last executing test programs: 20.482007967s ago: executing program 0 (id=1554): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=@bridge_dellink={0x34, 0x13, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x5, 0x0, 0x1, {0xc, 0x6, 0x0, 0x1, [{0x8, 0x1}]}}]}]}, 0x34}}, 0x0) r3 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="24000000000000000000000c00450072646d615f636d0008000300"/36], 0x24}}, 0x0) 20.229258263s ago: executing program 0 (id=1555): bind$alg(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_dev$radio(0x0, 0xffffffffffffffff, 0x2) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205649, &(0x7f0000000100)={0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = getpid() process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x9}) io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0) msgget$private(0x0, 0x0) msgrcv(0x0, &(0x7f0000000040)={0x0, ""/27}, 0x23, 0x0, 0x0) msgsnd(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="02"], 0x8, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r6, 0x0, 0x0, 0x200008d4, &(0x7f000072e000)={0xa, 0x0, 0x0, @loopback}, 0x1c) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x80) r8 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0) r9 = fsmount(r8, 0x0, 0x0) socket$l2tp(0x2, 0x2, 0x73) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r7, r9, 0x1, 0x0, @void}, 0x10) close_range(r5, 0xffffffffffffffff, 0x0) 19.438998326s ago: executing program 0 (id=1563): socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) syz_open_procfs$pagemap(0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}}, 0x0) 19.23336241s ago: executing program 0 (id=1565): bpf$MAP_CREATE(0x0, 0x0, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) pipe2$9p(&(0x7f0000000140), 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) openat$iommufd(0xffffffffffffff9c, 0x0, 0x208500, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000400)={r1, @in={{0x2, 0x0, @empty}}, 0x0, 0x9, 0x0, 0x2, 0x414d6714bf78e135}, 0x9c) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d}, 0x90) r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r4}, 0x40) syz_emit_ethernet(0xe80, &(0x7f0000000100)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x4, 0x5}}}}}}}, 0x0) 18.766080971s ago: executing program 0 (id=1566): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800"/13], &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00'}, 0x10) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x7, 0x0, &(0x7f00000064c0)) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="2c00000039000900000000000000000003000000040000000c0001"], 0x2c}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x5, 0x4, 0x8, 0x0, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) writev(r1, &(0x7f00000000c0)=[{&(0x7f00000001c0)="3900000013000318680907070000000f0000ff3f04000000170a001700000000040037000d00030001332564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x10) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1}, 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r3) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r4 = inotify_init1(0x0) fcntl$getownex(r4, 0x10, &(0x7f0000000140)={0x0, 0x0}) r6 = syz_open_procfs(r5, &(0x7f0000000040)='fd/4\x00') ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r6, 0x40086610, &(0x7f0000000180)={@id={0x2, 0x300, @b}}) 18.503381579s ago: executing program 0 (id=1568): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDENABIO(r0, 0x4b36) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) getresgid(&(0x7f0000000040), &(0x7f0000000180)=0x0, &(0x7f00000016c0)) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYBLOB=',group_id=', @ANYRESDEC=r2]) creat(0x0, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00005f5000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000300)={0x2, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x25dfdbff, [@sadb_ident={0x2, 0xb, 0xfa68, 0x0, 0x401}, @sadb_address={0x5, 0x0, 0x2b, 0x80, 0x0, @in6}]}, 0x48}}, 0x0) r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01) openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0) write$char_usb(r3, &(0x7f0000000040)="e2", 0x918) 9.930323238s ago: executing program 2 (id=1619): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xc, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000180000095000000000000009f"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@kprobe_multi=@addrs={0x0, 0x2, 0x0, &(0x7f0000000280)=[0x348c772a, 0xc04b], 0x1ff}}, 0x40) 9.573287419s ago: executing program 2 (id=1621): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x2, 0x3, 0x201, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000580), 0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xc}, 0x48) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0xc0096616, 0x0) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0x41}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) recvmmsg(r1, &(0x7f000000e700)=[{{&(0x7f00000024c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, 0x80, &(0x7f00000036c0)=[{&(0x7f0000002540)=""/82, 0x52}, {&(0x7f00000025c0)=""/53, 0x35}, {&(0x7f0000002600)=""/4096, 0x1000}, {&(0x7f0000003600)=""/130, 0x82}], 0x4, &(0x7f0000003700)=""/61, 0x3d}, 0x1}, {{0x0, 0x0, &(0x7f0000005d00)=[{&(0x7f0000003740)=""/181, 0xb5}, {&(0x7f0000003800)=""/163, 0xa3}, {&(0x7f00000038c0)=""/193, 0xc1}, {&(0x7f0000003ac0)=""/47, 0x2f}, {&(0x7f0000003b00)=""/246, 0xf6}, {&(0x7f0000003c00)=""/4096, 0x1000}, {&(0x7f0000004c00)=""/4096, 0x1000}, {&(0x7f0000005c00)=""/233, 0xe9}], 0x8, &(0x7f0000005dc0)=""/77, 0x4d}, 0x9}, {{&(0x7f0000005e40)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000007240)=[{&(0x7f0000005ec0)=""/143, 0x8f}, {&(0x7f0000005f80)=""/143, 0x8f}, {&(0x7f0000006040)=""/84, 0x54}, {&(0x7f0000006240)=""/4096, 0x1000}, {&(0x7f00000060c0)=""/134, 0x86}], 0x5}, 0x5}, {{&(0x7f00000072c0)=@vsock, 0x80, &(0x7f0000008440)=[{&(0x7f0000007340)=""/179, 0xb3}, {&(0x7f0000007400)=""/4096, 0x1000}, {&(0x7f0000008500)=""/130, 0x82}], 0x3, &(0x7f0000008680)=""/211, 0xd3}, 0x3b5f}, {{&(0x7f000000ce80)=@llc, 0x80, &(0x7f000000d040)=[{&(0x7f000000cf00)=""/24, 0x18}, {&(0x7f000000cf40)=""/235, 0xeb}], 0x2}}, {{&(0x7f000000d080)=@nl, 0x80, &(0x7f000000d200)=[{&(0x7f000000d100)=""/26, 0x1a}, {&(0x7f000000d140)=""/8, 0x8}, {&(0x7f000000d180)=""/37, 0x25}, {&(0x7f000000d1c0)}], 0x4, &(0x7f000000d240)=""/7, 0x7}}, {{&(0x7f000000d280)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x80, &(0x7f000000e680)=[{&(0x7f000000d300)=""/136, 0x88}, {&(0x7f000000d3c0)=""/169, 0xa9}, {&(0x7f000000d480)=""/204, 0xcc}, {&(0x7f000000d580)=""/76, 0x4c}, {&(0x7f000000d600)=""/4096, 0x1000}, {&(0x7f000000e600)=""/93, 0x5d}], 0x6}, 0x8}], 0x7, 0x40000100, &(0x7f000000e980)) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000080)='./file1\x00') r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r5, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0xc, 0xfeff, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xfeff}) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)) r6 = open(&(0x7f0000000240)='./bus\x00', 0x10d27e, 0x0) fallocate(r6, 0x0, 0x0, 0x7fff) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0x4d, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_percpu\x00', 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000004000000000000000000850000000700000018110000", @ANYRESOCT=r2], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000001080)={0x0, 0x0, 0x0, {0x0, 0x1}, {0x4f, 0x2}}) r8 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01) write$char_usb(r8, 0x0, 0x0) ioctl$EVIOCGKEY(r8, 0x80404518, &(0x7f0000000100)=""/71) socket$netlink(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='ext4_evict_inode\x00', r7}, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) 8.187252275s ago: executing program 2 (id=1629): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xc, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000180000095000000000000009f"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@kprobe_multi=@addrs={0x0, 0x2, 0x0, &(0x7f0000000280)=[0x348c772a, 0xc04b], 0x1ff}}, 0x40) 8.186715615s ago: executing program 1 (id=1630): ioperm(0x0, 0x1, 0x5) sched_getscheduler(0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x275a, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) readlink(&(0x7f00000001c0)='./file0\x00', &(0x7f0000004040)=""/4092, 0xffc) 7.875072194s ago: executing program 1 (id=1632): socket$nl_route(0x10, 0x3, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}}, 0x0) 7.833753693s ago: executing program 2 (id=1633): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDENABIO(r0, 0x4b36) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) getresgid(&(0x7f0000000040), &(0x7f0000000180)=0x0, &(0x7f00000016c0)) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYBLOB=',group_id=', @ANYRESDEC=r2]) creat(0x0, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00005f5000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000300)={0x2, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x25dfdbff, [@sadb_ident={0x2, 0xb, 0xfa68, 0x0, 0x401}, @sadb_address={0x5, 0x0, 0x2b, 0x80, 0x0, @in6}, @sadb_x_sec_ctx={0x1, 0x18, 0x0, 0x9}]}, 0x50}}, 0x0) r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01) openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0) write$char_usb(r3, &(0x7f0000000040)="e2", 0x918) 7.746582527s ago: executing program 1 (id=1635): capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000000)) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0x19, 0x0, 0x0}) r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000200)={0x15, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r3, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r1, 0x0, 0xffffffffffffffff, 0x1}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r5, 0x26, &(0x7f0000000380)={0x1}) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r6, 0x7, &(0x7f00000006c0)) fcntl$lock(r5, 0x25, &(0x7f00000000c0)={0x0, 0x0, 0x1}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f00000004c0)={0x48, 0x7, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23b3b6}) r7 = dup3(r0, 0xffffffffffffffff, 0x0) r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r8, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_UNMAP$ALL(r7, 0x3b86, &(0x7f0000000240)={0x18, r9}) 7.527779885s ago: executing program 1 (id=1636): syz_open_dev$video4linux(0x0, 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) syz_open_dev$dri(0x0, 0x0, 0x0) syz_io_uring_setup(0x213d, 0x0, &(0x7f00000002c0)=0x0, 0x0) syz_io_uring_submit(r0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index}) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r1 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f00000000c0)={'veth0_vlan\x00', 0x3ae9}) (fail_nth: 6) openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$PPPIOCGIDLE32(0xffffffffffffffff, 0x8008743f, &(0x7f0000000000)) 7.323480272s ago: executing program 2 (id=1637): prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x20) sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000008c0)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2={0xff, 0x24, '\x00', 0x0}}, 0x1c, 0x0}}], 0x1, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001540)=[{0x0}], 0x1, &(0x7f0000000040)}, 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='nfs4\x00', 0x0, &(0x7f00000001c0)='\x01') r0 = socket$nl_xfrm(0x10, 0x3, 0x6) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) r1 = getpid() r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r2}, 0x10) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x0, 0x10001}, 0x48) r3 = socket$inet6(0xa, 0x2, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000940)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd60fca33f00007300fe800000000000000000000000000000fe8000000000080000000000000000aa199d95fbca12dd0313cd6d1681510385afdf5bb07b76803aba1255b8fa6f2fd3606f4d43df1006eaa4c41468d04e559e629712afb72a9bfee90d329ae92f544ad62c6a94013f663ded9ab54928a8e12a7cca59e0cf11874f65fa66a1e008eece6b7c3c16f54ab67321e9ccf7f02dbecc98d1556d27578c64fed0ced063d2d597bd6e88381658c175c5f37942efd74bcdf3215d87592becc3c116f0ae7c6b51f7aa080d49586b1d0aced05169d64e169626bdb47beb0c7d92a06da076920c58079e739b2cf61e9d284d9a40ab989f5a85f5402024eb199c796887298541cd11df359f02815858236d8e9ce867833e31b3be4180cc371fe019d6d7fd980c7576f5c1719217e73750353c75092bbdf74109f51599aedc54f9a84381a382142608db797ca8ffb7f11c3325e13b64c4e84c39d2d78035fdf28859695f9148e363ac6244fe424fa46e77d3b7c595a5e5befab4817c45972762a68f691944e1ee2bf49267efc8264c91cafed689"], 0x0) connect$inet6(r3, &(0x7f00000002c0)={0xa, 0x0, 0x20}, 0x1c) sendmmsg(r3, &(0x7f00000092c0), 0x4ff, 0x80fe) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="000100001a00010000fe5e7dffeb871576e888eb9ac34bfdab538eaf0b5f9302e7000000000000000000000001ffffffff00000000000000000000000000000000000000002b2b949e57fae84c149f8bf4d12dec19acf087b681aa1717fd49cbd538769d8a9a60617789ea56d261e3f868ed1a2b98776083edebb3f53abbfe7e1b4139c80a303e2bb79d1405785ba04c4c9d9897c37835a52b9c72abf5fdcca365209c3688b993181e210beafdb88c64f7cf872bc26940033adc880d89f989b4bc1868747b5f64c8967e863cf6a42d9db97d92aaca9c65b990c645fb91cf448ce57580b0556690", @ANYRES8=0x0, @ANYRES32=0x0, @ANYRES32=r3], 0x100}, 0x1, 0x0, 0x0, 0x4000}, 0x4000011) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_NEXT_CMD_LEN(0xffffffffffffffff, 0x2283, &(0x7f00000000c0)=0xbf) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) clock_getres(0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071105400000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007313000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff31a8fd3c0fd8b7ff831028e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d1203bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ffec8636fd8f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f5617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1eee055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012c4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca9098ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955adad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3ba18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41613d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b4762302a271722fb515f31e0dd115a292f1e68481a62cd15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc82300000457f164d24108b9950ebb31ba3c6d1cb3c7502f732654b880c8a22a0126f9cb86e151f69496fb2609de91b22ae191fe7447d039b3c146adccf22145ee6c83800000000000000000000f02b28562133fc6356402f1f7bb9d9e2a8e61b81c11283467a9f233f21b07f97b9f85c3819"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0) 7.322988991s ago: executing program 3 (id=1638): bpf$MAP_CREATE(0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140), 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) openat$iommufd(0xffffffffffffff9c, 0x0, 0x208500, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000400)={r1, @in={{0x2, 0x0, @empty}}, 0x0, 0x9, 0x0, 0x2, 0x414d6714bf78e135}, 0x9c) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d}, 0x90) r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r4}, 0x40) syz_emit_ethernet(0xe80, &(0x7f0000000100)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x4, 0x5}}}}}}}, 0x0) 6.790765844s ago: executing program 3 (id=1639): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800"/13], &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00'}, 0x10) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x7, 0x0, &(0x7f00000064c0)) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="2c00000039000900000000000000000003000000040000000c0001"], 0x2c}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x5, 0x4, 0x8, 0x0, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) writev(r1, &(0x7f00000000c0)=[{&(0x7f00000001c0)="3900000013000318680907070000000f0000ff3f04000000170a001700000000040037000d00030001332564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x10) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1}, 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r3 = inotify_init1(0x0) fcntl$setown(r3, 0x8, 0xffffffffffffffff) fcntl$getownex(r3, 0x10, &(0x7f0000000140)={0x0, 0x0}) r5 = syz_open_procfs(r4, &(0x7f0000000040)='fd/4\x00') ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r5, 0x40086610, &(0x7f0000000180)={@id={0x2, 0x300, @b}}) 680.39331ms ago: executing program 1 (id=1640): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xc, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000180000095000000000000009f"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@kprobe_multi=@addrs={0x0, 0x2, 0x0, &(0x7f0000000280)=[0x348c772a, 0xc04b], 0x1ff}}, 0x40) 586.438073ms ago: executing program 3 (id=1641): ioperm(0x0, 0x1, 0x5) sched_getscheduler(0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) readlink(&(0x7f00000001c0)='./file0\x00', &(0x7f0000004040)=""/4092, 0xffc) 481.495112ms ago: executing program 1 (id=1642): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x2, 0x3, 0x201, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000580), 0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xc}, 0x48) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0xc0096616, 0x0) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0x41}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) recvmmsg(r1, &(0x7f000000e700)=[{{&(0x7f00000024c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, 0x80, &(0x7f00000036c0)=[{&(0x7f0000002540)=""/82, 0x52}, {&(0x7f00000025c0)=""/53, 0x35}, {&(0x7f0000002600)=""/4096, 0x1000}, {&(0x7f0000003600)=""/130, 0x82}], 0x4, &(0x7f0000003700)=""/61, 0x3d}, 0x1}, {{0x0, 0x0, &(0x7f0000005d00)=[{&(0x7f0000003740)=""/181, 0xb5}, {&(0x7f0000003800)=""/163, 0xa3}, {&(0x7f00000038c0)=""/193, 0xc1}, {&(0x7f0000003ac0)=""/47, 0x2f}, {&(0x7f0000003b00)=""/246, 0xf6}, {&(0x7f0000003c00)=""/4096, 0x1000}, {&(0x7f0000004c00)=""/4096, 0x1000}, {&(0x7f0000005c00)=""/233, 0xe9}], 0x8, &(0x7f0000005dc0)=""/77, 0x4d}, 0x9}, {{&(0x7f0000005e40)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000007240)=[{&(0x7f0000005ec0)=""/143, 0x8f}, {&(0x7f0000005f80)=""/143, 0x8f}, {&(0x7f0000006040)=""/84, 0x54}, {&(0x7f0000006240)=""/4096, 0x1000}, {&(0x7f00000060c0)=""/134, 0x86}], 0x5}, 0x5}, {{&(0x7f00000072c0)=@vsock, 0x80, &(0x7f0000008440)=[{&(0x7f0000007340)=""/179, 0xb3}, {&(0x7f0000007400)=""/4096, 0x1000}, {&(0x7f0000008500)=""/130, 0x82}], 0x3, &(0x7f0000008680)=""/211, 0xd3}, 0x3b5f}, {{&(0x7f000000ce80)=@llc, 0x80, &(0x7f000000d040)=[{&(0x7f000000cf00)=""/24, 0x18}, {&(0x7f000000cf40)=""/235, 0xeb}], 0x2}}, {{&(0x7f000000d080)=@nl, 0x80, &(0x7f000000d200)=[{&(0x7f000000d100)=""/26, 0x1a}, {&(0x7f000000d140)=""/8, 0x8}, {&(0x7f000000d180)=""/37, 0x25}, {&(0x7f000000d1c0)}], 0x4, &(0x7f000000d240)=""/7, 0x7}}, {{&(0x7f000000d280)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x80, &(0x7f000000e680)=[{&(0x7f000000d300)=""/136, 0x88}, {&(0x7f000000d3c0)=""/169, 0xa9}, {&(0x7f000000d480)=""/204, 0xcc}, {&(0x7f000000d580)=""/76, 0x4c}, {&(0x7f000000d600)=""/4096, 0x1000}, {&(0x7f000000e600)=""/93, 0x5d}], 0x6}, 0x8}], 0x7, 0x40000100, &(0x7f000000e980)) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000080)='./file1\x00') r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r5, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0xc, 0xfeff, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xfeff}) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)) r6 = open(&(0x7f0000000240)='./bus\x00', 0x10d27e, 0x0) fallocate(r6, 0x0, 0x0, 0x7fff) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0x4d, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_percpu\x00', 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000004000000000000000000850000000700000018110000", @ANYRESOCT=r2], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000001080)={0x0, 0x0, 0x0, {0x0, 0x1}, {0x4f, 0x2}}) r8 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01) write$char_usb(r8, 0x0, 0x0) ioctl$EVIOCGKEY(r8, 0x80404518, &(0x7f0000000100)=""/71) socket$netlink(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='ext4_evict_inode\x00', r7}, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) 481.153281ms ago: executing program 3 (id=1643): capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000000)) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0x19, 0x0, 0x0}) r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000200)={0x15, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r3, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r1, 0x0, 0xffffffffffffffff, 0x1}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r5, 0x26, &(0x7f0000000380)={0x1}) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r6, 0x7, &(0x7f00000006c0)) fcntl$lock(r5, 0x25, &(0x7f00000000c0)={0x0, 0x0, 0x1}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f00000004c0)={0x48, 0x7, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23b3b6}) r7 = dup3(r0, 0xffffffffffffffff, 0x0) r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r8, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_UNMAP$ALL(r7, 0x3b86, &(0x7f0000000240)={0x18, r9}) 290.933848ms ago: executing program 2 (id=1644): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDENABIO(r0, 0x4b36) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) getresgid(&(0x7f0000000040), &(0x7f0000000180)=0x0, &(0x7f00000016c0)) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYBLOB=',group_id=', @ANYRESDEC=r2]) creat(0x0, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00005f5000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000300)={0x2, 0x0, 0x0, 0x0, 0x19, 0x0, 0x0, 0x25dfdbff, [@sadb_ident={0x2, 0xb, 0xfa68, 0x0, 0x401}, @sadb_address={0x5, 0x0, 0x2b, 0x80, 0x0, @in6}, @sadb_x_sec_ctx={0x10, 0x18, 0x0, 0x9, 0x77, "11910225459e28c75b9b23bd6675bf249d1dffee5ac465d919cd2cc85c559b0f6f9231e0efe83eb19bb94d0b653fa3e8625a2786c24f8f5840852ecfa9712e0a86d173e29625a67b4c2ab37103ac397fc9389d65b434dc28356acae41dc0b935153ef9cca219a05712eef2d4c56658c49c41cdf3cfd690"}]}, 0xc8}}, 0x0) r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01) openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0) write$char_usb(r3, &(0x7f0000000040)="e2", 0x918) 206.725671ms ago: executing program 3 (id=1645): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}}, 0x0) 0s ago: executing program 3 (id=1646): open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) pipe2$9p(&(0x7f0000000140), 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) openat$iommufd(0xffffffffffffff9c, 0x0, 0x208500, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000400)={r1, @in={{0x2, 0x0, @empty}}, 0x0, 0x9, 0x0, 0x2, 0x414d6714bf78e135}, 0x9c) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d}, 0x90) r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r4}, 0x40) syz_emit_ethernet(0xe80, &(0x7f0000000100)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x4, 0x5}}}}}}}, 0x0) kernel console output (not intermixed with test programs): '. [ 275.400248][ T9510] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1177'. [ 275.417979][ T9510] 0猉功D龌: renamed from gretap0 (while UP) [ 275.428327][ T9510] 0猉功D龌: entered allmulticast mode [ 278.044406][ T39] kauditd_printk_skb: 3 callbacks suppressed [ 278.044423][ T39] audit: type=1326 audit(1721765168.609:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9551 comm="syz.3.1193" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f510dd75f19 code=0x0 [ 278.198776][ T9555] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 278.271533][ T39] audit: type=1326 audit(1721765168.839:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9551 comm="syz.3.1193" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f510dd75f19 code=0x0 [ 278.361492][ T9557] block nbd0: NBD_DISCONNECT [ 278.363781][ T9557] block nbd0: Disconnected due to user request. [ 278.366996][ T9557] block nbd0: shutting down sockets [ 278.392845][ T9559] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1193'. [ 278.417903][ T9559] 0猉功D龌: renamed from 01猉功D龌 (while UP) [ 278.439504][ T9560] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1194'. [ 278.642612][ T39] audit: type=1326 audit(1721765169.229:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9551 comm="syz.3.1193" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f510dd75f19 code=0x0 [ 278.843035][ T9564] tipc: Started in network mode [ 278.848955][ T9564] tipc: Node identity f7, cluster identity 4711 [ 278.852566][ T9564] tipc: Node number set to 247 [ 279.150390][ C2] vkms_vblank_simulate: vblank timer overrun [ 279.242517][ C2] vkms_vblank_simulate: vblank timer overrun [ 279.331542][ C2] vkms_vblank_simulate: vblank timer overrun [ 279.392537][ C2] vkms_vblank_simulate: vblank timer overrun [ 279.650400][ C2] vkms_vblank_simulate: vblank timer overrun [ 279.728356][ T5209] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 279.745129][ T5209] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 279.760358][ T5209] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 279.766199][ T5209] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 279.793733][ T5209] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 279.797319][ T5209] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 280.156846][ C2] vkms_vblank_simulate: vblank timer overrun [ 280.415498][ T9582] chnl_net:caif_netlink_parms(): no params data found [ 280.660865][ C2] vkms_vblank_simulate: vblank timer overrun [ 280.858323][ C2] vkms_vblank_simulate: vblank timer overrun [ 280.892942][ C2] vkms_vblank_simulate: vblank timer overrun [ 280.978322][ C2] vkms_vblank_simulate: vblank timer overrun [ 281.131484][ C2] vkms_vblank_simulate: vblank timer overrun [ 281.616682][ T9602] block nbd3: NBD_DISCONNECT [ 281.617759][ T9582] bridge0: port 1(bridge_slave_0) entered blocking state [ 281.654522][ T9602] block nbd3: Disconnected due to user request. [ 281.670284][ C2] vkms_vblank_simulate: vblank timer overrun [ 281.671510][ T9582] bridge0: port 1(bridge_slave_0) entered disabled state [ 281.671683][ T9582] bridge_slave_0: entered allmulticast mode [ 281.673048][ T9582] bridge_slave_0: entered promiscuous mode [ 281.738330][ C2] vkms_vblank_simulate: vblank timer overrun [ 281.781062][ T9602] block nbd3: shutting down sockets [ 281.786261][ C2] vkms_vblank_simulate: vblank timer overrun [ 281.886350][ C2] vkms_vblank_simulate: vblank timer overrun [ 281.937514][ T5209] Bluetooth: hci0: command tx timeout [ 281.942339][ C2] vkms_vblank_simulate: vblank timer overrun [ 281.986319][ C2] vkms_vblank_simulate: vblank timer overrun [ 282.023742][ T9606] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 282.054329][ T9600] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1204'. [ 282.144628][ T39] audit: type=1326 audit(1721765172.709:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9604 comm="syz.0.1205" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa897975f19 code=0x0 [ 282.273465][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 282.290294][ C2] vkms_vblank_simulate: vblank timer overrun [ 282.374410][ T39] audit: type=1326 audit(1721765172.939:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9604 comm="syz.0.1205" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa897975f19 code=0x0 [ 282.381528][ T39] audit: type=1326 audit(1721765172.969:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9607 comm="syz.3.1206" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f510dd75f19 code=0x0 [ 282.414316][ C2] vkms_vblank_simulate: vblank timer overrun [ 282.434322][ C2] vkms_vblank_simulate: vblank timer overrun [ 282.456878][ T9582] bridge0: port 2(bridge_slave_1) entered blocking state [ 282.471115][ T9582] bridge0: port 2(bridge_slave_1) entered disabled state [ 282.478150][ T9582] bridge_slave_1: entered allmulticast mode [ 282.482847][ T9582] bridge_slave_1: entered promiscuous mode [ 282.499091][ T9610] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 282.582667][ T39] audit: type=1326 audit(1721765173.169:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9607 comm="syz.3.1206" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f510dd75f19 code=0x0 [ 282.669740][ T9609] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1205'. [ 282.688728][ T9609] 0猉功D龌: renamed from 01猉功D龌 (while UP) [ 282.768258][ T39] audit: type=1326 audit(1721765173.349:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9607 comm="syz.3.1206" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f510dd75f19 code=0x0 [ 283.026642][ C2] vkms_vblank_simulate: vblank timer overrun [ 283.041984][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 283.067402][ C2] vkms_vblank_simulate: vblank timer overrun [ 283.175681][ T9582] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 283.199864][ T9611] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1206'. [ 283.209183][ T9611] 1猉功D龌: renamed from 00猉功D龌 (while UP) [ 283.366643][ T39] audit: type=1400 audit(1721765173.919:528): avc: denied { create } for pid=9621 comm="syz.0.1210" name="file4" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 283.402354][ C2] vkms_vblank_simulate: vblank timer overrun [ 283.424607][ T39] audit: type=1400 audit(1721765174.009:529): avc: denied { read write } for pid=9624 comm="syz.3.1212" name="nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 283.433663][ T39] audit: type=1400 audit(1721765174.009:530): avc: denied { open } for pid=9624 comm="syz.3.1212" path="/dev/nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 283.465093][ T39] audit: type=1400 audit(1721765174.009:531): avc: denied { append } for pid=9624 comm="syz.3.1212" name="nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 283.477437][ T39] audit: type=1400 audit(1721765174.009:532): avc: denied { ioctl } for pid=9624 comm="syz.3.1212" path="/dev/nullb0" dev="devtmpfs" ino=691 ioctlcmd=0x127f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 283.512403][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 283.603203][ T9582] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 283.624444][ T9630] macvlan0: entered allmulticast mode [ 283.626647][ T9630] veth1_vlan: entered allmulticast mode [ 283.734404][ C2] vkms_vblank_simulate: vblank timer overrun [ 283.798743][ T5209] Bluetooth: hci3: unexpected event for opcode 0x202a [ 283.945571][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 283.980792][ C2] vkms_vblank_simulate: vblank timer overrun [ 284.006387][ T5209] Bluetooth: hci0: command tx timeout [ 284.013497][ T9582] team0: Port device team_slave_0 added [ 284.044019][ T9582] team0: Port device team_slave_1 added [ 284.114543][ T9641] block nbd1: NBD_DISCONNECT [ 284.116943][ T9641] block nbd1: Disconnected due to user request. [ 284.119875][ T9641] block nbd1: shutting down sockets [ 284.216316][ T9630] warning: `syz.3.1212' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 284.307427][ T9582] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 284.311148][ T9582] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 284.356706][ T9582] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 284.365607][ T9582] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 284.373852][ T9582] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 284.383564][ T39] audit: type=1326 audit(1721765174.949:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9643 comm="syz.0.1215" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa897975f19 code=0x0 [ 284.388906][ T9582] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 284.434018][ T9647] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 284.570220][ T39] audit: type=1326 audit(1721765175.149:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9643 comm="syz.0.1215" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa897975f19 code=0x0 [ 284.739134][ T9582] hsr_slave_0: entered promiscuous mode [ 284.769127][ T9582] hsr_slave_1: entered promiscuous mode [ 284.881640][ T9648] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1215'. [ 284.894536][ T9648] 1猉功D龌: renamed from 00猉功D龌 (while UP) [ 285.208027][ T9654] fuse: Bad value for 'group_id' [ 285.228823][ T9654] fuse: Bad value for 'group_id' [ 285.242889][ T39] audit: type=1400 audit(1721765175.819:535): avc: denied { map } for pid=9653 comm="syz.3.1218" path="socket:[24514]" dev="sockfs" ino=24514 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 285.267694][ T39] audit: type=1400 audit(1721765175.819:536): avc: denied { read } for pid=9653 comm="syz.3.1218" path="socket:[24514]" dev="sockfs" ino=24514 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 285.402266][ T11] bridge_slave_1: left allmulticast mode [ 285.404734][ T11] bridge_slave_1: left promiscuous mode [ 285.432174][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.473958][ T11] bridge_slave_0: left allmulticast mode [ 285.476983][ T11] bridge_slave_0: left promiscuous mode [ 285.479490][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.757540][ T39] audit: type=1326 audit(1721765176.319:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9659 comm="syz.0.1220" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa897975f19 code=0x0 [ 285.846207][ T9661] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 286.104621][ T5209] Bluetooth: hci0: command tx timeout [ 286.718999][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 286.744978][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 286.755025][ T11] bond0 (unregistering): Released all slaves [ 286.825013][ T9674] block nbd1: NBD_DISCONNECT [ 286.827278][ T9674] block nbd1: Disconnected due to user request. [ 286.829925][ T9674] block nbd1: shutting down sockets [ 286.935286][ T9665] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1220'. [ 286.953801][ T9665] 0猉功D龌: renamed from 01猉功D龌 (while UP) [ 287.013818][ T11] tipc: Left network mode [ 287.349496][ T9687] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 287.543909][ T9690] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1226'. [ 287.547294][ T9690] 1猉功D龌: renamed from 00猉功D龌 (while UP) [ 287.801974][ T30] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 287.870048][ T5209] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 287.878417][ T5209] Bluetooth: hci3: Injecting HCI hardware error event [ 287.941513][ T5209] Bluetooth: hci3: hardware error 0x00 [ 288.020754][ T30] usb 6-1: Using ep0 maxpacket: 32 [ 288.025358][ T30] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 288.028664][ T30] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 288.034109][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 288.041271][ T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 288.057402][ T30] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 288.076496][ T30] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 288.122161][ T30] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 288.130421][ T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 288.148668][ T30] usb 6-1: config 0 descriptor?? [ 288.183345][ T5218] Bluetooth: hci0: command tx timeout [ 288.422876][ T30] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 288.589670][ T9699] block nbd3: NBD_DISCONNECT [ 288.592606][ T9699] block nbd3: Disconnected due to user request. [ 288.596609][ T9699] block nbd3: shutting down sockets [ 288.605200][ T9703] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1231'. [ 288.649066][ T56] usb 6-1: USB disconnect, device number 4 [ 288.657406][ T56] usblp0: removed [ 288.926375][ T11] hsr_slave_0: left promiscuous mode [ 288.950382][ T11] hsr_slave_1: left promiscuous mode [ 288.978048][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 288.985259][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 288.990828][ T9706] block nbd3: NBD_DISCONNECT [ 288.992908][ T9706] block nbd3: Disconnected due to user request. [ 288.995538][ T9706] block nbd3: shutting down sockets [ 289.020062][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 289.025447][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 289.222268][ T11] veth1_macvtap: left promiscuous mode [ 289.224898][ T11] veth0_macvtap: left promiscuous mode [ 289.227653][ T11] veth1_vlan: left promiscuous mode [ 289.251157][ T11] veth0_vlan: left promiscuous mode [ 289.523202][ T39] kauditd_printk_skb: 4 callbacks suppressed [ 289.523218][ T39] audit: type=1326 audit(1721765180.109:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9717 comm="syz.1.1237" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x0 [ 289.609045][ T9720] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 289.651039][ T9716] block nbd3: NBD_DISCONNECT [ 289.658785][ T9716] block nbd3: Disconnected due to user request. [ 289.717386][ T9716] block nbd3: shutting down sockets [ 289.765913][ T39] audit: type=1326 audit(1721765180.329:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9717 comm="syz.1.1237" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x0 [ 290.269401][ T5218] Bluetooth: hci0: command tx timeout [ 290.272523][ T5209] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 290.294182][ T39] audit: type=1400 audit(1721765180.839:544): avc: denied { write } for pid=9725 comm="syz.3.1239" name="mice" dev="devtmpfs" ino=860 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 290.335186][ T39] audit: type=1400 audit(1721765180.839:545): avc: denied { ioctl } for pid=9725 comm="syz.3.1239" path="/dev/input/mice" dev="devtmpfs" ino=860 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 291.059034][ T5209] Bluetooth: hci1: unexpected event for opcode 0x202a [ 292.274769][ T9740] block nbd3: NBD_DISCONNECT [ 292.277873][ T9740] block nbd3: Disconnected due to user request. [ 292.282930][ T9740] block nbd3: shutting down sockets [ 292.848490][ T9749] FAULT_INJECTION: forcing a failure. [ 292.848490][ T9749] name failslab, interval 1, probability 0, space 0, times 0 [ 292.860232][ T9749] CPU: 1 UID: 0 PID: 9749 Comm: syz.3.1245 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 [ 292.865156][ T9749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 292.869800][ T9749] Call Trace: [ 292.872040][ T9749] [ 292.873632][ T9749] dump_stack_lvl+0x16c/0x1f0 [ 292.876146][ T9749] should_fail_ex+0x497/0x5b0 [ 292.878434][ T9749] ? fs_reclaim_acquire+0xae/0x160 [ 292.883817][ T9749] should_failslab+0xc2/0x120 [ 292.886352][ T9749] __kmalloc_noprof+0xcb/0x400 [ 292.889326][ T9749] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 292.893774][ T9749] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 292.897588][ T9749] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 292.902590][ T9749] ? ns_capable+0xd7/0x110 [ 292.905789][ T9749] genl_rcv_msg+0x565/0x800 [ 292.909021][ T9749] ? __pfx_genl_rcv_msg+0x10/0x10 [ 292.912801][ T9749] ? __pfx___lock_acquire+0x10/0x10 [ 292.915881][ T9749] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 292.918505][ T9749] ? __pfx_nl80211_new_key+0x10/0x10 [ 292.921462][ T9749] ? __pfx_nl80211_post_doit+0x10/0x10 [ 292.924567][ T9749] netlink_rcv_skb+0x16b/0x440 [ 292.927345][ T9749] ? __pfx_genl_rcv_msg+0x10/0x10 [ 292.930212][ T9749] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 292.933280][ T9749] ? down_read+0xc9/0x330 [ 292.935959][ T9749] ? __pfx_down_read+0x10/0x10 [ 292.938502][ T9749] ? netlink_deliver_tap+0x1ae/0xd90 [ 292.941196][ T9749] genl_rcv+0x28/0x40 [ 292.943276][ T9749] netlink_unicast+0x544/0x830 [ 292.946020][ T9749] ? __pfx_netlink_unicast+0x10/0x10 [ 292.948940][ T9749] netlink_sendmsg+0x8b8/0xd70 [ 292.951468][ T9749] ? __pfx_netlink_sendmsg+0x10/0x10 [ 292.954572][ T9749] ? __import_iovec+0x1fd/0x6e0 [ 292.957555][ T9749] ____sys_sendmsg+0xab5/0xc90 [ 292.960596][ T9749] ? copy_msghdr_from_user+0x10b/0x160 [ 292.963594][ T9749] ? __pfx_____sys_sendmsg+0x10/0x10 [ 292.966901][ T9749] ? find_held_lock+0x2d/0x110 [ 292.969830][ T9749] ? __pfx___lock_acquire+0x10/0x10 [ 292.973008][ T9749] ___sys_sendmsg+0x135/0x1e0 [ 292.975974][ T9749] ? __pfx____sys_sendmsg+0x10/0x10 [ 292.979105][ T9749] ? ksys_write+0x21c/0x260 [ 292.981943][ T9749] ? __fget_light+0x173/0x210 [ 292.984812][ T9749] __sys_sendmsg+0x117/0x1f0 [ 292.987640][ T9749] ? __pfx___sys_sendmsg+0x10/0x10 [ 292.990667][ T9749] do_syscall_64+0xcd/0x250 [ 292.993298][ T9749] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.996572][ T9749] RIP: 0033:0x7f510dd75f19 [ 292.998769][ T9749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 293.010580][ T9749] RSP: 002b:00007f510d7ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 293.015828][ T9749] RAX: ffffffffffffffda RBX: 00007f510df05f60 RCX: 00007f510dd75f19 [ 293.020660][ T9749] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003 [ 293.024872][ T9749] RBP: 00007f510d7ff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 293.029336][ T9749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 293.033448][ T9749] R13: 000000000000000b R14: 00007f510df05f60 R15: 00007ffe86f4afd8 [ 293.038147][ T9749] [ 293.385972][ T11] team0 (unregistering): Port device team_slave_1 removed [ 293.576958][ T9753] block nbd3: NBD_DISCONNECT [ 293.578928][ T9753] block nbd3: Disconnected due to user request. [ 293.581494][ T9753] block nbd3: shutting down sockets [ 293.978693][ T11] team0 (unregistering): Port device team_slave_0 removed [ 295.130908][ T5209] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 295.137047][ T5209] Bluetooth: hci1: Injecting HCI hardware error event [ 295.145828][ T5218] Bluetooth: hci1: hardware error 0x00 [ 295.930133][ T9722] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1237'. [ 295.934772][ T9722] 1猉功D龌: renamed from 00猉功D龌 (while UP) [ 296.358214][ T9762] block nbd0: NBD_DISCONNECT [ 296.360209][ T9762] block nbd0: Disconnected due to user request. [ 296.362754][ T9762] block nbd0: shutting down sockets [ 297.206984][ T9582] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 297.244139][ T39] audit: type=1326 audit(1721765187.809:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9784 comm="syz.3.1258" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f510dd75f19 code=0x0 [ 297.292149][ T5218] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 297.302354][ T9582] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 297.345637][ T9582] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 297.349580][ T9788] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 297.407274][ T9582] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 297.474259][ T39] audit: type=1326 audit(1721765188.059:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9784 comm="syz.3.1258" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f510dd75f19 code=0x0 [ 297.474472][ T9789] block nbd1: NBD_DISCONNECT [ 297.513413][ T9789] block nbd1: Disconnected due to user request. [ 297.554608][ T9789] block nbd1: shutting down sockets [ 297.563318][ T9791] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1258'. [ 297.591321][ T9791] 0猉功D龌: renamed from 01猉功D龌 (while UP) [ 297.876136][ T9582] 8021q: adding VLAN 0 to HW filter on device bond0 [ 297.911533][ T9799] block nbd1: NBD_DISCONNECT [ 297.914964][ T9799] block nbd1: Disconnected due to user request. [ 297.917460][ T9799] block nbd1: shutting down sockets [ 297.933612][ T9582] 8021q: adding VLAN 0 to HW filter on device team0 [ 297.978277][ T5250] bridge0: port 1(bridge_slave_0) entered blocking state [ 297.981466][ T5250] bridge0: port 1(bridge_slave_0) entered forwarding state [ 298.068098][ T5250] bridge0: port 2(bridge_slave_1) entered blocking state [ 298.071268][ T5250] bridge0: port 2(bridge_slave_1) entered forwarding state [ 298.082379][ T39] audit: type=1400 audit(1721765188.639:548): avc: denied { listen } for pid=9795 comm="syz.0.1260" lport=35858 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 298.194009][ T39] audit: type=1400 audit(1721765188.639:549): avc: denied { setopt } for pid=9795 comm="syz.0.1260" lport=35858 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 298.302864][ T39] audit: type=1400 audit(1721765188.639:550): avc: denied { read } for pid=9795 comm="syz.0.1260" lport=35858 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 298.323676][ T9582] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 298.669704][ T9814] capability: warning: `syz.3.1266' uses deprecated v2 capabilities in a way that may be insecure [ 298.921802][ T9582] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 299.021775][ T9582] veth0_vlan: entered promiscuous mode [ 299.118575][ T9582] veth1_vlan: entered promiscuous mode [ 299.210313][ T9582] veth0_macvtap: entered promiscuous mode [ 299.281383][ T9582] veth1_macvtap: entered promiscuous mode [ 299.326114][ T9582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.338067][ T9582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.352104][ T9582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.359249][ T9582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.365448][ T5218] Bluetooth: hci1: Opcode 0x206c failed: -110 [ 299.395550][ T9582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.402058][ T9582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.409510][ T9582] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 299.453947][ T39] audit: type=1326 audit(1721765190.029:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9827 comm="syz.3.1271" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f510dd75f19 code=0x0 [ 299.465160][ T9582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.499491][ T9582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.504145][ T9582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.508749][ T9582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.517706][ T9582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.544173][ T9582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.553794][ T9831] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 299.562354][ T9830] block nbd1: NBD_DISCONNECT [ 299.564611][ T9830] block nbd1: Disconnected due to user request. [ 299.567510][ T9830] block nbd1: shutting down sockets [ 299.582106][ T9582] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 299.604023][ T39] audit: type=1326 audit(1721765190.189:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9827 comm="syz.3.1271" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f510dd75f19 code=0x0 [ 299.625167][ T9582] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.690265][ T9582] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.707260][ T9582] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.720996][ T9582] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.790889][ T9836] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1271'. [ 299.794395][ T9836] 1猉功D龌: renamed from 00猉功D龌 (while UP) [ 300.067629][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 300.076321][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 300.225482][ T8997] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 300.231274][ T8997] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 301.183709][ T39] audit: type=1400 audit(1721765191.759:553): avc: denied { compute_member } for pid=9852 comm="syz.2.1277" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 301.234647][ T39] audit: type=1400 audit(1721765191.759:554): avc: denied { create } for pid=9852 comm="syz.2.1277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1 [ 301.294150][ C1] vkms_vblank_simulate: vblank timer overrun [ 301.412434][ T9854] xt_CT: You must specify a L4 protocol and not use inversions on it [ 301.418147][ C1] vkms_vblank_simulate: vblank timer overrun [ 301.463281][ T5218] Bluetooth: hci1: Opcode 0x2046 failed: -110 [ 301.510768][ C1] vkms_vblank_simulate: vblank timer overrun [ 301.610683][ T9862] block nbd2: NBD_DISCONNECT [ 301.613914][ T9862] block nbd2: Disconnected due to user request. [ 301.686225][ T9862] block nbd2: shutting down sockets [ 301.697734][ C1] vkms_vblank_simulate: vblank timer overrun [ 301.812059][ C1] vkms_vblank_simulate: vblank timer overrun [ 302.129929][ T9868] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 302.147758][ T9870] netlink: 'syz.1.1282': attribute type 4 has an invalid length. [ 302.244882][ T9872] netlink: 'syz.1.1282': attribute type 4 has an invalid length. [ 302.259417][ T39] audit: type=1326 audit(1721765192.819:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9863 comm="syz.2.1281" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f306e575f19 code=0x0 [ 302.262012][ C1] vkms_vblank_simulate: vblank timer overrun [ 302.292699][ T9870] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1282'. [ 302.434098][ C1] vkms_vblank_simulate: vblank timer overrun [ 302.445945][ T9868] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1281'. [ 302.460722][ T39] audit: type=1326 audit(1721765193.039:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9863 comm="syz.2.1281" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f306e575f19 code=0x0 [ 302.507097][ C1] vkms_vblank_simulate: vblank timer overrun [ 302.521228][ T9868] 0猉功D龌: renamed from gretap0 (while UP) [ 302.531208][ T9868] 0猉功D龌: entered allmulticast mode [ 302.546054][ C1] vkms_vblank_simulate: vblank timer overrun [ 302.680907][ C1] vkms_vblank_simulate: vblank timer overrun [ 302.938871][ C1] vkms_vblank_simulate: vblank timer overrun [ 302.978115][ C1] vkms_vblank_simulate: vblank timer overrun [ 303.170228][ C1] vkms_vblank_simulate: vblank timer overrun [ 303.234086][ C1] vkms_vblank_simulate: vblank timer overrun [ 303.307594][ T39] audit: type=1400 audit(1721765193.869:557): avc: denied { read } for pid=9880 comm="syz.1.1286" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 303.342137][ T39] audit: type=1400 audit(1721765193.869:558): avc: denied { open } for pid=9880 comm="syz.1.1286" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 303.417064][ T39] audit: type=1400 audit(1721765193.909:559): avc: denied { ioctl } for pid=9880 comm="syz.1.1286" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x9379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 303.425819][ T9886] IPVS: set_ctl: invalid protocol: 98 224.0.0.1:0 [ 303.454077][ C1] vkms_vblank_simulate: vblank timer overrun [ 303.502776][ C1] vkms_vblank_simulate: vblank timer overrun [ 303.522197][ T39] audit: type=1400 audit(1721765194.039:560): avc: denied { write } for pid=4679 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 303.549907][ T39] audit: type=1400 audit(1721765194.039:561): avc: denied { remove_name } for pid=4679 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 303.581113][ T39] audit: type=1400 audit(1721765194.039:562): avc: denied { add_name } for pid=4679 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 303.610779][ T39] audit: type=1400 audit(1721765194.129:563): avc: denied { accept } for pid=9880 comm="syz.1.1286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 303.626114][ C1] vkms_vblank_simulate: vblank timer overrun [ 303.644669][ C1] vkms_vblank_simulate: vblank timer overrun [ 303.817553][ C1] vkms_vblank_simulate: vblank timer overrun [ 303.892385][ T9893] block nbd1: NBD_DISCONNECT [ 303.898286][ T9893] block nbd1: Disconnected due to user request. [ 303.910631][ T9893] block nbd1: shutting down sockets [ 303.969579][ T9894] block nbd3: NBD_DISCONNECT [ 303.975800][ T9894] block nbd3: Disconnected due to user request. [ 303.996221][ T9894] block nbd3: shutting down sockets [ 304.211774][ T39] audit: type=1326 audit(1721765194.789:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.3.1292" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f510dd75f19 code=0x0 [ 304.246619][ T9899] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1291'. [ 304.265093][ T9902] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 304.409114][ T9904] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1292'. [ 304.413005][ T9904] 0猉功D龌: renamed from 01猉功D龌 (while UP) [ 304.691116][ T9907] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 304.825839][ T9908] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1293'. [ 304.829522][ T9908] 0猉功D龌: renamed from 01猉功D龌 (while UP) [ 305.181999][ C1] vkms_vblank_simulate: vblank timer overrun [ 305.514855][ C1] vkms_vblank_simulate: vblank timer overrun [ 305.722568][ T9914] block nbd3: NBD_DISCONNECT [ 305.729555][ T9914] block nbd3: Disconnected due to user request. [ 305.732277][ T9914] block nbd3: shutting down sockets [ 305.891722][ T9923] FAULT_INJECTION: forcing a failure. [ 305.891722][ T9923] name failslab, interval 1, probability 0, space 0, times 0 [ 305.913552][ T9923] CPU: 3 UID: 0 PID: 9923 Comm: syz.3.1298 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 [ 305.938236][ T9923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 305.943353][ T9923] Call Trace: [ 305.944769][ T9923] [ 305.946023][ T9923] dump_stack_lvl+0x16c/0x1f0 [ 305.947703][ T9923] should_fail_ex+0x497/0x5b0 [ 305.949331][ T9923] ? fs_reclaim_acquire+0xae/0x160 [ 305.951611][ T9923] should_failslab+0xc2/0x120 [ 305.953771][ T9923] kmem_cache_alloc_node_noprof+0x71/0x310 [ 305.963212][ T9923] ? __alloc_skb+0x2b1/0x380 [ 305.965183][ T9923] __alloc_skb+0x2b1/0x380 [ 305.967329][ T9923] ? __pfx___alloc_skb+0x10/0x10 [ 305.974493][ T9923] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 305.988226][ T9923] netlink_alloc_large_skb+0x69/0x130 [ 305.990362][ T9923] netlink_sendmsg+0x689/0xd70 [ 305.997343][ T9923] ? __pfx_netlink_sendmsg+0x10/0x10 [ 306.000622][ T9923] ? __import_iovec+0x1fd/0x6e0 [ 306.003664][ T9923] ____sys_sendmsg+0xab5/0xc90 [ 306.020080][ T9923] ? copy_msghdr_from_user+0x10b/0x160 [ 306.023506][ T9923] ? __pfx_____sys_sendmsg+0x10/0x10 [ 306.026465][ T9923] ? find_held_lock+0x2d/0x110 [ 306.029660][ T9923] ? __pfx___lock_acquire+0x10/0x10 [ 306.033185][ T9923] ___sys_sendmsg+0x135/0x1e0 [ 306.041528][ T9923] ? __pfx____sys_sendmsg+0x10/0x10 [ 306.044105][ T9923] ? ksys_write+0x21c/0x260 [ 306.046183][ T9923] ? __fget_light+0x173/0x210 [ 306.062378][ C1] vkms_vblank_simulate: vblank timer overrun [ 306.065308][ T9923] __sys_sendmsg+0x117/0x1f0 [ 306.114844][ T9923] ? __pfx___sys_sendmsg+0x10/0x10 [ 306.116826][ T9923] do_syscall_64+0xcd/0x250 [ 306.118715][ T9923] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.121307][ T9923] RIP: 0033:0x7f510dd75f19 [ 306.130207][ C1] vkms_vblank_simulate: vblank timer overrun [ 306.147199][ T9923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 306.147225][ T9923] RSP: 002b:00007f510d7ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 306.147242][ T9923] RAX: ffffffffffffffda RBX: 00007f510df05f60 RCX: 00007f510dd75f19 [ 306.147253][ T9923] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003 [ 306.147264][ T9923] RBP: 00007f510d7ff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 306.147275][ T9923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 306.147285][ T9923] R13: 000000000000000b R14: 00007f510df05f60 R15: 00007ffe86f4afd8 [ 306.147299][ T9923] [ 306.244054][ C1] vkms_vblank_simulate: vblank timer overrun [ 306.323071][ T9931] block nbd0: NBD_DISCONNECT [ 306.346314][ T9931] block nbd0: Disconnected due to user request. [ 306.355285][ T9931] block nbd0: shutting down sockets [ 306.454032][ C1] vkms_vblank_simulate: vblank timer overrun [ 306.697498][ T9940] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 306.798314][ C1] vkms_vblank_simulate: vblank timer overrun [ 306.830008][ C1] vkms_vblank_simulate: vblank timer overrun [ 306.860765][ C1] vkms_vblank_simulate: vblank timer overrun [ 306.893244][ T9942] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1302'. [ 306.907112][ T9942] 0猉功D龌: renamed from 01猉功D龌 (while UP) [ 307.316622][ C1] vkms_vblank_simulate: vblank timer overrun [ 307.622691][ T9959] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 307.630050][ C1] vkms_vblank_simulate: vblank timer overrun [ 307.648714][ T39] kauditd_printk_skb: 5 callbacks suppressed [ 307.648727][ T39] audit: type=1326 audit(1721765198.239:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9954 comm="syz.1.1307" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x0 [ 307.649018][ T9951] block nbd0: NBD_DISCONNECT [ 307.712733][ T9951] block nbd0: Disconnected due to user request. [ 307.751742][ T9951] block nbd0: shutting down sockets [ 307.781988][ T39] audit: type=1326 audit(1721765198.369:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9954 comm="syz.1.1307" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x0 [ 307.855789][ T9959] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1307'. [ 307.863697][ T9959] 1猉功D龌: renamed from 00猉功D龌 (while UP) [ 308.101431][ T9971] block nbd0: NBD_DISCONNECT [ 308.103218][ T9971] block nbd0: Disconnected due to user request. [ 308.105648][ T9971] block nbd0: shutting down sockets [ 308.200408][ T9972] block nbd3: NBD_DISCONNECT [ 308.202470][ T9972] block nbd3: Disconnected due to user request. [ 308.205688][ T9972] block nbd3: shutting down sockets [ 308.611131][ T9975] syzkaller0: entered promiscuous mode [ 308.642579][ T9975] syzkaller0: entered allmulticast mode [ 308.679858][ T39] audit: type=1326 audit(1721765199.259:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9985 comm="syz.1.1314" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x0 [ 308.793786][ T9988] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 308.923811][ T39] audit: type=1326 audit(1721765199.489:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9985 comm="syz.1.1314" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x0 [ 308.968301][ T9989] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1314'. [ 308.973521][ T9989] 0猉功D龌: renamed from 01猉功D龌 (while UP) [ 309.218037][ C1] vkms_vblank_simulate: vblank timer overrun [ 309.446025][ C1] vkms_vblank_simulate: vblank timer overrun [ 309.561841][ C1] vkms_vblank_simulate: vblank timer overrun [ 309.706055][ C1] vkms_vblank_simulate: vblank timer overrun [ 309.778034][ C1] vkms_vblank_simulate: vblank timer overrun [ 309.833290][ C1] vkms_vblank_simulate: vblank timer overrun [ 310.009999][ C1] vkms_vblank_simulate: vblank timer overrun [ 310.091744][ C1] vkms_vblank_simulate: vblank timer overrun [ 310.130792][ C1] vkms_vblank_simulate: vblank timer overrun [ 310.489792][T10009] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1317'. [ 310.581783][ C1] vkms_vblank_simulate: vblank timer overrun [ 311.682002][ C1] vkms_vblank_simulate: vblank timer overrun [ 311.836251][ C1] vkms_vblank_simulate: vblank timer overrun [ 314.674784][ T5209] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 314.681212][ T5209] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 314.748470][ T5209] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 314.754618][ T5209] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 314.759273][ T5209] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 314.772805][ T5209] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 316.289411][T10005] netlink: 'syz.1.1317': attribute type 4 has an invalid length. [ 316.353340][T10006] netlink: 'syz.1.1317': attribute type 4 has an invalid length. [ 316.623890][T10024] Bluetooth: MGMT ver 1.23 [ 316.661391][T10024] FAULT_INJECTION: forcing a failure. [ 316.661391][T10024] name failslab, interval 1, probability 0, space 0, times 0 [ 316.710084][T10024] CPU: 3 UID: 0 PID: 10024 Comm: syz.0.1323 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 [ 316.718699][T10024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 316.727271][T10028] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 316.739804][T10024] Call Trace: [ 316.739860][T10024] [ 316.739869][T10024] dump_stack_lvl+0x16c/0x1f0 [ 316.739893][T10024] should_fail_ex+0x497/0x5b0 [ 316.739913][T10024] ? fs_reclaim_acquire+0xae/0x160 [ 316.739929][T10024] should_failslab+0xc2/0x120 [ 316.739948][T10024] __kmalloc_noprof+0xcb/0x400 [ 316.739966][T10024] get_connections+0x1bd/0x610 [ 316.739983][T10024] ? do_init_timer+0xc9/0x110 [ 316.739999][T10024] ? __pfx_mgmt_init_hdev+0x10/0x10 [ 316.740014][T10024] hci_sock_sendmsg+0x1528/0x25e0 [ 316.740040][T10024] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 316.740066][T10024] sock_write_iter+0x50a/0x5c0 [ 316.740091][T10024] ? __pfx_sock_write_iter+0x10/0x10 [ 316.740115][T10024] ? security_file_permission+0x98/0xc0 [ 316.740139][T10024] vfs_write+0x6b6/0x1140 [ 316.740155][T10024] ? __pfx_sock_write_iter+0x10/0x10 [ 316.740178][T10024] ? __pfx_vfs_write+0x10/0x10 [ 316.740195][T10024] ? __fget_files+0x256/0x400 [ 316.740220][T10024] ? __fget_light+0x173/0x210 [ 316.784712][T10020] block nbd3: NBD_DISCONNECT [ 316.798396][T10024] ksys_write+0x1f8/0x260 [ 316.798436][T10024] ? __pfx_ksys_write+0x10/0x10 [ 316.798452][T10024] do_syscall_64+0xcd/0x250 [ 316.798475][T10024] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.798497][T10024] RIP: 0033:0x7fa897975f19 [ 316.798510][T10024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 316.798526][T10024] RSP: 002b:00007fa89866c048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 316.798545][T10024] RAX: ffffffffffffffda RBX: 00007fa897b05f60 RCX: 00007fa897975f19 [ 316.798557][T10024] RDX: 0000000000000006 RSI: 0000000020000000 RDI: 0000000000000004 [ 316.798568][T10024] RBP: 00007fa89866c0a0 R08: 0000000000000000 R09: 0000000000000000 [ 316.798578][T10024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 316.798588][T10024] R13: 000000000000000b R14: 00007fa897b05f60 R15: 00007fffd9bd30a8 [ 316.798601][T10024] [ 316.848067][T10017] chnl_net:caif_netlink_parms(): no params data found [ 316.870876][T10020] block nbd3: Disconnected due to user request. [ 316.923529][ T5209] Bluetooth: hci4: command tx timeout [ 316.938707][T10020] block nbd3: shutting down sockets [ 316.981270][ T39] audit: type=1326 audit(1721765207.549:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10025 comm="syz.1.1324" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x0 [ 317.045871][ T39] audit: type=1326 audit(1721765207.629:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10025 comm="syz.1.1324" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x0 [ 317.413890][T10017] bridge0: port 1(bridge_slave_0) entered blocking state [ 317.418639][T10017] bridge0: port 1(bridge_slave_0) entered disabled state [ 317.423833][T10017] bridge_slave_0: entered allmulticast mode [ 317.441661][T10017] bridge_slave_0: entered promiscuous mode [ 317.449922][T10017] bridge0: port 2(bridge_slave_1) entered blocking state [ 317.466827][T10017] bridge0: port 2(bridge_slave_1) entered disabled state [ 317.474845][ T39] audit: type=1800 audit(1721765208.029:576): pid=10046 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.1328" name="SYSV00000000" dev="hugetlbfs" ino=5 res=0 errno=0 [ 317.476119][T10017] bridge_slave_1: entered allmulticast mode [ 317.520007][ T39] audit: type=1400 audit(1721765208.059:577): avc: denied { getopt } for pid=10045 comm="syz.3.1328" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 317.570960][T10046] 9pnet_fd: Insufficient options for proto=fd [ 317.595517][T10017] bridge_slave_1: entered promiscuous mode [ 317.626338][T10028] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1324'. [ 317.649152][T10028] 1猉功D龌: renamed from 00猉功D龌 (while UP) [ 317.896519][T10017] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 317.945419][T10017] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 318.248319][T10017] team0: Port device team_slave_0 added [ 318.255995][T10017] team0: Port device team_slave_1 added [ 318.585922][ C2] vkms_vblank_simulate: vblank timer overrun [ 318.645954][ C2] vkms_vblank_simulate: vblank timer overrun [ 318.734165][T10017] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 318.746839][T10017] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 318.778461][T10017] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 318.821916][ C2] vkms_vblank_simulate: vblank timer overrun [ 318.873954][ C2] vkms_vblank_simulate: vblank timer overrun [ 318.913954][ C2] vkms_vblank_simulate: vblank timer overrun [ 318.980689][ T5218] Bluetooth: hci4: command tx timeout [ 319.009901][T10017] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 319.012779][T10017] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 319.038974][T10017] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 319.063806][T10064] block nbd1: NBD_DISCONNECT [ 319.078528][T10064] block nbd1: Disconnected due to user request. [ 319.081520][T10064] block nbd1: shutting down sockets [ 319.297157][T10072] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1336'. [ 319.464718][T10076] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 319.515487][T10078] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 319.573391][ T39] audit: type=1326 audit(1721765210.159:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10075 comm="syz.1.1337" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x0 [ 319.610110][ C2] vkms_vblank_simulate: vblank timer overrun [ 319.636456][ C2] vkms_vblank_simulate: vblank timer overrun [ 319.673907][ C2] vkms_vblank_simulate: vblank timer overrun [ 319.720132][T10072] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1336'. [ 319.724927][T10072] 0猉功D: renamed from 00猉功D龌 (while UP) [ 319.799950][T10072] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 319.878027][ T39] audit: type=1326 audit(1721765210.439:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10075 comm="syz.1.1337" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x0 [ 319.912660][T10017] hsr_slave_0: entered promiscuous mode [ 319.961269][T10017] hsr_slave_1: entered promiscuous mode [ 319.985918][ C2] vkms_vblank_simulate: vblank timer overrun [ 320.030480][T10017] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 320.035236][T10017] Cannot create hsr debugfs directory [ 320.047432][T10080] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1337'. [ 320.063298][T10080] 0猉功D龌: renamed from 01猉功D龌 (while UP) [ 320.131579][T10086] block nbd3: NBD_DISCONNECT [ 320.151639][ C2] vkms_vblank_simulate: vblank timer overrun [ 320.726713][T10099] block nbd1: NBD_DISCONNECT [ 320.729073][T10099] block nbd1: Disconnected due to user request. [ 320.732090][T10099] block nbd1: shutting down sockets [ 320.959339][T10017] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.040746][ T5209] Bluetooth: hci4: command tx timeout [ 321.287905][T10017] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.711458][T10017] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.754277][ C2] vkms_vblank_simulate: vblank timer overrun [ 321.872706][T10115] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1348'. [ 321.879236][T10116] FAULT_INJECTION: forcing a failure. [ 321.879236][T10116] name failslab, interval 1, probability 0, space 0, times 0 [ 321.891684][T10113] block nbd0: NBD_DISCONNECT [ 321.895581][T10115] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1348'. [ 321.895675][T10115] 1猉功D: renamed from 30猉功D (while UP) [ 321.899127][T10116] CPU: 0 UID: 0 PID: 10116 Comm: syz.1.1347 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 [ 321.899167][T10116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 321.899176][T10116] Call Trace: [ 321.899182][T10116] [ 321.899188][T10116] dump_stack_lvl+0x16c/0x1f0 [ 321.899208][T10116] should_fail_ex+0x497/0x5b0 [ 321.899226][T10116] ? fs_reclaim_acquire+0xae/0x160 [ 321.899240][T10116] should_failslab+0xc2/0x120 [ 321.899257][T10116] __kmalloc_noprof+0xcb/0x400 [ 321.899273][T10116] ? __pfx_lock_acquire+0x10/0x10 [ 321.899290][T10116] tomoyo_realpath_from_path+0xb9/0x720 [ 321.899309][T10116] ? tomoyo_profile+0x47/0x60 [ 321.899327][T10116] tomoyo_path_number_perm+0x245/0x590 [ 321.899342][T10116] ? tomoyo_path_number_perm+0x232/0x590 [ 321.899358][T10116] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 321.899377][T10116] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 321.899396][T10116] ? __fget_files+0x256/0x400 [ 321.899416][T10116] security_file_ioctl+0x75/0xc0 [ 321.899434][T10116] __x64_sys_ioctl+0xbb/0x220 [ 321.899452][T10116] do_syscall_64+0xcd/0x250 [ 321.899470][T10116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.899487][T10116] RIP: 0033:0x7fcbc0975f19 [ 321.899497][T10116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 321.899511][T10116] RSP: 002b:00007fcbc1665048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 321.899525][T10116] RAX: ffffffffffffffda RBX: 00007fcbc0b06038 RCX: 00007fcbc0975f19 [ 321.899535][T10116] RDX: 0000000000000000 RSI: 0000000000005201 RDI: 0000000000000005 [ 321.899543][T10116] RBP: 00007fcbc16650a0 R08: 0000000000000000 R09: 0000000000000000 [ 321.899552][T10116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 321.899561][T10116] R13: 000000000000006e R14: 00007fcbc0b06038 R15: 00007ffc6247c6c8 [ 321.899571][T10116] [ 321.899578][T10116] ERROR: Out of memory at tomoyo_realpath_from_path. [ 321.937891][ C2] vkms_vblank_simulate: vblank timer overrun [ 321.984530][ C2] vkms_vblank_simulate: vblank timer overrun [ 321.990883][T10117] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 321.994508][T10115] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 322.321921][ T39] audit: type=1400 audit(1721765212.899:580): avc: denied { map } for pid=10119 comm="syz.0.1350" path="socket:[25365]" dev="sockfs" ino=25365 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 322.346825][T10017] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.523002][ T39] audit: type=1400 audit(1721765213.109:581): avc: denied { read } for pid=10119 comm="syz.0.1350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 322.911289][ T1359] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.915740][ T1359] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.943331][T10017] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 322.974363][T10017] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 323.071961][T10017] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 323.122414][T10017] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 323.148309][ T5209] Bluetooth: hci4: command tx timeout [ 323.371263][ C2] vkms_vblank_simulate: vblank timer overrun [ 323.402347][ C2] vkms_vblank_simulate: vblank timer overrun [ 323.471511][T10136] block nbd0: NBD_DISCONNECT [ 323.484170][T10136] block nbd0: Disconnected due to user request. [ 323.488633][T10017] 8021q: adding VLAN 0 to HW filter on device bond0 [ 323.494623][T10136] block nbd0: shutting down sockets [ 323.624946][T10017] 8021q: adding VLAN 0 to HW filter on device team0 [ 323.645988][ T823] bridge0: port 1(bridge_slave_0) entered blocking state [ 323.648921][ T823] bridge0: port 1(bridge_slave_0) entered forwarding state [ 323.722089][ T823] bridge0: port 2(bridge_slave_1) entered blocking state [ 323.747817][ T823] bridge0: port 2(bridge_slave_1) entered forwarding state [ 323.801977][ C2] vkms_vblank_simulate: vblank timer overrun [ 323.947893][T10017] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 323.977160][T10141] overlay: ./file0 is not a directory [ 324.401840][ C2] vkms_vblank_simulate: vblank timer overrun [ 324.433836][ C2] vkms_vblank_simulate: vblank timer overrun [ 324.554652][T10017] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 324.617837][ C2] vkms_vblank_simulate: vblank timer overrun [ 324.685014][T10017] veth0_vlan: entered promiscuous mode [ 324.716623][T10017] veth1_vlan: entered promiscuous mode [ 324.778916][T10017] veth0_macvtap: entered promiscuous mode [ 324.801434][T10017] veth1_macvtap: entered promiscuous mode [ 324.845382][T10017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 324.866986][T10017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.871796][T10017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 324.893116][T10017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.897893][T10017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 324.902947][T10017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.906824][T10017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 324.927668][T10017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.952789][T10017] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 324.971665][T10017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 324.985587][T10017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.012171][T10017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.043902][T10017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.048594][T10017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.058979][T10017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.078683][T10160] block nbd3: NBD_DISCONNECT [ 325.093075][T10017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.103728][T10017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.149863][ C2] vkms_vblank_simulate: vblank timer overrun [ 325.151540][T10017] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 325.183005][T10017] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.195937][T10017] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.214391][ T5209] Bluetooth: hci4: command tx timeout [ 325.232631][T10017] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.249491][T10017] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.339094][ C2] vkms_vblank_simulate: vblank timer overrun [ 325.508490][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 325.513198][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 325.595887][ T35] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 325.609410][ T8978] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 325.636679][T10169] block nbd1: NBD_DISCONNECT [ 325.639746][T10169] block nbd1: Disconnected due to user request. [ 325.640314][ T8978] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 325.652789][T10169] block nbd1: shutting down sockets [ 325.824622][T10171] x_tables: duplicate underflow at hook 1 [ 325.873521][ T35] usb 8-1: Using ep0 maxpacket: 16 [ 325.881812][ T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 325.899677][ T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 325.908589][ T35] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 325.934741][ T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.966454][ T39] audit: type=1400 audit(1721765216.549:582): avc: denied { setopt } for pid=10170 comm="syz.2.1321" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 325.995037][ T39] audit: type=1326 audit(1721765216.549:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10170 comm="syz.2.1321" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc19b775f19 code=0x0 [ 326.023097][ T35] usb 8-1: config 0 descriptor?? [ 326.210661][ C3] hrtimer: interrupt took 7294933 ns [ 326.311577][ T103] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 326.487733][ T39] audit: type=1400 audit(1721765217.069:584): avc: denied { lock } for pid=10166 comm="syz.3.1361" path="socket:[25580]" dev="sockfs" ino=25580 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 326.520862][ T103] usb 7-1: Using ep0 maxpacket: 16 [ 326.527665][ T35] savu 0003:1E7D:2D5A.0006: item fetching failed at offset 2/5 [ 326.534073][ T103] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 326.566673][ T103] usb 7-1: config 0 has no interfaces? [ 326.572587][ T103] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 326.579390][ T103] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.587292][ T35] savu 0003:1E7D:2D5A.0006: parse failed [ 326.589624][ T35] savu 0003:1E7D:2D5A.0006: probe with driver savu failed with error -22 [ 326.624189][ T103] usb 7-1: config 0 descriptor?? [ 326.804339][ T35] usb 8-1: USB disconnect, device number 2 [ 328.041863][ T35] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 328.243129][ T35] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 328.247668][ T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 328.266310][ T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 328.271084][ T35] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 328.285024][ T35] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 328.293958][ T35] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 328.305026][ T35] usb 6-1: Manufacturer: syz [ 328.316323][ T35] usb 6-1: config 0 descriptor?? [ 328.771647][ T35] appleir 0003:05AC:8243.0007: unknown main item tag 0x0 [ 328.782829][ T35] appleir 0003:05AC:8243.0007: No inputs registered, leaving [ 328.807169][ T35] appleir 0003:05AC:8243.0007: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 328.862938][ T30] usb 7-1: USB disconnect, device number 2 [ 329.040050][T10198] block nbd2: NBD_DISCONNECT [ 329.449830][T10203] block nbd2: NBD_DISCONNECT [ 329.456234][T10203] block nbd2: Disconnected due to user request. [ 329.464353][T10203] block nbd2: shutting down sockets [ 329.558830][T10207] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1372'. [ 329.593157][T10207] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1372'. [ 329.620395][T10207] Bluetooth: MGMT ver 1.23 [ 330.150324][ T30] usb 6-1: reset high-speed USB device number 5 using dummy_hcd [ 330.785923][ C1] vkms_vblank_simulate: vblank timer overrun [ 331.237861][T10235] block nbd3: NBD_DISCONNECT [ 331.239996][T10235] block nbd3: Disconnected due to user request. [ 331.243838][T10235] block nbd3: shutting down sockets [ 331.300736][T10234] block nbd1: NBD_DISCONNECT [ 331.673847][ C1] vkms_vblank_simulate: vblank timer overrun [ 331.735703][ C1] vkms_vblank_simulate: vblank timer overrun [ 331.948525][ T30] usb 6-1: device descriptor read/64, error -71 [ 332.153041][T10247] fuse: Bad value for 'fd' [ 332.196242][ T39] audit: type=1400 audit(1721765222.749:585): avc: denied { map } for pid=10246 comm="syz.3.1387" path="socket:[28758]" dev="sockfs" ino=28758 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 332.255928][ T30] usb 6-1: reset high-speed USB device number 5 using dummy_hcd [ 332.446224][ T30] usb 6-1: device descriptor read/64, error -71 [ 332.651277][ C1] vkms_vblank_simulate: vblank timer overrun [ 332.737935][T10258] block nbd3: NBD_DISCONNECT [ 332.746097][ T30] usb 6-1: reset high-speed USB device number 5 using dummy_hcd [ 332.757977][T10258] block nbd3: Disconnected due to user request. [ 332.757996][T10258] block nbd3: shutting down sockets [ 332.787230][ C1] vkms_vblank_simulate: vblank timer overrun [ 332.831925][ T30] usb 6-1: device descriptor read/8, error -71 [ 332.871606][T10261] block nbd3: NBD_DISCONNECT [ 333.024254][ C1] vkms_vblank_simulate: vblank timer overrun [ 333.100694][T10264] FAULT_INJECTION: forcing a failure. [ 333.100694][T10264] name failslab, interval 1, probability 0, space 0, times 0 [ 333.110038][T10264] CPU: 3 UID: 0 PID: 10264 Comm: syz.3.1393 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 [ 333.115636][T10264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 333.121957][T10264] Call Trace: [ 333.123572][T10264] [ 333.124945][T10264] dump_stack_lvl+0x16c/0x1f0 [ 333.127070][T10264] should_fail_ex+0x497/0x5b0 [ 333.129416][T10264] ? fs_reclaim_acquire+0xae/0x160 [ 333.133102][T10264] should_failslab+0xc2/0x120 [ 333.135473][T10264] __kmalloc_noprof+0xcb/0x400 [ 333.138005][T10264] ? __pfx_lock_acquire+0x10/0x10 [ 333.140705][T10264] tomoyo_realpath_from_path+0xb9/0x720 [ 333.144061][T10264] ? tomoyo_profile+0x47/0x60 [ 333.147221][T10264] tomoyo_path_number_perm+0x245/0x590 [ 333.151720][ T30] usb 6-1: reset high-speed USB device number 5 using dummy_hcd [ 333.154335][T10264] ? tomoyo_path_number_perm+0x232/0x590 [ 333.154364][T10264] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 333.154387][T10264] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 333.154415][T10264] ? __fget_files+0x256/0x400 [ 333.154442][T10264] security_file_ioctl+0x75/0xc0 [ 333.154466][T10264] __x64_sys_ioctl+0xbb/0x220 [ 333.175142][T10264] do_syscall_64+0xcd/0x250 [ 333.180355][T10264] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.184053][T10264] RIP: 0033:0x7f510dd75f19 [ 333.186850][T10264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 333.198136][T10264] RSP: 002b:00007f510d7ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 333.203146][T10264] RAX: ffffffffffffffda RBX: 00007f510df05f60 RCX: 00007f510dd75f19 [ 333.207537][T10264] RDX: 0000000000000000 RSI: 00000000000007a8 RDI: 0000000000000003 [ 333.211173][T10264] RBP: 00007f510d7ff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 333.212261][ T30] usb 6-1: device descriptor read/8, error -71 [ 333.214876][T10264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 333.214890][T10264] R13: 000000000000000b R14: 00007f510df05f60 R15: 00007ffe86f4afd8 [ 333.227807][T10264] [ 333.232678][T10264] ERROR: Out of memory at tomoyo_realpath_from_path. [ 333.352877][ T103] usb 6-1: USB disconnect, device number 5 [ 333.614102][ T103] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 333.902263][ T103] usb 6-1: device descriptor read/64, error -71 [ 334.103051][ C1] vkms_vblank_simulate: vblank timer overrun [ 334.142603][T10280] fuse: Bad value for 'user_id' [ 334.144906][T10280] fuse: Bad value for 'user_id' [ 334.196071][ T103] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 334.269741][ C1] vkms_vblank_simulate: vblank timer overrun [ 334.353518][ T103] usb 6-1: device descriptor read/64, error -71 [ 334.501330][ T103] usb usb6-port1: attempt power cycle [ 334.605102][ T5218] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 334.678216][ T5218] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 334.684350][ T5218] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 334.747542][ T5218] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 334.761677][ T5218] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 334.768494][ T5218] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 334.909799][ C1] vkms_vblank_simulate: vblank timer overrun [ 334.954589][ C1] vkms_vblank_simulate: vblank timer overrun [ 334.985731][ C1] vkms_vblank_simulate: vblank timer overrun [ 335.037747][ C1] vkms_vblank_simulate: vblank timer overrun [ 335.082746][T10296] block nbd1: NBD_DISCONNECT [ 335.462058][ T39] audit: type=1400 audit(1721765226.049:586): avc: denied { bind } for pid=10298 comm="syz.1.1403" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 335.772038][T10283] chnl_net:caif_netlink_parms(): no params data found [ 336.057810][ C1] vkms_vblank_simulate: vblank timer overrun [ 336.129779][ C1] vkms_vblank_simulate: vblank timer overrun [ 336.474371][T10315] fuse: Bad value for 'user_id' [ 336.489246][T10315] fuse: Bad value for 'user_id' [ 336.567112][ C1] vkms_vblank_simulate: vblank timer overrun [ 336.655853][ C1] vkms_vblank_simulate: vblank timer overrun [ 336.673910][T10283] bridge0: port 1(bridge_slave_0) entered blocking state [ 336.677218][T10283] bridge0: port 1(bridge_slave_0) entered disabled state [ 336.681051][T10283] bridge_slave_0: entered allmulticast mode [ 336.711618][ C1] vkms_vblank_simulate: vblank timer overrun [ 336.746448][T10283] bridge_slave_0: entered promiscuous mode [ 336.770152][T10283] bridge0: port 2(bridge_slave_1) entered blocking state [ 336.796977][T10283] bridge0: port 2(bridge_slave_1) entered disabled state [ 336.800060][T10283] bridge_slave_1: entered allmulticast mode [ 336.803624][T10283] bridge_slave_1: entered promiscuous mode [ 336.900757][ T5218] Bluetooth: hci5: command tx timeout [ 337.037667][T10283] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 337.058544][T10283] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 337.254273][T10283] team0: Port device team_slave_0 added [ 337.262439][T10283] team0: Port device team_slave_1 added [ 337.421397][T10332] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1411'. [ 337.509575][T10283] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 337.521244][T10283] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 337.533995][T10283] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 337.580173][T10283] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 337.647667][T10283] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 337.688082][T10283] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 337.957683][ C1] vkms_vblank_simulate: vblank timer overrun [ 338.051645][T10342] block nbd1: NBD_DISCONNECT [ 338.309844][ C1] vkms_vblank_simulate: vblank timer overrun [ 338.512565][T10283] hsr_slave_0: entered promiscuous mode [ 338.531325][T10283] hsr_slave_1: entered promiscuous mode [ 338.540267][T10283] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 338.545201][T10283] Cannot create hsr debugfs directory [ 338.605729][T10348] fuse: Bad value for 'user_id' [ 338.609077][T10348] fuse: Bad value for 'user_id' [ 338.649699][ T39] audit: type=1400 audit(1721765229.229:587): avc: denied { read } for pid=10339 comm="syz.2.1413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 338.825719][ C1] vkms_vblank_simulate: vblank timer overrun [ 338.973709][ C1] vkms_vblank_simulate: vblank timer overrun [ 338.981423][ T5218] Bluetooth: hci5: command tx timeout [ 339.679852][T10283] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 339.853332][ C1] vkms_vblank_simulate: vblank timer overrun [ 340.096568][T10283] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 340.201928][T10361] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 340.457726][ C1] vkms_vblank_simulate: vblank timer overrun [ 340.540174][T10283] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 341.078333][ T5218] Bluetooth: hci5: command tx timeout [ 341.093327][T10283] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 341.170747][ C1] vkms_vblank_simulate: vblank timer overrun [ 341.195687][ T39] audit: type=1400 audit(1721765231.769:588): avc: denied { getopt } for pid=10378 comm="syz.1.1425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 341.238458][T10381] 9pnet_fd: Insufficient options for proto=fd [ 341.352148][T10138] syz_tun (unregistering): left promiscuous mode [ 341.473880][ C1] vkms_vblank_simulate: vblank timer overrun [ 341.656379][T10393] fuse: Bad value for 'user_id' [ 341.679208][T10393] fuse: Bad value for 'user_id' [ 341.774786][ T11] bridge_slave_1: left allmulticast mode [ 341.778526][T10395] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1429'. [ 341.792792][ T11] bridge_slave_1: left promiscuous mode [ 341.810162][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 341.828199][ T11] bridge_slave_0: left allmulticast mode [ 341.840107][ T11] bridge_slave_0: left promiscuous mode [ 341.857768][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 342.316375][ C1] vkms_vblank_simulate: vblank timer overrun [ 343.137901][ T5218] Bluetooth: hci5: command tx timeout [ 343.505608][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 343.541375][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 343.564261][ T11] bond0 (unregistering): Released all slaves [ 343.591987][T10395] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1429'. [ 343.597446][T10395] 0猉功D: renamed from gretap0 (while UP) [ 343.604228][T10395] 0猉功D: entered allmulticast mode [ 343.609368][T10395] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 343.645374][ C1] vkms_vblank_simulate: vblank timer overrun [ 343.710856][ C1] vkms_vblank_simulate: vblank timer overrun [ 343.874531][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.110119][ T11] tipc: Left network mode [ 344.110850][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.150820][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.160109][T10416] fuse: Bad value for 'user_id' [ 344.163575][T10416] fuse: Bad value for 'user_id' [ 344.297494][T10283] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 344.298017][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.421879][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.676022][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.798028][T10283] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 344.849668][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.882610][T10283] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 344.911695][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.990634][T10283] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 345.169767][ C1] vkms_vblank_simulate: vblank timer overrun [ 345.245673][ C1] vkms_vblank_simulate: vblank timer overrun [ 345.491886][ T5218] block nbd1: Receive control failed (result -32) [ 345.497860][T10424] block nbd1: shutting down sockets [ 345.619674][ T11] batadv_slave_1: left promiscuous mode [ 345.756119][ T11] hsr_slave_0: left promiscuous mode [ 345.768905][T10431] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1442'. [ 345.787296][ T11] hsr_slave_1: left promiscuous mode [ 345.793449][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 345.797654][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 345.810610][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 345.861750][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 345.911277][ C1] vkms_vblank_simulate: vblank timer overrun [ 346.014879][ T11] veth1_macvtap: left promiscuous mode [ 346.017275][ T11] veth0_macvtap: left promiscuous mode [ 346.020191][ T11] veth1_vlan: left promiscuous mode [ 346.023503][ T11] veth0_vlan: left promiscuous mode [ 346.027082][ C1] vkms_vblank_simulate: vblank timer overrun [ 346.197598][ C1] vkms_vblank_simulate: vblank timer overrun [ 346.233174][ C1] vkms_vblank_simulate: vblank timer overrun [ 346.857045][ C1] vkms_vblank_simulate: vblank timer overrun [ 347.129410][ C1] vkms_vblank_simulate: vblank timer overrun [ 347.161890][ C1] vkms_vblank_simulate: vblank timer overrun [ 347.333959][ C1] vkms_vblank_simulate: vblank timer overrun [ 347.439442][ C1] vkms_vblank_simulate: vblank timer overrun [ 347.577691][ C1] vkms_vblank_simulate: vblank timer overrun [ 347.641301][ C1] vkms_vblank_simulate: vblank timer overrun [ 347.683893][ C1] vkms_vblank_simulate: vblank timer overrun [ 348.217601][ C1] vkms_vblank_simulate: vblank timer overrun [ 348.953655][ C1] vkms_vblank_simulate: vblank timer overrun [ 350.202965][ T5209] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 350.230911][ T5209] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 350.258119][ T5209] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 350.336179][ T5209] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 350.339532][ T5209] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 350.343829][ T5209] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 350.628795][ T11] team0 (unregistering): Port device team_slave_1 removed [ 351.114777][ T11] team0 (unregistering): Port device team_slave_0 removed [ 352.401256][ T5209] Bluetooth: hci3: command tx timeout [ 354.218213][T10283] 8021q: adding VLAN 0 to HW filter on device bond0 [ 354.258689][T10431] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1442'. [ 354.264817][T10431] 1猉功D: renamed from 30猉功D (while UP) [ 354.269934][T10431] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 354.300440][T10442] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1446'. [ 354.508528][ T5209] Bluetooth: hci3: command tx timeout [ 354.554795][T10283] 8021q: adding VLAN 0 to HW filter on device team0 [ 354.596577][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 354.615929][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 354.620453][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 354.635628][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 354.761437][T10283] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 355.185954][T10445] chnl_net:caif_netlink_parms(): no params data found [ 355.268983][T10453] block nbd2: shutting down sockets [ 355.904113][T10283] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 355.938619][T10445] bridge0: port 1(bridge_slave_0) entered blocking state [ 355.941613][T10445] bridge0: port 1(bridge_slave_0) entered disabled state [ 355.944146][T10445] bridge_slave_0: entered allmulticast mode [ 355.947204][T10445] bridge_slave_0: entered promiscuous mode [ 355.968837][T10445] bridge0: port 2(bridge_slave_1) entered blocking state [ 355.994615][T10445] bridge0: port 2(bridge_slave_1) entered disabled state [ 356.021731][T10445] bridge_slave_1: entered allmulticast mode [ 356.115023][T10445] bridge_slave_1: entered promiscuous mode [ 356.577949][ T5218] Bluetooth: hci3: command tx timeout [ 356.647274][T10445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 356.748525][T10445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 356.977602][T10445] team0: Port device team_slave_0 added [ 357.151783][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.288311][T10445] team0: Port device team_slave_1 added [ 357.330700][T10283] veth0_vlan: entered promiscuous mode [ 357.418198][T10445] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 357.426528][T10445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 357.485238][T10445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 357.600204][T10484] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1454'. [ 357.691767][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.733846][T10445] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 357.744074][T10445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 357.801197][T10445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 357.806038][T10484] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1454'. [ 357.809721][T10484] 0猉功D: renamed from 31猉功D (while UP) [ 357.839590][T10484] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 358.040206][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.344734][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.457605][T10283] veth1_vlan: entered promiscuous mode [ 358.640862][ T5218] Bluetooth: hci3: command tx timeout [ 358.705130][T10445] hsr_slave_0: entered promiscuous mode [ 358.709759][T10445] hsr_slave_1: entered promiscuous mode [ 358.750747][T10445] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 358.754096][T10445] Cannot create hsr debugfs directory [ 359.109662][T10495] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1458'. [ 359.118405][T10495] openvswitch: netlink: Flow key attribute not present in set flow. [ 359.294682][ T5218] block nbd2: Receive control failed (result -32) [ 359.311642][T10490] block nbd2: shutting down sockets [ 359.323871][T10283] veth0_macvtap: entered promiscuous mode [ 359.443056][ T11] bridge_slave_1: left allmulticast mode [ 359.445556][ T11] bridge_slave_1: left promiscuous mode [ 359.456652][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 359.482714][ T11] bridge_slave_0: left allmulticast mode [ 359.486427][ T11] bridge_slave_0: left promiscuous mode [ 359.490090][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 360.389932][T10516] block nbd2: NBD_DISCONNECT [ 361.201491][ C2] vkms_vblank_simulate: vblank timer overrun [ 361.265464][ C2] vkms_vblank_simulate: vblank timer overrun [ 361.304244][ T39] audit: type=1326 audit(1721765251.889:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.1.1466" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x7ffc0000 [ 361.343383][T10520] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=10520 comm=syz.1.1466 [ 361.368918][ T39] audit: type=1326 audit(1721765251.889:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.1.1466" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x7ffc0000 [ 361.385954][ T39] audit: type=1326 audit(1721765251.929:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.1.1466" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fcbc0975f19 code=0x7ffc0000 [ 361.420399][ T39] audit: type=1326 audit(1721765251.929:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.1.1466" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x7ffc0000 [ 361.460740][ T39] audit: type=1326 audit(1721765251.929:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.1.1466" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x7ffc0000 [ 361.472828][ T39] audit: type=1326 audit(1721765251.929:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.1.1466" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fcbc0975f19 code=0x7ffc0000 [ 361.497121][ T39] audit: type=1326 audit(1721765251.929:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.1.1466" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x7ffc0000 [ 361.512951][ T39] audit: type=1326 audit(1721765251.929:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.1.1466" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcbc0975f19 code=0x7ffc0000 [ 361.533039][ C2] vkms_vblank_simulate: vblank timer overrun [ 361.540691][ T39] audit: type=1326 audit(1721765251.929:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.1.1466" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbc0975f19 code=0x7ffc0000 [ 361.562327][ T39] audit: type=1326 audit(1721765251.929:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.1.1466" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fcbc0975f19 code=0x7ffc0000 [ 361.585792][ C2] vkms_vblank_simulate: vblank timer overrun [ 361.882306][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 361.961227][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 361.986712][ T11] bond0 (unregistering): Released all slaves [ 362.192435][T10283] veth1_macvtap: entered promiscuous mode [ 362.401440][ C2] vkms_vblank_simulate: vblank timer overrun [ 362.585436][ C2] vkms_vblank_simulate: vblank timer overrun [ 362.649431][ C2] vkms_vblank_simulate: vblank timer overrun [ 362.654968][T10532] syzkaller0: entered promiscuous mode [ 362.661868][T10532] syzkaller0: entered allmulticast mode [ 363.829409][ C2] vkms_vblank_simulate: vblank timer overrun [ 364.349402][ C2] vkms_vblank_simulate: vblank timer overrun [ 365.301362][ C2] vkms_vblank_simulate: vblank timer overrun [ 368.373878][T10283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 368.380347][T10283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.405197][T10283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 368.418249][T10283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.449051][T10283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 368.463353][T10283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.470814][T10283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 368.512141][T10283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.537576][T10283] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 368.559777][T10283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 368.573961][T10283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.580290][T10283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 368.585369][T10283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.594461][T10283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 368.601162][T10283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.606174][T10283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 368.613693][T10283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.621977][T10283] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 368.762333][T10283] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 368.809220][T10283] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 368.822957][T10283] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 368.836838][T10283] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 369.033565][T10558] block nbd2: NBD_DISCONNECT [ 369.036535][T10558] block nbd2: Disconnected due to user request. [ 369.041080][T10558] block nbd2: shutting down sockets [ 370.235572][ T8969] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 370.242536][ T8969] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 370.403036][ T11] hsr_slave_0: left promiscuous mode [ 370.416881][ T11] hsr_slave_1: left promiscuous mode [ 370.621691][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 370.624298][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 370.670356][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 370.687818][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 370.810317][ T11] veth1_macvtap: left promiscuous mode [ 370.815770][ T11] veth0_macvtap: left promiscuous mode [ 370.818414][ T11] veth1_vlan: left allmulticast mode [ 370.821177][ T11] veth1_vlan: left promiscuous mode [ 370.851817][ T11] veth0_vlan: left promiscuous mode [ 371.818274][ T11] macvlan0 (unregistering): left allmulticast mode [ 374.274658][ T11] team0 (unregistering): Port device team_slave_1 removed [ 374.650464][ T11] team0 (unregistering): Port device team_slave_0 removed [ 377.350653][T10445] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 377.376486][T10445] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 377.382801][T10445] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 377.409589][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 377.411406][T10445] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 377.413103][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 377.728457][T10445] 8021q: adding VLAN 0 to HW filter on device bond0 [ 377.824175][T10445] 8021q: adding VLAN 0 to HW filter on device team0 [ 377.868102][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 377.880021][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 377.935186][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 377.938736][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 378.036645][T10445] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 378.327101][ T5218] block nbd2: Receive control failed (result -32) [ 378.338757][T10597] block nbd2: shutting down sockets [ 378.487882][T10445] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 378.538071][T10445] veth0_vlan: entered promiscuous mode [ 378.557264][ C3] vkms_vblank_simulate: vblank timer overrun [ 378.566024][T10445] veth1_vlan: entered promiscuous mode [ 378.642665][T10445] veth0_macvtap: entered promiscuous mode [ 378.702781][T10445] veth1_macvtap: entered promiscuous mode [ 378.774503][T10445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 378.789257][T10445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.809576][T10445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 378.814071][T10445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.819009][T10445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 378.837255][T10445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.842663][T10445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 378.864993][T10445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.872446][T10445] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 378.905029][T10445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 378.931872][T10445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.954600][T10445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 378.964703][T10445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.979755][T10445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 378.998928][T10445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.053549][T10445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 379.058492][T10445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.085878][T10445] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 379.139426][T10445] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.161065][T10445] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.179143][T10445] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.198285][T10445] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.245258][ C3] vkms_vblank_simulate: vblank timer overrun [ 379.425903][T10637] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1493'. [ 379.530414][T10626] syzkaller0: entered promiscuous mode [ 379.533798][T10626] syzkaller0: entered allmulticast mode [ 379.605298][T10637] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1493'. [ 379.608969][T10637] 0猉功D: renamed from 00猉功D龌 (while UP) [ 379.643580][T10637] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 380.385907][ C3] vkms_vblank_simulate: vblank timer overrun [ 380.749229][ C3] vkms_vblank_simulate: vblank timer overrun [ 380.797838][ T5218] block nbd1: Receive control failed (result -32) [ 380.823238][T10650] block nbd1: shutting down sockets [ 380.950542][ C3] vkms_vblank_simulate: vblank timer overrun [ 381.078308][ C3] vkms_vblank_simulate: vblank timer overrun [ 381.130821][ C3] vkms_vblank_simulate: vblank timer overrun [ 381.161414][ C3] vkms_vblank_simulate: vblank timer overrun [ 381.361213][ C3] vkms_vblank_simulate: vblank timer overrun [ 382.271733][ C3] vkms_vblank_simulate: vblank timer overrun [ 382.601993][ C3] vkms_vblank_simulate: vblank timer overrun [ 384.093211][ C3] vkms_vblank_simulate: vblank timer overrun [ 384.147495][ C3] vkms_vblank_simulate: vblank timer overrun [ 384.183774][ C3] vkms_vblank_simulate: vblank timer overrun [ 384.325955][ T1359] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.328948][ T1359] ieee802154 phy1 wpan1: encryption failed: -22 [ 385.880723][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 385.931416][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.063993][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.097108][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.354917][ C3] vkms_vblank_simulate: vblank timer overrun [ 386.462843][T10670] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1502'. [ 386.468842][T10670] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1502'. [ 386.475787][T10670] 1猉功D: renamed from 30猉功D (while UP) [ 386.543514][T10670] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 386.646134][T10673] fuse: Bad value for 'user_id' [ 386.648809][T10673] fuse: Bad value for 'user_id' [ 387.059206][T10687] fuse: Bad value for 'user_id' [ 387.063788][T10687] fuse: Bad value for 'user_id' [ 387.317170][ C3] vkms_vblank_simulate: vblank timer overrun [ 387.350478][T10699] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1511'. [ 387.364286][T10699] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1511'. [ 387.388634][ C3] vkms_vblank_simulate: vblank timer overrun [ 387.404250][T10699] 0猉功D: renamed from gretap0 (while UP) [ 387.427934][T10699] 0猉功D: entered allmulticast mode [ 387.445762][T10699] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 387.560182][T10707] FAULT_INJECTION: forcing a failure. [ 387.560182][T10707] name failslab, interval 1, probability 0, space 0, times 0 [ 387.566063][T10707] CPU: 2 UID: 0 PID: 10707 Comm: syz.2.1514 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 [ 387.572221][T10707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 387.596802][T10707] Call Trace: [ 387.598246][T10707] [ 387.599524][T10707] dump_stack_lvl+0x16c/0x1f0 [ 387.601312][T10707] should_fail_ex+0x497/0x5b0 [ 387.603128][T10707] ? fs_reclaim_acquire+0xae/0x160 [ 387.605084][T10707] should_failslab+0xc2/0x120 [ 387.618810][T10707] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 387.620640][T10707] ? alloc_empty_file+0x73/0x1e0 [ 387.622559][T10707] alloc_empty_file+0x73/0x1e0 [ 387.624236][T10707] alloc_file_pseudo+0x147/0x210 [ 387.625939][T10707] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 387.627775][T10707] ? lockdep_annotate_inode_mutex_key+0x4b/0x200 [ 387.630242][T10707] ? hugetlbfs_get_inode+0x346/0x540 [ 387.632087][T10707] hugetlb_file_setup+0x4cd/0x620 [ 387.633812][T10707] ksys_mmap_pgoff+0x189/0x5d0 [ 387.650711][T10707] __x64_sys_mmap+0x125/0x190 [ 387.652330][T10707] do_syscall_64+0xcd/0x250 [ 387.654022][T10707] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 387.657244][T10707] RIP: 0033:0x7fc19b775f19 [ 387.659671][T10707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 387.675127][T10707] RSP: 002b:00007fc19b1ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 387.692604][T10707] RAX: ffffffffffffffda RBX: 00007fc19b905f60 RCX: 00007fc19b775f19 [ 387.695923][T10707] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 0000000020400000 [ 387.699118][T10707] RBP: 00007fc19b1ff0a0 R08: ffffffffffffffff R09: 0000000000000000 [ 387.702510][T10707] R10: 0000000000059032 R11: 0000000000000246 R12: 0000000000000001 [ 387.710656][T10707] R13: 000000000000000b R14: 00007fc19b905f60 R15: 00007ffc75600058 [ 387.725567][T10707] [ 387.782507][ T5218] block nbd0: Receive control failed (result -32) [ 387.782620][T10689] block nbd0: shutting down sockets [ 387.921239][ C3] vkms_vblank_simulate: vblank timer overrun [ 387.966442][T10714] fuse: Bad value for 'user_id' [ 387.992957][ C3] vkms_vblank_simulate: vblank timer overrun [ 388.026685][T10714] fuse: Bad value for 'user_id' [ 388.366002][T10733] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1523'. [ 388.380636][T10733] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1523'. [ 388.412769][T10733] 0猉功D: renamed from gretap0 (while UP) [ 388.512480][T10733] 0猉功D: entered allmulticast mode [ 388.516574][T10733] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 388.633933][T10737] block nbd3: NBD_DISCONNECT [ 388.636715][T10737] block nbd3: Disconnected due to user request. [ 388.639867][T10737] block nbd3: shutting down sockets [ 388.854804][ C3] vkms_vblank_simulate: vblank timer overrun [ 388.937985][ T39] kauditd_printk_skb: 6 callbacks suppressed [ 388.938001][ T39] audit: type=1400 audit(1721765279.509:605): avc: denied { read } for pid=10744 comm="syz.0.1530" name="btrfs-control" dev="devtmpfs" ino=1150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 389.057696][ T39] audit: type=1400 audit(1721765279.509:606): avc: denied { open } for pid=10744 comm="syz.0.1530" path="/dev/btrfs-control" dev="devtmpfs" ino=1150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 389.110587][ T39] audit: type=1400 audit(1721765279.589:607): avc: denied { ioctl } for pid=10744 comm="syz.0.1530" path="/dev/btrfs-control" dev="devtmpfs" ino=1150 ioctlcmd=0x540f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 389.118070][T10753] fuse: Bad value for 'user_id' [ 389.155215][T10753] fuse: Bad value for 'user_id' [ 389.569110][ C3] vkms_vblank_simulate: vblank timer overrun [ 389.621118][ C3] vkms_vblank_simulate: vblank timer overrun [ 389.728989][ C3] vkms_vblank_simulate: vblank timer overrun [ 389.760046][ C3] vkms_vblank_simulate: vblank timer overrun [ 389.816207][ C3] vkms_vblank_simulate: vblank timer overrun [ 389.818881][T10765] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1536'. [ 389.858062][T10765] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1536'. [ 389.880270][T10765] 1猉功D: renamed from 30猉功D (while UP) [ 389.900766][ C3] vkms_vblank_simulate: vblank timer overrun [ 389.972837][T10765] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 390.022390][T10772] block nbd2: NBD_DISCONNECT [ 390.024633][T10772] block nbd2: Disconnected due to user request. [ 390.027448][T10772] block nbd2: shutting down sockets [ 390.278932][T10778] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1540'. [ 390.289153][ C3] vkms_vblank_simulate: vblank timer overrun [ 390.307794][T10778] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1540'. [ 390.307884][T10778] 0猉功D: renamed from 31猉功D (while UP) [ 390.349834][ C3] vkms_vblank_simulate: vblank timer overrun [ 390.379269][T10778] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 390.657194][ C3] vkms_vblank_simulate: vblank timer overrun [ 390.721096][ C3] vkms_vblank_simulate: vblank timer overrun [ 390.773145][ C3] vkms_vblank_simulate: vblank timer overrun [ 390.897437][ C3] vkms_vblank_simulate: vblank timer overrun [ 391.199487][T10796] fuse: Bad value for 'user_id' [ 391.201686][T10796] fuse: Bad value for 'user_id' [ 391.452431][T10806] 1猉功D: renamed from 30猉功D (while UP) [ 391.487170][T10806] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 391.951529][T10824] __nla_validate_parse: 2 callbacks suppressed [ 391.951545][T10824] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1553'. [ 391.978229][T10824] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1553'. [ 391.983284][T10824] 0猉功D: renamed from 31猉功D (while UP) [ 392.012781][T10824] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 392.247456][T10830] fuse: Bad value for 'user_id' [ 392.277962][T10830] fuse: Bad value for 'user_id' [ 392.583839][T10839] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1560'. [ 392.622533][T10839] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1560'. [ 392.626145][T10839] 1猉功D: renamed from 30猉功D (while UP) [ 392.663885][T10839] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 393.376277][T10864] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1566'. [ 393.385655][T10864] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1566'. [ 393.401987][T10864] 0猉功D: renamed from 31猉功D (while UP) [ 393.427784][T10864] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 393.829838][T10872] FAULT_INJECTION: forcing a failure. [ 393.829838][T10872] name failslab, interval 1, probability 0, space 0, times 0 [ 393.841988][T10872] CPU: 2 UID: 0 PID: 10872 Comm: syz.1.1569 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 [ 393.849397][T10872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 393.876857][T10872] Call Trace: [ 393.878020][T10872] [ 393.879580][T10872] dump_stack_lvl+0x16c/0x1f0 [ 393.881229][T10872] should_fail_ex+0x497/0x5b0 [ 393.898137][T10872] ? fs_reclaim_acquire+0xae/0x160 [ 393.900203][T10872] should_failslab+0xc2/0x120 [ 393.902139][T10872] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 393.904225][T10872] ? skb_clone+0x190/0x3f0 [ 393.908214][T10872] skb_clone+0x190/0x3f0 [ 393.910235][T10872] nfnetlink_rcv_batch+0x1d9/0x24e0 [ 393.912625][T10872] ? __pfx___lock_acquire+0x10/0x10 [ 393.929732][T10872] ? find_held_lock+0x2d/0x110 [ 393.929767][T10872] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 393.929789][T10872] ? find_held_lock+0x2d/0x110 [ 393.929813][T10872] ? avc_has_perm_noaudit+0x119/0x3a0 [ 393.929841][T10872] ? avc_has_perm_noaudit+0x143/0x3a0 [ 393.929863][T10872] ? __asan_memset+0x23/0x50 [ 393.929880][T10872] ? __nla_validate_parse+0x601/0x2880 [ 393.929896][T10872] ? __pfx___nla_validate_parse+0x10/0x10 [ 393.929912][T10872] ? cap_capable+0x1cf/0x240 [ 393.929931][T10872] ? __nla_parse+0x40/0x60 [ 393.929946][T10872] nfnetlink_rcv+0x3c3/0x430 [ 393.929968][T10872] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 393.929988][T10872] netlink_unicast+0x544/0x830 [ 393.930012][T10872] ? __pfx_netlink_unicast+0x10/0x10 [ 393.930035][T10872] netlink_sendmsg+0x8b8/0xd70 [ 393.930057][T10872] ? __pfx_netlink_sendmsg+0x10/0x10 [ 393.930079][T10872] ? __import_iovec+0x1fd/0x6e0 [ 393.930102][T10872] ____sys_sendmsg+0xab5/0xc90 [ 393.930126][T10872] ? copy_msghdr_from_user+0x10b/0x160 [ 393.930145][T10872] ? __pfx_____sys_sendmsg+0x10/0x10 [ 393.930168][T10872] ? find_held_lock+0x2d/0x110 [ 393.930192][T10872] ? __pfx___lock_acquire+0x10/0x10 [ 393.930213][T10872] ___sys_sendmsg+0x135/0x1e0 [ 393.930233][T10872] ? __pfx____sys_sendmsg+0x10/0x10 [ 393.930252][T10872] ? ksys_write+0x21c/0x260 [ 393.930269][T10872] ? __fget_light+0x173/0x210 [ 393.930293][T10872] __sys_sendmsg+0x117/0x1f0 [ 393.930311][T10872] ? __pfx___sys_sendmsg+0x10/0x10 [ 393.930341][T10872] do_syscall_64+0xcd/0x250 [ 393.930363][T10872] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.930383][T10872] RIP: 0033:0x7fcbc0975f19 [ 393.930397][T10872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 393.930413][T10872] RSP: 002b:00007fcbc1686048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 393.930430][T10872] RAX: ffffffffffffffda RBX: 00007fcbc0b05f60 RCX: 00007fcbc0975f19 [ 393.930442][T10872] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 393.930452][T10872] RBP: 00007fcbc16860a0 R08: 0000000000000000 R09: 0000000000000000 [ 393.930463][T10872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 393.930473][T10872] R13: 000000000000000b R14: 00007fcbc0b05f60 R15: 00007ffc6247c6c8 [ 393.930486][T10872] [ 393.952813][T10873] fuse: Bad value for 'user_id' [ 393.952831][T10873] fuse: Bad value for 'user_id' [ 394.039272][T10878] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1571'. [ 394.170363][T10884] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1571'. [ 394.225787][T10884] 1猉功D: renamed from 30猉功D (while UP) [ 394.298186][T10884] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 394.975174][ T5209] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 395.037828][ T5209] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 395.056535][ T5209] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 395.234083][ T5209] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 395.239539][ T5209] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 395.249281][ T5209] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 396.226958][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 396.432941][T10919] fuse: Bad value for 'user_id' [ 396.469774][T10919] fuse: Bad value for 'user_id' [ 396.758208][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 396.855104][T10928] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1584'. [ 397.014135][T10928] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1584'. [ 397.043813][T10928] 0猉功D: renamed from 31猉功D (while UP) [ 397.139437][T10928] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 397.236155][T10941] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1589'. [ 397.270177][T10941] FAULT_INJECTION: forcing a failure. [ 397.270177][T10941] name failslab, interval 1, probability 0, space 0, times 0 [ 397.279529][T10941] CPU: 1 UID: 0 PID: 10941 Comm: syz.2.1589 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 [ 397.284783][T10941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 397.290720][T10941] Call Trace: [ 397.293010][T10941] [ 397.294829][T10941] dump_stack_lvl+0x16c/0x1f0 [ 397.297025][T10941] should_fail_ex+0x497/0x5b0 [ 397.297494][ T5209] Bluetooth: hci1: command tx timeout [ 397.299423][T10941] ? fs_reclaim_acquire+0xae/0x160 [ 397.306610][T10941] should_failslab+0xc2/0x120 [ 397.309076][T10941] __kmalloc_cache_noprof+0x6b/0x300 [ 397.311869][T10941] ? netlbl_cipsov4_add+0x376/0x2450 [ 397.314735][T10941] netlbl_cipsov4_add+0x376/0x2450 [ 397.317564][T10941] ? __nla_parse+0x40/0x60 [ 397.319874][T10941] ? __pfx_netlbl_cipsov4_add+0x10/0x10 [ 397.323613][T10941] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 397.327732][T10941] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 397.331477][T10941] genl_family_rcv_msg_doit+0x202/0x2f0 [ 397.334517][T10941] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 397.337789][T10941] ? security_capable+0x98/0xd0 [ 397.340253][T10941] genl_rcv_msg+0x565/0x800 [ 397.341039][ C2] vkms_vblank_simulate: vblank timer overrun [ 397.342684][T10941] ? __pfx_genl_rcv_msg+0x10/0x10 [ 397.371420][T10941] ? __pfx___lock_acquire+0x10/0x10 [ 397.373893][T10941] ? __pfx_netlbl_cipsov4_add+0x10/0x10 [ 397.376640][T10941] ? __pfx___lock_acquire+0x10/0x10 [ 397.379910][T10941] netlink_rcv_skb+0x16b/0x440 [ 397.388261][T10941] ? __pfx_genl_rcv_msg+0x10/0x10 [ 397.391593][T10941] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 397.396632][T10941] ? down_read+0xc9/0x330 [ 397.399554][T10941] ? __pfx_down_read+0x10/0x10 [ 397.404110][T10941] ? netlink_deliver_tap+0x1ae/0xd90 [ 397.406217][T10941] genl_rcv+0x28/0x40 [ 397.407853][T10941] netlink_unicast+0x544/0x830 [ 397.409841][T10941] ? __pfx_netlink_unicast+0x10/0x10 [ 397.437037][T10941] netlink_sendmsg+0x8b8/0xd70 [ 397.440666][T10941] ? __pfx_netlink_sendmsg+0x10/0x10 [ 397.444851][T10941] ? __import_iovec+0x1fd/0x6e0 [ 397.448702][T10941] ____sys_sendmsg+0xab5/0xc90 [ 397.451107][T10941] ? copy_msghdr_from_user+0x10b/0x160 [ 397.453259][T10941] ? __pfx_____sys_sendmsg+0x10/0x10 [ 397.455197][T10941] ? find_held_lock+0x2d/0x110 [ 397.456905][T10941] ? __pfx___lock_acquire+0x10/0x10 [ 397.468671][T10941] ___sys_sendmsg+0x135/0x1e0 [ 397.472251][T10941] ? __pfx____sys_sendmsg+0x10/0x10 [ 397.477258][T10941] ? ksys_write+0x21c/0x260 [ 397.494852][T10941] ? __fget_light+0x173/0x210 [ 397.497900][T10941] __sys_sendmsg+0x117/0x1f0 [ 397.500845][T10941] ? __pfx___sys_sendmsg+0x10/0x10 [ 397.504172][T10941] do_syscall_64+0xcd/0x250 [ 397.507174][T10941] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.511082][T10941] RIP: 0033:0x7fc19b775f19 [ 397.529052][T10941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 397.541466][T10941] RSP: 002b:00007fc19b1ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 397.546718][T10941] RAX: ffffffffffffffda RBX: 00007fc19b905f60 RCX: 00007fc19b775f19 [ 397.558944][T10941] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004 [ 397.559003][ C2] vkms_vblank_simulate: vblank timer overrun [ 397.564229][T10941] RBP: 00007fc19b1ff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 397.564251][T10941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 397.564263][T10941] R13: 000000000000000b R14: 00007fc19b905f60 R15: 00007ffc75600058 [ 397.564329][T10941] [ 397.627336][ C2] vkms_vblank_simulate: vblank timer overrun [ 397.665805][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 397.861833][T10956] fuse: Bad value for 'user_id' [ 397.863796][T10956] fuse: Bad value for 'user_id' [ 397.973068][ C2] vkms_vblank_simulate: vblank timer overrun [ 398.009057][ C2] vkms_vblank_simulate: vblank timer overrun [ 398.053067][ C2] vkms_vblank_simulate: vblank timer overrun [ 398.213368][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 398.307390][T10898] chnl_net:caif_netlink_parms(): no params data found [ 398.477056][ C2] vkms_vblank_simulate: vblank timer overrun [ 398.507811][ C2] vkms_vblank_simulate: vblank timer overrun [ 398.741292][T10979] fuse: Bad value for 'user_id' [ 398.743598][T10979] fuse: Bad value for 'user_id' [ 398.766699][T10980] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1599'. [ 398.913423][ C2] vkms_vblank_simulate: vblank timer overrun [ 399.091388][T10980] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1599'. [ 399.105708][T10980] 0猉功D: renamed from 31猉功D (while UP) [ 399.132574][T10980] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 399.189082][T10898] bridge0: port 1(bridge_slave_0) entered blocking state [ 399.203369][T10898] bridge0: port 1(bridge_slave_0) entered disabled state [ 399.237315][ C2] vkms_vblank_simulate: vblank timer overrun [ 399.242539][T10990] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1604'. [ 399.255785][T10990] FAULT_INJECTION: forcing a failure. [ 399.255785][T10990] name failslab, interval 1, probability 0, space 0, times 0 [ 399.256785][T10898] bridge_slave_0: entered allmulticast mode [ 399.273943][T10990] CPU: 3 UID: 0 PID: 10990 Comm: syz.3.1604 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 [ 399.274008][T10990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 399.274018][T10990] Call Trace: [ 399.274024][T10990] [ 399.274063][T10990] dump_stack_lvl+0x16c/0x1f0 [ 399.274083][T10990] should_fail_ex+0x497/0x5b0 [ 399.274142][T10990] ? fs_reclaim_acquire+0xae/0x160 [ 399.274157][T10990] should_failslab+0xc2/0x120 [ 399.274210][T10990] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 399.274267][T10990] ? skb_clone+0x190/0x3f0 [ 399.274284][T10990] skb_clone+0x190/0x3f0 [ 399.274334][T10990] nfnetlink_rcv_batch+0x1d9/0x24e0 [ 399.274353][T10990] ? __pfx___lock_acquire+0x10/0x10 [ 399.274412][T10990] ? find_held_lock+0x2d/0x110 [ 399.274467][T10990] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 399.274484][T10990] ? find_held_lock+0x2d/0x110 [ 399.274552][T10990] ? avc_has_perm_noaudit+0x119/0x3a0 [ 399.274612][T10990] ? avc_has_perm_noaudit+0x143/0x3a0 [ 399.274672][T10990] ? __asan_memset+0x23/0x50 [ 399.274685][T10990] ? __nla_validate_parse+0x601/0x2880 [ 399.274733][T10990] ? __pfx___nla_validate_parse+0x10/0x10 [ 399.274747][T10990] ? cap_capable+0x1cf/0x240 [ 399.274849][T10990] ? __nla_parse+0x40/0x60 [ 399.274863][T10990] nfnetlink_rcv+0x3c3/0x430 [ 399.274880][T10990] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 399.274988][T10990] netlink_unicast+0x544/0x830 [ 399.275007][T10990] ? __pfx_netlink_unicast+0x10/0x10 [ 399.275192][T10990] netlink_sendmsg+0x8b8/0xd70 [ 399.275212][T10990] ? __pfx_netlink_sendmsg+0x10/0x10 [ 399.275334][T10990] ? __import_iovec+0x1fd/0x6e0 [ 399.275352][T10990] ____sys_sendmsg+0xab5/0xc90 [ 399.275468][T10990] ? copy_msghdr_from_user+0x10b/0x160 [ 399.275484][T10990] ? __pfx_____sys_sendmsg+0x10/0x10 [ 399.275604][T10990] ? find_held_lock+0x2d/0x110 [ 399.275624][T10990] ? __pfx___lock_acquire+0x10/0x10 [ 399.275733][T10990] ___sys_sendmsg+0x135/0x1e0 [ 399.275749][T10990] ? __pfx____sys_sendmsg+0x10/0x10 [ 399.275859][T10990] ? ksys_write+0x21c/0x260 [ 399.275875][T10990] ? __fget_light+0x173/0x210 [ 399.275992][T10990] __sys_sendmsg+0x117/0x1f0 [ 399.276009][T10990] ? __pfx___sys_sendmsg+0x10/0x10 [ 399.276121][T10990] do_syscall_64+0xcd/0x250 [ 399.276142][T10990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 399.276160][T10990] RIP: 0033:0x7f5400d75f19 [ 399.276331][T10990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 399.276344][T10990] RSP: 002b:00007f5401bc5048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 399.276359][T10990] RAX: ffffffffffffffda RBX: 00007f5400f05f60 RCX: 00007f5400d75f19 [ 399.276457][T10990] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 399.276466][T10990] RBP: 00007f5401bc50a0 R08: 0000000000000000 R09: 0000000000000000 [ 399.276475][T10990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 399.276484][T10990] R13: 000000000000000b R14: 00007f5400f05f60 R15: 00007fff2f13bbe8 [ 399.276588][T10990] [ 399.338862][ C2] vkms_vblank_simulate: vblank timer overrun [ 399.390693][ T5209] Bluetooth: hci1: command tx timeout [ 399.413834][T10898] bridge_slave_0: entered promiscuous mode [ 399.470647][ T39] audit: type=1400 audit(1721765290.059:608): avc: denied { read } for pid=10986 comm="syz.2.1603" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 399.492258][T10898] bridge0: port 2(bridge_slave_1) entered blocking state [ 399.527489][ C2] vkms_vblank_simulate: vblank timer overrun [ 399.563101][T10987] Driver unsupported XDP return value 0 on prog (id 626) dev N/A, expect packet loss! [ 399.566121][T10898] bridge0: port 2(bridge_slave_1) entered disabled state [ 399.566302][T10898] bridge_slave_1: entered allmulticast mode [ 399.567613][T10898] bridge_slave_1: entered promiscuous mode [ 399.705061][ C2] vkms_vblank_simulate: vblank timer overrun [ 399.809768][ C2] vkms_vblank_simulate: vblank timer overrun [ 400.109040][ C2] vkms_vblank_simulate: vblank timer overrun [ 400.140986][ C2] vkms_vblank_simulate: vblank timer overrun [ 400.633053][ C2] vkms_vblank_simulate: vblank timer overrun [ 400.663937][T10898] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 400.677135][T10898] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 400.959847][T11012] fuse: Bad value for 'user_id' [ 401.004198][T11012] fuse: Bad value for 'user_id' [ 401.138470][ C2] vkms_vblank_simulate: vblank timer overrun [ 401.189158][ T11] bridge_slave_1: left allmulticast mode [ 401.201590][T11017] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1613'. [ 401.202454][ T11] bridge_slave_1: left promiscuous mode [ 401.209498][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 401.247878][ T11] bridge_slave_0: left allmulticast mode [ 401.250244][ T11] bridge_slave_0: left promiscuous mode [ 401.253419][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 401.377201][ C2] vkms_vblank_simulate: vblank timer overrun [ 401.461199][ T5209] Bluetooth: hci1: command tx timeout [ 401.588829][ C2] vkms_vblank_simulate: vblank timer overrun [ 401.689302][ C2] vkms_vblank_simulate: vblank timer overrun [ 401.690893][T11024] block nbd1: NBD_DISCONNECT [ 401.738795][ C2] vkms_vblank_simulate: vblank timer overrun [ 401.747722][T11024] block nbd1: Disconnected due to user request. [ 401.751154][T11024] block nbd1: shutting down sockets [ 401.791337][ C2] vkms_vblank_simulate: vblank timer overrun [ 402.254720][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 402.267509][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 402.285275][ T11] bond0 (unregistering): Released all slaves [ 402.301809][T10898] team0: Port device team_slave_0 added [ 402.309607][T11017] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1613'. [ 402.313146][T11017] 1猉功D: renamed from 30猉功D (while UP) [ 402.343175][T11017] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 402.535999][T10898] team0: Port device team_slave_1 added [ 402.558410][ C2] vkms_vblank_simulate: vblank timer overrun [ 402.672984][ C2] vkms_vblank_simulate: vblank timer overrun [ 402.977008][ C2] vkms_vblank_simulate: vblank timer overrun [ 403.232563][T11047] fuse: Bad value for 'user_id' [ 403.234870][T11047] fuse: Bad value for 'user_id' [ 403.237873][ C2] vkms_vblank_simulate: vblank timer overrun [ 403.244331][T10898] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 403.265425][T10898] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 403.313004][ C2] vkms_vblank_simulate: vblank timer overrun [ 403.335725][T10898] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 403.357795][ C2] vkms_vblank_simulate: vblank timer overrun [ 403.370327][T10898] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 403.387650][T10898] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 403.422989][ C2] vkms_vblank_simulate: vblank timer overrun [ 403.433604][T10898] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 403.530213][ T5209] Bluetooth: hci1: command tx timeout [ 403.663724][T11055] block nbd1: NBD_DISCONNECT [ 403.665812][T11055] block nbd1: Disconnected due to user request. [ 403.669509][T11055] block nbd1: shutting down sockets [ 403.824982][ C2] vkms_vblank_simulate: vblank timer overrun [ 403.873024][ C2] vkms_vblank_simulate: vblank timer overrun [ 403.973063][ C2] vkms_vblank_simulate: vblank timer overrun [ 403.984274][T11063] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1628'. [ 404.041032][ C2] vkms_vblank_simulate: vblank timer overrun [ 404.152302][T11063] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1628'. [ 404.155986][T11063] 1猉功D: renamed from 30猉功D (while UP) [ 404.173110][T11063] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 404.425227][ C2] vkms_vblank_simulate: vblank timer overrun [ 404.518864][T10898] hsr_slave_0: entered promiscuous mode [ 404.524998][ C2] vkms_vblank_simulate: vblank timer overrun [ 404.606034][T11075] fuse: Bad value for 'user_id' [ 404.608004][T11075] fuse: Bad value for 'user_id' [ 404.665527][T10898] hsr_slave_1: entered promiscuous mode [ 404.722175][T10898] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 404.725653][T10898] Cannot create hsr debugfs directory [ 404.809774][ T11] hsr_slave_0: left promiscuous mode [ 404.810855][T11083] block nbd3: NBD_DISCONNECT [ 404.847514][T11083] block nbd3: Disconnected due to user request. [ 404.850355][T11083] block nbd3: shutting down sockets [ 404.885690][ T11] hsr_slave_1: left promiscuous mode [ 404.891919][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 404.891963][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 404.892616][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 404.892636][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 404.973025][ C2] vkms_vblank_simulate: vblank timer overrun [ 404.991025][ T11] veth1_macvtap: left promiscuous mode [ 405.005384][ T11] veth0_macvtap: left promiscuous mode [ 405.010956][ T11] veth1_vlan: left promiscuous mode [ 405.020770][ T11] veth0_vlan: left promiscuous mode [ 405.513876][T11097] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1639'. [ 408.523004][ T11] team0 (unregistering): Port device team_slave_1 removed [ 408.989306][ T11] team0 (unregistering): Port device team_slave_0 removed [ 411.602286][T11097] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1639'. [ 411.615482][T11097] 0猉功D: renamed from 31猉功D (while UP) [ 411.640505][T11097] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 412.065008][T11110] fuse: Bad value for 'user_id' [ 412.067264][T11110] fuse: Bad value for 'user_id' [ 412.563751][ C1] ================================================================== [ 412.572511][ C1] BUG: KASAN: stack-out-of-bounds in xdp_do_check_flushed+0x41c/0x4e0 [ 412.575833][ C1] Read of size 4 at addr ffffc90003597a50 by task syz.3.1646/11117 [ 412.595364][ C1] [ 412.596210][ C1] CPU: 1 UID: 0 PID: 11117 Comm: syz.3.1646 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 [ 412.602264][ C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 412.608954][ C1] Call Trace: [ 412.610734][ C1] [ 412.633178][ C1] dump_stack_lvl+0x116/0x1f0 [ 412.635183][ C1] print_report+0xc3/0x620 [ 412.637123][ C1] ? __virt_addr_valid+0x5e/0x590 [ 412.639278][ C1] kasan_report+0xd9/0x110 [ 412.641184][ C1] ? xdp_do_check_flushed+0x41c/0x4e0 [ 412.656576][ C1] ? xdp_do_check_flushed+0x41c/0x4e0 [ 412.659038][ C1] xdp_do_check_flushed+0x41c/0x4e0 [ 412.661417][ C1] __napi_poll.constprop.0+0xd1/0x550 [ 412.664832][ C1] net_rx_action+0xa92/0x1010 [ 412.674195][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 412.676489][ C1] ? __pfx_mark_lock+0x10/0x10 [ 412.678444][ C1] ? kvm_sched_clock_read+0x11/0x20 [ 412.680523][ C1] ? sched_clock+0x38/0x60 [ 412.683691][ C1] ? sched_clock_cpu+0x6d/0x4d0 [ 412.704039][ C1] ? mark_held_locks+0x9f/0xe0 [ 412.710092][ C1] handle_softirqs+0x216/0x8f0 [ 412.716630][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 412.720164][ C1] irq_exit_rcu+0xbb/0x120 [ 412.723965][ C1] common_interrupt+0xb0/0xd0 [ 412.739180][ C1] [ 412.742865][ C1] [ 412.744360][ C1] asm_common_interrupt+0x26/0x40 [ 412.746389][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0xc/0x60 [ 412.748802][ C1] Code: c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 65 48 8b 15 94 54 79 7e <65> 8b 05 95 54 79 7e a9 00 01 ff 00 48 8b 34 24 74 0f f6 c4 01 74 [ 412.765722][ C1] RSP: 0018:ffffc90003597690 EFLAGS: 00000293 [ 412.769096][ C1] RAX: 0000000000000000 RBX: 0000000000000008 RCX: ffffffff81cfddc8 [ 412.772139][ C1] RDX: ffff88802a970000 RSI: ffffffff81cfddd5 RDI: 0000000000000001 [ 412.776846][ C1] RBP: 000000000000000b R08: 0000000000000001 R09: 0000000000000000 [ 412.796041][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 00007f5400de3000 [ 412.801156][ C1] R13: dffffc0000000000 R14: ffffea0000c23b40 R15: ffffc90003597ab8 [ 412.806053][ C1] ? unmap_page_range+0x1318/0x3c10 [ 412.809332][ C1] ? unmap_page_range+0x1325/0x3c10 [ 412.812343][ C1] unmap_page_range+0xacc/0x3c10 [ 412.819904][ C1] ? __pfx_unmap_page_range+0x10/0x10 [ 412.837489][ C1] ? uprobe_munmap+0x20/0x5d0 [ 412.840534][ C1] unmap_single_vma+0x194/0x2b0 [ 412.843749][ C1] unmap_vmas+0x22f/0x490 [ 412.846501][ C1] ? __pfx_unmap_vmas+0x10/0x10 [ 412.849659][ C1] ? __pfx_lock_release+0x10/0x10 [ 412.852893][ C1] ? lru_add_drain_cpu+0x454/0x860 [ 412.855718][ C1] exit_mmap+0x1b8/0xb20 [ 412.870830][ C1] ? __pfx_exit_mmap+0x10/0x10 [ 412.873855][ C1] __mmput+0x12a/0x480 [ 412.876471][ C1] mmput+0x62/0x70 [ 412.878916][ C1] do_exit+0x9bf/0x2bb0 [ 412.881553][ C1] ? get_signal+0x8f2/0x2770 [ 412.884573][ C1] ? __pfx_do_exit+0x10/0x10 [ 412.899274][ C1] do_group_exit+0xd3/0x2a0 [ 412.902211][ C1] get_signal+0x25fd/0x2770 [ 412.905086][ C1] ? __pfx_get_signal+0x10/0x10 [ 412.908157][ C1] ? __pfx_do_futex+0x10/0x10 [ 412.911423][ C1] arch_do_signal_or_restart+0x90/0x7e0 [ 412.915129][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 412.919342][ C1] ? ksys_write+0x1ab/0x260 [ 412.922346][ C1] ? __pfx_ksys_write+0x10/0x10 [ 412.925374][ C1] syscall_exit_to_user_mode+0x150/0x2a0 [ 412.928821][ C1] do_syscall_64+0xda/0x250 [ 412.931660][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 412.935361][ C1] RIP: 0033:0x7f5400d75f19 [ 412.938321][ C1] Code: Unable to access opcode bytes at 0x7f5400d75eef. [ 412.942996][ C1] RSP: 002b:00007f5401bc50f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 412.948469][ C1] RAX: fffffffffffffe00 RBX: 00007f5400f05f68 RCX: 00007f5400d75f19 [ 412.953501][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5400f05f68 [ 412.956778][ C1] RBP: 00007f5400f05f60 R08: 00007f5401bc56c0 R09: 00007f5401bc56c0 [ 412.959945][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5400f05f6c [ 412.963092][ C1] R13: 000000000000000b R14: 00007fff2f13bb00 R15: 00007fff2f13bbe8 [ 412.966154][ C1] [ 412.967395][ C1] [ 412.968343][ C1] The buggy address belongs to stack of task syz.3.1646/11117 [ 412.972831][ C1] and is located at offset 24 in frame: [ 412.976388][ C1] exit_mmap+0x0/0xb20 [ 412.979177][ C1] [ 412.980771][ C1] This frame has 2 objects: [ 412.983506][ C1] [32, 96) 'vmi' [ 412.983519][ C1] [128, 256) 'tlb' [ 412.985542][ C1] [ 412.988961][ C1] The buggy address belongs to the virtual mapping at [ 412.988961][ C1] [ffffc90003590000, ffffc90003599000) created by: [ 412.988961][ C1] kernel_clone+0xfd/0x980 [ 412.998348][ C1] [ 412.999681][ C1] The buggy address belongs to the physical page: [ 413.003033][ C1] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x20946 pfn:0x472dd [ 413.007613][ C1] memcg:ffff88802bb8c182 [ 413.010012][ C1] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 413.014530][ C1] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 413.020133][ C1] raw: 0000000000020946 0000000000000000 00000001ffffffff ffff88802bb8c182 [ 413.025815][ C1] page dumped because: kasan: bad access detected [ 413.030085][ C1] page_owner tracks the page as allocated [ 413.034065][ C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 10017, tgid 10017 (syz-executor), ts 404997571781, free_ts 404640680773 [ 413.044516][ C1] post_alloc_hook+0x2d1/0x350 [ 413.046461][ C1] get_page_from_freelist+0x1351/0x2e50 [ 413.048717][ C1] __alloc_pages_noprof+0x22b/0x2460 [ 413.050877][ C1] alloc_pages_mpol_noprof+0x275/0x610 [ 413.053042][ C1] __vmalloc_node_range_noprof+0xa6a/0x1520 [ 413.055369][ C1] copy_process+0x2f3b/0x8de0 [ 413.057453][ C1] kernel_clone+0xfd/0x980 [ 413.059299][ C1] __do_sys_clone+0xba/0x100 [ 413.061173][ C1] do_syscall_64+0xcd/0x250 [ 413.062997][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.065441][ C1] page last free pid 11076 tgid 11076 stack trace: [ 413.068058][ C1] free_unref_page+0x64a/0xe40 [ 413.070856][ C1] __folio_put+0x31c/0x3e0 [ 413.073757][ C1] free_page_and_swap_cache+0x249/0x2c0 [ 413.077298][ C1] tlb_remove_table_rcu+0x89/0xe0 [ 413.080609][ C1] rcu_core+0x828/0x16b0 [ 413.083383][ C1] handle_softirqs+0x216/0x8f0 [ 413.086658][ C1] irq_exit_rcu+0xbb/0x120 [ 413.089580][ C1] sysvec_apic_timer_interrupt+0x95/0xb0 [ 413.092366][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 413.096259][ C1] [ 413.097732][ C1] Memory state around the buggy address: [ 413.100991][ C1] ffffc90003597900: 00 f2 f2 f2 00 f2 f2 f2 00 00 f2 f2 00 00 00 00 [ 413.104022][ C1] ffffc90003597980: 00 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 [ 413.108002][ C1] >ffffc90003597a00: 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00 [ 413.112714][ C1] ^ [ 413.115342][ C1] ffffc90003597a80: 00 00 00 f2 f2 f2 f2 00 00 00 00 00 00 00 00 00 [ 413.118460][ C1] ffffc90003597b00: 00 00 00 00 00 00 00 f3 f3 f3 f3 00 00 00 00 00 [ 413.121613][ C1] ================================================================== [ 413.125102][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 413.128991][ C1] CPU: 1 UID: 0 PID: 11117 Comm: syz.3.1646 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 [ 413.133883][ C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 413.137908][ C1] Call Trace: [ 413.139215][ C1] [ 413.140363][ C1] dump_stack_lvl+0x3d/0x1f0 [ 413.142503][ C1] panic+0x6f5/0x7a0 [ 413.144361][ C1] ? __pfx_panic+0x10/0x10 [ 413.146336][ C1] ? check_panic_on_warn+0x1f/0xb0 [ 413.148949][ C1] check_panic_on_warn+0xab/0xb0 [ 413.152090][ C1] end_report+0x117/0x180 [ 413.154916][ C1] kasan_report+0xe9/0x110 [ 413.173831][ C1] ? xdp_do_check_flushed+0x41c/0x4e0 [ 413.177289][ C1] ? xdp_do_check_flushed+0x41c/0x4e0 [ 413.180640][ C1] xdp_do_check_flushed+0x41c/0x4e0 [ 413.183670][ C1] __napi_poll.constprop.0+0xd1/0x550 [ 413.187071][ C1] net_rx_action+0xa92/0x1010 [ 413.190110][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 413.193485][ C1] ? __pfx_mark_lock+0x10/0x10 [ 413.210266][ C1] ? kvm_sched_clock_read+0x11/0x20 [ 413.213033][ C1] ? sched_clock+0x38/0x60 [ 413.215982][ C1] ? sched_clock_cpu+0x6d/0x4d0 [ 413.219115][ C1] ? mark_held_locks+0x9f/0xe0 [ 413.222143][ C1] handle_softirqs+0x216/0x8f0 [ 413.225936][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 413.242087][ C1] irq_exit_rcu+0xbb/0x120 [ 413.245081][ C1] common_interrupt+0xb0/0xd0 [ 413.248125][ C1] [ 413.250028][ C1] [ 413.251927][ C1] asm_common_interrupt+0x26/0x40 [ 413.255108][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0xc/0x60 [ 413.259572][ C1] Code: c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 65 48 8b 15 94 54 79 7e <65> 8b 05 95 54 79 7e a9 00 01 ff 00 48 8b 34 24 74 0f f6 c4 01 74 [ 413.284874][ C1] RSP: 0018:ffffc90003597690 EFLAGS: 00000293 [ 413.288316][ C1] RAX: 0000000000000000 RBX: 0000000000000008 RCX: ffffffff81cfddc8 [ 413.291551][ C1] RDX: ffff88802a970000 RSI: ffffffff81cfddd5 RDI: 0000000000000001 [ 413.294652][ C1] RBP: 000000000000000b R08: 0000000000000001 R09: 0000000000000000 [ 413.297786][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 00007f5400de3000 [ 413.317131][ C1] R13: dffffc0000000000 R14: ffffea0000c23b40 R15: ffffc90003597ab8 [ 413.321606][ C1] ? unmap_page_range+0x1318/0x3c10 [ 413.333525][ C1] ? unmap_page_range+0x1325/0x3c10 [ 413.336153][ C1] unmap_page_range+0xacc/0x3c10 [ 413.338768][ C1] ? __pfx_unmap_page_range+0x10/0x10 [ 413.341572][ C1] ? uprobe_munmap+0x20/0x5d0 [ 413.350718][ C1] unmap_single_vma+0x194/0x2b0 [ 413.352846][ C1] unmap_vmas+0x22f/0x490 [ 413.354582][ C1] ? __pfx_unmap_vmas+0x10/0x10 [ 413.356551][ C1] ? __pfx_lock_release+0x10/0x10 [ 413.358606][ C1] ? lru_add_drain_cpu+0x454/0x860 [ 413.360664][ C1] exit_mmap+0x1b8/0xb20 [ 413.362464][ C1] ? __pfx_exit_mmap+0x10/0x10 [ 413.364600][ C1] __mmput+0x12a/0x480 [ 413.382511][ C1] mmput+0x62/0x70 [ 413.384076][ C1] do_exit+0x9bf/0x2bb0 [ 413.385869][ C1] ? get_signal+0x8f2/0x2770 [ 413.387840][ C1] ? __pfx_do_exit+0x10/0x10 [ 413.389717][ C1] do_group_exit+0xd3/0x2a0 [ 413.391525][ C1] get_signal+0x25fd/0x2770 [ 413.393353][ C1] ? __pfx_get_signal+0x10/0x10 [ 413.395305][ C1] ? __pfx_do_futex+0x10/0x10 [ 413.413288][ C1] arch_do_signal_or_restart+0x90/0x7e0 [ 413.415613][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 413.418165][ C1] ? ksys_write+0x1ab/0x260 [ 413.420176][ C1] ? __pfx_ksys_write+0x10/0x10 [ 413.421969][ C1] syscall_exit_to_user_mode+0x150/0x2a0 [ 413.424100][ C1] do_syscall_64+0xda/0x250 [ 413.425679][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.427690][ C1] RIP: 0033:0x7f5400d75f19 [ 413.429480][ C1] Code: Unable to access opcode bytes at 0x7f5400d75eef. [ 413.432226][ C1] RSP: 002b:00007f5401bc50f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 413.451542][ C1] RAX: fffffffffffffe00 RBX: 00007f5400f05f68 RCX: 00007f5400d75f19 [ 413.454710][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5400f05f68 [ 413.457777][ C1] RBP: 00007f5400f05f60 R08: 00007f5401bc56c0 R09: 00007f5401bc56c0 [ 413.461445][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5400f05f6c [ 413.464701][ C1] R13: 000000000000000b R14: 00007fff2f13bb00 R15: 00007fff2f13bbe8 [ 413.483884][ C1] [ 413.529090][ C1] Kernel Offset: disabled [ 413.532042][ C1] Rebooting in 86400 seconds.. VM DIAGNOSIS: 20:08:23 Registers: info registers vcpu 0 CPU#0 RAX=00000000002e3d67 RBX=0000000000000000 RCX=ffffffff8aef8869 RDX=0000000000000000 RSI=ffffffff8b2cc580 RDI=ffffffff8b90c480 RBP=fffffbfff1b12af8 RSP=ffffffff8d807e20 R8 =0000000000000001 R9 =ffffed100d606fe1 R10=ffff88806b037f0b R11=0000000000000000 R12=0000000000000000 R13=ffffffff8d8957c0 R14=ffffffff8fe74798 R15=0000000000000000 RIP=ffffffff8aef9c5f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b2fd0cff8 CR3=0000000040e92000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff813ce5ee ffffffff813ce671 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff813ce671 ffffffff813ce5ee ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff813ce5ee ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e4337 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e4344 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e433e ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e4352 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e43d8 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e44b6 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc0ad4488 00007fcbc0ad4480 00007fcbc0ad4478 00007fcbc0ad4450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc163d100 00007fcbc0ad4440 00007fcb00040008 0000000f0010000c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc0ad4498 00007fcbc0ad4490 00007fcbc0ad4488 00007fcbc0ad4480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000064 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fd91d5 RDI=ffffffff94e3f4a0 RBP=ffffffff94e3f460 RSP=ffffc900008b0778 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030303963666666 R12=0000000000000000 R13=0000000000000064 R14=ffffffff84fd9170 R15=0000000000000000 RIP=ffffffff84fd91ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fcbc03ddfa8 CR3=000000000d97c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff81567c97 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e4337 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e4344 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e433e ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e4352 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e43d8 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e44b6 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc0ad4488 00007fcbc0ad4480 00007fcbc0ad4478 00007fcbc0ad4450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc163d100 00007fcbc0ad4440 00007fcbc0ad4458 00007fcbc0ad44a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc0ad4498 00007fcbc0ad4490 00007fcbc0ad4488 00007fcbc0ad4480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88806b146800 RCX=ffffffff817e4c2b RDX=ffff88803dfa4880 RSI=ffffffff817e4c05 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90003777908 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed100d628d01 R13=0000000000000001 R14=ffff88806b146808 R15=ffff88806b240000 RIP=ffffffff817e4c07 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000000d97c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000004090001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1bb7122cc832d1 5a2d90f03d69b536 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b79f1136b39892e c6101ede8b190321 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bf702bda202c5e35 589b514fe71779f0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7ab53e5e387856f5 562674bcecce3596 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001d40 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000fb000000fb 0000c4822104d764 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0f5e444100000000 000000fb00000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 07f132f411a3d2de 87db46ddcc1d015b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00051b90210b3ef2 000000fb0501b4e8 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b41a45e8d5146721 0c8ae99da5754042 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 01309a68abc5cca0 00a0fc0565519ef9 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc19b8d4488 00007fc19b8d4480 00007fc19b8d4478 00007fc19b8d4450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc19c43d100 00007fc19b8d4440 00007fc19b8d0004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc19b8d4498 00007fc19b8d4490 00007fc19b8d4488 00007fc19b8d4480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000009 0000000000000000 0000000000000000 00000000000002d0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000002a3445 RBX=0000000000000003 RCX=ffffffff8aef8869 RDX=0000000000000000 RSI=ffffffff8b2cc580 RDI=ffffffff8b90c480 RBP=ffffed1002fda488 RSP=ffffc900001a7e08 R8 =0000000000000001 R9 =ffffed100d666fe1 R10=ffff88806b337f0b R11=0000000000000000 R12=0000000000000003 R13=ffff888017ed2440 R14=ffffffff8fe74798 R15=0000000000000000 RIP=ffffffff8aef9c5f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005555665cc808 CR3=000000002f94c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc6247c9d0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e4337 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e4344 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e433e ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e4352 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e43d8 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc09e44b6 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000