last executing test programs: 49.170968355s ago: executing program 2 (id=2006): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x2, &(0x7f0000002400)=0x0) io_submit(r1, 0x1, &(0x7f0000000940)=[&(0x7f0000000100)={0x20000000f4, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) 40.560901789s ago: executing program 2 (id=2006): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x2, &(0x7f0000002400)=0x0) io_submit(r1, 0x1, &(0x7f0000000940)=[&(0x7f0000000100)={0x20000000f4, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) 32.047508216s ago: executing program 2 (id=2006): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x2, &(0x7f0000002400)=0x0) io_submit(r1, 0x1, &(0x7f0000000940)=[&(0x7f0000000100)={0x20000000f4, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) 24.277277361s ago: executing program 2 (id=2006): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x2, &(0x7f0000002400)=0x0) io_submit(r1, 0x1, &(0x7f0000000940)=[&(0x7f0000000100)={0x20000000f4, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) 14.418572385s ago: executing program 2 (id=2006): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x2, &(0x7f0000002400)=0x0) io_submit(r1, 0x1, &(0x7f0000000940)=[&(0x7f0000000100)={0x20000000f4, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) 5.890328577s ago: executing program 2 (id=2006): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x2, &(0x7f0000002400)=0x0) io_submit(r1, 0x1, &(0x7f0000000940)=[&(0x7f0000000100)={0x20000000f4, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) 3.470278553s ago: executing program 1 (id=3149): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x5, 0x30, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {0x7, 0x4, 0x4, 0xfffa}, 0x3d, [0x6, 0xc95a, 0xfffffff3, 0x8, 0x80, 0x6, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0xa, 0x0, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x7, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0xfffffffe, 0xff, 0x10000, 0xe661, 0x4, 0x1000007, 0x3, 0x8001, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x2, 0x71, 0x7, 0x1000007, 0x103, 0x2, 0x5, 0x3d, 0x8f, 0x6, 0x1, 0x4, 0x5, 0x5, 0x5, 0x4000, 0x80, 0x0, 0x5, 0x6, 0x8, 0x1, 0x1, 0x40], [0x10000007, 0x80010002, 0x12b, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0x3, 0xf9, 0xd, 0x0, 0x6c9, 0x1ff, 0xfffffffe, 0x3, 0x0, 0x7, 0x10000005, 0x2f, 0xe, 0x313, 0x78, 0xea4, 0x6, 0x4, 0x4, 0x8000, 0x5, 0x400, 0x1, 0x6, 0x400001, 0xff, 0x1005, 0x7ff, 0x5f31, 0x4, 0xffffffff, 0x6, 0x1000004, 0x9, 0x4, 0x9, 0x8, 0x8, 0xf, 0x5, 0x0, 0x3, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x8, 0x3, 0x4, 0x1, 0x7, 0x6, 0x9, 0x48c936d0, 0x2, 0xfc], [0x5, 0x1, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x8, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x3, 0x5, 0x8, 0x1, 0x3, 0x10000009, 0x3e7, 0xb, 0x5, 0x2, 0x40002, 0xf, 0x8, 0x84, 0x6d01, 0x5, 0x3b, 0x3, 0x200, 0x80, 0x5, 0x4, 0x2, 0x8004, 0xa2, 0x7, 0x53cf697b, 0x5, 0x4, 0x54fe12da, 0xbf, 0x5, 0x3, 0x400000, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x2, 0x9, 0x4, 0x3], [0x9, 0xbb31, 0x3, 0xfffffffc, 0x5, 0x938, 0x6, 0x6, 0x10000000, 0x5b, 0xce7, 0x1ff, 0x6, 0x7, 0x5, 0x3, 0x104, 0x80000000, 0x5, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x8000014c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000003, 0x5, 0x8, 0xffffffff, 0x3, 0x7, 0xffff, 0x3, 0x8, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c0b, 0x0, 0x2, 0x5, 0xb1c, 0x1, 0x200, 0xfff, 0x9]}, 0x45c) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000940)={'filter\x00', 0x104, 0x4, 0x3f0, 0x220, 0x220, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @multicast2, @empty, 0x1, 0xffffffff}}}, {{@uncond, 0xc0, 0x110, 0x0, {0xb000000}}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @mac=@random="cab170e97230", @multicast1, @remote, 0x8}}}, {{@arp={@rand_addr, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xffffffff, 0xff000000, 0x0, 0x0, {@mac=@remote, {[0x0, 0x0, 0xff]}}, {}, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 'xfrm0\x00', 'ipvlan1\x00', {}, {0xff}}, 0xc0, 0xe8}, @unspec=@AUDIT={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900), 0x0) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @private0={0xfc, 0x0, '\x00', 0xfd}}, 0x1c) 2.558746825s ago: executing program 1 (id=3166): openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0) syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc513, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xa0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0xfd, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x400}}}}}]}}]}}, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) syz_open_dev$vim2m(&(0x7f0000001440), 0x2, 0x2) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYRES16=r1]) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$unix(0x1, 0x2, 0x0) bind$unix(r4, &(0x7f00000000c0)=@abs={0x1}, 0x6e) bind$unix(r4, &(0x7f0000000000)=@file={0x1, './file1\x00'}, 0x6e) r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r5, 0x8910, &(0x7f0000000000)={'ip6gretap0\x00', @ifru_mtu=0x6}) ioctl$sock_netdev_private(r5, 0x8914, &(0x7f0000000000)) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newlink={0x40, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_INDEX={0x8, 0x15, 0x17e80}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x0) 1.099929972s ago: executing program 3 (id=3174): mknod(&(0x7f0000000240)='./file3\x00', 0x0, 0x0) utimensat(0xffffffffffffff9c, &(0x7f0000000080)='./file3\x00', &(0x7f0000000040)={{0x0, 0x3ffffffe}, {0x0, 0x3fffffff}}, 0x0) syz_open_dev$I2C(&(0x7f0000000040), 0x7f9f, 0x0) 966.073803ms ago: executing program 3 (id=3175): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@bridge_dellink={0x2c, 0x13, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x4, 0x0, 0x1, {0x4, 0xa}}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x88d0}, 0x44800) (fail_nth: 6) 850.003777ms ago: executing program 3 (id=3178): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) creat(&(0x7f0000000440)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='hugetlbfs\x00', 0x0, 0x0) mount$fuseblk(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0xc0ed0000, &(0x7f0000000280)={{}, 0x2c, {'rootmode', 0x3d, 0x2000}}) 788.032512ms ago: executing program 3 (id=3180): r0 = socket(0x15, 0x5, 0x0) getsockopt(r0, 0x200000000114, 0x2718, 0x0, 0x0) 752.559055ms ago: executing program 3 (id=3181): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYBLOB="180000001e0001"], 0x78}}, 0x0) setsockopt$RDS_RECVERR(r0, 0x114, 0x5, &(0x7f0000000000)=0x1, 0x4) 650.525063ms ago: executing program 3 (id=3182): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) symlink(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0/../file0/file0\x00') lstat(&(0x7f0000000140)='./file0/../file0/file0\x00', 0x0) read$FUSE(r0, &(0x7f000000e280)={0x2020, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000380)={0x50, 0x0, r1}, 0x50) syz_fuse_handle_req(r0, &(0x7f0000008280)="03680f2a20da68ab7a58c28b635d19c32b6efabb6ae3b5eee5a74d8943c613539e166c8baef50500824343a2f05093a5c21f746caefe9f9bccd83cca0fc28da20e2706308c61398dfce5f54ea9f266791ba29a4c7da158637def8b816aa296815ff13c06d632df45feaec1fd272ec1b510eaf58fe6b26cc36df3ecc0f5b1f258a190304e2519dd39ba9f5bc1788926ced5202e3b1e3afa16ae0b5d66dc05b36d3a00f72e5f318f8bdfc7eddc94238c50031d0657a22445ad0b3b90a86b086eed837a00bf0a3888bf61b4db57d6d8d6b286bbb13ba3b246def60ac34241eb843f89fe77d7e3e52573e90d791f21d4a8dfcc24ba95db60e2135634c02bd4b14535285df4fbe381ec036d876c4c8057c79371fa9717414590890e182a7b9e0ab927812083acf0d04e04c20c0555c8ceedc5bcf9b0e814be6eca98ce7b2f9f17d098bea541b75a1617c09fa99902ad746811f89a1fc5e6a80d77528247d6c104395715d2c9f9102f070a295f20c4307b9e848d3928b50985bfa2486893139761925b8fab96d26291243db23c4fd4d96864f4db860731a4e3e10b52d8d0487f5a8536cb4507dbdc111570ad0321b918edbc52807c2e0676d3257553702d9c1bd6741e9cd5cdeb3b8f636b6eb02a3b0066d7f677d586de5018850000f000ab3960f6656fb98039ceb6400d0299c356fc22b7298ed157c667bed5563fac2192a8ff7706a9e58d9d2f92632d6b25d8b090642e3f323bf7ff4d8264617a43a97099dd7347fbe3b1c439737913f17eff57f3e1ff4fdac374fb554e9a6a1ff32daa69507698d660d8d5f591801d8e4a9309342c3dc84966dbfcd2652800200bcb0dde9d456b7a07c5409f4f5387d0150daa34dbc865c6108d34dcc51eedb277e9638b43ce3c9afac5d7aa0f8542e58b0a84632a07557b041845d0012cf016ef065f97660b731ce1b79493de71def047277a3ae6d4a0d86591847d3475926039848c5baf6e1b43bc83053855182423156e54cadc8c85089265b49da853d15e5a701fedf2bf7986a723abf72e513fa05cb178345f2fcc859df49e74c8ccef196000a05cb090f22986ffb6f8f74ab41d2d88b6b535507a23b03d2fc2743f6f69fbcd43b8ff52b1ba32fa0137d542c515569b7f486f8ffa02ad1f54767f51701eb4c141437720884d529a57e17bc2837799124f7f112f42bd90f5b435d7a5d7524f7667bb7a6266263e62bf7ebf6896888d584c65a530b766111f078630d8629ffa91acb5ed02498549bd7e042acae0fab7ccb23278088a364be3da9619d91e1061bbaa9b33c3c5fbbcbc725ce8c2cc9ab0f2b4d30078040d3ca79d3ca056c360381ee87e743dea73a25ea2b4843f9ef280feb507f933fb556c718d8bf8f8618db72805b65d381b319f65c745c1e5060dae2f498852e79aff8dd9c88fd939a31871a430d3ba96fb118c79d1b08a397af23b1a188d1802106f588c768a1e6c9d244ac9a38d2a54ed50f19b78bf25e0ae1f9337ceaa8ff5ca8640104b19bcd643b51501d4e03ed5ffb383e7ed0ab78d540ae10bbd64fba1af59a4190215b7d10230992bbb4ff618d8284a2e2446990511fc2bff07cce9ba94a11d3db041e220e3d931fdf129d8ec2c9b17d6587a0044c9e09f52848db43ddc0df94513cc9e94e9d427623502a910deea0f21d86b16366769a46bf0d6d9fc0d2cd6b98ed885e9e2d765bdd051196bf20bd27c46ec902726d96de352c346d904fa00d63b67d272f116dce489f9d636cef61b441b9c113addec983b8b2fbdb2b32049e436c972b2fcf5140dc7b094c5047cb6226da700b72aeb3febdf16a75b6f61a311f606251c99b377c775c8fb3446ccf25dc4cca24290b3939f948019b05c80b5a6382112f63e0990b324c16a087c72aaec08796afc769f678e3634100a5a9da8215cb5d7a6a6b50a81676ef4edca35595b11f9606bef2fb84fe1f0a0703c886579f09986086f0dca6eb8061f9a74c79c1f758684a7363974b14561b9d2efdaba6c4cd8cb70627da1e195fcae3d8b2fa751278e8f220c83e677e14731eccd6fe0c357b011ed88b6df0c266b383f224b8e95384e401b717030b1227582d0d1042bd90377c4f2c7206a19983fc5905e4eb87edb6532b26ca9e28e160202606d19d9f5da34762f4b3fa842d7bff382ad70dcbc411f8b3e4cace8c8e0c72898d24023545e0dfdc4176209276a535491ce11c045c57b45c40f19b12dcf6ffbf78ab23e7fe9bdc404cf47db9855f2b835e1fce57debfa071803ec38da3c77a904080a4c737ce2b20e14e8449762f1ca0b1ce71779d2e6ee5299e1cf230e8070045c23c1d0e52f66fe9039f95cdc0b448dc12d24de39157934270345991948fce921b5d8e739315cc75d4b3b49928437b88672c1a7770365207b43895f45909d5d972f48aa66de609152a5afa2c7d75f0a14189d0409f0b623eab3b6e7d81025cde140893ed71b6f24f5a36d21dafb62af6be9da845403bc8ed36672efa74d7da19d5794cb4b79fa1c86940b1890c012e14b7c3bb261f16bdd99efaa9819b0bc00af842a6b94c6086d15b16ab81af9331ba3a5bd6941ef35239e85455ceab02c598ccee8fbad97ed37daebfe3b26a5a6c9eda5f65a1cfaf7a1f1688267c812a56c552ae11b465dac030e18f9008ad03cad80bf2cb91a7d99dcfa54d323ae0a4c3a6dc0f80d7ff703870610a945eb0ab5b6d14e81869c8872f6b123d98edcf6bba10d76d35cff4b0bb73db8b6695a8351785bcba1e160a42ed367c4da727da38f91562e941e5c4fa90cd585c5f1cd3a7d6892f18a5aa3c74a4fc00bf5909267489b937a928d9d8ff92530b5226eedf8ab9a957e5ffec45bc3a55e6955b38393ce52892655265d1f741e0b744808eb568a08d145a8bc5ada9b079f6d0bec5fc2ace0502b3f926372dff49478fbd10451f0de4b3d1a63b9d4e17ade45628d2e9dca041fcf7fc1e105e1fc44089fde9caf418ba8454dc361df4a59e1bd79143d280613e3c79ad18e922a43e199aa5927bb9553dd31e6223ad19bf8aff6e1dac8b3680feea3138bc61742b03f047b3d77039c1a4c2d05bd89c4bc12a1b83d78b4e7023f690fce6a44608c423d8cbc2e80942b9d9df2f4bf5606640fa47692f3e003885983a73e1dc313b243bbab5c3c6348afab796da766044ba142eda5a9d3713e3eda8c54c1708909c5da89ba67d29cd7f409c9b759cba316c42028754e3cb6eae2cc4f6d66982f212320f199b2e837bb4c54c54bcdcd2ac240ef6295d38e9889b4213819ef0f9aba6ceead4e0fd2c4becdc1f8ee3049831996c9a74a5fd4e12a1fd21ed47cf27e29f9d61e4b673d88914c36eefa53d3c49d94b463b7f8462c1951dfe33c10993d5cfcd0ededd50ad55009528f1e79fbc2fa70c3338b32c40ae3bb45d7079c7ae8433fb1aa19affbd3fbce0cb5ab0d557afb3be036856066eea45c28e93528b35477fc97fe9ff3641e5bb0f0e46069eb653c027daabff38541250081c77e0e3a1d030a73289e771cc41db10819af60599b5df0ad978fcf0b46af821c6b717b265e07d3a85397ea94de26f510290ddb5df8fcff76fe624843c8577802809c145916afce01d9dfdfa8bf07633e98f14fc73d5ef58ae5cb0c308bc74ca38259692a1cd4cf16752786a1c816f24612c27393d7e40a2df9a3dfa23a0c59613c8a7ccdd97c3fc67ecab94dcd8cc4b4517ed2414d41ce574074ffebd156e3d65c4421b0f339bc9f29abbfe49db62122248cf96b74d9639b3ef9d935cd81315a7ecfb0dc6ea1ee053c2e5c3615fbc10782f16a564fcabe1df70da7de989e00eedc346cef5b5cf880e9d563fc15302f056d37f98a939fd1dd5478b4318c256e93b77e31f87d8f7fe31755191b40d778ddb2ada1480bb9fcb96a09783fcf2c2c9fac2c3a2771dd0e2fb113cd460ee2c9cf4a712f04eb1b1a746091109f7ce0655e1ff7781fbe853e3d03bb91c9d8f4f416f5745c6b607bbf72786bd3c0ac4761e6e6d70f12dbefa1b13542086f793b72c6102ac06e75be17bdbb1efbf7e007f07f9bd433fd9d9cbf93e760757b792f15231895561fe49d9d683ccc066f38af581422b71702627162c0f0f35c36a61eaaa92129114b7334281e35fd39576e51d8593c149c9326e0c710ea4dcc9ef39a432a48ae1834f5046b954f9c033d6035cde0dbffe3e97f48a1dc695f4b2f6fe5d4eee83008318def105c37e11c9015670f13417ed036e68f6fbfca2a8289829677feb23079f3f2ee53b26e491924fefc1c50e54f288a8c4b6ba6d319054c3a9e39e14bba81b423acbd44b51279bbea6b0bb2047325837ce8b2191454f52ffa2cd04abe89e3de5bc102e9fdf740d3efd975bc9503af796e6aeee711ef8797de5d507a964730aa70cb9d3840054d4e1ffc57de378b511f7649666a54a6b3d91ed517198d76322bf99d13bef530a43ed3f13196bf2def6dcfb39f76471c75c5779bedf105717e546057fb478bfd24e8fdf3c12d028b542d1f424a9d45bb9e026e6098eb1cb0a77378300ec1b4c9f006aa4dfb7fb5c57cf1b035cbe96009ead1ca25ea1e5fae40312a4e9fe250684a1c8653bb303209e0fc6a498f3a08f6c5b946378a349f3aea45104a2badb8a45f500bb4f0f6cd620ce794e0f390e1cb7f2f1fc0039f4250a577544a6862b47bf89eea3a8c1516b7a9dd111c2ca719190e8feb1a7079e9fdfdb8224dc50791c986825469c087c8f081616edaa4193e161281aa68b7286a364cbb336b2459f0892e57c40afcfda7d16ea1877efb4e4b0d4b5c31e8cba15066903d3a91bdc7fb64452fb9843436110596f0b038da167a86f97d32c807270a1c994fe88e2517e11bdd210dd982d3c8158459440108308a936c9d2370b9d157c3f9caec36ff05bc40b37f095edf33bf4fad440f38c3f52129456936c07014140be5618f4e9d07b66679238023390cd676b1a3a28d0e90d5ad9ef13a31fcdc5a435454309367c437424e340a1f91c6483bce1026d85a16fb854252ea4ede39a4e69702ecff76432de508e064eda0df9f263a25c0f626d1c1ffaa6783be2975451ee936cc2178648935a924f6fb2db2f8ba34e348920d903114520918cc6872b842e3744fc18d1363583a107ec7b89c7792c0d8069e12f873f6d668f6fdeb47b72986914e45c2b061c5c936c73c9bcf1475ea0d25edaad21cf193405c8acef3bff4e4f1b2b321d70dba59e856a8849c2bba9508bad775370669b2bb7f5e53181af8bff525e13a4935d7e28b997b4ff15da9e36f1353a154ab701ad15420786daaf27ba7e122f7b825c668185b685630420378b4142ec4e4242c2cf0bf6e143f7e55cb12fb9dd59a8df9959ce4fc5fff68ae7174977a31ad7fd644bc94a20bae76f0af474034990fdfec8ceca0e6cd93fe21d84837b7e9d74c17b6d3054f0c008ee05764745fd8773a0c1c31bb3eef5b7e261b54805b5c805a4eeef05c812fcdede200442e7340c63490645ebd09c235d5c52a785542526edfe3875ad08267faed1d0a15236f00c6736b94c1a3821302ff610697ad7becdbc96f54b55138b585cd122e0d5aeaf43c9ba373e8aa1c1297e3415552cc57cd60ee1f3c04500ed0eed37775c873de3066c034c176c67c5bfbe9899a47732030855781341374641da058eee61d01d11b9db8f19fd4558957897340e32cdfbc39713f1f439be0638f614cdb5361433a45a6ff024e39c94141dc5403af101404ce5f2efa97b90d9ecdb7c361785dab977feded32554d1a74d5cbfe2435be7f0329ba382455c2ac11fbe29fe3826796d4bea03dc53a37f63f5be2773f83faf282f0ae24d9fe5762b71b499fd37b4ce7e71f93c3a983f80fed477708bbf2261c89893c4b76e34fac9b42671b6cc81678cc867f53e8c3ec47716206212743ca0c4941c2c61ed3177fccf85921e998d2b826df751173944bb07eeaae4001f677a0687a2550eeac8bb5128ecad9c7b6a514596a30b8292fbacc09ab488193507b6785d7a35c979db774b2c413246f1ae88d35d1914b20b8fb501034321642fb0b0baba3378e4c31fb5e247c177e573295df0194462b99079a436400ba1be2e30d39b8714c0fb2bdcd981d5a5cd514f8d4f14e4e0437108630355d8f2b60a6d18cb14ceb2b5d0704aa6e93e180bd79cb17e176bc4f81a03db12a03413de6189896955bb9e3cc69b6f9a50a7eda3742527f98c71d7ea8ba75e253c2b783f7104813c619949e6a0765179b1b9cbe68b703335ab5986928d86384357a2f4189f4b4ffcd61a3d29709bbc93b5371f0e7798cb72ae4c17bcee24f8e566f2777803c3d182d15a63ac40063f0ccdf4bd790404524eae02eafb6b54c699578486490033f0be866c74a134083003d330498658ba973ea674c4a0ff158403987b4c4752b07c8637a119b019fd5093406960144445056f6ffe73eda0235dc1871bb6058d4a9feecac628265689d58a81453d33290ab56eb691f3180d0288449f41844e56f5c6cf522d4a5866b24fb9552fde71946c4d25dcceaa41cfddb5a33c51c54c0a0a5abd31be8fb6ec53c1d14ba648e183979dbd0db01b9e51ba3803be7e7d3dee752668367264c783f74838121797ae5706ef3aa460682d1bf55808c70e69ae29d7683368470d08e7e9a1095305dce250b5b4bd48c02e098d241b1089736e8306a737e3a1a93e554cc3ab24672b8c74bfb8825004ca869e347f873de14575493836662ad741d79269904f905d7df64d0581ab8d76ee51a32d72ccb719f3a25c0a856b5bd2b2a1269e208d70c32e1d5ad0dfdc0ef43f0230e95eb85871eb4d6033abbf0be7025382d878eeaeea73c94270e79bd5757dc1bac95236a62545cd467830b12dcc30d7cc81e889d360d073db40058e9a1c7b41fc53e67740bc984132a1452cf7d000378f14ef93a7eb0dc9bacf23584ad6761139576607f8214757f71fc47b2944127116ca3e83b9d9643bce8d7bb44b4d16b5d5cff70a9e1114cd920b6fc1f409672648ad56ac3136ef0a314adb458faf3d3f171cb2fc513d76e43e6bda2f1a68e6fcf4a4ecbe6bc87716e2a82ea0c4657983ca0caaf8d75fdf5b0d7930e4f3e95eb1271485f938e7ad2bf0c97b7c11745de45518a1e3a74341968588558e7197b407d24eda0671ee28f219e4c5f809a7ea6f9f5b9705f4634a96112eb262bd5967db5237285b865d3f64516495ea6d1ec20dbed7af02362370bcc98671a61241fa1ef5b3095609d66ecc16010f6f67a280d1c6d215ec224ead17d68bbc9bc64b363b5be9b479b7aa2cbc8587a6b48cf653fde7a262a11ab3a10356f55f122310feac77c32ce0994d6e8a70f1c53331cb473a8e29427322fb6da292c4443b1678877f1c981fa05fbdef96520e5895aeb2a3a8e62652f9d8830c3b144b9598873e2ef41b7ade943807766877d609972cca74855eaedce07cda35b50557de96e736ca3107c154d31aeee78db214687b9964517bcd2c6c9ec047514b45c831aee4588166dc3ec9ab36bd1033e74b3d02d731c5bd84f659fa9fe55cac08c12cb999a2e64fac52f6cb7d1fffbf45d9a1126787d0060fd1be563ccbc278ac97dab0c1bee664675f273f5fa429bdc24b21ff1cf0a3ad3c687fb07ffd88bad6ab6c6b422a43b77ff76f96bf405c07f8a667bb8ff54d6714aaa21ceba2e78ce03146b2ab9f49e6d65081119b8e7cf3843e91349790d2b975c9f9c305df0ab4f2b1b2f30f629313cc66a325e4037f38f29842ee5781ba73d2f30f506cf7ff2237a72b4075aefa32cdd5ba0ae4e65cb6fa47a3e06f0d5f684b7172d6b58f5f7d783c4122db4f4b8b4f9d3296c9d115f432710c29d40dfca0010ecbe2f42fac899911d65c84f08aaa1923c8add5af518286211db14e1187a8839f3b2ae8bd914eafc16a576bbe3eba6271a4c5b3170c3f543761f11f1326a05c575bde1b5c6afd3876bea4fbb649071a95caf74de9f7b3421803ec351f934b8d0932ce72a13abf3627d9a396c10875fc167ef1ae98ff92af9ca366033c99d30306fd540a09d67d26ab192504e7c09f9e4d06287a2b1748f1761ba3c16d9d08be7562b7351c4b4679f5d4b38681bfd86c7f2003a9749b20b602112a95803469f5d252c564912b55c4bf3409298dbd066d877cc70a89b484b9ee6bb836c9acd1e53086c4be85e9a3bc5969c7016db9c72b68620c241409d06f4d7f72fe2289c9b4921055922783b8b886bc22926b7d194820af2b90e3c60e87e1a7851f38a970c07c1da120d1da75de2bb994ff7d05a313522373326f160914a9589711e0439d694f5221afe8cc118722ce4927e9543e61a12a76bcf2da1d01a0f258095d32063387349b4e9f253d8b73c6e834b6866f8a56b4797b92d521fa732aa0d55c8e9d6c56011ee6fb450853dc564d18e97c463609c27a63f9c91c46d7bd80ace4edc0615ca342f43ca3b3d0cc36ed52b7d1f457e5b4b26b5eca0d91abe4f1a42a2eec40ec2faff1222f71dc226d6344e947b45155691205c09913fc3c6ab3fe76f4d1b11fa45869e20694b5f0a1074780a07332764212533b797dd24d8df157d4172f91253b77eb2ec90c8222307ed59136463057b7f469116086410b7503b44cef401c47811c1390060da5b3321d34096b67468a7702978d98d4bd721c18a25ed541249638e90281dc8e3565dc33e66d7b832a9bd62c02c5ed0e92935c92472499653d2d842ea6697c733ee80d775884074b3a0c250a4aa021bb6ea93514f9cc5f09feb5719d270cd184e364ca966f1416e10f111bc425f32a993fc5cd75503f99d89d91d7ddc6dee70193057cb946e5fbf8663c53e12cebffe5dbd4a86bfcf5f35f0d8aa43763a60e00356b4f8bc2bca01b02cfddde38f0c4df1e7f98709fdebc5abb5eb9631bdc3dbfcf15517fabcf16931eb7381e83713b081ad1947274d4896ee8953d772e9e71f363b6f1147317bc739ec128e4ec865f8f0ea34cd5ff19fb2c28931d2c85846735358504ae9161535cd7890e8b95c814cfec116b78e6d0eb5097cd4f35888121452e27391d865c15f0b986925d0d0c623bcbb4d8ca66603720253af17853967ea5954eb5ef0dc43de185ec4925026c680464e66d1caff1f4c7c757bd55ec2515ffe7183e3481ff6f626c2228a3fc3d15f63e4bfbec76a2a170206142cbbcf204a1cbfe0ee56eb47dfb79c80894c0a0fbf8a2955d861678fc2f8f9ad7a28052197b5992bced1273658da5b1f42fca48c80883600c24d8515a0c7113deb4c97df918ab64bca16a0c14f2547dc91d5ce4f884978c95fe54899f77ffc20a2c4b27350bc451bef72a46d8e144ad57a8d5f8ac039f58b8a53ea1f3fd5fce612a171bf82ba17c0681cf46ce5c8181a522ed2e986361903903159643046c7be1787dac6ccab09d18a30997541dc6e9efa260f1ff0392bc1890f19d8bb725f4fe7d8bc618f46e0c23be6b9ca67777dd3f5a89b41ccfb11a526a3bed045a2906f86cc5186a1db7a70391261b694b423e5a44d374f9d3720330e083574083f8950b2b35c8bb5b6c0a7fe259f235dc1c069d4581a9f0a7451890561a0829bb290de6aefe4d243ae0b00ca61a1dc4262bb4951242b21d88148eb7b6a9718d6433274f2b3c9bcdbb6d5df67b48ff42692d8cd7f4b7f41728de68ea1ce0f3e4a2843c5b9ffc43f69b8a0445dce44081f5b443a327084b0d00d07cbdbbfd2da5d67bf8d4bb4ee408d17eeee48b61decd06bd3dac9a1adbeb069b49ec96608b9179bb3af4c10f2ade6778b31fd4c22c2961cb949a64e9a8a4879c550f8d8783064cb304511e40e2e562ba83c08ba8ae011a784ed9db03db5527a7aae222c856c8df0a94f9c4def0f94244c5b8e3db9f39dbd337928e24d9d8562f231fea72116c01089163d2c5f4ca17faab20b73c9957fa1a9af20837a804870034d4e64281125b070d8ee0dbf05f95e5fb079e2a57e9af977222e90b664189114dccbca81ee58b7de90a813768a2049052b339a608d3e9966bdb3b584291fbf7694a7d1dea7f72ca604894e6cca5d326ed5e48c15eff5e6a8cc11c40f84ca920d79a5c55d07001909bf6338921c656a39d59d03f62bb5b8870189f0416ec8c317b03ccdcbbeb3e1a9bf2661813f4966b57eb56a2757de5f7745851b5f7bf75e41eb1646e61a41923c5c0e58c2ea478d95b5c39c450744aea0aad3706fce684cb7338ff3dacab60e8d968f0e6fc070693ae3ca16996b34a50afb7e6e377546ae28dc8de7a2ea3a657b4b0003a91a488e347c61971d62f32eaf843d4d4c4f86cc4033c1244c8408def09188dde509c629323f34072f9089a3846680894e8b000a03865438b2ea212b68fdef7f17583f92014eef2c8115a37c9c82dee06213c1407c1433690f68cdc8e91971104039dfe06774b946f43b68b7957a5ca3ee763eafbb7437850eb0a285c413bcf6965232d593d8da47a2a06abc635ae38e596a9dae55b43f341bcc6fe72d79b453ac1c259da37f64cbc1f1508caf280aa6a3f4cd2ff5564cc5a8727f222431454a5ac93398a29fb95b4e057686cd6fcd920992f74e5870749676a36e043bec5fc1b0fce5563affe9addfaa3689e857383ccd1f2924080449d2cfb006e855570b711c1dedd1df2629afaa3806f4ae229a9a8ef1940ddf2c55dac7812d2374c0684b7ba27b2f0849ee4c055d2b8ccc8e41c593378340d7546bb974bc8032f220b37099e3b04c6591c40d2c50a855a491e03c1c9cbb32c400f6104341262d92daaf3e2c04936cf28788fdff8e0a77770a9deb9089a9e32eb5d9e2581aecd98f83881ca8e7d49e603556dc03a9aa19a8f3a4735aaee347b25ea35b36fa57484c0b6d591979b4a3da894fa0c15966d6a5e02e397cccdb9c314b504372b81ef6913877767001263c05dae362b49e5928ef36f554ce245b4111486417634f1e7f4530a760ae6ffd3123f5736ac12c5bf506c5dca03079c0fd0776cdb56c938cdf480fb9b97b1685dfa3be6f712aae107e2dda726bec137b2ebdf56c0fcaecca4350bd7b5c84d57f29c2a2c99ae10c30cece4831d71ae4ee3362983cc816bb6cb9225b9db08503a1be23a26a0425a8628a2e718feae5df91d829f27966f766b623a0a4958a57642aefae259713733670d5b1d027fb8eb2d0d3a0b4acd482076dfa09ffe883f556b2db2262bc0872e1bd713f100dd7a8a8f2d725b46e09c625d513179872bbcc9a41e596a18b2471d977f4ca2bebd06cdaba31b70ef25e098f214fef16f16f725cad4311eb91457fdb70b471eddb65ecafb1e2b03c5ff21356241e3cab2c8ba601f9ef1aec9006b7cd0b81da29be01cb4c1d52e563298e373013886ebb1889bd5616647c6c418ea6bc1f3c0853b65cae48467b35f08318e3a9d034af7224cc3520ab1ece7751ba15407298b21e4f84ef7c23d7993739403d4f116cba2d0ae2d4003a28334c461c734d4555105b986ad0af28aac36c753ab52b91b7e23ae3ab07d3b170fe53a2249efe5b65463a3f237cec72091b04005f95a15ae595191ba39d0ae1d91d8e00b132ae9339884bc57bbb79978a308e1c31c5f213b092f380a7ba58f55869e9c29a5a6e7a7aa4f8d58e5787cc05e5", 0x2000, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90}, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000002a00)="935e311537678735b1a1619226753348f29243e104b448b465d48590673f3f5b82cfe0ff7b5442546ffd5faadad8294970b4efb0c727f12431f7aa368c00a1e50c0afed3eeaed00cc5179c53ff225612b11dc9cad653877a90cfa854cb9db2dae89cf0bbe78097355f57b5279d69f01c39ae7c8def7a59d52b344de18c1f9a1ac1a3bbf66f6b503269174c72d361688927eabd9301005c9690861dc5aebb4a6f86671257d951fb7838ead6ea58879f34d7c379ca1ffe5c1dd2f68efda74ef143c78daaaea39330b2dd773c0dd3d3b0de5cf1ed64cbf9fee264d14ecbe444dc823a68c61c3fb08032a72e0bdf909d5b4a9da56ebf22d3b84c8c926f0fe36be0956d8ced71652dd25ecc8741c10520fce66e084df5b2b555d55cf78c20a1f6cbb7ff3281ab5c1fc8478f21840f151055ae7f8d81c1dfa3fd0e75027365f378b4e1e5258bf317dd37c53a8f21df5fcd8699bf62bd114a8e612d9037b406c60d673a880898dafacbfc8dd985e298271f4909ad8e0eb7b3bd3472518c67756bd9203b38337ad7f1d99306bb38f50d41b53bd4168ede143336fcdadcdc4c7e4352a13a6dd68e3cef0f19c0719399c53365bd5caf08629e16dce5f1f52efa00ca6e1e55add1e9de3119ca148ed3a31eda969169c00ef90e9e4a46073dd8bb7f9955986153a9ecd794eb99e35a9909cdfeaffb3e8f58c632561dea43763c1cb808f94964ebc11ea994d9d001d64ccb66ea939612ead2252272c3a1156b5a500426a0d377e94d41c17fa17fb7a4e4b0380c93a4a709082cc07254edd02697602d70f696f00e1718f0ade6b93aa07fa0b87fe4f3f7936423b240add95b4af433edcdbb6c1af7f178f479d1c413cef1cadb7cfa565acdcbe99c8e427f62615f164ad8667bcbd98d8e890cf611a46fb137424d952391ef28e442fee2fdc4fe656e810ee39a48de1461cdc30342c1f278304ba09965535736a06490768aaa9019e86562e63fa6f99fc3491eae114549aa559869ba8b5704295fd9598aeff649dcb42f3e74b1530d7c05687aee7daf1e8a4a8fe102dec04c103dedd8f1822a6a785fb888491f82a6a2afa0835195222d4c26743fa82d2027658b3ea7f0f6a3f8644973b4dcd65da09580c8b5a3757e8da86823d8d67f2f68d7b20dba7e83e489f3b0957ce916df10d0246b70f38694fe3276f0cacc4134967cd63ac3663346cd108f84235f7a608481d689df130ca5e38cb5380dc9a2da2244e72baacfa7200a5a126bd148b2558c4e7746bc568a0f83e66e2b5a2d15fb595b4f6e2c090486a7e3162aba017709b77b1bfb2036a838542045cd4e947c5aab9c26ab5b2431d3f9a67ff75907d3ed5bf0119a2f8d03642f73b20f85abefec3407567607532063d1b020c1718af6c38a7e0050b2ec91ab2e3ee9f5e57a48c7e1eb91389f77c8598c6b088de2823c4c96da4d2cfdf1b1f3bd043d931d46a6cf8a0840c67c69438b51284cf1e25dfddbf11144bd57710585769b8323094645976b99a41e13fcaab357482701797138d2d955ae46f95461de7e93c0af457828a537d6037a895a36fcd01bea7fea14302cf5b4256b1394680a9299777917b9726433a9a3484c802878003390dcd9e0418b28630667cc2a864c05bb931eff76efbc5db90ee99aa926b0a6e313df21f11e2312714bfd54e644a506489b960faef90a6ddb2d5ba8f992f22d870d1289bbae744c2491a07d2037ffc5c382fcf1af61a0b9448c9fddafef65c345bd8a760077c87ac390626c18f8901409f26d56951be6eb6fc1ff33b0b190109cc0f7d880c327dc42b8543ce239bbd2bdb6a82747d69482363edea3889c410da669a0795ded9f6e4d525f748eae8c36a6c0b5ab6eb5010451ea9d4846674f612acbc297ba99531371021e0d90abc83da1d80803573184e3164386387b7ecc56dd4b48f864face47e77686cc1e7d6348f78f2a271834589180f2cc5c0a37606edb0c2c55ee1612fab47259ebc2ffb520685769b35910aa62da71c1e5500f0f3fb5500f081556ff8c82247fdd203d25e31dd3deac6225b49fe9ab0f63872c11b595ccbef5890e7d8b43640c6fb49f757ee2c01bdc2b96d0b9334f3c6f2440415ad72e5444a404eeee308b49f567be724c327118b78cfbd023c931bd6c719fa0732b33ad6ecd9ed361066ae136dbe906b1566a0f8c55db6fc403ee14786db5326251b410b0fa34318494d16e6ba6ecccb4bfb6ee4c694a22a6c5c35ab294f1803c5668323fa231408005a19d89d9f1968d4b20b03de0827b3ea4a9a196d5ea3833462fba8b40a3c75f31424178ea6f3bd09470688f9e3384d788adf2f00faace8b95e8728724f32669d63e493e618faefbf2fe16729b8682ac9ed28556957556fe4869d0daec2be9ff10216a15472e8da3ff64958730bb8dd58ffdaeda131d0e40cd9cbef2dd8f1b68c555bea3cc91beab2c0fe47867ee42272f8bb08d972c9fa90fbf99fc1db7be34c09b1c67f67046fcedf62eca336062a7fd1a25f21c1865565f129309d5af0e426fc685a3b017a6e80ec1425b67d80cae8f6212dbc8cd168ebe69f4ca3bca279355a36b34af6d7af5e44ea6bf119bee761133ae1d5a0caf1272492defc331c4e537283072ab2406892fc3bec75b881daf4105d44e3b6a02334e42f93100085fbdf7f8e684cf91bdf5eaef560162d526fe9d0fe5c9142b7ce23935eac67c3ea2d12ae721819e9be0754c4a94e03d26f77753738690a6b0f1d8c7b495d10cee99f3afbddf16025eb3f7d6506d280c710f00439759e69313856bee485dfa81ff03744c16c9cd57776606d0f8c4d62735219c5b91b1c9db2d0099b75964d38f7ae8f6998976738c4d4d07007872f20cc71a99a682806c7606affc4cfdfe442133ece5cc7cf7453041fb822a3ebef62e894ff8ed7e2a0dd0c2cc3cb4cdb7cc6ae5644f129cd2c77a3d4cf94ed9451f600c835be292129075f1c7512438924ac4008a1e015a2815dbcd58e2838a00b9ea94558e16f594a2124b9731bddd328c662fea2319233baf37421b599d5dcf4e0c6fcc62ac0c71543902f30faafb9f51369359bacf0c7a8cb5e1e03c98288153109ee56795859ab5721ed837dd7e8a36127da7fd18f1fc5f823c3e3cf977f27654872d3e9d5153b5013a91f92791dcaecbd3d04043840f4355cfe31adc57d7fb2e06d68c223f06d9772503fbee4380e9c94d9ff7daa5d013588929f398cecb0059112686c91fe00ce8e24c9571d1535f1ef6c72bba1097c89b03a9af60e2842e00ae097ce27a560a623f82c91fe8309c854af1144dac21f79f8f6df94b99461ebaac0d93dbc32a6af419e75bb8e8d563d71f4144f6fff90900bbedb5475303c6aa26a78838264d452e4123b8f41793d668f8d7c4559b9944b9b833a6f30039996472dd79862cfe037d4dd0dac291270a1934032206174020c1b3f7d75d50bab1ed24096bee7e29d59965f35385c5174585d5831c8fc6f746da79a808fa9b45e6bf2f2ce802ed3f38ca856f8c7ef2a8f27eb345243783d52247be307ce87e933e83f2d26e4f294d246fd1b11c4fc61d5439d0d7017343c0a574589a4f468324bd0fc1c4f36a603576c44962f0a82e9fd8eef305d543a935e26a9cda22e6dff960d02df70ac214f72bdb206f97f7bedc062d03235592ac47ae82c84552c1e3bf57d2a7e64da6fe75fd24a0282553b06cd598a2a3a71d5236b6b74121e7d42bdbe22af1b8e7c6776b6f0fb0b73ab2459724f9970c73042f6c7e8629c34ef6b30dc25fb7f1c44380a9690686f4e874aacca37fc8c2f01658f47841ca471fb408b188169d8fe6b419a7b61289051c10ef9b7eb177420bc6169405a2f14777dd867e01dadb63991124680a9172ab65e52c28ac15a953460b3d9d767ae6de0dea4e41b5624a16f130a8d70e243aceda7788cfc9d2ddada27ac9b60305500e4a44d01a2df21e386d860ef933c34d8f78cdd1ba363ab6bedde467c0b8b302865b679aa4f35f1b31a226965f371dfc9602b4c28ec434a06e3a8ed1574cfbbe3b4beecfb90a0c048f46949985bfd385c4349641cc88a5719fc0f27611ce864d93c1f31eb0c5e7bf286cc6fd5e1f9903d693b9288afad9f21c73f85e3f0673b85f181c377397d30314eeee5b3acfbd09f3e336264f920c51cb3e70657748f873803f81bbc986508c5c9db340c2e8922826ff088a6b88a857e186e5ae22a872ff3e4c6f13b646a558ff7b31135cc246c6a93c8e715de6fab1a0b935ab6822c2c5199e651ec68c1ef323da7209401bc44bc0a19e11585ae9656d1c0971c999c21c122b2b3239bceedc499b20a49e4f68f8a3930f5b159f02763bc8337e54d4ac6c558a1313b87966679fc1cb23a08a3e228f044d108c23a7a4406926fbb9a6f54d787f80470112b7060fbd64dcf5c71eacdb8a120c23f3dbe4050389543efa176ed50ab8baffdc4a6a640a2028edd518e83d3cef93f69fb8ed946c15fce0c8bb7426bc73b2885a28d0fcde87ef891a27e25056d6f93ea19bf759a79b350abd98025bb5c6f67e223af39e713ce6629be82199d3f0ee906129f3337aefeaf77a2ab310fb2be36c967a613fa7fe501e3158293af1920737b0deb2cc04ab9e91e2ec0a149fef9b33bc9eeb75e339de146fa9b6ae8e4932c24655e0e33a33678281e50b6a74a9509a6ff7794b2235b128dc22c739221bc6b1ea3431e70fb2b4a94141b070811a8d5def7b66104dec9b88e64657d13ab73bbfcd23b9adaafe689a1b711c3079538ec6ef6ebd967112fe0adee1c328f0074f10d4ef64a889871ae0fa182cf6205b2c39161213518c1183870247a6e6a3db72f1399209474972e1e0a0d89e43a4d6948656bbea90bb027433fdc55176da7f0177bcfb960a8bb0df3b84d9622e3f2690034aa52a3ded4020f4de435c37f2f6937e2393d9b390e84eb4e8e87ce28df2a0b378215260f9784e09917e0047c924b5de458897d437053d5791eab7425729069e0ab3f2a0bb60e66d4febdfed4bc63f2e400e6a2ae648b0270de329f6304912b813d2b27e967af64f14a90c0b72fe14d943c6d9ff31d058599adb6114a836d10c564334ac19230e76f008ebecfef2777458a01b1f45f855be4bac5ff637597dc8dec0469420b43f835e6632becf8babe9af54dbda9fe3dc97ccfaf3ef5322400cffb038ffc82e266a49f3bbbf067c70cb3b8d4ddb840b6657346f9c30fab693ec58a132ca136c126c1ec367a391b563b72dfbfb54b6b6bc1b294b3ed1f62181132ec30a546f68a5a65931b4ed404b4a83de2fab2ec7427f1a0c4c1866efadf66fc98df8e4d4b9d524cdd125b8d220e9406c65b5be75f65817c505a5bdba7bac10061585755b268f587f743b0e195067a73a020c993cf16aa305514794b44144616934acdc67ccaa4b102e7cfde71eda74e207062c6e8172717ac7ba0736566bab54a40680fd82ef8ab1c41653a6b06e81ea08103858b7b4f062fb1d8bdc9a2634134416fe58240dc467025aee3f691cc31ebea481c78736c0696ad1a6671f261ae129a0fd0f500bb8b99433160b19d32b40309748b17cd767abf9633cda94d96046a19d9bc820944c9e8b40d7e83676610f124eddc87b062ddd3bf3e1f61f7b5225eb916d66b4c19afced732ed846325503926b94db8948a0bf8528d4486c846096f280383f4aca8262b333bb42629f2f02d2d54156b59976fc6b14ca8f66a640fb57f570c1ea2956dc177c803dbbf2690c9d2010253a621431e1a37b35a953b24c653ffada5ce649e761893a8b47c068f443e73dc4b58193348c1109f087d25295346700a5bc8a03ef7b0f832bec34b133eb793d863bd9807469066d7cad4f7835dda9cb993e2404dc42e968511bc867427d6efc47094b1aa791f88b3752222f96d03c3afcbdd74a6a757543a57cf969e1ba28d2ce68aaa5941ba8dc4ddc262a6e74ddb06bbff3c87096e6622f5208320162c0e2931ddfdff8fe82783165ff542256a66f9107ff65930ffac36ca2092ba700c53050434c8d94f0ddc651185331053b9234c202f491937a452e51b838c0ede3ce0543a5a2fef1ffe42e72d64ef7d1349ce8ae6821b839640fa580f21dd43bf7abac277d0553a11ae873a1becf202c17f19079cbe1bc45e6cfe3c67f2d32e1f893063c5977f296ffc878e781b68af5ed27bbf699d94f645a45e329dac83eb84bf3ddf6fdd450099538c9fed8fc3bc7b861d464169359f5b07820bde354897b4176e5bc04e2295524d79daa967d329bef59d5c9f1555b48248fdfa912c704369cfdaabc6e2e5112247dac9a11274d0ee73b2654bdf25b69aa6e4f8dbb5e10337fad356720b056c48d22c2fd55861c7618611906a0e146e153ecc2e24d291d12c6d86ef6c8c868cf64b662e293bcea5448fed5815bfb0621c806e8e0254494619d8344b19a6a9f8bf7b720c22a197f628a7f9626d7f2408a32d6cc65e8385e0920116564b596fef42d4506c5fc4542bfcc641260e81701411449c0bad414d2b398abcd1ac26ba0426ebb17504bdfc3256230d25107dbdaa5c9bb0ada86b1b95ccb2e7d719010d6bb7824d44ad01ac395adbbb4c72054b16786157685f04209d8e8c9860fc72ac53b982badc91195a1eeba3b5042a34dc98bdf5e62e56bff7275822d1d8a4b8589e75a2e7f677b645c399d9ca36747721ecc22a7a998cfc25b388725c2622e3e66c57017eafddc3493eedd4a46738c248d98adf674dec6bcc999e414a82252bb89d8dadf2415047cbfee4f01d42bce1333de45a85cdedcfd9ea47d1bcc3d2b008f21caa554c50650b2083e4def04a463da36715ae672cb5c1be1236d13b305b7eb3e0daa0831643c5ab5b08fa26c631a290eeef0b2a8cf27ed4284fdb455ad76acf11edb9bd90d05190e46cc6ecf0e53fe1b879c0cd0880ccda7f3687378f306ccd989f82de1297e82edf8b4dce69349493bca1ea4c767a555ba4059e232cd73f5cb50f9b73554116e20c9784252f18370ac0a7cf22cf744779981c178aaba95e3c8535746e49cf5f45f9c3e24b7649ae9e32d3d58592fba1da72c7a92a03b977cb305eba681950b8913995c8ad8f68734173e90d5ce5265afd564c3074b55b57ab26f4aa10a5bf857b8f3b9de9a77ad03ad67ba8836dc09b35cecfabd425a1f26585cf1436d06290b86dfa46f8a2f876a3a901a320f24178431b674b50fb5fb27675834573cf9e7d233423c74b4954c993f2bcf8c555b824f218d1e866b35ccea8ec450d34664b97b36415a7e1050b39874f806bbc01ea167b7928a7d0939addff6d3a85f37e9086e5826898e4b6b3491feb0555d15198787a2fe5d18917c923e7781d0e4a10ca964211e52bacb49cfb50a1511b48b4926c506cc969204bd92c5de6721cc3e0cbb69d9ca54128085943bad845e32cc965552c08d1ab0b5c73b55620801872874f34fcb63e142b3f5edff02c87b7097c39ee371dd206b5103bbc2cd43ec5ae663f3546911b506aa981e415910d2300c09cd6ddae61144291f01955edce722049a384250f88f6204b479ec48000589132f626292aba1069ec9964dda527a170e43b805617cfde741334294d45dcc121df9c280b748eb5fc66f1f24731e4fe491d21b719e22614a547e68ab2f37202faf43035ef9510e97aa10e0d462194ccbc211d0aaa604818f226c14e45050ba1a2a9304e991c6393d940356729ea9b887c252733d3832a1ca7caca6a02c673478b3c8faece91fd3a86841f6c1d3e6b0ebc19163340bd23a66a058bcad4d7b74f1544ada625d413dcd0686526ec4a6b13f5b4a18424a746a0043fe11761f80adc8efcdc9ae902446131027eab84ffc7fb0c5a832beadea20735dd47368cc493518512bdb8dd52b895fc0407ce794b156b7cc02fe2c09190ac8a8c308e4c29b344052beb8e06fcb8b309d9c302cf133a6871f1eb975fcef357afc25fdad8b6b27486974f28d6a2584483df7aef4041ffed76d15507b74702685d77373cd8c2ea685c09a85775d99e0a4a574a4c007217b8e36d94e893e9dc098c6317b1b647d4c5cefd99502611aba90441d937b3d85a8f6141266382cce3aedd2e09c959d6d360de345a195ca56b80cff499635657d3a7add6d44302e439de3f91bd96bb9d9a2710963f91ac6965043a04e37b281f5daabdb5cb93289e6d089383a17501e1a03c759e3d2bb40a88cfc7cd53c88f7f0654ed59932ebcde3df115ddfdcf5ce60b00bfaeb6e398b447c2530ef9a52cfee1574250d94b4572a3d09e5557b296bf2e3234d2154bfba23c9bf90e4196aecc4235cb4450e8344500e3f258a9b33f56da43d4bbd012b531d5b867db8e8cbf177c50eac5dc85c9e1f2b2ee15c390705d64f0be13b822b6185b450a5d809d1a97350ab20f9ddd670edfbe5581e60edc00dab8ebe983be135e0a45f625d7f566ddf955a9fa7def77f5e02fcc486b168d90a97c5f0d7931d80182d005df20510b3ec52c7dffeb640b72ca00d8a68f4c66c86adeabde0cb3d813cdb48f4d9f03c8506a56482d90ea01f482572b0b43388033b10053fe0464af9c324648d8eadb5fad6a2c61acd210aeee27309a8237569f02b691816cf851c0aa08b475253a0afdb7f4b729c5d207a0cc5aa1d7eed9de7cd43df6abe0070f1f695f8439037c340cf1d323f6e66639f3325240cbea25a39eb998c132a7ef39ea88a641e661043eb2f751d69e67e7caf157390b85bf121b5142690173987ea9e87287eec6f5d43cdb85c8d1b0ee0678c446c4e5d14adbccb6dddb4a26ad8da4da1fc1d9981894b52206794caac770e38d06a5aa184600a0ac19528fece9235481c03a73ff4727bb587d7e205da4152078ea79d0474d0bf913e5a721362657614d998d045812f29fce7e714e4c30c6a09db42d5a17a6ff555b9d163953d18dc6fbad9d8698f442f700dab322417a518731833b1f74529244a2330e4850bbb62ec61a6ee72523f58dbe72ba546865affb360a88484632cbe5a897df054d59578e7105c094a6bb5a01edda8efbac67733f9d8c71f307ea788e25ad3e58b234121a448bf22a1e2fa2b512950e762ac5d69c082889cc1fd4205124cdf80185554b707f39298c0a8f543f1a3299ab624ce3c42c9c5326442ea86afc09b80db3d629f22b00e2cdf412d18a990903a69e7785b1e9eb03b43241dbd40bfc5a4df87aea361552bf1d85a6d2bfb8287a4d55c96efd4684731889b2d7a818cd7e3c3405d6cb48c43f742dc7da168048e05920d403be601d57d2964e21ce9099275d27cffed9fe97fa137fef9c663344e2b023d1c0f5bcdbdd69df040ac097aa57122fbabc3988b45330ee94a3ad73776f7c483c1fc1a1801b379db4705c46194156327519881f03bf0785e536844612fe1732ee335972f36cebaff9e3ea35aedae2e9a0dc22cbdfc2bacbf2b5d82b9fd9aff58444b1087bbc9cac457641b7d9369fe31327973610dd0ef159ef2e19197521c7676cec3cd9eaf16ae45dd1134829359b695c033d8c109c29b052a56cdf3dbee41a102d248d51bea819c6604421da465e7db1703a903cea1536808ecb5dd2f8a5d045db9d5e5e44dc97b223f22139fdd5d463577fce734a1e5dffb32dd1af3f1a4a8eab121daa00bf099490e45b930706ae78edde31f6effb3af343d509e5c224a8b37be0a44202697090487f85d4dfa9572652b5e74fdca106cf634e05daa4c634eb2513f294aa8dea8dc7832a9895a29f9d5d6b2e94735a90443edac7579d96f925b73c4c5dd6ae853a82115c4c41f8c0b52f07108a05efe2f0f4c4f8d12c5d4b281da5f6ef371d6e47680b39d82a5bbbb30acb6752e1b0a1c324b4623d9ef5831e5d91be592331bd4f87b5f82ec27b2ee5dde20d7e91bcc4e64bab9243d5ad1e98e99faf7f2876924e88529b27ffe2f63454b926a76fde5acee90552a7f50c2509b9a8b45c4cce4597a54cc35f584de150b504b6ea68c430d6cc669bdc9c4ac9989fe3c2e4b768b6b8fbbce5df5305343cb9bbf4db9e2390942d99f802218e9c6062c8d1e62921c70f0f303f57ee4d0eeec8deafb1c7a94c305870f9c33a9918446cd7390fc99f78aed830cc320eba9d0023e95376c27257f10e107383c969a64e0d7ab2f12ac18c6ee4d7f2248f5d85d3145f265fcdb64aeb6dd6f40c7013b9b6620ae47a6919fab388af1c0af0e70974b0c20937dddbc11bcadf6ab620567b7d549ae6aef096210e194e05c860141f1b3d6150c5df08783185aaa41f61b0be8868d15ee91e8ba0bf1bfa86752d76793154c9626a4b2b3c6a6a182c3b2d8427b73cc075b343a5549c86b23be28b1823cc4fda75b34da6bd63b0cec1e526bfbacd9d9eefb8554d2201ea148fc177f596dcd61bf46f0e77cb6c25cafaa4c36d156161370db383b7fa00d85f643e509f300caaf2f5cc0b6fa255da5d0327fdce92da7c272cf48e6f5b602289aae7a90f0c6fb43b4a831e278f2bdcb9dffb4c5939481231936425cc06f8d569a38a8a77e2841c4f6192fc65b4c043fecdc449380101c3b89138c94e56936af3bbc3b5c74a1c7c595ab11b6fd95e018e79b0c135c23e98b356a3b5b859889ee5780058bff3d8d8732f6a0980ea6fd8d095935f6939c64779bf277454430a52e1e6f6082265ed8f796b54c9017ca57414cba2d268ae86d74ba89977a962947593f05696d937328294235773f5788950f8ffdae81e26816e0e2398f50af63529a8ed9460459598bf9b0d71652a237dbd8c58557e869e806c759b1ce5a0b643cec0f2ea87c9917a1a97de7d81de86d3062b07593a85a8f9a56f5f429a50f757a2adbc6b75ef1f57df230195c8bf3627d6ce66373272a79c43871001ebd4e08ae8c29932f08095e304171d3187b6603482dd6bc50916d8455cfe258ac4b364b4007346ac114816d9d0636a58d2058ebf0454c6e66cce1bb6e3b5692440941eb18ecdc0886b6e35f627ec2a29261db957a91269417a0f0e01438b745a2b85ffcf47cb0524f0e53c4e157dd98cedcf4fb0d156ee6709c1d8d7e863f3c47eb3c4f544801fbc89ebed6f58e083867548c52d73e05a10ad02468bcd794323fd94f381c766c15fff072953e2bec402a16d4c7befcdb84f451ece0e6a0e842c0d15d94f6833f185dbf7b7e349ceefd638120b206bfb0c106ebf70de4a905b2212d67b1d95421d92616e41e8c42b22acf947b4a8166492d31b20bcace6ceeb56e2fac1103c568fde3cc94f7db847f62e79a7310655d3675c9005f1f72a11ca90f981b73893e70bbc643923734852ba30ea77194f1103ab446aa42293010d57f8b83d75a148af4c7fe5692dcfe23e38774bdfcffb7b6ec91cd1a4b65837bb405fe52d069ec15c9ce3b96c932a40a52e60bfe04633be059f4e6d01f6f006b6a692cb3452aaa49d2aa42e53de552143251f344811d683ce40e0f25c1a7612bf94393eced15402fbe0a2d0a0db1efefce34cb4e804cc626cfa20c928dd70dd91d64866e4679f5dc6b3c071bafc5d87d5635d3d79bb4d6433d6d3ee8a8e9f3ef268678faab680c45c4192f995e203726df7cf178b5fdc06852d05a097efbfe6f7c417a7ef8cde4103f8f318b0b96c47f44040810", 0x2000, &(0x7f0000001580)={0x0, &(0x7f0000000180)={0x18, 0x0, 0x1, {0x6}}, 0x0, 0x0, &(0x7f0000000c00)={0x18, 0x0, 0x1, {0x4}}, 0x0, 0x0, &(0x7f0000000d00)={0x18, 0x0, 0x2, {0xc0}}, 0x0, 0x0, 0x0, &(0x7f0000000f00)={0x90, 0xffffffffffffffda, 0x1, {0x5, 0x0, 0xb33, 0x2, 0xffff0000, 0x1, {0x6, 0x8, 0x8, 0xb, 0xc, 0xfffffffffffffffd, 0x6, 0x200, 0x3ff, 0xc000, 0x10, r2, 0x0, 0x269, 0x999e}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = socket$vsock_stream(0x28, 0x1, 0x0) listen(r3, 0x7) r4 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f00000002c0)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff) keyctl$chown(0x4, r4, 0xee01, 0xee00) keyctl$chown(0x4, r4, 0x0, 0x0) bind$vsock_stream(r3, &(0x7f0000000440), 0x10) listen(r3, 0x0) r5 = socket$vsock_stream(0x28, 0x1, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000580), r6) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x2c, r7, 0x91d, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x400c005}, 0x0) connect$vsock_stream(r5, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10) writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000640)="98", 0x1}], 0x1) r8 = accept4$unix(r3, 0x0, 0x0, 0x0) recvmmsg(r8, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000003380)=[{&(0x7f0000000140)=""/120, 0x78}], 0x1}}], 0x1, 0x2, 0x0) r9 = socket(0x10, 0x803, 0x0) accept4(r5, &(0x7f0000000300)=@isdn, &(0x7f0000000080)=0x80, 0x800) ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_channels={0x24, 0x0, 0x0, 0xfffffffe, 0x4, 0x1, 0x2}}) setsockopt$RDS_GET_MR_FOR_DEST(r9, 0x114, 0x7, &(0x7f00000001c0)={@ethernet={0x6}, {&(0x7f0000000380)=""/20, 0x14}, &(0x7f0000000040), 0x20}, 0xa0) 469.691603ms ago: executing program 0 (id=3184): r0 = socket(0x1d, 0x2, 0x6) setsockopt$pppl2tp_PPPOL2TP_SO_RECVSEQ(r0, 0x6a, 0x3, 0x20000000, 0x4) r1 = socket$inet_sctp(0x2, 0x1, 0x84) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x5, 0x0}, 0x4e20, 0x3, 'wrr\x00', 0x10, 0x81, 0x5}, {@rand_addr=0xac1414aa, 0x4e25, 0x3, 0x41cb, 0x12d5c, 0x12d5c}}, 0x44) 408.850948ms ago: executing program 0 (id=3185): ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000100)={'gretap0\x00', &(0x7f0000000080)={'ip_vti0\x00', 0x0, 0x10, 0x7800, 0x8, 0x8, {{0xa, 0x4, 0x0, 0x4, 0x28, 0x65, 0x0, 0x1, 0x2f, 0x0, @rand_addr=0x64010102, @multicast2, {[@timestamp_addr={0x44, 0x14, 0xbb, 0x1, 0x3, [{@multicast1, 0x80000000}, {@multicast2, 0x4}]}]}}}}}) setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000800)={r0, @remote, @multicast2}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xf, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ba00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) openat$fuse(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="180000001e000515000000b71eb36a000000000007002b00"], 0x18}], 0x1}, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="9e22cdb0f0c45d2dc9aa10ec3eb60660263a2a378da4d3958ffa27da3b5c49dd972f46b53c73a602d777529e90d0e04d2e9d1dbd499f83ac2115463400aa47a17355b828fe5a"], 0x48) sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={0x0}}, 0x6042814) r1 = socket$packet(0x11, 0x2, 0x300) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000580), 0x3db040, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x100, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x5}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_ECN_PROB={0x8, 0x9, 0x50}, @TCA_FQ_PIE_ECN={0x8, 0xa, 0x1}]}}]}, 0x44}}, 0x400c4) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r1, {0x5}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_VERSION(r4, 0xc0189371, &(0x7f0000000300)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r6 = accept4(r5, 0x0, 0x0, 0x800) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000700000000000000000000000000000000000000000000000200000000000000ffffffffffffffff00"/85], 0xb8}}, 0x4004) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) setsockopt$inet_tcp_int(r6, 0x6, 0x11, &(0x7f0000000540)=0x8, 0x4) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000000", @ANYRES32, @ANYBLOB="08002700851600000a001800"], 0x4c}}, 0x4000804) sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r7, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1) fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r8, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r9, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x40000) 408.668644ms ago: executing program 1 (id=3186): add_key(0x0, 0x0, &(0x7f0000000100)="305c0605e182d1447ad1ad83700398d1c7d7982b8f57fb20a3adc9e3baa292ce8f0a861e6417acfc8648ad1b93d502b0cd490e35d53ddf6fd0461690982b2369490100b06df5aa", 0x47, 0xfffffffffffffffe) syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb0800", @ANYRES32=0x41424344], 0x0) r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f", 0x7, 0xfffffffffffffffe) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="480000001000", @ANYBLOB="ebffffffffffffff280012800b00010065"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) (fail_nth: 23) 322.37741ms ago: executing program 0 (id=3187): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', 0x0}) openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) socket$kcm(0x2d, 0x2, 0x0) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r2, @ANYRES32=r2], 0x44}}, 0x0) 238.87117ms ago: executing program 0 (id=3188): r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001400000008000f00fc00000018000180140002006e657464657673696d300000000000000800060000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES16=r0], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x40) r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r4 = socket$l2tp(0x2, 0x2, 0x73) getsockname$inet(r4, 0x0, &(0x7f0000000a40)) r5 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000280), 0x8203, 0x0) r6 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r7 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r7, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000004000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0) r8 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r8, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb}) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r5, {0x204}}, './file0\x00'}) ioctl$DMA_HEAP_IOCTL_ALLOC(r9, 0xc0184800, &(0x7f0000000340)={0x7, r7, 0x2}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000080)={0x2, 0x9, 0x3}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r8, 0xc02064b2, &(0x7f0000000380)={0xff, 0x3, 0xd83f}) close_range(r3, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000140600000fff07006706000020000000350200000ee60000bf25000000000000bd350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad53010000000000840400000000000014000000000000009500000000000000db13d5d8b740f2cdaabc8383c8f56b8c2b84a800ea6553f3ef4392b3815dcf00c3eebc52267b042d19d6e31e25e589d5f2692c75a547d6f186641ae8c557ccff3878a93b51a0389749df734f49ed5078b10f1e7f2b37626a3ace1ea89f7d2c570720a86853e26168761f0a53358f7ee2baa0e6a67a98a0d57ac09f36cfefbbc7492bbe7cdf64971a57fd64efd46c26"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x6, 0x10, 0x0, 0x57, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r8, 0xc02064b2, &(0x7f0000000000)={0x5, 0x0, 0x40, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_MAP_DUMB(r6, 0xc01064b3, &(0x7f0000000040)={r10}) 100.425748ms ago: executing program 1 (id=3189): creat(&(0x7f00000002c0)='./file0\x00', 0x6) r0 = open$dir(0x0, 0x0, 0x0) mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0) keyctl$restrict_keyring(0xa, 0x0, 0x0, &(0x7f0000000000)='i\xacl*c\x822') syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xf8) 100.183484ms ago: executing program 0 (id=3190): r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x500002, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan1\x00', 0x0}) sendmsg$can_bcm(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x1d, r1}, 0x10, &(0x7f0000000140)={&(0x7f00000000c0)={0x7, 0x90, 0xfffeffff, {0x0, 0xea60}, {}, {0x4, 0x0, 0x1}, 0x1, @canfd={{0x2, 0x1, 0x1}, 0x30, 0x0, 0x0, 0x0, "d785447460a83198a4e65284e22209709a4ad7d449b5033b50d3ac92034f14bceb421baf7be399f68376a2f5b239797055ef53bca3c2a25441fd4ef765658f50"}}, 0x80}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x68}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r2 = syz_init_net_socket$ax25(0x3, 0x2, 0xcc) r3 = socket$kcm(0x2, 0x200000000000001, 0x106) r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f00000000c0)='source', &(0x7f00000001c0)='source', 0x0) r5 = socket(0x10, 0x803, 0x0) write(r5, &(0x7f0000000340)="1c0000005e001f3814584707f9f4ffffff000000230000001ff80000", 0x1c) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002180)=@ipv4_newaddr={0x28, 0x14, 0x503, 0x800000, 0x25dfdbff, {0x2, 0x18, 0x50, 0xff, r8}, [@IFA_LOCAL={0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, @IFA_FLAGS={0x8, 0x8, 0x402}]}, 0x28}, 0x1, 0x0, 0x0, 0x400c080}, 0x48006) setsockopt$sock_attach_bpf(r3, 0x6, 0xd, &(0x7f0000000000), 0x4) ioctl$VIDIOC_QUERYBUF_DMABUF(r7, 0xc0585609, &(0x7f0000000200)={0x4, 0x8, 0x4, 0x10000, 0x3, {}, {0x4, 0x8, 0xff, 0x8, 0x4, 0x2, "090cab94"}, 0x4, 0x4, {}, 0xf, 0x0, r0}) ioctl$BTRFS_IOC_QUOTA_CTL(r9, 0xc0109428, &(0x7f0000000280)={0x3, 0x8}) setsockopt$ax25_SO_BINDTODEVICE(r2, 0x101, 0x19, &(0x7f00000001c0)=@bpq0, 0x10) 99.924428ms ago: executing program 1 (id=3191): r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r1, 0x40505331, &(0x7f0000000540)={{}, {0x18, 0x8}, 0x0, 0x7}) r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) ioctl$EVIOCGREP(r2, 0x80084522, &(0x7f0000001f40)=""/231) ioctl$EVIOCGNAME(r2, 0x80404506, &(0x7f00000005c0)=""/4096) ioctl$sock_bt_bnep_BNEPGETCONNLIST(r0, 0x800442d2, &(0x7f0000000040)={0x55, &(0x7f00000000c0)}) r3 = openat$vicodec1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0205648, &(0x7f0000000000)={0x9f0000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) 232.596µs ago: executing program 1 (id=3192): syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000440)="642626440f30400f3809070f20d835080000000f22d866baf80cb8ec07c880ef66bafc0ced440f23010f01920900000066baf80cb8c842b28cef66bafc0cb8774cebd9efc4c1c5d45bea660f38814c590866baf80cb8d65bd780ef66bafc0cec", 0x60}], 0x1, 0x54, 0x0, 0x0) pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$NL80211_CMD_LEAVE_MESH(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r4, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x20000004) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x41100, 0x50, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000240)={[0x80, 0x5, 0x7, 0xe51, 0xffffffffffffffff, 0x5479, 0x103d, 0x52, 0x0, 0x32a, 0xffffffffffffffff, 0xffffffff, 0x1, 0x40000000009, 0x2, 0x6a], 0x8080000, 0x808d6}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 0s ago: executing program 0 (id=3193): socket$kcm(0x10, 0x5, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_GET_BYNAME(r0, 0x0, 0x4040) openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400081, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[], 0xc1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r2, 0x0) ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, &(0x7f0000000100)=0x3) (fail_nth: 1) kernel console output (not intermixed with test programs): X: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000005 [ 208.678143][T13186] RBP: 00007f7e76a24090 R08: 0000000000000000 R09: 0000000000000000 [ 208.678150][T13186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 208.678156][T13186] R13: 0000000000000000 R14: 00007f7e75db5fa0 R15: 00007fff6a26bcd8 [ 208.678170][T13186] [ 208.756629][ C1] vkms_vblank_simulate: vblank timer overrun [ 208.819725][T13188] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 208.923791][ T29] usb 8-1: new high-speed USB device number 32 using dummy_hcd [ 208.945611][ T29] usb 8-1: device descriptor read/8, error -71 [ 209.183596][ T29] usb 8-1: new high-speed USB device number 33 using dummy_hcd [ 209.204092][ T29] usb 8-1: device descriptor read/8, error -71 [ 209.313819][ T10] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 209.323910][ T29] usb usb8-port1: unable to enumerate USB device [ 209.465227][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 209.469898][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 209.474352][ T10] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 209.478252][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.485064][ T10] usb 5-1: config 0 descriptor?? [ 209.590625][ T40] audit: type=1400 audit(209.466:564): avc: denied { accept } for pid=13204 comm="syz.1.2807" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 209.595017][T13205] overlayfs: failed to resolve './file1': -2 [ 209.692989][ T10] usbhid 5-1:0.0: can't add hid device: -71 [ 209.694979][ T10] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 209.699268][ T10] usb 5-1: USB disconnect, device number 11 [ 210.143618][ T29] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 210.293616][ T29] usb 5-1: Using ep0 maxpacket: 32 [ 210.297527][ T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 210.302035][ T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 210.306368][ T29] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 210.310114][ T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 210.315668][ T29] usb 5-1: config 0 descriptor?? [ 210.320726][ T29] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 210.328568][ T29] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 210.521919][T13193] ldusb 5-1:0.0: Couldn't submit interrupt_in_urb -90 [ 210.531048][ T29] usb 5-1: USB disconnect, device number 12 [ 210.532495][ T29] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 210.730947][ T75] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.798942][ T5936] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 210.802910][ T5936] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 210.807781][ T5936] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 210.811521][ T5936] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 210.815329][ T5936] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 210.930050][T13219] chnl_net:caif_netlink_parms(): no params data found [ 211.015317][T13219] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.017495][T13219] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.020348][T13219] bridge_slave_0: entered allmulticast mode [ 211.024283][T13219] bridge_slave_0: entered promiscuous mode [ 211.028735][T13219] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.031769][T13219] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.035594][T13219] bridge_slave_1: entered allmulticast mode [ 211.039349][T13219] bridge_slave_1: entered promiscuous mode [ 211.094294][T13219] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 211.100862][T13219] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 211.147173][T13219] team0: Port device team_slave_0 added [ 211.150869][T13219] team0: Port device team_slave_1 added [ 211.182585][T13219] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 211.184915][T13219] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.192981][T13219] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 211.198660][T13219] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 211.200807][T13219] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.210668][T13219] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 211.249697][T13219] hsr_slave_0: entered promiscuous mode [ 211.251983][T13219] hsr_slave_1: entered promiscuous mode [ 211.254160][T13219] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 211.256561][T13219] Cannot create hsr debugfs directory [ 211.348228][T13219] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.431678][T13219] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.487425][T13219] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.569650][T13219] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.673569][T13219] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 211.677568][T13219] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 211.682250][T13219] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 211.690234][T13219] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 211.702455][T13219] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.704766][T13219] bridge0: port 2(bridge_slave_1) entered forwarding state [ 211.707123][T13219] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.709508][T13219] bridge0: port 1(bridge_slave_0) entered forwarding state [ 211.750356][T13219] 8021q: adding VLAN 0 to HW filter on device bond0 [ 211.765408][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.770543][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.798289][T13219] 8021q: adding VLAN 0 to HW filter on device team0 [ 211.806546][ T1177] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.809591][ T1177] bridge0: port 1(bridge_slave_0) entered forwarding state [ 211.817070][ T1177] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.819394][ T1177] bridge0: port 2(bridge_slave_1) entered forwarding state [ 211.993016][T13219] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 212.012410][ T40] audit: type=1400 audit(211.886:565): avc: denied { rename } for pid=13241 comm="syz.0.2817" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 212.043260][T13219] veth0_vlan: entered promiscuous mode [ 212.052298][T13219] veth1_vlan: entered promiscuous mode [ 212.079704][T13219] veth0_macvtap: entered promiscuous mode [ 212.088346][T13219] veth1_macvtap: entered promiscuous mode [ 212.094389][ T5946] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 212.099096][ T5946] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 212.106336][ T5946] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 212.110312][ T5946] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 212.117325][T13219] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 212.123915][ T5946] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 212.124924][T13219] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 212.134930][T13219] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.138667][T13219] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.142202][T13219] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.145976][T13219] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.159531][ T40] audit: type=1400 audit(212.036:566): avc: denied { append } for pid=13249 comm="syz.1.2819" name="usbmon4" dev="devtmpfs" ino=749 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 212.170419][ T40] audit: type=1400 audit(212.046:567): avc: denied { ioctl } for pid=13249 comm="syz.1.2819" path="/dev/usbmon4" dev="devtmpfs" ino=749 ioctlcmd=0x9205 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 212.236490][ T1177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 212.242280][ T1177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 212.276987][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 212.279457][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 212.356399][ T40] audit: type=1400 audit(212.236:568): avc: denied { bind } for pid=13265 comm="syz.0.2823" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 212.362710][ T40] audit: type=1400 audit(212.236:569): avc: denied { name_bind } for pid=13265 comm="syz.0.2823" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 212.370427][ T40] audit: type=1400 audit(212.236:570): avc: denied { node_bind } for pid=13265 comm="syz.0.2823" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 212.403116][T13245] chnl_net:caif_netlink_parms(): no params data found [ 212.477008][T13281] JFS: charset not found [ 212.490586][ T75] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.514721][T13283] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2827'. [ 212.574669][T13245] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.576996][T13245] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.580575][T13245] bridge_slave_0: entered allmulticast mode [ 212.585151][T13245] bridge_slave_0: entered promiscuous mode [ 212.605706][ T75] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.612399][T13245] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.616273][T13245] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.619552][T13245] bridge_slave_1: entered allmulticast mode [ 212.623675][T13245] bridge_slave_1: entered promiscuous mode [ 212.727034][ T75] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.801466][T13245] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 212.813632][T13245] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 212.894680][ T5946] Bluetooth: hci2: command tx timeout [ 212.945534][T13245] team0: Port device team_slave_0 added [ 212.956391][T13245] team0: Port device team_slave_1 added [ 213.092629][T13245] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 213.097614][T13245] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 213.108189][T13245] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 213.113824][T13245] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 213.116024][T13245] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 213.125882][T13245] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 213.260920][T13245] hsr_slave_0: entered promiscuous mode [ 213.263221][T13245] hsr_slave_1: entered promiscuous mode [ 213.266795][T13245] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 213.269192][T13245] Cannot create hsr debugfs directory [ 213.337905][ T75] bridge_slave_1: left allmulticast mode [ 213.340345][ T75] bridge_slave_1: left promiscuous mode [ 213.342575][ T75] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.351515][ T75] bridge_slave_0: left allmulticast mode [ 213.353314][ T75] bridge_slave_0: left promiscuous mode [ 213.355811][ T75] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.689303][ T75] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 213.695539][ T75] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 213.703252][ T75] bond0 (unregistering): Released all slaves [ 213.728606][T13348] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.941000][T13363] tipc: Enabling of bearer rejected, failed to enable media [ 214.017959][T13374] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2843'. [ 214.021097][T13370] ALSA: seq fatal error: cannot create timer (-19) [ 214.025406][T13370] netlink: 'syz.1.2842': attribute type 10 has an invalid length. [ 214.027948][T13370] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2842'. [ 214.032907][ T75] hsr_slave_0: left promiscuous mode [ 214.039036][ T75] hsr_slave_1: left promiscuous mode [ 214.041606][ T75] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 214.045512][ T75] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 214.048453][ T75] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 214.050797][ T75] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 214.052873][T13376] FAULT_INJECTION: forcing a failure. [ 214.052873][T13376] name failslab, interval 1, probability 0, space 0, times 0 [ 214.062882][T13376] CPU: 3 UID: 0 PID: 13376 Comm: syz.3.2844 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 214.062900][T13376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 214.062908][T13376] Call Trace: [ 214.062913][T13376] [ 214.062917][T13376] dump_stack_lvl+0x16c/0x1f0 [ 214.062933][T13376] should_fail_ex+0x512/0x640 [ 214.062944][T13376] ? __kmalloc_noprof+0xbf/0x510 [ 214.062958][T13376] ? tls_get_rec+0xfa/0x730 [ 214.062972][T13376] should_failslab+0xc2/0x120 [ 214.062985][T13376] __kmalloc_noprof+0xd2/0x510 [ 214.062995][T13376] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 214.063017][T13376] tls_get_rec+0xfa/0x730 [ 214.063037][T13376] ? __local_bh_enable_ip+0xa4/0x120 [ 214.063059][T13376] tls_sw_sendmsg+0xff7/0x2390 [ 214.063090][T13376] ? __pfx_avc_has_perm+0x10/0x10 [ 214.063103][T13376] ? __lock_acquire+0x622/0x1c90 [ 214.063120][T13376] ? find_held_lock+0x2b/0x80 [ 214.063133][T13376] ? __pfx_tls_sw_sendmsg+0x10/0x10 [ 214.063149][T13376] ? selinux_socket_post_create+0x747/0x7f0 [ 214.063166][T13376] ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10 [ 214.063184][T13376] ? __pfx_tls_sw_sendmsg+0x10/0x10 [ 214.063201][T13376] inet6_sendmsg+0x11c/0x140 [ 214.063216][T13376] sock_write_iter+0x3e6/0x5b0 [ 214.063228][T13376] ? __pfx_sock_write_iter+0x10/0x10 [ 214.063245][T13376] ? __pfx_file_has_perm+0x10/0x10 [ 214.063261][T13376] do_iter_readv_writev+0x559/0x820 [ 214.063284][T13376] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 214.063309][T13376] ? selinux_file_permission+0x11f/0x580 [ 214.063326][T13376] ? bpf_lsm_file_permission+0x9/0x10 [ 214.063341][T13376] ? security_file_permission+0x71/0x210 [ 214.063353][T13376] ? rw_verify_area+0xcf/0x680 [ 214.063369][T13376] vfs_writev+0x353/0xdd0 [ 214.063387][T13376] ? __lock_acquire+0x622/0x1c90 [ 214.063402][T13376] ? __pfx_vfs_writev+0x10/0x10 [ 214.063465][T13376] ? __fget_files+0x20e/0x3c0 [ 214.063475][T13376] ? __fget_files+0x170/0x3c0 [ 214.063488][T13376] ? do_writev+0x28c/0x340 [ 214.063503][T13376] do_writev+0x28c/0x340 [ 214.063518][T13376] ? __pfx_do_writev+0x10/0x10 [ 214.063545][T13376] do_syscall_64+0xcd/0x4c0 [ 214.063566][T13376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.063585][T13376] RIP: 0033:0x7f45c7b8e969 [ 214.063600][T13376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 214.063611][T13376] RSP: 002b:00007f45c8ac5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 214.063622][T13376] RAX: ffffffffffffffda RBX: 00007f45c7db5fa0 RCX: 00007f45c7b8e969 [ 214.063629][T13376] RDX: 0000000000000002 RSI: 0000200000001000 RDI: 0000000000000003 [ 214.063636][T13376] RBP: 00007f45c8ac5090 R08: 0000000000000000 R09: 0000000000000000 [ 214.063643][T13376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 214.063649][T13376] R13: 0000000000000000 R14: 00007f45c7db5fa0 R15: 00007ffc527e3518 [ 214.063663][T13376] [ 214.087254][ T75] veth1_macvtap: left promiscuous mode [ 214.160545][ T75] veth0_macvtap: left promiscuous mode [ 214.162306][ T75] veth1_vlan: left promiscuous mode [ 214.164191][ T75] veth0_vlan: left promiscuous mode [ 214.173694][ T5946] Bluetooth: hci1: command tx timeout [ 214.212485][T13379] kvm: pic: non byte write [ 214.795852][ T75] team0 (unregistering): Port device team_slave_1 removed [ 214.862470][ T75] team0 (unregistering): Port device team_slave_0 removed [ 214.983838][ T5946] Bluetooth: hci2: command tx timeout [ 215.412497][T13370] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.416121][T13370] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.418986][T13370] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.421763][T13370] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.428167][T13370] team0: Port device geneve0 added [ 215.476130][T13391] syzkaller1: entered promiscuous mode [ 215.477924][T13391] syzkaller1: entered allmulticast mode [ 215.503259][T13393] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2851'. [ 215.591828][ T40] audit: type=1400 audit(215.466:571): avc: denied { mounton } for pid=13395 comm="syz.0.2852" path="/104/file0" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=dir permissive=1 [ 215.593090][T13396] smb3: Unknown parameter 'rdmale0/../file0/../file0' [ 215.598955][ T40] audit: type=1400 audit(215.466:572): avc: denied { remount } for pid=13395 comm="syz.0.2852" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 215.603182][T13396] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2852'. [ 215.628098][T13396] 8021q: adding VLAN 0 to HW filter on device bond1 [ 215.652535][T13396] 8021q: adding VLAN 0 to HW filter on device bond1 [ 215.655977][T13396] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address [ 215.659795][T13396] bond1: (slave wireguard0): Error -95 calling set_mac_address [ 215.723340][T13245] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 215.731879][T13245] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 215.740653][T13245] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 215.747255][T13245] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 215.815708][T13245] 8021q: adding VLAN 0 to HW filter on device bond0 [ 215.833012][T13245] 8021q: adding VLAN 0 to HW filter on device team0 [ 215.840746][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.843755][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 215.850595][T13412] netlink: 'syz.1.2854': attribute type 1 has an invalid length. [ 215.855979][ T1177] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.858434][T13412] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2854'. [ 215.859007][ T1177] bridge0: port 2(bridge_slave_1) entered forwarding state [ 215.898117][ T40] audit: type=1400 audit(215.776:573): avc: denied { unmount } for pid=12218 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 215.911267][ T40] audit: type=1400 audit(215.786:574): avc: denied { unmount } for pid=12218 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 215.926883][T13418] No source specified [ 215.934328][T13418] netlink: 'syz.1.2855': attribute type 12 has an invalid length. [ 215.937631][T13418] netlink: 'syz.1.2855': attribute type 29 has an invalid length. [ 215.940825][T13418] netlink: 148 bytes leftover after parsing attributes in process `syz.1.2855'. [ 215.953558][T13418] netlink: 59 bytes leftover after parsing attributes in process `syz.1.2855'. [ 216.061562][T13245] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 216.090332][T13245] veth0_vlan: entered promiscuous mode [ 216.097862][T13245] veth1_vlan: entered promiscuous mode [ 216.129971][T13245] veth0_macvtap: entered promiscuous mode [ 216.135579][T13245] veth1_macvtap: entered promiscuous mode [ 216.149268][T13245] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 216.155539][T13387] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 216.160397][T13432] openvswitch: netlink: IP tunnel TTL not specified. [ 216.163138][T13245] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 216.170356][T13245] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.175229][T13245] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.179256][T13245] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.183043][T13245] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.258607][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 216.261132][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 216.263917][ T5946] Bluetooth: hci1: command tx timeout [ 216.282487][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 216.292585][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 216.302084][ T40] audit: type=1400 audit(216.176:575): avc: denied { mounton } for pid=13245 comm="syz-executor" path="/syzkaller.eBMA7L/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=62706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 216.317552][ T40] audit: type=1400 audit(216.196:576): avc: denied { mount } for pid=13245 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 216.482776][ T5946] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 216.665718][ T40] audit: type=1400 audit(216.546:577): avc: denied { setopt } for pid=13455 comm="syz.1.2870" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 216.835318][ T40] audit: type=1400 audit(216.706:578): avc: denied { read } for pid=13461 comm="syz.3.2873" name="file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 216.835448][ T40] audit: type=1400 audit(216.706:579): avc: denied { open } for pid=13461 comm="syz.3.2873" path="/14/file0/file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 216.844325][T13463] block device autoloading is deprecated and will be removed. [ 216.848100][ T40] audit: type=1400 audit(216.726:580): avc: denied { ioctl } for pid=13461 comm="syz.3.2873" path="/14/file0/file0" dev="fuse" ino=64 ioctlcmd=0x912 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 216.877847][T13465] tipc: Enabled bearer , priority 0 [ 216.878315][T13465] syzkaller0: entered promiscuous mode [ 216.878332][T13465] syzkaller0: entered allmulticast mode [ 216.880320][T13465] FAULT_INJECTION: forcing a failure. [ 216.880320][T13465] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 216.880347][T13465] CPU: 2 UID: 0 PID: 13465 Comm: syz.1.2874 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 216.880368][T13465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 216.880379][T13465] Call Trace: [ 216.880383][T13465] [ 216.880388][T13465] dump_stack_lvl+0x16c/0x1f0 [ 216.880408][T13465] should_fail_ex+0x512/0x640 [ 216.880428][T13465] _copy_from_user+0x2e/0xd0 [ 216.880447][T13465] get_user_ifreq+0xf1/0x250 [ 216.880471][T13465] sock_do_ioctl+0x16b/0x280 [ 216.880494][T13465] ? __pfx_sock_do_ioctl+0x10/0x10 [ 216.880524][T13465] ? ioctl_has_perm.constprop.0.isra.0+0x2f4/0x450 [ 216.880543][T13465] ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450 [ 216.880563][T13465] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 216.880582][T13465] sock_ioctl+0x227/0x6b0 [ 216.880603][T13465] ? __pfx_sock_ioctl+0x10/0x10 [ 216.880617][T13465] ? hook_file_ioctl_common+0x145/0x410 [ 216.880642][T13465] ? selinux_file_ioctl+0x180/0x270 [ 216.880658][T13465] ? selinux_file_ioctl+0xb4/0x270 [ 216.880674][T13465] ? __pfx_sock_ioctl+0x10/0x10 [ 216.880689][T13465] __x64_sys_ioctl+0x18b/0x210 [ 216.880714][T13465] do_syscall_64+0xcd/0x4c0 [ 216.880733][T13465] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.880749][T13465] RIP: 0033:0x7f16c7b8e969 [ 216.880763][T13465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 216.880776][T13465] RSP: 002b:00007f16c59f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 216.880790][T13465] RAX: ffffffffffffffda RBX: 00007f16c7db5fa0 RCX: 00007f16c7b8e969 [ 216.880801][T13465] RDX: 0000200000002280 RSI: 0000000000008922 RDI: 0000000000000005 [ 216.880812][T13465] RBP: 00007f16c59f6090 R08: 0000000000000000 R09: 0000000000000000 [ 216.880822][T13465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 216.880832][T13465] R13: 0000000000000000 R14: 00007f16c7db5fa0 R15: 00007ffc5bf28758 [ 216.880854][T13465] [ 216.881509][T13464] tipc: Resetting bearer [ 216.892752][T13464] tipc: Disabling bearer [ 217.055805][ T5946] Bluetooth: hci2: command tx timeout [ 217.074163][T13469] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2876'. [ 217.228881][T13479] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2881'. [ 217.378689][T13490] Cannot find del_set index 85 as target [ 217.455506][T13493] FAULT_INJECTION: forcing a failure. [ 217.455506][T13493] name failslab, interval 1, probability 0, space 0, times 0 [ 217.459411][T13493] CPU: 3 UID: 0 PID: 13493 Comm: syz.0.2887 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 217.459426][T13493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 217.459433][T13493] Call Trace: [ 217.459443][T13493] [ 217.459448][T13493] dump_stack_lvl+0x16c/0x1f0 [ 217.459474][T13493] should_fail_ex+0x512/0x640 [ 217.459490][T13493] should_failslab+0xc2/0x120 [ 217.459503][T13493] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 217.459515][T13493] ? skb_clone+0x190/0x3f0 [ 217.459533][T13493] skb_clone+0x190/0x3f0 [ 217.459548][T13493] netlink_deliver_tap+0xabd/0xd30 [ 217.459567][T13493] netlink_unicast+0x5df/0x7f0 [ 217.459586][T13493] ? __pfx_netlink_unicast+0x10/0x10 [ 217.459606][T13493] netlink_sendmsg+0x8d1/0xdd0 [ 217.459638][T13493] ? __pfx_netlink_sendmsg+0x10/0x10 [ 217.459660][T13493] ____sys_sendmsg+0xa95/0xc70 [ 217.459672][T13493] ? copy_msghdr_from_user+0x10a/0x160 [ 217.459686][T13493] ? __pfx_____sys_sendmsg+0x10/0x10 [ 217.459703][T13493] ___sys_sendmsg+0x134/0x1d0 [ 217.459719][T13493] ? __pfx____sys_sendmsg+0x10/0x10 [ 217.459732][T13493] ? __lock_acquire+0x622/0x1c90 [ 217.459765][T13493] __sys_sendmsg+0x16d/0x220 [ 217.459780][T13493] ? __pfx___sys_sendmsg+0x10/0x10 [ 217.459804][T13493] do_syscall_64+0xcd/0x4c0 [ 217.459816][T13493] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.459828][T13493] RIP: 0033:0x7f7e75b8e969 [ 217.459837][T13493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.459848][T13493] RSP: 002b:00007f7e76a24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 217.459859][T13493] RAX: ffffffffffffffda RBX: 00007f7e75db5fa0 RCX: 00007f7e75b8e969 [ 217.459866][T13493] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004 [ 217.459872][T13493] RBP: 00007f7e76a24090 R08: 0000000000000000 R09: 0000000000000000 [ 217.459879][T13493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 217.459885][T13493] R13: 0000000000000000 R14: 00007f7e75db5fa0 R15: 00007fff6a26bcd8 [ 217.459899][T13493] [ 217.460023][T13493] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2887'. [ 217.796052][T13516] tipc: Enabling of bearer rejected, failed to enable media [ 217.870358][T13520] vlan2: entered allmulticast mode [ 217.872640][T13520] bond0: entered allmulticast mode [ 217.875129][T13520] bond_slave_0: entered allmulticast mode [ 217.877675][T13520] bond_slave_1: entered allmulticast mode [ 218.157317][T13541] loop6: detected capacity change from 0 to 7 [ 218.162289][T13541] Dev loop6: unable to read RDB block 7 [ 218.164195][T13541] loop6: unable to read partition table [ 218.166067][T13541] loop6: partition table beyond EOD, truncated [ 218.167997][T13541] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5) [ 218.177537][T13541] macsec1: entered promiscuous mode [ 218.179196][T13541] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 218.220993][ T5946] Bluetooth: hci2: unknown advertising packet type: 0x82 [ 218.221034][ T5946] Bluetooth: hci2: Dropping invalid advertising data [ 218.221045][ T5946] Bluetooth: hci2: Malformed LE Event: 0x02 [ 218.355281][T13557] tipc: Started in network mode [ 218.355307][T13557] tipc: Node identity 7ecf973376e1, cluster identity 4711 [ 218.355482][T13557] tipc: Enabled bearer , priority 0 [ 218.460031][ T46] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 218.510593][T13558] tipc: Resetting bearer [ 219.135921][ T5946] Bluetooth: hci2: command tx timeout [ 219.484751][ T5993] tipc: Node number set to 137271091 [ 219.568621][T13558] tipc: Disabling bearer [ 219.740592][T13573] FAULT_INJECTION: forcing a failure. [ 219.740592][T13573] name failslab, interval 1, probability 0, space 0, times 0 [ 219.745289][T13573] CPU: 2 UID: 0 PID: 13573 Comm: syz.3.2918 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 219.745311][T13573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 219.745323][T13573] Call Trace: [ 219.745329][T13573] [ 219.745336][T13573] dump_stack_lvl+0x16c/0x1f0 [ 219.745359][T13573] should_fail_ex+0x512/0x640 [ 219.745379][T13573] should_failslab+0xc2/0x120 [ 219.745398][T13573] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 219.745417][T13573] ? skb_clone+0x190/0x3f0 [ 219.745444][T13573] skb_clone+0x190/0x3f0 [ 219.745467][T13573] netlink_deliver_tap+0xabd/0xd30 [ 219.745498][T13573] netlink_unicast+0x5df/0x7f0 [ 219.745526][T13573] ? __pfx_netlink_unicast+0x10/0x10 [ 219.745558][T13573] netlink_sendmsg+0x8d1/0xdd0 [ 219.745586][T13573] ? __pfx_netlink_sendmsg+0x10/0x10 [ 219.745621][T13573] ____sys_sendmsg+0xa95/0xc70 [ 219.745637][T13573] ? copy_msghdr_from_user+0x10a/0x160 [ 219.745660][T13573] ? __pfx_____sys_sendmsg+0x10/0x10 [ 219.745689][T13573] ___sys_sendmsg+0x134/0x1d0 [ 219.745714][T13573] ? __pfx____sys_sendmsg+0x10/0x10 [ 219.745734][T13573] ? __lock_acquire+0x622/0x1c90 [ 219.745787][T13573] __sys_sendmsg+0x16d/0x220 [ 219.745810][T13573] ? __pfx___sys_sendmsg+0x10/0x10 [ 219.745848][T13573] do_syscall_64+0xcd/0x4c0 [ 219.745876][T13573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.745893][T13573] RIP: 0033:0x7f45c7b8e969 [ 219.745907][T13573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 219.745924][T13573] RSP: 002b:00007f45c8ac5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 219.745942][T13573] RAX: ffffffffffffffda RBX: 00007f45c7db5fa0 RCX: 00007f45c7b8e969 [ 219.745953][T13573] RDX: 0000000020008000 RSI: 0000200000000200 RDI: 0000000000000003 [ 219.745963][T13573] RBP: 00007f45c8ac5090 R08: 0000000000000000 R09: 0000000000000000 [ 219.745975][T13573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 219.745985][T13573] R13: 0000000000000000 R14: 00007f45c7db5fa0 R15: 00007ffc527e3518 [ 219.746006][T13573] [ 219.796090][T13576] __nla_validate_parse: 4 callbacks suppressed [ 219.796107][T13576] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2917'. [ 219.796612][T13576] netlink: 'syz.1.2917': attribute type 10 has an invalid length. [ 219.836768][T13576] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 219.839636][T13576] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 219.898548][T13591] FAULT_INJECTION: forcing a failure. [ 219.898548][T13591] name failslab, interval 1, probability 0, space 0, times 0 [ 219.902726][T13591] CPU: 0 UID: 0 PID: 13591 Comm: syz.0.2921 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 219.902742][T13591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 219.902749][T13591] Call Trace: [ 219.902759][T13591] [ 219.902766][T13591] dump_stack_lvl+0x16c/0x1f0 [ 219.902802][T13591] should_fail_ex+0x512/0x640 [ 219.902826][T13591] ? __kmalloc_noprof+0xbf/0x510 [ 219.902845][T13591] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 219.902864][T13591] should_failslab+0xc2/0x120 [ 219.902884][T13591] __kmalloc_noprof+0xd2/0x510 [ 219.902911][T13591] ? avc_has_perm_noaudit+0x149/0x3b0 [ 219.902937][T13591] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 219.902963][T13591] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 219.902984][T13591] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 219.903010][T13591] ? bpf_lsm_capable+0x9/0x10 [ 219.903033][T13591] ? security_capable+0x7e/0x260 [ 219.903057][T13591] ? ns_capable+0xd7/0x110 [ 219.903078][T13591] genl_rcv_msg+0x55c/0x800 [ 219.903099][T13591] ? __pfx_genl_rcv_msg+0x10/0x10 [ 219.903117][T13591] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 219.903133][T13591] ? __pfx_nl80211_tdls_oper+0x10/0x10 [ 219.903155][T13591] ? __pfx_nl80211_post_doit+0x10/0x10 [ 219.903174][T13591] ? __lock_acquire+0xb8a/0x1c90 [ 219.903202][T13591] netlink_rcv_skb+0x16a/0x440 [ 219.903227][T13591] ? __pfx_genl_rcv_msg+0x10/0x10 [ 219.903247][T13591] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 219.903284][T13591] ? __pfx_down_read+0x10/0x10 [ 219.903305][T13591] ? netlink_deliver_tap+0x1ae/0xd30 [ 219.903329][T13591] ? is_vmalloc_addr+0x86/0xa0 [ 219.903348][T13591] genl_rcv+0x28/0x40 [ 219.903384][T13591] netlink_unicast+0x53d/0x7f0 [ 219.903427][T13591] ? __pfx_netlink_unicast+0x10/0x10 [ 219.903463][T13591] netlink_sendmsg+0x8d1/0xdd0 [ 219.903493][T13591] ? __pfx_netlink_sendmsg+0x10/0x10 [ 219.903529][T13591] ____sys_sendmsg+0xa95/0xc70 [ 219.903548][T13591] ? copy_msghdr_from_user+0x10a/0x160 [ 219.903570][T13591] ? __pfx_____sys_sendmsg+0x10/0x10 [ 219.903600][T13591] ___sys_sendmsg+0x134/0x1d0 [ 219.903625][T13591] ? __pfx____sys_sendmsg+0x10/0x10 [ 219.903651][T13591] ? __lock_acquire+0x622/0x1c90 [ 219.903712][T13591] __sys_sendmsg+0x16d/0x220 [ 219.903736][T13591] ? __pfx___sys_sendmsg+0x10/0x10 [ 219.903763][T13591] do_syscall_64+0xcd/0x4c0 [ 219.903775][T13591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.903787][T13591] RIP: 0033:0x7f7e75b8e969 [ 219.903796][T13591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 219.903808][T13591] RSP: 002b:00007f7e76a24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 219.903818][T13591] RAX: ffffffffffffffda RBX: 00007f7e75db5fa0 RCX: 00007f7e75b8e969 [ 219.903825][T13591] RDX: 000000000000c000 RSI: 0000200000000000 RDI: 0000000000000004 [ 219.903832][T13591] RBP: 00007f7e76a24090 R08: 0000000000000000 R09: 0000000000000000 [ 219.903839][T13591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 219.903845][T13591] R13: 0000000000000000 R14: 00007f7e75db5fa0 R15: 00007fff6a26bcd8 [ 219.903859][T13591] [ 219.913830][ T5936] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 219.949295][T13597] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 219.954543][ T5936] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 220.026957][ T5936] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 220.030227][ T5936] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 220.033363][ T5936] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 220.064337][T13599] tipc: Enabled bearer , priority 0 [ 220.192311][T13590] chnl_net:caif_netlink_parms(): no params data found [ 220.250651][T13600] tipc: Resetting bearer [ 220.406901][T13629] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2937'. [ 221.294027][T13600] tipc: Disabling bearer [ 221.326655][ T46] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.358549][T13640] tipc: Enabled bearer , priority 0 [ 221.404328][ T75] tipc: Resetting bearer [ 221.413543][T13646] FAULT_INJECTION: forcing a failure. [ 221.413543][T13646] name failslab, interval 1, probability 0, space 0, times 0 [ 221.418800][T13646] CPU: 0 UID: 0 PID: 13646 Comm: syz.1.2942 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 221.418825][T13646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 221.418838][T13646] Call Trace: [ 221.418844][T13646] [ 221.418851][T13646] dump_stack_lvl+0x16c/0x1f0 [ 221.418875][T13646] should_fail_ex+0x512/0x640 [ 221.418894][T13646] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 221.418941][T13646] should_failslab+0xc2/0x120 [ 221.418960][T13646] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 221.418992][T13646] ? __alloc_skb+0x2b2/0x380 [ 221.419019][T13646] __alloc_skb+0x2b2/0x380 [ 221.419040][T13646] ? __pfx___alloc_skb+0x10/0x10 [ 221.419060][T13646] ? __pfx_rtnl_bridge_setlink+0x10/0x10 [ 221.419090][T13646] netlink_ack+0x15d/0xb80 [ 221.419123][T13646] netlink_rcv_skb+0x347/0x440 [ 221.419150][T13646] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 221.419175][T13646] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 221.419214][T13646] ? netlink_deliver_tap+0x1ae/0xd30 [ 221.419239][T13646] ? is_vmalloc_addr+0x86/0xa0 [ 221.419263][T13646] netlink_unicast+0x53d/0x7f0 [ 221.419292][T13646] ? __pfx_netlink_unicast+0x10/0x10 [ 221.419326][T13646] netlink_sendmsg+0x8d1/0xdd0 [ 221.419379][T13646] ? __pfx_netlink_sendmsg+0x10/0x10 [ 221.419413][T13646] ____sys_sendmsg+0xa95/0xc70 [ 221.419434][T13646] ? copy_msghdr_from_user+0x10a/0x160 [ 221.419458][T13646] ? __pfx_____sys_sendmsg+0x10/0x10 [ 221.419484][T13646] ___sys_sendmsg+0x134/0x1d0 [ 221.419508][T13646] ? __pfx____sys_sendmsg+0x10/0x10 [ 221.419529][T13646] ? __lock_acquire+0x622/0x1c90 [ 221.419582][T13646] __sys_sendmsg+0x16d/0x220 [ 221.419607][T13646] ? __pfx___sys_sendmsg+0x10/0x10 [ 221.419655][T13646] do_syscall_64+0xcd/0x4c0 [ 221.419677][T13646] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.419696][T13646] RIP: 0033:0x7f16c7b8e969 [ 221.419711][T13646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.419730][T13646] RSP: 002b:00007f16c59f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 221.419747][T13646] RAX: ffffffffffffffda RBX: 00007f16c7db5fa0 RCX: 00007f16c7b8e969 [ 221.419760][T13646] RDX: 0000000000044800 RSI: 0000200000000200 RDI: 0000000000000004 [ 221.419772][T13646] RBP: 00007f16c59f6090 R08: 0000000000000000 R09: 0000000000000000 [ 221.419784][T13646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 221.419796][T13646] R13: 0000000000000000 R14: 00007f16c7db5fa0 R15: 00007ffc5bf28758 [ 221.419818][T13646] [ 221.419978][T13626] tipc: Resetting bearer [ 221.689294][T13664] netlink: 'syz.0.2949': attribute type 1 has an invalid length. [ 221.691746][T13664] netlink: 140 bytes leftover after parsing attributes in process `syz.0.2949'. [ 222.095092][ T5936] Bluetooth: hci1: command tx timeout [ 222.474583][ T40] kauditd_printk_skb: 11 callbacks suppressed [ 222.474596][ T40] audit: type=1400 audit(222.356:592): avc: denied { read } for pid=13666 comm="syz.0.2950" name="btrfs-control" dev="devtmpfs" ino=1335 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 222.485060][ T40] audit: type=1400 audit(222.356:593): avc: denied { open } for pid=13666 comm="syz.0.2950" path="/dev/btrfs-control" dev="devtmpfs" ino=1335 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 222.505238][ T40] audit: type=1400 audit(222.386:594): avc: denied { ioctl } for pid=13666 comm="syz.0.2950" path="/dev/btrfs-control" dev="devtmpfs" ino=1335 ioctlcmd=0x9404 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 222.611829][T13626] tipc: Disabling bearer [ 222.648406][T13660] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2947'. [ 222.668653][ T46] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.695901][T13590] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.698246][T13590] bridge0: port 1(bridge_slave_0) entered disabled state [ 222.700518][T13590] bridge_slave_0: entered allmulticast mode [ 222.712259][T13590] bridge_slave_0: entered promiscuous mode [ 222.716724][T13590] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.719457][T13590] bridge0: port 2(bridge_slave_1) entered disabled state [ 222.722198][T13590] bridge_slave_1: entered allmulticast mode [ 222.725499][T13590] bridge_slave_1: entered promiscuous mode [ 222.731429][T13675] FAULT_INJECTION: forcing a failure. [ 222.731429][T13675] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 222.738313][T13675] CPU: 3 UID: 0 PID: 13675 Comm: syz.3.2952 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 222.738337][T13675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 222.738349][T13675] Call Trace: [ 222.738356][T13675] [ 222.738363][T13675] dump_stack_lvl+0x16c/0x1f0 [ 222.738384][T13675] should_fail_ex+0x512/0x640 [ 222.738406][T13675] should_fail_alloc_page+0xe7/0x130 [ 222.738426][T13675] prepare_alloc_pages+0x3c2/0x610 [ 222.738456][T13675] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 222.738476][T13675] ? stack_trace_save+0x8e/0xc0 [ 222.738497][T13675] ? __pfx_stack_trace_save+0x10/0x10 [ 222.738517][T13675] ? stack_depot_save_flags+0x28/0xa40 [ 222.738540][T13675] ? kasan_save_stack+0x42/0x60 [ 222.738568][T13675] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 222.738585][T13675] ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0 [ 222.738614][T13675] ? __get_vm_area_node+0x1ca/0x330 [ 222.738636][T13675] ? __vmalloc_node_noprof+0xad/0xf0 [ 222.738660][T13675] ? copy_process+0x2f03/0x9170 [ 222.738679][T13675] ? vhost_task_create+0x1d2/0x2e0 [ 222.738703][T13675] ? kvm_mmu_post_init_vm+0x1b7/0x370 [ 222.738723][T13675] ? kvm_arch_vcpu_ioctl_run+0x66/0x18c0 [ 222.738740][T13675] ? kvm_vcpu_ioctl+0x5e9/0x1680 [ 222.738758][T13675] ? __x64_sys_ioctl+0x18b/0x210 [ 222.738797][T13675] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 222.738828][T13675] ? policy_nodemask+0xea/0x4e0 [ 222.738850][T13675] alloc_pages_mpol+0x1fb/0x550 [ 222.738870][T13675] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 222.738897][T13675] alloc_pages_noprof+0x131/0x390 [ 222.738917][T13675] get_free_pages_noprof+0x10/0xb0 [ 222.738938][T13675] kasan_populate_vmalloc+0x89/0x1f0 [ 222.738971][T13675] alloc_vmap_area+0x963/0x28f0 [ 222.739004][T13675] ? __pfx_alloc_vmap_area+0x10/0x10 [ 222.739034][T13675] __get_vm_area_node+0x1ca/0x330 [ 222.739078][T13675] __vmalloc_node_range_noprof+0x277/0x1520 [ 222.739104][T13675] ? vhost_task_create+0x1d2/0x2e0 [ 222.739130][T13675] ? __mod_memcg_lruvec_state+0x527/0x740 [ 222.739162][T13675] ? vhost_task_create+0x1d2/0x2e0 [ 222.739194][T13675] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 222.739219][T13675] ? __memcg_slab_post_alloc_hook+0x500/0x9c0 [ 222.739249][T13675] ? vhost_task_create+0x1d2/0x2e0 [ 222.739274][T13675] __vmalloc_node_noprof+0xad/0xf0 [ 222.739297][T13675] ? vhost_task_create+0x1d2/0x2e0 [ 222.739326][T13675] copy_process+0x2f03/0x9170 [ 222.739367][T13675] ? kasan_save_stack+0x42/0x60 [ 222.739391][T13675] ? kasan_save_stack+0x33/0x60 [ 222.739416][T13675] ? kasan_save_track+0x14/0x30 [ 222.739430][T13675] ? __kasan_kmalloc+0xaa/0xb0 [ 222.739455][T13675] ? vhost_task_create+0xe5/0x2e0 [ 222.739478][T13675] ? kvm_mmu_post_init_vm+0x1b7/0x370 [ 222.739497][T13675] ? kvm_arch_vcpu_ioctl_run+0x66/0x18c0 [ 222.739514][T13675] ? kvm_vcpu_ioctl+0x5e9/0x1680 [ 222.739532][T13675] ? __x64_sys_ioctl+0x18b/0x210 [ 222.739552][T13675] ? do_syscall_64+0xcd/0x4c0 [ 222.739569][T13675] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.739598][T13675] ? __pfx_copy_process+0x10/0x10 [ 222.739636][T13675] ? lockdep_init_map_type+0x5c/0x280 [ 222.739665][T13675] ? lockdep_init_map_type+0x5c/0x280 [ 222.739690][T13675] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 222.739715][T13675] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 222.739743][T13675] vhost_task_create+0x1d2/0x2e0 [ 222.739769][T13675] ? __pfx_vhost_task_create+0x10/0x10 [ 222.739808][T13675] ? __pfx_vhost_task_fn+0x10/0x10 [ 222.739846][T13675] kvm_mmu_post_init_vm+0x1b7/0x370 [ 222.739868][T13675] kvm_arch_vcpu_ioctl_run+0x66/0x18c0 [ 222.739888][T13675] ? kvm_vcpu_ioctl+0x14c2/0x1680 [ 222.739913][T13675] kvm_vcpu_ioctl+0x5e9/0x1680 [ 222.739935][T13675] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 222.739961][T13675] ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450 [ 222.739984][T13675] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 222.740013][T13675] ? hook_file_ioctl_common+0x145/0x410 [ 222.740042][T13675] ? selinux_file_ioctl+0x180/0x270 [ 222.740059][T13675] ? selinux_file_ioctl+0xb4/0x270 [ 222.740080][T13675] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 222.740100][T13675] __x64_sys_ioctl+0x18b/0x210 [ 222.740127][T13675] do_syscall_64+0xcd/0x4c0 [ 222.740145][T13675] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.740164][T13675] RIP: 0033:0x7f45c7b8e969 [ 222.740179][T13675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 222.740197][T13675] RSP: 002b:00007f45c8ac5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 222.740215][T13675] RAX: ffffffffffffffda RBX: 00007f45c7db5fa0 RCX: 00007f45c7b8e969 [ 222.740227][T13675] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 222.740237][T13675] RBP: 00007f45c8ac5090 R08: 0000000000000000 R09: 0000000000000000 [ 222.740248][T13675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 222.740258][T13675] R13: 0000000000000000 R14: 00007f45c7db5fa0 R15: 00007ffc527e3518 [ 222.740283][T13675] [ 222.740359][T13675] warn_alloc: 1 callbacks suppressed [ 222.740369][T13675] syz.3.2952: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 222.747679][T13677] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2953'. [ 222.750305][T13675] ,cpuset=/,mems_allowed=0-1 [ 222.921293][T13675] CPU: 2 UID: 0 PID: 13675 Comm: syz.3.2952 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 222.921308][T13675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 222.921316][T13675] Call Trace: [ 222.921321][T13675] [ 222.921325][T13675] dump_stack_lvl+0x16c/0x1f0 [ 222.921341][T13675] warn_alloc+0x248/0x3a0 [ 222.921354][T13675] ? __pfx_warn_alloc+0x10/0x10 [ 222.921366][T13675] ? kfree+0x2b4/0x4d0 [ 222.921384][T13675] ? __get_vm_area_node+0x208/0x330 [ 222.921402][T13675] __vmalloc_node_range_noprof+0xd32/0x1520 [ 222.921419][T13675] ? __mod_memcg_lruvec_state+0x527/0x740 [ 222.921439][T13675] ? vhost_task_create+0x1d2/0x2e0 [ 222.921460][T13675] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 222.921476][T13675] ? __memcg_slab_post_alloc_hook+0x500/0x9c0 [ 222.921494][T13675] ? vhost_task_create+0x1d2/0x2e0 [ 222.921510][T13675] __vmalloc_node_noprof+0xad/0xf0 [ 222.921526][T13675] ? vhost_task_create+0x1d2/0x2e0 [ 222.921544][T13675] copy_process+0x2f03/0x9170 [ 222.921557][T13675] ? kasan_save_stack+0x42/0x60 [ 222.921575][T13675] ? kasan_save_stack+0x33/0x60 [ 222.921593][T13675] ? kasan_save_track+0x14/0x30 [ 222.921602][T13675] ? __kasan_kmalloc+0xaa/0xb0 [ 222.921617][T13675] ? vhost_task_create+0xe5/0x2e0 [ 222.921633][T13675] ? kvm_mmu_post_init_vm+0x1b7/0x370 [ 222.921645][T13675] ? kvm_arch_vcpu_ioctl_run+0x66/0x18c0 [ 222.921657][T13675] ? kvm_vcpu_ioctl+0x5e9/0x1680 [ 222.921667][T13675] ? __x64_sys_ioctl+0x18b/0x210 [ 222.921681][T13675] ? do_syscall_64+0xcd/0x4c0 [ 222.921691][T13675] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.921708][T13675] ? __pfx_copy_process+0x10/0x10 [ 222.921730][T13675] ? lockdep_init_map_type+0x5c/0x280 [ 222.921747][T13675] ? lockdep_init_map_type+0x5c/0x280 [ 222.921763][T13675] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 222.921778][T13675] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 222.921796][T13675] vhost_task_create+0x1d2/0x2e0 [ 222.921813][T13675] ? __pfx_vhost_task_create+0x10/0x10 [ 222.921838][T13675] ? __pfx_vhost_task_fn+0x10/0x10 [ 222.921861][T13675] kvm_mmu_post_init_vm+0x1b7/0x370 [ 222.921875][T13675] kvm_arch_vcpu_ioctl_run+0x66/0x18c0 [ 222.921887][T13675] ? kvm_vcpu_ioctl+0x14c2/0x1680 [ 222.921901][T13675] kvm_vcpu_ioctl+0x5e9/0x1680 [ 222.921914][T13675] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 222.921930][T13675] ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450 [ 222.921945][T13675] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 222.921961][T13675] ? hook_file_ioctl_common+0x145/0x410 [ 222.921979][T13675] ? selinux_file_ioctl+0x180/0x270 [ 222.921990][T13675] ? selinux_file_ioctl+0xb4/0x270 [ 222.922002][T13675] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 222.922015][T13675] __x64_sys_ioctl+0x18b/0x210 [ 222.922031][T13675] do_syscall_64+0xcd/0x4c0 [ 222.922043][T13675] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.922054][T13675] RIP: 0033:0x7f45c7b8e969 [ 222.922064][T13675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 222.922075][T13675] RSP: 002b:00007f45c8ac5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 222.922086][T13675] RAX: ffffffffffffffda RBX: 00007f45c7db5fa0 RCX: 00007f45c7b8e969 [ 222.922093][T13675] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 222.922100][T13675] RBP: 00007f45c8ac5090 R08: 0000000000000000 R09: 0000000000000000 [ 222.922107][T13675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 222.922114][T13675] R13: 0000000000000000 R14: 00007f45c7db5fa0 R15: 00007ffc527e3518 [ 222.922128][T13675] [ 222.922132][T13675] Mem-Info: [ 223.040216][T13675] active_anon:8796 inactive_anon:596 isolated_anon:0 [ 223.040216][T13675] active_file:6363 inactive_file:22623 isolated_file:0 [ 223.040216][T13675] unevictable:1768 dirty:396 writeback:0 [ 223.040216][T13675] slab_reclaimable:7994 slab_unreclaimable:86856 [ 223.040216][T13675] mapped:26371 shmem:2404 pagetables:972 [ 223.040216][T13675] sec_pagetables:308 bounce:0 [ 223.040216][T13675] kernel_misc_reclaimable:0 [ 223.040216][T13675] free:475306 free_pcp:6414 free_cma:0 [ 223.054907][T13675] Node 0 active_anon:35180kB inactive_anon:2384kB active_file:25340kB inactive_file:90288kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:105372kB dirty:1580kB writeback:0kB shmem:6080kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:12944kB pagetables:3884kB sec_pagetables:1232kB all_unreclaimable? no Balloon:0kB [ 223.065619][T13675] Node 1 active_anon:4kB inactive_anon:0kB active_file:112kB inactive_file:204kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:112kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:144kB pagetables:4kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 223.079922][T13675] Node 0 DMA free:14956kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:384kB local_pcp:88kB free_cma:0kB [ 223.084996][ T46] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 223.088582][T13675] lowmem_reserve[]: 0 1236 1236 1236 1236 [ 223.093696][T13675] Node 0 DMA32 free:292508kB boost:8192kB min:35740kB low:42624kB high:49508kB reserved_highatomic:0KB active_anon:35224kB inactive_anon:2384kB active_file:25340kB inactive_file:90288kB unevictable:3536kB writepending:1624kB present:2080628kB managed:1265708kB mlocked:0kB bounce:0kB free_pcp:2472kB local_pcp:636kB free_cma:0kB [ 223.102774][T13675] lowmem_reserve[]: 0 0 0 0 0 [ 223.104409][T13675] Node 1 Normal free:1595160kB boost:0kB min:39692kB low:49612kB high:59532kB reserved_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:112kB inactive_file:204kB unevictable:3536kB writepending:4kB present:2097152kB managed:1781956kB mlocked:0kB bounce:0kB free_pcp:22168kB local_pcp:112kB free_cma:0kB [ 223.108371][T13590] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 223.113190][T13675] lowmem_reserve[]: 0 0 0 0 0 [ 223.118328][T13675] Node 0 DMA: 9*4kB (UM) 7*8kB (UM) 9*16kB (UME) 8*32kB (UME) 4*64kB (UE) 7*128kB (UME) 8*256kB (UME) 8*512kB (UME) 7*1024kB (UME) 0*2048kB 0*4096kB = 14956kB [ 223.123215][T13675] Node 0 DMA32: 105*4kB (UME) 1046*8kB (UME) 673*16kB (UME) 739*32kB (UME) 289*64kB (UME) 66*128kB (UME) 21*256kB (UME) 49*512kB (UM) 61*1024kB (UM) 41*2048kB (UM) 11*4096kB (UM) = 292100kB [ 223.124393][T13590] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 223.129202][T13675] Node 1 Normal: 16*4kB (UME) 39*8kB (UME) 41*16kB (UME) 111*32kB (UME) 45*64kB (UME) 56*128kB (UME) 40*256kB (UME) 37*512kB (UME) 19*1024kB (UME) 16*2048kB (UM) 366*4096kB (UM) = 1595176kB [ 223.138218][T13675] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 223.141103][T13675] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 223.147092][T13675] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 223.151196][T13675] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 223.154623][T13675] 31386 total pagecache pages [ 223.156157][T13675] 0 pages in swap cache [ 223.157482][T13675] Free swap = 124996kB [ 223.158875][T13675] Total swap = 124996kB [ 223.160239][T13675] 1048443 pages RAM [ 223.161412][T13675] 0 pages HighMem/MovableOnly [ 223.162931][T13675] 282687 pages reserved [ 223.164737][T13675] 0 pages cma reserved [ 223.185684][T13590] team0: Port device team_slave_0 added [ 223.188944][T13680] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2954'. [ 223.189275][T13590] team0: Port device team_slave_1 added [ 223.226744][T13590] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 223.228987][T13590] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 223.237003][T13590] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 223.241272][T13590] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 223.243692][T13590] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 223.252144][T13590] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 223.309445][T13590] hsr_slave_0: entered promiscuous mode [ 223.311895][T13590] hsr_slave_1: entered promiscuous mode [ 223.315233][T13590] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 223.317588][T13590] Cannot create hsr debugfs directory [ 223.375082][T13697] netlink: 180 bytes leftover after parsing attributes in process `syz.1.2960'. [ 223.377950][T13697] netlink: 180 bytes leftover after parsing attributes in process `syz.1.2960'. [ 223.441229][ T46] bridge_slave_1: left allmulticast mode [ 223.443077][ T46] bridge_slave_1: left promiscuous mode [ 223.460376][T13711] FAULT_INJECTION: forcing a failure. [ 223.460376][T13711] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 223.460399][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.466470][T13711] CPU: 0 UID: 0 PID: 13711 Comm: syz.3.2964 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 223.466498][T13711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 223.466511][T13711] Call Trace: [ 223.466517][T13711] [ 223.466523][T13711] dump_stack_lvl+0x16c/0x1f0 [ 223.466544][T13711] should_fail_ex+0x512/0x640 [ 223.466567][T13711] strncpy_from_user+0x3b/0x2e0 [ 223.466596][T13711] getname_flags.part.0+0x8f/0x550 [ 223.466620][T13711] getname_flags+0x93/0xf0 [ 223.466637][T13711] user_path_at+0x24/0x60 [ 223.466647][T13711] __x64_sys_mount+0x1fc/0x310 [ 223.466660][T13711] ? __pfx___x64_sys_mount+0x10/0x10 [ 223.466677][T13711] do_syscall_64+0xcd/0x4c0 [ 223.466689][T13711] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.466701][T13711] RIP: 0033:0x7f45c7b8e969 [ 223.466710][T13711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.466721][T13711] RSP: 002b:00007f45c8ac5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 223.466732][T13711] RAX: ffffffffffffffda RBX: 00007f45c7db5fa0 RCX: 00007f45c7b8e969 [ 223.466739][T13711] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 0000000000000000 [ 223.466745][T13711] RBP: 00007f45c8ac5090 R08: 0000200000000540 R09: 0000000000000000 [ 223.466752][T13711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 223.466759][T13711] R13: 0000000000000000 R14: 00007f45c7db5fa0 R15: 00007ffc527e3518 [ 223.466777][T13711] [ 223.527037][ T46] bridge_slave_0: left allmulticast mode [ 223.529528][ T46] bridge_slave_0: left promiscuous mode [ 223.532013][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.813864][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 223.819979][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 223.825457][ T46] bond0 (unregistering): Released all slaves [ 223.938510][T13737] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2969'. [ 224.015234][ T5936] Bluetooth: hci3: unknown advertising packet type: 0x82 [ 224.015271][ T5936] Bluetooth: hci3: Dropping invalid advertising data [ 224.020962][ T5936] Bluetooth: hci3: Malformed LE Event: 0x02 [ 224.075078][T13748] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2973'. [ 224.078011][T13748] netlink: 'syz.3.2973': attribute type 7 has an invalid length. [ 224.080620][T13748] netlink: 'syz.3.2973': attribute type 8 has an invalid length. [ 224.140339][ T46] hsr_slave_0: left promiscuous mode [ 224.146951][ T46] hsr_slave_1: left promiscuous mode [ 224.149315][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 224.151766][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 224.158748][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 224.161077][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 224.173570][ T5936] Bluetooth: hci1: command tx timeout [ 224.222823][ T46] veth1_macvtap: left promiscuous mode [ 224.225295][ T46] veth0_macvtap: left promiscuous mode [ 224.227747][ T46] veth1_vlan: left promiscuous mode [ 224.230012][ T46] veth0_vlan: left promiscuous mode [ 224.980542][ T46] team0 (unregistering): Port device team_slave_1 removed [ 225.049255][ T46] team0 (unregistering): Port device team_slave_0 removed [ 225.810260][ T5936] Bluetooth: hci2: unknown advertising packet type: 0x82 [ 225.811029][ T5936] Bluetooth: hci2: Dropping invalid advertising data [ 225.815875][ T5936] Bluetooth: hci2: Malformed LE Event: 0x02 [ 225.868148][ T40] audit: type=1400 audit(225.746:595): avc: denied { name_bind } for pid=13780 comm="syz.3.2982" src=65530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1 [ 225.920512][T13590] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 225.932021][T13590] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 225.946825][T13590] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 225.963882][T13590] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 226.017939][T13590] 8021q: adding VLAN 0 to HW filter on device bond0 [ 226.031749][T13590] 8021q: adding VLAN 0 to HW filter on device team0 [ 226.037346][ T1048] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.039626][ T1048] bridge0: port 1(bridge_slave_0) entered forwarding state [ 226.048305][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.050641][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 226.175414][T13818] fuse: Bad value for 'group_id' [ 226.177492][T13818] fuse: Bad value for 'group_id' [ 226.192625][ T40] audit: type=1400 audit(226.066:596): avc: denied { execute } for pid=13817 comm="syz.1.2992" path="/dev/nullb0" dev="devtmpfs" ino=3014 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 226.204731][ T40] audit: type=1800 audit(226.066:597): pid=13818 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.2992" name="nullb0" dev="devtmpfs" ino=3014 res=0 errno=0 [ 226.238369][T13590] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.253959][ T5936] Bluetooth: hci1: command tx timeout [ 226.270683][T13590] veth0_vlan: entered promiscuous mode [ 226.276903][T13590] veth1_vlan: entered promiscuous mode [ 226.291608][T13590] veth0_macvtap: entered promiscuous mode [ 226.295669][T13590] veth1_macvtap: entered promiscuous mode [ 226.317267][T13590] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 226.322503][T13590] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 226.326867][T13590] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.329519][T13590] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.332127][T13590] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.337610][T13590] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.379561][T13833] netlink: 'syz.3.2995': attribute type 1 has an invalid length. [ 226.412871][T13833] 8021q: adding VLAN 0 to HW filter on device bond2 [ 226.417469][T13833] bond1: (slave bond2): making interface the new active one [ 226.420290][T13833] bond1: (slave bond2): Enslaving as an active interface with an up link [ 226.424360][T13833] __nla_validate_parse: 1 callbacks suppressed [ 226.424370][T13833] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2995'. [ 226.431022][ T1048] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.440508][ T1048] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 226.453862][T13833] 8021q: adding VLAN 0 to HW filter on device bond1 [ 226.478074][ T1185] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.483467][ T1185] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 226.633464][T13867] Bluetooth: hci0: load_link_keys: too big key_count value 65535 [ 226.946815][T13888] tipc: Failed to remove unknown binding: 66,1,1/137271091:2161128938/2161128940 [ 226.950320][T13888] tipc: Failed to remove unknown binding: 66,1,1/137271091:2161128938/2161128940 [ 226.974140][ T5993] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 227.031587][ T40] audit: type=1800 audit(226.906:598): pid=13890 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.3016" name="nullb0" dev="devtmpfs" ino=3014 res=0 errno=0 [ 227.125134][ T5993] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 227.129804][ T5993] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 227.135884][ T5993] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 227.139673][ T5993] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.146157][ T5993] usb 5-1: config 0 descriptor?? [ 227.546304][T13917] loop4: detected capacity change from 0 to 7 [ 227.552261][T13917] Dev loop4: unable to read RDB block 7 [ 227.555113][T13917] loop4: AHDI p2 [ 227.555140][T13917] loop4: partition table partially beyond EOD, truncated [ 227.562437][ T5993] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 227.565800][ T5993] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 227.567672][ T40] audit: type=1400 audit(227.446:599): avc: denied { map } for pid=13916 comm="syz.3.3028" path="socket:[65071]" dev="sockfs" ino=65071 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 227.568565][ T5993] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 227.579109][ T5993] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 227.581409][ T5993] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 227.583727][ T5993] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 227.586389][ T5993] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving [ 227.591700][ T5993] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 227.704153][T13931] FAULT_INJECTION: forcing a failure. [ 227.704153][T13931] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 227.708859][T13931] CPU: 3 UID: 0 PID: 13931 Comm: syz.3.3034 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 227.708875][T13931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 227.708882][T13931] Call Trace: [ 227.708887][T13931] [ 227.708904][T13931] dump_stack_lvl+0x16c/0x1f0 [ 227.708942][T13931] should_fail_ex+0x512/0x640 [ 227.708969][T13931] _copy_from_iter+0x29f/0x16f0 [ 227.708994][T13931] ? __alloc_skb+0x200/0x380 [ 227.709018][T13931] ? __pfx__copy_from_iter+0x10/0x10 [ 227.709038][T13931] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 227.709072][T13931] netlink_sendmsg+0x829/0xdd0 [ 227.709093][T13931] ? __pfx_netlink_sendmsg+0x10/0x10 [ 227.709115][T13931] ____sys_sendmsg+0xa95/0xc70 [ 227.709127][T13931] ? copy_msghdr_from_user+0x10a/0x160 [ 227.709142][T13931] ? __pfx_____sys_sendmsg+0x10/0x10 [ 227.709159][T13931] ___sys_sendmsg+0x134/0x1d0 [ 227.709174][T13931] ? __pfx____sys_sendmsg+0x10/0x10 [ 227.709188][T13931] ? __lock_acquire+0x622/0x1c90 [ 227.709220][T13931] __sys_sendmsg+0x16d/0x220 [ 227.709235][T13931] ? __pfx___sys_sendmsg+0x10/0x10 [ 227.709259][T13931] do_syscall_64+0xcd/0x4c0 [ 227.709271][T13931] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.709283][T13931] RIP: 0033:0x7f45c7b8e969 [ 227.709293][T13931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.709305][T13931] RSP: 002b:00007f45c8ac5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 227.709316][T13931] RAX: ffffffffffffffda RBX: 00007f45c7db5fa0 RCX: 00007f45c7b8e969 [ 227.709323][T13931] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000004 [ 227.709330][T13931] RBP: 00007f45c8ac5090 R08: 0000000000000000 R09: 0000000000000000 [ 227.709336][T13931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 227.709343][T13931] R13: 0000000000000000 R14: 00007f45c7db5fa0 R15: 00007ffc527e3518 [ 227.709356][T13931] [ 227.816231][ T5936] Bluetooth: hci2: unknown advertising packet type: 0x82 [ 227.816264][ T5936] Bluetooth: hci2: Dropping invalid advertising data [ 227.822246][ T5936] Bluetooth: hci2: Malformed LE Event: 0x02 [ 227.919763][ T40] audit: type=1400 audit(227.796:600): avc: denied { read } for pid=13937 comm="syz.3.3037" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 227.930339][ T40] audit: type=1400 audit(227.796:601): avc: denied { open } for pid=13937 comm="syz.3.3037" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 227.941843][T13941] vlan2: entered allmulticast mode [ 227.941862][T13941] bond0: entered allmulticast mode [ 227.941872][T13941] bond_slave_0: entered allmulticast mode [ 227.941913][T13941] bond_slave_1: entered allmulticast mode [ 227.943210][T13941] bridge0: port 3(vlan2) entered blocking state [ 227.945915][ T5974] usb 5-1: USB disconnect, device number 13 [ 227.950519][T13941] bridge0: port 3(vlan2) entered disabled state [ 227.961601][T13941] vlan2: entered promiscuous mode [ 227.963331][T13941] bond0: entered promiscuous mode [ 227.966701][T13941] bond_slave_0: entered promiscuous mode [ 227.968715][T13941] bond_slave_1: entered promiscuous mode [ 227.971231][T13941] bridge0: port 3(vlan2) entered blocking state [ 227.973578][T13941] bridge0: port 3(vlan2) entered forwarding state [ 228.315564][ T1177] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 229.963652][ T5936] Bluetooth: hci3: adv larger than maximum supported [ 230.000208][ T5942] Bluetooth: hci3: unknown advertising packet type: 0x82 [ 230.002429][ T5942] Bluetooth: hci3: Dropping invalid advertising data [ 230.003858][ T5946] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 230.005305][ T5942] Bluetooth: hci3: Malformed LE Event: 0x02 [ 230.012437][ T5942] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 230.015065][ T1177] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.016617][ T5942] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 230.033578][ T5942] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 230.037566][ T5942] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 230.109285][ T1177] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.235658][ T1177] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.408777][T13963] chnl_net:caif_netlink_parms(): no params data found [ 230.517162][ T1177] bridge_slave_1: left allmulticast mode [ 230.519027][ T1177] bridge_slave_1: left promiscuous mode [ 230.521044][ T1177] bridge0: port 2(bridge_slave_1) entered disabled state [ 230.525472][ T1177] bridge_slave_0: left allmulticast mode [ 230.527215][ T1177] bridge_slave_0: left promiscuous mode [ 230.529099][ T1177] bridge0: port 1(bridge_slave_0) entered disabled state [ 230.842036][ T40] audit: type=1400 audit(230.716:602): avc: denied { getopt } for pid=13998 comm="syz.0.3054" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 230.972632][T14004] fuse: Unknown parameter 'grou00000000000000000000' [ 230.994677][ T40] audit: type=1800 audit(230.866:603): pid=14004 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.3056" name="nullb0" dev="devtmpfs" ino=3014 res=0 errno=0 [ 231.016753][ T1177] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 231.023779][ T1177] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 231.032588][ T1177] bond0 (unregistering): Released all slaves [ 231.118231][T14014] FAULT_INJECTION: forcing a failure. [ 231.118231][T14014] name failslab, interval 1, probability 0, space 0, times 0 [ 231.123795][T14014] CPU: 2 UID: 0 PID: 14014 Comm: syz.3.3060 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 231.123821][T14014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 231.123833][T14014] Call Trace: [ 231.123840][T14014] [ 231.123847][T14014] dump_stack_lvl+0x16c/0x1f0 [ 231.123888][T14014] should_fail_ex+0x512/0x640 [ 231.123917][T14014] should_failslab+0xc2/0x120 [ 231.123938][T14014] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 231.123959][T14014] ? skb_clone+0x190/0x3f0 [ 231.123987][T14014] skb_clone+0x190/0x3f0 [ 231.124013][T14014] netlink_deliver_tap+0xabd/0xd30 [ 231.124055][T14014] netlink_unicast+0x5df/0x7f0 [ 231.124090][T14014] ? __pfx_netlink_unicast+0x10/0x10 [ 231.124125][T14014] netlink_sendmsg+0x8d1/0xdd0 [ 231.124155][T14014] ? __pfx_netlink_sendmsg+0x10/0x10 [ 231.124192][T14014] ____sys_sendmsg+0xa95/0xc70 [ 231.124210][T14014] ? copy_msghdr_from_user+0x10a/0x160 [ 231.124236][T14014] ? __pfx_____sys_sendmsg+0x10/0x10 [ 231.124267][T14014] ___sys_sendmsg+0x134/0x1d0 [ 231.124290][T14014] ? __pfx____sys_sendmsg+0x10/0x10 [ 231.124310][T14014] ? __lock_acquire+0x622/0x1c90 [ 231.124364][T14014] __sys_sendmsg+0x16d/0x220 [ 231.124388][T14014] ? __pfx___sys_sendmsg+0x10/0x10 [ 231.124446][T14014] do_syscall_64+0xcd/0x4c0 [ 231.124467][T14014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.124493][T14014] RIP: 0033:0x7f45c7b8e969 [ 231.124509][T14014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 231.124532][T14014] RSP: 002b:00007f45c8ac5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 231.124551][T14014] RAX: ffffffffffffffda RBX: 00007f45c7db5fa0 RCX: 00007f45c7b8e969 [ 231.124564][T14014] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000004 [ 231.124574][T14014] RBP: 00007f45c8ac5090 R08: 0000000000000000 R09: 0000000000000000 [ 231.124585][T14014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 231.124598][T14014] R13: 0000000000000000 R14: 00007f45c7db5fa0 R15: 00007ffc527e3518 [ 231.124621][T14014] [ 231.137835][T13963] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.142075][ T40] audit: type=1400 audit(231.016:604): avc: denied { connect } for pid=14015 comm="syz.0.3061" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 231.143048][T13963] bridge0: port 1(bridge_slave_0) entered disabled state [ 231.215013][T13963] bridge_slave_0: entered allmulticast mode [ 231.217694][T13963] bridge_slave_0: entered promiscuous mode [ 231.254813][T13963] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.258554][T13963] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.261656][T13963] bridge_slave_1: entered allmulticast mode [ 231.267706][T13963] bridge_slave_1: entered promiscuous mode [ 231.329191][T13963] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 231.334126][T13963] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 231.389680][T14030] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.404504][T13963] team0: Port device team_slave_0 added [ 231.445620][T13963] team0: Port device team_slave_1 added [ 231.513057][T13963] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 231.517082][T13963] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 231.527826][T13963] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 231.537594][ T1177] hsr_slave_0: left promiscuous mode [ 231.540761][ T1177] hsr_slave_1: left promiscuous mode [ 231.543172][ T1177] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 231.546397][ T1177] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 231.549445][ T1177] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 231.551944][ T1177] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 231.586646][ T1177] veth1_macvtap: left promiscuous mode [ 231.588493][ T1177] veth0_macvtap: left promiscuous mode [ 231.590278][ T1177] veth1_vlan: left promiscuous mode [ 231.593020][ T1177] veth0_vlan: left promiscuous mode [ 232.096227][ T5942] Bluetooth: hci1: command tx timeout [ 232.099207][T14040] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 232.109750][ T1144] Bluetooth: hci4: Frame reassembly failed (-84) [ 232.117926][ T40] audit: type=1400 audit(231.986:605): avc: denied { map } for pid=14039 comm="syz.0.3065" path="socket:[67335]" dev="sockfs" ino=67335 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 232.257573][ T1177] team0 (unregistering): Port device team_slave_1 removed [ 232.351974][ T1177] team0 (unregistering): Port device team_slave_0 removed [ 232.942030][T13963] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 232.945033][T13963] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 232.955818][T13963] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 233.022227][T13963] hsr_slave_0: entered promiscuous mode [ 233.027087][T13963] hsr_slave_1: entered promiscuous mode [ 233.030334][T13963] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 233.039797][T13963] Cannot create hsr debugfs directory [ 233.276653][T14059] ipvlan0: entered promiscuous mode [ 233.283123][T14059] team0: Device ipvlan0 failed to register rx_handler [ 233.297199][T14059] cgroup: No subsys list or none specified [ 233.329578][ T5942] Bluetooth: hci3: unknown advertising packet type: 0x82 [ 233.329608][ T5942] Bluetooth: hci3: Dropping invalid advertising data [ 233.335894][ T5942] Bluetooth: hci3: Malformed LE Event: 0x02 [ 233.643861][ T59] usb 6-1: new full-speed USB device number 12 using dummy_hcd [ 233.816878][ T59] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 233.820381][ T59] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 233.826671][ T59] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 233.831136][ T59] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 233.835844][ T59] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 233.838262][ T59] usb 6-1: Product: syz [ 233.839586][ T59] usb 6-1: Manufacturer: syz [ 233.841118][ T59] usb 6-1: SerialNumber: syz [ 233.860219][T13963] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 233.874678][T13963] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 233.884118][T13963] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 233.890433][T13963] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 233.955514][T13963] 8021q: adding VLAN 0 to HW filter on device bond0 [ 233.976240][T13963] 8021q: adding VLAN 0 to HW filter on device team0 [ 233.981564][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.983926][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 233.998191][ T1185] bridge0: port 2(bridge_slave_1) entered blocking state [ 234.000526][ T1185] bridge0: port 2(bridge_slave_1) entered forwarding state [ 234.086588][T14066] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 234.101741][ T59] usb 6-1: 0:2 : does not exist [ 234.111640][ T59] usb 6-1: USB disconnect, device number 12 [ 234.127733][T13235] udevd[13235]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 234.152195][T13963] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.173597][ T5936] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 234.174619][ T5942] Bluetooth: hci1: command tx timeout [ 234.174652][ T5946] Bluetooth: hci4: command 0x1003 tx timeout [ 234.179307][T13963] veth0_vlan: entered promiscuous mode [ 234.189522][T13963] veth1_vlan: entered promiscuous mode [ 234.206690][T13963] veth0_macvtap: entered promiscuous mode [ 234.210718][T13963] veth1_macvtap: entered promiscuous mode [ 234.221003][T13963] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 234.227243][T13963] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 234.231819][T13963] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.236581][T13963] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.239540][T13963] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.242311][T13963] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.318283][ T1185] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.320884][ T1185] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 234.346161][ T1185] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.349460][ T1185] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 234.893270][T14134] FAULT_INJECTION: forcing a failure. [ 234.893270][T14134] name failslab, interval 1, probability 0, space 0, times 0 [ 234.900275][T14134] CPU: 1 UID: 0 PID: 14134 Comm: syz.1.3078 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 234.900294][T14134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 234.900302][T14134] Call Trace: [ 234.900307][T14134] [ 234.900312][T14134] dump_stack_lvl+0x16c/0x1f0 [ 234.900327][T14134] should_fail_ex+0x512/0x640 [ 234.900339][T14134] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 234.900361][T14134] should_failslab+0xc2/0x120 [ 234.900375][T14134] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 234.900394][T14134] ? __alloc_skb+0x2b2/0x380 [ 234.900411][T14134] __alloc_skb+0x2b2/0x380 [ 234.900426][T14134] ? __pfx___alloc_skb+0x10/0x10 [ 234.900439][T14134] ? __pfx_rtnl_bridge_setlink+0x10/0x10 [ 234.900459][T14134] netlink_ack+0x15d/0xb80 [ 234.900482][T14134] netlink_rcv_skb+0x347/0x440 [ 234.900499][T14134] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 234.900517][T14134] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 234.900542][T14134] ? netlink_deliver_tap+0x1ae/0xd30 [ 234.900558][T14134] ? is_vmalloc_addr+0x86/0xa0 [ 234.900572][T14134] netlink_unicast+0x53d/0x7f0 [ 234.900591][T14134] ? __pfx_netlink_unicast+0x10/0x10 [ 234.900613][T14134] netlink_sendmsg+0x8d1/0xdd0 [ 234.900633][T14134] ? __pfx_netlink_sendmsg+0x10/0x10 [ 234.900655][T14134] ____sys_sendmsg+0xa95/0xc70 [ 234.900667][T14134] ? copy_msghdr_from_user+0x10a/0x160 [ 234.900683][T14134] ? __pfx_____sys_sendmsg+0x10/0x10 [ 234.900709][T14134] ___sys_sendmsg+0x134/0x1d0 [ 234.900726][T14134] ? __pfx____sys_sendmsg+0x10/0x10 [ 234.900740][T14134] ? __lock_acquire+0x622/0x1c90 [ 234.900774][T14134] __sys_sendmsg+0x16d/0x220 [ 234.900790][T14134] ? __pfx___sys_sendmsg+0x10/0x10 [ 234.900815][T14134] do_syscall_64+0xcd/0x4c0 [ 234.900828][T14134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.900841][T14134] RIP: 0033:0x7f16c7b8e969 [ 234.900850][T14134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 234.900862][T14134] RSP: 002b:00007f16c59f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 234.900874][T14134] RAX: ffffffffffffffda RBX: 00007f16c7db5fa0 RCX: 00007f16c7b8e969 [ 234.900881][T14134] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 000000000000000e [ 234.900888][T14134] RBP: 00007f16c59f6090 R08: 0000000000000000 R09: 0000000000000000 [ 234.900896][T14134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 234.900903][T14134] R13: 0000000000000000 R14: 00007f16c7db5fa0 R15: 00007ffc5bf28758 [ 234.900918][T14134] [ 234.973716][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 235.018283][ T40] audit: type=1400 audit(234.896:606): avc: denied { getopt } for pid=14135 comm="syz.1.3079" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 235.267278][T14142] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3081'. [ 235.286502][ T2245] IPVS: starting estimator thread 0... [ 235.403647][T14145] IPVS: using max 42 ests per chain, 100800 per kthread [ 235.416883][T14150] binder: 14149:14150 ioctl c0306201 200000000280 returned -14 [ 235.503196][T14160] FAULT_INJECTION: forcing a failure. [ 235.503196][T14160] name failslab, interval 1, probability 0, space 0, times 0 [ 235.508711][T14160] CPU: 2 UID: 0 PID: 14160 Comm: syz.1.3086 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 235.508727][T14160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 235.508735][T14160] Call Trace: [ 235.508739][T14160] [ 235.508744][T14160] dump_stack_lvl+0x16c/0x1f0 [ 235.508775][T14160] should_fail_ex+0x512/0x640 [ 235.508789][T14160] ? __kmalloc_noprof+0xbf/0x510 [ 235.508801][T14160] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 235.508815][T14160] should_failslab+0xc2/0x120 [ 235.508827][T14160] __kmalloc_noprof+0xd2/0x510 [ 235.508838][T14160] ? avc_has_perm_noaudit+0x149/0x3b0 [ 235.508854][T14160] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 235.508870][T14160] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 235.508883][T14160] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 235.508899][T14160] ? bpf_lsm_capable+0x9/0x10 [ 235.508915][T14160] ? security_capable+0x7e/0x260 [ 235.508932][T14160] ? ns_capable+0xd7/0x110 [ 235.508944][T14160] genl_rcv_msg+0x55c/0x800 [ 235.508957][T14160] ? __pfx_genl_rcv_msg+0x10/0x10 [ 235.508968][T14160] ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10 [ 235.508987][T14160] ? __lock_acquire+0xb8a/0x1c90 [ 235.509005][T14160] netlink_rcv_skb+0x16a/0x440 [ 235.509021][T14160] ? __pfx_genl_rcv_msg+0x10/0x10 [ 235.509033][T14160] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 235.509056][T14160] ? __pfx_down_read+0x10/0x10 [ 235.509069][T14160] ? netlink_deliver_tap+0x1ae/0xd30 [ 235.509085][T14160] ? is_vmalloc_addr+0x86/0xa0 [ 235.509098][T14160] genl_rcv+0x28/0x40 [ 235.509107][T14160] netlink_unicast+0x53d/0x7f0 [ 235.509125][T14160] ? __pfx_netlink_unicast+0x10/0x10 [ 235.509145][T14160] netlink_sendmsg+0x8d1/0xdd0 [ 235.509164][T14160] ? __pfx_netlink_sendmsg+0x10/0x10 [ 235.509186][T14160] ____sys_sendmsg+0xa95/0xc70 [ 235.509197][T14160] ? copy_msghdr_from_user+0x10a/0x160 [ 235.509212][T14160] ? __pfx_____sys_sendmsg+0x10/0x10 [ 235.509229][T14160] ___sys_sendmsg+0x134/0x1d0 [ 235.509244][T14160] ? __pfx____sys_sendmsg+0x10/0x10 [ 235.509257][T14160] ? __lock_acquire+0x622/0x1c90 [ 235.509289][T14160] __sys_sendmsg+0x16d/0x220 [ 235.509304][T14160] ? __pfx___sys_sendmsg+0x10/0x10 [ 235.509328][T14160] do_syscall_64+0xcd/0x4c0 [ 235.509341][T14160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.509352][T14160] RIP: 0033:0x7f16c7b8e969 [ 235.509362][T14160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.509374][T14160] RSP: 002b:00007f16c59d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 235.509385][T14160] RAX: ffffffffffffffda RBX: 00007f16c7db6080 RCX: 00007f16c7b8e969 [ 235.509392][T14160] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000006 [ 235.509398][T14160] RBP: 00007f16c59d5090 R08: 0000000000000000 R09: 0000000000000000 [ 235.509405][T14160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 235.509411][T14160] R13: 0000000000000000 R14: 00007f16c7db6080 R15: 00007ffc5bf28758 [ 235.509425][T14160] [ 235.541587][ T5942] Bluetooth: hci2: unknown advertising packet type: 0x82 [ 235.634824][ T5942] Bluetooth: hci2: Dropping invalid advertising data [ 235.639208][ T5942] Bluetooth: hci2: Malformed LE Event: 0x02 [ 235.976755][T14180] tun0: tun_chr_ioctl cmd 1074025675 [ 235.978935][T14180] tun0: persist disabled [ 235.995254][T14182] FAULT_INJECTION: forcing a failure. [ 235.995254][T14182] name failslab, interval 1, probability 0, space 0, times 0 [ 236.000213][T14182] CPU: 0 UID: 0 PID: 14182 Comm: syz.3.3098 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 236.000235][T14182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 236.000246][T14182] Call Trace: [ 236.000253][T14182] [ 236.000258][T14182] dump_stack_lvl+0x16c/0x1f0 [ 236.000273][T14182] should_fail_ex+0x512/0x640 [ 236.000284][T14182] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 236.000304][T14182] should_failslab+0xc2/0x120 [ 236.000323][T14182] __kmalloc_cache_noprof+0x6a/0x3e0 [ 236.000347][T14182] ? netlbl_calipso_add+0x24d/0x500 [ 236.000368][T14182] netlbl_calipso_add+0x24d/0x500 [ 236.000385][T14182] ? __pfx_netlbl_calipso_add+0x10/0x10 [ 236.000402][T14182] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 236.000421][T14182] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 236.000444][T14182] genl_family_rcv_msg_doit+0x209/0x2f0 [ 236.000462][T14182] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 236.000495][T14182] ? bpf_lsm_capable+0x9/0x10 [ 236.000519][T14182] ? security_capable+0x7e/0x260 [ 236.000547][T14182] genl_rcv_msg+0x55c/0x800 [ 236.000568][T14182] ? __pfx_genl_rcv_msg+0x10/0x10 [ 236.000587][T14182] ? __pfx_netlbl_calipso_add+0x10/0x10 [ 236.000607][T14182] ? __lock_acquire+0xb8a/0x1c90 [ 236.000633][T14182] netlink_rcv_skb+0x16a/0x440 [ 236.000655][T14182] ? __pfx_genl_rcv_msg+0x10/0x10 [ 236.000674][T14182] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 236.000709][T14182] ? __pfx_down_read+0x10/0x10 [ 236.000729][T14182] ? netlink_deliver_tap+0x1ae/0xd30 [ 236.000750][T14182] ? is_vmalloc_addr+0x86/0xa0 [ 236.000769][T14182] genl_rcv+0x28/0x40 [ 236.000784][T14182] netlink_unicast+0x53d/0x7f0 [ 236.000810][T14182] ? __pfx_netlink_unicast+0x10/0x10 [ 236.000837][T14182] netlink_sendmsg+0x8d1/0xdd0 [ 236.000865][T14182] ? __pfx_netlink_sendmsg+0x10/0x10 [ 236.000898][T14182] ____sys_sendmsg+0xa95/0xc70 [ 236.000916][T14182] ? copy_msghdr_from_user+0x10a/0x160 [ 236.000937][T14182] ? __pfx_____sys_sendmsg+0x10/0x10 [ 236.000965][T14182] ___sys_sendmsg+0x134/0x1d0 [ 236.000987][T14182] ? __pfx____sys_sendmsg+0x10/0x10 [ 236.001007][T14182] ? __lock_acquire+0x622/0x1c90 [ 236.001059][T14182] __sys_sendmsg+0x16d/0x220 [ 236.001081][T14182] ? __pfx___sys_sendmsg+0x10/0x10 [ 236.001119][T14182] do_syscall_64+0xcd/0x4c0 [ 236.001138][T14182] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.001154][T14182] RIP: 0033:0x7f45c7b8e969 [ 236.001166][T14182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.001182][T14182] RSP: 002b:00007f45c8ac5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 236.001199][T14182] RAX: ffffffffffffffda RBX: 00007f45c7db5fa0 RCX: 00007f45c7b8e969 [ 236.001210][T14182] RDX: 0000000004040054 RSI: 00002000000000c0 RDI: 0000000000000004 [ 236.001220][T14182] RBP: 00007f45c8ac5090 R08: 0000000000000000 R09: 0000000000000000 [ 236.001231][T14182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 236.001240][T14182] R13: 0000000000000000 R14: 00007f45c7db5fa0 R15: 00007ffc527e3518 [ 236.001264][T14182] [ 236.155322][ T5942] Bluetooth: hci2: unknown advertising packet type: 0x82 [ 236.155352][ T5942] Bluetooth: hci2: Malformed LE Event: 0x02 [ 236.342940][ T5942] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 236.371023][T14204] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.388886][ T5942] Bluetooth: hci2: unknown advertising packet type: 0x82 [ 236.388917][ T5942] Bluetooth: hci2: Malformed LE Event: 0x02 [ 236.406445][T14210] netlink: 16178 bytes leftover after parsing attributes in process `syz.1.3108'. [ 236.455655][T14204] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.455754][T14207] binder: 14206:14207 ioctl c0306201 2000000003c0 returned -14 [ 236.550446][T14204] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.611970][T14219] geneve0: entered promiscuous mode [ 236.645791][T14204] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.705537][T14231] netlink: 27 bytes leftover after parsing attributes in process `syz.3.3118'. [ 236.736458][T14204] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.740395][T14233] FAULT_INJECTION: forcing a failure. [ 236.740395][T14233] name failslab, interval 1, probability 0, space 0, times 0 [ 236.746960][T14233] CPU: 2 UID: 0 PID: 14233 Comm: syz.3.3119 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 236.746977][T14233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 236.746985][T14233] Call Trace: [ 236.746989][T14233] [ 236.746994][T14233] dump_stack_lvl+0x16c/0x1f0 [ 236.747009][T14233] should_fail_ex+0x512/0x640 [ 236.747020][T14233] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 236.747041][T14233] should_failslab+0xc2/0x120 [ 236.747053][T14233] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 236.747071][T14233] ? __alloc_skb+0x2b2/0x380 [ 236.747087][T14233] __alloc_skb+0x2b2/0x380 [ 236.747101][T14233] ? __pfx___alloc_skb+0x10/0x10 [ 236.747114][T14233] ? __pfx_tc_ctl_tclass+0x10/0x10 [ 236.747130][T14233] netlink_ack+0x15d/0xb80 [ 236.747151][T14233] netlink_rcv_skb+0x347/0x440 [ 236.747167][T14233] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 236.747184][T14233] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 236.747232][T14233] ? netlink_deliver_tap+0x1ae/0xd30 [ 236.747254][T14233] netlink_unicast+0x53d/0x7f0 [ 236.747275][T14233] ? __pfx_netlink_unicast+0x10/0x10 [ 236.747295][T14233] netlink_sendmsg+0x8d1/0xdd0 [ 236.747313][T14233] ? __pfx_netlink_sendmsg+0x10/0x10 [ 236.747335][T14233] ____sys_sendmsg+0xa95/0xc70 [ 236.747346][T14233] ? copy_msghdr_from_user+0x10a/0x160 [ 236.747361][T14233] ? __pfx_____sys_sendmsg+0x10/0x10 [ 236.747378][T14233] ___sys_sendmsg+0x134/0x1d0 [ 236.747393][T14233] ? __pfx____sys_sendmsg+0x10/0x10 [ 236.747406][T14233] ? __lock_acquire+0x622/0x1c90 [ 236.747441][T14233] __sys_sendmsg+0x16d/0x220 [ 236.747456][T14233] ? __pfx___sys_sendmsg+0x10/0x10 [ 236.747479][T14233] do_syscall_64+0xcd/0x4c0 [ 236.747491][T14233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.747503][T14233] RIP: 0033:0x7f45c7b8e969 [ 236.747513][T14233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.747525][T14233] RSP: 002b:00007f45c8ac5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 236.747535][T14233] RAX: ffffffffffffffda RBX: 00007f45c7db5fa0 RCX: 00007f45c7b8e969 [ 236.747542][T14233] RDX: 0000000000004000 RSI: 0000200000000200 RDI: 0000000000000003 [ 236.747549][T14233] RBP: 00007f45c8ac5090 R08: 0000000000000000 R09: 0000000000000000 [ 236.747556][T14233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 236.747562][T14233] R13: 0000000000000000 R14: 00007f45c7db5fa0 R15: 00007ffc527e3518 [ 236.747576][T14233] [ 236.754546][T14204] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.867501][T14204] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.880801][T14204] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.044343][ T1177] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.358710][T14251] FAULT_INJECTION: forcing a failure. [ 238.358710][T14251] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 238.359273][T14252] FAULT_INJECTION: forcing a failure. [ 238.359273][T14252] name failslab, interval 1, probability 0, space 0, times 0 [ 238.362663][T14251] CPU: 0 UID: 0 PID: 14251 Comm: syz.3.3127 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 238.362679][T14251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 238.362687][T14251] Call Trace: [ 238.362691][T14251] [ 238.362696][T14251] dump_stack_lvl+0x16c/0x1f0 [ 238.362711][T14251] should_fail_ex+0x512/0x640 [ 238.362725][T14251] _copy_to_user+0x32/0xd0 [ 238.362738][T14251] simple_read_from_buffer+0xcb/0x170 [ 238.362758][T14251] proc_fail_nth_read+0x197/0x270 [ 238.362777][T14251] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 238.362795][T14251] ? rw_verify_area+0xcf/0x680 [ 238.362811][T14251] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 238.362828][T14251] vfs_read+0x1e1/0xc60 [ 238.362847][T14251] ? __pfx___mutex_lock+0x10/0x10 [ 238.362858][T14251] ? __pfx_vfs_read+0x10/0x10 [ 238.362878][T14251] ? __fget_files+0x20e/0x3c0 [ 238.362893][T14251] ksys_read+0x12a/0x250 [ 238.362909][T14251] ? __pfx_ksys_read+0x10/0x10 [ 238.362930][T14251] do_syscall_64+0xcd/0x4c0 [ 238.362942][T14251] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.362954][T14251] RIP: 0033:0x7f45c7b8d37c [ 238.362963][T14251] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 238.362974][T14251] RSP: 002b:00007f45c8ac5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 238.362985][T14251] RAX: ffffffffffffffda RBX: 00007f45c7db5fa0 RCX: 00007f45c7b8d37c [ 238.362992][T14251] RDX: 000000000000000f RSI: 00007f45c8ac50a0 RDI: 0000000000000006 [ 238.362999][T14251] RBP: 00007f45c8ac5090 R08: 0000000000000000 R09: 0000000000000000 [ 238.363006][T14251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 238.363012][T14251] R13: 0000000000000000 R14: 00007f45c7db5fa0 R15: 00007ffc527e3518 [ 238.363026][T14251] [ 238.407077][T14254] xt_CT: You must specify a L4 protocol and not use inversions on it [ 238.408297][T14252] CPU: 1 UID: 0 PID: 14252 Comm: syz.1.3128 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 238.408323][T14252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 238.408334][T14252] Call Trace: [ 238.408341][T14252] [ 238.408349][T14252] dump_stack_lvl+0x16c/0x1f0 [ 238.408371][T14252] should_fail_ex+0x512/0x640 [ 238.408387][T14252] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 238.408425][T14252] should_failslab+0xc2/0x120 [ 238.408445][T14252] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 238.408474][T14252] ? __alloc_skb+0x2b2/0x380 [ 238.408503][T14252] __alloc_skb+0x2b2/0x380 [ 238.408525][T14252] ? __pfx___alloc_skb+0x10/0x10 [ 238.408562][T14252] netlink_ack+0x15d/0xb80 [ 238.408597][T14252] netlink_rcv_skb+0x347/0x440 [ 238.408623][T14252] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 238.408643][T14252] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 238.408681][T14252] ? bpf_lsm_capable+0x9/0x10 [ 238.408711][T14252] ? security_capable+0x7e/0x260 [ 238.408735][T14252] ? ns_capable+0xd7/0x110 [ 238.408755][T14252] nfnetlink_rcv+0x1b3/0x430 [ 238.408772][T14252] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 238.408790][T14252] ? netlink_deliver_tap+0x1ae/0xd30 [ 238.408814][T14252] ? is_vmalloc_addr+0x86/0xa0 [ 238.408836][T14252] netlink_unicast+0x53d/0x7f0 [ 238.408884][T14252] ? __pfx_netlink_unicast+0x10/0x10 [ 238.408918][T14252] netlink_sendmsg+0x8d1/0xdd0 [ 238.408948][T14252] ? __pfx_netlink_sendmsg+0x10/0x10 [ 238.408983][T14252] ____sys_sendmsg+0xa95/0xc70 [ 238.409001][T14252] ? copy_msghdr_from_user+0x10a/0x160 [ 238.409025][T14252] ? __pfx_____sys_sendmsg+0x10/0x10 [ 238.409055][T14252] ___sys_sendmsg+0x134/0x1d0 [ 238.409081][T14252] ? __pfx____sys_sendmsg+0x10/0x10 [ 238.409101][T14252] ? __lock_acquire+0x622/0x1c90 [ 238.409157][T14252] __sys_sendmsg+0x16d/0x220 [ 238.409180][T14252] ? __pfx___sys_sendmsg+0x10/0x10 [ 238.409220][T14252] do_syscall_64+0xcd/0x4c0 [ 238.409240][T14252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.409260][T14252] RIP: 0033:0x7f16c7b8e969 [ 238.409275][T14252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.409293][T14252] RSP: 002b:00007f16c59f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 238.409310][T14252] RAX: ffffffffffffffda RBX: 00007f16c7db5fa0 RCX: 00007f16c7b8e969 [ 238.409322][T14252] RDX: 0000000004000084 RSI: 0000200000000000 RDI: 0000000000000003 [ 238.409333][T14252] RBP: 00007f16c59f6090 R08: 0000000000000000 R09: 0000000000000000 [ 238.409344][T14252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 238.409354][T14252] R13: 0000000000000000 R14: 00007f16c7db5fa0 R15: 00007ffc5bf28758 [ 238.409378][T14252] [ 238.425197][ T5936] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 238.430406][ T40] audit: type=1400 audit(238.306:607): avc: denied { append } for pid=14253 comm="syz.0.3129" name="dlm-control" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 238.435617][ T5936] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 238.435910][T14254] dlm: no locking on control device [ 238.443694][ T5936] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 238.452730][T14254] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14254 comm=syz.0.3129 [ 238.454574][ T5936] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 238.455604][T14254] netlink: 'syz.0.3129': attribute type 10 has an invalid length. [ 238.458733][ T5936] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 238.585516][T14254] bond0: (slave wlan1): Enslaving as an active interface with a down link [ 238.640093][T14275] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14275 comm=syz.1.3136 [ 238.726185][T14259] chnl_net:caif_netlink_parms(): no params data found [ 238.748848][ T40] audit: type=1400 audit(238.626:608): avc: denied { setopt } for pid=14293 comm="syz.3.3143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 238.751679][T14296] netlink: 'syz.1.3139': attribute type 1 has an invalid length. [ 238.804027][T14304] ipt_REJECT: ECHOREPLY no longer supported. [ 238.832394][T14283] veth9: entered promiscuous mode [ 238.838609][T14283] bond3: (slave veth9): Enslaving as a backup interface with a down link [ 238.892977][ T1177] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.901174][T14259] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.903271][T14259] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.905467][T14259] bridge_slave_0: entered allmulticast mode [ 238.908121][T14259] bridge_slave_0: entered promiscuous mode [ 238.912574][T14259] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.916654][T14259] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.919080][T14259] bridge_slave_1: entered allmulticast mode [ 238.921842][T14259] bridge_slave_1: entered promiscuous mode [ 238.967866][T14259] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 238.972918][T14259] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 238.985826][T14311] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14311 comm=syz.0.3146 [ 238.996659][T14307] [U] ³•¯1WT`8ºáÍÇÚH$ô0©·ñãý9\ [ 238.998325][T14307] [U] ;2}u‚˜VÏÄ¥ëÚ#èO9ïôÕ¥>-ƒêÿ´üS…Ý¢šÕp [ 239.033345][T14259] team0: Port device team_slave_0 added [ 239.051526][ T1177] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.065945][T14259] team0: Port device team_slave_1 added [ 239.080253][T14315] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3148'. [ 239.112359][T14259] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 239.115412][T14259] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 239.125024][T14259] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 239.153333][ T1177] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.164277][T14259] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 239.166615][T14259] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 239.175117][T14259] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 239.244535][T14259] hsr_slave_0: entered promiscuous mode [ 239.246906][T14259] hsr_slave_1: entered promiscuous mode [ 239.249080][T14259] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 239.251461][T14259] Cannot create hsr debugfs directory [ 239.364452][ T1177] bridge_slave_1: left allmulticast mode [ 239.367009][ T1177] bridge_slave_1: left promiscuous mode [ 239.369752][ T1177] bridge0: port 2(bridge_slave_1) entered disabled state [ 239.376041][ T1177] bridge_slave_0: left allmulticast mode [ 239.378465][ T1177] bridge_slave_0: left promiscuous mode [ 239.380685][ T1177] bridge0: port 1(bridge_slave_0) entered disabled state [ 239.569602][T14293] [U]  [ 239.639455][ T1177] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 239.645507][ T1177] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 239.649990][ T1177] bond0 (unregistering): Released all slaves [ 239.796203][T14341] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14341 comm=syz.3.3156 [ 239.828648][T14347] FAULT_INJECTION: forcing a failure. [ 239.828648][T14347] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 239.832713][T14347] CPU: 1 UID: 0 PID: 14347 Comm: syz.3.3158 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 239.832729][T14347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 239.832737][T14347] Call Trace: [ 239.832741][T14347] [ 239.832746][T14347] dump_stack_lvl+0x16c/0x1f0 [ 239.832775][T14347] should_fail_ex+0x512/0x640 [ 239.832792][T14347] _copy_from_iter+0x29f/0x16f0 [ 239.832804][T14347] ? __pfx_avc_has_perm+0x10/0x10 [ 239.832820][T14347] ? __pfx__copy_from_iter+0x10/0x10 [ 239.832830][T14347] ? avc_has_perm_noaudit+0x149/0x3b0 [ 239.832845][T14347] ? sock_has_perm+0x259/0x2f0 [ 239.832861][T14347] ? __pfx_sock_has_perm+0x10/0x10 [ 239.832877][T14347] hci_sock_sendmsg+0x46d/0x25e0 [ 239.832893][T14347] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 239.832910][T14347] sock_write_iter+0x4ff/0x5b0 [ 239.832922][T14347] ? __pfx_sock_write_iter+0x10/0x10 [ 239.832949][T14347] ? bpf_lsm_file_permission+0x9/0x10 [ 239.832966][T14347] ? security_file_permission+0x71/0x210 [ 239.832979][T14347] ? rw_verify_area+0xcf/0x680 [ 239.832996][T14347] vfs_write+0x6c7/0x1150 [ 239.833014][T14347] ? __pfx_sock_write_iter+0x10/0x10 [ 239.833026][T14347] ? __pfx_vfs_write+0x10/0x10 [ 239.833041][T14347] ? find_held_lock+0x2b/0x80 [ 239.833063][T14347] ksys_write+0x1f8/0x250 [ 239.833079][T14347] ? __pfx_ksys_write+0x10/0x10 [ 239.833100][T14347] do_syscall_64+0xcd/0x4c0 [ 239.833112][T14347] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.833124][T14347] RIP: 0033:0x7f45c7b8e969 [ 239.833134][T14347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 239.833145][T14347] RSP: 002b:00007f45c8ac5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 239.833156][T14347] RAX: ffffffffffffffda RBX: 00007f45c7db5fa0 RCX: 00007f45c7b8e969 [ 239.833163][T14347] RDX: 0000000000000004 RSI: 0000200000000000 RDI: 0000000000000004 [ 239.833170][T14347] RBP: 00007f45c8ac5090 R08: 0000000000000000 R09: 0000000000000000 [ 239.833176][T14347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 239.833183][T14347] R13: 0000000000000000 R14: 00007f45c7db5fa0 R15: 00007ffc527e3518 [ 239.833197][T14347] [ 240.046205][ T1177] hsr_slave_0: left promiscuous mode [ 240.049051][ T1177] hsr_slave_1: left promiscuous mode [ 240.051253][ T1177] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 240.054030][ T1177] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 240.075664][ T1177] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 240.078065][ T1177] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 240.128602][T14376] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14376 comm=syz.3.3167 [ 240.139435][ T1177] veth1_macvtap: left promiscuous mode [ 240.141841][ T1177] veth0_macvtap: left promiscuous mode [ 240.146254][ T1177] veth1_vlan: left promiscuous mode [ 240.148911][ T1177] veth0_vlan: left promiscuous mode [ 240.353612][ T838] usb 6-1: new full-speed USB device number 13 using dummy_hcd [ 240.392804][ T5936] Bluetooth: Unexpected start frame (len 18) [ 240.504900][ T838] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 240.508574][ T838] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 240.512383][ T838] usb 6-1: New USB device found, idVendor=046d, idProduct=c513, bcdDevice= 0.00 [ 240.515567][ T838] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.526868][ T838] usb 6-1: config 0 descriptor?? [ 240.529069][T14374] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 240.573853][ T5936] Bluetooth: hci1: command tx timeout [ 240.883529][ T1177] team0 (unregistering): Port device team_slave_1 removed [ 240.969232][ T1177] team0 (unregistering): Port device team_slave_0 removed [ 241.657205][T14396] FAULT_INJECTION: forcing a failure. [ 241.657205][T14396] name failslab, interval 1, probability 0, space 0, times 0 [ 241.662879][T14396] CPU: 0 UID: 0 PID: 14396 Comm: syz.3.3175 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 241.662905][T14396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 241.662918][T14396] Call Trace: [ 241.662925][T14396] [ 241.662934][T14396] dump_stack_lvl+0x16c/0x1f0 [ 241.662959][T14396] should_fail_ex+0x512/0x640 [ 241.662983][T14396] should_failslab+0xc2/0x120 [ 241.663004][T14396] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 241.663024][T14396] ? skb_clone+0x190/0x3f0 [ 241.663055][T14396] skb_clone+0x190/0x3f0 [ 241.663078][T14396] dev_queue_xmit_nit+0x3e7/0xca0 [ 241.663112][T14396] dev_hard_start_xmit+0x5b6/0x740 [ 241.663135][T14396] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 241.663157][T14396] __dev_queue_xmit+0x7eb/0x43e0 [ 241.663210][T14396] ? __pfx___dev_queue_xmit+0x10/0x10 [ 241.663254][T14396] ? __skb_clone+0x570/0x760 [ 241.663282][T14396] netlink_deliver_tap+0xa87/0xd30 [ 241.663315][T14396] netlink_unicast+0x5df/0x7f0 [ 241.663347][T14396] ? __pfx_netlink_unicast+0x10/0x10 [ 241.663388][T14396] netlink_sendmsg+0x8d1/0xdd0 [ 241.663434][T14396] ? __pfx_netlink_sendmsg+0x10/0x10 [ 241.663472][T14396] ____sys_sendmsg+0xa95/0xc70 [ 241.663493][T14396] ? copy_msghdr_from_user+0x10a/0x160 [ 241.663517][T14396] ? __pfx_____sys_sendmsg+0x10/0x10 [ 241.663547][T14396] ___sys_sendmsg+0x134/0x1d0 [ 241.663574][T14396] ? __pfx____sys_sendmsg+0x10/0x10 [ 241.663596][T14396] ? __lock_acquire+0x622/0x1c90 [ 241.663655][T14396] __sys_sendmsg+0x16d/0x220 [ 241.663680][T14396] ? __pfx___sys_sendmsg+0x10/0x10 [ 241.663722][T14396] do_syscall_64+0xcd/0x4c0 [ 241.663745][T14396] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.663765][T14396] RIP: 0033:0x7f45c7b8e969 [ 241.663780][T14396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 241.663800][T14396] RSP: 002b:00007f45c8ac5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 241.663818][T14396] RAX: ffffffffffffffda RBX: 00007f45c7db5fa0 RCX: 00007f45c7b8e969 [ 241.663831][T14396] RDX: 0000000000044800 RSI: 0000200000000200 RDI: 0000000000000004 [ 241.663842][T14396] RBP: 00007f45c8ac5090 R08: 0000000000000000 R09: 0000000000000000 [ 241.663854][T14396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 241.663865][T14396] R13: 0000000000000000 R14: 00007f45c7db5fa0 R15: 00007ffc527e3518 [ 241.663889][T14396] [ 241.731869][T14259] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 241.764253][ T838] usbhid 6-1:0.0: can't add hid device: -71 [ 241.769433][ T838] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 241.782518][ T838] usb 6-1: USB disconnect, device number 13 [ 241.782576][T14259] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 241.818435][T14259] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 241.831652][T14259] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 241.836143][T14404] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14404 comm=syz.0.3177 [ 241.898886][ T40] audit: type=1400 audit(241.776:609): avc: denied { unmount } for pid=13219 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 241.936877][T14259] 8021q: adding VLAN 0 to HW filter on device bond0 [ 241.955294][T14259] 8021q: adding VLAN 0 to HW filter on device team0 [ 241.965583][ T1185] bridge0: port 1(bridge_slave_0) entered blocking state [ 241.967835][ T1185] bridge0: port 1(bridge_slave_0) entered forwarding state [ 241.973244][ T1048] bridge0: port 2(bridge_slave_1) entered blocking state [ 241.975574][ T1048] bridge0: port 2(bridge_slave_1) entered forwarding state [ 242.118954][T14259] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 242.141445][T14259] veth0_vlan: entered promiscuous mode [ 242.158941][T14259] veth1_vlan: entered promiscuous mode [ 242.199767][T14259] veth0_macvtap: entered promiscuous mode [ 242.203907][T14259] veth1_macvtap: entered promiscuous mode [ 242.214522][T14259] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 242.221849][T14259] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 242.238895][T14259] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.241791][T14259] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.251648][T14259] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.255514][T14259] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.331298][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 242.337073][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.338046][T14443] FAULT_INJECTION: forcing a failure. [ 242.338046][T14443] name failslab, interval 1, probability 0, space 0, times 0 [ 242.347018][T14443] CPU: 2 UID: 0 PID: 14443 Comm: syz.1.3186 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 242.347038][T14443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 242.347046][T14443] Call Trace: [ 242.347050][T14443] [ 242.347055][T14443] dump_stack_lvl+0x16c/0x1f0 [ 242.347070][T14443] should_fail_ex+0x512/0x640 [ 242.347081][T14443] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 242.347095][T14443] should_failslab+0xc2/0x120 [ 242.347108][T14443] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 242.347118][T14443] ? __kvm_mmu_topup_memory_cache+0x450/0x600 [ 242.347132][T14443] ? kvm_hv_setup_tsc_page+0x29a/0x8d0 [ 242.347144][T14443] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 242.347197][T14443] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 242.347216][T14443] mmu_topup_memory_caches+0x25/0x170 [ 242.347230][T14443] kvm_mmu_load+0xd9/0x22a0 [ 242.347243][T14443] ? kvm_apic_has_interrupt+0xb5/0x190 [ 242.347260][T14443] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 242.347277][T14443] ? __pfx_vmx_flush_tlb_guest+0x10/0x10 [ 242.347290][T14443] ? __pfx_kvm_guest_time_update+0x10/0x10 [ 242.347307][T14443] ? __pfx_kvm_mmu_load+0x10/0x10 [ 242.347319][T14443] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 242.347333][T14443] ? kvm_check_and_inject_events+0x71c/0x1310 [ 242.347348][T14443] vcpu_run+0x3447/0x5390 [ 242.347358][T14443] ? kvm_mmu_post_init_vm+0x269/0x370 [ 242.347376][T14443] ? __lock_acquire+0xb8a/0x1c90 [ 242.347395][T14443] ? __pfx_vcpu_run+0x10/0x10 [ 242.347408][T14443] ? fpu_swap_kvm_fpstate+0x1be/0x410 [ 242.347420][T14443] ? __local_bh_enable_ip+0xa4/0x120 [ 242.347435][T14443] ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0 [ 242.347446][T14443] kvm_arch_vcpu_ioctl_run+0x51e/0x18c0 [ 242.347461][T14443] kvm_vcpu_ioctl+0x5e9/0x1680 [ 242.347475][T14443] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 242.347491][T14443] ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450 [ 242.347506][T14443] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 242.347522][T14443] ? hook_file_ioctl_common+0x145/0x410 [ 242.347539][T14443] ? selinux_file_ioctl+0x180/0x270 [ 242.347550][T14443] ? selinux_file_ioctl+0xb4/0x270 [ 242.347562][T14443] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 242.347574][T14443] __x64_sys_ioctl+0x18b/0x210 [ 242.347591][T14443] do_syscall_64+0xcd/0x4c0 [ 242.347603][T14443] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.347615][T14443] RIP: 0033:0x7f16c7b8e969 [ 242.347627][T14443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 242.347637][T14443] RSP: 002b:00007f16c59f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 242.347649][T14443] RAX: ffffffffffffffda RBX: 00007f16c7db5fa0 RCX: 00007f16c7b8e969 [ 242.347656][T14443] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006 [ 242.347662][T14443] RBP: 00007f16c59f6090 R08: 0000000000000000 R09: 0000000000000000 [ 242.347669][T14443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 242.347675][T14443] R13: 0000000000000000 R14: 00007f16c7db5fa0 R15: 00007ffc5bf28758 [ 242.347689][T14443] [ 242.362850][ T1185] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 242.376800][T14451] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14451 comm=syz.0.3187 [ 242.382471][ T1185] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.449065][T14454] netlink: 'syz.0.3188': attribute type 10 has an invalid length. [ 242.489832][T14454] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3188'. [ 242.492994][T14454] team0: Device geneve0 is up. Set it down before adding it as a team port [ 242.497544][T14454] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 242.675579][T14470] FAULT_INJECTION: forcing a failure. [ 242.675579][T14470] name failslab, interval 1, probability 0, space 0, times 0 [ 242.684491][T14470] CPU: 2 UID: 0 PID: 14470 Comm: syz.0.3193 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 242.684515][T14470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 242.684524][T14470] Call Trace: [ 242.684531][T14470] [ 242.684538][T14470] dump_stack_lvl+0x16c/0x1f0 [ 242.684560][T14470] should_fail_ex+0x512/0x640 [ 242.684576][T14470] ? fs_reclaim_acquire+0xae/0x150 [ 242.684598][T14470] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 242.684612][T14470] should_failslab+0xc2/0x120 [ 242.684631][T14470] __kmalloc_noprof+0xd2/0x510 [ 242.684652][T14470] tomoyo_realpath_from_path+0xc2/0x6e0 [ 242.684670][T14470] ? tomoyo_profile+0x47/0x60 [ 242.684687][T14470] tomoyo_path_number_perm+0x245/0x580 [ 242.684709][T14470] ? tomoyo_path_number_perm+0x237/0x580 [ 242.684734][T14470] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 242.684758][T14470] ? find_held_lock+0x2b/0x80 [ 242.684791][T14470] ? find_held_lock+0x2b/0x80 [ 242.684807][T14470] ? hook_file_ioctl_common+0x145/0x410 [ 242.684831][T14470] ? __fget_files+0x20e/0x3c0 [ 242.684850][T14470] security_file_ioctl+0x9b/0x240 [ 242.684874][T14470] __x64_sys_ioctl+0xb7/0x210 [ 242.684898][T14470] do_syscall_64+0xcd/0x4c0 [ 242.684917][T14470] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.684933][T14470] RIP: 0033:0x7f7e75b8e969 [ 242.684943][T14470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 242.684958][T14470] RSP: 002b:00007f7e76a24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 242.684975][T14470] RAX: ffffffffffffffda RBX: 00007f7e75db5fa0 RCX: 00007f7e75b8e969 [ 242.684986][T14470] RDX: 0000200000000100 RSI: 00000000c0045627 RDI: 0000000000000005 [ 242.684996][T14470] RBP: 00007f7e76a24090 R08: 0000000000000000 R09: 0000000000000000 [ 242.685006][T14470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 242.685017][T14470] R13: 0000000000000000 R14: 00007f7e75db5fa0 R15: 00007fff6a26bcd8 [ 242.685033][T14470] [ 242.685040][T14470] ERROR: Out of memory at tomoyo_realpath_from_path. [ 242.805976][ T40] audit: type=1404 audit(242.686:610): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1 [ 242.811732][ T40] audit: type=1400 audit(242.686:611): avc: denied { search } for pid=14477 comm="rm" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=0 [ 242.822856][ T40] audit: type=1400 audit(242.686:612): avc: denied { search } for pid=14472 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=0 [ 242.836264][ T40] audit: type=1400 audit(242.716:613): avc: denied { recv } for pid=15 comm="ksoftirqd/0" saddr=127.0.0.1 src=30000 daddr=127.0.0.1 dest=41894 netif=lo scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=0 [ 242.844167][ T40] audit: type=1400 audit(242.716:614): avc: denied { read } for pid=14478 comm="syz.0.3194" name="v4l-subdev0" dev="devtmpfs" ino=965 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0 [ 242.851277][ T40] audit: type=1400 audit(242.716:615): avc: denied { write } for pid=14478 comm="syz.0.3194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0 [ 242.873609][ T40] audit: type=1400 audit(242.746:616): avc: denied { search } for pid=14483 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=0 [ 242.882407][ T40] audit: type=1400 audit(242.746:617): avc: denied { search } for pid=14484 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=0 [ 242.891826][ T40] audit: type=1400 audit(242.756:618): avc: denied { search } for pid=14484 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=0 [ 242.947483][T14488] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3196'. [ 242.989137][T14493] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3198'. [ 244.231943][T14259] ================================================================== [ 244.234605][T14259] BUG: KASAN: global-out-of-bounds in fib6_ifdown+0x7f5/0x8f0 [ 244.236932][T14259] Read of size 8 at addr ffffffff9afdb710 by task syz-executor/14259 [ 244.240628][T14259] [ 244.242337][T14259] CPU: 3 UID: 0 PID: 14259 Comm: syz-executor Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 244.242367][T14259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 244.242378][T14259] Call Trace: [ 244.242387][T14259] [ 244.242395][T14259] dump_stack_lvl+0x116/0x1f0 [ 244.242416][T14259] print_report+0xcd/0x680 [ 244.242430][T14259] ? __virt_addr_valid+0x81/0x610 [ 244.242441][T14259] ? __phys_addr+0xe8/0x180 [ 244.242452][T14259] ? fib6_ifdown+0x7f5/0x8f0 [ 244.242467][T14259] kasan_report+0xe0/0x110 [ 244.242484][T14259] ? fib6_ifdown+0x7f5/0x8f0 [ 244.242507][T14259] fib6_ifdown+0x7f5/0x8f0 [ 244.242523][T14259] ? __pfx_fib6_ifdown+0x10/0x10 [ 244.242543][T14259] fib6_clean_node+0x2a4/0x5b0 [ 244.242565][T14259] ? __pfx_fib6_clean_node+0x10/0x10 [ 244.242589][T14259] fib6_walk_continue+0x44f/0x8d0 [ 244.242609][T14259] fib6_walk+0x182/0x370 [ 244.242627][T14259] ? __pfx_fib6_ifdown+0x10/0x10 [ 244.242645][T14259] fib6_clean_tree+0xd4/0x110 [ 244.242663][T14259] ? __pfx_fib6_clean_tree+0x10/0x10 [ 244.242683][T14259] ? __pfx_fib6_clean_node+0x10/0x10 [ 244.242704][T14259] ? __pfx_fib6_ifdown+0x10/0x10 [ 244.242726][T14259] ? __pfx_fib6_ifdown+0x10/0x10 [ 244.242745][T14259] __fib6_clean_all+0x107/0x2d0 [ 244.242766][T14259] rt6_disable_ip+0x2ec/0x990 [ 244.242781][T14259] ? __mutex_trylock_common+0xe9/0x250 [ 244.242804][T14259] ? __pfx___mutex_trylock_common+0x10/0x10 [ 244.242825][T14259] ? __pfx_rt6_disable_ip+0x10/0x10 [ 244.242840][T14259] ? rcu_is_watching+0x12/0xc0 [ 244.242859][T14259] addrconf_ifdown.isra.0+0x11d/0x1a90 [ 244.242882][T14259] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 244.242899][T14259] ? __pfx_addrconf_ifdown.isra.0+0x10/0x10 [ 244.242921][T14259] ? tls_dev_event+0xfd/0x10b0 [ 244.242943][T14259] addrconf_notify+0x220/0x19e0 [ 244.242965][T14259] ? ip6mr_device_event+0x1bc/0x230 [ 244.242991][T14259] notifier_call_chain+0xbc/0x410 [ 244.243011][T14259] ? __pfx_addrconf_notify+0x10/0x10 [ 244.243036][T14259] call_netdevice_notifiers_info+0xbe/0x140 [ 244.243063][T14259] netdev_run_todo+0xe75/0x1320 [ 244.243085][T14259] ? __pfx_netdev_run_todo+0x10/0x10 [ 244.243106][T14259] ? mutex_is_locked+0x17/0x60 [ 244.243126][T14259] ? netif_state_change+0xfa/0x3b0 [ 244.243185][T14259] ? __pfx_tun_chr_close+0x10/0x10 [ 244.243200][T14259] tun_chr_close+0xea/0x230 [ 244.243215][T14259] __fput+0x3ff/0xb70 [ 244.243236][T14259] task_work_run+0x14d/0x240 [ 244.243261][T14259] ? __pfx_task_work_run+0x10/0x10 [ 244.243283][T14259] ? switch_task_namespaces+0xeb/0x100 [ 244.243305][T14259] do_exit+0xae2/0x2c70 [ 244.243327][T14259] ? do_raw_spin_lock+0x12c/0x2b0 [ 244.243351][T14259] ? __pfx_do_exit+0x10/0x10 [ 244.243377][T14259] ? rcu_is_watching+0x12/0xc0 [ 244.243395][T14259] do_group_exit+0xd3/0x2a0 [ 244.243416][T14259] __x64_sys_exit_group+0x3e/0x50 [ 244.243436][T14259] x64_sys_call+0x1530/0x1730 [ 244.243451][T14259] do_syscall_64+0xcd/0x4c0 [ 244.243466][T14259] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.243479][T14259] RIP: 0033:0x7fd3b7b8e969 [ 244.243492][T14259] Code: Unable to access opcode bytes at 0x7fd3b7b8e93f. [ 244.243500][T14259] RSP: 002b:00007fff900398e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.243517][T14259] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd3b7b8e969 [ 244.243529][T14259] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 244.243539][T14259] RBP: 00007fd3b7bee8f0 R08: 00007fff90037687 R09: 0000000000000003 [ 244.243549][T14259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 244.243556][T14259] R13: 0000000000000003 R14: 00000000ffffffff R15: 00007fff90039aa0 [ 244.243567][T14259] [ 244.243572][T14259] [ 244.355566][T14259] The buggy address belongs to the variable: [ 244.357478][T14259] __key.0+0x30/0x40 [ 244.359012][T14259] [ 244.359827][T14259] The buggy address belongs to the physical page: [ 244.361819][T14259] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1afdb [ 244.364531][T14259] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 244.366954][T14259] raw: 00fff00000002000 ffffea00006bf6c8 ffffea00006bf6c8 0000000000000000 [ 244.370009][T14259] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 244.372714][T14259] page dumped because: kasan: bad access detected [ 244.374730][T14259] page_owner info is not present (never set?) [ 244.376625][T14259] [ 244.377394][T14259] Memory state around the buggy address: [ 244.379181][T14259] ffffffff9afdb600: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 244.381657][T14259] ffffffff9afdb680: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 00 f9 f9 [ 244.384148][T14259] >ffffffff9afdb700: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 244.386973][T14259] ^ [ 244.388607][T14259] ffffffff9afdb780: 00 00 00 00 00 00 00 00 00 00 00 f9 f9 f9 f9 f9 [ 244.391339][T14259] ffffffff9afdb800: 00 00 f9 f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 [ 244.393808][T14259] ================================================================== [ 244.396438][T14259] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 244.398867][T14259] CPU: 3 UID: 0 PID: 14259 Comm: syz-executor Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 244.402525][T14259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 244.405864][T14259] Call Trace: [ 244.406926][T14259] [ 244.407891][T14259] dump_stack_lvl+0x3d/0x1f0 [ 244.409392][T14259] panic+0x71c/0x800 [ 244.410636][T14259] ? __pfx_panic+0x10/0x10 [ 244.412054][T14259] ? mark_held_locks+0x49/0x80 [ 244.413556][T14259] ? fib6_ifdown+0x7f5/0x8f0 [ 244.415002][T14259] ? check_panic_on_warn+0x1f/0xb0 [ 244.416618][T14259] ? fib6_ifdown+0x7f5/0x8f0 [ 244.418085][T14259] check_panic_on_warn+0xab/0xb0 [ 244.419692][T14259] end_report+0x107/0x170 [ 244.421076][T14259] kasan_report+0xee/0x110 [ 244.422489][T14259] ? fib6_ifdown+0x7f5/0x8f0 [ 244.423958][T14259] fib6_ifdown+0x7f5/0x8f0 [ 244.425332][T14259] ? __pfx_fib6_ifdown+0x10/0x10 [ 244.426886][T14259] fib6_clean_node+0x2a4/0x5b0 [ 244.428603][T14259] ? __pfx_fib6_clean_node+0x10/0x10 [ 244.430724][T14259] fib6_walk_continue+0x44f/0x8d0 [ 244.432725][T14259] fib6_walk+0x182/0x370 [ 244.434402][T14259] ? __pfx_fib6_ifdown+0x10/0x10 [ 244.436372][T14259] fib6_clean_tree+0xd4/0x110 [ 244.438227][T14259] ? __pfx_fib6_clean_tree+0x10/0x10 [ 244.440318][T14259] ? __pfx_fib6_clean_node+0x10/0x10 [ 244.442370][T14259] ? __pfx_fib6_ifdown+0x10/0x10 [ 244.444220][T14259] ? __pfx_fib6_ifdown+0x10/0x10 [ 244.446180][T14259] __fib6_clean_all+0x107/0x2d0 [ 244.448114][T14259] rt6_disable_ip+0x2ec/0x990 [ 244.450015][T14259] ? __mutex_trylock_common+0xe9/0x250 [ 244.452162][T14259] ? __pfx___mutex_trylock_common+0x10/0x10 [ 244.454521][T14259] ? __pfx_rt6_disable_ip+0x10/0x10 [ 244.456567][T14259] ? rcu_is_watching+0x12/0xc0 [ 244.458465][T14259] addrconf_ifdown.isra.0+0x11d/0x1a90 [ 244.460600][T14259] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 244.462773][T14259] ? __pfx_addrconf_ifdown.isra.0+0x10/0x10 [ 244.465083][T14259] ? tls_dev_event+0xfd/0x10b0 [ 244.466965][T14259] addrconf_notify+0x220/0x19e0 [ 244.468940][T14259] ? ip6mr_device_event+0x1bc/0x230 [ 244.470995][T14259] notifier_call_chain+0xbc/0x410 [ 244.473022][T14259] ? __pfx_addrconf_notify+0x10/0x10 [ 244.475092][T14259] call_netdevice_notifiers_info+0xbe/0x140 [ 244.477433][T14259] netdev_run_todo+0xe75/0x1320 [ 244.479375][T14259] ? __pfx_netdev_run_todo+0x10/0x10 [ 244.481436][T14259] ? mutex_is_locked+0x17/0x60 [ 244.483320][T14259] ? netif_state_change+0xfa/0x3b0 [ 244.484976][T14259] ? __pfx_tun_chr_close+0x10/0x10 [ 244.486682][T14259] tun_chr_close+0xea/0x230 [ 244.488166][T14259] __fput+0x3ff/0xb70 [ 244.489470][T14259] task_work_run+0x14d/0x240 [ 244.490928][T14259] ? __pfx_task_work_run+0x10/0x10 [ 244.492555][T14259] ? switch_task_namespaces+0xeb/0x100 [ 244.494279][T14259] do_exit+0xae2/0x2c70 [ 244.495749][T14259] ? do_raw_spin_lock+0x12c/0x2b0 [ 244.497357][T14259] ? __pfx_do_exit+0x10/0x10 [ 244.498838][T14259] ? rcu_is_watching+0x12/0xc0 [ 244.500381][T14259] do_group_exit+0xd3/0x2a0 [ 244.501812][T14259] __x64_sys_exit_group+0x3e/0x50 [ 244.503341][T14259] x64_sys_call+0x1530/0x1730 [ 244.504832][T14259] do_syscall_64+0xcd/0x4c0 [ 244.506265][T14259] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.508137][T14259] RIP: 0033:0x7fd3b7b8e969 [ 244.509585][T14259] Code: Unable to access opcode bytes at 0x7fd3b7b8e93f. [ 244.511776][T14259] RSP: 002b:00007fff900398e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.514360][T14259] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd3b7b8e969 [ 244.516852][T14259] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 244.519353][T14259] RBP: 00007fd3b7bee8f0 R08: 00007fff90037687 R09: 0000000000000003 [ 244.521822][T14259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 244.524294][T14259] R13: 0000000000000003 R14: 00000000ffffffff R15: 00007fff90039aa0 [ 244.526754][T14259] [ 244.528456][T14259] Kernel Offset: disabled [ 244.529809][T14259] Rebooting in 86400 seconds.. VM DIAGNOSIS: 16:27:03 Registers: info registers vcpu 0 CPU#0 RAX=000000000025fe57 RBX=0000000000000000 RCX=ffffffff8b7580d9 RDX=0000000000000000 RSI=ffffffff8dbf44a4 RDI=ffffffff8bf513c0 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e08 R8 =0000000000000001 R9 =ffffed100d48663d R10=ffff88806a4331eb R11=0000000000000001 R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90866050 R15=0000000000000000 RIP=ffffffff8b756c3f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d699f000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f2f79980ff8 CR3=000000004a49c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=000000000000c0d0 Opmask01=0000000000000000 Opmask02=000000007fffffff Opmask03=0000000020400004 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000559e441c2e40 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb8b511fb20 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb8b511fb20 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c2423af3130e879a 737326e86e8cdaad ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737373a2 7373737373737373 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00336963682f6874 6f6f7465756c622f 6c6175747269762f 736563697665642f ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00336963682f6874 6f6f7465756c622f 6c6175747269762f 736563697665642f ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f6d697377685f31 3132303863616d2f 6c6175747269762f 736563697665642f ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb8b51201d0 00007fb8b51201d0 0000000000002341 0000003177617264 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 322e392d3533712d 63707276703a2939 3030322c39484349 2b35335128435064 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7261646e6174536e 703a554d45516e76 733a302e3072623a 343130322f31302f ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343064623a312b32 316f70627e322d33 2e36312e312d6e61 696265642d332e36 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000001ef749 RBX=0000000000000001 RCX=ffffffff8b7580d9 RDX=0000000000000000 RSI=ffffffff8dbf44a4 RDI=ffffffff8bf513c0 RBP=ffffed1003b58488 RSP=ffffc90000177df8 R8 =0000000000000001 R9 =ffffed100d4a663d R10=ffff88806a5331eb R11=0000000000000001 R12=0000000000000001 R13=ffff88801dac2440 R14=ffffffff90866050 R15=0000000000000000 RIP=ffffffff8b756c3f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6a9f000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f16c88e7d60 CR3=000000000e180000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000104080 Opmask01=000000000000003f Opmask02=00000000fffdffbf Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 41028d633f0fba73 52d4749a34f19313 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bc3505ee851f95f5 532ae0432c4412ec ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 822a65f5300a4121 fe65c42db933630e ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f7ea041b990c912d 40701ed2a7819af8 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 00000000000000b4 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a7943be44348f9fb b477537823e17ef8 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 97d98a7f8cffa21a 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 951c56a42ddf95c9 faab23de977ad3b0 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d833d6c500000000 dba052a77fab5459 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 94e8553653016655 179052758691b6f5 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a38640621fbeac17 29c806ba11d46c13 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 386c6c696b66722f 336963682f68746f 6f7465756c622f6c 6175747269762f73 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 540018534b4e494c 56454400184d4554 5359534255530018 4854415056454400 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 0000000000000000 00007ffd373baed0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e2e65726f632e74 656e2e6c74637379 73203034313d6873 657268745f676f64 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656c6f736e6f6320 6164732f7665642f 3d746f6f7220313d 6e7261775f6e6f5f ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 63696e6170203233 3d78616d5f736462 6e2032333d706f6f 6c5f78616d203233 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d6d756e2e646368 5f796d6d75642030 34313d736365735f 74756f656d69745f ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265747369676572 6e755f7665647465 6e2e65726f632e74 656e2e6c74637379 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000020b7e5 RBX=0000000000000002 RCX=ffffffff8b7580d9 RDX=0000000000000000 RSI=ffffffff8dbf44a4 RDI=ffffffff8bf513c0 RBP=ffffed1003b58910 RSP=ffffc90000187df8 R8 =0000000000000001 R9 =ffffed100d4c663d R10=ffff88806a6331eb R11=0000000000000001 R12=0000000000000002 R13=ffff88801dac4880 R14=ffffffff90866050 R15=0000000000000000 RIP=ffffffff8b756c3f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6b9f000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000056255a1c9660 CR3=000000000e180000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000015422003 Opmask01=0000000000003fff Opmask02=00000000efffbfff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 31df678599d46682 b78520189d2c8355 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 851b0f0bcb900693 586cdb08dc270f07 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e96967c36fd70a0f c22d4310d3064319 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d74ccc4556037f0d f6027356b01019aa ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000c480 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000094 01a1f27d90527190 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000009400000000 0000009400000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000008fe385b2 0a71b15b8b03f210 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 006628e190c7d5a8 00000094f900de1b ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f201bba0bf8d77f8 e2435660f7f6b2ab ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d59a7e67d6d15efe 2e754aae29daa4d9 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6168730073257325 7325204650420050 5241006e65706f5f 667062203a732500 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 444d560056005600 5600054650420050 5241004b40554a5f 435547051f560000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000b30ffffffff ffffffff00060014 cb778effda6eb620 00000000000080fe ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000008000080008 00000b4f00000b4f ffffffffffffffff 00060014f2e87177 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 31b6e84800000000 000080fe00010014 00000006fd80400a b551724f68373883 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0002001400000048 0000008000080008 00000b3000000b30 ffffffffffffffff ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00060014cb778eff da6eb62000000000 000080fe00010014 00000005fd80400a ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2033352020202020 2020360a63615f0a 0a0a695f63202033 3720646161206500 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85564585 RDI=ffffffff9ae3a5e0 RBP=ffffffff9ae3a5a0 RSP=ffffc90003966fa0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=6661396666666552 R12=0000000000000000 R13=0000000000000039 R14=ffffffff9ae3a5a0 R15=ffffffff85564520 RIP=ffffffff855645af RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6c9f000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f45c88e8710 CR3=000000004a49c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080000010 Opmask01=0000000000021d1f Opmask02=00000000ffff1fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec00000010 000000003de00ec6 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff8d216c98 00007fff8d216cd0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000649 00007fec73f9d38d ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec00000010 00007fff8d216cd0 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff8d216cc8 00007fff8d216d00 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec73e31025 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff8d216d00 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f72726520636269 6c67206c61746146 000000706d74752f 6e75722f7261762f ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3031747600006574 756c610000000072 2d20612d20746e75 6f6d752f6e69622f ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1312575500004657 564f420000000051 0e03420e03574d56 4c4e560c4d4a410c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6572202c74696e69 73797320666f2065 6e6f203d3d202020 206e6f6974636120 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000