last executing test programs: 1.537450593s ago: executing program 2 (id=36): syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="043e1a0d01f1ff00ffffffffffffb11501080607000493a169e32efe6cf9f5"], 0x1d) r0 = syz_open_procfs(0x0, 0x0) pread64(r0, 0x0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, 0x0, &(0x7f0000000640)) 1.537101825s ago: executing program 2 (id=37): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295b5, 0x0, 0xfffffffd, {0xa, 0x0, 0x0, 0xc8}, [@IFA_LOCAL={0x14, 0x2, @local}, @IFA_CACHEINFO={0x14, 0x6, {0xe, 0xc, 0x4, 0x2}}]}, 0x40}}, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r1) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c) sendto$inet6(r3, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd) sendmsg$NLBL_MGMT_C_REMOVE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r2, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20048040}, 0x10000000) r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x80, r4, 0x10, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_SECCTX={0x1f, 0x7, 'system_u:object_r:mnt_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ip_vti0\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast2}]}, 0x80}, 0x1, 0x0, 0x0, 0x20004055}, 0x400c005) 1.47098645s ago: executing program 2 (id=38): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x8, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x9, 0xcc, 0x1, 0x4, 0x2, 0x1, 0x1, 0xff, 0x5, 0x0, 0xe, 0x9, 0xa, 0x2, 0xd, 0x5}}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x6, 0x0, 0x180, 0x7, 0x0, 0xf1, 0x0, 0x8000000000000, 0x5, 0x0, 0x9, 0xfffffffffffffffc, 0x8, 0x0, 0xbd9], 0x1, 0x3c4210}) ioctl$KVM_RUN(r2, 0xae80, 0x40000) 1.354198931s ago: executing program 2 (id=39): r0 = fsopen(&(0x7f0000000000)='sockfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x8a) ioctl$UI_SET_ABSBIT(r1, 0x40045567, 0x0) setreuid(0xee01, 0xee01) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b000000000000000080000000", @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48) r2 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000000), 0x8082, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(r2, 0xc008640a, &(0x7f0000000040)) r3 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f00000000c0)) mount_setattr(r1, &(0x7f0000000080)='./file0\x00', 0x1800, &(0x7f0000000100)={0x100078, 0x1000f9, 0xe0000, {r3}}, 0x20) 1.349249559s ago: executing program 2 (id=40): socket$nl_netfilter(0x10, 0x3, 0xc) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200), 0x20000, 0x0) bind$alg(r3, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-sse2\x00'}, 0x58) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe}], 0xb4}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x5, 0x2, 0x4000, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.228355518s ago: executing program 1 (id=44): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x60042, 0x0) write$binfmt_elf64(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="7f454c460e02fab7ff7f00000008000002000300fffeffffdf020000000000004000000000000000030300000000000000000000080038000100040004"], 0x78) ioctl$SNDCTL_SEQ_SYNC(r0, 0x5101) 1.227719233s ago: executing program 2 (id=45): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r1, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000140), 0x2c041, 0x0) getsockopt$inet6_int(r2, 0x29, 0x42, &(0x7f0000000180), &(0x7f00000001c0)=0x4) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={r1, r2, 0x33, 0x0, @val=@perf_event={0x3}}, 0x18) r3 = socket$packet(0x11, 0x3, 0x300) openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/crypto\x00', 0x0, 0x0) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r3, &(0x7f0000000300)=[{{&(0x7f0000000700)=@xdp={0x2c, 0xdd86, r5}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000240)="e5e60758c35c52a875569dc350791690ad448ca266156e123f1043f5510f7b70e10dfa2544ece90a4559b2ce2dfeeacbfe25097666cc24e5cc30fc4c28d504cd6e25fa4ec75b905bf0d0ab19241586e8729cf50bba4299a8e26a0c71a1c029088239897a4de4", 0x66}], 0x1, 0x0, 0x0, 0x2f00}}], 0x1, 0x0) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000440)={0xfff3, [0x80, 0xffffffff], 0x40}, 0x10) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r6, 0x400455c8, 0x0) r7 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r7, 0xc1004110, &(0x7f0000000080)={0x8, [0x10000, 0x0, 0x1], [{}, {}, {0xf6a}, {0x6, 0x0, 0x1, 0x1}, {0x3, 0x0, 0x0, 0x1}, {0x3d1, 0xf788, 0x0, 0x1}, {0x8, 0x1ff, 0x0, 0x0, 0x1, 0x1}, {0x8, 0x40, 0x1}, {0xfff, 0x3, 0x1, 0x1}, {0x986d, 0x8}, {0x8, 0x7f, 0x0, 0x0, 0x1}, {0x800, 0x2, 0x1, 0x0, 0x1}]}) recvmmsg(r0, &(0x7f0000002e00)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x22, 0x0) 1.159979145s ago: executing program 1 (id=47): socket$nl_route(0x10, 0x3, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000100)={'macsec0\x00', 0x400}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x26bc80, 0x0) close(r1) r2 = socket$netlink(0x10, 0x3, 0x4) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) writev(r0, &(0x7f00000005c0)=[{&(0x7f0000000c00)="c100000000000000b47381c96558", 0xe}], 0x1) lseek(0xffffffffffffffff, 0x600000000000, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x5, [@enum={0x2, 0x2, 0x0, 0x6, 0x4, [{0x3, 0xffffffff}, {0x0, 0xb494}]}]}, {0x0, [0x61, 0x2e, 0x5f]}}, 0x0, 0x39, 0x0, 0x1, 0x6, 0x0, @void, @value}, 0x28) r3 = socket(0x1d, 0x2, 0x6) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r3, 0x6a, 0x3, 0x0, &(0x7f0000000180)) r4 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x8, 0x2) r5 = socket(0x11, 0x3, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) bind$packet(r5, &(0x7f0000000180)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @dev}, 0x14) getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000200)=0x14) r9 = openat$ptp1(0xffffffffffffff9c, &(0x7f0000000200), 0x101, 0x0) ioctl$PTP_PIN_SETFUNC(r9, 0x40603d07, &(0x7f0000000040)={'\x00', 0xfff, 0x2, 0x5}) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000300)={'sit0\x00', &(0x7f0000000240)={'gre0\x00', 0x0, 0x20, 0x7, 0x2, 0x10, {{0x1a, 0x4, 0x2, 0x1c, 0x68, 0x67, 0x0, 0x2, 0x29, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x2c}, {[@noop, @end, @lsrr={0x83, 0x7, 0xe4, [@dev={0xac, 0x14, 0x14, 0x23}]}, @timestamp_prespec={0x44, 0xc, 0x2, 0x3, 0x7, [{@broadcast, 0x7}]}, @lsrr={0x83, 0x27, 0x21, [@multicast1, @dev={0xac, 0x14, 0x14, 0x25}, @loopback, @remote, @multicast1, @broadcast, @private=0xa010101, @multicast2, @remote]}, @noop, @timestamp_addr={0x44, 0xc, 0x10, 0x1, 0x7, [{@dev={0xac, 0x14, 0x14, 0x3e}, 0x9}]}, @lsrr={0x83, 0xb, 0x20, [@initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0xe}]}]}}}}}) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000340)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000440)={'ip6gre0\x00', &(0x7f0000000380)={'ip6tnl0\x00', 0x0, 0x4, 0x6, 0xc, 0xfffffff9, 0x20, @empty, @dev={0xfe, 0x80, '\x00', 0x16}, 0x700, 0x8000, 0xfff, 0x38ff}}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'team0\x00', 0x0}) getpeername$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000540)=0x14) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000600)={'ip6gre0\x00', &(0x7f0000000680)={'ip6_vti0\x00', 0x0, 0x29, 0x2, 0x9, 0x6, 0x44, @local, @remote, 0x1, 0x8000, 0x75, 0x3f6b}}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000700)={'batadv0\x00', 0x0}) sendmsg$TEAM_CMD_PORT_LIST_GET(r2, &(0x7f0000000780)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000740)={&(0x7f0000001180)=ANY=[@ANYBLOB="30050000", @ANYRES16=0x0, @ANYBLOB="100025bd7000fedbdf250300000008000100", @ANYRES32=r7, @ANYBLOB="680202804c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400810000003c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004000100000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000e00000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e74000000000000008d4f8cc6d83bb2fa000300030000000800040093884b4e38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000300000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004000700000008000700000000003c00010024000100757365725f6c696e6b75700000100000000000000000000000000000000000000500030006000000040004000800060017467554bc72ce59f6664192ffa13b772f903e12f01b64af417dec56e607e708b8f75b713d27a5a36598a92e5b9b6e19e5b5a3784b09ffbb0d55563c0fef730bdc2c851f62b3216e362f12e6f6", @ANYRES32=r8, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e00000008000400a100000008000600", @ANYRES32=r10, @ANYBLOB="08000100", @ANYRES32=r11, @ANYBLOB="ac0102803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000400000040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000e00040062726f61646361737400000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040006000000080007000000000038000100240001006c625f73746174735f726566726573685f696e74657276616c00000000000000050003000300000008000400b1b600003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="400001002400010071756575655f6964000000000000000000000000000000000000000000000000050003000300000008000400ffffff7f08000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r13, @ANYBLOB="f000028038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400050000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r14, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000700000008000600", @ANYRES32=r15, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r16, @ANYBLOB], 0x530}}, 0x50) ioctl$vim2m_VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000500)={0x2e, 0x2, 0x2, "4449f8e1b0faa9b0071c937f7f57002e0c0000c39b000000000000003200", 0x34324948}) 1.159803555s ago: executing program 3 (id=48): socket$kcm(0x10, 0x2, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r2, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newlink={0x28, 0x10, 0x403, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r2, 0xff7f}, [@IFLA_LINK={0x8}]}, 0x28}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=@newlink={0x54, 0x10, 0x401, 0x0, 0x12, {0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @private0}]}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x54}}, 0x0) 991.24282ms ago: executing program 3 (id=49): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x0, 0x8a}, 0x9c) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback={0x200000000000000}}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c) 921.246792ms ago: executing program 3 (id=50): ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) fstat(0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f00000001c0)={0x3, 0xc, {}, {}, 0x8, 0xcf15}) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$sock_int(r0, 0x1, 0x4b, &(0x7f0000000240)=0x7, 0x4) recvmmsg(r0, &(0x7f00000082c0)=[{{0x0, 0x0, 0x0}, 0x8000}], 0x1, 0x0, 0x0) ioctl$IOMMU_TEST_OP_ADD_RESERVED(0xffffffffffffffff, 0x3ba0, &(0x7f0000000000)={0x48, 0xc, 0x0, 0x0, 0x4, 0x20000200000001}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a) mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, 0x0) mount$tmpfs(0x0, 0x0, 0x0, 0x2b00b8, &(0x7f0000000040)={[{@size={'size', 0x3d, [0x32]}}]}) 769.79317ms ago: executing program 3 (id=51): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x44, 0x10, 0x401, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x2500, 0x2a000}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_OFLAGS={0x6, 0x3, 0xa6}, @IFLA_GRE_REMOTE={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x13}}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x48000}, 0x20004090) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x5}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 231.268851ms ago: executing program 0 (id=56): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000003110000000000000000000095f434ee590bd700000000000000afb646ff2d84b74df2d72d95a86e127c49ad4fb075aa4dc3f9845a38a644c863887ea3bee46a53a2affdaeb33c80dfbfd1bcbb89925b59e483620571f55e563f4a667bb314c265dd30af7fa27fc267e02acb025e270075bfc72a1377ce91a5e9fc38d8bf40d65a7301382c810047baaee33bd2be2b0c2db22beb5475f1756f52d53da570490984f41d862d57ad62a0098961bb3175e8cd4be862a6fa21dc56628c3e3365fecc5ffda01e6fc9ac4c296b7c8700e7769c3d9b0736a883b4635ebcdd29dd5da660b8b92027204d32a0f420119933709dab840b77731784e52acd8e779ceaf0dca4cdc3bd9890c7f45be27f68b075e7bb558be1982901459678ba691fa47ca23b7bd71c940a3bcc63b26c8f9cbde09afc"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 230.322036ms ago: executing program 0 (id=57): r0 = socket(0x10, 0x80002, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000040)={'ip_vti0\x00', 0x0, 0x40, 0x7800, 0x40, 0x1, {{0x15, 0x4, 0x3, 0x7, 0x54, 0x64, 0x0, 0x9, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x8, 0x51, 0x0, 0x3, [0x55]}, @timestamp={0x44, 0x14, 0xd3, 0x0, 0x0, [0xbb7, 0x7, 0x8, 0x7ff]}, @timestamp={0x44, 0x8, 0xc0, 0x0, 0x8, [0x9]}, @cipso={0x86, 0x1c, 0x3, [{0x7, 0x7, "1b18113ebc"}, {0x0, 0xf, "78eb9731b308e482f6758a2e4a"}]}]}}}}}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=@getqdisc={0x28, 0x26, 0x1, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0xb, 0x3}, {0xffff, 0xd}, {0x1, 0xa}}, [{0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x24000000}, 0x2000) 150.379778ms ago: executing program 1 (id=58): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) connect$inet(0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0c0000000400000004000000090000", @ANYRES32], 0x48) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000000000009441"]) getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0x92, 0x0, &(0x7f0000000280)) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x91}, 0x24044884) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r4) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_ADD_DEV(r5, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="000226bd7000fddbdf252a00000006000400a1aa00001da5dd2102000000"], 0x24}, 0x1, 0x0, 0x0, 0x2004c890}, 0x20008080) socket$inet_sctp(0x2, 0x5, 0x84) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) 150.147155ms ago: executing program 0 (id=59): keyctl$clear(0x5, 0xfffffffffffffffe) request_key(&(0x7f0000000040)='ceph\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f00000000c0)='\x00$@\x00', 0x0) 149.656403ms ago: executing program 3 (id=60): bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xffffffff) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0) write$cgroup_int(r2, &(0x7f0000000040)=0x900, 0x12) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000580)='CT\x00', &(0x7f00000005c0)='veth1\x00', 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x300, 0x198, 0xffffffff, 0xffffffff, 0x198, 0xffffffff, 0x268, 0xffffff7a, 0xffffffff, 0x268, 0xffffffff, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'veth1\x00', 'veth0_to_team\x00', {}, {}, 0x0, 0x0, 0x41}, 0x6, 0x130, 0x198, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "00000100cbd047da9ca965f96ad5801f0514d363ee84bb895919d9490f6785fba3c4a44f1e25ecefef2a2d6054f5260ece5ce1a56a5ef73be11d65bfe8c37674024c183ebacdf741cea92ded3a9ca54de15dd9ec8ef62f9e000000000000000000ffffff7f00", 0x7d}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x2, 0x0, 'snmp_trap\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x360) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f, @void, @value}, 0x94) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r2, 0x80089419, &(0x7f0000000640)) 149.544133ms ago: executing program 0 (id=61): syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="043e1a0d01f1ff00ffffffffffffb11501080607000493a169e32efe6cf9f5"], 0x1d) r0 = syz_open_procfs(0x0, 0x0) pread64(r0, 0x0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, 0x0, 0x0) 80.834091ms ago: executing program 0 (id=62): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0xfffffffffffffffd) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r4, 0xffffffffffffffff, 0x200000000000000) sendmsg$TIPC_CMD_GET_LINKS(r1, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)={0x24, 0x0, 0x800, 0x70bd2b, 0x25dfdbff, {{}, {}, {0x8, 0x11, 0x44}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x20040084) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000040000000030a01010000000000000000010000000900030073797a310000000014000480080002400000000008000140000000000900010073797a300000000070000000060a010400000000000000000100000048000480240001800b00010072656a65637400001400028008000140000000000500020000000000200001800700010072740000140002800800014000000009080002400000000008000b40000000000900010073797a300000000014000000110001"], 0xf8}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000140)={0x4, &(0x7f0000000080)=[{0x1, 0x4, 0x2, 0x1a}, {0x3, 0xd6, 0x6, 0xfffffffe}, {0x0, 0xcf, 0x0, 0x8}, {0x10, 0x8, 0x7, 0x3}]}) 80.483968ms ago: executing program 3 (id=63): socket$nl_netfilter(0x10, 0x3, 0xc) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200), 0x20000, 0x0) bind$alg(r3, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-sse2\x00'}, 0x58) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe}], 0xb4}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x5, 0x2, 0x4000, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 79.422898ms ago: executing program 1 (id=64): ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=0x0) ptrace$ARCH_GET_UNTAG_MASK(0x1e, r0, &(0x7f0000000040), 0x4001) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x115040) write$cgroup_pid(r1, &(0x7f00000000c0)=r0, 0x12) (async) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu/syz0\x00', 0x1ff) (async) write(r1, &(0x7f0000000140)="c3efc0abcd55cdc2da49463f11a06b3b8871b46a1b49e35a48c9270c320e570ee17d697955b80aa26a9fef3c9cb617fb80dd2ed6574e7d9a36ff659bd9e5c98837fc6c05d95dbff86df8697bd170cf24768e27e12ffbff478dafd407c3f724afa3cfa3ae3831611c291dbfa026a365ee644e8e90aeedf581e77244df2e4c5690acd9fa8c12dd86f0281b78d12f5a1d416b162188387e900d7cfb78fe427c98ed71b8933efb600f0e1b3ff7be3b54b93a285e5e545cbbae4a7917822246fed307ac4b160a8d6d5f0845275caa1078ed4d51569083a94d5770f0099b0c43de1d9069f36cfc3d5f9ad5147dfc01f2c66bf929010b44ede4c924a0d0318a52b9a62c4c7271c3343325572f2c9499296d5478b674b72be4c7282e27520dea504c099b9256373e79d3714b850abcfd7499ae11dd9c45b26dcb55a89b618cb89a624d6b16a7b7c38dc915ce6f33ca22d0648d339a37039b806d1f202e7fcc8996cfe8f3bac42532e7f487d2ceaeeddb7385fbceac1368cccd7e3e6273026ba4e35668a3765e903c8fdf131566a67cbdde5bee7adba0e103252de46532ffd1746e748738b108cf524eebe3b94fd26369984a56881011ddcc1a955d03571318e09d0bfb8336cdd2a8cb2b89647fb741503c551b9d78407215ff30d899c8c496de1312be7998ad8d859863a0bc862badb2f63b76c7a556571c4ef81d6fd191ae03cfc38220867f1d4847add6fe8a07511ad3b8c289793725f126dbbfe0feeb277ac5493271d2dc6864cb8d567e620a3acbe6f200505cb7fe348f40a4eac10495ce2042cc4a042993b5d32614f11948c7d8c7a46315ccfe0f6d01787b320220e01d9c5e2850225ae2d1f14d30fa6975bfdd29020a70646f2f417bca4fcf9cf5ba20e9ca93dc4c158cbd85d821a801623f085bfb51e880a434e88b0c794a14cc4255a2a8e4257648a5bb61e425515e9c7ba3e53d98fdc7d8e9ff4d4e33716824da2661bcfafa57b4bf15fd7cb2862116b33e8402f95fd2c55d8195c1ac71d7c3966f9d92e5c87673cc84f3862001b44095c53830532a8fb936c60429701db8fe2af02e8f28e87f3894537c5e0638afc950ea5789feab7ee4d47904f6f750160d299819a6c06ed48f42b35e85e304085b9638f3b39684c7625f12b122fe4787fd177da904826944c8b43c942916b967bd0688948c3cf64b0f6e81999d4bb4c14ad21a926ed0b0873dc144a027d0aa5f96b9098bf0d6dec5da86c799197c574c77600f2a339d9dc69cada815ed16d4da58f32fb998dc717891c7f989db81bc0a8e1bda6ba86667903867c2b1a1dbe97edfee12ba30db7e5d7ae42528800554d12b251272cd3053c1ec0ad0f3d520012056004dac5c8ba60dc0808d933cdf25898dbb9795eca670bd6201ed60a9d61318538074cb8b0dc1685876f1b2d7eb530085b4033abf6804325e0c85b1e8e2c0ef1b68c33a851739f95c04afe8da625e4cc7aaedf5530c3579518c9fa58e5a7607575e66ee354438af46a541e3371eabc89f39a94ab12c2e3255e8f87551df847235b00eb81fcb27c09ce50234b298e74a16c1d54c17acc2766858b52e709bd6bb1365a6d354f74ae7ad2fe71f5f08ce9686117f52be61a9bb2d3e5155f097de62864246012a84fa54c5d13ce9b9d7d7d97026147286e2e19b0b469b209dcc9a05d266e27ecebe32659fa5693b2cd4dd095efd8a70e280fed93f4cd673597a6fca90094f147d3d95c2f02d859b42a5bcf7db76e9183f38d7bb997d0666b5e4e087c8951692e6d52614f24a8dfadaf3ebdf5aa9231db0b1830a0d13d8d6d8294aef7b289a41d3bd2fdd1b5d5ad3e55a4ae4ca42c97f347f6fedb972022c9a61837400062ef0efb2dffad6d2216052ff323a9dc7fbf8d3fdbaac7bcb98c70339d3ec5e6472da9ddbbbe8681bed21e66f97839d25df9ee1084b5f54ef62603beb48b09a00195e4ac22ba64ae25dab26c0b1e3e5ab7f4d93c3cbd92a608e6d036410292cbe0432e942290c1b3fef7353371fdc7904ec4b8394c8c308016665ff723f94dff8bba0ae7c2ef1098ce0386c528ee5d8ecf8504f7e467027e445900bd73374c368887b47c145d85f06e5f0efb1c7e72a9f3383b21a04326f994273b1178015ea0a3082f5b1b169839307e2e771ef6ea3a200bff84e655f7bb5fc2ed5c372cacd6c6453f92e0efeee333b58db2dfa75158d9a6772267f1ce8ec512ff4e67aa0e418ee250bda8d2f6e46063e0bbfea1030979c1a965f7041fcc432ca36651886bb12928606956512236d7e6fb3563958a1619f3243a20e1af4eecdd503a75fb3eb605f64b61b01a86404d83cc399380f5a88f66c6b803c7c33e988eb069cc809414b99b491cc73127e6c44c58caf2daf63d609b65e17747ef413b54152d8aa548c87bd0c16aa5464a80b3518fee7bc5555b544d24d70f3974abfbb51d4420ea14b7ebf4d489966f39f0e03a598da6dba8542bb46ddf07d7317b05cd588ce134e2971a05e07ac6fc904ac82fc4a88f1f03bfe7db665d64cbcaf1fb4a5af8276c1d58521cf7d2bb40504e5f02902b3cdd1c858dd47d4f7084d4ac5a795d34bf78a7f65a218a407e8704a6e8893d4b0dd5617ce302e5ee29627ad75adbb23ec47b3a6472a83f0bd74628c89be0dbe22447230de2f4237899f7325fb435698fe46b5803ba273ef73802a774fc1b22f4d8b29f5b5e094e42508ba1a6730729d460e38168978e61e4a7a124e544adaeb39d765d13c446db24c78eedd173347ff5f9b8b14d5b1a79219ffdd9ae2349cb0ea5b477a6b259f14620aa9540a6c7104469757566e148f9578163d7aa76be1128626f34ccacc5211137291542d7c070aa8039a798a74a48907fd98b30624af0da8ab8c5216bc24f2cf6f78ca6a12826e891dd1e9f69e2b3393c75649905720f73d674eadced6704ec39cdbea4a75fc003527903950d324091ad0675430b596469a32212ab2e85433a93a58098ce13aab54c5c861485125e00f4b1abab557942c125beb56a70623d1561cf01788b793d030ec12df9432287146878ea761541f8393745b431ba214996e8f6816c87fb599aaee7041e4dbeb6e7155770120a53c3288573ecfb2a30f468f8c76d7811f814003bf927764c34a02185e9b5b5c86e79e39b73cecb408f44aa033f4cb68b737430f9d47a7dad0dcba150a6fad2c472f0a3c56f2df4ddb800fd1f54a270292727eda90673fe67f5d1e8426f1fd98f308b6375866718240d2bbfe85f2ab69477688b7fd37141022d3cf47341884008311692bdf73862ec9ec9b262a111505e12c6306deb3cd6d1b1e09b5b73ceaedf00dd66ef0acd2f497b115868de718b0053d6559e95c93cb10ef00a3723e058b892bc29c4501c6deffb6fc2cccfb396f5a0616a3d330707777844f865c21d508b1b9479e01b46abcdc06207993d2534ff6276a7a1ef3c1e533471c82ded9d69e5c54667701063f721339ce059903ecaedcc9287a3bfe86fa3594ccbaf118ff958edea38476ef71a7a7fbd4a18c84969fb21fe5e4ee38788f27f768cacaab438d1be785cf3893fd886eb501c3d025d6de9fe57618746d7b5733f9ca8ae4449e71dd7eab553f61a4835331a99773030830e0f26851c26d3c222ad3ecbbdb20d4e005f761e4fe77a33aaf3635daf08823f1718858018235e29bbd5f65b263a5b980e6f3b289fa2b7e99c02d327c460c6a66f4fab6da096936479821b8131e41ee3c6013e610e63b724ff002bf701b3da9170ef7b5e06d2ef86509324ac483168c918f52437ef281ff47e7c548eb62466b4a04b1ef6e2e3b053ee1e520f1e1e80208e63cc29d9c48a5a93a66f057dbe866b7d808a92c3f624f9198f3491a1f53b8434309db846591a58d1d07eae8aa09a0b7295f0f90975584a3d018415b2f34e6ebbe36b3594032541aa4c166f732e174c342b49274407a77d874dd27573ad2467c1bd26dcd5744201f6679885700bbc5bef31d816ae8b7c568ce554a0832cf5f8f187f2c208eaf214417747320afa6898c174807fe2ba65174166a4c404a9eb56a207cc4aff46182bd1bcd315afd8ba74bf265ce42f13912fdf7deb1586d43a55e6fab310f407aeb771a541f3e05caaa35b3e8cae348fa4c9523bf4af488a03e2d2977239454f45dc251a55975d5981b6ebdf3582232c0ef1a65f17aff284d345c57db20df1b012f9df0f76baed9f99908464b96abf93014b5993b096396e074f0e39ba4ee2e05404e479420151659c3124a5aacafb5d6091c116c8e460a7f12517070fd1145011260aaf092d52d8283dc1229b1d14c01188762c14345d10980d117a92b937b7fed8b1142e2c05a27812245434ca9ccde3e56b433337a6f0051549c97a1f85a595e6c63a2f7d68dc96e12affd641a59063f483c7f3e3eccf334a4739d173f91292ebf2a182d1d66207c54509794391c70b9b5b7e657159f9bfd84c99dba0da395bd652fa175245c76748551d8fcf47c7d9d164a070ffa5fd9aaaf2d14cdc85aeb35fbcc59993a7dab91b0b58179a5c9368f1a21b758bd1a8e1901626f7c524eb05aaf48976dc10c93b429560eb529485248c8bea90a8aefc736fa1b2c5c7ce76c7f04b858ab25a040f882e8987c121d266a4a819158a32ba3ea53648ed89f30b41df0e25958f08d75ca17035fdf2b4c4a40f445cbe273bd2f8b6919d4c74d1af2ab52ee52181f2e38c159d9c0d66bf5ca11857e5a5d0214126ac42b21c8b23a716b5b5d9e1bde840fb77ab3ab27394edefd2f85a4fe270a73b42c486256a54dad21e30aa377712040b67659061257ba0901a39c516f68f0ac9d9727be65ec7e3c8f202f403d58d1655af0a14b08a3c569fe8bbb79a9a8f4bc068c057df88ba39ec2b48abe27bea1e865c2f83413f96fac604c66199ae3d83216b22c7a306d074cf4aae852125548c1da0b6730b26e8c60ad518df9f0db04b1f123d4881df6a434ca631cdde710549afde9e2e510a4773302a3c3034c33c6de6d21fa0b2cd0067ae8bcefda072e3b4711a746bdb00a5f1fcf83e25d59803dc1d221f2243ffb2d7ce830ebb17abb6d5638d2b4af7fc17e2ea7448df8b6af00a228a4f47eaf0470351858199e70735bd725b51ed8d07d89438e7cc8ebe5265e966128ebb1bc6d3a603ea81f18792baa8d50c656f934a3a6653584a44de9497ba012ce2084998ed7a79413e57f12ca8f71cee3db736731cabc92435363bbac5823b9f688434362fd23d6612db350377162ceb58969985192e2e7fe33c9fdf4b2d58cd9601074a5229e6c8a649336000455876649c1b34cddc102ab903f68b1f14546a4a9213e560449c5ddf2031e4c52793743fbd17c9a73414a146a2bd847e9ff492afeb0ae6b90ac2fcefc5d3dc9df578f23a373b1f60796950a73489821bd54497417c310febbb9ce171b501e6514f1ea2830a84d884d7644a6d9f63b6a83a35053ff112b662dfd32609d391e56eff825103c7191cc2adb7f99ea72419c17462a8a43f7770131a63470d620dc729b28ad6588cbdd09b87b558473028b375b36f7699b1d474e9552b823d7bd6d17813cf9ec8ef6ef8f58e92c136e438126dcfa35fa04a426a2a23518f0e26f413fbc109d6da2b07c9141fa535b052cda5aaa268f1718e00ee5feb3c5f1a1ab3b1d35694ce5df72672eae234109dcd4fc26aca2edae24aead31896de131ecce973a164b36e8f0b1c503bf02d481579cac120858053cc0f45c1f3836f5d5d392ea7a2f4fc1425f11a91d17f0f895e8964116fcf50abb9dd3e0b843fb407d5c869de0e3", 0x1000) (async) r2 = dup(r1) close(r2) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r3, &(0x7f0000001200)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000011c0)={&(0x7f0000001180)={0x14, 0x3, 0x2, 0xafe84104a238201c, 0x0, 0x0, {0x7, 0x0, 0xa}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0xc000) (async) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000001240)=0x0) (async) getresuid(&(0x7f0000001280)=0x0, &(0x7f00000012c0), &(0x7f0000001300)=0x0) setsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000001340)={r4, r6, 0xffffffffffffffff}, 0xc) (async) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000001380)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in6=@private0, 0x4e24, 0x0, 0x4e24, 0x0, 0xa, 0x80, 0x0, 0x3b, 0x0, r5}, {0x0, 0x65f, 0x0, 0x10001, 0x2, 0x0, 0x1, 0xffffffff}, {0x40, 0xf, 0x8000, 0x1}, 0x7, 0x6e6bb0, 0x1, 0x0, 0x0, 0x3}, {{@in=@broadcast, 0x4d3, 0xff}, 0xa, @in=@local, 0x34ff, 0x1, 0x2, 0x6a, 0xc, 0x7, 0x7fffffff}}, 0xe8) (async) sendmsg$nl_route(r1, &(0x7f0000001580)={&(0x7f0000001480)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001540)={&(0x7f00000014c0)=@delnexthop={0x68, 0x69, 0x4, 0x70bd2a, 0x25dfdbfc, {}, [{0x8}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x2}, {0x8}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x2}, {0x8, 0x1, 0x1}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000000}, 0x22044000) (async) sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f00000015c0), 0xc, &(0x7f0000001680)={&(0x7f0000001600)={0x50, 0x1411, 0x2, 0x70bd2b, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x2}, @RDMA_NLDEV_ATTR_RES_MRN={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x5}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000000}, 0x8014) (async) r7 = socket(0x1f, 0x80002, 0xffff0001) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000001700)={'tunl0\x00', 0x0}) ioctl$KDGKBMETA(r2, 0x4b62, &(0x7f0000001740)) (async) r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001780)='/proc/cgroups\x00', 0x0, 0x0) ioctl$sock_netdev_private(r9, 0x89fd, &(0x7f00000017c0)="543a845b458c5fb9d660ed64e88695ea7930eaff72f46a8a78da324f61c88faa033d0a0d8295fad8a925241645cfb1debf6e22550ce2a371c6dc900c3b1a465d1e1d1c3e61d0590d759bbcdb456e2ab836e33131624bdb4e3f7d517bd05b1427f46972e2df5358bf17b1a68706ccdb24349d99fd6eb13200e8ec401840c9e51420333bae25ef9bd9766d9aad59a810abfa04326c74aff9fb13589db928502d91ab6db5f60692b837e43c03f9a3d1395ade383f90a4e6eac12f57e06c8c") (async) newfstatat(0xffffffffffffff9c, &(0x7f0000001880)='./file0\x00', &(0x7f00000018c0), 0x4800) (async) r10 = syz_genetlink_get_family_id$mptcp(&(0x7f0000001980), r9) sendmsg$MPTCP_PM_CMD_REMOVE(r7, &(0x7f0000001ac0)={&(0x7f0000001940)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001a80)={&(0x7f00000019c0)={0xa0, r10, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xa4}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x200}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @remote}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x1c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xc}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r8}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010102}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}]}, 0xa0}, 0x1, 0x0, 0x0, 0x48040}, 0x4000001) ioctl$UI_DEV_CREATE(r9, 0x5501) (async) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r11, &(0x7f0000001c00)={&(0x7f0000001b00)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001bc0)={&(0x7f0000001b40)=@gettaction={0x64, 0x32, 0x400, 0x70bd28, 0x25dfdbfc, {}, [@action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x9}, @action_gd=@TCA_ACT_TAB={0x48, 0x1, [{0xc, 0x1f, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xde51}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x81}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0x14, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}]}, 0x64}}, 0x4000000) (async) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2) clock_gettime(0x0, &(0x7f0000001c40)={0x0, 0x0}) setsockopt$sock_timeval(r3, 0x1, 0x42, &(0x7f0000001c80)={r12, r13/1000+60000}, 0x10) 587.02µs ago: executing program 1 (id=65): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000f00000005002e0000000000050029000100000008000300", @ANYRES32=r2], 0x2c}, 0x1, 0x0, 0x0, 0x60000000}, 0x4000884) 186.284µs ago: executing program 0 (id=66): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x70, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x44, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x2d, 0x1a, {0x2, 0x0, 0x7, 0x0, {0x1326, 0x81, 0x0, 0x1a1, 0x0, 0x0, 0x1, 0x1, 0x1}, 0x1, 0x5, 0x3}}, @void, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x70}}, 0x100000000000000) 0s ago: executing program 1 (id=67): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000540)='afs_get_tree\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000540)='afs_get_tree\x00', r1}, 0x10) mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x0, &(0x7f0000000000)={[{@dyn}]}) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x92) mount$overlay(0x0, &(0x7f0000001600)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat$loop(r2, &(0x7f0000000100)='./file1\x00', 0xc000, 0x0) chdir(&(0x7f0000000140)='./bus\x00') link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) r3 = creat(&(0x7f0000000040)='./bus\x00', 0xc0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x1fe, 0x2, 0xdddd2000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents64(r4, &(0x7f0000001a80)=""/4096, 0x1000) kernel console output (not intermixed with test programs): [ 44.017294][ T40] audit: type=1400 audit(1743656241.175:80): avc: denied { write } for pid=5898 comm="sh" path="pipe:[5110]" dev="pipefs" ino=5110 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 44.025915][ T40] audit: type=1400 audit(1743656241.175:81): avc: denied { rlimitinh } for pid=5898 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.034297][ T40] audit: type=1400 audit(1743656241.175:82): avc: denied { siginh } for pid=5898 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 45.852118][ T40] audit: type=1400 audit(1743656243.025:83): avc: denied { read } for pid=5335 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 45.858316][ T40] audit: type=1400 audit(1743656243.025:84): avc: denied { append } for pid=5335 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 45.865793][ T40] audit: type=1400 audit(1743656243.025:85): avc: denied { open } for pid=5335 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 45.872937][ T40] audit: type=1400 audit(1743656243.025:86): avc: denied { getattr } for pid=5335 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Warning: Permanently added '[localhost]:6107' (ED25519) to the list of known hosts. [ 46.249457][ T40] audit: type=1400 audit(1743656243.425:87): avc: denied { name_bind } for pid=5919 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 48.214924][ T5922] cgroup: Unknown subsys name 'net' [ 48.343321][ T5922] cgroup: Unknown subsys name 'cpuset' [ 48.348071][ T5922] cgroup: Unknown subsys name 'rlimit' [ 48.569774][ T5928] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 49.237122][ T5922] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 52.127613][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 52.127624][ T40] audit: type=1400 audit(1743656249.305:105): avc: denied { execmem } for pid=5932 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 52.315575][ T40] audit: type=1400 audit(1743656249.485:106): avc: denied { create } for pid=5936 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.324350][ T40] audit: type=1400 audit(1743656249.485:107): avc: denied { read write } for pid=5936 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 52.332072][ T40] audit: type=1400 audit(1743656249.485:108): avc: denied { open } for pid=5936 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 52.340493][ T40] audit: type=1400 audit(1743656249.495:109): avc: denied { ioctl } for pid=5938 comm="syz-executor" path="socket:[6380]" dev="sockfs" ino=6380 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.357530][ T5946] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 52.361274][ T5949] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 52.364725][ T5951] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 52.367806][ T5951] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 52.368479][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 52.370741][ T5951] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 52.374197][ T5948] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 52.377219][ T5951] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 52.378918][ T5948] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 52.381812][ T5951] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 52.384105][ T5948] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 52.386301][ T5951] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 52.388632][ T5948] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 52.396090][ T5948] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 52.397591][ T5949] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 52.398627][ T5948] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 52.404621][ T40] audit: type=1400 audit(1743656249.575:110): avc: denied { read } for pid=5947 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.407985][ T5952] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 52.409719][ T5949] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 52.410111][ T5949] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 52.419807][ T5952] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 52.422763][ T40] audit: type=1400 audit(1743656249.575:111): avc: denied { open } for pid=5938 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.440513][ T40] audit: type=1400 audit(1743656249.575:112): avc: denied { mounton } for pid=5938 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 52.686870][ T40] audit: type=1400 audit(1743656249.865:113): avc: denied { module_request } for pid=5938 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 52.713707][ T5938] chnl_net:caif_netlink_parms(): no params data found [ 52.771058][ T5936] chnl_net:caif_netlink_parms(): no params data found [ 52.778749][ T5947] chnl_net:caif_netlink_parms(): no params data found [ 52.919248][ T5937] chnl_net:caif_netlink_parms(): no params data found [ 52.928374][ T5938] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.930419][ T5938] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.932731][ T5938] bridge_slave_0: entered allmulticast mode [ 52.935377][ T5938] bridge_slave_0: entered promiscuous mode [ 52.941634][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.943977][ T5938] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.947316][ T5938] bridge_slave_1: entered allmulticast mode [ 52.949745][ T5938] bridge_slave_1: entered promiscuous mode [ 53.033394][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.086634][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.103558][ T5936] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.106908][ T5936] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.109604][ T5936] bridge_slave_0: entered allmulticast mode [ 53.112669][ T5936] bridge_slave_0: entered promiscuous mode [ 53.139953][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.142375][ T5947] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.144509][ T5947] bridge_slave_0: entered allmulticast mode [ 53.147132][ T5947] bridge_slave_0: entered promiscuous mode [ 53.150120][ T5936] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.153241][ T5936] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.156928][ T5936] bridge_slave_1: entered allmulticast mode [ 53.160472][ T5936] bridge_slave_1: entered promiscuous mode [ 53.205396][ T5938] team0: Port device team_slave_0 added [ 53.208091][ T5947] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.210727][ T5947] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.213354][ T5947] bridge_slave_1: entered allmulticast mode [ 53.217032][ T5947] bridge_slave_1: entered promiscuous mode [ 53.307796][ T5938] team0: Port device team_slave_1 added [ 53.326244][ T5936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.330140][ T5937] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.332195][ T5937] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.334325][ T5937] bridge_slave_0: entered allmulticast mode [ 53.339186][ T5937] bridge_slave_0: entered promiscuous mode [ 53.358621][ T5947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.362602][ T5936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.383090][ T5937] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.386501][ T5937] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.388961][ T5937] bridge_slave_1: entered allmulticast mode [ 53.391514][ T5937] bridge_slave_1: entered promiscuous mode [ 53.409656][ T5947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.465651][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.467703][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.477029][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.502489][ T5936] team0: Port device team_slave_0 added [ 53.507724][ T5937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.511490][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.513462][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.521181][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.548957][ T5936] team0: Port device team_slave_1 added [ 53.552176][ T5937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.561896][ T5947] team0: Port device team_slave_0 added [ 53.597638][ T5947] team0: Port device team_slave_1 added [ 53.629829][ T5937] team0: Port device team_slave_0 added [ 53.645877][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.648014][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.655652][ T5936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.679062][ T5937] team0: Port device team_slave_1 added [ 53.694428][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.696525][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.703775][ T5936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.771831][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.773801][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.781706][ T5947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.788715][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.791363][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.800253][ T5947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.806263][ T5938] hsr_slave_0: entered promiscuous mode [ 53.808364][ T5938] hsr_slave_1: entered promiscuous mode [ 53.811763][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.814041][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.821561][ T5937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.825950][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.827975][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.836437][ T5937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.909090][ T5936] hsr_slave_0: entered promiscuous mode [ 53.911175][ T5936] hsr_slave_1: entered promiscuous mode [ 53.913050][ T5936] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 53.915604][ T5936] Cannot create hsr debugfs directory [ 53.950455][ T5947] hsr_slave_0: entered promiscuous mode [ 53.952626][ T5947] hsr_slave_1: entered promiscuous mode [ 53.954511][ T5947] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 53.956713][ T5947] Cannot create hsr debugfs directory [ 54.029665][ T5937] hsr_slave_0: entered promiscuous mode [ 54.031802][ T5937] hsr_slave_1: entered promiscuous mode [ 54.033651][ T5937] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 54.036264][ T5937] Cannot create hsr debugfs directory [ 54.367516][ T5938] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 54.375337][ T5938] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 54.383563][ T5938] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 54.387642][ T5938] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 54.406053][ T67] Bluetooth: hci1: command tx timeout [ 54.406056][ T5952] Bluetooth: hci3: command tx timeout [ 54.415636][ T5952] Bluetooth: hci0: command tx timeout [ 54.421890][ T5936] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 54.429383][ T5936] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 54.434461][ T5936] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 54.438596][ T5936] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 54.490325][ T5947] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 54.494390][ T5947] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 54.495630][ T5952] Bluetooth: hci2: command tx timeout [ 54.502927][ T5947] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 54.507409][ T5947] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 54.545868][ T5937] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 54.551625][ T5937] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 54.558530][ T5937] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 54.570218][ T5937] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 54.658471][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.663761][ T5936] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.697941][ T5936] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.704866][ T5938] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.712163][ T75] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.714319][ T75] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.718314][ T75] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.720691][ T75] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.738031][ T75] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.740339][ T75] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.743862][ T75] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.746839][ T75] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.751740][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.788616][ T5947] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.793620][ T5937] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.807977][ T1220] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.810018][ T1220] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.824416][ T5937] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.829200][ T75] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.831795][ T75] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.843021][ T5936] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 54.858316][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.860399][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.871061][ T40] audit: type=1400 audit(1743656252.045:114): avc: denied { sys_module } for pid=5936 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 54.879086][ T1147] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.881493][ T1147] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.957170][ T5936] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.993754][ T5936] veth0_vlan: entered promiscuous mode [ 55.000888][ T5936] veth1_vlan: entered promiscuous mode [ 55.019473][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.031855][ T5936] veth0_macvtap: entered promiscuous mode [ 55.041797][ T5936] veth1_macvtap: entered promiscuous mode [ 55.057602][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.069296][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.082486][ T5936] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.086439][ T5936] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.088887][ T5936] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.091261][ T5936] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.101783][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.112968][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.127679][ T5938] veth0_vlan: entered promiscuous mode [ 55.137905][ T5938] veth1_vlan: entered promiscuous mode [ 55.179430][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.181951][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.203315][ T5937] veth0_vlan: entered promiscuous mode [ 55.210789][ T1220] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.213882][ T1220] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.221580][ T5938] veth0_macvtap: entered promiscuous mode [ 55.229011][ T5937] veth1_vlan: entered promiscuous mode [ 55.238635][ T5947] veth0_vlan: entered promiscuous mode [ 55.240925][ T5938] veth1_macvtap: entered promiscuous mode [ 55.263765][ T5938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 55.269150][ T5938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.277057][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.285026][ T5936] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 55.285691][ T5947] veth1_vlan: entered promiscuous mode [ 55.293388][ T5938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 55.298690][ T5938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.303631][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.313662][ T5938] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.318096][ T5938] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.321161][ T5938] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.323530][ T5938] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.329832][ T5937] veth0_macvtap: entered promiscuous mode [ 55.340188][ T5937] veth1_macvtap: entered promiscuous mode [ 55.365460][ T5947] veth0_macvtap: entered promiscuous mode [ 55.370447][ T5947] veth1_macvtap: entered promiscuous mode [ 55.377193][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 55.380452][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.383382][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 55.388473][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.392970][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.400920][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 55.404156][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.408374][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 55.411675][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.416097][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.420342][ T5937] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.422781][ T5937] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.425325][ T5937] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.428732][ T5937] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.454177][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 55.457424][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.460404][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 55.464199][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.467750][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 55.470741][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.474880][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.496956][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 55.500114][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.502820][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 55.506536][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.509292][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 55.512707][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.518030][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.529623][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.532454][ T5947] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.532544][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.535045][ T5947] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.541484][ T5947] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.544169][ T5947] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.574658][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.577666][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.599778][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.602161][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.616462][ T1220] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.621604][ T1220] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.632300][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.634494][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.664472][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.669008][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.727366][ T6011] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 55.745681][ T5980] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 55.749846][ T6011] kvm: pic: non byte read [ 55.752616][ T6011] kvm: pic: level sensitive irq not supported [ 55.752929][ T6011] kvm: pic: non byte read [ 55.758883][ T6011] kvm: pic: level sensitive irq not supported [ 55.759560][ T6011] kvm: pic: non byte read [ 55.780154][ T6019] bridge_slave_0: left allmulticast mode [ 55.782186][ T6019] bridge_slave_0: left promiscuous mode [ 55.784692][ T6019] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.791355][ T6019] bridge_slave_1: left allmulticast mode [ 55.793640][ T6019] bridge_slave_1: left promiscuous mode [ 55.797236][ T6019] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.802263][ T6019] bond0: (slave bond_slave_0): Releasing backup interface [ 55.810867][ T6019] bond0: (slave bond_slave_1): Releasing backup interface [ 55.823836][ T6019] team0: Port device team_slave_0 removed [ 55.828417][ T6019] team0: Port device team_slave_1 removed [ 55.828720][ T6020] Zero length message leads to an empty skb [ 55.830815][ T6019] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 55.835167][ T6019] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 55.839485][ T6019] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 55.841549][ T6019] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 55.859269][ T6020] vlan0: entered promiscuous mode [ 55.870887][ T6020] team0: Port device vlan0 added [ 55.897892][ T5980] usb 6-1: config index 0 descriptor too short (expected 35620, got 36) [ 55.900265][ T5980] usb 6-1: config 65 has too many interfaces: 204, using maximum allowed: 32 [ 55.902999][ T5980] usb 6-1: config 65 has 1 interface, different from the descriptor's value: 204 [ 55.907374][ T5980] usb 6-1: config 65 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 55.909978][ T6019] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3'. [ 55.910385][ T6022] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 55.910593][ T5980] usb 6-1: config 65 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 55.911336][ T6022] FAULT_INJECTION: forcing a failure. [ 55.911336][ T6022] name failslab, interval 1, probability 0, space 0, times 1 [ 55.911367][ T6022] CPU: 0 UID: 0 PID: 6022 Comm: syz.0.6 Not tainted 6.14.0-syzkaller-12886-ga1b5bd45d4ee #0 PREEMPT(full) [ 55.911379][ T6022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 55.911385][ T6022] Call Trace: [ 55.911388][ T6022] [ 55.911392][ T6022] dump_stack_lvl+0x16c/0x1f0 [ 55.911408][ T6022] should_fail_ex+0x512/0x640 [ 55.911429][ T6022] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 55.911447][ T6022] should_failslab+0xc2/0x120 [ 55.911459][ T6022] __kmalloc_cache_noprof+0x6a/0x3e0 [ 55.911473][ T6022] ? __pfx___might_resched+0x10/0x10 [ 55.911488][ T6022] ? vhost_task_create+0xe5/0x2e0 [ 55.911498][ T6022] ? rcu_is_watching+0x12/0xc0 [ 55.911510][ T6022] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 55.911523][ T6022] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 55.911537][ T6022] vhost_task_create+0xe5/0x2e0 [ 55.911547][ T6022] ? __pfx_vhost_task_create+0x10/0x10 [ 55.911557][ T6022] ? register_lock_class+0x41/0x4c0 [ 55.911570][ T6022] ? __pfx_vhost_task_fn+0x10/0x10 [ 55.911581][ T6022] ? kvm_vcpu_ioctl+0x27e/0x1680 [ 55.911601][ T6022] kvm_mmu_post_init_vm+0x1b7/0x370 [ 55.911611][ T6022] kvm_arch_vcpu_ioctl_run+0x66/0x18c0 [ 55.911627][ T6022] ? kvm_vcpu_ioctl+0x14c2/0x1680 [ 55.911645][ T6022] kvm_vcpu_ioctl+0x5e9/0x1680 [ 55.911661][ T6022] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 55.911680][ T6022] ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450 [ 55.911697][ T6022] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 55.911716][ T6022] ? hook_file_ioctl_common+0x145/0x410 [ 55.911729][ T6022] ? selinux_file_ioctl+0x180/0x270 [ 55.911747][ T6022] ? selinux_file_ioctl+0xb4/0x270 [ 55.911761][ T6022] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 55.911777][ T6022] __x64_sys_ioctl+0x190/0x200 [ 55.911791][ T6022] do_syscall_64+0xcd/0x260 [ 55.911804][ T6022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 55.911814][ T6022] RIP: 0033:0x7f5081f8d169 [ 55.911822][ T6022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 55.911831][ T6022] RSP: 002b:00007f5082e0d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 55.911841][ T6022] RAX: ffffffffffffffda RBX: 00007f50821a5fa0 RCX: 00007f5081f8d169 [ 55.911847][ T6022] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000a [ 55.911852][ T6022] RBP: 00007f5082e0d090 R08: 0000000000000000 R09: 0000000000000000 [ 55.911857][ T6022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 55.911862][ T6022] R13: 0000000000000000 R14: 00007f50821a5fa0 R15: 00007fff9dc1ea08 [ 55.911875][ T6022] [ 56.002182][ T5980] usb 6-1: config 65 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 56.006771][ T5980] usb 6-1: New USB device found, idVendor=056a, idProduct=00f0, bcdDevice= 0.00 [ 56.009620][ T5980] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.057919][ T6019] team0 (unregistering): Port device vlan0 removed [ 56.292526][ T5952] Bluetooth: hci0: unexpected subevent 0x0e length: 30 > 15 [ 56.294658][ T5952] Bluetooth: hci0: Unable to find connection for dst 00:00:00:00:00:00 sid 0x00 [ 56.486451][ T67] Bluetooth: hci1: command tx timeout [ 56.486487][ T5943] Bluetooth: hci3: command tx timeout [ 56.560554][ T6033] capability: warning: `syz.3.8' uses deprecated v2 capabilities in a way that may be insecure [ 56.565843][ T5943] Bluetooth: hci2: command tx timeout [ 56.604934][ T6036] program syz.3.9 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 56.614880][ T6036] netlink: 'syz.3.9': attribute type 10 has an invalid length. [ 56.620141][ T6036] team0: Device hsr_slave_0 failed to register rx_handler [ 56.674118][ T6038] futex_wake_op: syz.3.10 tries to shift op by 32; fix this program [ 56.789333][ T6048] bridge_slave_0: left allmulticast mode [ 56.791400][ T6048] bridge_slave_0: left promiscuous mode [ 56.793313][ T6048] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.798575][ T6048] bridge_slave_1: left allmulticast mode [ 56.800268][ T6048] bridge_slave_1: left promiscuous mode [ 56.801917][ T6048] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.809979][ T6048] bond0: (slave bond_slave_0): Releasing backup interface [ 56.814862][ T6048] bond0: (slave bond_slave_1): Releasing backup interface [ 56.824423][ T6048] team0: Port device team_slave_0 removed [ 56.831668][ T6048] team0: Port device team_slave_1 removed [ 56.833899][ T6048] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 56.836724][ T6048] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 56.840234][ T6048] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 56.842565][ T6048] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 56.863116][ T6048] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12'. [ 56.966011][ T6003] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 57.115708][ T6003] usb 8-1: Using ep0 maxpacket: 32 [ 57.120981][ T6003] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 57.124016][ T6003] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 57.139493][ T6003] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 57.142977][ T6003] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 57.145698][ T6003] usb 8-1: Product: syz [ 57.147108][ T6003] usb 8-1: Manufacturer: syz [ 57.148330][ T6003] usb 8-1: SerialNumber: syz [ 57.151775][ T6003] usb 8-1: config 0 descriptor?? [ 57.201233][ T5943] Bluetooth: hci3: Malformed LE Event: 0x0d [ 57.247034][ T40] kauditd_printk_skb: 58 callbacks suppressed [ 57.247046][ T40] audit: type=1400 audit(1743656254.425:173): avc: denied { connect } for pid=6063 comm="syz.2.16" lport=6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 57.254556][ T40] audit: type=1400 audit(1743656254.425:174): avc: denied { write } for pid=6063 comm="syz.2.16" laddr=::ac14:14aa lport=6 faddr=fc01:: scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 57.286529][ T6066] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6066 comm=syz.2.17 [ 57.292692][ T40] audit: type=1400 audit(1743656254.465:175): avc: denied { map_create } for pid=6065 comm="syz.2.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 57.298483][ T40] audit: type=1400 audit(1743656254.465:176): avc: denied { append } for pid=6065 comm="syz.2.17" name="v4l-subdev5" dev="devtmpfs" ino=970 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 57.306529][ T40] audit: type=1400 audit(1743656254.465:177): avc: denied { create } for pid=6065 comm="syz.2.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 57.312188][ T40] audit: type=1400 audit(1743656254.465:178): avc: denied { connect } for pid=6065 comm="syz.2.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 57.318272][ T40] audit: type=1400 audit(1743656254.465:179): avc: denied { name_connect } for pid=6065 comm="syz.2.17" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 57.326274][ T40] audit: type=1400 audit(1743656254.465:180): avc: denied { listen } for pid=6065 comm="syz.2.17" lport=46596 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 57.332476][ T40] audit: type=1400 audit(1743656254.505:181): avc: denied { accept } for pid=6065 comm="syz.2.17" lport=46596 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 57.338717][ T40] audit: type=1400 audit(1743656254.505:182): avc: denied { setopt } for pid=6065 comm="syz.2.17" lport=46596 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 57.361543][ T65] usb 8-1: USB disconnect, device number 2 [ 57.554624][ T6074] xt_hashlimit: size too large, truncated to 1048576 [ 57.930712][ T6088] tipc: Started in network mode [ 57.932266][ T6088] tipc: Node identity 7f000001, cluster identity 4711 [ 57.935844][ T6088] tipc: Enabled bearer , priority 10 [ 57.937888][ T6085] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 57.953137][ T6085] kvm: pic: non byte read [ 57.956551][ T6085] kvm: pic: level sensitive irq not supported [ 57.957080][ T6085] kvm: pic: non byte read [ 57.963946][ T6085] kvm: pic: level sensitive irq not supported [ 57.964355][ T6085] kvm: pic: non byte read [ 57.968909][ T6085] kvm: pic: level sensitive irq not supported [ 57.969177][ T6085] kvm: pic: non byte read [ 57.973737][ T6085] kvm: pic: level sensitive irq not supported [ 57.974060][ T6085] kvm: pic: non byte read [ 57.979122][ T6085] kvm: pic: level sensitive irq not supported [ 57.979393][ T6085] kvm: pic: non byte read [ 57.983491][ T6085] kvm: pic: level sensitive irq not supported [ 57.983753][ T6085] kvm: pic: non byte read [ 57.988698][ T6085] kvm: pic: level sensitive irq not supported [ 57.989786][ T6085] kvm: pic: level sensitive irq not supported [ 58.009692][ T5943] Bluetooth: hci1: Malformed LE Event: 0x0d [ 58.062032][ T6098] netlink: 4 bytes leftover after parsing attributes in process `syz.2.27'. [ 58.117973][ T6102] CUSE: DEVNAME unspecified [ 58.120601][ T6102] ERROR: device name not specified. [ 58.169594][ T6102] af_packet: tpacket_rcv: packet too big, clamped from 24 to 4294967272. macoff=96 [ 58.181190][ T6102] bond0: (slave macvlan2): Opening slave failed [ 58.247829][ T6005] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 58.265590][ T5980] usb 6-1: string descriptor 0 read error: -71 [ 58.272057][ T5980] usbhid 6-1:65.0: can't add hid device: -22 [ 58.275624][ T5980] usbhid 6-1:65.0: probe with driver usbhid failed with error -22 [ 58.280504][ T5980] usb 6-1: USB disconnect, device number 2 [ 58.317388][ T6113] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 58.319332][ T6113] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 58.322322][ T6113] vhci_hcd vhci_hcd.0: Device attached [ 58.324703][ T6117] vhci_hcd: connection closed [ 58.327186][ T64] vhci_hcd: stop threads [ 58.330992][ T64] vhci_hcd: release socket [ 58.332706][ T64] vhci_hcd: disconnect device [ 58.415609][ T5978] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 58.564506][ T5952] Bluetooth: hci3: Malformed LE Event: 0x0d [ 58.565903][ T5943] Bluetooth: hci1: command tx timeout [ 58.567052][ T5952] Bluetooth: hci3: command tx timeout [ 58.575701][ T5978] usb 5-1: Using ep0 maxpacket: 32 [ 58.579947][ T5978] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 58.583620][ T5978] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 58.594992][ T5978] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 58.600278][ T5978] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 58.603522][ T5978] usb 5-1: Product: syz [ 58.605397][ T5978] usb 5-1: Manufacturer: syz [ 58.607618][ T5978] usb 5-1: SerialNumber: syz [ 58.613986][ T5978] usb 5-1: config 0 descriptor?? [ 58.645928][ T5952] Bluetooth: hci2: command tx timeout [ 58.789699][ T6131] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 58.822233][ T6123] usb 5-1: USB disconnect, device number 2 [ 58.926507][ T10] tipc: Node number set to 2130706433 [ 58.945222][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 58.950256][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 58.957393][ T6149] netlink: 'syz.3.48': attribute type 1 has an invalid length. [ 59.012192][ T6147] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=6147 comm=syz.1.47 [ 59.519219][ T6165] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 59.955165][ T6178] program syz.1.58 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 59.961671][ T6178] netlink: 'syz.1.58': attribute type 10 has an invalid length. [ 59.984327][ T6178] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 59.989778][ T5943] Bluetooth: hci1: Malformed LE Event: 0x0d [ 60.012510][ T6182] block device autoloading is deprecated and will be removed. [ 60.016445][ T6182] syz.3.60: attempt to access beyond end of device [ 60.016445][ T6182] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 60.120385][ T6193] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 60.147128][ T6204] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 60.160488][ T6207] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 2, id = 0 [ 60.167968][ T6204] BUG: sleeping function called from invalid context at ./include/linux/sched/mm.h:321 [ 60.171274][ T6204] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 6204, name: syz.1.67 [ 60.175362][ T6204] preempt_count: 0, expected: 0 [ 60.177792][ T6204] RCU nest depth: 1, expected: 0 [ 60.179063][ T6204] 4 locks held by syz.1.67/6204: [ 60.180293][ T6204] #0: ffff8880301f6ef8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 60.182498][ T6204] #1: ffff888036b38730 (&ovl_i_mutex_dir_key[depth]){++++}-{4:4}, at: wrap_directory_iterator+0x54/0xe0 [ 60.185155][ T6204] #2: ffff88804f0f8148 (&type->i_mutex_dir_key#9){.+.+}-{4:4}, at: iterate_dir+0x18b/0xb40 [ 60.187873][ T6204] #3: ffffffff8e3c1580 (rcu_read_lock){....}-{1:3}, at: afs_dynroot_readdir+0x619/0xf50 [ 60.190357][ T6204] CPU: 3 UID: 0 PID: 6204 Comm: syz.1.67 Not tainted 6.14.0-syzkaller-12886-ga1b5bd45d4ee #0 PREEMPT(full) [ 60.190382][ T6204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 60.190390][ T6204] Call Trace: [ 60.190394][ T6204] [ 60.190399][ T6204] dump_stack_lvl+0x16c/0x1f0 [ 60.190414][ T6204] __might_resched+0x3c0/0x5e0 [ 60.190429][ T6204] ? find_held_lock+0x2b/0x80 [ 60.190442][ T6204] ? __pfx___might_resched+0x10/0x10 [ 60.190459][ T6204] ? ovl_cache_entry_new+0x3d/0x730 [ 60.190473][ T6204] __kmalloc_noprof+0x386/0x510 [ 60.190487][ T6204] ovl_cache_entry_new+0x3d/0x730 [ 60.190502][ T6204] ovl_fill_merge+0x2c1/0xa90 [ 60.190517][ T6204] afs_dynroot_readdir+0x9bb/0xf50 [ 60.190530][ T6204] ? __pfx_ovl_fill_merge+0x10/0x10 [ 60.190545][ T6204] ? __pfx_afs_dynroot_readdir+0x10/0x10 [ 60.190557][ T6204] ? selinux_file_permission+0x11f/0x580 [ 60.190575][ T6204] iterate_dir+0x293/0xb40 [ 60.190591][ T6204] ovl_dir_read_merged+0x3ef/0x5d0 [ 60.190604][ T6204] ? __pfx_ovl_dir_read_merged+0x10/0x10 [ 60.190619][ T6204] ? __pfx_ovl_fill_merge+0x10/0x10 [ 60.190637][ T6204] ? kasan_save_track+0x14/0x30 [ 60.190650][ T6204] ovl_iterate+0x86c/0xe40 [ 60.190669][ T6204] ? __pfx_down_read_killable+0x10/0x10 [ 60.190692][ T6204] ? __pfx_ovl_iterate+0x10/0x10 [ 60.190709][ T6204] wrap_directory_iterator+0x9f/0xe0 [ 60.190730][ T6204] iterate_dir+0x293/0xb40 [ 60.190753][ T6204] __x64_sys_getdents64+0x14d/0x2d0 [ 60.190773][ T6204] ? __x64_sys_futex+0x1e0/0x4c0 [ 60.190792][ T6204] ? __x64_sys_futex+0x1e9/0x4c0 [ 60.190806][ T6204] ? __pfx___x64_sys_getdents64+0x10/0x10 [ 60.190820][ T6204] ? xfd_validate_state+0x5d/0x180 [ 60.190830][ T6204] ? __pfx_filldir64+0x10/0x10 [ 60.190843][ T6204] ? rcu_is_watching+0x12/0xc0 [ 60.190880][ T6204] do_syscall_64+0xcd/0x260 [ 60.190896][ T6204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.190907][ T6204] RIP: 0033:0x7f1dfdf8d169 [ 60.190916][ T6204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.190931][ T6204] RSP: 002b:00007f1dfeec3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 60.190941][ T6204] RAX: ffffffffffffffda RBX: 00007f1dfe1a5fa0 RCX: 00007f1dfdf8d169 [ 60.190948][ T6204] RDX: 0000000000001000 RSI: 0000200000001a80 RDI: 0000000000000008 [ 60.190954][ T6204] RBP: 00007f1dfe00e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 60.190960][ T6204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 60.190966][ T6204] R13: 0000000000000000 R14: 00007f1dfe1a5fa0 R15: 00007ffebfcc62f8 [ 60.190980][ T6204] [ 60.646426][ T5943] Bluetooth: hci3: command tx timeout [ 60.646451][ T67] Bluetooth: hci1: command tx timeout [ 60.726081][ T67] Bluetooth: hci2: command tx timeout [ 60.966048][ T5952] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 60.966168][ T67] Bluetooth: hci4: command 0x1003 tx timeout VM DIAGNOSIS: 04:57:37 Registers: info registers vcpu 0 CPU#0 RAX=00000000000b377f RBX=0000000000000000 RCX=ffffffff8b71d419 RDX=0000000000000000 RSI=ffffffff8dbed73b RDI=ffffffff8bf46060 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e10 R8 =0000000000000001 R9 =ffffed100d4865bd R10=ffff88806a432deb R11=0000000000000000 R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90863110 R15=0000000000000000 RIP=ffffffff8b71bcaf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d69b8000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c321354 CR3=0000000035bf6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000004000040 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff9dc1ed90 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f508200f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f508200f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f508200f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f508200f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f508200f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f508200f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000005f733 RBX=0000000000000001 RCX=ffffffff8b71d419 RDX=0000000000000000 RSI=ffffffff8dbed73b RDI=ffffffff8bf46060 RBP=ffffed1003ad1488 RSP=ffffc90000177df8 R8 =0000000000000001 R9 =ffffed100d4a65bd R10=ffff88806a532deb R11=0000000000000000 R12=0000000000000001 R13=ffff88801d68a440 R14=ffffffff90863110 R15=0000000000000000 RIP=ffffffff8b71bcaf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6ab8000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000200000002b00 CR3=0000000012c40000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0fffc00 Opmask01=00000000000000ff Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555586cc0e40 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555586cbaccc 0000555586cbac30 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555586cc04f3 0000555586cc0340 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 100014100006026c f80004000408000f ffffffffffff0401 c71000080048ae1a ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0300100001acb003 12800401aca00300 080001ac90030fff ffffffffff0401ac ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00080001acf00300 080001ace0030010 0001acd0030fffff ffffffff0401acc0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 f908048003010800 0201728c20100002 100001ac80040100 00020806080155c8 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000480041a08000c 0800010000020806 0a01699200706c01 ffffffffffffffff ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100100005800401 0000000806060153 980610000480041a 08000c0800010000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0208060a01699200 706c01ffffffffff fffffff908048003 0108000201728c20 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 100002100001ac80 0401000002080608 0155c800080001ac f00300080001ace0 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0300100001acd003 0fffffffffffff04 01acc00300100001 acb00312800401ac ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000074ce5 RBX=0000000000000002 RCX=ffffffff8b71d419 RDX=0000000000000000 RSI=ffffffff8dbed73b RDI=ffffffff8bf46060 RBP=ffffed1003ad1910 RSP=ffffc90000187df8 R8 =0000000000000001 R9 =ffffed100d4c65bd R10=ffff88806a632deb R11=0000000000000000 R12=0000000000000002 R13=ffff88801d68c880 R14=ffffffff90863110 R15=0000000000000000 RIP=ffffffff8b71bcaf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6bb8000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c30d54c CR3=000000004bc4c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffebfcc6680 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1dfe00f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1dfe00f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1dfe00f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1dfe00f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1dfe00f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1dfe00f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000038 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000038 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854de635 RDI=ffffffff9ae204a0 RBP=ffffffff9ae20460 RSP=ffffc90004ccf448 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000020 R14=ffffffff9ae20460 R15=ffffffff854de5d0 RIP=ffffffff854de65f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f1dfeec36c0 ffffffff 00c00000 GS =0000 ffff8880d6cb8000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055c1e88a0f18 CR3=0000000023834000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1dfe00f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1dfe00f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1dfe00f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1dfe00f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1dfe00f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1dfe00f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1dfe17c488 00007f1dfe17c480 00007f1dfe17c478 00007f1dfe17c450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1dfecdd100 00007f1dfe17c440 00007f1dfe17c458 00007f1dfe17c4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1dfe17c498 00007f1dfe17c490 00007f1dfe17c488 00007f1dfe17c480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000038 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000