last executing test programs: 1.996175886s ago: executing program 3 (id=262): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="0500000000000000000000000000000300", @ANYRES32, @ANYBLOB="080005"], 0x24}}, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000400500040000000000050005000a00000014000780050015000600000008001240"], 0x60}}, 0xc0) 1.836362283s ago: executing program 3 (id=265): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000200)=@delnexthop={0x18, 0x69, 0xb}, 0x18}, 0x1, 0x88a8ffffffffffff, 0x0, 0x28040000}, 0x4000000) 1.772050215s ago: executing program 3 (id=266): sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x140c, 0x400, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_RES_CQN={0x8, 0x3d, 0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x40001}, 0x20088005) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x44, 0x1, 0x9, 0x401, 0x0, 0x0, {0x3}, [@NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0xf}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x9}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x5}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x6}, @NFCTH_STATUS={0x8}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x17}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000008}, 0x400c000) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10840401}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)={0xd8, 0x0, 0x1, 0x3, 0x0, 0x0, {0x5, 0x0, 0x1}, [@CTA_TIMEOUT={0x8}, @CTA_TUPLE_REPLY={0x7c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @rand_addr=' \x01\x00'}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}, @CTA_MARK_MASK={0x8}, @CTA_PROTOINFO={0x8, 0x4, 0x0, 0x1, @CTA_PROTOINFO_TCP={0x4}}, @CTA_FILTER={0x1c, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x222}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x502}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x20}]}, @CTA_FILTER={0x14, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x110}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0xa21}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x4044090}, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000480)=[@textreal={0x8, &(0x7f0000000400)="0f01eef30f1ed966b97809000066b83e9d000066ba000000000f30ba400066b88000c0fe66ef0f01c30f01c90f20c06635200000000f22c03e0fc71a0f20d86635200000000f22d82e0f01c2", 0x4c}], 0x1, 0x70b90e7a1789e19b, &(0x7f00000004c0)=[@dstype3={0x7, 0x2}], 0x1) r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000500), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000540)={{0x5c662db96dd9dd3a, 0x0, 0x3, 0x3, 0x7}}) r3 = socket$inet_udp(0x2, 0x2, 0x0) unlinkat(r3, &(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200) rmdir(&(0x7f00000015c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') r4 = socket$pppl2tp(0x18, 0x1, 0x1) setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r4, 0x111, 0x3, 0x1, 0x4) r5 = socket(0x9, 0x6, 0x3) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r3, 0x89f8, &(0x7f0000002700)={'tunl0\x00', &(0x7f0000002640)={'erspan0\x00', 0x0, 0x10, 0x1, 0x8, 0xb, {{0x1b, 0x4, 0x2, 0x1, 0x6c, 0x66, 0x0, 0x63, 0x45f06921e9062164, 0x0, @loopback, @multicast2, {[@cipso={0x86, 0x41, 0x2, [{0x0, 0x12, "d1dc904581cdc53bc656b8405f5fb1ee"}, {0x7, 0xf, "f292346b16005c114d42e8d3de"}, {0x1, 0xe, "d66f8e75b88bdb5506b91118"}, {0x6, 0xc, "1631f20d320dd5722346"}]}, @timestamp={0x44, 0x14, 0xec, 0x0, 0x8, [0x0, 0x5, 0x0, 0x1]}, @end]}}}}}) sendmsg$nl_route_sched(r5, &(0x7f0000002800)={&(0x7f0000002600)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000027c0)={&(0x7f0000002740)=@newqdisc={0x5c, 0x24, 0x10, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0xe, 0x8}, {0xffff, 0x2a375a76a47ad8a9}, {0xfff3, 0x6}}, [@TCA_STAB={0x30, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x3, 0x8, 0x9b4, 0x40, 0x1, 0x4, 0xfffffffd, 0x5}}, {0xe, 0x2, [0x8dff, 0x1, 0x8, 0x6, 0x40]}}]}, @TCA_RATE={0x6, 0x5, {0x3d, 0x6c}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x11) r7 = openat(0xffffffffffffffff, &(0x7f0000002840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x400, 0x10) bpf$PROG_BIND_MAP(0x23, &(0x7f0000003880)={r7, r7}, 0xc) ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f00000038c0)={0x10, 0x0, 0x1, 0x8000000000000001, 0x6fe, 0xf}) ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f0000003900)={'\x00', 0x4, 0x6, 0x200, 0x7, 0x100000001, 0xffffffffffffffff}) sched_setaffinity(r8, 0x8, &(0x7f0000003980)=0x6) socket$kcm(0x29, 0x2, 0x0) sendfile(r4, r7, &(0x7f00000039c0)=0x1, 0x3ff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r7, 0xc08c5332, &(0x7f0000003a00)={0xa, 0x4936db34, 0x1, 'queue0\x00', 0x4}) r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000003ac0), 0x1112c0, 0x0) ioctl$BLKGETSIZE64(r9, 0x80081272, &(0x7f0000003b00)) ioctl$BLKTRACESTART(r2, 0x1274, 0x0) ioctl$VIDIOC_S_MODULATOR(r7, 0x40445637, &(0x7f0000003b40)={0x6, "c1236718395f61d0b785d3eac7b36de83cc0e836ded07d3df26c2f0d2d29f5c9", 0xc01, 0x10001, 0xf, 0x4, 0x1}) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000003bc0)=0x1) write$binfmt_misc(r7, &(0x7f0000003c00)="c9345e13fcfd67625167dc68ad03776307d56b4232b916f299800a01613a88aa144bebe907a10dae05b8fffdf01156fa07e364b70be11ba8164bf180f0c737b3e558602cb291dfb19d92cbf85e2dd8bd48db695bbee8acb1abbd399781af0f4f288df72cd83f8116eccf8d7f57e4df89e4c1c63258d048ad5896ed39152ba64e857d3429e123ff4293f576481e2459d78b4c79b3e76811a61b5a390bfcb00da03d4a2158cfa16363d17062889c4ef8311ed32326d739566af064ed2675297d78faf830e8d59744441aae7c3e5e60cbc2e82afa2cf460ac", 0xd7) 1.618486858s ago: executing program 1 (id=270): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, 0x0, 0x0) pipe2$9p(0x0, 0x0) mount(&(0x7f00000001c0)=@sr0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000200)='ocfs2\x00', 0x21000d, 0x0) (fail_nth: 23) 1.503666768s ago: executing program 3 (id=271): r0 = socket(0x2, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x4) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000340)={0x2, 0x0, 0x0, 0x7}) chdir(&(0x7f0000000280)='./file0\x00') setsockopt$inet_int(r0, 0x0, 0xb, 0x0, 0x0) socket$tipc(0x1e, 0x5, 0x0) r1 = syz_usb_connect(0x3, 0x36, 0x0, 0x0) r2 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114db, 0x1000, 0x2, 0x89}, &(0x7f0000000440)=0x0, &(0x7f0000000040)=0x0) symlinkat(&(0x7f00000004c0)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x589fd5d8790e560, &(0x7f0000000380)=0x3, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780}) io_uring_enter(r2, 0x3516, 0x10008256, 0x12, 0x0, 0x0) syz_usb_disconnect(r1) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x380000000000004, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f0000000040)={0x14, 0x2, 0x1, "110100005c000000463300", 0x49433553}) r6 = creat(&(0x7f0000000080)='./file0\x00', 0x42) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, {0xee00, 0xee01}}, './file0\x00'}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x9, 0x4, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="28000000210001"], 0x28}, 0x1, 0x0, 0x0, 0x20040001}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) socket(0x10, 0x3, 0xffffffff) sendmmsg(r7, &(0x7f0000000000), 0x0, 0x0) r9 = getegid() ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r6, 0xc018937b, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r5, {r8, r9}}, './file0\x00'}) r10 = socket$inet(0x2, 0x3, 0xd) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000490000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) openat$ppp(0xffffffffffffff9c, &(0x7f0000000400), 0x6f4e40, 0x0) socketpair(0x21, 0x5, 0x9, &(0x7f0000000300)) getsockopt$inet_mreqsrc(r10, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28) 1.503528115s ago: executing program 2 (id=272): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2800000012000100000000000000001f00000000bcfc"], 0x28}, 0x1, 0x0, 0x0, 0x2000}, 0x0) 1.396598911s ago: executing program 1 (id=274): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = memfd_create(&(0x7f0000001cc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc0sr\x95\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\x00\x01\x00\x00\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0) execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) mknodat(0xffffffffffffff9c, &(0x7f0000000400)='./file7\x00', 0x21c0, 0x103) r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file7\x00', &(0x7f0000000080)={0x20100, 0x10, 0x28}, 0x18) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r3}, 0x18) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0xc010) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000101040000000020000000000008010600124000000000"], 0x1c}}, 0x10) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r7, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r9, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}, 0x1, 0x0, 0x0, 0x8010}, 0x0) close(r4) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)) ioctl$SIOCSIFHWADDR(r4, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"}) ioctl$SIOCSIFHWADDR(r4, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"}) mount_setattr(r2, &(0x7f00000000c0)='./file7\x00', 0x8800, &(0x7f0000000100)={0x100000, 0xf6, 0x40000}, 0x20) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'bond_slave_0\x00', &(0x7f0000000180)=@ethtool_ringparam={0x13, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}}) 1.222543651s ago: executing program 2 (id=275): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x1c, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x800}, @nested={0x6, 0x11, 0x0, 0x1, [@generic="2fe5"]}]}, 0x1c}], 0x1}, 0x0) (fail_nth: 4) 984.942555ms ago: executing program 0 (id=278): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x44, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0xa00}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_AGEING_TIME={0x8, 0x8, 0xffffa888}, @IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x7}]}}}]}, 0x44}}, 0x4008080) 889.89935ms ago: executing program 2 (id=279): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c00000010000104000000000000000000000020", @ANYRES32=r2, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c000280080007003b070000050006"], 0x4c}}, 0x0) 755.822851ms ago: executing program 1 (id=280): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000009060102000000e0ffffff00000000000900020073797a310000006005000100070000001c0007800c00018008000140ffffffff0c000280"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4) 755.430494ms ago: executing program 0 (id=281): r0 = socket$alg(0x26, 0x5, 0x0) r1 = accept4$ax25(0xffffffffffffffff, &(0x7f0000000740)={{0x3, @bcast}, [@rose, @rose, @default, @null, @rose, @remote, @rose, @default]}, &(0x7f00000007c0)=0x48, 0x1000) ioctl$SIOCAX25GETINFO(r1, 0x89ed, &(0x7f0000000840)) bind$alg(r0, &(0x7f00000005c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000700)='veth0_vlan\x00', 0x10) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r2 = accept4(r0, 0x0, 0x0, 0x800) sendmsg$nl_route_sched_retired(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000007100)=@deltfilter={0x4b0, 0x2d, 0x300, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0x3}, {0xd, 0x7}, {0xfff3}}, [@f_rsvp={{0x9}, {0x480, 0x2, [@TCA_RSVP_SRC={0x8, 0x3, @broadcast}, @TCA_RSVP_POLICE={0x468, 0x5, [@TCA_POLICE_RESULT={0x8, 0x5, 0x2}, @TCA_POLICE_RATE={0x404, 0x2, [0x7, 0xa1, 0xf, 0xff, 0x7e, 0x200, 0xecb2, 0x1ff, 0x81, 0x0, 0x7f, 0x101bc, 0x2744, 0xffffff77, 0x6, 0xa5b, 0x12000, 0xd37, 0x9, 0xffffffff, 0x2, 0x0, 0x9, 0x200, 0x5, 0x8, 0x7, 0xfc0b, 0x7, 0x5, 0x3ff, 0x1, 0x3, 0x8, 0x6, 0xf5, 0x9, 0x2, 0xfd, 0x8bed, 0x4, 0xfffffffc, 0xa83, 0x8000, 0x1, 0x4, 0x9, 0xf, 0x0, 0x7, 0x4, 0x8, 0x800, 0x1, 0x36, 0x5, 0x10000, 0x0, 0x65, 0xe, 0xfffff801, 0x6, 0x0, 0x3, 0x8, 0x10, 0xd5c3, 0x6, 0x401, 0x7, 0x7, 0xb, 0x2, 0xfffffff5, 0x7, 0x9, 0x7, 0x4, 0x7, 0x4, 0x200000, 0x6, 0xffff0001, 0xf, 0x9, 0x5, 0xd3e, 0x0, 0x7, 0x7, 0x81, 0x7ff, 0x2, 0xffff0000, 0x7ff, 0xeac, 0x0, 0x5, 0x10001, 0x0, 0x0, 0x1fe, 0x0, 0x6, 0x73e7, 0xe5, 0x200, 0x2, 0x5, 0x5, 0x7fff, 0x9a77, 0xfb, 0x8, 0x80, 0x7, 0x84, 0xfffffffd, 0x2, 0x4, 0x3, 0x98, 0x7fffffff, 0x72, 0x9, 0x599d, 0x4, 0x9, 0xa09, 0x5, 0x0, 0x9, 0x80, 0x1, 0x20000000, 0x10001, 0x7, 0x7, 0x1, 0x4, 0x80000001, 0x7, 0x0, 0x2db, 0x2, 0xf, 0x0, 0x1, 0x1, 0x3, 0x53, 0x7ff, 0x10000, 0xf7, 0x5, 0x0, 0x49, 0x7fffffff, 0x0, 0x3ff, 0x2, 0x6, 0x0, 0x100, 0x3, 0xfffffffb, 0x4ecd, 0x6, 0xffffff98, 0x4, 0xfffffffb, 0x8, 0x81f, 0x1, 0x5, 0x8, 0x6, 0x3, 0x5, 0x75f1, 0x1, 0xe0, 0x6, 0x0, 0x7, 0x7000, 0x1, 0x6, 0x6, 0x8, 0x7, 0x4, 0x3, 0x0, 0x2, 0x8, 0x4, 0x2, 0x2, 0xffffc0e4, 0x6, 0x1, 0x80000000, 0x9, 0x3f185ac6, 0x8, 0x5, 0x5, 0x8534, 0x2, 0x7f, 0x5, 0x4e46, 0x1cd7, 0xc1f, 0xf5, 0x4d1, 0x8, 0x8, 0xd1, 0x3, 0x1000, 0x6, 0x37db, 0x164, 0x2, 0x2, 0x0, 0x356, 0x1ff, 0x3, 0x5, 0x2, 0x10, 0x3, 0x4, 0xfffff001, 0xe, 0x0, 0x0, 0x3, 0x0, 0x6, 0x7, 0x6, 0x7fffffff, 0x4, 0x10001, 0x0, 0x3, 0x0, 0x3, 0x8000, 0x2, 0x100, 0x5]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x6}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x10000000, 0x2, 0x4, 0x1, {0x2, 0x2, 0xa008, 0x3, 0x0, 0x8}, {0x7, 0x0, 0x8, 0x1, 0x2, 0x3}, 0x9, 0x7bbe, 0x10000}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x7b}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x7}]}, @TCA_RSVP_SRC={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x14}}, @TCA_RSVP_ACT={0x4}]}}]}, 0x4b0}, 0x1, 0x0, 0x0, 0x24000045}, 0x4800) sendmsg$alg(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000000)="3b42977378ab2bcbb76d49e38d176a18bf45b7ab41f3ffbb885ffb1c54674cb6cd10", 0x22}, {&(0x7f0000000040)="938b04ac6dbcc8ad03356ab224a6e233ca6d746729cef1c718c72c580ce8978466242bf289a3b5241bed9796f6d0cf14d4a99ec3f4b582f2ef2f9c45371fd612d4a0489c4a01d91950167a552b95eaf311cae6", 0x53}, {&(0x7f00000000c0)="dc3b7d67fa37e0126dc2b61896606992482e2f21fa079ac31717cf24b24baff106d31919524121d6280144aaaa141334a041e4abc2ff6516acfb930291dc4de36d58ee8e5d5c7c09b8ae58", 0x4b}, {&(0x7f0000000140)="2abdb98148bf55feec31dca4fa9edd569f19cbc2d34450c737de3bbb83c08d33a119fc29b34664007cc060421effd7016b045a7017c62b0e900c25b7f5228ca78e3cd5de4b888d15454b73260e1b110ed54c0735ba5e0e9abb98d44e087ee5a7ab8f4a69effaac5da78f08b4da1e1b315498bcec196a55591d498b581df4b0b387c1b2ac5daefd665b5c", 0x8a}, {&(0x7f0000000200)="76a3f2e4d4bccc5029dc8f695c324f23e99bfdb555d28df345d02149d2f41043a914718bcdc36b180a9bba5856574698fa084174167b91f9711546a008201c68845d50a33657050b217f04", 0x4b}, {&(0x7f0000000380)="8369cfadb933c2032c4ccd5ec36c4ff18316f7fc107308e4cd0a3deedb0a4efe6d4d4456f1b6627315c8d25835640c8322b568fd30192630d90fc69f8c1b63b9dbd4ddac083609c2ceb83e0eafac7ee1291c7059e9773d7c0a0ccd608873676abf1583354abb6244734d539d1255220c5fb79d00f7957b9065cd17fba0d1be8760b17908b2c0f0b8cc17e55a7e8e0827d99526b04a3193bc93afab0dca5f396510985803ddc7239b820cd0e48ce89249864bd59c9f59d70cb1e580ea3ffeced415d4162d103cc862d43769e92247159e264fdf71faf9d1aa3ad9aa13e047ba25879c4856812e537b", 0xe8}, {&(0x7f0000000480)="bcc0613a8922b30d61320f66dd945826c9212e378d87409377e7f4585a72f3a2b775d44e5dbd2c0893a26fb5b5f25be81296e24262c6235e9447114c2135e485931a71f4420f3833a48f3c939df07dc20a3848d2ce393b4bc967c261555ffb0acd3a50327b890086285cf93ddddce70a7f3085d48025d3c6846d1e177e61b5cfcdc5", 0x82}, {&(0x7f0000000280)="fdc2a75f832d29ba3201abb01a1b0ed1657987272bb54ffcd9242215e8d2ae6382fe8ed0a7cc8cb28c1068ad915ccac3aa9a235952632dbd6fd913ac898ac07c83106f596ee22194b34837df75990d4a3fa9d87c2adb2fb6583973952f8b71f5e331e6", 0x63}], 0x8, &(0x7f0000000640)=[@assoc={0x18, 0x117, 0x4, 0xe}, @assoc={0x18, 0x117, 0x4, 0x7}, @assoc={0x18, 0x117, 0x4, 0xc}], 0x48, 0x4}, 0x10) recvmmsg$unix(r2, &(0x7f0000000940)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000001500)=""/4096, 0x1000}], 0x1}}], 0x1, 0x1, 0x0) 676.607701ms ago: executing program 0 (id=282): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000500000000010000000000200e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0) 676.003451ms ago: executing program 2 (id=283): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB="280000002100010000000000000000000a00000000000000000000000c0014"], 0x28}}, 0x0) syz_io_uring_setup(0x2468, &(0x7f00000000c0)={0x0, 0x839c, 0x8, 0xfefff7ff, 0x2a9}, 0x0, 0x0) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x14) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_KEY(r1, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r2, @ANYBLOB="01000000000000000000170000000c00060001000000010000000c01308014000400976f1044852bca665354bd217b6b9037200001800c000500040000020000020008000100030000000500020003000000050002"], 0x12c}, 0x1, 0x0, 0x0, 0x24004821}, 0x0) socket$nl_route(0x10, 0x3, 0x0) (async) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB="280000002100010000000000000000000a00000000000000000000000c0014"], 0x28}}, 0x0) (async) syz_io_uring_setup(0x2468, &(0x7f00000000c0)={0x0, 0x839c, 0x8, 0xfefff7ff, 0x2a9}, 0x0, 0x0) (async) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x14) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff) (async) sendmsg$NL802154_CMD_NEW_SEC_KEY(r1, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r2, @ANYBLOB="01000000000000000000170000000c00060001000000010000000c01308014000400976f1044852bca665354bd217b6b9037200001800c000500040000020000020008000100030000000500020003000000050002"], 0x12c}, 0x1, 0x0, 0x0, 0x24004821}, 0x0) (async) 515.171578ms ago: executing program 0 (id=284): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2800000012000100000000000000002000000000bcfc"], 0x28}, 0x1, 0x0, 0x0, 0x2000}, 0x0) 514.505713ms ago: executing program 3 (id=285): r0 = socket$kcm(0xa, 0x0, 0x106) sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000011) r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x1f, 0x0) ioctl$I2C_TENBIT(r1, 0x704, 0x1) ioctl$I2C_SLAVE(r1, 0x703, 0x0) sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x80, 0x0}, 0xe07e872420dfefca) r2 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="1400000023000b6c8cfffdfccabb00f90429fc60", 0x14}], 0x1}, 0x4008005) 514.359675ms ago: executing program 1 (id=286): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) (async) sendmmsg$inet(r0, &(0x7f0000001c00)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)="5ad18a4d0725df", 0x7}], 0x1, &(0x7f0000000480)=[@ip_retopts={{0x2c, 0x0, 0x7, {[@timestamp_prespec={0x44, 0xc, 0xd9, 0x3, 0x2, [{@dev={0xac, 0x14, 0x14, 0x26}}]}, @generic={0x44, 0xa, "190d96c6f1b95d9f"}, @lsrr={0x83, 0x3, 0x8b}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @empty}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1}}], 0x68}}, {{&(0x7f0000000400)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000780)=[{&(0x7f0000000580)="3f6ea989d9a8ca877a311c240739e415db05fb2b7e28f6de1fa28c004374908b1172e80c6d85f2e57e22ed95426d4ed58bddd1e57a7e4b7cdda91390d9d22e3984f996d8eb988275f7d175d5e6940dfc973c808131d7abe9d349faf6130e03f8dc912e8369463c2d9565dffcca4ba3e125154357a8dbb9dfa9ae81009289d962b4675e4a787f0dc79414ba3684785bf347dcad43e9a98c52112fbdced2d575848079e082a0a14375f9985b22dc1ece5d5eab3e27d9e01244cf5497506d26701e7fa2f5", 0xc3}, {&(0x7f0000000680)="ceb83bbfa6e23da5cb1c7e7735051c16d441d326bc387c3228d1bf5b1b91ab6498597da1d5c259f9d751a8b1f838bb159fd62b298e50ed14b1ce58143c7c1bac3c0f6ee954244a0b5d1a5afbd7b245a6f023e74475c809763f69a089397061c248d2547cd71ddc03a2f0dd1825e17eb8bb11c2562718395cda54b0e55647a05408d2b382e62aaad75302f0dbdede766e919a672aac635a1220c854c1af44424ae541b0c5035795f8ebaa5d98d44aa242b3a1a0cb27b986268d132bece17babb940241a517aa393138c0fa69ec64070c808411fc39a6b5b2aa4c94a7249", 0xdd}], 0x2, &(0x7f0000000880)=[@ip_retopts={{0x34, 0x0, 0x7, {[@timestamp_addr={0x44, 0x4, 0xb6, 0x1, 0xb}, @timestamp_addr={0x44, 0x1c, 0x5c, 0x1, 0x6, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, {@empty, 0x5}, {@empty, 0x3}]}, @timestamp={0x44, 0x4, 0x87, 0x0, 0xf}]}}}, @ip_retopts={{0x10}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x80}}, @ip_retopts={{0x14, 0x0, 0x7, {[@timestamp_addr={0x44, 0x4, 0x23}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x64010102, @private=0xa010101}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @dev={0xac, 0x14, 0x14, 0x1c}}}}], 0xd0}}, {{&(0x7f0000000a40)={0x2, 0x4e23, @multicast1}, 0x10, &(0x7f0000000b80)=[{&(0x7f0000000a80)="b8cf28979cbb8475fd79c8600cf76154d8113d7c64eae0b4efd4c320654d7602c0e1c5f621bd6696f1f727f8782af468af2cb2c3239011b9854da2e843aa78088c723898d197a4ec7b839680f1ee004f0c38c677a94cc68a3cdaf239067720b65e466d6db7241b3c536b4741c090d6f136ae463b56fe170cd5a632bf1b02d55bde9c489042dce0eee4ed78dd3d5a2106ea6d40fc5edfcd43f0c1b866018af934ce4caac245710378c7fcfa5ee4131d737019c3758eb815857605fc5a5fbeca5fc88b178356fa5141d974f3c5c42f78f81aae28ef78d1130eedcf4077eb3ef128c960124a517937f3945b4e87842f279077f32466a62fcd711ef494dcabeaf4", 0xff}], 0x1, &(0x7f0000000c40)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback}}}], 0x20}}], 0x3, 0x40080) (async) r1 = socket(0x22, 0x2, 0x24) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="20c13d101b", 0x5) 305.384145ms ago: executing program 0 (id=287): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000fffffff00005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) 305.250503ms ago: executing program 2 (id=288): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f0000000880)=ANY=[@ANYBLOB="2c020000", @ANYRES16, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d7843e40108804400208024000100000000000100000000000000fdffff01000000000000000000000000000000001400040003000000ac1414bb00000000000000000600050000000000000100802400020073e591ec06154031d3954ac0e16752e72640f08b5281a8461d17d26d12f2bbb6060005000021000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39228c00098028000080060001000a0000001400020020010000000000000000000002000001050003000000000088000080060001000a000000140002002001000000f800000000000000000002050003000000001003800080060001008c0e000008000200ac1414aa05000300000000001c000080060001000200000008000200ac1414bb0500030000000000200004000e00000000000000fe800000000000000000000000000000000000009c0000802400020073961633df6dc9cb418b15afd0bae7b90f1e6cfed8bb423cf9285c474163154908000a00010000002400010000000000000000000000000000000000000000000000000000000000000000004800098028000080060001000a00000014000200fe8000000000000000000000000000bb05000300000000001c000080060001000200000008000200000000000500030000000000080005000100000008000100", @ANYRES32=r1], 0x22c}}, 0x0) 177.553284ms ago: executing program 2 (id=289): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = signalfd4(r0, &(0x7f0000000100)={[0x1917eb3]}, 0x8, 0x800) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000580), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000420000000e0001006e657464657673696d0000000f0002006e6574646599e4ca81922dc6ea154f5b0b32398c5673696d3000000d0087006c325f64726f70730000000008008e0000000000"], 0x4c}}, 0x0) sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r1, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x340}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)={0x100, r2, 0x20, 0x70bd25, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xfffffff7}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4c3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x9}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xb}}]}, 0x100}, 0x1, 0x0, 0x0, 0x20004004}, 0x1000) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000100000000000000000000008500000087000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = socket(0x10, 0x2, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000080)={0x8}, 0x10) write(r5, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) recvmmsg(r5, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f0800", 0x0, 0xfe29, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x5d) sendmsg$NFT_BATCH(r0, 0x0, 0x0) pipe2$9p(0x0, 0x0) mount(&(0x7f00000001c0)=@sr0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000200)='ocfs2\x00', 0x21000d, 0x0) 177.167623ms ago: executing program 0 (id=290): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r0, &(0x7f0000000780)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x1, @local, 0x1}, 0x1c, &(0x7f0000001780)=[{&(0x7f0000000040)="a4", 0x1}], 0x1}}, {{&(0x7f00000000c0)={0xa, 0x4e22, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c, &(0x7f00000005c0)=[{&(0x7f00000003c0)="cffb995df1", 0x5}], 0x1}}], 0x2, 0x0) shutdown(r0, 0x1) setsockopt(r0, 0x84, 0x83, &(0x7f00000002c0)="1a00000002000000", 0x8) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') renameat2(0xffffffffffffff9c, &(0x7f00000008c0)='./file4\x00', 0xffffffffffffff9c, &(0x7f0000000900)='./file7\x00', 0x0) mknod$loop(&(0x7f0000000400)='./file4\x00', 0x6000, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000), 0xa002, 0x0) ioctl$IOCTL_STOP_ACCEL_DEV(r1, 0x40096101, &(0x7f0000000340)={{}, 0x7}) open(&(0x7f0000000040)='./file1\x00', 0x20000, 0xc) r2 = socket$kcm(0x2, 0x0, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8923, &(0x7f00000007c0)={'batadv0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x12}}) 176.880102ms ago: executing program 1 (id=291): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x44, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0xc00}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_AGEING_TIME={0x8, 0x8, 0xffffa888}, @IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x7}]}}}]}, 0x44}}, 0x4008080) 194.199µs ago: executing program 1 (id=292): ioctl$F2FS_IOC_WRITE_CHECKPOINT(0xffffffffffffffff, 0xf507, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000200), 0x10001, 0x40) ioctl$SG_GET_KEEP_ORPHAN(r0, 0x2288, &(0x7f0000000240)) ioctl$SG_EMULATED_HOST(r0, 0x2203, &(0x7f0000000400)) socket$packet(0x11, 0x2, 0x300) (async) socket$packet(0x11, 0x2, 0x300) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = userfaultfd(0x1) ppoll(&(0x7f00000005c0)=[{r2, 0x4}], 0x1, 0x0, 0x0, 0x0) (async) ppoll(&(0x7f00000005c0)=[{r2, 0x4}], 0x1, 0x0, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[], 0x30}}, 0x0) (async) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[], 0x30}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x4aa4) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), r3) sendmsg$IEEE802154_LLSEC_DEL_KEY(r3, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010029bd7000fedbdf25280000000a0001007770616e3000000005002e00c400000005002b0001080000"], 0x30}, 0x1, 0x0, 0x0, 0x4008000}, 0x48004) r5 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_LIST(r3, &(0x7f0000000180)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r5, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0xf34f22e580c7c36e}, 0x2091) (async) sendmsg$NLBL_CALIPSO_C_LIST(r3, &(0x7f0000000180)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r5, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0xf34f22e580c7c36e}, 0x2091) socket$pppoe(0x18, 0x1, 0x0) (async) r6 = socket$pppoe(0x18, 0x1, 0x0) bind$qrtr(0xffffffffffffffff, &(0x7f0000000040)={0x2a, 0x0, 0x4001}, 0xc) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$MAP_GET_NEXT_KEY(0x15, 0x0, 0x0) (async) bpf$MAP_GET_NEXT_KEY(0x15, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000570600000fff07006706000002000000070600000ee60000bf150000000000003d6500000000000065070000021c0000070700004c0000001f750000000000006154000000000000070400000400f9ffad4301000000000095000000000000000500000000000020950000000000000096669e8e4da2f09183bb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="040e07802d0c09"], 0xa) (async) syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="040e07802d0c09"], 0xa) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@gettaction={0x48, 0x32, 0x400, 0x70bd2a, 0x25cfdbfd, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1, 0x1}}, @action_gd=@TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4000009}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x81f7}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040810) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bond0\x00', 0x0}) sendmsg$nl_route(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c00000010000304000000d9ff00000000000400", @ANYRES32=r8, @ANYBLOB="60bc010004a701003c00128009000100626f6e64000000002c"], 0x5c}, 0x1, 0x0, 0x0, 0x11}, 0x4000044) (async) sendmsg$nl_route(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c00000010000304000000d9ff00000000000400", @ANYRES32=r8, @ANYBLOB="60bc010004a701003c00128009000100626f6e64000000002c"], 0x5c}, 0x1, 0x0, 0x0, 0x11}, 0x4000044) syz_open_dev$sndmidi(&(0x7f00000001c0), 0x5, 0x200) connect$pppoe(r6, &(0x7f0000000040)={0x18, 0x0, {0x4, @random="bb7fb37b9489", 'bond0\x00'}}, 0x1e) (async) connect$pppoe(r6, &(0x7f0000000040)={0x18, 0x0, {0x4, @random="bb7fb37b9489", 'bond0\x00'}}, 0x1e) r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0200ed7f00000000000000000000000000000000ae3a9b969af732dbaf70ee58e48075d1732d92307a6810dea31d02bffd904140f40e721ee820689497f25b75a5a126fb3967ef811811372e927f77b783a13d519c961a3e39de28ff91aa07fd2df6be7ad94eac0db8872523284bbfd20fed82720da7ac9bb76126abb19d9e71eac0afd569416548c665e461421d3b08fceb2373fe5ee09ef284b114", @ANYRES32=0x0, @ANYBLOB=' \x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000200"/28], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000060000000000000004000000b708000000000000dbaaf879f1000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b705000008000000850000006a0000009500000000000000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000060000000000000004000000b708000000000000dbaaf879f1000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b705000008000000850000006a0000009500000000000000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 0s ago: executing program 3 (id=293): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a1810005000000000100000000003f0e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0) kernel console output (not intermixed with test programs): [ 101.593432][ T40] audit: type=1400 audit(1750289578.705:57): avc: denied { transition } for pid=5861 comm="sshd-session" path="/bin/sh" dev="sda1" ino=90 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 101.657122][ T40] audit: type=1400 audit(1750289578.705:58): avc: denied { noatsecure } for pid=5861 comm="sshd-session" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 101.674731][ T40] audit: type=1400 audit(1750289578.735:59): avc: denied { write } for pid=5861 comm="sh" path="pipe:[6016]" dev="pipefs" ino=6016 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 101.691251][ T40] audit: type=1400 audit(1750289578.735:60): avc: denied { rlimitinh } for pid=5861 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 101.706344][ T40] audit: type=1400 audit(1750289578.735:61): avc: denied { siginh } for pid=5861 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:52041' (ED25519) to the list of known hosts. [ 104.099380][ T40] audit: type=1400 audit(1750289581.225:62): avc: denied { name_bind } for pid=5910 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 104.172412][ T40] audit: type=1400 audit(1750289581.295:63): avc: denied { write } for pid=5912 comm="sh" path="pipe:[3768]" dev="pipefs" ino=3768 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 104.268772][ T40] audit: type=1400 audit(1750289581.395:64): avc: denied { execute } for pid=5912 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 104.295094][ T40] audit: type=1400 audit(1750289581.395:65): avc: denied { execute_no_trans } for pid=5912 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 109.930818][ T40] audit: type=1400 audit(1750289587.065:66): avc: denied { mounton } for pid=5912 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 109.936326][ T5912] cgroup: Unknown subsys name 'net' [ 109.948236][ T40] audit: type=1400 audit(1750289587.065:67): avc: denied { mount } for pid=5912 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 109.976382][ T40] audit: type=1400 audit(1750289587.105:68): avc: denied { unmount } for pid=5912 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 110.323542][ T5912] cgroup: Unknown subsys name 'cpuset' [ 110.349382][ T5912] cgroup: Unknown subsys name 'rlimit' [ 110.581151][ T40] audit: type=1400 audit(1750289587.715:69): avc: denied { setattr } for pid=5912 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=850 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 110.591762][ T40] audit: type=1400 audit(1750289587.715:70): avc: denied { create } for pid=5912 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 110.657836][ T40] audit: type=1400 audit(1750289587.715:71): avc: denied { write } for pid=5912 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 110.676272][ T40] audit: type=1400 audit(1750289587.715:72): avc: denied { read } for pid=5912 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 110.729236][ T40] audit: type=1400 audit(1750289587.735:73): avc: denied { mounton } for pid=5912 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 110.746880][ T40] audit: type=1400 audit(1750289587.735:74): avc: denied { mount } for pid=5912 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 110.769513][ T5938] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 110.781819][ T40] audit: type=1400 audit(1750289587.735:75): avc: denied { read } for pid=5651 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 112.863170][ T5912] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 113.912087][ T840] cfg80211: failed to load regulatory.db [ 123.736469][ T40] kauditd_printk_skb: 4 callbacks suppressed [ 123.736485][ T40] audit: type=1400 audit(1750289600.855:80): avc: denied { execmem } for pid=5952 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 124.759764][ T40] audit: type=1400 audit(1750289601.885:81): avc: denied { create } for pid=5957 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 124.792235][ T40] audit: type=1400 audit(1750289601.885:82): avc: denied { create } for pid=5956 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 124.828853][ T40] audit: type=1400 audit(1750289601.895:84): avc: denied { read write } for pid=5956 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 124.865629][ T5958] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 124.867759][ T40] audit: type=1400 audit(1750289601.895:83): avc: denied { read write } for pid=5957 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 124.885336][ T5958] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 124.886695][ T5958] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 124.887779][ T5958] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 124.888535][ T5958] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 124.888729][ T5958] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 124.890618][ T5958] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 124.890928][ T5958] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 124.891617][ T5958] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 124.892600][ T5958] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 124.916318][ T5964] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 124.918453][ T5967] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 124.922819][ T5961] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 124.924694][ T40] audit: type=1400 audit(1750289601.895:85): avc: denied { open } for pid=5957 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 124.924741][ T40] audit: type=1400 audit(1750289601.895:86): avc: denied { open } for pid=5956 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 124.938760][ T5971] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 124.951501][ T40] audit: type=1400 audit(1750289601.915:87): avc: denied { ioctl } for pid=5957 comm="syz-executor" path="socket:[6082]" dev="sockfs" ino=6082 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 124.953166][ T5299] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 124.953807][ T5299] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 124.954886][ T5299] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 124.955521][ T5299] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 124.975411][ T5971] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 124.979167][ T40] audit: type=1400 audit(1750289602.065:88): avc: denied { read } for pid=5962 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 124.993216][ T5971] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 125.136708][ T40] audit: type=1400 audit(1750289602.065:89): avc: denied { open } for pid=5962 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 125.718924][ T5957] chnl_net:caif_netlink_parms(): no params data found [ 126.017273][ T5968] chnl_net:caif_netlink_parms(): no params data found [ 126.024895][ T5962] chnl_net:caif_netlink_parms(): no params data found [ 126.222058][ T5957] bridge0: port 1(bridge_slave_0) entered blocking state [ 126.227602][ T5957] bridge0: port 1(bridge_slave_0) entered disabled state [ 126.251554][ T5957] bridge_slave_0: entered allmulticast mode [ 126.258035][ T5957] bridge_slave_0: entered promiscuous mode [ 126.302966][ T5956] chnl_net:caif_netlink_parms(): no params data found [ 126.402379][ T5957] bridge0: port 2(bridge_slave_1) entered blocking state [ 126.406005][ T5957] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.410101][ T5957] bridge_slave_1: entered allmulticast mode [ 126.415971][ T5957] bridge_slave_1: entered promiscuous mode [ 126.728322][ T5957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 126.955323][ T5957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 126.959363][ T5971] Bluetooth: hci2: command tx timeout [ 127.029094][ T5971] Bluetooth: hci3: command tx timeout [ 127.029219][ T5958] Bluetooth: hci1: command tx timeout [ 127.036252][ T5958] Bluetooth: hci0: command tx timeout [ 127.063748][ T5968] bridge0: port 1(bridge_slave_0) entered blocking state [ 127.067458][ T5968] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.087988][ T5968] bridge_slave_0: entered allmulticast mode [ 127.093663][ T5968] bridge_slave_0: entered promiscuous mode [ 127.107112][ T5968] bridge0: port 2(bridge_slave_1) entered blocking state [ 127.121691][ T5968] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.125438][ T5968] bridge_slave_1: entered allmulticast mode [ 127.132717][ T5968] bridge_slave_1: entered promiscuous mode [ 127.413095][ T5962] bridge0: port 1(bridge_slave_0) entered blocking state [ 127.443775][ T5962] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.453763][ T5962] bridge_slave_0: entered allmulticast mode [ 127.472104][ T5962] bridge_slave_0: entered promiscuous mode [ 127.486172][ T5957] team0: Port device team_slave_0 added [ 127.562177][ T5956] bridge0: port 1(bridge_slave_0) entered blocking state [ 127.566755][ T5956] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.570364][ T5956] bridge_slave_0: entered allmulticast mode [ 127.575308][ T5956] bridge_slave_0: entered promiscuous mode [ 127.609634][ T5957] team0: Port device team_slave_1 added [ 127.613228][ T5962] bridge0: port 2(bridge_slave_1) entered blocking state [ 127.615772][ T5962] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.618367][ T5962] bridge_slave_1: entered allmulticast mode [ 127.659410][ T5962] bridge_slave_1: entered promiscuous mode [ 127.721955][ T5968] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 127.782629][ T5956] bridge0: port 2(bridge_slave_1) entered blocking state [ 127.786010][ T5956] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.789008][ T5956] bridge_slave_1: entered allmulticast mode [ 127.792891][ T5956] bridge_slave_1: entered promiscuous mode [ 127.948151][ T5968] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 128.087372][ T5962] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 128.103855][ T5962] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 128.212830][ T5957] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 128.215783][ T5957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 128.234338][ T5957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 128.270284][ T5956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 128.381230][ T5957] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 128.384193][ T5957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 128.406538][ T5957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 128.414187][ T5956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 128.473151][ T5968] team0: Port device team_slave_0 added [ 128.578957][ T5962] team0: Port device team_slave_0 added [ 128.592565][ T5962] team0: Port device team_slave_1 added [ 128.614412][ T5968] team0: Port device team_slave_1 added [ 128.751423][ T5956] team0: Port device team_slave_0 added [ 128.938368][ T5956] team0: Port device team_slave_1 added [ 129.014867][ T5962] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 129.018873][ T5962] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.030217][ T5958] Bluetooth: hci2: command tx timeout [ 129.037486][ T5962] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 129.108838][ T5958] Bluetooth: hci1: command tx timeout [ 129.118853][ T5958] Bluetooth: hci3: command tx timeout [ 129.124487][ T5958] Bluetooth: hci0: command tx timeout [ 129.140319][ T5968] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 129.145049][ T5968] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.183684][ T5968] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 129.194337][ T5957] hsr_slave_0: entered promiscuous mode [ 129.198201][ T5957] hsr_slave_1: entered promiscuous mode [ 129.329735][ T5962] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 129.333856][ T5962] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.346381][ T5962] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 129.358089][ T5968] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 129.360746][ T5968] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.390630][ T5968] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 129.400087][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 129.404065][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.442947][ T5956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 129.463404][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 129.468017][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.522856][ T5956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 129.811602][ T5968] hsr_slave_0: entered promiscuous mode [ 129.822335][ T5968] hsr_slave_1: entered promiscuous mode [ 129.839953][ T5968] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 129.850203][ T5968] Cannot create hsr debugfs directory [ 130.008481][ T5962] hsr_slave_0: entered promiscuous mode [ 130.050840][ T5962] hsr_slave_1: entered promiscuous mode [ 130.069750][ T5962] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 130.073555][ T5962] Cannot create hsr debugfs directory [ 130.173262][ T5956] hsr_slave_0: entered promiscuous mode [ 130.176430][ T5956] hsr_slave_1: entered promiscuous mode [ 130.196928][ T5956] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 130.216790][ T5956] Cannot create hsr debugfs directory [ 131.120172][ T5958] Bluetooth: hci2: command tx timeout [ 131.200148][ T5958] Bluetooth: hci1: command tx timeout [ 131.210288][ T5958] Bluetooth: hci0: command tx timeout [ 131.211191][ T5971] Bluetooth: hci3: command tx timeout [ 131.319636][ T5957] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 131.331929][ T5957] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 131.358263][ T5957] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 131.372163][ T5957] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 131.553112][ T5962] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 131.563407][ T5962] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 131.581435][ T5962] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 131.613450][ T5962] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 131.674910][ T5957] 8021q: adding VLAN 0 to HW filter on device bond0 [ 131.799636][ T5968] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 131.827212][ T5957] 8021q: adding VLAN 0 to HW filter on device team0 [ 131.844871][ T5968] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 131.851341][ T5968] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 131.888746][ T5968] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 131.920361][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.937276][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 132.025923][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.037213][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 132.269900][ T5956] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 132.276274][ T5956] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 132.295736][ T5956] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 132.400676][ T5956] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 132.430420][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 132.430436][ T40] audit: type=1400 audit(1750289609.565:92): avc: denied { sys_module } for pid=5957 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 132.486614][ T5962] 8021q: adding VLAN 0 to HW filter on device bond0 [ 132.553531][ T5962] 8021q: adding VLAN 0 to HW filter on device team0 [ 132.669825][ T71] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.683713][ T71] bridge0: port 1(bridge_slave_0) entered forwarding state [ 132.702423][ T71] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.706168][ T71] bridge0: port 2(bridge_slave_1) entered forwarding state [ 132.731844][ T5968] 8021q: adding VLAN 0 to HW filter on device bond0 [ 132.823551][ T5957] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 132.858797][ T5968] 8021q: adding VLAN 0 to HW filter on device team0 [ 132.912828][ T5962] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 132.931118][ T47] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.934287][ T47] bridge0: port 1(bridge_slave_0) entered forwarding state [ 133.011115][ T5956] 8021q: adding VLAN 0 to HW filter on device bond0 [ 133.062463][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.066581][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 133.153900][ T5956] 8021q: adding VLAN 0 to HW filter on device team0 [ 133.186955][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.188847][ T5971] Bluetooth: hci2: command tx timeout [ 133.193035][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 133.267977][ T5957] veth0_vlan: entered promiscuous mode [ 133.271082][ T5971] Bluetooth: hci0: command tx timeout [ 133.271248][ T5958] Bluetooth: hci1: command tx timeout [ 133.282322][ T5958] Bluetooth: hci3: command tx timeout [ 133.401353][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.404265][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 133.437737][ T5957] veth1_vlan: entered promiscuous mode [ 133.563537][ T5962] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 133.578338][ T5957] veth0_macvtap: entered promiscuous mode [ 133.593194][ T5957] veth1_macvtap: entered promiscuous mode [ 133.609246][ T5956] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 133.689249][ T5957] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 133.728367][ T5957] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 133.760599][ T5957] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.775037][ T5957] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.778521][ T5957] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.823245][ T5957] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.976345][ T5962] veth0_vlan: entered promiscuous mode [ 134.044567][ T5962] veth1_vlan: entered promiscuous mode [ 134.142414][ T5968] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 134.252202][ T5956] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 134.319991][ T5968] veth0_vlan: entered promiscuous mode [ 134.334969][ T47] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.355333][ T47] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.380106][ T5968] veth1_vlan: entered promiscuous mode [ 134.417290][ T5962] veth0_macvtap: entered promiscuous mode [ 134.453351][ T5962] veth1_macvtap: entered promiscuous mode [ 134.485155][ T47] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.490761][ T47] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.550465][ T40] audit: type=1400 audit(1750289611.655:93): avc: denied { mount } for pid=5957 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 134.590175][ T40] audit: type=1400 audit(1750289611.655:94): avc: denied { mounton } for pid=5957 comm="syz-executor" path="/syzkaller.H8W8Wl/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 134.600451][ T5956] veth0_vlan: entered promiscuous mode [ 134.615799][ T40] audit: type=1400 audit(1750289611.655:95): avc: denied { mount } for pid=5957 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 134.615843][ T40] audit: type=1400 audit(1750289611.705:96): avc: denied { mounton } for pid=5957 comm="syz-executor" path="/syzkaller.H8W8Wl/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 134.615879][ T40] audit: type=1400 audit(1750289611.705:97): avc: denied { mounton } for pid=5957 comm="syz-executor" path="/syzkaller.H8W8Wl/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=6459 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 134.615913][ T40] audit: type=1400 audit(1750289611.705:98): avc: denied { unmount } for pid=5957 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 134.700990][ T40] audit: type=1400 audit(1750289611.835:99): avc: denied { mounton } for pid=5957 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2828 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 134.709906][ T40] audit: type=1400 audit(1750289611.835:100): avc: denied { mount } for pid=5957 comm="syz-executor" name="/" dev="gadgetfs" ino=6460 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 134.745627][ T40] audit: type=1400 audit(1750289611.845:101): avc: denied { mount } for pid=5957 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 134.748529][ T5956] veth1_vlan: entered promiscuous mode [ 134.806595][ T5968] veth0_macvtap: entered promiscuous mode [ 134.863546][ T5957] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 134.867111][ T5968] veth1_macvtap: entered promiscuous mode [ 134.890550][ T5962] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 134.930073][ T5962] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 135.020979][ T5962] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.037225][ T5962] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.041957][ T5962] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.072187][ T5962] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.167908][ T6046] random: crng reseeded on system resumption [ 135.169567][ T5968] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 135.175013][ T6047] xt_time: unknown flags 0xb4 [ 135.282983][ T5956] veth0_macvtap: entered promiscuous mode [ 135.290929][ T5968] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 135.299735][ T5956] veth1_macvtap: entered promiscuous mode [ 135.315954][ T5968] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.336347][ T5968] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.348798][ T5968] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.352603][ T5968] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.440001][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 135.503721][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 135.551464][ T5956] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.557917][ T5956] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.581959][ T5956] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.585465][ T5956] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.716888][ T1195] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.720433][ T1195] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.776881][ T47] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.787365][ T47] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.895215][ T1195] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.898972][ T1195] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.067441][ T1195] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.077906][ T1195] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.180557][ T1195] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.186879][ T1195] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.188489][ T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.249085][ T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.310707][ T6053] lo speed is unknown, defaulting to 1000 [ 136.346345][ T6053] lo speed is unknown, defaulting to 1000 [ 136.362701][ T6053] lo speed is unknown, defaulting to 1000 [ 136.721635][ T6061] random: crng reseeded on system resumption [ 136.763378][ T34] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 136.812976][ T6062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4'. [ 136.855429][ T6061] xt_time: unknown flags 0xb4 [ 136.881353][ T6062] macsec0: entered promiscuous mode [ 136.942198][ T34] usb 6-1: Using ep0 maxpacket: 8 [ 136.992686][ T34] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 137.012269][ T6053] infiniband syz0: set active [ 137.042228][ T34] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 137.051229][ T6053] infiniband syz0: added lo [ 137.068763][ T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 137.110832][ T6049] lo speed is unknown, defaulting to 1000 [ 137.111217][ T6072] netlink: 'syz.2.8': attribute type 2 has an invalid length. [ 137.114181][ T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 137.178915][ T34] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 137.227941][ T6053] RDS/IB: syz0: added [ 137.263555][ T34] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 137.263583][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.267947][ T6053] smc: adding ib device syz0 with port count 1 [ 137.284391][ T6053] smc: ib device syz0 port 1 has pnetid [ 137.287112][ T6053] lo speed is unknown, defaulting to 1000 [ 137.360936][ T6079] netlink: 'syz.2.10': attribute type 10 has an invalid length. [ 137.361741][ T6040] lo speed is unknown, defaulting to 1000 [ 137.506397][ T34] usb 6-1: GET_CAPABILITIES returned 0 [ 137.506449][ T34] usbtmc 6-1:16.0: can't read capabilities [ 137.712522][ T40] kauditd_printk_skb: 32 callbacks suppressed [ 137.712537][ T40] audit: type=1400 audit(1750289614.835:134): avc: denied { setopt } for pid=6052 comm="syz.1.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 137.742564][ T40] audit: type=1400 audit(1750289614.875:135): avc: denied { write } for pid=6052 comm="syz.1.6" name="usbtmc0" dev="devtmpfs" ino=2836 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 137.747160][ T6049] usb 6-1: USB disconnect, device number 2 [ 137.778583][ T40] audit: type=1400 audit(1750289614.885:136): avc: denied { create } for pid=6087 comm="syz.3.12" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 137.830653][ T40] audit: type=1400 audit(1750289614.885:137): avc: denied { getopt } for pid=6087 comm="syz.3.12" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 137.947317][ T6054] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6'. [ 137.986263][ T40] audit: type=1400 audit(1750289615.115:138): avc: denied { write } for pid=6087 comm="syz.3.12" name="ptype" dev="proc" ino=4026533307 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 137.987664][ T6053] lo speed is unknown, defaulting to 1000 [ 138.028802][ T40] audit: type=1400 audit(1750289615.115:139): avc: denied { read write } for pid=6087 comm="syz.3.12" name="video7" dev="devtmpfs" ino=975 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 138.036001][ T6054] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.042142][ T40] audit: type=1400 audit(1750289615.115:140): avc: denied { open } for pid=6087 comm="syz.3.12" path="/dev/video7" dev="devtmpfs" ino=975 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 138.042222][ T40] audit: type=1400 audit(1750289615.115:141): avc: denied { ioctl } for pid=6087 comm="syz.3.12" path="/dev/video7" dev="devtmpfs" ino=975 ioctlcmd=0x561c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 138.398304][ T40] audit: type=1400 audit(1750289615.515:142): avc: denied { read append } for pid=6094 comm="syz.2.14" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 138.409867][ T40] audit: type=1400 audit(1750289615.515:143): avc: denied { open } for pid=6094 comm="syz.2.14" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 138.448997][ T6095] Zero length message leads to an empty skb [ 138.766162][ T6054] bridge_slave_1 (unregistering): left allmulticast mode [ 138.773658][ T6054] bridge_slave_1 (unregistering): left promiscuous mode [ 138.777593][ T6054] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.835905][ T6053] lo speed is unknown, defaulting to 1000 [ 138.889253][ T6098] warning: `syz.2.15' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 139.060146][ T840] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 139.217110][ T840] usb 7-1: device descriptor read/64, error -71 [ 139.249494][ T6053] lo speed is unknown, defaulting to 1000 [ 139.514563][ T840] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 139.669979][ T840] usb 7-1: device descriptor read/64, error -71 [ 139.720669][ T6121] netlink: 8 bytes leftover after parsing attributes in process `syz.0.22'. [ 139.789230][ T840] usb usb7-port1: attempt power cycle [ 140.050340][ T6126] FAULT_INJECTION: forcing a failure. [ 140.050340][ T6126] name failslab, interval 1, probability 0, space 0, times 1 [ 140.103745][ T6126] CPU: 1 UID: 0 PID: 6126 Comm: syz.1.24 Not tainted 6.16.0-rc2-syzkaller-00071-g74b4cc9b8780 #0 PREEMPT(full) [ 140.103771][ T6126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 140.103782][ T6126] Call Trace: [ 140.103788][ T6126] [ 140.103795][ T6126] dump_stack_lvl+0x16c/0x1f0 [ 140.103827][ T6126] should_fail_ex+0x512/0x640 [ 140.103848][ T6126] ? fs_reclaim_acquire+0xae/0x150 [ 140.103867][ T6126] ? tomoyo_encode2+0x100/0x3e0 [ 140.103888][ T6126] should_failslab+0xc2/0x120 [ 140.103911][ T6126] __kmalloc_noprof+0xd2/0x510 [ 140.103938][ T6126] tomoyo_encode2+0x100/0x3e0 [ 140.103971][ T6126] tomoyo_encode+0x29/0x50 [ 140.103992][ T6126] tomoyo_mount_acl+0x144/0x850 [ 140.104012][ T6126] ? kernel_text_address+0x8d/0x100 [ 140.104029][ T6126] ? __kernel_text_address+0xd/0x40 [ 140.104045][ T6126] ? unwind_get_return_address+0x59/0xa0 [ 140.104071][ T6126] ? arch_stack_walk+0xa6/0x100 [ 140.104088][ T6126] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 140.104116][ T6126] ? stack_trace_save+0x8e/0xc0 [ 140.104159][ T6126] ? tomoyo_domain+0xbb/0x150 [ 140.104174][ T6126] ? tomoyo_profile+0x47/0x60 [ 140.104202][ T6126] tomoyo_mount_permission+0x16d/0x420 [ 140.104221][ T6126] ? tomoyo_mount_permission+0x14f/0x420 [ 140.104244][ T6126] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 140.104284][ T6126] security_sb_mount+0x9b/0x260 [ 140.104307][ T6126] path_mount+0x128/0x2020 [ 140.104333][ T6126] ? kmem_cache_free+0x2d1/0x4d0 [ 140.104352][ T6126] ? __pfx_path_mount+0x10/0x10 [ 140.104380][ T6126] ? putname+0x154/0x1a0 [ 140.104409][ T6126] __x64_sys_mount+0x28d/0x310 [ 140.104435][ T6126] ? __pfx___x64_sys_mount+0x10/0x10 [ 140.104467][ T6126] do_syscall_64+0xcd/0x4c0 [ 140.104494][ T6126] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.104511][ T6126] RIP: 0033:0x7fb0f0f8e929 [ 140.104526][ T6126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.104540][ T6126] RSP: 002b:00007fb0f1e66038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 140.104556][ T6126] RAX: ffffffffffffffda RBX: 00007fb0f11b5fa0 RCX: 00007fb0f0f8e929 [ 140.104566][ T6126] RDX: 0000200000000200 RSI: 0000200000000040 RDI: 00002000000001c0 [ 140.104576][ T6126] RBP: 00007fb0f1e66090 R08: 0000000000000000 R09: 0000000000000000 [ 140.104586][ T6126] R10: 000000000021000d R11: 0000000000000246 R12: 0000000000000001 [ 140.104595][ T6126] R13: 0000000000000000 R14: 00007fb0f11b5fa0 R15: 00007ffd85eb8938 [ 140.104615][ T6126] [ 140.218858][ T840] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 140.361235][ T6130] netlink: 'syz.0.26': attribute type 8 has an invalid length. [ 140.403133][ T840] usb 7-1: device descriptor read/8, error -71 [ 140.680130][ T6142] netlink: 12 bytes leftover after parsing attributes in process `syz.0.29'. [ 140.754058][ T840] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 140.841819][ T840] usb 7-1: device descriptor read/8, error -71 [ 140.977637][ T840] usb usb7-port1: unable to enumerate USB device [ 141.064598][ T6150] netlink: 4 bytes leftover after parsing attributes in process `syz.3.34'. [ 141.132883][ T6153] FAULT_INJECTION: forcing a failure. [ 141.132883][ T6153] name failslab, interval 1, probability 0, space 0, times 0 [ 141.176512][ T6153] CPU: 3 UID: 0 PID: 6153 Comm: syz.3.35 Not tainted 6.16.0-rc2-syzkaller-00071-g74b4cc9b8780 #0 PREEMPT(full) [ 141.176539][ T6153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 141.176549][ T6153] Call Trace: [ 141.176556][ T6153] [ 141.176563][ T6153] dump_stack_lvl+0x16c/0x1f0 [ 141.176593][ T6153] should_fail_ex+0x512/0x640 [ 141.176615][ T6153] ? fs_reclaim_acquire+0xae/0x150 [ 141.176634][ T6153] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 141.176663][ T6153] should_failslab+0xc2/0x120 [ 141.176720][ T6153] __kmalloc_noprof+0xd2/0x510 [ 141.176742][ T6153] ? trace_kmalloc+0x2b/0xd0 [ 141.176765][ T6153] ? __kmalloc_noprof+0x242/0x510 [ 141.176790][ T6153] tomoyo_realpath_from_path+0xc2/0x6e0 [ 141.176817][ T6153] ? tomoyo_fill_path_info+0x233/0x420 [ 141.176837][ T6153] tomoyo_mount_acl+0x1ae/0x850 [ 141.176857][ T6153] ? kernel_text_address+0x8d/0x100 [ 141.176876][ T6153] ? __kernel_text_address+0xd/0x40 [ 141.176893][ T6153] ? unwind_get_return_address+0x59/0xa0 [ 141.176928][ T6153] ? arch_stack_walk+0xa6/0x100 [ 141.176946][ T6153] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 141.176975][ T6153] ? stack_trace_save+0x8e/0xc0 [ 141.177024][ T6153] ? tomoyo_domain+0xbb/0x150 [ 141.177039][ T6153] ? tomoyo_profile+0x47/0x60 [ 141.177070][ T6153] tomoyo_mount_permission+0x16d/0x420 [ 141.177092][ T6153] ? tomoyo_mount_permission+0x14f/0x420 [ 141.177116][ T6153] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 141.177157][ T6153] security_sb_mount+0x9b/0x260 [ 141.177181][ T6153] path_mount+0x128/0x2020 [ 141.177210][ T6153] ? kmem_cache_free+0x2d1/0x4d0 [ 141.177230][ T6153] ? __pfx_path_mount+0x10/0x10 [ 141.177261][ T6153] ? putname+0x154/0x1a0 [ 141.177291][ T6153] __x64_sys_mount+0x28d/0x310 [ 141.177318][ T6153] ? __pfx___x64_sys_mount+0x10/0x10 [ 141.177354][ T6153] do_syscall_64+0xcd/0x4c0 [ 141.177383][ T6153] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.177400][ T6153] RIP: 0033:0x7fcbc238e929 [ 141.177415][ T6153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.177431][ T6153] RSP: 002b:00007fcbc31b5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 141.177448][ T6153] RAX: ffffffffffffffda RBX: 00007fcbc25b5fa0 RCX: 00007fcbc238e929 [ 141.177459][ T6153] RDX: 0000200000000200 RSI: 0000200000000040 RDI: 00002000000001c0 [ 141.177469][ T6153] RBP: 00007fcbc31b5090 R08: 0000000000000000 R09: 0000000000000000 [ 141.177479][ T6153] R10: 000000000021000d R11: 0000000000000246 R12: 0000000000000001 [ 141.177488][ T6153] R13: 0000000000000000 R14: 00007fcbc25b5fa0 R15: 00007ffcd89e5c08 [ 141.177515][ T6153] [ 141.177522][ T6153] ERROR: Out of memory at tomoyo_realpath_from_path. [ 141.183651][ T6147] bridge1: entered allmulticast mode [ 141.305596][ T6158] netlink: 'syz.0.38': attribute type 8 has an invalid length. [ 141.378007][ T6160] fuse: Unknown parameter 'fdy0x0000000000000004' [ 141.463263][ T5971] Bluetooth: Frame is too long (len 12, expected len 4) [ 141.812737][ T6163] netlink: 8 bytes leftover after parsing attributes in process `syz.3.40'. [ 141.929701][ T71] bond0: (slave bond_slave_0): interface is now down [ 141.936651][ T71] bond0: (slave bond_slave_1): interface is now down [ 141.997544][ T71] bond0: now running without any active interface! [ 142.375204][ T6179] ======================================================= [ 142.375204][ T6179] WARNING: The mand mount option has been deprecated and [ 142.375204][ T6179] and is ignored by this kernel. Remove the mand [ 142.375204][ T6179] option from the mount to silence this warning. [ 142.375204][ T6179] ======================================================= [ 142.499453][ T6193] FAULT_INJECTION: forcing a failure. [ 142.499453][ T6193] name failslab, interval 1, probability 0, space 0, times 0 [ 142.505184][ T6193] CPU: 1 UID: 0 PID: 6193 Comm: syz.2.45 Not tainted 6.16.0-rc2-syzkaller-00071-g74b4cc9b8780 #0 PREEMPT(full) [ 142.505205][ T6193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 142.505214][ T6193] Call Trace: [ 142.505221][ T6193] [ 142.505227][ T6193] dump_stack_lvl+0x16c/0x1f0 [ 142.505253][ T6193] should_fail_ex+0x512/0x640 [ 142.505272][ T6193] ? fs_reclaim_acquire+0xae/0x150 [ 142.505288][ T6193] ? tomoyo_encode2+0x100/0x3e0 [ 142.505307][ T6193] should_failslab+0xc2/0x120 [ 142.505328][ T6193] __kmalloc_noprof+0xd2/0x510 [ 142.505345][ T6193] ? d_absolute_path+0x136/0x1a0 [ 142.505362][ T6193] tomoyo_encode2+0x100/0x3e0 [ 142.505384][ T6193] tomoyo_encode+0x29/0x50 [ 142.505402][ T6193] tomoyo_realpath_from_path+0x18f/0x6e0 [ 142.505427][ T6193] tomoyo_mount_acl+0x1ae/0x850 [ 142.505444][ T6193] ? kernel_text_address+0x8d/0x100 [ 142.505459][ T6193] ? __kernel_text_address+0xd/0x40 [ 142.505473][ T6193] ? unwind_get_return_address+0x59/0xa0 [ 142.505495][ T6193] ? arch_stack_walk+0xa6/0x100 [ 142.505510][ T6193] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 142.505533][ T6193] ? stack_trace_save+0x8e/0xc0 [ 142.505567][ T6193] ? tomoyo_domain+0xbb/0x150 [ 142.505579][ T6193] ? tomoyo_profile+0x47/0x60 [ 142.505610][ T6193] tomoyo_mount_permission+0x16d/0x420 [ 142.505633][ T6193] ? tomoyo_mount_permission+0x14f/0x420 [ 142.505655][ T6193] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 142.505701][ T6193] security_sb_mount+0x9b/0x260 [ 142.505727][ T6193] path_mount+0x128/0x2020 [ 142.505756][ T6193] ? kmem_cache_free+0x2d1/0x4d0 [ 142.505773][ T6193] ? __pfx_path_mount+0x10/0x10 [ 142.505798][ T6193] ? putname+0x154/0x1a0 [ 142.505823][ T6193] __x64_sys_mount+0x28d/0x310 [ 142.505845][ T6193] ? __pfx___x64_sys_mount+0x10/0x10 [ 142.505874][ T6193] do_syscall_64+0xcd/0x4c0 [ 142.505897][ T6193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.505911][ T6193] RIP: 0033:0x7f5b1398e929 [ 142.505924][ T6193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.505941][ T6193] RSP: 002b:00007f5b14891038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 142.505956][ T6193] RAX: ffffffffffffffda RBX: 00007f5b13bb5fa0 RCX: 00007f5b1398e929 [ 142.505965][ T6193] RDX: 0000200000000200 RSI: 0000200000000040 RDI: 00002000000001c0 [ 142.505974][ T6193] RBP: 00007f5b14891090 R08: 0000000000000000 R09: 0000000000000000 [ 142.505982][ T6193] R10: 000000000021000d R11: 0000000000000246 R12: 0000000000000001 [ 142.505990][ T6193] R13: 0000000000000000 R14: 00007f5b13bb5fa0 R15: 00007ffcec3b7d58 [ 142.506011][ T6193] [ 142.506034][ T6193] ERROR: Out of memory at tomoyo_realpath_from_path. [ 142.691637][ T6202] veth1_macvtap: left promiscuous mode [ 142.728330][ T6202] macsec0: entered allmulticast mode [ 142.751397][ T6203] veth1_macvtap: entered promiscuous mode [ 142.754363][ T6203] veth1_macvtap: entered allmulticast mode [ 142.829076][ T6203] macsec0: left allmulticast mode [ 142.832105][ T6203] veth1_macvtap: left allmulticast mode [ 142.846116][ T6206] netlink: 8 bytes leftover after parsing attributes in process `syz.2.54'. [ 142.949392][ T40] kauditd_printk_skb: 58 callbacks suppressed [ 142.949410][ T40] audit: type=1400 audit(1750289620.065:202): avc: denied { watch } for pid=6205 comm="syz.1.53" path="/11/bus/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="overlay" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 143.008863][ T40] audit: type=1400 audit(1750289620.085:203): avc: denied { watch_sb watch_reads } for pid=6205 comm="syz.1.53" path="/11/bus/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="overlay" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 143.076807][ T6213] netlink: 8 bytes leftover after parsing attributes in process `syz.0.58'. [ 143.112068][ T40] audit: type=1400 audit(1750289620.215:204): avc: denied { create } for pid=6210 comm="syz.2.56" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 143.135084][ T40] audit: type=1400 audit(1750289620.215:205): avc: denied { setopt } for pid=6210 comm="syz.2.56" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 143.262485][ T6217] syz.3.60 uses obsolete (PF_INET,SOCK_PACKET) [ 143.293060][ T40] audit: type=1400 audit(1750289620.365:206): avc: denied { validate_trans } for pid=6216 comm="syz.3.60" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 143.327072][ T40] audit: type=1400 audit(1750289620.385:207): avc: denied { ioctl } for pid=6216 comm="syz.3.60" path="socket:[9751]" dev="sockfs" ino=9751 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 143.381624][ T6223] sysfs: cannot create duplicate filename '/class/ieee80211/!å¯' [ 143.387716][ T6223] CPU: 1 UID: 0 PID: 6223 Comm: syz.1.59 Not tainted 6.16.0-rc2-syzkaller-00071-g74b4cc9b8780 #0 PREEMPT(full) [ 143.387746][ T6223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 143.387757][ T6223] Call Trace: [ 143.387764][ T6223] [ 143.387771][ T6223] dump_stack_lvl+0x16c/0x1f0 [ 143.387806][ T6223] sysfs_warn_dup+0x7f/0xa0 [ 143.387834][ T6223] sysfs_do_create_link_sd+0x124/0x140 [ 143.387863][ T6223] sysfs_create_link+0x61/0xc0 [ 143.387887][ T6223] device_add+0x62c/0x1a70 [ 143.387907][ T6223] ? __pfx_device_add+0x10/0x10 [ 143.387922][ T6223] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 143.387946][ T6223] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 143.387984][ T6223] wiphy_register+0x1c9c/0x2850 [ 143.388004][ T6223] ? netdev_run_todo+0x864/0x1320 [ 143.388040][ T6223] ? __pfx_wiphy_register+0x10/0x10 [ 143.388070][ T6223] ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0 [ 143.388092][ T6223] ieee80211_register_hw+0x24ac/0x4140 [ 143.388119][ T6223] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 143.388148][ T6223] ? find_held_lock+0x2b/0x80 [ 143.388171][ T6223] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 143.388193][ T6223] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 143.388212][ T6223] ? __hrtimer_setup+0x176/0x280 [ 143.388233][ T6223] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 143.388266][ T6223] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 143.388290][ T6223] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 143.388314][ T6223] ? __asan_memcpy+0x3c/0x60 [ 143.388336][ T6223] hwsim_new_radio_nl+0xb51/0x12c0 [ 143.388361][ T6223] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 143.388391][ T6223] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 143.388414][ T6223] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 143.388442][ T6223] genl_family_rcv_msg_doit+0x206/0x2f0 [ 143.388467][ T6223] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 143.388496][ T6223] ? bpf_lsm_capable+0x9/0x10 [ 143.388514][ T6223] ? security_capable+0x7e/0x260 [ 143.388534][ T6223] ? ns_capable+0xd7/0x110 [ 143.388575][ T6223] genl_rcv_msg+0x55c/0x800 [ 143.390505][ T6223] ? __pfx_genl_rcv_msg+0x10/0x10 [ 143.390543][ T6223] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 143.390576][ T6223] ? __lock_acquire+0x622/0x1c90 [ 143.390612][ T6223] netlink_rcv_skb+0x155/0x420 [ 143.390633][ T6223] ? __pfx_genl_rcv_msg+0x10/0x10 [ 143.390656][ T6223] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 143.390688][ T6223] ? netlink_deliver_tap+0x1ae/0xd30 [ 143.390706][ T6223] ? is_vmalloc_addr+0x86/0xa0 [ 143.390733][ T6223] genl_rcv+0x28/0x40 [ 143.390752][ T6223] netlink_unicast+0x53d/0x7f0 [ 143.390776][ T6223] ? __pfx_netlink_unicast+0x10/0x10 [ 143.390806][ T6223] netlink_sendmsg+0x8d1/0xdd0 [ 143.390830][ T6223] ? __pfx_netlink_sendmsg+0x10/0x10 [ 143.390864][ T6223] ____sys_sendmsg+0xa95/0xc70 [ 143.390885][ T6223] ? copy_msghdr_from_user+0x10a/0x160 [ 143.390911][ T6223] ? __pfx_____sys_sendmsg+0x10/0x10 [ 143.390939][ T6223] ? __pfx_futex_wake_mark+0x10/0x10 [ 143.390965][ T6223] ___sys_sendmsg+0x134/0x1d0 [ 143.390995][ T6223] ? __pfx____sys_sendmsg+0x10/0x10 [ 143.391018][ T6223] ? __lock_acquire+0x622/0x1c90 [ 143.391088][ T6223] __sys_sendmsg+0x16d/0x220 [ 143.391116][ T6223] ? __pfx___sys_sendmsg+0x10/0x10 [ 143.391216][ T6223] ? __x64_sys_futex+0x1e0/0x4c0 [ 143.391261][ T6223] do_syscall_64+0xcd/0x4c0 [ 143.391292][ T6223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.391312][ T6223] RIP: 0033:0x7fb0f0f8e929 [ 143.391330][ T6223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.391346][ T6223] RSP: 002b:00007fb0f1e66038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 143.391366][ T6223] RAX: ffffffffffffffda RBX: 00007fb0f11b5fa0 RCX: 00007fb0f0f8e929 [ 143.391378][ T6223] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004 [ 143.391388][ T6223] RBP: 00007fb0f1010b39 R08: 0000000000000000 R09: 0000000000000000 [ 143.391397][ T6223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 143.391407][ T6223] R13: 0000000000000000 R14: 00007fb0f11b5fa0 R15: 00007ffd85eb8938 [ 143.391432][ T6223] [ 143.396824][ T40] audit: type=1400 audit(1750289620.435:208): avc: denied { create } for pid=6219 comm="syz.0.61" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 143.524559][ T6230] xt_cgroup: path and classid specified [ 143.541796][ T6229] netlink: 8 bytes leftover after parsing attributes in process `syz.3.64'. [ 143.542204][ T40] audit: type=1400 audit(1750289620.435:209): avc: denied { ioctl } for pid=6219 comm="syz.0.61" path="socket:[9754]" dev="sockfs" ino=9754 ioctlcmd=0x89f8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 143.682092][ T6237] netlink: 8 bytes leftover after parsing attributes in process `syz.3.65'. [ 143.912150][ T40] audit: type=1400 audit(1750289621.045:210): avc: denied { create } for pid=6240 comm="syz.1.66" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 144.065072][ T40] audit: type=1400 audit(1750289621.175:211): avc: denied { connect } for pid=6240 comm="syz.1.66" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 144.344323][ T6256] Bluetooth: MGMT ver 1.23 [ 144.555404][ T6265] FAULT_INJECTION: forcing a failure. [ 144.555404][ T6265] name failslab, interval 1, probability 0, space 0, times 0 [ 144.573712][ T6265] CPU: 0 UID: 0 PID: 6265 Comm: syz.1.76 Not tainted 6.16.0-rc2-syzkaller-00071-g74b4cc9b8780 #0 PREEMPT(full) [ 144.573736][ T6265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 144.573746][ T6265] Call Trace: [ 144.573751][ T6265] [ 144.573758][ T6265] dump_stack_lvl+0x16c/0x1f0 [ 144.573789][ T6265] should_fail_ex+0x512/0x640 [ 144.573818][ T6265] ? fs_reclaim_acquire+0xae/0x150 [ 144.573836][ T6265] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 144.573860][ T6265] should_failslab+0xc2/0x120 [ 144.573883][ T6265] __kmalloc_noprof+0xd2/0x510 [ 144.573910][ T6265] tomoyo_realpath_from_path+0xc2/0x6e0 [ 144.573939][ T6265] tomoyo_mount_acl+0x664/0x850 [ 144.573959][ T6265] ? kernel_text_address+0x8d/0x100 [ 144.573978][ T6265] ? __kernel_text_address+0xd/0x40 [ 144.573999][ T6265] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 144.574026][ T6265] ? stack_trace_save+0x8e/0xc0 [ 144.574066][ T6265] ? tomoyo_domain+0xbb/0x150 [ 144.574081][ T6265] ? tomoyo_profile+0x47/0x60 [ 144.574109][ T6265] tomoyo_mount_permission+0x16d/0x420 [ 144.574129][ T6265] ? tomoyo_mount_permission+0x14f/0x420 [ 144.574150][ T6265] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 144.574188][ T6265] security_sb_mount+0x9b/0x260 [ 144.574210][ T6265] path_mount+0x128/0x2020 [ 144.574235][ T6265] ? kmem_cache_free+0x2d1/0x4d0 [ 144.574253][ T6265] ? __pfx_path_mount+0x10/0x10 [ 144.574278][ T6265] ? putname+0x154/0x1a0 [ 144.574302][ T6265] __x64_sys_mount+0x28d/0x310 [ 144.574324][ T6265] ? __pfx___x64_sys_mount+0x10/0x10 [ 144.574352][ T6265] do_syscall_64+0xcd/0x4c0 [ 144.574375][ T6265] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.574390][ T6265] RIP: 0033:0x7fb0f0f8e929 [ 144.574402][ T6265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.574415][ T6265] RSP: 002b:00007fb0f1e66038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 144.574430][ T6265] RAX: ffffffffffffffda RBX: 00007fb0f11b5fa0 RCX: 00007fb0f0f8e929 [ 144.574438][ T6265] RDX: 0000200000000200 RSI: 0000200000000040 RDI: 00002000000001c0 [ 144.574447][ T6265] RBP: 00007fb0f1e66090 R08: 0000000000000000 R09: 0000000000000000 [ 144.574456][ T6265] R10: 000000000021000d R11: 0000000000000246 R12: 0000000000000002 [ 144.574464][ T6265] R13: 0000000000000000 R14: 00007fb0f11b5fa0 R15: 00007ffd85eb8938 [ 144.574483][ T6265] [ 144.574489][ T6265] ERROR: Out of memory at tomoyo_realpath_from_path. [ 144.998039][ T839] hid (null): unknown global tag 0xc [ 145.028963][ T6279] sctp: [Deprecated]: syz.3.82 (pid 6279) Use of struct sctp_assoc_value in delayed_ack socket option. [ 145.028963][ T6279] Use struct sctp_sack_info instead [ 145.073962][ T839] hid-generic 0003:0080:0000.0002: unknown global tag 0xc [ 145.078802][ T839] hid-generic 0003:0080:0000.0002: item 0 4 1 12 parsing failed [ 145.084598][ T839] hid-generic 0003:0080:0000.0002: probe with driver hid-generic failed with error -22 [ 145.190393][ T6285] (syz.1.81,6285,0):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 145.220913][ T6285] (syz.1.81,6285,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 145.520020][ T6303] FAULT_INJECTION: forcing a failure. [ 145.520020][ T6303] name failslab, interval 1, probability 0, space 0, times 0 [ 145.547133][ T6303] CPU: 0 UID: 0 PID: 6303 Comm: syz.1.90 Not tainted 6.16.0-rc2-syzkaller-00071-g74b4cc9b8780 #0 PREEMPT(full) [ 145.547159][ T6303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 145.547169][ T6303] Call Trace: [ 145.547175][ T6303] [ 145.547182][ T6303] dump_stack_lvl+0x16c/0x1f0 [ 145.547215][ T6303] should_fail_ex+0x512/0x640 [ 145.547237][ T6303] ? fs_reclaim_acquire+0xae/0x150 [ 145.547257][ T6303] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 145.547282][ T6303] should_failslab+0xc2/0x120 [ 145.547306][ T6303] __kmalloc_noprof+0xd2/0x510 [ 145.547335][ T6303] tomoyo_realpath_from_path+0xc2/0x6e0 [ 145.547366][ T6303] tomoyo_mount_acl+0x664/0x850 [ 145.547386][ T6303] ? kernel_text_address+0x8d/0x100 [ 145.547405][ T6303] ? __kernel_text_address+0xd/0x40 [ 145.547428][ T6303] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 145.547456][ T6303] ? stack_trace_save+0x8e/0xc0 [ 145.547500][ T6303] ? tomoyo_domain+0xbb/0x150 [ 145.547514][ T6303] ? tomoyo_profile+0x47/0x60 [ 145.547544][ T6303] tomoyo_mount_permission+0x16d/0x420 [ 145.547565][ T6303] ? tomoyo_mount_permission+0x14f/0x420 [ 145.547590][ T6303] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 145.547624][ T6303] security_sb_mount+0x9b/0x260 [ 145.547647][ T6303] path_mount+0x128/0x2020 [ 145.547675][ T6303] ? kmem_cache_free+0x2d1/0x4d0 [ 145.547695][ T6303] ? __pfx_path_mount+0x10/0x10 [ 145.547724][ T6303] ? putname+0x154/0x1a0 [ 145.547753][ T6303] __x64_sys_mount+0x28d/0x310 [ 145.547779][ T6303] ? __pfx___x64_sys_mount+0x10/0x10 [ 145.547813][ T6303] do_syscall_64+0xcd/0x4c0 [ 145.547841][ T6303] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.547858][ T6303] RIP: 0033:0x7fb0f0f8e929 [ 145.547878][ T6303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.547894][ T6303] RSP: 002b:00007fb0f1e66038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 145.547911][ T6303] RAX: ffffffffffffffda RBX: 00007fb0f11b5fa0 RCX: 00007fb0f0f8e929 [ 145.547922][ T6303] RDX: 0000200000000200 RSI: 0000200000000040 RDI: 00002000000001c0 [ 145.547932][ T6303] RBP: 00007fb0f1e66090 R08: 0000000000000000 R09: 0000000000000000 [ 145.547942][ T6303] R10: 000000000021000d R11: 0000000000000246 R12: 0000000000000002 [ 145.547951][ T6303] R13: 0000000000000000 R14: 00007fb0f11b5fa0 R15: 00007ffd85eb8938 [ 145.547974][ T6303] [ 145.547981][ T6303] ERROR: Out of memory at tomoyo_realpath_from_path. [ 146.593736][ T6334] netlink: 'syz.0.100': attribute type 8 has an invalid length. [ 146.734659][ T6339] [U] ³•¯1WT`8ºÁÍÇÚH$Ô0©·ÑÃÝ9\ [ 146.736896][ T6339] [U] ;2}U‚˜GVÏÄ¥ËÚ#ÈO9ÏÔÕ¥>-ƒÊß´ÜS…Ý¢šÕP [ 146.759231][ T6337] [U]  [ 147.064743][ T6352] overlayfs: missing 'lowerdir' [ 147.379162][ T6358] IPVS: sync thread started: state = BACKUP, mcast_ifn = ip6gre0, syncid = 0, id = 0 [ 147.423566][ T6360] libceph: resolve '40' (ret=-3): failed [ 147.652479][ T6374] sctp: [Deprecated]: syz.3.114 (pid 6374) Use of int in max_burst socket option. [ 147.652479][ T6374] Use struct sctp_assoc_value instead [ 147.874441][ T6383] netlink: 12 bytes leftover after parsing attributes in process `syz.2.115'. [ 147.981338][ T40] kauditd_printk_skb: 45 callbacks suppressed [ 147.981356][ T40] audit: type=1400 audit(1750289625.095:257): avc: denied { create } for pid=6382 comm="syz.3.117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 148.009371][ T40] audit: type=1400 audit(1750289625.095:258): avc: denied { ioctl } for pid=6382 comm="syz.3.117" path="socket:[8163]" dev="sockfs" ino=8163 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 148.061970][ T6379] lo speed is unknown, defaulting to 1000 [ 148.272960][ T40] audit: type=1400 audit(1750289625.405:259): avc: denied { ioctl } for pid=6395 comm="syz.0.120" path="socket:[7059]" dev="sockfs" ino=7059 ioctlcmd=0x52c8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 148.284259][ T6401] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 148.350957][ T6401] overlayfs: missing 'lowerdir' [ 148.517855][ T40] audit: type=1400 audit(1750289625.645:260): avc: denied { write } for pid=6407 comm="syz.3.123" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 148.574858][ T40] audit: type=1400 audit(1750289625.645:261): avc: denied { nlmsg_write } for pid=6407 comm="syz.3.123" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 148.595653][ T40] audit: type=1400 audit(1750289625.735:262): avc: denied { getopt } for pid=6378 comm="syz.1.116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 148.617991][ T40] audit: type=1400 audit(1750289625.735:263): avc: denied { watch watch_reads } for pid=6378 comm="syz.1.116" path="pipe:[7083]" dev="pipefs" ino=7083 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 148.644103][ T73] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 148.649123][ T6410] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 148.658736][ T6391] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 148.663554][ T6412] netlink: 'syz.3.124': attribute type 8 has an invalid length. [ 148.860354][ T73] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 148.863927][ T73] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 148.868426][ T73] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 148.870486][ T40] audit: type=1400 audit(1750289626.005:264): avc: denied { unmount } for pid=5956 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 148.888017][ T73] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 148.956643][ T73] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 148.988054][ T73] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 149.004400][ T73] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 149.007733][ T73] usb 5-1: Product: syz [ 149.013270][ T73] usb 5-1: Manufacturer: syz [ 149.039196][ T40] audit: type=1400 audit(1750289626.165:265): avc: denied { create } for pid=6417 comm="syz.1.127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 149.127103][ T73] cdc_wdm 5-1:1.0: skipping garbage [ 149.134692][ T73] cdc_wdm 5-1:1.0: skipping garbage [ 149.149979][ T73] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 149.153475][ T73] cdc_wdm 5-1:1.0: Unknown control protocol [ 149.157157][ T40] audit: type=1400 audit(1750289626.275:266): avc: denied { create } for pid=6424 comm="syz.2.126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 149.210306][ T6425] bridge_slave_0: left allmulticast mode [ 149.213389][ T6425] bridge_slave_0: left promiscuous mode [ 149.216307][ T6425] bridge0: port 1(bridge_slave_0) entered disabled state [ 149.273006][ T6431] netlink: 8 bytes leftover after parsing attributes in process `syz.3.129'. [ 149.321592][ T6425] bridge_slave_1: left allmulticast mode [ 149.325587][ T6425] bridge_slave_1: left promiscuous mode [ 149.329848][ T6425] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.348358][ T11] IPVS: starting estimator thread 0... [ 149.365746][ C0] vkms_vblank_simulate: vblank timer overrun [ 149.394775][ T6434] (syz.1.131,6434,2):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 149.400673][ T6434] (syz.1.131,6434,2):ocfs2_fill_super:1177 ERROR: status = -22 [ 149.505347][ T6432] IPVS: using max 24 ests per chain, 57600 per kthread [ 149.505688][ T6425] bond0: (slave bond_slave_0): Releasing backup interface [ 149.542447][ T6425] bond0: (slave bond_slave_1): Releasing backup interface [ 149.584320][ T6425] team0: Port device team_slave_0 removed [ 149.641552][ T6425] team0: Port device team_slave_1 removed [ 149.656459][ T6425] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 149.663843][ T6425] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 149.695723][ T11] usb 5-1: USB disconnect, device number 2 [ 149.700197][ T6425] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 149.711808][ T6425] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 149.799132][ T1426] ieee802154 phy0 wpan0: encryption failed: -22 [ 149.809399][ T1426] ieee802154 phy1 wpan1: encryption failed: -22 [ 149.932718][ C0] vkms_vblank_simulate: vblank timer overrun [ 150.220738][ C0] vkms_vblank_simulate: vblank timer overrun [ 150.235571][ T6444] netlink: 8 bytes leftover after parsing attributes in process `syz.2.134'. [ 150.301096][ T6449] netlink: 'syz.0.138': attribute type 10 has an invalid length. [ 150.499289][ T6455] netlink: 8 bytes leftover after parsing attributes in process `syz.2.141'. [ 150.562747][ T6454] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 150.746091][ T6463] netlink: 'syz.3.143': attribute type 1 has an invalid length. [ 150.853591][ C0] vkms_vblank_simulate: vblank timer overrun [ 151.295661][ T6481] tipc: Started in network mode [ 151.303416][ T6481] tipc: Node identity 6fc3, cluster identity 4711 [ 151.307309][ T6481] tipc: Node number set to 28611 [ 151.316754][ T6481] binder: 6480:6481 ioctl c0306201 2000000003c0 returned -22 [ 151.414528][ T6483] netlink: 8 bytes leftover after parsing attributes in process `syz.3.152'. [ 151.632683][ C0] vkms_vblank_simulate: vblank timer overrun [ 151.715336][ C0] vkms_vblank_simulate: vblank timer overrun [ 151.731046][ T6489] netlink: 4 bytes leftover after parsing attributes in process `syz.3.154'. [ 151.966024][ T6493] FAULT_INJECTION: forcing a failure. [ 151.966024][ T6493] name failslab, interval 1, probability 0, space 0, times 0 [ 151.992809][ T6493] CPU: 0 UID: 0 PID: 6493 Comm: syz.0.155 Not tainted 6.16.0-rc2-syzkaller-00071-g74b4cc9b8780 #0 PREEMPT(full) [ 151.992840][ T6493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 151.992852][ T6493] Call Trace: [ 151.992860][ T6493] [ 151.992869][ T6493] dump_stack_lvl+0x16c/0x1f0 [ 151.992904][ T6493] should_fail_ex+0x512/0x640 [ 151.992928][ T6493] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 151.992958][ T6493] should_failslab+0xc2/0x120 [ 151.992984][ T6493] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 151.993014][ T6493] ? vfs_parse_fs_string+0xc3/0x150 [ 151.993045][ T6493] kmemdup_nul+0x49/0xf0 [ 151.993070][ T6493] vfs_parse_fs_string+0xc3/0x150 [ 151.993096][ T6493] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 151.993121][ T6493] ? kasan_save_track+0x14/0x30 [ 151.993147][ T6493] ? ocfs2_init_fs_context+0x20b/0x2a0 [ 151.993168][ T6493] ? __pfx_ocfs2_init_fs_context+0x10/0x10 [ 151.993186][ T6493] ? alloc_fs_context+0x59b/0x9c0 [ 151.993217][ T6493] path_mount+0x675/0x2020 [ 151.993247][ T6493] ? kmem_cache_free+0x2d1/0x4d0 [ 151.993269][ T6493] ? __pfx_path_mount+0x10/0x10 [ 151.993301][ T6493] ? putname+0x154/0x1a0 [ 151.993333][ T6493] __x64_sys_mount+0x28d/0x310 [ 151.993362][ T6493] ? __pfx___x64_sys_mount+0x10/0x10 [ 151.993399][ T6493] do_syscall_64+0xcd/0x4c0 [ 151.993429][ T6493] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.993448][ T6493] RIP: 0033:0x7fb052d8e929 [ 151.993463][ T6493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.993478][ T6493] RSP: 002b:00007fb053bb5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 151.993496][ T6493] RAX: ffffffffffffffda RBX: 00007fb052fb5fa0 RCX: 00007fb052d8e929 [ 151.993506][ T6493] RDX: 0000200000000200 RSI: 0000200000000040 RDI: 00002000000001c0 [ 151.993517][ T6493] RBP: 00007fb053bb5090 R08: 0000000000000000 R09: 0000000000000000 [ 151.993527][ T6493] R10: 000000000021000d R11: 0000000000000246 R12: 0000000000000002 [ 151.993537][ T6493] R13: 0000000000000000 R14: 00007fb052fb5fa0 R15: 00007ffc91ad2f58 [ 151.993565][ T6493] [ 152.231769][ C0] vkms_vblank_simulate: vblank timer overrun [ 152.673048][ T6489] hsr_slave_0 (unregistering): left promiscuous mode [ 152.702585][ T6500] Sensor A: ================= START STATUS ================= [ 152.717103][ T6500] Sensor A: Test Pattern: 75% Colorbar [ 152.741059][ T6500] Sensor A: Show Information: All [ 152.744248][ T6500] Sensor A: Vertical Flip: false [ 152.754159][ T6500] Sensor A: Horizontal Flip: false [ 152.772487][ T6500] Sensor A: Brightness: 128 [ 152.781956][ T6500] Sensor A: Contrast: 128 [ 152.792216][ T6500] Sensor A: Hue: 0 [ 152.795797][ T6500] Sensor A: Saturation: 128 [ 152.797645][ T6500] Sensor A: ================== END STATUS ================== [ 152.973092][ T6510] netlink: 28 bytes leftover after parsing attributes in process `syz.1.162'. [ 153.094422][ T6517] netlink: 8 bytes leftover after parsing attributes in process `syz.0.165'. [ 153.193536][ T6521] netlink: 'syz.0.167': attribute type 10 has an invalid length. [ 153.287369][ T40] kauditd_printk_skb: 20 callbacks suppressed [ 153.287385][ T40] audit: type=1400 audit(1750289630.415:287): avc: denied { create } for pid=6523 comm="syz.2.168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 153.395007][ T40] audit: type=1400 audit(1750289630.525:288): avc: denied { connect } for pid=6523 comm="syz.2.168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 153.414313][ T6527] netlink: 60 bytes leftover after parsing attributes in process `syz.0.170'. [ 153.416993][ T40] audit: type=1400 audit(1750289630.525:289): avc: denied { ioctl } for pid=6523 comm="syz.2.168" path="socket:[12304]" dev="sockfs" ino=12304 ioctlcmd=0x7436 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 153.433074][ C0] vkms_vblank_simulate: vblank timer overrun [ 153.451942][ T40] audit: type=1400 audit(1750289630.555:290): avc: denied { setopt } for pid=6525 comm="syz.1.169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 153.467889][ T40] audit: type=1400 audit(1750289630.565:291): avc: denied { bind } for pid=6526 comm="syz.0.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 153.478889][ T40] audit: type=1400 audit(1750289630.575:292): avc: denied { create } for pid=6526 comm="syz.0.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 153.489053][ T40] audit: type=1400 audit(1750289630.575:293): avc: denied { bind } for pid=6526 comm="syz.0.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 153.497681][ T40] audit: type=1400 audit(1750289630.575:294): avc: denied { bind } for pid=6526 comm="syz.0.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 153.646871][ T40] audit: type=1400 audit(1750289630.775:295): avc: denied { read } for pid=6529 comm="syz.2.171" name="sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 153.647801][ T6530] program syz.2.171 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 153.674918][ T40] audit: type=1400 audit(1750289630.775:296): avc: denied { open } for pid=6529 comm="syz.2.171" path="/dev/sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 153.926905][ T6545] netlink: 'syz.2.178': attribute type 10 has an invalid length. [ 153.930271][ T6545] bond0: (slave erspan0): no link monitoring support [ 153.952518][ T6543] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.177'. [ 153.999668][ T6547] netlink: 14212 bytes leftover after parsing attributes in process `syz.3.180'. [ 154.288320][ T6564] netlink: 8 bytes leftover after parsing attributes in process `syz.3.185'. [ 154.536788][ T6571] process 'syz.1.187' launched './file1' with NULL argv: empty string added [ 154.649753][ T6577] netlink: 14212 bytes leftover after parsing attributes in process `syz.1.191'. [ 154.884715][ C0] vkms_vblank_simulate: vblank timer overrun [ 155.144429][ T6604] netlink: 8 bytes leftover after parsing attributes in process `syz.1.198'. [ 155.256671][ C0] vkms_vblank_simulate: vblank timer overrun [ 155.344742][ T1163] bond0: (slave bond_slave_0): interface is now down [ 155.349013][ T1163] bond0: (slave bond_slave_1): interface is now down [ 155.354482][ T1163] bond0: now running without any active interface! [ 155.609743][ T6621] netlink: 14212 bytes leftover after parsing attributes in process `syz.2.204'. [ 155.712820][ T6614] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.916296][ T6624] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 155.925658][ T6624] batadv_slave_0: entered promiscuous mode [ 156.061928][ T6614] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.176083][ T6626] netlink: 'syz.0.205': attribute type 10 has an invalid length. [ 156.304813][ T6614] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.425295][ C0] vkms_vblank_simulate: vblank timer overrun [ 156.561667][ T6639] 9pnet_fd: p9_fd_create_tcp (6639): problem creating socket [ 156.571304][ T6639] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4096 sclass=netlink_route_socket pid=6639 comm=syz.2.209 [ 156.587247][ T6614] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.676718][ T6641] netlink: 8 bytes leftover after parsing attributes in process `syz.0.210'. [ 156.682197][ T71] bond0: (slave bond_slave_0): interface is now down [ 156.691835][ T71] bond0: (slave bond_slave_1): interface is now down [ 156.699206][ T71] bond0: now running without any active interface! [ 156.732799][ C0] vkms_vblank_simulate: vblank timer overrun [ 156.857953][ T6614] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.887452][ T6614] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.997663][ T6614] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.031130][ T6648] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 157.058999][ T6648] IPv6: NLM_F_CREATE should be set when creating new route [ 157.073637][ T6614] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.082685][ C0] vkms_vblank_simulate: vblank timer overrun [ 157.362788][ T6655] netlink: 'syz.1.215': attribute type 8 has an invalid length. [ 157.528461][ T6660] FAULT_INJECTION: forcing a failure. [ 157.528461][ T6660] name failslab, interval 1, probability 0, space 0, times 0 [ 157.556178][ T6660] CPU: 1 UID: 0 PID: 6660 Comm: syz.0.217 Not tainted 6.16.0-rc2-syzkaller-00071-g74b4cc9b8780 #0 PREEMPT(full) [ 157.556199][ T6660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 157.556208][ T6660] Call Trace: [ 157.556213][ T6660] [ 157.556219][ T6660] dump_stack_lvl+0x16c/0x1f0 [ 157.556246][ T6660] should_fail_ex+0x512/0x640 [ 157.556266][ T6660] ? __kmalloc_noprof+0xbf/0x510 [ 157.556287][ T6660] ? lsm_blob_alloc+0x68/0x90 [ 157.556301][ T6660] should_failslab+0xc2/0x120 [ 157.556324][ T6660] __kmalloc_noprof+0xd2/0x510 [ 157.556347][ T6660] ? __pfx_super_s_dev_test+0x10/0x10 [ 157.556364][ T6660] lsm_blob_alloc+0x68/0x90 [ 157.556379][ T6660] security_sb_alloc+0x28/0x230 [ 157.556398][ T6660] alloc_super+0x23d/0xbd0 [ 157.556418][ T6660] ? sget_fc+0xd3/0xc20 [ 157.556441][ T6660] ? __pfx_super_s_dev_test+0x10/0x10 [ 157.556458][ T6660] sget_fc+0x116/0xc20 [ 157.556478][ T6660] ? __pfx_super_s_dev_set+0x10/0x10 [ 157.556497][ T6660] get_tree_bdev_flags+0x1ba/0x620 [ 157.556518][ T6660] ? __pfx_ocfs2_fill_super+0x10/0x10 [ 157.556564][ T6660] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 157.556590][ T6660] ? bpf_lsm_capable+0x9/0x10 [ 157.556607][ T6660] ? security_capable+0x7e/0x260 [ 157.556626][ T6660] vfs_get_tree+0x8b/0x340 [ 157.556644][ T6660] path_mount+0x1414/0x2020 [ 157.556670][ T6660] ? kmem_cache_free+0x2d1/0x4d0 [ 157.556689][ T6660] ? __pfx_path_mount+0x10/0x10 [ 157.556716][ T6660] ? putname+0x154/0x1a0 [ 157.556750][ T6660] __x64_sys_mount+0x28d/0x310 [ 157.556777][ T6660] ? __pfx___x64_sys_mount+0x10/0x10 [ 157.556810][ T6660] do_syscall_64+0xcd/0x4c0 [ 157.556837][ T6660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.556853][ T6660] RIP: 0033:0x7fb052d8e929 [ 157.556867][ T6660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 157.556883][ T6660] RSP: 002b:00007fb053bb5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 157.556899][ T6660] RAX: ffffffffffffffda RBX: 00007fb052fb5fa0 RCX: 00007fb052d8e929 [ 157.556910][ T6660] RDX: 0000200000000200 RSI: 0000200000000040 RDI: 00002000000001c0 [ 157.556920][ T6660] RBP: 00007fb053bb5090 R08: 0000000000000000 R09: 0000000000000000 [ 157.556930][ T6660] R10: 000000000021000d R11: 0000000000000246 R12: 0000000000000002 [ 157.556939][ T6660] R13: 0000000000000000 R14: 00007fb052fb5fa0 R15: 00007ffc91ad2f58 [ 157.556962][ T6660] [ 158.180433][ T6693] netlink: 'syz.0.226': attribute type 8 has an invalid length. [ 158.187783][ T6695] random: crng reseeded on system resumption [ 158.657765][ T6715] netlink: 'syz.0.232': attribute type 10 has an invalid length. [ 158.661488][ T6715] bond0: (slave erspan0): no link monitoring support [ 159.223136][ T6725] netlink: 'syz.3.236': attribute type 8 has an invalid length. [ 159.456881][ T6740] netlink: 'syz.1.241': attribute type 10 has an invalid length. [ 159.461079][ T6740] bond0: (slave erspan0): no link monitoring support [ 159.572124][ T6749] random: crng reseeded on system resumption [ 159.635233][ T6752] capability: warning: `syz.2.245' uses deprecated v2 capabilities in a way that may be insecure [ 159.755045][ T6754] __nla_validate_parse: 2 callbacks suppressed [ 159.755061][ T6754] netlink: 8 bytes leftover after parsing attributes in process `syz.0.246'. [ 159.830207][ T40] kauditd_printk_skb: 27 callbacks suppressed [ 159.830223][ T40] audit: type=1400 audit(1750289636.965:324): avc: denied { create } for pid=6755 comm="syz.2.247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 160.069901][ T6770] can0: slcan on ptm1. [ 160.089918][ T40] audit: type=1400 audit(1750289637.225:325): avc: denied { append } for pid=6769 comm="syz.2.251" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 160.124533][ T40] audit: type=1400 audit(1750289637.225:326): avc: denied { watch_mount watch_reads } for pid=6769 comm="syz.2.251" path="/57" dev="tmpfs" ino=306 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 160.329907][ T6770] can0 (unregistered): slcan off ptm1. [ 160.500919][ T6792] netlink: 8 bytes leftover after parsing attributes in process `syz.3.255'. [ 160.759236][ T6805] netlink: 'syz.2.261': attribute type 8 has an invalid length. [ 160.926585][ T6813] netlink: 12 bytes leftover after parsing attributes in process `syz.0.264'. [ 160.974711][ T6816] netlink: 8 bytes leftover after parsing attributes in process `syz.1.268'. [ 160.979611][ T6817] netlink: 'syz.2.267': attribute type 10 has an invalid length. [ 160.986897][ T6813] program syz.0.264 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 160.986990][ T6813] ata1.00: non-matching transfer count (-1217444740/143) [ 161.026602][ T6817] bond0: (slave erspan0): no link monitoring support [ 161.060447][ T40] audit: type=1400 audit(1750289638.185:327): avc: denied { setopt } for pid=6818 comm="syz.3.266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 161.099729][ T6821] FAULT_INJECTION: forcing a failure. [ 161.099729][ T6821] name failslab, interval 1, probability 0, space 0, times 0 [ 161.118755][ T40] audit: type=1400 audit(1750289638.185:328): avc: denied { create } for pid=6818 comm="syz.3.266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 161.130208][ T6821] CPU: 1 UID: 0 PID: 6821 Comm: syz.1.270 Not tainted 6.16.0-rc2-syzkaller-00071-g74b4cc9b8780 #0 PREEMPT(full) [ 161.130238][ T6821] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 161.130250][ T6821] Call Trace: [ 161.130257][ T6821] [ 161.130264][ T6821] dump_stack_lvl+0x16c/0x1f0 [ 161.130300][ T6821] should_fail_ex+0x512/0x640 [ 161.130325][ T6821] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 161.130356][ T6821] should_failslab+0xc2/0x120 [ 161.130385][ T6821] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 161.130412][ T6821] ? __d_alloc+0x31/0xaa0 [ 161.130446][ T6821] __d_alloc+0x31/0xaa0 [ 161.130480][ T6821] d_alloc_pseudo+0x1c/0xc0 [ 161.130502][ T6821] alloc_file_pseudo_noaccount+0xcf/0x230 [ 161.130526][ T6821] ? __pfx_alloc_file_pseudo_noaccount+0x10/0x10 [ 161.130558][ T6821] bdev_file_open_by_dev+0x143/0x210 [ 161.130587][ T6821] setup_bdev_super+0x78/0x730 [ 161.130613][ T6821] get_tree_bdev_flags+0x363/0x620 [ 161.130637][ T6821] ? __pfx_ocfs2_fill_super+0x10/0x10 [ 161.130665][ T6821] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 161.130702][ T6821] ? bpf_lsm_capable+0x9/0x10 [ 161.130722][ T6821] ? security_capable+0x7e/0x260 [ 161.130747][ T6821] vfs_get_tree+0x8b/0x340 [ 161.130767][ T6821] path_mount+0x1414/0x2020 [ 161.130799][ T6821] ? kmem_cache_free+0x2d1/0x4d0 [ 161.130821][ T6821] ? __pfx_path_mount+0x10/0x10 [ 161.130854][ T6821] ? putname+0x154/0x1a0 [ 161.130888][ T6821] __x64_sys_mount+0x28d/0x310 [ 161.130918][ T6821] ? __pfx___x64_sys_mount+0x10/0x10 [ 161.130955][ T6821] do_syscall_64+0xcd/0x4c0 [ 161.130987][ T6821] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.131008][ T6821] RIP: 0033:0x7fb0f0f8e929 [ 161.131024][ T6821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.131042][ T6821] RSP: 002b:00007fb0f1e66038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 161.131061][ T6821] RAX: ffffffffffffffda RBX: 00007fb0f11b5fa0 RCX: 00007fb0f0f8e929 [ 161.131073][ T6821] RDX: 0000200000000200 RSI: 0000200000000040 RDI: 00002000000001c0 [ 161.131084][ T6821] RBP: 00007fb0f1e66090 R08: 0000000000000000 R09: 0000000000000000 [ 161.131096][ T6821] R10: 000000000021000d R11: 0000000000000246 R12: 0000000000000002 [ 161.131107][ T6821] R13: 0000000000000000 R14: 00007fb0f11b5fa0 R15: 00007ffd85eb8938 [ 161.131133][ T6821] [ 161.131143][ T6821] /dev/sr0: Can't open blockdev [ 161.231343][ T6825] capability: warning: `syz.3.271' uses 32-bit capabilities (legacy support in use) [ 161.348812][ T6828] netlink: 8 bytes leftover after parsing attributes in process `syz.2.272'. [ 161.431957][ T40] audit: type=1400 audit(1750289638.565:329): avc: denied { create } for pid=6831 comm="syz.1.274" name="file7" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 161.463361][ T6832] netlink: 4 bytes leftover after parsing attributes in process `syz.1.274'. [ 161.517076][ T40] audit: type=1400 audit(1750289638.635:330): avc: denied { create } for pid=6824 comm="syz.3.271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 161.533296][ T6834] FAULT_INJECTION: forcing a failure. [ 161.533296][ T6834] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 161.557842][ T6834] CPU: 2 UID: 0 PID: 6834 Comm: syz.2.275 Not tainted 6.16.0-rc2-syzkaller-00071-g74b4cc9b8780 #0 PREEMPT(full) [ 161.557867][ T6834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 161.557879][ T6834] Call Trace: [ 161.557885][ T6834] [ 161.557891][ T6834] dump_stack_lvl+0x16c/0x1f0 [ 161.557923][ T6834] should_fail_ex+0x512/0x640 [ 161.557951][ T6834] _copy_from_iter+0x29f/0x16f0 [ 161.557979][ T6834] ? __alloc_skb+0x200/0x380 [ 161.558003][ T6834] ? __pfx__copy_from_iter+0x10/0x10 [ 161.558027][ T6834] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 161.558055][ T6834] netlink_sendmsg+0x829/0xdd0 [ 161.558078][ T6834] ? __pfx_netlink_sendmsg+0x10/0x10 [ 161.558102][ T6834] ____sys_sendmsg+0xa95/0xc70 [ 161.558117][ T6834] ? copy_msghdr_from_user+0x10a/0x160 [ 161.558137][ T6834] ? __pfx_____sys_sendmsg+0x10/0x10 [ 161.558161][ T6834] ___sys_sendmsg+0x134/0x1d0 [ 161.558182][ T6834] ? __pfx____sys_sendmsg+0x10/0x10 [ 161.558200][ T6834] ? __lock_acquire+0x622/0x1c90 [ 161.558248][ T6834] __sys_sendmsg+0x16d/0x220 [ 161.558269][ T6834] ? __pfx___sys_sendmsg+0x10/0x10 [ 161.558304][ T6834] do_syscall_64+0xcd/0x4c0 [ 161.558328][ T6834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.558343][ T6834] RIP: 0033:0x7f5b1398e929 [ 161.558357][ T6834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.558371][ T6834] RSP: 002b:00007f5b14891038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 161.558386][ T6834] RAX: ffffffffffffffda RBX: 00007f5b13bb5fa0 RCX: 00007f5b1398e929 [ 161.558395][ T6834] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004 [ 161.558404][ T6834] RBP: 00007f5b14891090 R08: 0000000000000000 R09: 0000000000000000 [ 161.558412][ T6834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 161.558420][ T6834] R13: 0000000000000000 R14: 00007f5b13bb5fa0 R15: 00007ffcec3b7d58 [ 161.558441][ T6834] [ 161.750321][ T6841] netlink: 'syz.0.278': attribute type 8 has an invalid length. [ 161.832171][ T6843] netlink: 8 bytes leftover after parsing attributes in process `syz.2.279'. [ 162.022017][ T6848] netlink: 'syz.0.282': attribute type 10 has an invalid length. [ 162.024620][ T6848] bond0: (slave erspan0): no link monitoring support [ 162.030847][ T6849] netlink: 8 bytes leftover after parsing attributes in process `syz.1.280'. [ 162.116208][ T6851] netlink: 204 bytes leftover after parsing attributes in process `syz.2.283'. [ 162.263524][ T6861] netlink: 8 bytes leftover after parsing attributes in process `syz.0.284'. [ 162.365188][ T40] audit: type=1400 audit(1750289639.485:331): avc: denied { create } for pid=6863 comm="syz.1.286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 162.374690][ T40] audit: type=1400 audit(1750289639.485:332): avc: denied { setopt } for pid=6863 comm="syz.1.286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 162.402778][ T6863] delete_channel: no stack [ 162.570396][ T40] audit: type=1400 audit(1750289639.705:333): avc: denied { add_name } for pid=6873 comm="syz.0.290" name="file4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 162.593294][ T6878] netlink: 'syz.1.291': attribute type 8 has an invalid length. [ 162.606370][ T6874] QAT: Device 7 not found [ 162.813385][ T6885] netlink: 'syz.3.293': attribute type 10 has an invalid length. [ 162.826588][ T6885] bond0: (slave erspan0): no link monitoring support [ 162.863849][ T6886] (syz.2.289,6886,2):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 162.868344][ T6886] (syz.2.289,6886,2):ocfs2_fill_super:1177 ERROR: status = -22 [ 162.892452][ T1145] ------------[ cut here ]------------ [ 162.897914][ T1145] RTNL: assertion failed at ./include/net/netdev_lock.h (72) [ 162.918458][ T1145] WARNING: CPU: 0 PID: 1145 at ./include/net/netdev_lock.h:72 __linkwatch_sync_dev+0x1ed/0x230 [ 162.931125][ T1145] Modules linked in: [ 162.932932][ T1145] CPU: 0 UID: 0 PID: 1145 Comm: kworker/u32:6 Not tainted 6.16.0-rc2-syzkaller-00071-g74b4cc9b8780 #0 PREEMPT(full) [ 162.939817][ T1145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 162.991244][ T1145] Workqueue: bond0 bond_mii_monitor [ 162.993570][ T1145] RIP: 0010:__linkwatch_sync_dev+0x1ed/0x230 [ 162.995896][ T1145] Code: 05 ff ff ff e8 54 94 59 f8 c6 05 2f fa 2d 07 01 90 ba 48 00 00 00 48 c7 c6 c0 98 e3 8c 48 c7 c7 60 98 e3 8c e8 b4 58 18 f8 90 <0f> 0b 90 90 e9 d6 fe ff ff 48 c7 c7 44 47 a8 90 e8 0e 6c c0 f8 e9 [ 163.004326][ T1145] RSP: 0018:ffffc900060a79f0 EFLAGS: 00010286 [ 163.006615][ T1145] RAX: 0000000000000000 RBX: ffff8880533da000 RCX: ffffffff817ae248 [ 163.010567][ T1145] RDX: ffff888029852440 RSI: ffffffff817ae255 RDI: 0000000000000001 [ 163.016821][ T1145] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 163.023815][ T1145] R10: 0000000000000001 R11: 0000000000000001 R12: 1ffff92000c14f48 [ 163.030126][ T1145] R13: ffff8880533dacc5 R14: ffffffff8c591800 R15: ffffffff899bc4d0 [ 163.034765][ T1145] FS: 0000000000000000(0000) GS:ffff8880d6753000(0000) knlGS:0000000000000000 [ 163.039344][ T1145] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.042881][ T1145] CR2: 00007fcbc30e56c0 CR3: 000000005211c000 CR4: 0000000000352ef0 [ 163.046556][ T1145] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 163.050756][ T1145] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 163.054765][ T1145] Call Trace: [ 163.056354][ T1145] [ 163.058136][ T1145] ethtool_op_get_link+0x1d/0x70 [ 163.065563][ T1145] bond_check_dev_link+0x3f9/0x710 [ 163.067740][ T1145] ? __pfx_bond_check_dev_link+0x10/0x10 [ 163.075372][ T1145] bond_mii_monitor+0x3c0/0x2dc0 [ 163.083923][ T1145] ? __pfx_bond_mii_monitor+0x10/0x10 [ 163.087796][ T1145] ? rcu_is_watching+0x12/0xc0 [ 163.090876][ T1145] process_one_work+0x9cc/0x1b70 [ 163.095020][ T1145] ? __pfx_process_one_work+0x10/0x10 [ 163.098143][ T1145] ? assign_work+0x1a0/0x250 [ 163.101032][ T1145] worker_thread+0x6c8/0xf10 [ 163.103407][ T1145] ? __pfx_worker_thread+0x10/0x10 [ 163.106636][ T1145] kthread+0x3c2/0x780 [ 163.109656][ T1145] ? __pfx_kthread+0x10/0x10 [ 163.112233][ T1145] ? rcu_is_watching+0x12/0xc0 [ 163.115327][ T1145] ? __pfx_kthread+0x10/0x10 [ 163.119214][ T1145] ret_from_fork+0x5d4/0x6f0 [ 163.125778][ T1145] ? __pfx_kthread+0x10/0x10 [ 163.127892][ T1145] ret_from_fork_asm+0x1a/0x30 [ 163.130657][ T1145] [ 163.132269][ T1145] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 163.135730][ T1145] CPU: 0 UID: 0 PID: 1145 Comm: kworker/u32:6 Not tainted 6.16.0-rc2-syzkaller-00071-g74b4cc9b8780 #0 PREEMPT(full) [ 163.211024][ T1145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 163.216067][ T1145] Workqueue: bond0 bond_mii_monitor [ 163.218034][ T1145] Call Trace: [ 163.219376][ T1145] [ 163.220768][ T1145] dump_stack_lvl+0x3d/0x1f0 [ 163.232495][ T1145] panic+0x71c/0x800 [ 163.234018][ T1145] ? __pfx_panic+0x10/0x10 [ 163.235770][ T1145] ? show_trace_log_lvl+0x29b/0x3e0 [ 163.237944][ T1145] ? check_panic_on_warn+0x1f/0xb0 [ 163.240340][ T1145] ? __linkwatch_sync_dev+0x1ed/0x230 [ 163.253150][ T1145] check_panic_on_warn+0xab/0xb0 [ 163.255426][ T1145] __warn+0xf6/0x3c0 [ 163.257020][ T1145] ? preempt_schedule_notrace+0x62/0xe0 [ 163.259453][ T1145] ? __linkwatch_sync_dev+0x1ed/0x230 [ 163.277513][ T1145] report_bug+0x3c3/0x580 [ 163.279457][ T1145] ? __linkwatch_sync_dev+0x1ed/0x230 [ 163.282212][ T1145] handle_bug+0x184/0x210 [ 163.284951][ T1145] exc_invalid_op+0x17/0x50 [ 163.287409][ T1145] asm_exc_invalid_op+0x1a/0x20 [ 163.290500][ T1145] RIP: 0010:__linkwatch_sync_dev+0x1ed/0x230 [ 163.294354][ T1145] Code: 05 ff ff ff e8 54 94 59 f8 c6 05 2f fa 2d 07 01 90 ba 48 00 00 00 48 c7 c6 c0 98 e3 8c 48 c7 c7 60 98 e3 8c e8 b4 58 18 f8 90 <0f> 0b 90 90 e9 d6 fe ff ff 48 c7 c7 44 47 a8 90 e8 0e 6c c0 f8 e9 [ 163.301847][ T1145] RSP: 0018:ffffc900060a79f0 EFLAGS: 00010286 [ 163.304519][ T1145] RAX: 0000000000000000 RBX: ffff8880533da000 RCX: ffffffff817ae248 [ 163.307528][ T1145] RDX: ffff888029852440 RSI: ffffffff817ae255 RDI: 0000000000000001 [ 163.310313][ T1145] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 163.314724][ T1145] R10: 0000000000000001 R11: 0000000000000001 R12: 1ffff92000c14f48 [ 163.318236][ T1145] R13: ffff8880533dacc5 R14: ffffffff8c591800 R15: ffffffff899bc4d0 [ 163.321582][ T1145] ? __pfx_ethtool_op_get_link+0x10/0x10 [ 163.324120][ T1145] ? __warn_printk+0x198/0x350 [ 163.325861][ T1145] ? __warn_printk+0x1a5/0x350 [ 163.327652][ T1145] ethtool_op_get_link+0x1d/0x70 [ 163.329854][ T1145] bond_check_dev_link+0x3f9/0x710 [ 163.332415][ T1145] ? __pfx_bond_check_dev_link+0x10/0x10 [ 163.335867][ T1145] bond_mii_monitor+0x3c0/0x2dc0 [ 163.338575][ T1145] ? __pfx_bond_mii_monitor+0x10/0x10 [ 163.341166][ T1145] ? rcu_is_watching+0x12/0xc0 [ 163.343604][ T1145] process_one_work+0x9cc/0x1b70 [ 163.346483][ T1145] ? __pfx_process_one_work+0x10/0x10 [ 163.349582][ T1145] ? assign_work+0x1a0/0x250 [ 163.353008][ T1145] worker_thread+0x6c8/0xf10 [ 163.358333][ T1145] ? __pfx_worker_thread+0x10/0x10 [ 163.361588][ T1145] kthread+0x3c2/0x780 [ 163.365677][ T1145] ? __pfx_kthread+0x10/0x10 [ 163.384745][ T1145] ? rcu_is_watching+0x12/0xc0 [ 163.386466][ T1145] ? __pfx_kthread+0x10/0x10 [ 163.388108][ T1145] ret_from_fork+0x5d4/0x6f0 [ 163.389805][ T1145] ? __pfx_kthread+0x10/0x10 [ 163.391662][ T1145] ret_from_fork_asm+0x1a/0x30 [ 163.393628][ T1145] [ 163.423713][ T1145] Kernel Offset: disabled [ 163.428538][ T1145] Rebooting in 86400 seconds.. VM DIAGNOSIS: 23:34:01 Registers: info registers vcpu 0 CPU#0 RAX=000000000000000a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff855b8495 RDI=ffffffff9b089360 RBP=ffffffff9b089320 RSP=ffffc900060a73f0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=000000000000000a R14=ffffffff9b089320 R15=ffffffff855b8430 RIP=ffffffff855b84bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6753000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fcbc30e56c0 CR3=000000005211c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080040001 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcd89e5f90 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc2411b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc2411b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc2411b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc2411b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc2411bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbc2411c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000005 0000000000000000 0000000000000000 000000000000016d ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000046 RBX=ffff88802b969ed8 RCX=ffffffff93e02640 RDX=0000000000000000 RSI=ffffffff8ddf4c43 RDI=ffffffff8c1579e0 RBP=0000000000000000 RSP=ffffc90006047a28 R8 =cf06f975c8d08081 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff81987d02 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 000fffff 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 000fffff 00000000 FS =0000 0000000000000000 000fffff 00000000 GS =0000 ffff8880d6853000 000fffff 00000000 LDT=0000 0000000000000000 000fffff 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffc91ad1f88 CR3=00000000513e7000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000020081 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc91ad21f0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb052e11b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb052e11b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb052e11b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb052e11b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb052e11bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb052e11c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 2074657365720064 656c696166202973 2528746174736c00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 0551405640570041 40494c4443050c56 000d514451564900 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000009 RCX=ffffffff95d55db0 RDX=0000000000000008 RSI=ffff88803201d398 RDI=ffff88803201c880 RBP=ffffc9000383f468 RSP=ffffc9000383f3d0 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000028 R11=0000000000000001 R12=ffff88803201d398 R13=0000000000000200 R14=0000000000000001 R15=ffff88803201c880 RIP=ffffffff81984f78 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f0fda594880 ffffffff 00c00000 GS =0000 ffff8880d6953000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fb0f1e45d58 CR3=0000000032c50000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002000002 Opmask01=0000000000080410 Opmask02=00000000ffffffff Opmask03=0000000001041000 Opmask04=00000000ffffdfff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005585eced8290 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737373 7373737373737373 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005585ecd30148 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffff00 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373734042034373 431e161e035c1810 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1c1f115c435d4316 10120300161e121d ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e69646165520073 25203a656c696620 7974706d6520676e 697070696b530065 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4245484d4952005f 090c164940454a0c 55585c41490c4b42 455c5c4547530049 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f6d697377685f31 3132303863616d2f 6c6175747269762f 736563697665642f ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005585ecd3e1f0 00005580b48ad191 0000000000000031 00005585ec000033 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 322e392d3533712d 63707276703a2939 3030322c39484349 2b35335128435064 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7261646e6174536e 703a554d45516e76 733a302e3072623a 343130322f31302f ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343064623a312b32 316f70627e322d33 2e36312e312d6e61 696265642d332e36 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000005a2b5 RBX=0000000000000003 RCX=ffffffff8b800c19 RDX=0000000000000000 RSI=ffffffff8de1a118 RDI=ffffffff8c1579e0 RBP=ffffed1003c5b000 RSP=ffffc90000197df8 R8 =0000000000000001 R9 =ffffed100d4e6645 R10=ffff88806a73322b R11=0000000000000001 R12=0000000000000003 R13=ffff88801e2d8000 R14=ffffffff90a81550 R15=0000000000000000 RIP=ffffffff8b7ff77f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6a53000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000110c3aebee CR3=0000000050a13000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080040001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcec3b80e0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5b13a11b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5b13a11b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5b13a11b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5b13a11b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5b13a11bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5b13a11c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000