last executing test programs: 1.860389774s ago: executing program 2 (id=360): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a3000000000a0000000030a01010000fff400000000020000000900010073797a30000000000900030073797a320000000008000700c3f574001400048008000140000000000800024000000000580008800c00024000000000000000040c000240fffffffffffffffa0700024000000000000000070c00014000000000000000060c00fbffffffffffffff00090c00014000000000000000060c000140000000000000090914000000020a0500000000000000000000000008140000001100010000000000000000000000000ab7aa72b726c3662e624bfe483be1674045e262a5ea0f6bf90f8d62cdfc18df814e5d9c88877b989e9ce074653f8d0ea2fe51c170a837fe0b5cf36dfebb466b7edfc619ba797db92e4a7c93"], 0xfc}}, 0x0) 1.860159773s ago: executing program 2 (id=361): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448c9, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x8c041, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'syzkaller0\x00', 0x7101}) 787.929862ms ago: executing program 3 (id=391): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a3000000000a0000000030a01010000f5ff00000000020000000900010073797a30000000000900030073797a320000000008000700c3f574001400048008000140000000000800024000000000580008800c00024000000000000000040c000240fffffffffffffffa0700024000000000000000070c00014000000000000000060c00fbffffffffffffff00090c00014000000000000000060c000140000000000000090914000000020a0500000000000000000000000008140000001100010000000000000000000000000ab7aa72b726c3662e624bfe483be1674045e262a5ea0f6bf90f8d62cdfc18df814e5d9c88877b989e9ce074653f8d0ea2fe51c170a837fe0b5cf36dfebb466b7edfc619ba797db92e4a7c93"], 0xfc}}, 0x0) 710.322932ms ago: executing program 3 (id=392): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write$bt_hci(r0, &(0x7f0000000000)={0x1, @le_add_to_resolv_list={{0x2027, 0x27}, {0x73, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, "daba876516349fbed82a2e47f705f323", "cae2209997e96d4734b4978847c7afc5"}}}, 0x2b) ioctl$sock_bt_hci(r0, 0x800448d3, &(0x7f0000001280)) 705.484973ms ago: executing program 3 (id=393): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r3], 0x20}}, 0x0) 640.052136ms ago: executing program 3 (id=394): sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x98, 0x0, 0x5, 0x0, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x70, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x4}, @NL80211_BAND_5GHZ={0x3c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x0, 0x4}, {0x0, 0xa}, {0x2, 0x7}, {0x7, 0x1}, {0x0, 0x5}, {0x2, 0x2}, {0x1, 0xa}, {0x0, 0x2}, {0x7, 0x3}, {0x5, 0x9}, {0x5, 0x4}, {0x0, 0x5}, {}, {0x4, 0x5}, {0x2, 0x3}, {0x7, 0x4}, {0x0, 0x8}, {0x5, 0xa}, {0x6, 0x6}, {0x5, 0x4}, {0x0, 0x7}, {0x2, 0x9}, {0x4, 0x4}, {0x6, 0x7}, {0x4, 0x6}, {0x0, 0x9}, {0x1}, {0x3, 0x2}, {0x7, 0xa}, {0x7, 0x2}, {0x1, 0x1}, {0x4, 0x2}, {0x6, 0x2}]}]}, @NL80211_BAND_5GHZ={0x2c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x0, 0x7, 0x9, 0x7, 0x2, 0x400, 0x9]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x7f, 0x5, 0xa202, 0x1, 0x4, 0x2]}}]}]}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x98}, 0x1, 0x0, 0x0, 0x80}, 0x48840) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) r4 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r4, &(0x7f0000000200)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x24) listen(r4, 0x0) recvfrom(r4, 0x0, 0x0, 0x42, 0x0, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="20010000", @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r3, @ANYBLOB="47000e00800000000802110000000802110000015050505050500000000000000000000064000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09000008000c006400000008000d0000000000a2000f00019c"], 0x120}, 0x1, 0x0, 0x0, 0x90}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x98, 0x0, 0x5, 0x0, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x70, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x4}, @NL80211_BAND_5GHZ={0x3c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x0, 0x4}, {0x0, 0xa}, {0x2, 0x7}, {0x7, 0x1}, {0x0, 0x5}, {0x2, 0x2}, {0x1, 0xa}, {0x0, 0x2}, {0x7, 0x3}, {0x5, 0x9}, {0x5, 0x4}, {0x0, 0x5}, {}, {0x4, 0x5}, {0x2, 0x3}, {0x7, 0x4}, {0x0, 0x8}, {0x5, 0xa}, {0x6, 0x6}, {0x5, 0x4}, {0x0, 0x7}, {0x2, 0x9}, {0x4, 0x4}, {0x6, 0x7}, {0x4, 0x6}, {0x0, 0x9}, {0x1}, {0x3, 0x2}, {0x7, 0xa}, {0x7, 0x2}, {0x1, 0x1}, {0x4, 0x2}, {0x6, 0x2}]}]}, @NL80211_BAND_5GHZ={0x2c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x0, 0x7, 0x9, 0x7, 0x2, 0x400, 0x9]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x7f, 0x5, 0xa202, 0x1, 0x4, 0x2]}}]}]}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x98}, 0x1, 0x0, 0x0, 0x80}, 0x48840) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async) socket$unix(0x1, 0x5, 0x0) (async) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) (async) socket$rxrpc(0x21, 0x2, 0xa) (async) bind$rxrpc(r4, &(0x7f0000000200)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x24) (async) listen(r4, 0x0) (async) recvfrom(r4, 0x0, 0x0, 0x42, 0x0, 0x0) (async) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) (async) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="20010000", @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r3, @ANYBLOB="47000e00800000000802110000000802110000015050505050500000000000000000000064000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09000008000c006400000008000d0000000000a2000f00019c"], 0x120}, 0x1, 0x0, 0x0, 0x90}, 0x0) (async) 639.747803ms ago: executing program 1 (id=395): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS \x00'}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x2, 0x0) unshare(0x20010d80) r4 = dup3(r3, r2, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x10, 0x0, &(0x7f0000000800)=[@clear_death={0x400c6314, 0x2}], 0x0, 0x0, 0x0}) ioctl$UFFDIO_ZEROPAGE(r4, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000ffd000/0x2000)=nil, 0x2000}, 0x1}) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) r6 = dup(r5) write$UHID_INPUT(r6, 0x0, 0x0) 639.17646ms ago: executing program 3 (id=396): r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x3ffffffffffffffd, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000100)={0x80002, 0x1, 0x6}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00'}, 0x10) symlink(0x0, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) ioctl$EVIOCGPROP(r3, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSFLAGS1(r3, 0x40047459, &(0x7f0000000300)=0x8285173) r4 = dup(r3) write$cgroup_subtree(r4, &(0x7f00000002c0)=ANY=[], 0x9) r5 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000004c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r6, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r5, 0xc06864ce, &(0x7f0000000440)={r7, 0x0, 0x0, 0x0, 0x0, [0x0]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000200)={r8}) close_range(r0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180000db9e259215940000002ba10795b33920000000000000001e09000000000000009500d9a12c17b1cb6702af9095ea239607e2f12595f0c158ad7d816298e6ab377b5712f6859985d3b896220c1791b964fd06163d7c4ee359a925974b4e8fd5abf169da7f9cd34900"/117], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 638.859281ms ago: executing program 1 (id=397): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\'\x00\x00\x00\a'], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4), 0x1c) (async) getsockopt$inet6_buf(r1, 0x29, 0x18, 0x0, &(0x7f00000000c0)) (async) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0xfffffffffffffd70) r3 = syz_open_dev$vim2m(&(0x7f0000000040), 0x1000001, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000080)={0x7, 0x5009}) (async) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 570.194044ms ago: executing program 3 (id=398): syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='maps\x00') r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000940)=ANY=[@ANYBLOB="340000003b0007010000000000000000047c00000c00e1000800070004000000140001800600060008060000080011"], 0x34}}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0xd, 0xc, 0x4, 0x6, 0x0, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r2, &(0x7f00000001c0), &(0x7f0000000280)=@udp6=r1}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r2, &(0x7f0000000100), &(0x7f0000000140)=""/130}, 0x20) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000004c0)={0x1, &(0x7f0000000480)=[{0x6}]}) setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3c, 0x0, 0x0) r3 = socket$kcm(0x29, 0x2, 0x0) r4 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0) pwritev(r4, &(0x7f0000000240)=[{&(0x7f0000000380)="8d3247554667", 0x6}], 0x1, 0x3, 0x0) sendfile(r3, r4, 0x0, 0x8000fb00) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r5) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, &(0x7f0000000040)="f3460fc775c1f3450f09b9640b0000b800000080ba000000000f30440f01cb670fc7990098000067430f01c80fc734930f07c4a17e2c54260166baf80c470fc73eef66bafc0c670f01c4ef", 0x4b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00') 570.013878ms ago: executing program 1 (id=399): r0 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="0001000010000103000000000000000063747228646573335f65646529"], 0x100}}, 0x3f00) 569.682098ms ago: executing program 1 (id=400): r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r0) (async) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000180)={0x24, r1, 0x62c21a4ade68aba1, 0x0, 0x0, {{0x32}, {@val={0x8, 0x117}, @val={0x8}, @void}}}, 0x24}}, 0x0) sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000280)={0x1c4, 0x2, 0x2, 0x101, 0x0, 0x0, {0x0, 0x0, 0x5}, [@CTA_EXPECT_MASTER={0x10, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}]}, @CTA_EXPECT_TUPLE={0x54, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_EXPECT_MASTER={0x80, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x11}}, {0x14, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x28}}, {0x14, 0x4, @local}}}]}, @CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0x7fff}, @CTA_EXPECT_MASK={0xc4, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x23}}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @broadcast}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @local}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x40804}, 0x4040055) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372"], 0xfc}}, 0x0) (async) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372"], 0xfc}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000000140001006970766c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e300000000000000000000000140001006772653000000000000000000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014000100626f6e6430"], 0x4b0}, 0x1, 0x0, 0x0, 0x44}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000fdffffff03000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffffff03000000000000000d0001006564703a73"], 0x54}}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x14, r7, 0x1}, 0x14}}, 0x4000844) (async) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x14, r7, 0x1}, 0x14}}, 0x4000844) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r4, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20000000}, 0x26, &(0x7f00000005c0)={&(0x7f0000000500)={0x90, r7, 0x8, 0x70bd26, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x100000000}, {0xc, 0x90, 0x80}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x100000000}, {0xc, 0x90, 0x36}}]}, 0x90}, 0x1, 0x0, 0x0, 0x6044}, 0x4000) (async) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r4, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20000000}, 0x26, &(0x7f00000005c0)={&(0x7f0000000500)={0x90, r7, 0x8, 0x70bd26, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x100000000}, {0xc, 0x90, 0x80}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x100000000}, {0xc, 0x90, 0x36}}]}, 0x90}, 0x1, 0x0, 0x0, 0x6044}, 0x4000) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r8, 0x29, 0x49, &(0x7f0000000040)=0x9, 0x4) (async) setsockopt$inet6_int(r8, 0x29, 0x49, &(0x7f0000000040)=0x9, 0x4) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r2, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400020}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x64, r5, 0x10, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6a85}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x80}]}, @TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xe}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8000}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x48000}, 0x10000) 569.59175ms ago: executing program 1 (id=401): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) r1 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000000), 0x169101, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000180)) open(&(0x7f0000000000)='.\x00', 0x0, 0x0) (async) r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) open(&(0x7f0000000000)='.\x00', 0x0, 0x0) (async) r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r3, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) renameat2(r3, &(0x7f0000000440)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r2, &(0x7f0000000180)='./file1\x00', 0x2) r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r4, 0x4008af23, &(0x7f00000000c0)={0x0, 0x1}) (async) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r4, 0x4008af23, &(0x7f00000000c0)={0x0, 0x1}) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in6=@private1, @in=@dev={0xac, 0x14, 0x14, 0x3e}, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x50, 0x11, [{@in6=@empty, @in6=@remote, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x0, 0x0, 0xa}]}]}, 0xa0}}, 0x0) (async) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in6=@private1, @in=@dev={0xac, 0x14, 0x14, 0x3e}, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x50, 0x11, [{@in6=@empty, @in6=@remote, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x0, 0x0, 0xa}]}]}, 0xa0}}, 0x0) 510.348319ms ago: executing program 1 (id=402): read$FUSE(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4) ioctl$sock_bt_bnep_BNEPCONNADD(r2, 0x400442c8, &(0x7f0000001a80)={r1, 0x8, 0x1ff}) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000500010007"], 0x1c}}, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="0003"], 0x20) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}}, 0x1c) 250.21967ms ago: executing program 2 (id=403): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000c00)=@raw={'raw\x00', 0x3c1, 0x3, 0x358, 0x120, 0xffffff80, 0x178, 0x0, 0x178, 0x288, 0x22b, 0x258, 0x288, 0x258, 0x2034, 0x0, {[{{@uncond, 0x1d, 0x100, 0x120, 0x340, {0x1e0002a8, 0x7203000000000000}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@cluster={{0x30}}]}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'veth1_to_bridge\x00', 'geneve1\x00'}, 0x0, 0x100, 0x168, 0x0, {}, [@common=@ah={{0x30}}, @common=@ipv6header={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x10, 0xfff7, 0xe, 0x0, 'netbios-ns\x00', 'syz1\x00', {0x26a}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3b8) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xee01, 0xee01}}, './file0\x00'}) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x12c, 0x3b, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@nested={0x108, 0x72, 0x0, 0x1, [@typed={0x8, 0x130, 0x0, 0x0, @uid=r2}, @typed={0x8, 0xcc, 0x0, 0x0, @u32=0x7}, @typed={0x4, 0xed}, @typed={0x4, 0x20}, @typed={0xe9, 0x111, 0x0, 0x0, @binary="f5a9ec8d1aa3ed553ccfafd739a11d79b1c3357544a7c391facad1a3b835a9316dd1f9dbeedc87b6e27762684f8878ffc3a52e859596f58f8a41850b93f44dce4fafeb0678fbfd75f05f38bd144f1a975c209da40f5f589700208065fbb1a63201efc2d1463a1d8a8ef554f81247f604eb176c929bae5f0a1ec6ee630d6049e65c742981f90493cf4beb5c6142fa22ce6f53e87444c8e4c9c1967c163e627159d8ada62b90f9ae20d9d5befde4a4a3a3f48547645efb37a492d551ebc3a5a7f6f94eef949fc6210758d4b38e5f42657c24d7a98599049b40366eb6f14d9ad4872e03684ee5"}]}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x6, 0x0, 0x0, @u32=0x1000}]}, @nested={0x4, 0x2}]}, 0x12c}}, 0xc000) 250.112012ms ago: executing program 2 (id=404): pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) (async) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) (async) vmsplice(r0, &(0x7f0000000240)=[{&(0x7f0000001340)="e6", 0xfffffeff}], 0x1, 0x0) (async, rerun: 64) madvise(&(0x7f00006b8000/0x1000)=nil, 0x1000, 0x15) (rerun: 64) 249.939804ms ago: executing program 2 (id=405): r0 = socket(0x400000000010, 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000021c0)='net/fib_triestat\x00') read$FUSE(r1, &(0x7f0000004480)={0x2020}, 0x2020) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x1008010, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@fscache}, {@afid={'afid', 0x3d, 0x9}}, {@cache_fscache}, {@version_9p2000}, {@cache_readahead}, {@directio}, {@afid={'afid', 0x3d, 0x45e5}}, {@loose}], [{@fsmagic={'fsmagic', 0x3d, 0xfffffffffffffffe}}, {@flag='sync'}, {@measure}, {@obj_user={'obj_user', 0x3d, '\'/{\\#\'+'}}, {@appraise_type}, {@fsuuid={'fsuuid', 0x3d, {[0xa, 0x35, 0x30, 0x65, 0x63, 0x32, 0x63, 0x31], 0x2d, [0x36, 0x63, 0x66, 0x38], 0x2d, [0x31, 0x33, 0x38, 0x33], 0x2d, [0x64, 0x35, 0x65, 0x30], 0x2d, [0x33, 0x66, 0x34, 0x31, 0x39, 0x37, 0x35]}}}]}}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000001440)={'ipvlan0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x7}}) 180.4232ms ago: executing program 2 (id=406): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000080)={@private2}, &(0x7f00000000c0)=0x14) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='veno\x00', 0x5) r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x2c8440, 0x160) openat$incfs(r1, &(0x7f0000000140)='.pending_reads\x00', 0x200, 0x8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x1, @loopback}, 0x1c) 120.430152ms ago: executing program 0 (id=407): r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x89901) move_mount(r1, &(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x24f8, &(0x7f0000002ec0)={0x0, 0x0, 0x10100, 0x0, 0x21}, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000e40)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000002c0)={0x0, 0x0, 0x28}, &(0x7f0000000940)='./file0\x00', 0x18}) io_uring_enter(r2, 0xc4f, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f000001a000/0x3000)=nil, 0x3000, 0xf, 0x11012, r0, 0x0) prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil) brk(0x20001000) 120.331199ms ago: executing program 0 (id=408): r0 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="0001000010000103000000000000000063747228646573335f65646529"], 0x100}}, 0x3000000) 59.73681ms ago: executing program 0 (id=409): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) dup3(r0, r1, 0x0) sendmmsg$inet(r1, &(0x7f0000000d40), 0x0, 0x48040) 59.495451ms ago: executing program 0 (id=410): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a3000000000a0000000030a01010000000000010000020000000900010073797a30000000000900030073797a320000000008000700c3f574001400048008000140000000000800024000000000580008800c00024000000000000000040c000240fffffffffffffffa0700024000000000000000070c00014000000000000000060c00fbffffffffffffff00090c00014000000000000000060c000140000000000000090914000000020a0500000000000000000000000008140000001100010000000000000000000000000ab7aa72b726c3662e624bfe483be1674045e262a5ea0f6bf90f8d62cdfc18df814e5d9c88877b989e9ce074653f8d0ea2fe51c170a837fe0b5cf36dfebb466b7edfc619ba797db92e4a7c93"], 0xfc}}, 0x0) 180.544µs ago: executing program 0 (id=411): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000012000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000058000000090a010400000000000000030100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0c00098008000140ff"], 0xa0}}, 0x0) 0s ago: executing program 0 (id=412): sendmsg$NL80211_CMD_SET_KEY(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x3c, 0x0, 0x9, 0x0, 0xfffffffe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_KEY={0x14, 0x50, 0x0, 0x1, [@NL80211_KEY_MODE={0x5, 0x9, 0x2}, @NL80211_KEY_IDX={0x5, 0x2, 0x2}]}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x3c}}, 0x0) r0 = socket(0x10, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x9) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="a000000010003b0e2a1a86eb2636037f00000000", @ANYRES32=r1, @ANYBLOB="0200000000008000800012000800010076746936740002"], 0xa0}}, 0x0) capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb}) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) process_vm_readv(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)=""/57, 0x39}], 0x1, &(0x7f0000000380)=[{&(0x7f00000006c0)=""/73, 0x49}], 0x1, 0x0) r3 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r3, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c) setsockopt$MRT6_ADD_MFC_PROXY(r3, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x1}, 0x5c) r4 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_FLUSH(r4, 0x29, 0xd4, &(0x7f0000000240)=0x3, 0x4) r5 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000040), 0x2103, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(r5, 0xc008640a, &(0x7f0000000140)) setsockopt$inet_tcp_buf(r5, 0x6, 0x21, &(0x7f0000000000)="766d222818e6ffec07839e3a11aa8a4cf78e83ae0a01ddba5070eb4aef556bf0cace18c57d6c4b6fc847cb46df3ebfce5c9901273dd4462fcfd62f4351282659e0bf20b246fa3de0800e4eaac7b492c8c8c5640f3ff4949294fd636b1a531b8cb0ce4568eee83169eecca3f6aec5a83b187a6b", 0x73) r6 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c000000100001ebcb9ab6086eb74b42040000000000000000000000008128424a84e065bed7c91c9b54a0d3e50e4e8005ec46fedd0d853664c0261ca0dbf539bd02976d44aaa5c21de189d13fd3c5baa197e2fbf20c4a5b181dccc8fc2491a3baee387abe02206de9d08d46401b8df1ec611064613342c3bdca9f2b02edd219ff7ca395667280460828dfde2ce4f83203da401f", @ANYRES32=0x0, @ANYBLOB="2b030000000000001c0012800b00010067656e65766500000c0002800500030007000000"], 0x3c}}, 0x0) madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3011, 0x17) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x15) pread64(r6, &(0x7f000001a240)=""/102400, 0x19000, 0x100008) r8 = syz_open_dev$cec(&(0x7f0000000300), 0x0, 0x40800) ioctl$CEC_ADAP_S_LOG_ADDRS(r8, 0xc05c6104, &(0x7f0000000080)={"740e00", 0x0, 0x6, 0x2, 0x0, 0x0, "00001000429ebdf2e4139d31074000", '\x00', "0005004e", "10004800", ["efc1c7f7ffffffff06fcb800", "01000000000000000000bdff", "345e417e7fffff31ff8c6800"]}) r9 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000003c0), 0x40, 0x0) readlinkat(r9, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)=""/123, 0x7b) kernel console output (not intermixed with test programs): [ 30.405642][ T39] audit: type=1400 audit(1731772903.260:81): avc: denied { rlimitinh } for pid=5857 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 30.410969][ T39] audit: type=1400 audit(1731772903.260:82): avc: denied { siginh } for pid=5857 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 31.210262][ T39] audit: type=1400 audit(1731772904.070:83): avc: denied { read } for pid=5346 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 31.216038][ T39] audit: type=1400 audit(1731772904.070:84): avc: denied { append } for pid=5346 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 31.221985][ T39] audit: type=1400 audit(1731772904.070:85): avc: denied { open } for pid=5346 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 31.227968][ T39] audit: type=1400 audit(1731772904.070:86): avc: denied { getattr } for pid=5346 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Warning: Permanently added '[localhost]:9590' (ED25519) to the list of known hosts. [ 31.427000][ T39] audit: type=1400 audit(1731772904.290:87): avc: denied { name_bind } for pid=5861 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 33.012847][ T5863] cgroup: Unknown subsys name 'net' [ 33.157501][ T5863] cgroup: Unknown subsys name 'cpuset' [ 33.160471][ T5863] cgroup: Unknown subsys name 'rlimit' [ 33.365716][ T5908] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 34.035992][ T5863] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 35.412931][ T39] kauditd_printk_skb: 17 callbacks suppressed [ 35.412940][ T39] audit: type=1400 audit(1731772908.270:105): avc: denied { execmem } for pid=5939 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 35.554726][ T39] audit: type=1400 audit(1731772908.410:106): avc: denied { create } for pid=5943 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 35.559899][ T39] audit: type=1400 audit(1731772908.410:107): avc: denied { read write } for pid=5943 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 35.566583][ T39] audit: type=1400 audit(1731772908.410:108): avc: denied { open } for pid=5943 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 35.572580][ T39] audit: type=1400 audit(1731772908.420:109): avc: denied { ioctl } for pid=5943 comm="syz-executor" path="socket:[1760]" dev="sockfs" ino=1760 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 35.573172][ T5946] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 35.583224][ T5946] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 35.585620][ T5946] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 35.587967][ T5946] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 35.591975][ T5956] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 35.594316][ T5957] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 35.595513][ T5955] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 35.596781][ T5957] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 35.598857][ T5955] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 35.600913][ T5957] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 35.602080][ T5955] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 35.604121][ T5957] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 35.605621][ T5946] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 35.605967][ T5955] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 35.606178][ T5955] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 35.606293][ T5955] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 35.614812][ T39] audit: type=1400 audit(1731772908.470:110): avc: denied { read } for pid=5947 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 35.615009][ T5946] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 35.617791][ T5956] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 35.618430][ T5956] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 35.618654][ T5956] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 35.618759][ T5956] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 35.620243][ T39] audit: type=1400 audit(1731772908.470:111): avc: denied { open } for pid=5947 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 35.621115][ T5956] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 35.622417][ T5946] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 35.623691][ T39] audit: type=1400 audit(1731772908.470:112): avc: denied { mounton } for pid=5947 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 35.623707][ T5956] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 35.758881][ T39] audit: type=1400 audit(1731772908.620:113): avc: denied { module_request } for pid=5949 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 35.776152][ T5949] chnl_net:caif_netlink_parms(): no params data found [ 35.793057][ T5943] chnl_net:caif_netlink_parms(): no params data found [ 35.816310][ T5947] chnl_net:caif_netlink_parms(): no params data found [ 35.831680][ T5948] chnl_net:caif_netlink_parms(): no params data found [ 35.883467][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.886012][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.887980][ T5949] bridge_slave_0: entered allmulticast mode [ 35.889994][ T5949] bridge_slave_0: entered promiscuous mode [ 35.922830][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.924857][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.926952][ T5949] bridge_slave_1: entered allmulticast mode [ 35.928924][ T5949] bridge_slave_1: entered promiscuous mode [ 35.998035][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.999945][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.001836][ T5943] bridge_slave_0: entered allmulticast mode [ 36.003814][ T5943] bridge_slave_0: entered promiscuous mode [ 36.006269][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.008121][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.009994][ T5943] bridge_slave_1: entered allmulticast mode [ 36.011957][ T5943] bridge_slave_1: entered promiscuous mode [ 36.021316][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.023761][ T5947] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.025814][ T5947] bridge_slave_0: entered allmulticast mode [ 36.028053][ T5947] bridge_slave_0: entered promiscuous mode [ 36.039369][ T5948] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.041265][ T5948] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.043201][ T5948] bridge_slave_0: entered allmulticast mode [ 36.048035][ T5948] bridge_slave_0: entered promiscuous mode [ 36.067101][ T5947] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.069279][ T5947] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.071103][ T5947] bridge_slave_1: entered allmulticast mode [ 36.073380][ T5947] bridge_slave_1: entered promiscuous mode [ 36.090496][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 36.093516][ T5948] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.095580][ T5948] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.097432][ T5948] bridge_slave_1: entered allmulticast mode [ 36.100181][ T5948] bridge_slave_1: entered promiscuous mode [ 36.110316][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 36.120999][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 36.134843][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 36.138742][ T5947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 36.151578][ T5948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 36.169615][ T5947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 36.180424][ T5948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 36.184131][ T5943] team0: Port device team_slave_0 added [ 36.195854][ T5949] team0: Port device team_slave_0 added [ 36.205855][ T5943] team0: Port device team_slave_1 added [ 36.217125][ T5949] team0: Port device team_slave_1 added [ 36.235367][ T5947] team0: Port device team_slave_0 added [ 36.246486][ T5948] team0: Port device team_slave_0 added [ 36.258852][ T5947] team0: Port device team_slave_1 added [ 36.269585][ T5948] team0: Port device team_slave_1 added [ 36.272121][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.273965][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.281174][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.298378][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.300284][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.308121][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.318795][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.320664][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.327883][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.339147][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.340995][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.347651][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.360375][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.362752][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.372096][ T5948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.375492][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.377327][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.383953][ T5947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.390238][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.392152][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.399506][ T5947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.405828][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.407682][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.414172][ T5948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.478005][ T5947] hsr_slave_0: entered promiscuous mode [ 36.479903][ T5947] hsr_slave_1: entered promiscuous mode [ 36.484879][ T5943] hsr_slave_0: entered promiscuous mode [ 36.486804][ T5943] hsr_slave_1: entered promiscuous mode [ 36.488625][ T5943] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 36.490826][ T5943] Cannot create hsr debugfs directory [ 36.494243][ T5949] hsr_slave_0: entered promiscuous mode [ 36.496349][ T5949] hsr_slave_1: entered promiscuous mode [ 36.498042][ T5949] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 36.500014][ T5949] Cannot create hsr debugfs directory [ 36.510571][ T5948] hsr_slave_0: entered promiscuous mode [ 36.512529][ T5948] hsr_slave_1: entered promiscuous mode [ 36.514290][ T5948] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 36.516418][ T5948] Cannot create hsr debugfs directory [ 36.715974][ T5948] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 36.719979][ T5948] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 36.723098][ T5948] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 36.729546][ T5948] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 36.744998][ T5948] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.746950][ T5948] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.749123][ T5948] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.751126][ T5948] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.753862][ T5943] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 36.757452][ T5943] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 36.763815][ T1216] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.766696][ T1216] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.781279][ T5943] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 36.784986][ T5943] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 36.810252][ T5949] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 36.813713][ T5949] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 36.817216][ T5949] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 36.821735][ T5949] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 36.861988][ T5948] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.865459][ T5947] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 36.868610][ T5947] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 36.871675][ T5947] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 36.875230][ T5947] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 36.886458][ T5948] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.900062][ T1223] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.901882][ T1223] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.910971][ T1223] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.912889][ T1223] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.922648][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.944545][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.953676][ T5949] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.959449][ T5943] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.964485][ T78] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.966324][ T78] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.969459][ T39] audit: type=1400 audit(1731772909.830:114): avc: denied { sys_module } for pid=5948 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 36.975878][ T78] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.977666][ T78] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.980706][ T78] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.982483][ T78] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.985390][ T78] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.987157][ T78] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.019244][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0 [ 37.029372][ T5947] 8021q: adding VLAN 0 to HW filter on device team0 [ 37.036752][ T5948] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 37.041322][ T78] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.043208][ T78] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.047377][ T78] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.049285][ T78] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.089334][ T5948] veth0_vlan: entered promiscuous mode [ 37.093229][ T5948] veth1_vlan: entered promiscuous mode [ 37.099058][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 37.104333][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 37.122434][ T5948] veth0_macvtap: entered promiscuous mode [ 37.129807][ T5948] veth1_macvtap: entered promiscuous mode [ 37.140566][ T5943] veth0_vlan: entered promiscuous mode [ 37.149867][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 37.152904][ T5949] veth0_vlan: entered promiscuous mode [ 37.156410][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.159724][ T5943] veth1_vlan: entered promiscuous mode [ 37.166240][ T5948] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.168500][ T5948] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.170653][ T5948] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.172844][ T5948] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.177345][ T5949] veth1_vlan: entered promiscuous mode [ 37.182338][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 37.198844][ T5943] veth0_macvtap: entered promiscuous mode [ 37.205208][ T5943] veth1_macvtap: entered promiscuous mode [ 37.222713][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.225207][ T5949] veth0_macvtap: entered promiscuous mode [ 37.227270][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.242121][ T5947] veth0_vlan: entered promiscuous mode [ 37.247070][ T5949] veth1_macvtap: entered promiscuous mode [ 37.252913][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.256423][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.259466][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 37.261993][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.264780][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.267238][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.269870][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.272918][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 37.276609][ T5947] veth1_vlan: entered promiscuous mode [ 37.280231][ T78] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.281389][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.282296][ T78] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.285217][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.289813][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.291760][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.296013][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.298902][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.301444][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.304371][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.307814][ T5943] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.310055][ T5943] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.312277][ T5943] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.314474][ T5943] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.320827][ T5949] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.323055][ T5949] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.325522][ T5949] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.327688][ T5949] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.359615][ T5947] veth0_macvtap: entered promiscuous mode [ 37.365865][ T5948] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 37.365922][ T5947] veth1_macvtap: entered promiscuous mode [ 37.369978][ T78] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.374109][ T78] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.382303][ T1223] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.386649][ T1223] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.393476][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.395372][ T6008] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2'. [ 37.396972][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.401156][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.403822][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.406480][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.409101][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.412420][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 37.417042][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.419805][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.422399][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.426195][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.428775][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.431414][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.434415][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.440936][ T6008] : entered promiscuous mode [ 37.448236][ T1223] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.448578][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.450247][ T1223] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.452120][ T5947] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.452148][ T5947] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.452162][ T5947] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.452175][ T5947] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.452282][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.495029][ T1195] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.497073][ T1195] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.513178][ T6018] tipc: Enabling of bearer rejected, failed to enable media [ 37.514356][ T6017] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1'. [ 37.517349][ T1195] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.521425][ T1195] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.612231][ T6032] netlink: 256 bytes leftover after parsing attributes in process `syz.1.7'. [ 37.615558][ T6032] openvswitch: netlink: Missing key (keys=40, expected=80) [ 37.627214][ T6017] Zero length message leads to an empty skb [ 37.635777][ T5302] Bluetooth: hci0: command tx timeout [ 37.635886][ T5946] Bluetooth: hci2: command tx timeout [ 37.638022][ T5302] Bluetooth: hci1: command tx timeout [ 37.644955][ T5302] Bluetooth: hci3: command tx timeout [ 37.684336][ T6044] netlink: 164 bytes leftover after parsing attributes in process `syz.0.13'. [ 37.727672][ T6048] syz.2.14 uses obsolete (PF_INET,SOCK_PACKET) [ 37.882899][ T6065] netlink: 164 bytes leftover after parsing attributes in process `syz.2.20'. [ 37.915677][ T6068] xt_ipcomp: unknown flags 12 [ 37.917428][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.919440][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.921333][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.923275][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.925692][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.927621][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.929498][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.931637][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.933562][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.935827][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.937745][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.939611][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.941432][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.943228][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.945506][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.947771][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.949748][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.951695][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.953647][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.956427][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.958369][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.960299][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.962226][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.964159][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.966170][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.968099][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.969973][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.971903][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.973823][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.975780][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.977638][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.979565][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.981434][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.983274][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.985314][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.987225][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.989146][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.991032][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.992970][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.994934][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.996862][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 37.998780][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.000708][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.002632][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.004463][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.006424][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.008255][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.010084][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.011881][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.013665][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.015617][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.017539][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.019640][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.021521][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.023354][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.025313][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.027180][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.029040][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.030851][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.032783][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.034577][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.036792][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.038610][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.040373][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.042148][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.043938][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.045869][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.047673][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.049462][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.051229][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.053010][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.054904][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.056744][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.058572][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.060424][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.062260][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.064134][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.066078][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.067908][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.069725][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.071536][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.073412][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.075308][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.077243][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.079150][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.081049][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.082905][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.084823][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.086720][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.088561][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.090463][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.092371][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.094271][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.096419][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.098328][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.100257][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.102175][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.104056][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.106054][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.107953][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.109795][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.111703][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.113562][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.115889][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.117810][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.119738][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.121656][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.123546][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.125530][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.127413][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.129290][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.131149][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.133028][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.135671][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.137479][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.139258][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.141165][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.143068][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.145029][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.146891][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.148716][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.150511][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.152347][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.154180][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.156024][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.157770][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.159582][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.161375][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.163227][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.165279][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.167122][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.168958][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.170836][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.172692][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.174589][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.174779][ T25] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 38.176544][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.180361][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.182221][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.184078][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.186039][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.187901][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.189758][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.191631][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.193485][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.195618][ T1015] hid-generic 0008:0007:0003.0002: unknown main item tag 0x0 [ 38.198963][ T1015] hid-generic 0008:0007:0003.0002: hidraw1: HID vffffff.ff Device [syz1] on syz1 [ 38.347673][ T25] usb 7-1: config 0 has no interfaces? [ 38.349130][ T25] usb 7-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 38.351314][ T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 38.354566][ T25] usb 7-1: config 0 descriptor?? [ 38.564422][ T6072] xt_ipcomp: unknown flags 12 [ 38.566602][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.568566][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.570484][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.572382][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.574287][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.576450][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.577962][ T25] usb 7-1: string descriptor 0 read error: -71 [ 38.578516][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.582121][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.584103][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.585564][ T25] usb 7-1: USB disconnect, device number 2 [ 38.586828][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.589774][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.591746][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.593649][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.595862][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.597767][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.599752][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.601787][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.603669][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.605636][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.607606][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.609481][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.611406][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.613328][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.615593][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.617520][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.619446][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.621359][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.623278][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.625266][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.627393][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.629284][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.631180][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.633111][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.635267][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.637236][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.639147][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.641069][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.642982][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.644911][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.647590][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.649733][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.651671][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.653864][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.655943][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.657794][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.659678][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.661687][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.663675][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.666181][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.668452][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.670392][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.672313][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.674224][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.676317][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.678242][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.680166][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.682118][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.684110][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.686059][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.687967][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.689881][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.691787][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.693819][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.695858][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.697788][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.699852][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.701785][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.703715][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.705702][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.707871][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.709893][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.711874][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.713816][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.715998][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.717941][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.719880][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.721821][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.723957][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.726067][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.728035][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.729969][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.731783][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.733692][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.735745][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.737697][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.739636][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.741564][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.743515][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.746059][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.748030][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.750107][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.752048][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.753980][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.756374][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.758333][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.760270][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.762215][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.764154][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.764418][ T6076] fuse: Unknown parameter ' [ 38.764418][ T6076] ' [ 38.766254][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.766267][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.766278][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.766288][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.766300][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.766311][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.779905][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.781855][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.783759][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.785692][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.788707][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.790811][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.792909][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.794984][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.796900][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.798787][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.800716][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.802609][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.804491][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.806757][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.808628][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.810551][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.812478][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.814400][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.816466][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.818392][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.820311][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.822289][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.824241][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.826212][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.826515][ T6081] netlink: 164 bytes leftover after parsing attributes in process `syz.0.24'. [ 38.828126][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.832350][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.834283][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.836328][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.838630][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.840596][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.842516][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.844466][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.846600][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.848562][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.850497][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.852547][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.854491][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.856660][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.858591][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.860536][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.862537][ T8] hid-generic 0008:0007:0003.0003: unknown main item tag 0x0 [ 38.870957][ T8] hid-generic 0008:0007:0003.0003: hidraw1: HID vffffff.ff Device [syz1] on syz1 [ 38.913472][ T6083] (syz.0.25,6083,3):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 38.917859][ T6083] (syz.0.25,6083,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 39.033166][ T6089] netlink: 164 bytes leftover after parsing attributes in process `syz.2.28'. [ 39.039467][ T6089] FAULT_INJECTION: forcing a failure. [ 39.039467][ T6089] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 39.042831][ T6089] CPU: 2 UID: 0 PID: 6089 Comm: syz.2.28 Not tainted 6.12.0-rc7-syzkaller-00189-ge8bdb3c8be08 #0 [ 39.045504][ T6089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 39.048572][ T6089] Call Trace: [ 39.049586][ T6089] [ 39.050358][ T6089] dump_stack_lvl+0x16c/0x1f0 [ 39.051677][ T6089] should_fail_ex+0x497/0x5b0 [ 39.052945][ T6089] copy_fpstate_to_sigframe+0x858/0xaf0 [ 39.054426][ T6089] ? __pfx_copy_fpstate_to_sigframe+0x10/0x10 [ 39.056088][ T6089] ? find_held_lock+0x2d/0x110 [ 39.057395][ T6089] get_sigframe+0x4aa/0x9c0 [ 39.058702][ T6089] ? __pfx_get_sigframe+0x10/0x10 [ 39.060112][ T6089] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 39.061630][ T6089] ? _raw_spin_unlock_irq+0x23/0x50 [ 39.063057][ T6089] ? siginfo_layout+0x1d2/0x290 [ 39.064390][ T6089] x64_setup_rt_frame+0x129/0xcf0 [ 39.065762][ T6089] ? up_write+0x1b2/0x520 [ 39.066930][ T6089] ? __pfx_x64_setup_rt_frame+0x10/0x10 [ 39.068515][ T6089] ? vm_mmap_pgoff+0xf2/0x360 [ 39.070235][ T6089] arch_do_signal_or_restart+0x5e6/0x7e0 [ 39.072104][ T6089] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 39.073733][ T6089] ? __fget_files+0x244/0x3f0 [ 39.074952][ T6089] ? ksys_mmap_pgoff+0x85/0x5c0 [ 39.076626][ T6089] ? __pfx_ksys_write+0x10/0x10 [ 39.078377][ T6089] syscall_exit_to_user_mode+0x150/0x2a0 [ 39.080423][ T6089] do_syscall_64+0xda/0x250 [ 39.082130][ T6089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 39.084281][ T6089] RIP: 0033:0x7ff493d7e719 [ 39.085869][ T6089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 39.091335][ T6089] RSP: 002b:00007ff494c54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 39.093544][ T6089] RAX: 0000000020000000 RBX: 00007ff493f35f80 RCX: 00007ff493d7e719 [ 39.095799][ T6089] RDX: 0000000002000008 RSI: 0000000000b36000 RDI: 0000000020000000 [ 39.097964][ T6089] RBP: 00007ff494c54090 R08: 000000000000000a R09: 0000000000000000 [ 39.100313][ T6089] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 39.102424][ T6089] R13: 0000000000000000 R14: 00007ff493f35f80 R15: 00007ffef02f4ab8 [ 39.104517][ T6089] [ 39.122492][ T6091] netlink: 4 bytes leftover after parsing attributes in process `syz.1.29'. [ 39.124618][ T6091] bridge_slave_1: left allmulticast mode [ 39.126126][ T6091] bridge_slave_1: left promiscuous mode [ 39.127539][ T6091] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.130989][ T6091] bridge_slave_0: left allmulticast mode [ 39.132339][ T6091] bridge_slave_0: left promiscuous mode [ 39.133870][ T6091] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.160380][ T6095] netlink: 8 bytes leftover after parsing attributes in process `syz.0.27'. [ 39.353381][ T6109] netlink: 164 bytes leftover after parsing attributes in process `syz.0.33'. [ 39.385966][ T6111] xt_CT: You must specify a L4 protocol and not use inversions on it [ 39.501128][ T6132] FAULT_INJECTION: forcing a failure. [ 39.501128][ T6132] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 39.504470][ T6132] CPU: 2 UID: 0 PID: 6132 Comm: syz.2.38 Not tainted 6.12.0-rc7-syzkaller-00189-ge8bdb3c8be08 #0 [ 39.507185][ T6132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 39.509956][ T6132] Call Trace: [ 39.510770][ T6132] [ 39.511550][ T6132] dump_stack_lvl+0x16c/0x1f0 [ 39.512784][ T6132] should_fail_ex+0x497/0x5b0 [ 39.514007][ T6132] _copy_to_user+0x32/0xd0 [ 39.515168][ T6132] copy_siginfo_to_user+0x23/0xc0 [ 39.516472][ T6132] x64_setup_rt_frame+0x814/0xcf0 [ 39.517794][ T6132] ? __pfx_x64_setup_rt_frame+0x10/0x10 [ 39.519241][ T6132] ? vm_mmap_pgoff+0xf2/0x360 [ 39.520492][ T6132] arch_do_signal_or_restart+0x5e6/0x7e0 [ 39.521954][ T6132] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 39.523534][ T6132] ? __fget_files+0x244/0x3f0 [ 39.524781][ T6132] ? ksys_mmap_pgoff+0x85/0x5c0 [ 39.526061][ T6132] ? __pfx_ksys_write+0x10/0x10 [ 39.527346][ T6132] syscall_exit_to_user_mode+0x150/0x2a0 [ 39.528814][ T6132] do_syscall_64+0xda/0x250 [ 39.530020][ T6132] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 39.531574][ T6132] RIP: 0033:0x7ff493d7e719 [ 39.532748][ T6132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 39.537579][ T6132] RSP: 002b:00007ff494c54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 39.539591][ T6132] RAX: 0000000020000000 RBX: 00007ff493f35f80 RCX: 00007ff493d7e719 [ 39.541572][ T6132] RDX: 0000000002000008 RSI: 0000000000b36000 RDI: 0000000020000000 [ 39.543583][ T6132] RBP: 00007ff494c54090 R08: 000000000000000a R09: 0000000000000000 [ 39.545559][ T6132] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000002 [ 39.547601][ T6132] R13: 0000000000000000 R14: 00007ff493f35f80 R15: 00007ffef02f4ab8 [ 39.549662][ T6132] [ 39.582645][ T6146] capability: warning: `syz.3.41' uses deprecated v2 capabilities in a way that may be insecure [ 39.626439][ T6146] binder: 6140:6146 ioctl 7b3 200000c0 returned -22 [ 39.682255][ T6158] (syz.2.44,6158,3):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 39.683648][ T6156] o2cb: This node has not been configured. [ 39.684611][ T6158] (syz.2.44,6158,3):ocfs2_fill_super:1178 ERROR: status = -22 [ 39.690617][ T6156] o2cb: Cluster check failed. Fix errors before retrying. [ 39.693194][ T6156] (syz.0.43,6156,0):user_dlm_register:674 ERROR: status = -22 [ 39.696889][ T6156] (syz.0.43,6156,1):dlmfs_mkdir:436 ERROR: Error -22 could not register domain "file0" [ 39.714761][ T5302] Bluetooth: hci2: command tx timeout [ 39.716291][ T5302] Bluetooth: hci0: command tx timeout [ 39.717048][ T5951] Bluetooth: hci3: command tx timeout [ 40.012185][ T6195] FAULT_INJECTION: forcing a failure. [ 40.012185][ T6195] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 40.016915][ T6195] CPU: 0 UID: 0 PID: 6195 Comm: syz.3.58 Not tainted 6.12.0-rc7-syzkaller-00189-ge8bdb3c8be08 #0 [ 40.019696][ T6195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 40.022524][ T6195] Call Trace: [ 40.023442][ T6195] [ 40.024255][ T6195] dump_stack_lvl+0x16c/0x1f0 [ 40.025541][ T6195] should_fail_ex+0x497/0x5b0 [ 40.026808][ T6195] _copy_from_user+0x2e/0xd0 [ 40.028165][ T6195] restore_sigcontext+0xcc/0x6a0 [ 40.029860][ T6195] ? __pfx_restore_sigcontext+0x10/0x10 [ 40.031819][ T6195] ? __pfx_restore_altstack+0x10/0x10 [ 40.033697][ T6195] ? _raw_spin_unlock_irq+0x23/0x50 [ 40.035086][ T6195] ? lockdep_hardirqs_on+0x7c/0x110 [ 40.036491][ T6195] __do_sys_rt_sigreturn+0x1bd/0x240 [ 40.037892][ T6195] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 40.039456][ T6195] do_syscall_64+0xcd/0x250 [ 40.040678][ T6195] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 40.042264][ T6195] RIP: 0033:0x7f7b7011a099 [ 40.043476][ T6195] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25 [ 40.048590][ T6195] RSP: 002b:00007f7b70ee5340 EFLAGS: 00000206 ORIG_RAX: 000000000000000f [ 40.050780][ T6195] RAX: ffffffffffffffda RBX: 00007f7b70335f80 RCX: 00007f7b7011a099 [ 40.052869][ T6195] RDX: 00007f7b70ee5340 RSI: 00007f7b70ee5470 RDI: 0000000000000021 [ 40.054945][ T6195] RBP: 00007f7b70ee6090 R08: 000000000000000a R09: 0000000000000000 [ 40.057244][ T6195] R10: 0000000000000013 R11: 0000000000000206 R12: 0000000000000002 [ 40.059377][ T6195] R13: 0000000000000000 R14: 00007f7b70335f80 R15: 00007ffc8b841b98 [ 40.061439][ T6195] [ 40.153827][ T6214] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 40.188945][ T6216] tipc: Started in network mode [ 40.190141][ T6216] tipc: Node identity ac14140f, cluster identity 4711 [ 40.192431][ T6216] tipc: New replicast peer: 255.255.255.255 [ 40.196601][ T6216] tipc: Enabled bearer , priority 10 [ 40.201689][ T6218] mmap: syz.3.67 (6218) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 40.391594][ T6236] (syz.3.73,6236,3):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 40.393961][ T6236] (syz.3.73,6236,3):ocfs2_fill_super:1178 ERROR: status = -22 [ 40.434271][ T39] kauditd_printk_skb: 137 callbacks suppressed [ 40.434281][ T39] audit: type=1400 audit(1731772913.290:252): avc: denied { connect } for pid=6235 comm="syz.0.74" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 40.440941][ T39] audit: type=1400 audit(1731772913.300:253): avc: denied { write } for pid=6235 comm="syz.0.74" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 40.446035][ T39] audit: type=1400 audit(1731772913.300:254): avc: denied { setopt } for pid=6235 comm="syz.0.74" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 40.450953][ T39] audit: type=1400 audit(1731772913.300:255): avc: denied { create } for pid=6235 comm="syz.0.74" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 40.480593][ T39] audit: type=1400 audit(1731772913.340:256): avc: denied { append } for pid=6240 comm="syz.0.75" name="rtc0" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 40.486649][ T39] audit: type=1400 audit(1731772913.340:257): avc: denied { ioctl } for pid=6240 comm="syz.0.75" path="/dev/rtc0" dev="devtmpfs" ino=944 ioctlcmd=0x7013 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 40.556331][ T39] audit: type=1400 audit(1731772913.420:258): avc: denied { write } for pid=6250 comm="syz.3.76" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 40.562200][ T39] audit: type=1400 audit(1731772913.420:259): avc: denied { open } for pid=6250 comm="syz.3.76" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 40.568384][ T39] audit: type=1400 audit(1731772913.420:260): avc: denied { ioctl } for pid=6250 comm="syz.3.76" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x9379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 40.574767][ T39] audit: type=1400 audit(1731772913.420:261): avc: denied { create } for pid=6250 comm="syz.3.76" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 40.794746][ T8] usb 8-1: new full-speed USB device number 2 using dummy_hcd [ 40.934874][ T8] usb 8-1: device descriptor read/64, error -71 [ 41.184887][ T8] usb 8-1: new full-speed USB device number 3 using dummy_hcd [ 41.186109][ T30] tipc: Node number set to 2886997007 [ 41.266028][ T6272] mmap: syz.1.84 (6272): VmData 37523456 exceed data ulimit 5. Update limits or use boot option ignore_rlimit_data. [ 41.294869][ T6275] (syz.1.85,6275,2):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 41.297310][ T6275] (syz.1.85,6275,2):ocfs2_fill_super:1178 ERROR: status = -22 [ 41.315005][ T8] usb 8-1: device descriptor read/64, error -71 [ 41.394862][ T6281] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.424909][ T8] usb usb8-port1: attempt power cycle [ 41.483503][ T6293] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 41.490496][ T6293] overlayfs: missing 'lowerdir' [ 41.494541][ T6293] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 41.644823][ T5951] Bluetooth: hci1: command tx timeout [ 41.655470][ T6298] (syz.2.94,6298,3):ocfs2_parse_options:1446 ERROR: Unrecognized mount option "usotR! " or missing value [ 41.658898][ T6298] (syz.2.94,6298,3):ocfs2_fill_super:1178 ERROR: status = -22 [ 41.732769][ T6302] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 41.784804][ T8] usb 8-1: new full-speed USB device number 4 using dummy_hcd [ 41.795007][ T5951] Bluetooth: hci0: command tx timeout [ 41.795483][ T5302] Bluetooth: hci3: command tx timeout [ 41.796465][ T5946] Bluetooth: hci2: command tx timeout [ 41.815129][ T8] usb 8-1: device descriptor read/8, error -71 [ 42.054752][ T8] usb 8-1: new full-speed USB device number 5 using dummy_hcd [ 42.075188][ T8] usb 8-1: device descriptor read/8, error -71 [ 42.085748][ T6323] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 42.088059][ T6323] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 42.090857][ T6323] vhci_hcd vhci_hcd.0: Device attached [ 42.093044][ T6324] vhci_hcd: connection closed [ 42.094138][ T45] vhci_hcd: stop threads [ 42.097367][ T45] vhci_hcd: release socket [ 42.098540][ T45] vhci_hcd: disconnect device [ 42.185916][ T8] usb usb8-port1: unable to enumerate USB device [ 42.314128][ T6338] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 42.323745][ T6338] kvm: pic: non byte read [ 42.327782][ T6338] kvm: pic: level sensitive irq not supported [ 42.328038][ T6338] kvm: pic: non byte read [ 42.332876][ T6338] kvm: pic: level sensitive irq not supported [ 42.333183][ T6338] kvm: pic: non byte read [ 42.337853][ T6338] kvm: pic: level sensitive irq not supported [ 42.338225][ T6338] kvm: pic: non byte read [ 42.612242][ T6351] sctp: [Deprecated]: syz.2.111 (pid 6351) Use of int in max_burst socket option deprecated. [ 42.612242][ T6351] Use struct sctp_assoc_value instead [ 42.664172][ T6355] __nla_validate_parse: 17 callbacks suppressed [ 42.664182][ T6355] netlink: 32 bytes leftover after parsing attributes in process `syz.2.113'. [ 42.834929][ T6005] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 42.835157][ T6366] netlink: 164 bytes leftover after parsing attributes in process `syz.2.117'. [ 42.866766][ T6368] xt_hashlimit: size too large, truncated to 1048576 [ 42.914789][ T5944] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 42.997444][ T6005] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 43.000157][ T6005] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 43.002590][ T6005] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 43.005104][ T6005] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 43.008187][ T6005] usb 5-1: config 0 descriptor?? [ 43.096595][ T5944] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 43.099511][ T5944] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 43.102378][ T5944] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 43.105190][ T5944] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 43.109717][ T5944] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 43.112154][ T5944] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 43.114334][ T5944] usb 6-1: Manufacturer: syz [ 43.118635][ T5944] usb 6-1: config 0 descriptor?? [ 43.420488][ T6005] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0 [ 43.423173][ T6005] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0 [ 43.427462][ T6005] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0D8C:0022.0004/input/input5 [ 43.437113][ T6005] cm6533_jd 0003:0D8C:0022.0004: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0 [ 43.522962][ T5944] appleir 0003:05AC:8243.0005: unknown main item tag 0x0 [ 43.525232][ T5944] appleir 0003:05AC:8243.0005: No inputs registered, leaving [ 43.529046][ T5944] appleir 0003:05AC:8243.0005: hiddev1,hidraw2: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 43.721326][ T6389] netlink: 32 bytes leftover after parsing attributes in process `syz.2.124'. [ 43.725427][ T5302] Bluetooth: hci1: command tx timeout [ 43.734404][ T5944] usb 6-1: USB disconnect, device number 2 [ 43.753360][ T56] IPVS: starting estimator thread 0... [ 43.798659][ T6385] kvm: kvm [6384]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000 [ 43.801219][ T6385] kvm: kvm [6384]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000 [ 43.821850][ T6385] kvm: kvm [6384]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000 [ 43.829765][ T6385] kvm: kvm [6384]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000 [ 43.838043][ T6385] kvm: kvm [6384]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000 [ 43.846701][ T6385] kvm: kvm [6384]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000 [ 43.854335][ T6385] kvm: kvm [6384]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000 [ 43.854802][ T6397] IPVS: using max 36 ests per chain, 86400 per kthread [ 43.862179][ T6385] kvm: kvm [6384]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000 [ 43.870099][ T6385] kvm: kvm [6384]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000 [ 43.875408][ T5946] Bluetooth: hci2: command tx timeout [ 43.875449][ T5951] Bluetooth: hci3: command tx timeout [ 43.875477][ T5956] Bluetooth: hci0: command tx timeout [ 43.880634][ T6385] kvm: kvm [6384]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000 [ 44.575058][ T6006] usb 5-1: reset high-speed USB device number 2 using dummy_hcd [ 44.729349][ T6414] loop7: detected capacity change from 0 to 16384 [ 44.782473][ T6420] netlink: 16 bytes leftover after parsing attributes in process `syz.3.132'. [ 44.817853][ T6427] netlink: 32 bytes leftover after parsing attributes in process `syz.3.134'. [ 45.061402][ T6466] netlink: 16178 bytes leftover after parsing attributes in process `syz.3.144'. [ 45.104329][ T6470] netlink: 164 bytes leftover after parsing attributes in process `syz.1.146'. [ 45.110619][ T6470] netlink: 'syz.1.146': attribute type 9 has an invalid length. [ 45.112701][ T6470] netlink: 134660 bytes leftover after parsing attributes in process `syz.1.146'. [ 45.115172][ T6470] openvswitch: netlink: Message has 8 unknown bytes. [ 45.119572][ T6472] netlink: 16 bytes leftover after parsing attributes in process `syz.3.147'. [ 45.148370][ T6474] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6474 comm=syz.3.148 [ 45.286133][ T6478] ======================================================= [ 45.286133][ T6478] WARNING: The mand mount option has been deprecated and [ 45.286133][ T6478] and is ignored by this kernel. Remove the mand [ 45.286133][ T6478] option from the mount to silence this warning. [ 45.286133][ T6478] ======================================================= [ 45.295052][ T6478] overlayfs: failed to resolve './file2': -2 [ 45.297549][ T6478] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.150'. [ 45.300344][ T6478] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes. [ 45.323979][ T6478] kvm: pic: non byte write [ 45.354800][ T25] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 45.486350][ T25] usb 6-1: device descriptor read/64, error -71 [ 45.590399][ T6487] process 'syz.0.153' launched '/dev/fd/7' with NULL argv: empty string added [ 45.595070][ T39] kauditd_printk_skb: 66 callbacks suppressed [ 45.595084][ T39] audit: type=1400 audit(1731772918.450:328): avc: denied { execute_no_trans } for pid=6486 comm="syz.0.153" path=2F6D656D66643AA39F6EB4645204693502ACCEE1889D5B4038D7CC1F2039497F151D933DB5E75C274CE6D28EBC294A7454447181CF81BAE531F5202864656C6574656429 dev="tmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 45.628161][ T39] audit: type=1400 audit(1731772918.490:329): avc: denied { mounton } for pid=6486 comm="syz.0.153" path="/44/file0" dev="9p" ino=38666497 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 45.635352][ T39] audit: type=1400 audit(1731772918.490:330): avc: denied { getattr } for pid=6486 comm="syz.0.153" name="/" dev="9p" ino=38666497 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 45.639327][ T6487] 9pnet_virtio: no channels available for device syz [ 45.641567][ T39] audit: type=1400 audit(1731772918.500:331): avc: denied { mounton } for pid=6486 comm="syz.0.153" path="/44/file0" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 45.744778][ T25] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 45.805216][ T5951] Bluetooth: hci4: command 0xfc11 tx timeout [ 45.807268][ T5302] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 45.837737][ T39] audit: type=1400 audit(1731772918.700:332): avc: denied { create } for pid=6495 comm="syz.0.157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 45.844081][ T39] audit: type=1400 audit(1731772918.700:333): avc: denied { read } for pid=6495 comm="syz.0.157" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 45.851433][ T39] audit: type=1400 audit(1731772918.700:334): avc: denied { open } for pid=6495 comm="syz.0.157" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 45.885519][ T25] usb 6-1: device descriptor read/64, error -71 [ 45.964791][ T5302] Bluetooth: hci3: command tx timeout [ 45.994903][ T25] usb usb6-port1: attempt power cycle [ 46.026413][ T39] audit: type=1400 audit(1731772918.890:335): avc: denied { create } for pid=6500 comm="syz.2.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 46.032250][ T39] audit: type=1400 audit(1731772918.890:336): avc: denied { getopt } for pid=6500 comm="syz.2.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 46.045372][ T39] audit: type=1400 audit(1731772918.910:337): avc: denied { listen } for pid=6500 comm="syz.2.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 46.113262][ T6512] netlink: 'syz.3.158': attribute type 4 has an invalid length. [ 46.123038][ T6512] netlink: 'syz.3.158': attribute type 4 has an invalid length. [ 46.127933][ T6512] netlink: 'syz.3.158': attribute type 4 has an invalid length. [ 46.206393][ T5302] Bluetooth: hci1: unexpected cc 0x042f length: 1 < 7 [ 46.307050][ T8] usb 5-1: USB disconnect, device number 2 [ 46.344898][ T25] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 46.366226][ T25] usb 6-1: device descriptor read/8, error -71 [ 46.614748][ T25] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 46.635118][ T25] usb 6-1: device descriptor read/8, error -71 [ 46.669416][ T6496] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 46.671735][ T6496] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 46.679225][ T6496] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 46.682664][ T6496] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 46.685434][ T6496] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 46.688452][ T6496] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 46.691410][ T6496] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 46.692974][ T6496] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 46.695951][ T6496] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 46.698673][ T6496] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 46.700283][ T6496] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 46.702333][ T6496] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 46.732968][ T6531] xt_cluster: you have exceeded the maximum number of cluster nodes (4095 > 32) [ 46.745308][ T25] usb usb6-port1: unable to enumerate USB device [ 46.771578][ T6530] netlink: 'syz.3.167': attribute type 5 has an invalid length. [ 46.875891][ T6546] bond0: option arp_interval: invalid value (18446744073709551615) [ 46.877972][ T6546] bond0: option arp_interval: allowed values 0 - 2147483647 [ 46.950603][ T6553] ipt_ECN: cannot use operation on non-tcp rule [ 46.983637][ T6560] evm: overlay not supported [ 47.103645][ T6575] netlink: 'syz.0.178': attribute type 5 has an invalid length. [ 47.147614][ T6582] vim2m vim2m.0: vidioc_s_fmt queue busy [ 47.179080][ T6586] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 47.182235][ T6586] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 47.185063][ T6586] overlayfs: conflicting options: userxattr,redirect_dir=on [ 47.250344][ T6599] xt_l2tp: v2 sid > 0xffff: 150994944 [ 47.279889][ T6601] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 47.504784][ T75] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 47.636227][ T75] usb 6-1: device descriptor read/64, error -71 [ 47.859598][ T6634] /dev/nullb0: Can't open blockdev [ 47.874913][ T75] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 47.961334][ T6640] ufs: failed to set blocksize [ 47.962665][ T5302] Bluetooth: hci0: command 0x0c1a tx timeout [ 48.007338][ T75] usb 6-1: device descriptor read/64, error -71 [ 48.117400][ T75] usb usb6-port1: attempt power cycle [ 48.438498][ T6662] __nla_validate_parse: 8 callbacks suppressed [ 48.438508][ T6662] netlink: 32 bytes leftover after parsing attributes in process `syz.0.207'. [ 48.506886][ T6669] tap0: tun_chr_ioctl cmd 1074025678 [ 48.508412][ T6669] tap0: group set to 0 [ 48.509839][ T6669] sg_write: data in/out 959656204/2 bytes for SCSI command 0x0-- guessing data in; [ 48.509839][ T6669] program syz.1.210 not setting count and/or reply_len properly [ 48.590151][ T6672] serio: Serial port ptm0 [ 48.713056][ T1322] cfg80211: failed to load regulatory.db [ 48.723681][ T6681] netlink: 164 bytes leftover after parsing attributes in process `syz.1.213'. [ 48.740575][ T6686] netlink: 164 bytes leftover after parsing attributes in process `syz.2.214'. [ 48.754841][ T5302] Bluetooth: hci3: command 0x0c1a tx timeout [ 48.756918][ T5302] Bluetooth: hci2: command 0x0c1a tx timeout [ 48.760360][ T5302] Bluetooth: hci1: command 0x0c1a tx timeout [ 48.761470][ T6675] bond0: (slave caif0): Error: Device type is different from other slaves [ 48.875123][ T6138] IPVS: starting estimator thread 0... [ 48.976303][ T6705] IPVS: using max 36 ests per chain, 86400 per kthread [ 48.990279][ T6712] netlink: 8 bytes leftover after parsing attributes in process `syz.1.222'. [ 48.994445][ T6712] ip6t_rpfilter: unknown options [ 49.038839][ T6716] netlink: 164 bytes leftover after parsing attributes in process `syz.1.224'. [ 49.116943][ T6727] netlink: 32 bytes leftover after parsing attributes in process `syz.1.229'. [ 49.137155][ T6729] netlink: 164 bytes leftover after parsing attributes in process `syz.1.230'. [ 49.168091][ T5302] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 49.168577][ T6732] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=25368 sclass=netlink_route_socket pid=6732 comm=syz.1.231 [ 49.174393][ T5302] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 49.304390][ T6722] sp0: Synchronizing with TNC [ 49.306807][ T6722] sp0: Found TNC [ 49.479110][ T6744] netlink: 164 bytes leftover after parsing attributes in process `syz.2.235'. [ 49.572059][ T6746] netlink: 16 bytes leftover after parsing attributes in process `syz.2.236'. [ 49.576495][ T6746] openvswitch: netlink: EtherType 0 is less than min 600 [ 49.619124][ T6752] netlink: 32 bytes leftover after parsing attributes in process `syz.2.238'. [ 49.757568][ T6770] dccp_invalid_packet: pskb_may_pull failed [ 49.998950][ T6794] binder: 6793:6794 ioctl c0306201 0 returned -14 [ 50.008078][ T6795] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 50.035891][ T5302] Bluetooth: hci0: command 0x0c1a tx timeout [ 50.148272][ T6807] 9pnet: Could not find request transport: 0xffffffffffffffff [ 50.167560][ T6811] No buffer was provided with the request [ 50.169217][ T6810] No buffer was provided with the request [ 50.175037][ T30] usb 6-1: new low-speed USB device number 10 using dummy_hcd [ 50.274793][ T8] usb 8-1: new low-speed USB device number 6 using dummy_hcd [ 50.337106][ T30] usb 6-1: config 167 has too many interfaces: 202, using maximum allowed: 32 [ 50.339454][ T30] usb 6-1: config 167 has 1 interface, different from the descriptor's value: 202 [ 50.440467][ T8] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 50.443894][ T8] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 50.447055][ T8] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8 [ 50.450718][ T8] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 50.453860][ T8] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 50.457438][ T6801] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 50.460726][ T8] hub 8-1:1.0: bad descriptor, ignoring hub [ 50.462909][ T8] hub 8-1:1.0: probe with driver hub failed with error -5 [ 50.465096][ T8] cdc_wdm 8-1:1.0: skipping garbage [ 50.466598][ T8] cdc_wdm 8-1:1.0: skipping garbage [ 50.476583][ T8] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 50.478219][ T8] cdc_wdm 8-1:1.0: Unknown control protocol [ 50.511514][ T6835] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22 [ 50.514151][ T6835] netdevsim netdevsim2: Direct firmware load for . failed with error -22 [ 50.518413][ T6835] netdevsim netdevsim2: Falling back to sysfs fallback for: . [ 50.636523][ T6842] mkiss: ax0: crc mode is auto. [ 50.638801][ T6842] GUP no longer grows the stack in syz.0.265 (6842): 20004000-20008000 (20002000) [ 50.641438][ T6842] CPU: 0 UID: 0 PID: 6842 Comm: syz.0.265 Not tainted 6.12.0-rc7-syzkaller-00189-ge8bdb3c8be08 #0 [ 50.644380][ T6842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 50.645346][ T39] kauditd_printk_skb: 170 callbacks suppressed [ 50.645356][ T39] audit: type=1400 audit(1731772923.500:508): avc: denied { search } for pid=5664 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 50.647145][ T6842] Call Trace: [ 50.648775][ T39] audit: type=1400 audit(1731772923.500:509): avc: denied { read } for pid=5664 comm="dhcpcd" name="n104" dev="tmpfs" ino=3016 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 50.654344][ T6842] [ 50.654351][ T6842] dump_stack_lvl+0x16c/0x1f0 [ 50.657013][ T39] audit: type=1400 audit(1731772923.500:510): avc: denied { open } for pid=5664 comm="dhcpcd" path="/run/udev/data/n104" dev="tmpfs" ino=3016 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 50.660849][ T6842] gup_vma_lookup+0x1d2/0x220 [ 50.661768][ T39] audit: type=1400 audit(1731772923.500:511): avc: denied { getattr } for pid=5664 comm="dhcpcd" path="/run/udev/data/n104" dev="tmpfs" ino=3016 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 50.662985][ T6842] __get_user_pages+0x236/0x3b50 [ 50.677300][ T6842] ? find_held_lock+0x2d/0x110 [ 50.678622][ T6842] ? mtree_load+0x30a/0xa40 [ 50.679819][ T6842] ? __pfx_lock_release+0x10/0x10 [ 50.681128][ T6842] ? trace_lock_acquire+0x14a/0x1d0 [ 50.682675][ T6842] ? __pfx___get_user_pages+0x10/0x10 [ 50.684087][ T6842] get_user_pages_remote+0x25e/0xb30 [ 50.685463][ T6842] ? __pfx_get_user_pages_remote+0x10/0x10 [ 50.687015][ T6842] __access_remote_vm+0x235/0x7b0 [ 50.688349][ T6842] ? __pfx___access_remote_vm+0x10/0x10 [ 50.689797][ T6842] ? lock_acquire+0x2f/0xb0 [ 50.690994][ T6842] ? proc_pid_cmdline_read+0x25c/0x900 [ 50.692498][ T6842] proc_pid_cmdline_read+0x4f5/0x900 [ 50.693866][ T6842] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 50.695408][ T6842] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 50.696919][ T6842] vfs_readv+0x6bf/0x890 [ 50.698047][ T6842] ? futex_wait+0x121/0x380 [ 50.699251][ T6842] ? __pfx_vfs_readv+0x10/0x10 [ 50.700506][ T6842] ? find_held_lock+0x2d/0x110 [ 50.701839][ T6842] ? __pfx_lock_release+0x10/0x10 [ 50.703145][ T6842] ? trace_lock_acquire+0x14a/0x1d0 [ 50.704529][ T6842] ? __fget_files+0x244/0x3f0 [ 50.705769][ T6842] ? __x64_sys_preadv+0x22d/0x310 [ 50.707085][ T6842] __x64_sys_preadv+0x22d/0x310 [ 50.708378][ T6842] ? __pfx___x64_sys_preadv+0x10/0x10 [ 50.709781][ T6842] do_syscall_64+0xcd/0x250 [ 50.710980][ T6842] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 50.712539][ T6842] RIP: 0033:0x7ffa12f7e719 [ 50.713716][ T6842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 50.718745][ T6842] RSP: 002b:00007ffa13ceb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 50.720926][ T6842] RAX: ffffffffffffffda RBX: 00007ffa13135f80 RCX: 00007ffa12f7e719 [ 50.723426][ T6842] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000004 [ 50.725465][ T6842] RBP: 00007ffa12ff175e R08: 0000000000000000 R09: 0000000000000000 [ 50.727498][ T6842] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000 [ 50.729552][ T6842] R13: 0000000000000000 R14: 00007ffa13135f80 R15: 00007ffd3baba0f8 [ 50.731720][ T6842] [ 50.738606][ C1] cdc_wdm 8-1:1.0: nonzero urb status received: -71 [ 50.740438][ C1] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes [ 50.742441][ C1] cdc_wdm 8-1:1.0: nonzero urb status received: -71 [ 50.744209][ C1] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes [ 50.745992][ C1] cdc_wdm 8-1:1.0: nonzero urb status received: -71 [ 50.747727][ C1] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes [ 50.749364][ C1] cdc_wdm 8-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1 [ 50.756683][ T6801] block nbd3: NBD_DISCONNECT [ 50.760147][ T39] audit: type=1400 audit(1731772923.620:512): avc: denied { write } for pid=6800 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 50.760428][ T6801] block nbd3: Send disconnect failed -107 [ 50.769561][ T39] audit: type=1400 audit(1731772923.630:513): avc: denied { create } for pid=6800 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 50.771262][ T6800] block nbd3: Disconnected due to user request. [ 50.774804][ T39] audit: type=1400 audit(1731772923.630:514): avc: denied { bind } for pid=6800 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 50.781851][ T6800] block nbd3: shutting down sockets [ 50.836224][ T5302] Bluetooth: hci1: command 0x0c1a tx timeout [ 50.837680][ T5951] Bluetooth: hci2: command 0x0c1a tx timeout [ 50.837693][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout [ 50.837873][ T39] audit: type=1400 audit(1731772923.700:515): avc: denied { write } for pid=6850 comm="syz.0.267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 50.846487][ T39] audit: type=1400 audit(1731772923.700:516): avc: denied { bind } for pid=6850 comm="syz.0.267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 50.851405][ T39] audit: type=1400 audit(1731772923.700:517): avc: denied { name_bind } for pid=6850 comm="syz.0.267" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 50.864461][ T56] usb 8-1: USB disconnect, device number 6 [ 50.975600][ T6878] unsupported nlmsg_type 40 [ 51.057302][ T5951] Bluetooth: hci0: unexpected event for opcode 0x0404 [ 51.096424][ T5951] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 51.655374][ T5302] Bluetooth: hci1: unexpected event for opcode 0x080d [ 51.740022][ T5302] Bluetooth: hci1: unexpected event for opcode 0x080d [ 51.833979][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.836170][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.838163][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.840160][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.842444][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.845185][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.847141][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.849152][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.851267][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.853418][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.855592][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.858051][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.859948][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.861932][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.863830][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.865930][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.867812][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.869685][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.871660][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.873616][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.877115][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.879057][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.881033][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.883272][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.885284][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.887240][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.889172][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.891158][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.893164][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.895148][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.897082][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.899026][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.900981][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.903434][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.905706][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.907646][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.909557][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.911521][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.913492][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.915355][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.917264][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.919149][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.920958][ T1322] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 51.923682][ T1322] hid-generic 0000:0000:0000.0006: hidraw1: HID v0.00 Device [syz0] on syz0 [ 52.000185][ T6931] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 52.034364][ T6934] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes. [ 52.084352][ T6943] erspan0: refused to change device tx_queue_len [ 52.154420][ T6961] nbd: nbd2 already in use [ 52.197415][ T6968] capability: warning: `syz.3.307' uses 32-bit capabilities (legacy support in use) [ 52.283952][ T6976] netlink: 'syz.3.309': attribute type 12 has an invalid length. [ 52.290004][ T6976] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 52.292442][ T6976] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 52.294951][ T6976] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 52.297711][ T6976] vxlan0: entered promiscuous mode [ 52.374906][ T6981] block nbd3: NBD_DISCONNECT [ 52.376232][ T6981] block nbd3: Send disconnect failed -107 [ 52.377713][ T6982] block nbd3: NBD_DISCONNECT [ 52.378947][ T6982] block nbd3: Send disconnect failed -107 [ 52.380667][ T6979] block nbd3: Disconnected due to user request. [ 52.382338][ T6979] block nbd3: shutting down sockets [ 52.481521][ T6990] Context (ID=0x1) not attached to queue pair (handle=0x2:0x0) [ 52.914863][ T5302] Bluetooth: hci3: command 0x0c1a tx timeout [ 52.916289][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout [ 52.934823][ T30] usb 6-1: New USB device found, idVendor=1025, idProduct=005f, bcdDevice=fe.29 [ 52.937509][ T30] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 52.940895][ T30] usb 6-1: can't set config #167, error -71 [ 52.944083][ T30] usb 6-1: USB disconnect, device number 10 [ 53.238486][ T7019] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 53.621941][ T7034] tmpfs: Bad value for 'mpol' [ 53.799811][ T7044] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=54 sclass=netlink_tcpdiag_socket pid=7044 comm=syz.2.334 [ 53.832953][ T7044] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7044 comm=syz.2.334 [ 53.864882][ T75] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 54.014823][ T75] usb 6-1: Using ep0 maxpacket: 16 [ 54.017553][ T75] usb 6-1: config 1 interface 0 altsetting 155 bulk endpoint 0x82 has invalid maxpacket 1024 [ 54.020169][ T75] usb 6-1: config 1 interface 0 altsetting 155 bulk endpoint 0x3 has invalid maxpacket 1024 [ 54.022782][ T75] usb 6-1: config 1 interface 0 altsetting 155 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 54.026297][ T75] usb 6-1: config 1 interface 0 has no altsetting 0 [ 54.029557][ T75] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 54.031925][ T75] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 54.033995][ T75] usb 6-1: Product: ш [ 54.035413][ T75] usb 6-1: Manufacturer: 臖机쌏攳⋴ꨫ둔嗀積뚼ஷ޵㢉毨쪻盜盰按徚횉︤뜻᥇荀㋣쏊걷ඃ汩瞈␿㚵둙櫤゠见ウ뾵ﰱႂ㽳몈廾ࡆ⟖猗굗✷懷犬ۙ嬒ᘃ壔惇郅厮뤏揱홥䎳鷸蝉㡧풃೥öӯ॰ᇧ껔脥滑椐ꉽ臛꿎廔쪆猫늢챇烦嵐씱쥤﵂겔 [ 54.042997][ T75] usb 6-1: SerialNumber: syz [ 54.047678][ T7034] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 54.049600][ T7034] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 54.253899][ T7034] nfs: Unknown parameter 'mpol' [ 54.260084][ T75] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71 [ 54.264130][ T75] usb 6-1: USB disconnect, device number 11 [ 54.607259][ T7068] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 54.921356][ T7101] __nla_validate_parse: 15 callbacks suppressed [ 54.921366][ T7101] netlink: 8 bytes leftover after parsing attributes in process `syz.1.350'. [ 54.926013][ T7101] netlink: 12 bytes leftover after parsing attributes in process `syz.1.350'. [ 54.928691][ T7101] netlink: 'syz.1.350': attribute type 20 has an invalid length. [ 54.965419][ T7103] wg2: entered promiscuous mode [ 54.966740][ T7103] wg2: entered allmulticast mode [ 54.973638][ T7104] wg2: left promiscuous mode [ 54.975087][ T7104] wg2: left allmulticast mode [ 55.004780][ T5951] Bluetooth: hci3: command 0x0c1a tx timeout [ 55.026661][ T25] IPVS: starting estimator thread 0... [ 55.076960][ T5951] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 55.079287][ T5951] Bluetooth: hci0: Injecting HCI hardware error event [ 55.082158][ T5951] Bluetooth: hci0: hardware error 0x00 [ 55.115050][ T7111] IPVS: using max 37 ests per chain, 88800 per kthread [ 55.722157][ T39] kauditd_printk_skb: 69 callbacks suppressed [ 55.722167][ T39] audit: type=1400 audit(1731772928.580:587): avc: denied { map } for pid=7137 comm="syz.1.362" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 55.726180][ T5946] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 55.731876][ T5946] Bluetooth: hci1: Injecting HCI hardware error event [ 55.734346][ T5302] Bluetooth: hci1: hardware error 0x00 [ 55.736850][ T39] audit: type=1400 audit(1731772928.580:588): avc: denied { execute } for pid=7137 comm="syz.1.362" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 55.756878][ T7140] sp0: Synchronizing with TNC [ 55.761284][ T39] audit: type=1400 audit(1731772928.620:589): avc: denied { setopt } for pid=7139 comm="syz.1.363" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 55.764124][ T7140] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 55.766431][ T39] audit: type=1400 audit(1731772928.620:590): avc: denied { read } for pid=7139 comm="syz.1.363" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 55.766449][ T39] audit: type=1400 audit(1731772928.620:591): avc: denied { open } for pid=7139 comm="syz.1.363" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 55.766463][ T39] audit: type=1400 audit(1731772928.620:592): avc: denied { ioctl } for pid=7139 comm="syz.1.363" path="/dev/fb0" dev="devtmpfs" ino=637 ioctlcmd=0x4605 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 56.038913][ T7143] FAULT_INJECTION: forcing a failure. [ 56.038913][ T7143] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 56.042603][ T7143] CPU: 2 UID: 0 PID: 7143 Comm: syz.0.364 Not tainted 6.12.0-rc7-syzkaller-00189-ge8bdb3c8be08 #0 [ 56.045350][ T7143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 56.048179][ T7143] Call Trace: [ 56.049101][ T7143] [ 56.049957][ T7143] dump_stack_lvl+0x16c/0x1f0 [ 56.051210][ T7143] should_fail_ex+0x497/0x5b0 [ 56.052457][ T7143] _copy_from_user+0x2e/0xd0 [ 56.053676][ T7143] kstrtouint_from_user+0xd7/0x1c0 [ 56.054946][ T7143] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 56.056440][ T7143] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 56.057903][ T7143] proc_fail_nth_write+0x84/0x250 [ 56.059224][ T7143] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 56.060682][ T7143] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 56.062147][ T7143] vfs_write+0x24c/0x1150 [ 56.063299][ T7143] ? __fget_files+0x23a/0x3f0 [ 56.064532][ T7143] ? fdget_pos+0x24c/0x360 [ 56.065697][ T7143] ? __pfx_lock_release+0x10/0x10 [ 56.067009][ T7143] ? trace_lock_acquire+0x14a/0x1d0 [ 56.068377][ T7143] ? __pfx_vfs_write+0x10/0x10 [ 56.069633][ T7143] ? __pfx___mutex_lock+0x10/0x10 [ 56.070958][ T7143] ? __fget_files+0x244/0x3f0 [ 56.072199][ T7143] ksys_write+0x12f/0x260 [ 56.073332][ T7143] ? __pfx_ksys_write+0x10/0x10 [ 56.074611][ T7143] do_syscall_64+0xcd/0x250 [ 56.075811][ T7143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.077337][ T7143] RIP: 0033:0x7ffa12f7d1ff [ 56.078505][ T7143] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 56.083533][ T7143] RSP: 002b:00007ffa13ceb030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 56.085614][ T7143] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffa12f7d1ff [ 56.087674][ T7143] RDX: 0000000000000001 RSI: 00007ffa13ceb0a0 RDI: 0000000000000004 [ 56.089718][ T7143] RBP: 00007ffa13ceb090 R08: 0000000000000000 R09: 0000000000000000 [ 56.091767][ T7143] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 56.093773][ T7143] R13: 0000000000000000 R14: 00007ffa13135f80 R15: 00007ffd3baba0f8 [ 56.095763][ T7143] [ 56.130238][ T75] IPVS: starting estimator thread 0... [ 56.215270][ T39] audit: type=1400 audit(1731772929.080:593): avc: denied { connect } for pid=7161 comm="syz.3.371" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 56.224783][ T7149] IPVS: using max 36 ests per chain, 86400 per kthread [ 56.234638][ T7164] netlink: 24 bytes leftover after parsing attributes in process `syz.3.372'. [ 56.288077][ T7172] netlink: 76 bytes leftover after parsing attributes in process `syz.3.374'. [ 56.320791][ T7175] netlink: 28 bytes leftover after parsing attributes in process `syz.3.375'. [ 56.377275][ T39] audit: type=1400 audit(1731772929.240:594): avc: denied { read } for pid=7174 comm="syz.3.375" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 56.391366][ T7178] program syz.1.376 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 56.406511][ T6138] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 56.435980][ T39] audit: type=1400 audit(1731772929.300:595): avc: denied { write } for pid=7183 comm="syz.1.379" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 56.440899][ T39] audit: type=1400 audit(1731772929.300:596): avc: denied { listen } for pid=7183 comm="syz.1.379" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 56.554772][ T6138] usb 5-1: Using ep0 maxpacket: 32 [ 56.558185][ T6138] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36 [ 56.562421][ T6138] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 56.565263][ T6138] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 56.567563][ T6138] usb 5-1: Product: syz [ 56.574115][ T6138] usb 5-1: Manufacturer: syz [ 56.575844][ T6138] usb 5-1: SerialNumber: syz [ 56.578151][ T6138] usb 5-1: config 0 descriptor?? [ 56.579972][ T7156] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 56.582575][ T6138] hub 5-1:0.0: bad descriptor, ignoring hub [ 56.584147][ T6138] hub 5-1:0.0: probe with driver hub failed with error -5 [ 56.587642][ T6138] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input6 [ 56.623806][ T7213] Unsupported ieee802154 address type: 0 [ 56.663296][ T7217] netlink: 32 bytes leftover after parsing attributes in process `syz.3.390'. [ 56.708786][ T7213] team0 (unregistering): Port device team_slave_0 removed [ 56.714396][ T7213] team0 (unregistering): Port device team_slave_1 removed [ 56.787288][ T6138] usb 5-1: USB disconnect, device number 3 [ 56.788866][ C3] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 56.802278][ T7231] binder: 7230:7231 ioctl c0306201 200001c0 returned -22 [ 56.805192][ T7231] binder: 7230:7231 ioctl c020aa04 20000000 returned -22 [ 56.851945][ T7241] openvswitch: netlink: Missing key (keys=20040, expected=2000) [ 56.854293][ T7243] netlink: 32 bytes leftover after parsing attributes in process `syz.1.399'. [ 56.877789][ T7245] tipc: Enabling of bearer rejected, media not registered [ 57.154879][ T5951] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 57.156955][ T7135] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 57.176615][ T7256] xt_CT: You must specify a L4 protocol and not use inversions on it [ 57.179395][ T7256] openvswitch: netlink: Key 6 has unexpected len 4 expected 2 [ 57.332970][ T7268] netlink: 32 bytes leftover after parsing attributes in process `syz.0.408'. [ 57.436527][ T7275] netlink: 16 bytes leftover after parsing attributes in process `syz.0.411'. [ 57.457768][ T7277] netlink: 'syz.0.412': attribute type 6 has an invalid length. [ 57.460065][ T7277] netlink: 100 bytes leftover after parsing attributes in process `syz.0.412'. [ 57.472791][ T7277] ================================================================== [ 57.474807][ T7277] BUG: KASAN: vmalloc-out-of-bounds in acpi_nfit_ctl+0x19e8/0x1cf0 [ 57.476777][ T7277] Read of size 4 at addr ffffc9000fbb3038 by task syz.0.412/7277 [ 57.479880][ T7277] [ 57.480770][ T7277] CPU: 0 UID: 0 PID: 7277 Comm: syz.0.412 Not tainted 6.12.0-rc7-syzkaller-00189-ge8bdb3c8be08 #0 [ 57.483481][ T7277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 57.486124][ T7277] Call Trace: [ 57.486979][ T7277] [ 57.487758][ T7277] dump_stack_lvl+0x116/0x1f0 [ 57.489095][ T7277] print_report+0xc3/0x620 [ 57.490483][ T7277] ? __virt_addr_valid+0x5e/0x590 [ 57.491804][ T7277] kasan_report+0xd9/0x110 [ 57.492955][ T7277] ? acpi_nfit_ctl+0x19e8/0x1cf0 [ 57.494216][ T7277] ? acpi_nfit_ctl+0x19e8/0x1cf0 [ 57.495517][ T7277] acpi_nfit_ctl+0x19e8/0x1cf0 [ 57.496770][ T7277] ? rcu_is_watching+0x12/0xc0 [ 57.498006][ T7277] ? trace_contention_end+0xea/0x140 [ 57.499492][ T7277] ? __pfx_acpi_nfit_ctl+0x10/0x10 [ 57.500818][ T7277] ? __mutex_lock+0x1a6/0x9c0 [ 57.502061][ T7277] ? __might_fault+0x13b/0x190 [ 57.503313][ T7277] ? nd_ioctl+0xf7a/0x18c0 [ 57.504486][ T7277] ? __pfx___mutex_lock+0x10/0x10 [ 57.505800][ T7277] ? __might_fault+0xe3/0x190 [ 57.507026][ T7277] nd_ioctl+0x13bc/0x18c0 [ 57.508163][ T7277] ? __pfx_acpi_nfit_clear_to_send+0x10/0x10 [ 57.510078][ T7277] ? __pfx_nd_ioctl+0x10/0x10 [ 57.511530][ T7277] ? trace_lock_acquire+0x14a/0x1d0 [ 57.512888][ T7277] ? selinux_file_ioctl+0x180/0x270 [ 57.514243][ T7277] ? selinux_file_ioctl+0xb4/0x270 [ 57.515582][ T7277] ? __pfx_bus_ioctl+0x10/0x10 [ 57.516834][ T7277] __x64_sys_ioctl+0x18f/0x220 [ 57.518115][ T7277] do_syscall_64+0xcd/0x250 [ 57.519463][ T7277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.521605][ T7277] RIP: 0033:0x7ffa12f7e719 [ 57.522975][ T7277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 57.527954][ T7277] RSP: 002b:00007ffa13ceb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 57.530554][ T7277] RAX: ffffffffffffffda RBX: 00007ffa13135f80 RCX: 00007ffa12f7e719 [ 57.532580][ T7277] RDX: 0000000020000140 RSI: 00000000c008640a RDI: 0000000000000004 [ 57.534606][ T7277] RBP: 00007ffa12ff175e R08: 0000000000000000 R09: 0000000000000000 [ 57.536634][ T7277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 57.538661][ T7277] R13: 0000000000000000 R14: 00007ffa13135f80 R15: 00007ffd3baba0f8 [ 57.541124][ T7277] [ 57.541938][ T7277] [ 57.542565][ T7277] The buggy address belongs to the virtual mapping at [ 57.542565][ T7277] [ffffc9000fbb3000, ffffc9000fbb5000) created by: [ 57.542565][ T7277] nd_ioctl+0xf14/0x18c0 [ 57.546901][ T7277] [ 57.547542][ T7277] The buggy address belongs to the physical page: [ 57.549288][ T7277] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88804ee66000 pfn:0x4ee60 [ 57.552163][ T7277] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 57.553943][ T7277] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 57.556134][ T7277] raw: ffff88804ee66000 0000000000000000 00000001ffffffff 0000000000000000 [ 57.558312][ T7277] page dumped because: kasan: bad access detected [ 57.560374][ T7277] page_owner tracks the page as allocated [ 57.561853][ T7277] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2cc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN), pid 7277, tgid 7276 (syz.0.412), ts 57472780740, free_ts 57464930877 [ 57.566364][ T7277] post_alloc_hook+0x2d1/0x350 [ 57.567610][ T7277] get_page_from_freelist+0xfce/0x2f80 [ 57.569066][ T7277] __alloc_pages_noprof+0x223/0x25a0 [ 57.570931][ T7277] alloc_pages_bulk_noprof+0x77c/0x1110 [ 57.572369][ T7277] alloc_pages_bulk_array_mempolicy_noprof+0x250/0x11f0 [ 57.574150][ T7277] __vmalloc_node_range_noprof+0x517/0x15a0 [ 57.575707][ T7277] vmalloc_noprof+0x6b/0x90 [ 57.576888][ T7277] nd_ioctl+0xf14/0x18c0 [ 57.578002][ T7277] __x64_sys_ioctl+0x18f/0x220 [ 57.579438][ T7277] do_syscall_64+0xcd/0x250 [ 57.580636][ T7277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.582208][ T7277] page last free pid 7277 tgid 7276 stack trace: [ 57.584021][ T7277] free_unref_page+0x661/0x1080 [ 57.585288][ T7277] __folio_put+0x32a/0x450 [ 57.586446][ T7277] free_page_and_swap_cache+0x249/0x2c0 [ 57.587879][ T7277] tlb_remove_table_rcu+0x89/0xe0 [ 57.589176][ T7277] rcu_core+0x79d/0x14d0 [ 57.590278][ T7277] handle_softirqs+0x213/0x8f0 [ 57.591719][ T7277] irq_exit_rcu+0xbb/0x120 [ 57.593131][ T7277] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 57.595105][ T7277] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 57.597115][ T7277] [ 57.597738][ T7277] Memory state around the buggy address: [ 57.599210][ T7277] ffffc9000fbb2f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 57.601269][ T7277] ffffc9000fbb2f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 57.603677][ T7277] >ffffc9000fbb3000: 00 00 00 00 00 00 00 03 f8 f8 f8 f8 f8 f8 f8 f8 [ 57.606288][ T7277] ^ [ 57.607770][ T7277] ffffc9000fbb3080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 57.609801][ T7277] ffffc9000fbb3100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 57.611857][ T7277] ================================================================== [ 57.614601][ T7277] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 57.616537][ T7277] CPU: 0 UID: 0 PID: 7277 Comm: syz.0.412 Not tainted 6.12.0-rc7-syzkaller-00189-ge8bdb3c8be08 #0 [ 57.619271][ T7277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 57.622055][ T7277] Call Trace: [ 57.622994][ T7277] [ 57.623790][ T7277] dump_stack_lvl+0x3d/0x1f0 [ 57.625002][ T7277] panic+0x71d/0x800 [ 57.626037][ T7277] ? __pfx_panic+0x10/0x10 [ 57.627219][ T7277] ? preempt_schedule_thunk+0x1a/0x30 [ 57.628620][ T7277] ? preempt_schedule_common+0x44/0xc0 [ 57.630056][ T7277] check_panic_on_warn+0xab/0xb0 [ 57.631356][ T7277] end_report+0x117/0x180 [ 57.632500][ T7277] kasan_report+0xe9/0x110 [ 57.633826][ T7277] ? acpi_nfit_ctl+0x19e8/0x1cf0 [ 57.635075][ T7277] ? acpi_nfit_ctl+0x19e8/0x1cf0 [ 57.636305][ T7277] acpi_nfit_ctl+0x19e8/0x1cf0 [ 57.637488][ T7277] ? rcu_is_watching+0x12/0xc0 [ 57.638687][ T7277] ? trace_contention_end+0xea/0x140 [ 57.640019][ T7277] ? __pfx_acpi_nfit_ctl+0x10/0x10 [ 57.641307][ T7277] ? __mutex_lock+0x1a6/0x9c0 [ 57.642533][ T7277] ? __might_fault+0x13b/0x190 [ 57.643765][ T7277] ? nd_ioctl+0xf7a/0x18c0 [ 57.644955][ T7277] ? __pfx___mutex_lock+0x10/0x10 [ 57.646261][ T7277] ? __might_fault+0xe3/0x190 [ 57.647481][ T7277] nd_ioctl+0x13bc/0x18c0 [ 57.648584][ T7277] ? __pfx_acpi_nfit_clear_to_send+0x10/0x10 [ 57.650147][ T7277] ? __pfx_nd_ioctl+0x10/0x10 [ 57.651385][ T7277] ? trace_lock_acquire+0x14a/0x1d0 [ 57.652824][ T7277] ? selinux_file_ioctl+0x180/0x270 [ 57.654510][ T7277] ? selinux_file_ioctl+0xb4/0x270 [ 57.655860][ T7277] ? __pfx_bus_ioctl+0x10/0x10 [ 57.657110][ T7277] __x64_sys_ioctl+0x18f/0x220 [ 57.658358][ T7277] do_syscall_64+0xcd/0x250 [ 57.659559][ T7277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.661099][ T7277] RIP: 0033:0x7ffa12f7e719 [ 57.662273][ T7277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 57.667239][ T7277] RSP: 002b:00007ffa13ceb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 57.669377][ T7277] RAX: ffffffffffffffda RBX: 00007ffa13135f80 RCX: 00007ffa12f7e719 [ 57.671413][ T7277] RDX: 0000000020000140 RSI: 00000000c008640a RDI: 0000000000000004 [ 57.673668][ T7277] RBP: 00007ffa12ff175e R08: 0000000000000000 R09: 0000000000000000 [ 57.675704][ T7277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 57.677731][ T7277] R13: 0000000000000000 R14: 00007ffa13135f80 R15: 00007ffd3baba0f8 [ 57.679779][ T7277] [ 57.681061][ T7277] Kernel Offset: disabled [ 57.682274][ T7277] Rebooting in 86400 seconds.. VM DIAGNOSIS: 16:02:10 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff850bba70 RDI=ffffffff9aaebc80 RBP=ffffffff9aaebc40 RSP=ffffc9000f70f540 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552 R12=0000000000000000 R13=0000000000000020 R14=fffffbfff355d7e2 R15=dffffc0000000000 RIP=ffffffff850bba97 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007ffa13ceb6c0 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ffa13135f8c CR3=0000000050870000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffa12ff25fb ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffa12ff2608 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffa12ff2602 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffa12ff2616 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffa12ff269c ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffa12ff277a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffa1310c488 00007ffa1310c480 00007ffa1310c478 00007ffa1310c450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffa13c6d100 00007ffa1310c440 00007ffa1310c458 00007ffa1310c4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffa1310c498 00007ffa1310c490 00007ffa1310c488 00007ffa1310c480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000000a9d35 RBX=0000000000000001 RCX=ffffffff8b23b459 RDX=0000000000000000 RSI=ffffffff8b6ccfc0 RDI=ffffffff8bd1b6c0 RBP=ffffed1003b58910 RSP=ffffc90000187e08 R8 =0000000000000001 R9 =ffffed100d4e7025 R10=ffff88806a73812b R11=0000000000000000 R12=0000000000000001 R13=ffff88801dac4880 R14=ffffffff905f5d88 R15=0000000000000000 RIP=ffffffff8b23c83f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ffa13ceaf98 CR3=0000000024076000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0fffc00 Opmask01=00000000000000ff Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000015 000000000001df8a ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555e91f490 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555e92b3cc 000055555e92b270 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ce034e0005000808 02c6030000000008 0802be0300400731 9d13e4f2bd9e4200 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001180802ee03 00b8fc06ffffffff f7c7c1ef180802d6 0300480010080802 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 001808039e030068 8cff31ffff7f7e41 5e341808038603ff bd00000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 030280041885e384 8808000100001008 0606010dfa000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0101f61000118004 1080040100001208 06080133c6003065 6c69662f2e01ffff ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffef08 1080030004000180 08000f800401c710 0008122ec6007965 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6b66702f74656e2f 666c65732f636f72 702f01ffffffffff ffffffd5080f8003 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0280041885e38488 0800010000100806 06010dfa00000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000073a69 RBX=0000000000000002 RCX=ffffffff8b23b459 RDX=0000000000000000 RSI=ffffffff8b6ccfc0 RDI=ffffffff8bd1b6c0 RBP=ffffed1003b5b000 RSP=ffffc90000197e08 R8 =0000000000000001 R9 =ffffed100d507025 R10=ffff88806a83812b R11=0000000000000000 R12=0000000000000002 R13=ffff88801dad8000 R14=ffffffff905f5d88 R15=0000000000000000 RIP=ffffffff8b23c83f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ffa12f62220 CR3=0000000049f4c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000004000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc8b841f30 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7b701f25fb ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7b701f2608 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7b701f2602 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7b701f2616 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7b701f269c ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7b701f277a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000071543 RBX=0000000000000003 RCX=ffffffff8b23b459 RDX=0000000000000000 RSI=ffffffff8b6ccfc0 RDI=ffffffff8bd1b6c0 RBP=ffffed1003b5b488 RSP=ffffc900001a7e08 R8 =0000000000000001 R9 =ffffed100d527025 R10=ffff88806a93812b R11=0000000000000000 R12=0000000000000003 R13=ffff88801dada440 R14=ffffffff905f5d88 R15=0000000000000000 RIP=ffffffff8b23c83f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055f28536d908 CR3=000000002aa12000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=bc1d3b09bc1d3b09 bc1d3b09bc1d3b09 bc1d3b09bc1d3b09 bc1d3b09bc1d3b09 bc1d3b09bc1d3b09 bc1d3b09bc1d3b09 bc1d3b09bc1d3b09 bc1d3b09bc1d3b09 ZMM22=a68196f4a68196f4 a68196f4a68196f4 a68196f4a68196f4 a68196f4a68196f4 a68196f4a68196f4 a68196f4a68196f4 a68196f4a68196f4 a68196f4a68196f4 ZMM23=c90c175fc90c175f c90c175fc90c175f c90c175fc90c175f c90c175fc90c175f c90c175fc90c175f c90c175fc90c175f c90c175fc90c175f c90c175fc90c175f ZMM24=36aeba7a36aeba7a 36aeba7a36aeba7a 36aeba7a36aeba7a 36aeba7a36aeba7a 36aeba7a36aeba7a 36aeba7a36aeba7a 36aeba7a36aeba7a 36aeba7a36aeba7a ZMM25=bc3b189bbc3b189b bc3b189bbc3b189b bc3b189bbc3b189b bc3b189bbc3b189b bc3b189bbc3b189b bc3b189bbc3b189b bc3b189bbc3b189b bc3b189bbc3b189b ZMM26=cd07df8fcd07df8f cd07df8fcd07df8f cd07df8fcd07df8f cd07df8fcd07df8f cd07df8fcd07df8f cd07df8fcd07df8f cd07df8fcd07df8f cd07df8fcd07df8f ZMM27=c6ca362bc6ca362b c6ca362bc6ca362b c6ca362bc6ca362b c6ca362bc6ca362b c6ca362bc6ca362b c6ca362bc6ca362b c6ca362bc6ca362b c6ca362bc6ca362b ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=d4020000d4020000 d4020000d4020000 d4020000d4020000 d4020000d4020000 d4020000d4020000 d4020000d4020000 d4020000d4020000 d4020000d4020000