last executing test programs: 3.852726917s ago: executing program 3 (id=74): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x6, @remote, 0xb}, 0x1c) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="12000000120001000200000000000000100000000c00001700000000000000000f10"], 0x30}], 0x1, 0x0, 0x0, 0x20004000}, 0x0) r3 = dup(r2) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0, 0xfffffffffffffdaf}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0) setsockopt$rose(r5, 0x104, 0x5, &(0x7f00000024c0)=0xc, 0x4) r6 = fcntl$dupfd(r0, 0x0, r0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r6, 0xc018937b, 0xfffffffffffffffc) r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000940)=ANY=[@ANYBLOB="1401000027000100000000000000000003"], 0x114}], 0x1}, 0x0) r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000180)=ANY=[@ANYBLOB="1400000013000100000000000000000008"], 0x14}], 0x1}, 0x0) syz_emit_ethernet(0xfef3, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001010000641100fe8000000002000000000000000000bbfe8000000000000000000000000000aa4e200e22"], 0x0) 3.645673434s ago: executing program 3 (id=79): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mknod$loop(&(0x7f0000000000)='./file2\x00', 0x0, 0x1) link(0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8) getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8) 3.645198763s ago: executing program 3 (id=80): sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) (async) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc) (async) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x121880, 0x0) (async) r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f0000000100)={0xf0f03f, 0x2}) (async) lseek(r1, 0x7, 0x4) (async) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async) sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0) (async) syz_emit_ethernet(0xfdef, &(0x7f0000000000)={@link_local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @multicast1}, @address_request}}}}, 0x0) 3.595817667s ago: executing program 3 (id=81): bpf$MAP_CREATE(0x0, 0x0, 0x50) r0 = socket$l2tp6(0xa, 0x2, 0x73) socket$inet_udp(0x2, 0x2, 0x0) bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0x41000000}, 0x20) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000001000500050007000000000008000900030000001400200000000000002001001000e1ffe000000108000a0000000000060002000100000014001f"], 0x5c}, 0x1, 0x6c}, 0x0) 3.595618589s ago: executing program 3 (id=82): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$qrtr(0x2a, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, &(0x7f0000000180)={0x7, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020100090a000000007fffffff0000000200100000e9000000e9000000000000030005000000000002000000ac1414000000000000000000030006000000000002"], 0x50}}, 0x0) sendmmsg(r5, &(0x7f0000000180), 0x40000000000007b, 0x4004) sendmsg$NL80211_CMD_START_AP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYRES32=r2, @ANYRES16=r3, @ANYRESHEX=r4, @ANYRES32=r4, @ANYBLOB="37000e0080000000ffffffffffff080211000000ffffffffffff00000000000000000000ff0701000301030406f0027f0006a7060206000009002a00050306670300000060000f003c040002ac010154baf7a750654c42aef847e6d410aa3fb66ecc860c4696a377ad611c103e7fcf858650ec50863609b55ddee251072d02b6a7f03a6d61ee618f5efeab7ff585d9ccaa6ef9c6f48c38f0792664da7bcb82532f72209308000c006400000008000d"], 0xd0}, 0x1, 0x0, 0x0, 0x20004090}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000f9b000/0x18000)=nil, 0x0, 0x0, 0x20, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r6 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1be) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x101091, 0x0) ioctl$AUTOFS_IOC_PROTOSUBVER(r6, 0x40049366, 0x0) bind$qrtr(r1, &(0x7f0000000000)={0x2a, 0x1}, 0xc) bind$qrtr(r1, &(0x7f0000000100)={0x2a, 0x1}, 0xc) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x940}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STATS_ENABLED={0x5, 0x2a, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x104}, 0x0) 3.515256857s ago: executing program 3 (id=84): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01f71800000000000000240000002400000002000000000000000000000400000003000000000000000000000000000000000000000d0200000000000006"], 0xffffffffffffffff, 0x3e, 0x0, 0xa}, 0x28) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x58, 0x30, 0x8, 0x0, 0x0, {0x9}, [{0x44, 0x1, [@m_sample={0x40, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x13, 0x6, "5330508c8e402ca63e1a617faa29ec"}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x58}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="680000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e0030000280080006"], 0x68}}, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0) 1.446693536s ago: executing program 1 (id=103): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) syz_open_dev$dmmidi(&(0x7f0000000300), 0x3, 0x801) sendmsg$nl_route(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@bridge_dellink={0x20, 0x11, 0x5, 0x0, 0x0, {0x7, 0x0, 0x0, r7}}, 0x20}}, 0x0) preadv2(r1, &(0x7f0000000200)=[{&(0x7f0000000080)=""/203, 0xcb}, {&(0x7f00000007c0)=""/4096, 0x1000}, {&(0x7f00000017c0)=""/4096, 0x1000}, {&(0x7f0000000280)=""/71, 0x47}], 0x4, 0x5, 0x1, 0x1) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0) read$FUSE(r1, &(0x7f00000027c0)={0x2020}, 0x2020) flock(r8, 0x5) r9 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) flock(r9, 0x2) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) r13 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r13, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x28, r11, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x43}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0xc6000, 0x0) 366.521909ms ago: executing program 1 (id=120): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x9) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) mknodat$loop(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x2000, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') linkat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)=@reiserfs_2={0x8, 0x2, {0x0, 0xafd}}, 0x0, 0x1600) 316.555159ms ago: executing program 2 (id=121): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0xc, 0x14, r0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=@pppol2tp, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000001c0)=""/249, 0xf9}, 0x0, 0x2020, 0x1}) io_uring_enter(r1, 0x627, 0x4c1, 0x43, 0x0, 0x0) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r5, 0x84, 0x82, &(0x7f00000000c0)='n\x00\x00\x00\x00\x00\x00\x00', 0x8) setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000340)={0x8, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @multicast2}}}, 0x108) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000000340)=""/225, &(0x7f0000000180)=0xe1) 314.953787ms ago: executing program 1 (id=122): r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x3, 0x6c4ba42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xcd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0xfffffffffffffffb, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80003, 0x0, 0x0, 0x0, 0x200, 0x0, 0x40000000000, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x100000001]}) 314.620044ms ago: executing program 1 (id=123): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000006800e9780000000000b88ae4ef00000001000000080005"], 0x20}}, 0x0) (async) r1 = socket$phonet(0x23, 0x2, 0x1) ioctl$sock_TIOCINQ(r1, 0x541b, &(0x7f0000000b40)) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)) 256.463389ms ago: executing program 1 (id=124): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x54) mount$overlay(0x0, &(0x7f0000000440)='./bus\x00', &(0x7f0000000340), 0x2000810, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x900, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000, 0xa00}]) 256.234884ms ago: executing program 2 (id=125): r0 = socket$nl_route(0x10, 0x3, 0x0) (async) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) (async) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='devtmpfs\x00', 0x0, 0x0) (async, rerun: 64) mkdir(&(0x7f0000000000)='./bus\x00', 0x0) (async, rerun: 64) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x90, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) (async) chdir(&(0x7f0000000140)='./bus\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r1, 0x0, 0x0) (async) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@ipv6_delroute={0x1c, 0x19, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0xfd}}, 0x1c}}, 0x0) (async) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$sock_int(r2, 0x1, 0x20, &(0x7f0000000140), 0x4) (async) connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e25, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10) 194.662752ms ago: executing program 2 (id=126): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000100850000003e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x22}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x460, 0x258, 0x268, 0x311, 0x258, 0x268, 0x390, 0x460, 0x460, 0x390, 0x460, 0x9, 0x0, {[{{@uncond, 0x160, 0x230, 0x258, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x9}}}, @common=@unspec=@time={{0x38}, {0x0, 0x0, 0x0, 0xfffffffc}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@uncond, 0x0, 0xd0, 0x138, 0xe4030000, {}, [@common=@ipv6header={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4c0) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r2, &(0x7f0000000240), &(0x7f0000000140)=@tcp6=r0}, 0x20) sendmmsg$inet6(r0, &(0x7f0000002440)=[{{0x0, 0x1f, &(0x7f0000000980)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}, {{0x0, 0x1, &(0x7f0000000480), 0x14}}], 0x400, 0x10) 194.410285ms ago: executing program 2 (id=127): r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 194.018797ms ago: executing program 0 (id=128): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x38) syz_open_procfs(r0, &(0x7f0000000040)='attr/exec\x00') r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) preadv(r1, &(0x7f0000000100), 0x49, 0x1ff, 0x4) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async) tkill(r0, 0x38) (async) syz_open_procfs(r0, &(0x7f0000000040)='attr/exec\x00') (async) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async) preadv(r1, &(0x7f0000000100), 0x49, 0x1ff, 0x4) (async) 145.470129ms ago: executing program 2 (id=129): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r0) sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x14, r1, 0x1, 0x70bd27, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x44004}, 0x40000) mkdir(&(0x7f0000000300)='./bus\x00', 0x90) socket$netlink(0x10, 0x3, 0x5) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140), 0x28000, 0x0) mkdirat(r2, &(0x7f0000000240)='./file0\x00', 0x1) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e601bae74656e642c6163638173733d616e792c63616368653d66736361636865"]) mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x4) chdir(&(0x7f0000001080)='./file0\x00') open$dir(&(0x7f0000000280)='./file1\x00', 0x0, 0x41) write$cgroup_devices(0xffffffffffffffff, 0x0, 0x8) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf64(r3, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x3, 0x24, 0x0, 0x95, 0x8002, 0x3, 0x3e, 0x101, 0x294, 0x40, 0x257, 0xfffffffa, 0x1000, 0x38, 0x1, 0xfffd, 0x7f, 0x808}, [{0x3, 0x4, 0x7, 0xa, 0x101, 0x6, 0x7, 0xffffffffffffff7f}]}, 0x78) socket$inet_smc(0x2b, 0x1, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="60000000020601036c0000000e77000000000000050005000a000000050001000600000205000400000000000900020073797a320000000013000300686173683a6e65742c6966616365000014000780080006400000000008000840"], 0x60}}, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r5, 0x29, 0x1a, &(0x7f0000000100)=0x401, 0x4) setsockopt$sock_int(r5, 0x1, 0xf, 0x0, 0x0) bind$inet6(r5, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty, 0xffffffff}, 0x1c) r6 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e22, @broadcast}, 0x10) r7 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000001100)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000001080)=0x8) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', r8, 0x0, 0x1000) 144.895515ms ago: executing program 1 (id=130): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000100850000003e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x22}, 0x94) r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x2082, 0x0) ioctl$SNDCTL_DSP_GETCAPS(r2, 0x8004500f, &(0x7f0000000040)) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48) ioctl$KVM_CAP_X86_GUEST_MODE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000240)) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r6 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local}) write$tun(r5, &(0x7f0000000040)={@val={0x0, 0x6003}, @void, @eth={@broadcast, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0xfc, 0x2f, 0x0, @private=0x1fe1, @private=0xa010100}, {0x8000, 0x6558, 0xc, 0x0, @gue={{0x1, 0x0, 0x1, 0x10, 0x0, @void}}}}}}}}, 0x32) r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000080)={[0x7, 0x6, 0x7fffffffffffffff, 0x2, 0x9, 0x1, 0xffffffffffffffff, 0x49ca, 0x7, 0x2, 0x3, 0x3, 0x6, 0x401, 0x0, 0x2], 0xdddd0000, 0x10401}) ioctl$KVM_RUN(r8, 0xae80, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x460, 0x258, 0x268, 0x311, 0x258, 0x268, 0x390, 0x460, 0x460, 0x390, 0x460, 0x9, 0x0, {[{{@uncond, 0x160, 0x230, 0x258, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x9}}}, @common=@unspec=@time={{0x38}, {0x0, 0x0, 0x0, 0xfffffffc}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@uncond, 0x0, 0xd0, 0x138, 0xe4030000, {}, [@common=@ipv6header={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4c0) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000500)=ANY=[@ANYRESOCT=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r3, &(0x7f0000000240), &(0x7f0000000140)=@tcp6=r0}, 0x20) sendmmsg$inet6(r0, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}, {{0x0, 0x1, &(0x7f0000000480), 0x14}}], 0x400, 0x10) 144.369744ms ago: executing program 0 (id=131): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x9) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) mknodat$loop(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x2000, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') linkat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)=@reiserfs_2={0x8, 0x2, {0x0, 0xafd}}, 0x0, 0x1600) 85.84126ms ago: executing program 0 (id=132): bpf$MAP_CREATE(0x0, 0x0, 0x50) r0 = socket$l2tp6(0xa, 0x2, 0x73) socket$inet_udp(0x2, 0x2, 0x0) bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0x41000000}, 0x20) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000100050005000700000000000800090003000000140020000000000000fffffffe00e1ffe000000108000a0000000000060002000100000014001f"], 0x5c}, 0x1, 0x6c}, 0x0) 84.558114ms ago: executing program 2 (id=133): mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) chdir(&(0x7f0000000080)='./file1\x00') (async) r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000073797a300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) (async) r1 = syz_usb_connect$hid(0x5, 0x36, &(0x7f00000002c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xce, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x30, 0x0, [{{0x9, 0x4, 0x0, 0xfa, 0x2, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0xfffe, 0x0, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff}}}}}]}}]}}, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) (async) syz_usb_control_io$hid(r1, 0x0, 0x0) (async) writev(r0, &(0x7f0000000480)=[{&(0x7f0000000280)='\b\x00\x00\x00', 0x4}], 0x1) (async, rerun: 32) r2 = socket$igmp6(0xa, 0x3, 0x2) (rerun: 32) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000180)=@raw={'raw\x00', 0x8, 0x3, 0x4a8, 0x0, 0xffffffff, 0xffffffff, 0x150, 0xffffffff, 0x3d8, 0xffffffff, 0xffffffff, 0x3d8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x128, 0x150, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x508) (async) syz_emit_ethernet(0x2416, &(0x7f0000000580)=ANY=[@ANYBLOB="e727dc07001f391e7dd7a2d786dd609907a623e02c03cb697a653e336f000000500000000000ff0200000000000000000000000000013200001200000000020090780000000369c46dea0006ff0800000000000000000000000000000001ff0200000000000000000000000000011d000000000000000502040100000000625d0000000000000502200010d492385c3783d3afa4087aac07f72281b3b12267af7a3550aa1c3df47e5193806438916ec2e867d21394d0ececf9700962d3e17e4bb578aafd31a3f1955010879ee9079424526f222aa9e6477366d11ceda8cc0a4a1008153a04ddaa531db1dc129d6fb8f95c13d752d80f25ce2b253934d9a86bdf503653d3730ada1509d9536c165576ddde5926db915dd86eb3e2a03a7e56c01f4067638d6b7a6b4e9712c66ed550b77c6e655dc71d08ae40755d11b56963a28dce50181d34e7c4b0caae8cf4b947526eecd89735717604aec2730381ca1b51ab01ed0a4c78a4ba64a733fec74ad4071ffb454d5a4e2e167705cc70cb4551a1892279fbf20f41698d06c87d4928fab8c35581c02c8b06d25f4cfab68bc929dad45297768657d0f9e3a28e4f385d3ab4f4ebc9a48469fcc680b11ae610a658ca37f442cb8abda0ca080fbfd107f702b3f57f6c29b827a6c9cd6c1a9d010a3eacb011178887d654d395a63fb718e6da50ad25840efb4801a6182f56836a03a91927cf013f3742d1491545656fddd952bbe35611dd164de5a822333d106f767e2b1fbbda7fd780c2ba8ba487e69e259bb1b9bfe90974aea4e9496999180776a13796b9c394f54ae1f6371556443be28b730502000c05028805040116050200040be4bb69246c6dd959322a3c6381cd5ecbbb7131ac5b4c10756fddad9452625b1f85dcb2db18d954111331928b8202efd022be464387d6ab7358c74e997342ee7eb1c46a817d6708b603963384c4499ef4dbf57fb3a40f974a32c25f0f9ae3953b921ea771007c951a3ed9237fc4a068fc39022aa39e70b1af46265c180eab098a06f6fd55b9ec6890f78ea1a3d5a17cac3a3887f13eeb3d163de914bcfbaf40a4a52a94901be888d6845fd4eb61ed9eebcfafb7588f7f92a12711672e4050f36e6a8695ef98eeb35f9f8f631207ba50c041580262f52bdfc87946bc87efba2e7eba9ea2f4a7072a8d83a045895d9642a081ddef313f45aa94fc70c117653ab8ddf92747a49c5c20a771233573e692d1caa10000000000003ec7000000000000c30013ea3bcc03cbfea3899367b93bc9545a9abe3e513929efb617a5c70410c64c077ec9040cc413710e4fbcf7d971af86cdf8d5f8f04948fcbf318c7894000412d280cc4b98548f990cb11035a6d48299cd0cc0cca098cab016c66c4f871549fd045f548fb2e631ae100ac591bb8dce8bee097201382fff6d7223c0d54b4b7457fa5c36d80f8ab1f398758bde615984169b6e3d03e2531bfd350ee870c7e137616c089ec2071084c33ae93acc654d7d64d521206e3a12615d4e3dde33269c8e1c3c8f5fcf1681e98ebd5cc9abda7b74fffe10398a7f701fdde69b21c9f9a2c983b7dadaf353d13332158ee52cc7d72901b495cd2ab3b8671b8fc6327a37ac9ff77c992f76caad41c6c2dcf5e3295526e9e22d2e2915f083909e0b86cd69e3df67c50b490565ae52389abfa1acbd02658039700fc092ae68e9138bfcf72f6062ee720a0f13e2040543acffd631a2289020fa5a5751aa6d3ff187aa9ddfe45d2d12195faee7de07c60a010a35d7d51c04e1ecb8bff31f16f8386961cb06e9bdf0c4b6cdd2ec48f4b7ee27a0a27a73ed401cd18a123556cb80161e25f82b24eab61a583cef1af2139260a8ca0b5931de46721a4901c50aacade1e4e25a5e01d8330f359fc397a9128f3a3c2d521452395c09c7a2bd0926b8df488eacaba377099c3bf06f99bc14b5b16cd3ec0bbb0608936666ada99db2082b191ffc38c886c04072c9f0a6a2288f39462e087b9e5bf89d1ee2ddd303cb05074370e8dabe7c107ae212597b0cbe71d42ee14546e25266c40fcf5f98cc9e2380f19e16c30e54424ff297608d94a3e9f49028b1cd29e483cd64d3b6125d450ee34cfcfd0b83e58c8e2933e5962354766be37b1a12571aaeb287acd79e002008f77d21a7d239e79c690c60b5bccbb8338807882658a4779944bdbc8cc6c23590f1761fb318367a7800129c9ed5ab8ae6648cc82e5b9e00a6838326180990b2bdc4a9271519926e7bdc4bd16ed9b4ab3b5abdeca97315ecd0642119a8a1fbc7a87f015dfd039e5fc6915765fe7acc93d8ac78be1a8b0dfcfc2038aa2d737c102fb3e77bbc5cd39c3e6a006f0570b1ad37cc650259c99d1603241594ea5fe0b48aed88840c3ba13aea15daad41ade985b593c59f3a93b539f00f78f24ce4fb7ddd4ebbc9020e3f841cea7beaaa52eb9ed256967f84428be67e440488648a414d0a0484575b2b05d6837a4afe032ddc0a86d5a628f1e035d90c767156620eac13d8060aef01e77c3bfa167893f5dd03ae7340923dc3538f3b4d1ca37d6f754e7a201c9b92841d8804da87b7c8cc9fa8c73bd39d76f6e4bb5f0b98fa6df4ef7f18cad7eb37650d3ffc2db89de2d500e89879c7c5b45cecefaf735cc8039061f8cba474c41fb8af5dd3dc941aefeb95e9ef7e96a6a20078778c9fe262e17833d19714eeca9db646aff7b21678759947668fa3905bb287158eb1e3b0854971ca7a5d5a19b0475db8cb7649135ab5578108f243c42ab6d6218ddb97f3dc7c6a4bd3a265fd22714bdd0bbfd62cffe88c08f8b02f4a22a7d5bd154818835129944705f4caeb7593b74cc94b26f10df52e06b3d18650328cd2f987fd73a15c28d107f9e212c9468f03af5d4653ee89cbd26ecd1de806e74f36e33ae3ff09e6d72bc27b272f64dfa800d2a8d28a40b4030a0419386eb1444d60ae010bd23e5b6dda29e4b7ab87cf9a817aca48ee35cce0041844f583ad520649bd28eeafb5657481d521f08ff6e96d8695d48c197fbc7dbf5c1a2b53acfcea775d27f6189951a7b5aecb79e1f4b65aba36f3ef8cb27f01b623bdb8fca0b6f8f95546567b353d917f29fa23534cb871cb1984098d2f82f4232675b6b818055abb72a49bda6b2c03575248b172452227b97480546cee59daf737dfac4eddbc3cfc59da07df0ed62d5b0819286316c6df03a85a54b318f2569945f43dc130eecf5c5563cc703c85f7540fbb3dbf0fd53fc8743472124e4f9ed5bb8cae75d7698122b9e94e55cce0d5afcdecaa6ca3cfe95e756857cd7bf4902a17614d7dc5e463eb8bb827168fc9188e4c51233df3089f79658485861d3d5f9ab7346a8c51afc17bb753d6be5f8c2eeeb02c1cfc8d9d54eec6f8220527485a51848394312233adc116d122a8bcfd2cf30ed63b48ef3e8007ff62017ecf621d465e75064d7e6aad3e7696fe88872074f1353c878fe7d81c053952740f1818129167c273ea1900145ebbc9f765553212561cf11a2a7c37be0918468030f55b18984042c64819e722a030002037cfcfd10ec8cff39a187b7282ac508c1d57847075c298bcb9bfc84df491593e043862642114a34f5672774c8727cbade0cbf1dd795d02ff01eaa95df1ac9849b45e2e78bf7a55b46ddea87e1bf58f4aa5a774be80da1ea488d7300b2b39f2589bb0b4d6de182384f71f411ed874707fdb990163f827e3450e6693994733d3e1b371d9fda6c4472b5e9dbcce1423e4ddd33829a9f72cebff741dcdabb2f810cb337f69e85c625dc008300c4745ec8d3d9e2e090b3440d93d3c472a15208d1d19ec2708be84345467248c352bbf35e2ee21d92d270129748d99e8b258516ad48787aa3247e27722d3f26f704745c62667af1b310e5e1a829c10c663ba23bbfe73a15993208dd3b7d185f5cb81cb94511174c8c902ccc25ae9039a6fe5ec0871319467789be76d862c858a96cb5b685ccc33be2cc3a5180cce4930c20e744424117f20e1aabdb9bfcac1f1c955acce68d4460d393657ce51821076f7d1e232bc6e4e4d02c87199cd753ecdcc6dcd5b28c1b5f11381461b9e1bd807da7edde749af4750cd73764776811ac9f3420f1f9d54036c5a275373a51ddb2c89673ab8f3ce3c49a0807673207b298b7f1b2978dc73b7bf3790feeb2b754f5481308438f52db603b38e91517d39d7f47c94a2713dde95a37bdf7de4c08356d5b852284dd337dce8d1502c2872cfdf1e6c4689749e81489d7b55f09f744ec60046ab903505a76eaf7d328c2d7d9fe26f3b6a08a226abb218f092a814f32bc2bb315311b36c6e16ad1b3d12e4db6d7b6b5ce3d00509858f50316f003da09982a17bb1f5d89f1ad54b05adf49b742467897289578e2b47b1b02102e18d8891d88ac1bdf0c449db57f25ec653af52c2f8d20eb38aa1fb0a63e0a741cdaafb319653701cc43fd37449ddbcc061110d7b953609da80c7aef5109da098d96511316cc327e4efa76851b332e419a2a82812fc83aaa55cca039875b107215b9518a9535a96aa551bd078236b9516a9226f2395917259a5f4b7d1c6b866acb574978c9f6b8ec3c87552f0506ea122a3c50f1e2112a3cd750c2ba66f0591c97c1727e6ecacca1e3f993fd100b185d7b74d607c7ed3478b971d72a3d578bab272666abae70c845bf725bb12d3bbd674c6fd7b18b8f8e7f189f4a18e4744d41c67867175552ec3ae4ea48d902fc29713e722109208f2e9c1771c3f4e36075963c8763785ebca4496445501cda144d1aed5985e0e86a40c8c5141d6bda421f52a88ae98565c68b8fabcfbd39072db7b8faf53d781bb2d1ecc84200b063375a062d96ee056ab57447d1ea4d82e16f1475e51982fd3233619d3b3577caf5fec683be8f42b3989f3548cd8193851e6787a79ba280b567720c863067ddd856937eddc31473e482a700f4f41efa4ff21932bdcf32cf6b15692ae9de365ca565caa96f49548e2ea4aaa79de8668da68f01086083d9d9351716bc8f3971c0df790384284c2e3c3b0d10003ccc38d4a29a789064b04f09f42ae63a127cd350450b64e9a53588681d2ed714a0f3f5d2b7e7619940145d9555093c1754c23ec26d52eab1788b35b71d7924e9e7af67cc3aefeb439e691451619f426354d386a01b4e591d779c2c9c421c9b8f71d3fbeafec6bbf5e070f641c13c1b94c8800c68062e0a34b7ccc4fed592337de14a5243be052382295fd4d9347e01ee09c0b49ec8ade37f429ebda29075ee4f30998fd33d4a1beb2bceb3bb6230c98a7df2ed4249b328eb94723b65aa1aae73c8ca2daf1266226f74fee3ec3d37e344a9016efe4b49dc22c0442055d63757d779d454cb77d8940c4389dbd5bde6ef550d6a889015019f831e19e5547e6ac08161d0f67943163264eeba7320658414359a9c07b5f11e10e36bcc09b7c3fae3c276a9d202554bf58703e1868a5a2e4903ec01b6a039b8307e311196dc042fd5ee0b4e663be2687b383cfd614d8efabdada359769209926b866ac4dfbfffe2678822c72f47dd570bb059d773ee17c19b0a98111e04cf7313fdcc68d81da724284679a2c8d57b02578b7339fdde1f64c0df85630e57371e7ab9bea0c35d27e1225b524f10d178dcfb0e5cac249e8afac6a70454b6ebbd7f597e93b6b8391138cc49264da01649677ad1d689bfa3815cec8b4c1acaee1259b0388d1bdce946f2bc3b16934ef1efaa6e5207e9c72d980998f512bf5c2fb176af27cac2dc8f6e5d2c38128efe1dbe7c99471ec0aa9acbe06746c1d9aecedfe6850027f32e67a31c951939b98657b80a40ceb29e8b74dd2d25cda0bd0677782ff554c0587fb53f04d5e6ec529f6d3f4ab0a1020afacbf31aec65178d1f45a4f5ec93845b299c4a9efafa79dc3e292c8222d046b9ced3ead62c8a04f61774534230a0f5e23f810cfed64bfe8de3c5ec311c64122a0e3d26e34b7d18a865263855c3d016b8f10b57445ea87eed3f494712521922c30224ec6a54772ed8ff3c2fc1ea629a893866ab168a387b003fb5b2697549ef8a0889752ccd84c932a5b644539c32aeab888545b4caddd5ae5e78e335dbe99861e5115748d0b5fbdb3207afd329a0e0b58c57a37658c98e92929969cd61daf67e8e3ec027d79a2affd147d0e7582db95a3644a56a643000ff88c125024609ff0bef6baf96513e1aa8b7d1a1843d1112e2e461ac3504afa1f5787e501c3c38deac3e3dac2e59d34174f2a47edecddecae76f7926b3ac4e361df6525bd75adb5e078b9f205ed4958681822f474d758e9c507182cecea89323d7087cc048c944828c6c99bf55f2c24db53e2d8e2cbf4d85a8f6025cfcc156bb8ed4579ea39df0cd77f6700604f1f201f57f48dbb298ccedf282f20753f2774e5e20dc832b82343a1e7750284621125999150f28c66741a2c797afadad734727921810b8abef1f6c9c7997ea16945040e40595976dff9a9a5bbf1cf2899"], 0x0) (async, rerun: 64) syz_emit_ethernet(0x66, &(0x7f0000000080)=ANY=[@ANYBLOB="69e1629b6174391e7dd7a2d786dd60b6000000302c03cb697a653e336f000000500000000000ff02000000000000000000000000000102000003"], 0x0) (rerun: 64) 83.547881ms ago: executing program 0 (id=134): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000100850000003e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x22}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x460, 0x258, 0x268, 0x311, 0x258, 0x268, 0x390, 0x460, 0x460, 0x390, 0x460, 0x9, 0x0, {[{{@uncond, 0x160, 0x230, 0x258, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x9}}}, @common=@unspec=@time={{0x38}, {0x0, 0x0, 0x0, 0xfffffffc}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@uncond, 0x0, 0xd0, 0x138, 0xe4030000, {}, [@common=@ipv6header={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4c0) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r2, &(0x7f0000000240), &(0x7f0000000140)=@tcp6=r0}, 0x20) sendmmsg$inet6(r0, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}, {{0x0, 0x1, &(0x7f0000000480), 0x14}}], 0x400, 0x10) (fail_nth: 4) 1.054217ms ago: executing program 0 (id=135): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x100, 0x1) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x20, 0x1) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_all\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) (async) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_int(r2, 0x6, 0x4, &(0x7f0000000800)=0xffffffc0, 0x4) (async) setsockopt$inet6_tcp_int(r2, 0x6, 0x4, &(0x7f0000000800)=0xffffffc0, 0x4) socket$key(0xf, 0x3, 0x2) (async) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x40) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0) sendmmsg(r3, &(0x7f0000000180), 0x400008a, 0x0) sendmsg$key(r3, &(0x7f0000000000)={0x9, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)={0x2, 0x9, 0x0, 0x9, 0x2, 0x0, 0xffffffff, 0x25dfdbfe}, 0x10}}, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r1, 0xc01064c1, &(0x7f0000000080)) (async) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r1, 0xc01064c1, &(0x7f0000000080)={0x0, 0x0, 0xffffffffffffffff}) ioctl$BTRFS_IOC_FS_INFO(r4, 0x8400941f, &(0x7f0000000100)) 0s ago: executing program 0 (id=136): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbf8, 0x8000000}, 0xc) socket$netlink(0x10, 0x3, 0x13) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0x2a382) r3 = memfd_create(&(0x7f0000000180)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6*t\xc8\xf4>q%\xa4\x81\xe2\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\x1cf\xf0\xf2xW?\x8e\xd9\x06\xc7\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<+l\xfdG\x8e\t\x96rT|\xe3\x13\x19\xe3%g\xa7n\xa93\xf5>\x81R\xe7`\x83N\xf4\xa7\xc8:\x8eY\x0e@\x1b\x17Y>b\x85\xd3\x12I\xbf\xac\x9eM\x884Z\xaf\xf3\'\x8aj\"\xd1~k\x7f%\x96\xf95&\x84A%\x97\xb8\x18\xa7\x88\xe3w', 0x1) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000000)={0x0, {}, 0x0, {}, 0x0, 0x0, 0xf, 0xd, "eeddb7c25540993ad642248c7b0157ce0dc9b4d500476312cd6cb416f686ce0058265f66cdddf2e9ce8bb87ae03e87a61fb648d5c6a3e9977956be87176a30a9", "a863a5170a11d26a730cb3d1e9fb18cb0e58986d58e881bbe5e4230de84eea7a", [0x3, 0x5]}) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) r5 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000800)=@newsa={0x148, 0x10, 0x713, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@local, 0x0, 0x33}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', {}, {}, {}, 0x0, 0x3502, 0x2}, [@offload={0xc, 0x1c, {r6}}, @algo_auth_trunc={0x4c, 0x14, {{'sha1\x00'}}}]}, 0x148}}, 0x0) sendmsg$TIPC_NL_NET_GET(r1, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040004) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r7, &(0x7f0000000600)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[], 0x14}}, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r0) syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r0) gettid() timer_create(0x0, 0x0, &(0x7f0000bbdffc)=0x0) timer_settime(r8, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, 0x0) timer_gettime(r8, &(0x7f0000000140)) mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2}) kernel console output (not intermixed with test programs): [ 44.016948][ T40] audit: type=1400 audit(1752359021.933:60): avc: denied { rlimitinh } for pid=5927 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.023918][ T40] audit: type=1400 audit(1752359021.933:61): avc: denied { siginh } for pid=5927 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:51896' (ED25519) to the list of known hosts. [ 45.297132][ T40] audit: type=1400 audit(1752359023.233:62): avc: denied { name_bind } for pid=5938 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 45.319762][ T40] audit: type=1400 audit(1752359023.253:63): avc: denied { write } for pid=5939 comm="sh" path="pipe:[3647]" dev="pipefs" ino=3647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 45.347119][ T40] audit: type=1400 audit(1752359023.283:64): avc: denied { execute } for pid=5939 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 45.353859][ T40] audit: type=1400 audit(1752359023.283:65): avc: denied { execute_no_trans } for pid=5939 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 47.385813][ T40] audit: type=1400 audit(1752359025.323:66): avc: denied { mounton } for pid=5939 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 47.388436][ T5939] cgroup: Unknown subsys name 'net' [ 47.497947][ T5939] cgroup: Unknown subsys name 'cpuset' [ 47.504172][ T5939] cgroup: Unknown subsys name 'rlimit' [ 47.721178][ T5943] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 48.446619][ T5939] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 51.294146][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 51.294157][ T40] audit: type=1400 audit(1752359029.223:80): avc: denied { execmem } for pid=5947 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 51.537590][ T40] audit: type=1400 audit(1752359029.473:81): avc: denied { create } for pid=5951 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 51.545915][ T40] audit: type=1400 audit(1752359029.473:82): avc: denied { read write } for pid=5951 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 51.555549][ T40] audit: type=1400 audit(1752359029.473:83): avc: denied { open } for pid=5951 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 51.572706][ T40] audit: type=1400 audit(1752359029.483:84): avc: denied { ioctl } for pid=5952 comm="syz-executor" path="socket:[6521]" dev="sockfs" ino=6521 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 51.587609][ T5956] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 51.590600][ T5956] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 51.592787][ T5959] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 51.593149][ T5956] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 51.596265][ T5959] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 51.598559][ T5956] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 51.600466][ T5959] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 51.602495][ T5956] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 51.604878][ T5959] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 51.607483][ T5964] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 51.608415][ T5967] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 51.609632][ T5959] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 51.610166][ T5967] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 51.611877][ T5962] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 51.614222][ T5968] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 51.616337][ T5962] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 51.618123][ T5968] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 51.620269][ T40] audit: type=1400 audit(1752359029.543:85): avc: denied { read } for pid=5951 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 51.620412][ T5962] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 51.620961][ T5962] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 51.622964][ T5968] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 51.625576][ T40] audit: type=1400 audit(1752359029.563:86): avc: denied { open } for pid=5951 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 51.646302][ T40] audit: type=1400 audit(1752359029.563:87): avc: denied { mounton } for pid=5951 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 51.828365][ T40] audit: type=1400 audit(1752359029.763:88): avc: denied { module_request } for pid=5952 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 51.876464][ T5952] chnl_net:caif_netlink_parms(): no params data found [ 51.980669][ T5965] chnl_net:caif_netlink_parms(): no params data found [ 52.019637][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.021896][ T5952] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.025025][ T5952] bridge_slave_0: entered allmulticast mode [ 52.027783][ T5952] bridge_slave_0: entered promiscuous mode [ 52.035181][ T5952] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.037402][ T5952] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.039682][ T5952] bridge_slave_1: entered allmulticast mode [ 52.042300][ T5952] bridge_slave_1: entered promiscuous mode [ 52.047039][ T5960] chnl_net:caif_netlink_parms(): no params data found [ 52.095770][ T5951] chnl_net:caif_netlink_parms(): no params data found [ 52.145374][ T5952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.152443][ T5952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.258315][ T5952] team0: Port device team_slave_0 added [ 52.263809][ T5965] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.266194][ T5965] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.268442][ T5965] bridge_slave_0: entered allmulticast mode [ 52.271030][ T5965] bridge_slave_0: entered promiscuous mode [ 52.277559][ T5952] team0: Port device team_slave_1 added [ 52.306250][ T5965] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.308540][ T5965] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.310800][ T5965] bridge_slave_1: entered allmulticast mode [ 52.313400][ T5965] bridge_slave_1: entered promiscuous mode [ 52.347053][ T5960] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.349290][ T5960] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.351550][ T5960] bridge_slave_0: entered allmulticast mode [ 52.354341][ T5960] bridge_slave_0: entered promiscuous mode [ 52.398107][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 52.400208][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.407856][ T5952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 52.411958][ T5960] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.414413][ T5960] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.416809][ T5960] bridge_slave_1: entered allmulticast mode [ 52.419420][ T5960] bridge_slave_1: entered promiscuous mode [ 52.451513][ T5951] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.453828][ T5951] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.456361][ T5951] bridge_slave_0: entered allmulticast mode [ 52.459054][ T5951] bridge_slave_0: entered promiscuous mode [ 52.461901][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 52.464567][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.472417][ T5952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 52.492263][ T5965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.495758][ T5951] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.498066][ T5951] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.500383][ T5951] bridge_slave_1: entered allmulticast mode [ 52.503187][ T5951] bridge_slave_1: entered promiscuous mode [ 52.523870][ T5960] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.528248][ T5965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.562058][ T5960] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.608480][ T5965] team0: Port device team_slave_0 added [ 52.612153][ T5965] team0: Port device team_slave_1 added [ 52.616103][ T5951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.621383][ T5960] team0: Port device team_slave_0 added [ 52.652090][ T5951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.669549][ T5960] team0: Port device team_slave_1 added [ 52.689159][ T5952] hsr_slave_0: entered promiscuous mode [ 52.691447][ T5952] hsr_slave_1: entered promiscuous mode [ 52.753391][ T5965] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 52.756385][ T5965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.763529][ T5965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 52.769489][ T5951] team0: Port device team_slave_0 added [ 52.772639][ T5960] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 52.774730][ T5960] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.781845][ T5960] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 52.785755][ T5965] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 52.788176][ T5965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.796707][ T5965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 52.815426][ T5951] team0: Port device team_slave_1 added [ 52.817816][ T5960] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 52.819744][ T5960] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.827517][ T5960] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 52.868865][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 52.871126][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.879094][ T5951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 52.937346][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 52.939619][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.947901][ T5951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.011450][ T5965] hsr_slave_0: entered promiscuous mode [ 53.013554][ T5965] hsr_slave_1: entered promiscuous mode [ 53.015670][ T5965] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 53.017897][ T5965] Cannot create hsr debugfs directory [ 53.031276][ T5960] hsr_slave_0: entered promiscuous mode [ 53.035332][ T5960] hsr_slave_1: entered promiscuous mode [ 53.038145][ T5960] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 53.041239][ T5960] Cannot create hsr debugfs directory [ 53.138349][ T5951] hsr_slave_0: entered promiscuous mode [ 53.140641][ T5951] hsr_slave_1: entered promiscuous mode [ 53.142727][ T5951] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 53.145220][ T5951] Cannot create hsr debugfs directory [ 53.365373][ T5952] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 53.372184][ T5952] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 53.379214][ T5952] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 53.383911][ T5952] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 53.418537][ T5965] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 53.422792][ T5965] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 53.428411][ T5965] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 53.433391][ T5965] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 53.477989][ T5960] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 53.482369][ T5960] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 53.487001][ T5960] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 53.491149][ T5960] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 53.540156][ T5952] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.547742][ T5951] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 53.552035][ T5951] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 53.560851][ T5951] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 53.573830][ T5952] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.576989][ T5951] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 53.606526][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.608892][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.612555][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.614952][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.637421][ T5965] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.654917][ T5968] Bluetooth: hci3: command tx timeout [ 53.664401][ T5968] Bluetooth: hci1: command tx timeout [ 53.664470][ T5962] Bluetooth: hci0: command tx timeout [ 53.665276][ T5965] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.666254][ T5956] Bluetooth: hci2: command tx timeout [ 53.677003][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.679285][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.692080][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.694415][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.695435][ T40] audit: type=1400 audit(1752359031.623:89): avc: denied { sys_module } for pid=5952 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 53.717836][ T5960] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.732063][ T5951] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.757102][ T5951] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.760172][ T5960] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.766770][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.768972][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.777261][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.779545][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.782902][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.785249][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.796531][ T5952] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.801000][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.803245][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.863385][ T5952] veth0_vlan: entered promiscuous mode [ 53.879753][ T5952] veth1_vlan: entered promiscuous mode [ 53.889615][ T5965] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.912028][ T5952] veth0_macvtap: entered promiscuous mode [ 53.922813][ T5952] veth1_macvtap: entered promiscuous mode [ 53.933619][ T5965] veth0_vlan: entered promiscuous mode [ 53.943950][ T5965] veth1_vlan: entered promiscuous mode [ 53.948592][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 53.955206][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 53.962595][ T5952] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.967369][ T5952] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.970066][ T5952] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.972766][ T5952] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.991954][ T5965] veth0_macvtap: entered promiscuous mode [ 54.011199][ T5965] veth1_macvtap: entered promiscuous mode [ 54.016307][ T5960] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.021142][ T5951] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.043073][ T5965] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.055496][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.057119][ T5965] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.058043][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.064081][ T5965] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.067388][ T5965] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.070731][ T5965] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.074797][ T5965] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.101561][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.104545][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.118704][ T5960] veth0_vlan: entered promiscuous mode [ 54.124866][ T5951] veth0_vlan: entered promiscuous mode [ 54.132362][ T5960] veth1_vlan: entered promiscuous mode [ 54.140509][ T5951] veth1_vlan: entered promiscuous mode [ 54.142940][ T5952] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 54.168197][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.170692][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.182694][ T5960] veth0_macvtap: entered promiscuous mode [ 54.186922][ T5960] veth1_macvtap: entered promiscuous mode [ 54.201083][ T5951] veth0_macvtap: entered promiscuous mode [ 54.211355][ T5960] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.213827][ T5951] veth1_macvtap: entered promiscuous mode [ 54.223355][ T5960] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.224654][ T1245] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.230574][ T1245] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.235653][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.238703][ T5960] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.241487][ T5960] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.244361][ T5960] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.247135][ T5960] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.258299][ T6039] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3'. [ 54.258894][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.266169][ T5951] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.268900][ T5951] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.272034][ T5951] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.275033][ T5951] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.287504][ T6039] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6039 comm=syz.2.3 [ 54.342418][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.346082][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.352974][ T1143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.355693][ T1143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.380521][ T6043] warning: `syz.3.5' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 54.415302][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.417024][ T6043] syz.3.5: attempt to access beyond end of device [ 54.417024][ T6043] loop3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 54.418243][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.422306][ T6043] (syz.3.5,6043,2):ocfs2_get_sector:1714 ERROR: status = -5 [ 54.427507][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.428667][ T6043] (syz.3.5,6043,2):ocfs2_sb_probe:753 ERROR: status = -5 [ 54.431551][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.434881][ T6043] (syz.3.5,6043,2):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 54.441266][ T6043] (syz.3.5,6043,2):ocfs2_fill_super:1177 ERROR: status = -5 [ 54.639514][ T6056] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 54.716456][ T6057] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 54.719625][ T6060] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 54.836863][ T6064] netlink: 'syz.0.11': attribute type 11 has an invalid length. [ 54.862098][ T6065] EXT4-fs (sr0): VFS: Can't find ext4 filesystem [ 55.045382][ T6082] netlink: 28 bytes leftover after parsing attributes in process `syz.0.17'. [ 55.048185][ T6082] netlink: 'syz.0.17': attribute type 7 has an invalid length. [ 55.050602][ T6082] netlink: 'syz.0.17': attribute type 8 has an invalid length. [ 55.052877][ T6082] netlink: 4 bytes leftover after parsing attributes in process `syz.0.17'. [ 55.306559][ T6090] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 55.556291][ T6102] netlink: 12 bytes leftover after parsing attributes in process `syz.3.25'. [ 55.611946][ T6108] overlayfs: failed to resolve './file1': -2 [ 55.735375][ T5968] Bluetooth: hci2: command tx timeout [ 55.735452][ T5962] Bluetooth: hci1: command tx timeout [ 55.737575][ T5968] Bluetooth: hci3: command tx timeout [ 55.741360][ T5956] Bluetooth: hci0: command tx timeout [ 56.171152][ T6150] netlink: 48 bytes leftover after parsing attributes in process `syz.1.35'. [ 56.182482][ T6150] Zero length message leads to an empty skb [ 56.191412][ T5968] Bluetooth: hci0: unexpected event 0x03 length: 1 < 11 [ 56.307542][ T40] kauditd_printk_skb: 85 callbacks suppressed [ 56.307553][ T40] audit: type=1400 audit(1752359034.243:175): avc: denied { create } for pid=6158 comm="syz.1.37" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 56.315900][ T6159] vxcan1: tx address claim with dest, not broadcast [ 56.318699][ T6159] netlink: 8 bytes leftover after parsing attributes in process `syz.1.37'. [ 56.322379][ T40] audit: type=1400 audit(1752359034.243:176): avc: denied { ioctl } for pid=6158 comm="syz.1.37" path="socket:[9669]" dev="sockfs" ino=9669 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 56.330376][ T40] audit: type=1400 audit(1752359034.243:177): avc: denied { bind } for pid=6158 comm="syz.1.37" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 56.336478][ T40] audit: type=1400 audit(1752359034.253:178): avc: denied { write } for pid=6158 comm="syz.1.37" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 56.359236][ T6083] netlink: 'syz.2.16': attribute type 3 has an invalid length. [ 56.361608][ T6083] netlink: 220 bytes leftover after parsing attributes in process `syz.2.16'. [ 56.364468][ T40] audit: type=1400 audit(1752359034.293:179): avc: denied { ioctl } for pid=6077 comm="syz.2.16" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=7918 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 56.377123][ T40] audit: type=1400 audit(1752359034.303:180): avc: denied { getopt } for pid=6077 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 56.383507][ T40] audit: type=1400 audit(1752359034.313:181): avc: denied { write } for pid=6077 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 56.392154][ T40] audit: type=1400 audit(1752359034.313:182): avc: denied { connect } for pid=6077 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 56.399391][ T40] audit: type=1400 audit(1752359034.313:183): avc: denied { name_connect } for pid=6077 comm="syz.2.16" dest=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 56.406621][ T6022] usb 5-1: new low-speed USB device number 2 using dummy_hcd [ 56.425440][ T40] audit: type=1400 audit(1752359034.363:184): avc: denied { shutdown } for pid=6077 comm="syz.2.16" lport=38122 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 56.564149][ T6022] usb 5-1: Invalid ep0 maxpacket: 64 [ 56.584648][ T6176] openvswitch: netlink: Unexpected mask (mask=c0, allowed=10048) [ 56.632736][ T6185] netlink: 12 bytes leftover after parsing attributes in process `syz.2.43'. [ 56.679129][ T6190] SELinux: Context system_u:object_r:hostname_exec_t:s0 is not valid (left unmapped). [ 56.714644][ T6022] usb 5-1: new low-speed USB device number 3 using dummy_hcd [ 56.760775][ T6193] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=2567 sclass=netlink_tcpdiag_socket pid=6193 comm=syz.2.46 [ 56.772193][ T6196] hub 9-0:1.0: USB hub found [ 56.774144][ T6196] hub 9-0:1.0: 1 port detected [ 56.778752][ T6196] netlink: 32 bytes leftover after parsing attributes in process `syz.3.47'. [ 56.864191][ T6022] usb 5-1: Invalid ep0 maxpacket: 64 [ 56.866755][ T6022] usb usb5-port1: attempt power cycle [ 56.880865][ T6193] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6193 comm=syz.2.46 [ 56.950359][ T6209] gadgetfs: Unknown parameter '¨WÚË RXT©' [ 56.982693][ T6212] netlink: 56 bytes leftover after parsing attributes in process `syz.2.53'. [ 56.989664][ T6212] efs: device does not support 512 byte blocks [ 56.991833][ T6212] device does not support 512 byte blocks [ 56.991833][ T6212] [ 57.153483][ T6225] netlink: 'syz.2.59': attribute type 39 has an invalid length. [ 57.214077][ T6022] usb 5-1: new low-speed USB device number 4 using dummy_hcd [ 57.235334][ T6022] usb 5-1: Invalid ep0 maxpacket: 64 [ 57.299935][ T6233] netlink: 'syz.1.62': attribute type 1 has an invalid length. [ 57.374023][ T6022] usb 5-1: new low-speed USB device number 5 using dummy_hcd [ 57.394600][ T6022] usb 5-1: Invalid ep0 maxpacket: 64 [ 57.398324][ T6022] usb usb5-port1: unable to enumerate USB device [ 57.486351][ T6255] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 57.488781][ T6255] IPv6: NLM_F_CREATE should be set when creating new route [ 57.560787][ T6270] BIDI support in bsg has been removed. [ 57.814251][ T5968] Bluetooth: hci1: command tx timeout [ 57.816078][ T5968] Bluetooth: hci2: command tx timeout [ 57.824084][ T5968] Bluetooth: hci3: command tx timeout [ 57.824102][ T5956] Bluetooth: hci0: command tx timeout [ 57.830771][ T6295] bridge1: entered promiscuous mode [ 57.835139][ T5961] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 57.985969][ T6300] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 57.996935][ T5961] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 57.999837][ T5961] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 58.002962][ T5961] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 58.005998][ T5961] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 58.009303][ T5961] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 58.013891][ T5961] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 58.017786][ T5961] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 58.020439][ T5961] usb 7-1: Product: syz [ 58.021770][ T5961] usb 7-1: Manufacturer: syz [ 58.030041][ T5961] cdc_wdm 7-1:1.0: skipping garbage [ 58.031781][ T5961] cdc_wdm 7-1:1.0: skipping garbage [ 58.037133][ T5961] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 58.039056][ T5961] cdc_wdm 7-1:1.0: Unknown control protocol [ 58.232044][ T6274] cdc_wdm 7-1:1.0: Error submitting int urb - -90 [ 58.242045][ T837] usb 7-1: USB disconnect, device number 2 [ 58.960437][ T6318] FAULT_INJECTION: forcing a failure. [ 58.960437][ T6318] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 58.966274][ T6318] CPU: 3 UID: 0 PID: 6318 Comm: syz.1.92 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 58.966290][ T6318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 58.966296][ T6318] Call Trace: [ 58.966300][ T6318] [ 58.966305][ T6318] dump_stack_lvl+0x16c/0x1f0 [ 58.966324][ T6318] should_fail_ex+0x512/0x640 [ 58.966341][ T6318] copy_folio_from_iter_atomic+0x375/0x1aa0 [ 58.966365][ T6318] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 58.966382][ T6318] ? shmem_write_begin+0x176/0x300 [ 58.966428][ T6318] ? __pfx_shmem_write_begin+0x10/0x10 [ 58.966443][ T6318] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 58.966458][ T6318] generic_perform_write+0x22c/0x930 [ 58.966476][ T6318] ? __pfx_generic_perform_write+0x10/0x10 [ 58.966491][ T6318] ? inode_needs_update_time.part.0+0x191/0x270 [ 58.966512][ T6318] shmem_file_write_iter+0x10e/0x140 [ 58.966530][ T6318] vfs_iocb_iter_write+0x36d/0xa90 [ 58.966546][ T6318] backing_file_write_iter+0x588/0x8f0 [ 58.966564][ T6318] ovl_write_iter+0x35b/0x430 [ 58.966579][ T6318] ? __pfx_ovl_write_iter+0x10/0x10 [ 58.966593][ T6318] ? __pfx_ovl_file_end_write+0x10/0x10 [ 58.966604][ T6318] ? find_held_lock+0x2b/0x80 [ 58.966619][ T6318] ? aio_write+0x6f7/0x910 [ 58.966635][ T6318] aio_write+0x3b6/0x910 [ 58.966654][ T6318] ? __pfx_aio_write+0x10/0x10 [ 58.966669][ T6318] ? __lock_acquire+0xb8a/0x1c90 [ 58.966687][ T6318] ? __might_fault+0xe3/0x190 [ 58.966700][ T6318] ? __might_fault+0x13b/0x190 [ 58.966717][ T6318] ? io_submit_one+0x1243/0x1df0 [ 58.966732][ T6318] io_submit_one+0x1243/0x1df0 [ 58.966748][ T6318] ? __lock_acquire+0xb8a/0x1c90 [ 58.966760][ T6318] ? __pfx_io_submit_one+0x10/0x10 [ 58.966780][ T6318] ? __might_fault+0xe3/0x190 [ 58.966793][ T6318] ? __might_fault+0x13b/0x190 [ 58.966809][ T6318] ? __x64_sys_io_submit+0x1a9/0x350 [ 58.966824][ T6318] __x64_sys_io_submit+0x1a9/0x350 [ 58.966841][ T6318] ? __pfx___x64_sys_io_submit+0x10/0x10 [ 58.966856][ T6318] ? fput+0x70/0xf0 [ 58.966871][ T6318] do_syscall_64+0xcd/0x4c0 [ 58.966888][ T6318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.966900][ T6318] RIP: 0033:0x7f446618e929 [ 58.966910][ T6318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 58.966920][ T6318] RSP: 002b:00007f4466f6a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 58.966931][ T6318] RAX: ffffffffffffffda RBX: 00007f44663b5fa0 RCX: 00007f446618e929 [ 58.966938][ T6318] RDX: 0000200000000540 RSI: 000000000000003b RDI: 00007f4466f41000 [ 58.966944][ T6318] RBP: 00007f4466f6a090 R08: 0000000000000000 R09: 0000000000000000 [ 58.966950][ T6318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 58.966956][ T6318] R13: 0000000000000000 R14: 00007f44663b5fa0 R15: 00007fff64ba1af8 [ 58.966970][ T6318] [ 59.120361][ T5956] Bluetooth: Unexpected continuation frame (len 128) [ 59.203281][ T6334] process 'syz.1.95' launched './file1' with NULL argv: empty string added [ 59.287676][ T6346] kAFS: unparsable volume name [ 59.894278][ T5956] Bluetooth: hci0: command tx timeout [ 59.894732][ T5968] Bluetooth: hci1: command tx timeout [ 59.904195][ T5968] Bluetooth: hci3: command tx timeout [ 59.906047][ T5956] Bluetooth: hci2: command tx timeout [ 60.087976][ T6357] syz.2.106: attempt to access beyond end of device [ 60.087976][ T6357] loop2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 60.091876][ T6357] (syz.2.106,6357,3):ocfs2_get_sector:1714 ERROR: status = -5 [ 60.094435][ T6357] (syz.2.106,6357,3):ocfs2_sb_probe:753 ERROR: status = -5 [ 60.096602][ T6357] (syz.2.106,6357,3):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 60.099157][ T6357] (syz.2.106,6357,3):ocfs2_fill_super:1177 ERROR: status = -5 [ 60.128516][ T6359] __nla_validate_parse: 6 callbacks suppressed [ 60.128525][ T6359] netlink: 8 bytes leftover after parsing attributes in process `syz.2.107'. [ 60.149307][ T6359] macvlan0: entered promiscuous mode [ 60.151860][ T6359] batadv_slave_1: entered promiscuous mode [ 60.168056][ T6363] sp0: Synchronizing with TNC [ 60.171795][ T6363] sp0: Found TNC [ 60.227037][ T6366] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 60.244795][ C1] Illegal XDP return value 16128 on prog (id 21) dev veth0_to_bridge, expect packet loss! [ 60.324542][ T6374] FAULT_INJECTION: forcing a failure. [ 60.324542][ T6374] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 60.329199][ T6374] CPU: 0 UID: 0 PID: 6374 Comm: syz.0.111 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 60.329226][ T6374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 60.329233][ T6374] Call Trace: [ 60.329237][ T6374] [ 60.329242][ T6374] dump_stack_lvl+0x16c/0x1f0 [ 60.329261][ T6374] should_fail_ex+0x512/0x640 [ 60.329276][ T6374] ? page_copy_sane+0xcd/0x2d0 [ 60.329291][ T6374] copy_folio_from_iter_atomic+0x375/0x1aa0 [ 60.329315][ T6374] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 60.329332][ T6374] ? shmem_write_begin+0x176/0x300 [ 60.329348][ T6374] ? __pfx_shmem_write_begin+0x10/0x10 [ 60.329363][ T6374] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 60.329378][ T6374] generic_perform_write+0x22c/0x930 [ 60.329396][ T6374] ? __pfx_generic_perform_write+0x10/0x10 [ 60.329411][ T6374] ? inode_needs_update_time.part.0+0x191/0x270 [ 60.329433][ T6374] shmem_file_write_iter+0x10e/0x140 [ 60.329451][ T6374] vfs_iocb_iter_write+0x36d/0xa90 [ 60.329466][ T6374] backing_file_write_iter+0x588/0x8f0 [ 60.329486][ T6374] ovl_write_iter+0x35b/0x430 [ 60.329501][ T6374] ? __pfx_ovl_write_iter+0x10/0x10 [ 60.329514][ T6374] ? __pfx_ovl_file_end_write+0x10/0x10 [ 60.329526][ T6374] ? find_held_lock+0x2b/0x80 [ 60.329540][ T6374] ? aio_write+0x6f7/0x910 [ 60.329556][ T6374] aio_write+0x3b6/0x910 [ 60.329571][ T6374] ? __pfx_aio_write+0x10/0x10 [ 60.329585][ T6374] ? __lock_acquire+0xb8a/0x1c90 [ 60.329604][ T6374] ? __might_fault+0xe3/0x190 [ 60.329617][ T6374] ? __might_fault+0x13b/0x190 [ 60.329634][ T6374] ? io_submit_one+0x1243/0x1df0 [ 60.329652][ T6374] io_submit_one+0x1243/0x1df0 [ 60.329669][ T6374] ? __lock_acquire+0xb8a/0x1c90 [ 60.329681][ T6374] ? __pfx_io_submit_one+0x10/0x10 [ 60.329701][ T6374] ? __might_fault+0xe3/0x190 [ 60.329714][ T6374] ? __might_fault+0x13b/0x190 [ 60.329731][ T6374] ? __x64_sys_io_submit+0x1a9/0x350 [ 60.329746][ T6374] __x64_sys_io_submit+0x1a9/0x350 [ 60.329763][ T6374] ? __pfx___x64_sys_io_submit+0x10/0x10 [ 60.329778][ T6374] ? fput+0x70/0xf0 [ 60.329793][ T6374] do_syscall_64+0xcd/0x4c0 [ 60.329810][ T6374] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.329821][ T6374] RIP: 0033:0x7f779bf8e929 [ 60.329831][ T6374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.329841][ T6374] RSP: 002b:00007f779cd12038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 60.329851][ T6374] RAX: ffffffffffffffda RBX: 00007f779c1b5fa0 RCX: 00007f779bf8e929 [ 60.329858][ T6374] RDX: 0000200000000540 RSI: 000000000000003b RDI: 00007f7799dee000 [ 60.329870][ T6374] RBP: 00007f779cd12090 R08: 0000000000000000 R09: 0000000000000000 [ 60.329878][ T6374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 60.329887][ T6374] R13: 0000000000000000 R14: 00007f779c1b5fa0 R15: 00007fff1793f448 [ 60.329907][ T6374] [ 60.424838][ C0] vkms_vblank_simulate: vblank timer overrun [ 60.558624][ T6377] xt_policy: input policy not valid in POSTROUTING and OUTPUT [ 60.565446][ T6377] syz.0.112 uses obsolete (PF_INET,SOCK_PACKET) [ 60.567646][ T6377] syzkaller1: entered promiscuous mode [ 60.569210][ T6377] syzkaller1: entered allmulticast mode [ 61.018965][ T6393] syz.2.119: attempt to access beyond end of device [ 61.018965][ T6393] loop2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 61.022864][ T6393] (syz.2.119,6393,2):ocfs2_get_sector:1714 ERROR: status = -5 [ 61.026140][ T6393] (syz.2.119,6393,3):ocfs2_sb_probe:753 ERROR: status = -5 [ 61.029177][ T6393] (syz.2.119,6393,3):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 61.032681][ T6393] (syz.2.119,6393,3):ocfs2_fill_super:1177 ERROR: status = -5 [ 61.383414][ T40] kauditd_printk_skb: 83 callbacks suppressed [ 61.383424][ T40] audit: type=1400 audit(1752359039.313:268): avc: denied { read write } for pid=6441 comm="syz.2.133" name="uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 61.387863][ T24] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.397438][ T24] hid-generic 0000:0000:0000.0002: hidraw1: HID v0.00 Device [syz0] on syz0 [ 61.401578][ T40] audit: type=1400 audit(1752359039.313:269): avc: denied { open } for pid=6441 comm="syz.2.133" path="/dev/uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 61.414020][ T40] audit: type=1400 audit(1752359039.333:270): avc: denied { read write } for pid=6441 comm="syz.2.133" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 61.421200][ T40] audit: type=1400 audit(1752359039.333:271): avc: denied { open } for pid=6441 comm="syz.2.133" path="/dev/raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 61.428658][ T40] audit: type=1400 audit(1752359039.333:272): avc: denied { ioctl } for pid=6441 comm="syz.2.133" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 61.436545][ C2] ------------[ cut here ]------------ [ 61.436555][ C2] WARNING: CPU: 2 PID: 40 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x684/0x830 [ 61.436604][ C2] Modules linked in: [ 61.436617][ C2] CPU: 2 UID: 0 PID: 40 Comm: kauditd Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 61.436630][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 61.436636][ C2] RIP: 0010:inet_sock_destruct+0x684/0x830 [ 61.436670][ C2] Code: 0f 0b 90 e9 12 fe ff ff e8 a9 99 b5 f7 90 0f 0b 90 e9 5e fe ff ff e8 9b 99 b5 f7 90 0f 0b 90 e9 94 fe ff ff e8 8d 99 b5 f7 90 <0f> 0b 90 e9 d3 fe ff ff e8 3f 73 1c f8 e9 d7 fc ff ff 4c 89 ff e8 [ 61.436681][ C2] RSP: 0018:ffffc90000648d90 EFLAGS: 00010246 [ 61.436691][ C2] RAX: 0000000000000000 RBX: ffff888036440000 RCX: ffffffff8a0657c7 [ 61.436698][ C2] RDX: ffff88801c352440 RSI: ffffffff8a0658f3 RDI: 0000000000000005 [ 61.436704][ C2] RBP: 0000000000000fff R08: 0000000000000005 R09: 0000000000000000 [ 61.436711][ C2] R10: 0000000000000fff R11: 0000000000000001 R12: ffff888036440000 [ 61.436717][ C2] R13: ffff888036440090 R14: ffffc90000648e90 R15: 0000000000000003 [ 61.436724][ C2] FS: 0000000000000000(0000) GS:ffff8880d6913000(0000) knlGS:0000000000000000 [ 61.436773][ C2] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 61.436782][ C2] CR2: 00007fff1793ee40 CR3: 000000004f867000 CR4: 0000000000352ef0 [ 61.436788][ C2] Call Trace: [ 61.436792][ C2] [ 61.436797][ C2] ? inet6_cleanup_sock+0x117/0x210 [ 61.436838][ C2] ? __pfx_inet6_sock_destruct+0x10/0x10 [ 61.436856][ C2] __sk_destruct+0x81/0x980 [ 61.436870][ C2] ? rcu_core+0x797/0x14e0 [ 61.436882][ C2] rcu_core+0x79c/0x14e0 [ 61.436897][ C2] ? __pfx_rcu_core+0x10/0x10 [ 61.436913][ C2] handle_softirqs+0x219/0x8e0 [ 61.436928][ C2] ? __pfx_handle_softirqs+0x10/0x10 [ 61.436943][ C2] __irq_exit_rcu+0x109/0x170 [ 61.436955][ C2] irq_exit_rcu+0x9/0x30 [ 61.436966][ C2] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 61.436981][ C2] [ 61.436985][ C2] [ 61.436989][ C2] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 61.437000][ C2] RIP: 0010:console_flush_all+0x9a2/0xc60 [ 61.437013][ C2] Code: 00 e8 32 63 28 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 e0 8d 20 00 48 85 db 0f 85 55 01 00 00 e8 62 92 20 00 fb 4c 89 e0 <48> c1 e8 03 42 80 3c 38 00 0f 84 11 ff ff ff 4c 89 e7 e8 67 6c 87 [ 61.437023][ C2] RSP: 0018:ffffc9000078f9c8 EFLAGS: 00000293 [ 61.437031][ C2] RAX: ffffffff8f2ec198 RBX: 0000000000000000 RCX: ffffffff819b6010 [ 61.437038][ C2] RDX: ffff88801c352440 RSI: ffffffff819b601e RDI: 0000000000000007 [ 61.437044][ C2] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 61.437050][ C2] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff8f2ec198 [ 61.437056][ C2] R13: ffffffff8f2ec140 R14: ffffc9000078fa58 R15: dffffc0000000000 [ 61.437066][ C2] ? console_flush_all+0x990/0xc60 [ 61.437078][ C2] ? console_flush_all+0x99e/0xc60 [ 61.437092][ C2] ? console_flush_all+0x99e/0xc60 [ 61.437106][ C2] ? __pfx_console_flush_all+0x10/0x10 [ 61.437123][ C2] ? is_printk_cpu_sync_owner+0x32/0x40 [ 61.437138][ C2] console_unlock+0xd8/0x210 [ 61.437150][ C2] ? __pfx_console_unlock+0x10/0x10 [ 61.437162][ C2] ? do_raw_spin_unlock+0xb0/0x230 [ 61.437175][ C2] ? _printk+0xc7/0x100 [ 61.437185][ C2] ? __down_trylock_console_sem+0xb0/0x140 [ 61.437196][ C2] vprintk_emit+0x418/0x6d0 [ 61.437209][ C2] ? __pfx_vprintk_emit+0x10/0x10 [ 61.437222][ C2] ? find_held_lock+0x2b/0x80 [ 61.437237][ C2] ? __pfx_kauditd_send_multicast_skb+0x10/0x10 [ 61.437253][ C2] _printk+0xc7/0x100 [ 61.437262][ C2] ? __pfx__printk+0x10/0x10 [ 61.437273][ C2] ? netlink_has_listeners+0x20f/0x430 [ 61.437289][ C2] ? __pfx____ratelimit+0x10/0x10 [ 61.437303][ C2] ? kauditd_hold_skb+0x1bc/0x250 [ 61.437318][ C2] kauditd_hold_skb+0x205/0x250 [ 61.437334][ C2] kauditd_send_queue+0x239/0x290 [ 61.437349][ C2] ? __pfx_kauditd_hold_skb+0x10/0x10 [ 61.437365][ C2] kauditd_thread+0x623/0xa70 [ 61.437380][ C2] ? __pfx_kauditd_thread+0x10/0x10 [ 61.437396][ C2] ? __pfx_autoremove_wake_function+0x10/0x10 [ 61.437411][ C2] ? lockdep_hardirqs_on+0x7c/0x110 [ 61.437425][ C2] ? __kthread_parkme+0x19e/0x250 [ 61.437440][ C2] ? __pfx_kauditd_thread+0x10/0x10 [ 61.437455][ C2] kthread+0x3c5/0x780 [ 61.437465][ C2] ? __pfx_kthread+0x10/0x10 [ 61.437476][ C2] ? rcu_is_watching+0x12/0xc0 [ 61.437489][ C2] ? __pfx_kthread+0x10/0x10 [ 61.437499][ C2] ret_from_fork+0x5d7/0x6f0 [ 61.437514][ C2] ? __pfx_kthread+0x10/0x10 [ 61.437524][ C2] ret_from_fork_asm+0x1a/0x30 [ 61.437542][ C2] [ 61.437548][ C2] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 61.437555][ C2] CPU: 2 UID: 0 PID: 40 Comm: kauditd Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 61.437570][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 61.437576][ C2] Call Trace: [ 61.437580][ C2] [ 61.437583][ C2] dump_stack_lvl+0x3d/0x1f0 [ 61.437598][ C2] panic+0x71c/0x800 [ 61.437612][ C2] ? __pfx_panic+0x10/0x10 [ 61.437627][ C2] ? show_trace_log_lvl+0x29b/0x3e0 [ 61.437645][ C2] ? check_panic_on_warn+0x1f/0xb0 [ 61.437655][ C2] ? inet_sock_destruct+0x684/0x830 [ 61.437666][ C2] check_panic_on_warn+0xab/0xb0 [ 61.437676][ C2] __warn+0xf6/0x3c0 [ 61.437685][ C2] ? inet_sock_destruct+0x684/0x830 [ 61.437697][ C2] report_bug+0x3c3/0x580 [ 61.437709][ C2] ? inet_sock_destruct+0x684/0x830 [ 61.437722][ C2] handle_bug+0x184/0x210 [ 61.437737][ C2] exc_invalid_op+0x17/0x50 [ 61.437746][ C2] asm_exc_invalid_op+0x1a/0x20 [ 61.437755][ C2] RIP: 0010:inet_sock_destruct+0x684/0x830 [ 61.437767][ C2] Code: 0f 0b 90 e9 12 fe ff ff e8 a9 99 b5 f7 90 0f 0b 90 e9 5e fe ff ff e8 9b 99 b5 f7 90 0f 0b 90 e9 94 fe ff ff e8 8d 99 b5 f7 90 <0f> 0b 90 e9 d3 fe ff ff e8 3f 73 1c f8 e9 d7 fc ff ff 4c 89 ff e8 [ 61.437775][ C2] RSP: 0018:ffffc90000648d90 EFLAGS: 00010246 [ 61.437783][ C2] RAX: 0000000000000000 RBX: ffff888036440000 RCX: ffffffff8a0657c7 [ 61.437789][ C2] RDX: ffff88801c352440 RSI: ffffffff8a0658f3 RDI: 0000000000000005 [ 61.437795][ C2] RBP: 0000000000000fff R08: 0000000000000005 R09: 0000000000000000 [ 61.437801][ C2] R10: 0000000000000fff R11: 0000000000000001 R12: ffff888036440000 [ 61.437807][ C2] R13: ffff888036440090 R14: ffffc90000648e90 R15: 0000000000000003 [ 61.437817][ C2] ? inet_sock_destruct+0x557/0x830 [ 61.437828][ C2] ? inet_sock_destruct+0x683/0x830 [ 61.437842][ C2] ? inet6_cleanup_sock+0x117/0x210 [ 61.437855][ C2] ? __pfx_inet6_sock_destruct+0x10/0x10 [ 61.437870][ C2] __sk_destruct+0x81/0x980 [ 61.437882][ C2] ? rcu_core+0x797/0x14e0 [ 61.437893][ C2] rcu_core+0x79c/0x14e0 [ 61.437906][ C2] ? __pfx_rcu_core+0x10/0x10 [ 61.437922][ C2] handle_softirqs+0x219/0x8e0 [ 61.437936][ C2] ? __pfx_handle_softirqs+0x10/0x10 [ 61.437951][ C2] __irq_exit_rcu+0x109/0x170 [ 61.437962][ C2] irq_exit_rcu+0x9/0x30 [ 61.437973][ C2] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 61.437985][ C2] [ 61.437988][ C2] [ 61.437992][ C2] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 61.438002][ C2] RIP: 0010:console_flush_all+0x9a2/0xc60 [ 61.438014][ C2] Code: 00 e8 32 63 28 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 e0 8d 20 00 48 85 db 0f 85 55 01 00 00 e8 62 92 20 00 fb 4c 89 e0 <48> c1 e8 03 42 80 3c 38 00 0f 84 11 ff ff ff 4c 89 e7 e8 67 6c 87 [ 61.438023][ C2] RSP: 0018:ffffc9000078f9c8 EFLAGS: 00000293 [ 61.438030][ C2] RAX: ffffffff8f2ec198 RBX: 0000000000000000 RCX: ffffffff819b6010 [ 61.438036][ C2] RDX: ffff88801c352440 RSI: ffffffff819b601e RDI: 0000000000000007 [ 61.438042][ C2] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 61.438048][ C2] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff8f2ec198 [ 61.438053][ C2] R13: ffffffff8f2ec140 R14: ffffc9000078fa58 R15: dffffc0000000000 [ 61.438063][ C2] ? console_flush_all+0x990/0xc60 [ 61.438074][ C2] ? console_flush_all+0x99e/0xc60 [ 61.438087][ C2] ? console_flush_all+0x99e/0xc60 [ 61.438101][ C2] ? __pfx_console_flush_all+0x10/0x10 [ 61.438117][ C2] ? is_printk_cpu_sync_owner+0x32/0x40 [ 61.438132][ C2] console_unlock+0xd8/0x210 [ 61.438144][ C2] ? __pfx_console_unlock+0x10/0x10 [ 61.438155][ C2] ? do_raw_spin_unlock+0xb0/0x230 [ 61.438167][ C2] ? _printk+0xc7/0x100 [ 61.438176][ C2] ? __down_trylock_console_sem+0xb0/0x140 [ 61.438187][ C2] vprintk_emit+0x418/0x6d0 [ 61.438200][ C2] ? __pfx_vprintk_emit+0x10/0x10 [ 61.438212][ C2] ? find_held_lock+0x2b/0x80 [ 61.438226][ C2] ? __pfx_kauditd_send_multicast_skb+0x10/0x10 [ 61.438240][ C2] _printk+0xc7/0x100 [ 61.438249][ C2] ? __pfx__printk+0x10/0x10 [ 61.438260][ C2] ? netlink_has_listeners+0x20f/0x430 [ 61.438274][ C2] ? __pfx____ratelimit+0x10/0x10 [ 61.438287][ C2] ? kauditd_hold_skb+0x1bc/0x250 [ 61.438302][ C2] kauditd_hold_skb+0x205/0x250 [ 61.438317][ C2] kauditd_send_queue+0x239/0x290 [ 61.438331][ C2] ? __pfx_kauditd_hold_skb+0x10/0x10 [ 61.438347][ C2] kauditd_thread+0x623/0xa70 [ 61.438362][ C2] ? __pfx_kauditd_thread+0x10/0x10 [ 61.438396][ C2] ? __pfx_autoremove_wake_function+0x10/0x10 [ 61.438410][ C2] ? lockdep_hardirqs_on+0x7c/0x110 [ 61.438423][ C2] ? __kthread_parkme+0x19e/0x250 [ 61.438437][ C2] ? __pfx_kauditd_thread+0x10/0x10 [ 61.438451][ C2] kthread+0x3c5/0x780 [ 61.438461][ C2] ? __pfx_kthread+0x10/0x10 [ 61.438471][ C2] ? rcu_is_watching+0x12/0xc0 [ 61.438483][ C2] ? __pfx_kthread+0x10/0x10 [ 61.438493][ C2] ret_from_fork+0x5d7/0x6f0 [ 61.438507][ C2] ? __pfx_kthread+0x10/0x10 [ 61.438516][ C2] ret_from_fork_asm+0x1a/0x30 [ 61.438533][ C2] [ 61.439199][ C2] Kernel Offset: disabled VM DIAGNOSIS: 22:23:59 Registers: info registers vcpu 0 CPU#0 RAX=0000000080010001 RBX=0000000000000000 RCX=ffffffff81607e50 RDX=ffff888028ed4880 RSI=ffffffff81607e98 RDI=ffffffff93d5f080 RBP=0000000000000000 RSP=ffffc90000007fd0 R8 =0000000000000001 R9 =fffffbfff27abe10 R10=ffffffff93d5f087 R11=0000000000000001 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff81607e99 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] FS =0000 00007f4466f6a6c0 ffffffff 00c09300 DPL=0 DS [-WA] GS =0000 ffff8880d6713000 ffffffff 00c09300 DPL=0 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000ffff IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000005f83d000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000d00000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000000d ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000a400 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004c00 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7f04000090 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000600 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1400000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 00000000160018b5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffaaaaaaffaaaaaa ffaaaaaaffaaaaaa ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff0000000000aa 00ff0000000000aa ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff0000000000aa 00ff0000000000aa ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff0000aaff0000aa ffaaaaaaffaaaaaa ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff0000000000aa 00ff0000000000aa ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000080010000 RBX=0000000000000000 RCX=ffffffff81607e50 RDX=ffff888038f78000 RSI=ffffffff81607e98 RDI=ffffffff93d5f080 RBP=0000000000000001 RSP=ffffc900006a0fd0 R8 =0000000000000001 R9 =fffffbfff27abe10 R10=ffffffff93d5f087 R11=0000000000000001 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff81607e99 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6813000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f9d12b52000 CR3=000000002affb000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 637062696c2f3436 62696c2f7273752f ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000570 0000000000060a90 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff0000000000ff ffffffffffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001da0 0000000000033260 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000050 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff855bced5 RDI=ffffffff9b0c72a0 RBP=ffffffff9b0c7260 RSP=ffffc900006487e8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552032203a555043 R12=0000000000000000 R13=0000000000000050 R14=ffffffff9b0c7260 R15=ffffffff855bce70 RIP=ffffffff855bceff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6913000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fff1793ee40 CR3=000000004f867000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000010000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff1793f7d0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f779c011b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f779c011b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f779c011b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f779c011b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f779c011bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f779c011c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000080010001 RBX=0000000000000000 RCX=ffffffff81607e50 RDX=ffff88801e2b0000 RSI=ffffffff81607e98 RDI=ffffffff93d5f080 RBP=0000000000000003 RSP=ffffc900006f8fd0 R8 =0000000000000001 R9 =fffffbfff27abe10 R10=ffffffff93d5f087 R11=0000000000000001 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff81607e99 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6a13000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ff72c5f2b60 CR3=000000000e382000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000010000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff1793f7d0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f779c011b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f779c011b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f779c011b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f779c011b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f779c011bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f779c011c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000