last executing test programs: 1.039689405s ago: executing program 1 (id=2): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r1, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) bind$inet(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB='3\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000100002000000000000600000008000300", @ANYRES32=r5, @ANYBLOB="05005300010000000800050002000000"], 0x2c}}, 0x84) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000410000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a320000000014000480080001400000000108000240378b5ec30900010073797a300000000048000000060a010400000000000000000100000008000b40000000000900010073797a3000000000200004801c0001800a00010071756575650000000c0007000000014000170000140000001100010000000000000000000000000a"], 0xd0}}, 0x8800) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x2}, 0x94) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRESHEX, @ANYRES32=0x0, @ANYBLOB="efb00000800000006c0012800b00010062726964676500005c00028008000500010000000c002e"], 0x8c}, 0x1, 0x0, 0x0, 0x4000084}, 0x14) r7 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000c80)={'veth1_to_hsr\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_BUCKETS_LOG={0x8, 0x8, 0x14}, @TCA_FQ_PLIMIT={0x8, 0x1, 0x2}]}}]}, 0x40}}, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="48000000100003040000000000", @ANYBLOB="02000000000000001400128009000100766574"], 0x48}}, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r10, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000007c0)=[@text32={0x20, 0x0}], 0x1, 0x9, 0x0, 0x0) ioctl$KVM_RUN(r11, 0xae80, 0x0) r12 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0) r13 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r13, 0x0, 0x48a, &(0x7f0000000040)={0x5, 0xbc46, 0x759e}, 0xc) fsmount(r12, 0x1, 0x3) 856.506977ms ago: executing program 2 (id=3): timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000180)=ANY=[@ANYBLOB="1400000026000100000000000000000006"], 0x14}], 0x1}, 0x0) open$dir(&(0x7f0000000040)='./file0\x00', 0x341401, 0x30) 749.38406ms ago: executing program 1 (id=7): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'netpci0\x00', 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0xfffffffffffffffd) ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x4) r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f00000000c0)=0x2) r3 = ioctl$USERFAULTFD_IOC_NEW(0xffffffffffffffff, 0xaa00) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}}) madvise(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x18) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$CDROMREADALL(r5, 0x5318, &(0x7f0000000180)) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r2, 0xc02c564a, &(0x7f0000000c00)={0x7, 0x32314d59, 0x3, @stepwise={0x1, 0x80000000, 0xfd90, 0xfffffffd, 0x1, 0x6}}) ioctl$PTP_ENABLE_PPS(r4, 0x40043d04, 0x0) close_range(r3, r1, 0x0) ioctl$TIOCGWINSZ(r4, 0x5413, &(0x7f0000000c40)) r6 = fcntl$dupfd(r1, 0x406, r3) ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f0000000c80)={0x3ff, 0x2, 0x3, 0x0, 0x5d}) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000cc0)={'vlan1\x00'}) write$FUSE_NOTIFY_STORE(r6, &(0x7f0000000d00)={0x2d, 0x4, 0x0, {0x4, 0xd712, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0]}}, 0x2d) ioctl$UFFDIO_WAKE(r6, 0x8010aa02, &(0x7f0000000d40)={&(0x7f0000ffc000/0x2000)=nil, 0x2000}) connect$inet6(r5, &(0x7f0000000d80)={0xa, 0x4e20, 0x9, @mcast2, 0x7}, 0x1c) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000dc0)={0x8, 0x3, 0x1, 0x0, 0x9}) r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000e00)={r5}, 0x8) ioctl$DRM_IOCTL_PANTHOR_VM_CREATE(r6, 0xc0106441, &(0x7f0000000e40)={0x0, 0x0, 0x9}) ioctl$DRM_IOCTL_PANTHOR_BO_CREATE(r7, 0xc0186445, &(0x7f0000000e80)={0x37a183c2, 0x2, r8}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r5, 0x89f0, &(0x7f0000000f40)={'syztnl0\x00', &(0x7f0000000ec0)={'ip6_vti0\x00', r0, 0x2f, 0x1, 0x1, 0x4, 0x10, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1, 0x7, 0xffffffff, 0x80000000}}) setsockopt$inet_mreqn(r4, 0x0, 0x20, &(0x7f0000000f80)={@empty, @dev={0xac, 0x14, 0x14, 0x2e}, r9}, 0xc) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r4, 0x800442d4, &(0x7f0000000fc0)=0xa780) r10 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001000), 0x2, 0x0) read$FUSE(r10, &(0x7f0000001040)={0x2020}, 0x2020) syz_clone(0x40000, &(0x7f0000003080)="631afd7dc5317bd22621fb01896910c32cd57cf505d29dfa63bbc5226e5bda9c335f651d455d86a9207c8e0480d1ed91c75e36e90cee76e777d23ca4065e730448f559eb7818a6d60e80a9ec7503d7700caa6fcd35c596635351a1d4e5ebdc6bf2ac1ce3415fae98ac9dbaf83f6c3eb6d6be9f679f68df1050431f28add734562d87e83db23c1cb92c0bf1b42d869b4f313fb91c86b47c3f2714d84483c0e1a1f542ea5f8c14672712172f", 0xab, &(0x7f0000003140), &(0x7f0000003180), &(0x7f00000031c0)="c309e4b4b791e541748f0f6f574d83e0e0c76d30e5518430c4996b5fb159e960035af3fc3ec056dd11bb720a4b5fcd4bead6d36ee3d11399fc12945dfb7979422b402c5a3b273589694619d7cc9cb8675e0627db83fd24ca4835eea06ecd24052f81371f56ce65fc19ee888b18eec20de7e206c5d3bb4e7b4b038186478c2f9ff5d85951cac1bca6635beb302ab41d52087cbfbf99ed72d15a17fa00830413d9d85a5fe7dc43d891c870d4") 628.982961ms ago: executing program 2 (id=11): unshare(0x62020600) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x5, 0x0, 0x0, {0x0, 0x0, 0x8}}], {0x14}}, 0x84}}, 0x0) 519.250642ms ago: executing program 2 (id=15): ioctl$KDGKBSENT(0xffffffffffffffff, 0x4b48, 0x0) (async) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$MAP_CREATE(0x0, 0x0, 0x50) r0 = socket(0x2, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000080)=[{0x30, 0x5, 0x1, 0xfffff034}, {0x6, 0x1, 0x6, 0x6}]}, 0x10) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x300}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_emit_ethernet(0x22, &(0x7f0000002180)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x84, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0xe}}}}}}, 0x0) 518.750295ms ago: executing program 2 (id=17): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000300)='pids.current\x00', 0x0, 0x0) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x2}) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x17, 0x10, &(0x7f0000000ac0)=ANY=[@ANYBLOB="180500000000de000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000010230000", @ANYRES32=0x0, @ANYRESHEX=0x0, @ANYRES64=r2, @ANYRES32=r0, @ANYRES8=r0, @ANYBLOB="6e1b1cb0b31a546cd4ee513d6eb8e01d0e49bb001b2a6434681fce703ae7ce07f821be01131293136165526b1239a0de31845798805b399b25e2181210ceb1c8913edbbd4d7c53d9c33b8367a66ebc7ffc4fbf0825b1efc7cfe0c69b9109247503289b6bd8d0603f2e669ad00891afbfcf1258dc7c42cdb3e0efd9b4ee36c05e4589040ca725566da06efb979a38115aae79d58a4f16707efcd5be6c503c2f38d5d08eb69260acb6aaee5e3605000000000000004d7d03770ed8604f22602b4448e6438cc67547957cae5fbdc80d9cc3d47cf0544cb2689103ece6269e3abca8a109be093b26cbe1eee234c19d71227b0213ca0c45a0fb879d1357d668"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94) open(&(0x7f0000000880)='./cgroup/../file0\x00', 0x4000, 0x45) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x0, 0x8, &(0x7f00000005c0)=ANY=[@ANYBLOB="180800000000000000000000000000008510000003000000180000000000000000000000000000009500000000"], 0x0, 0x5, 0x0, 0x0, 0x41100, 0x20}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x7, 0x10, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r3, @ANYRESOCT=r2], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[], 0x50}}, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r6 = dup3(r4, r2, 0x0) r7 = syz_clone(0x81000000, 0x0, 0x0, 0x0, 0x0, 0x0) syz_pidfd_open(r7, 0x0) syz_usb_disconnect(0xffffffffffffffff) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x8, 0x4, 0x8b, 0xfffa}, 0x1d, [0x7ffe, 0xc95a, 0x1, 0x9, 0x80, 0x2, 0x40003, 0x7f, 0x6, 0x4d, 0x9, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x6, 0x4, 0x8, 0x4, 0x3c5b, 0x1, 0x3, 0x9b, 0x1, 0x1f461e2c, 0x0, 0xe660, 0x4, 0x7, 0x101, 0x7fff, 0x1, 0x80000000, 0x242, 0x3, 0xe, 0xfffffffb, 0x71, 0x2, 0x7, 0x0, 0x0, 0xd, 0x80003e, 0x8f, 0x6, 0x10000006, 0x0, 0x6, 0x4, 0x8, 0x0, 0x2, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x1, 0xffff, 0x800, 0x7ffe, 0x9, 0xfffffff3, 0x129432e6, 0xcb, 0x6, 0xd, 0x2bf, 0x206c9, 0x9, 0x6, 0x3, 0x0, 0x7, 0x5, 0x2, 0x9, 0x312, 0x74, 0xea4, 0x0, 0x4, 0x4, 0x8000, 0x3, 0x400, 0x5, 0x6, 0x7, 0xff, 0x5, 0x5, 0x5f31, 0xfff, 0x0, 0x2, 0x100002, 0xa, 0x4, 0x9, 0x8, 0x800, 0x6, 0x7, 0x8002, 0x1, 0x9, 0xff7f, 0x2, 0x7f, 0x9, 0x2, 0xffffffff, 0xfffffffd, 0x1, 0x7, 0x80000003, 0x9, 0x48c93690, 0x42, 0x9], [0x400, 0x4, 0x0, 0x5, 0xfffffffe, 0xfffff76b, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x83, 0x80000003, 0x200009, 0x100003e7, 0x3ff, 0x5, 0x3, 0x2, 0xf38, 0x8, 0x4, 0x6d01, 0x5, 0x38, 0x800003, 0x200, 0x80, 0xf, 0xd, 0x2950bfaf, 0xfff, 0xa2, 0x7, 0x53cf6978, 0x1004, 0x6, 0xac8, 0x7, 0x2, 0x3, 0x7ff, 0xfffffffc, 0x2, 0x4, 0xffff, 0x0, 0x1a, 0x1a, 0x120000, 0x3, 0x6, 0xaaed, 0x4, 0x65], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0x20000ce7, 0x1ff, 0x2, 0xf5a, 0x5, 0x2, 0x101, 0x10000, 0x6, 0x7ffe, 0x80000000, 0x4, 0x2, 0xc, 0x1, 0x4, 0x14c, 0x60a7, 0xe, 0x6, 0xffffffff, 0x3, 0x5, 0x8, 0x5, 0xee1, 0xfffff000, 0x4a, 0x3, 0x7f, 0x104, 0x9606, 0x7, 0x2, 0x4, 0x8006, 0x1, 0x0, 0x4, 0x8, 0x30b1d693, 0xa1f, 0x8, 0x7, 0x1, 0x6c1b, 0x2, 0x7, 0xb0b2748, 0x1, 0x1, 0x204, 0xffbf2441, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) r8 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000280)="b51fac3cd42404eb23108b4875dc34b9000000000000003395f2ad00000000", 0x1f}}, 0x94) r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r9, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000600)=ANY=[@ANYBLOB="6112a0000000000061138c0000000000bf2000000000000007000000080000003d0301000000000095000000000000006916200000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f3d2401000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9755ba08508460b603daf5a7d1dbdd2d17f2f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c51231422bb8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ffa78b02af242f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564b8f8a621483fb2a5ff221e0d831d64759d17b8c59d0f2b06e7f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d545741fbbbea3e47b1750f272980087b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0}) mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x10000000000) ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"}) ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 321.583175ms ago: executing program 3 (id=23): unshare(0x62020600) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x5, 0x0, 0x0, {0x0, 0x0, 0x8}}], {0x14}}, 0x84}}, 0x0) 248.163075ms ago: executing program 3 (id=27): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x4004850) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000340)={0x200000, 0x200000, 0x0, 0x0, 0x5989}) r1 = socket$inet6(0xa, 0x2, 0x0) close(0x3) r2 = socket$l2tp6(0xa, 0x2, 0x73) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4) sendmsg$inet6(r2, &(0x7f0000000080)={&(0x7f0000000180)={0xa, 0x4e20, 0x80000, @dev={0xfe, 0x80, '\x00', 0x23}, 0xfffffffe}, 0x1c, 0x0, 0x0, &(0x7f00000000c0)=[@dstopts_2292={{0x18, 0x29, 0x4, {0xc}}}], 0x18}, 0x440e0) sendmsg$NFT_BATCH(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000220000a3c000000120afb930f92000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0) 179.852858ms ago: executing program 3 (id=28): socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28) 179.151319ms ago: executing program 0 (id=29): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000002080)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe) listen(r0, 0xa) close(r0) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x5, 0x1}, 0x50) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/fib_triestat\x00') ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000001200)={0xffffffffffffffff, 0x8, 0x2, 0x2}) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000003c0)={0x0, 0x0}, 0x8) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=r4, 0x4) r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000014c0)=@bpf_tracing={0x1a, 0x19, &(0x7f0000001280)=ANY=[@ANYBLOB="184a0000f8ffffff0000000000000000a7280400100000006121f4ff000000002d2100010000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000000000008500000086000000b7080000000000007b8af8ff00000000b70800008d0400007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="8028ba3f78a1922fb70500000800000085000000a5000000852000000200000085000010bf00000085100000fcffffff"], &(0x7f0000001380)='GPL\x00', 0x9, 0x20, &(0x7f00000013c0)=""/32, 0x41000, 0x0, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000001400)={0x4, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x2b0c3, 0xffffffffffffffff, 0x4, &(0x7f0000001440)=[0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001480)=[{0x1, 0x5, 0x9, 0x2}, {0x2, 0x1, 0x5, 0x7}, {0x0, 0x3, 0x7, 0x7}, {0x0, 0x2, 0x7, 0x6}], 0x10, 0x7}, 0x94) r6 = syz_open_procfs(0x0, &(0x7f0000000000)='task\x00') getdents64(r6, &(0x7f0000000240)=""/44, 0x7a) getdents64(r6, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000015c0)={0x1e, 0x1d, &(0x7f00000000c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x8}, @call={0x85, 0x0, 0x0, 0x7}, @cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffffd}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='GPL\x00', 0x7, 0x1000, &(0x7f0000000200)=""/4096, 0x40f00, 0x4, '\x00', 0x0, @fallback, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001240)={0x4, 0x5, 0x4, 0x1ff}, 0x10, r4, r5, 0x0, &(0x7f0000001580)=[r6], 0x0, 0x10, 0xb5fa}, 0x94) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0) 178.744003ms ago: executing program 3 (id=30): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r0, &(0x7f00000003c0)={&(0x7f0000000180), 0x10, &(0x7f0000000380)=[{&(0x7f0000000480)="c3e972bd85a6d84136d6dd55048d3593a74f338ce6772ab9a6f64041c2f6fbbecdc08ebcd3192b6a53662dae7c8e9c665e80a5d0925f728dcac30c29793992e588952653d414cb8ccdabc38767fee819ec5af0c5ee936880fe8549b4ed347779cab4ffd4e0b62c53a1c01db28f2b3f91c34211c9353bc1dece61511917c2245fd66cb8dffeacb4d46d627c97b498bf1ff6b313bfbc9765457c831771d5eec7997ec242e4505f01c1bb3e069b2e630f42a2be86598a61", 0xb6}, {&(0x7f0000001600)="3eed50d0125719a810f88e3f47186fe4dae74182dfd109a2587c4797410c9b8e39bd3d9aa144d5908647c30c8db69b5c17084c9b1bfbb8680737c4f88abcdbc7d294d72ab1b344270915df9ddf5635644c351c22b29d948ac4106bce7107570beed63077cfbc98ef71699eae65d37724d995b553e7a3ade619b522313ab382caf879feb48942878e605ee3ee2872794e3abe22a3f025068b628a5d92468092a5cc649bbbd978b5772e537939432a502122235ced312dafd108c9ffeb0b38cc16da9418ca01d485a6afb5827da4df6e1121ec307de14bb32b6a977608e4576a998182dd93d592ff43e55bfdbbce23ecd501e43b3e93ef8d9d01711dff54c301e299d3801a3cffe6c9883fbd0e47124dc02569f62d48b878fcb58ce99fcffcd2a5166eff3ad93cf1d137274993d86a3b3730d63ded759f6ca88fa449e5575b15321e5a58a1f888eed7466db4976ce35f6d2efb5ad05d99a66482dc607cb5acb24d326803bd337519cc98103f59c63b5962cd72e4497d1b00817d6e09de70270a09b493c2226617b1c9ef9d506be00d6e07f14633a966f04ecca90fb8d2b963ad6f3817935bd6534fa3da1c5dc468789cbf1192f3c0bff3777f1edd2ada5d35f88f12f29e952c44445ce623509d66811c80a9e0f13ad85aba37d86ff0da4dda601d9e8acb264233bc939fb056316612cff687d5c44157be05bcc88b333ff2a40041d98f1acfe6e2231a84e09bd7a54a0442cf87ce3ee8fd8da39da1862862ae40fc3cb3055c8b70e62f243850707341f51426bb3e71c7a4fffefab060db786000618b05eb087a424a2f30f6a232ff44b605f70ceec0a8f70e37907f6e0bbba21e9d5b7ecb6d287742b75c101ba79525918c3473eae38f3c177249dfa8816661c9921f0b0c858d53ab87c8407b97950c842111002edd1d1e80b801b495da28bcd5409bc971e55dab1857e188ac9728efc8f9a4543945f86ade13b445eacecbbf848a96410ac37c57e3e9e8bc8b8fadd559d225c7468639da2b5d1208558b51e94c14faa7947a7c60e81a96bb5d194cc7289adbc02ebb4b49be1f1efc429db2f9b79b5a22919dba0c35341042c5776942c52365367c4bfc95b42be383cca7107161ded7e851d0126da33d581f1e2b08d0c061e86d31e7a83f9b51c79b4034c7deda7697034e1404c6e8e459f76c2efe64350146c7437ef808e04ca14df5f6f500264fd977272bbf8fc096774e8eb61d0963430751ac1425a073f84346b0eba368cba7fa34adc420800d4f99927280eba199f9695cf88124fafc3a2b1226d2f2ab3ea27c69a127650cf5c725b54c02bd8729033cf699ce7f030f9a3442056244da3cfb61a8126dba11377624f39eb009242152fd7b8b88de7dd86057f29bfcb7b7df0e65e7e9ac9eeaa41afa62743698bff03d5b2d51fb6bca2d92294e8e177cfa3661b26f1c040e9bed983b7bc0aa154eb9c92e4ee25091318c53113a1c23ac62d2d71504cba99041f29a4f332133292cf20abec9222a2acca57cac48fa6c0668ee5eecb494741a64d33b011dcca74696d4614c5b45a5d20983b1708d365ed3ffa60f9161972a611c22642c3c259b41f943f6d7a8b60f284d325e38fe76f0645e069ff70cae38850ccf973193b6232c987df26239a574691f7f07fffa6deae1eb0324fe546573c36f2a2c31cd442517a9b036ae6a2a491e7343864693c107a5dc2585820863c146c1ba6caa4fea9b87d567716f4c8ca1a9d2848055cd750512d3b7415d090019dc8a04a1a1d28931093cd8f00e94c407ca1fa2a5ce903d9df26e008c07cd13afa783220e1bd5e6b60645f3dbb6ecb4156fedafa2dd25498c6a99d94f0b38125ea7741b75109dcac9f80635f79f5c8a0483bb9f05a3a5bf721c7541edb252449f8b13e63c370a6146332f03ca1f1b6fe0bed984f13744bb7fa0fe322e83ddf9ffb2083e94f33604a0a199220c450dad94bf154805e7f9e4350ca2d81adf2978c87dcc8a8a7d56297ec124bfef0d28f35777205e973272c87e01070f14f5b14daa3b5104d9ff6b296c4f16ed49eb42d35e7ba3bccb7a26c33a263df88aadd596e9d9de0abbd4d449df11081f2cd62e1d8962b9b9feb25a3b8e03537d61a61c11ac22b7211d12c84e60a6abcc219e558b2513d8c530b3c7a57cdc47de545aafbb2a13c0e6c75b1b92fa241c713c83a09c92b2b61d565120372a9143415583c9596f27a663d4967cd653b08cebd6cb96c1f0dc80d57267ac9a8281d7149bde880828ee27d69a6818db58320db29d1b044eaf6ab8a5108bc522de406990b5393b1f7e7bab71bf6cf8eed1cd59c7607d662e8b313f5c4fce0f59b1027371381011b63dd5b2b09739082c0d62ffad96e30153a395234937d377c32fe7af82aca3a19d0ebc4a5c5fb5ff190f14d5695c703b571fb4bf03756635cafc6cf6267eab836c347a9d07e8089fc105346934cf3364e5be370b3c42b94bc5ae3d17a817398566a2953251eb91697d67278145df9a4b917bcca1bf211780b22f4caacfcb7604c84f943d05f6fdf8edbd258d7d8dbf84f9d99e57472c5b1c2337d749a1f345e662e2536d23c7a63bbbbf00f8b5b0a2106a0342ab27b9a10b82e82668cd49e0cbb09d7be0217645f1dda3be59c8232fa290d34791cda52aa5b5cec6339ab96a2eb3f5328cc7c0e6717c2824344547a2ed518f6b2b4e4fe5b684596aa6a9d3988fc5d5ff4cb46cec99d951b8386b10949a163af974b7543df97b4882a4ed60e927a1deb67c5f814235bef65fea79a2c712815be7403c93a3707fb90d4604ec3a6a3b0928f253f6ab6bd56c958e026c8c58172c4ac2a3efe2ecd5cea70c8313f9ac2d638bc296ba99e2ca86d2fd06b5402cdcddc3f3c9845d5ae77f6f36963b91e8f6cdccd17abe8d40ed02463af4bb0e496344f350097f1cc13313fa1e172b63556ed2b8a8121c01a5fb343ff7767821626fc49b0d6bd522e1c9bf137d5a5bccb4bc8dbb64c83a82ef6c2894f3896c9f6bf0c3764011d53eeb6db9ea9dae22d3ebcca4942d5828c0bca0d9ea37701d5a06c066ac4fe318e11e9c0d6c658ac810fb5d7836cfffe4ccbb0934e5567d74695980a156d4bf1c18861c5a29ccd349999dc20562d00e1f6c1851ae563541086438d60b975c8ceb466414ff60efa0b2dee790fd0659ffa98b92414c13d5a6825368f56c4984412205041cd8e006c7127d4395ecdffb5addf80ef938ce54a367154c4fc286d5f969325c12b13655a9a956dd3b98281f537e837669fc55d8930676e807aa8cd046e0f4583d59f86cb99f3f7a7ddde1fb39111fdec7677d2fee4b8f4814a5def5ebcc67c653384ce80eaffd880405f7edf8fd3ea049f040595df4a75e2f892e7a85e0ba351fb8d263bfff7168bb85017b360fcd2ba89346682a6ea7ccc46afbdb5ab444e3f477238b2ab503bde914d3cf1789539cde9c0621152cd97bff9f235d88a1ef4ea4309db3a05d401af7fb82784b050ef529dab4f1f003eb29710a962f7538c521e617e2f0efac36182d09985e1d725cc38c3833a53742a02f76fb2854a9e45f0febacf3bda83f11183ef5b9fef02ebcdf56d4104b175bad937d8f61964f97d673577cdcbbb48d8eb62b063ee6563b9ff053719baff871bcd83822d865b2f7ef023076425ac5cd71b1f2309de0c6f14cc9c4d3e8fad945f756a7c8a084ea1bfdf5ac6e740043e7f7bdaca06774b084ae314c2636529d4fdcd965c7f8c07156572620b827d694efdc9d2bfc5aa9391220a83765f2c71fcd48d4acaed60afb53d1013fa3b15e948ec4159f7d130ef85b594018346e99034c18738285223ea53a6b1d5cf11a607de2e19608ba03ec970a915b773824261f3fc931dd6d3b934d89f07baf14776314c3eeb8cd0537ef5736f565fbd14e520d4ab2f77ed9597b76ff91f8d1f99ebd6e473efda7accb273975a06944d1037032129992b994ca791a09b4d83980a1e494b0f97098df5f6fb6bbb02722adb11dc319c565c2c363cbd19d9fb3efb4613b62d6584cd53f7bd80e3e89304f444ce9dd1835661e3bb4de02ccf568a2a5daaf0d56898d4286c3fb62e22af62d7ac318685834467f337561dde2e0c1e2827cdffcf42c17728ee64b3ff4ccc0227590badd0bd7e448b8cca0892d6a5e0130d2ac665f47c6b28daa101c1b319869bdd39fa924d6d9ba7d72feda5f21ac78641c7d4801d41c7879721b3be4dab40d9c4a78552440101f373489cc5240b0144a9ce32691a784b6dfe971a21bb5980ff67da2d1bb90b223c9e192a39c1aeadd1f5c790811079c0b51a97105c99b6f95d71bb3ea47c33d9dcb0a53c929c44499e184a3cd722c908d3b0d157e28ffdeb2ed7192e780d96a7a2f0fd5a87bdc973e049da0caf931f26f5a21813e2e602ceb2259997e0205ce48fd9424bd6d4d75dd4301f429ee30745cd839a40dbeab4c3db2f0f10bbaea071ca41d1392385681730a3678a5f60f604dbe19cb9d7dd234337e327451b8cc65394af399432ef7fc3765d055874ebdca14e5999292d6f72f31e92bacf25db5ef8f5212952c1910de06ddbe1687a0e1837922f2228289916ed3aeb7b9cc24da3ae47139e371930afa6d3573df6732c26c0c7ae06d9cedfa77160711bcb06e6553338deae4c5731cf53cc154113096d02f3036d7d9edfcdc331e4bb860c5208489212e904eab70e7f860b0379895cbdecbf7a0b7a25e5b853c7dbe08a4e296a30afec8cf5a9f6ea4aef32a508655d539a770b21e660c9ee1d7688c56abeb7cf1afccc8d59780cf26312589e0c8e1bc00ad7b1325cd9a5dd69246e0b33407c381ea09265154aec297e4ccdf9785a1042a83e77c13d4ce4360782f2428f9916b5cd123b089eb683d30c1e895b9944aa905a1a5b52301d8cc5e4741834ead6ebdb5dc05c9c49c5e883e99d40b9838037beaf876534d747856103e59caf6266fbbe760b6ef83d004634b74f14f8eb4aef93c4cc9cbbd78d83d532c70feef51ea3f170b25d81a6a9b074bfca7e9b3771bf83517e0dd9d0600f70b86b20f61fe36076f8bada334b2390fa954973bc901619a3cfd039349cb328625f495ab288dbdd6dbfd022c2a83f59e0b998619a12e35891b5ae9e83a71765507b4a571cd2241e5885c705244c1022688bef7c5065fbcf219fc01753adb611b3fbc09403dcb10a4f99d788667eff75fa27074ca8481a633530e26163ccf7dada049d23e717e067b6fa5b2f652bc50abda9e7ccdc5f2f3c35ecc2c4431c819c9691be4422e379750774e9f39dae06f26423c8a4278789c9f3111b43f6dd25b0ad47c4cc5fda3f3ed82079c9366e0adced883488f429c1d7e1b351fd0bb204dd7977ef224c4df6d7a5f7697bc6500a7d03a8a914154779fa7092bf1be6bad4092367ce5d295a5d5d0e7c469f372ca2011d612637025e89f178ae9ada0c5b73bcb7d7c034ff595263cd4216e3c76ba5f3d81932a088a90bf8043e877e299c670ef1622a098d5519d9adc4ee7d4cd00e5934a4375fa83fdb81214b892482b31bdde59a70aaf25cb7f417c3a2a91c4e54b48149f6c41d9d396ee6ff13e3028c64a7c9b1f2e7c6e67184a3d52d6f570db3d225c947423c4c6533f22df57d15c5e5a3183422bd378b06fe4732a9401dcb19840fb8fa5c50a0ff497fef362c507753e46b8881d3e767f3b1d893a3805941c94f2efa05ce34b9ea81d716984af6834230d4707a87089d40779503ee6a9bb245d7d997f14acb80e89731c042bbbbe3dcd05177b0ee0eec23455830ef5b65aca357f2b0b887e0b9821c0", 0x1000}, {&(0x7f0000000340)="b768eb20304f2fdc5a9694a4867840d93170ca1a86406f", 0x17}], 0x3, 0x0, 0x0, 0x8000}, 0x0) dup2(r1, r0) setsockopt$sock_attach_bpf(r0, 0x1, 0x21, &(0x7f0000000040), 0x4) sendmmsg(r0, &(0x7f00000038c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x5, 0x4000851) 178.63073ms ago: executing program 0 (id=31): mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x20132, 0xffffffffffffffff, 0xb299b000) (async) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) (async) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 129.352603ms ago: executing program 3 (id=32): r0 = syz_open_dev$loop(0x0, 0x3, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)="180c4552", 0x4) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x44, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8001}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}, @action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x40090}, 0x4048840) write$binfmt_misc(r1, &(0x7f0000000040), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000400)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x800000000000208, 0x0, 0x0, 0x2, 0xc, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100000000020000ffffffffff00", "2809e8dbe108598948224ad54afac11d875397bd3c5240f45f819e01177d2d458dd4992861ac00", "90be8b1c55080000000c547d03d8a0f4bd00", [0x0, 0x6]}}) 129.122744ms ago: executing program 0 (id=33): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = epoll_create(0x6) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000004}) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r3, 0x0, 0x0, 0x0) shutdown(r3, 0x1) getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000200)=@assoc_value, &(0x7f0000000240)=0x8) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f00000002c0)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="e0100000", @ANYRES16, @ANYBLOB="0500000000000000000001000000060006004e240000901008809005008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b24000100000000000000000000000000000000000000000000000000000000000000000024000200fcbefe9641719404cc5c9ab2766dd4793e367b0ea55e65e2e3416ac9d4e68841240002001171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec24000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691cb40409807c000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200ff0100000000000000000000000000010500030001000000060001000200000008000200e00000010500030000000000f4000080060001000a00000014000200fc0000000000000000000000000000000500030001000000060001000a00000014000200fc0200000000000000000000000000010500030000000000060001000200000008000200e00000020500030003000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414bb0500030001000000060001000200000008000200ac1414bb0500030000000000060001000a00000014000200000000000000000000000000000000010500030002000000060001000a00000014000200fc0200000000000000000000000000000500030003000000340000800600010002000000080002000a0101010500030004000000060001000200000008000200ac1414aa050003000300000064000080060001000a00000014000200200100000000000000000000000000000500030002000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200ff010000000000000000000000000001050003000200000094000080060001000200000008000200ac1e00010500030002000000060001000200000008000200e00000010500030002000000060001000a00000014000200fc0000000000000000000000000000000500030002000000060001000200000008000200000000000500030003000000060001000a00000014000200fe80000000000000000000000000000e050003000000000040000080060001000a00000014000200fc0200000000000000000000000000000500030002000000060001000200000008000200ac1414aa050003000000000064000080060001000a00000014000200200100000000000000000000000000020500030001000000060001000a00000014000200fc02000000000000000000000000000105000300020000000600010002000000080002000a010100050003000200000070000080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000a00000014000200000000000000000000000000000000000500030002000000060001000a0000001400020000000000000000000000000000000001050003000000000000010080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000200000008000200000000000500030003000000060001000200000008000200640101000500030002000000060001000200000008000200640101010500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8000000000000000000000000000bb05000300020000000600010002000000080002007f0000010500030002000000060001000a00000014000200fc0200000000000000000000000000010500030003000000060001000200000008000200640101010500030001000000240002005da952055e5857d673cddd36909746c80efa3ff95c317de1063db32bc80a0b3e1803008024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39220600050005000000e802098058000080060001000200000008000200ac1e00010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200ffffffff05000300010000007c000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200ac1414bb0500030002000000060001000a000000140002000000000000000000000000000000000105000300020000000600010002000000080002000a0101010500030003000000f4000080060001000a0000001400020000000000000000000000ffffac1414aa0500030003000000060001000200000008000200ac1414aa05000300000000000600010002000000080002000a01010205000300020000000600010002000000080002007f00000105000300000000000600010002000000080002000a0101010500030003000000060001000200000008000200e00000010500030003000000060001000a00000014000200fc01000000000000000000000000000005000300010000000600010002000000080002000a0101000500030000000000060001000200000008000200ac1e0101050003000200000094000080060001000a00000014000200fc0200000000000000000000000000010500030002000000060001000a00000014000200ff0100000000000000000000000000010500030001000000060001000200000008000200e00000010500030002000000060001000200000008000200ac1414bb0500030001000000060001000200000008000200ffffffff050003000200000088000080060001000a00000014000200fe8000000000000000000000000000aa0500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8800000000000000000000000001010500030002000000060001000a00000014000200ff02000000000000000000000000000105000300020000007c000080200004000a004e2100000006fc0100000000000000000000000000010400000008000a000100000024000100f44da367a88ee6564f020211456727082f5debee8b1bf5eb7337341b459b3922080003000300000024000200379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a549780000800800030001000000080003000400000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e22000000000000000000000000e4060080dc020980f4000080060001000a00000014000200000000000000000000000000000000000500030002000000060001000a00000014000200fc0000000000000000000000000000000500030001000000060001000200000008000200ffffffff0500030001000000060001000200000008000200ac1e00010500030001000000060001000200000008000200e000000105000300020000000600010002000000080002007f0000010500030002000000060001000a00000014000200000000000000000000000000000000010500030001000000060001000a00000014000200fc010000000000000000000000000001050003000300000034000080060001000200000008000200640101000500030001000000060001000200000008000200ac1414bb050003000200000000010080060001000a00000014000200200100000000000000000000000000010500030000000000060001000200000008000200e000000205000300020000000600010002000000080002006401010005000300020000000600010002000000080002007f00000105000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ffffffff0500030000000000060001000200000008000200e00000010500030003000000060001000a00000014000200fc0100000000000000000000000000010500030000000000940000800600010002000000080002006401010005000300010000000600010002000000080002006401010205000300000000000600010002000000080002007f0000010500030003000000060001000200000008000200e00000020500030003000000060001000200000008000200ac1414120500030002000000060001000200000008000200ac14142d05000300020000001c000080060001000200000008000200ffffffff05000300030000000800030002000000200004000a004e2000000005fc010000000000000000000000000001000000009403098094000080060001000a0000001400020000000000000000000000ffffac1414bb0500030003000000060001000a00000014000200fe8800000000000000000000000000010500030002000000060001000a00000014000200ff0100000000000000000000000000010500030003000000060001000a00000014000200fe880000000000000000000000000101050003000100000064000080060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414bb0500030001000000060001000a0000001400020000000000000000000000ffffe00000020500030003000000f4000080060001000200000008000200000000000500030001000000060001000a00000014000200000000000000000000000000000000010500030003000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe80000000000000000000000000003e05000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200ff0200000000000000000000000000010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200e0000001050003000000000058000080060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414410500030010000000060001000200000008000200ac1e00010500030001000000f4000080060001000200000008000200640101000500030002000000060001000a00000014000200200100000000000000000000000000000500030000000000060001000a00000014000200fc0200000000000000000000000000010500030003000000060001000a00000014000200fe8000000000000000000000000000aa0500030003000000060001000200000008000200ac1414aa0500030000000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414270500030000000000060001000a0000001400020020010000000000000000000000000002050003000100000058000080060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe8000000000000000000000000000140500030000000000060001000200000008000200e0000001050003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b240002000f1b8b82264208ab1a2dce776c03b9f348f500ef8e7606466943f5ba2ae2881e0c0000800800030006000000060006004e24000008000100", @ANYRES32=r6, @ANYBLOB="240003"], 0x10e0}}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000400), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r7, 0x8933, &(0x7f0000001480)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000002040)=ANY=[@ANYBLOB='@\r\x00\x00', @ANYRES16=r8, @ANYBLOB="05000000000000000000010000000600060000000000c40c0880e400008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b24000100000000000000000000000000000000000000000000000000000000000000000024000200fcbefe9641719404cc5c9ab2766dd4793e367b0ea55e65e2e3416ac9d4e68841240002001171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec24000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c0800030000000000240002005da952055e5857d673cddd36909746c80efa3ff95c317de1063db32bc80a0b3e0003008024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0600050000000000d002098058000080060001000200000008000200ac1e00010500030000000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200ffffffff05000300000000007c000080060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200ac1414bb0500030000000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200000000000500030000000000dc000080060001000a0000001400020000000000000000000000ffffac1414aa05000300000000000600010002000000080002000000000005000300000000000600010002000000080002007f0000010500030000000000060001000200000008000200000000000500030000000000060001000200000008000200e00000010500030000000000060001000a00000014000200fc0100000000000000000000000000000500030000000000060001000200000008000200000000000500030000000000060001000200000008000200ac1e0001050003000000000094000080060001000a00000014000200fc0200000000000000000000000000000500030000000000060001000a00000014000200ff0100000000000000000000000000010500030000000000060001000200000008000200e00000010500030000000000060001000200000008000200ac1414bb0500030000000000060001000200000008000200ffffffff050003000000000088000080060001000a00000014000200fe8000000000000000000000000000aa0500030000000000060001000200000008000200ac1414aa0500030000000000060001000a00000014000200fe8800000000000000000000000000010500030000000000060001000a00000014000200ff020000000000000000000000000001050003000000000064000080080003000000000008000a000100000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000000000024000200379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a5499400008024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c080003000000000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002000000000000000000000000000000d807008000030980f4000080060001000a00000014000200000000000000000000000000000000000500030000000000060001000a00000014000200fc0000000000000000000000000000000500030000000000060001000200000008000200ffffffff0500030000000000060001000200000008000200ac1e00010500030000000000060001000200000008000200e000000105000300000000000600010002000000080002007f0000010500030000000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000a00000014000200fc01000000000000000000000000000005000300000000004c000080060001000200000008000200ac1414bb0500030000000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414bb05000300000000000c010080060001000a00000014000200200100000000000000000000000000010500030000000000060001000200000008000200e000000205000300000000000600010002000000080002000000000005000300000000000600010002000000080002007f0000010500030000000000060001000a00000014000200fe8800000000000000000000000000010500030000000000060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ffffffff0500030000000000060001000200000008000200e00000010500030000000000060001000a00000014000200fc0100000000000000000000000000000500030000000000940000800600010002000000080002000000000005000300000000000600010002000000080002000000000005000300000000000600010002000000080002007f0000010500030000000000060001000200000008000200e00000020500030000000000060001000200000008000200ac1414000500030000000000060001000200000008000200ac14140005000300000000001c000080060001000200000008000200ffffffff0500030000000000080003000000000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39221d0004000a0000000000000000000000000000000000ffffac1e0001000000001c04098094000080060001000a0000001400020000000000000000000000ffffac1414bb0500030000000000060001000a00000014000200fe8800000000000000000000000000010500030000000000060001000a00000014000200ff0100000000000000000000000000010500030000000000060001000a00000014000200fe880000000000000000000000000001050003000000000064000080060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414bb0500030000000000060001000a0000001400020000000000000000000000ffffe00000020500030000000000ac000080060001000200000008000200000000000500030000000000060001000a00000014000200fe80000000000000000000000000000005000300000000000600010002000000080002007f0000010500030000000000060001000200000008000200ac1414bb0500030000000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200e0000001050003000000000064000080060001000a00000014000200fc0100000000000000000000000000000500030000000000060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414000500030000000000f4000080060001000200000008000200000000000500030000000000060001000a00000014000200200100000000000000000000000000000500030000000000060001000a00000014000200fc0200000000000000000000000000000500030000000000060001000a00000014000200fe8000000000000000000000000000aa0500030000000000060001000200000008000200ac1414aa0500030000000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414000500030000000000060001000a00000014000200200100000000000000000000000000020500030000000000a0000080060001000a00000014000200fc0000000000000000000000000000000500030000000000060001000200000008000200ac1414aa0500030000000000060001000a00000014000200fe8800000000000000000000000000010500030000000000060001000a00000014000200fe8000000000000000000000000000aa0500030000000000060001000200000008000200ac14140005000300000000007c000080060001000200000008000200ac1414aa0500030000000000060001000a00000014000200fe8000000000000000000000000000000500030000000000060001000200000008000200e00000010500030000000000060001000a00000014000200fe8000000000000000000000000000bb050003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b2400020055fbc2635cc801d67c589cc98f3cf65074dffe0886750dec83be49fbf628e1dc240002000f1b8b82264208ab1a2dce776c03b9f348f500ef8e7606466943f5ba2ae2881e0c0000800800030000000000060006000000000008000100", @ANYRES32=r9, @ANYBLOB="2400030000000000000000000000000000000000000000000000224e000000000000000024000300a05ca84f6c9c8e3853e2fd7a7cae0fb20fa152600cb00845174f08076f8d7843080007"], 0xd40}}, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x5) 127.376582ms ago: executing program 3 (id=34): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x8, 0x3, 0x4c0, 0x168, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f0, 0xffffffff, 0xffffffff, 0x3f0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x140, 0x168, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@multiport={{0x50}, {0x1, 0xb, [0x4e20, 0x4e23, 0x4e22, 0x4e24, 0x4e20, 0x4e20, 0x4e24, 0x4e23, 0x4e23, 0x4e23, 0x4e24, 0x4e23, 0x4e23, 0x4e23, 0x4e20], [0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1], 0x1}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'gretap0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x6}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x520) r1 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="0d01000009000008250592d20700006a3b010902241700fa0074980904e4ff11070103000905010200ffe00000090582"], 0x0) syz_usb_control_io(r1, 0x0, &(0x7f0000000200)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_connect$printer(0x6, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x4, 0x70, 0xf, "", [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x7, 0x1, 0x2, 0x8, "", {{{0x9, 0x5, 0x1, 0x2, 0x400, 0x3, 0x1, 0x9}}, [{{0x9, 0x5, 0x82, 0x2, 0x10, 0x4, 0x0, 0x9}}]}}}]}}]}}, &(0x7f0000000180)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x250, 0xff, 0x6, 0x81, 0x20, 0x7}, 0x19, &(0x7f00000000c0)={0x5, 0xf, 0x19, 0x1, [@ss_container_id={0x14, 0x10, 0x4, 0x4, "73fe53a69bf86a0dfd9ef592c4158eaf"}]}, 0x1, [{0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0x2409}}]}) syz_usb_disconnect(r1) syz_usb_connect$midi(0x0, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x40, 0xe41, 0x5058, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x1, 0x87, 0x10, 0x4, "", {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x6}}}}}]}}, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r2, 0xffffffffffffffff, 0x0) 127.271334ms ago: executing program 0 (id=35): r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000480), 0x40, 0x0) ioctl$CDROMPLAYTRKIND(r0, 0x5304, 0x0) 50.50452ms ago: executing program 0 (id=36): unshare(0x62020600) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x5, 0x0, 0x0, {0x0, 0x0, 0x8}}], {0x14}}, 0x84}}, 0x0) 0s ago: executing program 0 (id=37): r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000100), 0x900, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000002c80)={0x0, @in={{0x2, 0x4e24, @private=0xa010101}}, 0x1000, 0x5, 0x5, 0x401, 0x8}, &(0x7f00000008c0)=0x98) ioctl$CDROMEJECT(r0, 0x5309) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff6000/0x4000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff5000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff9000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r2 = io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0x2, 0x20002f7}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x4) ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000000)={0x200a, 0xd}) io_uring_enter(r2, 0x221b, 0x7721, 0x16, 0x0, 0x0) openat$cdrom(0xffffffffffffff9c, &(0x7f0000000100), 0x900, 0x0) (async) socket$inet6_sctp(0xa, 0x5, 0x84) (async) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10) (async) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000002c80)={0x0, @in={{0x2, 0x4e24, @private=0xa010101}}, 0x1000, 0x5, 0x5, 0x401, 0x8}, &(0x7f00000008c0)=0x98) (async) ioctl$CDROMEJECT(r0, 0x5309) (async) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff6000/0x4000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff5000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff9000/0x2000)=nil, 0x0}, 0x68) (async) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) (async) io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0x2, 0x20002f7}) (async) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x4) (async) ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000000)={0x200a, 0xd}) (async) io_uring_enter(r2, 0x221b, 0x7721, 0x16, 0x0, 0x0) (async) 0s ago: executing program 1 (id=38): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1a1) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='mqueue\x00', 0x200011, 0x0) faccessat2(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x3, 0x300) socket$nl_route(0x10, 0x3, 0x0) socket$inet_udp(0x2, 0x2, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x21}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:2321' (ED25519) to the list of known hosts. [ 48.142271][ T40] kauditd_printk_skb: 20 callbacks suppressed [ 48.142283][ T40] audit: type=1400 audit(1780194069.027:141): avc: denied { mounton } for pid=5720 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 48.151960][ T40] audit: type=1400 audit(1780194069.037:142): avc: denied { mount } for pid=5720 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 48.154697][ T5720] cgroup: Unknown subsys name 'net' [ 48.162555][ T40] audit: type=1400 audit(1780194069.047:143): avc: denied { unmount } for pid=5720 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 48.337958][ T5720] cgroup: Unknown subsys name 'cpuset' [ 48.343603][ T5720] cgroup: Unknown subsys name 'rlimit' [ 48.539211][ T40] audit: type=1400 audit(1780194069.427:144): avc: denied { setattr } for pid=5720 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=850 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 48.547122][ T40] audit: type=1400 audit(1780194069.427:145): avc: denied { create } for pid=5720 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 48.553873][ T40] audit: type=1400 audit(1780194069.427:146): avc: denied { write } for pid=5720 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 48.560594][ T40] audit: type=1400 audit(1780194069.427:147): avc: denied { read } for pid=5720 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 48.567313][ T40] audit: type=1400 audit(1780194069.437:148): avc: denied { mounton } for pid=5720 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 48.575306][ T40] audit: type=1400 audit(1780194069.437:149): avc: denied { mount } for pid=5720 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 48.582294][ T40] audit: type=1400 audit(1780194069.447:150): avc: denied { read } for pid=5451 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 48.589103][ T5727] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 49.256533][ T5720] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 52.471214][ T5744] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 52.474996][ T5746] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 52.475959][ T5744] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 52.478183][ T5746] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 52.480651][ T5744] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 52.483039][ T5746] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 52.484502][ T5744] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 52.486443][ T5746] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 52.487924][ T5751] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 52.488127][ T5744] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 52.488972][ T5744] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 52.489248][ T5744] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 52.490769][ T5742] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 52.491789][ T5746] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 52.493780][ T5751] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 52.494774][ T5742] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 52.500663][ T5751] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 52.502665][ T5742] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 52.503422][ T5744] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 52.503577][ T5751] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 53.061113][ T5737] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.063847][ T5737] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.066217][ T5737] bridge_slave_0: entered allmulticast mode [ 53.068999][ T5737] bridge_slave_0: entered promiscuous mode [ 53.073176][ T5737] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.075520][ T5737] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.077887][ T5737] bridge_slave_1: entered allmulticast mode [ 53.080677][ T5737] bridge_slave_1: entered promiscuous mode [ 53.090407][ T5738] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.093275][ T5738] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.096211][ T5738] bridge_slave_0: entered allmulticast mode [ 53.098995][ T5738] bridge_slave_0: entered promiscuous mode [ 53.130387][ T5738] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.132917][ T5738] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.135398][ T5738] bridge_slave_1: entered allmulticast mode [ 53.138072][ T5738] bridge_slave_1: entered promiscuous mode [ 53.149484][ T5737] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.170382][ T5737] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.178482][ T5748] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.181110][ T5748] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.183437][ T5748] bridge_slave_0: entered allmulticast mode [ 53.186325][ T5748] bridge_slave_0: entered promiscuous mode [ 53.189313][ T5748] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.191566][ T5748] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.194091][ T5748] bridge_slave_1: entered allmulticast mode [ 53.196672][ T5748] bridge_slave_1: entered promiscuous mode [ 53.216040][ T5739] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.218923][ T5739] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.221289][ T5739] bridge_slave_0: entered allmulticast mode [ 53.224445][ T5739] bridge_slave_0: entered promiscuous mode [ 53.234374][ T5738] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.238300][ T5737] team0: Port device team_slave_0 added [ 53.240085][ T5739] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.242740][ T5739] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.245041][ T5739] bridge_slave_1: entered allmulticast mode [ 53.248363][ T5739] bridge_slave_1: entered promiscuous mode [ 53.260882][ T5748] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.265557][ T5738] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.269175][ T5737] team0: Port device team_slave_1 added [ 53.288233][ T5748] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.318296][ T5737] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.320405][ T5737] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.328330][ T5737] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.332953][ T5738] team0: Port device team_slave_0 added [ 53.336325][ T5738] team0: Port device team_slave_1 added [ 53.339632][ T5739] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.343437][ T5748] team0: Port device team_slave_0 added [ 53.345612][ T5737] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.347733][ T5737] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.355574][ T5737] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.369274][ T5739] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.373762][ T5748] team0: Port device team_slave_1 added [ 53.394953][ T5748] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.397642][ T5748] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.407808][ T5748] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.418460][ T5738] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.420558][ T5738] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.429068][ T5738] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.433145][ T5738] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.435497][ T5738] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.443153][ T5738] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.447211][ T5748] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.449432][ T5748] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.457474][ T5748] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.480395][ T5739] team0: Port device team_slave_0 added [ 53.487141][ T5739] team0: Port device team_slave_1 added [ 53.503828][ T5737] hsr_slave_0: entered promiscuous mode [ 53.506229][ T5737] hsr_slave_1: entered promiscuous mode [ 53.515374][ T5739] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.517532][ T5739] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.525304][ T5739] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.535238][ T5739] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.537429][ T5739] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.545165][ T5739] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.570992][ T5738] hsr_slave_0: entered promiscuous mode [ 53.573157][ T5738] hsr_slave_1: entered promiscuous mode [ 53.575338][ T5738] debugfs: 'hsr0' already exists in 'hsr' [ 53.577118][ T5738] Cannot create hsr debugfs directory [ 53.589184][ T5748] hsr_slave_0: entered promiscuous mode [ 53.591367][ T5748] hsr_slave_1: entered promiscuous mode [ 53.593371][ T5748] debugfs: 'hsr0' already exists in 'hsr' [ 53.595290][ T5748] Cannot create hsr debugfs directory [ 53.633974][ T5739] hsr_slave_0: entered promiscuous mode [ 53.636097][ T5739] hsr_slave_1: entered promiscuous mode [ 53.638092][ T5739] debugfs: 'hsr0' already exists in 'hsr' [ 53.639841][ T5739] Cannot create hsr debugfs directory [ 53.853982][ T5737] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 53.862394][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 53.865388][ T5737] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 53.869070][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 53.871777][ T5737] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 53.875855][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 53.878847][ T5737] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 53.883202][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 53.928809][ T5738] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 53.932808][ T5738] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 53.936308][ T5738] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 53.939927][ T5738] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 53.943424][ T5738] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 53.947286][ T5738] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 53.949803][ T5738] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 53.953378][ T5738] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 54.005445][ T5739] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 54.009702][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 54.012617][ T5739] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 54.016804][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 54.019384][ T5739] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 54.023220][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 54.030306][ T5739] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 54.035068][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 54.077453][ T5737] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.091773][ T5748] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 54.095752][ T5748] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 54.104374][ T5748] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 54.107754][ T5748] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 54.110303][ T5748] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 54.114234][ T5748] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 54.124381][ T5748] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 54.128130][ T5748] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 54.137863][ T5737] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.152285][ T1164] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.154706][ T1164] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.162728][ T5738] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.167982][ T1164] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.170202][ T1164] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.192910][ T5738] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.207336][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.209579][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.224107][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.226359][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.251266][ T5739] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.285411][ T5739] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.291367][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.294259][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.301095][ T5748] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.309123][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.311404][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.328148][ T5748] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.334793][ T86] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.337007][ T86] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.346707][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.348921][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.478068][ T5737] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.509756][ T5737] veth0_vlan: entered promiscuous mode [ 54.515205][ T5738] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.520364][ T5737] veth1_vlan: entered promiscuous mode [ 54.534196][ T5099] Bluetooth: hci2: command tx timeout [ 54.534200][ T62] Bluetooth: hci3: command tx timeout [ 54.534204][ T5749] Bluetooth: hci0: command tx timeout [ 54.536578][ T5744] Bluetooth: hci1: command tx timeout [ 54.551782][ T5739] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.562302][ T5737] veth0_macvtap: entered promiscuous mode [ 54.568114][ T5737] veth1_macvtap: entered promiscuous mode [ 54.572092][ T5738] veth0_vlan: entered promiscuous mode [ 54.581059][ T5738] veth1_vlan: entered promiscuous mode [ 54.595760][ T5748] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.601516][ T5737] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.612544][ T5737] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.632261][ T1170] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.636509][ T1170] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.646984][ T5738] veth0_macvtap: entered promiscuous mode [ 54.650091][ T1170] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.652806][ T1170] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.658985][ T5739] veth0_vlan: entered promiscuous mode [ 54.668546][ T5738] veth1_macvtap: entered promiscuous mode [ 54.687963][ T5738] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.690256][ T5748] veth0_vlan: entered promiscuous mode [ 54.693259][ T5739] veth1_vlan: entered promiscuous mode [ 54.699316][ T5738] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.725764][ T5748] veth1_vlan: entered promiscuous mode [ 54.727030][ T86] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.730253][ T86] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.733534][ T1170] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.736404][ T1170] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.748743][ T1170] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.760229][ T1170] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.771618][ T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.774032][ T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.786376][ T40] kauditd_printk_skb: 18 callbacks suppressed [ 54.786386][ T40] audit: type=1400 audit(1780194075.677:169): avc: denied { mount } for pid=5737 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 54.791591][ T1164] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.791897][ T5739] veth0_macvtap: entered promiscuous mode [ 54.798156][ T40] audit: type=1400 audit(1780194075.677:170): avc: denied { mounton } for pid=5737 comm="syz-executor" path="/syzkaller.h56nA6/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 54.800088][ T1164] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.801355][ T40] audit: type=1400 audit(1780194075.677:171): avc: denied { mount } for pid=5737 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 54.817780][ T40] audit: type=1400 audit(1780194075.677:172): avc: denied { mounton } for pid=5737 comm="syz-executor" path="/syzkaller.h56nA6/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 54.820074][ T5748] veth0_macvtap: entered promiscuous mode [ 54.825684][ T40] audit: type=1400 audit(1780194075.687:173): avc: denied { mounton } for pid=5737 comm="syz-executor" path="/syzkaller.h56nA6/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=7002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 54.836126][ T40] audit: type=1400 audit(1780194075.687:174): avc: denied { unmount } for pid=5737 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 54.839167][ T5737] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 54.843113][ T40] audit: type=1400 audit(1780194075.697:175): avc: denied { mounton } for pid=5737 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2840 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 54.843138][ T40] audit: type=1400 audit(1780194075.707:176): avc: denied { mount } for pid=5737 comm="syz-executor" name="/" dev="gadgetfs" ino=9393 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 54.843158][ T40] audit: type=1400 audit(1780194075.707:177): avc: denied { mount } for pid=5737 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 54.843178][ T40] audit: type=1400 audit(1780194075.707:178): avc: denied { mounton } for pid=5737 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 54.846124][ T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.848780][ T5739] veth1_macvtap: entered promiscuous mode [ 54.854640][ T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.865474][ T5748] veth1_macvtap: entered promiscuous mode [ 54.898847][ T5739] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.909351][ T5748] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.917632][ T5739] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.921668][ T5748] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.929606][ T162] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.932364][ T162] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.941527][ T162] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.946138][ T162] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.955154][ T162] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.960976][ T162] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.970454][ T162] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.977138][ T162] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.040772][ T86] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.041159][ T162] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.043205][ T86] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.047882][ T162] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.066674][ T1164] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.069140][ T1164] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.081721][ T1164] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.085391][ T1164] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.183050][ T5901] netlink: 'syz.0.6': attribute type 1 has an invalid length. [ 55.314800][ T5912] loop3: detected capacity change from 0 to 7 [ 55.322137][ T5912] Dev loop3: unable to read RDB block 7 [ 55.326324][ T5912] loop3: unable to read partition table [ 55.329122][ T5912] loop3: partition table beyond EOD, truncated [ 55.331879][ T5912] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 55.367624][ T5924] netlink: 16 bytes leftover after parsing attributes in process `syz.0.13'. [ 55.414628][ T5931] syz.2.15 uses obsolete (PF_INET,SOCK_PACKET) [ 55.670531][ T5936] ieee802154 phy0 wpan0: encryption failed: -22 [ 55.729500][ T5961] capability: warning: `syz.3.27' uses deprecated v2 capabilities in a way that may be insecure [ 55.769914][ T5963] mmap: syz.0.29 (5963) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 56.090515][ T5991] ================================================================== [ 56.093011][ T5991] BUG: KASAN: slab-use-after-free in dvb_device_open+0x33f/0x3b0 [ 56.095373][ T5991] Read of size 8 at addr ffff88802d0c0018 by task syz.1.38/5991 [ 56.098952][ T5991] [ 56.100090][ T5991] CPU: 3 UID: 0 PID: 5991 Comm: syz.1.38 Not tainted syzkaller #0 PREEMPT(full) [ 56.100108][ T5991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 56.100115][ T5991] Call Trace: [ 56.100119][ T5991] [ 56.100124][ T5991] dump_stack_lvl+0x100/0x190 [ 56.100138][ T5991] print_report+0x13d/0x4b0 [ 56.100153][ T5991] ? __virt_addr_valid+0x239/0x430 [ 56.100166][ T5991] ? dvb_device_open+0x33f/0x3b0 [ 56.100180][ T5991] kasan_report+0xdf/0x1d0 [ 56.100191][ T5991] ? dvb_device_open+0x33f/0x3b0 [ 56.100206][ T5991] ? __pfx_dvb_device_open+0x10/0x10 [ 56.100221][ T5991] dvb_device_open+0x33f/0x3b0 [ 56.100236][ T5991] ? __pfx_dvb_device_open+0x10/0x10 [ 56.100250][ T5991] chrdev_open+0x234/0x6a0 [ 56.100263][ T5991] ? __pfx_chrdev_open+0x10/0x10 [ 56.100276][ T5991] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 56.100293][ T5991] do_dentry_open+0x6ab/0x14d0 [ 56.100305][ T5991] ? __pfx_chrdev_open+0x10/0x10 [ 56.100319][ T5991] vfs_open+0x82/0x3f0 [ 56.100333][ T5991] path_openat+0x208c/0x31a0 [ 56.100348][ T5991] ? __pfx_path_openat+0x10/0x10 [ 56.100363][ T5991] do_file_open+0x20e/0x430 [ 56.100377][ T5991] ? __pfx_do_file_open+0x10/0x10 [ 56.100393][ T5991] ? alloc_fd+0x476/0x790 [ 56.100408][ T5991] do_sys_openat2+0x10d/0x1e0 [ 56.100422][ T5991] ? __pfx_do_sys_openat2+0x10/0x10 [ 56.100439][ T5991] __x64_sys_openat+0x12d/0x210 [ 56.100454][ T5991] ? __pfx___x64_sys_openat+0x10/0x10 [ 56.100470][ T5991] ? rcu_is_watching+0x12/0xc0 [ 56.100486][ T5991] do_syscall_64+0x115/0x870 [ 56.100500][ T5991] ? clear_bhb_loop+0x40/0x90 [ 56.100511][ T5991] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.100522][ T5991] RIP: 0033:0x7ff83515d68e [ 56.100531][ T5991] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 56.100542][ T5991] RSP: 002b:00007ff83602db28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 56.100553][ T5991] RAX: ffffffffffffffda RBX: 00007ff83602e6c0 RCX: 00007ff83515d68e [ 56.100562][ T5991] RDX: 0000000000000002 RSI: 00007ff83602dc00 RDI: ffffffffffffff9c [ 56.100568][ T5991] RBP: 00007ff83602dc00 R08: 0000000000000000 R09: 0000000000000000 [ 56.100575][ T5991] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd [ 56.100582][ T5991] R13: 00007ff835416038 R14: 00007ff835415fa0 R15: 00007ffca9da0128 [ 56.100593][ T5991] [ 56.100597][ T5991] [ 56.134704][ T5837] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 56.135361][ T5991] Allocated by task 1: [ 56.135369][ T5991] kasan_save_stack+0x30/0x50 [ 56.178787][ T5991] kasan_save_track+0x14/0x30 [ 56.180219][ T5991] __kasan_kmalloc+0xaa/0xb0 [ 56.181624][ T5991] dvb_register_device+0x1d6/0x1e20 [ 56.183197][ T5991] dvb_register_frontend+0x552/0x820 [ 56.184789][ T5991] vidtv_bridge_probe+0x44b/0xa30 [ 56.186306][ T5991] platform_probe+0x106/0x1d0 [ 56.187723][ T5991] really_probe+0x241/0xa60 [ 56.189101][ T5991] __driver_probe_device+0x22e/0x480 [ 56.190722][ T5991] driver_probe_device+0x4c/0x1b0 [ 56.192243][ T5991] __driver_attach+0x21f/0x5d0 [ 56.193693][ T5991] bus_for_each_dev+0x13e/0x1d0 [ 56.195184][ T5991] bus_add_driver+0x305/0x5b0 [ 56.196606][ T5991] driver_register+0x1e2/0x360 [ 56.198073][ T5991] vidtv_bridge_init+0x38/0x70 [ 56.199520][ T5991] do_one_initcall+0x121/0x750 [ 56.200985][ T5991] kernel_init_freeable+0x6ea/0x7b0 [ 56.202542][ T5991] kernel_init+0x1f/0x1e0 [ 56.203918][ T5991] ret_from_fork+0x72b/0xd50 [ 56.205333][ T5991] ret_from_fork_asm+0x1a/0x30 [ 56.206797][ T5991] [ 56.207535][ T5991] Freed by task 5959: [ 56.208755][ T5991] kasan_save_stack+0x30/0x50 [ 56.210214][ T5991] kasan_save_track+0x14/0x30 [ 56.211686][ T5991] kasan_save_free_info+0x3b/0x70 [ 56.213206][ T5991] __kasan_slab_free+0x5f/0x80 [ 56.214712][ T5991] kfree+0x223/0x6c0 [ 56.215902][ T5991] dvb_device_put.part.0+0x57/0x90 [ 56.217499][ T5991] dvb_device_open+0x2ba/0x3b0 [ 56.218970][ T5991] chrdev_open+0x234/0x6a0 [ 56.220321][ T5991] do_dentry_open+0x6ab/0x14d0 [ 56.221794][ T5991] vfs_open+0x82/0x3f0 [ 56.223039][ T5991] path_openat+0x208c/0x31a0 [ 56.224486][ T5991] do_file_open+0x20e/0x430 [ 56.225883][ T5991] do_sys_openat2+0x10d/0x1e0 [ 56.227309][ T5991] __x64_sys_openat+0x12d/0x210 [ 56.228807][ T5991] do_syscall_64+0x115/0x870 [ 56.230262][ T5991] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.232055][ T5991] [ 56.232792][ T5991] The buggy address belongs to the object at ffff88802d0c0000 [ 56.232792][ T5991] which belongs to the cache kmalloc-256 of size 256 [ 56.236961][ T5991] The buggy address is located 24 bytes inside of [ 56.236961][ T5991] freed 256-byte region [ffff88802d0c0000, ffff88802d0c0100) [ 56.241042][ T5991] [ 56.241814][ T5991] The buggy address belongs to the physical page: [ 56.243766][ T5991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2d0c0 [ 56.246538][ T5991] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 56.249079][ T5991] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 56.251449][ T5991] page_type: f5(slab) [ 56.252698][ T5991] raw: 00fff00000000040 ffff88801b842b40 dead000000000100 dead000000000122 [ 56.255383][ T5991] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000 [ 56.257982][ T5991] head: 00fff00000000040 ffff88801b842b40 dead000000000100 dead000000000122 [ 56.260645][ T5991] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000 [ 56.263321][ T5991] head: 00fff00000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff [ 56.266008][ T5991] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 56.268648][ T5991] page dumped because: kasan: bad access detected [ 56.270618][ T5991] page_owner tracks the page as allocated [ 56.272352][ T5991] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 17654869279, free_ts 0 [ 56.278340][ T5991] post_alloc_hook+0xfd/0x120 [ 56.279804][ T5991] get_page_from_freelist+0x11a6/0x3410 [ 56.281540][ T5991] __alloc_frozen_pages_noprof+0x27c/0x2bc0 [ 56.283353][ T5991] new_slab+0xa6/0x6c0 [ 56.284677][ T5991] refill_objects+0x277/0x420 [ 56.286151][ T5991] __pcs_replace_empty_main+0x375/0x650 [ 56.287891][ T5991] __kmalloc_cache_noprof+0x493/0x6f0 [ 56.289541][ T5991] bus_add_driver+0x92/0x5b0 [ 56.290985][ T5991] driver_register+0x1e2/0x360 [ 56.292459][ T5991] usb_register_driver+0x21c/0x3e0 [ 56.294048][ T5991] do_one_initcall+0x121/0x750 [ 56.295614][ T5991] kernel_init_freeable+0x6ea/0x7b0 [ 56.297202][ T5991] kernel_init+0x1f/0x1e0 [ 56.298549][ T5991] ret_from_fork+0x72b/0xd50 [ 56.299982][ T5991] ret_from_fork_asm+0x1a/0x30 [ 56.301580][ T5991] page_owner free stack trace missing [ 56.303220][ T5991] [ 56.303970][ T5991] Memory state around the buggy address: [ 56.305722][ T5991] ffff88802d0bff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 56.308192][ T5991] ffff88802d0bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 56.310717][ T5991] >ffff88802d0c0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 56.313138][ T5991] ^ [ 56.314663][ T5991] ffff88802d0c0080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 56.317160][ T5991] ffff88802d0c0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 56.319603][ T5991] ================================================================== [ 56.325589][ T5991] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 56.327867][ T5991] CPU: 0 UID: 0 PID: 5991 Comm: syz.1.38 Not tainted syzkaller #0 PREEMPT(full) [ 56.331231][ T5991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 56.334634][ T5991] Call Trace: [ 56.335746][ T5991] [ 56.336707][ T5991] dump_stack_lvl+0x100/0x190 [ 56.338637][ T5991] vpanic+0x552/0x970 [ 56.340178][ T5991] ? __pfx_vpanic+0x10/0x10 [ 56.341794][ T5991] ? mark_held_locks+0x40/0x70 [ 56.343828][ T5991] ? dvb_device_open+0x33f/0x3b0 [ 56.345586][ T5991] panic+0xd1/0xe0 [ 56.346874][ T5991] ? __pfx_panic+0x10/0x10 [ 56.348744][ T5991] ? dvb_device_open+0x33f/0x3b0 [ 56.350784][ T5991] ? preempt_schedule_common+0x42/0xc0 [ 56.352779][ T5991] check_panic_on_warn.cold+0x19/0x34 [ 56.354991][ T5991] end_report.part.0+0x3a/0x90 [ 56.357035][ T5991] kasan_report.cold+0xe/0x18 [ 56.359063][ T5991] ? dvb_device_open+0x33f/0x3b0 [ 56.361007][ T5991] ? __pfx_dvb_device_open+0x10/0x10 [ 56.363228][ T5991] dvb_device_open+0x33f/0x3b0 [ 56.365269][ T5991] ? __pfx_dvb_device_open+0x10/0x10 [ 56.367516][ T5991] chrdev_open+0x234/0x6a0 [ 56.369420][ T5991] ? __pfx_chrdev_open+0x10/0x10 [ 56.371564][ T5991] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 56.374211][ T5991] do_dentry_open+0x6ab/0x14d0 [ 56.376035][ T5991] ? __pfx_chrdev_open+0x10/0x10 [ 56.378103][ T5991] vfs_open+0x82/0x3f0 [ 56.379845][ T5991] path_openat+0x208c/0x31a0 [ 56.381862][ T5991] ? __pfx_path_openat+0x10/0x10 [ 56.383890][ T5991] do_file_open+0x20e/0x430 [ 56.385819][ T5991] ? __pfx_do_file_open+0x10/0x10 [ 56.387968][ T5991] ? alloc_fd+0x476/0x790 [ 56.389821][ T5991] do_sys_openat2+0x10d/0x1e0 [ 56.391600][ T5991] ? __pfx_do_sys_openat2+0x10/0x10 [ 56.393728][ T5991] __x64_sys_openat+0x12d/0x210 [ 56.395737][ T5991] ? __pfx___x64_sys_openat+0x10/0x10 [ 56.397963][ T5991] ? rcu_is_watching+0x12/0xc0 [ 56.399953][ T5991] do_syscall_64+0x115/0x870 [ 56.401717][ T5991] ? clear_bhb_loop+0x40/0x90 [ 56.403481][ T5991] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.405926][ T5991] RIP: 0033:0x7ff83515d68e [ 56.407794][ T5991] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 56.415441][ T5991] RSP: 002b:00007ff83602db28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 56.418908][ T5991] RAX: ffffffffffffffda RBX: 00007ff83602e6c0 RCX: 00007ff83515d68e [ 56.422188][ T5991] RDX: 0000000000000002 RSI: 00007ff83602dc00 RDI: ffffffffffffff9c [ 56.425460][ T5991] RBP: 00007ff83602dc00 R08: 0000000000000000 R09: 0000000000000000 [ 56.428713][ T5991] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd [ 56.431961][ T5991] R13: 00007ff835416038 R14: 00007ff835415fa0 R15: 00007ffca9da0128 [ 56.435176][ T5991] [ 56.437101][ T5991] Kernel Offset: disabled [ 56.438898][ T5991] Rebooting in 86400 seconds.. VM DIAGNOSIS: 02:21:17 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff828277ba RDX=0000000000000001 RSI=0000000000000000 RDI=ffff88802955ca80 RBP=0000000000000001 RSP=ffffc90003207448 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffff88801e1648b0 R13=0000000000000001 R14=0000000000000000 R15=000000000000474f RIP=ffffffff8208897b RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055556c757500 ffffffff 00c00000 GS =0000 ffff8880d6383000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f06bbd456b8 CR3=0000000024be8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 307a79732f74656e 2f70756f7267637a ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffca9a84426 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffca9a84426 00007ffca9a8442c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f06bb033352 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f06bb033392 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f06bb0334f6 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f06bb033384 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6379656b00657461 69746e6174736e69 246c746379656b00 7974697275636573 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000060 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000060 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000089 RBX=ffff8880239156d8 RCX=0000000000000006 RDX=0000000000000001 RSI=ffffffff9611a438 RDI=0000000000000000 RBP=ffff888023914a80 RSP=ffffc90000fd7160 R8 =0000000000000000 R9 =0000000000000007 R10=0000000000000006 R11=0000000000000000 R12=ffff888023915700 R13=0000000000000000 R14=0000000000000005 R15=0000000000000004 RIP=ffffffff81e447c8 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6483000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f06bbeebff8 CR3=000000003447f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fc000000 Opmask01=0000000000290410 Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdb6ab34c8 00007ffdb6ab34c8 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdb6ab36a0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005611e4450d00 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5a543f1b20 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5a543f1b20 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffff0000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73732562974e5483 73732567f6749b59 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b08d396f68275268 73737376126d30ae ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 30706f6f6c2f6b63 6f6c622f6c617574 7269762f73656369 7665642f7379732f ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 327570632f302f71 6d2f30706f6f6c2f 6b636f6c622f6c61 75747269762f7365 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000003275 70632f302f716d2f 30706f6f6c2f6b63 6f6c622f6c617574 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5a543f1b30 0048544150564544 0000000000000021 000056007063742d ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 003a6166703a756b 733a302e30312d35 33712d6370727663 3a3174633a554d45 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 516e76633a302e30 312d3533712d6370 7276703a29393030 322c394843492b35 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3351284350647261 646e6174536e703a 554d45516e76733a 302e3072623a3431 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 30322f31302f3430 64623a322d332e36 312e312d6e616962 65642d332e36312e ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000014100 000000000000303d 44440045525f5346 0054242044492065 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000000001d3 RBX=0000000000000009 RCX=0000000000000000 RDX=0000000000000008 RSI=ffff8880248ed610 RDI=ffff8880248eca80 RBP=ffffc900044a7b30 RSP=ffffc900044a7a90 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000000 R12=ffff8880248ed610 R13=ffff8880248eca80 R14=0000000000000200 R15=0000000000000005 RIP=ffffffff81e43862 RFL=00000003 [------C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055556ae8a500 ffffffff 00c00000 GS =0000 ffff8880d6583000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b33523ffc CR3=000000005849e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0023646e65746e6f 72662f2372657470 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffca9da0616 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffca9da0616 00007ffca9da061c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff835233352 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff835233392 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff8352334f6 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff835233384 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff8353ed600 00007ff8353ed5e0 00007ff8353ed5e8 00007ff8353ed618 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff8353ed5f8 00007ff8353ed5c8 00007ff8353ed600 00007ff8353ed5e0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff857e6625 RDI=ffffffff9b460ca0 RBP=ffffffff9b460c60 RSP=ffffc900044372f0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000039393554 R12=0000000000000000 R13=0000000000000035 R14=0000000000000010 R15=ffffffff857e65c0 RIP=ffffffff857e664f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007ff83602e6c0 ffffffff 00c00000 GS =0000 ffff8880d6683000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ff835186480 CR3=000000005849e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000f8000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 203a6b6361747320 6461657268747020 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffca9da0616 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffca9da0616 00007ffca9da061c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff835233352 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff835233392 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff8352334f6 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff835233384 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000030646e 65746e6f72662f30 726574706164612f 6276642f7665642f ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000013474d 46574d4c51450c13 514657534247420c 4155470c5546470c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff8353ed5f8 00007ff8353ed5c8 00007ff8353ed600 00007ff8353ed5e0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000