last executing test programs: 4.837942362s ago: executing program 3 (id=171): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000006280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda451852e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a", 0x2000, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0) ioctl$KVM_SET_FPU(0xffffffffffffffff, 0x41a0ae8d, &(0x7f0000000440)={'\x00', 0x42, 0x5, 0xbd, 0x0, 0x3, 0x0, 0x0, '\x00', 0x650}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@mpls_delroute={0x30, 0x18, 0x9, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_VIA={0x14, 0x12, {0x11, "b6acd7b8f7f0a0ae8c5d910c3378"}}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 4.618036551s ago: executing program 3 (id=174): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$inet_tcp_int(r2, 0x6, 0x3, 0x0, &(0x7f0000009800)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCPKT(r4, 0x5420, 0xfffffffffffffffe) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000000)={0x1fd, 0x100, 0x3c0, &(0x7f0000000440)=[0x50b8, 0x7, 0x7fffffff, 0x7, 0x2, 0xf69c, 0x8, 0x8, 0x80000001, 0x8, 0x9, 0x40, 0x0, 0x43b, 0xf3, 0x1, 0x66e6, 0x400, 0x2, 0xfffffffffffff2f5, 0xffffffffffff9e23, 0x5e8d, 0x1, 0x7, 0x2, 0x8000000000000000, 0x7, 0xa7db, 0x9, 0x4, 0x9, 0xffffffffffffffff, 0x7f, 0x100000001, 0x9, 0xb, 0x7, 0x8001, 0x7, 0x71, 0x8, 0x54, 0x3, 0x3, 0x6, 0x6, 0x7, 0x1, 0x0, 0x101, 0x3, 0xfff, 0x0, 0x80000000, 0x6, 0x9, 0x7f, 0x2, 0x1, 0xffff, 0x8000, 0xd8, 0x9, 0x7, 0x3, 0x1000, 0x8, 0xf8, 0x443d5831, 0x884e, 0xfc81, 0x3, 0x5, 0x4, 0x10, 0xfff, 0x2, 0xfffffffffffffffd, 0x2, 0xffffffffffffffd1, 0x3, 0x6, 0x4, 0x8001, 0x5, 0x81, 0x3ff, 0x2, 0x8, 0x3abd339c, 0x4, 0x7, 0xffffffff00000000, 0xfffffffffffff274, 0x7f, 0x0, 0x6, 0x1000, 0x0, 0x9, 0x4, 0x100000000, 0x6, 0x1ff, 0x3, 0x0, 0x8, 0x100000000, 0x8000000000000000, 0x1, 0x5ac, 0x8001, 0x7, 0x2, 0x0, 0x5, 0x3, 0x8, 0x100, 0x0, 0x6, 0x4, 0x1c37, 0x34f, 0x20000000000004, 0x2, 0x3b7]}) ioctl$KVM_CAP_X86_USER_SPACE_MSR(r1, 0x4068aea3, &(0x7f0000000380)={0xbc, 0x0, 0x3}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b8970000000f23c80f21f866350c00a0000f23f89d0f326635000400000f302e8dcc0f23742e3b5753baf80466b8f494f78e66efbafc0c66b83ac80000666fda6509", 0x46}], 0x1, 0x12, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = socket(0x2, 0x80805, 0x0) bind$alg(r5, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-blowfish-asm\x00'}, 0x58) ioctl$KVM_RUN(r3, 0xae80, 0x0) 3.615113842s ago: executing program 3 (id=181): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000040)={{@my=0x0, 0x3000}, @any, 0xd, 0x100, 0x3, 0x35c1eaa7, 0xac85, 0x5, 0x3d}) socket$nl_route(0x10, 0x3, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xd) r2 = dup(r1) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000006c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000640), 0x13f, 0x2}}, 0x20) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) 2.69598598s ago: executing program 3 (id=191): setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000100)={0x6, &(0x7f00000000c0)=[{0x4, 0x9, 0x0, 0x800}, {0x8, 0x9e, 0x3, 0x2}, {0x1, 0x1, 0x0, 0x4}, {0xff, 0x40, 0x3, 0x1}, {0xf0b4, 0x5, 0xfc, 0x5}, {0x6, 0x10, 0x2, 0x3}]}, 0x10) syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040f0400010104"], 0x7) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe) r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCADDRT(r1, 0x890b, &(0x7f0000000300)={@null, 0xf, 'team_slave_1\x00'}) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x0, 0x5}) r2 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$sock(r2, &(0x7f00000008c0)=[{{&(0x7f0000000140)=@in6={0xa, 0x4e24, 0x1, @dev={0xfe, 0x80, '\x00', 0xa}}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x6}}], 0x18}}], 0x1, 0x4000000) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) 2.695455484s ago: executing program 3 (id=192): r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0xdf8efba0e04b67fd) ioctl$NBD_PRINT_DEBUG(r0, 0xab06) r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/attr/sockcreate\x00', 0x2, 0x0) write$selinux_attr(r1, &(0x7f0000000080)='system_u:object_r:sshd_exec_t:s0\x00', 0x21) memfd_create(&(0x7f00000000c0)='/proc/self/attr/sockcreate\x00', 0x1) (async) memfd_create(&(0x7f00000000c0)='/proc/self/attr/sockcreate\x00', 0x1) fsopen(&(0x7f0000000100)='rootfs\x00', 0x1) fallocate(r0, 0x1, 0x9, 0x2) (async) fallocate(r0, 0x1, 0x9, 0x2) r2 = accept$alg(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r2, 0x29c06000) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0xc300, 0x0) pipe2$watch_queue(&(0x7f0000000180), 0x80) (async) pipe2$watch_queue(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$NBD_SET_TIMEOUT(r3, 0xab09, 0x3) ioctl$BLKDISCARD(r0, 0x1277, &(0x7f00000001c0)=0x3ff) (async) ioctl$BLKDISCARD(r0, 0x1277, &(0x7f00000001c0)=0x3ff) r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000240), r3) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000300)={'gre0\x00', &(0x7f0000000280)={'tunl0\x00', 0x0, 0x40, 0x80, 0x8, 0x7, {{0xe, 0x4, 0x1, 0x9, 0x38, 0x66, 0x0, 0x3, 0x0, 0x0, @empty, @private=0xa010102, {[@timestamp_prespec={0x44, 0x24, 0xcd, 0x3, 0x4, [{@rand_addr=0x64010100, 0x40000000}, {@empty, 0x600000}, {@rand_addr=0x64010100, 0x2}, {@rand_addr=0x64010101, 0x9}]}]}}}}}) (async) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000300)={'gre0\x00', &(0x7f0000000280)={'tunl0\x00', 0x0, 0x40, 0x80, 0x8, 0x7, {{0xe, 0x4, 0x1, 0x9, 0x38, 0x66, 0x0, 0x3, 0x0, 0x0, @empty, @private=0xa010102, {[@timestamp_prespec={0x44, 0x24, 0xcd, 0x3, 0x4, [{@rand_addr=0x64010100, 0x40000000}, {@empty, 0x600000}, {@rand_addr=0x64010100, 0x2}, {@rand_addr=0x64010101, 0x9}]}]}}}}}) sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r3, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x9c, r4, 0x2, 0x70bd25, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}, @MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x9}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x9}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x34, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x1800}, 0x0) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', &(0x7f0000000740)={[&(0x7f00000004c0)=']\x00', &(0x7f0000000500)='/proc/self/attr/sockcreate\x00', &(0x7f0000000540)='],\x00', &(0x7f0000000580)='/dev/nbd#\x00', &(0x7f00000005c0)='mptcp_pm\x00', &(0x7f0000000600)='system_u:object_r:sshd_exec_t:s0\x00', &(0x7f0000000640)='gre0\x00', &(0x7f0000000680)='\x00', &(0x7f00000006c0)='(\x94\\\'-\x00', &(0x7f0000000700)='rootfs\x00']}, &(0x7f0000000a40)={[&(0x7f00000007c0)='\x00', &(0x7f0000000800)='mptcp_pm\x00', &(0x7f0000000840)='tunl0\x00', &(0x7f0000000880)='&^*!-*\x00', &(0x7f00000008c0)='rootfs\x00', &(0x7f0000000900)='\x00', &(0x7f0000000940)='system_u:object_r:sshd_exec_t:s0\x00', &(0x7f0000000980)='/dev/nbd#\x00', &(0x7f00000009c0)='(-{\x00', &(0x7f0000000a00)='\x00']}, 0x100) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r3, 0x3312, 0x6) mmap$snddsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000000, 0x13, r3, 0xa000) (async) mmap$snddsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000000, 0x13, r3, 0xa000) ioctl$NBD_DISCONNECT(r3, 0xab08) writev(r3, &(0x7f0000000f40)=[{&(0x7f0000000ac0)="2c45195d965eb126802f5b5202275b6a41aa2320b2120e180bf23e956f03155b517b855c310ad1611c90b691cade975f314fcbee051c421955b0cc5c32813fd2585e947152a8127e785d3f94255f1c08a6faf3dff2d0ea727f0f66411e4ac68ea181b1b2d804cb0e16bd1165b26c0ef6e4f1b96a3cc783e87a1b6f7d1207a9dfb0f970cfd7e40d600d7fb5f154df5e2f81f87a229e1bfc", 0x97}, {&(0x7f0000000b80)="134cae33390b24586a493ead17ccde402e1113f4baa5f7077ab4340da9300c94047bcb4c0dd9ef1fae699f0fa8e725c593dae4bf2d61577ed985af42", 0x3c}, {&(0x7f0000000bc0)="0b02968d71f3d24b38930c28cbfc8de131bb343579932fdb2670c872f00df138b6ed37f2b8b1f5e2d63a4742381cc3c5bc015120ee2ec8336484e1a76471340d955a69701ed136dcf47286b3b023c3", 0x4f}, {&(0x7f0000000c40)="1fc4e05b2ed9dd556478b34520e0d3d0872566939216e976c60802352d0fc0b73142e5163b2ce6256a59f680874b93a353f7aa622a9cab13be107a282b085c2c13c363933eb250ee1b127e5cf607fa2c8f603166cea809ed706deb4852097668a22442bf903ae4ecec5a09237ff002ba409dc26cbcdded98cdfe49b1aca1cce0d89325fdbd9fa15ae5c803e5d1f5b1f920a5d47ff7bb99095f466e5d784a5bd13cddeceda5df4cc03af7608f738356ded355741d26cdc0b4bbe71ec165f622ceb9fe4be829958f683df55419a272b9d9ca960144a43610255cc30dde150e5cb6460dec841cef3b7d4f60cfd86d3ca3fd", 0xf0}, {&(0x7f0000000d40)="39eaedf55eaef917ff774ffc44cfa816d0d91eb1ee83cfe0f0ecf135bbcb7f45a329d5f5f410313e3a8b1bda14fd80eb536ffaa66cead48407c91fe8992a7f5e7c42804543bcc90a1d00b6a6e6a57a5215a4d5bfccc5d11e92331d46f19b17d8bee5ba37ad2026e3e07886bd8bf66ef790971d74f8f38cb0049e03d5d39b23641418eece553f956d889cdd3096df9fbacb12b7d0cc8a9de9bc30bc070eff2359b39e3e505432ea9411fb8f0717ac8cb4cb64e875034626ca57d793bad8e34487cb9e9f4f1c981e04c09cf2384833b2b4a39e1f48e353d7e37b47a2096f7ced37560d81ffd9a6eb0c20f8e2a1caedbf51a73cabb0c5596a6d3eeba913d781", 0xfe}, {&(0x7f0000000e40)="733c9da41d5e08b6fd32d07ee1df785f9068c77a0ef1b3734e825193d1419be81c12b1bd164ecc6ed21dac6af14412747f5045bd66013f2f7242081207b632e1364634eeae22f048cd852039ba18ae27afa70526eb203b3f2a96111056c34c89f29847457f76f5e14c8b0d65b57c720798c2109b25d36c03c04b5745b15c028aa781943b00f5c2de145fba0715803aa040fe1439ae3615f4d32f80838d8a01e567beca8fdc05c514c48de91ad162b69865ee2d6c66b1468a19f6bb9678ddf382736ed6e57131", 0xc6}], 0x6) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001000), r3) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000001100)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000010c0)={&(0x7f0000001040)={0x5c, r6, 0x200, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x6, 0x62}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x5}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}]]}, 0x5c}, 0x1, 0x0, 0x0, 0x8010}, 0x4040000) (async) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000001100)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000010c0)={&(0x7f0000001040)={0x5c, r6, 0x200, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x6, 0x62}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x5}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}]]}, 0x5c}, 0x1, 0x0, 0x0, 0x8010}, 0x4040000) openat$ptmx(0xffffffffffffff9c, &(0x7f0000001140), 0x400, 0x0) (async) r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001140), 0x400, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(r7, 0x541c, &(0x7f0000001180)) symlinkat(&(0x7f00000011c0)='./file0\x00', r3, &(0x7f0000001200)='./file0\x00') (async) symlinkat(&(0x7f00000011c0)='./file0\x00', r3, &(0x7f0000001200)='./file0\x00') syz_clone(0xec1393212c83cb84, &(0x7f0000001240)="b953", 0x2, &(0x7f0000001280), &(0x7f00000012c0), &(0x7f0000001300)="fee0a0a6ba268b9060fb97f9310a7f8431aa219c539d9b4d934a91be11d782b105706e8b9fe866c97221360e2035219880613a1b06d4d8cbd2e32adf61e1358c18a1c03127515842b3cb58b94c242282055c55893447020ecf35bbcc6d1cc2884e248da332d8d9fb36d51e9e79431f5f943b391e5ff5dc95f79f3d8b6e729d445688f99bbf7434705a44a8fabb74e0cef9c97336467c8521dbbf8b60518256e437529ac5625b55cf0cefb2ccfe51a67ae13bbaaf8b6e16e0e15735f99154ef6420fd17e200dc1f14a5d3766e35e0baad225454b03759619d19e2cf38ff7feb381cf76f9eed234b1d230d93803a28ad660cf87ee6b7b83c9ba100cdca101e35b3fc349cac2326ad2df13df97dadbc8b6ce94a69933e026c0a0655dce4853f703500a4b1b95e6338c020ff4e510a691c330d07fa150c332367bf34ff4a6dda3d3618ba027b1a1a0e8702e7d8fe0ee164c217198627f0f1e0354879e01c47353ff4e5bcf4ba7861b369c016c0d4c328b33a6542a6011208be4b2da5f27eec769f1c8597533fa1eb3252373924ef2a1beb843a75f87a27778a160de3d4c50f3e56e370e5be69e5226226cbac9ea00a2d43c6a7769bfd9b176a6097d3d53b137aa15be862fb606f8946b15ecfd36f4ea2f8c3b91d9d44341d60814158ece0df86ec4cca4c19d15cb24914088151b0c4f6f7ec2aa5ae1a2e62c5cc920462d24f3377cd5a47474f577b3b8b199d5e523b935fba6c4ecdb15129dbce3011ef88a5889d44d87d701137c5cd826b6d37af65cc17553020418e46158506242ef76dec69bfe2d0be787f63fab232ecbcbffd4666bec3ab153723015ceb104155fe8478250762a2b7c0414e7b824130e0731127c6ba719e0659475814ae47b351d4d1ab45dab8abd3cd46e978d2316c63b412b40d0e207ec0b359147ab70436611885d05fa80325fba720cb80ba3ee2659c20ea32c05c3fc56ef2b1e830315c86790cbdccb592eb3419cdd67513a136b6724e7e33da369722815b554b1e3d519b5a42e1ebe74e4cb3b95cb9688ebbc6ea53a854bf54e6163d83604ee1d325d493e1a3321bdb2e3fc46a10768332d1bb44d06124f5ad590814f7d2bd6d5c1de24e96efa72af77fb88431cd8e713d81a1a67f24695f36c0982d2ea76a9863e6643aa6362f5104334da0bf2eb19233a913b8ae32969ad0cbda4fa43037a0965433b987d01c7c19bbf847c25a4aaf8add4e3ad3ab400491f0ad0c4bfe43ba8688970dc4f85098fcba154fc0b7ab90d4cf4602a3df3bc879e8bfa5e9da7a0ddf92666cae21edf24426db803bcd742201b9eb0e5f27673522bf1dab239712acb602b7c282e3562926a5193380e7536451f0471c5b3c3570071bd491352cd695c0414629355ec41e4f5fcdea612247889e5677758b855dcc6f21c4442de1d3447f9b9e9baf62e6aaa3c4cbd4a76883b0089ed27234ecd076e282a4dac20528e1e4c9a59080e4dbc65095bb0474665c041fbaedb6bee4929feeb19d55c865ebeef37ed98e865fab55ac000cb2fe8b5ab4ad6c68b5eb6a2d273d2fd9fcbbee91775ec5ad768afd660d672b13219efbac732baff1910bc2647b37860ac6f91484257dbbee3dc37834de486a6e1d1d82c4113cf1f5cebd2ac568ee2cdb57de07cd3097f9fd3e6f9049faaa49a638254dd52c40cc4f266af588acb5ef3c12a43d2a5f33430fea92d84c6e97c577dded711394ede6e22ad4aaaa109ac4ac727bd8fb02ab04421cee07820f28b2eea2d81fa4a9c62da5fb3bea6bd33fce208144769cfe8cd4b890fb5be406cf951c6b65f9618e8261003abc9a94a707e28a3ac75850b4e264254b7ef2b88609cdb7bea8987b3c821a7f17dfff17b5fce7b73c60cab27a41705648f89fd079ee3a6456b182ce79a9b9682d37db1fff3cc23d8f124d6c2dda810049581e8609557df4430c3171c3481a097ed7aff31367703f0bf45b6908910efe8781b3ed5cfbef0a3b938785c2a61f616e622cd86a9fe0979dc5881a28f8a12c9b05ec7bca9c3bcd9a85909900d9abb2ac71062a19c685994a685ded6b807385d6f68672a267ae37ff6deeedb53c817de296d3dcde5f45d1c2dc312c991c85f4a6232542a6cbb0146d292669d0d1f206e6fb29cffbf7e858d87d522c843c2d99531c29dcaffa1a4f5c4fb8999eb878e317b7629107c6ec413f0377a517903a24831e12c3bb4d20160a211bbda1a42a818188b462c0a2de5fecea7f2e3b7dc843b475a41d6715cad1195fa75250d1b9e6e1cd566c409bb27f923785c64d14485418901e85c2c40897e5f896fe74ccacf435352995688cfa57b7493512568ceeab8962b37543a92374b471505f89c27fc4bd6c1352db0d9845d2a07f76794180aee8cd0d82856bab9396281f3cc794605718063213b9fa753888881707f7c587213daad7139244d9a7374614d0181b720491985b01a92871743013f1136a702bbf415bcab22548cd62ee44a042698b1253b1d0e98d31d3a608f374f65700c9cf31767644247a459d207d25537e6c508b530349a5d5929f362cf39a7a18cde1c76276f004d028cc3dca2eb1160b93fe7365f82dc8225e7ffa9291e21c1d69a6e7476f880ac38b729080370c8f29f46823c47f9fe1775c35364b1690fca6de258949e23db25c3cd5b81ee48b991348af158210b225c58da44e425e3e484ae0d8f2f77327eeb09e3643b90050c47294710c058a887969712a605fd57e24cba1fa19c7bc5c3c8d411672eff6556ef91f32aaade5c3ec0dbe47a93ba6e3944d164994aaaf368c3b6936efb844bafada5012ce05f9ec9dea7b0284e49c93b01d62261afa854486b7fc9932ac08b799b4ba89d199226d33355106df6a27775fc93b0ab7ae589d4cb3296da0408e830df631ac7b7ba27ca15eea00dee888da12beffe0d6614a89bb473c40d7359ae2872f554e5faaf84acde2306e9e00a65fddaf2819f21a881e706eed0f9367bcb84cecef5cadcd42995806bb73ca68fe89381465210276e0a97b91717785929bce2a9b5f5709a10144ceba222917f8215c31b1a482d399a12376e013adbb596379fbeaef0b59737f278aae527c9530a47f7e00f05db5c17b2fa6e17e3bfc7abf7cd1759d5be0fa9512c97d29f39605277c1bbb0d6887c23e0349afd2c6df8e333ce1091ac33dcadfd9cbf5c7638ea6027acd51673ebd5867ac61e0949e773856edf239e0e1ead766999761c595de054d882d12f53a37ba6730efb8a0fd99759347b4275d9b61cfb48bb105ae9fa529c9a58b05bcb8ceb8257a9033a3c4a7152e9dab2bd972e468faa58b646faeb508498cf5f19f800ea005c3fdf22bfdd08d4546a2463a3b6ca4ea72aba241931786dbb30f4db6be8d244487bdd34b5894488e5108a564f07505bf857e0d30a8a4792c15e7f77c26b980920515f78760f345a93767c5b017e7ccc76945d45f0d404c3c80976591d652c9fc8aea1521e3fdcc3c33a97368132134605ca60317b487120abc23af9b26a4c237486f0553e1127b90c090646b23ea987563c9d65320093dcd7c86c2e20cbab0f1ce8a692b0b1d8ef6c7ec61c2734448e1e116d20bf4fe4cb77bb99433f9a9a733a327d8783784d55abb814d459fe81d7d543dae004a383f592795cb71f245110641c71a3c9d57eae3c380db178abdc8a4c2650b3627a944a8dfbb0e52f46c6aad805c88fea25bbdc0e240b07b711a300e38f84ef80b68f804a510dd51f2e9c5413725d50fe2d4a50ae9aa40f9323a30a1e5e6a8d42a411d22a01008853b52bf8f7bcdbb4d08de3e5bb3443c46dcd0b2ca5fe84565256099a587e790dea23170ea38d832e4f374fc05886d86c13fa495635590a589ec4cfb5675470e956a8902dedbee187b9c4722e134578207a4c8a5070502912e6ada33d7c27234e63fbc8cbbec43dc840f796db7c96775ce3c803ad77b7ddce6c03bc10e74c7dcbf7734c07788c3940e086fbdc988f056ef14f33fb9fd2050cc0e3dab5276778fb6cd622620c6030f74dfd86c7b3b31af8eaebd25ebd1368e7eca435a64b014e71ad4e3257506a3f9a9ae6000319b189bef3dcbd20444e2211ddda7a845eef435ebb22b8260fdf1994c9281fc40b9cc6e78b2c29e51f23cd374b40b9d4b95ee66f8c8eb5faa3119896c7b4070baceccea7a6aa34c641ae03c6a021027ca51a5e4bd547dd575c852134336b3a5e047ce22cb4b461ce296da1ac6fc7a50af15d523454f63e81d2029dcfe1d34da4d5f1bacfe0a7049885ce81ec11f157337c82cd4a9c0245aab1cfc89f122af846b3f87224cce0b84f501c1a3eac45cb6ed4f2ef84b20057cc5c2919ec0e38d77f5b7e72ff0e1ac941d1d8cda49951b797aec388b7d94d72b8728027332de89ce6ce2dae3b2a165d88aea9d57307d1da6e801fd13bb485faef4753b61999b5939215112d75a5e1cc5078bd8aeeea7fb177bea304b9499e4ff762b1d5a59a2b20264c73c3ad4d4cfa9d69eabf2e384d1da23d5843d61bec3c8e0180d7970cc9eee61cb7005f1b69090220f3d4fb115c0e94f75dc1edee6d550cdc1a3dedec5c0d0090a012055d8858b0e6e164b1fac2eb84bf0241f14b5118853086ce9fc9aa184395955cf557f7f05cd03c8fd07403a577b5d68a0e850c900c5551836279f5d71277c0572b07973efba946262af52bb540b53cf66c47e3ff6bccd33a5975fc0613e5ad6f038f0b668d256681a8a0cdfe4ed3dc67c9a7ae48a700b36077791b7fcaed16f3f30453ade3089ba31de0c116190de17c1226f2d21c4cec62166aaebd56f4f77cb4f3b83362971522122d55c68aee82ed24e8f1e944dca20e6b75d65c49f6c41206087d89efc967be969964e0578dc56f20737faf070d9ae20d2bcf14d15548412ec1ee3af9a16a78b43b426039f75b28adad4dc0596c608e7fe1116f1856710cc5ba9b9d995afe2c0bb866d06bffe40ecd3815ae688000863dda0a86e71175e9dd1d654627b90dce19d0738ed1927c04e9740df2a37e78c357947b0f5254748e30b8b9d2e1ba592823937c628c2cd60c3c72d4fe9b70ca8a59862f89c9cda759bb10b9b218d96e7faa111af7076147e1c3f9bd8d389fb326738bfe72d4408e9c4860ac36de7582af7268c05efc5daa6180055a0e5fb2d13ac538d917da01800648f2df322228572b0e5c260d8249d48c3ec55b848f9ba101205af4c522095181eb3fa243bb1d9a4697bd2d7dfb1d8f7beb437b35fc7ff0aaec7f264bae752bf08936c0f85da0d30de9eef62d94f13683f5a4bccd724d57841269dee4854b14c0de9f799e3906e75f68ff92891dcb5b3a56540a82f04b20a3c636e88d2cdfb3814c0a32a308534f3ece8af7acc44f555bf5b959f347b880a4dad3bf599b88a2db10528d1023974373d4b3930ff6b026526cae0dc6aefbe837147f908d033c3eeb69b4db85e57ce57c752c61b438dc0f98950c394ef2af980e3954395e8cacce4d39bbfa1a6d652f939a77216628baca8d215500b89c3ff8f519684fd2d6bcb4c569173445a7a5e90c2fe0fe29dd06f7ec5e2cf24b0f0562b0910a6239e33fb8e80b3a2be8a9e61d59b1fe5943a8fe612b29898859446e8e01bfb33cf85b120172704ee16e4e98130e8bbd953f599ff14e178c08ed353a12f968889c4d129c6dfb77bde82f64976f79a1683059c3183849b9c078be7aeb0552c54f4bec8fd1dd5132d3edea5c6809b73d2b17300ae23ed404bbb949a0a3354c5a8d9fc9021c80742de3f443a4b22134e01d43f950f6b150885e12d67c8425c354f612b") ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000002300)={'vcan0\x00'}) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000002300)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r3, &(0x7f0000002440)={&(0x7f0000002340)={0x1d, r8}, 0x10, &(0x7f0000002400)={&(0x7f0000002380)={0x1, 0x88, 0x101, {}, {}, {0x2, 0x1, 0x1}, 0x1, @can={{0x0, 0x1}, 0x0, 0x3, 0x0, 0x0, "ed70df07a8002295"}}, 0x48}, 0x1, 0x0, 0x0, 0x40800}, 0x89884) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000802, 0x0, &(0x7f00000024c0)={0x80000000, 0x9, 0x7, 0x6, 0x5, 0x2, 0x5, 0x8, 0x2}) 2.505395052s ago: executing program 3 (id=196): r0 = syz_usb_connect$cdc_ncm(0x1, 0x6e, &(0x7f0000000080)=ANY=[], 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0xc}}, './file0\x00'}) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000040)=0x81) ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x2, 0x7ff}) syz_usb_disconnect(r0) 1.115797169s ago: executing program 2 (id=212): writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000001c0)="580000001400192340834b80044d8c560a067f0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000d0c10000000224e00000000", 0x58}], 0x1) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/hardlockup_count', 0x800, 0x4) read$char_usb(r0, &(0x7f0000000040)=""/236, 0xec) 1.056225514s ago: executing program 2 (id=213): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000040)={{@my=0x0, 0x3000}, @any, 0xd, 0x100, 0x3, 0x35c1eaa7, 0xac85, 0x5, 0x3d}) socket$nl_route(0x10, 0x3, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xd) r2 = dup(r1) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000006c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000640), 0x13f, 0x2}}, 0x20) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) 505.675129ms ago: executing program 1 (id=219): r0 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x3501) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {0x0, 0x1}, 0x0, 0x1, &(0x7f0000000040)={0x4b5a9da54893e123, 0xf, 0x8, 0x2, 0x4}, 0x8, 0xea, 0x8, 0x0, 0x0, 0x0, 0x0}) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) (async) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001d2c0000000b0a03000000000000000000070000000900010073797a30000000000c0010400000000000000001"], 0xb0}}, 0x0) (async) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)=@ipv6_getnexthop={0x20, 0x6a, 0x1, 0x70bd27, 0x0, {}, [@NHA_ID={0x8}]}, 0x20}}, 0x0) (async) socket$igmp(0x2, 0x3, 0x2) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff000800034000000038400000000c0a0101000000000000000007000000090002006688194b49bb7af20900010073797a3000000000140003"], 0xd4}}, 0x0) (async) r6 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/mnt\x00') (async) sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f0000000540)={0x2a4, r1, 0x110, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x8000}, @NL80211_ATTR_FRAME_MATCH={0xc9, 0x5b, "66cfb64e9b63293f39bf5297a3f09f6aa7800fcddbe95fe2c594de252c0105a5da3ea8309cbed991431a745e7b4b77c32ff13350149e18e7cc05d256790b19fb4d7585f93f0d2bab2de751ad02f8f60d0ecd95b622137b45292c8bfe97976d4665ebc5aa5d6c8845d9e3e9a58b43acfcc524cab2d517a0589743c7bef82e862b7ca05846e33485932b3286d2a6ed3cc542f0937fb8e283202705382d18303429e371d394ebece200452f7805da97e84d1b913c7b1fad13e292e8f4fc93ac43b10e94d0b9f4"}, @NL80211_ATTR_FRAME_MATCH={0xba, 0x5b, "611b5e957e3c52d98af52849331ebfb330410ea431ccb148c7601fb5bbdbda0a168a13a76e53e7b14319d3fce4fc51f53a2e0644de392a374e3a4d1fcc78bf94ae65a63a11fae62b5c3e3fa0c97d96d67b2ee662befaed3f3c9092f1888007c14c12fd69e65d11e0b3614a8fc0f3135cc9c5237902480a8f2f4226e5ae3488c0cd7a5233f9d8ad8ac9a3647f1dfb9aec649cf03f288a126dc1f6c297a14f58296854b30a51a8ba57056b914581506b419d214b62251e"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x6}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x6}, @NL80211_ATTR_FRAME_MATCH={0xee, 0x5b, "395535eabc6de5bc9893f85888a481458282fb56449dec8d1f433b51c42691f6a2fe3a8fcb679598ba911ca16d9a7430efdacbb3eb0ee78e6fc0ff83e0f8c300c837408107bca90503a3de889b00bc76dacde15d5760103a706cdc1c200d3e5b28d63f258e45d7e21116774fac99cb787fb442b2d410aeacf31d7b3912cd643c56fb95aeeef37b6efba11113bd1d395eea61b204303de6f101619e9355db5b736ae8ff86e02230faa9e4a1736fccc3ed63676e100dd667b92b86f2cc198cd965aee8d86950ccb1179ac88efc252dcda3b8dd4e318f543c5ae6a999e048aa55a55d352d7e556a5958e590"}]}, 0x2a4}, 0x1, 0x0, 0x0, 0x2000c0d0}, 0x4) (async) r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) (async) r9 = dup3(r8, r7, 0x0) r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x11, r10, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r10, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x80000}) (async) ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x50, 0xfb0, &(0x7f0000000800)={@fd={0x66642a85, 0x0, r9}, @fd={0x66642a85, 0x0, r10}, @fda={0x66642a85, 0x3, 0x1, 0x16}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0}) (async) ioctl$BTRFS_IOC_RM_DEV(r6, 0x5000940b, 0x0) (async) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan1\x00', 0x0}) socket$rds(0x15, 0x5, 0x0) (async) sendmsg$NL80211_CMD_SET_STATION(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="080002000000800000001200000008000300", @ANYRES32=r11, @ANYBLOB="ce2bcc3a050013010100000005001301"], 0x2c}, 0x1, 0x0, 0x0, 0x4000840}, 0x0) 446.114564ms ago: executing program 1 (id=221): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000240)=0x3, 0x4) (async) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) (async) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) (async) sendmmsg(r0, &(0x7f0000000180), 0x400000000000077, 0x7600) (async) openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 445.892754ms ago: executing program 0 (id=222): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bind$packet(0xffffffffffffffff, 0x0, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0) preadv2(r2, &(0x7f0000000100)=[{&(0x7f0000000080)=""/125, 0x7d}], 0x1, 0x8, 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000740)=ANY=[@ANYRES16=r1, @ANYBLOB="37091d567f5bd9c1b8dc6260f44decdbb82ad0ee3c843fff0c70a01b5773ded812cb04d4e33e424038fa3d67e536f50bf1d497f2b6f8195d6314d7128b61a3c180b40183e8f99b34f1c361", @ANYRES8=r2, @ANYRESDEC=0x0, @ANYRESOCT=r2, @ANYRES64=r0, @ANYRES16=r2, @ANYBLOB="a88c01b78200eaf304e69a1c264a7e44f6e7f242a88c6e6e247f75c63b2b7fc1f88255a728afee7a60d0bab76d72af744a11f604656b8f6d50b579f0ee7b82836cfc746e9f1efc4914f85990422101a07784851de48333cd642be339c884206b1fe25329135366c24fde339711be17252d47f01c2fc19b94d52451cdce4c2b6a1eaae144aa73f97a099c2a3c7406f58762ee3b2253b61207e80f71c68c68d4000e6eead94c51f17e1c688b63c69a0a397728418614de69a0b351c3f0b42cb2685e8afa44f4c79431e838013b19bd511f127728cd7287e208261d8d3afffd32bca13bb41616728acaaa14c059e071cd3f1405c1ae11cb07b30010653549c8c9ed993f173985bf9b3cd117e240c7aaad848c0b84dccea9d42605f93a80a37cfb74486fa39a2cce4d916b4f22cc37d222d0349ba2ad5895db71809c30ae8f2b377b2357a8150bbd26664bcaeddb52a85f56aaa16f60d488f5de925eff3f9475e9c0c306891a4dd5a50e0e6ead6fb8e32a77666c46ab3ec6bff3c4063fad2dd8ca3a466eff8f6655eaa4464df7a1b255a83827a0dca613cbe21136d11f01fbfc2a65100a2fd6e38450c2d752286c95d2fb933e4d4fbec924513a8b63671997c811c83753635cb907aa17dc1052808fe229fa09c74f5bd45fc8d9257504f373686e0c709b953a06baf6814f1ed5aca401b6ecf44750813539e8f7a18e6a004ed4103f35621081c2322480b638e82f88bdd9670c26090edf7a23943f00c0ff768f4947d447b207eaf391b07307fdfb4b7ae7411e6db07e32407f48f4611cbc86eb8584cf63f76c31239c51a2c422977ef3a8f6987c6636f197a9e364c5cea3830fa108e3ab58f260be7bfac52d7b258a13b9e0a8b54831a6bc44ca8e8434e89b38a423fabc136f5b2d4020c37fbdad1fdc4d144c3d7264faf5c33a59bf3de61c34d814359b0f7bc50f14f70a90616223fd9da1e9952714591652b5edbb8bf1f0b53d1b769177621130e7a119bffa79d7aeed3f0f276f921e549b7f3c2edd21cdba4d47a4ea0cfaceced9d1764fb179f969f0d1fbacbee9f118c2df91c0e462157901c55bde219dd327b7055f2cf2319a590e886777e925602bd3d7d179289c5c3b2638f2066bfed673ab0bcc413bdabdc7ae5cbefd15258fccfcb7ce0141fdf87d37897cd284c7f0bd0a295d9d6108f96b6048e14236b0b6ebf68dd47bfb4606954e31942d146887269c35e580f300ae1ea28588024f4b5074fff34daf19b0506cbbbe08d9bf9c6a6b05369ec0bdf42d4cd95757706cf4527e22205c0e05479b908e7c8b82b6a5fbe304baeea65509cff5d70cbd60a773af75e9ff2560239a2b44d41b2da487bd3db528d123aba7586c2852a2e934ad0fb6d6e808f9e2cd34cf8f7675f374e881901fc5b1df10a29550ad7623ce00dc2b82a16e42da9a31ba2c7a34110d4013aa9debc124624368c74589f9ac2245dccbd3a22c0a43afe724f9b77e86352f0042613f5d9e4dd080d134af432bd41ff854371be0864e4bd6a3aee5feaf6a2bd0cd54ba01d9b4abb8c8b409d13e9360fc9a12d43b5cb98dd5493781293ab0ed683fbf95651921137bbc467c2498786875c770711a2ee55888f1fbf99989c7a67000c983b57f3c4111366dd7574042d83db7089b8fa1874185df8cac40814ef0edd22b4415cc04c0d4d3eb1ea030856e2e0e975ca27fb4b3d4d12e590991ec6516f0a455312dc9b3e45783c77c793f28609b2c98e269f2e72b65068c049fb735712074b1cbab4352a20b1aecc34f8a2810f7fc552fd9a9eaa003f774aa13c5b795043fdcb8c0f7c855bcab1d2f722c83d28a0cae1ba8c57b0263411d38e7eb326c4b5df1f7c88a7fddc545c672cbceda1a0c3c300d3770c31f324a2d1833fccfcbb63d2834a265df0cbb06c35f0074c50af26b27e1b9de14d7aaf94f63dfc6fbd7e5c073ff0f338a07fde594bc4f72a2f4d43e95091124ee54b7960344d3f437668aecff3e17e5b359c9eef377d0124479f4c7ba40bfa899f6cc339b2b82dacc684fc041d5673fe9497e4bedf421c384a1a4be21d2e947ff07da68394f345d9ad6b63534928700a8b482f0d1df91933cb16665a4497fdde36434c43f858553fec4ca0631cf812aafdc59b2dfe45c10232ac49e96d128ba489a3d9ca9684fd240cd0bdb00101e80fff36ff9cf8068736d2b447929dbde201a63810080385d16b4400f4035803f546dd46f8b93bf211b9941232146faf0aa58b4ad54bb3b6540b65baa2b02e2ed47125970e0c051e633d9fb4e58ab6a0f3d969a38353bd46c41876fa7dd2c4c43fc47db1d34f3fb8524a2c6aa87ec7e42be1bae00b5641af27f72e556139c3457e1a5bf8967d92f18f3ec8b9da5cc858c62bc5707afeda2e1fce312cdafc893f46b6062abd604d9bfe2d6677b24fb9d8ef5143381007427a40f2cc4603a233bf4fdc3bb4d578dd1c89dd2614728506277e08899af7c895aa737033c7ae91a2385c1ef19d10b1c7fc85d90b5cd6696d357c2af8e6905f260324cfdf65509b462d6e88f1c855b3cd9eebd004f65687e80c5d255d022c902606dce895dcf9aab57a4920472e7487dfa7885774f6ca8239f72277fd2dafc903277568dbab5d4edf23e434c63ce99180ac68e50ae58005bdc8bd7e81650e58bd4169ec8dd3a2b116c62d79353455565ad01ef13127c56f8d511beffab1c3a6cdae7b791ee249c7fb508c29ce0f4c72730e8cc997f228721d3a41a01d80ab67f0c2be8bfa3c9c6da6fea6c6f775ecb0eee17a706d57df590817208420b5bfa39e39fbbb9bb27ee230bd019fc121915bdc49a47030103f643345fe2527a52519b61c6ff035d4d466767482b395188a3f35a6debb0f8043429d9cc1fb7bc4c6d379e5a94c6e0760e3bfd12410c2ed957fa1424b7eda1b4a9673181abbac942bfab70378894b78599fa05806d86d7c0f3a994f3a980f0c274e32a3587f6393626cd034e774a41569e78a4c92104d884bae0ec429a8151584ba615ad87dd89ff780167dd065c5b895910795c8aca58102065f34783c90d566306ef8c7c3b1454c68ec3c3b5302353b2d638297e936f37b0fa8ef681f8b4106b976f5f60764935af028c709f2844aa24690e1bb67472b8cb08664004e30dfb7531e9ac8106a7ac999f7b309f17aeb2aa41d47eb9e45f3f4ff6bf0841816443136c66c9ecc8fcc77d30af430d2c5a149f2a9b1605a2dbe12b80b354b28ba1021accf4ca048341007646d55651fd7ea7ccc81e452c8162925046f68030fc410471abcaf227748d2e4e7f9f24517b4edbd8b2cf9b6c913ec11291730e0ae9dbe0d5fc72e5080635534a4e50cbf7e6fad9dc9869ec24a1c84552a69660df2c18a8ec71d06779b06dde771b13394091d65a0dae7cfe3ca363e53b51f025dd55c1c407d9d64bb15bed221280d3c2d1e099a802bbab8191ee225dd2c107493a049dcc7751495fa9516d6bc7e271e5833bae89fd5dd5b2abc445e24ebac91bc04d80440500f5e604cdc557439f1e0509e21e380ce193c140d54cfd1246a16b43b19404ab7f53937e64019aac2add76992fa601c2c9752866cdbcc3eead197cdd8c4ee13673ceb517ddac926138ac9c13565467dd89b660397be10c0f645d7c5d277b74384e3a278737dd5dcc34e5b139ec232f287d7ce3ee398da3eb1219e628527e441f0d12b2eee7e38f5c73577211673722473d449e1f598fd947a4bc3c7cefea2f03b66488a3e0ed357cf0002a27bfa226e4ea831174a78ac5d88c40ca26e1454e36ab5751efa6282290ac8978ba95da5bbe0d5943d1891be0cba6747c42c1a30e8c2df03378cb24482ad50f7e937c5a3b441b1b6b6482d5284cb4240c66d494fa2f130a5d9035c3bde4b697cf771bd7d9557f5d80b15cdde5bd37e7a2cf1638823ffc6d0ffc5529138cd50a569b670546dbe3a9d126ed9bb1943a205f6f4e4011983228d59faf036cc67b1db8a42137734b458f852a8a96779ac778b17f2051c999c6363867e1287bac8a94fc930bda25b50ccdf40ce7772d538b3d27339d2f379c8e4669abeb010ad39a56271382671e6fba231754cac90e0f10c70afdb26a51ee3b074822605a051f1cfb0d39fb97b7f822fb910a06733e7b7370302768c414d2aeddab8501d6d84477b0914574bd1e000647c4e22d683bb403ba93629575b05830f3614a07dd652e1b726b623d9b7fa7f51914d4411076eec036eeabab2547ac1483941bd1614d435fed659d3d2fa1a8ab114700f31aff0fd4dc752539e0dfb22bca0fdb9e7ef06590f9b88269bf3a3dea7efffd1fb2fcd4941e455a38337c972443532294596394051fa39a1dd83d6f6ee4d499e59252278f96dd0625663d73402b9353efe1d917b9cc82939d595eab2c88760db4df3ac14df5d8ae271085a4089f4b590e8223573102d757d99ef20011b7ad3668aff0b8ec1634b362639e913d703bf5015c2a47bcacda60521a47dba59c40c4036d6a697c995934b56fcf06334a83c9e86340736124aa1c4a98ec914f91cce512a5c1eb5d5ed8e4c4b9dd2b12b835acc6bcc5ae0b76ccfa99b7bded9ccf12bbdae0240aea57ef5b4d6c9f350b7ebcf5c2778d67efeb5dad4ed209323025f73ba59739d983291347e38b654d00fd00ee2915abac984d960b00959eed0c6f9c98f77f4997d90c3c7a25774b672d1ef7ca2267dcd1e312b2c2b5747898b290a7d5f8bca617b91285782e17075179cb74095da37609bf5f0df9defebbbcd1c0dcef30d49f11fe5b9c99cb1f995b183c85cb37c76b10cca3913fb46eeb694edac539f5bf165d7790712697eb372528e6575d3ad4756bd5a5bb56ead5aee320c39ac58b79f7f2c06d2cfbb21cb30e11dd0422ec7f1af5fe792d640eda25dbd327576b4115b6ccb08957484c81347ad8b83db7e61c795c4184715b4ce228984f2a0d0076d5ccd57616737e64eba5f8f4e5f17316df004105f891eaf20465c2319d89c36901f300d82012c67263a5b70fdbabf9127edbb189156f8804028c6b95c5e02e5664c9ae662baf2b80b0edcfe06dbaa4765cad650a446f7915a51e418142f338da99569d07d1bd5ee7fd218d1b46ac793645ff05041eafc3a8d0c0b362c1cb68245db34be5348447d9bdb1e787e09c7b6e21392f0bb6de0558065d84d91839a47e339cff2f12feca73300510ada1fd599358531c7d1b2a8ffed55aa509fd803cef8cfc0502b3ace0bc2749ef0eb31689a76590b0bf4200ca5510c7df9688ebb801274167ebd7285475947f2d7a1f8065ed646ce7ce88e031e73f81453286efa566d7d566737638d3bfea7466098a1f0e5ca01c89825176c698acc64b9535a9f5e180497cda5e2c465ac20a980cb4677126a9745424823c5d5e5ef5f449dbc1bd9ed369380f62f93441e22d9f24cb71a6eb1c12d525332648e33d9e899ef32994859b6698bcf9a0bde6b5db2ac03d38b5b067004589657f0b31f02f52b313825210701e832f1765934f0e1ec0b163aff47dcf094b987b4085dc78abbd57247993fab8b8123c4731037da36e8aa2d1e25c0c5a058012e1d4b43fecc9b8a05477f5163a6f0c2e039459a70626d4707e07dedf6695bb640fad8adf78e41ab0eba3475e47768e0b5bdbcceaee6ce01b1b5422806d380d0b7d16dcc360fdcd084059752404c2e47840ae781c1e64aa2c89e32a7adc42aa0b2ecc23a96dcd952aa350aa885393ddf6af4d29e24bbad82899589674fb7648f608c33b217f9edebf6320a887dd7625dd7cca89de"], 0x34}], 0x1, 0x0, 0x0, 0x240000d0}, 0x48091) r3 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r3, &(0x7f000001a240)=""/102400, 0x19000, 0x80000000000000) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_open_dev$dri(&(0x7f0000000040), 0x7, 0x4c0500) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CAP_X86_USER_SPACE_MSR(r1, 0x4068aea3, &(0x7f0000000380)={0xbc, 0x0, 0x3}) ioctl$KVM_SET_GUEST_DEBUG(r4, 0x4048ae9b, 0x0) ioctl$KVM_CAP_XEN_HVM(r2, 0x4068aea3, &(0x7f0000000200)={0x26, 0x0, 0xc8}) r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r5, r2, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000280)="0f2019842066b95b0a00000f320f01cbf30fc771ca0f06b8a4000f00d826640f55080f01cb66b97b01000066b8e3d35a7266ba000000000f30", 0x39}], 0xb, 0x12, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) r6 = syz_kvm_add_vcpu$x86(0x0, &(0x7f00000001c0)={0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="00000000000000001800000000000000968d00000000000001000000000000007500000000000000b805000000b9490000000f01c1b9460b0000b800000000ba008000000f30410fc77498a948b86e000000000000000f23c00f21f83500000f000f23f8c4e27d79efc744240018010000c74424020f000000ff1c2466b807018ed8c462c2f5090f30450f32c301000000000000005a0000000000000064400f1859c3c481fc52e80f01cbc402c947820030000048b822000000000000000f23d00f21f835100000020f23f866b846008ee80f2018c44201acaa8f53a12665420f01f8420f32c300000000000000001800000000000000ff0300000000000001000000000000007d00000000000000c744240030000000c744240250000000ff2c24b959020000b802000000ba000000000f30b805000000b9290000000f01c1f36f0f1864ef08000000000000000189ef66bafc0c66b8000066ef3e670f07c441e5ddac58bb000000b9800000c00f3235008000000f30f2260f07c3020000000000000018000000000000000000c000ffffffff000000000000000018000000000000005c8ffa660000000001000000000000006d00000000000000c4628d9da35d000000470f00d1400f01c448b87fa590e6cfc3b32e0f23d00f21f835000000000f23f8b8010000000f01c10f66f2410f01cf48b800000100000000000f23d00f21f835300000040f23f80f794ad23e0f011d2a000000c302000000000000001800000000000000050000000500000000000000000000001800000000000000000000000000000001000000000000004f00000000000000f30fa7e8450fc77f3c64470f01c9420f696617c441c1e1e166baf80cb838222883ef66bafc0ced430fc75f04c4e20528a23e3aec026626420f01f80f01c9c300000000000000001800000000000000f9ffffffffffffff00000000000000001800000000000000090000000000000002000000000000001800000000000000090000000f000000"], 0x2e0}) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 445.474209ms ago: executing program 1 (id=223): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x34, r1, 0x1, 0x0, 0x0, {0x23}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}]}, 0x34}}, 0x0) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r3 = syz_io_uring_setup(0x206, &(0x7f0000000140)={0x0, 0xd134, 0x8, 0x3, 0x70}, &(0x7f00000000c0), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r3, 0x18, &(0x7f00000002c0)={0x200, r2, 0x20, {0x0, 0xfffffffffffffff5}, 0x3}, 0x1) recvmmsg(r2, &(0x7f0000002300)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x42, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file3\x00', 0xc1c0, 0x0) mount$cgroup(0x0, &(0x7f0000000040)='./file3\x00', &(0x7f00000001c0), 0x218006, &(0x7f0000000240)={[{@name={'name', 0x3d, '&^!'}}]}) 346.223654ms ago: executing program 1 (id=224): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x82000000003, 0x2) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000040)={0x0, 0x56595559, 0x2, @stepwise={0x8, 0x8, 0x7ff, 0x4, 0xaeae, 0x84a}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='map_files\x00') r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000500000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r3}, 0x10) fchdir(r2) sendmmsg$unix(r1, &(0x7f0000000d40)=[{{&(0x7f0000000080)=@abs={0x1, 0x30, 0x30}, 0x6e, 0x0}}], 0x1, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(&(0x7f0000000040)=@sr0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='iso9660\x00', 0x405, 0x0) r4 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r4, 0xc0045627, &(0x7f00000000c0)=0x3) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r4, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x90, 0x1, 0x1, 0xd59f80, 0x19ef, 0x7, 0x19ef, 0x3, 0x6, 0x27fc, 0x2800, 0x2, 0xbb6, 0x0, 0x8, {0x8, 0xffffffff}, 0xd0, 0x9}}) r5 = syz_create_resource$binfmt(&(0x7f00000002c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00') r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x5c}}, 0x26040090) r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$802154_dgram(r7, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @short={0x2, 0xffff, 0xaaa1}}, 0x14, &(0x7f0000000080)={0x0}, 0x7, 0x0, 0x0, 0x2004a014}, 0x600c010) ioctl$sock_SIOCINQ(r7, 0x541b, &(0x7f0000000040)) execveat$binfmt(r2, r5, &(0x7f00000003c0)={[&(0x7f00000001c0)='syzkaller\x00', &(0x7f0000000380)='-\x00']}, &(0x7f0000000580)={[&(0x7f0000000400)='*+::\x9b-}$^@]\x00', &(0x7f0000000440)='#*\x00', &(0x7f0000000480)='/dev/vbi#\x00', &(0x7f00000004c0)='/dev/vbi#\x00', &(0x7f0000000500)='\x00', &(0x7f0000000540)='/dev/vbi#\x00']}, 0x1000) 345.974089ms ago: executing program 0 (id=225): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='clear_refs\x00') write$yama_ptrace_scope(r0, &(0x7f0000000040)='3\x00', 0x2) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x2000}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x183081, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r3 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0xe5, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x8001, 0x7995}, 0x1003e, 0x0, 0x10000, 0x48000000, 0x0, 0x0, 0x0}) ioctl$USBDEVFS_REAPURB(r4, 0x4008550c, &(0x7f0000000040)) bind$rds(r0, &(0x7f0000000000)={0x2, 0x6e1f, @local}, 0x10) write$cgroup_subtree(r1, &(0x7f0000000380)=ANY=[], 0x280) 345.314218ms ago: executing program 1 (id=226): syz_emit_ethernet(0xb1, &(0x7f0000000000)={@link_local, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xa3, 0xfffe, 0x0, 0xa0, 0x2f, 0x0, @loopback, @dev={0xac, 0x14, 0x14, 0xf}}, {0x2001, 0x880b, 0x8f, 0x0, @gue={{0x2, 0x1, 0x2, 0x3}, "3096235eddc504e58dffc56fe3377435708791f3ecbbeaf015d87636b86d8c509b996f254c4788003abfd1b6a3aa01c1bff3a16fe4fb5be90e5522951cc995549df84b308243f049326f5946cdc18faea3b4d262ab5ea88291a4857ccf6218f20650e2efb8a320ce91185e842e946f2ff58f509b01106581427757b0a9fcb1"}}}}}}, 0x0) 276.072784ms ago: executing program 1 (id=227): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58) (async) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000500)="c99bfaafd0684363db0018", 0xb) (async) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000001800), 0x0, 0x0) recvmmsg(r1, &(0x7f0000000700)=[{{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000000)=""/20, 0x14}], 0x1}, 0x9}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000002840)=""/4098, 0x1002}], 0x1}, 0x5}], 0x2, 0x40022001, 0x0) (async, rerun: 32) sendmsg$DEVLINK_CMD_TRAP_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[], 0x12c}, 0x1, 0x0, 0x0, 0x4040}, 0x4) (rerun: 32) 275.786906ms ago: executing program 0 (id=228): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)=ANY=[@ANYBLOB="08050000", @ANYRES16=r3, @ANYBLOB="0100000000000000000001000000bc0408809c000080500009804c000080060001000200000008000200ac1414aa0500030002000000060001000200000008000200e00000020500030001000000060001000200000008000200e0000001050003000100000024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c24000200eff93d58460ea431f2cb4a6894ddb2834088d7445bf5afdd0619ce173f1db7174c00008024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff24000200491bc0be1dc1f88092e741a88b64f6dd9218ad21b44b472e44f1d0807ee6675cd003008024000100f44da367a88ee6564f59adfda870814c925cebee8b1bf5eb7337341b459b3922200004000a000009000000070000000000000000000000000000000003000000880309801c00008006000100020000000800020000000000050003000300000028000080060001000a00000014000200fe88000000000000000000000000000105000300000000001c000080060001000200000008000200a81e0001050003000000000070000080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000200000008000200ac1414bb0500030002000000060001000200000008000200ac1e010105000300020000000600010002000000080002007f000001050003000300000028000080060001000a0000001400020000000000000000000000000000000000050003000200000086000080060001000a00000014000200fc0000000000000000000000000000000500030000000000060001000a00000014000200ff0200000000000000000000000000010500030003000000060001000200000008000200000000000500030001000000060001000a00000014000200000000000000000000000000000000000500030003000000060001000a00000014000200000000000000000000000000000000000500030001000000060001000a00000014000200fe80000000000000000000000000003e0500030002000000060001000200000008000200e00000020500030001000000a0000080060001000200000008000200e00000010500030000000000060001000200000008000200ffffffff0500030003000000060001000a00000014000200fe8000000000000000000000000000aa0500030001000000060001000a00000014000200000000000000000000000000000000000500030001000000060001000a00000014000200fe880000000000000000000000000001050003000300000094000080060001000200000008000200e00000020500030001000000060001000a00000014000200fe80000000000000000000000000002c05000300000000000600010002000000080002000a0101010500030000000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200ff010000000000000000000000000001050003000200000070000080060001000a00000014000200200100000000000000000000000000000500030003000000060001000a00000014000200fc0000000000000000000000000000010500030002000000060001000a00000014000200ff020000000000000000000000000001050003000100000024000300b08073e8d44e91e3da922c22438244bb885c69e269c8e9d835b114293a4ddc6e14000200776730"], 0x508}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[], 0x74}}, 0x4c000) 135.932532ms ago: executing program 2 (id=229): r0 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$dupfd(r0, 0x0, r0) 135.621124ms ago: executing program 0 (id=230): r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x0, 0x923, 0x0, 0x0, {}, [@L2TP_ATTR_RECV_SEQ={0x5, 0x12, 0xfb}]}, 0x1c}}, 0x48055) r1 = socket(0x10, 0x3, 0x0) r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080), 0x5059c0, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x7ffffffc, 0x4, 0x0, 0x10}, 0x10) sendmsg$kcm(r1, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1c0000004a008102e00f80ecdb4cb9020a", 0x4a}, {&(0x7f0000001700)="0c74c75350f4a590e15c61c7942348092734fe1863473bbce6798a60e9", 0x1d}], 0x2, 0x0, 0x0, 0x10}, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) ioctl$TUNSETTXFILTER(r3, 0x400454d1, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100f3ffa9aaaaaaaa17f218711099ab0f7fa6c6ebf324ae46947e9d2e11223eeb230415978a13e521f9da2b01870ce4ee9c760d35"]) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f0000000000)={'veth0_to_hsr\x00'}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) (async) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x0, 0x923, 0x0, 0x0, {}, [@L2TP_ATTR_RECV_SEQ={0x5, 0x12, 0xfb}]}, 0x1c}}, 0x48055) (async) socket(0x10, 0x3, 0x0) (async) openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080), 0x5059c0, 0x0) (async) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x7ffffffc, 0x4, 0x0, 0x10}, 0x10) (async) sendmsg$kcm(r1, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1c0000004a008102e00f80ecdb4cb9020a", 0x4a}, {&(0x7f0000001700)="0c74c75350f4a590e15c61c7942348092734fe1863473bbce6798a60e9", 0x1d}], 0x2, 0x0, 0x0, 0x10}, 0x0) (async) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) (async) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async) ioctl$TUNSETTXFILTER(r3, 0x400454d1, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100f3ffa9aaaaaaaa17f218711099ab0f7fa6c6ebf324ae46947e9d2e11223eeb230415978a13e521f9da2b01870ce4ee9c760d35"]) (async) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f0000000000)={'veth0_to_hsr\x00'}) (async) 135.399366ms ago: executing program 2 (id=231): r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x14, r0, 0x401, 0x0, 0x25dfdbff}, 0x14}}, 0x8000) 86.051746ms ago: executing program 2 (id=232): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x0, 0x0, 0x0, 0xffff0001, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x22}, 0x94) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c00000010000104000000000000070000000000", @ANYRES32=r3, @ANYBLOB="00000000000000005c001280110001006272696467655f736c61766500000000440005800500050000000000050020000100000005000800000000000600", @ANYRES8=r2], 0x7c}}, 0x0) 85.815168ms ago: executing program 0 (id=233): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) utime(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x7fff, 0x8}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x4102, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000080)={0x1, 0x3, 0xf5b8}) 6.260543ms ago: executing program 2 (id=234): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) bind$inet(r2, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000040)={0xa, 0xce22, 0x0, @empty, 0x10000000}, 0x1c) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r4, 0xffffffffffffffff, 0x0) bind$packet(0xffffffffffffffff, 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000000)=ANY=[@ANYRESOCT=0x0], 0x34}], 0x1, 0x0, 0x0, 0x20000090}, 0x48091) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r5 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0) ioctl$VT_SETMODE(r5, 0x5602, &(0x7f00000001c0)={0x1, 0x3, 0x1000, 0x9, 0xfff9}) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CAP_X86_USER_SPACE_MSR(r1, 0x4068aea3, &(0x7f0000000380)={0xbc, 0x0, 0x3}) ioctl$KVM_SET_GUEST_DEBUG(r6, 0x4048ae9b, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b8970000000f23c80f21f866350c00a0000f23f89d0f326635000400000f302e8dcc0f23742e3b5753baf80466b8f494f78e66efbafc0c66b83ac80000666fda6509", 0x46}], 0x1, 0x12, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 0s ago: executing program 0 (id=235): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2) r2 = fcntl$dupfd(r1, 0x406, r1) write$binfmt_script(r2, &(0x7f0000001b00), 0xfffffd9d) (async) getsockopt$nfc_llcp(r2, 0x118, 0x0, &(0x7f0000000040)=""/38, 0x26) (async) r3 = syz_open_dev$swradio(&(0x7f0000000140), 0x0, 0x2) r4 = dup(r3) read(r4, 0x0, 0x0) (async) ioctl$VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000000)={0xf0f046}) (async) r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2) ioctl$VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f00000000c0)={0xf0f041}) ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000840)) kernel console output (not intermixed with test programs): [ 44.031091][ T40] audit: type=1400 audit(1751489699.231:60): avc: denied { rlimitinh } for pid=5851 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.038451][ T40] audit: type=1400 audit(1751489699.231:61): avc: denied { siginh } for pid=5851 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:58427' (ED25519) to the list of known hosts. [ 44.977357][ T40] audit: type=1400 audit(1751489700.191:62): avc: denied { name_bind } for pid=5884 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 45.020214][ T40] audit: type=1400 audit(1751489700.221:63): avc: denied { write } for pid=5887 comm="sh" path="pipe:[3779]" dev="pipefs" ino=3779 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 45.030807][ T40] audit: type=1400 audit(1751489700.241:64): avc: denied { execute } for pid=5887 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 45.041825][ T40] audit: type=1400 audit(1751489700.241:65): avc: denied { execute_no_trans } for pid=5887 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 46.954898][ T5887] cgroup: Unknown subsys name 'net' [ 46.955233][ T40] audit: type=1400 audit(1751489702.161:66): avc: denied { mounton } for pid=5887 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 47.129960][ T5887] cgroup: Unknown subsys name 'cpuset' [ 47.136188][ T5887] cgroup: Unknown subsys name 'rlimit' [ 47.363431][ T5922] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 48.007098][ T5887] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 51.345017][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 51.345027][ T40] audit: type=1400 audit(1751489706.551:80): avc: denied { execmem } for pid=5928 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 51.553030][ T40] audit: type=1400 audit(1751489706.761:81): avc: denied { create } for pid=5932 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 51.561903][ T40] audit: type=1400 audit(1751489706.761:82): avc: denied { read write } for pid=5932 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 51.569120][ T40] audit: type=1400 audit(1751489706.761:83): avc: denied { open } for pid=5932 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 51.576378][ T40] audit: type=1400 audit(1751489706.761:84): avc: denied { open } for pid=5933 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 51.583350][ T40] audit: type=1400 audit(1751489706.761:85): avc: denied { ioctl } for pid=5933 comm="syz-executor" path="socket:[6379]" dev="sockfs" ino=6379 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 51.610593][ T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 51.615855][ T5945] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 51.619666][ T5945] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 51.622622][ T5943] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 51.623665][ T5945] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 51.626062][ T5943] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 51.628265][ T5940] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 51.628578][ T5945] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 51.631035][ T5297] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 51.638719][ T5945] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 51.639134][ T5943] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 51.639740][ T40] audit: type=1400 audit(1751489706.841:86): avc: denied { read } for pid=5933 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 51.639766][ T40] audit: type=1400 audit(1751489706.841:87): avc: denied { open } for pid=5933 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 51.639787][ T40] audit: type=1400 audit(1751489706.851:88): avc: denied { mounton } for pid=5933 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 51.642155][ T5945] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 51.646258][ T5943] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 51.655967][ T5945] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 51.659540][ T5943] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 51.665018][ T5940] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 51.667768][ T5943] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 51.670657][ T5940] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 51.673327][ T5943] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 51.684354][ T5943] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 51.752905][ T40] audit: type=1400 audit(1751489706.961:89): avc: denied { module_request } for pid=5933 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 51.805945][ T5933] chnl_net:caif_netlink_parms(): no params data found [ 52.017186][ T5933] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.020318][ T5933] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.023383][ T5933] bridge_slave_0: entered allmulticast mode [ 52.027261][ T5933] bridge_slave_0: entered promiscuous mode [ 52.061104][ T5933] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.063377][ T5933] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.065812][ T5933] bridge_slave_1: entered allmulticast mode [ 52.068352][ T5933] bridge_slave_1: entered promiscuous mode [ 52.123792][ T5933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.132804][ T5933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.136121][ T5942] chnl_net:caif_netlink_parms(): no params data found [ 52.142708][ T5946] chnl_net:caif_netlink_parms(): no params data found [ 52.152546][ T5932] chnl_net:caif_netlink_parms(): no params data found [ 52.226081][ T5933] team0: Port device team_slave_0 added [ 52.301366][ T5933] team0: Port device team_slave_1 added [ 52.388329][ T5933] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 52.390510][ T5933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.398858][ T5933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 52.452559][ T5933] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 52.455077][ T5933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.463116][ T5933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 52.472821][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.475118][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.477588][ T5942] bridge_slave_0: entered allmulticast mode [ 52.480207][ T5942] bridge_slave_0: entered promiscuous mode [ 52.567963][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.571045][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.573677][ T5942] bridge_slave_1: entered allmulticast mode [ 52.576614][ T5942] bridge_slave_1: entered promiscuous mode [ 52.601695][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.604049][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.607063][ T5946] bridge_slave_0: entered allmulticast mode [ 52.609717][ T5946] bridge_slave_0: entered promiscuous mode [ 52.612733][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.615013][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.617562][ T5946] bridge_slave_1: entered allmulticast mode [ 52.620219][ T5946] bridge_slave_1: entered promiscuous mode [ 52.622562][ T5932] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.625415][ T5932] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.628181][ T5932] bridge_slave_0: entered allmulticast mode [ 52.631825][ T5932] bridge_slave_0: entered promiscuous mode [ 52.691778][ T5932] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.694524][ T5932] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.697173][ T5932] bridge_slave_1: entered allmulticast mode [ 52.700829][ T5932] bridge_slave_1: entered promiscuous mode [ 52.708819][ T5933] hsr_slave_0: entered promiscuous mode [ 52.711842][ T5933] hsr_slave_1: entered promiscuous mode [ 52.717737][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.790360][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.796627][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.812110][ T5932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.844243][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.869262][ T5932] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.943234][ T5942] team0: Port device team_slave_0 added [ 52.961075][ T5946] team0: Port device team_slave_0 added [ 52.982803][ T5942] team0: Port device team_slave_1 added [ 52.988807][ T5946] team0: Port device team_slave_1 added [ 52.993131][ T5932] team0: Port device team_slave_0 added [ 53.038440][ T5932] team0: Port device team_slave_1 added [ 53.071227][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.073387][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.081309][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.103681][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.105783][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.112906][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.116820][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.118793][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.126037][ T5932] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.129842][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.132757][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.143197][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.159102][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.161137][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.168646][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.172096][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.174042][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.181450][ T5932] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.306034][ T5932] hsr_slave_0: entered promiscuous mode [ 53.308364][ T5932] hsr_slave_1: entered promiscuous mode [ 53.310456][ T5932] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 53.312873][ T5932] Cannot create hsr debugfs directory [ 53.339422][ T5942] hsr_slave_0: entered promiscuous mode [ 53.342606][ T5942] hsr_slave_1: entered promiscuous mode [ 53.345891][ T5942] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 53.349029][ T5942] Cannot create hsr debugfs directory [ 53.388748][ T5946] hsr_slave_0: entered promiscuous mode [ 53.391917][ T5946] hsr_slave_1: entered promiscuous mode [ 53.394767][ T5946] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 53.399187][ T5946] Cannot create hsr debugfs directory [ 53.665956][ T5297] Bluetooth: hci0: command tx timeout [ 53.683406][ T5933] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 53.715733][ T5933] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 53.732477][ T5933] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 53.744605][ T5933] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 53.745385][ T5297] Bluetooth: hci1: command tx timeout [ 53.746532][ T5943] Bluetooth: hci3: command tx timeout [ 53.747181][ T5943] Bluetooth: hci2: command tx timeout [ 53.800671][ T5932] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 53.807340][ T5932] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 53.813728][ T5932] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 53.820138][ T5932] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 53.873256][ T5946] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 53.887912][ T5946] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 53.894803][ T5946] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 53.899477][ T5946] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 53.957257][ T5942] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 53.964646][ T5942] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 53.971215][ T5942] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 53.976242][ T5942] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 53.997171][ T5933] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.030871][ T5933] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.053019][ T1201] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.055372][ T1201] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.060151][ T1201] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.062386][ T1201] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.075042][ T5932] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.121639][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.131168][ T5932] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.146544][ T1201] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.148838][ T1201] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.159279][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.168190][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.170363][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.195500][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.199533][ T5946] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.218979][ T90] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.221288][ T90] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.224507][ T90] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.226779][ T90] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.236238][ T1042] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.239320][ T1042] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.254999][ T1151] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.257293][ T1151] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.336533][ T5933] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.366504][ T5933] veth0_vlan: entered promiscuous mode [ 54.372879][ T5933] veth1_vlan: entered promiscuous mode [ 54.389946][ T5933] veth0_macvtap: entered promiscuous mode [ 54.403594][ T5933] veth1_macvtap: entered promiscuous mode [ 54.423698][ T5933] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.433119][ T5933] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.441382][ T5933] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.445097][ T5933] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.448887][ T5933] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.452077][ T5933] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.481514][ T5932] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.491576][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.499737][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.532609][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.535691][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.574242][ T5942] veth0_vlan: entered promiscuous mode [ 54.578560][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.580131][ T5946] veth0_vlan: entered promiscuous mode [ 54.581333][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.586609][ T5942] veth1_vlan: entered promiscuous mode [ 54.598847][ T5932] veth0_vlan: entered promiscuous mode [ 54.604379][ T5946] veth1_vlan: entered promiscuous mode [ 54.617447][ T5932] veth1_vlan: entered promiscuous mode [ 54.626701][ T5933] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 54.632544][ T5946] veth0_macvtap: entered promiscuous mode [ 54.636457][ T5942] veth0_macvtap: entered promiscuous mode [ 54.640146][ T5942] veth1_macvtap: entered promiscuous mode [ 54.647253][ T5946] veth1_macvtap: entered promiscuous mode [ 54.654818][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.663364][ T5932] veth0_macvtap: entered promiscuous mode [ 54.667343][ T5932] veth1_macvtap: entered promiscuous mode [ 54.673137][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.681058][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.683971][ T5942] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.687318][ T5942] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.690141][ T5942] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.692841][ T5942] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.704793][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.710564][ T6020] pimreg3: entered allmulticast mode [ 54.719007][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.727643][ T5946] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.730430][ T5946] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.733117][ T5946] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.736676][ T5946] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.747844][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.763842][ T5932] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.768618][ T5932] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.772340][ T5932] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.776405][ T5932] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.817727][ T1042] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.822183][ T1042] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.850512][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.852919][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.878536][ T1042] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.881541][ T1042] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.897938][ T6025] No such timeout policy "syz1" [ 54.920370][ T90] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.924489][ T90] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.938821][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.943570][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.961222][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.964133][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.042660][ T5943] Bluetooth: hci1: Ignoring connect complete event for invalid link type [ 55.044242][ T6033] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 55.050386][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.053902][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.058606][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.061292][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.063923][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.068873][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.072277][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.076174][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.079577][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.083009][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.088301][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.098480][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.106137][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.110755][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.114155][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.117872][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.120497][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.121384][ T6038] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 55.129244][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.133066][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.137801][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.141512][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.144877][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.149511][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.153323][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.157827][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.161369][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.165059][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.169301][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.173562][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.180442][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.184091][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.193770][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.199852][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.203527][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.209739][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.213205][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.222450][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.227350][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.232164][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.242702][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.247154][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.249967][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.252827][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.261523][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.264683][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.271603][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.279971][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.282902][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.288813][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.291517][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.294139][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.297189][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.300020][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.302895][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.307021][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.309777][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.312605][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.315538][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.318235][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.321141][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.324005][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.328492][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.331753][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.334739][ T6033] overlay: filesystem on ./bus not supported as upperdir [ 55.375051][ T6049] fuse: Unknown parameter 'd' [ 55.432060][ T4906] libceph: connect (1)[c::]:6789 error -101 [ 55.435623][ T4906] libceph: mon0 (1)[c::]:6789 connect error [ 55.443904][ T6053] ceph: No mds server is up or the cluster is laggy [ 55.687236][ T6060] Zero length message leads to an empty skb [ 55.745369][ T5943] Bluetooth: hci0: command tx timeout [ 55.785525][ T6064] process 'syz.1.12' launched './file0' with NULL argv: empty string added [ 55.825725][ T5297] Bluetooth: hci2: command tx timeout [ 55.825741][ T5943] Bluetooth: hci1: command tx timeout [ 55.825953][ T5940] Bluetooth: hci3: command tx timeout [ 55.943024][ T6074] program syz.2.16 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 56.179301][ T6092] netlink: 'syz.1.21': attribute type 6 has an invalid length. [ 56.182195][ T6092] netlink: 32 bytes leftover after parsing attributes in process `syz.1.21'. [ 56.322449][ T6115] 9p: Unknown access argument 18446744073709551615: -34 [ 56.373072][ T40] kauditd_printk_skb: 102 callbacks suppressed [ 56.373083][ T40] audit: type=1400 audit(1751489711.581:192): avc: denied { create } for pid=6116 comm="syz.2.28" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 56.376507][ T6118] netlink: 'syz.2.28': attribute type 4 has an invalid length. [ 56.381626][ T40] audit: type=1400 audit(1751489711.581:193): avc: denied { setopt } for pid=6116 comm="syz.2.28" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 56.390891][ T6118] netlink: 'syz.2.28': attribute type 4 has an invalid length. [ 56.400743][ T6118] netlink: 24 bytes leftover after parsing attributes in process `syz.2.28'. [ 56.406789][ T40] audit: type=1400 audit(1751489711.611:194): avc: denied { bind } for pid=6116 comm="syz.2.28" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 56.435472][ T40] audit: type=1400 audit(1751489711.641:195): avc: denied { create } for pid=6121 comm="syz.0.31" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 56.448372][ T40] audit: type=1400 audit(1751489711.661:196): avc: denied { bind } for pid=6123 comm="syz.3.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 56.464415][ T40] audit: type=1400 audit(1751489711.661:197): avc: denied { accept } for pid=6121 comm="syz.0.31" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 56.473319][ T40] audit: type=1400 audit(1751489711.661:198): avc: denied { create } for pid=6123 comm="syz.3.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 56.479918][ T40] audit: type=1400 audit(1751489711.661:199): avc: denied { bind } for pid=6123 comm="syz.3.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 56.489423][ T6128] netlink: 'syz.1.32': attribute type 6 has an invalid length. [ 56.491630][ T6128] netlink: 32 bytes leftover after parsing attributes in process `syz.1.32'. [ 56.502571][ T40] audit: type=1400 audit(1751489711.711:200): avc: denied { create } for pid=6130 comm="syz.2.33" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 56.510135][ T40] audit: type=1400 audit(1751489711.711:201): avc: denied { write } for pid=6130 comm="syz.2.33" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 56.619397][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.621627][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.627385][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.631457][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.633583][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.635748][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.637858][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.639989][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.642135][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.644598][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.648113][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.650264][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.652605][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.654733][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.657954][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.660158][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.662607][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.665557][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.668423][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.671291][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.673740][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.676041][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.678292][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.680428][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.682581][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.684709][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.687052][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.689560][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.691793][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.693976][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.696792][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.698917][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.701063][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 56.706088][ T5943] Bluetooth: hci1: hardware error 0x40 [ 56.778975][ T6176] netlink: 'syz.3.45': attribute type 6 has an invalid length. [ 56.781447][ T6176] netlink: 32 bytes leftover after parsing attributes in process `syz.3.45'. [ 57.387208][ T6189] netlink: 'syz.1.50': attribute type 15 has an invalid length. [ 57.438906][ T6192] random: crng reseeded on system resumption [ 57.500403][ T6197] netlink: 'syz.1.53': attribute type 3 has an invalid length. [ 57.570766][ T6202] netlink: 'syz.1.54': attribute type 6 has an invalid length. [ 57.573174][ T6202] netlink: 32 bytes leftover after parsing attributes in process `syz.1.54'. [ 57.592459][ T6213] netlink: 180 bytes leftover after parsing attributes in process `syz.3.57'. [ 57.597187][ T6213] netlink: 180 bytes leftover after parsing attributes in process `syz.3.57'. [ 57.634505][ T6224] warning: `syz.0.60' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 57.634954][ T6018] hid-generic 0000:0004:0009.0002: unknown main item tag 0x0 [ 57.652668][ T6018] hid-generic 0000:0004:0009.0002: unknown main item tag 0x0 [ 57.652685][ T6018] hid-generic 0000:0004:0009.0002: unknown main item tag 0x0 [ 57.659413][ T6018] hid-generic 0000:0004:0009.0002: hidraw1: HID v0.04 Device [syz0] on syz1 [ 57.706370][ T6228] fido_id[6228]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 57.732344][ T6235] netlink: 'syz.1.64': attribute type 1 has an invalid length. [ 57.754113][ T6235] bond1 (unregistering): Released all slaves [ 57.787176][ T6246] netlink: 4 bytes leftover after parsing attributes in process `syz.2.67'. [ 57.807635][ T6238] syzkaller0: entered promiscuous mode [ 57.810010][ T6238] syzkaller0: entered allmulticast mode [ 57.825927][ T5297] Bluetooth: hci0: command tx timeout [ 57.881229][ T6235] netlink: 28 bytes leftover after parsing attributes in process `syz.1.64'. [ 57.906765][ T5297] Bluetooth: hci2: command tx timeout [ 57.906946][ T5940] Bluetooth: hci3: command tx timeout [ 58.498198][ T6258] netlink: 'syz.2.69': attribute type 6 has an invalid length. [ 58.501670][ T6258] netlink: 32 bytes leftover after parsing attributes in process `syz.2.69'. [ 58.543317][ T6261] tmpfs: Bad value for 'mpol' [ 58.681978][ T6284] input: syz0 as /devices/virtual/input/input5 [ 58.762830][ T6281] bond1: entered promiscuous mode [ 58.766130][ T6281] 8021q: adding VLAN 0 to HW filter on device bond1 [ 58.785482][ T5943] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 58.881342][ T6304] capability: warning: `syz.0.87' uses deprecated v2 capabilities in a way that may be insecure [ 58.894869][ T6304] syz.0.87 uses obsolete (PF_INET,SOCK_PACKET) [ 58.933227][ T6308] 8021q: adding VLAN 0 to HW filter on device bond2 [ 58.941496][ T6313] deleting an unspecified loop device is not supported. [ 59.075333][ T2300] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 59.219780][ T2300] usb 7-1: device descriptor read/64, error -71 [ 59.320326][ T6346] openvswitch: netlink: Duplicate or invalid key (type 0). [ 59.322657][ T6346] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 59.454023][ T6360] netfs: Couldn't get user pages (rc=-14) [ 59.481836][ T6360] bond1 (unregistering): Released all slaves [ 59.496333][ T2300] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 59.625230][ T2300] usb 7-1: device descriptor read/64, error -71 [ 59.737267][ T2300] usb usb7-port1: attempt power cycle [ 59.906416][ T5943] Bluetooth: hci0: command tx timeout [ 59.985875][ T5943] Bluetooth: hci2: command tx timeout [ 59.985990][ T5940] Bluetooth: hci3: command tx timeout [ 60.095243][ T2300] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 60.116926][ T2300] usb 7-1: device descriptor read/8, error -71 [ 60.241619][ T6397] overlayfs: workdir and upperdir must be separate subtrees [ 60.365203][ T2300] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 60.386274][ T2300] usb 7-1: device descriptor read/8, error -71 [ 60.417432][ T6406] program syz.3.119 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.425726][ T6406] team0: Device ipvlan1 failed to register rx_handler [ 60.497412][ T2300] usb usb7-port1: unable to enumerate USB device [ 60.856380][ T5939] hid (null): unknown global tag 0xc [ 60.858014][ T5939] hid (null): invalid report_size 33871 [ 60.863730][ T5939] hid-generic 005F:0080:0099.0003: unknown global tag 0xc [ 60.866165][ T5939] hid-generic 005F:0080:0099.0003: item 0 4 1 12 parsing failed [ 60.868580][ T5939] hid-generic 005F:0080:0099.0003: probe with driver hid-generic failed with error -22 [ 60.968195][ T6435] snd_dummy snd_dummy.0: control 0:0:0:syz0:7 is already present [ 61.626438][ T6448] validate_nla: 9 callbacks suppressed [ 61.626453][ T6448] netlink: 'syz.3.133': attribute type 6 has an invalid length. [ 61.631384][ T6448] __nla_validate_parse: 107 callbacks suppressed [ 61.631397][ T6448] netlink: 32 bytes leftover after parsing attributes in process `syz.3.133'. [ 61.701853][ T6451] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 61.794904][ T40] kauditd_printk_skb: 115 callbacks suppressed [ 61.794918][ T40] audit: type=1400 audit(1751489717.001:317): avc: denied { getopt } for pid=6453 comm="syz.3.135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 61.898497][ T40] audit: type=1400 audit(1751489717.111:318): avc: denied { bind } for pid=6457 comm="syz.2.137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 61.918951][ T40] audit: type=1400 audit(1751489717.111:319): avc: denied { listen } for pid=6457 comm="syz.2.137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 61.927762][ T40] audit: type=1400 audit(1751489717.111:320): avc: denied { connect } for pid=6457 comm="syz.2.137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 61.933972][ T40] audit: type=1400 audit(1751489717.111:321): avc: denied { write } for pid=6457 comm="syz.2.137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 61.958075][ T40] audit: type=1400 audit(1751489717.131:322): avc: denied { read } for pid=6459 comm="syz.3.138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 61.980619][ T40] audit: type=1400 audit(1751489717.191:323): avc: denied { read } for pid=6457 comm="syz.2.137" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 61.989763][ T40] audit: type=1400 audit(1751489717.191:324): avc: denied { open } for pid=6457 comm="syz.2.137" path="/21/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 61.990454][ T6466] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0) [ 61.999011][ T40] audit: type=1400 audit(1751489717.201:325): avc: denied { load_policy } for pid=6464 comm="syz.3.139" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 62.002622][ T6466] SELinux: failed to load policy [ 62.016343][ T40] audit: type=1400 audit(1751489717.231:326): avc: denied { append } for pid=6457 comm="syz.2.137" name="v4l-subdev7" dev="devtmpfs" ino=972 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 62.052369][ T6469] : entered promiscuous mode [ 62.076177][ T6473] netlink: 'syz.2.142': attribute type 6 has an invalid length. [ 62.079769][ T6473] netlink: 32 bytes leftover after parsing attributes in process `syz.2.142'. [ 62.141638][ T6482] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 62.282574][ T6497] capability: warning: `syz.3.149' uses 32-bit capabilities (legacy support in use) [ 62.292142][ T6497] tmpfs: Bad value for 'mpol' [ 62.292703][ T6497] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 62.339312][ T6500] netlink: 8 bytes leftover after parsing attributes in process `syz.3.151'. [ 62.472289][ T6509] netlink: 'syz.1.154': attribute type 6 has an invalid length. [ 62.474683][ T6509] netlink: 32 bytes leftover after parsing attributes in process `syz.1.154'. [ 62.523521][ T6513] .: renamed from bond0 (while UP) [ 62.603055][ T6515] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.667254][ T6515] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.767953][ T6515] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.813559][ T6524] netlink: 36 bytes leftover after parsing attributes in process `syz.1.159'. [ 62.826223][ T6525] netlink: 72 bytes leftover after parsing attributes in process `syz.1.159'. [ 62.838457][ T6515] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.923498][ T6515] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.930552][ T6515] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.938110][ T6515] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.944930][ T6515] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.193549][ T6532] netlink: 'syz.3.162': attribute type 29 has an invalid length. [ 63.201665][ T6532] netlink: 'syz.3.162': attribute type 29 has an invalid length. [ 63.204835][ T6532] netlink: 8 bytes leftover after parsing attributes in process `syz.3.162'. [ 63.211737][ T6532] netlink: 8 bytes leftover after parsing attributes in process `syz.3.162'. [ 63.352827][ T6540] team0: No ports can be present during mode change [ 64.553920][ T6566] pimreg: entered allmulticast mode [ 64.562145][ T6566] input: syz0 as /devices/virtual/input/input6 [ 64.577484][ T6565] pimreg: left allmulticast mode [ 64.671326][ T6568] netlink: 8 bytes leftover after parsing attributes in process `syz.1.176'. [ 64.864360][ T6580] kvm: emulating exchange as write [ 65.063076][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.066297][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.068674][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.071143][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.074190][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.077652][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.080766][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.083857][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.086994][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.090197][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.093466][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.096594][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.099761][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.102870][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.107120][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.110715][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.114099][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.117214][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.120337][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.123373][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.126525][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.129489][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.132505][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.135668][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.138746][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.141834][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.144828][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.147838][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.150875][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.153879][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.157158][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.160367][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.163517][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.166737][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.169264][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.171613][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.173971][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.176405][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.179474][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.182554][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.185738][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.188317][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.190630][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.192995][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.195439][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.198283][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.201407][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.204486][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.207933][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.211153][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.214222][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.217523][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.220681][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.223822][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.227053][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.230299][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.233406][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.236633][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.239555][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.242716][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.246139][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.249170][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.252241][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.256105][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.259823][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.262768][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.265936][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.268406][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.270686][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.272925][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.275395][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.277990][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.281069][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.284174][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.287528][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.290627][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.293814][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.297034][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.300286][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.303403][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.305236][ T54] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 65.306604][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.312159][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.315506][ T6018] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 65.321919][ T6018] hid-generic 0000:0000:0000.0004: hidraw1: HID v0.00 Device [syz0] on syz0 [ 65.367192][ T6592] tmpfs: Invalid gid '0x00000000ffffffff' [ 65.397546][ T6594] binder: BC_ACQUIRE_RESULT not supported [ 65.400150][ T6594] binder: 6593:6594 ioctl c0306201 200000000180 returned -22 [ 65.456924][ T54] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 65.460427][ T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 65.464027][ T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 65.467240][ T54] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 65.471244][ T54] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 65.474042][ T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.478962][ T54] usb 6-1: config 0 descriptor?? [ 65.793490][ T6604] syz.2.186: attempt to access beyond end of device [ 65.793490][ T6604] nbd2: rw=0, sector=0, nr_sectors = 2 limit=0 [ 65.799723][ T6604] befs: (nbd2): unable to read superblock [ 65.894838][ T54] plantronics 0003:047F:FFFF.0005: ignoring exceeding usage max [ 65.904399][ T54] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw2: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 66.116393][ T6619] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 66.118405][ T6619] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 66.128809][ T6619] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 66.133823][ T6619] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 66.137947][ T6619] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 66.141534][ T6619] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 66.145872][ T6619] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 66.148613][ T6619] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 66.152965][ T6619] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 66.187577][ T6629] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 66.202071][ T6629] netlink: 8 bytes leftover after parsing attributes in process `syz.2.195'. [ 66.457674][ T54] usb 8-1: new low-speed USB device number 2 using dummy_hcd [ 66.585236][ T54] usb 8-1: device descriptor read/64, error -71 [ 66.616074][ T6647] netlink: 'syz.0.201': attribute type 6 has an invalid length. [ 66.690036][ T6650] batadv_slave_1: entered promiscuous mode [ 66.704418][ T6649] batadv_slave_1: left promiscuous mode [ 66.825496][ T40] kauditd_printk_skb: 41 callbacks suppressed [ 66.825507][ T40] audit: type=1400 audit(1751489722.041:368): avc: denied { bind } for pid=6652 comm="syz.0.203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 66.835661][ T54] usb 8-1: new low-speed USB device number 3 using dummy_hcd [ 66.837572][ T40] audit: type=1400 audit(1751489722.041:369): avc: denied { node_bind } for pid=6652 comm="syz.0.203" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 66.975330][ T54] usb 8-1: device descriptor read/64, error -71 [ 67.085436][ T54] usb usb8-port1: attempt power cycle [ 67.245580][ T5939] usb 6-1: reset high-speed USB device number 2 using dummy_hcd [ 67.385335][ T5939] usb 6-1: device descriptor read/64, error -32 [ 67.402379][ T40] audit: type=1400 audit(1751489722.611:370): avc: denied { name_bind } for pid=6657 comm="syz.2.205" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 67.436409][ T54] usb 8-1: new low-speed USB device number 4 using dummy_hcd [ 67.443326][ T6665] __nla_validate_parse: 2 callbacks suppressed [ 67.443337][ T6665] netlink: 8 bytes leftover after parsing attributes in process `syz.2.208'. [ 67.449165][ T6665] netlink: 8 bytes leftover after parsing attributes in process `syz.2.208'. [ 67.455729][ T54] usb 8-1: device descriptor read/8, error -71 [ 67.482947][ T40] audit: type=1400 audit(1751489722.691:371): avc: denied { read } for pid=6662 comm="syz.0.207" name="usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 67.490874][ T40] audit: type=1400 audit(1751489722.691:372): avc: denied { open } for pid=6662 comm="syz.0.207" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 67.499394][ T40] audit: type=1400 audit(1751489722.691:373): avc: denied { ioctl } for pid=6662 comm="syz.0.207" path="/dev/usbmon0" dev="devtmpfs" ino=737 ioctlcmd=0x9206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 67.635344][ T5939] usb 6-1: reset high-speed USB device number 2 using dummy_hcd [ 67.715271][ T54] usb 8-1: new low-speed USB device number 5 using dummy_hcd [ 67.735908][ T54] usb 8-1: device descriptor read/8, error -71 [ 67.760882][ T6691] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.765460][ T5939] usb 6-1: device descriptor read/64, error -32 [ 67.839701][ T6691] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.845420][ T54] usb usb8-port1: unable to enumerate USB device [ 67.899760][ T6691] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.980164][ T6691] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.005313][ T5939] usb 6-1: reset high-speed USB device number 2 using dummy_hcd [ 68.025525][ T5939] usb 6-1: device descriptor read/8, error -32 [ 68.052741][ T6691] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.061005][ T6691] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.068340][ T6691] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.075268][ T6691] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.144960][ T6698] ptrace attach of "/syz-executor exec"[5942] was attempted by "/syz-executor exec"[6698] [ 68.145423][ T5940] Bluetooth: hci2: command 0x0c1a tx timeout [ 68.145468][ T5943] Bluetooth: hci0: command 0x0c1a tx timeout [ 68.207689][ T40] audit: type=1400 audit(1751489723.411:374): avc: denied { append } for pid=6703 comm="syz.1.219" name="001" dev="devtmpfs" ino=767 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 68.218245][ T40] audit: type=1400 audit(1751489723.421:375): avc: denied { bind } for pid=6705 comm="syz.0.220" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 68.225768][ T5940] Bluetooth: hci3: command 0x0c1a tx timeout [ 68.300317][ T6717] cgroup: Invalid name [ 68.300316][ T40] audit: type=1400 audit(1751489723.511:376): avc: denied { mounton } for pid=6716 comm="syz.1.223" path="/57/file3" dev="tmpfs" ino=314 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1 [ 68.341422][ T40] audit: type=1400 audit(1751489723.551:377): avc: denied { create } for pid=6718 comm="syz.1.224" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 68.404346][ T6721] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 68.620684][ T6744] netlink: 'syz.2.232': attribute type 6 has an invalid length. [ 68.623664][ T6744] netlink: 32 bytes leftover after parsing attributes in process `syz.2.232'. [ 68.806579][ T6758] overlayfs: missing 'lowerdir' [ 68.813910][ T5940] ================================================================== [ 68.817089][ T5940] BUG: KASAN: slab-use-after-free in l2cap_sock_ready_cb+0x16a/0x170 [ 68.820415][ T5940] Read of size 8 at addr ffff888055051188 by task kworker/u33:3/5940 [ 68.825241][ T5940] [ 68.826229][ T5940] CPU: 2 UID: 0 PID: 5940 Comm: kworker/u33:3 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 68.826255][ T5940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.826270][ T5940] Workqueue: hci2 hci_rx_work [ 68.826302][ T5940] Call Trace: [ 68.826309][ T5940] [ 68.826318][ T5940] dump_stack_lvl+0x116/0x1f0 [ 68.826344][ T5940] print_report+0xcd/0x680 [ 68.826370][ T5940] ? __virt_addr_valid+0x81/0x610 [ 68.826390][ T5940] ? __phys_addr+0xe8/0x180 [ 68.826410][ T5940] ? l2cap_sock_ready_cb+0x16a/0x170 [ 68.826436][ T5940] kasan_report+0xe0/0x110 [ 68.826461][ T5940] ? l2cap_sock_ready_cb+0x16a/0x170 [ 68.826489][ T5940] l2cap_sock_ready_cb+0x16a/0x170 [ 68.826515][ T5940] l2cap_le_start+0x1ea/0xe40 [ 68.826535][ T5940] ? l2cap_connect_cfm+0x819/0xf80 [ 68.826560][ T5940] ? __pfx_l2cap_le_start+0x10/0x10 [ 68.826582][ T5940] ? __pfx_l2cap_global_fixed_chan+0x10/0x10 [ 68.826606][ T5940] ? __l2cap_chan_add+0x3e6/0xa20 [ 68.826644][ T5940] l2cap_connect_cfm+0x8f4/0xf80 [ 68.826679][ T5940] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 68.826705][ T5940] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 68.826731][ T5940] le_conn_complete_evt+0x1665/0x1d70 [ 68.826786][ T5940] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 68.826813][ T5940] ? hci_event_packet+0x459/0x11c0 [ 68.826842][ T5940] hci_le_conn_complete_evt+0x23c/0x370 [ 68.826874][ T5940] hci_le_meta_evt+0x354/0x5e0 [ 68.826900][ T5940] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 68.826926][ T5940] hci_event_packet+0x685/0x11c0 [ 68.826950][ T5940] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 68.826978][ T5940] ? __pfx_hci_event_packet+0x10/0x10 [ 68.827009][ T5940] ? kcov_remote_start+0x3c9/0x6d0 [ 68.827031][ T5940] ? lockdep_hardirqs_on+0x7c/0x110 [ 68.827061][ T5940] hci_rx_work+0x2c5/0x16b0 [ 68.827085][ T5940] ? rcu_is_watching+0x12/0xc0 [ 68.827107][ T5940] process_one_work+0x9cf/0x1b70 [ 68.827129][ T5940] ? __pfx_process_one_work+0x10/0x10 [ 68.827149][ T5940] ? assign_work+0x1a0/0x250 [ 68.827177][ T5940] worker_thread+0x6c8/0xf10 [ 68.827198][ T5940] ? __pfx_worker_thread+0x10/0x10 [ 68.827216][ T5940] kthread+0x3c2/0x780 [ 68.827232][ T5940] ? __pfx_kthread+0x10/0x10 [ 68.827247][ T5940] ? rcu_is_watching+0x12/0xc0 [ 68.827268][ T5940] ? __pfx_kthread+0x10/0x10 [ 68.827283][ T5940] ret_from_fork+0x5d4/0x6f0 [ 68.827309][ T5940] ? __pfx_kthread+0x10/0x10 [ 68.827326][ T5940] ret_from_fork_asm+0x1a/0x30 [ 68.827349][ T5940] [ 68.827356][ T5940] [ 68.925764][ T5940] Allocated by task 6758: [ 68.927729][ T29] usb 6-1: USB disconnect, device number 2 [ 68.927788][ T5940] kasan_save_stack+0x33/0x60 [ 68.931191][ T5940] kasan_save_track+0x14/0x30 [ 68.932770][ T5940] __kasan_kmalloc+0xaa/0xb0 [ 68.934245][ T5940] __kmalloc_noprof+0x223/0x510 [ 68.935808][ T5940] sk_prot_alloc+0x1a8/0x2a0 [ 68.937367][ T5940] sk_alloc+0x36/0xc20 [ 68.939062][ T5940] bt_sock_alloc+0x3b/0x3a0 [ 68.940998][ T5940] l2cap_sock_alloc.constprop.0+0x33/0x1d0 [ 68.943481][ T5940] l2cap_sock_create+0x123/0x1f0 [ 68.945630][ T5940] bt_sock_create+0x185/0x350 [ 68.947600][ T5940] __sock_create+0x335/0x8d0 [ 68.949544][ T5940] __sys_socket+0x14d/0x260 [ 68.951475][ T5940] __x64_sys_socket+0x72/0xb0 [ 68.953513][ T5940] do_syscall_64+0xcd/0x4c0 [ 68.955448][ T5940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.957908][ T5940] [ 68.958941][ T5940] Freed by task 6758: [ 68.960589][ T5940] kasan_save_stack+0x33/0x60 [ 68.962707][ T5940] kasan_save_track+0x14/0x30 [ 68.964701][ T5940] kasan_save_free_info+0x3b/0x60 [ 68.966774][ T5940] __kasan_slab_free+0x51/0x70 [ 68.968733][ T5940] kfree+0x2b4/0x4d0 [ 68.970322][ T5940] __sk_destruct+0x740/0x980 [ 68.972328][ T5940] sk_destruct+0xc2/0xf0 [ 68.974134][ T5940] __sk_free+0xf4/0x3e0 [ 68.975920][ T5940] sk_free+0x6a/0x90 [ 68.977582][ T5940] l2cap_sock_kill+0x171/0x2d0 [ 68.979589][ T5940] l2cap_sock_release+0x189/0x210 [ 68.981687][ T5940] __sock_release+0xb0/0x270 [ 68.983752][ T5940] sock_close+0x1c/0x30 [ 68.985528][ T5940] __fput+0x402/0xb70 [ 68.987254][ T5940] task_work_run+0x150/0x240 [ 68.989168][ T5940] exit_to_user_mode_loop+0xeb/0x110 [ 68.991416][ T5940] do_syscall_64+0x3f6/0x4c0 [ 68.993360][ T5940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.995854][ T5940] [ 68.996873][ T5940] The buggy address belongs to the object at ffff888055051000 [ 68.996873][ T5940] which belongs to the cache kmalloc-2k of size 2048 [ 69.002560][ T5940] The buggy address is located 392 bytes inside of [ 69.002560][ T5940] freed 2048-byte region [ffff888055051000, ffff888055051800) [ 69.007576][ T5940] [ 69.008518][ T5940] The buggy address belongs to the physical page: [ 69.010778][ T5940] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55050 [ 69.013732][ T5940] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 69.016465][ T5940] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 69.018940][ T5940] page_type: f5(slab) [ 69.020232][ T5940] raw: 00fff00000000040 ffff88801b842f00 ffffea0000885a00 dead000000000002 [ 69.022916][ T5940] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000 [ 69.025583][ T5940] head: 00fff00000000040 ffff88801b842f00 ffffea0000885a00 dead000000000002 [ 69.028408][ T5940] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000 [ 69.031226][ T5940] head: 00fff00000000003 ffffea0001541401 00000000ffffffff 00000000ffffffff [ 69.034392][ T5940] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 69.037968][ T5940] page dumped because: kasan: bad access detected [ 69.040611][ T5940] page_owner tracks the page as allocated [ 69.042969][ T5940] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5946, tgid 5946 (syz-executor), ts 54086594293, free_ts 0 [ 69.051184][ T5940] post_alloc_hook+0x1c0/0x230 [ 69.053223][ T5940] get_page_from_freelist+0x1321/0x3890 [ 69.055540][ T5940] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 69.058014][ T5940] alloc_pages_mpol+0x1fb/0x550 [ 69.060082][ T5940] new_slab+0x23b/0x330 [ 69.061929][ T5940] ___slab_alloc+0xd9c/0x1940 [ 69.063980][ T5940] __slab_alloc.constprop.0+0x56/0xb0 [ 69.065707][ T5940] __kmalloc_node_noprof+0x2ed/0x500 [ 69.067676][ T5940] qdisc_alloc+0xbb/0xc50 [ 69.069494][ T5940] qdisc_create_dflt+0x94/0x490 [ 69.071588][ T5940] dev_activate+0x63f/0x12d0 [ 69.073547][ T5940] __dev_open+0x43a/0x7d0 [ 69.075382][ T5940] __dev_change_flags+0x55d/0x720 [ 69.077399][ T5940] netif_change_flags+0x8d/0x160 [ 69.078978][ T5940] do_setlink.constprop.0+0xb53/0x4380 [ 69.081073][ T5940] rtnl_newlink+0x1446/0x2000 [ 69.083112][ T5940] page_owner free stack trace missing [ 69.085101][ T5940] [ 69.085980][ T5940] Memory state around the buggy address: [ 69.088336][ T5940] ffff888055051080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.091737][ T5940] ffff888055051100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.095107][ T5940] >ffff888055051180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.097703][ T5940] ^ [ 69.099111][ T5940] ffff888055051200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.101647][ T5940] ffff888055051280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.104163][ T5940] ================================================================== [ 69.108123][ T5940] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 69.110377][ T5940] CPU: 2 UID: 0 PID: 5940 Comm: kworker/u33:3 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 69.114125][ T5940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.117427][ T5940] Workqueue: hci2 hci_rx_work [ 69.118957][ T5940] Call Trace: [ 69.120091][ T5940] [ 69.121049][ T5940] dump_stack_lvl+0x3d/0x1f0 [ 69.122533][ T5940] panic+0x71c/0x800 [ 69.123805][ T5940] ? __pfx_panic+0x10/0x10 [ 69.125239][ T5940] ? irqentry_exit+0x3b/0x90 [ 69.126717][ T5940] ? lockdep_hardirqs_on+0x7c/0x110 [ 69.128395][ T5940] ? preempt_schedule_thunk+0x16/0x30 [ 69.130128][ T5940] ? l2cap_sock_ready_cb+0x16a/0x170 [ 69.132108][ T5940] ? preempt_schedule_common+0x44/0xc0 [ 69.134323][ T5940] ? l2cap_sock_ready_cb+0x16a/0x170 [ 69.136067][ T5940] check_panic_on_warn+0xab/0xb0 [ 69.137661][ T5940] end_report+0x107/0x170 [ 69.139060][ T5940] kasan_report+0xee/0x110 [ 69.140505][ T5940] ? l2cap_sock_ready_cb+0x16a/0x170 [ 69.142191][ T5940] l2cap_sock_ready_cb+0x16a/0x170 [ 69.143809][ T5940] l2cap_le_start+0x1ea/0xe40 [ 69.145312][ T5940] ? l2cap_connect_cfm+0x819/0xf80 [ 69.146992][ T5940] ? __pfx_l2cap_le_start+0x10/0x10 [ 69.148555][ T5940] ? __pfx_l2cap_global_fixed_chan+0x10/0x10 [ 69.150466][ T5940] ? __l2cap_chan_add+0x3e6/0xa20 [ 69.152089][ T5940] l2cap_connect_cfm+0x8f4/0xf80 [ 69.153678][ T5940] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 69.155426][ T5940] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 69.157189][ T5940] le_conn_complete_evt+0x1665/0x1d70 [ 69.158933][ T5940] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 69.160766][ T5940] ? hci_event_packet+0x459/0x11c0 [ 69.162398][ T5940] hci_le_conn_complete_evt+0x23c/0x370 [ 69.164195][ T5940] hci_le_meta_evt+0x354/0x5e0 [ 69.165755][ T5940] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 69.167805][ T5940] hci_event_packet+0x685/0x11c0 [ 69.169385][ T5940] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 69.171102][ T5940] ? __pfx_hci_event_packet+0x10/0x10 [ 69.172855][ T5940] ? kcov_remote_start+0x3c9/0x6d0 [ 69.174505][ T5940] ? lockdep_hardirqs_on+0x7c/0x110 [ 69.176212][ T5940] hci_rx_work+0x2c5/0x16b0 [ 69.177723][ T5940] ? rcu_is_watching+0x12/0xc0 [ 69.179471][ T5940] process_one_work+0x9cf/0x1b70 [ 69.181551][ T5940] ? __pfx_process_one_work+0x10/0x10 [ 69.183639][ T5940] ? assign_work+0x1a0/0x250 [ 69.185130][ T5940] worker_thread+0x6c8/0xf10 [ 69.186620][ T5940] ? __pfx_worker_thread+0x10/0x10 [ 69.188257][ T5940] kthread+0x3c2/0x780 [ 69.189590][ T5940] ? __pfx_kthread+0x10/0x10 [ 69.191133][ T5940] ? rcu_is_watching+0x12/0xc0 [ 69.192658][ T5940] ? __pfx_kthread+0x10/0x10 [ 69.194132][ T5940] ret_from_fork+0x5d4/0x6f0 [ 69.195626][ T5940] ? __pfx_kthread+0x10/0x10 [ 69.197122][ T5940] ret_from_fork_asm+0x1a/0x30 [ 69.198680][ T5940] [ 69.200379][ T5940] Kernel Offset: disabled [ 69.201763][ T5940] Rebooting in 86400 seconds.. VM DIAGNOSIS: 20:55:24 Registers: info registers vcpu 0 CPU#0 RAX=ffff888053810d00 RBX=ffff888053810d00 RCX=ffffc900030af4b4 RDX=0000000000000cc0 RSI=ffff888053810d00 RDI=ffffea0001851880 RBP=ffffea0001851880 RSP=ffffc900030af520 R8 =ecd50b533a01c1fd R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=0000000000000cc0 R13=0000000000000cc0 R14=0000000000000001 R15=0000000000000087 RIP=ffffffff822c0ea8 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f4b546666c0 ffffffff 00c00000 GS =0000 ffff8880d6752000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c2a469a CR3=000000002c270000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4b53811b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4b53811b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4b53811b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4b53811b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4b53811bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4b53811c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4b53984488 00007f4b53984480 00007f4b53984478 00007f4b53984450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4b544ed100 00007f4b53984440 00007f4b53984458 00007f4b539844a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4b53984498 00007f4b53984490 00007f4b53984488 00007f4b53984480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000652 RBX=0000000000000002 RCX=000000002e5cbf9e RDX=0000000000000000 RSI=000000008ada5cc2 RDI=ffff88802c035398 RBP=ffff88802c034880 RSP=ffffc900031ff9c8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=ffff88802c035370 R13=ffff88802c0353c0 R14=0000000000000002 R15=0000000000000003 RIP=ffffffff81980a53 RFL=00000003 [------C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f69da962880 ffffffff 00c00000 GS =0000 ffff8880d6852000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000555563221808 CR3=000000004de50000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000000032e7 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002012492 Opmask01=0000000000004211 Opmask02=000000007ffeffff Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005598baa66730 00005598baa66730 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 00005598ba9d3100 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f69da3f1b20 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ff00000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffff000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656c696620732520 6465746165726300 0a73253a47000a73 253d73253a45000a ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40494c4305560005 4140514440574600 0a56001f47000a56 001856001f45000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 0000000000000000 00005598ba9d3100 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265747369676572 6e755f7665647465 6e2e65726f632e74 656e2e6c74637379 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656c6f736e6f6320 6164732f7665642f 3d746f6f7220313d 6e7261775f6e6f5f ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 63696e6170203233 3d78616d5f736462 6e2032333d706f6f 6c5f78616d203233 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d6d756e2e646368 5f796d6d75642030 34313d736365735f 74756f656d69745f ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265747369676572 6e755f7665647465 6e2e65726f632e74 656e2e6c74637379 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff855c0060 RDI=ffffffff9b088320 RBP=ffffffff9b0882e0 RSP=ffffc9000338f0f0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3035353038386552 R12=0000000000000000 R13=0000000000000020 R14=fffffbfff36110b6 R15=dffffc0000000000 RIP=ffffffff855c0087 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6952000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=0000000025797000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000104080 Opmask01=0000000000290410 Opmask02=00000000ffffffff Opmask03=0000000020400004 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe643443b8 00007ffe643443b8 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe64344590 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005598ba9d17f0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f69da3f1b20 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f69da3f1b20 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfa6e33b24112812 737326ee906482d6 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737373a2 7373737373737373 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 367570632f302f71 6d2f32706f6f6c2f 6b636f6c622f6c61 75747269762f7365 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000003675 70632f302f716d2f 32706f6f6c2f6b63 6f6c622f6c617574 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005598ba9bfdd8 00005598ba9bfdd8 0000000000000041 0000000000003430 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f69da3f1fe0 00007f69da3f1fe0 0000000000000761 0000003277617264 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 322e392d3533712d 63707276703a2939 3030322c39484349 2b35335128435064 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7261646e6174536e 703a554d45516e76 733a302e3072623a 343130322f31302f ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343064623a312b32 316f70627e322d33 2e36312e312d6e61 696265642d332e36 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000003 RCX=8fd44d67ddbb0da2 RDX=0000000000000000 RSI=ffff888021f92fa8 RDI=ffff888021f92440 RBP=ffff888021f92440 RSP=ffffc900032ef628 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000078 R11=0000000000000001 R12=ffff888021f92f30 R13=ffff888021f92fa8 R14=0000000000000003 R15=0000000000000001 RIP=ffffffff81985ccb RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6a52000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fca167726e0 CR3=0000000047c40000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e02611b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e02611b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e02611b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e02611b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e02611bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e02611c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e02784488 00007f5e02784480 00007f5e02784478 00007f5e02784450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e032ed100 00007f5e02784440 00007f5e02784458 0000000700080006 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e02784498 00007f5e02784490 00007f5e02784488 00007f5e02784480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000