f0000000280e4001294", 0x2e}], 0x1}, 0x0) 1.341716351s ago: executing program 4 (id=3274): r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000001a40)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x173b2a80, @dev={0xfe, 0x80, '\x00', 0x1b}, 0x19}, 0x1c, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000100000800000000000000040000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa3d32221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695ec1891223a53600d5121b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a0100000000000000e28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c251112e2a59ea0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe95bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6c597eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e64103602000000db47d7990d5a007faccb2f86660079f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab92739be0bdf5b76f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d8418351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)="359db6a0d89e8034e1a0754529a0728a11f11d37b40001233d3905dd7e4f4738ae5ec35fc899d4e79ccb856c0db5ce22ced3978cb5202ccd6324ddec210cf0dec172235c0b7a577999c8e74e0982bd1b453de2bb50ad466cb495552c2ce7f6c2e1b76877e09ebc339cd15e48f8a5e9f28a7f5d927456285f07c60eb20a77a701ad916cd9ecca5449c49cf3d9eb6a6332bd9b8e99d41a52cc4adaf50ab35b109ef967e835d616", 0xa6}], 0x1}}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000300)="41009edd55a47514cab22f7546cf63acbe9c6017a0061cf722f9752b6e51e78d18a24307f3810d86efff47b6dfdaff7959aa314eabb5e393965a608060e13b7eec6e4bd7", 0x44}, {&(0x7f00000034c0)="295848b6a25fbd48a07e25949176775744f471c8d90ebbbd784ab85370e7147afe19d79b4fbc3bc61891af6c2a8299011cc93861c6c1d24783a5123df2bbf5dfd84c27101e65e932809d10a50f7f203f4544473c104dba547a89b2905517b43e2f0e78fa5bf26ba0c79b22ecab19fea3b2ecad37382300f6f805e32e57aad498e44345e2c630ac9708ecb725ac09b5f482de5ad2a8a2b26914ac471b534c008317c907687a96a2dc68278271df9c1fbfd1396cd32da7564deb1fa145ddd8a41f3d7be00537dfce0f1183c9aa878ae87119a76a089398d76fd167e50bdbbd4f420df47cb9aa8d20eb77c176fb56ab26913ff4e10f5354b4cea6a90a03c8650185ec1a3d00447747877b068f5a80dfea0676e7b4d8d25bd62419ec1f7f81bb2666878a12a02b0ce67ec1bf93deeeceede65dc9b5119a9cbae8d4c298fc0abf9b311633cfafa742b3b3e7f9ea3cdd644607d1f683dc102088276c857a8ef556b8ce9d09a40fd6e535571ffff5c045243a8215c69b2d1b87c0cfc4a58743f89cf7bf15d649b9b28f9d99bfe053ecb014c51ad6c6ff958f0c9c612d5e19e30da3cc96abea553b7164d54e3b72f43fc13c3e8b03755c7bbea3f5a9a277da8de9869ecc513e12599e81f01beadef88cb0410a61bbcc15b52089ab19ea068e7c069828e1d801dd401fc3abeb987240838c0ffae66d9e0e1d3708241defc229c6d7cbc35f0106387c154746b88120ecb6e57a13414b4f776325da1a8cc97ca56caf2454ffd029172a1ea2be83e3b54d371f88d71d8980003e0e7df3739764039bd170dc73d55c116bf1759b33417ef4e6a7bfa32ec871934f10897d31a05644c2fbd4cf6f6019ac263bce6828a5911a0b056caefcc30ed17d1e91a3aea1d85366a75a9e399bed61ebea574ed9617411b2c6929e14884e37107a84d7203fd11d45a8a6f49d66fdd71dfa793f1dfe3d0328632de311dbf32766892bb950d7ed034957757b6d997b70b86e2a43bd44c56385a6e72a50b9ff764a7c9e78e920cd0c4f3784d9efa501afdbe5cc21b405a12c3b86bb8daabf33d486e2d22dc097df8e94d08c9312af750689b4d9e48d4571340863f68a94986eda65246c9531d82366ca8f8a9951bd2c55ae42f4e92c0f92262cf697956da73a32aac2f51190eac8c128f46fcae512053aabcb2e696a340d5f5947f8011c68b66c65c0a64342dd4c82bc4ca8448f490572d8c65710f9382fb0c4a1e6da455715f17f8111f28114c4109cc72bd33587d6aefd890410646d35b642359440fc0251fefc87a53f229cf9701b7161c4b44858fddf522d38be1a2a0dfbaaeeaec594ead9e83d83a0aba379ccf87f1bfc801a7f03fd4cbe83d850cdad496e91f7913435a88b402ffa0762cc095c229ea7402603b828da1a3837c974babd64fc9fafb6a4963fe8822e4f121e8439de52513995156e45eab82069328b1f4fd10e1796870cf0c52ca98387041fff1d8f01c3dcd3abc778e714877f10d1af170b9aeb551ed3e17538ee0dd4329d0f2dc51f796e6f847b516e6ee0aa032b4c4d38ef553883212271b4f04c592d5ed437250a570323a03382ac075fc563ca02683660ea90dfc06897b2e1e4da76dd9c5fe9f6e5ab6e6e3f0f224094d63762fc30249f495cb58814bd7a7d78a8c870d088b21108165914bdf07223d981a190e018da14908c26dca70d68d05fd9145eed09d0795d0edf411015b6a6ac453cbe85d1652d17bf8eecfd218fef6d", 0x4d7}], 0x2}}], 0x3, 0x28048084) 1.269942848s ago: executing program 4 (id=3275): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000004c0)={{}, {}, {}, {}, {}, {}, {0x20}}) 1.064397462s ago: executing program 4 (id=3276): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0xf, 0x9, &(0x7f0000000540)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000500000085000000190000005f0000000000000018000000000000000000000000000000950000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xffffffffffffff9f) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000001240), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="016b8a4ed248bef0b7709dd9c633fb251800004025325cf4afadcb1b8457e20dbbc0e6434e8e978dd5fc003509a5ea0ca623bdf161a67437d741d4aac64b03ff677507ef55cd8dbc58c4d26e60b94899d4e9695a36a405f5bf260c4bdadd432c61412ecd6cce154acadc4f046ed10ca1508a71ad761ab4dd991aa24549876baae88174cc09dc1034276b9561be93e3a4528e8fd8154999ff16f7145776e187b7b94c22d80b782d4658f8ecfb7f2ea354d88782b8a8e02bb316614875dfb4fa955672bd0696f942b29d"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x8044) (async) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="016b8a4ed248bef0b7709dd9c633fb251800004025325cf4afadcb1b8457e20dbbc0e6434e8e978dd5fc003509a5ea0ca623bdf161a67437d741d4aac64b03ff677507ef55cd8dbc58c4d26e60b94899d4e9695a36a405f5bf260c4bdadd432c61412ecd6cce154acadc4f046ed10ca1508a71ad761ab4dd991aa24549876baae88174cc09dc1034276b9561be93e3a4528e8fd8154999ff16f7145776e187b7b94c22d80b782d4658f8ecfb7f2ea354d88782b8a8e02bb316614875dfb4fa955672bd0696f942b29d"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x8044) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) get_mempolicy(0x0, 0x0, 0x3, &(0x7f0000ffb000/0x2000)=nil, 0x3) 314.841715ms ago: executing program 1 (id=3277): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000800000000000a20000000000a01040000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076655468315f6d6163767461700000000900010073797a31"], 0xc8}}, 0x0) 314.260688ms ago: executing program 4 (id=3279): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r4 = syz_open_dev$sndpcmc(&(0x7f00000001c0), 0x9509, 0x20400) ioctl$SNDRV_PCM_IOCTL_PREPARE(r4, 0x4140, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="08030000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}, 0x1, 0x0, 0x0, 0x4000001}, 0x0) r5 = socket$xdp(0x2c, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) r6 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a00010000000000000000000a000000f602e6e92a03fdcf"], 0x1c}}, 0x0) ioctl$SNDRV_PCM_IOCTL_DROP(r4, 0x4143, 0x0) setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$XDP_RX_RING(r5, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4) bind$xdp(r5, &(0x7f0000000100)={0x2c, 0x0, r8}, 0x10) ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f00000002c0)={0x5fa, 0x400, 0x2, {0x1, @pix_mp={0xcf6, 0x1c00, 0x32525942, 0x3, 0x8, [{0x2a302c, 0x10000}, {0x1, 0xfffffffc}, {0x5, 0x9}, {0x7ffe0, 0x10001}, {0x2, 0xfffffffd}, {0x6, 0x5}, {0x9, 0x8}, {0x8, 0x10000}], 0x81, 0x5, 0x2, 0x1, 0x4}}, 0x7f}) r9 = socket$inet6_udp(0xa, 0x2, 0x0) r10 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r10, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r9, {0x2, 0x0, @private}, 0x4}}, 0x26) r11 = socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_GET(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="01000000000000000000070000001400080000000000000000000000000000000000050013"], 0x30}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)=ANY=[@ANYRES32=r8, @ANYRES32=0x0, @ANYBLOB="0003000000000100200012800e0001006970366772657461700000000c00028008000100", @ANYRES32=r2, @ANYRES8=0x0, @ANYRES32=r3, @ANYRESHEX=r10], 0x48}}, 0xc000) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240), &(0x7f00000003c0)=0xc) 314.050969ms ago: executing program 1 (id=3280): socket$netlink(0x10, 0x3, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl(r1, 0x8b33, &(0x7f0000000040)) r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x80) r3 = syz_open_dev$radio(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_S_EXT_CTRLS(r3, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x31, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0xf0f05e, 0x1ff, '\x00', @string=&(0x7f00000001c0)}}) ioctl$EVIOCGREP(r2, 0x80084503, &(0x7f00000000c0)=""/179) ppoll(&(0x7f0000000080)=[{r2, 0x648}], 0x1, &(0x7f0000000200)={0x77359400}, &(0x7f0000000240)={[0x3e]}, 0x8) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="8c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800b000100697036677265000030000280140007002001000000000000000000000000000014000600fc"], 0x8c}}, 0x4000000) socket$netlink(0x10, 0x3, 0x0) (async) socket$netlink(0x10, 0x3, 0x0) (async) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) (async) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async) ioctl(r1, 0x8b33, &(0x7f0000000040)) (async) syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x80) (async) syz_open_dev$radio(&(0x7f0000000000), 0x1, 0x2) (async) ioctl$VIDIOC_S_EXT_CTRLS(r3, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x31, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0xf0f05e, 0x1ff, '\x00', @string=&(0x7f00000001c0)}}) (async) ioctl$EVIOCGREP(r2, 0x80084503, &(0x7f00000000c0)=""/179) (async) ppoll(&(0x7f0000000080)=[{r2, 0x648}], 0x1, &(0x7f0000000200)={0x77359400}, &(0x7f0000000240)={[0x3e]}, 0x8) (async) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="8c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800b000100697036677265000030000280140007002001000000000000000000000000000014000600fc"], 0x8c}}, 0x4000000) (async) 258.917569ms ago: executing program 2 (id=3281): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x8000}, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0xffe7}], 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="1c000000000000000000050008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b001400000000000000000000000700000007038b0100000000"], 0x38}, 0x0) 258.772862ms ago: executing program 2 (id=3282): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x70bd2b, 0x25dfdbfc}, 0x1c}, 0x1, 0x0, 0xf000000, 0x40}, 0x10000) 184.347214ms ago: executing program 5 (id=3283): openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xf) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x103102, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r5, 0x8923, &(0x7f0000000480)={'lo\x00', @local}) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000006c0)=[@text16={0x10, &(0x7f0000000300)="36660f382381d5009aa8ac4200f36d0f01c49dbaf80c66b860039e8a66efbafc0c66ed0f72e33a0fc7790a700f63e70375750f07", 0x34}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000}) ioperm(0xa, 0x5, 0xfffffffffffffff2) mbind(&(0x7f0000334000/0x3000)=nil, 0x3000, 0x8003, &(0x7f0000000200)=0x9, 0x8, 0x1) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYRESHEX=r4], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r6}, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x2010, 0xffffffffffffffff, 0x0) add_key$keyring(0x0, &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="48000000000101040000ff0f0000000002000000240001801400018008000100e000000108000200e00000010c000280050001000084000010000580090001"], 0x48}}, 0x0) 184.166826ms ago: executing program 2 (id=3284): connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_GET_IRQCHIP(r1, 0xc208ae62, &(0x7f0000000280)) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x10, 0x6, 0x4f0, 0x758, 0x0, 0x0, 0x0, 0x758, 0x878, 0x878, 0x878, 0x878, 0x878, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000000000000}}, @HL={0x28}}, {{@ipv6={@dev, @loopback, [], [], 'pimreg0\x00', 'veth1_macvtap\x00'}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x550) r2 = socket$igmp6(0xa, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'xfrm0\x00', 0x0}) r4 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r4, &(0x7f0000000180)='`', 0xca, 0x0, &(0x7f0000000240)={0x6, 0x0, r3, 0x1, 0x0, 0x6, @random="4a99fee2a74d"}, 0x14) syz_emit_ethernet(0xf87, &(0x7f0000001180)={@local, @multicast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0xf51, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[@routing={0x84}], "223427d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f481a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d762975b5b33ef141b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a6bac5836dd5720e559bcb82a4926734c5c3b1287c5fec219a99f71eb398430001f007306e9232c269c2886357f75d935e8de054341ac36f1df1fc77fbc347d90660f4d5658cfeb9e289f70968a7c0b38ae34c4bfa46b47964e223ac34f472e3231e8c285add5713592c76c062c3477beb55b279846f04f8d6a5ce2743c6a2020f0c5164953b8dca7e57239dc8a7f507bcf77767ab0b4602437171a09c8e80f5a165c4c37eaae386cfcb927dd1a935fa717fa1608792b34bafbc20cf11a678455894ede62788309ab7a7075535847a2b48260a613e521b01d75648263ad78e6176528dbf3e6c4e4d72066e617be5387183a51dd97d2e846c5d173b51e17a4c8d78a49c914cbe44236c52c78de45b44f9d80bc6f77c75135922a84579bce77baa71311889f5b7b90c5124b8298d5e9c81c442d60df00795854d3213a1ac254c8963c109f68b3ff5451c381f6fb56c116f86b71f988d1e9f732280cbf3d4e9791fefc4bdec5dc293fb77b02d5aab6bd8cd179b7e425126b7f78c0d004bc6470ecc2bbc422bd06a6bd8f717009509e6a88b01347b7a62b9dea6f7a7446a371f422499a6e66eeb6a7b0beb4a86a61f875a9bfe0f5d5f0d0e4c85852afaea97d74ebc80d6491a8a1c998c4b5bc34b3edaeba2df902cd5e14e016720e6c3c8b15287b2471c34251e26dc442720cd5d984e30b110b7370f233f865b9ac129fdf49ff02b303d7d4f91039d3bb58a9d64d7a72d8b8eba6b45a000370d4f0e9c0d411768441372e7112e5d4e7d70a9d6b428b8b85ee6209d6f73e7b024740c052166deeb843e4ab78d1d354d75a5827ff0d49d8964e75785f3594c7299c0917b48f3b2efb81a4c3a7d6e0f1cf50efe0360963c2e3ee390ed2a4c39f42e856eced0f2ee7beacd2ecbece493e911ca0460584323ea6d4a0c00864693c979cae38f0c5841bfaeebf609d1075163c120fea0bd0207d2dd07e5e2e0a5afe3efee0ee6bb9a926a8dba7a27a82c5421a5b20bfb5dbdef532a12435fcd899f15603209831711e0dcfaaf2104b2016f087fce44848c70b65a34b9be83df2064391fc5a8d169dc1943d226e57ab5ba06c656273d4efba73a8a61aae19df4d2445f3ce7e649af1b4ffc86106c9092ddd0aafeb45653d181cb32b06a1dd41573495f15c3b8c0019ba72a2eb163dfcbdbb235322ae27d7116af506f295c2424ab9191aa8ce0e4617b212af21983f8d2b19d7fdeec881f6fa448acc7c3e133b6f281583fad4467c05801e69f6ffc1ae2e1f54655534d884c2f8f60303da33ccbe47a293643edb61c7d9fad4e3e54028bc64be8e5b1da53446869b136660b8e96ff96c48641ece275967b27b291c5c240b3399b5b901b699227735f821938bc88ded45bada2b257b1a4bcab7ed6647f2027e5680c87329e9cfdba6bde2f2a9b676be016001702bebbabb2eae3eba01d6f49ab70245a4c5ef0e136b531e1843487b3f69c5b811217d6d2f5e71b47f40c28117bd09a88bb21887a06e2cc164d4281d0df47cbd5781f1524098d89ccae32f24c5f9d86469106685fdc683ad5e873030b621dc00354e0621106da90aca69bb53848dd57251a45bc1898aca9bc84c9a8d2f8aabeed888560771c8cb03aab02620430fec8e9740880790060ccbffd5b8edaa219ca61587eff1b1b03ae8af53059f121efdec8b3ee8aba06f494a5b4575bc848d5a9773d2346f75811cb82a078fc960c9bd374555d78b1b4ba0b438ef00e8aa75810ca5efc5c70936e2cb0e515912cb7f625a2130a9ad58f29e58ae6eac5c3f15f22f0163ee6dead6947c4390b92c8dfb146fec7bfc0b37e8ff2c9de90c30f2d8b5e334107f9835bc47fbc193c60ebd5ac4e677c7fd5b6261ff96e97c185c726ec02941bc2336946f181fd2aff43f0e95f06105a049fcb8e4e3738407d6356856f533f17fae281a3be9f2050ae3d19d1b8350d424087ac9b7875824a9b7e098775b53d6ec960fc052ecd165d17a7897de75f15316a072bb9ccf6ce1ec085bb5356c271b985a437a32f12308fc927410fd444bcded9859e7b8a3cfaaf29ebfb92cc7cbfad2559bbe4f90e189e8708e93827b221869cc78fa41fd5bcb6577b7dfe4c3927dc25a58aa84419f76e71d1f3c10cbb5e52ab2bebe0d39bdffda0fa1b55fe3a03683f882a82dd58498d62b101acd710fd436aa7409fe3cf5352dffb399d560323e14d564bdb3121b89c1f43fc9a892b799cd32f7ce2ededb868920b4547735ef0bf3e148251a4f65dddb7f96b2f33734522a8cffdc51520ac98926b3406e96618cf15a042a67239e755afc70ec6a9c99f8e08ec2946e5901364d85223a63d49572519137d93b6b0798e72acf9da120e706ee73367dec1450a68def886c149bcd734469e10b933899501011cd548e99d638821d5709fde050ab382d4896ecfd7999d40ea9c690c26d396545224c8f9e19705593df2688eb592e2476a0193f7054ab6f703d41c545a80bf285bbc7cc735bd306c9ea5eb64f40752fd4c741d9b6e03cd41b636ef8f5e810047a21c0b24c6fde1f2e98f2f27730c90d93af9e7564e4e209a61ff626b666fcc4f75f7d560da688169ff0af5e674a0b89a99fb54bb438a65f953c2db0faec2ce09cec33b6d25620b5a0393ac473fed48a38beaca5223997419876d571ce969b83b5b3ae54de83dd89fd92ed2a93c087828bef49a24ed1a97778c47fdc691a94fd5b437dfe494b5c6fadf499d9d15583b0439d3d5ecb61a32a2508a6960be6009accfd1d5d75a16dbc4121c6ef07bda12646792449c18a56e7aa3893f3f0e55a8e09ca64193dd29ea24ed8614ee8e717f046dd99a8e3750506655331125a502aa89c0d7e8e30c36a4be22cd911322695144d3bf034f38ef32d49431d50da583d08a3e4c5862483cdd52d031b12c89fdaafc3334e877e464134baece883d301193a9c27311a987d4dae82a061f48182cc747cd64441e88b68e26e4975f0fdde3129a9e6af80009962581d5349676df9c73b81514b175709d9193749660f480bd4009b528c1db4f76f42b6a175126603c39a374e890f871c97b2eebb4500451d827cc15497dc5ae89edc6f47f25db7efa4b4b2afbbb2ee543e3db8d20fe93faf300247f59075921e8b2f2a025af8a1d46f274e0c6cb4be0293c7c16c88e98d7d189e9733e4c0e3b96be4aa3fa6ecf42732e0b1432d38aeaf2330d92713cd5580ce42bfe47fb98fea64783de23f456300dd193008211a5ba408d32dedbf12aa8237a6e1a2c9890a2c1011855241fea186906a5139d1c300be57dc7ff493de80010520d10fc3eda0ee9cd413e075d3dc02258fdab567a16e43edbeecc366a69d8d75512f43a2b79cbb9132cdcd00c531730d05f1eabf66613d6e7ebb8c4c3f4f7efd415d41049786352808b22a3bde40121968af39c8f00296001662adc72b7963c8bafab4a496b50f3237a29d19ad4a51a62b1c77a04c14004734189cf7ec49e3d041a1e5658d080f09df77f39782e7133968c1f39ab3ae2a5f24a60073288f3c5825dafd614a379b8b905aaf961caa14ffa38de0d632918d31e4a9291b0f0789248e232e4276840a1ed0257300e522d83111dffd424b1b33148981e3794b2b649ba9174e6697bcc96049f4f3dcc7cf4ca97e2006ec8a146014bb49184632e4fb159a34b6530e959e60a6b4e0427cc697f14cfe6bb7a662a6f5012744f3cf2307abc19c58449864d98fcfebc5d598cd32a1c38c207896468fe8da75eb1edb1d6e7cb1eab671e4e92f139c81d79f15df2a2dc075acc982dec769e2f49aad0fdf594cb590e054616e4f4582b6c4a149ae45d844903ef68d211df2a180178e178b7c7a5012ccf8a1e677586588620365e6111f5192ecfdbd97e2284128de02e08ebc13d4bb4d114faa1e6c16c51c12da2c52d68f73640ce866ce4e794b9fafdc392c91c1f824bc301b3069a02b9c86d2ffac3ed63ddee130cbc248d6a3345d3f9553db78077072d569a6633f8bdbdb1a209a8be9b6830225994f9021b57ddd6a44e8ea40b205c6cf437f45bffaef053a5916dcc6de62ee02bdb8ce3acec8ad97fc95dab1307d254790c71f32e4678957cf0121dccabe73a03c6cacbcbdaad8801b04d9836555a982c357a06e2db7e9bf62aed8cdebbb7a71a2410b929015b61f16e54bffd038996a717b9c7cc3696d8a1205e8266bf782c3a45b0e31461d6a3ed62396088833f69248b24fbf6f81dcc08b98826c3bd2325ade54f614f2d4a153e3e3527d93978483f2bfeada6b64bc43f2a725c30e843d13e6ab34cfc38d488b3ef50cd04318fac1f89905f017644cfa2de058ad399871d1316264813c2289d0b6cfeddfbca36ce93fd4a1bfc93bb74453cfbb9c6ca22320ffc9cb0a3fff046a5678c066e617cd3ac024dfead04b99877f448b78208938585c7563efe815ff0cc47da5fff521d9730ddc89f4aeceadd06f2ea6b9ae72c9407aa550a0155db3b4bc6aaa382a30552f699cb6a1af9972a8ccc483f98952dfbde3d712ea8673eacdbb77490d833fc90f0f02e7c073d2917db70831496a88defc10667dc4c1b7399191bdc7857eb090e79c332bf9f71bb5377178e6232800c93d22318dc5ab8d5dfa2f074a6c23acb61c89f2f078ec91e9817e11a4c8295c19634b5ca2df74"}}}}}, 0x0) 140.897838ms ago: executing program 4 (id=3285): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r0) sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x14, r1, 0x305, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x10000000}, 0x18) r2 = socket$nl_crypto(0x10, 0x3, 0x15) syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaa", @ANYRES32=0x41424344], 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="2703020059", 0x5}, {0x0}, {0x0}], 0x3}, 0x0) r3 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850", 0x4, 0xfffffffffffffffe) r4 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'erspan0\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4800000010", @ANYRES16=r3, @ANYBLOB="ebffff"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0) r5 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r3, r5, r3}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = dup(r7) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r7, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) sendmsg$nl_crypto(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000040)=@alg={0xf8, 0x10, 0x100, 0x70bd2b, 0x25dfdbff, {{'seqiv(morus1280-sse2)\x00'}, '\x00', '\x00', 0x2400, 0x2000}, [{0x8, 0x1, 0x4}, {0x8, 0x1, 0x2}, {0x8, 0x1, 0x4}]}, 0xf8}, 0x1, 0x0, 0x0, 0x111}, 0x8010) 140.801978ms ago: executing program 1 (id=3286): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000ac0)=@filter={'filter\x00', 0x42, 0x4, 0x3a0, 0xffffffff, 0x98, 0x98, 0x98, 0xffffffff, 0xffffffff, 0x308, 0x308, 0x308, 0xffffffff, 0x4, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x31}, 0xffffffff, 0x0, 'geneve1\x00', 'veth1_to_bond\x00', {}, {}, 0x84, 0x1}, 0x3e020000, 0x70, 0x98, 0x0, {0x88000000}}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0x178, 0x1d8, 0x0, {0x122}, [@common=@unspec=@conntrack3={{0xc8}, {{@ipv4=@rand_addr=0x64010100, [0xff000000, 0x0, 0xff000000, 0xff], @ipv6=@empty, [0xff000000, 0x0, 0xff000000], @ipv4=@local, [0xffffffff, 0x0, 0xffffff00, 0xffffffff], @ipv6=@private0, [0xff000000, 0xffffff00, 0xffffff00, 0xff], 0x9, 0x67ecd4dc, 0x21, 0x4e24, 0x4e20, 0x4e20, 0x4e24, 0x1001, 0x174}, 0x1, 0x2, 0x4e21, 0x4e22, 0x4e23, 0x7}}, @common=@set={{0x40}, {{0x3, [0x0, 0x0, 0x1, 0x6, 0x40000, 0x2], 0x3, 0x6}}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, {0x0, [0x0, 0x0, 0x4, 0x0, 0x3]}}}}, {{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400) 140.719982ms ago: executing program 5 (id=3287): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0xf5ffffff, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x54, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3cbd6e3a}, @NFTA_HOOK_DEV={0x14, 0x3, 'vlan0\x00'}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}]}]}], {0x14}}, 0x9c}}, 0x0) 140.516641ms ago: executing program 1 (id=3288): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000100)={{r0, 0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000000c0)='%ps \x00'}, 0x20) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000340)={{r1}, &(0x7f0000000000), &(0x7f0000000140)='%+9llu \x00'}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x18, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b708000000000e007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000440)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_PAN_ID(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000005c0)={0x1c, r4, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000840}, 0x40000) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 138.788685ms ago: executing program 5 (id=3289): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x182804, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000100)="89e7ee", 0x3}, {&(0x7f0000000440)="9c74dfbf77572856c888a886", 0xc}, {&(0x7f00000001c0)='\x00\x00\x00', 0x3}], 0x3) 83.322374ms ago: executing program 1 (id=3290): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) socket(0x400000000010, 0x3, 0x0) socket(0x400000000010, 0x3, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) r2 = socket$inet6(0xa, 0x3, 0x7) socket$inet6_sctp(0xa, 0x5, 0x84) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x4e24, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@multicast1, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8) sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) syz_open_procfs(0x0, 0x0) sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=@newsa={0x138, 0x10, 0x633, 0x0, 0x80000008, {{@in=@multicast2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa, 0x80}, {@in=@local, 0x4d2, 0x32}, @in6=@mcast2, {0x0, 0x0, 0x0, 0xfffffffffffffffb, 0xffffc90000000000, 0x100}, {0x5, 0x2000000000, 0x0, 0x5}, {}, 0x2, 0x0, 0xa, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 82.500928ms ago: executing program 5 (id=3291): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x1, 0x0, 0x7, 0x0, 0x0, 0xffffffffffffb473, 0xffffffffffffffff}, {0x1000000000, 0x2000000000000000, 0x0, 0xffffffffffffffff}, 0xfffffffe}}, 0xb8}}, 0x4004) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x20}, {}, {0x2f00000000000000, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x8}}, 0xb8}}, 0x0) 24.816893ms ago: executing program 5 (id=3292): syz_emit_ethernet(0xfffffffffffffe84, &(0x7f0000000580)={@multicast, @empty, @void, {@x25={0x805, {0x2, 0x7, 0xf, "c265ef9d67c79d139f4a81345f36b2d1e54d9ed6e60213cd0d921f3c31cc4949045a36593c49c951236dcbd4fbaffed613afc2e50ff0bca39aa4c99635e8d0355b2144c4c7e8c60be28a26f4357b86162a8b7ba345f92d17e419a8d1dbdd8328b973de0e6230a8fabd432981107c1a4c75a51d0ef9db577609aaa33816a37e3d7afe09ade0"}}}}, &(0x7f0000000140)={0x0, 0x3, [0x2da, 0x24f, 0xf2d, 0x281]}) (async) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0) fcntl$getflags(r1, 0x401) (async) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000100)={'\x00', 0x0, 0x0, {0xfffffffffffffffc, 0x10000}, {0x6, 0x8}, 0xab4, [0x5, 0x7a, 0x1, 0x4000000005, 0x40, 0x66, 0x1, 0x5f, 0x2, 0xfffffffffffffffe, 0x2010, 0x4, 0x6, 0xffdffffffffffff7, 0x621, 0x7]}) (async) r2 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000000), 0x169101, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(r2, 0xc008640a, &(0x7f0000000180)) (async) r3 = socket$inet6(0xa, 0x80001, 0x0) (async) r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x40) syz_emit_ethernet(0x36, &(0x7f0000000040)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "fca33f", 0x0, 0x21, 0x0, @dev, @local}}}}, 0x0) (async) ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f0000000140)={{0x0, 0x0, 0x21, 0x1, 0x7fff}}) (async) setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) (async) r5 = socket$vsock_stream(0x28, 0x1, 0x0) (async) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) close_range(r5, 0xffffffffffffffff, 0x0) (async) r7 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_group_source_req(r7, 0x29, 0x2f, &(0x7f0000000240)={0x0, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private=0x3}}}, {{0xa, 0x4e21, 0x600004, @remote, 0x8}}}, 0x108) (async) setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f00000004c0)={0x1, {{0xa, 0x0, 0x0, @mcast1}}}, 0x90) (async) r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r8, 0x20, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r9, 0x4) (async) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0x0, 0x0, &(0x7f0000000340)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r10, 0x18000000000002a0, 0x204, 0xfffff000, &(0x7f0000000040)="5aee41dea43e63a3f7fb7f11c72b", 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000010ac1fdb2556e805f105050200000000000109022400010000040000000300f7fb1761abba822be09c364be1380200ff21000000012245b5b59900deb3bdd3d2a16b34990866c67afbe676000000"], 0x0) 24.482067ms ago: executing program 2 (id=3293): r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000001a40)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x173b2a80, @dev={0xfe, 0x80, '\x00', 0x1b}, 0x19}, 0x1c, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000001000800000000000000040000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa3d32221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695ec1891223a53600d5121b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a0100000000000000e28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c251112e2a59ea0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe95bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6c597eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e64103602000000db47d7990d5a007faccb2f86660079f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab92739be0bdf5b76f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d8418351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)="359db6a0d89e8034e1a0754529a0728a11f11d37b40001233d3905dd7e4f4738ae5ec35fc899d4e79ccb856c0db5ce22ced3978cb5202ccd6324ddec210cf0dec172235c0b7a577999c8e74e0982bd1b453de2bb50ad466cb495552c2ce7f6c2e1b76877e09ebc339cd15e48f8a5e9f28a7f5d927456285f07c60eb20a77a701ad916cd9ecca5449c49cf3d9eb6a6332bd9b8e99d41a52cc4adaf50ab35b109ef967e835d616", 0xa6}], 0x1}}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000300)="41009edd55a47514cab22f7546cf63acbe9c6017a0061cf722f9752b6e51e78d18a24307f3810d86efff47b6dfdaff7959aa314eabb5e393965a608060e13b7eec6e4bd7", 0x44}, {&(0x7f00000034c0)="295848b6a25fbd48a07e25949176775744f471c8d90ebbbd784ab85370e7147afe19d79b4fbc3bc61891af6c2a8299011cc93861c6c1d24783a5123df2bbf5dfd84c27101e65e932809d10a50f7f203f4544473c104dba547a89b2905517b43e2f0e78fa5bf26ba0c79b22ecab19fea3b2ecad37382300f6f805e32e57aad498e44345e2c630ac9708ecb725ac09b5f482de5ad2a8a2b26914ac471b534c008317c907687a96a2dc68278271df9c1fbfd1396cd32da7564deb1fa145ddd8a41f3d7be00537dfce0f1183c9aa878ae87119a76a089398d76fd167e50bdbbd4f420df47cb9aa8d20eb77c176fb56ab26913ff4e10f5354b4cea6a90a03c8650185ec1a3d00447747877b068f5a80dfea0676e7b4d8d25bd62419ec1f7f81bb2666878a12a02b0ce67ec1bf93deeeceede65dc9b5119a9cbae8d4c298fc0abf9b311633cfafa742b3b3e7f9ea3cdd644607d1f683dc102088276c857a8ef556b8ce9d09a40fd6e535571ffff5c045243a8215c69b2d1b87c0cfc4a58743f89cf7bf15d649b9b28f9d99bfe053ecb014c51ad6c6ff958f0c9c612d5e19e30da3cc96abea553b7164d54e3b72f43fc13c3e8b03755c7bbea3f5a9a277da8de9869ecc513e12599e81f01beadef88cb0410a61bbcc15b52089ab19ea068e7c069828e1d801dd401fc3abeb987240838c0ffae66d9e0e1d3708241defc229c6d7cbc35f0106387c154746b88120ecb6e57a13414b4f776325da1a8cc97ca56caf2454ffd029172a1ea2be83e3b54d371f88d71d8980003e0e7df3739764039bd170dc73d55c116bf1759b33417ef4e6a7bfa32ec871934f10897d31a05644c2fbd4cf6f6019ac263bce6828a5911a0b056caefcc30ed17d1e91a3aea1d85366a75a9e399bed61ebea574ed9617411b2c6929e14884e37107a84d7203fd11d45a8a6f49d66fdd71dfa793f1dfe3d0328632de311dbf32766892bb950d7ed034957757b6d997b70b86e2a43bd44c56385a6e72a50b9ff764a7c9e78e920cd0c4f3784d9efa501afdbe5cc21b405a12c3b86bb8daabf33d486e2d22dc097df8e94d08c9312af750689b4d9e48d4571340863f68a94986eda65246c9531d82366ca8f8a9951bd2c55ae42f4e92c0f92262cf697956da73a32aac2f51190eac8c128f46fcae512053aabcb2e696a340d5f5947f8011c68b66c65c0a64342dd4c82bc4ca8448f490572d8c65710f9382fb0c4a1e6da455715f17f8111f28114c4109cc72bd33587d6aefd890410646d35b642359440fc0251fefc87a53f229cf9701b7161c4b44858fddf522d38be1a2a0dfbaaeeaec594ead9e83d83a0aba379ccf87f1bfc801a7f03fd4cbe83d850cdad496e91f7913435a88b402ffa0762cc095c229ea7402603b828da1a3837c974babd64fc9fafb6a4963fe8822e4f121e8439de52513995156e45eab82069328b1f4fd10e1796870cf0c52ca98387041fff1d8f01c3dcd3abc778e714877f10d1af170b9aeb551ed3e17538ee0dd4329d0f2dc51f796e6f847b516e6ee0aa032b4c4d38ef553883212271b4f04c592d5ed437250a570323a03382ac075fc563ca02683660ea90dfc06897b2e1e4da76dd9c5fe9f6e5ab6e6e3f0f224094d63762fc30249f495cb58814bd7a7d78a8c870d088b21108165914bdf07223d981a190e018da14908c26dca70d68d05fd9145eed09d0795d0edf411015b6a6ac453cbe85d1652d17bf8eecfd218fef6d", 0x4d7}], 0x2}}], 0x3, 0x28048084) 24.396974ms ago: executing program 5 (id=3294): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r2, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000cfe02800800070003"], 0x3c}}, 0x0) 14.034607ms ago: executing program 2 (id=3295): r0 = socket$nl_route(0x10, 0x3, 0x0) flock(r0, 0x4) r1 = socket(0x1, 0x803, 0x0) r2 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000180)={0x0, 0x0}) syz_open_procfs(r3, &(0x7f0000000100)='limits\x00') pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff}, 0x80) pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r2, r4, 0xb3) keyctl$KEYCTL_WATCH_KEY(0x20, r2, r5, 0xfffffffdffffffff) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="adffa88800000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x8000) 0s ago: executing program 4 (id=3296): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0), 0x12) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_clone3(&(0x7f00000003c0)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) r2 = socket$inet6(0xa, 0x80002, 0x88) r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) write(r3, &(0x7f0000000180)="2cd889f0253e14f3d5ac", 0xa) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x1, 0x1, 0x7, 0x7, 0x2000, 0xffffffffffffffff, 0x4, '\x00', 0x0, r4, 0x40000002, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x17, 0xf, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x18, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000300000000000000ff0f000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200001400000000000083000000bf09000000000000550901000000000095000000000000009500000000000000852000000400000010470000f0ffffff185900000d0000000000000000000000180000009900000000000000dc05000018580000020000000000000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e200023b0"], 0x0) kernel console output (not intermixed with test programs): 11924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 150.394581][T11924] Call Trace: [ 150.394586][T11924] [ 150.394590][T11924] dump_stack_lvl+0x16c/0x1f0 [ 150.394612][T11924] should_fail_ex+0x512/0x640 [ 150.394625][T11924] should_fail_alloc_page+0xe7/0x130 [ 150.394639][T11924] prepare_alloc_pages+0x3c2/0x610 [ 150.394656][T11924] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 150.394671][T11924] ? find_held_lock+0x2b/0x80 [ 150.394684][T11924] ? dquot_add_space+0x3be/0xe00 [ 150.394697][T11924] ? bpf_lsm_capable+0x9/0x10 [ 150.394714][T11924] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 150.394728][T11924] ? dquot_add_space+0x3be/0xe00 [ 150.394740][T11924] ? find_held_lock+0x2b/0x80 [ 150.394752][T11924] ? __dquot_alloc_space+0x452/0xe20 [ 150.394767][T11924] ? __lock_acquire+0xb8a/0x1c90 [ 150.394781][T11924] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 150.394801][T11924] ? policy_nodemask+0xea/0x4e0 [ 150.394814][T11924] alloc_pages_mpol+0x1fb/0x550 [ 150.394826][T11924] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 150.394842][T11924] folio_alloc_mpol_noprof+0x36/0x2f0 [ 150.394857][T11924] shmem_alloc_folio+0x135/0x160 [ 150.394873][T11924] shmem_alloc_and_add_folio+0x499/0xc20 [ 150.394894][T11924] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 150.394913][T11924] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 150.394933][T11924] shmem_get_folio_gfp+0x67f/0x1600 [ 150.394947][T11924] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 150.394966][T11924] ? __pfx___might_resched+0x10/0x10 [ 150.394981][T11924] shmem_fallocate+0x795/0xf50 [ 150.394998][T11924] ? __pfx_shmem_fallocate+0x10/0x10 [ 150.395008][T11924] ? get_pid_task+0x106/0x250 [ 150.395023][T11924] ? proc_fail_nth_write+0x9f/0x250 [ 150.395043][T11924] ? __lock_acquire+0xb8a/0x1c90 [ 150.395068][T11924] ? __pfx_shmem_fallocate+0x10/0x10 [ 150.395079][T11924] vfs_fallocate+0x608/0x10c0 [ 150.395098][T11924] ? __pfx_vfs_fallocate+0x10/0x10 [ 150.395120][T11924] __x64_sys_fallocate+0xd5/0x150 [ 150.395131][T11924] do_syscall_64+0xcd/0x4c0 [ 150.395143][T11924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.395155][T11924] RIP: 0033:0x7f346dd8e969 [ 150.395164][T11924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.395175][T11924] RSP: 002b:00007f346ecda038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 150.395211][T11924] RAX: ffffffffffffffda RBX: 00007f346dfb5fa0 RCX: 00007f346dd8e969 [ 150.395223][T11924] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 150.395229][T11924] RBP: 00007f346ecda090 R08: 0000000000000000 R09: 0000000000000000 [ 150.395239][T11924] R10: 00000000001001f3 R11: 0000000000000246 R12: 0000000000000002 [ 150.395249][T11924] R13: 0000000000000000 R14: 00007f346dfb5fa0 R15: 00007ffd3565e838 [ 150.395272][T11924] [ 150.470227][T11890] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 150.565605][T11941] Cannot find set identified by id 3 to match [ 150.565851][T11890] veth0_vlan: entered promiscuous mode [ 150.575477][T11890] veth1_vlan: entered promiscuous mode [ 150.592963][T11890] veth0_macvtap: entered promiscuous mode [ 150.598270][T11890] veth1_macvtap: entered promiscuous mode [ 150.611579][T11890] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 150.618638][T11890] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 150.622467][T11890] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.624873][T11890] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.627209][T11890] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.629561][T11890] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.686284][ T1212] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 150.689702][ T1212] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.714683][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 150.717193][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.788190][T11961] tipc: Started in network mode [ 150.790175][T11961] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 150.795160][T11961] tipc: Enabling of bearer rejected, failed to enable media [ 150.831438][T11964] netlink: 'syz.1.2218': attribute type 1 has an invalid length. [ 150.912913][T11966] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 150.980602][T11975] SELinux: Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped). [ 150.984697][T11979] FAULT_INJECTION: forcing a failure. [ 150.984697][T11979] name failslab, interval 1, probability 0, space 0, times 0 [ 150.985564][ T40] audit: type=1400 audit(1748932658.726:912): avc: denied { read write } for pid=11973 comm="syz.1.2222" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 150.989015][T11979] CPU: 3 UID: 0 PID: 11979 Comm: syz.4.2223 Not tainted 6.15.0-syzkaller-03478-gc89756bcf406 #0 PREEMPT(full) [ 150.989031][T11979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 150.989038][T11979] Call Trace: [ 150.989042][T11979] [ 150.989047][T11979] dump_stack_lvl+0x16c/0x1f0 [ 150.989068][T11979] should_fail_ex+0x512/0x640 [ 150.989079][T11979] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 150.989097][T11979] should_failslab+0xc2/0x120 [ 150.989109][T11979] __kmalloc_cache_noprof+0x6a/0x3e0 [ 150.989125][T11979] ? nfnl_err_add+0x4e/0x2d0 [ 150.989144][T11979] nfnl_err_add+0x4e/0x2d0 [ 150.989161][T11979] nfnetlink_rcv_batch+0xca3/0x2350 [ 150.989186][T11979] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 150.989204][T11979] ? find_held_lock+0x2b/0x80 [ 150.989226][T11979] ? avc_has_perm_noaudit+0x149/0x3b0 [ 150.989254][T11979] ? __nla_parse+0x40/0x60 [ 150.989268][T11979] nfnetlink_rcv+0x3c1/0x430 [ 150.989285][T11979] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 150.989306][T11979] netlink_unicast+0x53a/0x7f0 [ 150.989324][T11979] ? __pfx_netlink_unicast+0x10/0x10 [ 150.989344][T11979] netlink_sendmsg+0x8d1/0xdd0 [ 150.989362][T11979] ? __pfx_netlink_sendmsg+0x10/0x10 [ 150.989383][T11979] ____sys_sendmsg+0xa98/0xc70 [ 150.989401][T11979] ? copy_msghdr_from_user+0x10a/0x160 [ 150.989415][T11979] ? __pfx_____sys_sendmsg+0x10/0x10 [ 150.989439][T11979] ___sys_sendmsg+0x134/0x1d0 [ 150.989453][T11979] ? __pfx____sys_sendmsg+0x10/0x10 [ 150.989466][T11979] ? __lock_acquire+0x622/0x1c90 [ 150.989502][T11979] __sys_sendmsg+0x16d/0x220 [ 150.989516][T11979] ? __pfx___sys_sendmsg+0x10/0x10 [ 150.989539][T11979] do_syscall_64+0xcd/0x4c0 [ 150.989551][T11979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.989562][T11979] RIP: 0033:0x7faabc18e969 [ 150.989571][T11979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.989582][T11979] RSP: 002b:00007faabd0b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 150.989592][T11979] RAX: ffffffffffffffda RBX: 00007faabc3b5fa0 RCX: 00007faabc18e969 [ 150.989599][T11979] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 150.989605][T11979] RBP: 00007faabd0b1090 R08: 0000000000000000 R09: 0000000000000000 [ 150.989612][T11979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 150.989618][T11979] R13: 0000000000000000 R14: 00007faabc3b5fa0 R15: 00007ffff0fc48b8 [ 150.989631][T11979] [ 151.078699][ T40] audit: type=1400 audit(1748932658.726:913): avc: denied { open } for pid=11973 comm="syz.1.2222" path="/dev/nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 151.086744][ T40] audit: type=1400 audit(1748932658.736:914): avc: denied { relabelto } for pid=11973 comm="syz.1.2222" name="2" dev="tmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0" [ 151.095722][ T40] audit: type=1400 audit(1748932658.736:915): avc: denied { associate } for pid=11973 comm="syz.1.2222" name="2" dev="tmpfs" ino=23 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:crond_var_run_t:s0" [ 151.105180][ T40] audit: type=1400 audit(1748932658.756:916): avc: denied { write } for pid=11890 comm="syz-executor" name="2" dev="tmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0" [ 151.116139][ T40] audit: type=1400 audit(1748932658.756:917): avc: denied { remove_name } for pid=11890 comm="syz-executor" name="binderfs" dev="tmpfs" ino=27 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0" [ 151.125667][ T40] audit: type=1400 audit(1748932658.756:918): avc: denied { rmdir } for pid=11890 comm="syz-executor" name="2" dev="tmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0" [ 151.134143][ T40] audit: type=1400 audit(1748932658.776:919): avc: denied { write } for pid=11983 comm="syz.1.2225" name="ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 151.203348][ T63] Bluetooth: hci4: command tx timeout [ 151.207172][ T40] audit: type=1400 audit(1748932658.956:920): avc: denied { accept } for pid=11992 comm="syz.4.2228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 151.272182][ T5973] usb 7-1: new full-speed USB device number 22 using dummy_hcd [ 151.445179][ T5973] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 151.449553][ T5973] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 151.453393][ T5973] usb 7-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 151.457264][ T5973] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.466947][ T5973] usb 7-1: config 0 descriptor?? [ 151.484261][ T5973] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 151.489528][ T5973] dvb-usb: bulk message failed: -22 (3/0) [ 151.497635][ T5973] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 151.502715][ T5973] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 151.511433][ T5973] usb 7-1: media controller created [ 151.515768][ T5973] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 151.534033][ T5973] dvb-usb: bulk message failed: -22 (6/0) [ 151.538489][ T5973] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 151.545788][ T5973] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb7/7-1/input/input12 [ 151.556139][ T5973] dvb-usb: schedule remote query interval to 150 msecs. [ 151.559378][ T5973] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 151.703735][T11982] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 151.712530][ T5973] dvb-usb: bulk message failed: -22 (1/0) [ 151.714898][ T5973] dvb-usb: error while querying for an remote control event. [ 151.719025][T11982] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 151.723125][T11982] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 151.779250][T11982] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0 [ 151.787603][ T54] usb 7-1: USB disconnect, device number 22 [ 151.821470][ T54] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 151.932855][ T63] Bluetooth: hci1: command tx timeout [ 151.991293][ T1212] bond0: (slave bond_slave_0): interface is now down [ 151.995661][ T1212] bond0: (slave bond_slave_1): interface is now down [ 152.066155][ T40] audit: type=1400 audit(1748932659.816:921): avc: denied { setopt } for pid=12023 comm="syz.4.2241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 152.067782][T12026] FAULT_INJECTION: forcing a failure. [ 152.067782][T12026] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 152.079002][T12026] CPU: 1 UID: 0 PID: 12026 Comm: syz.1.2242 Not tainted 6.15.0-syzkaller-03478-gc89756bcf406 #0 PREEMPT(full) [ 152.079018][T12026] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 152.079024][T12026] Call Trace: [ 152.079029][T12026] [ 152.079033][T12026] dump_stack_lvl+0x16c/0x1f0 [ 152.079055][T12026] should_fail_ex+0x512/0x640 [ 152.079068][T12026] should_fail_alloc_page+0xe7/0x130 [ 152.079081][T12026] prepare_alloc_pages+0x3c2/0x610 [ 152.079099][T12026] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 152.079114][T12026] ? find_held_lock+0x2b/0x80 [ 152.079126][T12026] ? dquot_add_space+0x3be/0xe00 [ 152.079139][T12026] ? bpf_lsm_capable+0x9/0x10 [ 152.079156][T12026] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 152.079168][T12026] ? dquot_add_space+0x3be/0xe00 [ 152.079207][T12026] ? find_held_lock+0x2b/0x80 [ 152.079220][T12026] ? __dquot_alloc_space+0x452/0xe20 [ 152.079235][T12026] ? __lock_acquire+0xb8a/0x1c90 [ 152.079249][T12026] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 152.079268][T12026] ? policy_nodemask+0xea/0x4e0 [ 152.079282][T12026] alloc_pages_mpol+0x1fb/0x550 [ 152.079294][T12026] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 152.079310][T12026] folio_alloc_mpol_noprof+0x36/0x2f0 [ 152.079325][T12026] shmem_alloc_folio+0x135/0x160 [ 152.079342][T12026] shmem_alloc_and_add_folio+0x499/0xc20 [ 152.079363][T12026] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 152.079382][T12026] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 152.079403][T12026] shmem_get_folio_gfp+0x67f/0x1600 [ 152.079417][T12026] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 152.079435][T12026] ? __pfx___might_resched+0x10/0x10 [ 152.079462][T12026] shmem_fallocate+0x795/0xf50 [ 152.079481][T12026] ? __pfx_shmem_fallocate+0x10/0x10 [ 152.079492][T12026] ? get_pid_task+0x106/0x250 [ 152.079507][T12026] ? proc_fail_nth_write+0x9f/0x250 [ 152.079527][T12026] ? __lock_acquire+0xb8a/0x1c90 [ 152.079552][T12026] ? __pfx_shmem_fallocate+0x10/0x10 [ 152.079563][T12026] vfs_fallocate+0x608/0x10c0 [ 152.079583][T12026] ? __pfx_vfs_fallocate+0x10/0x10 [ 152.079604][T12026] __x64_sys_fallocate+0xd5/0x150 [ 152.079616][T12026] do_syscall_64+0xcd/0x4c0 [ 152.079628][T12026] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.079640][T12026] RIP: 0033:0x7fd2ae58e969 [ 152.079649][T12026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.079660][T12026] RSP: 002b:00007fd2af41c038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 152.079672][T12026] RAX: ffffffffffffffda RBX: 00007fd2ae7b5fa0 RCX: 00007fd2ae58e969 [ 152.079679][T12026] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 152.079689][T12026] RBP: 00007fd2af41c090 R08: 0000000000000000 R09: 0000000000000000 [ 152.079696][T12026] R10: 00000000001001f3 R11: 0000000000000246 R12: 0000000000000002 [ 152.079702][T12026] R13: 0000000000000000 R14: 00007fd2ae7b5fa0 R15: 00007ffc43bd05e8 [ 152.079717][T12026] [ 152.533230][ T1469] usb 9-1: new high-speed USB device number 8 using dummy_hcd [ 152.665764][ T1469] usb 9-1: device descriptor read/64, error -71 [ 152.902680][ T1469] usb 9-1: new high-speed USB device number 9 using dummy_hcd [ 153.032570][ T1469] usb 9-1: device descriptor read/64, error -71 [ 153.142889][ T1469] usb usb9-port1: attempt power cycle [ 153.293210][ T63] Bluetooth: hci4: command tx timeout [ 153.321347][T12038] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2248'. [ 153.432582][T12046] netlink: 596 bytes leftover after parsing attributes in process `syz.2.2252'. [ 153.445811][T12046] netlink: 596 bytes leftover after parsing attributes in process `syz.2.2252'. [ 153.483111][ T1469] usb 9-1: new high-speed USB device number 10 using dummy_hcd [ 153.487987][ T5942] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 153.492369][ T5942] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 153.497900][ T5942] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 153.504955][ T1469] usb 9-1: device descriptor read/8, error -71 [ 153.505528][ T5942] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 153.510504][ T5942] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 153.663539][T12053] chnl_net:caif_netlink_parms(): no params data found [ 153.722829][ T6077] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 153.742853][ T1469] usb 9-1: new high-speed USB device number 11 using dummy_hcd [ 153.763643][ T1469] usb 9-1: device descriptor read/8, error -71 [ 153.778142][T12053] bridge0: port 1(bridge_slave_0) entered blocking state [ 153.780413][T12053] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.782875][T12053] bridge_slave_0: entered allmulticast mode [ 153.786381][T12053] bridge_slave_0: entered promiscuous mode [ 153.791344][T12053] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.794703][T12053] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.797261][T12053] bridge_slave_1: entered allmulticast mode [ 153.800044][T12053] bridge_slave_1: entered promiscuous mode [ 153.833693][T12053] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 153.838146][T12053] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 153.852857][ T6077] usb 6-1: device descriptor read/64, error -71 [ 153.873171][ T1469] usb usb9-port1: unable to enumerate USB device [ 153.874791][T12053] team0: Port device team_slave_0 added [ 153.881079][T12053] team0: Port device team_slave_1 added [ 153.913351][T12053] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 153.915571][T12053] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 153.923221][T12053] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 153.927665][T12053] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 153.929748][T12053] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 153.938330][T12053] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 153.986453][T12053] hsr_slave_0: entered promiscuous mode [ 153.989590][T12053] hsr_slave_1: entered promiscuous mode [ 153.992531][T12053] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 153.995915][T12053] Cannot create hsr debugfs directory [ 154.002979][ T5942] Bluetooth: hci1: command tx timeout [ 154.094879][ T6077] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 154.137954][T12053] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 154.142413][T12053] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 154.147013][T12053] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 154.151049][T12053] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 154.166825][T12053] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.169067][T12053] bridge0: port 2(bridge_slave_1) entered forwarding state [ 154.171419][T12053] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.173670][T12053] bridge0: port 1(bridge_slave_0) entered forwarding state [ 154.220093][T12053] 8021q: adding VLAN 0 to HW filter on device bond0 [ 154.222979][ T6077] usb 6-1: device descriptor read/64, error -71 [ 154.234436][ T71] bridge0: port 1(bridge_slave_0) entered disabled state [ 154.239222][ T71] bridge0: port 2(bridge_slave_1) entered disabled state [ 154.259722][T12053] 8021q: adding VLAN 0 to HW filter on device team0 [ 154.269548][ T71] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.271950][ T71] bridge0: port 1(bridge_slave_0) entered forwarding state [ 154.281629][ T1156] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.283968][ T1156] bridge0: port 2(bridge_slave_1) entered forwarding state [ 154.348970][ T6077] usb usb6-port1: attempt power cycle [ 154.442547][T12053] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 154.592531][T12053] veth0_vlan: entered promiscuous mode [ 154.597548][T12053] veth1_vlan: entered promiscuous mode [ 154.615011][T12053] veth0_macvtap: entered promiscuous mode [ 154.619509][T12053] veth1_macvtap: entered promiscuous mode [ 154.633790][T12053] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 154.641610][T12053] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 154.647495][T12053] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.650193][T12053] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.652801][T12053] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.656254][T12053] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.690254][ T71] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 154.692495][ T71] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 154.699117][ T6077] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 154.710014][ T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 154.712958][ T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 154.723586][ T6077] usb 6-1: device descriptor read/8, error -71 [ 154.779385][T12075] ªªªªªª: renamed from lo (while UP) [ 154.876368][T12079] FAULT_INJECTION: forcing a failure. [ 154.876368][T12079] name failslab, interval 1, probability 0, space 0, times 0 [ 154.880464][T12079] CPU: 3 UID: 0 PID: 12079 Comm: syz.2.2255 Not tainted 6.15.0-syzkaller-03478-gc89756bcf406 #0 PREEMPT(full) [ 154.880484][T12079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 154.880494][T12079] Call Trace: [ 154.880499][T12079] [ 154.880505][T12079] dump_stack_lvl+0x16c/0x1f0 [ 154.880534][T12079] should_fail_ex+0x512/0x640 [ 154.880550][T12079] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 154.880579][T12079] should_failslab+0xc2/0x120 [ 154.880598][T12079] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 154.880624][T12079] ? __alloc_skb+0x2b2/0x380 [ 154.880645][T12079] __alloc_skb+0x2b2/0x380 [ 154.880662][T12079] ? __pfx___alloc_skb+0x10/0x10 [ 154.880682][T12079] ? __pfx_nf_tables_abort+0x10/0x10 [ 154.880706][T12079] netlink_ack+0x15d/0xb80 [ 154.880728][T12079] ? kasan_save_track+0x14/0x30 [ 154.880748][T12079] nfnetlink_rcv_batch+0x1431/0x2350 [ 154.880783][T12079] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 154.880808][T12079] ? find_held_lock+0x2b/0x80 [ 154.880840][T12079] ? avc_has_perm_noaudit+0x149/0x3b0 [ 154.880871][T12079] ? __nla_parse+0x40/0x60 [ 154.880886][T12079] nfnetlink_rcv+0x3c1/0x430 [ 154.880903][T12079] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 154.880924][T12079] netlink_unicast+0x53a/0x7f0 [ 154.880941][T12079] ? __pfx_netlink_unicast+0x10/0x10 [ 154.880960][T12079] netlink_sendmsg+0x8d1/0xdd0 [ 154.880978][T12079] ? __pfx_netlink_sendmsg+0x10/0x10 [ 154.880998][T12079] ____sys_sendmsg+0xa98/0xc70 [ 154.881016][T12079] ? copy_msghdr_from_user+0x10a/0x160 [ 154.881030][T12079] ? __pfx_____sys_sendmsg+0x10/0x10 [ 154.881053][T12079] ___sys_sendmsg+0x134/0x1d0 [ 154.881067][T12079] ? __pfx____sys_sendmsg+0x10/0x10 [ 154.881080][T12079] ? __lock_acquire+0x622/0x1c90 [ 154.881111][T12079] __sys_sendmsg+0x16d/0x220 [ 154.881125][T12079] ? __pfx___sys_sendmsg+0x10/0x10 [ 154.881148][T12079] do_syscall_64+0xcd/0x4c0 [ 154.881160][T12079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.881172][T12079] RIP: 0033:0x7f346dd8e969 [ 154.881180][T12079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.881191][T12079] RSP: 002b:00007f346ecda038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 154.881202][T12079] RAX: ffffffffffffffda RBX: 00007f346dfb5fa0 RCX: 00007f346dd8e969 [ 154.881209][T12079] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 154.881215][T12079] RBP: 00007f346ecda090 R08: 0000000000000000 R09: 0000000000000000 [ 154.881222][T12079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 154.881228][T12079] R13: 0000000000000000 R14: 00007f346dfb5fa0 R15: 00007ffd3565e838 [ 154.881242][T12079] [ 154.917499][T12081] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2254'. [ 154.973398][ T6077] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 154.994952][ T6077] usb 6-1: device descriptor read/8, error -71 [ 155.104075][ T6077] usb usb6-port1: unable to enumerate USB device [ 155.363683][ T5942] Bluetooth: hci4: command tx timeout [ 155.534920][ T5942] Bluetooth: hci2: command tx timeout [ 156.275580][ T61] bond0: (slave bond_slave_0): interface is now down [ 156.277946][ T61] bond0: (slave bond_slave_1): interface is now down [ 156.283924][ T61] bond0: now running without any active interface! [ 156.349679][T12113] netlink: 'syz.2.2270': attribute type 10 has an invalid length. [ 156.352130][T12113] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2270'. [ 156.355477][T12113] dummy0: entered promiscuous mode [ 156.359308][T12113] bridge0: port 3(dummy0) entered blocking state [ 156.361349][T12113] bridge0: port 3(dummy0) entered disabled state [ 156.364908][T12113] dummy0: entered allmulticast mode [ 156.367715][T12113] bridge0: port 3(dummy0) entered blocking state [ 156.369773][T12113] bridge0: port 3(dummy0) entered forwarding state [ 156.394715][T12116] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 156.569362][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 156.569378][ T40] audit: type=1400 audit(1748932664.314:925): avc: denied { nosuid_transition } for pid=12136 comm="syz.1.2278" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process2 permissive=1 [ 156.578360][ T40] audit: type=1400 audit(1748932664.314:926): avc: denied { transition } for pid=12136 comm="syz.1.2278" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=2082 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1 [ 156.592274][ T40] audit: type=1400 audit(1748932664.314:927): avc: denied { entrypoint } for pid=12136 comm="syz.1.2278" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=2082 scontext=system_u:object_r:hugetlbfs_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 156.603445][ T40] audit: type=1400 audit(1748932664.314:928): avc: denied { share } for pid=12136 comm="syz.1.2278" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1 [ 156.609737][ T40] audit: type=1400 audit(1748932664.314:929): avc: denied { noatsecure } for pid=12136 comm="syz.1.2278" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1 [ 156.613686][T12141] netlink: 'syz.1.2279': attribute type 1 has an invalid length. [ 156.709236][T12145] netlink: 'syz.5.2280': attribute type 10 has an invalid length. [ 156.810122][T12158] FAULT_INJECTION: forcing a failure. [ 156.810122][T12158] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 156.817703][T12158] CPU: 0 UID: 0 PID: 12158 Comm: syz.1.2285 Not tainted 6.15.0-syzkaller-03478-gc89756bcf406 #0 PREEMPT(full) [ 156.817720][T12158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 156.817727][T12158] Call Trace: [ 156.817731][T12158] [ 156.817736][T12158] dump_stack_lvl+0x16c/0x1f0 [ 156.817758][T12158] should_fail_ex+0x512/0x640 [ 156.817771][T12158] should_fail_alloc_page+0xe7/0x130 [ 156.817785][T12158] prepare_alloc_pages+0x3c2/0x610 [ 156.817802][T12158] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 156.817817][T12158] ? find_held_lock+0x2b/0x80 [ 156.817830][T12158] ? dquot_add_space+0x3be/0xe00 [ 156.817842][T12158] ? bpf_lsm_capable+0x9/0x10 [ 156.817860][T12158] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 156.817872][T12158] ? dquot_add_space+0x3be/0xe00 [ 156.817884][T12158] ? find_held_lock+0x2b/0x80 [ 156.817896][T12158] ? __dquot_alloc_space+0x452/0xe20 [ 156.817911][T12158] ? __lock_acquire+0xb8a/0x1c90 [ 156.817926][T12158] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 156.817945][T12158] ? policy_nodemask+0xea/0x4e0 [ 156.817958][T12158] alloc_pages_mpol+0x1fb/0x550 [ 156.817970][T12158] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 156.817986][T12158] folio_alloc_mpol_noprof+0x36/0x2f0 [ 156.818001][T12158] shmem_alloc_folio+0x135/0x160 [ 156.818017][T12158] shmem_alloc_and_add_folio+0x499/0xc20 [ 156.818038][T12158] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 156.818059][T12158] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 156.818079][T12158] shmem_get_folio_gfp+0x67f/0x1600 [ 156.818093][T12158] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 156.818112][T12158] ? __pfx___might_resched+0x10/0x10 [ 156.818127][T12158] shmem_fallocate+0x795/0xf50 [ 156.818144][T12158] ? __pfx_shmem_fallocate+0x10/0x10 [ 156.818154][T12158] ? get_pid_task+0x106/0x250 [ 156.818169][T12158] ? proc_fail_nth_write+0x9f/0x250 [ 156.818189][T12158] ? __lock_acquire+0xb8a/0x1c90 [ 156.818214][T12158] ? __pfx_shmem_fallocate+0x10/0x10 [ 156.818225][T12158] vfs_fallocate+0x608/0x10c0 [ 156.818244][T12158] ? __pfx_vfs_fallocate+0x10/0x10 [ 156.818265][T12158] __x64_sys_fallocate+0xd5/0x150 [ 156.818277][T12158] do_syscall_64+0xcd/0x4c0 [ 156.818289][T12158] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.818300][T12158] RIP: 0033:0x7fd2ae58e969 [ 156.818310][T12158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.818321][T12158] RSP: 002b:00007fd2af41c038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 156.818332][T12158] RAX: ffffffffffffffda RBX: 00007fd2ae7b5fa0 RCX: 00007fd2ae58e969 [ 156.818343][T12158] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 156.818349][T12158] RBP: 00007fd2af41c090 R08: 0000000000000000 R09: 0000000000000000 [ 156.818355][T12158] R10: 00000000001001f3 R11: 0000000000000246 R12: 0000000000000002 [ 156.818362][T12158] R13: 0000000000000000 R14: 00007fd2ae7b5fa0 R15: 00007ffc43bd05e8 [ 156.818376][T12158] [ 156.913763][ C0] vkms_vblank_simulate: vblank timer overrun [ 157.010837][T12170] Cannot find set identified by id 3 to match [ 157.022569][T12173] xt_hashlimit: overflow, rate too high: 0 [ 157.052861][ T40] audit: type=1400 audit(1748932664.794:930): avc: denied { name_bind } for pid=12175 comm="syz.1.2293" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 157.065829][T12180] tipc: Started in network mode [ 157.067493][T12180] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 157.070528][T12180] tipc: Enabled bearer , priority 10 [ 157.103669][ T40] audit: type=1400 audit(1748932664.844:931): avc: denied { nlmsg_read } for pid=12175 comm="syz.1.2293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 157.105738][T12176] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2293'. [ 157.111577][ T5942] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 157.116575][ T5942] CPU: 0 UID: 0 PID: 5942 Comm: kworker/u33:5 Not tainted 6.15.0-syzkaller-03478-gc89756bcf406 #0 PREEMPT(full) [ 157.116591][ T5942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 157.116599][ T5942] Workqueue: hci2 hci_rx_work [ 157.116620][ T5942] Call Trace: [ 157.116624][ T5942] [ 157.116629][ T5942] dump_stack_lvl+0x16c/0x1f0 [ 157.116649][ T5942] sysfs_warn_dup+0x7f/0xa0 [ 157.116661][ T5942] sysfs_create_dir_ns+0x24b/0x2b0 [ 157.116673][ T5942] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 157.116683][ T5942] ? find_held_lock+0x2b/0x80 [ 157.116699][ T5942] ? do_raw_spin_unlock+0x172/0x230 [ 157.116718][ T5942] kobject_add_internal+0x2c4/0x9b0 [ 157.116732][ T5942] kobject_add+0x16e/0x240 [ 157.116744][ T5942] ? __pfx_kobject_add+0x10/0x10 [ 157.116758][ T5942] ? do_raw_spin_unlock+0x172/0x230 [ 157.116775][ T5942] ? kobject_put+0xab/0x5a0 [ 157.116791][ T5942] device_add+0x288/0x1a70 [ 157.116804][ T5942] ? __pfx_dev_set_name+0x10/0x10 [ 157.116819][ T5942] ? __pfx_device_add+0x10/0x10 [ 157.116831][ T5942] ? mgmt_send_event_skb+0x2fb/0x460 [ 157.116847][ T5942] hci_conn_add_sysfs+0x17e/0x230 [ 157.116860][ T5942] le_conn_complete_evt+0x1075/0x1d70 [ 157.116875][ T5942] ? rcu_is_watching+0x12/0xc0 [ 157.116886][ T5942] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 157.116897][ T5942] ? hci_event_packet+0x43c/0x1190 [ 157.116911][ T5942] hci_le_enh_conn_complete_evt+0x23d/0x380 [ 157.116923][ T5942] ? skb_pull_data+0x166/0x210 [ 157.116940][ T5942] hci_le_meta_evt+0x2f3/0x5e0 [ 157.116951][ T5942] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 157.116965][ T5942] hci_event_packet+0x66c/0x1190 [ 157.116976][ T5942] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 157.116989][ T5942] ? __pfx_hci_event_packet+0x10/0x10 [ 157.117001][ T5942] ? kcov_remote_start+0x3c9/0x6d0 [ 157.117018][ T5942] ? lockdep_hardirqs_on+0x7c/0x110 [ 157.117038][ T5942] hci_rx_work+0x2c5/0x16b0 [ 157.117050][ T5942] ? rcu_is_watching+0x12/0xc0 [ 157.117063][ T5942] process_one_work+0x9cf/0x1b70 [ 157.117084][ T5942] ? __pfx_hci_rx_work+0x10/0x10 [ 157.117096][ T5942] ? __pfx_process_one_work+0x10/0x10 [ 157.117117][ T5942] ? assign_work+0x1a0/0x250 [ 157.117134][ T5942] worker_thread+0x6c8/0xf10 [ 157.117156][ T5942] ? __pfx_worker_thread+0x10/0x10 [ 157.117172][ T5942] kthread+0x3c5/0x780 [ 157.117188][ T5942] ? __pfx_kthread+0x10/0x10 [ 157.117204][ T5942] ? rcu_is_watching+0x12/0xc0 [ 157.117216][ T5942] ? __pfx_kthread+0x10/0x10 [ 157.117231][ T5942] ret_from_fork+0x5d4/0x6f0 [ 157.117245][ T5942] ? __pfx_kthread+0x10/0x10 [ 157.117260][ T5942] ret_from_fork_asm+0x1a/0x30 [ 157.117278][ T5942] [ 157.117291][ T5942] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 157.202867][ T5942] Bluetooth: hci2: failed to register connection device [ 157.507148][T12220] 9pnet_virtio: no channels available for device syz [ 157.572974][T12224] netlink: 'syz.1.2314': attribute type 10 has an invalid length. [ 157.604002][ T5942] Bluetooth: hci2: command tx timeout [ 157.617539][T12226] 9pnet_virtio: no channels available for device syz [ 157.621525][T12226] overlayfs: failed to resolve './file1': -2 [ 158.206452][ T1469] tipc: Node number set to 4269801488 [ 158.896925][ T71] bond0: (slave bond_slave_0): interface is now down [ 158.900182][ T71] bond0: (slave bond_slave_1): interface is now down [ 158.905477][ T71] bond0: now running without any active interface! [ 159.106938][T12269] "syz.5.2330" (12269) uses obsolete ecb(arc4) skcipher [ 159.115260][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 159.179947][T12293] program syz.5.2339 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 159.193536][T12293] netlink: 'syz.5.2339': attribute type 4 has an invalid length. [ 159.254321][ T5975] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 159.372115][ T40] audit: type=1400 audit(1748932667.114:932): avc: denied { setattr } for pid=12305 comm="syz.4.2343" name="ptyqc" dev="devtmpfs" ino=139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 159.379157][ T40] audit: type=1400 audit(1748932667.124:933): avc: denied { append } for pid=12305 comm="syz.4.2343" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 159.386415][ T40] audit: type=1400 audit(1748932667.124:934): avc: denied { ioctl } for pid=12305 comm="syz.4.2343" path="/dev/ndctl0" dev="devtmpfs" ino=109 ioctlcmd=0x640a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 159.424242][ T5975] usb 7-1: Using ep0 maxpacket: 8 [ 159.427405][ T5975] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 159.432227][ T5975] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 159.433171][T12312] netlink: 'syz.5.2344': attribute type 10 has an invalid length. [ 159.435042][ T5975] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.442354][ T5975] usb 7-1: config 0 descriptor?? [ 159.652811][T12271] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0 [ 159.681238][ T5975] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 159.684615][ T5942] Bluetooth: hci2: command tx timeout [ 159.689263][ T5975] usb 7-1: USB disconnect, device number 23 [ 160.529824][T12327] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2352'. [ 160.546669][T12327] atomic_op ffff8880126b7998 conn xmit_atomic 0000000000000000 [ 160.617773][T12338] Cannot find set identified by id 3 to match [ 160.621315][T12339] FAULT_INJECTION: forcing a failure. [ 160.621315][T12339] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 160.625547][T12339] CPU: 3 UID: 0 PID: 12339 Comm: syz.1.2356 Not tainted 6.15.0-syzkaller-03478-gc89756bcf406 #0 PREEMPT(full) [ 160.625562][T12339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 160.625569][T12339] Call Trace: [ 160.625573][T12339] [ 160.625577][T12339] dump_stack_lvl+0x16c/0x1f0 [ 160.625599][T12339] should_fail_ex+0x512/0x640 [ 160.625612][T12339] should_fail_alloc_page+0xe7/0x130 [ 160.625627][T12339] prepare_alloc_pages+0x3c2/0x610 [ 160.625644][T12339] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 160.625660][T12339] ? find_held_lock+0x2b/0x80 [ 160.625673][T12339] ? dquot_add_space+0x3be/0xe00 [ 160.625685][T12339] ? bpf_lsm_capable+0x9/0x10 [ 160.625703][T12339] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 160.625716][T12339] ? dquot_add_space+0x3be/0xe00 [ 160.625728][T12339] ? find_held_lock+0x2b/0x80 [ 160.625740][T12339] ? __dquot_alloc_space+0x452/0xe20 [ 160.625755][T12339] ? __lock_acquire+0xb8a/0x1c90 [ 160.625769][T12339] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 160.625788][T12339] ? policy_nodemask+0xea/0x4e0 [ 160.625801][T12339] alloc_pages_mpol+0x1fb/0x550 [ 160.625813][T12339] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 160.625829][T12339] folio_alloc_mpol_noprof+0x36/0x2f0 [ 160.625844][T12339] shmem_alloc_folio+0x135/0x160 [ 160.625861][T12339] shmem_alloc_and_add_folio+0x499/0xc20 [ 160.625882][T12339] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 160.625901][T12339] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 160.625922][T12339] shmem_get_folio_gfp+0x67f/0x1600 [ 160.625936][T12339] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 160.625955][T12339] ? __pfx___might_resched+0x10/0x10 [ 160.625970][T12339] shmem_fallocate+0x795/0xf50 [ 160.625987][T12339] ? __pfx_shmem_fallocate+0x10/0x10 [ 160.625997][T12339] ? get_pid_task+0x106/0x250 [ 160.626012][T12339] ? proc_fail_nth_write+0x9f/0x250 [ 160.626032][T12339] ? __lock_acquire+0xb8a/0x1c90 [ 160.626057][T12339] ? __pfx_shmem_fallocate+0x10/0x10 [ 160.626068][T12339] vfs_fallocate+0x608/0x10c0 [ 160.626087][T12339] ? __pfx_vfs_fallocate+0x10/0x10 [ 160.626109][T12339] __x64_sys_fallocate+0xd5/0x150 [ 160.626120][T12339] do_syscall_64+0xcd/0x4c0 [ 160.626132][T12339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.626143][T12339] RIP: 0033:0x7fd2ae58e969 [ 160.626152][T12339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.626163][T12339] RSP: 002b:00007fd2af41c038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 160.626174][T12339] RAX: ffffffffffffffda RBX: 00007fd2ae7b5fa0 RCX: 00007fd2ae58e969 [ 160.626181][T12339] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 160.626187][T12339] RBP: 00007fd2af41c090 R08: 0000000000000000 R09: 0000000000000000 [ 160.626194][T12339] R10: 00000000001001f3 R11: 0000000000000246 R12: 0000000000000002 [ 160.626200][T12339] R13: 0000000000000000 R14: 00007fd2ae7b5fa0 R15: 00007ffc43bd05e8 [ 160.626214][T12339] [ 160.799352][T12358] netlink: 79 bytes leftover after parsing attributes in process `syz.1.2368'. [ 160.822682][T12361] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2369'. [ 160.829080][T12361] binder: 12360:12361 ioctl c0306201 2000000001c0 returned -14 [ 160.953730][T12374] xt_socket: unknown flags 0xc [ 160.957492][T12374] trusted_key: syz.1.2375 sent an empty control message without MSG_MORE. [ 161.014276][T12386] netlink: 'syz.5.2379': attribute type 10 has an invalid length. [ 161.062254][T12394] IPVS: set_ctl: invalid protocol: 7 3.0.0.0:1024 [ 161.080676][T12398] binder: 12397:12398 ioctl c0306201 0 returned -14 [ 161.116978][T12404] Cannot find set identified by id 3 to match [ 161.151829][T12410] FAULT_INJECTION: forcing a failure. [ 161.151829][T12410] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 161.156947][T12410] CPU: 3 UID: 0 PID: 12410 Comm: syz.2.2389 Not tainted 6.15.0-syzkaller-03478-gc89756bcf406 #0 PREEMPT(full) [ 161.156972][T12410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 161.156982][T12410] Call Trace: [ 161.156988][T12410] [ 161.156995][T12410] dump_stack_lvl+0x16c/0x1f0 [ 161.157043][T12410] should_fail_ex+0x512/0x640 [ 161.157069][T12410] should_fail_alloc_page+0xe7/0x130 [ 161.157089][T12410] prepare_alloc_pages+0x3c2/0x610 [ 161.157117][T12410] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 161.157143][T12410] ? find_held_lock+0x2b/0x80 [ 161.157163][T12410] ? dquot_add_space+0x3be/0xe00 [ 161.157181][T12410] ? bpf_lsm_capable+0x9/0x10 [ 161.157207][T12410] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 161.157227][T12410] ? dquot_add_space+0x3be/0xe00 [ 161.157246][T12410] ? find_held_lock+0x2b/0x80 [ 161.157264][T12410] ? __dquot_alloc_space+0x452/0xe20 [ 161.157289][T12410] ? __lock_acquire+0xb8a/0x1c90 [ 161.157310][T12410] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 161.157338][T12410] ? policy_nodemask+0xea/0x4e0 [ 161.157359][T12410] alloc_pages_mpol+0x1fb/0x550 [ 161.157378][T12410] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 161.157404][T12410] folio_alloc_mpol_noprof+0x36/0x2f0 [ 161.157426][T12410] shmem_alloc_folio+0x135/0x160 [ 161.157451][T12410] shmem_alloc_and_add_folio+0x499/0xc20 [ 161.157484][T12410] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 161.157514][T12410] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 161.157548][T12410] shmem_get_folio_gfp+0x67f/0x1600 [ 161.157566][T12410] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 161.157591][T12410] ? __pfx___might_resched+0x10/0x10 [ 161.157614][T12410] shmem_fallocate+0x795/0xf50 [ 161.157642][T12410] ? __pfx_shmem_fallocate+0x10/0x10 [ 161.157659][T12410] ? get_pid_task+0x106/0x250 [ 161.157682][T12410] ? proc_fail_nth_write+0x9f/0x250 [ 161.157713][T12410] ? __lock_acquire+0xb8a/0x1c90 [ 161.157754][T12410] ? __pfx_shmem_fallocate+0x10/0x10 [ 161.157773][T12410] vfs_fallocate+0x608/0x10c0 [ 161.157802][T12410] ? __pfx_vfs_fallocate+0x10/0x10 [ 161.157834][T12410] __x64_sys_fallocate+0xd5/0x150 [ 161.157854][T12410] do_syscall_64+0xcd/0x4c0 [ 161.157873][T12410] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.157890][T12410] RIP: 0033:0x7f346dd8e969 [ 161.157905][T12410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.157921][T12410] RSP: 002b:00007f346ecda038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 161.157939][T12410] RAX: ffffffffffffffda RBX: 00007f346dfb5fa0 RCX: 00007f346dd8e969 [ 161.157950][T12410] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 161.157959][T12410] RBP: 00007f346ecda090 R08: 0000000000000000 R09: 0000000000000000 [ 161.157970][T12410] R10: 00000000001001f3 R11: 0000000000000246 R12: 0000000000000002 [ 161.157980][T12410] R13: 0000000000000000 R14: 00007f346dfb5fa0 R15: 00007ffd3565e838 [ 161.158004][T12410] [ 161.309936][T12422] input: syz0 as /devices/virtual/input/input14 [ 161.311950][T12422] input: failed to attach handler leds to device input14, error: -6 [ 161.578057][T12459] netlink: 'syz.1.2409': attribute type 10 has an invalid length. [ 161.595047][T12462] netlink: 'syz.5.2411': attribute type 1 has an invalid length. [ 161.597522][T12462] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 161.599655][T12462] IPv6: NLM_F_CREATE should be set when creating new route [ 161.604392][T12462] xt_CONNSECMARK: invalid mode: 0 [ 161.713534][T12479] Cannot find set identified by id 3 to match [ 161.764833][ T5942] Bluetooth: hci2: command tx timeout [ 161.771755][T12488] FAULT_INJECTION: forcing a failure. [ 161.771755][T12488] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 161.776164][T12488] CPU: 3 UID: 0 PID: 12488 Comm: syz.2.2422 Not tainted 6.15.0-syzkaller-03478-gc89756bcf406 #0 PREEMPT(full) [ 161.776187][T12488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 161.776197][T12488] Call Trace: [ 161.776203][T12488] [ 161.776209][T12488] dump_stack_lvl+0x16c/0x1f0 [ 161.776239][T12488] should_fail_ex+0x512/0x640 [ 161.776255][T12488] should_fail_alloc_page+0xe7/0x130 [ 161.776276][T12488] prepare_alloc_pages+0x3c2/0x610 [ 161.776307][T12488] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 161.776329][T12488] ? rcu_is_watching+0x12/0xc0 [ 161.776344][T12488] ? __mod_memcg_lruvec_state+0x533/0x760 [ 161.776367][T12488] ? __mod_zone_page_state+0xcc/0x1a0 [ 161.776390][T12488] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 161.776411][T12488] ? folios_put_refs+0x5ce/0x740 [ 161.776433][T12488] ? __pfx_folios_put_refs+0x10/0x10 [ 161.776453][T12488] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 161.776476][T12488] ? policy_nodemask+0xea/0x4e0 [ 161.776496][T12488] alloc_pages_mpol+0x1fb/0x550 [ 161.776514][T12488] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 161.776539][T12488] folio_alloc_mpol_noprof+0x36/0x2f0 [ 161.776558][T12488] shmem_alloc_folio+0x135/0x160 [ 161.776581][T12488] shmem_alloc_and_add_folio+0x499/0xc20 [ 161.776611][T12488] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 161.776639][T12488] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 161.776665][T12488] shmem_get_folio_gfp+0x67f/0x1600 [ 161.776687][T12488] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 161.776714][T12488] ? __pfx___might_resched+0x10/0x10 [ 161.776737][T12488] shmem_fallocate+0x795/0xf50 [ 161.776758][T12488] ? __pfx_shmem_fallocate+0x10/0x10 [ 161.776773][T12488] ? get_pid_task+0x106/0x250 [ 161.776795][T12488] ? proc_fail_nth_write+0x9f/0x250 [ 161.776825][T12488] ? __lock_acquire+0xb8a/0x1c90 [ 161.776866][T12488] ? __pfx_shmem_fallocate+0x10/0x10 [ 161.776878][T12488] vfs_fallocate+0x608/0x10c0 [ 161.776905][T12488] ? __pfx_vfs_fallocate+0x10/0x10 [ 161.776937][T12488] __x64_sys_fallocate+0xd5/0x150 [ 161.776955][T12488] do_syscall_64+0xcd/0x4c0 [ 161.776969][T12488] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.776983][T12488] RIP: 0033:0x7f346dd8e969 [ 161.776997][T12488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.777013][T12488] RSP: 002b:00007f346ecda038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 161.777028][T12488] RAX: ffffffffffffffda RBX: 00007f346dfb5fa0 RCX: 00007f346dd8e969 [ 161.777038][T12488] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 161.777047][T12488] RBP: 00007f346ecda090 R08: 0000000000000000 R09: 0000000000000000 [ 161.777057][T12488] R10: 00000000001001f3 R11: 0000000000000246 R12: 0000000000000002 [ 161.777065][T12488] R13: 0000000000000000 R14: 00007f346dfb5fa0 R15: 00007ffd3565e838 [ 161.777085][T12488] [ 161.918634][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 161.918645][ T40] audit: type=1400 audit(1748932669.663:937): avc: denied { setopt } for pid=12505 comm="syz.1.2429" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 161.983379][T12517] netlink: 'syz.4.2434': attribute type 10 has an invalid length. [ 161.988400][T12517] bond0: (slave wlan1): Enslaving as an active interface with a down link [ 162.076976][T12533] netlink: 'syz.4.2441': attribute type 10 has an invalid length. [ 162.115176][T12533] bond0: (slave wlan1): Releasing backup interface [ 162.159319][ T40] audit: type=1400 audit(1748932669.903:938): avc: denied { connect } for pid=12549 comm="syz.5.2447" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 162.187109][T12554] Cannot find set identified by id 3 to match [ 162.221062][ T40] audit: type=1400 audit(1748932669.963:939): avc: denied { ioctl } for pid=12557 comm="syz.1.2450" path="net:[4026534124]" dev="nsfs" ino=4026534124 ioctlcmd=0xb702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 162.364912][T12575] syz.4.2456: attempt to access beyond end of device [ 162.364912][T12575] loop4: rw=0, sector=16, nr_sectors = 1 limit=0 [ 162.370227][T12575] qnx6: unable to read the first superblock [ 162.373798][T12575] syz.4.2456: attempt to access beyond end of device [ 162.373798][T12575] loop4: rw=0, sector=0, nr_sectors = 1 limit=0 [ 162.382132][T12575] qnx6: unable to read the first superblock [ 162.384472][T12575] qnx6: unable to read the first superblock [ 162.393399][T12576] sctp: [Deprecated]: syz.4.2456 (pid 12576) Use of int in max_burst socket option deprecated. [ 162.393399][T12576] Use struct sctp_assoc_value instead [ 162.400006][T12575] sctp: [Deprecated]: syz.4.2456 (pid 12575) Use of int in max_burst socket option deprecated. [ 162.400006][T12575] Use struct sctp_assoc_value instead [ 162.455000][T12585] netlink: 'syz.5.2461': attribute type 1 has an invalid length. [ 162.466756][T12585] bond2: entered promiscuous mode [ 162.468890][T12585] 8021q: adding VLAN 0 to HW filter on device bond2 [ 162.476984][T12588] 9pnet_fd: Insufficient options for proto=fd [ 162.481210][T12585] bond2: (slave bridge1): making interface the new active one [ 162.481319][T12588] 9pnet_fd: Insufficient options for proto=fd [ 162.483694][T12585] bridge1: entered promiscuous mode [ 162.490775][T12585] bond2: (slave bridge1): Enslaving as an active interface with an up link [ 162.708436][T12607] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2469'. [ 162.781205][ T40] audit: type=1326 audit(1748932670.513:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12617 comm="syz.4.2473" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faabc18e969 code=0x0 [ 162.799259][T12616] netlink: 'syz.5.2472': attribute type 10 has an invalid length. [ 162.870222][T12627] IPv6: NLM_F_REPLACE set, but no existing node found! [ 162.911701][T12629] XFS (nbd5): no-recovery mounts must be read-only. [ 162.916272][T12634] Cannot find set identified by id 3 to match [ 162.917222][ T40] audit: type=1400 audit(1748932670.663:941): avc: denied { mount } for pid=12631 comm="syz.4.2479" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 162.930528][ T40] audit: type=1400 audit(1748932670.663:942): avc: denied { remount } for pid=12631 comm="syz.4.2479" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 162.938785][ T40] audit: type=1400 audit(1748932670.683:943): avc: denied { unmount } for pid=10386 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 163.049974][T12645] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2484'. [ 163.049986][T12644] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2484'. [ 163.111150][T12650] tipc: Enabling of bearer rejected, media not registered [ 163.188052][T12658] netlink: 'syz.1.2489': attribute type 1 has an invalid length. [ 163.233135][T12658] bond1: entered promiscuous mode [ 163.233416][T12665] netlink: 'syz.4.2493': attribute type 21 has an invalid length. [ 163.233478][T12658] 8021q: adding VLAN 0 to HW filter on device bond1 [ 163.233990][T12665] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2493'. [ 163.235371][T12665] netlink: 'syz.4.2493': attribute type 21 has an invalid length. [ 163.235412][T12665] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2493'. [ 163.268137][T12658] bond1: (slave bridge1): making interface the new active one [ 163.270573][T12658] bridge1: entered promiscuous mode [ 163.272651][T12658] bond1: (slave bridge1): Enslaving as an active interface with an up link [ 163.343617][ T40] audit: type=1400 audit(1748932671.083:944): avc: denied { setopt } for pid=12671 comm="syz.2.2496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 163.344175][T12680] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2498'. [ 163.378145][T12681] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048) [ 163.410148][T12688] binfmt_misc: register: failed to install interpreter file ./file0 [ 163.416436][T12686] netlink: 'syz.1.2501': attribute type 10 has an invalid length. [ 163.514504][T12702] IPv6: NLM_F_REPLACE set, but no existing node found! [ 163.552685][T12704] Cannot find set identified by id 3 to match [ 163.645975][T12708] netlink: 100 bytes leftover after parsing attributes in process `syz.4.2511'. [ 163.766712][T12719] program syz.1.2514 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 163.825720][ T40] audit: type=1400 audit(1748932671.573:945): avc: denied { listen } for pid=12722 comm="syz.2.2517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 163.883291][T12726] program syz.2.2518 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 163.964675][ T40] audit: type=1400 audit(1748932671.703:946): avc: denied { lock } for pid=12732 comm="syz.2.2520" path="/91/file0/cpuset.effective_cpus" dev="9p" ino=35913910 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 164.039292][T12735] bond3: entered promiscuous mode [ 164.041712][T12735] 8021q: adding VLAN 0 to HW filter on device bond3 [ 164.057826][T12735] bond3: (slave bridge2): making interface the new active one [ 164.061487][T12735] bridge2: entered promiscuous mode [ 164.064617][T12735] bond3: (slave bridge2): Enslaving as an active interface with an up link [ 164.221411][T12751] IPv6: NLM_F_REPLACE set, but no existing node found! [ 164.285470][T12758] ieee802154 phy0 wpan0: encryption failed: -22 [ 164.295844][T12758] ieee802154 phy0 wpan0: encryption failed: -22 [ 164.774693][T12789] bond5: entered promiscuous mode [ 164.778608][T12789] 8021q: adding VLAN 0 to HW filter on device bond5 [ 164.807930][T12789] bond5: (slave bridge3): making interface the new active one [ 164.810628][T12789] bridge3: entered promiscuous mode [ 164.812831][T12789] bond5: (slave bridge3): Enslaving as an active interface with an up link [ 164.903025][T12797] ubi: mtd0 is already attached to ubi2 [ 165.069208][T12814] Cannot find set identified by id 3 to match [ 165.174846][T12848] FAULT_INJECTION: forcing a failure. [ 165.174846][T12848] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 165.180626][T12848] CPU: 3 UID: 0 PID: 12848 Comm: syz.1.2556 Not tainted 6.15.0-syzkaller-03478-gc89756bcf406 #0 PREEMPT(full) [ 165.180651][T12848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 165.180662][T12848] Call Trace: [ 165.180668][T12848] [ 165.180676][T12848] dump_stack_lvl+0x16c/0x1f0 [ 165.180707][T12848] should_fail_ex+0x512/0x640 [ 165.180729][T12848] should_fail_alloc_page+0xe7/0x130 [ 165.180750][T12848] prepare_alloc_pages+0x3c2/0x610 [ 165.180779][T12848] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 165.180803][T12848] ? find_held_lock+0x2b/0x80 [ 165.180823][T12848] ? dquot_add_space+0x3be/0xe00 [ 165.180842][T12848] ? bpf_lsm_capable+0x9/0x10 [ 165.180868][T12848] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 165.180889][T12848] ? dquot_add_space+0x3be/0xe00 [ 165.180908][T12848] ? find_held_lock+0x2b/0x80 [ 165.180928][T12848] ? __dquot_alloc_space+0x452/0xe20 [ 165.180953][T12848] ? __lock_acquire+0xb8a/0x1c90 [ 165.180976][T12848] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 165.181006][T12848] ? policy_nodemask+0xea/0x4e0 [ 165.181028][T12848] alloc_pages_mpol+0x1fb/0x550 [ 165.181048][T12848] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 165.181075][T12848] folio_alloc_mpol_noprof+0x36/0x2f0 [ 165.181099][T12848] shmem_alloc_folio+0x135/0x160 [ 165.181125][T12848] shmem_alloc_and_add_folio+0x499/0xc20 [ 165.181160][T12848] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 165.181191][T12848] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 165.181224][T12848] shmem_get_folio_gfp+0x67f/0x1600 [ 165.181247][T12848] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 165.181277][T12848] ? __pfx___might_resched+0x10/0x10 [ 165.181303][T12848] shmem_fallocate+0x795/0xf50 [ 165.181338][T12848] ? __pfx_shmem_fallocate+0x10/0x10 [ 165.181354][T12848] ? get_pid_task+0x106/0x250 [ 165.181377][T12848] ? proc_fail_nth_write+0x9f/0x250 [ 165.181408][T12848] ? __lock_acquire+0xb8a/0x1c90 [ 165.181453][T12848] ? __pfx_shmem_fallocate+0x10/0x10 [ 165.181472][T12848] vfs_fallocate+0x608/0x10c0 [ 165.181501][T12848] ? __pfx_vfs_fallocate+0x10/0x10 [ 165.181536][T12848] __x64_sys_fallocate+0xd5/0x150 [ 165.181557][T12848] do_syscall_64+0xcd/0x4c0 [ 165.181575][T12848] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.181593][T12848] RIP: 0033:0x7fd2ae58e969 [ 165.181608][T12848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.181623][T12848] RSP: 002b:00007fd2af41c038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 165.181641][T12848] RAX: ffffffffffffffda RBX: 00007fd2ae7b5fa0 RCX: 00007fd2ae58e969 [ 165.181652][T12848] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 165.181661][T12848] RBP: 00007fd2af41c090 R08: 0000000000000000 R09: 0000000000000000 [ 165.181672][T12848] R10: 00000000001001f3 R11: 0000000000000246 R12: 0000000000000002 [ 165.181684][T12848] R13: 0000000000000000 R14: 00007fd2ae7b5fa0 R15: 00007ffc43bd05e8 [ 165.181709][T12848] [ 165.216931][T12855] ubi: mtd0 is already attached to ubi2 [ 165.218413][ T6077] usb 9-1: new high-speed USB device number 12 using dummy_hcd [ 165.340876][T12859] IPv6: NLM_F_REPLACE set, but no existing node found! [ 165.478451][ T6077] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 165.482560][ T6077] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 165.486748][ T6077] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.494123][T12801] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 165.505790][ T6077] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 165.585679][T12866] loop6: detected capacity change from 0 to 524287999 [ 165.597926][T12866] Buffer I/O error on dev loop6, logical block 0, async page read [ 165.611998][T12866] Buffer I/O error on dev loop6, logical block 0, async page read [ 165.614476][T12866] Buffer I/O error on dev loop6, logical block 0, async page read [ 165.617271][T12866] Buffer I/O error on dev loop6, logical block 0, async page read [ 165.619737][T12866] Buffer I/O error on dev loop6, logical block 0, async page read [ 165.622239][T12866] Buffer I/O error on dev loop6, logical block 0, async page read [ 165.624695][T12866] Buffer I/O error on dev loop6, logical block 0, async page read [ 165.627671][T12866] Buffer I/O error on dev loop6, logical block 0, async page read [ 165.630118][T12866] ldm_validate_partition_table(): Disk read failed. [ 165.635241][T12866] Buffer I/O error on dev loop6, logical block 0, async page read [ 165.637682][T12866] Buffer I/O error on dev loop6, logical block 0, async page read [ 165.640535][T12866] Dev loop6: unable to read RDB block 0 [ 165.642535][T12866] loop6: unable to read partition table [ 165.644746][T12866] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 165.773540][ T6077] usb 9-1: USB disconnect, device number 12 [ 165.935831][T12882] overlayfs: failed to get inode (-116) [ 165.938468][T12882] overlayfs: failed to get inode (-116) [ 166.319639][T12908] FAULT_INJECTION: forcing a failure. [ 166.319639][T12908] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 166.324796][T12908] CPU: 0 UID: 0 PID: 12908 Comm: syz.1.2578 Not tainted 6.15.0-syzkaller-03478-gc89756bcf406 #0 PREEMPT(full) [ 166.324821][T12908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 166.324832][T12908] Call Trace: [ 166.324838][T12908] [ 166.324844][T12908] dump_stack_lvl+0x16c/0x1f0 [ 166.324876][T12908] should_fail_ex+0x512/0x640 [ 166.324896][T12908] should_fail_alloc_page+0xe7/0x130 [ 166.324917][T12908] prepare_alloc_pages+0x3c2/0x610 [ 166.324944][T12908] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 166.324966][T12908] ? find_held_lock+0x2b/0x80 [ 166.324985][T12908] ? dquot_add_space+0x3be/0xe00 [ 166.325004][T12908] ? bpf_lsm_capable+0x9/0x10 [ 166.325031][T12908] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 166.325069][T12908] ? dquot_add_space+0x3be/0xe00 [ 166.325091][T12908] ? find_held_lock+0x2b/0x80 [ 166.325112][T12908] ? __dquot_alloc_space+0x452/0xe20 [ 166.325135][T12908] ? __lock_acquire+0xb8a/0x1c90 [ 166.325157][T12908] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 166.325186][T12908] ? policy_nodemask+0xea/0x4e0 [ 166.325206][T12908] alloc_pages_mpol+0x1fb/0x550 [ 166.325226][T12908] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 166.325252][T12908] folio_alloc_mpol_noprof+0x36/0x2f0 [ 166.325273][T12908] shmem_alloc_folio+0x135/0x160 [ 166.325305][T12908] shmem_alloc_and_add_folio+0x499/0xc20 [ 166.325339][T12908] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 166.325370][T12908] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 166.325402][T12908] shmem_get_folio_gfp+0x67f/0x1600 [ 166.325427][T12908] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 166.325456][T12908] ? __pfx___might_resched+0x10/0x10 [ 166.325480][T12908] shmem_fallocate+0x795/0xf50 [ 166.325508][T12908] ? __pfx_shmem_fallocate+0x10/0x10 [ 166.325523][T12908] ? get_pid_task+0x106/0x250 [ 166.325547][T12908] ? proc_fail_nth_write+0x9f/0x250 [ 166.325578][T12908] ? __lock_acquire+0xb8a/0x1c90 [ 166.325620][T12908] ? __pfx_shmem_fallocate+0x10/0x10 [ 166.325636][T12908] vfs_fallocate+0x608/0x10c0 [ 166.325668][T12908] ? __pfx_vfs_fallocate+0x10/0x10 [ 166.325701][T12908] __x64_sys_fallocate+0xd5/0x150 [ 166.325721][T12908] do_syscall_64+0xcd/0x4c0 [ 166.325739][T12908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.325756][T12908] RIP: 0033:0x7fd2ae58e969 [ 166.325771][T12908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.325787][T12908] RSP: 002b:00007fd2af41c038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 166.325804][T12908] RAX: ffffffffffffffda RBX: 00007fd2ae7b5fa0 RCX: 00007fd2ae58e969 [ 166.325815][T12908] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 166.325825][T12908] RBP: 00007fd2af41c090 R08: 0000000000000000 R09: 0000000000000000 [ 166.325834][T12908] R10: 00000000001001f3 R11: 0000000000000246 R12: 0000000000000002 [ 166.325845][T12908] R13: 0000000000000000 R14: 00007fd2ae7b5fa0 R15: 00007ffc43bd05e8 [ 166.325868][T12908] [ 166.331087][T12909] IPv6: NLM_F_REPLACE set, but no existing node found! [ 166.539510][T12915] pimreg: entered allmulticast mode [ 166.542385][T12915] xt_limit: Overflow, try lower: 1207959552/384 [ 166.735793][T12926] __nla_validate_parse: 1 callbacks suppressed [ 166.735804][T12926] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2586'. [ 166.749451][T12926] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR [ 166.936125][ T40] kauditd_printk_skb: 8 callbacks suppressed [ 166.936142][ T40] audit: type=1326 audit(166.371:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12899 comm="syz.2.2576" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346dd8e969 code=0x7fc00000 [ 166.988741][T12942] validate_nla: 6 callbacks suppressed [ 166.988753][T12942] netlink: 'syz.5.2590': attribute type 1 has an invalid length. [ 167.014485][T12942] bond6: entered promiscuous mode [ 167.024350][T12942] 8021q: adding VLAN 0 to HW filter on device bond6 [ 167.040791][T12942] bond6: (slave bridge4): making interface the new active one [ 167.042152][T12954] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2595'. [ 167.043126][T12942] bridge4: entered promiscuous mode [ 167.043861][T12942] bond6: (slave bridge4): Enslaving as an active interface with an up link [ 167.070491][T12956] Cannot find set identified by id 3 to match [ 167.132400][ T40] audit: type=1400 audit(166.561:956): avc: denied { write } for pid=12957 comm="syz.4.2597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 167.154714][T12965] IPv6: NLM_F_REPLACE set, but no existing node found! [ 167.357246][T12987] ªªªªªª: renamed from lo (while UP) [ 167.382326][T12992] openvswitch: netlink: nsh attribute has 2 unknown bytes. [ 167.480550][ T40] audit: type=1400 audit(166.911:957): avc: denied { mount } for pid=13003 comm="syz.5.2618" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 167.543931][T13019] netlink: 'syz.2.2622': attribute type 1 has an invalid length. [ 167.556604][T13019] bond2: entered promiscuous mode [ 167.558374][T13019] 8021q: adding VLAN 0 to HW filter on device bond2 [ 167.579769][T13019] bond2: (slave bridge1): making interface the new active one [ 167.583426][T13019] bridge1: entered promiscuous mode [ 167.596204][T13019] bond2: (slave bridge1): Enslaving as an active interface with an up link [ 167.654656][T13028] Cannot find set identified by id 3 to match [ 167.769085][ T40] audit: type=1400 audit(167.201:958): avc: denied { listen } for pid=13029 comm="syz.2.2626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 167.794809][ T40] audit: type=1400 audit(167.201:959): avc: denied { accept } for pid=13029 comm="syz.2.2626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 167.823762][T13036] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2626'. [ 167.870284][T13038] IPv6: NLM_F_REPLACE set, but no existing node found! [ 167.968599][T13048] netlink: 'syz.2.2631': attribute type 10 has an invalid length. [ 168.022130][T13054] openvswitch: netlink: Key type 16144 is out of range max 32 [ 168.053683][T13056] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2637'. [ 168.057146][T13056] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2637'. [ 168.334294][ T40] audit: type=1400 audit(167.761:960): avc: denied { unmount } for pid=12053 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 168.443173][T13078] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes. [ 168.447966][ T40] audit: type=1400 audit(167.881:961): avc: denied { append } for pid=13077 comm="syz.4.2645" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 168.458464][ T40] audit: type=1400 audit(167.881:962): avc: denied { map } for pid=13077 comm="syz.4.2645" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 168.478236][ T40] audit: type=1400 audit(167.881:963): avc: denied { write execute } for pid=13077 comm="syz.4.2645" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 168.482162][T13080] tipc: Enabling of bearer rejected, already enabled [ 168.542800][T13084] netlink: 'syz.2.2647': attribute type 1 has an invalid length. [ 168.564053][T13084] bond3: entered promiscuous mode [ 168.566322][T13084] 8021q: adding VLAN 0 to HW filter on device bond3 [ 168.577065][T13084] bond3: (slave bridge2): making interface the new active one [ 168.579334][T13084] bridge2: entered promiscuous mode [ 168.581461][T13084] bond3: (slave bridge2): Enslaving as an active interface with an up link [ 168.607625][ T40] audit: type=1400 audit(168.041:964): avc: denied { bind } for pid=13081 comm="syz.4.2648" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 168.676447][T13091] Cannot find set identified by id 3 to match [ 168.729016][T13093] openvswitch: netlink: Geneve opt len 10 is not a multiple of 4. [ 168.787802][T13099] futex_wake_op: syz.2.2654 tries to shift op by 32; fix this program [ 168.869258][T13106] syz.4.2651 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 169.112936][T13129] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2665'. [ 169.148191][T13127] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13127 comm=syz.5.2664 [ 169.176326][T13138] netlink: 'syz.2.2668': attribute type 10 has an invalid length. [ 169.243076][T13147] ªªªªªª: renamed from lo (while UP) [ 169.271616][T13136] tipc: Enabled bearer , priority 0 [ 169.314840][T13136] syzkaller0: entered promiscuous mode [ 169.318248][T13136] syzkaller0: entered allmulticast mode [ 169.320786][T13136] tipc: Resetting bearer [ 169.334002][T13135] tipc: Resetting bearer [ 169.356842][T13156] netlink: 'syz.5.2676': attribute type 1 has an invalid length. [ 169.435203][ T836] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 169.599252][ T836] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 169.602971][ T836] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 169.606330][ T836] usb 6-1: Product: syz [ 169.608144][ T836] usb 6-1: Manufacturer: syz [ 169.610142][ T836] usb 6-1: SerialNumber: syz [ 169.623762][ T836] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 169.781493][ T836] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 169.989206][T13141] xt_hashlimit: size too large, truncated to 1048576 [ 170.536761][T13135] tipc: Disabling bearer [ 170.542632][T13154] tipc: Enabling of bearer rejected, already enabled [ 170.545681][T13156] workqueue: Failed to create a rescuer kthread for wq "bond7": -EINTR [ 170.634921][ T53] usb 6-1: USB disconnect, device number 19 [ 170.641854][T13168] Cannot find set identified by id 3 to match [ 170.815488][ T836] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 170.818562][ T836] ath9k_htc: Failed to initialize the device [ 170.825128][ T53] usb 6-1: ath9k_htc: USB layer deinitialized [ 170.853085][T13178] overlayfs: failed to resolve '/[Öœäß1Eà': -2 [ 171.280425][T13208] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2696'. [ 171.350232][T13222] netlink: 'syz.1.2701': attribute type 10 has an invalid length. [ 171.435696][T13232] tipc: Started in network mode [ 171.437636][T13232] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 171.442216][T13232] tipc: Enabled bearer , priority 10 [ 171.472562][T13235] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2704'. [ 171.523661][T13245] Cannot find set identified by id 3 to match [ 171.568668][T13249] option changes via remount are deprecated (pid=13248 comm=syz.2.2711) [ 171.582803][T13255] netlink: 'syz.1.2712': attribute type 1 has an invalid length. [ 171.609122][T13255] bond2: entered promiscuous mode [ 171.618826][T13255] 8021q: adding VLAN 0 to HW filter on device bond2 [ 171.640092][T13255] bond2: (slave bridge2): making interface the new active one [ 171.643260][T13255] bridge2: entered promiscuous mode [ 171.650276][T13255] bond2: (slave bridge2): Enslaving as an active interface with an up link [ 171.659347][T13260] blkio.reset_stats is deprecated [ 172.080301][T13313] netlink: 'syz.2.2735': attribute type 10 has an invalid length. [ 172.239021][T13304] hid-generic 0003:0627:0001.0001: pid 13304 passed too large report [ 172.242418][T13304] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 808 [ 172.246540][T13322] tipc: Enabled bearer , priority 10 [ 172.384599][T13331] Cannot find set identified by id 3 to match [ 172.577193][ T836] tipc: Node number set to 4269801488 [ 172.641671][T13348] netlink: 'syz.1.2748': attribute type 1 has an invalid length. [ 172.653692][T13348] bond3: entered promiscuous mode [ 172.655562][T13348] 8021q: adding VLAN 0 to HW filter on device bond3 [ 172.665830][T13348] bond3: (slave bridge3): making interface the new active one [ 172.666241][ T10] usb 9-1: new high-speed USB device number 13 using dummy_hcd [ 172.668493][T13348] bridge3: entered promiscuous mode [ 172.669002][T13348] bond3: (slave bridge3): Enslaving as an active interface with an up link [ 172.825265][ T10] usb 9-1: Using ep0 maxpacket: 8 [ 172.828123][ T10] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 172.831201][ T10] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 172.834219][ T10] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 172.837408][ T10] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 172.838584][ T40] kauditd_printk_skb: 5 callbacks suppressed [ 172.838598][ T40] audit: type=1400 audit(172.271:970): avc: denied { map } for pid=13354 comm="syz.5.2751" path="/dev/dlm_plock" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 172.841334][ T10] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 172.843652][ T40] audit: type=1400 audit(172.271:971): avc: denied { execute } for pid=13354 comm="syz.5.2751" path="/dev/dlm_plock" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 172.850488][ T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.060753][ T10] usb 9-1: GET_CAPABILITIES returned 0 [ 173.062739][ T10] usbtmc 9-1:16.0: can't read capabilities [ 173.261927][ C2] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 173.268554][T13335] overlayfs: conflicting options: userxattr,verity=on [ 173.281693][T13390] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 173.306613][ T837] usb 9-1: USB disconnect, device number 13 [ 173.357768][T13398] netlink: 'syz.5.2767': attribute type 10 has an invalid length. [ 173.366780][ T1469] tipc: Node number set to 4269801488 [ 173.394887][T13400] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2768'. [ 173.394951][T13401] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2768'. [ 173.614823][T13415] tipc: Enabling of bearer rejected, already enabled [ 173.703813][T13421] Cannot find set identified by id 3 to match [ 173.817909][T13435] netlink: 'syz.1.2781': attribute type 1 has an invalid length. [ 173.833624][T13435] bond4: entered promiscuous mode [ 173.835687][T13435] 8021q: adding VLAN 0 to HW filter on device bond4 [ 173.856762][T13435] bond4: (slave bridge4): making interface the new active one [ 173.859569][T13435] bridge4: entered promiscuous mode [ 173.862409][T13435] bond4: (slave bridge4): Enslaving as an active interface with an up link [ 174.052192][T13468] Cannot find add_set index 4 as target [ 174.054681][ T40] audit: type=1400 audit(173.481:972): avc: denied { setopt } for pid=13467 comm="syz.5.2793" lport=35416 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 174.072609][T13472] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0 [ 174.143332][T13486] netlink: 'syz.1.2801': attribute type 10 has an invalid length. [ 174.180438][T13492] tipc: Enabling of bearer rejected, already enabled [ 174.249393][T13504] Cannot find set identified by id 3 to match [ 174.318087][T13516] netlink: 'syz.1.2813': attribute type 1 has an invalid length. [ 174.334248][T13516] bond5: entered promiscuous mode [ 174.337236][T13516] 8021q: adding VLAN 0 to HW filter on device bond5 [ 174.340329][T13514] netlink: 'syz.2.2814': attribute type 12 has an invalid length. [ 174.347304][ T40] audit: type=1400 audit(173.781:973): avc: denied { bind } for pid=13513 comm="syz.2.2814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 174.351432][T13516] bond5: (slave bridge5): making interface the new active one [ 174.356483][T13516] bridge5: entered promiscuous mode [ 174.359167][T13516] bond5: (slave bridge5): Enslaving as an active interface with an up link [ 174.362967][T13514] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2814'. [ 174.401681][T13523] ptrace attach of "/syz-executor exec"[11890] was attempted by "/syz-executor exec"[13523] [ 174.635029][ T40] audit: type=1400 audit(174.061:974): avc: denied { read } for pid=13555 comm="syz.4.2828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 174.663959][T13556] syzkaller0: entered promiscuous mode [ 174.666042][T13556] syzkaller0: entered allmulticast mode [ 174.718010][ T40] audit: type=1400 audit(174.141:975): avc: denied { listen } for pid=13563 comm="syz.5.2832" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 174.745640][ T40] audit: type=1400 audit(174.171:976): avc: denied { accept } for pid=13563 comm="syz.5.2832" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 174.815408][T13574] netlink: 'syz.1.2834': attribute type 10 has an invalid length. [ 175.968087][ T40] audit: type=1400 audit(175.401:977): avc: denied { bind } for pid=13576 comm="syz.5.2835" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 175.973308][T13577] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2835'. [ 175.996095][T13581] tipc: Enabling of bearer rejected, already enabled [ 176.036908][ T40] audit: type=1400 audit(175.471:978): avc: denied { ioctl } for pid=13584 comm="syz.1.2839" path="socket:[62956]" dev="sockfs" ino=62956 ioctlcmd=0x9413 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 176.037831][T13589] Cannot find set identified by id 3 to match [ 176.045934][ T40] audit: type=1400 audit(175.471:979): avc: denied { read } for pid=13584 comm="syz.1.2839" lport=4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 176.183143][T13607] netlink: 'syz.5.2847': attribute type 1 has an invalid length. [ 176.200186][T13607] bond7: entered promiscuous mode [ 176.201968][T13607] 8021q: adding VLAN 0 to HW filter on device bond7 [ 176.218058][T13607] bond7: (slave bridge5): making interface the new active one [ 176.220424][T13607] bridge5: entered promiscuous mode [ 176.222559][T13607] bond7: (slave bridge5): Enslaving as an active interface with an up link [ 176.476511][T13646] Bluetooth: hci0: Opcode 0x080f failed: -22 [ 176.479320][T13646] No source specified [ 176.614060][T13664] netlink: 'syz.5.2869': attribute type 10 has an invalid length. [ 176.614121][T13667] tipc: Enabling of bearer rejected, already enabled [ 176.657445][T13677] Cannot find set identified by id 3 to match [ 176.727976][T13672] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2872'. [ 176.728123][T13672] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2872'. [ 176.743479][T13687] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2878'. [ 176.989894][T13701] bond2: entered promiscuous mode [ 176.991761][T13701] 8021q: adding VLAN 0 to HW filter on device bond2 [ 177.011459][T13701] bond2: (slave bridge4): making interface the new active one [ 177.013782][T13701] bridge4: entered promiscuous mode [ 177.016810][T13701] bond2: (slave bridge4): Enslaving as an active interface with an up link [ 177.110931][T13719] binder: 13718:13719 ioctl 8030942b 200000000540 returned -22 [ 177.222656][T13738] tipc: Enabling of bearer rejected, already enabled [ 177.258585][T13742] A link change request failed with some changes committed already. Interface ªªªªªª may have been left with an inconsistent configuration, please check. [ 177.264489][T13744] A link change request failed with some changes committed already. Interface ªªªªªª may have been left with an inconsistent configuration, please check. [ 177.270144][T13745] validate_nla: 1 callbacks suppressed [ 177.270159][T13745] netlink: 'syz.2.2903': attribute type 10 has an invalid length. [ 177.279837][T13745] bond0: (slave wlan1): Enslaving as an active interface with a down link [ 177.380031][T13750] Cannot find set identified by id 3 to match [ 177.527340][T13768] IPv6: NLM_F_REPLACE set, but no existing node found! [ 177.553625][T13770] netlink: 'syz.1.2915': attribute type 1 has an invalid length. [ 177.566593][T13770] bond6: entered promiscuous mode [ 177.568442][T13770] 8021q: adding VLAN 0 to HW filter on device bond6 [ 177.583032][T13770] bond6: (slave bridge6): making interface the new active one [ 177.585457][T13770] bridge6: entered promiscuous mode [ 177.587619][T13770] bond6: (slave bridge6): Enslaving as an active interface with an up link [ 177.655259][T13787] input: syz0 as /devices/virtual/input/input16 [ 177.749828][T13799] netlink: 'syz.2.2928': attribute type 3 has an invalid length. [ 177.752241][T13799] netlink: 'syz.2.2928': attribute type 1 has an invalid length. [ 177.754589][T13799] netlink: 189852 bytes leftover after parsing attributes in process `syz.2.2928'. [ 178.075164][ T837] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 178.090106][T13830] netlink: 'syz.4.2942': attribute type 1 has an invalid length. [ 178.110525][T13830] bond3: entered promiscuous mode [ 178.112867][T13830] 8021q: adding VLAN 0 to HW filter on device bond3 [ 178.131852][T13830] bond3: (slave bridge5): making interface the new active one [ 178.135149][T13830] bridge5: entered promiscuous mode [ 178.138401][T13830] bond3: (slave bridge5): Enslaving as an active interface with an up link [ 178.225306][ T837] usb 6-1: Using ep0 maxpacket: 16 [ 178.229066][ T837] usb 6-1: config 0 has an invalid interface number: 114 but max is 0 [ 178.237555][ T837] usb 6-1: config 0 has no interface number 0 [ 178.240045][ T837] usb 6-1: config 0 interface 114 has no altsetting 0 [ 178.246177][ T837] usb 6-1: New USB device found, idVendor=1c04, idProduct=0015, bcdDevice=f2.69 [ 178.249760][ T837] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 178.256913][ T837] usb 6-1: Product: syz [ 178.258660][ T837] usb 6-1: Manufacturer: syz [ 178.260551][ T837] usb 6-1: SerialNumber: syz [ 178.264726][ T837] usb 6-1: config 0 descriptor?? [ 178.448667][T13859] FAULT_INJECTION: forcing a failure. [ 178.448667][T13859] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 178.453389][T13859] CPU: 0 UID: 0 PID: 13859 Comm: syz.2.2955 Not tainted 6.15.0-syzkaller-03478-gc89756bcf406 #0 PREEMPT(full) [ 178.453405][T13859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 178.453412][T13859] Call Trace: [ 178.453417][T13859] [ 178.453421][T13859] dump_stack_lvl+0x16c/0x1f0 [ 178.453446][T13859] should_fail_ex+0x512/0x640 [ 178.453460][T13859] should_fail_alloc_page+0xe7/0x130 [ 178.453474][T13859] prepare_alloc_pages+0x3c2/0x610 [ 178.453492][T13859] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 178.453507][T13859] ? find_held_lock+0x2b/0x80 [ 178.453519][T13859] ? dquot_add_space+0x3be/0xe00 [ 178.453532][T13859] ? bpf_lsm_capable+0x9/0x10 [ 178.453550][T13859] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 178.453562][T13859] ? dquot_add_space+0x3be/0xe00 [ 178.453574][T13859] ? find_held_lock+0x2b/0x80 [ 178.453586][T13859] ? __dquot_alloc_space+0x452/0xe20 [ 178.453601][T13859] ? __lock_acquire+0xb8a/0x1c90 [ 178.453615][T13859] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 178.453635][T13859] ? policy_nodemask+0xea/0x4e0 [ 178.453648][T13859] alloc_pages_mpol+0x1fb/0x550 [ 178.453660][T13859] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 178.453676][T13859] folio_alloc_mpol_noprof+0x36/0x2f0 [ 178.453691][T13859] shmem_alloc_folio+0x135/0x160 [ 178.453708][T13859] shmem_alloc_and_add_folio+0x499/0xc20 [ 178.453729][T13859] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 178.453749][T13859] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 178.453769][T13859] shmem_get_folio_gfp+0x67f/0x1600 [ 178.453783][T13859] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 178.453802][T13859] ? __pfx___might_resched+0x10/0x10 [ 178.453817][T13859] shmem_fallocate+0x795/0xf50 [ 178.453834][T13859] ? __pfx_shmem_fallocate+0x10/0x10 [ 178.453844][T13859] ? get_pid_task+0x106/0x250 [ 178.453859][T13859] ? proc_fail_nth_write+0x9f/0x250 [ 178.453880][T13859] ? __lock_acquire+0xb8a/0x1c90 [ 178.453905][T13859] ? __pfx_shmem_fallocate+0x10/0x10 [ 178.453916][T13859] vfs_fallocate+0x608/0x10c0 [ 178.453936][T13859] ? __pfx_vfs_fallocate+0x10/0x10 [ 178.453957][T13859] __x64_sys_fallocate+0xd5/0x150 [ 178.453969][T13859] do_syscall_64+0xcd/0x4c0 [ 178.453982][T13859] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.453993][T13859] RIP: 0033:0x7f346dd8e969 [ 178.454003][T13859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.454013][T13859] RSP: 002b:00007f346ecda038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 178.454024][T13859] RAX: ffffffffffffffda RBX: 00007f346dfb5fa0 RCX: 00007f346dd8e969 [ 178.454031][T13859] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 178.454037][T13859] RBP: 00007f346ecda090 R08: 0000000000000000 R09: 0000000000000000 [ 178.454043][T13859] R10: 00000000001001f3 R11: 0000000000000246 R12: 0000000000000002 [ 178.454050][T13859] R13: 0000000000000000 R14: 00007f346dfb5fa0 R15: 00007ffd3565e838 [ 178.454064][T13859] [ 178.470034][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 178.470048][ T40] audit: type=1400 audit(177.901:983): avc: denied { map } for pid=13812 comm="syz.1.2934" path="/dev/video8" dev="devtmpfs" ino=976 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 178.471331][ T5992] usb 6-1: USB disconnect, device number 20 [ 178.496395][ T5942] Bluetooth: hci0: command tx timeout [ 178.739823][T13886] syz_tun: entered allmulticast mode [ 178.759482][T13886] syz_tun: left allmulticast mode [ 178.817041][T13896] IPVS: sync thread started: state = BACKUP, mcast_ifn = wlan1, syncid = 5, id = 0 [ 178.884753][T13902] netlink: 'syz.2.2974': attribute type 1 has an invalid length. [ 178.897926][T13902] bond4: entered promiscuous mode [ 178.900061][T13902] 8021q: adding VLAN 0 to HW filter on device bond4 [ 178.911462][T13902] bond4: (slave bridge3): making interface the new active one [ 178.914303][T13902] bridge3: entered promiscuous mode [ 178.917137][T13902] bond4: (slave bridge3): Enslaving as an active interface with an up link [ 179.136033][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 179.338661][T13935] FAULT_INJECTION: forcing a failure. [ 179.338661][T13935] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 179.343621][ T40] audit: type=1400 audit(178.771:984): avc: denied { setopt } for pid=13932 comm="syz.5.2986" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 179.353344][T13935] CPU: 0 UID: 0 PID: 13935 Comm: syz.4.2988 Not tainted 6.15.0-syzkaller-03478-gc89756bcf406 #0 PREEMPT(full) [ 179.353360][T13935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 179.353367][T13935] Call Trace: [ 179.353370][T13935] [ 179.353375][T13935] dump_stack_lvl+0x16c/0x1f0 [ 179.353397][T13935] should_fail_ex+0x512/0x640 [ 179.353411][T13935] should_fail_alloc_page+0xe7/0x130 [ 179.353424][T13935] prepare_alloc_pages+0x3c2/0x610 [ 179.353442][T13935] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 179.353457][T13935] ? find_held_lock+0x2b/0x80 [ 179.353469][T13935] ? dquot_add_space+0x3be/0xe00 [ 179.353482][T13935] ? bpf_lsm_capable+0x9/0x10 [ 179.353500][T13935] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 179.353512][T13935] ? dquot_add_space+0x3be/0xe00 [ 179.353525][T13935] ? find_held_lock+0x2b/0x80 [ 179.353537][T13935] ? __dquot_alloc_space+0x452/0xe20 [ 179.353551][T13935] ? __lock_acquire+0xb8a/0x1c90 [ 179.353566][T13935] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 179.353585][T13935] ? policy_nodemask+0xea/0x4e0 [ 179.353598][T13935] alloc_pages_mpol+0x1fb/0x550 [ 179.353610][T13935] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 179.353625][T13935] folio_alloc_mpol_noprof+0x36/0x2f0 [ 179.353640][T13935] shmem_alloc_folio+0x135/0x160 [ 179.353656][T13935] shmem_alloc_and_add_folio+0x499/0xc20 [ 179.353677][T13935] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 179.353696][T13935] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 179.353717][T13935] shmem_get_folio_gfp+0x67f/0x1600 [ 179.353731][T13935] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 179.353749][T13935] ? __pfx___might_resched+0x10/0x10 [ 179.353765][T13935] shmem_fallocate+0x795/0xf50 [ 179.353782][T13935] ? __pfx_shmem_fallocate+0x10/0x10 [ 179.353792][T13935] ? get_pid_task+0x106/0x250 [ 179.353807][T13935] ? proc_fail_nth_write+0x9f/0x250 [ 179.353828][T13935] ? __lock_acquire+0xb8a/0x1c90 [ 179.353853][T13935] ? __pfx_shmem_fallocate+0x10/0x10 [ 179.353864][T13935] vfs_fallocate+0x608/0x10c0 [ 179.353883][T13935] ? __pfx_vfs_fallocate+0x10/0x10 [ 179.353905][T13935] __x64_sys_fallocate+0xd5/0x150 [ 179.353917][T13935] do_syscall_64+0xcd/0x4c0 [ 179.353928][T13935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.353940][T13935] RIP: 0033:0x7faabc18e969 [ 179.353949][T13935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 179.353960][T13935] RSP: 002b:00007faabd0b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 179.353971][T13935] RAX: ffffffffffffffda RBX: 00007faabc3b5fa0 RCX: 00007faabc18e969 [ 179.353977][T13935] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 179.353984][T13935] RBP: 00007faabd0b1090 R08: 0000000000000000 R09: 0000000000000000 [ 179.353990][T13935] R10: 00000000001001f3 R11: 0000000000000246 R12: 0000000000000002 [ 179.353997][T13935] R13: 0000000000000000 R14: 00007faabc3b5fa0 R15: 00007ffff0fc48b8 [ 179.354011][T13935] [ 181.002645][T13986] netlink: 'syz.1.3008': attribute type 1 has an invalid length. [ 182.264461][T13986] workqueue: Failed to create a rescuer kthread for wq "bond7": -EINTR [ 182.352536][ T40] audit: type=1400 audit(181.781:985): avc: denied { setopt } for pid=14014 comm="syz.2.3020" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 182.459134][T14025] fuse: Invalid rootmode [ 182.461243][T14028] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3025'. [ 182.463014][ T40] audit: type=1400 audit(181.891:986): avc: denied { setopt } for pid=14023 comm="syz.4.3024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 182.475812][T14028] netlink: 'syz.1.3025': attribute type 4 has an invalid length. [ 182.494068][T14030] netlink: 'syz.5.3026': attribute type 10 has an invalid length. [ 182.494636][T14032] Cannot find set identified by id 3 to match [ 182.501033][T14030] bond0: (slave wlan1): Enslaving as an active interface with a down link [ 182.513126][T14028] netlink: 'syz.1.3025': attribute type 4 has an invalid length. [ 182.573344][T14040] input input17: cannot allocate more than FF_MAX_EFFECTS effects [ 183.345279][T14048] FAULT_INJECTION: forcing a failure. [ 183.345279][T14048] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 183.350919][T14048] CPU: 0 UID: 0 PID: 14048 Comm: syz.4.3032 Not tainted 6.15.0-syzkaller-03478-gc89756bcf406 #0 PREEMPT(full) [ 183.350944][T14048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 183.350955][T14048] Call Trace: [ 183.350961][T14048] [ 183.350968][T14048] dump_stack_lvl+0x16c/0x1f0 [ 183.351000][T14048] should_fail_ex+0x512/0x640 [ 183.351021][T14048] should_fail_alloc_page+0xe7/0x130 [ 183.351042][T14048] prepare_alloc_pages+0x3c2/0x610 [ 183.351075][T14048] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 183.351108][T14048] ? find_held_lock+0x2b/0x80 [ 183.351128][T14048] ? dquot_add_space+0x3be/0xe00 [ 183.351147][T14048] ? bpf_lsm_capable+0x9/0x10 [ 183.351178][T14048] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 183.351197][T14048] ? dquot_add_space+0x3be/0xe00 [ 183.351217][T14048] ? find_held_lock+0x2b/0x80 [ 183.351236][T14048] ? __dquot_alloc_space+0x452/0xe20 [ 183.351260][T14048] ? __lock_acquire+0xb8a/0x1c90 [ 183.351283][T14048] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 183.351313][T14048] ? policy_nodemask+0xea/0x4e0 [ 183.351334][T14048] alloc_pages_mpol+0x1fb/0x550 [ 183.351353][T14048] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 183.351378][T14048] folio_alloc_mpol_noprof+0x36/0x2f0 [ 183.351402][T14048] shmem_alloc_folio+0x135/0x160 [ 183.351428][T14048] shmem_alloc_and_add_folio+0x499/0xc20 [ 183.351461][T14048] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 183.351491][T14048] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 183.351523][T14048] shmem_get_folio_gfp+0x67f/0x1600 [ 183.351547][T14048] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 183.351577][T14048] ? __pfx___might_resched+0x10/0x10 [ 183.351606][T14048] shmem_fallocate+0x795/0xf50 [ 183.351640][T14048] ? __pfx_shmem_fallocate+0x10/0x10 [ 183.351655][T14048] ? get_pid_task+0x106/0x250 [ 183.351678][T14048] ? proc_fail_nth_write+0x9f/0x250 [ 183.351711][T14048] ? __lock_acquire+0xb8a/0x1c90 [ 183.351754][T14048] ? __pfx_shmem_fallocate+0x10/0x10 [ 183.351772][T14048] vfs_fallocate+0x608/0x10c0 [ 183.351803][T14048] ? __pfx_vfs_fallocate+0x10/0x10 [ 183.351838][T14048] __x64_sys_fallocate+0xd5/0x150 [ 183.351858][T14048] do_syscall_64+0xcd/0x4c0 [ 183.351878][T14048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.351896][T14048] RIP: 0033:0x7faabc18e969 [ 183.351911][T14048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 183.351928][T14048] RSP: 002b:00007faabd0b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 183.351944][T14048] RAX: ffffffffffffffda RBX: 00007faabc3b5fa0 RCX: 00007faabc18e969 [ 183.351956][T14048] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 183.351967][T14048] RBP: 00007faabd0b1090 R08: 0000000000000000 R09: 0000000000000000 [ 183.351978][T14048] R10: 00000000001001f3 R11: 0000000000000246 R12: 0000000000000002 [ 183.351988][T14048] R13: 0000000000000000 R14: 00007faabc3b5fa0 R15: 00007ffff0fc48b8 [ 183.352012][T14048] [ 184.152851][T14072] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3042'. [ 184.159149][T14070] delete_channel: no stack [ 184.336672][T14083] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3047'. [ 184.541569][T14100] Cannot find set identified by id 3 to match [ 185.732375][T14119] netlink: 'syz.4.3061': attribute type 10 has an invalid length. [ 185.739896][T14119] bond0: (slave wlan1): Enslaving as an active interface with a down link [ 185.745323][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 185.830969][T14130] netlink: 'syz.2.3067': attribute type 1 has an invalid length. [ 185.842556][T14130] bond5: entered promiscuous mode [ 185.844396][T14130] 8021q: adding VLAN 0 to HW filter on device bond5 [ 185.855771][T14130] bond5: (slave bridge4): making interface the new active one [ 185.858448][T14130] bridge4: entered promiscuous mode [ 185.863093][T14130] bond5: (slave bridge4): Enslaving as an active interface with an up link [ 185.994420][T14161] IPv6: NLM_F_REPLACE set, but no existing node found! [ 186.175865][ T40] audit: type=1400 audit(185.611:987): avc: denied { listen } for pid=14179 comm="syz.2.3088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 186.272765][T14188] netlink: 'syz.5.3092': attribute type 10 has an invalid length. [ 186.500531][T14200] netlink: 'syz.5.3097': attribute type 1 has an invalid length. [ 186.514285][T14200] bond8: entered promiscuous mode [ 186.516553][T14200] 8021q: adding VLAN 0 to HW filter on device bond8 [ 186.527597][T14200] bond8: (slave bridge6): making interface the new active one [ 186.529924][T14200] bridge6: entered promiscuous mode [ 186.532158][T14200] bond8: (slave bridge6): Enslaving as an active interface with an up link [ 186.646899][T14214] IPv6: NLM_F_REPLACE set, but no existing node found! [ 186.757235][T14180] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 186.762967][T14180] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 186.867168][ T40] audit: type=1400 audit(186.301:988): avc: denied { map } for pid=14231 comm="syz.1.3111" path="socket:[66517]" dev="sockfs" ino=66517 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 186.877053][ T40] audit: type=1400 audit(186.301:989): avc: denied { read accept } for pid=14231 comm="syz.1.3111" path="socket:[66517]" dev="sockfs" ino=66517 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 187.026389][T14251] netlink: 'syz.5.3116': attribute type 10 has an invalid length. [ 187.152790][T14257] Cannot find set identified by id 3 to match [ 188.211851][T14266] delete_channel: no stack [ 188.213811][T14266] delete_channel: no stack [ 188.215906][T14266] delete_channel: no stack [ 188.217787][T14266] delete_channel: no stack [ 188.219698][T14266] delete_channel: no stack [ 188.221606][T14266] delete_channel: no stack [ 188.223452][T14266] delete_channel: no stack [ 188.226009][T14266] delete_channel: no stack [ 188.228229][T14266] delete_channel: no stack [ 188.229753][T14266] delete_channel: no stack [ 188.231200][T14266] delete_channel: no stack [ 188.232628][T14266] delete_channel: no stack [ 188.234162][T14266] delete_channel: no stack [ 188.236236][T14266] delete_channel: no stack [ 188.238048][T14266] delete_channel: no stack [ 188.239943][T14266] delete_channel: no stack [ 188.241764][T14266] delete_channel: no stack [ 188.243168][T14272] netlink: 'syz.2.3125': attribute type 1 has an invalid length. [ 188.243597][T14266] delete_channel: no stack [ 188.250279][T14266] delete_channel: no stack [ 188.251993][T14266] delete_channel: no stack [ 188.253428][T14266] delete_channel: no stack [ 188.254528][T14272] bond6: entered promiscuous mode [ 188.254805][T14266] delete_channel: no stack [ 188.257699][T14272] 8021q: adding VLAN 0 to HW filter on device bond6 [ 188.258053][T14266] delete_channel: no stack [ 188.261269][T14266] delete_channel: no stack [ 188.262959][T14266] delete_channel: no stack [ 188.264775][T14266] delete_channel: no stack [ 188.267015][T14266] delete_channel: no stack [ 188.287878][T14266] delete_channel: no stack [ 188.289844][T14266] delete_channel: no stack [ 188.291518][T14272] bond6: (slave bridge5): making interface the new active one [ 188.291839][T14266] delete_channel: no stack [ 188.294771][T14272] bridge5: entered promiscuous mode [ 188.298519][T14266] delete_channel: no stack [ 188.300437][T14266] delete_channel: no stack [ 188.301953][T14266] delete_channel: no stack [ 188.303444][T14266] delete_channel: no stack [ 188.304946][T14266] delete_channel: no stack [ 188.306985][T14266] delete_channel: no stack [ 188.308545][T14266] delete_channel: no stack [ 188.310018][T14266] delete_channel: no stack [ 188.311500][T14266] delete_channel: no stack [ 188.312971][T14266] delete_channel: no stack [ 188.314421][T14266] delete_channel: no stack [ 188.316579][T14272] bond6: (slave bridge5): Enslaving as an active interface with an up link [ 188.317820][T14266] delete_channel: no stack [ 188.321777][T14266] delete_channel: no stack [ 188.323484][T14266] delete_channel: no stack [ 188.324997][T14266] delete_channel: no stack [ 188.326637][T14266] delete_channel: no stack [ 188.328310][T14266] delete_channel: no stack [ 188.330412][T14266] delete_channel: no stack [ 188.331992][T14266] delete_channel: no stack [ 188.333658][T14266] delete_channel: no stack [ 188.335367][T14266] delete_channel: no stack [ 188.336814][T14266] delete_channel: no stack [ 188.338318][T14266] delete_channel: no stack [ 188.339812][T14266] delete_channel: no stack [ 188.341421][T14266] delete_channel: no stack [ 188.342943][T14266] delete_channel: no stack [ 188.344462][T14266] delete_channel: no stack [ 188.346023][T14266] delete_channel: no stack [ 188.347542][T14266] delete_channel: no stack [ 188.349114][T14266] delete_channel: no stack [ 188.350650][T14266] delete_channel: no stack [ 188.352209][T14266] delete_channel: no stack [ 188.353720][T14266] delete_channel: no stack [ 188.355303][T14266] delete_channel: no stack [ 188.356943][T14266] delete_channel: no stack [ 188.562583][T14313] Cannot find set identified by id 3 to match [ 188.594790][ T40] audit: type=1400 audit(188.021:990): avc: denied { watch watch_reads } for pid=14316 comm="syz.1.3144" path="/220/file0" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=dir permissive=1 [ 188.744438][ T40] audit: type=1400 audit(188.171:991): avc: denied { ioctl } for pid=14338 comm="syz.2.3153" path="socket:[67634]" dev="sockfs" ino=67634 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 188.973948][T14368] IPv6: NLM_F_REPLACE set, but no existing node found! [ 189.036550][T14375] Cannot find set identified by id 3 to match [ 189.375269][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 190.459056][T14404] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3176'. [ 190.542404][T14411] 9pnet_fd: Insufficient options for proto=fd [ 190.602971][T14422] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3179'. [ 190.717598][T14436] netlink: 'syz.4.3185': attribute type 10 has an invalid length. [ 190.742017][T14440] tipc: New replicast peer: 255.255.255.255 [ 190.745846][T14440] tipc: Enabled bearer , priority 10 [ 190.748995][T14440] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3188'. [ 190.752464][T14440] tipc: Disabling bearer [ 190.816182][T14456] netlink: 'syz.5.3193': attribute type 1 has an invalid length. [ 190.829255][T14456] bond9: entered promiscuous mode [ 190.831144][T14456] 8021q: adding VLAN 0 to HW filter on device bond9 [ 190.856131][T14456] bond9: (slave bridge7): making interface the new active one [ 190.858468][T14456] bridge7: entered promiscuous mode [ 190.861081][T14456] bond9: (slave bridge7): Enslaving as an active interface with an up link [ 190.942568][T14472] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3200'. [ 190.946213][T14472] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3200'. [ 191.008077][T14479] Cannot find set identified by id 3 to match [ 191.052064][ T40] audit: type=1400 audit(190.481:992): avc: denied { read } for pid=14480 comm="syz.4.3203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 191.091193][ T40] audit: type=1326 audit(190.521:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14487 comm="syz.5.3206" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6575d8e969 code=0x0 [ 191.310617][T14496] 8021q: VLANs not supported on ip6tnl0 [ 191.728612][T14524] Cannot find set identified by id 3 to match [ 191.919446][ T40] audit: type=1400 audit(191.351:994): avc: denied { nlmsg_read } for pid=14535 comm="syz.2.3226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 191.973534][T14545] batadv_slave_1: entered promiscuous mode [ 191.975924][T14545] batadv_slave_1: left promiscuous mode [ 192.052758][T14562] netlink: 'syz.1.3233': attribute type 10 has an invalid length. [ 192.060961][T14562] bond0: (slave wlan1): Enslaving as an active interface with a down link [ 192.203815][T14580] tipc: Enabling of bearer rejected, already enabled [ 192.207178][ T6077] IPVS: starting estimator thread 0... [ 192.295513][T14581] IPVS: using max 41 ests per chain, 98400 per kthread [ 192.299942][ T40] audit: type=1400 audit(191.731:995): avc: denied { create } for pid=14595 comm="syz.4.3246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1 [ 192.306055][ T40] audit: type=1400 audit(191.731:996): avc: denied { accept } for pid=14595 comm="syz.4.3246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 192.318311][T14600] Cannot find set identified by id 3 to match [ 192.369622][T14611] syz.2.3251: attempt to access beyond end of device [ 192.369622][T14611] nbd2: rw=0, sector=64, nr_sectors = 1 limit=0 [ 192.374769][T14611] syz.2.3251: attempt to access beyond end of device [ 192.374769][T14611] nbd2: rw=0, sector=256, nr_sectors = 1 limit=0 [ 192.382875][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.387095][T14611] syz.2.3251: attempt to access beyond end of device [ 192.387095][T14611] nbd2: rw=0, sector=512, nr_sectors = 1 limit=0 [ 192.391510][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.397235][T14611] syz.2.3251: attempt to access beyond end of device [ 192.397235][T14611] nbd2: rw=0, sector=64, nr_sectors = 2 limit=0 [ 192.401870][T14611] syz.2.3251: attempt to access beyond end of device [ 192.401870][T14611] nbd2: rw=0, sector=512, nr_sectors = 2 limit=0 [ 192.409627][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.413321][T14611] syz.2.3251: attempt to access beyond end of device [ 192.413321][T14611] nbd2: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 192.416197][ T40] audit: type=1400 audit(191.851:997): avc: denied { read } for pid=14603 comm="syz.5.3249" lport=57872 faddr=::ffff:10.1.1.1 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 192.417877][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.428732][T14611] syz.2.3251: attempt to access beyond end of device [ 192.428732][T14611] nbd2: rw=0, sector=64, nr_sectors = 4 limit=0 [ 192.434895][T14611] syz.2.3251: attempt to access beyond end of device [ 192.434895][T14611] nbd2: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 192.440385][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.444672][T14611] syz.2.3251: attempt to access beyond end of device [ 192.444672][T14611] nbd2: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 192.448926][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.452117][T14611] syz.2.3251: attempt to access beyond end of device [ 192.452117][T14611] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0 [ 192.456752][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.460104][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.463447][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 192.496144][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.499827][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.503628][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.515794][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.520148][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.527779][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.532907][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.537185][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.540303][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 192.546971][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.550126][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.553818][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.557949][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.562913][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.567154][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.570700][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.573806][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.577047][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 192.586141][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.589131][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.594021][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.597669][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.601386][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.604795][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.608905][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.612360][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.617490][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 192.627535][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.631110][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.635480][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.638920][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.644505][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.648355][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.651374][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.654164][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.658575][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 192.666286][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.670967][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.674517][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.678632][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.682344][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.686217][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.689515][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.689584][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.689594][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 192.692750][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.692915][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.694072][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.694186][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.694556][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.694630][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.695011][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.695612][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.695626][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 192.705546][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.710527][T14627] netlink: 'syz.1.3258': attribute type 10 has an invalid length. [ 192.711284][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.743141][T14625] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3257'. [ 192.747473][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.747565][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.747898][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.756461][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.760236][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.763066][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.765859][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 192.793025][T14625] netlink: 'syz.4.3257': attribute type 13 has an invalid length. [ 192.796198][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.799676][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.802910][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.808109][T14625] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 192.809405][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.817416][ T40] audit: type=1400 audit(192.241:998): avc: denied { setopt } for pid=14624 comm="syz.4.3257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 192.823385][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.828397][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.831535][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.834592][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.838632][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 192.882560][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.885818][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.889385][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.892327][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.896130][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.899051][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.902162][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.904956][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.907821][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 192.911293][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.914444][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.918197][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.921079][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.924236][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.927191][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.930189][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.933212][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.945341][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 192.948751][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.951900][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.956198][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.959092][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.962393][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.965457][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.968578][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.971392][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.974433][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 192.986143][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.990082][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 192.994477][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 192.998630][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.002860][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.006917][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.011168][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.014299][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.019070][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 193.046521][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.049463][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.052799][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.055995][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.059703][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.062498][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.066052][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.069145][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.071927][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 193.095994][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.099074][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.102556][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.105795][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.109071][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.112002][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.115217][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.118124][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.121225][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 193.126335][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.130274][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.133513][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.137169][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.141351][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.144906][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.148944][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.152469][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.155648][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 193.160347][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.164570][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.169607][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.173440][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.177813][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.181550][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.189148][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 193.193014][T14611] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 193.196943][T14611] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 193.377636][T14656] netlink: 'syz.1.3270': attribute type 10 has an invalid length. [ 194.494689][ T1423] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.602319][T14655] tipc: Enabling of bearer rejected, already enabled [ 194.652962][T14673] netlink: 'syz.4.3279': attribute type 1 has an invalid length. [ 194.654235][T14674] netlink: 'syz.5.3278': attribute type 1 has an invalid length. [ 194.678215][T14673] bond4: entered promiscuous mode [ 194.680147][T14673] bond4: entered allmulticast mode [ 194.693681][T14674] bond10: entered promiscuous mode [ 194.695814][T14674] 8021q: adding VLAN 0 to HW filter on device bond10 [ 194.707602][T14674] bond10: (slave bridge8): making interface the new active one [ 194.710713][T14674] bridge8: entered promiscuous mode [ 194.713736][T14674] bond10: (slave bridge8): Enslaving as an active interface with an up link [ 194.731492][T14673] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14673 comm=syz.4.3279 [ 194.751769][T14685] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3280'. [ 194.755434][T14685] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3280'. [ 194.791931][T14695] Cannot find set identified by id 3 to match [ 194.960901][T14716] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3294'. [ 195.045527][ C1] ------------[ cut here ]------------ [ 195.045901][ T1150] ------------[ cut here ]------------ [ 195.047924][ C1] refcount_t: addition on 0; use-after-free. [ 195.049688][ T1150] refcount_t: saturated; leaking memory. [ 195.049924][ T1150] WARNING: CPU: 0 PID: 1150 at lib/refcount.c:19 refcount_warn_saturate+0x10d/0x210 [ 195.052320][ C1] WARNING: CPU: 1 PID: 0 at lib/refcount.c:25 refcount_warn_saturate+0x1ca/0x210 [ 195.053674][ T1150] Modules linked in: [ 195.057247][ C1] Modules linked in: [ 195.061213][ T1150] CPU: 0 UID: 0 PID: 1150 Comm: kworker/u32:8 Not tainted 6.15.0-syzkaller-03478-gc89756bcf406 #0 PREEMPT(full) [ 195.061230][ T1150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 195.061240][ T1150] Workqueue: netns cleanup_net [ 195.061267][ T1150] RIP: 0010:refcount_warn_saturate+0x10d/0x210 [ 195.061281][ T1150] Code: cb 97 0b 31 ff 89 de e8 21 75 e4 fc 84 db 75 a3 e8 38 7a e4 fc c6 05 c5 cb 97 0b 01 90 48 c7 c7 e0 bc f4 8b e8 34 b3 a3 fc 90 <0f> 0b 90 90 eb 83 e8 18 7a e4 fc 0f b6 1d a2 cb 97 0b 31 ff 89 de [ 195.061293][ T1150] RSP: 0018:ffffc9000667f4f8 EFLAGS: 00010286 [ 195.061303][ T1150] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817aa8e8 [ 195.061311][ T1150] RDX: ffff888029688000 RSI: ffffffff817aa8f5 RDI: 0000000000000001 [ 195.061318][ T1150] RBP: ffff888024f5016c R08: 0000000000000001 R09: 0000000000000000 [ 195.061326][ T1150] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888024f5016c [ 195.061333][ T1150] R13: ffff888024f50000 R14: 1ffff92000ccfea6 R15: ffffc9000667f5f0 [ 195.061341][ T1150] FS: 0000000000000000(0000) GS:ffff8880d69a1000(0000) knlGS:0000000000000000 [ 195.061363][ T1150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.061374][ T1150] CR2: 000000110c2a109a CR3: 00000000481e5000 CR4: 0000000000352ef0 [ 195.061381][ T1150] DR0: 000000000000006d DR1: 0000000000000000 DR2: 0000000000000000 [ 195.061388][ T1150] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 195.061396][ T1150] Call Trace: [ 195.061400][ T1150] [ 195.061407][ T1150] nf_nat_masq_schedule.part.0+0x4ef/0x5f0 [ 195.061422][ T1150] ? __pfx_inet_cmp+0x10/0x10 [ 195.061435][ T1150] ? __pfx_nf_nat_masq_schedule.part.0+0x10/0x10 [ 195.061448][ T1150] ? queue_work_on+0x8b/0x1f0 [ 195.061467][ T1150] ? addr_event.constprop.0+0x396/0x560 [ 195.061486][ T1150] masq_inet6_event+0x205/0x250 [ 195.061499][ T1150] ? __pfx_masq_inet6_event+0x10/0x10 [ 195.061514][ T1150] ? ieee80211_ifa6_changed+0xe5/0x430 [ 195.061530][ T1150] notifier_call_chain+0xbc/0x410 [ 195.061544][ T1150] ? __pfx_masq_inet6_event+0x10/0x10 [ 195.061560][ T1150] atomic_notifier_call_chain+0x71/0x1c0 [ 195.061576][ T1150] addrconf_ifdown.isra.0+0xe98/0x1a90 [ 195.061597][ T1150] ? __pfx_addrconf_ifdown.isra.0+0x10/0x10 [ 195.061613][ T1150] ? tls_dev_event+0xfd/0x10b0 [ 195.061632][ T1150] addrconf_notify+0x220/0x19e0 [ 195.061648][ T1150] ? ip6mr_device_event+0x1bc/0x230 [ 195.061668][ T1150] notifier_call_chain+0xbc/0x410 [ 195.061682][ T1150] ? __pfx_addrconf_notify+0x10/0x10 [ 195.061701][ T1150] call_netdevice_notifiers_info+0xbe/0x140 [ 195.061720][ T1150] dev_close_many+0x319/0x630 [ 195.061744][ T1150] ? __pfx_dev_close_many+0x10/0x10 [ 195.061766][ T1150] unregister_netdevice_many_notify+0x578/0x26f0 [ 195.061787][ T1150] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 195.061807][ T1150] ? __call_rcu_common.constprop.0+0x3e5/0x9f0 [ 195.061826][ T1150] ? __pfx___might_resched+0x10/0x10 [ 195.061843][ T1150] ? nexthop_net_exit_batch_rtnl+0x1c6/0x290 [ 195.061861][ T1150] cleanup_net+0x596/0xb30 [ 195.061878][ T1150] ? __pfx_cleanup_net+0x10/0x10 [ 195.061897][ T1150] ? rcu_is_watching+0x12/0xc0 [ 195.061911][ T1150] process_one_work+0x9cf/0x1b70 [ 195.061932][ T1150] ? __pfx_cleanup_net+0x10/0x10 [ 195.061949][ T1150] ? __pfx_process_one_work+0x10/0x10 [ 195.061974][ T1150] ? assign_work+0x1a0/0x250 [ 195.061991][ T1150] worker_thread+0x6c8/0xf10 [ 195.062021][ T1150] ? __pfx_worker_thread+0x10/0x10 [ 195.062038][ T1150] kthread+0x3c5/0x780 [ 195.062055][ T1150] ? __pfx_kthread+0x10/0x10 [ 195.062072][ T1150] ? rcu_is_watching+0x12/0xc0 [ 195.062084][ T1150] ? __pfx_kthread+0x10/0x10 [ 195.062100][ T1150] ret_from_fork+0x5d4/0x6f0 [ 195.062115][ T1150] ? __pfx_kthread+0x10/0x10 [ 195.062131][ T1150] ret_from_fork_asm+0x1a/0x30 [ 195.062150][ T1150] [ 195.062156][ T1150] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 195.062163][ T1150] CPU: 0 UID: 0 PID: 1150 Comm: kworker/u32:8 Not tainted 6.15.0-syzkaller-03478-gc89756bcf406 #0 PREEMPT(full) [ 195.062177][ T1150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 195.062184][ T1150] Workqueue: netns cleanup_net [ 195.062200][ T1150] Call Trace: [ 195.062204][ T1150] [ 195.062208][ T1150] dump_stack_lvl+0x3d/0x1f0 [ 195.062226][ T1150] panic+0x71c/0x800 [ 195.062241][ T1150] ? __pfx_panic+0x10/0x10 [ 195.062256][ T1150] ? show_trace_log_lvl+0x29b/0x3e0 [ 195.062275][ T1150] ? check_panic_on_warn+0x1f/0xb0 [ 195.062291][ T1150] ? refcount_warn_saturate+0x10d/0x210 [ 195.062302][ T1150] check_panic_on_warn+0xab/0xb0 [ 195.062318][ T1150] __warn+0xf6/0x3c0 [ 195.062333][ T1150] ? refcount_warn_saturate+0x10d/0x210 [ 195.062345][ T1150] report_bug+0x3c3/0x580 [ 195.062361][ T1150] ? refcount_warn_saturate+0x10d/0x210 [ 195.062373][ T1150] handle_bug+0x184/0x210 [ 195.062385][ T1150] exc_invalid_op+0x17/0x50 [ 195.062397][ T1150] asm_exc_invalid_op+0x1a/0x20 [ 195.062407][ T1150] RIP: 0010:refcount_warn_saturate+0x10d/0x210 [ 195.062419][ T1150] Code: cb 97 0b 31 ff 89 de e8 21 75 e4 fc 84 db 75 a3 e8 38 7a e4 fc c6 05 c5 cb 97 0b 01 90 48 c7 c7 e0 bc f4 8b e8 34 b3 a3 fc 90 <0f> 0b 90 90 eb 83 e8 18 7a e4 fc 0f b6 1d a2 cb 97 0b 31 ff 89 de [ 195.062430][ T1150] RSP: 0018:ffffc9000667f4f8 EFLAGS: 00010286 [ 195.062438][ T1150] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817aa8e8 [ 195.062445][ T1150] RDX: ffff888029688000 RSI: ffffffff817aa8f5 RDI: 0000000000000001 [ 195.062452][ T1150] RBP: ffff888024f5016c R08: 0000000000000001 R09: 0000000000000000 [ 195.062459][ T1150] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888024f5016c [ 195.062466][ T1150] R13: ffff888024f50000 R14: 1ffff92000ccfea6 R15: ffffc9000667f5f0 [ 195.062477][ T1150] ? __warn_printk+0x198/0x350 [ 195.062490][ T1150] ? __warn_printk+0x1a5/0x350 [ 195.062506][ T1150] ? refcount_warn_saturate+0x10c/0x210 [ 195.062517][ T1150] nf_nat_masq_schedule.part.0+0x4ef/0x5f0 [ 195.062530][ T1150] ? __pfx_inet_cmp+0x10/0x10 [ 195.062542][ T1150] ? __pfx_nf_nat_masq_schedule.part.0+0x10/0x10 [ 195.062555][ T1150] ? queue_work_on+0x8b/0x1f0 [ 195.062572][ T1150] ? addr_event.constprop.0+0x396/0x560 [ 195.062590][ T1150] masq_inet6_event+0x205/0x250 [ 195.062602][ T1150] ? __pfx_masq_inet6_event+0x10/0x10 [ 195.062617][ T1150] ? ieee80211_ifa6_changed+0xe5/0x430 [ 195.062631][ T1150] notifier_call_chain+0xbc/0x410 [ 195.062643][ T1150] ? __pfx_masq_inet6_event+0x10/0x10 [ 195.062659][ T1150] atomic_notifier_call_chain+0x71/0x1c0 [ 195.062674][ T1150] addrconf_ifdown.isra.0+0xe98/0x1a90 [ 195.062694][ T1150] ? __pfx_addrconf_ifdown.isra.0+0x10/0x10 [ 195.062708][ T1150] ? tls_dev_event+0xfd/0x10b0 [ 195.062726][ T1150] addrconf_notify+0x220/0x19e0 [ 195.062742][ T1150] ? ip6mr_device_event+0x1bc/0x230 [ 195.062761][ T1150] notifier_call_chain+0xbc/0x410 [ 195.062774][ T1150] ? __pfx_addrconf_notify+0x10/0x10 [ 195.062830][ T1150] call_netdevice_notifiers_info+0xbe/0x140 [ 195.062849][ T1150] dev_close_many+0x319/0x630 [ 195.062868][ T1150] ? __pfx_dev_close_many+0x10/0x10 [ 195.062889][ T1150] unregister_netdevice_many_notify+0x578/0x26f0 [ 195.062909][ T1150] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 195.062929][ T1150] ? __call_rcu_common.constprop.0+0x3e5/0x9f0 [ 195.062946][ T1150] ? __pfx___might_resched+0x10/0x10 [ 195.062962][ T1150] ? nexthop_net_exit_batch_rtnl+0x1c6/0x290 [ 195.062979][ T1150] cleanup_net+0x596/0xb30 [ 195.062995][ T1150] ? __pfx_cleanup_net+0x10/0x10 [ 195.063018][ T1150] ? rcu_is_watching+0x12/0xc0 [ 195.063031][ T1150] process_one_work+0x9cf/0x1b70 [ 195.063052][ T1150] ? __pfx_cleanup_net+0x10/0x10 [ 195.063068][ T1150] ? __pfx_process_one_work+0x10/0x10 [ 195.063089][ T1150] ? assign_work+0x1a0/0x250 [ 195.063106][ T1150] worker_thread+0x6c8/0xf10 [ 195.063129][ T1150] ? __pfx_worker_thread+0x10/0x10 [ 195.063145][ T1150] kthread+0x3c5/0x780 [ 195.063161][ T1150] ? __pfx_kthread+0x10/0x10 [ 195.063178][ T1150] ? rcu_is_watching+0x12/0xc0 [ 195.063189][ T1150] ? __pfx_kthread+0x10/0x10 [ 195.063205][ T1150] ret_from_fork+0x5d4/0x6f0 [ 195.063219][ T1150] ? __pfx_kthread+0x10/0x10 [ 195.063234][ T1150] ret_from_fork_asm+0x1a/0x30 [ 195.063251][ T1150] [ 195.064161][ T1150] Kernel Offset: disabled VM DIAGNOSIS: 05:00:15 Registers: info registers vcpu 0 CPU#0 RAX=000000000000005f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85563fc5 RDI=ffffffff9ae385a0 RBP=ffffffff9ae38560 RSP=ffffc9000667ee50 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=000000000000005f R14=ffffffff9ae38560 R15=ffffffff85563f60 RIP=ffffffff85563fef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d69a1000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c2a109a CR3=00000000481e5000 CR4=00352ef0 DR0=000000000000006d DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000280001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f346ecd9f90 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f346de11a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f346de11a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f346de11a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f346de11aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f346de11b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f346de11c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 666c65732f636f72 702f0073252f666c 65732d6461657268 742f636f72702f00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 434940560a464a57 550a0056000a4349 405608414440574d 510a464a57550a00 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000104 RBX=0000000000000000 RCX=ffffffff819af592 RDX=ffff88801da9a440 RSI=0000000000000000 RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc900006a0520 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=1ffff920000d40a7 R13=0000000000000200 R14=ffff888029688000 R15=ffffc900006a05f0 RIP=ffffffff81bb67e4 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6aa1000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f346ecd9f98 CR3=000000004c6f6000 CR4=00352ef0 DR0=000000000000006d DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2ae611a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2ae611a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2ae611a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2ae611aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2ae611b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2ae611c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2af2ed100 00007fd2ae783440 00007fd2ae780004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2ae783498 00007fd2ae783490 00007fd2ae783488 00007fd2ae783480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000180f91 RBX=0000000000000002 RCX=ffffffff8b7560d9 RDX=0000000000000000 RSI=ffffffff8dbf3d90 RDI=ffffffff8bf51200 RBP=ffffed1003b53910 RSP=ffffc90000187df8 R8 =0000000000000001 R9 =ffffed100d4c663d R10=ffff88806a6331eb R11=0000000000000001 R12=0000000000000002 R13=ffff88801da9c880 R14=ffffffff90865250 R15=0000000000000000 RIP=ffffffff8b754c3f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6ba1000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000008038 CR3=0000000064947000 CR4=00352ef0 DR0=000000000000006d DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000004010010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6575e11a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6575e11a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6575e11a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6575e11aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6575e11b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6575e11c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000700088002fe0c 00000000646e6f62 000100098012001c 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 03000700088002fe 0c00000000646e6f 6200010009801200 1c00000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6576aed100 00007f6575f83440 00007f6575f80004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6575f83498 00007f6575f83490 00007f6575f83488 00007f6575f83480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000028 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000004 RBX=dffffc0000000000 RCX=0000000000000001 RDX=1ffff920045bad4d RSI=0000000000000015 RDI=ffffc90022dd6a68 RBP=0000000000000001 RSP=ffffc90022dd69c0 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000820 R13=0000000000000820 R14=ffffc90022dd6a48 R15=0000000000000001 RIP=ffffffff81a6e2a4 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fd2af41c6c0 ffffffff 00c00000 GS =0000 ffff8880d6ca1000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000009038 CR3=000000004c6f6000 CR4=00352ef0 DR0=000000000000006d DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000f0004000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055c2ddd64600 000055c2ddd64600 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdef152320 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 756f63666572205d 3035313154205b5d 3838363934302e35 393120205b203a6c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 393732332e342e7a 79733d6d6d6f6320 33373634313d6469 702074656b636f73 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5f6574756f725f6b 6e696c74656e3d73 73616c637320303d 657079745f67736d ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c6e20303d6c6f63 6f746f7270203a65 67617373656d206b 6e696c74656e2064 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 657a696e676f6365 726e75203a78756e 694c4553205d3337 363431545b5d3239 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000