last executing test programs:
23.955060077s ago: executing program 0 (id=266):
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000640)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
preadv(r1, &(0x7f00000000c0)=[{&(0x7f00000004c0)=""/127, 0x7f}], 0x1, 0x0, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, &(0x7f0000001300)="92", 0x2)
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0) (async)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
openat$cgroup_ro(r0, &(0x7f0000000640)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
preadv(r1, &(0x7f00000000c0)=[{&(0x7f00000004c0)=""/127, 0x7f}], 0x1, 0x0, 0x0) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async)
write$char_usb(r2, &(0x7f0000001300)="92", 0x2) (async)
22.235997869s ago: executing program 0 (id=282):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xb)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4000, 0x317c, @loopback, 0x5}, 0x1c)
madvise(&(0x7f0000b6e000/0x1000)=nil, 0x1000, 0x16)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x15) (async)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x15)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x14, 0x2032, 0xa01, 0x0, 0x0, {0x7e}}, 0x7}}, 0x0)
splice(r5, 0x0, r1, 0x0, 0x10001, 0x0) (async)
splice(r5, 0x0, r1, 0x0, 0x10001, 0x0)
setsockopt$inet_int(r3, 0x0, 0x33, &(0x7f0000000000)=0x80000000, 0x4) (async)
setsockopt$inet_int(r3, 0x0, 0x33, &(0x7f0000000000)=0x80000000, 0x4)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, r4, {0x8, 0xfffffffc}}, './file0\x00'}) (async)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, r4, {0x8, 0xfffffffc}}, './file0\x00'})
listen(r3, 0x0)
setsockopt$inet_int(r2, 0x0, 0x33, &(0x7f0000000000)=0x80000000, 0x4)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @loopback}, 0x10) (async)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @loopback}, 0x10)
mlock(&(0x7f00008d2000/0x4000)=nil, 0x4000) (async)
mlock(&(0x7f00008d2000/0x4000)=nil, 0x4000)
22.175977239s ago: executing program 0 (id=283):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
mprotect(&(0x7f00004a4000/0x800000)=nil, 0x800000, 0x2)
mprotect(&(0x7f0000811000/0x1000)=nil, 0x1000, 0x4)
22.105947761s ago: executing program 0 (id=284):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB="fe65a8c9a25627196000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_REGISTER(r2, &(0x7f00000000c0), 0x2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r3}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
setresgid(0xee00, 0xee01, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='quota,'])
r6 = openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd)
quotactl_fd$Q_GETNEXTQUOTA(r6, 0xffffffff80000901, 0x0, 0x0)
inotify_init()
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = syz_clone(0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r9 = syz_open_procfs(r8, &(0x7f0000000380)='stack\x00')
pread64(r9, &(0x7f0000000880)=""/4119, 0x1017, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000040)={r9}, 0x8)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x34, 0x24, 0xd0f, 0x0, 0x25dfdbfc, {0x60, 0x0, 0x0, r10, {0x0, 0x3}, {0x5, 0x2}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}, 0x1, 0x0, 0x0, 0x40004}, 0x40000)
bind$alg(r0, &(0x7f0000000280)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280-avx2\x00'}, 0x58)
22.045096816s ago: executing program 0 (id=285):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="88000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000830000000c009900000000000d00000068000e8064"], 0x88}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x183341, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newqdisc={0xe8, 0x24, 0x100, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0x4, 0xfff1}, {0x6, 0xfff3}, {0x7, 0x3}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x8001}, @qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x0, 0xfffffffc}}}}, @TCA_STAB={0x9c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xac, 0xf9, 0x8001, 0x7, 0x1, 0x1, 0x1}}, {0x4}}, {{0x1c, 0x1, {0x7, 0x9, 0xb8dd, 0x7fff, 0x2, 0x0, 0x9, 0x4}}, {0xc, 0x2, [0x736c, 0x7, 0xfcbc, 0x81]}}, {{0x1c, 0x1, {0x0, 0x8, 0x80, 0xa040, 0x0, 0x7fffffff, 0xead}}, {0x4}}, {{0x1c, 0x1, {0x9, 0x2, 0x9, 0x5, 0x2, 0x7, 0x40, 0x7}}, {0x12, 0x2, [0x6, 0x40, 0xa, 0x1, 0x8000, 0x5, 0x27]}}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080c30000000e8fe55a1190015000600142603600e1209004000f8ff0700a80016000a0004400a080000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x4)
21.655436636s ago: executing program 0 (id=291):
r0 = epoll_create(0x7) (async)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x60000, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0x2008}) (async)
r2 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x7, 0x602c2)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)={0x0, <r3=>0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r2, 0xc1105518, &(0x7f0000000180)={{0x5, 0x0, 0x1000, 0x5, '\x00', 0x4}, 0x6, 0x20000000, 0xa, r3, 0xa, 0x8, 'syz0\x00', &(0x7f0000000140)=['/dev/ppp\x00', '/dev/ppp\x00', '*+\x00', '[|\x00', ',*&/&^!*!\x00', '\x00', '^@\x00', '/dev/ppp\x00', '![@%$&\x00', '/dev/ppp\x00'], 0x3f}) (async)
ioctl$PPPIOCGIDLE64(r1, 0x8010743f, &(0x7f00000002c0)) (async)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f0000000300)={{0x8, 0x3, 0xc, 0xdd, 'syz1\x00', 0x1000000}, 0x0, [0x821a, 0x4, 0x7, 0x0, 0x80000000, 0x4, 0x7, 0x3, 0x0, 0x3, 0x2, 0x80, 0x6, 0x9, 0x0, 0x0, 0x1, 0x2, 0x3, 0x1, 0x914, 0x8, 0x8, 0x6, 0x8, 0x8, 0x6, 0xad6, 0x2, 0x2, 0xfffffffffffff47e, 0xd, 0x932, 0x8, 0x3, 0x0, 0x3, 0x4, 0x6, 0x40, 0x1, 0x3, 0x6, 0x9b, 0x28b1d62b, 0x469, 0xa92, 0x32, 0x1, 0x6, 0x96, 0xe7, 0x80000001, 0x7fff, 0x1, 0x1, 0x5, 0x5, 0xffffffffffffffff, 0x6, 0x4, 0x7, 0x6, 0x5, 0x0, 0x3, 0xff, 0x7fffffffffffffff, 0x8, 0xfff, 0x8001, 0x4, 0x6e0, 0x0, 0x9, 0x4800000000, 0x2dd, 0x0, 0x7, 0x4, 0x10000, 0x8, 0x1, 0xf, 0x7, 0x8, 0x7, 0x2, 0xffffffffffffff81, 0x0, 0xffffffff00000000, 0x87d, 0x400, 0xffffffff, 0x7, 0x4, 0x2800000000, 0x927f, 0x100000001, 0x100, 0x4, 0x11, 0x3, 0xafd, 0xd8, 0x4, 0x1, 0x5, 0x1f24, 0x3199, 0x2, 0x4, 0xffffffffffffffff, 0x298, 0x2, 0xf, 0x10001, 0x0, 0x8, 0xffffffffffff27f8, 0xfc27, 0x4, 0x7fff, 0xffffffff80000000, 0xffff, 0x280000000000, 0x4, 0x6]}) (async)
r4 = accept$phonet_pipe(0xffffffffffffffff, &(0x7f0000000800), &(0x7f0000000840)=0x10)
lseek(r4, 0xb400, 0x4) (async)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000880), 0x2, 0x0) (async)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x6, 0x20010, r4, 0xae38a000) (async)
r5 = io_uring_setup(0x245d, &(0x7f00000008c0)={0x0, 0x516d, 0x40, 0x2, 0xd, 0x0, r1})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r5, 0xb, &(0x7f0000000940)=[@ioring_restriction_sqe_flags_allowed={0x2, 0x1c}], 0x1) (async)
r6 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000980), 0x2, 0x0)
ioctl$VIDIOC_S_SELECTION(r6, 0xc040565f, &(0x7f00000009c0)={0x4, 0x103, 0x2, {0xd, 0x0, 0x6, 0x2}})
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000a00)=0x6)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000a40), r7)
r8 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000a80), 0x400, 0x0)
ioctl$TUNGETVNETLE(r8, 0x800454dd, &(0x7f0000000ac0)) (async)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r8, 0xc4c85512, &(0x7f0000000b00)={{0x7, 0x1, 0xffffff0e, 0xc643, 'syz1\x00', 0x10001}, 0x1, [0x8001, 0xfffffffffffff3eb, 0x33, 0x0, 0x6, 0x6, 0x400, 0x5, 0x7fffffffffffffff, 0x0, 0x254, 0x40, 0xeb, 0x877, 0x27dc7ac3, 0x4d2, 0x4, 0x10001, 0x1, 0x217e, 0x8, 0x5054f75c, 0x9, 0x4, 0x9, 0x4, 0x4, 0x0, 0x1, 0x0, 0x80000001, 0x8, 0x5, 0x1, 0x7, 0x800, 0x2, 0x1, 0xf, 0x100000000, 0x5, 0x3, 0x80000000, 0x7fffffff, 0xe40, 0x2, 0x9, 0xfffffffffffffffa, 0x80000, 0x7, 0x5, 0x8000000000000000, 0x1, 0xff, 0x9, 0x1, 0x3, 0x8, 0x3, 0x4, 0x2bf0000, 0x4, 0x9, 0x10, 0xf8b, 0xcb, 0xe, 0x80, 0x4, 0x2e6, 0x6, 0x2, 0x0, 0x85, 0x680, 0x40, 0x2, 0x5645, 0xfffffffffffffff7, 0x2, 0xc, 0xffffffffffffffff, 0x2, 0x14000000000000, 0xe5, 0x200, 0x3, 0x9, 0xffffffffffff489c, 0x4, 0x9, 0xc6, 0x3, 0x9, 0x81, 0x1, 0x5, 0x67f0, 0xc69, 0x2, 0x5, 0xffffffffffffffa6, 0x10, 0x0, 0x50000, 0x5, 0x7, 0x9, 0x800, 0x8, 0x7, 0x1, 0x7, 0x400, 0xff, 0x1, 0xfffffffffffffff9, 0xffff, 0x7, 0x2, 0x1, 0x200, 0xa0ff, 0x0, 0x31b, 0x9, 0x1, 0x4]}) (async)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000001080)=@mangle={'mangle\x00', 0x1f, 0x6, 0x5f0, 0x0, 0x210, 0x0, 0xd0, 0x210, 0x520, 0x520, 0x520, 0x520, 0x520, 0x6, &(0x7f0000001000), {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x25}, @empty, [0xff, 0xffffff00, 0xffffffff, 0xffffffff], [0x0, 0xffffff00, 0x0, 0xff], 'netdevsim0\x00', 'vcan0\x00', {0xff}, {0xff}, 0x32, 0x5, 0x2, 0x20}, 0x0, 0xa8, 0xd0}, @HL={0x28, 'HL\x00', 0x0, {0x2, 0xff}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast2}, @private1, [0xff000000, 0x0, 0xff, 0xff], [0xff000000, 0x0, 0xffffffff], 'wg2\x00', 'veth0_to_bridge\x00', {0xff}, {0xff}, 0x21, 0x5, 0x4, 0x1}, 0x0, 0x118, 0x140, 0x0, {}, [@common=@srh={{0x30}, {0x0, 0x4c, 0x3, 0x4, 0x7f, 0x2000, 0x1081}}, @common=@unspec=@connlimit={{0x40}, {[0xff000000, 0x0, 0xff], 0xfffff000, 0x2, {0x6}}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xf800}}}, {{@ipv6={@private1, @ipv4={'\x00', '\xff\xff', @broadcast}, [0xffffff00, 0x0, 0xffffff00], [0xffffff, 0xff000000, 0xffffffff, 0xffffff00], 'bridge_slave_0\x00', 'vcan0\x00', {}, {0xff}, 0x1d, 0x6, 0x2, 0x10}, 0x0, 0xf8, 0x120, 0x0, {}, [@common=@mh={{0x28}, {'%&', 0x1}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@private0, @dev={0xfe, 0x80, '\x00', 0x3e}, [0xffffff00, 0xff000000, 0xff000000, 0xffffffff], [0xffffff00, 0x0, 0xffffff00], 'macsec0\x00', 'vlan0\x00', {0xff}, {}, 0x0, 0xaa, 0x3, 0x2}, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x8}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @HL={0x28, 'HL\x00', 0x0, {0x2, 0xb7}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x650)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000001700)={0x7}, 0x8) (async)
accept(r2, &(0x7f0000001740)=@nfc, &(0x7f00000017c0)=0x80) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001900)={@map=r8, 0x12, 0x1, 0x638, &(0x7f0000001800)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000001840)=[0x0], &(0x7f0000001880)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000018c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r10=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001940)={@fallback=r0, r8, 0x2f, 0x4, 0x0, @void, @value=r8, @void, @void, r10}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001b40)={&(0x7f0000001980)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xe0, 0xe0, 0x4, [@func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{0xc, 0x1}, {0xe}, {0xa, 0x3}, {0x2, 0x4}]}, @struct={0x1, 0x6, 0x0, 0x4, 0x1, 0x9d, [{0x4, 0x4, 0x1}, {0xf, 0x0, 0x10000}, {0xf, 0x1, 0x6}, {0xe, 0x4, 0x1}, {0xf, 0x1, 0xfffffff1}, {0x10, 0x1, 0x1}]}, @func={0x9, 0x0, 0x0, 0xc, 0x3}, @int={0x10, 0x0, 0x0, 0x1, 0x0, 0x6f, 0x0, 0x29}, @const={0x1, 0x0, 0x0, 0xa, 0x4}, @type_tag={0xe, 0x0, 0x0, 0x12, 0x1}, @var={0xd, 0x0, 0x0, 0xe, 0x2, 0x1}, @decl_tag={0xa, 0x0, 0x0, 0x11, 0x5, 0x8}, @type_tag={0x10, 0x0, 0x0, 0x12, 0x3}]}, {0x0, [0x5f, 0x5f]}}, &(0x7f0000001a80)=""/189, 0xfc, 0xbd, 0x1, 0x6, 0x10000, @value=r8}, 0x28) (async)
mprotect(&(0x7f0000fef000/0x11000)=nil, 0x11000, 0xa)
21.620143534s ago: executing program 32 (id=291):
r0 = epoll_create(0x7) (async)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x60000, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0x2008}) (async)
r2 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x7, 0x602c2)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)={0x0, <r3=>0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r2, 0xc1105518, &(0x7f0000000180)={{0x5, 0x0, 0x1000, 0x5, '\x00', 0x4}, 0x6, 0x20000000, 0xa, r3, 0xa, 0x8, 'syz0\x00', &(0x7f0000000140)=['/dev/ppp\x00', '/dev/ppp\x00', '*+\x00', '[|\x00', ',*&/&^!*!\x00', '\x00', '^@\x00', '/dev/ppp\x00', '![@%$&\x00', '/dev/ppp\x00'], 0x3f}) (async)
ioctl$PPPIOCGIDLE64(r1, 0x8010743f, &(0x7f00000002c0)) (async)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f0000000300)={{0x8, 0x3, 0xc, 0xdd, 'syz1\x00', 0x1000000}, 0x0, [0x821a, 0x4, 0x7, 0x0, 0x80000000, 0x4, 0x7, 0x3, 0x0, 0x3, 0x2, 0x80, 0x6, 0x9, 0x0, 0x0, 0x1, 0x2, 0x3, 0x1, 0x914, 0x8, 0x8, 0x6, 0x8, 0x8, 0x6, 0xad6, 0x2, 0x2, 0xfffffffffffff47e, 0xd, 0x932, 0x8, 0x3, 0x0, 0x3, 0x4, 0x6, 0x40, 0x1, 0x3, 0x6, 0x9b, 0x28b1d62b, 0x469, 0xa92, 0x32, 0x1, 0x6, 0x96, 0xe7, 0x80000001, 0x7fff, 0x1, 0x1, 0x5, 0x5, 0xffffffffffffffff, 0x6, 0x4, 0x7, 0x6, 0x5, 0x0, 0x3, 0xff, 0x7fffffffffffffff, 0x8, 0xfff, 0x8001, 0x4, 0x6e0, 0x0, 0x9, 0x4800000000, 0x2dd, 0x0, 0x7, 0x4, 0x10000, 0x8, 0x1, 0xf, 0x7, 0x8, 0x7, 0x2, 0xffffffffffffff81, 0x0, 0xffffffff00000000, 0x87d, 0x400, 0xffffffff, 0x7, 0x4, 0x2800000000, 0x927f, 0x100000001, 0x100, 0x4, 0x11, 0x3, 0xafd, 0xd8, 0x4, 0x1, 0x5, 0x1f24, 0x3199, 0x2, 0x4, 0xffffffffffffffff, 0x298, 0x2, 0xf, 0x10001, 0x0, 0x8, 0xffffffffffff27f8, 0xfc27, 0x4, 0x7fff, 0xffffffff80000000, 0xffff, 0x280000000000, 0x4, 0x6]}) (async)
r4 = accept$phonet_pipe(0xffffffffffffffff, &(0x7f0000000800), &(0x7f0000000840)=0x10)
lseek(r4, 0xb400, 0x4) (async)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000880), 0x2, 0x0) (async)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x6, 0x20010, r4, 0xae38a000) (async)
r5 = io_uring_setup(0x245d, &(0x7f00000008c0)={0x0, 0x516d, 0x40, 0x2, 0xd, 0x0, r1})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r5, 0xb, &(0x7f0000000940)=[@ioring_restriction_sqe_flags_allowed={0x2, 0x1c}], 0x1) (async)
r6 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000980), 0x2, 0x0)
ioctl$VIDIOC_S_SELECTION(r6, 0xc040565f, &(0x7f00000009c0)={0x4, 0x103, 0x2, {0xd, 0x0, 0x6, 0x2}})
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000a00)=0x6)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000a40), r7)
r8 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000a80), 0x400, 0x0)
ioctl$TUNGETVNETLE(r8, 0x800454dd, &(0x7f0000000ac0)) (async)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r8, 0xc4c85512, &(0x7f0000000b00)={{0x7, 0x1, 0xffffff0e, 0xc643, 'syz1\x00', 0x10001}, 0x1, [0x8001, 0xfffffffffffff3eb, 0x33, 0x0, 0x6, 0x6, 0x400, 0x5, 0x7fffffffffffffff, 0x0, 0x254, 0x40, 0xeb, 0x877, 0x27dc7ac3, 0x4d2, 0x4, 0x10001, 0x1, 0x217e, 0x8, 0x5054f75c, 0x9, 0x4, 0x9, 0x4, 0x4, 0x0, 0x1, 0x0, 0x80000001, 0x8, 0x5, 0x1, 0x7, 0x800, 0x2, 0x1, 0xf, 0x100000000, 0x5, 0x3, 0x80000000, 0x7fffffff, 0xe40, 0x2, 0x9, 0xfffffffffffffffa, 0x80000, 0x7, 0x5, 0x8000000000000000, 0x1, 0xff, 0x9, 0x1, 0x3, 0x8, 0x3, 0x4, 0x2bf0000, 0x4, 0x9, 0x10, 0xf8b, 0xcb, 0xe, 0x80, 0x4, 0x2e6, 0x6, 0x2, 0x0, 0x85, 0x680, 0x40, 0x2, 0x5645, 0xfffffffffffffff7, 0x2, 0xc, 0xffffffffffffffff, 0x2, 0x14000000000000, 0xe5, 0x200, 0x3, 0x9, 0xffffffffffff489c, 0x4, 0x9, 0xc6, 0x3, 0x9, 0x81, 0x1, 0x5, 0x67f0, 0xc69, 0x2, 0x5, 0xffffffffffffffa6, 0x10, 0x0, 0x50000, 0x5, 0x7, 0x9, 0x800, 0x8, 0x7, 0x1, 0x7, 0x400, 0xff, 0x1, 0xfffffffffffffff9, 0xffff, 0x7, 0x2, 0x1, 0x200, 0xa0ff, 0x0, 0x31b, 0x9, 0x1, 0x4]}) (async)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000001080)=@mangle={'mangle\x00', 0x1f, 0x6, 0x5f0, 0x0, 0x210, 0x0, 0xd0, 0x210, 0x520, 0x520, 0x520, 0x520, 0x520, 0x6, &(0x7f0000001000), {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x25}, @empty, [0xff, 0xffffff00, 0xffffffff, 0xffffffff], [0x0, 0xffffff00, 0x0, 0xff], 'netdevsim0\x00', 'vcan0\x00', {0xff}, {0xff}, 0x32, 0x5, 0x2, 0x20}, 0x0, 0xa8, 0xd0}, @HL={0x28, 'HL\x00', 0x0, {0x2, 0xff}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast2}, @private1, [0xff000000, 0x0, 0xff, 0xff], [0xff000000, 0x0, 0xffffffff], 'wg2\x00', 'veth0_to_bridge\x00', {0xff}, {0xff}, 0x21, 0x5, 0x4, 0x1}, 0x0, 0x118, 0x140, 0x0, {}, [@common=@srh={{0x30}, {0x0, 0x4c, 0x3, 0x4, 0x7f, 0x2000, 0x1081}}, @common=@unspec=@connlimit={{0x40}, {[0xff000000, 0x0, 0xff], 0xfffff000, 0x2, {0x6}}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xf800}}}, {{@ipv6={@private1, @ipv4={'\x00', '\xff\xff', @broadcast}, [0xffffff00, 0x0, 0xffffff00], [0xffffff, 0xff000000, 0xffffffff, 0xffffff00], 'bridge_slave_0\x00', 'vcan0\x00', {}, {0xff}, 0x1d, 0x6, 0x2, 0x10}, 0x0, 0xf8, 0x120, 0x0, {}, [@common=@mh={{0x28}, {'%&', 0x1}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@private0, @dev={0xfe, 0x80, '\x00', 0x3e}, [0xffffff00, 0xff000000, 0xff000000, 0xffffffff], [0xffffff00, 0x0, 0xffffff00], 'macsec0\x00', 'vlan0\x00', {0xff}, {}, 0x0, 0xaa, 0x3, 0x2}, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x8}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @HL={0x28, 'HL\x00', 0x0, {0x2, 0xb7}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x650)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000001700)={0x7}, 0x8) (async)
accept(r2, &(0x7f0000001740)=@nfc, &(0x7f00000017c0)=0x80) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001900)={@map=r8, 0x12, 0x1, 0x638, &(0x7f0000001800)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000001840)=[0x0], &(0x7f0000001880)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000018c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r10=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001940)={@fallback=r0, r8, 0x2f, 0x4, 0x0, @void, @value=r8, @void, @void, r10}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001b40)={&(0x7f0000001980)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xe0, 0xe0, 0x4, [@func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{0xc, 0x1}, {0xe}, {0xa, 0x3}, {0x2, 0x4}]}, @struct={0x1, 0x6, 0x0, 0x4, 0x1, 0x9d, [{0x4, 0x4, 0x1}, {0xf, 0x0, 0x10000}, {0xf, 0x1, 0x6}, {0xe, 0x4, 0x1}, {0xf, 0x1, 0xfffffff1}, {0x10, 0x1, 0x1}]}, @func={0x9, 0x0, 0x0, 0xc, 0x3}, @int={0x10, 0x0, 0x0, 0x1, 0x0, 0x6f, 0x0, 0x29}, @const={0x1, 0x0, 0x0, 0xa, 0x4}, @type_tag={0xe, 0x0, 0x0, 0x12, 0x1}, @var={0xd, 0x0, 0x0, 0xe, 0x2, 0x1}, @decl_tag={0xa, 0x0, 0x0, 0x11, 0x5, 0x8}, @type_tag={0x10, 0x0, 0x0, 0x12, 0x3}]}, {0x0, [0x5f, 0x5f]}}, &(0x7f0000001a80)=""/189, 0xfc, 0xbd, 0x1, 0x6, 0x10000, @value=r8}, 0x28) (async)
mprotect(&(0x7f0000fef000/0x11000)=nil, 0x11000, 0xa)
1.844538302s ago: executing program 1 (id=550):
r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x325002, 0x0) (async)
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000080)={0x0, <r1=>0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) (async, rerun: 64)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000380)={&(0x7f00000000c0)=[<r2=>0x0, 0x0, 0x0], &(0x7f0000000100)=[{}, {}, {}, {}, {}, {}], &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x1, 0x3}) (async, rerun: 64)
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000440)={0x0, 0x0, <r3=>0x0, 0x0, 0x0, 0x5, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0]}) (async)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000004c0)={&(0x7f0000000480)=[0x0, 0x0], 0x2, 0x0, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, &(0x7f0000000580)={0x8, 0x0, &(0x7f0000000540)=[0x0, <r5=>0x0, <r6=>0x0, <r7=>0x0, <r8=>0x0, <r9=>0x0, <r10=>0x0, 0x0]}) (async)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f00000006c0)={&(0x7f0000000640)=[0x0, <r11=>0x0, 0x0, 0x0], &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, 0x59622814108ed372})
ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, &(0x7f0000000740)={0x4, 0x0, &(0x7f0000000700)=[0x0, <r12=>0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000800)={0x700, 0x5, &(0x7f00000005c0)=[r1, r2, r3, r4, r8], &(0x7f0000000600)=[0x31000000, 0x4, 0x400], &(0x7f0000000780)=[r11, 0x0, 0x0, r12, 0x0], &(0x7f00000007c0)=[0x9, 0xffc0000000000000, 0x7], 0x0, 0xffff}) (async)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000840)={<r13=>0x0})
ioctl$DRM_IOCTL_GET_CTX(r0, 0xc0086423, &(0x7f0000000880)={r13, 0x1})
fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f00000008c0))
ioctl$DRM_IOCTL_MODE_GETENCODER(r0, 0xc01464a6, &(0x7f0000000900)={r6, 0x0, <r14=>0x0}) (async)
ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, &(0x7f0000000940)={r10, 0x0, <r15=>0x0})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000c80)={&(0x7f0000000980)=[0x0], &(0x7f00000009c0)=[{}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000c00)=[<r16=>0x0, 0x0], &(0x7f0000000c40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x2, 0x1, 0x0, r5}) (async, rerun: 64)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000001040)={&(0x7f0000000d80)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000dc0)=[{}, {}, {}, {}, {}, {}, {}], &(0x7f0000000fc0)=[<r17=>0x0], &(0x7f0000001000)=[0x0, 0x0, 0x0, 0x0], 0x7, 0x1, 0x5}) (async, rerun: 64)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000001340)={&(0x7f00000010c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000001100)=[{}, {}, {}, {}, {}, {}], &(0x7f00000012c0)=[0x0, 0x0, <r18=>0x0, 0x0], &(0x7f0000001300)=[0x0], 0x6, 0x4, 0x4, 0x0, r9})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000001440)={0x400, 0x7, &(0x7f0000000d00)=[r14, r15, r10, r10, r3, r16, r7], &(0x7f0000000d40)=[0x92d, 0x101, 0x8, 0x7d6], &(0x7f00000013c0)=[r17, r9, r18, r11], &(0x7f0000001400)=[0x5, 0x8e, 0x8], 0x0, 0x4c7})
close_range(r0, r0, 0x0) (async, rerun: 32)
chmod(&(0x7f0000001480)='./file0\x00', 0x80) (async, rerun: 32)
r19 = syz_open_dev$dri(&(0x7f00000014c0), 0xe9da, 0x4440)
ioctl$DRM_IOCTL_INFO_BUFS(r19, 0xc0106418, &(0x7f0000001500)={0x80000000, 0x8, 0x6, 0x2, 0x11, 0x101}) (async)
fsetxattr(r0, &(0x7f0000001540)=@known='security.selinux\x00', &(0x7f0000001580)='/dev/dri/card#\x00', 0xf, 0x1)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000015c0)={&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x3000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000001600)={0xeeee0000, 0x119000, 0x1})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000001640)) (async)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(0xffffffffffffffff, 0xc018620c, &(0x7f0000001840))
ioctl$DRM_IOCTL_RM_CTX(r19, 0xc0086421, &(0x7f0000001880)={r13, 0x1}) (async)
creat(&(0x7f00000018c0)='./file1\x00', 0x11) (async)
syz_open_dev$dri(&(0x7f0000001900), 0x2, 0x1)
1.75536396s ago: executing program 1 (id=551):
openat$procfs(0xffffffffffffff9c, &(0x7f0000002200)='/proc/asound/timers\x00', 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0) (async)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$rfkill(r1, &(0x7f0000000040)={0x1, 0x6, 0x2, 0x0, 0x1}, 0x8) (async)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000480)=@newqdisc={0xec, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0xbc, 0x2, {{0x8, 0x80, 0x0, 0x7, 0x4000, 0x4}, [@TCA_NETEM_LOSS={0x34, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x1, 0x7, 0x2, 0x800, 0x7c}}, @NETEM_LOSS_GI={0x18, 0x1, {0xc128, 0x5ddf, 0x100, 0x5ef, 0x7}}]}, @TCA_NETEM_RATE={0x14, 0x6, {0x7fffffff, 0x9, 0x6, 0x7fff}}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x5, 0xff, 0x1ff, 0x8, 0xd2e, 0x5}}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x80, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffd}}]}}}]}, 0xec}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
1.755160132s ago: executing program 1 (id=552):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0xa, 0x100)
fremovexattr(r3, &(0x7f0000000040)=@known='system.posix_acl_access\x00')
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB='ya\x00 \x00\x00\x00\x00!\x00~\x00\x00\x00'], 0x14}}, 0x4000054)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r6=>0x0})
r7 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f00000001c0)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff)
pipe2$watch_queue(&(0x7f0000000140)={<r8=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r7, r8, 0x0)
keyctl$setperm(0x5, r7, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="00022abd7000fbdbdf254400000008000300", @ANYRES32=r6, @ANYBLOB="911c6539529db90fd3da0b5147c1db766b14264d07aec6ce74b45d487b9b9755e16b59f0439aed05a9e131595404387b3f37fb442ede44a4778f9b6b85ac3fd751b99114fd5d594388a8ca4aa294002efc3da5085e5e680ff3b42ccd12179667eaa81a339109c8ae7c47b47ab631c607000000000029aae0ab4fc3e3705d646249a761db0af20e7f77bd65c3000000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x11)
syz_genetlink_get_family_id$batadv(&(0x7f0000000480), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRESHEX=0x0, @ANYBLOB="310300000000000000000900000008000300", @ANYRES32=r9, @ANYBLOB="08000600", @ANYRES16=r4], 0x24}}, 0x0)
1.21548332s ago: executing program 2 (id=553):
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000000)={0x34, r1, 0x21, 0x200000, 0x25dfdc01, {}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}, @ETHTOOL_A_RINGS_RX_MINI={0x8, 0x7, 0x7f}]}, 0x34}}, 0x4000040)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000180)=0x14)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)={0x68, r1, 0x4a0, 0x70bd2d, 0x25dfdbff, {}, [@ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x3}, @ETHTOOL_A_LINKINFO_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_LINKINFO_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x9}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0xd9}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000081}, 0x10810)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
pipe(0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'bridge_slave_1\x00', <r5=>0x0})
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'})
r7 = syz_open_dev$video(&(0x7f0000000440), 0x80000000, 0x20200)
ioctl$VIDIOC_S_SELECTION(r7, 0xc040565f, &(0x7f0000000040)={0xa, 0x0, 0x86e, {0x0, 0x1000, 0xffffffff}})
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x40009, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="5400000010000104000000000200000000000000", @ANYRES32=r5, @ANYBLOB="0000faffffff000034001280110001006272696467655f736c617665000000001c000580050021000000000006001f0000000000080022"], 0x54}}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
1.155527811s ago: executing program 2 (id=554):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x58, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}}, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000000c0), 0x80000000, 0x40000)
ioctl$SG_SCSI_RESET(r1, 0x2284, 0x0)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r2 = syz_clone(0x0, 0x0, 0x2f, 0x0, 0x0, 0x0)
r3 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r3, 0x1, &(0x7f0000000140)={0x100, r4}, 0x0)
name_to_handle_at(r4, &(0x7f0000000140)='./file1\x00', &(0x7f00000001c0)=@ocfs2_parent={0x18, 0x2, {{0x762a, 0x3, 0x2}, {0x7f, 0x8, 0x4}}}, &(0x7f0000000240), 0x600)
r5 = getpgid(r2)
setpgid(0x0, r5)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000005080000024d564b"])
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x200)
syz_kvm_setup_cpu$x86(r7, r8, &(0x7f0000fe6000/0x18000)=nil, 0x0, 0x0, 0x16, 0x0, 0x0)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fc00101}]})
epoll_create1(0x0)
timer_create(0x7, &(0x7f0000000080)={0x0, 0x1a, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r9, 0xc0502100, &(0x7f00000004c0)={<r10=>0x0})
r11 = socket$key(0xf, 0x3, 0x2)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r9, 0x40182103, &(0x7f0000000000)={r10, 0x3, r11})
ioctl$KVM_GET_MSRS(r8, 0xc008ae88, &(0x7f0000000040))
883.811133ms ago: executing program 1 (id=557):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000600)={0xa0000010})
epoll_wait(r3, &(0x7f0000000180)=[{}], 0x1, 0x10000400)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@ipv4_delroute={0x34, 0x19, 0x0, 0x70bd2d, 0x25dfdbfc, {0x2, 0x0, 0x0, 0xef, 0xfe, 0x0, 0x0, 0x5, 0x100}, [@RTA_IIF={0x8}, @RTA_DST={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x30}}, @RTA_DST={0x8, 0x1, @rand_addr=0x64010102}]}, 0x34}}, 0x0)
814.471613ms ago: executing program 1 (id=558):
r0 = add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000080)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff)
add_key(&(0x7f0000000100)='rxrpc\x00', 0x0, 0x0, 0x0, r0)
r1 = socket$netlink(0x10, 0x3, 0x6)
writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000000)="480000001500190a20ffff7fffffff5602113e850e1de0974881030491720000de213ee23ffbf510040041feff5aff2b0000000000000700"/68, 0x44}, {&(0x7f0000000080)="c1130389", 0x4}], 0x2)
r2 = syz_open_dev$sg(&(0x7f0000000140), 0x4, 0x20001)
ioctl$SG_EMULATED_HOST(r2, 0x2203, &(0x7f0000000180))
select(0x40, &(0x7f0000000080)={0x0, 0x0, 0xfffffffffffffff2}, 0x0, 0x0, &(0x7f0000000100)={0x7fffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x13, 0x4, &(0x7f00000005c0)=ANY=[@ANYRES16=r0], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
605.560874ms ago: executing program 3 (id=561):
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x5fd20000000)
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xfe8) (async)
r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xfe8)
ioctl$GIO_UNIMAP(r1, 0x4b66, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}, {}]}) (async)
ioctl$GIO_UNIMAP(r1, 0x4b66, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}, {}]})
ioctl$VIDIOC_ENUMAUDOUT(0xffffffffffffffff, 0xc0345642, &(0x7f0000000080)={0xfffffff9, "ac3c2fc5795fa8f27616ef184d6bdc96dfa5d0c0d5229eaf8640d962703a6e82", 0x2})
ioctl$KDGKBSENT(r1, 0x4b48, &(0x7f00000000c0)={0x6, "7d1e42fcd61e5c3d1fabbe41f93d16b8e50bc7a4e6cf4a9e86ef8a78f497d45e8b5b8752f37c6716035a389bf9efc4e424abd6f8cb3a81109974850c336c35c9cc6f559a17b9626cb38d637eb1760d3f894dd0cb291c16a2ea19a47471e0f6c9858b86af5542beaefdd25f9d892d382400db7357cbb9da32d1c4229017200c135cdf125b6bef7aa1f58b575cd3f89e0023fe0e5836a961f298d2cea97c6bb6c508daf56d54a9de50b5712ebfe42f4419a71a29dce3047e38815ac050be8942272a722aa5aaca482fa8d3d9a39db952360a1416eb424cb3c761ab436158ebf4ff910d75c24b099b734cadb4f9e89fef93279f5d311ec1917528450514533901f961ad3b52a15f2600256c66c3d75c6f65ef70c9ea0a5d7b36a194433219b2cf6ee3237914e4da38378134a034a0e6bcc037e7142f483a50e29fa2a67094efd8ebae500cbbc9b9f5de5a88854f56bbdac1529f7119cd63b5db4516dc70096e4e672f43e06302157edf9d1f2ba6efafd4502aadc2676ce1731809d076c141b4d77d91f55ae356dad649351e72932398e11fe80cbbf1e7b0dddffd4e1f339def97129588533aea9ee1034d7d2771ecc0e95ca520cfbae818fb9da7b33ad891dfde128bb3def6d279ed3e344ff4cae10ebd5e6db3b5ae0ba3dd4bc810b2ea3bda19fc171129eaf64edbd69aa1bc960553b4d668b85a05d189f5a27307688fffcbd444"})
r2 = syz_open_dev$sg(&(0x7f0000000300), 0x7, 0x711a82)
ioctl$SG_SCSI_RESET(r2, 0x2284, 0x0) (async)
ioctl$SG_SCSI_RESET(r2, 0x2284, 0x0)
r3 = open_tree(r0, &(0x7f0000000340)='./file0\x00', 0x80000)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000380)={'veth1_virt_wifi\x00', 0x51})
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), r3) (async)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), r3)
sendmsg$TIPC_NL_BEARER_ADD(r3, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x20, r4, 0x400, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x2}]}]}, 0x20}}, 0x80)
ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0xffffffffffffff80) (async)
ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0xffffffffffffff80)
ioctl$PIO_FONTRESET(r3, 0x4b6d, 0x0) (async)
ioctl$PIO_FONTRESET(r3, 0x4b6d, 0x0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000500)={0x8001, 0x1, 0x4, 0x3a, 0xcd, "0ceaee211a3d7f0e219d8645d2d6206d86e3da", 0x7, 0x7})
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000580)=@arm64_core={0x6030000000100032, &(0x7f0000000540)})
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TLS_TX(r5, 0x6, 0x1, &(0x7f00000005c0)=@gcm_256={{0x303}, "51c3bc85e04ddb40", "954f7186df89ebcb772fb1d3b632b2a885c13752fa9586d01a34bec5914bde16", "e25e4268", "e6392244a33f7720"}, 0x38)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000600)={0x401, 0x32, 0x3, {0xa, @sliced={0xfff8, [0x5, 0x6, 0x4, 0x7, 0x7, 0xc, 0x81, 0x4, 0xc9ab, 0x1, 0x0, 0x0, 0x6, 0x1, 0x9, 0x4, 0xffff, 0x7, 0x800, 0x9, 0x80, 0xab3, 0x3, 0x100, 0x4, 0x7, 0x9, 0x7, 0xf, 0x7, 0x4, 0x2, 0x37a4, 0x3, 0xfff, 0x5, 0x1, 0x0, 0xf800, 0x2, 0x1, 0x401, 0xffff, 0x1, 0x9, 0x2, 0xc5c6, 0x9897], 0xfffffffa}}, 0x1ff})
ioctl$KDSETKEYCODE(r3, 0x4b4d, &(0x7f0000000700)={0x0, 0x9}) (async)
ioctl$KDSETKEYCODE(r3, 0x4b4d, &(0x7f0000000700)={0x0, 0x9})
ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000740)=0x3) (async)
ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000740)=0x3)
ioctl$TCSETS(r3, 0x5402, &(0x7f0000000780)={0x81, 0xe, 0x8, 0x7, 0x5, "d735ac65ff1f7ff7662b85534c05fba246d9af"}) (async)
ioctl$TCSETS(r3, 0x5402, &(0x7f0000000780)={0x81, 0xe, 0x8, 0x7, 0x5, "d735ac65ff1f7ff7662b85534c05fba246d9af"})
close_range(r2, r5, 0x2)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f00000007c0)={{0x1, 0x1, 0x18, r3, {0x9}}, './file0\x00'}) (async)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f00000007c0)={{0x1, 0x1, 0x18, <r6=>r3, {0x9}}, './file0\x00'})
ioctl$KVM_GET_XSAVE2(r3, 0x9000aecf, &(0x7f0000ffc000/0x1000)=nil)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), r6)
sendmsg$NL80211_CMD_ADD_TX_TS(r6, &(0x7f0000000900)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x40, r7, 0x4, 0x70bd28, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0xc54}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x44000)
ioctl$TIOCPKT(r6, 0x5420, &(0x7f0000000940)=0x7)
ioctl$VIDIOC_G_AUDIO(r3, 0x80345621, &(0x7f0000000980))
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f00000009c0)={0xfff, 0xba9, 0x614, 0x8000, 0x6, 0x4})
ioctl$LOOP_CHANGE_FD(r6, 0x4c06, 0xffffffffffffffff)
605.195986ms ago: executing program 3 (id=562):
syz_open_dev$radio(0x0, 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
preadv(r0, 0x0, 0x0, 0x80000001, 0x3f7a)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r1, 0xffffffffffffffff, 0x0)
524.988303ms ago: executing program 3 (id=563):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000440)={0x0, <r1=>0x0}, &(0x7f0000000480)=0x31)
setresuid(r1, r1, r1)
fsopen(&(0x7f0000000ec0)='zonefs\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
process_madvise(r3, &(0x7f0000001440)=[{&(0x7f0000000000)="9f", 0x1}, {0x0, 0x18100}], 0x2, 0x19, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}]})
524.727154ms ago: executing program 4 (id=564):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0x4048aecb, &(0x7f00000000c0)=ANY=[@ANYRES64=r0, @ANYRES64])
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000000), 0x13f, 0x8}}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000111c0)='ext4_sync_fs\x00', r5, 0x0, 0x5}, 0x18)
sync()
523.839999ms ago: executing program 3 (id=565):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x1, 0x803, 0x0) (async)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @HCI_EV_INQUIRY_COMPLETE={{0x1, 0x1}, 0x81}}, 0x4) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x15, 0x10, 0x8, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) (async)
r3 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r2, 0xc0189371, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r3}, './file0\x00'}) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x44}}, 0x8000)
365.361543ms ago: executing program 4 (id=566):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000480)=@ethtool_channels={0x3c, 0x9, 0x8, 0x4, 0x2, 0x6, 0x3, 0x400, 0x101}})
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000019600)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000200), 0xfffffd9d)
preadv(r0, &(0x7f00000002c0)=[{&(0x7f00000000c0)=""/190, 0xbe}, {&(0x7f0000000180)=""/78, 0x4e}, {&(0x7f00000004c0)=""/4096, 0x1000}, {&(0x7f0000000240)=""/53, 0x35}, {&(0x7f0000000280)=""/36, 0x24}], 0x5, 0x7, 0xfff)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='htcp\x00', 0x5)
sendfile(r0, r1, 0x0, 0x8000002b)
363.64682ms ago: executing program 3 (id=567):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x40000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000000)={0x4, 0xd3f, 0x1, 0xffffff02, 0x11, "c77277cffd11acb9c6b9fd50130ad1e00da15e"}) (async)
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000000)={0x4, 0xd3f, 0x1, 0xffffff02, 0x11, "c77277cffd11acb9c6b9fd50130ad1e00da15e"})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x6}, [@FRA_GENERIC_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e23, 0x4e23}}]}, 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0) (async)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x6}, [@FRA_GENERIC_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e23, 0x4e23}}]}, 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000002200)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r5, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x24, r4, 0x1, 0x0, 0x25dfdbff, {{0xa}, {@val={0x0, 0x3, r7}, @void}}, [@NL80211_ATTR_KEY={0x10, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0xfffffffffffffdca, 0xa}, @NL80211_KEY_IDX={0x5, 0x2, 0x6}]}]}, 0x24}}, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
io_setup(0x4, &(0x7f0000000000)=<r8=>0x0)
openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async)
r9 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
io_submit(r8, 0x1, &(0x7f0000000380)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, r9, 0x0, 0x0, 0x81}]) (async)
io_submit(r8, 0x1, &(0x7f0000000380)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, r9, 0x0, 0x0, 0x81}])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r10 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r3, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4010}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_dccp(0xa, 0x6, 0x0)
sendmsg$NFT_BATCH(r11, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r11, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @objref={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_OBJREF_SET_SREG={0x8, 0x3, 0x1, 0x0, 0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}}, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@ipv6_deladdrlabel={0x40, 0x49, 0x4, 0x70bd27, 0x25dfdbfb, {0xa, 0x0, 0x1f, 0x0, 0x0, 0x9}, [@IFAL_ADDRESS={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x16}}, @IFAL_LABEL={0x8, 0x2, 0x2}, @IFAL_LABEL={0x8, 0x2, 0x7}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
landlock_create_ruleset(&(0x7f0000000000)={0x1, 0x1, 0x2}, 0x18, 0x0) (async)
landlock_create_ruleset(&(0x7f0000000000)={0x1, 0x1, 0x2}, 0x18, 0x0)
215.66261ms ago: executing program 2 (id=568):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmmsg$inet(r0, &(0x7f0000002100)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000200)="56c7", 0x2}, {&(0x7f0000000400)="35fccc42c3ae7d031a05d8822bca9810b7685efd7a7aca75077435c8be7f3236f5772ea7ae8d0061a3", 0x29}, {0x0}, {&(0x7f00000004c0)}], 0x4, 0x0, 0x2f}}, {{0x0, 0x0, &(0x7f0000001c40)=[{&(0x7f0000000440)="740bb91960751313d563244d2422eacd81d938612101390709e3a10aa8fc1ff41a2b9468fdd430919c067d524236860d4e0eb92721c9e3410ed63991ea341b891e3964e2871e1f6ff3539d3a9024ba059bdc8a0615abdc3260ab20c8a7b151b2723cb78509f771bff7142cd0bff7695c862983436184d0451d656a93cf5fd565784d61666bae0e85271f677e465d3b973c9ae62ebed49d32db8a946c65473fa9a300786513609ba38ca00ef4585b38fa523d1d7f8adfdc7c81ac52670ca519c7924d76a05700"/207}, {&(0x7f00000008c0)="9167fca6d85a8e78cfe6", 0xa}, {&(0x7f0000000540)="8d5a5cddbeabb957b80964a47938eeae21f5be0abdac92c478fcfd28e25157e15fc60c05d6c063c5adb00a667b4ec66ca3d156d735a6af56baf6ebe730f30a52a3d594ae2892dc971bc7840d37a56a8a61844863b982580f1a0ddadb967507b10a6e5829d4cd536e79dd0052c249e8e62734c043be10a659a2", 0x79}, {&(0x7f0000001ac0)="84c23f911cfc52d50f475752de5311c9362711bc9c7b19e0064a5889f8e269aa365841f9a4e234c07ccbdcc26f6ec55256bf1e70bbbad25c273b9d062d3339bd87", 0xfffffffffffffd36}, {&(0x7f0000001b40)="f0933d9562a9332e42a76d9d52b585c534d89462070b560df4bc5b66f1575213fc88918ee426cd4ba728192a3432e00a81f1d90916ebb947dd93252237e42093c67ce5371712e51fb420d199dfccc97a312f22a232fa35", 0x57}], 0x5}}], 0x2, 0x4004000) (async)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), r2) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r4=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000006100000600000000bf91000000000000b7020000000000008500000000000000b70000000000000095"], &(0x7f0000000100)='GPL\x00', 0x4, 0x108, &(0x7f00000002c0)=""/264, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r5, 0x11, 0x64, &(0x7f0000000080)=0x3, 0x4)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r3, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff", @ANYRESOCT=r2, @ANYRES32=r3, @ANYRESHEX=r1], 0x398}}, 0x0)
165.013372ms ago: executing program 4 (id=569):
r0 = socket$inet6_udp(0xa, 0x2, 0x0) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002d40)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000000203010200000000000000000000000009000200000000470200000008000340000000000800010001"], 0x30}}, 0x0)
mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0) (async)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001040)=@nat={'nat\x00', 0x8, 0x5, 0x6c0, 0x390, 0xf0, 0xffffffff, 0x2a0, 0x390, 0x5f0, 0x5f0, 0xffffffff, 0x5f0, 0x5f0, 0x5, 0x0, {[{{@uncond, 0xb7030000, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x1d, @ipv6=@private1, @ipv6=@private0, @port, @gre_key}}}, {{@uncond, 0x0, 0x168, 0x1b0, 0x0, {}, [@common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@dev, [], @ipv6=@private1, [], @ipv6=@private1, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x1, @ipv4, @ipv6=@local, @icmp_id, @icmp_id}}}, {{@ipv6={@mcast1, @local, [], [], 'wg1\x00', 'virt_wifi0\x00'}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4, @ipv4=@multicast1, @gre_key, @icmp_id}}}, {{@ipv6={@rand_addr=' \x01\x00', @ipv4={'\x00', '\xff\xff', @empty}, [], [], 'dummy0\x00', 'syzkaller0\x00'}, 0x0, 0x218, 0x260, 0x0, {}, [@common=@inet=@sctp={{0x148}}, @common=@mh={{0x28}, {"0c06"}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4=@multicast1, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id, @icmp_id}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x720)
163.587471ms ago: executing program 2 (id=570):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) (async)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) (async, rerun: 64)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) (async, rerun: 64)
write(r1, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac) (async)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=@updpolicy={0xd4, 0x19, 0x2, 0x70bd2b, 0x0, {{@in=@multicast1=0xe0000002, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x80, 0x87}, {0x200000000000, 0x0, 0x6, 0x6c, 0x0, 0x9c19, 0xffffffffffffffff, 0xfffffffffffffff6}, {}, 0x0, 0x0, 0x0, 0x0, 0x2}, [@replay_val={0x10, 0xa, {0x70bd2a, 0x70bd2a, 0x1}}, @sec_ctx={0xc, 0x8, {0x8}}]}, 0xd4}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_MODIFY(r2, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r3, 0x4, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c000}, 0x4000) (async)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000008, 0x810, r0, 0xc017e000)
85.825726ms ago: executing program 2 (id=571):
syz_open_dev$radio(0x0, 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
preadv(r0, 0x0, 0x0, 0x80000001, 0x3f7a)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r1, 0xffffffffffffffff, 0x0)
85.607072ms ago: executing program 4 (id=572):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0xfffffffffffffe01, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x18, 0x52, 0xa01, 0x0, 0x0, {0x2}, [@typed={0x4}]}, 0x18}}, 0x0)
writev(r1, &(0x7f0000000680)=[{&(0x7f0000000000)="799d70", 0x3}, {&(0x7f00000000c0)="b2cb05a3673dfa2c41682dbb14be24cd2ed6c101ad0bd3069fa59c502272d72fd1dba0b5001f4ee1b05b33c50e1a5df890d06089595e6fe5fb3269a3d612ee16931595e4be08ca4d142ebde4c3daf547322785c9a91f8a72be201e5bd86ca569ea5cd86e49a2b66ef5360b54a0b447c676d592a245d9c22cb2408e0af4761d1100771a55a8b8cdb79dabcbbc9688f6f96e48bfc2560a4ec79e87b46d8e5aa935e6154e2a4b5e7e8b4a15351113ea978d6fccee948be1844b55faecb70a2117d5fffb332efd15b7a83ba80b005b153546e6a2fa582eaa84d1ecb09446ec8f18d22d8f1b635dc5505e21407d7f86a8c3c5f211c7f0c0d86d80dd6b9c", 0xfb}, {&(0x7f0000000240)="e48dd1960a02dbed1cf3d789a94f72e86245b3bde82e10ea74c8883830957cb398b7d34039924803c13d7f38b50686da681f6458f876dd14373949756f2f3f167e54bb4886112368d9325d384480484be628a0174ef440b4d8", 0x59}, {&(0x7f00000001c0)="785f6fa6ee7bb2695b6b85dc735114a594031e1b45777bb790fbf8a3c5643127a8f56b45f48087d9df4def6a4fa890cdf986a08592ad821f", 0x38}, {&(0x7f0000000480)="dee505b8a6a8a932eea1ebddc792ea7c0e9315fa50bcac64ae22158b1c0694f3532fdcc9dfab14ec8e2ef4e2472de2392ae7e4ed1b7ce77dc0a6f746b15cb5a77aec6316310d356f59e8403a9d39b72c9226b655ed3bacef1b36635039c79fee980939a198c33808be0b156e70c1f48ecec2481a3870cdb79f7b25e3ad91abddc0df662356e41983be64f9dcd10f877fb205ea4b79ba1bca75e9b7e5dcecb947582d854f2475be2c0e19733e0929b9bc41fda86e1e4e2fbc679adfc0d800afdaff0abf35d7d5b553fd4799f4a5bbb6313ae0192e9bf38d1d93741d51736b087758e312f6b1f5b675f54a16531b6c911b468475bf65edb7", 0xf7}, {&(0x7f00000002c0)="8451e86238ac5f4f4adbfa71508bb704ef5de22ce16ac12cfa34768a6c842735d31362903c090680523619ac94180a170c71648a4f36a9c12513d5344c", 0x3d}, {&(0x7f0000000580)="a5ca74e973bcfb569a257b25715e9ad1a76e6106046e74318a0ee2eea3be65535688f9608fc27a5ac53d095aca0799511c799f6413fe6d23544fd6a9d722a04b7ae25d044dd5121a184207ef7beece757b2117dc8e", 0x55}, {&(0x7f0000000600)="1a0f2f57402fb9054a9bd6293d32abe248164700fae99229c1da130a914789a1f56b75cadbdc9df6f3e248df27479eb543fa56dcd4cca0a60269515f307040b64a475e8a05b30b3996634aacb77b91de1400000000000000", 0x58}], 0x8)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0b04000000000000000002000000400004803c0001800b00010065787468647200002c0000007405000200940000000800054000000000080001400000000f0900010073797a30000000000900020073797a3200000000140000001100010000000000000000000200000a00"/148], 0x94}}, 0x14b6deac033214c2)
82.866928ms ago: executing program 3 (id=573):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r2, 0x400448e3, &(0x7f0000000040)={0x0, 0x0, "961a58"})
socket$kcm(0xa, 0x0, 0x87)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f0000000180))
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, 0x0, 0x800)
sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x40, r6, 0x1, 0x270bd2c, 0x5, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaac}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x6}]}, 0x40}}, 0x0)
connect$pppl2tp(r3, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB="0100000008000c004300000000000000000000220000"], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20000040)
81.255709ms ago: executing program 2 (id=574):
socket$netlink(0x10, 0x3, 0x7)
chdir(&(0x7f0000000340)='./cgroup\x00')
mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0xb1) (async)
open(&(0x7f0000000140)='./cgroup\x00', 0x4bdec82b65d06fe8, 0x0) (async)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0xa8000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/stat\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r5 = gettid()
r6 = syz_open_procfs(r5, &(0x7f0000000040)='timerslack_ns\x00')
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000280)) (async)
write$tun(r6, &(0x7f0000000100)=ANY=[@ANYRESDEC], 0xfce) (async)
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x2)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_TIMESTAMP(r7, 0x1, 0x23, &(0x7f0000000080)=0x3ff, 0x4) (async)
r8 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r9 = dup(r8)
getdents64(r9, &(0x7f0000002f40)=""/4098, 0x1002) (async)
socket$inet_udp(0x2, 0x2, 0x0) (async)
close_range(r0, 0xffffffffffffffff, 0x0)
fcntl$notify(r2, 0x402, 0x80000005) (async)
fcntl$notify(0xffffffffffffffff, 0x402, 0x14) (async)
epoll_create1(0x0)
81.098444ms ago: executing program 4 (id=575):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) (async)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a300000000034000000030a01010000000000000000010000000900010073797a30000000000900030073797a3200000000080005"], 0xcc}}, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a300000000034000000030a01010000000000000000010000000900010073797a30000000000900030073797a3200000000080005"], 0xcc}}, 0x0)
5.489476ms ago: executing program 4 (id=576):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0xfffffffd)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=@bridge_delneigh={0x1c, 0x1d, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x40, 0x52}}, 0x1c}}, 0x0)
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
0s ago: executing program 1 (id=577):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r1, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@L2TP_ATTR_RECV_SEQ={0x5, 0x12, 0x4}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @multicast1}, @L2TP_ATTR_UDP_CSUM={0x5}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x4008041}, 0x20000000) (async)
sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r1, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@L2TP_ATTR_RECV_SEQ={0x5, 0x12, 0x4}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @multicast1}, @L2TP_ATTR_UDP_CSUM={0x5}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x4008041}, 0x20000000)
sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, r1, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@L2TP_ATTR_OFFSET={0x6}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5, 0x22, 0x1}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @private=0xa010100}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8090}, 0x4004010) (async)
sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, r1, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@L2TP_ATTR_OFFSET={0x6}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5, 0x22, 0x1}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @private=0xa010100}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8090}, 0x4004010)
socket$pppl2tp(0x18, 0x1, 0x1)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000280), 0xffffffffffffffff) (async)
r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_ACCEPT(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x6000404}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x58, r2, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'wlan0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}]}, 0x58}, 0x1, 0x0, 0x0, 0x85}, 0x20000000) (async)
sendmsg$NLBL_UNLABEL_C_ACCEPT(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x6000404}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x58, r2, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'wlan0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}]}, 0x58}, 0x1, 0x0, 0x0, 0x85}, 0x20000000)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICADD(r3, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x58, r4, 0x300, 0x70bd26, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private=0xa010101}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'gretap0\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x240288c1)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r6, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x20, r1, 0x8, 0x70bd29, 0x25dfdbfb, {}, [@L2TP_ATTR_COOKIE={0xc, 0xf, 0x401}]}, 0x20}, 0x1, 0x0, 0x0, 0x8804}, 0x20040000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{0x1, <r7=>0xffffffffffffffff}, &(0x7f0000000640), &(0x7f0000000680)}, 0x20)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000800)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000840)=0x14)
r9 = openat2(0xffffffffffffff9c, &(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)={0x209c0, 0x81, 0x10}, 0x18)
syz_io_uring_complete(0x0) (async)
r10 = syz_io_uring_complete(0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@bloom_filter={0x1e, 0x7, 0x81, 0x7fffffff, 0x60a2, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x5, 0x7, @void, @value, @void, @value}, 0x50)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000a00)={0x1b, 0x0, 0x0, 0x6, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x5, 0x0, @void, @value, @void, @value}, 0x50) (async)
r12 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000a00)={0x1b, 0x0, 0x0, 0x6, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x4, 0x10, &(0x7f0000000700)=@raw=[@call={0x85, 0x0, 0x0, 0xf}, @alu={0x4, 0x0, 0xd, 0xa, 0xa, 0x80, 0xfffffffffffffffc}, @jmp={0x5, 0x1, 0x8, 0x3, 0x9, 0xa}, @generic={0x2, 0x8, 0x5, 0x800, 0x1ff}, @generic={0x10, 0x3, 0xc, 0xf821, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff44, 0x0, 0x0, 0x0, 0x8e1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffff000}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r7}}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xb}, @alu={0x4, 0x1, 0x1, 0x6, 0x6, 0x44, 0xfffffffffffffff0}], &(0x7f0000000780)='GPL\x00', 0x7, 0x9, &(0x7f00000007c0)=""/9, 0x41100, 0x6, '\x00', r8, @fallback=0x2d, r9, 0x8, &(0x7f0000000900)={0x5, 0x5}, 0x8, 0x10, &(0x7f0000000940)={0x5, 0x5, 0x8a, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x7, &(0x7f0000000a80)=[r10, r11, r12], &(0x7f0000000ac0)=[{0x0, 0x0, 0x9, 0xb}, {0x2, 0x3, 0x6, 0xa}, {0x0, 0x2, 0x10, 0xc}, {0x2, 0x3, 0x7, 0xb}, {0x3, 0x1, 0x1, 0x6}, {0x3, 0x3, 0x4, 0x5}, {0x4, 0x3, 0xc, 0x4}], 0x10, 0x3ff, @void, @value}, 0x94) (async)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x4, 0x10, &(0x7f0000000700)=@raw=[@call={0x85, 0x0, 0x0, 0xf}, @alu={0x4, 0x0, 0xd, 0xa, 0xa, 0x80, 0xfffffffffffffffc}, @jmp={0x5, 0x1, 0x8, 0x3, 0x9, 0xa}, @generic={0x2, 0x8, 0x5, 0x800, 0x1ff}, @generic={0x10, 0x3, 0xc, 0xf821, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffff44, 0x0, 0x0, 0x0, 0x8e1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffff000}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r7}}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xb}, @alu={0x4, 0x1, 0x1, 0x6, 0x6, 0x44, 0xfffffffffffffff0}], &(0x7f0000000780)='GPL\x00', 0x7, 0x9, &(0x7f00000007c0)=""/9, 0x41100, 0x6, '\x00', r8, @fallback=0x2d, r9, 0x8, &(0x7f0000000900)={0x5, 0x5}, 0x8, 0x10, &(0x7f0000000940)={0x5, 0x5, 0x8a, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x7, &(0x7f0000000a80)=[r10, r11, r12], &(0x7f0000000ac0)=[{0x0, 0x0, 0x9, 0xb}, {0x2, 0x3, 0x6, 0xa}, {0x0, 0x2, 0x10, 0xc}, {0x2, 0x3, 0x7, 0xb}, {0x3, 0x1, 0x1, 0x6}, {0x3, 0x3, 0x4, 0x5}, {0x4, 0x3, 0xc, 0x4}], 0x10, 0x3ff, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000c80)={{0x1}, &(0x7f0000000c00), &(0x7f0000000c40)='%-5lx \x00'}, 0x20) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000c80)={{0x1}, &(0x7f0000000c00), &(0x7f0000000c40)='%-5lx \x00'}, 0x20)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r9, &(0x7f0000000d80)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000d40)={&(0x7f0000000d00)={0x24, r1, 0x2, 0x70bd2d, 0x25dfdbfc, {}, [@L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}, @L2TP_ATTR_L2SPEC_TYPE={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x880}, 0xd02b045ee6b82431)
setsockopt$inet6_udp_int(r9, 0x11, 0x1, &(0x7f0000000dc0)=0xa, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000e80)={{r9, <r14=>0xffffffffffffffff}, &(0x7f0000000e00), &(0x7f0000000e40)=r13}, 0x20)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f0000001140)={'gre0\x00', &(0x7f00000010c0)={'syztnl2\x00', r8, 0x700, 0x8000, 0x9, 0x9, {{0x18, 0x4, 0x0, 0x2, 0x60, 0x65, 0x0, 0x3, 0x2f, 0x0, @loopback, @private=0xa010101, {[@timestamp_addr={0x44, 0xc, 0xa1, 0x1, 0x8, [{@remote, 0xf0000000}]}, @timestamp_addr={0x44, 0x14, 0x3f, 0x1, 0x7, [{@multicast1, 0xffffffff}, {@loopback, 0x7fffffff}]}, @timestamp={0x44, 0x20, 0x45, 0x0, 0xe, [0x7, 0x9a4, 0x4, 0x1, 0x5, 0xfffffffd, 0x7fffffff]}, @lsrr={0x83, 0xb, 0xf1, [@local, @initdev={0xac, 0x1e, 0x0, 0x0}]}]}}}}}) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f0000001140)={'gre0\x00', &(0x7f00000010c0)={'syztnl2\x00', <r15=>r8, 0x700, 0x8000, 0x9, 0x9, {{0x18, 0x4, 0x0, 0x2, 0x60, 0x65, 0x0, 0x3, 0x2f, 0x0, @loopback, @private=0xa010101, {[@timestamp_addr={0x44, 0xc, 0xa1, 0x1, 0x8, [{@remote, 0xf0000000}]}, @timestamp_addr={0x44, 0x14, 0x3f, 0x1, 0x7, [{@multicast1, 0xffffffff}, {@loopback, 0x7fffffff}]}, @timestamp={0x44, 0x20, 0x45, 0x0, 0xe, [0x7, 0x9a4, 0x4, 0x1, 0x5, 0xfffffffd, 0x7fffffff]}, @lsrr={0x83, 0xb, 0xf1, [@local, @initdev={0xac, 0x1e, 0x0, 0x0}]}]}}}}})
bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x10, 0x13, &(0x7f0000000ec0)=@raw=[@btf_id={0x18, 0x8, 0x3, 0x0, 0x2}, @tail_call={{0x18, 0x2, 0x1, 0x0, r14}}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x5}, @jmp={0x5, 0x1, 0x2, 0x0, 0x1, 0x8, 0x1}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7ff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000f80)='GPL\x00', 0xe, 0xc5, &(0x7f0000000fc0)=""/197, 0x41000, 0x16, '\x00', r15, @sk_msg=0x7, r10, 0x8, &(0x7f0000001180)={0x2, 0x5}, 0x8, 0x10, &(0x7f00000011c0)={0x5, 0x6, 0x3, 0x7}, 0x10, 0xffffffffffffffff, r9, 0x4, &(0x7f0000001200)=[r10, r10, r7, r11, r12], &(0x7f0000001240)=[{0x4, 0x4, 0x9, 0x9}, {0x1, 0x5, 0x3, 0xc}, {0x2, 0x3, 0xc, 0x6}, {0x4, 0x3, 0x2, 0x2}], 0x10, 0xc6, @void, @value}, 0x94)
sendmsg$L2TP_CMD_TUNNEL_GET(r9, &(0x7f0000001440)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001400)={&(0x7f0000001380)={0x44, r1, 0x508, 0x70bd28, 0x25dfdbfc, {}, [@L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0xd2}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x4}, @L2TP_ATTR_LNS_MODE={0x5}, @L2TP_ATTR_FD={0x8, 0x17, @udp=r10}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}]}, 0x44}}, 0x4000090)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000016c0)={0x5}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000016c0)={0x5, <r16=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000001780)={0x14, 0x11, &(0x7f0000001480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x40}, {{0x18, 0x1, 0x1, 0x0, r11}}, {}, [@map_fd={0x18, 0x4, 0x1, 0x0, r12}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001540)='syzkaller\x00', 0x9, 0xff, &(0x7f0000001580)=""/255, 0x41100, 0x10, '\x00', r8, @fallback=0x15, r10, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001680)={0x0, 0x3, 0x5}, 0x10, r16, r9, 0x4, &(0x7f0000001700)=[r14, r5, 0xffffffffffffffff], &(0x7f0000001740)=[{0x1, 0x2, 0x1, 0xb}, {0x0, 0x2, 0x0, 0x7}, {0x5, 0x5, 0xc, 0x2}, {0x1, 0x1, 0x7}], 0x10, 0x3, @void, @value}, 0x94)
socket$inet6(0xa, 0x2, 0xcb)
kernel console output (not intermixed with test programs):
id (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[ 42.522067][ T5928] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 45.286958][ T40] kauditd_printk_skb: 17 callbacks suppressed
[ 45.286973][ T40] audit: type=1400 audit(1740871387.972:105): avc: denied { execmem } for pid=5939 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 45.499923][ T40] audit: type=1400 audit(1740871388.192:106): avc: denied { create } for pid=5943 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 45.519893][ T40] audit: type=1400 audit(1740871388.192:107): avc: denied { read write } for pid=5943 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 45.527891][ T40] audit: type=1400 audit(1740871388.192:108): avc: denied { open } for pid=5943 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 45.534799][ T40] audit: type=1400 audit(1740871388.192:109): avc: denied { ioctl } for pid=5943 comm="syz-executor" path="socket:[6472]" dev="sockfs" ino=6472 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 45.536805][ T5949] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 45.546601][ T5949] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 45.548982][ T5949] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 45.553351][ T5293] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 45.553716][ T5952] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 45.556764][ T5954] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 45.558742][ T5952] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 45.562882][ T5952] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 45.563896][ T5954] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 45.565533][ T5952] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 45.567647][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 45.571193][ T5952] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 45.575720][ T5952] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 45.578593][ T5952] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 45.582830][ T5952] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 45.585296][ T40] audit: type=1400 audit(1740871388.272:110): avc: denied { read } for pid=5946 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 45.585408][ T5293] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 45.585778][ T5952] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 45.591835][ T40] audit: type=1400 audit(1740871388.272:111): avc: denied { open } for pid=5946 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 45.595740][ T5952] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 45.596526][ T40] audit: type=1400 audit(1740871388.272:112): avc: denied { mounton } for pid=5946 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[ 45.600834][ T5947] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 45.605647][ T5952] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 45.622313][ T5952] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 45.625104][ T5952] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 45.629165][ T5952] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 45.631826][ T5952] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 45.751889][ T40] audit: type=1400 audit(1740871388.442:113): avc: denied { module_request } for pid=5946 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[ 45.784283][ T5946] chnl_net:caif_netlink_parms(): no params data found
[ 45.840817][ T5943] chnl_net:caif_netlink_parms(): no params data found
[ 45.888910][ T5953] chnl_net:caif_netlink_parms(): no params data found
[ 45.900766][ T5956] chnl_net:caif_netlink_parms(): no params data found
[ 45.921192][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state
[ 45.924136][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state
[ 45.926804][ T5946] bridge_slave_0: entered allmulticast mode
[ 45.929725][ T5946] bridge_slave_0: entered promiscuous mode
[ 45.935398][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state
[ 45.937673][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state
[ 45.940089][ T5946] bridge_slave_1: entered allmulticast mode
[ 45.944908][ T5946] bridge_slave_1: entered promiscuous mode
[ 46.018361][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[ 46.020614][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state
[ 46.023046][ T5943] bridge_slave_0: entered allmulticast mode
[ 46.025262][ T5943] bridge_slave_0: entered promiscuous mode
[ 46.039690][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 46.082529][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[ 46.084677][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state
[ 46.086837][ T5943] bridge_slave_1: entered allmulticast mode
[ 46.089029][ T5943] bridge_slave_1: entered promiscuous mode
[ 46.104502][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 46.173243][ T5953] bridge0: port 1(bridge_slave_0) entered blocking state
[ 46.175942][ T5953] bridge0: port 1(bridge_slave_0) entered disabled state
[ 46.178628][ T5953] bridge_slave_0: entered allmulticast mode
[ 46.182033][ T5953] bridge_slave_0: entered promiscuous mode
[ 46.199252][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 46.217329][ T5953] bridge0: port 2(bridge_slave_1) entered blocking state
[ 46.219463][ T5953] bridge0: port 2(bridge_slave_1) entered disabled state
[ 46.222241][ T5953] bridge_slave_1: entered allmulticast mode
[ 46.224290][ T5953] bridge_slave_1: entered promiscuous mode
[ 46.242813][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 46.249040][ T5946] team0: Port device team_slave_0 added
[ 46.260330][ T5956] bridge0: port 1(bridge_slave_0) entered blocking state
[ 46.263010][ T5956] bridge0: port 1(bridge_slave_0) entered disabled state
[ 46.265681][ T5956] bridge_slave_0: entered allmulticast mode
[ 46.268624][ T5956] bridge_slave_0: entered promiscuous mode
[ 46.282330][ T5946] team0: Port device team_slave_1 added
[ 46.293459][ T5956] bridge0: port 2(bridge_slave_1) entered blocking state
[ 46.296186][ T5956] bridge0: port 2(bridge_slave_1) entered disabled state
[ 46.298893][ T5956] bridge_slave_1: entered allmulticast mode
[ 46.302378][ T5956] bridge_slave_1: entered promiscuous mode
[ 46.340736][ T5953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 46.353342][ T5956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 46.357449][ T5943] team0: Port device team_slave_0 added
[ 46.359679][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 46.362963][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 46.370381][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 46.375845][ T5953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 46.380390][ T5956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 46.384541][ T5943] team0: Port device team_slave_1 added
[ 46.386597][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 46.389093][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 46.396570][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 46.459952][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 46.463055][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 46.473034][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 46.479183][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 46.482260][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 46.492256][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 46.497654][ T5956] team0: Port device team_slave_0 added
[ 46.501292][ T5953] team0: Port device team_slave_0 added
[ 46.504671][ T5953] team0: Port device team_slave_1 added
[ 46.518620][ T5956] team0: Port device team_slave_1 added
[ 46.575098][ T5946] hsr_slave_0: entered promiscuous mode
[ 46.578105][ T5946] hsr_slave_1: entered promiscuous mode
[ 46.584495][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 46.587273][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 46.597593][ T5953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 46.629915][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 46.632829][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 46.642819][ T5953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 46.647889][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 46.649864][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 46.657639][ T5956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 46.675117][ T5943] hsr_slave_0: entered promiscuous mode
[ 46.677313][ T5943] hsr_slave_1: entered promiscuous mode
[ 46.679418][ T5943] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 46.682467][ T5943] Cannot create hsr debugfs directory
[ 46.689345][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 46.692018][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 46.701576][ T5956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 46.813260][ T5956] hsr_slave_0: entered promiscuous mode
[ 46.815308][ T5956] hsr_slave_1: entered promiscuous mode
[ 46.817334][ T5956] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 46.819664][ T5956] Cannot create hsr debugfs directory
[ 46.842382][ T5953] hsr_slave_0: entered promiscuous mode
[ 46.845238][ T5953] hsr_slave_1: entered promiscuous mode
[ 46.847915][ T5953] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 46.851312][ T5953] Cannot create hsr debugfs directory
[ 47.021354][ T5946] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 47.027295][ T5946] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 47.030669][ T5946] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 47.034323][ T5946] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 47.065309][ T5943] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 47.070670][ T5943] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 47.075944][ T5943] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 47.080855][ T5943] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 47.111397][ T5953] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 47.119241][ T5953] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 47.124231][ T5953] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 47.136530][ T5953] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 47.164960][ T5956] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 47.172455][ T5956] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 47.179665][ T5956] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 47.185017][ T5956] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 47.203982][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0
[ 47.237420][ T5946] 8021q: adding VLAN 0 to HW filter on device team0
[ 47.249384][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0
[ 47.255465][ T65] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.258435][ T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 47.281266][ T76] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.283393][ T76] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 47.296022][ T5943] 8021q: adding VLAN 0 to HW filter on device team0
[ 47.302842][ T5953] 8021q: adding VLAN 0 to HW filter on device bond0
[ 47.311796][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.313902][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 47.330075][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.332251][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 47.343232][ T5953] 8021q: adding VLAN 0 to HW filter on device team0
[ 47.350709][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.352850][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 47.363205][ T5956] 8021q: adding VLAN 0 to HW filter on device bond0
[ 47.368469][ T76] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.371183][ T76] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 47.391668][ T5956] 8021q: adding VLAN 0 to HW filter on device team0
[ 47.403967][ T40] audit: type=1400 audit(1740871390.092:114): avc: denied { sys_module } for pid=5946 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 47.406813][ T65] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.412929][ T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 47.425076][ T1228] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.427299][ T1228] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 47.464888][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 47.494438][ T5946] veth0_vlan: entered promiscuous mode
[ 47.501744][ T5946] veth1_vlan: entered promiscuous mode
[ 47.508726][ T5953] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 47.518808][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 47.534692][ T5946] veth0_macvtap: entered promiscuous mode
[ 47.541541][ T5946] veth1_macvtap: entered promiscuous mode
[ 47.563363][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 47.569669][ T5956] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 47.577962][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 47.586381][ T5943] veth0_vlan: entered promiscuous mode
[ 47.590663][ T5943] veth1_vlan: entered promiscuous mode
[ 47.598234][ T5953] veth0_vlan: entered promiscuous mode
[ 47.603491][ T5946] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.607060][ T5946] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.610979][ T5946] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.614291][ T5946] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.622923][ T5953] veth1_vlan: entered promiscuous mode
[ 47.632078][ T5954] Bluetooth: hci1: command tx timeout
[ 47.632083][ T5952] Bluetooth: hci2: command tx timeout
[ 47.640788][ T5952] Bluetooth: hci0: command tx timeout
[ 47.654394][ T5943] veth0_macvtap: entered promiscuous mode
[ 47.670565][ T5943] veth1_macvtap: entered promiscuous mode
[ 47.691037][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 47.693281][ T5956] veth0_vlan: entered promiscuous mode
[ 47.694330][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 47.706419][ T5956] veth1_vlan: entered promiscuous mode
[ 47.712528][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 47.716867][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 47.720355][ T5952] Bluetooth: hci3: command tx timeout
[ 47.723623][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 47.726998][ T5953] veth0_macvtap: entered promiscuous mode
[ 47.735276][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 47.738347][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 47.742768][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 47.747259][ T5943] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.749829][ T5943] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.752527][ T5943] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.755093][ T5943] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.758822][ T5953] veth1_macvtap: entered promiscuous mode
[ 47.762713][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 47.766323][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 47.775717][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 47.779842][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 47.783492][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 47.786586][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 47.790655][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 47.809350][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 47.815631][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 47.819717][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 47.825402][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 47.830688][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 47.838951][ T5946] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 47.842059][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 47.842814][ T5953] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.842858][ T5953] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.842883][ T5953] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.842906][ T5953] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.846359][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 47.864636][ T5956] veth0_macvtap: entered promiscuous mode
[ 47.891503][ T5956] veth1_macvtap: entered promiscuous mode
[ 47.895325][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 47.898151][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 47.914689][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 47.919314][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 47.923905][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 47.927847][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 47.931931][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 47.935268][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 47.940945][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 47.946955][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 47.951565][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 47.955448][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 47.959619][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 47.963794][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 47.966956][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 47.970596][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 47.980628][ T5956] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.983215][ T5956] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.985787][ T5956] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.988402][ T5956] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 47.997954][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 48.003011][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 48.012101][ T6010] dccp_invalid_packet: P.Data Offset(4) too small
[ 48.018280][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 48.021877][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 48.064996][ T6012] bridge0: port 3(erspan0) entered blocking state
[ 48.067087][ T6012] bridge0: port 3(erspan0) entered disabled state
[ 48.069188][ T6012] erspan0: entered allmulticast mode
[ 48.071407][ T6012] erspan0: entered promiscuous mode
[ 48.073203][ T6012] bridge0: port 3(erspan0) entered blocking state
[ 48.075405][ T6012] bridge0: port 3(erspan0) entered forwarding state
[ 48.086318][ T6016] syz.1.2 uses obsolete (PF_INET,SOCK_PACKET)
[ 48.131297][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 48.133776][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 48.153556][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 48.156168][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 48.270829][ T6040] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 48.301088][ T6043] evm: overlay not supported
[ 48.318080][ T5987] hid-generic 0400:00FF:0004.0002: unknown main item tag 0x7
[ 48.321114][ T5987] hid-generic 0400:00FF:0004.0002: item fetching failed at offset 10/108
[ 48.325110][ T5987] hid-generic 0400:00FF:0004.0002: probe with driver hid-generic failed with error -22
[ 48.379779][ T6047] SELinux: syz.2.12 (6047) set checkreqprot to 1. This is no longer supported.
[ 48.389272][ T6049] fuse: Unknown parameter 'a���'
[ 48.447670][ T58] hid (null): report_id 0 is invalid
[ 48.449439][ T58] hid (null): global environment stack underflow
[ 48.451599][ T58] hid (null): global environment stack underflow
[ 48.453604][ T58] hid (null): invalid report_count 27233
[ 48.456567][ T58] hid-generic 0007:0009:0005.0003: unknown main item tag 0x3
[ 48.458866][ T58] hid-generic 0007:0009:0005.0003: unexpected long global item
[ 48.462187][ T58] hid-generic 0007:0009:0005.0003: probe with driver hid-generic failed with error -22
[ 48.550412][ T5948] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[ 48.667879][ T6064] =======================================================
[ 48.667879][ T6064] WARNING: The mand mount option has been deprecated and
[ 48.667879][ T6064] and is ignored by this kernel. Remove the mand
[ 48.667879][ T6064] option from the mount to silence this warning.
[ 48.667879][ T6064] =======================================================
[ 48.678541][ T6064] overlayfs: failed to create directory ./bus/work (errno: 1); mounting read-only
[ 48.720842][ T5948] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 48.724312][ T5948] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 48.727403][ T5948] usb 8-1: Product: syz
[ 48.729104][ T5948] usb 8-1: Manufacturer: syz
[ 48.731636][ T5948] usb 8-1: SerialNumber: syz
[ 48.743495][ T5948] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 48.764950][ T1454] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 48.856780][ T6072] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0
[ 48.902683][ T6031] syz.3.6 (6031) used greatest stack depth: 21152 bytes left
[ 48.976708][ T25] usb 8-1: USB disconnect, device number 2
[ 49.120364][ T5986] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 49.291913][ T5986] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 49.296226][ T5986] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 49.300088][ T5986] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 49.303755][ T5986] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 49.310042][ T6072] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 49.316548][ T5986] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[ 49.523062][ T6089] warning: `syz.3.26' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[ 49.526266][ T6072] overlay: Unknown parameter '
[ 49.526266][ T6072] time
[ 49.526266][ T6072] string
[ 49.526266][ T6072] statistic
[ 49.526266][ T6072] state
[ 49.526266][ T6072] realm
[ 49.526266][ T6072] rateest
[ 49.526266][ T6072] quota
[ 49.526266][ T6072] pkttype
[ 49.526266][ T6072] physdev
[ 49.526266][ T6072] cgroup
[ 49.526266][ T6072] cgroup
[ 49.526266][ T6072] cgroup
[ 49.526266][ T6072] owner
[ 49.526266][ T6072] nfacct
[ 49.526266][ T6072] nfacct
[ 49.526266][ T6072] mac
[ 49.526266][ T6072] limit
[ 49.526266][ T6072] ipvs
[ 49.526266][ T6072] helper
[ 49.526266][ T6072] devgroup
[ 49.526266][ T6072] cpu
[ 49.526266][ T6072] conntrack
[ 49.526266][ T6072] conntrack
[ 49.526266][ T6072] conntrack
[ 49.526266][ T6072] connlabel
[ 49.526266][ T6072] connbytes
[ 49.526266][ T6072] comment
[ 49.526266][ T6072] bpf
[ 49.526266][ T6072] bpf
[ 49.526266][ T6072] connmark
[ 49.526266][ T6072] mark
[ 49.526266][ T6072] rpfilter
[ 49.526266][ T6072] ah
[ 49.526266][ T6072] tcpmss
[ 49.526266][ T6072] socket
[ 49.526266][ T6072] socket
[ 49.526266][ T6072] socket
[ 49.526266][ T6072] socket
[ 49.526266][ T6072] sctp
[ 49.526266][ T6072] recent
[ 49.526266][ T6072] recent
[ 49.526266][ T6072] policy
[ 49.526266][ T6072] osf
[ 49.526266][ T6072] multiport
[ 49.526266][ T6072] length
[ 49.526266][ T6072] l2tp
[ 49.526266][ T6072] iprange
[ 49.526266][ T6072] ipcomp
[ 49.526266][ T6072] ttl
[ 49.526266][ T6072] hashlimit
[ 49.526266][ T6072] hashlimit
[ 49.526266][ T6072] hashlimit
[ 49.526266][ T6072] esp
[ 49.526266][ T6072] ecn
[ 49.526266][ T6072] tos
[ 49.526266][ T6072] dscp
[ 49.526266][ T6072] dccp
[ 49.526266][ T6072] connlimit
[ 49.526266][ T6072] cluster
[ 49.526266][ T6072] addrtype
[ 49.526266][ T6072] addrtype
[ 49.526266][ T6072] set
[ 49.526266][ T6072] set
[ 49.526266][ T6072] set
[ 49.526266][ T6072] set
[ 49.526266][ T6072] set
[ 49.526266][ T6072] icmp
[ 49.590640][ T6094] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 49.601914][ T6094] VFS: Can't find a romfs filesystem on dev nullb0.
[ 49.601914][ T6094]
[ 49.619193][ T64] usb 7-1: USB disconnect, device number 2
[ 49.710934][ T5954] Bluetooth: hci2: command tx timeout
[ 49.711696][ T5952] Bluetooth: hci0: command tx timeout
[ 49.720290][ T5952] Bluetooth: hci1: command tx timeout
[ 49.764447][ T6113] netlink: 344 bytes leftover after parsing attributes in process `syz.1.32'.
[ 49.790440][ T1454] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive
[ 49.793407][ T1454] ath9k_htc: Failed to initialize the device
[ 49.797380][ T25] usb 8-1: ath9k_htc: USB layer deinitialized
[ 49.800315][ T5952] Bluetooth: hci3: command tx timeout
[ 49.840382][ T6015] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 50.010259][ T6015] usb 5-1: Using ep0 maxpacket: 8
[ 50.013710][ T6015] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 50.016043][ T6015] usb 5-1: config 0 has no interface number 0
[ 50.017965][ T6015] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 50.021150][ T6015] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 50.023655][ T6015] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 50.026816][ T6015] usb 5-1: config 0 descriptor??
[ 50.034220][ T6015] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 50.258256][ T6132] Zero length message leads to an empty skb
[ 50.289967][ T6015] usb 5-1: USB disconnect, device number 2
[ 50.297176][ T6135] misc userio: The device must be registered before sending interrupts
[ 50.452220][ T40] kauditd_printk_skb: 118 callbacks suppressed
[ 50.452231][ T40] audit: type=1400 audit(1740871393.142:233): avc: denied { create } for pid=6137 comm="syz.2.39" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[ 50.460781][ T40] audit: type=1400 audit(1740871393.142:234): avc: denied { bind } for pid=6137 comm="syz.2.39" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[ 50.466369][ T40] audit: type=1400 audit(1740871393.142:235): avc: denied { accept } for pid=6137 comm="syz.2.39" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[ 50.472307][ T40] audit: type=1400 audit(1740871393.142:236): avc: denied { write } for pid=6137 comm="syz.2.39" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[ 50.484023][ T6140] netlink: 8 bytes leftover after parsing attributes in process `syz.2.40'.
[ 50.486004][ T40] audit: type=1400 audit(1740871393.182:237): avc: denied { ioctl } for pid=6139 comm="syz.2.40" path="/dev/ppp" dev="devtmpfs" ino=730 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 50.600131][ T40] audit: type=1400 audit(1740871393.282:238): avc: denied { read write } for pid=6144 comm="syz.3.41" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[ 50.607157][ T40] audit: type=1400 audit(1740871393.282:239): avc: denied { open } for pid=6144 comm="syz.3.41" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[ 50.613389][ T6150] ipt_REJECT: TCP_RESET invalid for non-tcp
[ 50.618056][ T40] audit: type=1400 audit(1740871393.302:240): avc: denied { create } for pid=6149 comm="syz.2.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 50.623647][ T40] audit: type=1400 audit(1740871393.302:241): avc: denied { connect } for pid=6149 comm="syz.2.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 50.629519][ T40] audit: type=1400 audit(1740871393.302:242): avc: denied { write } for pid=6149 comm="syz.2.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 50.685838][ T6154] xt_CONNSECMARK: invalid mode: 0
[ 50.723145][ T6163] process 'syz.2.47' launched '� �' with NULL argv: empty string added
[ 50.724888][ T6162] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 50.738841][ T6164] syz.3.48: vmalloc error: size 2768896, failed to allocated page array size 5408, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 50.746834][ T6164] CPU: 3 UID: 0 PID: 6164 Comm: syz.3.48 Not tainted 6.14.0-rc4-syzkaller-00248-g03d38806a902 #0
[ 50.746856][ T6164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 50.746865][ T6164] Call Trace:
[ 50.746870][ T6164] <TASK>
[ 50.746876][ T6164] dump_stack_lvl+0x16c/0x1f0
[ 50.746901][ T6164] warn_alloc+0x24d/0x3a0
[ 50.746921][ T6164] ? __pfx_warn_alloc+0x10/0x10
[ 50.746946][ T6164] ? __get_vm_area_node+0x1b0/0x2f0
[ 50.746969][ T6164] ? __get_vm_area_node+0x1dc/0x2f0
[ 50.746999][ T6164] __vmalloc_node_range_noprof+0x1102/0x1530
[ 50.747032][ T6164] ? vb2_vmalloc_alloc+0x11e/0x3d0
[ 50.747060][ T6164] ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 50.747093][ T6164] ? vb2_vmalloc_alloc+0x11e/0x3d0
[ 50.747114][ T6164] ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[ 50.747134][ T6164] vmalloc_user_noprof+0x6b/0x90
[ 50.747157][ T6164] ? vb2_vmalloc_alloc+0x11e/0x3d0
[ 50.747178][ T6164] vb2_vmalloc_alloc+0x11e/0x3d0
[ 50.747201][ T6164] ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[ 50.747222][ T6164] __vb2_queue_alloc+0x896/0x1230
[ 50.747255][ T6164] vb2_core_reqbufs+0xa73/0xfb0
[ 50.747280][ T6164] ? __pfx_vb2_core_reqbufs+0x10/0x10
[ 50.747299][ T6164] ? __pfx___mutex_trylock_common+0x10/0x10
[ 50.747324][ T6164] ? __video_do_ioctl+0x4a2/0xf00
[ 50.747342][ T6164] ? trace_contention_end+0xee/0x140
[ 50.747366][ T6164] ? __mutex_lock+0x1cc/0xb10
[ 50.747390][ T6164] vb2_reqbufs+0x1a5/0x1f0
[ 50.747408][ T6164] ? __pfx_vb2_reqbufs+0x10/0x10
[ 50.747428][ T6164] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 50.747455][ T6164] v4l2_m2m_ioctl_reqbufs+0xdc/0x1e0
[ 50.747477][ T6164] v4l_reqbufs+0x14c/0x1e0
[ 50.747502][ T6164] __video_do_ioctl+0xaf0/0xf00
[ 50.747522][ T6164] ? __pfx___video_do_ioctl+0x10/0x10
[ 50.747537][ T6164] ? __might_fault+0xe3/0x190
[ 50.747570][ T6164] video_usercopy+0x4d2/0x1620
[ 50.747589][ T6164] ? __pfx___video_do_ioctl+0x10/0x10
[ 50.747607][ T6164] ? __pfx_video_usercopy+0x10/0x10
[ 50.747640][ T6164] v4l2_ioctl+0x1ba/0x250
[ 50.747655][ T6164] ? __pfx_v4l2_ioctl+0x10/0x10
[ 50.747672][ T6164] __x64_sys_ioctl+0x190/0x200
[ 50.747696][ T6164] do_syscall_64+0xcd/0x250
[ 50.747718][ T6164] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 50.747740][ T6164] RIP: 0033:0x7f63f178d169
[ 50.747753][ T6164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 50.747767][ T6164] RSP: 002b:00007f63f2625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 50.747783][ T6164] RAX: ffffffffffffffda RBX: 00007f63f19a6080 RCX: 00007f63f178d169
[ 50.747793][ T6164] RDX: 00004000000000c0 RSI: 00000000c0145608 RDI: 0000000000000005
[ 50.747803][ T6164] RBP: 00007f63f180e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 50.747812][ T6164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 50.747821][ T6164] R13: 0000000000000000 R14: 00007f63f19a6080 R15: 00007ffded31ca88
[ 50.747843][ T6164] </TASK>
[ 50.747849][ T6164] Mem-Info:
[ 50.837371][ T6173] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[ 50.841814][ T6164] active_anon:6224 inactive_anon:0 isolated_anon:0
[ 50.841814][ T6164] active_file:8936 inactive_file:38456 isolated_file:0
[ 50.841814][ T6164] unevictable:1768 dirty:1766 writeback:0
[ 50.841814][ T6164] slab_reclaimable:11107 slab_unreclaimable:69228
[ 50.841814][ T6164] mapped:23854 shmem:2534 pagetables:909
[ 50.841814][ T6164] sec_pagetables:298 bounce:0
[ 50.841814][ T6164] kernel_misc_reclaimable:0
[ 50.841814][ T6164] free:485565 free_pcp:1724 free_cma:0
[ 50.874343][ T6164] Node 0 active_anon:24772kB inactive_anon:0kB active_file:35744kB inactive_file:153752kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:95168kB dirty:7028kB writeback:0kB shmem:6352kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11760kB pagetables:3760kB sec_pagetables:1192kB all_unreclaimable? no
[ 50.883783][ T6164] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:36kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:112kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 50.892804][ T6164] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 50.900745][ T6164] lowmem_reserve[]: 0 1240 0 0 0
[ 50.902289][ T6164] Node 0 DMA32 free:337156kB boost:0kB min:27608kB low:34508kB high:41408kB reserved_highatomic:0KB active_anon:24896kB inactive_anon:0kB active_file:35744kB inactive_file:153752kB unevictable:3536kB writepending:7028kB present:2080628kB managed:1270148kB mlocked:0kB bounce:0kB free_pcp:5856kB local_pcp:3288kB free_cma:0kB
[ 50.907037][ T6182] program syz.1.55 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 50.912885][ T6164] lowmem_reserve[]: 0 0 0 0 0
[ 50.915810][ T6164] Node 1 Normal free:1587748kB boost:0kB min:39632kB low:49540kB high:59448kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:3536kB writepending:36kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:1432kB local_pcp:176kB free_cma:0kB
[ 50.923415][ T6182] netlink: 12 bytes leftover after parsing attributes in process `syz.1.55'.
[ 50.925895][ T6164] lowmem_reserve[]: 0 0 0 0 0
[ 50.929416][ T6164] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 50.933356][ T6164] Node 0 DMA32: 117*4kB (UME) 355*8kB (UME) 384*16kB (UME) 257*32kB (UME) 290*64kB (ME) 16*128kB (ME) 16*256kB (ME) 14*512kB (UME) 16*1024kB (UME) 4*2048kB (UME) 65*4096kB (UM) = 340364kB
[ 50.939661][ T6164] Node 1 Normal: 3*4kB (UM) 31*8kB (UME) 20*16kB (UME) 124*32kB (UME) 62*64kB (UME) 24*128kB (UME) 9*256kB (U) 6*512kB (UME) 2*1024kB (UE) 2*2048kB (UM) 382*4096kB (UM) = 1587780kB
[ 50.945580][ T6164] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 50.948343][ T6164] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 50.951526][ T6164] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 50.956531][ T6164] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 50.960224][ T6164] 49864 total pagecache pages
[ 50.961655][ T6164] 0 pages in swap cache
[ 50.962865][ T6164] Free swap = 124568kB
[ 50.964070][ T6164] Total swap = 124996kB
[ 50.965324][ T6164] 1048443 pages RAM
[ 50.966460][ T6164] 0 pages HighMem/MovableOnly
[ 50.967704][ T6186] Bluetooth: hci4: Frame reassembly failed (-84)
[ 50.969716][ T6164] 281585 pages reserved
[ 50.971832][ T6164] 0 pages cma reserved
[ 50.983783][ T6188] sctp: [Deprecated]: syz.0.57 (pid 6188) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 50.983783][ T6188] Use struct sctp_sack_info instead
[ 51.004893][ T5954] Bluetooth: hci1: SCO packet for unknown connection handle 172
[ 51.111258][ T6208] SELinux: syz.0.62 (6208) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 51.274893][ T6212] block nbd1: shutting down sockets
[ 51.400430][ T5984] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[ 51.438011][ T6240] 9pnet_fd: Insufficient options for proto=fd
[ 51.490631][ T6243] capability: warning: `syz.3.74' uses 32-bit capabilities (legacy support in use)
[ 51.548288][ T6249] vlan0: entered promiscuous mode
[ 51.549700][ T6250] netlink: 'syz.3.75': attribute type 10 has an invalid length.
[ 51.553852][ T6250] macvlan0: entered allmulticast mode
[ 51.559161][ T6250] veth1_vlan: entered allmulticast mode
[ 51.564392][ T6250] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[ 51.568700][ T5984] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 51.572615][ T5984] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 51.576081][ T5984] usb 5-1: Product: syz
[ 51.577996][ T5984] usb 5-1: Manufacturer: syz
[ 51.579950][ T5984] usb 5-1: SerialNumber: syz
[ 51.588856][ T5984] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 51.607469][ T833] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 51.705491][ T6261] netlink: 12 bytes leftover after parsing attributes in process `syz.1.79'.
[ 51.790825][ T5954] Bluetooth: hci2: command tx timeout
[ 51.800452][ T67] Bluetooth: hci0: command tx timeout
[ 51.802451][ T5954] Bluetooth: hci1: command tx timeout
[ 51.812765][ T6211] netlink: 1280 bytes leftover after parsing attributes in process `syz.0.64'.
[ 51.862720][ T6260] /dev/sr0: Can't open blockdev
[ 51.870317][ T5954] Bluetooth: hci3: command tx timeout
[ 51.944105][ T6268] netlink: 8 bytes leftover after parsing attributes in process `syz.1.83'.
[ 52.160330][ T9] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[ 52.310234][ T9] usb 8-1: Using ep0 maxpacket: 8
[ 52.314454][ T9] usb 8-1: config 179 has an invalid interface number: 65 but max is 0
[ 52.317114][ T9] usb 8-1: config 179 has no interface number 0
[ 52.319335][ T9] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 52.322901][ T9] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 52.326209][ T9] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 52.329705][ T9] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 52.333183][ T9] usb 8-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 52.337083][ T9] usb 8-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 52.339894][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 52.345793][ T6266] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 52.376444][ T57] usb 5-1: USB disconnect, device number 3
[ 52.561935][ T9] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:179.65/input/input6
[ 52.673764][ T833] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[ 52.676118][ T833] ath9k_htc: Failed to initialize the device
[ 52.679396][ T57] usb 5-1: ath9k_htc: USB layer deinitialized
[ 52.752926][ T6266] netlink: 4 bytes leftover after parsing attributes in process `syz.3.82'.
[ 52.756058][ T6266] netlink: 12 bytes leftover after parsing attributes in process `syz.3.82'.
[ 52.770344][ T6288] netlink: 20 bytes leftover after parsing attributes in process `syz.0.89'.
[ 52.777490][ T6266] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[ 52.787691][ T6289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 52.791521][ T6289] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 52.814478][ T3233] usb 8-1: USB disconnect, device number 3
[ 52.814519][ C0] xpad 8-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 52.819703][ C0] dummy_hcd dummy_hcd.3: timer fired with no URBs pending?
[ 52.820428][ T3233] xpad 8-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[ 52.829079][ T6294] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 52.891554][ T6298] Invalid logical block size (-1)
[ 52.895233][ T6298] netlink: 12 bytes leftover after parsing attributes in process `syz.1.92'.
[ 52.934192][ T6301] mmap: syz.3.93 (6301) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 52.955043][ T6304] program syz.1.94 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 52.959441][ T6304] tipc: Enabling of bearer <up:s> rejected, media not registered
[ 52.991441][ T5952] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 53.015486][ T6306] capability: warning: `syz.3.95' uses deprecated v2 capabilities in a way that may be insecure
[ 53.110621][ T6310] QAT: failed to copy from user.
[ 53.173868][ T6321] netlink: 'syz.2.98': attribute type 11 has an invalid length.
[ 53.273832][ T6325] netlink: 'syz.2.99': attribute type 25 has an invalid length.
[ 53.280710][ T6325] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 53.283415][ T6325] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 53.286037][ T6325] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 53.288727][ T6325] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 53.575147][ T6327] overlayfs: failed to resolve './file1': -2
[ 53.730290][ T3233] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[ 53.880724][ T5952] Bluetooth: hci1: command tx timeout
[ 53.881069][ T3233] usb 7-1: Using ep0 maxpacket: 8
[ 53.882383][ T5952] Bluetooth: hci0: command tx timeout
[ 53.883968][ T5954] Bluetooth: hci2: command tx timeout
[ 53.890661][ T3233] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 53.893670][ T3233] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 53.898022][ T3233] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[ 53.901588][ T3233] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 53.903898][ T3233] usb 7-1: Product: syz
[ 53.905185][ T3233] usb 7-1: Manufacturer: syz
[ 53.907070][ T3233] usb 7-1: SerialNumber: syz
[ 53.909811][ T3233] usb 7-1: config 0 descriptor??
[ 53.910105][ T6347] syz.1.107: attempt to access beyond end of device
[ 53.910105][ T6347] nbd1: rw=0, sector=2, nr_sectors = 2 limit=0
[ 53.915808][ T6347] syz.1.107: attempt to access beyond end of device
[ 53.915808][ T6347] nbd1: rw=0, sector=16, nr_sectors = 2 limit=0
[ 54.012170][ T6354] fuse: Bad value for 'fd'
[ 54.150231][ T1454] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[ 54.320251][ T1454] usb 5-1: Using ep0 maxpacket: 16
[ 54.324426][ T1454] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 54.328802][ T1454] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 54.332737][ T1454] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[ 54.336070][ T1454] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 54.341183][ T1454] usb 5-1: config 0 descriptor??
[ 54.749613][ T1454] appleir 0003:05AC:8241.0004: unknown main item tag 0x0
[ 54.751916][ T1454] appleir 0003:05AC:8241.0004: unknown main item tag 0x0
[ 54.754013][ T1454] appleir 0003:05AC:8241.0004: unknown main item tag 0x1
[ 54.756034][ T1454] appleir 0003:05AC:8241.0004: unknown main item tag 0x0
[ 54.758104][ T1454] appleir 0003:05AC:8241.0004: unknown main item tag 0x0
[ 54.760488][ T1454] appleir 0003:05AC:8241.0004: No inputs registered, leaving
[ 54.767406][ T1454] appleir 0003:05AC:8241.0004: hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[ 54.788945][ T6350] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 54.790948][ T6350] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 54.798167][ T6350] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 54.803107][ T6350] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 54.804921][ T6350] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 54.807358][ T6350] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 54.810882][ T6350] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 54.812675][ T6350] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 54.815276][ T6350] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 54.818580][ T6350] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 54.821375][ T6350] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 54.823805][ T6350] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 54.854052][ T6359] (unnamed net_device) (uninitialized): (slave erspan0): Device is not bonding slave
[ 54.856864][ T6359] (unnamed net_device) (uninitialized): option active_slave: invalid value (erspan0)
[ 54.959722][ T6365] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 55.005497][ T64] usb 5-1: USB disconnect, device number 4
[ 55.043411][ T6365] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 55.140408][ T6365] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 55.169901][ T6371] nvme_fabrics: missing parameter 'transport=%s'
[ 55.172541][ T6371] nvme_fabrics: missing parameter 'nqn=%s'
[ 55.191829][ T6365] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 55.216904][ T6375] __nla_validate_parse: 2 callbacks suppressed
[ 55.216915][ T6375] netlink: 12 bytes leftover after parsing attributes in process `syz.1.118'.
[ 55.225125][ T6375] netlink: 12 bytes leftover after parsing attributes in process `syz.1.118'.
[ 55.272599][ T6365] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 55.281312][ T6365] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 55.290241][ T6365] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 55.298545][ T6365] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 55.545959][ T40] kauditd_printk_skb: 63 callbacks suppressed
[ 55.545973][ T40] audit: type=1400 audit(1740871398.232:306): avc: denied { ioctl } for pid=6376 comm="syz.0.119" path="mnt:[4026533299]" dev="nsfs" ino=4026533299 ioctlcmd=0xb703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 55.580830][ T40] audit: type=1400 audit(1740871398.272:307): avc: denied { read } for pid=6378 comm="syz.0.120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 55.583803][ T6379] workqueue: name exceeds WQ_NAME_LEN. Truncating to: �w)�O��84���k��o�F��g�h���`���9
[ 55.585243][ T6380] JFS: discard option not supported on device
[ 55.586341][ T6380] syz.0.120: attempt to access beyond end of device
[ 55.586341][ T6380] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[ 55.586471][ T6380] syz.0.120: attempt to access beyond end of device
[ 55.586471][ T6380] nbd0: rw=0, sector=120, nr_sectors = 8 limit=0
[ 55.586511][ T6380] Mount JFS Failure: -5
[ 55.587723][ T40] audit: type=1400 audit(1740871398.272:308): avc: denied { mounton } for pid=6378 comm="syz.0.120" path="/23/bus" dev="tmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[ 55.598083][ T6380] MINIX-fs: blocksize too small for device
[ 55.663148][ T40] audit: type=1800 audit(1740871398.352:309): pid=6383 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.121" name="file1" dev="tmpfs" ino=169 res=0 errno=0
[ 55.669742][ T40] audit: type=1400 audit(1740871398.352:310): avc: denied { getopt } for pid=6382 comm="syz.0.121" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 55.722212][ T40] audit: type=1400 audit(1740871398.412:311): avc: denied { search } for pid=6386 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 55.728400][ T40] audit: type=1400 audit(1740871398.412:312): avc: denied { read } for pid=6387 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1770 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 55.735130][ T40] audit: type=1400 audit(1740871398.412:313): avc: denied { open } for pid=6387 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1770 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 55.743325][ T40] audit: type=1400 audit(1740871398.412:314): avc: denied { getattr } for pid=6387 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1770 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 55.751076][ T40] audit: type=1400 audit(1740871398.412:315): avc: denied { write } for pid=6386 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1769 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 55.984318][ T6419] batadv_slave_1: entered promiscuous mode
[ 55.988722][ T6419] geneve2: entered promiscuous mode
[ 55.990813][ T6419] geneve2: entered allmulticast mode
[ 56.031560][ T67] Bluetooth: hci0: command 0x0c1a tx timeout
[ 56.053854][ T6417] batadv_slave_1: left promiscuous mode
[ 56.072645][ T6422] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 56.075230][ T6422] overlayfs: missing 'lowerdir'
[ 56.125041][ T6438] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[ 56.128065][ T6438] mac80211_hwsim hwsim4 wlan0: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 56.189892][ T6443] netlink: 32 bytes leftover after parsing attributes in process `syz.0.132'.
[ 56.253160][ T5987] usb 7-1: USB disconnect, device number 3
[ 56.372438][ T6469] netlink: 'syz.2.138': attribute type 2 has an invalid length.
[ 56.428906][ T6474] netlink: 8 bytes leftover after parsing attributes in process `syz.0.141'.
[ 56.830420][ T67] Bluetooth: hci2: command 0x0c1a tx timeout
[ 56.830456][ T5954] Bluetooth: hci1: command 0x0c1a tx timeout
[ 56.832622][ T5952] Bluetooth: hci3: command 0x0c1a tx timeout
[ 56.871252][ T6486] netlink: 4 bytes leftover after parsing attributes in process `syz.0.145'.
[ 56.873953][ T6486] netlink: 4 bytes leftover after parsing attributes in process `syz.0.145'.
[ 56.876610][ T6486] netlink: 4 bytes leftover after parsing attributes in process `syz.0.145'.
[ 56.879147][ T6486] netlink: 4 bytes leftover after parsing attributes in process `syz.0.145'.
[ 56.879423][ T6488] netlink: 28 bytes leftover after parsing attributes in process `syz.0.145'.
[ 56.885231][ T6488] netlink: 28 bytes leftover after parsing attributes in process `syz.0.145'.
[ 56.958828][ T6491] bridge0: port 2(bridge_slave_1) entered disabled state
[ 56.962675][ T6491] bridge0: port 1(bridge_slave_0) entered disabled state
[ 57.423774][ T6516] program syz.2.154 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 57.436029][ T6518] Cannot find del_set index 2 as target
[ 57.470772][ T6520] bridge1: entered promiscuous mode
[ 57.652236][ T6532] bridge0: entered promiscuous mode
[ 57.654800][ T6532] bridge0: port 3(macsec1) entered blocking state
[ 57.656709][ T6532] bridge0: port 3(macsec1) entered disabled state
[ 57.658693][ T6532] macsec1: entered allmulticast mode
[ 57.662043][ T6532] bridge0: entered allmulticast mode
[ 57.664482][ T6532] macsec1: left allmulticast mode
[ 57.666122][ T6532] bridge0: left allmulticast mode
[ 57.668524][ T6532] bridge0: left promiscuous mode
[ 57.902671][ T6545] netlink: 'syz.0.163': attribute type 7 has an invalid length.
[ 57.910562][ T6546] delete_channel: no stack
[ 58.001032][ T6558] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[ 58.003575][ T6558] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 58.008797][ T6558] vhci_hcd vhci_hcd.0: Device attached
[ 58.022355][ T6562] XFS (nullb0): Invalid superblock magic number
[ 58.110854][ T5954] Bluetooth: hci0: command 0x0c1a tx timeout
[ 58.210504][ T6585] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6585 comm=syz.1.172
[ 58.214263][ T6583] netlink: 'syz.1.172': attribute type 10 has an invalid length.
[ 58.222352][ T6583] team0: Device ipvlan1 failed to register rx_handler
[ 58.250272][ T9] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 58.252469][ T833] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[ 58.410205][ T9] usb 7-1: Using ep0 maxpacket: 16
[ 58.419070][ T6558] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 58.422950][ T6558] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 58.426366][ T6559] vhci_hcd: connection closed
[ 58.426675][ T9] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 58.428099][ T76] vhci_hcd: stop threads
[ 58.430651][ T9] usb 7-1: too many configurations: 30, using maximum allowed: 8
[ 58.431622][ T9] usb 7-1: unable to read config index 0 descriptor/start: -71
[ 58.432694][ T76] vhci_hcd: release socket
[ 58.434767][ T9] usb 7-1: can't read configurations, error -71
[ 58.438128][ T76] vhci_hcd: disconnect device
[ 58.469033][ T6598] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[ 58.471516][ T6598] UDF-fs: Scanning with blocksize 2048 failed
[ 58.474347][ T6598] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[ 58.476538][ T6598] UDF-fs: Scanning with blocksize 4096 failed
[ 58.500238][ T833] vhci_hcd: vhci_device speed not set
[ 58.509482][ T6603] Bluetooth: MGMT ver 1.23
[ 58.560088][ T6610] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 58.571484][ T6610] overlay: filesystem on ./bus not supported as upperdir
[ 58.911571][ T5954] Bluetooth: hci3: command 0x0c1a tx timeout
[ 58.911600][ T67] Bluetooth: hci2: command 0x0c1a tx timeout
[ 58.916313][ T1454] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[ 58.920234][ T67] Bluetooth: hci1: command 0x0c1a tx timeout
[ 58.969226][ T6628] bridge0: port 2(bridge_slave_1) entered disabled state
[ 59.018850][ T6634] random: crng reseeded on system resumption
[ 59.053680][ T1454] usb 8-1: device descriptor read/64, error -71
[ 59.300410][ T1454] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[ 59.440363][ T1454] usb 8-1: device descriptor read/64, error -71
[ 59.495450][ T6637] trusted_key: syz.0.189 sent an empty control message without MSG_MORE.
[ 59.562127][ T1454] usb usb8-port1: attempt power cycle
[ 59.719358][ T6644] SELinux: policydb version 4384 does not match my version range 15-34
[ 59.723165][ T6644] SELinux: failed to load policy
[ 59.725574][ T6644] netlink: 'syz.2.191': attribute type 10 has an invalid length.
[ 59.731380][ T6644] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 59.760713][ T64] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[ 59.910298][ T1454] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[ 59.910371][ T64] usb 5-1: Using ep0 maxpacket: 16
[ 59.916351][ T64] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[ 59.919554][ T64] usb 5-1: config 0 has no interface number 0
[ 59.922134][ T64] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 59.926434][ T64] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 59.931961][ T1454] usb 8-1: device descriptor read/8, error -71
[ 59.932829][ T64] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 59.937900][ T64] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 59.940543][ T6656] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 59.941170][ T64] usb 5-1: Product: syz
[ 59.947391][ T64] usb 5-1: SerialNumber: syz
[ 59.951048][ T64] usb 5-1: config 0 descriptor??
[ 59.955239][ T64] cm109 5-1:0.8: invalid payload size 0, expected 4
[ 59.960947][ T64] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.8/input/input8
[ 60.137606][ T67] Bluetooth: hci0: unexpected event for opcode 0x0402
[ 60.160017][ T6642] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 60.164486][ T6642] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 60.170229][ T1454] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[ 60.173721][ C2] cm109 5-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[ 60.207218][ T1454] usb 8-1: device descriptor read/8, error -71
[ 60.296898][ T6664] 9pnet_fd: Insufficient options for proto=fd
[ 60.310362][ T1454] usb usb8-port1: unable to enumerate USB device
[ 60.377611][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 60.381852][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 60.384859][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 60.387763][ T57] usb 5-1: USB disconnect, device number 5
[ 60.390361][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 60.390379][ C1] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[ 60.403704][ T57] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[ 60.990374][ T67] Bluetooth: hci1: command 0x0c1a tx timeout
[ 60.990398][ T5954] Bluetooth: hci3: command 0x0c1a tx timeout
[ 61.000316][ T5954] Bluetooth: hci2: command 0x0c1a tx timeout
[ 71.153970][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.785428][ T6672] Bluetooth: MGMT ver 1.23
[ 71.819537][ T6683] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT
[ 71.843207][ T40] kauditd_printk_skb: 76 callbacks suppressed
[ 71.843223][ T40] audit: type=1400 audit(1740871414.532:392): avc: denied { setopt } for pid=6684 comm="syz.2.204" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 72.150289][ T58] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[ 72.282533][ T58] usb 8-1: device descriptor read/64, error -71
[ 72.330309][ T6762] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 72.352916][ T6758] __nla_validate_parse: 10 callbacks suppressed
[ 72.352927][ T6758] netlink: 252 bytes leftover after parsing attributes in process `syz.0.219'.
[ 72.353329][ T6759] netlink: 252 bytes leftover after parsing attributes in process `syz.0.219'.
[ 72.354785][ T6758] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[ 72.366019][ T6759] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[ 72.543775][ T58] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[ 72.681460][ T58] usb 8-1: device descriptor read/64, error -71
[ 72.796989][ T58] usb usb8-port1: attempt power cycle
[ 72.997675][ T6774] netlink: 16 bytes leftover after parsing attributes in process `syz.2.222'.
[ 73.142443][ T58] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[ 73.164220][ T58] usb 8-1: device descriptor read/8, error -71
[ 73.380348][ T6782] netlink: 'syz.1.225': attribute type 5 has an invalid length.
[ 73.430248][ T58] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[ 73.450684][ T58] usb 8-1: device descriptor read/8, error -71
[ 73.451737][ T40] audit: type=1400 audit(1740871416.142:393): avc: denied { execute } for pid=6783 comm="syz.1.226" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=14484 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 73.545866][ T40] audit: type=1400 audit(1740871416.232:394): avc: denied { mount } for pid=6788 comm="syz.1.227" name="/" dev="autofs" ino=11945 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[ 73.560442][ T58] usb usb8-port1: unable to enumerate USB device
[ 73.606161][ T40] audit: type=1400 audit(1740871416.292:395): avc: denied { unmount } for pid=5943 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[ 73.612641][ T6792] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[ 73.618367][ T6792] overlayfs: overlapping lowerdir path
[ 73.740369][ T6801] program syz.0.233 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 73.744209][ T6803] netlink: 14601 bytes leftover after parsing attributes in process `syz.2.230'.
[ 73.751858][ T6801] netlink: 36 bytes leftover after parsing attributes in process `syz.0.233'.
[ 73.765725][ T6801] libceph: resolve '
[ 73.765725][ T6801] -&����f�Y�ǝ�a����2i�
[ 73.765725][ T6801] �.���?��&�*��&' (ret=-3): failed
[ 73.824466][ T6812] netlink: 24 bytes leftover after parsing attributes in process `syz.0.235'.
[ 73.842040][ T6812] netlink: 24 bytes leftover after parsing attributes in process `syz.0.235'.
[ 73.851066][ T6812] netlink: 24 bytes leftover after parsing attributes in process `syz.0.235'.
[ 73.868198][ T6812] netlink: 24 bytes leftover after parsing attributes in process `syz.0.235'.
[ 73.888962][ T6812] netlink: 24 bytes leftover after parsing attributes in process `syz.0.235'.
[ 73.889710][ T40] audit: type=1400 audit(1740871416.572:396): avc: denied { read } for pid=6816 comm="syz.2.238" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 73.931743][ T40] audit: type=1400 audit(1740871416.622:397): avc: denied { create } for pid=6819 comm="syz.0.240" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 73.939416][ T40] audit: type=1400 audit(1740871416.622:398): avc: denied { write } for pid=6819 comm="syz.0.240" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 73.947990][ T40] audit: type=1400 audit(1740871416.642:399): avc: denied { write } for pid=6816 comm="syz.2.238" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 73.997885][ T40] audit: type=1400 audit(1740871416.682:400): avc: denied { bind } for pid=6819 comm="syz.0.240" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 73.998592][ T6828] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 6828 comm: syz.2.241)
[ 74.004527][ T40] audit: type=1400 audit(1740871416.682:401): avc: denied { getopt } for pid=6819 comm="syz.0.240" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 74.262618][ T6861] netlink: 'syz.2.245': attribute type 10 has an invalid length.
[ 74.269918][ T6861] team0: Port device netdevsim0 added
[ 74.273559][ T6861] netlink: 'syz.2.245': attribute type 10 has an invalid length.
[ 74.435138][ T6881] bond0: option ad_select: unable to set because the bond device is up
[ 74.476200][ T6884] sctp: [Deprecated]: syz.2.248 (pid 6884) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 74.476200][ T6884] Use struct sctp_sack_info instead
[ 74.675115][ T6899] delete_channel: no stack
[ 74.781191][ T6913] netfs: Couldn't get user pages (rc=-14)
[ 74.967220][ T5954] Bluetooth: hci1: ACL packet for unknown connection handle 201
[ 75.026681][ T5954] Bluetooth: hci1: ACL packet for unknown connection handle 201
[ 75.071878][ T6922] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[ 75.074234][ T6924] program syz.3.262 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 75.077508][ T6925] program syz.3.262 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 75.136517][ T6931] netlink: 'syz.3.264': attribute type 3 has an invalid length.
[ 75.138955][ T6931] netlink: 'syz.3.264': attribute type 1 has an invalid length.
[ 75.141313][ T6931] NCSI netlink: No device for ifindex 33022
[ 75.164691][ T6931] loop6: detected capacity change from 0 to 524287999
[ 75.169713][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 75.172686][ C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 75.176468][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 75.179266][ C3] Buffer I/O error on dev loop6, logical block 0, async page read
[ 75.182526][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 75.186094][ C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 75.189248][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 75.192986][ C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 75.196685][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 75.197460][ T6933] xt_limit: Overflow, try lower: 1207959552/384
[ 75.199462][ C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 75.204509][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 75.207193][ C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 75.209692][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 75.212433][ C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 75.214944][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 75.218046][ C3] Buffer I/O error on dev loop6, logical block 0, async page read
[ 75.220786][ T6931] ldm_validate_partition_table(): Disk read failed.
[ 75.222906][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 75.226731][ C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 75.229217][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 75.232792][ C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 75.237181][ T6931] Dev loop6: unable to read RDB block 0
[ 75.241938][ T6931] loop6: unable to read partition table
[ 75.244359][ T6931] loop_reread_partitions: partition scan of loop6 (3�������) failed (rc=-5)
[ 75.890256][ T833] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[ 75.950275][ T25] usb 8-1: new low-speed USB device number 12 using dummy_hcd
[ 76.060366][ T833] usb 5-1: Using ep0 maxpacket: 8
[ 76.067615][ T833] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 76.072177][ T833] usb 5-1: config 0 has no interface number 0
[ 76.074636][ T833] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 76.078843][ T833] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 76.084928][ T833] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 76.090338][ T25] usb 8-1: device descriptor read/64, error -71
[ 76.093240][ T833] usb 5-1: config 0 descriptor??
[ 76.103453][ T833] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 76.340943][ T25] usb 8-1: new low-speed USB device number 13 using dummy_hcd
[ 76.500343][ T25] usb 8-1: device descriptor read/64, error -71
[ 76.620414][ T25] usb usb8-port1: attempt power cycle
[ 76.980263][ T25] usb 8-1: new low-speed USB device number 14 using dummy_hcd
[ 77.000751][ T25] usb 8-1: device descriptor read/8, error -71
[ 77.270247][ T25] usb 8-1: new low-speed USB device number 15 using dummy_hcd
[ 77.300726][ T25] usb 8-1: device descriptor read/8, error -71
[ 77.324505][ T64] usb 5-1: USB disconnect, device number 6
[ 77.410463][ T25] usb usb8-port1: unable to enumerate USB device
[ 77.470402][ T7000] misc userio: No port type given on /dev/userio
[ 77.829006][ T7009] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'
[ 77.884529][ T40] kauditd_printk_skb: 31 callbacks suppressed
[ 77.884543][ T40] audit: type=1400 audit(1740871420.572:433): avc: denied { listen } for pid=7011 comm="syz.1.289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 77.924142][ T7014] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 77.926976][ T7014] overlayfs: missing 'lowerdir'
[ 77.987116][ T40] audit: type=1400 audit(1740871420.672:434): avc: denied { execute } for pid=7015 comm="syz-executor" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[ 77.996662][ T76] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 77.996832][ T40] audit: type=1400 audit(1740871420.672:435): avc: denied { execute_no_trans } for pid=7015 comm="syz-executor" path="/syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[ 78.068559][ T76] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 78.093138][ T67] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 78.094526][ T7023] syzkaller1: entered promiscuous mode
[ 78.096390][ T67] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 78.097049][ T7023] syzkaller1: entered allmulticast mode
[ 78.099614][ T67] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 78.105330][ T67] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 78.107880][ T67] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 78.112873][ T67] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 78.123888][ T76] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 78.127547][ T40] audit: type=1400 audit(1740871420.822:436): avc: denied { mounton } for pid=7026 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[ 78.214154][ T76] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 78.223974][ T7026] chnl_net:caif_netlink_parms(): no params data found
[ 78.293657][ T7026] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.296537][ T7026] bridge0: port 1(bridge_slave_0) entered disabled state
[ 78.299382][ T7026] bridge_slave_0: entered allmulticast mode
[ 78.303769][ T7026] bridge_slave_0: entered promiscuous mode
[ 78.307787][ T7026] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.310117][ T7026] bridge0: port 2(bridge_slave_1) entered disabled state
[ 78.313929][ T7026] bridge_slave_1: entered allmulticast mode
[ 78.317199][ T7026] bridge_slave_1: entered promiscuous mode
[ 78.324953][ T40] audit: type=1400 audit(1740871421.012:437): avc: denied { setattr } for pid=7036 comm="syz.1.297" name="/" dev="9p" ino=37617924 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 78.336450][ T40] audit: type=1400 audit(1740871421.022:438): avc: denied { connect } for pid=7036 comm="syz.1.297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 78.344017][ T40] audit: type=1400 audit(1740871421.022:439): avc: denied { name_connect } for pid=7036 comm="syz.1.297" dest=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[ 78.358282][ T7026] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 78.362982][ T7026] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 78.383833][ T7026] team0: Port device team_slave_0 added
[ 78.394123][ T7026] team0: Port device team_slave_1 added
[ 78.423986][ T7026] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 78.426566][ T7026] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 78.436305][ T7026] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 78.445291][ T7026] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 78.448535][ T7026] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 78.458015][ T7026] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 78.467553][ T76] bridge0: port 2(bridge_slave_1) entered disabled state
[ 78.471066][ T76] bridge_slave_0: left allmulticast mode
[ 78.473332][ T76] bridge_slave_0: left promiscuous mode
[ 78.475030][ T76] bridge0: port 1(bridge_slave_0) entered disabled state
[ 78.669305][ T76] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 78.673833][ T76] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 78.677296][ T76] bond0 (unregistering): Released all slaves
[ 78.727749][ T7026] hsr_slave_0: entered promiscuous mode
[ 78.729890][ T7026] hsr_slave_1: entered promiscuous mode
[ 78.732046][ T7026] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 78.734341][ T7026] Cannot create hsr debugfs directory
[ 78.879040][ T40] audit: type=1400 audit(1740871421.562:440): avc: denied { execute } for pid=7053 comm="syz.3.300" path="/sys/kernel/kexec_crash_loaded" dev="sysfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=file permissive=1
[ 78.887380][ T40] audit: type=1400 audit(1740871421.562:441): avc: denied { read } for pid=7053 comm="syz.3.300" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 78.898457][ T40] audit: type=1400 audit(1740871421.562:442): avc: denied { open } for pid=7053 comm="syz.3.300" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 78.937814][ T7057] tmpfs: Invalid gid '0x00000000ffffffff'
[ 78.962263][ T7026] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 78.968405][ T7026] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 78.974186][ T7026] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 78.981463][ T7026] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 79.057770][ T7026] 8021q: adding VLAN 0 to HW filter on device bond0
[ 79.064058][ T7026] 8021q: adding VLAN 0 to HW filter on device team0
[ 79.073784][ T65] bridge0: port 1(bridge_slave_0) entered blocking state
[ 79.077055][ T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 79.094367][ T65] bridge0: port 2(bridge_slave_1) entered blocking state
[ 79.097389][ T65] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 79.129857][ T7073] 9pnet_virtio: no channels available for device syz
[ 79.134572][ T76] hsr_slave_0: left promiscuous mode
[ 79.136748][ T76] hsr_slave_1: left promiscuous mode
[ 79.138646][ T76] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 79.141446][ T76] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 79.144418][ T76] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 79.152001][ T76] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 79.174188][ T76] veth1_macvtap: left promiscuous mode
[ 79.176324][ T76] veth0_macvtap: left promiscuous mode
[ 79.178140][ T76] veth1_vlan: left promiscuous mode
[ 79.179880][ T76] veth0_vlan: left promiscuous mode
[ 79.815264][ T76] team0 (unregistering): Port device team_slave_1 removed
[ 79.882258][ T76] team0 (unregistering): Port device team_slave_0 removed
[ 80.110717][ T5954] Bluetooth: hci0: command 0x0c1a tx timeout
[ 80.191584][ T5954] Bluetooth: hci3: command tx timeout
[ 80.418503][ T7090] openvswitch: netlink: IPv4 frag type 224 is out of range max 2
[ 80.433909][ T7026] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 80.447290][ T7090] __nla_validate_parse: 29 callbacks suppressed
[ 80.447300][ T7090] netlink: 8 bytes leftover after parsing attributes in process `syz.1.309'.
[ 80.571142][ T7026] veth0_vlan: entered promiscuous mode
[ 80.576597][ T7026] veth1_vlan: entered promiscuous mode
[ 80.589076][ T7026] veth0_macvtap: entered promiscuous mode
[ 80.593083][ T7026] veth1_macvtap: entered promiscuous mode
[ 80.607549][ T7026] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 80.612887][ T7026] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 80.615647][ T7026] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 80.618470][ T7026] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 80.622177][ T7026] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 80.630187][ T7026] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 80.633562][ T7026] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 80.636322][ T7026] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 80.639265][ T7026] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 80.642059][ T7026] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 80.644998][ T7026] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 80.648290][ T7026] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 80.654762][ T7026] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.658235][ T7026] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.664324][ T7026] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.667708][ T7026] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.712194][ T1228] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.715291][ T1228] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.728465][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.731203][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.733163][ T58] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 80.901719][ T58] usb 6-1: Using ep0 maxpacket: 8
[ 80.908902][ T58] usb 6-1: config 179 has an invalid interface number: 65 but max is 0
[ 80.914299][ T58] usb 6-1: config 179 has no interface number 0
[ 80.916221][ T58] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10
[ 80.919492][ T58] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[ 80.923117][ T58] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9
[ 80.926451][ T58] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024
[ 80.929764][ T58] usb 6-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 80.934487][ T58] usb 6-1: config 179 interface 65 has no altsetting 0
[ 80.936602][ T58] usb 6-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[ 80.939638][ T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 80.945410][ T7101] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 80.955394][ T58] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:179.65/input/input10
[ 81.003491][ T5339] input input10: unable to receive magic message: -110
[ 81.007771][ T5339] input input10: unable to receive magic message: -32
[ 81.022771][ T5339] input input10: unable to receive magic message: -32
[ 81.032715][ T5339] input input10: unable to receive magic message: -32
[ 81.068336][ T7118] input input10: unable to receive magic message: -32
[ 81.079760][ T5339] input input10: unable to receive magic message: -32
[ 81.088920][ T5339] input input10: unable to receive magic message: -32
[ 81.095791][ T5339] input input10: unable to receive magic message: -32
[ 81.154790][ T7101] input input10: unable to receive magic message: -32
[ 81.166020][ T64] usb 6-1: USB disconnect, device number 2
[ 81.166040][ C3] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 81.170221][ T64] xpad 6-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[ 81.231792][ T7157] netlink: 'syz.2.315': attribute type 32 has an invalid length.
[ 81.234589][ T7157] netlink: 8 bytes leftover after parsing attributes in process `syz.2.315'.
[ 81.237913][ T7157] (unnamed net_device) (uninitialized): option coupled_control: invalid value (46)
[ 81.377154][ T7184] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 81.394006][ T35] cfg80211: failed to load regulatory.db
[ 81.593258][ T7201] block device autoloading is deprecated and will be removed.
[ 81.628632][ T7205] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.326'.
[ 81.667212][ T7208] netlink: 12 bytes leftover after parsing attributes in process `syz.3.327'.
[ 81.670128][ T7208] smc: net device bond0 applied user defined pnetid S
[ 81.732368][ T7212] bridge_slave_0: left allmulticast mode
[ 81.734254][ T7212] bridge_slave_0: left promiscuous mode
[ 81.736611][ T7212] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.745130][ T7212] bridge_slave_1: left allmulticast mode
[ 81.746891][ T7212] bridge_slave_1: left promiscuous mode
[ 81.748616][ T7212] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.754910][ T7212] bond0: (slave bond_slave_0): Releasing backup interface
[ 81.758745][ T7212] bond0: (slave bond_slave_1): Releasing backup interface
[ 81.771931][ T7212] team0: Port device team_slave_0 removed
[ 81.777382][ T7212] team0: Port device team_slave_1 removed
[ 81.783440][ T7212] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 81.786424][ T7212] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 81.792799][ T7212] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 81.795751][ T7212] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 81.813605][ T7216] team0: Mode changed to "broadcast"
[ 81.822598][ T7212] tipc: Started in network mode
[ 81.824685][ T7212] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[ 81.827032][ T7212] tipc: Enabled bearer <eth:team0>, priority 0
[ 81.947822][ T7225] dvmrp0: entered allmulticast mode
[ 82.099957][ T7238] netlink: 8 bytes leftover after parsing attributes in process `syz.1.337'.
[ 82.106882][ T7238] netlink: 52 bytes leftover after parsing attributes in process `syz.1.337'.
[ 82.253579][ T7249] netlink: 8 bytes leftover after parsing attributes in process `syz.4.340'.
[ 82.258833][ T7249] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[ 82.262514][ T7249] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[ 82.266586][ T7249] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[ 82.269687][ T7249] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[ 82.270366][ T5954] Bluetooth: hci3: command tx timeout
[ 82.273682][ T7249] geneve2: entered promiscuous mode
[ 82.276686][ T7249] geneve2: entered allmulticast mode
[ 82.539638][ T7262] netlink: 'syz.4.344': attribute type 1 has an invalid length.
[ 82.589492][ T7269] netlink: zone id is out of range
[ 82.592576][ T7269] netlink: del zone limit has 4 unknown bytes
[ 82.623771][ T7272] netlink: 1256 bytes leftover after parsing attributes in process `syz.4.347'.
[ 82.626415][ T7272] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 82.636098][ T7217] dccp_close: ABORT with 32 bytes unread
[ 82.655025][ T7272] netlink: 'syz.4.347': attribute type 2 has an invalid length.
[ 82.657942][ T7272] netlink: 12 bytes leftover after parsing attributes in process `syz.4.347'.
[ 82.753982][ T7282] vxfs: WRONG superblock magic 00000000 at 1
[ 82.757026][ T7282] vxfs: WRONG superblock magic 00000000 at 8
[ 82.759496][ T7282] vxfs: can't find superblock.
[ 82.952555][ T9] tipc: Node number set to 11578026
[ 83.010333][ T58] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[ 83.118331][ T40] kauditd_printk_skb: 28 callbacks suppressed
[ 83.118342][ T40] audit: type=1400 audit(1740871425.802:471): avc: denied { getopt } for pid=7295 comm="syz.2.356" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 83.164894][ T58] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[ 83.168145][ T58] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 83.171230][ T58] usb 8-1: Product: syz
[ 83.172770][ T58] usb 8-1: Manufacturer: syz
[ 83.174420][ T58] usb 8-1: SerialNumber: syz
[ 83.180811][ T58] usb 8-1: config 0 descriptor??
[ 83.405920][ T3233] usb 8-1: USB disconnect, device number 16
[ 83.680233][ T58] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 83.810264][ T58] usb 7-1: device descriptor read/64, error -71
[ 83.880314][ T64] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 83.939010][ T7312] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 84.045731][ T64] usb 9-1: config index 0 descriptor too short (expected 45, got 36)
[ 84.048849][ T64] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 84.056025][ T64] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[ 84.060350][ T58] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 84.060649][ T64] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 84.067242][ T64] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 84.071490][ T64] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 84.076221][ T64] usb 9-1: config 0 descriptor??
[ 84.078475][ T7310] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 84.210373][ T58] usb 7-1: device descriptor read/64, error -71
[ 84.262690][ T40] audit: type=1400 audit(1740871426.952:472): avc: denied { bind } for pid=7323 comm="syz.3.366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 84.269469][ T40] audit: type=1400 audit(1740871426.952:473): avc: denied { ioctl } for pid=7323 comm="syz.3.366" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x1272 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 84.271267][ T7324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 84.276370][ T40] audit: type=1400 audit(1740871426.952:474): avc: denied { ioctl } for pid=7323 comm="syz.3.366" path="socket:[16818]" dev="sockfs" ino=16818 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 84.281117][ T7324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 84.291330][ T7324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 84.294301][ T7324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 84.297326][ T7324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 84.300370][ T7324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 84.335600][ T58] usb usb7-port1: attempt power cycle
[ 84.350385][ T5954] Bluetooth: hci3: command tx timeout
[ 84.422615][ T7329] netlink: 12 bytes leftover after parsing attributes in process `syz.1.368'.
[ 84.429465][ T40] audit: type=1400 audit(1740871427.112:475): avc: denied { getopt } for pid=7328 comm="syz.1.368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 84.484707][ T64] plantronics 0003:047F:FFFF.0005: unknown main item tag 0xd
[ 84.489215][ T64] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[ 84.496764][ T64] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[ 84.680313][ T58] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[ 84.710789][ T58] usb 7-1: device descriptor read/8, error -71
[ 84.741503][ T40] audit: type=1400 audit(1740871427.432:476): avc: denied { ioctl } for pid=7309 comm="syz.4.361" path="socket:[16813]" dev="sockfs" ino=16813 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 84.741943][ T64] usb 9-1: USB disconnect, device number 2
[ 84.950242][ T58] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 84.971180][ T58] usb 7-1: device descriptor read/8, error -71
[ 85.091265][ T58] usb usb7-port1: unable to enumerate USB device
[ 85.336802][ T40] audit: type=1400 audit(1740871428.022:477): avc: denied { write } for pid=7331 comm="syz.1.369" name="vlan0" dev="proc" ino=4026533676 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[ 85.339117][ T7332] @: renamed from bridge0 (while UP)
[ 85.345901][ T40] audit: type=1400 audit(1740871428.022:478): avc: denied { ioctl } for pid=7331 comm="syz.1.369" path="socket:[15945]" dev="sockfs" ino=15945 ioctlcmd=0x8923 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 85.434480][ T40] audit: type=1400 audit(1740871428.122:479): avc: denied { create } for pid=7342 comm="syz.4.373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 85.511610][ T7349] __nla_validate_parse: 1 callbacks suppressed
[ 85.511622][ T7349] netlink: 8 bytes leftover after parsing attributes in process `syz.4.376'.
[ 85.514425][ C0] vcan0: j1939_tp_rxtimer: 0xffff888046bb4c00: rx timeout, send abort
[ 85.519724][ T7349] netlink: 20 bytes leftover after parsing attributes in process `syz.4.376'.
[ 85.584851][ T7358] 9pnet_virtio: no channels available for device syz
[ 86.019272][ C0] vcan0: j1939_tp_rxtimer: 0xffff888046bb4c00: abort rx timeout. Force session deactivation
[ 86.102396][ T40] audit: type=1400 audit(1740871428.792:480): avc: denied { write } for pid=7367 comm="syz.3.384" name="hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 86.430363][ T5954] Bluetooth: hci3: command tx timeout
[ 86.450271][ T1454] usb 8-1: new full-speed USB device number 17 using dummy_hcd
[ 86.602612][ T1454] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 86.605287][ T1454] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 86.608523][ T1454] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 86.612056][ T1454] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 12592, setting to 64
[ 86.621605][ T1454] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 86.624714][ T1454] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 86.627219][ T1454] usb 8-1: Product: syz
[ 86.628996][ T1454] usb 8-1: Manufacturer: syz
[ 86.633190][ T7377] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 86.636051][ T1454] cdc_wdm 8-1:1.0: skipping garbage
[ 86.637620][ T1454] cdc_wdm 8-1:1.0: skipping garbage
[ 86.640693][ T1454] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[ 86.642534][ T1454] cdc_wdm 8-1:1.0: Unknown control protocol
[ 86.919537][ T7400] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 86.924081][ T7400] overlayfs: fs on './file0' does not support file handles, falling back to xino=off.
[ 87.231334][ T57] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 87.391387][ T57] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[ 87.395239][ T57] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 87.397956][ T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 87.402046][ T57] usb 6-1: config 0 descriptor??
[ 87.405060][ T57] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[ 87.742773][ T1454] usb 6-1: USB disconnect, device number 3
[ 88.202316][ T7428] 9p: Unknown access argument 18446744073709551615: -34
[ 88.336456][ T40] kauditd_printk_skb: 6 callbacks suppressed
[ 88.336467][ T40] audit: type=1400 audit(1740871431.022:487): avc: denied { create } for pid=7435 comm="syz.4.404" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[ 88.339559][ T7439] netlink: 108 bytes leftover after parsing attributes in process `syz.1.405'.
[ 88.346928][ T7439] netlink: 8 bytes leftover after parsing attributes in process `syz.1.405'.
[ 88.379413][ T7441] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[ 88.381037][ T40] audit: type=1400 audit(1740871431.072:488): avc: denied { getopt } for pid=7442 comm="syz.1.407" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 88.474700][ T40] audit: type=1400 audit(1740871431.162:489): avc: denied { execute } for pid=7446 comm="syz.4.409" path="/dev/audio1" dev="devtmpfs" ino=1318 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[ 88.555709][ T40] audit: type=1400 audit(1740871431.242:490): avc: denied { ioctl } for pid=7445 comm="syz.1.408" path="/dev/fb1" dev="devtmpfs" ino=640 ioctlcmd=0x4610 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[ 88.641171][ T5954] Bluetooth: hci0: unexpected event for opcode 0x2043
[ 88.643822][ T7457] netlink: 'syz.1.410': attribute type 9 has an invalid length.
[ 88.859051][ T40] audit: type=1400 audit(1740871431.542:491): avc: denied { write } for pid=7459 comm="syz.1.411" path="socket:[17212]" dev="sockfs" ino=17212 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 88.935841][ T40] audit: type=1400 audit(1740871431.622:492): avc: denied { ioctl } for pid=7459 comm="syz.1.411" path="socket:[17864]" dev="sockfs" ino=17864 ioctlcmd=0x8990 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 89.012313][ T5954] Bluetooth: hci0: ACL packet for unknown connection handle 200
[ 89.015782][ T40] audit: type=1400 audit(1740871431.702:493): avc: denied { bind } for pid=7464 comm="syz.1.413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 89.256462][ T5987] usb 8-1: USB disconnect, device number 17
[ 89.287872][ T7470] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=7470 comm=syz.1.414
[ 89.338576][ T7475] netlink: 36 bytes leftover after parsing attributes in process `syz.3.416'.
[ 89.398944][ T40] audit: type=1400 audit(1740871432.082:494): avc: denied { ioctl } for pid=7479 comm="syz.1.419" path="socket:[17876]" dev="sockfs" ino=17876 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 89.507674][ T7493] netlink: 8 bytes leftover after parsing attributes in process `syz.3.421'.
[ 89.511520][ T7493] netlink: 8 bytes leftover after parsing attributes in process `syz.3.421'.
[ 89.617079][ T40] audit: type=1400 audit(1740871432.302:495): avc: denied { write } for pid=7497 comm="syz.1.423" name="btrfs-control" dev="devtmpfs" ino=1337 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[ 89.620532][ T7501] tmpfs: Bad value for 'mpol'
[ 89.621163][ T7500] tmpfs: Bad value for 'mpol'
[ 89.629928][ T40] audit: type=1400 audit(1740871432.302:496): avc: denied { open } for pid=7497 comm="syz.1.423" path="/dev/btrfs-control" dev="devtmpfs" ino=1337 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[ 89.637508][ T7498] netlink: 12 bytes leftover after parsing attributes in process `syz.1.423'.
[ 89.698931][ T7507] netlink: 'syz.3.426': attribute type 39 has an invalid length.
[ 89.836289][ T9] IPVS: starting estimator thread 0...
[ 89.930362][ T7515] IPVS: using max 34 ests per chain, 81600 per kthread
[ 90.043519][ T7535] netlink: 172 bytes leftover after parsing attributes in process `syz.3.434'.
[ 90.170649][ T7539] block nbd3: server does not support multiple connections per device.
[ 90.176584][ T7537] block nbd3: shutting down sockets
[ 90.223898][ T7544] netlink: 'syz.3.437': attribute type 1 has an invalid length.
[ 90.275148][ T7547] input: syz0 as /devices/virtual/input/input13
[ 90.277998][ T7547] input: failed to attach handler leds to device input13, error: -6
[ 90.360988][ T7549] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7549 comm=syz.3.439
[ 90.566626][ T7563] netlink: 8 bytes leftover after parsing attributes in process `syz.3.442'.
[ 91.203821][ T7615] netlink: 20 bytes leftover after parsing attributes in process `syz.3.454'.
[ 91.207793][ T7612] Cannot find add_set index 4 as target
[ 91.209799][ T7613] Cannot find add_set index 4 as target
[ 91.257586][ T7617] SET target dimension over the limit!
[ 91.348765][ T5948] IPVS: starting estimator thread 0...
[ 91.440289][ T7622] IPVS: using max 21 ests per chain, 50400 per kthread
[ 91.489501][ T7626] mkiss: ax0: crc mode is auto.
[ 91.496309][ T7628] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 91.500273][ T7628] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 91.740373][ T9] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[ 91.909410][ T7631] tipc: Enabled bearer <eth:macvlan0>, priority 10
[ 91.917046][ T7631] tipc: Resetting bearer <eth:macvlan0>
[ 91.919622][ T7631] tipc: Resetting bearer <eth:macvlan0>
[ 91.956049][ T7633] overlayfs: disabling nfs_export due to verity=on
[ 92.189520][ T7645] vxcan1: tx address claim with dlc 0
[ 92.193278][ T7645] (unnamed net_device) (uninitialized): (slave erspan0): Device is not bonding slave
[ 92.196011][ T7645] (unnamed net_device) (uninitialized): option active_slave: invalid value (erspan0)
[ 92.542359][ T7659] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7659 comm=syz.2.469
[ 92.572330][ T7588] netlink: 'syz.4.448': attribute type 16 has an invalid length.
[ 92.574974][ T7588] netlink: 'syz.4.448': attribute type 3 has an invalid length.
[ 92.577486][ T7588] netlink: 'syz.4.448': attribute type 1 has an invalid length.
[ 92.579934][ T7588] netlink: 'syz.4.448': attribute type 2 has an invalid length.
[ 92.582989][ T7588] netlink: 24730 bytes leftover after parsing attributes in process `syz.4.448'.
[ 92.725979][ T7677] netlink: 44 bytes leftover after parsing attributes in process `syz.3.472'.
[ 92.731479][ T7677] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 92.773094][ T7677] netlink: 8 bytes leftover after parsing attributes in process `syz.3.472'.
[ 92.888340][ T7683] block nbd2: not configured, cannot reconfigure
[ 92.893691][ T7682] block nbd2: not configured, cannot reconfigure
[ 92.924884][ T7685] netlink: 256 bytes leftover after parsing attributes in process `syz.3.476'.
[ 93.042068][ T7696] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 93.098702][ T7706] ax25_connect(): syz.3.482 uses autobind, please contact jreuter@yaina.de
[ 93.112847][ T7703] hpfs: hpfs_map_sector(): read error
[ 93.126410][ T7703] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 93.133044][ T7711] netlink: 32 bytes leftover after parsing attributes in process `syz.3.483'.
[ 93.470265][ T6015] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[ 93.540433][ T40] kauditd_printk_skb: 24 callbacks suppressed
[ 93.540444][ T40] audit: type=1800 audit(1740871436.222:521): pid=7735 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.491" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 93.645546][ T6015] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 93.648863][ T6015] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 93.653198][ T6015] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 93.656612][ T6015] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 12592, setting to 64
[ 93.662468][ T6015] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 93.665875][ T6015] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 93.668899][ T6015] usb 6-1: Product: syz
[ 93.671190][ T6015] usb 6-1: Manufacturer: syz
[ 93.674985][ T7723] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 93.678075][ T6015] cdc_wdm 6-1:1.0: skipping garbage
[ 93.680094][ T6015] cdc_wdm 6-1:1.0: skipping garbage
[ 93.683768][ T6015] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[ 93.686101][ T6015] cdc_wdm 6-1:1.0: Unknown control protocol
[ 93.722000][ T65] Bluetooth: Error in BCSP hdr checksum
[ 93.764077][ T7746] netlink: 8 bytes leftover after parsing attributes in process `syz.3.493'.
[ 93.825665][ T7748] fuse: Bad value for 'user_id'
[ 93.827233][ T7748] fuse: Bad value for 'user_id'
[ 93.839626][ C0] vcan0: j1939_tp_rxtimer: 0xffff888043ba9000: rx timeout, send abort
[ 93.883962][ C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[ 93.886003][ C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[ 93.888329][ C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[ 93.890980][ C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[ 93.893582][ C0] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[ 93.897640][ T7723] fuse: Invalid rootmode
[ 93.900539][ T5948] usb 6-1: USB disconnect, device number 4
[ 94.342118][ C0] vcan0: j1939_tp_rxtimer: 0xffff888043ba9000: abort rx timeout. Force session deactivation
[ 94.429936][ T40] audit: type=1400 audit(1740871437.112:522): avc: denied { remount } for pid=7750 comm="syz.1.495" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 94.464245][ T7751] sp0: Synchronizing with TNC
[ 94.620055][ T7757] use of bytesused == 0 is deprecated and will be removed in the future,
[ 94.622659][ T7757] use the actual size instead.
[ 94.743578][ T7769] geneve1: entered promiscuous mode
[ 94.745935][ T7769] geneve1: left promiscuous mode
[ 94.781523][ T40] audit: type=1400 audit(1740871437.472:523): avc: denied { ioctl } for pid=7765 comm="syz.3.501" path="socket:[19777]" dev="sockfs" ino=19777 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 95.070393][ T9] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 95.223245][ T9] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 95.226005][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 95.228292][ T9] usb 6-1: Product: syz
[ 95.229502][ T9] usb 6-1: Manufacturer: syz
[ 95.230963][ T9] usb 6-1: SerialNumber: syz
[ 95.230980][ T5954] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 95.231001][ T5952] Bluetooth: hci4: command 0x1003 tx timeout
[ 95.236763][ T9] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 95.257883][ T5984] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 95.266666][ T7780] random: crng reseeded on system resumption
[ 95.461018][ T7784] bridge2: entered promiscuous mode
[ 95.470622][ T5954] Bluetooth: hci5: command 0x1003 tx timeout
[ 95.470863][ T67] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 95.547458][ T1454] usb 6-1: USB disconnect, device number 5
[ 95.617093][ T7795] loop6: detected capacity change from 0 to 8
[ 95.621475][ C2] blk_print_req_error: 8 callbacks suppressed
[ 95.621486][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 95.625902][ C2] buffer_io_error: 8 callbacks suppressed
[ 95.625909][ C2] Buffer I/O error on dev loop6, logical block 0, async page read
[ 95.630033][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 95.632977][ C3] Buffer I/O error on dev loop6, logical block 0, async page read
[ 95.635712][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 95.638372][ C3] Buffer I/O error on dev loop6, logical block 0, async page read
[ 95.642913][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 95.645600][ C3] Buffer I/O error on dev loop6, logical block 0, async page read
[ 95.648330][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 95.651841][ C3] Buffer I/O error on dev loop6, logical block 0, async page read
[ 95.656184][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 95.659654][ C3] Buffer I/O error on dev loop6, logical block 0, async page read
[ 95.663635][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 95.667111][ C3] Buffer I/O error on dev loop6, logical block 0, async page read
[ 95.671004][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 95.674770][ C3] Buffer I/O error on dev loop6, logical block 0, async page read
[ 95.683415][ T7795] ldm_validate_partition_table(): Disk read failed.
[ 95.687586][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 95.690623][ C3] Buffer I/O error on dev loop6, logical block 0, async page read
[ 95.693821][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 95.697414][ C2] Buffer I/O error on dev loop6, logical block 0, async page read
[ 95.701342][ T7796] openvswitch: netlink: Missing key (keys=40, expected=100)
[ 95.705632][ T7795] Dev loop6: unable to read RDB block 0
[ 95.708429][ T7795] loop6: unable to read partition table
[ 95.710428][ T7795] loop6: partition table beyond EOD, truncated
[ 95.712537][ T7795] loop_reread_partitions: partition scan of loop6 (3�������) failed (rc=-5)
[ 95.749123][ T40] audit: type=1400 audit(1740871438.432:524): avc: denied { ioctl } for pid=7802 comm="syz.4.511" path="socket:[19784]" dev="sockfs" ino=19784 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 95.775540][ T7806] overlay: Bad value for 'workdir'
[ 95.814135][ T40] audit: type=1400 audit(1740871438.502:525): avc: denied { setattr } for pid=7808 comm="syz.2.513" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 95.854796][ T7814] sg_write: data in/out 440207358/4056 bytes for SCSI command 0x45-- guessing data in;
[ 95.854796][ T7814] program syz.4.516 not setting count and/or reply_len properly
[ 95.860536][ T40] audit: type=1400 audit(1740871438.542:526): avc: denied { mount } for pid=7816 comm="syz.3.517" name="/" dev="ramfs" ino=20806 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[ 95.867972][ T40] audit: type=1400 audit(1740871438.562:527): avc: denied { read } for pid=7816 comm="syz.3.517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 95.914070][ T7818] netlink: 1284 bytes leftover after parsing attributes in process `syz.4.516'.
[ 95.916757][ T7818] openvswitch: netlink: Missing key (keys=40, expected=80)
[ 95.921252][ T7817] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 95.936947][ T40] audit: type=1400 audit(1740871438.622:528): avc: denied { unmount } for pid=5946 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[ 96.103702][ T3233] hid (null): unknown global tag 0x80
[ 96.105895][ T3233] hid (null): unknown global tag 0x9a
[ 96.108427][ T3233] hid (null): unknown global tag 0xd
[ 96.110850][ T3233] hid (null): unknown global tag 0x3a
[ 96.112961][ T3233] hid (null): unknown global tag 0xc
[ 96.114833][ T40] audit: type=1400 audit(1740871438.802:529): avc: denied { write } for pid=7845 comm="syz.3.525" name="usbmon2" dev="devtmpfs" ino=743 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 96.115796][ T7847] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[ 96.121882][ T3233] hid (null): unknown global tag 0x30
[ 96.123496][ T7847] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 96.124031][ T7847] vhci_hcd vhci_hcd.0: Device attached
[ 96.125366][ T3233] hid (null): unknown global tag 0xc
[ 96.131454][ T3233] hid (null): unknown global tag 0x73
[ 96.133550][ T3233] hid (null): unknown global tag 0xd
[ 96.135116][ T3233] hid (null): invalid report_size 28635
[ 96.136842][ T3233] hid (null): invalid report_size 827190174
[ 96.138583][ T3233] hid (null): unknown global tag 0xc
[ 96.140840][ T3233] hid (null): unknown global tag 0xd
[ 96.142409][ T3233] hid (null): unknown global tag 0x7d
[ 96.144018][ T3233] hid (null): unknown global tag 0xe
[ 96.145611][ T3233] hid (null): unknown global tag 0xc
[ 96.147186][ T3233] hid (null): global environment stack underflow
[ 96.149067][ T3233] hid (null): report_id 0 is invalid
[ 96.151206][ T3233] hid (null): invalid report_size 39022
[ 96.152856][ T3233] hid (null): report_id 4035093505 is invalid
[ 96.154631][ T3233] hid (null): unknown global tag 0xc
[ 96.156175][ T3233] hid (null): unknown global tag 0xc
[ 96.157688][ T3233] hid (null): unknown global tag 0xc
[ 96.159273][ T3233] hid (null): report_id 0 is invalid
[ 96.161306][ T3233] hid (null): unknown global tag 0xe
[ 96.163000][ T3233] hid (null): invalid report_size -590696810
[ 96.164843][ T3233] hid (null): report_id 60822 is invalid
[ 96.167026][ T3233] hid (null): invalid report_size 24869
[ 96.169202][ T3233] hid (null): unknown global tag 0xe
[ 96.171949][ T3233] hid (null): unknown global tag 0xd
[ 96.174756][ T3233] hid (null): report_id 148325982 is invalid
[ 96.177010][ T3233] hid (null): invalid report_size 434387431
[ 96.179220][ T3233] hid (null): invalid report_count 52839
[ 96.181920][ T3233] hid (null): unknown global tag 0xc6
[ 96.183972][ T3233] hid (null): global environment stack underflow
[ 96.185915][ T3233] hid (null): bogus close delimiter
[ 96.187651][ T3233] hid (null): unknown global tag 0xd
[ 96.189688][ T3233] hid (null): unknown global tag 0xc
[ 96.192450][ T3233] hid (null): bogus close delimiter
[ 96.194459][ T3233] hid (null): report_id 3474 is invalid
[ 96.196666][ T3233] hid (null): unknown global tag 0xe
[ 96.198753][ T3233] hid (null): global environment stack underflow
[ 96.201904][ T3233] hid (null): unknown global tag 0xc
[ 96.205824][ T3233] hid-generic 0001:8000:0005.0006: unknown main item tag 0x2
[ 96.208768][ T3233] hid-generic 0001:8000:0005.0006: unknown main item tag 0x7
[ 96.212556][ T3233] hid-generic 0001:8000:0005.0006: unknown main item tag 0x5
[ 96.215482][ T3233] hid-generic 0001:8000:0005.0006: unknown main item tag 0x7
[ 96.218380][ T3233] hid-generic 0001:8000:0005.0006: unknown main item tag 0xe
[ 96.221443][ T3233] hid-generic 0001:8000:0005.0006: item 0 0 0 9 parsing failed
[ 96.223782][ T3233] hid-generic 0001:8000:0005.0006: probe with driver hid-generic failed with error -22
[ 96.349932][ T7858] netlink: 4 bytes leftover after parsing attributes in process `syz.1.527'.
[ 96.349947][ T7859] netlink: 4 bytes leftover after parsing attributes in process `syz.1.527'.
[ 96.350113][ T7862] overlayfs: statfs failed on './file0'
[ 96.351034][ T40] audit: type=1400 audit(1740871439.032:530): avc: denied { getattr } for pid=7855 comm="syz.3.528" name="/" dev="9p" ino=4412287765254868893 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 96.360463][ T5984] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[ 96.365772][ T25] usb 45-1: new low-speed USB device number 2 using vhci_hcd
[ 96.368718][ T5984] ath9k_htc: Failed to initialize the device
[ 96.370547][ T6015] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 96.372707][ T1454] usb 6-1: ath9k_htc: USB layer deinitialized
[ 96.520372][ T6015] usb 9-1: Using ep0 maxpacket: 16
[ 96.525190][ T6015] usb 9-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 96.532170][ T6015] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 96.540301][ T6015] usb 9-1: Product: syz
[ 96.541917][ T6015] usb 9-1: Manufacturer: syz
[ 96.543660][ T6015] usb 9-1: SerialNumber: syz
[ 96.546456][ T6015] usb 9-1: config 0 descriptor??
[ 96.549560][ T6015] ftdi_sio 9-1:0.0: FTDI USB Serial Device converter detected
[ 96.553709][ T6015] usb 9-1: Detected FT232H
[ 96.627933][ T7880] devtmpfs: Cannot change global quota limit on remount
[ 96.631649][ T7882] Cannot find set identified by id 0 to match
[ 96.636738][ T7880] netlink: 8 bytes leftover after parsing attributes in process `syz.3.534'.
[ 96.732984][ T7892] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[ 96.735402][ T7892] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 96.738334][ T7892] vhci_hcd vhci_hcd.0: Device attached
[ 96.742298][ T7893] vhci_hcd: connection closed
[ 96.742420][ T76] vhci_hcd: stop threads
[ 96.745459][ T76] vhci_hcd: release socket
[ 96.746850][ T76] vhci_hcd: disconnect device
[ 96.755337][ T7848] usb 45-1: recv xbuf, 0
[ 96.758152][ T1228] vhci_hcd: stop threads
[ 96.759455][ T1228] vhci_hcd: release socket
[ 96.760991][ T1228] vhci_hcd: disconnect device
[ 96.768389][ T7895] bond0: entered promiscuous mode
[ 96.769943][ T7895] bond_slave_0: entered promiscuous mode
[ 96.772387][ T7895] bond_slave_1: entered promiscuous mode
[ 96.774157][ T7895] macvlan0: entered promiscuous mode
[ 96.820296][ T25] vhci_hcd: vhci_device speed not set
[ 96.944236][ T3233] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 97.092244][ T3233] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 97.095000][ T3233] usb 6-1: config 0 interface 0 has no altsetting 0
[ 97.098279][ T3233] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 97.101018][ T3233] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 97.103381][ T3233] usb 6-1: Product: syz
[ 97.104622][ T3233] usb 6-1: Manufacturer: syz
[ 97.106001][ T3233] usb 6-1: SerialNumber: syz
[ 97.108451][ T3233] usb 6-1: config 0 descriptor??
[ 97.112227][ T3233] usb 6-1: selecting invalid altsetting 0
[ 97.320099][ T7888] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=43 sclass=netlink_route_socket pid=7888 comm=syz.1.537
[ 97.411983][ T7903] xt_cluster: you have exceeded the maximum number of cluster nodes (4095 > 32)
[ 97.431316][ T6103] usb 6-1: USB disconnect, device number 6
[ 97.553467][ T7917] netlink: 4 bytes leftover after parsing attributes in process `syz.1.544'.
[ 97.611017][ T7921] tmpfs: Bad value for 'mpol'
[ 97.613641][ T7921] tmpfs: Bad value for 'usrquota_block_hardlimit'
[ 97.654900][ T7924] netlink: 132 bytes leftover after parsing attributes in process `syz.1.547'.
[ 97.779338][ T7933] SELinux: Context /dev/dri/card# is not valid (left unmapped).
[ 97.851684][ T7939] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 97.854893][ T7939] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 98.556995][ T40] kauditd_printk_skb: 14 callbacks suppressed
[ 98.557006][ T40] audit: type=1400 audit(1740871441.242:545): avc: denied { read } for pid=7944 comm="syz.2.554" path="socket:[19970]" dev="sockfs" ino=19970 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 98.565676][ T40] audit: type=1326 audit(1740871441.242:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.2.554" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff19af8d169 code=0x7fc00000
[ 98.723434][ T7952] netlink: 16 bytes leftover after parsing attributes in process `syz.3.556'.
[ 98.762450][ T40] audit: type=1400 audit(1740871441.452:547): avc: denied { nlmsg_read } for pid=7957 comm="syz.1.558" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 98.896123][ T7964] ref_ctr_offset mismatch. inode: 0x374 offset: 0x7 ref_ctr_offset(old): 0x2 ref_ctr_offset(new): 0x0
[ 99.035547][ T6015] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 99.038122][ T6015] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 99.041162][ T6015] ftdi_sio 9-1:0.0: GPIO initialisation failed: -71
[ 99.044357][ T6015] usb 9-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 99.049094][ T6015] usb 9-1: USB disconnect, device number 3
[ 99.053214][ T6015] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 99.053400][ T7972] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 99.056128][ T6015] ftdi_sio 9-1:0.0: device disconnected
[ 99.059526][ T7972] overlayfs: missing 'lowerdir'
[ 99.097563][ T7976] team_slave_0: entered promiscuous mode
[ 99.099587][ T7976] team_slave_1: entered promiscuous mode
[ 99.102697][ T7976] macsec1: entered promiscuous mode
[ 99.104542][ T7976] team0: entered promiscuous mode
[ 99.106791][ T7976] macsec1: entered allmulticast mode
[ 99.108495][ T7976] team0: entered allmulticast mode
[ 99.110007][ T7976] team_slave_0: entered allmulticast mode
[ 99.112210][ T7976] team_slave_1: entered allmulticast mode
[ 99.115364][ T7976] team0: Device macsec1 is already an upper device of the team interface
[ 99.119739][ T7976] team0: left allmulticast mode
[ 99.121533][ T7976] team_slave_0: left allmulticast mode
[ 99.123155][ T7976] team_slave_1: left allmulticast mode
[ 99.125138][ T7976] team0: left promiscuous mode
[ 99.127374][ T7976] team_slave_0: left promiscuous mode
[ 99.129486][ T7976] team_slave_1: left promiscuous mode
[ 99.251277][ T40] audit: type=1326 audit(1740871441.932:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.2.554" exe="/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7ff19af8d169 code=0x7fc00000
[ 99.262132][ T7983] netlink: 16 bytes leftover after parsing attributes in process `syz.3.567'.
[ 99.263229][ T40] audit: type=1326 audit(1740871441.932:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.2.554" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff19af8d169 code=0x7fc00000
[ 99.272185][ T40] audit: type=1326 audit(1740871441.932:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.2.554" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff19af8d169 code=0x7fc00000
[ 99.280202][ T40] audit: type=1326 audit(1740871441.932:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.2.554" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff19af8d169 code=0x7fc00000
[ 99.286672][ T40] audit: type=1326 audit(1740871441.932:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.2.554" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff19af8d169 code=0x7fc00000
[ 99.293283][ T40] audit: type=1326 audit(1740871441.932:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.2.554" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff19af8d169 code=0x7fc00000
[ 99.299742][ T40] audit: type=1326 audit(1740871441.932:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.2.554" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff19af8d169 code=0x7fc00000
[ 99.387098][ T7988] netlink: 4 bytes leftover after parsing attributes in process `syz.2.568'.
[ 99.491763][ T8001] netlink: 24 bytes leftover after parsing attributes in process `syz.4.572'.
[ 99.604697][ T7452] ------------[ cut here ]------------
[ 99.608163][ T7452] refcount_t: underflow; use-after-free.
[ 99.610941][ T7452] WARNING: CPU: 2 PID: 7452 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210
[ 99.614764][ T7452] Modules linked in:
[ 99.616521][ T7452] CPU: 2 UID: 0 PID: 7452 Comm: syz.4.409 Not tainted 6.14.0-rc4-syzkaller-00248-g03d38806a902 #0
[ 99.621917][ T7452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 99.626433][ T7452] RIP: 0010:refcount_warn_saturate+0x14a/0x210
[ 99.628431][ T7452] Code: ff 89 de e8 b8 42 f5 fc 84 db 0f 85 66 ff ff ff e8 0b 48 f5 fc c6 05 7c 4e 86 0b 01 90 48 c7 c7 60 07 d3 8b e8 d7 76 b5 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 e8 47 f5 fc 0f b6 1d 57 4e 86 0b 31
[ 99.635041][ T7452] RSP: 0018:ffffc9000388f6b8 EFLAGS: 00010282
[ 99.637296][ T7452] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a1229
[ 99.640264][ T7452] RDX: ffff88802a15a440 RSI: ffffffff817a1236 RDI: 0000000000000001
[ 99.643202][ T7452] RBP: ffff888031e0e478 R08: 0000000000000001 R09: 0000000000000000
[ 99.646381][ T7452] R10: 0000000000000000 R11: 0000000000000004 R12: ffff888026939800
[ 99.649280][ T7452] R13: ffff888031e0e478 R14: ffffffff85ec0360 R15: dffffc0000000000
[ 99.652293][ T7452] FS: 0000000000000000(0000) GS:ffff88806a800000(0000) knlGS:0000000000000000
[ 99.655571][ T7452] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 99.658026][ T7452] CR2: 000000110c367920 CR3: 0000000043ff0000 CR4: 0000000000352ef0
[ 99.661102][ T7452] Call Trace:
[ 99.662350][ T7452] <TASK>
[ 99.663478][ T7452] ? __warn+0xea/0x3c0
[ 99.665051][ T7452] ? __pfx_vprintk_emit+0x10/0x10
[ 99.666969][ T7452] ? refcount_warn_saturate+0x14a/0x210
[ 99.669045][ T7452] ? report_bug+0x3c0/0x580
[ 99.670847][ T7452] ? handle_bug+0x54/0xa0
[ 99.672452][ T7452] ? exc_invalid_op+0x17/0x50
[ 99.674207][ T7452] ? asm_exc_invalid_op+0x1a/0x20
[ 99.676097][ T7452] ? __pfx_klist_children_put+0x10/0x10
[ 99.678171][ T7452] ? __warn_printk+0x199/0x350
[ 99.679991][ T7452] ? __warn_printk+0x1a6/0x350
[ 99.681901][ T7452] ? refcount_warn_saturate+0x14a/0x210
[ 99.683932][ T7452] ? refcount_warn_saturate+0x149/0x210
[ 99.686003][ T7452] klist_put+0x11b/0x1b0
[ 99.687598][ T7452] klist_remove+0x140/0x2b0
[ 99.689337][ T7452] ? __pfx_klist_remove+0x10/0x10
[ 99.691321][ T7452] ? get_device_parent+0x1ed/0x4e0
[ 99.693280][ T7452] device_move+0x12d/0x10b0
[ 99.695008][ T7452] hci_conn_del_sysfs+0x81/0x180
[ 99.696909][ T7452] hci_conn_del+0x54e/0xdb0
[ 99.698626][ T7452] ? __pfx_l2cap_disconn_cfm+0x10/0x10
[ 99.700747][ T7452] hci_conn_hash_flush+0x4bf/0x790
[ 99.702679][ T7452] ? __pfx_hci_conn_hash_flush+0x10/0x10
[ 99.704780][ T7452] ? drain_workqueue+0x309/0x3d0
[ 99.706663][ T7452] ? hci_inquiry_cache_flush+0x176/0x2f0
[ 99.708781][ T7452] hci_dev_close_sync+0x603/0x11a0
[ 99.710820][ T7452] ? __pfx_hci_dev_close_sync+0x10/0x10
[ 99.712874][ T7452] ? up_write+0x1b2/0x520
[ 99.714500][ T7452] ? rcu_is_watching+0x12/0xc0
[ 99.716316][ T7452] hci_dev_do_close+0x2e/0x90
[ 99.718080][ T7452] hci_unregister_dev+0x213/0x620
[ 99.719977][ T7452] ? __pfx_vhci_release+0x10/0x10
[ 99.721970][ T7452] vhci_release+0x79/0xf0
[ 99.723584][ T7452] __fput+0x3ff/0xb70
[ 99.725103][ T7452] task_work_run+0x14e/0x250
[ 99.726851][ T7452] ? __pfx_task_work_run+0x10/0x10
[ 99.728785][ T7452] do_exit+0xad8/0x2d70
[ 99.730425][ T7452] ? get_signal+0x1d3e/0x26c0
[ 99.732206][ T7452] ? __pfx_do_exit+0x10/0x10
[ 99.733940][ T7452] ? cgroup_update_frozen_flag+0x107/0x210
[ 99.736152][ T7452] do_group_exit+0xd3/0x2a0
[ 99.737861][ T7452] get_signal+0x24ed/0x26c0
[ 99.739565][ T7452] ? __pfx_hrtimer_nanosleep+0x10/0x10
[ 99.741688][ T7452] ? __pfx_get_signal+0x10/0x10
[ 99.743494][ T7452] ? __pfx_hrtimer_wakeup+0x10/0x10
[ 99.745474][ T7452] arch_do_signal_or_restart+0x90/0x7e0
[ 99.747558][ T7452] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 99.749850][ T7452] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10
[ 99.752231][ T7452] syscall_exit_to_user_mode+0x150/0x2a0
[ 99.754323][ T7452] do_syscall_64+0xda/0x250
[ 99.756095][ T7452] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 99.758295][ T7452] RIP: 0033:0x7fb12c1bfa25
[ 99.759953][ T7452] Code: Unable to access opcode bytes at 0x7fb12c1bf9fb.
[ 99.762644][ T7452] RSP: 002b:00007fb12cf65f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 99.765679][ T7452] RAX: fffffffffffffdfc RBX: 00007fb12c3a5fa0 RCX: 00007fb12c1bfa25
[ 99.768597][ T7452] RDX: 00007fb12cf65fc0 RSI: 0000000000000000 RDI: 0000000000000000
[ 99.771570][ T7452] RBP: 00007fb12c20e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 99.774497][ T7452] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 99.777461][ T7452] R13: 0000000000000000 R14: 00007fb12c3a5fa0 R15: 00007ffeea1b5be8
[ 99.780451][ T7452] </TASK>
[ 99.781615][ T7452] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 99.784319][ T7452] CPU: 2 UID: 0 PID: 7452 Comm: syz.4.409 Not tainted 6.14.0-rc4-syzkaller-00248-g03d38806a902 #0
[ 99.788220][ T7452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 99.792223][ T7452] Call Trace:
[ 99.793470][ T7452] <TASK>
[ 99.794590][ T7452] dump_stack_lvl+0x3d/0x1f0
[ 99.796328][ T7452] panic+0x71d/0x800
[ 99.797816][ T7452] ? __pfx_panic+0x10/0x10
[ 99.799499][ T7452] ? show_trace_log_lvl+0x29d/0x3d0
[ 99.801479][ T7452] ? check_panic_on_warn+0x1f/0xb0
[ 99.803384][ T7452] ? refcount_warn_saturate+0x14a/0x210
[ 99.805416][ T7452] check_panic_on_warn+0xab/0xb0
[ 99.807281][ T7452] __warn+0xf6/0x3c0
[ 99.808757][ T7452] ? __pfx_vprintk_emit+0x10/0x10
[ 99.810619][ T7452] ? refcount_warn_saturate+0x14a/0x210
[ 99.812663][ T7452] report_bug+0x3c0/0x580
[ 99.814280][ T7452] handle_bug+0x54/0xa0
[ 99.815866][ T7452] exc_invalid_op+0x17/0x50
[ 99.817571][ T7452] asm_exc_invalid_op+0x1a/0x20
[ 99.818977][ T7452] RIP: 0010:refcount_warn_saturate+0x14a/0x210
[ 99.820806][ T7452] Code: ff 89 de e8 b8 42 f5 fc 84 db 0f 85 66 ff ff ff e8 0b 48 f5 fc c6 05 7c 4e 86 0b 01 90 48 c7 c7 60 07 d3 8b e8 d7 76 b5 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 e8 47 f5 fc 0f b6 1d 57 4e 86 0b 31
[ 99.826288][ T7452] RSP: 0018:ffffc9000388f6b8 EFLAGS: 00010282
[ 99.828133][ T7452] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a1229
[ 99.830531][ T7452] RDX: ffff88802a15a440 RSI: ffffffff817a1236 RDI: 0000000000000001
[ 99.832792][ T7452] RBP: ffff888031e0e478 R08: 0000000000000001 R09: 0000000000000000
[ 99.835187][ T7452] R10: 0000000000000000 R11: 0000000000000004 R12: ffff888026939800
[ 99.837563][ T7452] R13: ffff888031e0e478 R14: ffffffff85ec0360 R15: dffffc0000000000
[ 99.839862][ T7452] ? __pfx_klist_children_put+0x10/0x10
[ 99.841765][ T7452] ? __warn_printk+0x199/0x350
[ 99.843214][ T7452] ? __warn_printk+0x1a6/0x350
[ 99.844649][ T7452] ? refcount_warn_saturate+0x149/0x210
[ 99.846298][ T7452] klist_put+0x11b/0x1b0
[ 99.847582][ T7452] klist_remove+0x140/0x2b0
[ 99.848957][ T7452] ? __pfx_klist_remove+0x10/0x10
[ 99.850540][ T7452] ? get_device_parent+0x1ed/0x4e0
[ 99.852075][ T7452] device_move+0x12d/0x10b0
[ 99.853450][ T7452] hci_conn_del_sysfs+0x81/0x180
[ 99.854929][ T7452] hci_conn_del+0x54e/0xdb0
[ 99.856340][ T7452] ? __pfx_l2cap_disconn_cfm+0x10/0x10
[ 99.857967][ T7452] hci_conn_hash_flush+0x4bf/0x790
[ 99.859476][ T7452] ? __pfx_hci_conn_hash_flush+0x10/0x10
[ 99.861129][ T7452] ? drain_workqueue+0x309/0x3d0
[ 99.862587][ T7452] ? hci_inquiry_cache_flush+0x176/0x2f0
[ 99.864255][ T7452] hci_dev_close_sync+0x603/0x11a0
[ 99.865761][ T7452] ? __pfx_hci_dev_close_sync+0x10/0x10
[ 99.867462][ T7452] ? up_write+0x1b2/0x520
[ 99.868750][ T7452] ? rcu_is_watching+0x12/0xc0
[ 99.870159][ T7452] hci_dev_do_close+0x2e/0x90
[ 99.871542][ T7452] hci_unregister_dev+0x213/0x620
[ 99.873046][ T7452] ? __pfx_vhci_release+0x10/0x10
[ 99.874521][ T7452] vhci_release+0x79/0xf0
[ 99.875822][ T7452] __fput+0x3ff/0xb70
[ 99.877035][ T7452] task_work_run+0x14e/0x250
[ 99.878396][ T7452] ? __pfx_task_work_run+0x10/0x10
[ 99.879907][ T7452] do_exit+0xad8/0x2d70
[ 99.881158][ T7452] ? get_signal+0x1d3e/0x26c0
[ 99.882574][ T7452] ? __pfx_do_exit+0x10/0x10
[ 99.883935][ T7452] ? cgroup_update_frozen_flag+0x107/0x210
[ 99.885656][ T7452] do_group_exit+0xd3/0x2a0
[ 99.887021][ T7452] get_signal+0x24ed/0x26c0
[ 99.888371][ T7452] ? __pfx_hrtimer_nanosleep+0x10/0x10
[ 99.889975][ T7452] ? __pfx_get_signal+0x10/0x10
[ 99.891396][ T7452] ? __pfx_hrtimer_wakeup+0x10/0x10
[ 99.893019][ T7452] arch_do_signal_or_restart+0x90/0x7e0
[ 99.894635][ T7452] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 99.896464][ T7452] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10
[ 99.898285][ T7452] syscall_exit_to_user_mode+0x150/0x2a0
[ 99.900009][ T7452] do_syscall_64+0xda/0x250
[ 99.901397][ T7452] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 99.903120][ T7452] RIP: 0033:0x7fb12c1bfa25
[ 99.904440][ T7452] Code: Unable to access opcode bytes at 0x7fb12c1bf9fb.
[ 99.906468][ T7452] RSP: 002b:00007fb12cf65f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 99.908894][ T7452] RAX: fffffffffffffdfc RBX: 00007fb12c3a5fa0 RCX: 00007fb12c1bfa25
[ 99.911175][ T7452] RDX: 00007fb12cf65fc0 RSI: 0000000000000000 RDI: 0000000000000000
[ 99.913463][ T7452] RBP: 00007fb12c20e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 99.915762][ T7452] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 99.918277][ T7452] R13: 0000000000000000 R14: 00007fb12c3a5fa0 R15: 00007ffeea1b5be8
[ 99.921103][ T7452] </TASK>
[ 99.922792][ T7452] Kernel Offset: disabled
[ 99.924644][ T7452] Rebooting in 86400 seconds..
VM DIAGNOSIS:
23:24:02 Registers:
info registers vcpu 0
CPU#0
RAX=0000000080000001 RBX=0000000000000000 RCX=ffffffff8224f99f RDX=fffffbfff20c4b23
RSI=ffffffff8bd359e0 RDI=ffffffff8bd35a20 RBP=0000000000000034 RSP=ffffc9000365f2f8
R8 =0000000000000000 R9 =fffffbfff20c4b22 R10=ffffffff90625917 R11=0000000000000003
R12=ffff88804e474000 R13=000000000003d94c R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff8b574c0d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555590dda500 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f53068d56c0 CR3=0000000028a72000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004000040 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffecf374410 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff19b00f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff19b00f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff19b00f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff19b00f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff19b00f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff19b00f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
CPU#1
RAX=0000000000000000 RBX=ffff88806a8468a0 RCX=ffffffff81add35a RDX=ffff888021128000
RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90000fdf928
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000006
R12=ffffed100d508d15 R13=0000000000000001 R14=ffff88806a73fe80 R15=ffff88806a8468a8
RIP=ffffffff81add32f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fad9b002000 CR3=000000000df80000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000014 000000000001df8a
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555942c57c7 00005555942c5260
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555942c063c 00005555942c0380
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0300080008030004 0004032004000003 0004048003010800 01800404026fdc00
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 020009b403018004 0009b00300080009 a80300040009a403 00080007000c0008
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00100001d0030010 0001c00302100001 b003381000049003 00020009b60301a4
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffeb08 0003001000018004 0100000008060601 64ee00080001e003
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100100000100000 0406017192002363 65632f7665642f01 ffffffffffffffff
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 eb08000300100001 8004010000000806 060164ee00080001 e00300100001d003
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00100001c0030210 0001b00338100004 900300020009b603 01a4020009b40301
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 80040009b0030008 0009a80300040009 a40300020009a203 0e020009a0030008
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2
CPU#2
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85408575 RDI=ffffffff9ab80780 RBP=ffffffff9ab80740 RSP=ffffc9000388f038
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000008
R12=0000000000000000 R13=0000000000000020 R14=ffffffff9ab80740 R15=0000000000000000
RIP=ffffffff8540859f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT= fffffe000008f000 0000007f
IDT= fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c367920 CR3=0000000043ff0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f63f180f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f63f180f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f63f180f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f63f180f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f63f180f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f63f180f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f63f197c488 00007f63f197c480 00007f63f197c478 00007f63f197c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f63f24dd100 00007f63f197c440 00007f63f1970004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f63f197c498 00007f63f197c490 00007f63f197c488 00007f63f197c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3
CPU#3
RAX=000000000009ba0d RBX=0000000000000003 RCX=ffffffff8b574469 RDX=0000000000000000
RSI=ffffffff8b6cee00 RDI=ffffffff8bd35a60 RBP=ffffed1003ad3488 RSP=ffffc900001a7e08
R8 =0000000000000001 R9 =ffffed100d526f85 R10=ffff88806a937c2b R11=0000000000000000
R12=0000000000000003 R13=ffff88801d69a440 R14=ffffffff90625910 R15=0000000000000000
RIP=ffffffff8b57584f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT= fffffe00000d6000 0000007f
IDT= fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffeea1b0a90 CR3=000000003068e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000180001 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe0fc4dba0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c5f5f0045544156 4952505f4342494c
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000042494c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 745f6d6461737973 3a725f00002e6565 72662d7265746661 2d657375203b7700
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7455676461737373 3072550000246565 7266277265746661 2765737520317700
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3434313720303432 3128393439323420 36323331203a2931 35203a3233392e31
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2034303420202020 3122203032303420 2e32332020202931 3000003020302e30
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 696c3d723a376f6e 65692a333c3b6e32 6c6b333b6c6c3d72 3a377a632a3a377e
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3e3e3b3d323a3e3d 3b227e636e7f6b2a 3c38393b376f7a73 7e2a307e636e7f6b
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000