last executing test programs: 1.083156831s ago: executing program 3 (id=197): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x2041, 0x0) fsetxattr(0xffffffffffffffff, &(0x7f0000000140)=@random={'user.', '\xd5#hF|\xdfS\x00\x00\x00nd\x87\x95\xdc\x7f\r\xb4\xc6\xcf\x00'}, 0x0, 0xfffffec2, 0x3) r1 = openat$kvm(0xffffff9c, 0x0, 0x800, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0x45c5, 0xc595, 0x7, 0x2, 0xffffffffffffffff, 0x0, 0x80000004000000, 0xc], 0x80a0000, 0x2010d3}) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000380)={[0x8000000000000000, 0x900000001, 0x800000000, 0x45b, 0x0, 0x0, 0x7, 0x5, 0x0, 0xfc, 0xfffffffdfffffffc, 0xfdfffffffffffffc, 0x0, 0x9, 0x4000000000000004, 0x767], 0xeeef0000, 0x80082}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 1.083009862s ago: executing program 0 (id=198): syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=ANY=[@ANYBLOB="2b40bd27494508cb680c0cf164af8e7ccadf7791d57502b0570bf1226fc50eb65e61baae6bc24fdc708c2c05e7047245d9ca463e8b2b9162081e04337185ec4cc8c4a50b9d9418ff963711e5f20f66473e2cb000000000000000", @ANYRES16=r0, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=0x0, @ANYBLOB="04005b00"], 0x20}}, 0x48000) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000180)=ANY=[], 0x8) getsockopt$inet6_opts(r1, 0x29, 0x39, 0xffffffffffffffff, &(0x7f0000000440)=0xffffffffffffffbd) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x45, 0x0, &(0x7f0000cab000)) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r4, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}, 0x1, 0x0, 0x0, 0x8010}, 0x0) close(0xffffffffffffffff) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @link_local}) r7 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_SIOCINQ(r7, 0x541b, &(0x7f0000000040)) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"}) 1.002565794s ago: executing program 0 (id=199): getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x45, 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000340)={'wlan1\x00'}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r1, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}, 0x1, 0x0, 0x0, 0x8010}, 0x0) 1.002295757s ago: executing program 0 (id=200): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r2, @ANYBLOB="10007d8005", @ANYRES8=0x0, @ANYRES32=r0], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x0) 1.002158224s ago: executing program 0 (id=201): socket$tipc(0x1e, 0x5, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) pipe2$9p(&(0x7f00000001c0), 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000003800)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb"], 0x0, 0x3a, 0x0, 0x1}, 0x28) socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0xa24, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x10001, 0x3, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffdf], 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 999.811339ms ago: executing program 3 (id=202): openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x1, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r4], 0x54}}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket$packet(0x11, 0x3, 0x300) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)) sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000001000250800170000000000000a000000", @ANYRES32=r7, @ANYBLOB="0174dfdb0d"], 0x20}}, 0x0) r8 = socket(0x1, 0x803, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=@newlink={0x50, 0x10, 0xf11, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x20, 0x20}}}}}}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 818.684684ms ago: executing program 0 (id=203): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000480)=[{0x6, 0x0, 0x0, 0x4}]}) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = dup(r1) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x1, 0x20}, 0xc) sendmsg$inet6(r1, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000002700)={0x1, 0x2, 0x0, 0xfffffff8}, 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x13f, 0x8}}, 0x20) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff2, @empty, 0x3}}, 0xffffec47, 0x9, 0xffff1896, 0x100, 0x25, 0x7}, 0x9c) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, 0x0) r3 = semget$private(0x0, 0x4000000009, 0x38e) semop(r3, &(0x7f0000000000), 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 812.360405ms ago: executing program 3 (id=205): socket$nl_generic(0x10, 0x3, 0x10) socket$key(0xf, 0x3, 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r0}, 0x18) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) socket$tipc(0x1e, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_io_uring_setup(0x2359, &(0x7f0000000480)={0x0, 0x809268, 0x400, 0x0, 0xfffffffd}, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$nl_netfilter(0x10, 0x3, 0xc) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) r1 = syz_io_uring_setup(0x117, &(0x7f0000000300)={0x0, 0xe574, 0x10100, 0x200000, 0x1000000}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.empty_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f00000000c0)=ANY=[@ANYRES16=r4], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 737.17833ms ago: executing program 2 (id=206): syz_open_dev$tty20(0xc, 0x4, 0x0) bind$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x14) ioctl$EVIOCGBITKEY(0xffffffffffffffff, 0x80404521, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x4, 0x4}, {0x9, 0x7}}}}, 0x11) 737.002906ms ago: executing program 3 (id=207): syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=ANY=[], 0x20}}, 0x48000) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, 0x0, 0x8) getsockopt$inet6_opts(r1, 0x29, 0x39, 0xffffffffffffffff, &(0x7f0000000440)=0xffffffffffffffbd) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x45, 0x0, &(0x7f0000cab000)) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r4, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}, 0x1, 0x0, 0x0, 0x8010}, 0x0) close(r0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)) ioctl$SIOCSIFHWADDR(r0, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @link_local}) ioctl$SIOCSIFHWADDR(r0, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"}) 736.872918ms ago: executing program 2 (id=208): syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=ANY=[@ANYBLOB="2b40bd27494508cb680c0cf164af8e7ccadf7791d57502b0570bf1226fc50eb65e61baae6bc24fdc708c2c05e7047245d9ca463e8b2b9162081e04337185ec4cc8c4a50b9d9418ff963711e5f20f66473e2cb000000000000000", @ANYRES16=r0, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=0x0, @ANYBLOB="04005b00"], 0x20}}, 0x48000) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000180)=ANY=[], 0x8) getsockopt$inet6_opts(r1, 0x29, 0x39, 0xffffffffffffffff, &(0x7f0000000440)=0xffffffffffffffbd) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x45, 0x0, &(0x7f0000cab000)) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r4, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}, 0x1, 0x0, 0x0, 0x8010}, 0x0) close(0xffffffffffffffff) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @link_local}) r7 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_SIOCINQ(r7, 0x541b, &(0x7f0000000040)) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"}) 736.727899ms ago: executing program 3 (id=209): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000001f0900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DREG={0x8}, @NFTA_IMMEDIATE_DATA={0x1c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0) 674.853608ms ago: executing program 3 (id=211): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000480)=[{0x6, 0x0, 0x0, 0x4}]}) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = dup(r1) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x1, 0x20}, 0xc) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000002700)={0x1, 0x2, 0x0, 0xfffffff8}, 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x111, 0x5}}, 0x20) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, 0x0) semop(0x0, &(0x7f0000000000), 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 674.682161ms ago: executing program 2 (id=212): sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="3d000e0080000000ffffffffffff080211000000ffffffffffff0000feffffffffffffff070001000406f0027f0006a7000c006400000008000d000000000073f68ac399765b7ab289a21d254ebf1c30920188d7e0527bff31151da7c5762832"], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a010101000000008903ce07020000000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x0) r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850", 0x4, 0xfffffffffffffffe) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4800000010000504000000000000", @ANYBLOB="ebffffff"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 506.663876ms ago: executing program 2 (id=216): socket$nl_generic(0x10, 0x3, 0x10) socket$key(0xf, 0x3, 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r0}, 0x18) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) socket$tipc(0x1e, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_io_uring_setup(0x2359, &(0x7f0000000480)={0x0, 0x809268, 0x400, 0x0, 0xfffffffd}, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$nl_netfilter(0x10, 0x3, 0xc) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) r1 = syz_io_uring_setup(0x117, &(0x7f0000000300)={0x0, 0xe574, 0x10100, 0x200000, 0x1000000}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.empty_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f00000000c0)=ANY=[@ANYRES16=r4], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 506.452235ms ago: executing program 2 (id=217): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@bridge_newvlan={0x28, 0x70, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@BRIDGE_VLANDB_ENTRY={0x10, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_TUNNEL_INFO={0x4, 0x4, 0x0, 0x1, @BRIDGE_VLANDB_TINFO_ID={0x8, 0x1, 0x34000}}}]}, 0x28}}, 0x0) 446.820952ms ago: executing program 2 (id=218): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x2041, 0x0) fsetxattr(0xffffffffffffffff, &(0x7f0000000140)=@random={'user.', '\xd5#hF|\xdfS\x00\x00\x00nd\x87\x95\xdc\x7f\r\xb4\xc6\xcf\x00'}, 0x0, 0xfffffec2, 0x3) r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0x45c5, 0xc595, 0x7, 0x2, 0xffffffffffffffff, 0x0, 0x80000004000000, 0xc], 0x80a0000, 0x2010d3}) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000380)={[0x8000000000000000, 0x900000001, 0x800000000, 0x45b, 0x0, 0x0, 0x7, 0x5, 0x0, 0xfc, 0xfffffffdfffffffc, 0xfdfffffffffffffc, 0x0, 0x9, 0x4000000000000004, 0x767], 0xeeef0000, 0x80082}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 317.175073ms ago: executing program 1 (id=223): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x44, r0, 0x801, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee339084eeef16f162471f4"}, @NL80211_KEY_IDX={0x5, 0x2, 0x2}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac0a}]}]}, 0x44}}, 0x0) 256.932232ms ago: executing program 1 (id=224): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94) sched_setscheduler(0x0, 0x2, 0x0) syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a010101000000008903ce07020000000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x0) r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850", 0x4, 0xfffffffffffffffe) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4800000010000504000000000000", @ANYBLOB="ebffffff"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 146.615366ms ago: executing program 1 (id=225): getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x45, 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r1, @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}, 0x1, 0x0, 0x0, 0x8010}, 0x0) 146.358032ms ago: executing program 1 (id=226): socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) pipe2$9p(&(0x7f00000001c0), 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000003800)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb"], 0x0, 0x3a, 0x0, 0x1}, 0x28) socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0xa24, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x10001, 0x3, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffdf], 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 27.009959ms ago: executing program 1 (id=227): openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r5], 0x54}}, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket$packet(0x11, 0x3, 0x300) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)) sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000001000250800170000000000000a000000", @ANYRES32=r8, @ANYBLOB="0174dfdb0d"], 0x20}}, 0x0) r9 = socket(0x1, 0x803, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=@newlink={0x50, 0x10, 0xf11, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x20, 0x20}}}}}}, @IFLA_MASTER={0x8, 0xa, r10}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 633.496µs ago: executing program 1 (id=228): sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB, @ANYBLOB="3d000e0080000000ffffffffffff080211000000ffffffffffff0000feffffffffffffff070001000406f0027f0006a7000c006400000008000d000000000073f68ac399765b7ab289a21d254ebf1c30920188d7e0527bff31151da7c5762832"], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a010101000000008903ce07020000000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x0) r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850", 0x4, 0xfffffffffffffffe) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4800000010000504000000000000", @ANYBLOB="ebffffff"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 0s ago: executing program 0 (id=229): r0 = openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x111002, 0x0) ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0], 0x30}}, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) kernel console output (not intermixed with test programs): [ 52.958836][ T40] audit: type=1400 audit(1758793066.020:61): avc: denied { siginh } for pid=5956 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:49686' (ED25519) to the list of known hosts. [ 54.346491][ T40] audit: type=1400 audit(1758793067.430:62): avc: denied { name_bind } for pid=5967 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 54.380736][ T40] audit: type=1400 audit(1758793067.470:63): avc: denied { write } for pid=5968 comm="sh" path="pipe:[7566]" dev="pipefs" ino=7566 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 54.396177][ T40] audit: type=1400 audit(1758793067.480:64): avc: denied { execute } for pid=5968 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 54.405857][ T40] audit: type=1400 audit(1758793067.480:65): avc: denied { execute_no_trans } for pid=5968 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 56.949922][ T40] audit: type=1400 audit(1758793070.040:66): avc: denied { mounton } for pid=5968 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 56.962854][ T5968] cgroup: Unknown subsys name 'net' [ 57.092943][ T5968] cgroup: Unknown subsys name 'cpuset' [ 57.099550][ T5968] cgroup: Unknown subsys name 'rlimit' [ 57.427975][ T5974] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 58.159523][ T5968] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 62.567274][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 62.567290][ T40] audit: type=1400 audit(1758793075.650:80): avc: denied { execmem } for pid=5976 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 62.801049][ T40] audit: type=1400 audit(1758793075.890:81): avc: denied { create } for pid=5979 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 62.828185][ T40] audit: type=1400 audit(1758793075.890:82): avc: denied { read write } for pid=5979 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 62.838244][ T40] audit: type=1400 audit(1758793075.890:83): avc: denied { open } for pid=5979 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 62.847237][ T5334] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 62.848238][ T40] audit: type=1400 audit(1758793075.890:84): avc: denied { ioctl } for pid=5979 comm="syz-executor" path="socket:[7597]" dev="sockfs" ino=7597 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 62.858343][ T5334] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 62.864408][ T5334] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 62.868277][ T5334] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 62.872205][ T5334] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 62.888161][ T40] audit: type=1400 audit(1758793075.970:85): avc: denied { read } for pid=5979 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 62.896822][ T40] audit: type=1400 audit(1758793075.970:86): avc: denied { open } for pid=5979 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 62.898508][ T63] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 62.913074][ T40] audit: type=1400 audit(1758793075.970:87): avc: denied { mounton } for pid=5979 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 62.919392][ T5981] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 62.924427][ T5990] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 62.929391][ T5990] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 62.933408][ T5994] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 62.936879][ T5994] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 62.940725][ T5993] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 62.942062][ T5994] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 62.943729][ T5993] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 62.946498][ T5994] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 62.948981][ T5993] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 62.952583][ T5994] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 62.954448][ T5993] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 62.956885][ T5994] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 62.959414][ T5993] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 63.000482][ T40] audit: type=1400 audit(1758793076.090:88): avc: denied { module_request } for pid=5979 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 63.066247][ T5979] chnl_net:caif_netlink_parms(): no params data found [ 63.232495][ T5979] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.236235][ T5979] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.239928][ T5979] bridge_slave_0: entered allmulticast mode [ 63.244292][ T5979] bridge_slave_0: entered promiscuous mode [ 63.266179][ T5979] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.269454][ T5979] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.272557][ T5979] bridge_slave_1: entered allmulticast mode [ 63.276425][ T5979] bridge_slave_1: entered promiscuous mode [ 63.338416][ T5979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.345792][ T5979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.430365][ T5979] team0: Port device team_slave_0 added [ 63.437248][ T5979] team0: Port device team_slave_1 added [ 63.573171][ T5979] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.576170][ T5979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.587393][ T5979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.596795][ T5979] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.599879][ T5979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.610703][ T5979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.628051][ T5986] chnl_net:caif_netlink_parms(): no params data found [ 63.644663][ T5983] chnl_net:caif_netlink_parms(): no params data found [ 63.759316][ T5979] hsr_slave_0: entered promiscuous mode [ 63.762596][ T5979] hsr_slave_1: entered promiscuous mode [ 63.800844][ T5991] chnl_net:caif_netlink_parms(): no params data found [ 63.972064][ T5986] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.975171][ T5986] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.978485][ T5986] bridge_slave_0: entered allmulticast mode [ 63.982451][ T5986] bridge_slave_0: entered promiscuous mode [ 64.025783][ T5986] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.030125][ T5986] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.033419][ T5986] bridge_slave_1: entered allmulticast mode [ 64.037320][ T5986] bridge_slave_1: entered promiscuous mode [ 64.103733][ T5983] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.106867][ T5983] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.110309][ T5983] bridge_slave_0: entered allmulticast mode [ 64.114166][ T5983] bridge_slave_0: entered promiscuous mode [ 64.150149][ T5986] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 64.154237][ T5983] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.157489][ T5983] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.161324][ T5983] bridge_slave_1: entered allmulticast mode [ 64.165400][ T5983] bridge_slave_1: entered promiscuous mode [ 64.204439][ T5991] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.207297][ T5991] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.210388][ T5991] bridge_slave_0: entered allmulticast mode [ 64.213610][ T5991] bridge_slave_0: entered promiscuous mode [ 64.223437][ T5986] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 64.279880][ T5991] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.282969][ T5991] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.286096][ T5991] bridge_slave_1: entered allmulticast mode [ 64.290133][ T5991] bridge_slave_1: entered promiscuous mode [ 64.356552][ T5983] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 64.395736][ T5986] team0: Port device team_slave_0 added [ 64.400947][ T5983] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 64.437747][ T5991] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 64.445273][ T5986] team0: Port device team_slave_1 added [ 64.493897][ T5991] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 64.553938][ T5983] team0: Port device team_slave_0 added [ 64.605411][ T5986] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.608517][ T5986] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.619326][ T5986] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.625305][ T5983] team0: Port device team_slave_1 added [ 64.653645][ T5991] team0: Port device team_slave_0 added [ 64.656160][ T5986] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.658693][ T5986] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.667481][ T5986] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.711254][ T5991] team0: Port device team_slave_1 added [ 64.740154][ T5983] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.743065][ T5983] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.753427][ T5983] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.790363][ T5983] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.792714][ T5983] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.801515][ T5983] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.819440][ T5991] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.822423][ T5991] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.834844][ T5991] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.844709][ T5991] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.847733][ T5991] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.858665][ T5991] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.879011][ T63] Bluetooth: hci0: command tx timeout [ 64.894346][ T5986] hsr_slave_0: entered promiscuous mode [ 64.897516][ T5986] hsr_slave_1: entered promiscuous mode [ 64.900647][ T5986] debugfs: 'hsr0' already exists in 'hsr' [ 64.903072][ T5986] Cannot create hsr debugfs directory [ 65.002158][ T5991] hsr_slave_0: entered promiscuous mode [ 65.005410][ T5991] hsr_slave_1: entered promiscuous mode [ 65.008480][ T5991] debugfs: 'hsr0' already exists in 'hsr' [ 65.010964][ T5991] Cannot create hsr debugfs directory [ 65.030445][ T5983] hsr_slave_0: entered promiscuous mode [ 65.032865][ T5983] hsr_slave_1: entered promiscuous mode [ 65.035037][ T5983] debugfs: 'hsr0' already exists in 'hsr' [ 65.036868][ T5983] Cannot create hsr debugfs directory [ 65.038412][ T63] Bluetooth: hci1: command tx timeout [ 65.039268][ T63] Bluetooth: hci2: command tx timeout [ 65.040342][ T5334] Bluetooth: hci3: command tx timeout [ 65.041871][ T5979] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 65.051799][ T5979] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 65.091130][ T5979] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 65.132166][ T5979] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 65.433865][ T5986] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 65.453781][ T5986] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 65.458475][ T5986] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 65.463167][ T5986] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 65.508834][ T5991] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 65.515423][ T5991] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 65.520747][ T5991] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 65.530128][ T5991] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 65.537315][ T5979] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.593851][ T5979] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.598288][ T5983] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 65.602582][ T5983] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 65.607215][ T5983] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 65.612276][ T5983] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 65.631317][ T79] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.633668][ T79] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.661500][ T79] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.664562][ T79] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.692770][ T5986] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.722632][ T5986] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.752702][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.755725][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.779857][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.782637][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.805690][ T5991] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.807722][ T40] audit: type=1400 audit(1758793078.890:89): avc: denied { sys_module } for pid=5979 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 65.829590][ T5991] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.840648][ T5983] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.846016][ T79] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.848745][ T79] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.857583][ T5986] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.870868][ T79] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.873526][ T79] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.882948][ T5983] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.894726][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.897807][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.908514][ T1150] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.911343][ T1150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.961938][ T5979] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.020595][ T5979] veth0_vlan: entered promiscuous mode [ 66.024604][ T5986] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.034836][ T5979] veth1_vlan: entered promiscuous mode [ 66.071158][ T5986] veth0_vlan: entered promiscuous mode [ 66.082805][ T5979] veth0_macvtap: entered promiscuous mode [ 66.093357][ T5979] veth1_macvtap: entered promiscuous mode [ 66.097350][ T5986] veth1_vlan: entered promiscuous mode [ 66.114684][ T5991] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.123287][ T5979] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.133450][ T5979] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.158775][ T1147] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.162116][ T1147] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.170270][ T5986] veth0_macvtap: entered promiscuous mode [ 66.174397][ T1147] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.180698][ T5983] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.187966][ T1147] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.195561][ T5986] veth1_macvtap: entered promiscuous mode [ 66.205548][ T5991] veth0_vlan: entered promiscuous mode [ 66.233752][ T5991] veth1_vlan: entered promiscuous mode [ 66.251501][ T5986] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.267346][ T5983] veth0_vlan: entered promiscuous mode [ 66.274387][ T5986] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.278957][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.282460][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.292276][ T79] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.295080][ T79] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.299493][ T5983] veth1_vlan: entered promiscuous mode [ 66.311186][ T79] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.314109][ T79] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.335097][ T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.339099][ T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.352688][ T5991] veth0_macvtap: entered promiscuous mode [ 66.363936][ T5991] veth1_macvtap: entered promiscuous mode [ 66.383519][ T5979] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 66.387400][ T5983] veth0_macvtap: entered promiscuous mode [ 66.395831][ T5983] veth1_macvtap: entered promiscuous mode [ 66.395913][ T1150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.409297][ T1150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.419649][ T5991] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.445840][ T5991] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.460227][ T5983] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.463960][ T1150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.466684][ T1150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.471555][ T63] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 66.474521][ T5983] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.479329][ T1147] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.483805][ T1147] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.503735][ T1147] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.506452][ T1147] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.521016][ T1150] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.523606][ T6074] usb usb8: usbfs: process 6074 (syz.1.6) did not claim interface 0 before use [ 66.540841][ T1150] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.544549][ T1150] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.560367][ T1150] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.614502][ T99] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.617925][ T99] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.640739][ T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.643617][ T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.674441][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.677260][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.705663][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.726729][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.844932][ T6104] netlink: 156 bytes leftover after parsing attributes in process `syz.0.19'. [ 66.927032][ T6117] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 66.974525][ T63] Bluetooth: hci0: command tx timeout [ 67.037602][ T840] IPVS: starting estimator thread 0... [ 67.118403][ T63] Bluetooth: hci2: command tx timeout [ 67.120697][ T63] Bluetooth: hci1: command tx timeout [ 67.123266][ T63] Bluetooth: hci3: command tx timeout [ 67.148864][ T6135] IPVS: using max 45 ests per chain, 108000 per kthread [ 67.303242][ T6170] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 67.349448][ T6176] raw_sendmsg: syz.2.53 forgot to set AF_INET. Fix it! [ 67.445645][ T6188] netlink: 892 bytes leftover after parsing attributes in process `syz.1.58'. [ 67.502329][ T6192] (unnamed net_device) (uninitialized): (slave bridge_slave_1): Device is not bonding slave [ 67.506076][ T6192] (unnamed net_device) (uninitialized): option active_slave: invalid value (bridge_slave_1) [ 67.679732][ T40] kauditd_printk_skb: 52 callbacks suppressed [ 67.679744][ T40] audit: type=1400 audit(1758793080.770:142): avc: denied { create } for pid=6206 comm="syz.0.67" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 67.687773][ T40] audit: type=1400 audit(1758793080.770:143): avc: denied { getopt } for pid=6206 comm="syz.0.67" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 67.797936][ T40] audit: type=1400 audit(1758793080.880:144): avc: denied { read } for pid=6213 comm="syz.0.71" name="comedi4" dev="devtmpfs" ino=1306 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 67.815083][ T40] audit: type=1400 audit(1758793080.880:145): avc: denied { open } for pid=6213 comm="syz.0.71" path="/dev/comedi4" dev="devtmpfs" ino=1306 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 67.835636][ T40] audit: type=1400 audit(1758793080.880:146): avc: denied { ioctl } for pid=6213 comm="syz.0.71" path="/dev/comedi4" dev="devtmpfs" ino=1306 ioctlcmd=0x6405 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 67.856059][ T40] audit: type=1400 audit(1758793080.910:147): avc: denied { create } for pid=6215 comm="syz.1.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 67.877527][ T40] audit: type=1400 audit(1758793080.910:148): avc: denied { ioctl } for pid=6215 comm="syz.1.70" path="socket:[9658]" dev="sockfs" ino=9658 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 67.886049][ T40] audit: type=1400 audit(1758793080.920:149): avc: denied { create } for pid=6218 comm="syz.3.72" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 67.895687][ T40] audit: type=1400 audit(1758793080.930:150): avc: denied { ioctl } for pid=6218 comm="syz.3.72" path="socket:[10365]" dev="sockfs" ino=10365 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 67.903525][ T40] audit: type=1400 audit(1758793080.930:151): avc: denied { write } for pid=6218 comm="syz.3.72" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 67.996964][ T6234] Zero length message leads to an empty skb [ 68.065979][ T6239] netlink: 4 bytes leftover after parsing attributes in process `syz.1.78'. [ 68.235037][ T6254] netlink: 892 bytes leftover after parsing attributes in process `syz.0.88'. [ 68.458718][ T34] usb 8-1: new low-speed USB device number 2 using dummy_hcd [ 68.630810][ T34] usb 8-1: config 0 has an invalid interface number: 55 but max is 0 [ 68.633430][ T34] usb 8-1: config 0 has no interface number 0 [ 68.635711][ T34] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 68.639371][ T34] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 8224, setting to 8 [ 68.643033][ T34] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 68.646707][ T34] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 68.651089][ T34] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 68.654544][ T34] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 68.659051][ T34] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 68.661932][ T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.673181][ T34] usb 8-1: config 0 descriptor?? [ 68.679282][ T6252] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 68.681678][ T6252] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 68.687952][ T34] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 68.906881][ T34] usb 8-1: USB disconnect, device number 2 [ 68.921368][ T34] ldusb 8-1:0.55: LD USB Device #0 now disconnected [ 69.050097][ T5993] Bluetooth: hci0: command tx timeout [ 69.198346][ T5993] Bluetooth: hci1: command tx timeout [ 69.198379][ T63] Bluetooth: hci2: command tx timeout [ 69.209477][ T63] Bluetooth: hci3: command tx timeout [ 69.525360][ T6293] netlink: 4 bytes leftover after parsing attributes in process `syz.3.104'. [ 69.529276][ T6293] warning: `syz.3.104' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 69.649025][ T6304] netlink: 868 bytes leftover after parsing attributes in process `syz.3.108'. [ 69.918463][ T839] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 70.069648][ T839] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 70.073373][ T839] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 70.076897][ T839] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 70.079928][ T839] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.084568][ T6308] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 70.089039][ T839] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 70.292471][ T4203] usb 7-1: USB disconnect, device number 2 [ 70.470019][ T6330] netlink: 860 bytes leftover after parsing attributes in process `syz.0.118'. [ 70.738427][ T1026] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 70.884789][ T6361] netlink: 4 bytes leftover after parsing attributes in process `syz.1.128'. [ 70.889853][ T1026] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 70.894999][ T1026] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 70.900405][ T1026] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 70.903127][ T1026] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 70.905703][ T1026] usb 5-1: Manufacturer: syz [ 70.909247][ T1026] usb 5-1: config 0 descriptor?? [ 70.968485][ T1026] rc_core: IR keymap rc-hauppauge not found [ 70.970407][ T1026] Registered IR keymap rc-empty [ 70.973448][ T1026] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0 [ 70.977522][ T1026] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input5 [ 71.117464][ T1026] usb 5-1: USB disconnect, device number 2 [ 71.118686][ T63] Bluetooth: hci0: command tx timeout [ 71.279073][ T63] Bluetooth: hci3: command tx timeout [ 71.279088][ T5993] Bluetooth: hci1: command tx timeout [ 71.288220][ T63] Bluetooth: hci2: command tx timeout [ 71.696148][ T6380] netlink: 4 bytes leftover after parsing attributes in process `syz.0.138'. [ 71.736718][ T6385] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 71.743727][ T6385] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 71.745875][ T6385] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 71.747990][ T6385] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 71.750180][ T6385] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 71.752754][ T6385] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 71.754859][ T6385] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 71.756929][ T6385] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 71.759067][ T6385] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 71.761127][ T6385] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 72.187568][ T6398] netlink: 'syz.0.146': attribute type 10 has an invalid length. [ 72.207688][ T6398] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 72.275680][ T6406] netlink: 'syz.0.150': attribute type 1 has an invalid length. [ 72.344827][ T6406] 8021q: adding VLAN 0 to HW filter on device bond1 [ 72.362557][ T6406] veth3: entered promiscuous mode [ 72.366450][ T6406] bond1: (slave veth3): Enslaving as a backup interface with a down link [ 72.434199][ T6414] team0: No ports can be present during mode change [ 72.470832][ T6416] netlink: 772 bytes leftover after parsing attributes in process `syz.0.154'. [ 72.580343][ T6424] netlink: 'syz.3.157': attribute type 10 has an invalid length. [ 72.591038][ T6424] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 72.762131][ T6435] netlink: 32 bytes leftover after parsing attributes in process `syz.0.161'. [ 72.786871][ T40] kauditd_printk_skb: 42 callbacks suppressed [ 72.786881][ T40] audit: type=1326 audit(1758793085.870:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6438 comm="syz.0.162" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6f2438eec9 code=0x0 [ 72.805351][ T6426] could not allocate digest TFM handle cryptd(blake2b-160) [ 72.906305][ T6444] netlink: 4 bytes leftover after parsing attributes in process `syz.3.163'. [ 72.934886][ T6446] netlink: 16 bytes leftover after parsing attributes in process `syz.3.164'. [ 72.963310][ T6448] netlink: 4 bytes leftover after parsing attributes in process `syz.3.165'. [ 72.997807][ T6450] netlink: 4 bytes leftover after parsing attributes in process `syz.3.166'. [ 73.204715][ T40] audit: type=1400 audit(1758793086.290:195): avc: denied { append } for pid=6460 comm="syz.3.169" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 73.319268][ T6472] process 'syz.3.174' launched './file0' with NULL argv: empty string added [ 73.322278][ T40] audit: type=1400 audit(1758793086.410:196): avc: denied { execute_no_trans } for pid=6471 comm="syz.3.174" path="/36/file0" dev="tmpfs" ino=203 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 73.373480][ T40] audit: type=1326 audit(1758793086.460:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6475 comm="syz.3.176" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbcab18eec9 code=0x0 [ 73.413767][ T6478] netlink: 'syz.2.177': attribute type 1 has an invalid length. [ 73.427949][ T6478] 8021q: adding VLAN 0 to HW filter on device bond1 [ 73.444410][ T6478] veth3: entered promiscuous mode [ 73.449672][ T6478] bond1: (slave veth3): Enslaving as a backup interface with a down link [ 73.644653][ T40] audit: type=1400 audit(1758793086.730:198): avc: denied { read } for pid=6485 comm="syz.0.179" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 73.701242][ T6492] netlink: 'syz.2.182': attribute type 10 has an invalid length. [ 73.712653][ T6492] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 73.817611][ T6497] netlink: 4 bytes leftover after parsing attributes in process `syz.1.184'. [ 73.856072][ T6501] netlink: 4 bytes leftover after parsing attributes in process `syz.0.185'. [ 73.896065][ T6505] netlink: 4 bytes leftover after parsing attributes in process `syz.0.188'. [ 74.027735][ T6511] veth5: entered promiscuous mode [ 74.237490][ T6521] erspan0: entered promiscuous mode [ 74.246978][ T6523] netlink: 4 bytes leftover after parsing attributes in process `syz.0.195'. [ 74.455206][ T6525] could not allocate digest TFM handle cryptd(blake2b-160) [ 74.480285][ T6543] veth3: entered promiscuous mode [ 74.544146][ T40] audit: type=1326 audit(1758793087.630:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6546 comm="syz.0.203" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6f2438eec9 code=0x0 [ 74.623467][ T63] Bluetooth: Wrong link type (-57) [ 74.690602][ T40] audit: type=1326 audit(1758793087.770:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6561 comm="syz.3.211" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbcab18eec9 code=0x0 [ 75.051619][ T40] audit: type=1400 audit(1758793088.140:201): avc: denied { validate_trans } for pid=6593 comm="syz.1.222" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 75.333253][ T6606] netlink: 'syz.1.227': attribute type 1 has an invalid length. [ 75.355400][ T6606] veth3: entered promiscuous mode [ 75.402016][ T6610] netlink: 'syz.0.229': attribute type 10 has an invalid length. [ 75.405866][ T6610] ------------[ cut here ]------------ [ 75.407715][ T6610] WARNING: CPU: 3 PID: 6610 at net/mac80211/offchannel.c:404 ieee80211_start_next_roc+0x24c/0x2c0 [ 75.411192][ T6610] Modules linked in: [ 75.413068][ T6610] CPU: 3 UID: 0 PID: 6610 Comm: syz.0.229 Not tainted syzkaller #0 PREEMPT(full) [ 75.416974][ T6610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.420574][ T6610] RIP: 0010:ieee80211_start_next_roc+0x24c/0x2c0 [ 75.422535][ T6610] Code: 7b 40 e8 27 7d db ff 48 83 c4 10 5b 5d e9 4c 83 b5 f6 e8 47 83 b5 f6 48 89 df e8 4f 5f ff ff e9 40 ff ff ff e8 35 83 b5 f6 90 <0f> 0b 90 e9 32 ff ff ff 48 c7 c7 54 a8 ab 90 e8 20 eb 1b f7 e9 db [ 75.428665][ T6610] RSP: 0018:ffffc90005816bc0 EFLAGS: 00010287 [ 75.430517][ T6610] RAX: 0000000000001beb RBX: ffff888055418e40 RCX: ffffc90007792000 [ 75.432904][ T6610] RDX: 0000000000080000 RSI: ffffffff8b061a4b RDI: 0000000000000001 [ 75.435372][ T6610] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 75.437773][ T6610] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000041 [ 75.440352][ T6610] R13: ffff88805541a8c0 R14: 0000000000000000 R15: dffffc0000000000 [ 75.442723][ T6610] FS: 00007f6f251a16c0(0000) GS:ffff8880d69b2000(0000) knlGS:0000000000000000 [ 75.445454][ T6610] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.447535][ T6610] CR2: 000000110c3eae61 CR3: 000000005b2d2000 CR4: 0000000000352ef0 [ 75.450401][ T6610] Call Trace: [ 75.451457][ T6610] [ 75.452712][ T6610] ? __pfx_mac80211_hwsim_sw_scan_complete+0x10/0x10 [ 75.455353][ T6610] __ieee80211_scan_completed+0x4fb/0xe40 [ 75.457353][ T6610] ieee80211_scan_cancel+0x1cf/0x980 [ 75.459170][ T6610] ieee80211_do_stop+0x1b46/0x2520 [ 75.460739][ T6610] ? __pfx___mutex_trylock_common+0x10/0x10 [ 75.462565][ T6610] ? __pfx_ieee80211_do_stop+0x10/0x10 [ 75.464249][ T6610] ? do_raw_spin_lock+0x12c/0x2b0 [ 75.465787][ T6610] ? mark_held_locks+0x49/0x80 [ 75.467266][ T6610] ? __pfx_ieee80211_stop+0x10/0x10 [ 75.469118][ T6610] ieee80211_stop+0x169/0x320 [ 75.470540][ T6610] ? __pfx_ieee80211_stop+0x10/0x10 [ 75.472080][ T6610] __dev_close_many+0x298/0x760 [ 75.473557][ T6610] ? __pfx___dev_close_many+0x10/0x10 [ 75.475151][ T6610] __dev_change_flags+0x4d8/0x720 [ 75.476660][ T6610] ? __pfx___dev_change_flags+0x10/0x10 [ 75.478503][ T6610] ? __pfx___schedule+0x10/0x10 [ 75.479962][ T6610] ? __pfx_validate_linkmsg+0x10/0x10 [ 75.481608][ T6610] netif_change_flags+0x8d/0x160 [ 75.483128][ T6610] do_setlink.constprop.0+0xb53/0x4380 [ 75.484758][ T6610] ? __pfx_do_setlink.constprop.0+0x10/0x10 [ 75.486516][ T6610] ? __lock_acquire+0xb97/0x1ce0 [ 75.488304][ T6610] ? __mutex_trylock_common+0xe9/0x250 [ 75.490199][ T6610] ? __pfx___mutex_trylock_common+0x10/0x10 [ 75.492820][ T6610] ? __pfx___might_resched+0x10/0x10 [ 75.494473][ T6610] ? rcu_is_watching+0x12/0xc0 [ 75.495973][ T6610] ? trace_contention_end+0xdd/0x130 [ 75.497606][ T6610] ? __mutex_lock+0x1c5/0x1060 [ 75.499408][ T6610] ? __pfx___mutex_lock+0x10/0x10 [ 75.500946][ T6610] ? cap_capable+0xb3/0x250 [ 75.502371][ T6610] rtnl_newlink+0x1446/0x2000 [ 75.503825][ T6610] ? __pfx_rtnl_newlink+0x10/0x10 [ 75.505408][ T6610] ? find_held_lock+0x2b/0x80 [ 75.506858][ T6610] ? avc_has_perm_noaudit+0x117/0x3b0 [ 75.508757][ T6610] ? avc_has_perm_noaudit+0x149/0x3b0 [ 75.510464][ T6610] ? __lock_acquire+0x62e/0x1ce0 [ 75.511975][ T6610] ? find_held_lock+0x2b/0x80 [ 75.513406][ T6610] ? __pfx_rtnl_newlink+0x10/0x10 [ 75.514947][ T6610] ? __pfx_rtnl_newlink+0x10/0x10 [ 75.516452][ T6610] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 75.518040][ T6610] ? __pfx_rtnl_newlink+0x10/0x10 [ 75.520456][ T6610] rtnetlink_rcv_msg+0x95b/0xe90 [ 75.522008][ T6610] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 75.523679][ T6610] ? ref_tracker_free+0x37c/0x830 [ 75.525204][ T6610] netlink_rcv_skb+0x155/0x420 [ 75.526667][ T6610] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 75.528704][ T6610] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 75.530428][ T6610] ? netlink_deliver_tap+0x1ae/0xd30 [ 75.532068][ T6610] netlink_unicast+0x5aa/0x870 [ 75.533562][ T6610] ? __pfx_netlink_unicast+0x10/0x10 [ 75.535171][ T6610] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 75.537037][ T6610] netlink_sendmsg+0x8d1/0xdd0 [ 75.538649][ T6610] ? __pfx_netlink_sendmsg+0x10/0x10 [ 75.540272][ T6610] ____sys_sendmsg+0xa98/0xc70 [ 75.541754][ T6610] ? copy_msghdr_from_user+0x10a/0x160 [ 75.543419][ T6610] ? __pfx_____sys_sendmsg+0x10/0x10 [ 75.545031][ T6610] ___sys_sendmsg+0x134/0x1d0 [ 75.546503][ T6610] ? __pfx____sys_sendmsg+0x10/0x10 [ 75.548226][ T6610] __sys_sendmsg+0x16d/0x220 [ 75.549646][ T6610] ? __pfx___sys_sendmsg+0x10/0x10 [ 75.551248][ T6610] ? __x64_sys_futex+0x1e0/0x4c0 [ 75.552746][ T6610] do_syscall_64+0xcd/0x4e0 [ 75.554141][ T6610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.555935][ T6610] RIP: 0033:0x7f6f2438eec9 [ 75.557304][ T6610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.563247][ T6610] RSP: 002b:00007f6f251a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 75.565773][ T6610] RAX: ffffffffffffffda RBX: 00007f6f245e5fa0 RCX: 00007f6f2438eec9 [ 75.568259][ T6610] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000004 [ 75.570732][ T6610] RBP: 00007f6f24411f91 R08: 0000000000000000 R09: 0000000000000000 [ 75.573136][ T6610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.575525][ T6610] R13: 00007f6f245e6038 R14: 00007f6f245e5fa0 R15: 00007ffd1ff76dd8 [ 75.578008][ T6610] [ 75.579112][ T6610] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 75.581314][ T6610] CPU: 3 UID: 0 PID: 6610 Comm: syz.0.229 Not tainted syzkaller #0 PREEMPT(full) [ 75.584067][ T6610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.587309][ T6610] Call Trace: [ 75.588350][ T6610] [ 75.589287][ T6610] dump_stack_lvl+0x3d/0x1f0 [ 75.590718][ T6610] vpanic+0x6e8/0x7a0 [ 75.591972][ T6610] ? __pfx_vpanic+0x10/0x10 [ 75.593368][ T6610] ? ieee80211_start_next_roc+0x24c/0x2c0 [ 75.595098][ T6610] panic+0xca/0xd0 [ 75.596251][ T6610] ? __pfx_panic+0x10/0x10 [ 75.597623][ T6610] check_panic_on_warn+0xab/0xb0 [ 75.599121][ T6610] __warn+0xf6/0x3c0 [ 75.600342][ T6610] ? ieee80211_start_next_roc+0x24c/0x2c0 [ 75.602260][ T6610] report_bug+0x3c3/0x580 [ 75.603636][ T6610] ? ieee80211_start_next_roc+0x24c/0x2c0 [ 75.605577][ T6610] handle_bug+0x184/0x210 [ 75.607242][ T6610] exc_invalid_op+0x17/0x50 [ 75.608966][ T6610] asm_exc_invalid_op+0x1a/0x20 [ 75.610568][ T6610] RIP: 0010:ieee80211_start_next_roc+0x24c/0x2c0 [ 75.612547][ T6610] Code: 7b 40 e8 27 7d db ff 48 83 c4 10 5b 5d e9 4c 83 b5 f6 e8 47 83 b5 f6 48 89 df e8 4f 5f ff ff e9 40 ff ff ff e8 35 83 b5 f6 90 <0f> 0b 90 e9 32 ff ff ff 48 c7 c7 54 a8 ab 90 e8 20 eb 1b f7 e9 db [ 75.618390][ T6610] RSP: 0018:ffffc90005816bc0 EFLAGS: 00010287 [ 75.620286][ T6610] RAX: 0000000000001beb RBX: ffff888055418e40 RCX: ffffc90007792000 [ 75.622696][ T6610] RDX: 0000000000080000 RSI: ffffffff8b061a4b RDI: 0000000000000001 [ 75.625090][ T6610] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 75.627525][ T6610] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000041 [ 75.629991][ T6610] R13: ffff88805541a8c0 R14: 0000000000000000 R15: dffffc0000000000 [ 75.632425][ T6610] ? ieee80211_start_next_roc+0x24b/0x2c0 [ 75.634217][ T6610] ? __pfx_mac80211_hwsim_sw_scan_complete+0x10/0x10 [ 75.636268][ T6610] __ieee80211_scan_completed+0x4fb/0xe40 [ 75.638033][ T6610] ieee80211_scan_cancel+0x1cf/0x980 [ 75.639711][ T6610] ieee80211_do_stop+0x1b46/0x2520 [ 75.641294][ T6610] ? __pfx___mutex_trylock_common+0x10/0x10 [ 75.643089][ T6610] ? __pfx_ieee80211_do_stop+0x10/0x10 [ 75.644701][ T6610] ? do_raw_spin_lock+0x12c/0x2b0 [ 75.646259][ T6610] ? mark_held_locks+0x49/0x80 [ 75.647686][ T6610] ? __pfx_ieee80211_stop+0x10/0x10 [ 75.649232][ T6610] ieee80211_stop+0x169/0x320 [ 75.650693][ T6610] ? __pfx_ieee80211_stop+0x10/0x10 [ 75.652277][ T6610] __dev_close_many+0x298/0x760 [ 75.653724][ T6610] ? __pfx___dev_close_many+0x10/0x10 [ 75.655353][ T6610] __dev_change_flags+0x4d8/0x720 [ 75.656878][ T6610] ? __pfx___dev_change_flags+0x10/0x10 [ 75.658632][ T6610] ? __pfx___schedule+0x10/0x10 [ 75.660176][ T6610] ? __pfx_validate_linkmsg+0x10/0x10 [ 75.661871][ T6610] netif_change_flags+0x8d/0x160 [ 75.663410][ T6610] do_setlink.constprop.0+0xb53/0x4380 [ 75.665075][ T6610] ? __pfx_do_setlink.constprop.0+0x10/0x10 [ 75.666915][ T6610] ? __lock_acquire+0xb97/0x1ce0 [ 75.668469][ T6610] ? __mutex_trylock_common+0xe9/0x250 [ 75.670154][ T6610] ? __pfx___mutex_trylock_common+0x10/0x10 [ 75.671980][ T6610] ? __pfx___might_resched+0x10/0x10 [ 75.673603][ T6610] ? rcu_is_watching+0x12/0xc0 [ 75.675054][ T6610] ? trace_contention_end+0xdd/0x130 [ 75.676644][ T6610] ? __mutex_lock+0x1c5/0x1060 [ 75.678109][ T6610] ? __pfx___mutex_lock+0x10/0x10 [ 75.679654][ T6610] ? cap_capable+0xb3/0x250 [ 75.681046][ T6610] rtnl_newlink+0x1446/0x2000 [ 75.682501][ T6610] ? __pfx_rtnl_newlink+0x10/0x10 [ 75.684025][ T6610] ? find_held_lock+0x2b/0x80 [ 75.685475][ T6610] ? avc_has_perm_noaudit+0x117/0x3b0 [ 75.687115][ T6610] ? avc_has_perm_noaudit+0x149/0x3b0 [ 75.688744][ T6610] ? __lock_acquire+0x62e/0x1ce0 [ 75.690284][ T6610] ? find_held_lock+0x2b/0x80 [ 75.691718][ T6610] ? __pfx_rtnl_newlink+0x10/0x10 [ 75.693254][ T6610] ? __pfx_rtnl_newlink+0x10/0x10 [ 75.694768][ T6610] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 75.696326][ T6610] ? __pfx_rtnl_newlink+0x10/0x10 [ 75.697898][ T6610] rtnetlink_rcv_msg+0x95b/0xe90 [ 75.699418][ T6610] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 75.701054][ T6610] ? ref_tracker_free+0x37c/0x830 [ 75.702609][ T6610] netlink_rcv_skb+0x155/0x420 [ 75.704043][ T6610] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 75.705708][ T6610] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 75.707341][ T6610] ? netlink_deliver_tap+0x1ae/0xd30 [ 75.708990][ T6610] netlink_unicast+0x5aa/0x870 [ 75.710514][ T6610] ? __pfx_netlink_unicast+0x10/0x10 [ 75.712162][ T6610] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 75.714017][ T6610] netlink_sendmsg+0x8d1/0xdd0 [ 75.715520][ T6610] ? __pfx_netlink_sendmsg+0x10/0x10 [ 75.717167][ T6610] ____sys_sendmsg+0xa98/0xc70 [ 75.718741][ T6610] ? copy_msghdr_from_user+0x10a/0x160 [ 75.720503][ T6610] ? __pfx_____sys_sendmsg+0x10/0x10 [ 75.722140][ T6610] ___sys_sendmsg+0x134/0x1d0 [ 75.723598][ T6610] ? __pfx____sys_sendmsg+0x10/0x10 [ 75.725223][ T6610] __sys_sendmsg+0x16d/0x220 [ 75.726654][ T6610] ? __pfx___sys_sendmsg+0x10/0x10 [ 75.728200][ T6610] ? __x64_sys_futex+0x1e0/0x4c0 [ 75.729687][ T6610] do_syscall_64+0xcd/0x4e0 [ 75.731080][ T6610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.732863][ T6610] RIP: 0033:0x7f6f2438eec9 [ 75.734253][ T6610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.739948][ T6610] RSP: 002b:00007f6f251a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 75.742484][ T6610] RAX: ffffffffffffffda RBX: 00007f6f245e5fa0 RCX: 00007f6f2438eec9 [ 75.744880][ T6610] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000004 [ 75.747264][ T6610] RBP: 00007f6f24411f91 R08: 0000000000000000 R09: 0000000000000000 [ 75.749655][ T6610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.752066][ T6610] R13: 00007f6f245e6038 R14: 00007f6f245e5fa0 R15: 00007ffd1ff76dd8 [ 75.754476][ T6610] [ 75.756130][ T6610] Kernel Offset: disabled [ 75.757433][ T6610] Rebooting in 86400 seconds.. VM DIAGNOSIS: 09:38:08 Registers: info registers vcpu 0 CPU#0 EAX=00000000 EBX=00000000 ECX=00000000 EDX=00000000 ESI=00000000 EDI=00000000 EBP=00000000 ESP=00000f80 EIP=00000000 EFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0038 00000000 000fffff 00409300 DPL=0 DS [-WA] CS =0030 00000000 000fffff 00409b00 DPL=0 CS32 [-RA] SS =0038 00000000 000fffff 00409300 DPL=0 DS [-WA] DS =0038 00000000 000fffff 00409300 DPL=0 DS [-WA] FS =0038 00000000 000fffff 00409300 DPL=0 DS [-WA] GS =0038 00000000 000fffff 00409300 DPL=0 DS [-WA] LDT=0008 00001800 000007ff 00408200 DPL=0 LDT TR =0000 00000000 0000ffff 00008b00 DPL=0 TSS32-busy GDT= 00001000 000007ff IDT= 00003800 000001ff CR0=00000031 CR2=00000000 CR3=00002000 CR4=00002060 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000001 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000006e24f RBX=0000000000000001 RCX=ffffffff8b94db49 RDX=0000000000000000 RSI=ffffffff8de52d59 RDI=ffffffff8c163400 RBP=ffffed1003bd2488 RSP=ffffc90000177df8 R8 =0000000000000001 R9 =ffffed100d4a6655 R10=ffff88806a5332ab R11=0000000000000000 R12=0000000000000001 R13=ffff88801de92440 R14=ffffffff90ab7690 R15=0000000000000000 RIP=ffffffff8b94c68f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d67b2000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fc5219f3f74 CR3=000000002ce09000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000f0000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055d433108600 000055d433108600 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd0814c7b0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656920343034 3a632e6c656e6e61 686366666f2f3131 32303863616d2f74 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d6576697373696d 7265702079746972 756365733d737361 6c637420745f7974 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6972756365733a72 5f7463656a626f3a 755f6d6574737973 3d747865746e6f63 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7420745f6d646173 79733a725f6d6461 7379733a746f6f72 3d747865746e6f63 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7320223232322e31 2e7a7973223d6d6d 6f6320333935363d 6469702020726f66 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 EAX=00000002 EBX=00000009 ECX=fffffffd EDX=00000000 ESI=00000002 EDI=00000000 EBP=00001004 ESP=002004c4 EIP=080a0000 EFL=002110d3 [--SZA-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 00000000 0000ffff 00009300 CS =f000 ffff0000 0000ffff 00009b00 SS =0000 00000000 0000ffff 00009300 DS =0000 00000000 0000ffff 00009300 FS =0000 00000000 0000ffff 00009300 GS =0000 00000000 0000ffff 00009300 LDT=0000 00000000 0000ffff 00008200 TR =0000 00000000 0000ffff 00008b00 GDT= 00000000 0000ffff IDT= 00000000 0000ffff CR0=00000030 CR2=00000000 CR3=00000000 CR4=00002040 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000000 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd1ff772e6 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd1ff772e6 00007ffd1ff772ec ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f24412fbe ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f24412fcb ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f24412fc5 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f24412fd9 info registers vcpu 3 CPU#3 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff8564c4d0 RDI=ffffffff9b118120 RBP=ffffffff9b1180e0 RSP=ffffc900058164d8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000020 R14=fffffbfff3623076 R15=dffffc0000000000 RIP=ffffffff8564c4f7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f6f251a16c0 ffffffff 00c00000 GS =0000 ffff8880d69b2000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c3eae61 CR3=000000005b2d2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000100001 Opmask01=000000000000001f Opmask02=00000000ffff7fdf Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f68637461772f76 6564752f6e75722f ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f68637461772f76 6564752f6e75722f ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055f1d20044d0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efd699f1b20 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 63697665642f3d48 5441505645440065 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73732682a150aac3 73732682a150f853 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73730d8e1aec6813 73730d8e1aec6813 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 772f766564752f6e 75722f00646c6f2e 68637461772f7665 64752f6e75722f00 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 520a534041500a4b 50570a0041494a0b 4d465144520a5340 41500a4b50570a00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7f721b1b09004d3d 303623741f01546e 1d16181c1f417879 7c617c3d30307c65 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3530302f6273752f 7375623d454d414e 564544003331353d 524f4e494d003938 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 607e616a31733163 3c2a2a69041d170b 124579447f7e6a75 060e1e1f08443905 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7f7f7f7f3f7f7d7f 7e7f6f7d3f3d777f 7f777d7e7f7f7e7f 7e7f7f7f3f747d67 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 302f343064623a31 2b32316f70627e32 2d332e36312e312d 6e61696265642d33 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e3d524f4a414d00 62642f3d4d455453 5953422f5300312d 352f352f3d482f30 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e30302f44414d00 00642f3d4545414e 564542003300312d 352f350032002f2f ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000