last executing test programs: 3.618529851s ago: executing program 2 (id=543): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) shutdown(r1, 0x0) read(r1, &(0x7f0000000000)=""/114, 0x72) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000100)={@random="9115463ecc79", @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @remote, @remote, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @remote}}}}, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r3, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0xe, &(0x7f0000001700)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ab99dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c41ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42cea68bef67422ecc13968a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f381ba6e0363d0a4a8a813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c60"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0xfffffedf, 0x10, &(0x7f0000000040), 0x0, 0x0, 0xffffffffffffffff, 0xd}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r6, 0x0, 0x10, 0x0, &(0x7f0000002580)="f0b9547ee7affa9daabd309a75d387db", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETRULE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x20, 0x7, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x2008010}, 0x4040000) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32], 0x1c}}, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0) io_uring_setup(0x44e8, &(0x7f0000000080)={0x0, 0x17a3, 0x800, 0x1, 0x337}) write$nci(r0, &(0x7f0000000040)=@NCI_OP_CORE_CONN_CREDITS_NTF={0x0, 0x1, 0x3, 0x6, 0x1, {0x1, [{0x2, 0x1}]}}, 0x6) 3.470457467s ago: executing program 2 (id=546): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000080)={0x0, 0x7f, 0x700}) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'caif0\x00', 0x0}) r4 = io_uring_setup(0x7939, &(0x7f00000004c0)={0x0, 0x0, 0x2, 0x1, 0x215}) r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x81, 0x8, 0x2, 0x0, 0x1}, 0x48) r6 = socket$inet6_udp(0xa, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r5, &(0x7f00000004c0), &(0x7f0000000400)=@udp6=r6}, 0x3f) recvfrom(r6, &(0x7f00000004c0)=""/186, 0xba, 0x10021, 0x0, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) readv(r1, &(0x7f00000008c0)=[{&(0x7f0000000140)=""/108, 0x6c}, {&(0x7f0000000280)=""/193, 0xc1}, {&(0x7f0000000380)=""/88, 0x58}, {&(0x7f0000000400)=""/153, 0x99}, {&(0x7f00000004c0)=""/79, 0x4f}, {&(0x7f0000000540)=""/247, 0xf7}, {&(0x7f0000000640)=""/243, 0xf3}, {&(0x7f0000000740)=""/66, 0x42}, {&(0x7f00000007c0)=""/161, 0xa1}], 0x9) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000880)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000100000000000002a0000000c00018008000100", @ANYRES32=r3], 0x20}, 0x1, 0x0, 0x0, 0x40040}, 0x0) 2.639135734s ago: executing program 2 (id=565): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000008c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)={0x20, r1, 0x401, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x44010}, 0x4000000) 2.590559984s ago: executing program 2 (id=566): setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x3, &(0x7f0000000040), 0x4) openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x40, 0x4, 0x6}, 0x18) r0 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) connect$llc(r0, &(0x7f00000004c0)={0x1a, 0x201, 0xc4, 0x2, 0x3f, 0x4, @random="645ab0c196b1"}, 0x10) 2.590392901s ago: executing program 2 (id=567): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newtaction={0x74, 0x30, 0x400, 0x0, 0x0, {}, [{0x60, 0x1, [@m_ctinfo={0x30, 0x2, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_nat={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x74}}, 0x0) 2.540088166s ago: executing program 2 (id=568): r0 = socket$nl_audit(0x10, 0x3, 0x9) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000280)={0x73622a85, 0x110b, 0x8000000000002}) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0xffffffffffffff61, 0x0, 0x0}) r3 = dup3(r2, r1, 0x0) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000500)="d8000000180081054e81", 0xa}], 0x1}, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x70, 0x18, &(0x7f00000005c0)={@ptr={0x70742a85, 0x0, 0x0, 0x70, 0x1, 0x25}, @ptr={0x70742a85, 0x0, &(0x7f0000000440)=""/220, 0xf90, 0x1, 0x29}, @fda={0x66646185, 0x5, 0x1, 0xc8}}, &(0x7f00000001c0)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0}) mkdir(&(0x7f0000000000)='./control\x00', 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0x18000000000002a0, 0x36, 0x0, &(0x7f0000000000)="b9fe030768045c8c989a14f088a8657986dda8c6e96fd9d5a77080d1016ac1eb01639fa5680155e0b2c6ed515651056c705918431d6a", 0x0, 0x9e, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) ppoll(&(0x7f00000002c0)=[{r4, 0xd9b685ac07042935}, {r5, 0xc208}], 0x2, &(0x7f0000000300), &(0x7f0000000580)={[0x6]}, 0x8) mkdir(&(0x7f0000000140)='./file0\x00', 0x200) r6 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000200)={'vxcan1\x00', 0x0}) bind$can_j1939(r6, &(0x7f0000000340)={0x1d, r7, 0x0, {}, 0x2}, 0x18) sendmsg$can_j1939(r6, &(0x7f00000002c0)={&(0x7f00000000c0)={0x1d, 0x0, 0x16, {0x0, 0x1ee, 0x1}}, 0x18, &(0x7f00000004c0)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x0) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$SO_TIMESTAMP(r8, 0x1, 0x38, 0x0, &(0x7f0000000140)) rename(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./control\x00') ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'veth1_vlan\x00', &(0x7f0000000540)=@ethtool_gstrings={0x1b, 0x9}}) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x56a, 0x317, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x37, 0x10, 0xff, [{{0x9, 0x4, 0x0, 0x81, 0x2, 0x3, 0x1, 0x2, 0x40, {0x9, 0x21, 0x41d5, 0x0, 0x1, {0x22, 0x4e5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x1, 0x9, 0xa}}}}}]}}]}}, &(0x7f0000000440)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x201, 0x2, 0x6, 0x82, 0xff, 0x7}, 0x5, &(0x7f0000000640)=ANY=[@ANYBLOB="050f050002c7411484c0fe619a17d91f7a293d90a01baff1772ab9a1eb438b96caba496734253b6fe8e968d9acb1df380000000000008d6783091d11854e692a67f2a090c58434e4674114615690037724b39a8fd661f188f693cabdea06f559cee071bb1746fa7d462e5ef5d0667045780f970a7001b4974709c3709116ac08051c7cb98848c0b3863797d6520000"], 0x2, [{0x54, &(0x7f0000000240)=@string={0x54, 0x3, "d10fa913afc69c5b612fdb65c4b832503ee7d0decffcd8eb8609851f4e605f140d0bb16a3da0dc79ecd15c134024181cf81439e4b0daa4eb248468f6817112573d73851a3e432cc8e9d120cd1bc3e9378a33"}}, {0x4b, &(0x7f0000000700)=ANY=[@ANYBLOB="4b0365cd9a4733676e98ee769aae315877db5706830ecbd70a6455f64a6e7dd72734d33749e5a9432e6497d0c294a380431c312e64894533937f9d1156d03bd8d6c33a50e7ef098907473be2ed"]}]}) 1.410466061s ago: executing program 0 (id=600): r0 = socket(0x200000000000011, 0x2, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) socket(0x200000000000011, 0x4000000000080002, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000d00)={0x11, 0x1c, r3, 0x1, 0x0, 0x6, @local}, 0x14) writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1) writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1) r4 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x48f, &(0x7f0000000000)={0x11, @private, 0x0, 0x0, 'lc\x00'}, 0x2c) mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil) 1.410224558s ago: executing program 0 (id=601): syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) mkdir(&(0x7f0000000380)='./file1\x00', 0xa) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85823d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2ba9c29faa38c409d32b6b7d6cf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e933119c5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fa62fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120bed64069dcf82d3e5e0361e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a1000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0daca8d4c1090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c607ef50a991c410f7c60e45b5c193f813a36d841165b91b5e170f6ba24558df57145eb8142a6ed87c6d5cbae3e52d569996604669a6e9ca1a3689c795970b4bcd00881faff52a6766fafa07ed7d4a49f47d34fd76a394adcb33a270b6a14e74bca7c2ea92dd845d3f774fde1bbea911c1ea76d52f7912e2597e6a33380647ed44956730b5b84662b8e659124379c0d86b1d28fdfa3cd2013103e3048c4ad4f5a4dcd133b2fc8fae3b51e4433cee7c08e67c7d7ed4432045e10f8718e5c163b1704fa2c707b61a1a9f63edfceff1a0cd7baf4a15b2fd607a09d398d73243bdcc664fbd5f582e48af2a18b02f0184a7bdd95ac78241e6749e74b152702333c56588375f806f10578eaae329c4f8dfb83e5524e2c9aa59ce7828bd1f146b2a4150fb2a8ced08e2ffac81e921e8a6f0071361a0acdbd125fb5f5e9ffe98e38508582a496afd30ca460dbfca77915a18b7b9ef6c1d6e13bc12fe43063cfecfafb05bf2339ad61533fbf3e410b403182742fa2d40c402cb83c2fef46a36f17c1abf97b0e2d114bd1472ab4207aa060f9e5d91c4a4911b1a1df47b858be141ab3386f26f561df35678489dc1b9f10eee1b2ab3dfdaedd7e06ff8a127f1743fcb32d7f80d40aebc1ea72edc348f5f9ba4bace97db948c24c679c74cd4336a7233d836082bb0e8b013bd1ee3612cd43cd2a3cb83754bb3408"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0xfffffedf, 0x10, &(0x7f0000000040), 0xffffff95, 0x0, 0xffffffffffffffff, 0xd}, 0x48) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0) r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189378, &(0x7f0000000280)={{0x1, 0x1, 0x18, r3, {0x7}}, './file1\x00'}) 1.329569716s ago: executing program 0 (id=602): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x240480, 0x0) ioctl$RTC_UIE_ON(r2, 0x7003) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000080)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487420f01c266bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x4a}], 0x1, 0x56, 0x0, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240)) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28) ioctl$KVM_RUN(r3, 0xae80, 0x0) setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5}) 1.240355989s ago: executing program 1 (id=603): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000008c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)={0x24, r1, 0x401, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_KEY={0x4}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x24}, 0x1, 0x0, 0x0, 0x44010}, 0x4000000) 1.239939329s ago: executing program 1 (id=604): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x800, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x2}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) readv(r1, &(0x7f0000000340)=[{&(0x7f0000000080)=""/107, 0x6b}], 0x1) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000280), 0x14) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000480), 0x4) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000100)={"6fd068185bc58c9c6bce23544e225a24", 0x0, 0x0, {0x1000, 0x5}, {0x8, 0x6}, 0x6, [0x0, 0x7, 0xa, 0x7f, 0x100, 0x5, 0xf79, 0x9, 0xffffffff, 0x95, 0x9120, 0x2, 0xb, 0x2, 0x5]}) ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f0000000200)=0x0) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000300)={"eacb798fc776411d02e164d22cf65f8e", r2, r3, {0xb, 0x4}, {0xfffffffffffffffe, 0xcb}, 0xffffffff, [0x9, 0x5, 0x38438a6, 0x4, 0x1, 0x159, 0x10001, 0x9, 0x7, 0x1, 0x5, 0x1ff, 0x0, 0xa45, 0xe3, 0x100000001]}) setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000540)={0x80000000, {{0xa, 0x4e22, 0x3, @empty, 0x9}}, {{0xa, 0x4e23, 0xfffffff8, @local, 0x3}}}, 0x108) write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0'}, 0xb) r4 = socket(0x400000000010, 0x3, 0x0) write(r4, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02802000030011000500e1000cee0202001a000000", 0x33a) r5 = accept4$llc(r4, &(0x7f00000004c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000240)=0x10, 0x0) setsockopt$llc_int(r5, 0x10c, 0x3, &(0x7f0000000440)=0x1000, 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000500)=@gcm_256={{0x303}, "2a4001011f891d5b", "11682d84dd05bb63ae661f051e1e79ceafeaa60a5bd1dc83db142ade2bd907fd", "fd6ed24e", "d4e9e1c90d89691c"}, 0x38) 1.030235076s ago: executing program 0 (id=605): r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/snmp\x00') r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x0, 0x2}) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r3 = dup3(r2, r1, 0x80000) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0xffffffffffffff9a, 0x1000000, 0x0}) ioctl$EVIOCREVOKE(r3, 0x40044591, 0x0) r4 = syz_open_dev$dri(&(0x7f0000000000), 0xfffffbffffffffff, 0x40000) r5 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r6, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r5, 0xc06864ce, &(0x7f0000000440)={r7, 0x835, 0x0, 0x0, 0x0, [0x0], [], [0x0, 0x0, 0x0, 0xffffffff], [0x3ff]}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, &(0x7f0000000080)={r8, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r9}) close_range(r0, 0xffffffffffffffff, 0x0) 1.030027165s ago: executing program 1 (id=606): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40140, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = dup(r2) write$UHID_INPUT(r3, &(0x7f0000001980)={0xc, {"a2e3ad214fc752f91b25060987f70e06d038e7ff7fc6e5539b325d078b089b3b08386e090890e0878f0e1ac6e7049b334d959b429a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31303b305d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x5c1}}, 0x505) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x10}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r5}, 0x10) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x400000a, 0x54032, 0xffffffffffffffff, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0xc0, &(0x7f0000000000)=0x3, 0x0, 0x4) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000000c0)=@ethtool_gfeatures}) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000001100)=ANY=[@ANYBLOB="010001d8053f96348100000074657221060000000000007f4a758f9b1903ac00"/48]) 949.630509ms ago: executing program 0 (id=607): bpf$TOKEN_CREATE(0x24, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0) 949.440435ms ago: executing program 1 (id=608): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001040)={0xc, {"a2e3ad21ed0d52f90925090987f70e06d038e7ff7fc6e5539b3243078b089b3b33386d090890e0878f0e1ac6e7049b334c959b4a9a240f5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d076d0936cd3b78130daa61d8e809ea02b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18809a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dce61a0b29aa328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xd0}}, 0x1006) r2 = socket(0x10, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_GET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002cbd7000fddbdf252b000000180001801400020076657468305f746f5f626174616476"], 0x2c}, 0x1, 0x0, 0x0, 0x8800}, 0x4048040) r7 = userfaultfd(0x1) ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x441}) ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000481000/0x1000)=nil) ioctl$UFFDIO_CONTINUE(r7, 0xc020aa07, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x8604}, 0x10) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000005e000ffb28bdf6a7c8ea35a9c3a1"], 0x1c}, 0x1, 0x0, 0x0, 0x4048885}, 0x44040) 820.005304ms ago: executing program 0 (id=609): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x6) r1 = syz_open_dev$vim2m(&(0x7f0000000200), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000040)={0xf0f045}) ppoll(&(0x7f0000000300)=[{r1, 0x2007}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, &(0x7f0000000040)={0x80, 0x6}) r3 = dup(0xffffffffffffffff) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="050000000700405db80dec1baf", @ANYRES32=r3, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000400)="61ad6271dcf30d7379e8fe79452010b3d2cab45a118ef03d8165bdda8acadf07311e768edab2b5d32124a60841e114e162c5b1c875ad0627ee272dbf733d7f516013f089f937e152d401a757bb860c2d3c0c3eff5e79dfbc958dbbd071e669378b832658e5aa67", &(0x7f0000000280)="ef3da423a8e9d50e5e232558", 0x1, r4}, 0xffffffffffffff7e) ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f0000000500)={0x1fe, 0x4, 0x8080000, 0x1000, &(0x7f0000ffe000/0x1000)=nil, 0x31, r2}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.current\x00', 0x26e1, 0x0) close(r5) r6 = socket$kcm(0xa, 0x2, 0x0) sendmsg$kcm(r6, &(0x7f00000004c0)={&(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, r6, 0x4, 0x3, 0x2, 0x0, {0xa, 0x4e24, 0x9, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7}}}, 0x80, 0x0}, 0x2000f765) ioctl$SIOCSIFHWADDR(r5, 0x8b32, &(0x7f0000000000)={'virt_wifi0\x00', @random="0dcb018cefe4"}) r7 = socket$inet6(0xa, 0x80002, 0x88) setsockopt$inet6_udp_int(r7, 0x11, 0x65, &(0x7f0000000240), 0x4) r8 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r8, 0x84, 0x20, &(0x7f0000005f80), &(0x7f0000005fc0)=0x4) r9 = socket$packet(0x11, 0x3, 0x300) r10 = socket$alg(0x26, 0x5, 0x0) bind$alg(r10, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(authencesn(streebog256-generic,xchacha12-generic))\x00'}, 0x58) r11 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x20801, 0x0) ioctl$SNDCTL_DSP_SPEED(r11, 0xc0045002, &(0x7f0000000180)) write$dsp(r11, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) r12 = accept$alg(r10, 0x0, 0x0) sendmmsg$alg(r12, &(0x7f0000006300)=[{0x0, 0x0, 0x0}], 0x1, 0x20008802) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0xd, 0x4, &(0x7f0000000340)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0xf}, 0x94) setsockopt$packet_fanout(r9, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4) syz_open_dev$tty1(0xc, 0x4, 0x1) dup(r11) 149.991439ms ago: executing program 3 (id=615): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x9}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='westwood\x00', 0x9) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x2}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x48}}, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 149.590756ms ago: executing program 3 (id=616): r0 = socket$kcm(0x10, 0x3, 0x10) recvmsg(r0, 0x0, 0x10000) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000e5373526a01e"], 0x1c}, 0x1, 0x0, 0x0, 0x48050}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000000000008000500", @ANYRES8=r2], 0x20}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800090400000000000000000a000000000000030000000008001e0001"], 0x24}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x64, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x30, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x64}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x420}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) recvmmsg$unix(r1, 0x0, 0x0, 0x26022, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x34, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1805b}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000006c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xa}, {0x0, 0x6}, {0x13}}}, 0x24}, 0x1, 0x0, 0x0, 0x24004000}, 0x20044810) 90.517506ms ago: executing program 3 (id=617): r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_TABLE(r0, 0x29, 0xd1, &(0x7f0000000040)=0xfe, 0x4) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) read$FUSE(r1, &(0x7f0000000140)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_DIRENT(r1, &(0x7f0000002340)=ANY=[@ANYBLOB="e001000000000000", @ANYRES64=r2, @ANYBLOB="07000000000000140000000000000000b7010000000000007fb4e4a3e82449888c0a7daca90e9204bcd4badb080000005300bd75b93bcdeb1a4cec3f7f5c4ee14589c966d18a78f381044b4a0be919482bdfe3dba4324c68b8e46e4cfe31d560864363ddf26e0ea7f58603eeec38ad06a8d730baa9ae28c00633d5b669ebaee23e66a1c7e85fd9ae2c8db001f03cd65f65a44610c0c6103d17161ad98baf711e5fee20bb929f890a1bafa2444469e49b65676376a1e4458f738ec65b2e980f3bc34835fb0ee8b23c3e0deb9b0cf615f2c0264cec3bcac0a3b684c7689c9dfd55592d6f33ce00003390dc9f952cb2a50dcc98f500000000000000004af4a9d032530c5afbfc2021650e2febc5fae3f59e91ad4abd2b2d6eb4b86134bcdf1dd8c144ff7c4724f60df3ad354f7ea97109b4830a0666f0b3a604a7ecfd7af3da58c15341e478a1d96aaabd54bec794a8e5779711080cfce69a7811035281c9901f51f7ae2868d28f6a0970f856645930a8c67c4d3f324a03fffa499a76f65e0152ce40b4e5080021546fdb7ddd9d267c4c2b55b210ae6fe6f5cfb2b11084d02296a846737456b53ad78c45950e0c674abaee178bc2c13c4063c107170894b206fb8e340fca54e14d98064d7ca9b79a82f402"], 0x1e0) 90.299704ms ago: executing program 3 (id=618): socket(0x11, 0x1, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000780)=ANY=[@ANYBLOB="7c000000020801010000000000000000010000002400048008000140000001010800014000000100080001400000000608000240000001cd44000480080001407fffffff0800014000000099080001400000c963e3dbfceb004908000140000000060800014000000000080001400000c55008000140000000070800014000000003"], 0x7c}, 0x1, 0x0, 0x0, 0xc0}, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f00000004c0)={0x60, 0x0, &(0x7f0000165000/0x4000)=nil, &(0x7f00004fa000/0x4000)=nil, 0x0, &(0x7f0000000680)=[{0x2, 0x5, 0xb}, {0x5, 0xff, 0x7}], 0x2, 0x1ff}) 81.400789ms ago: executing program 1 (id=619): r0 = socket$inet(0xa, 0x801, 0x84) syz_emit_ethernet(0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="00519200000008000540"], 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) r3 = dup2(r2, r2) write$tun(0xffffffffffffffff, &(0x7f0000000240)={@val={0x0, 0x22f0}, @val={0x1, 0x1, 0x1ff, 0x0, 0x3, 0x100}, @ipv4=@icmp={{0x20, 0x4, 0x1, 0x19, 0xf0, 0x64, 0x0, 0x3, 0x1, 0x0, @loopback, @empty, {[@generic={0x44, 0x7, "6fe680b9a9"}, @ra={0x94, 0x4, 0x1}, @rr={0x7, 0x13, 0x9d, [@private=0xa010100, @loopback, @local, @empty]}, @cipso={0x86, 0xf, 0xffffffffffffffff, [{0x0, 0x9, "6528c2852fadfb"}]}, @timestamp={0x44, 0x20, 0xf7, 0x0, 0x3, [0x8, 0x7fffffff, 0x1, 0x1ff, 0x6, 0x1937, 0xa]}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x4, 0xf9, 0x1, 0x7}, @generic={0x88, 0xf, "6a96ccc4b624b1f33ce0bc455c"}, @ra={0x94, 0x4, 0x1}, @end]}}, @echo_reply={0x0, 0x0, 0x0, 0x65, 0x1, "0d1a5af564ea6e299141a34e4d29d83b8c9cec121c34222b3d225daa1fe79f5051cf5071a0fa1eca9a6518904caefa4068adb82d2591340c27d322ff382d24224499d38d6f58521ecf4b014d9d14151d6632cc75b12916bda6103e08fe3748f9fe9377de7f74b4dc"}}}, 0xfe) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000100)={'\x00', 0x200, 0x1ff, 0x1, 0x10000053c2, 0x73c3f1c3}) ioctl$BLKTRACESTART(r2, 0x1274, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="1400000010000100edff0000000000000000000a58000000060a09040000000000000000020000002c000480280001800d00010073796e70726f787900000000140002800500020009000000080003400000000a0900010073797a30000000000900020073797a32"], 0x80}}, 0x0) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) r4 = accept4(r0, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r4, 0x84, 0x73, &(0x7f0000000040)={0x0, 0x2, 0x10, 0x8, 0x1830}, &(0x7f0000000080)=0x18) 406.504µs ago: executing program 3 (id=620): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/fscaps', 0x10603, 0x0) write$binfmt_misc(r0, &(0x7f0000000040)="930fea3cd6f67636d8134f5dac6acc2e4ba0da718f1ea4b0074b50da5ecae1c152", 0x21) write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000080)={0x31, 0x4, 0x0, {0x3, 0x24, 0x9, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, 0x31) setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f00000000c0)=0x101, 0x4) getdents(r0, &(0x7f0000000100)=""/4096, 0x1000) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r0, 0xc01064c2, &(0x7f0000001100)={0x0, 0x1, r0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r0, 0xc01064c1, &(0x7f0000001140)={r1, 0x0, 0xffffffffffffffff}) recvfrom$inet_nvme(r0, &(0x7f0000001180)=""/39, 0x27, 0x2003, &(0x7f00000011c0)=@sco, 0x80) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000001240)=0x0) r4 = syz_open_procfs(r3, &(0x7f0000001280)='net/rt6_stats\x00') r5 = openat$selinux_create(0xffffffffffffff9c, &(0x7f00000012c0), 0x2, 0x0) fadvise64(r5, 0x9, 0x6, 0x4) r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001300), 0xadc4f37b60e99273, 0x0) ioctl$PPPIOCGNPMODE(r6, 0xc008744c, &(0x7f0000001340)={0xfd, 0x3}) ioctl$FS_IOC_SETVERSION(r6, 0x40087602, &(0x7f0000001380)=0x5) r7 = accept4$inet6(r0, &(0x7f00000013c0)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000001400)=0x1c, 0x800) ioctl$sock_FIOSETOWN(r7, 0x8901, &(0x7f0000001440)=r3) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000001480)={0x0, 0x1}, &(0x7f00000014c0)=0x8) setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r6, 0x84, 0x5, &(0x7f0000001500)={r8, @in={{0x2, 0x4e21, @local}}}, 0x84) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r4, 0x660c) ioctl$DRM_IOCTL_MODESET_CTL(r4, 0x40086408, &(0x7f00000015c0)={0x8001, 0xfffffffc}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r6, 0xc01064c1, &(0x7f0000001600)={r1, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r4, 0xc01064c2, &(0x7f0000001640)={0x0, 0x0, r9}) r10 = fanotify_init(0x1, 0x2) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000001700)={{0x1, 0x1, 0x18, r2, {0xffffffffffffffff, 0xffffffffffffffff}}, './file0\x00'}) mount$9p_fd(0x0, &(0x7f0000001680)='./file0\x00', &(0x7f00000016c0), 0x2000804, &(0x7f0000001740)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[{@afid={'afid', 0x3d, 0x80}}, {@noextend}], [{@uid_eq={'uid', 0x3d, r12}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'net/rt6_stats\x00'}}, {@context={'context', 0x3d, 'root'}}, {@fsuuid={'fsuuid', 0x3d, {[0x34, 0x65, 0x35, 0x66, 0x37, 0x61, 0x64], 0x2d, [0x65, 0x61, 0x39, 0x63], 0x2d, [0x30, 0x66, 0x30, 0x66], 0x2d, [0x61, 0x36, 0x66, 0x39], 0x2d, [0x63, 0x31, 0x31, 0x38, 0xf30f988c1e227128, 0x31, 0x36, 0x33]}}}, {@fsmagic={'fsmagic', 0x3d, 0x6}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@audit}]}}) write$nci(r0, &(0x7f0000001840)=@NCI_OP_NFCEE_MODE_SET_RSP={0x2, 0x1, 0x2, 0x1, 0x1, 0x1}, 0x4) ioctl$SIOCX25SCUDMATCHLEN(r11, 0x89e7, &(0x7f0000001880)={0x21}) mount$overlay(0x0, &(0x7f00000018c0)='./file0\x00', &(0x7f0000001900), 0x1008, &(0x7f0000001940)={[{@verity_off}, {@volatile}, {@workdir={'workdir', 0x3d, './file0'}}, {@redirect_dir_nofollow}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@fowner_lt={'fowner<', r12}}, {@smackfsroot={'smackfsroot', 0x3d, 'audit'}}, {@dont_hash}, {@euid_gt={'euid>', r12}}, {@fsname={'fsname', 0x3d, '\x8d('}}, {@uid_gt={'uid>', r12}}, {@dont_measure}]}) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r11, &(0x7f0000001b00)={&(0x7f0000001a40)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001ac0)={&(0x7f0000001a80)={0x2c, 0x0, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@L2TP_ATTR_DEBUG={0x8}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x4}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4880}, 0xc0) 135.15µs ago: executing program 1 (id=621): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) getpeername$netrom(r0, &(0x7f0000000000)={{0x3, @netrom}, [@remote, @netrom, @remote, @netrom, @bcast]}, &(0x7f0000000080)=0x48) (async, rerun: 32) ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0x4004f506, &(0x7f00000000c0)) (async, rerun: 32) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x70, 0x1405, 0x2, 0x70bd2b, 0x25dfdbfe, "", [{{0x8, 0x1, 0x1}, {0x8, 0x3, 0x2}}, {{0x8, 0x1, 0x1}, {0x8, 0x3, 0x3}}, {{0x8}, {0x8}}, {{0x8, 0x1, 0x1}, {0x8, 0x3, 0x4}}, {{0x8, 0x1, 0x2}, {0x8, 0x3, 0x1}}, {{0x8}, {0x8, 0x3, 0x1}}]}, 0x70}, 0x1, 0x0, 0x0, 0x4010}, 0x8000) (async) r2 = syz_open_dev$swradio(&(0x7f0000000240), 0x0, 0x2) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r2, 0xc034564b, &(0x7f0000000280)={0x8, 0x31364d59, 0x800, 0x7, 0x1, @discrete={0xd, 0x6}}) (async) ioctl$VIDIOC_G_FMT(r2, 0xc0d05604, &(0x7f00000003c0)={0x7, @win={{0x9, 0x8, 0x5, 0x7}, 0x0, 0x7fff, &(0x7f0000000340)={{0x0, 0x8264, 0x7, 0x9}, &(0x7f0000000300)={{0x1, 0x14d3, 0x0, 0xc5}, &(0x7f00000002c0)={{0x541, 0x8, 0x10000, 0xda56}}}}, 0x6, &(0x7f0000000380)="66d6ab109eb8d171f9ff5b46840716fb4e72f7e96b8e74338f11d5d6e68870", 0x7}}) (async, rerun: 32) ioctl$IOC_PR_RELEASE(0xffffffffffffffff, 0x401070ca, &(0x7f00000004c0)={0x401, 0x6, 0x1}) (async, rerun: 32) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r2, 0xc034564b, &(0x7f0000000500)={0x9, 0x59455247, 0x1000, 0x9, 0x1, @discrete={0x74}}) (async) lseek(r2, 0x2, 0x4) (async) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, &(0x7f0000000540), &(0x7f0000000580)=0x4) r3 = socket(0x18, 0x80000, 0x2) r4 = openat$uinput(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0) ioctl$UI_SET_KEYBIT(r4, 0x40045565, 0x99) (async) ioctl$VIDIOC_G_SLICED_VBI_CAP(r2, 0xc0745645, &(0x7f0000000600)={0x4, [0x0, 0x8, 0xffff, 0x55, 0xfff, 0xff, 0x6, 0x800, 0x0, 0xfff2, 0xa, 0x2, 0x4fd0, 0x9, 0x1000, 0x8, 0x6, 0x9, 0x2, 0x3ff, 0x3, 0x4, 0x4f, 0x8, 0x3, 0x8, 0x2, 0x7, 0x5f30, 0x9, 0x296e, 0xfffd, 0x8, 0x1ff, 0xa, 0x2, 0xa, 0x9, 0x401, 0xa1, 0x8, 0x9, 0x200, 0x8000, 0x3, 0x8, 0x1, 0x2], 0x3}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), r3) (async, rerun: 64) r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000006c0)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0) (rerun: 64) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000740), r3) sendmsg$NL80211_CMD_GET_MPATH(r5, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x38, r6, 0x8, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x4, 0x6b}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) (async) r7 = socket$l2tp(0x2, 0x2, 0x73) (async) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000840)={0x0, 0x0, 0x7, 0x0, '\x00', [{0x40, 0x7, 0x4b6, 0x5, 0x4, 0x5}, {0x37, 0x81, 0x1, 0x5, 0x9, 0x6}], ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}) write$selinux_create(r5, &(0x7f0000000ac0)=@objname={'system_u:object_r:pinentry_exec_t:s0', 0x20, 'system_u:system_r:kernel_t:s0', 0x20, 0x4, 0x20, './file0\x00'}, 0x60) syz_genetlink_get_family_id$team(&(0x7f0000000b40), r3) (async) pwrite64(0xffffffffffffffff, &(0x7f0000000b80)="c94aab7617db8b222d6d586a5a94b17e175569b98b87a34fa786a3692d27179a52054064646b9fe879708bf755ccf5330e34ce50f5d794938e10703ebd42f380859756f0bd44fb7bd42b33c948344fe6b1537c60bb2a8ef253b0b850cba2aaa4d4dad419acc8e2870c3f2308e0e07a37de074c5c89d06628a68ea7d1c479303b265719c308ed40bd45a6c7a044373d866468083fd37d674c43d073c24e5ce957e8e48b9f80b6eea176fc495e2251139e8bcf236c49f7c46df6328113e1a790b6e7243dcf26c0d194e54b7081a22f3dac51bd965716ed1a1b56ad2323c5877a482b7f560844a7011b0e6f00efbd01160e2d72", 0xf2, 0xc) (async) ioctl$VIDIOC_ENUMAUDOUT(r5, 0xc0345642, &(0x7f0000000c80)={0x2, "87be1db23e9267f9ab506cece1dc1e8e135d372277b989fedf871075aa987c3a", 0x3, 0x1}) ioctl$BTRFS_IOC_RESIZE(r3, 0x50009403, &(0x7f0000000cc0)={{r7}, {@void, @actul_num={@val=0x2b, 0x9, 0x47}}}) (async) r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000d40), r3) sendmsg$L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000e40)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000d80)={0x44, r8, 0x400, 0x70bd25, 0x25dfdbfe, {}, [@L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x1}, @L2TP_ATTR_MTU={0x6, 0x1c, 0xc29}, @L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x3}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x7}]}, 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x7a74db70f7747b38) (async, rerun: 64) pwrite64(r2, &(0x7f0000000e80)="f62125d4812b7aefec8fa43d65415b310c997c8bc448eec82ba00788493498b41afb603164a39240866e39cb0abd37435b7f6b4ea46e448700c7", 0x3a, 0x5) (rerun: 64) 0s ago: executing program 3 (id=622): r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) (async) mmap(&(0x7f0000200000/0x4000)=nil, 0x4000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x0) (async) sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0) (async) r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000300), 0x2) (async) r2 = memfd_create(&(0x7f00000009c0)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdbU\xb1\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\x90i\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14O\xf8\xb5C\x1f\xb6b8b\x06A2@D\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\x05\x00\x00\x00\x00\x00\x00\x00\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\x88\xd1\x1eQB\x18\xc1-\xc4\x8fK\xf8\xfa\xb6\xf8\v;\xaa\x8fW\xcc\n\x17\x7f\x98\xb7\xcdqV\xd4\xf0)\xfa\x0fG\xc8\xbf\xfd\xe8>K\f\xcd+\xb0\x99Q\xba/\xa8\xb9`k\b\xd1\xcc\xfc\xeaA\"\v=\x83fC\x90%\xa1d\x91\xf8:\x16<\xad\xc2\x18\xdf\x01\xe2\x96\xfcj\xe9\xa4\x065m\x03\x05Np\xda\"\xf1\xb6\xbcP\x8fP\x8d\x89%\xf2\x12T\xd0\xc3\x15W\x9c\x87\x1b\x8c\xc9\xd9\xc6\xad\x96-d\xa2wFB\xcaB\xa5\x15\xf8,\x04\x1c*\xd98\x8bG\x90\x81`\x03\xe0\xde\x9c\x9a\x0f\x1b\x8f\xd2%*&$Wc\xb3\xa6\xc4TK1}2\xb3\xab\xf4\xb7\xb7\x85\apa\xaf\x1c\x10i\xb9\x9f\x06\xff4%\"7f \x0e\xf5Bk\r\xac\"\x13tNx\xc0$\x85\x9f', 0x3) ftruncate(r2, 0xffff) fcntl$addseals(r2, 0x409, 0x7) (async) r3 = ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f0000000100)={r2, 0x0, 0x0, 0x1000}) ioctl$DMA_BUF_IOCTL_SYNC(r3, 0x40086200, &(0x7f0000000040)=0x1) (async) ioctl$DMA_BUF_IOCTL_SYNC(r3, 0x40086200, &(0x7f00000006c0)=0x1) 0s ago: executing program 1 (id=623): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$TCFLSH(r2, 0x400455c8, 0x1) (async) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000140)=0xffffffc0) prctl$PR_SCHED_CORE(0x4d, 0x1, 0x0, 0x0, 0x0) timer_create(0x1, 0x0, &(0x7f0000bbdffc)) (async) timer_create(0x0, 0x0, &(0x7f0000bbdffc)) (async) close_range(r1, r1, 0x2) (async) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1c}, @NFTA_SET_ID={0x8}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x40}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x6}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xd0}}, 0x0) kernel console output (not intermixed with test programs): [ 38.211673][ T40] audit: type=1400 audit(1756106538.390:59): avc: denied { write } for pid=5877 comm="sh" path="pipe:[5067]" dev="pipefs" ino=5067 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 38.221090][ T40] audit: type=1400 audit(1756106538.390:60): avc: denied { rlimitinh } for pid=5877 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 38.229073][ T40] audit: type=1400 audit(1756106538.390:61): avc: denied { siginh } for pid=5877 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:49824' (ED25519) to the list of known hosts. [ 39.326120][ T40] audit: type=1400 audit(1756106539.520:62): avc: denied { name_bind } for pid=5885 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 39.351109][ T40] audit: type=1400 audit(1756106539.540:63): avc: denied { write } for pid=5888 comm="sh" path="pipe:[5081]" dev="pipefs" ino=5081 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 39.370076][ T40] audit: type=1400 audit(1756106539.560:64): avc: denied { execute } for pid=5888 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 39.377541][ T40] audit: type=1400 audit(1756106539.560:65): avc: denied { execute_no_trans } for pid=5888 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 41.382178][ T40] audit: type=1400 audit(1756106541.570:66): avc: denied { mounton } for pid=5888 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 41.385035][ T5888] cgroup: Unknown subsys name 'net' [ 41.536088][ T5888] cgroup: Unknown subsys name 'cpuset' [ 41.542323][ T5888] cgroup: Unknown subsys name 'rlimit' [ 41.797875][ T5952] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 42.459402][ T5888] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.713817][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 45.713828][ T40] audit: type=1400 audit(1756106545.910:80): avc: denied { execmem } for pid=5965 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 45.936040][ T40] audit: type=1400 audit(1756106546.130:81): avc: denied { create } for pid=5969 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.942199][ T40] audit: type=1400 audit(1756106546.130:82): avc: denied { read write } for pid=5969 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 45.949528][ T40] audit: type=1400 audit(1756106546.130:83): avc: denied { open } for pid=5969 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 45.956558][ T40] audit: type=1400 audit(1756106546.140:84): avc: denied { ioctl } for pid=5969 comm="syz-executor" path="socket:[6025]" dev="sockfs" ino=6025 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.969208][ T5972] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 45.972991][ T5972] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 45.975697][ T5972] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 45.978267][ T5972] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 45.981082][ T5972] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 45.986168][ T5980] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 45.990400][ T5977] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 45.990548][ T5979] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 45.990966][ T63] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 45.991431][ T63] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 45.991855][ T63] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 45.992105][ T63] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 45.999123][ T40] audit: type=1400 audit(1756106546.190:85): avc: denied { read } for pid=5981 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 46.000393][ T5979] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 46.002631][ T40] audit: type=1400 audit(1756106546.190:86): avc: denied { open } for pid=5981 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 46.005471][ T5979] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 46.014273][ T40] audit: type=1400 audit(1756106546.190:87): avc: denied { mounton } for pid=5981 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 46.016981][ T5979] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 46.023174][ T5984] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 46.025677][ T5979] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 46.032429][ T5984] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 46.035051][ T5979] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 46.043068][ T5979] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 46.160629][ T40] audit: type=1400 audit(1756106546.350:88): avc: denied { module_request } for pid=5969 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 46.199037][ T5969] chnl_net:caif_netlink_parms(): no params data found [ 46.260554][ T5981] chnl_net:caif_netlink_parms(): no params data found [ 46.363292][ T5973] chnl_net:caif_netlink_parms(): no params data found [ 46.367901][ T5969] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.370168][ T5969] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.372607][ T5969] bridge_slave_0: entered allmulticast mode [ 46.376178][ T5969] bridge_slave_0: entered promiscuous mode [ 46.407692][ T5969] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.410093][ T5969] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.412375][ T5969] bridge_slave_1: entered allmulticast mode [ 46.415193][ T5969] bridge_slave_1: entered promiscuous mode [ 46.454788][ T5981] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.457061][ T5981] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.459357][ T5981] bridge_slave_0: entered allmulticast mode [ 46.462432][ T5981] bridge_slave_0: entered promiscuous mode [ 46.519429][ T5974] chnl_net:caif_netlink_parms(): no params data found [ 46.524575][ T5981] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.526914][ T5981] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.529179][ T5981] bridge_slave_1: entered allmulticast mode [ 46.531819][ T5981] bridge_slave_1: entered promiscuous mode [ 46.535875][ T5969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.564619][ T5969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.656540][ T5973] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.658815][ T5973] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.661181][ T5973] bridge_slave_0: entered allmulticast mode [ 46.664984][ T5973] bridge_slave_0: entered promiscuous mode [ 46.668884][ T5973] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.671176][ T5973] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.673420][ T5973] bridge_slave_1: entered allmulticast mode [ 46.677788][ T5973] bridge_slave_1: entered promiscuous mode [ 46.682164][ T5981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.690081][ T5969] team0: Port device team_slave_0 added [ 46.719914][ T5981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.728259][ T5973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.732197][ T5969] team0: Port device team_slave_1 added [ 46.781032][ T5973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.811671][ T5969] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.814918][ T5969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.822711][ T5969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.828333][ T5981] team0: Port device team_slave_0 added [ 46.873093][ T5973] team0: Port device team_slave_0 added [ 46.875928][ T5969] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.878026][ T5969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.886080][ T5969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.890453][ T5981] team0: Port device team_slave_1 added [ 46.892418][ T5974] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.895202][ T5974] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.898331][ T5974] bridge_slave_0: entered allmulticast mode [ 46.902243][ T5974] bridge_slave_0: entered promiscuous mode [ 46.908471][ T5973] team0: Port device team_slave_1 added [ 46.944232][ T5974] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.946517][ T5974] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.948769][ T5974] bridge_slave_1: entered allmulticast mode [ 46.951328][ T5974] bridge_slave_1: entered promiscuous mode [ 46.998608][ T5981] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.000733][ T5981] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.008265][ T5981] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.039131][ T5973] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.041396][ T5973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.054724][ T5973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.059958][ T5981] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.062845][ T5981] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.073612][ T5981] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.080449][ T5974] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.098751][ T5973] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.101450][ T5973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.110645][ T5973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.123139][ T5974] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.128977][ T5969] hsr_slave_0: entered promiscuous mode [ 47.131530][ T5969] hsr_slave_1: entered promiscuous mode [ 47.186203][ T5974] team0: Port device team_slave_0 added [ 47.259714][ T5974] team0: Port device team_slave_1 added [ 47.343409][ T5981] hsr_slave_0: entered promiscuous mode [ 47.346535][ T5981] hsr_slave_1: entered promiscuous mode [ 47.348800][ T5981] debugfs: 'hsr0' already exists in 'hsr' [ 47.350720][ T5981] Cannot create hsr debugfs directory [ 47.358839][ T5973] hsr_slave_0: entered promiscuous mode [ 47.361927][ T5973] hsr_slave_1: entered promiscuous mode [ 47.364951][ T5973] debugfs: 'hsr0' already exists in 'hsr' [ 47.367302][ T5973] Cannot create hsr debugfs directory [ 47.390810][ T5974] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.393078][ T5974] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.402268][ T5974] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.406604][ T5974] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.408781][ T5974] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.416666][ T5974] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.583964][ T5974] hsr_slave_0: entered promiscuous mode [ 47.587064][ T5974] hsr_slave_1: entered promiscuous mode [ 47.589979][ T5974] debugfs: 'hsr0' already exists in 'hsr' [ 47.592404][ T5974] Cannot create hsr debugfs directory [ 47.789750][ T5969] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 47.798382][ T5969] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 47.803913][ T5969] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 47.812919][ T5969] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 47.842058][ T5973] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 47.848588][ T5973] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 47.854752][ T5973] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 47.858926][ T5973] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 47.902936][ T5981] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 47.907514][ T5981] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 47.913818][ T5981] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 47.919492][ T5981] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 47.962864][ T5974] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 47.967685][ T5974] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 47.973074][ T5974] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 47.977640][ T5974] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 48.000734][ T5969] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.031946][ T5969] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.044880][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.044887][ T5975] Bluetooth: hci0: command tx timeout [ 48.049653][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.053833][ T5975] Bluetooth: hci1: command tx timeout [ 48.054143][ T5979] Bluetooth: hci3: command tx timeout [ 48.057779][ T5973] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.073773][ T5973] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.080164][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.083238][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.111305][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.113633][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.125037][ T5979] Bluetooth: hci2: command tx timeout [ 48.125516][ T1142] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.129625][ T1142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.140785][ T5981] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.155991][ T5969] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 48.182106][ T5981] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.190082][ T5974] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.193587][ T40] audit: type=1400 audit(1756106548.380:89): avc: denied { sys_module } for pid=5969 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 48.197494][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.202377][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.215335][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.217575][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.233289][ T5974] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.248789][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.251031][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.259287][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.261599][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.286596][ T5969] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.311432][ T5974] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 48.325339][ T5973] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.339142][ T5969] veth0_vlan: entered promiscuous mode [ 48.350124][ T5969] veth1_vlan: entered promiscuous mode [ 48.369430][ T5973] veth0_vlan: entered promiscuous mode [ 48.378598][ T5973] veth1_vlan: entered promiscuous mode [ 48.398744][ T5969] veth0_macvtap: entered promiscuous mode [ 48.407008][ T5973] veth0_macvtap: entered promiscuous mode [ 48.409696][ T5969] veth1_macvtap: entered promiscuous mode [ 48.416324][ T5973] veth1_macvtap: entered promiscuous mode [ 48.422401][ T5981] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.432330][ T5969] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.442384][ T5973] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.446864][ T5969] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.454020][ T5973] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.460362][ T5974] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.465495][ T1142] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.476084][ T1142] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.478875][ T1142] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.486757][ T1142] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.497353][ T1142] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.500169][ T1142] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.503818][ T1142] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.511840][ T1142] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.548593][ T5981] veth0_vlan: entered promiscuous mode [ 48.557565][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.560242][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.568437][ T5981] veth1_vlan: entered promiscuous mode [ 48.580116][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.581210][ T5974] veth0_vlan: entered promiscuous mode [ 48.582512][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.607635][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.607683][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.608748][ T5974] veth1_vlan: entered promiscuous mode [ 48.611625][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.612720][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.627661][ T5981] veth0_macvtap: entered promiscuous mode [ 48.635242][ T5981] veth1_macvtap: entered promiscuous mode [ 48.646196][ T5974] veth0_macvtap: entered promiscuous mode [ 48.650060][ T5973] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 48.650376][ T5981] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.660817][ T5974] veth1_macvtap: entered promiscuous mode [ 48.666677][ T5981] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.676610][ T46] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.679568][ T46] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.692042][ T46] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.695689][ T46] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.705287][ T5974] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.729569][ T5974] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.738300][ T46] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.746743][ T46] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.749530][ T46] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.756861][ T46] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.768672][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.771155][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.840445][ T1253] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.842926][ T1253] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.855242][ T80] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.857903][ T80] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.877072][ T80] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.880344][ T80] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.948902][ T6065] team0 (unregistering): Port device team_slave_0 removed [ 48.952978][ T6065] team0 (unregistering): Port device team_slave_1 removed [ 49.279753][ T6080] warning: `syz.1.9' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 49.304801][ T6083] binder: 6081:6083 ioctl 40044591 0 returned -22 [ 49.320968][ T5979] Bluetooth: hci1: Ignoring connect complete event for invalid link type [ 49.373144][ T6083] syz.0.10 uses obsolete (PF_INET,SOCK_PACKET) [ 49.381058][ T6089] process 'syz.1.12' launched './file1' with NULL argv: empty string added [ 49.577292][ T6097] kvm: kvm [6094]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0xc1) = 0x1 [ 49.581474][ T6097] kvm: kvm [6094]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0xc2) = 0x1 [ 49.602060][ T6097] kvm: kvm [6094]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0xbe702112 [ 49.624348][ T6097] kvm: kvm [6094]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x186) = 0x1 [ 49.627778][ T6097] kvm: kvm [6094]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x187) = 0x1 [ 49.644722][ T6097] kvm_intel: kvm [6094]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x1d9) = 0x1 [ 50.123771][ T5979] Bluetooth: hci1: command tx timeout [ 50.124013][ T5975] Bluetooth: hci0: command tx timeout [ 50.124048][ T5333] Bluetooth: hci3: command tx timeout [ 50.213621][ T5975] Bluetooth: hci2: command tx timeout [ 50.241944][ T6107] netlink: zone id is out of range [ 50.244441][ T6107] netlink: zone id is out of range [ 50.246162][ T6107] netlink: zone id is out of range [ 50.247887][ T6107] netlink: zone id is out of range [ 50.250162][ T6107] netlink: zone id is out of range [ 50.252196][ T6107] netlink: zone id is out of range [ 50.254675][ T6107] netlink: zone id is out of range [ 50.256700][ T6107] netlink: zone id is out of range [ 50.258730][ T6107] netlink: zone id is out of range [ 50.260782][ T6107] netlink: zone id is out of range [ 50.646579][ T5975] Bluetooth: hci3: Ignoring connect complete event for invalid link type [ 50.757358][ T40] kauditd_printk_skb: 91 callbacks suppressed [ 50.757370][ T40] audit: type=1400 audit(1756106550.950:181): avc: denied { read write } for pid=6121 comm="syz.2.26" name="video7" dev="devtmpfs" ino=974 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 50.767791][ T40] audit: type=1400 audit(1756106550.950:182): avc: denied { open } for pid=6121 comm="syz.2.26" path="/dev/video7" dev="devtmpfs" ino=974 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 50.775923][ T40] audit: type=1400 audit(1756106550.950:183): avc: denied { ioctl } for pid=6121 comm="syz.2.26" path="/dev/video7" dev="devtmpfs" ino=974 ioctlcmd=0x5605 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 50.789040][ T40] audit: type=1400 audit(1756106550.980:184): avc: denied { map_create } for pid=6134 comm="syz.0.29" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 50.800719][ T40] audit: type=1400 audit(1756106550.990:185): avc: denied { unmount } for pid=5969 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 50.901972][ T40] audit: type=1400 audit(1756106551.090:186): avc: denied { bind } for pid=6148 comm="syz.2.41" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 50.909314][ T40] audit: type=1400 audit(1756106551.090:187): avc: denied { name_bind } for pid=6148 comm="syz.2.41" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 50.916894][ T40] audit: type=1400 audit(1756106551.090:188): avc: denied { node_bind } for pid=6148 comm="syz.2.41" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 50.925998][ T40] audit: type=1400 audit(1756106551.090:189): avc: denied { create } for pid=6148 comm="syz.2.41" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 50.936965][ T40] audit: type=1400 audit(1756106551.090:190): avc: denied { read write } for pid=6148 comm="syz.2.41" name="uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 50.940884][ T6152] input: syz0 as /devices/virtual/input/input6 [ 51.005177][ T6157] binder: 6154:6157 ioctl 40044591 0 returned -22 [ 51.007028][ T6153] team0 (unregistering): Port device team_slave_0 removed [ 51.011941][ T6153] team0 (unregistering): Port device team_slave_1 removed [ 51.052841][ T6163] program syz.0.38 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 51.076777][ T6159] overlay: Unknown parameter 'subj_user' [ 51.080487][ T5975] Bluetooth: hci0: Ignoring connect complete event for invalid link type [ 51.369659][ T6175] netlink: 28 bytes leftover after parsing attributes in process `syz.3.43'. [ 51.511202][ T6188] No control pipe specified [ 51.542791][ T6190] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 51.804084][ T6198] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 51.808275][ T6198] batadv_slave_0: entered promiscuous mode [ 51.810200][ T6198] batadv_slave_0: entered allmulticast mode [ 51.868339][ T6202] netlink: 'syz.2.52': attribute type 10 has an invalid length. [ 51.906274][ T6207] netlink: 4 bytes leftover after parsing attributes in process `syz.2.53'. [ 52.107675][ T6214] No control pipe specified [ 52.162180][ T6218] netlink: 80 bytes leftover after parsing attributes in process `syz.0.58'. [ 52.203685][ T5975] Bluetooth: hci3: command tx timeout [ 52.213711][ T5975] Bluetooth: hci1: command tx timeout [ 52.213837][ T5979] Bluetooth: hci0: command tx timeout [ 52.283683][ T5979] Bluetooth: hci2: command tx timeout [ 52.325415][ T2300] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 52.501409][ T6226] Zero length message leads to an empty skb [ 52.527404][ T2300] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 52.530857][ T2300] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 52.543594][ T2300] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 52.546632][ T2300] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 52.655530][ T2300] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 52.658515][ T2300] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 52.661067][ T2300] usb 7-1: Manufacturer: syz [ 52.730608][ T2300] usb 7-1: config 0 descriptor?? [ 52.751812][ T6244] overlayfs: failed to resolve './file1': -2 [ 52.791557][ T6246] PM: Enabling pm_trace changes system date and time during resume. [ 52.791557][ T6246] PM: Correct system time has to be restored manually after resume. [ 52.891226][ T6252] netlink: 28 bytes leftover after parsing attributes in process `syz.1.75'. [ 53.145126][ T6209] netlink: 'syz.2.54': attribute type 10 has an invalid length. [ 53.154326][ T2300] appleir 0003:05AC:8243.0002: unknown main item tag 0x0 [ 53.161489][ T2300] appleir 0003:05AC:8243.0002: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 53.416816][ T2300] usb 7-1: USB disconnect, device number 2 [ 53.419713][ T6263] netlink: 830 bytes leftover after parsing attributes in process `syz.1.69'. [ 53.444137][ T6265] binder: 6258:6265 ioctl 40044591 0 returned -22 [ 53.548959][ T6271] netlink: 4 bytes leftover after parsing attributes in process `syz.1.71'. [ 53.581271][ T6276] capability: warning: `syz.1.72' uses deprecated v2 capabilities in a way that may be insecure [ 53.601822][ C3] vcan0: j1939_tp_rxtimer: 0xffff888043ca4800: rx timeout, send abort [ 53.605145][ C3] vcan0: j1939_tp_rxtimer: 0xffff888033937800: rx timeout, send abort [ 53.607944][ C3] vcan0: j1939_xtp_rx_abort_one: 0xffff888043ca4800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 53.612900][ C3] vcan0: j1939_xtp_rx_abort_one: 0xffff888033937800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 53.632004][ T6280] atomic_op ffff8880540c3998 conn xmit_atomic 0000000000000000 [ 53.635115][ T6280] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6280 comm=syz.3.74 [ 53.644532][ T6278] [U] v3f"S/4:XTzWtlW= [ 53.741148][ T6297] netlink: 'syz.0.81': attribute type 1 has an invalid length. [ 53.744549][ T6297] netlink: 'syz.0.81': attribute type 4 has an invalid length. [ 53.747436][ T6297] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.81'. [ 53.758460][ T6298] netlink: 4 bytes leftover after parsing attributes in process `syz.1.82'. [ 53.778402][ T6297] atomic_op ffff88802a1b2198 conn xmit_atomic 0000000000000000 [ 53.914601][ T46] tipc: Subscription rejected, illegal request [ 54.156561][ T6338] fuse: Unknown parameter 'root' [ 54.159158][ T6348] netlink: 36 bytes leftover after parsing attributes in process `syz.1.97'. [ 54.283815][ T5979] Bluetooth: hci1: command tx timeout [ 54.285578][ T5979] Bluetooth: hci0: command tx timeout [ 54.285921][ T5975] Bluetooth: hci3: command tx timeout [ 54.308074][ T6369] IPv6: Can't replace route, no match found [ 54.310331][ T6369] netlink: 56 bytes leftover after parsing attributes in process `syz.1.101'. [ 54.364052][ T5333] Bluetooth: hci2: command tx timeout [ 54.524109][ T6400] ======================================================= [ 54.524109][ T6400] WARNING: The mand mount option has been deprecated and [ 54.524109][ T6400] and is ignored by this kernel. Remove the mand [ 54.524109][ T6400] option from the mount to silence this warning. [ 54.524109][ T6400] ======================================================= [ 54.537340][ T6400] binder: Unknown parameter 'dont_hash' [ 54.672765][ T6413] erofs (device nbd1): cannot find valid erofs superblock [ 55.097914][ T6462] netlink: 'syz.2.130': attribute type 4 has an invalid length. [ 55.299114][ T6480] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2050 sclass=netlink_route_socket pid=6480 comm=syz.3.138 [ 55.304645][ T6481] overlayfs: failed to resolve './file1': -2 [ 55.308745][ T6480] vxcan1: MTU too low for tipc bearer [ 55.310771][ T6480] tipc: Enabling of bearer rejected, failed to enable media [ 55.564880][ T24] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 55.611036][ T6525] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 55.615608][ T6525] Error validating options; rc = [-22] [ 55.705133][ T6536] binder: 6528:6536 ioctl 40044591 0 returned -22 [ 55.715763][ T24] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 55.719956][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 55.723418][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 55.727949][ T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 55.731947][ T24] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 55.735256][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.741705][ T24] usb 5-1: config 0 descriptor?? [ 55.822995][ T6542] net_ratelimit: 3 callbacks suppressed [ 55.823006][ T6542] openvswitch: netlink: Message has 4 unknown bytes. [ 55.915862][ T6546] trusted_key: encrypted_key: key trusted:8sX not found [ 55.973076][ T6552] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.998755][ T40] kauditd_printk_skb: 126 callbacks suppressed [ 55.998766][ T40] audit: type=1400 audit(1756106556.190:317): avc: denied { add_name } for pid=6553 comm="syz.3.163" name="blkio.bfq.io_service_bytes_recursive" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 56.008588][ T40] audit: type=1400 audit(1756106556.190:318): avc: denied { create } for pid=6553 comm="syz.3.163" name="blkio.bfq.io_service_bytes_recursive" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 56.016529][ T40] audit: type=1400 audit(1756106556.190:319): avc: denied { associate } for pid=6553 comm="syz.3.163" name="blkio.bfq.io_service_bytes_recursive" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 56.023684][ T6557] kernel read not supported for file /policy (pid: 6557 comm: syz.2.164) [ 56.024326][ T40] audit: type=1400 audit(1756106556.190:320): avc: denied { read append open } for pid=6553 comm="syz.3.163" path="/42/file0/blkio.bfq.io_service_bytes_recursive" dev="9p" ino=35913979 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 56.035071][ T40] audit: type=1400 audit(1756106556.210:321): avc: denied { module_load } for pid=6556 comm="syz.2.164" path="/selinux/policy" dev="selinuxfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=system permissive=1 [ 56.051052][ T6563] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=9472 sclass=netlink_route_socket pid=6563 comm=syz.2.166 [ 56.053150][ T6552] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.153546][ T40] audit: type=1400 audit(1756106556.340:322): avc: denied { ioctl } for pid=6482 comm="syz.0.139" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 56.169229][ T24] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 56.182824][ T6552] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.192518][ T40] audit: type=1400 audit(1756106556.380:323): avc: denied { ioctl } for pid=6574 comm="syz.2.169" path="/dev/sg0" dev="devtmpfs" ino=721 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 56.244096][ T6580] binder: 6575:6580 ioctl 40044591 0 returned -22 [ 56.274454][ T6552] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.366408][ T46] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.378883][ T46] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.392797][ T46] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.408082][ T6483] __nla_validate_parse: 6 callbacks suppressed [ 56.408093][ T6483] netlink: 1347 bytes leftover after parsing attributes in process `syz.0.139'. [ 56.411087][ T46] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.413736][ T40] audit: type=1400 audit(1756106556.600:324): avc: denied { create } for pid=6582 comm="syz.2.171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 56.417192][ T40] audit: type=1400 audit(1756106556.610:325): avc: denied { write } for pid=6582 comm="syz.2.171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 56.433379][ T40] audit: type=1400 audit(1756106556.610:326): avc: denied { create } for pid=6482 comm="syz.0.139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 56.457124][ T6587] netlink: 12 bytes leftover after parsing attributes in process `syz.1.173'. [ 56.486733][ T6594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.174'. [ 56.499076][ T6594] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6594 comm=syz.3.174 [ 56.540789][ T6601] netlink: 64 bytes leftover after parsing attributes in process `syz.3.176'. [ 56.544814][ T6601] netlink: 44 bytes leftover after parsing attributes in process `syz.3.176'. [ 56.633677][ T6604] 8021q: adding VLAN 0 to HW filter on device bond1 [ 56.642895][ T29] usb 5-1: USB disconnect, device number 2 [ 56.675543][ T6610] CUSE: info not properly terminated [ 56.690096][ T5333] Bluetooth: hci1: Ignoring connect complete event for invalid link type [ 56.790128][ T6618] FAULT_INJECTION: forcing a failure. [ 56.790128][ T6618] name failslab, interval 1, probability 0, space 0, times 1 [ 56.794383][ T6618] CPU: 0 UID: 0 PID: 6618 Comm: syz.1.180 Not tainted syzkaller #0 PREEMPT(full) [ 56.794398][ T6618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 56.794404][ T6618] Call Trace: [ 56.794408][ T6618] [ 56.794412][ T6618] dump_stack_lvl+0x16c/0x1f0 [ 56.794446][ T6618] should_fail_ex+0x512/0x640 [ 56.794465][ T6618] ? __kvmalloc_node_noprof+0x124/0x620 [ 56.794478][ T6618] should_failslab+0xc2/0x120 [ 56.794490][ T6618] __kvmalloc_node_noprof+0x137/0x620 [ 56.794502][ T6618] ? __pfx___mutex_lock+0x10/0x10 [ 56.794524][ T6618] ? traverse.part.0.constprop.0+0x392/0x640 [ 56.794544][ T6618] ? traverse.part.0.constprop.0+0x392/0x640 [ 56.794557][ T6618] traverse.part.0.constprop.0+0x392/0x640 [ 56.794573][ T6618] ? _kstrtoull+0x145/0x200 [ 56.794586][ T6618] ? __pfx__kstrtoull+0x10/0x10 [ 56.794598][ T6618] seq_read_iter+0x932/0x12c0 [ 56.794614][ T6618] seq_read+0x3a3/0x570 [ 56.794625][ T6618] ? __pfx_seq_read+0x10/0x10 [ 56.794638][ T6618] ? get_pid_task+0xfc/0x250 [ 56.794651][ T6618] ? avc_policy_seqno+0x9/0x20 [ 56.794664][ T6618] ? __pfx_seq_read+0x10/0x10 [ 56.794674][ T6618] proc_reg_read+0x240/0x330 [ 56.794690][ T6618] ? __pfx_proc_reg_read+0x10/0x10 [ 56.794707][ T6618] vfs_read+0x1e4/0xcf0 [ 56.794721][ T6618] ? __pfx_vfs_read+0x10/0x10 [ 56.794731][ T6618] ? find_held_lock+0x2b/0x80 [ 56.794744][ T6618] ? __fget_files+0x204/0x3c0 [ 56.794759][ T6618] ? __fget_files+0x20e/0x3c0 [ 56.794770][ T6618] ? __fget_files+0x1b0/0x3c0 [ 56.794785][ T6618] __x64_sys_pread64+0x1eb/0x250 [ 56.794798][ T6618] ? __pfx___x64_sys_pread64+0x10/0x10 [ 56.794814][ T6618] do_syscall_64+0xcd/0x4c0 [ 56.794828][ T6618] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.794839][ T6618] RIP: 0033:0x7f0a3818ebe9 [ 56.794849][ T6618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.794859][ T6618] RSP: 002b:00007f0a38f57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 56.794870][ T6618] RAX: ffffffffffffffda RBX: 00007f0a383b5fa0 RCX: 00007f0a3818ebe9 [ 56.794877][ T6618] RDX: 0000000000000077 RSI: 0000200000003700 RDI: 0000000000000003 [ 56.794883][ T6618] RBP: 00007f0a38f57090 R08: 0000000000000000 R09: 0000000000000000 [ 56.794889][ T6618] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 56.794895][ T6618] R13: 00007f0a383b6038 R14: 00007f0a383b5fa0 R15: 00007fffe39abbd8 [ 56.794908][ T6618] [ 56.961153][ T5333] Bluetooth: hci1: unexpected event 0x01 length: 4 > 1 [ 57.209093][ T6629] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 57.320213][ T6642] fuse: Bad value for 'fd' [ 57.322531][ T6633] program syz.2.186 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 57.351277][ T6645] FAULT_INJECTION: forcing a failure. [ 57.351277][ T6645] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 57.355641][ T6645] CPU: 3 UID: 0 PID: 6645 Comm: syz.0.189 Not tainted syzkaller #0 PREEMPT(full) [ 57.355655][ T6645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 57.355662][ T6645] Call Trace: [ 57.355666][ T6645] [ 57.355670][ T6645] dump_stack_lvl+0x16c/0x1f0 [ 57.355686][ T6645] should_fail_ex+0x512/0x640 [ 57.355708][ T6645] _copy_to_iter+0x463/0x1710 [ 57.355726][ T6645] ? __pfx__copy_to_iter+0x10/0x10 [ 57.355742][ T6645] ? traverse.part.0.constprop.0+0x2c5/0x640 [ 57.355759][ T6645] seq_read_iter+0x719/0x12c0 [ 57.355775][ T6645] seq_read+0x3a3/0x570 [ 57.355786][ T6645] ? __pfx_seq_read+0x10/0x10 [ 57.355799][ T6645] ? get_pid_task+0xfc/0x250 [ 57.355811][ T6645] ? avc_policy_seqno+0x9/0x20 [ 57.355825][ T6645] ? __pfx_seq_read+0x10/0x10 [ 57.355835][ T6645] proc_reg_read+0x240/0x330 [ 57.355851][ T6645] ? __pfx_proc_reg_read+0x10/0x10 [ 57.355881][ T6645] vfs_read+0x1e4/0xcf0 [ 57.355895][ T6645] ? __pfx_vfs_read+0x10/0x10 [ 57.355904][ T6645] ? find_held_lock+0x2b/0x80 [ 57.355919][ T6645] ? __fget_files+0x204/0x3c0 [ 57.355933][ T6645] ? __fget_files+0x20e/0x3c0 [ 57.355944][ T6645] ? __fget_files+0x1b0/0x3c0 [ 57.355959][ T6645] __x64_sys_pread64+0x1eb/0x250 [ 57.355972][ T6645] ? __pfx___x64_sys_pread64+0x10/0x10 [ 57.355988][ T6645] do_syscall_64+0xcd/0x4c0 [ 57.356002][ T6645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.356014][ T6645] RIP: 0033:0x7fb68378ebe9 [ 57.356023][ T6645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 57.356033][ T6645] RSP: 002b:00007fb6846d3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 57.356044][ T6645] RAX: ffffffffffffffda RBX: 00007fb6839b5fa0 RCX: 00007fb68378ebe9 [ 57.356050][ T6645] RDX: 0000000000000077 RSI: 0000200000003700 RDI: 0000000000000003 [ 57.356057][ T6645] RBP: 00007fb6846d3090 R08: 0000000000000000 R09: 0000000000000000 [ 57.356063][ T6645] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 57.356069][ T6645] R13: 00007fb6839b6038 R14: 00007fb6839b5fa0 R15: 00007fffdbee8178 [ 57.356083][ T6645] [ 57.458403][ T5333] Bluetooth: hci3: Ignoring connect complete event for invalid link type [ 57.671700][ T6678] FAULT_INJECTION: forcing a failure. [ 57.671700][ T6678] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 57.677875][ T6678] CPU: 2 UID: 0 PID: 6678 Comm: syz.2.199 Not tainted syzkaller #0 PREEMPT(full) [ 57.677891][ T6678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 57.677898][ T6678] Call Trace: [ 57.677902][ T6678] [ 57.677906][ T6678] dump_stack_lvl+0x16c/0x1f0 [ 57.677923][ T6678] should_fail_ex+0x512/0x640 [ 57.677938][ T6678] should_fail_alloc_page+0xe7/0x130 [ 57.677952][ T6678] prepare_alloc_pages+0x3c2/0x610 [ 57.677970][ T6678] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 57.677983][ T6678] ? __lock_acquire+0x62e/0x1ce0 [ 57.678006][ T6678] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 57.678019][ T6678] ? find_held_lock+0x2b/0x80 [ 57.678035][ T6678] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 57.678051][ T6678] ? is_bpf_text_address+0x94/0x1a0 [ 57.678064][ T6678] ? kernel_text_address+0x8d/0x100 [ 57.678076][ T6678] ? __kernel_text_address+0xd/0x40 [ 57.678087][ T6678] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 57.678101][ T6678] ? policy_nodemask+0xea/0x4e0 [ 57.678115][ T6678] alloc_pages_mpol+0x1fb/0x550 [ 57.678128][ T6678] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 57.678142][ T6678] ? __lock_acquire+0x62e/0x1ce0 [ 57.678160][ T6678] folio_alloc_mpol_noprof+0x36/0x2f0 [ 57.678176][ T6678] vma_alloc_folio_noprof+0xed/0x1e0 [ 57.678218][ T6678] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 57.678237][ T6678] do_pte_missing+0x2230/0x3ba0 [ 57.678254][ T6678] ? find_held_lock+0x2b/0x80 [ 57.678271][ T6678] __handle_mm_fault+0x152a/0x2a50 [ 57.678290][ T6678] ? mt_find+0x3ef/0xa30 [ 57.678304][ T6678] ? __pfx___handle_mm_fault+0x10/0x10 [ 57.678319][ T6678] ? __pfx_mt_find+0x10/0x10 [ 57.678340][ T6678] ? find_vma+0xbf/0x140 [ 57.678352][ T6678] ? __pfx_find_vma+0x10/0x10 [ 57.678366][ T6678] handle_mm_fault+0x589/0xd10 [ 57.678384][ T6678] ? __bpf_trace_exceptions+0x1/0x40 [ 57.678403][ T6678] do_user_addr_fault+0x7a6/0x1370 [ 57.678415][ T6678] ? rcu_is_watching+0x12/0xc0 [ 57.678431][ T6678] exc_page_fault+0x5c/0xb0 [ 57.678442][ T6678] asm_exc_page_fault+0x26/0x30 [ 57.678453][ T6678] RIP: 0010:_copy_to_iter+0x4e6/0x1710 [ 57.678469][ T6678] Code: 45 e8 ae 8e d9 fc 48 8b 4c 24 18 48 8b 44 24 28 89 ee 4c 8d 34 01 4c 89 f7 e8 d6 f1 3f fd 0f 01 cb 48 89 e9 4c 89 ff 4c 89 f6 a4 0f 1f 00 0f 01 ca 48 89 e8 48 29 eb 48 29 c8 48 01 44 24 28 [ 57.678479][ T6678] RSP: 0018:ffffc90005b779b8 EFLAGS: 00050246 [ 57.678488][ T6678] RAX: 0000000000000001 RBX: 000000000000002f RCX: 000000000000002f [ 57.678495][ T6678] RDX: ffffed100ae86407 RSI: ffff888057432008 RDI: 0000200000003700 [ 57.678502][ T6678] RBP: 000000000000002f R08: 0000000000000000 R09: ffffed100ae86406 [ 57.678508][ T6678] R10: ffff888057432036 R11: 0000000000000000 R12: 0000000000000000 [ 57.678514][ T6678] R13: ffffc90005b77bc8 R14: ffff888057432008 R15: 0000200000003700 [ 57.678528][ T6678] ? _copy_to_iter+0x4da/0x1710 [ 57.678546][ T6678] ? __pfx__copy_to_iter+0x10/0x10 [ 57.678561][ T6678] ? traverse.part.0.constprop.0+0x2c5/0x640 [ 57.678578][ T6678] seq_read_iter+0x719/0x12c0 [ 57.678595][ T6678] seq_read+0x3a3/0x570 [ 57.678605][ T6678] ? __pfx_seq_read+0x10/0x10 [ 57.678618][ T6678] ? get_pid_task+0xfc/0x250 [ 57.678630][ T6678] ? avc_policy_seqno+0x9/0x20 [ 57.678644][ T6678] ? __pfx_seq_read+0x10/0x10 [ 57.678654][ T6678] proc_reg_read+0x240/0x330 [ 57.678670][ T6678] ? __pfx_proc_reg_read+0x10/0x10 [ 57.678686][ T6678] vfs_read+0x1e4/0xcf0 [ 57.678700][ T6678] ? __pfx_vfs_read+0x10/0x10 [ 57.678710][ T6678] ? find_held_lock+0x2b/0x80 [ 57.678735][ T6678] ? __fget_files+0x204/0x3c0 [ 57.678749][ T6678] ? __fget_files+0x20e/0x3c0 [ 57.678760][ T6678] ? __fget_files+0x1b0/0x3c0 [ 57.678775][ T6678] __x64_sys_pread64+0x1eb/0x250 [ 57.678788][ T6678] ? __pfx___x64_sys_pread64+0x10/0x10 [ 57.678805][ T6678] do_syscall_64+0xcd/0x4c0 [ 57.678818][ T6678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.678829][ T6678] RIP: 0033:0x7fde9418ebe9 [ 57.678837][ T6678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 57.678847][ T6678] RSP: 002b:00007fde94fd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 57.678856][ T6678] RAX: ffffffffffffffda RBX: 00007fde943b5fa0 RCX: 00007fde9418ebe9 [ 57.678863][ T6678] RDX: 0000000000000077 RSI: 0000200000003700 RDI: 0000000000000003 [ 57.678869][ T6678] RBP: 00007fde94fd1090 R08: 0000000000000000 R09: 0000000000000000 [ 57.678876][ T6678] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 57.678882][ T6678] R13: 00007fde943b6038 R14: 00007fde943b5fa0 R15: 00007fffd124ce28 [ 57.678895][ T6678] [ 58.045655][ T5333] Bluetooth: hci0: Ignoring connect complete event for invalid link type [ 58.083603][ T24] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 58.233581][ T24] usb 8-1: Using ep0 maxpacket: 32 [ 58.237766][ T24] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9 [ 58.253077][ T24] usb 8-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 58.256285][ T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 58.259156][ T24] usb 8-1: Product: syz [ 58.260702][ T24] usb 8-1: Manufacturer: syz [ 58.262173][ T24] usb 8-1: SerialNumber: syz [ 58.277476][ T24] usb 8-1: config 0 descriptor?? [ 58.279640][ T6687] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 58.289064][ T24] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input9 [ 58.588929][ T6687] netlink: 4 bytes leftover after parsing attributes in process `syz.3.202'. [ 58.655576][ T5795] usb 8-1: USB disconnect, device number 2 [ 58.657496][ C2] usbtouchscreen 8-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 58.666763][ C2] ata1: illegal qc_active transition (00000000->10000000) [ 58.711316][ T6719] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.209'. [ 58.715840][ T6721] netlink: 24 bytes leftover after parsing attributes in process `syz.0.210'. [ 58.732086][ T6721] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6721 comm=syz.0.210 [ 58.805471][ T6721] kvm: kvm [6720]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0xc1) = 0x1 [ 58.808740][ T6721] kvm: kvm [6720]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0xc2) = 0x1 [ 58.826834][ T6721] kvm: kvm [6720]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0xbe702112 [ 58.846733][ T6721] kvm: kvm [6720]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x186) = 0x1 [ 58.849947][ T6721] kvm: kvm [6720]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x187) = 0x1 [ 58.867925][ T6721] kvm_intel: kvm [6720]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x1d9) = 0x1 [ 58.946670][ T6735] netlink: 36 bytes leftover after parsing attributes in process `syz.2.212'. [ 58.997963][ T1112] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300) [ 59.002974][ T1112] ata1.00: configured for UDMA/100 [ 59.187072][ T6737] FAULT_INJECTION: forcing a failure. [ 59.187072][ T6737] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 59.191480][ T6737] CPU: 0 UID: 0 PID: 6737 Comm: syz.3.213 Not tainted syzkaller #0 PREEMPT(full) [ 59.191495][ T6737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.191502][ T6737] Call Trace: [ 59.191507][ T6737] [ 59.191511][ T6737] dump_stack_lvl+0x16c/0x1f0 [ 59.191547][ T6737] should_fail_ex+0x512/0x640 [ 59.191568][ T6737] _copy_to_user+0x32/0xd0 [ 59.191584][ T6737] simple_read_from_buffer+0xcb/0x170 [ 59.191597][ T6737] proc_fail_nth_read+0x197/0x240 [ 59.191611][ T6737] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 59.191624][ T6737] ? rw_verify_area+0xcf/0x6c0 [ 59.191641][ T6737] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 59.191654][ T6737] vfs_read+0x1e4/0xcf0 [ 59.191667][ T6737] ? __pfx___mutex_lock+0x10/0x10 [ 59.191684][ T6737] ? __pfx_vfs_read+0x10/0x10 [ 59.191704][ T6737] ? __fget_files+0x20e/0x3c0 [ 59.191720][ T6737] ksys_read+0x12a/0x250 [ 59.191731][ T6737] ? __pfx_ksys_read+0x10/0x10 [ 59.191746][ T6737] do_syscall_64+0xcd/0x4c0 [ 59.191760][ T6737] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 59.191772][ T6737] RIP: 0033:0x7f10e9b8d5fc [ 59.191781][ T6737] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 59.191792][ T6737] RSP: 002b:00007f10eaa8b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 59.191802][ T6737] RAX: ffffffffffffffda RBX: 00007f10e9db5fa0 RCX: 00007f10e9b8d5fc [ 59.191809][ T6737] RDX: 000000000000000f RSI: 00007f10eaa8b0a0 RDI: 0000000000000004 [ 59.191815][ T6737] RBP: 00007f10eaa8b090 R08: 0000000000000000 R09: 0000000000000000 [ 59.191822][ T6737] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 59.191828][ T6737] R13: 00007f10e9db6038 R14: 00007f10e9db5fa0 R15: 00007ffd29619c58 [ 59.191841][ T6737] [ 59.300080][ T5333] Bluetooth: hci3: Ignoring connect complete event for invalid link type [ 59.531445][ T6746] overlay: Unknown parameter 'smackfstransmute' [ 59.587981][ T6748] block nbd3: not configured, cannot reconfigure [ 59.590692][ T6747] block nbd3: not configured, cannot reconfigure [ 59.657786][ T6762] overlayfs: missing 'workdir' [ 59.774998][ T6773] netlink: 64 bytes leftover after parsing attributes in process `syz.0.224'. [ 59.928767][ T5333] Bluetooth: hci3: Ignoring connect complete event for invalid link type [ 60.165619][ T6794] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6794 comm=syz.1.230 [ 60.247023][ T6794] kvm: kvm [6793]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0xc1) = 0x1 [ 60.250407][ T6794] kvm: kvm [6793]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0xc2) = 0x1 [ 60.268529][ T6794] kvm: kvm [6793]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0xbe702112 [ 60.297507][ T6794] kvm: kvm [6793]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x186) = 0x1 [ 60.301993][ T6794] kvm: kvm [6793]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x187) = 0x1 [ 60.322775][ T6794] kvm_intel: kvm [6793]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x1d9) = 0x1 [ 60.569768][ T6799] input: syz0 as /devices/virtual/input/input10 [ 60.726351][ T6818] netlink: 'syz.2.235': attribute type 3 has an invalid length. [ 60.728741][ T6818] netlink: 'syz.2.235': attribute type 1 has an invalid length. [ 60.903069][ T6837] efs: device does not support 512 byte blocks [ 60.905880][ T6837] device does not support 512 byte blocks [ 60.905880][ T6837] [ 62.683663][ T24] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 62.685764][ T24] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 64.773578][ T24] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 64.773703][ T5333] Bluetooth: hci1: command 0x0c1a tx timeout [ 64.775546][ T24] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 66.843900][ T5333] Bluetooth: hci2: command 0x0c1a tx timeout [ 66.843974][ T24] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 66.847822][ T24] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 68.923631][ T5333] Bluetooth: hci3: command 0x0c1a tx timeout [ 68.926244][ T24] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 68.928791][ T24] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 69.054029][ T6864] __nla_validate_parse: 3 callbacks suppressed [ 69.054040][ T6864] netlink: 64 bytes leftover after parsing attributes in process `syz.2.241'. [ 69.060091][ T6864] netlink: 44 bytes leftover after parsing attributes in process `syz.2.241'. [ 69.090349][ T6866] netlink: 48 bytes leftover after parsing attributes in process `syz.3.244'. [ 69.205479][ T40] kauditd_printk_skb: 54 callbacks suppressed [ 69.205490][ T40] audit: type=1400 audit(1756106569.400:381): avc: denied { unmount } for pid=5981 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 69.235225][ T6881] trusted_key: syz.3.248 sent an empty control message without MSG_MORE. [ 69.279087][ T6886] I/O error, dev loop1, sector 128 op 0x0:(READ) flags 0x1800 phys_seg 1 prio class 2 [ 69.282253][ T6886] gfs2: error -5 reading superblock [ 69.318310][ T40] audit: type=1400 audit(1756106569.510:382): avc: denied { name_bind } for pid=6892 comm="syz.1.250" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 69.437386][ T40] audit: type=1400 audit(1756106569.630:383): avc: denied { write } for pid=6907 comm="syz.3.253" name="file0" dev="9p" ino=35913944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 69.565731][ T6916] binder: 6912:6916 ioctl 40044591 0 returned -22 [ 69.735954][ T40] audit: type=1400 audit(1756106569.930:384): avc: denied { write } for pid=6921 comm="syz.1.258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 69.779990][ T40] audit: type=1400 audit(1756106569.970:385): avc: denied { append } for pid=6921 comm="syz.1.258" name="001" dev="devtmpfs" ino=767 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 69.791811][ T6922] geneve1: entered allmulticast mode [ 69.802053][ T40] audit: type=1400 audit(1756106569.990:386): avc: denied { name_connect } for pid=6921 comm="syz.1.258" dest=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1 [ 69.836979][ T6934] No source specified [ 69.913271][ T40] audit: type=1400 audit(1756106570.100:387): avc: denied { append } for pid=6940 comm="syz.2.264" name="comedi3" dev="devtmpfs" ino=1305 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 70.019408][ T40] audit: type=1400 audit(1756106570.210:388): avc: denied { ioctl } for pid=6945 comm="syz.1.266" path="socket:[15288]" dev="sockfs" ino=15288 ioctlcmd=0x7436 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 70.081594][ T6954] syzkaller0: entered promiscuous mode [ 70.083403][ T6954] syzkaller0: entered allmulticast mode [ 70.096363][ T6955] binder: 6949:6955 ioctl 40044591 0 returned -22 [ 70.198627][ T40] audit: type=1400 audit(1756106570.390:389): avc: denied { create } for pid=6960 comm="syz.1.272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 70.204623][ T6968] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6968 comm=syz.1.272 [ 70.205201][ T40] audit: type=1400 audit(1756106570.400:390): avc: denied { write } for pid=6960 comm="syz.1.272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 70.209807][ T6968] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6968 comm=syz.1.272 [ 70.252560][ T6970] : renamed from bridge_slave_0 (while UP) [ 70.289044][ T6972] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 70.291696][ T6972] overlayfs: failed to set xattr on upper [ 70.293944][ T6972] overlayfs: ...falling back to redirect_dir=nofollow. [ 70.296081][ T6972] overlayfs: ...falling back to index=off. [ 70.298329][ T6972] overlayfs: ...falling back to uuid=null. [ 70.329089][ T6977] .: renamed from bond0 (while UP) [ 70.603400][ T7000] binder: 6993:7000 ioctl 40044591 0 returned -22 [ 70.926296][ T7018] netlink: 256 bytes leftover after parsing attributes in process `syz.0.288'. [ 70.931965][ T7018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.288'. [ 70.936758][ T7018] netlink: 40 bytes leftover after parsing attributes in process `syz.0.288'. [ 70.940746][ T7019] netlink: 256 bytes leftover after parsing attributes in process `syz.0.288'. [ 71.014242][ T7033] netlink: 12 bytes leftover after parsing attributes in process `syz.1.292'. [ 71.166869][ T1423] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.168975][ T1423] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.215443][ T7062] cgroup: name respecified [ 71.257323][ T7061] netlink: 24 bytes leftover after parsing attributes in process `syz.1.304'. [ 71.276207][ T7061] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 71.479939][ T7101] netlink: 60 bytes leftover after parsing attributes in process `syz.2.314'. [ 71.558301][ T7107] netlink: 'syz.2.317': attribute type 5 has an invalid length. [ 71.675113][ T7122] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 71.678383][ T7122] efs: cannot read volume header [ 71.718778][ T7124] random: crng reseeded on system resumption [ 71.975205][ T7137] binder: 7135:7137 ioctl 40044591 0 returned -22 [ 72.140461][ T7154] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 72.364165][ T7179] bridge0: entered allmulticast mode [ 72.601388][ T7187] binder: 7185:7187 ioctl 40044591 0 returned -22 [ 73.480080][ T7221] macvlan2: entered promiscuous mode [ 73.481912][ T7221] macvlan2: entered allmulticast mode [ 73.484689][ T7221] bond0: (slave macvlan2): Error -98 calling set_mac_address [ 74.472153][ T7247] binder: 7241:7247 ioctl 40044591 0 returned -22 [ 74.536355][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 74.536366][ T40] audit: type=1400 audit(1756106574.730:408): avc: denied { execute_no_trans } for pid=7254 comm="syz.3.369" path="/103/file1" dev="tmpfs" ino=565 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 74.549119][ T7258] __nla_validate_parse: 3 callbacks suppressed [ 74.549128][ T7258] netlink: 12 bytes leftover after parsing attributes in process `syz.1.370'. [ 74.578944][ T7258] netlink: 'syz.1.370': attribute type 1 has an invalid length. [ 74.611259][ T7261] fuseblk: Unknown parameter '\roup_i' [ 74.611322][ T7263] fuseblk: Unknown parameter '\roup_i' [ 74.656594][ T7266] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 74.659562][ T7268] netlink: 'syz.3.374': attribute type 1 has an invalid length. [ 74.665768][ T7266] CIFS: Unable to determine destination address [ 74.670201][ T7268] netlink: 'syz.3.374': attribute type 101 has an invalid length. [ 74.672690][ T7268] netlink: 232 bytes leftover after parsing attributes in process `syz.3.374'. [ 74.674882][ T7269] overlay: ./bus is not a directory [ 74.689092][ T40] audit: type=1400 audit(1756106574.880:409): avc: denied { remount } for pid=7260 comm="syz.1.371" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 74.709616][ T7276] netlink: 68 bytes leftover after parsing attributes in process `syz.3.376'. [ 74.818193][ T7290] batman_adv: batadv0: Adding interface: dummy0 [ 74.820213][ T7290] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.828239][ T7290] batman_adv: batadv0: Interface activated: dummy0 [ 74.860110][ T40] audit: type=1400 audit(1756106575.050:410): avc: denied { read } for pid=7291 comm="syz.1.381" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 74.867100][ T40] audit: type=1400 audit(1756106575.050:411): avc: denied { open } for pid=7291 comm="syz.1.381" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 74.905484][ T40] audit: type=1400 audit(1756106575.100:412): avc: denied { watch watch_with_perm watch_reads } for pid=7297 comm="syz.3.383" path="/107/bus" dev="tmpfs" ino=587 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 74.910880][ T7298] random: crng reseeded on system resumption [ 74.913075][ T40] audit: type=1400 audit(1756106575.100:413): avc: denied { append } for pid=7297 comm="syz.3.383" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 74.947674][ T7303] binder: 7293:7303 ioctl 40044591 0 returned -22 [ 74.961228][ T7298] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.964219][ T7298] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.987645][ T40] audit: type=1400 audit(1756106575.180:414): avc: denied { connect } for pid=7297 comm="syz.3.383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 75.016592][ T7298] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 75.024702][ T7298] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 75.099564][ T60] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.102465][ T60] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.106440][ T60] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.109778][ T60] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.274217][ T7324] lo: entered promiscuous mode [ 75.281096][ T7326] netlink: 12 bytes leftover after parsing attributes in process `syz.1.390'. [ 75.285191][ T7326] netlink: 48 bytes leftover after parsing attributes in process `syz.1.390'. [ 75.291895][ T7326] cgroup2: Unknown parameter 'memoy_localevent8+ֿG' [ 75.323183][ T7331] netlink: 4 bytes leftover after parsing attributes in process `syz.1.392'. [ 75.324417][ T7330] netlink: 'syz.0.391': attribute type 3 has an invalid length. [ 75.328883][ T7330] netlink: 'syz.0.391': attribute type 3 has an invalid length. [ 75.332077][ T7331] batman_adv: batadv0: Interface deactivated: dummy0 [ 75.347848][ T7331] batman_adv: batadv0: Removing interface: dummy0 [ 75.419899][ T40] audit: type=1400 audit(1756106575.610:415): avc: denied { connect } for pid=7337 comm="syz.2.394" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 75.480330][ T7345] binder: 7338:7345 ioctl 40044591 0 returned -22 [ 75.637913][ T40] audit: type=1400 audit(1756106575.830:416): avc: denied { append } for pid=7348 comm="syz.2.398" name="mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 76.158239][ T40] audit: type=1326 audit(1756106576.350:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7329 comm="syz.1.392" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a3818ebe9 code=0x7fc00000 [ 76.385483][ T7370] netlink: 8 bytes leftover after parsing attributes in process `syz.0.405'. [ 76.596317][ T7387] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 76.632325][ T7391] openvswitch: netlink: IP tunnel dst address not specified [ 76.751097][ T7400] binder: 7398:7400 ioctl 40044591 0 returned -22 [ 77.221306][ T7431] rdma_op ffff8880388019f0 conn xmit_rdma 0000000000000000 [ 77.232415][ T7431] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22 [ 77.236097][ T7431] netdevsim netdevsim0: Direct firmware load for . failed with error -22 [ 77.239202][ T7431] netdevsim netdevsim0: Falling back to sysfs fallback for: . [ 77.352199][ T7442] binder: 7440:7442 ioctl 40044591 0 returned -22 [ 77.551928][ T7449] IPv6: Can't replace route, no match found [ 77.565209][ T7451] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 77.763785][ T7474] kAFS: No cell specified [ 77.766329][ T7476] netlink: 36 bytes leftover after parsing attributes in process `syz.2.444'. [ 77.769581][ T7477] netlink: 36 bytes leftover after parsing attributes in process `syz.2.444'. [ 77.799731][ T7480] SELinux: policydb string length 8200 does not match expected length 8 [ 77.802717][ T7480] SELinux: failed to load policy [ 78.001616][ T7494] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 78.002220][ T7493] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 78.039623][ T7500] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 78.193558][ T2300] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 78.268405][ T7534] binder: 7527:7534 ioctl 40044591 0 returned -22 [ 78.353679][ T2300] usb 8-1: Using ep0 maxpacket: 16 [ 78.356582][ T2300] usb 8-1: config 0 has no interfaces? [ 78.359431][ T2300] usb 8-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 78.362146][ T2300] usb 8-1: New USB device strings: Mfr=1, Product=0, SerialNumber=3 [ 78.364951][ T2300] usb 8-1: Manufacturer: syz [ 78.366466][ T2300] usb 8-1: SerialNumber: syz [ 78.370172][ T2300] usb 8-1: config 0 descriptor?? [ 78.795858][ T7575] binder: 7566:7575 ioctl 40044591 0 returned -22 [ 78.873186][ T29] usb 8-1: USB disconnect, device number 3 [ 79.021552][ T7591] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7591 comm=syz.0.477 [ 79.328687][ T7618] binder: 7617:7618 ioctl 8010661b 200000000480 returned -22 [ 79.331543][ T7618] netlink: 4 bytes leftover after parsing attributes in process `syz.3.484'. [ 79.539460][ T7623] geneve2: entered promiscuous mode [ 79.541610][ T7623] geneve2: entered allmulticast mode [ 79.546288][ T80] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.549872][ T80] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.552749][ T80] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.556992][ T80] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.897245][ T40] kauditd_printk_skb: 91 callbacks suppressed [ 79.897256][ T40] audit: type=1800 audit(1756106580.090:509): pid=7600 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.478" name="file0" dev="9p" ino=35913944 res=0 errno=0 [ 80.026452][ T40] audit: type=1400 audit(1756106580.220:510): avc: denied { setopt } for pid=7626 comm="syz.0.488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 80.032934][ T40] audit: type=1400 audit(1756106580.220:511): avc: denied { ioctl } for pid=7626 comm="syz.0.488" path="socket:[20241]" dev="sockfs" ino=20241 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 80.075927][ T7629] __nla_validate_parse: 2 callbacks suppressed [ 80.075938][ T7629] netlink: 4 bytes leftover after parsing attributes in process `syz.0.489'. [ 80.081831][ T7629] netlink: 40 bytes leftover after parsing attributes in process `syz.0.489'. [ 80.085599][ T7629] netlink: 40 bytes leftover after parsing attributes in process `syz.0.489'. [ 80.090029][ T7629] netlink: 4 bytes leftover after parsing attributes in process `syz.0.489'. [ 80.096914][ T7629] 9pnet: p9_errstr2errno: server reported unknown error @ [ 80.346737][ T7646] /dev/sg0: Can't lookup blockdev [ 80.350814][ T7646] lo speed is unknown, defaulting to 1000 [ 80.353233][ T7646] lo speed is unknown, defaulting to 1000 [ 80.358350][ T7646] lo speed is unknown, defaulting to 1000 [ 80.362956][ T7646] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 80.369514][ T7646] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 80.390174][ T7646] lo speed is unknown, defaulting to 1000 [ 80.395817][ T7646] lo speed is unknown, defaulting to 1000 [ 80.399717][ T7646] lo speed is unknown, defaulting to 1000 [ 80.401692][ T40] audit: type=1400 audit(1756106580.590:512): avc: denied { ioctl } for pid=7644 comm="syz.2.493" path="socket:[19252]" dev="sockfs" ino=19252 ioctlcmd=0x8b1a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 80.403234][ T7646] lo speed is unknown, defaulting to 1000 [ 80.410106][ T7647] netlink: 'syz.0.494': attribute type 4 has an invalid length. [ 80.444991][ T7647] netlink: 'syz.0.494': attribute type 4 has an invalid length. [ 80.470872][ T40] audit: type=1326 audit(1756106580.660:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz.3.497" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e9b8ebe9 code=0x50000 [ 80.479349][ T7655] audit: audit_backlog=65 > audit_backlog_limit=64 [ 80.479362][ T7655] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 80.479370][ T7655] audit: backlog limit exceeded [ 80.488131][ T40] audit: type=1326 audit(1756106580.660:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz.3.497" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e9b8ebe9 code=0x50000 [ 80.503524][ T40] audit: type=1326 audit(1756106580.660:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz.3.497" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10e9b8ebe9 code=0x50000 [ 80.515199][ T7647] unknown channel width for channel at 909000KHz? [ 80.614296][ T7670] netlink: 'syz.2.502': attribute type 1 has an invalid length. [ 80.616953][ T7670] netlink: 128 bytes leftover after parsing attributes in process `syz.2.502'. [ 80.620060][ T7670] netlink: 'syz.2.502': attribute type 2 has an invalid length. [ 80.622526][ T7670] netlink: 'syz.2.502': attribute type 1 has an invalid length. [ 80.823677][ T7701] netlink: 28 bytes leftover after parsing attributes in process `syz.1.512'. [ 81.029459][ T7723] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 81.068744][ T7723] netlink: 'syz.0.521': attribute type 5 has an invalid length. [ 81.264903][ T7751] netlink: 8 bytes leftover after parsing attributes in process `syz.1.528'. [ 81.408216][ T59] cfg80211: failed to load regulatory.db [ 81.458439][ T7764] netlink: 'syz.2.534': attribute type 4 has an invalid length. [ 81.471610][ T10] lo speed is unknown, defaulting to 1000 [ 81.474891][ T10] syz0: Port: 1 Link DOWN [ 81.505664][ T7764] netlink: 'syz.2.534': attribute type 4 has an invalid length. [ 81.510096][ T838] lo speed is unknown, defaulting to 1000 [ 81.511944][ T838] syz0: Port: 1 Link ACTIVE [ 81.610418][ T7764] unknown channel width for channel at 909000KHz? [ 81.674895][ T7781] sctp: [Deprecated]: syz.0.539 (pid 7781) Use of int in maxseg socket option. [ 81.674895][ T7781] Use struct sctp_assoc_value instead [ 82.448100][ T7836] tipc: Started in network mode [ 82.449788][ T7836] tipc: Node identity ac14140f, cluster identity 4711 [ 82.452242][ T7836] tipc: New replicast peer: 172.30.0.2 [ 82.454579][ T7836] tipc: Enabled bearer , priority 10 [ 82.658890][ T7848] netlink: 36 bytes leftover after parsing attributes in process `syz.1.562'. [ 82.832859][ T7863] binder: 7862:7863 ioctl c0306201 200000000080 returned -14 [ 82.842913][ T7863] vxcan1: tx drop: invalid da for name 0x0000000000000016 [ 83.096250][ T59] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 83.111142][ T7889] netlink: 68 bytes leftover after parsing attributes in process `syz.1.576'. [ 83.169243][ T7898] binder: 7893:7898 ioctl 40044591 0 returned -22 [ 83.253821][ T59] usb 7-1: Using ep0 maxpacket: 32 [ 83.261131][ T59] usb 7-1: config 1 interface 0 altsetting 129 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 83.265543][ T59] usb 7-1: config 1 interface 0 has no altsetting 0 [ 83.269205][ T59] usb 7-1: New USB device found, idVendor=056a, idProduct=0317, bcdDevice= 0.40 [ 83.272033][ T59] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.274795][ T59] usb 7-1: Product: syz [ 83.276157][ T59] usb 7-1: Manufacturer: 쵥䞚朳顮目꺚報ٗ຃ퟋ搊湊흽㐧㟓䎩搮킗铂肣᱃⸱襤㍅羓ᆝ큖쏖债褉䜇 [ 83.280245][ T59] usb 7-1: SerialNumber: syz [ 83.283192][ T59] usb 7-1: rejected 1 configuration due to insufficient available bus power [ 83.289050][ T59] usb 7-1: no configuration chosen from 1 choice [ 83.489610][ T7931] syz.0.587 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 83.492296][ T7927] kvm: kvm [7926]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0xc1) = 0x1 [ 83.496440][ T7927] kvm: kvm [7926]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0xc2) = 0x1 [ 83.512981][ T7927] kvm: kvm [7926]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0xbe702112 [ 83.525087][ T7932] binder: 7929:7932 ioctl 40044591 0 returned -22 [ 83.537008][ T7927] kvm: kvm [7926]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x186) = 0x1 [ 83.541391][ T7927] kvm: kvm [7926]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x187) = 0x1 [ 83.566397][ T7927] kvm_intel: kvm [7926]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x1d9) = 0x1 [ 83.595030][ T29] tipc: Node number set to 2886997007 [ 83.653275][ T7941] vivid-000: ================= START STATUS ================= [ 83.656449][ T7941] vivid-000: Radio HW Seek Mode: Bounded [ 83.658555][ T7941] vivid-000: Radio Programmable HW Seek: false [ 83.660789][ T7941] vivid-000: RDS Rx I/O Mode: Block I/O [ 83.663721][ T7941] vivid-000: Generate RBDS Instead of RDS: false [ 83.665835][ T7941] vivid-000: RDS Reception: true [ 83.667499][ T7941] vivid-000: RDS Program Type: 0 inactive [ 83.669315][ T7941] vivid-000: RDS PS Name: inactive [ 83.671034][ T7941] vivid-000: RDS Radio Text: inactive [ 83.672758][ T7941] vivid-000: RDS Traffic Announcement: false inactive [ 83.675188][ T7941] vivid-000: RDS Traffic Program: false inactive [ 83.677186][ T7941] vivid-000: RDS Music: false inactive [ 83.678925][ T7941] vivid-000: ================== END STATUS ================== [ 83.691801][ T7942] lo speed is unknown, defaulting to 1000 [ 83.946748][ T7962] netlink: 12 bytes leftover after parsing attributes in process `syz.3.599'. [ 83.949792][ T7962] nbd: illegal input index 1879048192 [ 83.951654][ T7964] netlink: 'syz.0.600': attribute type 4 has an invalid length. [ 83.957601][ T7964] netlink: 'syz.0.600': attribute type 4 has an invalid length. [ 84.031351][ T7967] overlay: Unknown parameter 'subj_role' [ 84.380234][ T7983] binder: 7979:7983 ioctl 40044591 0 returned -22 [ 85.021265][ T7999] dvmrp1: entered allmulticast mode [ 85.222476][ T8007] netdevsim netdevsim3 netdevsim0: left promiscuous mode [ 85.226577][ T8007] geneve2: left promiscuous mode [ 85.228408][ T8007] geneve2: left allmulticast mode [ 85.232843][ T1144] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.236621][ T1144] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.246258][ T1144] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.250802][ T1144] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.273051][ T8009] CUSE: info not properly terminated [ 85.308715][ T40] kauditd_printk_skb: 191 callbacks suppressed [ 85.308727][ T40] audit: type=1400 audit(1756106585.500:707): avc: denied { create } for pid=8012 comm="syz.1.619" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 85.318064][ T40] audit: type=1400 audit(1756106585.500:708): avc: denied { write } for pid=8012 comm="syz.1.619" name="file0" dev="tmpfs" ino=850 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 85.326064][ T40] audit: type=1400 audit(1756106585.500:709): avc: denied { open } for pid=8012 comm="syz.1.619" path="/155/file0" dev="tmpfs" ino=850 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 85.333570][ T40] audit: type=1400 audit(1756106585.500:710): avc: denied { ioctl } for pid=8012 comm="syz.1.619" path="/155/file0" dev="tmpfs" ino=850 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 85.350763][ T40] audit: type=1400 audit(1756106585.540:711): avc: denied { accept } for pid=8012 comm="syz.1.619" lport=51689 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 85.357910][ T40] audit: type=1400 audit(1756106585.540:712): avc: denied { getopt } for pid=8012 comm="syz.1.619" lport=51689 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 85.368838][ T40] audit: type=1400 audit(1756106585.570:713): avc: denied { unlink } for pid=5974 comm="syz-executor" name="file0" dev="tmpfs" ino=850 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 85.384327][ T40] audit: type=1400 audit(1756106585.580:714): avc: denied { ioctl } for pid=8016 comm="syz.1.621" path="socket:[24737]" dev="sockfs" ino=24737 ioctlcmd=0xf506 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 85.404507][ T40] audit: type=1400 audit(1756106585.590:715): avc: denied { execute } for pid=8021 comm="syz.3.622" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=22925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 85.412917][ T8027] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000021: 0000 [#1] SMP KASAN NOPTI [ 85.417374][ T8027] KASAN: null-ptr-deref in range [0x0000000000000108-0x000000000000010f] [ 85.421723][ T8027] CPU: 0 UID: 0 PID: 8027 Comm: syz.1.623 Not tainted syzkaller #0 PREEMPT(full) [ 85.425797][ T8027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.429139][ T8027] RIP: 0010:bcsp_recv+0x10a/0x17f0 [ 85.430770][ T8027] Code: 18 48 c1 e8 03 48 01 e8 48 89 04 24 48 8d 83 78 01 00 00 48 89 44 24 28 48 c1 e8 03 48 89 44 24 08 e8 4a 30 41 f9 48 8b 04 24 <80> 38 00 0f 85 d1 12 00 00 4c 8b ab 08 01 00 00 31 ff 4c 89 ee e8 [ 85.436841][ T8027] RSP: 0018:ffffc9000445fbf0 EFLAGS: 00010293 [ 85.438878][ T8027] RAX: dffffc0000000021 RBX: 0000000000000000 RCX: ffffffff887a5b6a [ 85.441354][ T8027] RDX: ffff88803630a440 RSI: ffffffff887a5bb6 RDI: 0000000000000005 [ 85.444205][ T8027] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000 [ 85.446919][ T8027] R10: 0000000000000001 R11: 0000000000000001 R12: ffffc9000445fd88 [ 85.449320][ T8027] R13: ffffc9000445fd88 R14: 0000000000000001 R15: ffff888033937c00 [ 85.451799][ T8027] FS: 00007f0a38f366c0(0000) GS:ffff8880d66b9000(0000) knlGS:0000000000000000 [ 85.454527][ T8027] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.456598][ T8027] CR2: 00007f0a38f35f98 CR3: 0000000038a9b000 CR4: 0000000000352ef0 [ 85.459225][ T8027] DR0: 0000000000000006 DR1: 0000000000000004 DR2: 0000000000006d33 [ 85.461792][ T8027] DR3: 0000000000000404 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 85.464276][ T8027] Call Trace: [ 85.465333][ T8027] [ 85.466284][ T8027] ? __pfx_bcsp_recv+0x10/0x10 [ 85.467817][ T8027] hci_uart_tty_receive+0x251/0x7e0 [ 85.469467][ T8027] ? __pfx_hci_uart_tty_receive+0x10/0x10 [ 85.471260][ T8027] tty_ioctl+0x583/0x1680 [ 85.472720][ T8027] ? __pfx_tty_ioctl+0x10/0x10 [ 85.474239][ T8027] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 85.476355][ T8027] ? hook_file_ioctl_common+0x145/0x410 [ 85.478092][ T8027] ? selinux_file_ioctl+0x180/0x270 [ 85.479764][ T8027] ? selinux_file_ioctl+0xb4/0x270 [ 85.481372][ T8027] ? __pfx_tty_ioctl+0x10/0x10 [ 85.482888][ T8027] __x64_sys_ioctl+0x18b/0x210 [ 85.484395][ T8027] do_syscall_64+0xcd/0x4c0 [ 85.485827][ T8027] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.487685][ T8027] RIP: 0033:0x7f0a3818ebe9 [ 85.489087][ T8027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.494970][ T8027] RSP: 002b:00007f0a38f36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 85.497551][ T8027] RAX: ffffffffffffffda RBX: 00007f0a383b6090 RCX: 00007f0a3818ebe9 [ 85.500030][ T8027] RDX: 0000200000000140 RSI: 0000000000005412 RDI: 0000000000000005 [ 85.502676][ T8027] RBP: 00007f0a38211e19 R08: 0000000000000000 R09: 0000000000000000 [ 85.505123][ T8027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 85.507590][ T8027] R13: 00007f0a383b6128 R14: 00007f0a383b6090 R15: 00007fffe39abbd8 [ 85.510280][ T8027] [ 85.511451][ T8027] Modules linked in: [ 85.513002][ T8027] ---[ end trace 0000000000000000 ]--- [ 85.514890][ T8027] RIP: 0010:bcsp_recv+0x10a/0x17f0 [ 85.516517][ T8027] Code: 18 48 c1 e8 03 48 01 e8 48 89 04 24 48 8d 83 78 01 00 00 48 89 44 24 28 48 c1 e8 03 48 89 44 24 08 e8 4a 30 41 f9 48 8b 04 24 <80> 38 00 0f 85 d1 12 00 00 4c 8b ab 08 01 00 00 31 ff 4c 89 ee e8 [ 85.523000][ T8027] RSP: 0018:ffffc9000445fbf0 EFLAGS: 00010293 [ 85.525048][ T8027] RAX: dffffc0000000021 RBX: 0000000000000000 RCX: ffffffff887a5b6a [ 85.527549][ T8027] RDX: ffff88803630a440 RSI: ffffffff887a5bb6 RDI: 0000000000000005 [ 85.530060][ T8027] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000 [ 85.532536][ T8027] R10: 0000000000000001 R11: 0000000000000001 R12: ffffc9000445fd88 [ 85.535186][ T8027] R13: ffffc9000445fd88 R14: 0000000000000001 R15: ffff888033937c00 [ 85.537690][ T8027] FS: 00007f0a38f366c0(0000) GS:ffff8880d66b9000(0000) knlGS:0000000000000000 [ 85.540973][ T8027] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.542979][ T8027] CR2: 00007f0a38f35f98 CR3: 0000000038a9b000 CR4: 0000000000352ef0 [ 85.545628][ T8027] DR0: 0000000000000006 DR1: 0000000000000004 DR2: 0000000000006d33 [ 85.548273][ T8027] DR3: 0000000000000404 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 85.550683][ T8027] Kernel panic - not syncing: Fatal exception [ 85.553228][ T8027] Kernel Offset: disabled [ 85.554676][ T8027] Rebooting in 86400 seconds.. VM DIAGNOSIS: 07:23:05 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000078 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85643c85 RDI=ffffffff9b1110a0 RBP=ffffffff9b111060 RSP=ffffc9000445f5f0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000004153414b R12=0000000000000000 R13=0000000000000078 R14=ffffffff9b111060 R15=ffffffff85643c20 RIP=ffffffff85643caf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f0a38f366c0 ffffffff 00c00000 GS =0000 ffff8880d66b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f0a38f35f98 CR3=0000000038a9b000 CR4=00352ef0 DR0=0000000000000006 DR1=0000000000000004 DR2=0000000000006d33 DR3=0000000000000404 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffe39ac0e6 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffe39ac0e6 00007fffe39ac0ec ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0a38212e46 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0a38212e53 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0a38212e4d ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0a38212e61 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0a38212ee7 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0a38212fc5 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0a383874a8 00007f0a383874a0 00007f0a38387498 00007f0a38387470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0a38eed100 00007f0a38387460 00007f0a38387478 00007f0a383874c0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0a383874b8 00007f0a383874b0 00007f0a383874a8 00007f0a383874a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=dffffc0000000000 RBX=000000003cb2c067 RCX=ffffffff8204e5f2 RDX=1ffff1100aa7f722 RSI=ffffffff8204e600 RDI=0000000000000007 RBP=0000000000000000 RSP=ffffc90004b67370 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=000000000009dca8 R12=0000000000000001 R13=0000000000000001 R14=0000000000290101 R15=ffff8880553fb900 RIP=ffffffff8204e61a RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f10eaa8b6c0 ffffffff 00c00000 GS =0000 ffff8880d67b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f10eaa49d58 CR3=00000000594e4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080040001 Opmask01=0000000020080810 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffd124d1b0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffd124d336 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffd124d336 00007fffd124d33c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde94212e46 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde94212e53 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde94212e4d ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde94212e61 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde94212ee7 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde94212fc5 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000059384 RBX=0000000000000002 RCX=ffffffff8b93bc29 RDX=ffffed100d4c6656 RSI=ffffffff8c162880 RDI=ffffffff81913331 RBP=ffffed1003bd7910 RSP=ffffc90000187df8 R8 =0000000000000000 R9 =ffffed100d4c6655 R10=ffff88806a6332ab R11=0000000000000000 R12=0000000000000002 R13=ffff88801debc880 R14=ffffffff90ab4b90 R15=0000000000000000 RIP=ffffffff8b93a78f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d68b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055555b537808 CR3=00000000559a6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000081f9f998 Opmask01=00000000003fffff Opmask02=0000000033bfffff Opmask03=0000000020400004 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000056311db189c0 000056311db189c0 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000056311d8c54d0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f972cff1b20 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f972cff1b20 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffff0000000000ff ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ff00000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73730ce45f8c6823 73730ce45f8c6823 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737332 737325426eff2573 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9700003078 303d4e4f53414552 5f4b434f4c425f57 485f4c4c494b4652 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000429700000d45 0d004e4f53414552 5f4b434f4c425f57 485f4c4c494b4652 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7361647c2a737369 63637c2a65686361 63627c2a6476787c 2a64767c2a64737c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00003a306b733a32 00002d3000003a75 0000000000000035 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 322e392d3533712d 63707276703a5f39 3030322c39484349 2b3533515f435064 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7261646e6174536e 703a554d45516e76 733a302e3072623a 343130322f31302f ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343064623a312b32 316f70625f322d33 2e36312e312d6e61 696265642d332e36 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000014100 000000000000303d 44440045525f5346 0054242044492065 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000069034 RBX=0000000000000003 RCX=ffffffff8b93bc29 RDX=ffffed100d4e6656 RSI=ffffffff8c162880 RDI=ffffffff81913331 RBP=ffffed1003bda000 RSP=ffffc90000197df8 R8 =0000000000000000 R9 =ffffed100d4e6655 R10=ffff88806a7332ab R11=0000000000000000 R12=0000000000000003 R13=ffff88801ded0000 R14=ffffffff90ab4b90 R15=0000000000000000 RIP=ffffffff8b93a78f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d69b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f0a38f36d58 CR3=000000002a69f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c1fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555564c3d4a0 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555564c4d634 0000555564c4d490 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555564c44814 0000555564c44810 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555564c3e718 0000555564c3e320 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7665642f01ffffff ffffffffffeb080f 8003180800061000 2010000600719c16 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 80840017de030601 e08080840017dc03 20040017d8030030 7a797301ffffffff ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0017e6030001e080 80840017e4031804 0017e0030210b880 840017de030010b0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ee030601e0808084 0017ec0310040017 e8030210b8808400 17e6030010b08084 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 18800328080017f8 030404880017f003 0010b880840017ee 030210b080840017 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100100003800401 000000080606015c d200080003e00300 100003d003001000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 03c00302100003b0 0303a01000100314 048400189c030288 0200189a03000200 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1898030008001890 0300080018880302 0400188403200400 18800328080017f8 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 030404880017f003 0010b880840017ee 030210b080840017 ee030601e0808084 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000