last executing test programs: 7.55780034s ago: executing program 2 (id=464): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000006c0)="0d18687da3e7f33aed145cf8ff2d1e5a18c0d5f9856f4824f41040f6987d0b531da10713ed151bc4867681f28e033aef683334d03864ed30590dd4ea64a20ecbbc1346c9f42510d91eec0632885b7da95ca85f4b1435c5c1e993a85257df5f19bdfc5e038a16e6a8aef907e347081fdb93cee93217e11f19cde423e6138bd1b79ee615527ccaf8049959ac6e32af46d777ccb8c26ca925f69590df13a81aee3213e80ba5cacf1f930b3cc49093d11594ef13325790b55efbdc2dd99ed1", 0xbd}, {&(0x7f00000002c0)="9c812b37fa6bd3963cbc009f0a922658be630ec6041ed353d314e58721edf306c382ac611fe34479cb9e2585745ff3c61da74b060400000000000000178176dc533f123b66d04d51fb7421cdc9fed78e3e1c18fb67c1f75e", 0x58}, {&(0x7f0000000180)="3f82090ccda4f8ce11f43ea8b51b08afd200c6075794cdd2e0021e30a0f6267447162a2085457cf687e74d142e85e9c4ac6e", 0x32}], 0x3}}, {{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000c40)="5c5eafd3ae55a73702d6befaee97f47f4be65587e1fca708cee084691e4587d887a5eaab43ac5edc4886496910cd7a153cd84b93208c7b1a625b3ea990092389b19dab4f61e30ee60a4d7e51ffc9a5accbe2084435", 0x55}, {&(0x7f0000000800)="104b0b7073fbd7f77a847bdbfdf6da474f700bf113b18d16d8380f42e296b49f1326c7d0d97be798e205654b8a885df6ee57ec7b690491c55ca484b54170549c7a72b8a579005ffcb0b309dae34571b17126534a763ca881f12d750072abc05a7cb8f0e32fc3ec3ed14c3322630ae8e710fb68299cbb5accee8813185c77248ddec7b5688599f1bfccbec448bc6ce5c139c2095da22c9d7edf7bfa1392c76ab0dddf4db130420df295ea16aa3e841d50dc813025315eea3990c2de68e835c4fec57e2dd70f47b58472c2f915de1a58a32d021d9a26", 0xd5}, {&(0x7f0000000900)="5c3eb8799e8565193cf737e01055d298a4193e91d6dd89384d12d1da97e7e88852e279071ca7a9b536c7911d618feb48b66f1e17e130b7c2f27b77e2053065d05a00ae7bd353283ee3dcaf244ff26600e520af5091696d833f34518e53327718e7e3298de86f15e6a778f6008b96661a10be65c0a44b21b4c8724f61f6ca10d927a31e0c9f", 0x85}, {&(0x7f0000000500)="4c56c5661eb2897219a486044736a64f1a175ba083d2b3ef32", 0x19}], 0x4}}], 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x11) 7.557148561s ago: executing program 2 (id=465): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000003c0)=[@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000080)=0x3, 0x4) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f00000000c0), 0x4) 6.695255948s ago: executing program 2 (id=482): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) sendto$inet6(r0, &(0x7f0000000280)="3ac4", 0x2, 0x24000045, &(0x7f00000001c0)={0xa, 0x2, 0x2, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f000000cf40)='lp\x00', 0x3) shutdown(r0, 0x1) 6.628635253s ago: executing program 2 (id=483): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_open_dev$usbmon(0x0, 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000640), 0x5b111dae8a2286ea, 0x0) madvise(&(0x7f00002c7000/0x4000)=nil, 0x4000, 0x65) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000680), &(0x7f00000006c0)=0x4) syz_open_dev$usbfs(&(0x7f0000000c00), 0x71, 0x2081) mknod(0x0, 0x1000, 0x0) r2 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042) io_setup(0x9, &(0x7f0000000b80)=0x0) io_submit(r3, 0x1, &(0x7f00000002c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) open(0x0, 0x143142, 0xa2) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/if_inet6\x00') preadv(r4, &(0x7f0000000500)=[{&(0x7f0000000080)=""/149, 0x95}, {0x0}, {0x0}], 0x3, 0x9, 0x401) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mkdir(&(0x7f0000000000)='./file0\x00', 0x2) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r5, &(0x7f0000006840)={0x2020, 0x0, 0x0}, 0x2020) ioctl$SNDCTL_SEQ_GETINCOUNT(0xffffffffffffffff, 0x80045105, &(0x7f0000000740)) syz_fuse_handle_req(r5, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_INIT(r5, &(0x7f0000004200)={0x50, 0x0, r6}, 0x50) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x400000000000000, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x74f}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x10b}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) getuid() r7 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x2, 0x0) write$cgroup_type(r7, 0x0, 0x0) syz_clone(0x1000, 0x0, 0x0, &(0x7f0000000700), 0x0, &(0x7f0000000980)="596bd7") setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x8, 0x6, 0x5c0, 0x420, 0x238, 0x420, 0x238, 0xf8, 0x4f0, 0x4f0, 0x4f0, 0x4f0, 0x4f0, 0x6, 0x0, {[{{@uncond, 0x0, 0xd0, 0xf8, 0x0, {0x7a00000000000000}, [@common=@hl={{0x28}, {0x1, 0x80}}]}, @HL={0x28}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @empty}, @private2={0xfc, 0x2, '\x00', 0x1}, [], [0x0, 0x0, 0xffffffff], 'vxcan1\x00', 'veth1_macvtap\x00'}, 0x0, 0x108, 0x140, 0x0, {0x5002}, [@common=@unspec=@cgroup0={{0x28}, {0x0, 0x1}}, @common=@unspec=@connbytes={{0x38}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{}, {0xffff}, {0xffffffffffffffff}}}}, {{@ipv6={@mcast2, @mcast1, [0xffffff00, 0xffffffff], [0x0, 0xffffff00, 0x0, 0xffffffff], 'caif0\x00', 'pim6reg0\x00', {}, {}, 0x71, 0x5, 0x0, 0x28}, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x10, 0x0, 0xffff, 0x1, 0x0, "4d7993aa315f2d7890b15e25816c1e96ac3fe30705df4f3a3680275eb403e852f9370ad571de244c09c6781e850eddfd21494f66766629bb476302673c1a3f62"}}}, {{@ipv6={@private1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'ipvlan0\x00', 'ipvlan1\x00', {}, {}, 0x0, 0x0, 0x2}, 0x0, 0xa8, 0xd0}, @inet=@TOS={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x620) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) 6.380157005s ago: executing program 2 (id=485): fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4) (async) r0 = socket$pppl2tp(0x18, 0x1, 0x1) (async) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x20}}, 0x2}}, 0x2e) (async) creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8) (async) r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x1) (async) r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) (async) r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r4, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$qrtrtun(r3, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8) (async) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], &(0x7f0000000240)=[0x2], 0x0, 0x1}}, 0x40) mmap$xdp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1f, 0x12, r2, 0x0) (async) r6 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002cbd701004080000050000000600010005000000080009000200000008000b000000000008000c00a80a0000050012000b000000"], 0x3c}, 0x1, 0x0, 0x0, 0x20008000}, 0x30) 6.010385447s ago: executing program 2 (id=489): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=ANY=[@ANYBLOB="180200000000000000000000cfffffff850000001700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00', 0x0}) r4 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r3, 0x25, 0x0, @val=@tracing={0x0, 0x20000000}}, 0x20) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000000000000000000000000001800000008000000000000006e14000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000140)={r4, r5}, 0x5) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) sendto$inet6(r0, &(0x7f0000000280)="3ac4", 0x2, 0x24000045, &(0x7f00000001c0)={0xa, 0x4e22, 0x2, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f000000cf40)='lp\x00', 0x3) shutdown(r0, 0x1) 5.950364658s ago: executing program 32 (id=489): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=ANY=[@ANYBLOB="180200000000000000000000cfffffff850000001700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00', 0x0}) r4 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r3, 0x25, 0x0, @val=@tracing={0x0, 0x20000000}}, 0x20) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000000000000000000000000001800000008000000000000006e14000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000140)={r4, r5}, 0x5) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) sendto$inet6(r0, &(0x7f0000000280)="3ac4", 0x2, 0x24000045, &(0x7f00000001c0)={0xa, 0x4e22, 0x2, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f000000cf40)='lp\x00', 0x3) shutdown(r0, 0x1) 2.830677662s ago: executing program 1 (id=519): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x2c, r1, 0x5, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random="8b"}, @crypto_settings=[@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0xc}]]}, 0x2c}}, 0x0) (fail_nth: 4) 2.757451971s ago: executing program 1 (id=520): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) shutdown(r0, 0x1) write(r0, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0) munmap(&(0x7f000038d000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x43033, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000fde000/0x4000)=nil, 0x4000) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503", @ANYRES64], 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x20, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0x48}}, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r3, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0) mmap$KVM_VCPU(&(0x7f0000f3d000/0x4000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) 1.750847635s ago: executing program 4 (id=528): r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000700)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01530000f9ffffffffff01"], 0x34}, 0x1, 0x0, 0x0, 0x94}, 0x0) (fail_nth: 3) 1.679969983s ago: executing program 4 (id=529): syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2) r1 = socket$inet6(0xa, 0x3, 0x6) r2 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x7d, &(0x7f0000000080)={r3}, &(0x7f00000000c0)=0x18) sendmsg$inet6(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)="4ae7efffbd28bdd058518d3ba878ecf76ac833657b6cf751c9139f6fadecd4a2ea3aa16e33f7111b41312b428ad90a6a5e24a0a46e2fcc6176fa5b8c8c41cab40cfebe15273b3e83c87a6e2d02160c6396", 0x51}, {&(0x7f0000000300)="35c8b4c904516e777edbdd964faedb16e4055ea8a6e9dc87a91f6eb64c7680f2a78652637b3a22df26a0aa35c49d78bd82543e4e95185ed5aec3cf3f03451d34e47a63feb0db", 0x46}, {&(0x7f0000000400)="29867d0754ea053a391da5fdee1e5800ea1f5d4354bd2016c0dadcd0ffd33766b9b6bfbde174392ff77e", 0x2a}, {&(0x7f0000000440)="598186c18c0f4bd7ef9c9254c5f2a00a6a630c8a16df972cbd9aa08a277098dbd118947aa567c050291daf1b39ddb180013ac4c06589f15d452d732ce40b5ab692d41608ce4c2288c1d7399dcbfabfd14e77e55d783e7155d41925e11a048f46d917024dc459fd908c4962c4ca2b7f421aafde30a77b4cf9b06f71a511895582d72ca22954b2504101fa49c43dfb02a59408f3711f2864889b730a4f7423d452ae1383fa9006115975a205c3f7277cccabecdaf6ec08de138e1ad9fddce48987fd24df09bfabfd849273b961ca7785", 0xcf}], 0x4, &(0x7f0000000580)=[@rthdr_2292={{0x88, 0x29, 0x39, {0x3c, 0xe, 0x2, 0x7, 0x0, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private2, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @private2={0xfc, 0x2, '\x00', 0x1}, @local, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, @private1={0xfc, 0x1, '\x00', 0x1}]}}}], 0x88}, 0x4000) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x5, 0x400, 0x20303159, 0x2, 0x8, 0x46, 0x2, 0x3, 0x1, 0x7, 0x0, 0x7}}) r4 = socket(0x18, 0x2, 0xc) accept(r4, &(0x7f00000001c0)=@tipc, &(0x7f0000000240)=0x80) r5 = add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000480)={'fscrypt:', @auto=[0x39, 0x0, 0x0, 0x62, 0x86cc4097e8288a3a, 0x0, 0x0, 0x0, 0x34, 0x63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64]}, &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00"}, 0x48, 0xfffffffffffffffe) pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r5, r6, 0x1d) r8 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_WATCH_KEY(0x20, r8, r7, 0xcf) r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]}) close_range(r9, 0xffffffffffffffff, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x8927, &(0x7f0000000380)={'ip6tnl0\x00', 0x0}) socket$netlink(0x10, 0x3, 0x0) r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="120000000400000004000000a4"], 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r11, 0x0, 0x0}, 0x20) r12 = socket(0x400000000010, 0x3, 0x0) syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x44000) r13 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r12, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r14, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) 1.560515573s ago: executing program 4 (id=530): socket$packet(0x11, 0x3, 0x300) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000006c0)="0d18687da3e7f33aed145cf8ff2d1e5a18c0d5f9856f4824f41040f6987d0b531da10713ed151bc4867681f28e033aef683334d03864ed30590dd4ea64a20ecbbc1346c9f42510d91eec0632885b7da95ca85f4b1435c5c1e993a85257df5f19bdfc5e038a16e6a8aef907e347081fdb93cee93217e11f19cde423e6138bd1b79ee615527ccaf8049959ac6e32af46d777ccb8c26ca925f69590df13a81aee3213e80ba5cacf1f930b3cc49093d11594ef13325790b55efbdc2dd99ed1", 0xbd}, {&(0x7f00000002c0)="9c812b37fa6bd3963cbc009f0a922658be630ec6041ed353d314e58721edf306c382ac611fe34479cb9e2585745ff3c61da74b060400000000000000178176dc533f123b66d04d51fb7421cdc9fed78e3e1c18fb67c1f75e", 0x58}, {&(0x7f0000000180)="3f82090ccda4f8ce11f43ea8b51b08afd200c6075794cdd2e0021e30a0f6267447162a2085457cf687e74d142e85e9c4ac6e", 0x32}], 0x3}}, {{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000c40)="5c5eafd3ae55a73702d6befaee97f47f4be65587e1fca708cee084691e4587d887a5eaab43ac5edc4886496910cd7a153cd84b93208c7b1a625b3ea990092389b19dab4f61e30ee60a4d7e51ffc9a5accbe2084435", 0x55}, {&(0x7f0000000800)="104b0b7073fbd7f77a847bdbfdf6da474f700bf113b18d16d8380f42e296b49f1326c7d0d97be798e205654b8a885df6ee57ec7b690491c55ca484b54170549c7a72b8a579005ffcb0b309dae34571b17126534a763ca881f12d750072abc05a7cb8f0e32fc3ec3ed14c3322630ae8e710fb68299cbb5accee8813185c77248ddec7b5688599f1bfccbec448bc6ce5c139c2095da22c9d7edf7bfa1392c76ab0dddf4db130420df295ea16aa3e841d50dc813025315eea3990c2de68e835c4fec57e2dd70f47b58472c2f915de1a58a32d021d9a26", 0xd5}, {&(0x7f0000000900)="5c3eb8799e8565193cf737e01055d298a4193e91d6dd89384d12d1da97e7e88852e279071ca7a9b536c7911d618feb48b66f1e17e130b7c2f27b77e2053065d05a00ae7bd353283ee3dcaf244ff26600e520af5091696d833f34518e53327718e7e3298de86f15e6a778f6008b96661a10be65c0a44b21b4c8724f61f6ca10d927a31e0c9f", 0x85}, {&(0x7f0000000500)="4c56c5661eb2897219a486044736a64f1a175ba083d2b3ef32", 0x19}], 0x4}}], 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x11) 1.559889304s ago: executing program 4 (id=531): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000001c0)=@bpf_lsm={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="660a00000700000061114c000000000085000000cf00000095"], &(0x7f0000000000)='GPL\x00', 0x7, 0x0, 0x0, 0x41100}, 0x94) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xc0701, 0x0) write$sequencer(r1, &(0x7f0000002100)=ANY=[@ANYBLOB="04000000000000008108"], 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan0\x00'}) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x2c, r2, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x5}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4880}, 0x44044) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 1.55980428s ago: executing program 1 (id=532): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000480)={0x14, 0x0, 0x3, 0x401, 0x70bd2c, 0x25dfdbfd, {0xa, 0x0, 0x9}}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x8004) r2 = openat$cgroup_subtree(r0, &(0x7f0000000140), 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f0000000080)={[{0x2d, 'pids'}]}, 0x6) 1.490338208s ago: executing program 1 (id=533): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) recvmmsg(r1, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0}, 0x22}], 0x1, 0x22020, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000002d00010026bd7000fcdbdf2504"], 0x2c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20008010) (fail_nth: 8) 1.489979495s ago: executing program 4 (id=534): r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x10, &(0x7f0000000040), 0x4) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000003c0)=[@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000080)=0x3, 0x4) r2 = accept$unix(0xffffffffffffffff, &(0x7f0000000000)=@abs, &(0x7f0000000100)=0x6e) recvmsg$unix(r2, &(0x7f0000000380)={&(0x7f0000000140), 0x6e, &(0x7f0000000240)=[{&(0x7f00000001c0)=""/95, 0x5f}], 0x1, &(0x7f0000000280)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xe0}, 0x20) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f00000000c0), 0x4) 720.192608ms ago: executing program 3 (id=542): sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4) setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, 0x0, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @address_request}}}}, 0x0) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000100)={0x80000000, 0x0, 0xfffffffc}, 0x10) write(r2, 0x0, 0x0) 719.593369ms ago: executing program 3 (id=544): unshare(0x6a040000) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000) r0 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f00000000c0)={'filter\x00', 0x0, 0x0, 0x0, [0xf1, 0xfffffffb, 0x7, 0xfee, 0x5, 0x3]}, &(0x7f0000000340)=0x78) write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="9c030000", @ANYRES16=r5, @ANYBLOB="010028bd7000000000000100000074030880a80000805c00098058000080060001000200000008000200ac1414aace44e05e1aa30851060001000a00000014000200ff0100000000000000000000000000010500030001000400000001000200000008000200e0000001050003000100000024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c24000200eff93d58460ea431f2cb4a6894ddb2834088d7445bf5afdd0619ce173f1db7174c00008024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff24000200491bc0be1dc1f88092e741a88b64f6dd9218ad21b44b472e44f1d0a07ee6675c7c02008024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922200004000a000009000000070000000000000000000000000000000003000000340209801c00008006000100020000000800020000000000050003000300000028000080060001000a00000014000200fe88000000000000000000000000000105000300000000001c00008006eb01000200000008000200ac1e0001050003000000000070000080060001000200000008000200e00000020500030001000000060001000a00000014000200ff0200000000000000000000000000010500030003000000060001000200000008000200ac1e030105000300020000000600010002000000080002007f000001050003000300000028000080060001000a0000001400020000000000000000000000000000000000050003000200000089fd0080060001000a0000005b51540afc0000000000000000000000000000000500030000000000060001000a00000014000200ff0200000000000000000000000000010500030003000000060001000200000008000200000000000500030001000000060001000a00000014000200000000000000000000000000000000000500030003000000060001000a00000014000200000000000000000000000000000000000500030001000000060001000a00000014000200fe80000000000000000000000000003e0500030006000000060001000200000008000200e000000205000300010000004c000080060001000a00000014000200fe8000000000000000000000000000aa0500030001000000060001000a00000014000200000000000000000000000000000000000500030001000000040000801400020077673000"], 0x39c}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000040)={0x1}) r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x3, 0xfffffffffffffffc, 0x0, 0x0, 0x2004cb, 0x3, 0x0, 0xfffffffffffffff8, 0x0, 0xfffffffffffff2a5, 0x2000000000003ff, 0x2], 0x0, 0x200306}) ioctl$KVM_RUN(r6, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f0000000040)="c4e27d78491e0f01cf0f017f360f35c105004800000436260f79a1feffffff0f01c9b992020000b8d1000000ba000000000f300f0d97008000008fc8209efbb0", 0x40}], 0x1, 0xb, &(0x7f00000001c0)=[@efer={0x2, 0x4000}, @dstype0={0x6, 0xd}], 0x2) ioctl$IOMMU_VFIO_IOAS$GET(r1, 0x3b88, &(0x7f0000000140)={0xc, 0x0}) ioctl$IOMMU_IOAS_UNMAP$ALL(r1, 0x3b86, &(0x7f00000002c0)={0x18, r7}) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x50, 0xffffffffffffffff, 0x4cbb1000) r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2}) ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000400)={0x18, 0x0, &(0x7f0000000080)=[@increfs_done={0x40106308, 0x2}, @register_looper], 0x0, 0x0, 0x0}) syz_genetlink_get_family_id$fou(&(0x7f0000000000), 0xffffffffffffffff) 661.300072ms ago: executing program 1 (id=547): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), r0) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010002000000fcdbdf25280000000c00060001000000010000001c002d80"], 0x3c}, 0x1, 0x0, 0x0, 0x4085}, 0x4000) 599.553012ms ago: executing program 4 (id=548): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000340)=[@window, @mss, @mss={0x2, 0xff}, @sack_perm, @sack_perm, @timestamp, @timestamp, @sack_perm], 0x8) sendto$inet(r1, &(0x7f00000002c0)="88", 0x1, 0x31, 0x0, 0x0) sendto$inet(r1, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd03b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x805, 0x0, 0x6) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), r0) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010002000000fcdbdf25280000000c00060001000000010000001c002d80"], 0x3c}, 0x1, 0x0, 0x0, 0x4085}, 0x4000) 595.112503ms ago: executing program 1 (id=550): socket$packet(0x11, 0x3, 0x300) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000006c0)="0d18687da3e7f33aed145cf8ff2d1e5a18c0d5f9856f4824f41040f6987d0b531da10713ed151bc4867681f28e033aef683334d03864ed30590dd4ea64a20ecbbc1346c9f42510d91eec0632885b7da95ca85f4b1435c5c1e993a85257df5f19bdfc5e038a16e6a8aef907e347081fdb93cee93217e11f19cde423e6138bd1b79ee615527ccaf8049959ac6e32af46d777ccb8c26ca925f69590df13a81aee3213e80ba5cacf1f930b3cc49093d11594ef13325790b55efbdc2dd99ed1", 0xbd}, {&(0x7f00000002c0)="9c812b37fa6bd3963cbc009f0a922658be630ec6041ed353d314e58721edf306c382ac611fe34479cb9e2585745ff3c61da74b060400000000000000178176dc533f123b66d04d51fb7421cdc9fed78e3e1c18fb67c1f75e", 0x58}, {&(0x7f0000000180)="3f82090ccda4f8ce11f43ea8b51b08afd200c6075794cdd2e0021e30a0f6267447162a2085457cf687e74d142e85e9c4ac6e", 0x32}], 0x3}}, {{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000c40)="5c5eafd3ae55a73702d6befaee97f47f4be65587e1fca708cee084691e4587d887a5eaab43ac5edc4886496910cd7a153cd84b93208c7b1a625b3ea990092389b19dab4f61e30ee60a4d7e51ffc9a5accbe2084435", 0x55}, {&(0x7f0000000800)="104b0b7073fbd7f77a847bdbfdf6da474f700bf113b18d16d8380f42e296b49f1326c7d0d97be798e205654b8a885df6ee57ec7b690491c55ca484b54170549c7a72b8a579005ffcb0b309dae34571b17126534a763ca881f12d750072abc05a7cb8f0e32fc3ec3ed14c3322630ae8e710fb68299cbb5accee8813185c77248ddec7b5688599f1bfccbec448bc6ce5c139c2095da22c9d7edf7bfa1392c76ab0dddf4db130420df295ea16aa3e841d50dc813025315eea3990c2de68e835c4fec57e2dd70f47b58472c2f915de1a58a32d021d9a26", 0xd5}, {&(0x7f0000000900)="5c3eb8799e8565193cf737e01055d298a4193e91d6dd89384d12d1da97e7e88852e279071ca7a9b536c7911d618feb48b66f1e17e130b7c2f27b77e2053065d05a00ae7bd353283ee3dcaf244ff26600e520af5091696d833f34518e53327718e7e3298de86f15e6a778f6008b96661a10be65c0a44b21b4c8724f61f6ca10d927a31e0c9f", 0x85}, {&(0x7f0000000500)="4c56c5661eb2897219a486044736a64f1a175ba083d2b3ef32", 0x19}], 0x4}}], 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x11) 529.059148ms ago: executing program 0 (id=552): sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4) setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, 0x0, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @address_request}}}}, 0x0) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000100)={0x80000000, 0x0, 0xfffffffc}, 0x10) write(r2, 0x0, 0x0) 528.747923ms ago: executing program 0 (id=553): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f0000000880)={{r1}, 0xb, 0x1000, 0x5}) fcntl$lock(r0, 0x24, &(0x7f0000000380)={0x2, 0x0, 0x7, 0xffffffffffffffff}) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@uuid_on}]}) r2 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f00000003c0)}) r3 = syz_init_net_socket$ax25(0x3, 0x5, 0xce) getsockopt$ax25_int(r3, 0x101, 0x5, &(0x7f0000000000), &(0x7f0000000ec0)=0x4) ioctl$KVM_GET_TSC_KHZ(r2, 0xaea3) 459.87027ms ago: executing program 0 (id=554): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_open_dev$usbmon(0x0, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000c00), 0x71, 0x2081) mknod(0x0, 0x1000, 0x0) open(0x0, 0x143142, 0xa2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000009c0)=@mangle={'mangle\x00', 0x8, 0x6, 0x5c0, 0xf8, 0xf8, 0x308, 0x420, 0x238, 0x4f0, 0x4f0, 0x4f0, 0x4f0, 0x4f0, 0x6, 0x0, {[{{@uncond, 0x0, 0xd0, 0xf8, 0x0, {0x7a00000000000000}, [@common=@hl={{0x28}, {0x1, 0x80}}]}, @HL={0x28}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @empty}, @loopback, [], [], 'vxcan1\x00', 'veth1_macvtap\x00'}, 0x0, 0x108, 0x140, 0x0, {0x5002}, [@common=@unspec=@cgroup0={{0x28}, {0x0, 0x1}}, @common=@unspec=@connbytes={{0x38}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{}, {0xffff}, {0xffffffffffffffff}}}}, {{@ipv6={@mcast2, @mcast1, [0xffffff00, 0xffffffff], [0x0, 0xffffff00, 0x0, 0xffffffff], 'caif0\x00', 'pim6reg0\x00', {}, {}, 0x71, 0x5, 0x0, 0x28}, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x10, 0x0, 0xffff, 0x1, 0x0, "4d7993aa315f2d7890b15e25816c1e96ac3fe30705df4f3a3680275eb403e852f9370ad571de244c09c6781e850eddfd21494f66766629bb476302673c1a3f62"}}}, {{@ipv6={@private1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'ipvlan0\x00', 'ipvlan1\x00', {}, {}, 0x0, 0x0, 0x2}, 0x0, 0xa8, 0xd0}, @inet=@TOS={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x620) (fail_nth: 9) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) 459.585761ms ago: executing program 3 (id=555): ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'dummy0\x00', 0x4000}) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)={0x1, 0x0, [{0x7, 0x29a9, 0xffffffff, 0x3, 0x9}]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x1a9d42, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000000001000000000000000000000000000000001b0300ff"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008604"]) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0xffffffff, [{0x0, 0x2, 0x21}]}, @restrict={0x0, 0x0, 0x0, 0x10, 0x2}]}}, 0x0, 0x3e}, 0x20) ioctl(r3, 0x8b1b, &(0x7f0000000040)) 259.765909ms ago: executing program 0 (id=556): socket$packet(0x11, 0x2, 0x300) openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000280)={0x1, 0x0, [{0x3, 0x5, 0x0, 0x0, @adapter={0x5, 0x7fffffffffffffff, 0x8000000000000001, 0x80, 0x3}}]}) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000006c0), 0x250403) r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82) r2 = dup(r1) ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000000)={0x23, 0x3, 0x17, 0x20ec, 0x0, 0x100000, 0x0}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f00000007c0)={0x4, 0x0, 'client1\x00', 0x1, "fd0601f1faf3805c", "73a5c8300eb76f232592d54ddb07f0bc369191fabbd21a851155c1578942161f", 0x5, 0x4}) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0x40a85321, &(0x7f0000000700)={{0x9, 0x3}, 'port0\x00', 0x80, 0x0, 0x9, 0x7f, 0x7, 0x7ff, 0x72d0, 0x0, 0x0, 0x7}) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000100)={'\x00', 0x2, 0xfffffffa, 0x5, 0x2, 0x0, 0x0}) migrate_pages(r3, 0x4, &(0x7f0000000180)=0x5, &(0x7f00000001c0)=0x3) r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000080), 0x8, 0x0) r5 = signalfd4(r4, &(0x7f0000000040)={[0x7fffffffffffffff]}, 0x8, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.events\x00', 0x275a, 0x0) r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x6, 0x2c, &(0x7f0000000300)=@raw=[@printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}, @cb_func={0x18, 0x1, 0x4, 0x0, 0xfffffffffffffffc}, @tail_call={{0x18, 0x2, 0x1, 0x0, r6}}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x82c7}, @map_fd={0x18, 0x9, 0x1, 0x0, r4}, @cb_func={0x18, 0x7}, @map_fd={0x18, 0x3, 0x1, 0x0, r6}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}], &(0x7f0000000200)='syzkaller\x00', 0x1, 0x64, &(0x7f0000000480)=""/100, 0x41100, 0x40, '\x00', 0x0, 0x25, r5, 0x8, &(0x7f0000000240)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000000500)={0x0, 0x6, 0x7, 0x19}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000540)=[r5, r5, r5, r6, r4, r6, r6], &(0x7f0000000580)=[{0x5, 0x4, 0x0, 0x6}], 0x10, 0x6}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000680)={r7, 0x0, 0x25, 0x14, @val=@netfilter={0x7, 0x0, 0x4, 0x1}}, 0x20) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0) memfd_secret(0x0) r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0) write$dsp(r8, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SYNC(r8, 0x5001, 0x0) r9 = gettid() timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc)) pipe2(&(0x7f00000000c0)={0xffffffffffffffff}, 0x80000) setsockopt$TIPC_GROUP_JOIN(r10, 0x10f, 0x87, &(0x7f0000000880)={0x40, 0x4}, 0x10) ioctl$SNDCTL_DSP_SUBDIVIDE(r8, 0xc0045009, &(0x7f0000000040)=0xfffffffe) 259.580462ms ago: executing program 0 (id=557): ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'dummy0\x00', 0x4000}) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) ioctl(r0, 0x8b1b, &(0x7f0000000040)) (fail_nth: 6) 186.404507ms ago: executing program 3 (id=558): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x3, @multicast, 'macvlan1\x00'}}, 0x1e) sendmmsg(r0, &(0x7f0000001340)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000500)="ab", 0x5ea}], 0x1}}], 0x484, 0x24048084) (fail_nth: 6) 186.153395ms ago: executing program 0 (id=559): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0xa, [@struct={0x8, 0x2, 0x0, 0xf, 0x0, 0xffffffff, [{0xe, 0x0, 0x3}, {0x7, 0x3, 0xfffffffd}]}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e]}}, 0x0, 0x46, 0x0, 0x6}, 0x20) io_setup(0x2, &(0x7f0000000340)=0x0) io_getevents(r0, 0x8, 0x7, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}, {}], 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) pipe2$watch_queue(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_KEY(r2, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x84, r3, 0x2, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0xe, 0x1}}}}, [@NL80211_ATTR_KEY={0x64, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5, 0x2, 0x5}, @NL80211_KEY_MODE={0x5, 0x9, 0x2}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "5c6caf7e39"}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "bacccaef80"}, @NL80211_KEY_MODE={0x5, 0x9, 0x1}, @NL80211_KEY_SEQ={0xa, 0x4, "20d4d14784bc"}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_TYPE={0x8}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "92cc75125c"}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "fe1b11e00a"}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000c7f000)='./file0\x00', &(0x7f0000df9000)='nfs4\x00', 0x0, &(0x7f0000590ffe)='v4') sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x4}, @NFTA_EXTHDR_OP={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0) io_submit(r0, 0x2, &(0x7f0000000680)=[&(0x7f0000000380)={0x0, 0x0, 0x0, 0x3, 0x7, r2, &(0x7f0000000540)="4a65e376dc81149f853134b918277129ae7426761c4e0afec4a4f5cae4be722933ef3ea3bee04a457c1ce98572bf4481411ff5723a41042bb3c9b7795921c52b02a696eb9b969f", 0x47, 0x9, 0x0, 0x3, r2}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0x7, 0xffffffffffffffff, &(0x7f00000005c0)="84230191d5fef5e5bc739a52455f07d7b21d7d9c6d59759b59cad39ce70fb7bc3691bf3e857d00112d778bb2bb12c6e8a1df02c085092478c0ca80323cc3c51b1de1563fc419711668c8acd845f7f63e8217ac435a0c0b69a524ed1253b6", 0x5e, 0x7, 0x0, 0x2, r2}]) 358.391µs ago: executing program 3 (id=560): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0) socket$packet(0x11, 0x3, 0x300) r1 = ioctl$USERFAULTFD_IOC_NEW(0xffffffffffffffff, 0xaa00) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0xa88}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c40)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x5, [@enum={0x3, 0x1, 0x0, 0xf, 0x4, [{0xa}]}, @struct={0x4}]}, {0x0, [0x0, 0x0, 0x61]}}, 0x0, 0x3d, 0x0, 0x1}, 0x28) mount(0x0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)='hfsplus\x00', 0x2000010, &(0x7f0000000100)='barrier') ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000140)={0x0, 0x80000, 0xffffffffffffffff}) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[0x0], &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x1, 0x1}) ioctl$DRM_IOCTL_MODE_SETCRTC(r3, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r4, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0xd6, 0x1c, 0xd, 0x5, 0x401, 0xfff5, 0xa, 0x0, 0x52, 0x8000, 0x7e9, 0x401, 0x9aa1, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[r4, r5], 0x2, 0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_SETCRTC(r6, 0xc06864a2, &(0x7f0000000340)={0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b14fea7a1316b81525ccf0f8b91fd2eddb851ba62b00d87337407214ea270251"}}) r7 = creat(&(0x7f0000000040)='./file0\x00', 0x4b) close(r7) r8 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r9, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r7, 0xc06864ce, &(0x7f0000000600)={r10, 0x0, 0x1000, 0x10000, 0x3, [0x0, 0x0, 0x0, 0x0], [0x800000, 0x800, 0xfffffffd], [0x0, 0x1001000, 0xfffffffc], [0x0, 0x0, 0xe8a6]}) ioctl$DRM_IOCTL_MODE_ADDFB2(r7, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x1, [r11, 0x0, 0x0, r12], [0x2b8], [0x0, 0x0, 0x0, 0x1]}) ioctl$DRM_IOCTL_MODE_RMFB(r7, 0xc00464af, &(0x7f00000005c0)=r10) ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000280)={&(0x7f0000000240)=[0x0], 0x1, r4, r10, 0x375, 0x7, 0x4, 0xffff, {0x8, 0x101, 0x401, 0x1, 0x80, 0x6, 0x4, 0x7, 0x400, 0x7ff, 0x5cf, 0x5, 0x4, 0xfffffff5, "78ea8512f360c692d5a5579128368da7529ee2d045ed621a976da55bff03bc5e"}}) syz_emit_ethernet(0x36, &(0x7f00000010c0)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0x0, 0x0, 0x0, @private2, @local}}}}, 0x0) 0s ago: executing program 3 (id=561): ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'dummy0\x00', 0x4000}) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) ioctl(r0, 0x8b35, &(0x7f0000000040)) 0s ago: executing program 3 (id=563): ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000400)={0x40, 0x960, 0x20, 0x10, 0xfff, 0x8, 0x0, 0x2, {0x10020, 0x1}, {0x400, 0x7, 0x1}, {0x9, 0x7f, 0x1}, {0x8, 0x0, 0x1}, 0x3, 0x2, 0x6, 0x5, 0x0, 0x8, 0x6, 0x2, 0x8, 0x5, 0xf21c, 0x7c, 0x20, 0x4, 0x2, 0xc}) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0) sendmsg$NL802154_CMD_SET_SHORT_ADDR(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002cbd7000fedbdf250b0000000c0006000100000001000000f52ce212ae61a7261072ce368c49b9b9e318784c51"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x24000000) add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff) pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff}, 0x80) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="04010000000000010000000006000000000000000000ac000100"/53, @ANYRES64=r3, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000003c0000007f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000200000000000000000014000e00fc0200"/188], 0x104}}, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) r5 = socket$kcm(0x10, 0x2, 0x10) r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000f67aad07be1f42ed21694e1000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=@framed={{0x18, 0x8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r7, 0x4) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c0", 0x1}], 0x1}, 0x0) r8 = socket$nl_rdma(0x10, 0x3, 0x14) r9 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi2\x00', 0xa400, 0x0) ioctl$COMEDI_DEVCONFIG(r9, 0x40946400, &(0x7f0000000140)={'aio_iiro_16\x00', [0x24, 0x1a7b, 0xfffffffd, 0x5, 0x80, 0x8f, 0x1, 0xe, 0x1002, 0x5, 0x200, 0x8, 0xb, 0x1, 0xe5, 0x8, 0x8, 0x8, 0x9, 0xe, 0xff, 0x1, 0x7, 0xa, 0x5, 0x2, 0xb0c4, 0x401, 0x7, 0x400007, 0x100]}) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r11, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20040018}, 0x0) sendmsg$inet(r11, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0) r12 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001200)=ANY=[@ANYBLOB="4c000000190001090000000000000000021800000000fd010000000008000100ac141400080005000a0101021800168014000300fe8000000000000000000000000000aa0600150004"], 0x4c}}, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x21, &(0x7f0000000240), 0x4) recvmsg(r10, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x4000, 0xf) close(r11) rt_sigprocmask(0x0, &(0x7f0000000000), 0x0, 0x8) sendmsg$RDMA_NLDEV_CMD_GET(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="100e2000011493", @ANYRES32=r4], 0x10}, 0x1, 0x0, 0x0, 0x40080}, 0x4) kernel console output (not intermixed with test programs): cted cc 0x1003 length: 249 > 9 [ 52.386644][ T5956] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 52.389706][ T5955] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 52.390718][ T5956] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 52.393625][ T5955] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 52.395240][ T5951] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 52.395793][ T5956] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 52.396326][ T5956] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 52.397649][ T5955] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 52.399631][ T5951] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 52.401813][ T5955] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 52.404098][ T5951] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 52.406344][ T5955] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 52.408654][ T5951] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 52.409536][ T40] audit: type=1400 audit(1751986157.384:85): avc: denied { read } for pid=5945 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.409563][ T40] audit: type=1400 audit(1751986157.384:86): avc: denied { open } for pid=5945 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.409584][ T40] audit: type=1400 audit(1751986157.384:87): avc: denied { mounton } for pid=5945 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 52.421549][ T5955] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 52.443026][ T5955] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 52.446785][ T5955] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 52.450184][ T5955] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 52.453381][ T5955] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 52.575466][ T40] audit: type=1400 audit(1751986157.564:88): avc: denied { module_request } for pid=5945 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 52.631842][ T5945] chnl_net:caif_netlink_parms(): no params data found [ 52.732706][ T5950] chnl_net:caif_netlink_parms(): no params data found [ 52.772724][ T5945] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.775364][ T5945] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.777630][ T5945] bridge_slave_0: entered allmulticast mode [ 52.780225][ T5945] bridge_slave_0: entered promiscuous mode [ 52.798214][ T5945] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.800487][ T5945] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.802709][ T5945] bridge_slave_1: entered allmulticast mode [ 52.805540][ T5945] bridge_slave_1: entered promiscuous mode [ 52.864010][ T5945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.897951][ T5945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.900902][ T5948] chnl_net:caif_netlink_parms(): no params data found [ 52.921014][ T5959] chnl_net:caif_netlink_parms(): no params data found [ 52.946630][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.948904][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.951788][ T5950] bridge_slave_0: entered allmulticast mode [ 52.955153][ T5950] bridge_slave_0: entered promiscuous mode [ 52.962146][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.964367][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.966739][ T5950] bridge_slave_1: entered allmulticast mode [ 52.969464][ T5950] bridge_slave_1: entered promiscuous mode [ 52.988699][ T5945] team0: Port device team_slave_0 added [ 52.997757][ T5945] team0: Port device team_slave_1 added [ 53.100700][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.128360][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.130753][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.140257][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.150695][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.158895][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.161684][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.171084][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.252670][ T5950] team0: Port device team_slave_0 added [ 53.257516][ T5950] team0: Port device team_slave_1 added [ 53.284531][ T5948] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.287014][ T5948] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.289313][ T5948] bridge_slave_0: entered allmulticast mode [ 53.291952][ T5948] bridge_slave_0: entered promiscuous mode [ 53.295961][ T5948] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.298983][ T5948] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.301999][ T5948] bridge_slave_1: entered allmulticast mode [ 53.304879][ T5948] bridge_slave_1: entered promiscuous mode [ 53.404970][ T5959] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.408045][ T5959] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.411084][ T5959] bridge_slave_0: entered allmulticast mode [ 53.414982][ T5959] bridge_slave_0: entered promiscuous mode [ 53.433510][ T5948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.437020][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.439900][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.450531][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.455566][ T5959] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.458604][ T5959] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.461658][ T5959] bridge_slave_1: entered allmulticast mode [ 53.465559][ T5959] bridge_slave_1: entered promiscuous mode [ 53.474141][ T5945] hsr_slave_0: entered promiscuous mode [ 53.477302][ T5945] hsr_slave_1: entered promiscuous mode [ 53.482172][ T5948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.486525][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.489365][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.500143][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.609973][ T5948] team0: Port device team_slave_0 added [ 53.638526][ T5959] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.655769][ T5948] team0: Port device team_slave_1 added [ 53.678481][ T5959] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.756829][ T5950] hsr_slave_0: entered promiscuous mode [ 53.759235][ T5950] hsr_slave_1: entered promiscuous mode [ 53.761284][ T5950] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 53.763745][ T5950] Cannot create hsr debugfs directory [ 53.770071][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.772391][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.780288][ T5948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.809473][ T5959] team0: Port device team_slave_0 added [ 53.815698][ T5959] team0: Port device team_slave_1 added [ 53.818610][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.821425][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.829898][ T5948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.928786][ T5959] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.931071][ T5959] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.940220][ T5959] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.947050][ T5959] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.949378][ T5959] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.958382][ T5959] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.062906][ T5948] hsr_slave_0: entered promiscuous mode [ 54.066183][ T5948] hsr_slave_1: entered promiscuous mode [ 54.069036][ T5948] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 54.072141][ T5948] Cannot create hsr debugfs directory [ 54.140077][ T5959] hsr_slave_0: entered promiscuous mode [ 54.143165][ T5959] hsr_slave_1: entered promiscuous mode [ 54.147511][ T5959] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 54.150611][ T5959] Cannot create hsr debugfs directory [ 54.338691][ T5945] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 54.349885][ T5945] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 54.359057][ T5945] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 54.402016][ T5945] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 54.456156][ T5952] Bluetooth: hci1: command tx timeout [ 54.456163][ T5956] Bluetooth: hci0: command tx timeout [ 54.458106][ T5955] Bluetooth: hci2: command tx timeout [ 54.483560][ T5950] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 54.489101][ T5950] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 54.495263][ T5950] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 54.507028][ T5950] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 54.551549][ T5955] Bluetooth: hci3: command tx timeout [ 54.559245][ T5948] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 54.566098][ T5948] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 54.572888][ T5948] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 54.578719][ T5948] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 54.628434][ T5959] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 54.632618][ T5959] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 54.641242][ T5959] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 54.645425][ T5959] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 54.670803][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.699367][ T5945] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.718154][ T1058] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.720570][ T1058] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.724161][ T1058] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.726507][ T1058] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.739772][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.751931][ T5948] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.766559][ T5950] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.778529][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.781458][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.796373][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.798548][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.803573][ T5948] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.816090][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.818439][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.828067][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.830925][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.858654][ T5959] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.870265][ T40] audit: type=1400 audit(1751986159.854:89): avc: denied { sys_module } for pid=5945 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 54.881717][ T5959] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.893375][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.896304][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.902657][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.904965][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.950232][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.981433][ T5945] veth0_vlan: entered promiscuous mode [ 54.991114][ T5945] veth1_vlan: entered promiscuous mode [ 54.997789][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.022917][ T5945] veth0_macvtap: entered promiscuous mode [ 55.029846][ T5945] veth1_macvtap: entered promiscuous mode [ 55.037561][ T5948] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.047437][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.059577][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.070059][ T5945] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.073417][ T5945] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.076874][ T5945] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.079597][ T5945] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.088861][ T5950] veth0_vlan: entered promiscuous mode [ 55.103066][ T5959] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.115914][ T5950] veth1_vlan: entered promiscuous mode [ 55.132945][ T5948] veth0_vlan: entered promiscuous mode [ 55.167285][ T5948] veth1_vlan: entered promiscuous mode [ 55.170796][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.173595][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.199697][ T5950] veth0_macvtap: entered promiscuous mode [ 55.206828][ T5959] veth0_vlan: entered promiscuous mode [ 55.213346][ T5950] veth1_macvtap: entered promiscuous mode [ 55.216697][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.221145][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.221647][ T5948] veth0_macvtap: entered promiscuous mode [ 55.231583][ T5959] veth1_vlan: entered promiscuous mode [ 55.238235][ T5948] veth1_macvtap: entered promiscuous mode [ 55.250085][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.260140][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.266245][ T5950] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.269172][ T5950] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.272382][ T5950] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.276121][ T5950] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.281229][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.283966][ T5945] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 55.286295][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.293821][ T5948] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.297384][ T5948] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.300316][ T5948] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.303073][ T5948] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.330970][ T5959] veth0_macvtap: entered promiscuous mode [ 55.353844][ T5959] veth1_macvtap: entered promiscuous mode [ 55.397050][ T850] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.400729][ T850] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.426191][ T5959] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.451240][ T5959] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.451830][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.457133][ T850] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.460092][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.460549][ T850] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.470998][ T6036] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6'. [ 55.474203][ T6036] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6'. [ 55.489024][ T5959] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.492126][ T5959] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.495668][ T5959] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.498988][ T5959] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.507086][ T6036] bridge0: port 3(vlan2) entered blocking state [ 55.509074][ T6036] bridge0: port 3(vlan2) entered disabled state [ 55.511066][ T6036] vlan2: entered allmulticast mode [ 55.512603][ T6036] bridge0: entered allmulticast mode [ 55.516016][ T6036] vlan2: left allmulticast mode [ 55.517697][ T6036] bridge0: left allmulticast mode [ 55.524591][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.529708][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.588338][ T1058] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.593794][ T1058] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.624517][ T850] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.624666][ T6042] syz_tun: entered allmulticast mode [ 55.627854][ T850] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.721095][ T6047] netlink: 'syz.2.7': attribute type 4 has an invalid length. [ 55.731653][ T6047] netlink: 'syz.2.7': attribute type 4 has an invalid length. [ 55.764095][ T6042] syz_tun: left allmulticast mode [ 55.776232][ T6046] Zero length message leads to an empty skb [ 55.809091][ T6051] warning: `syz.0.8' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 56.143926][ T6084] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 56.175175][ C1] Illegal XDP return value 16128 on prog (id 2) dev lo, expect packet loss! [ 56.354983][ T5999] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 56.506909][ T5999] usb 6-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 56.511436][ T5999] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 56.518046][ T5999] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 56.522038][ T5999] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.529701][ T5999] usb 6-1: config 0 descriptor?? [ 56.535129][ T5955] Bluetooth: hci2: command tx timeout [ 56.536188][ T5956] Bluetooth: hci1: command tx timeout [ 56.537571][ T5955] Bluetooth: hci0: command tx timeout [ 56.540562][ T5999] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 56.615255][ T5955] Bluetooth: hci3: command tx timeout [ 56.700054][ T6109] netlink: 12 bytes leftover after parsing attributes in process `syz.2.33'. [ 56.702984][ T6109] netlink: 12 bytes leftover after parsing attributes in process `syz.2.33'. [ 56.710314][ T6109] bridge0: port 3(vlan2) entered blocking state [ 56.712426][ T6109] bridge0: port 3(vlan2) entered disabled state [ 56.714587][ T6109] vlan2: entered allmulticast mode [ 56.717073][ T6109] bridge0: entered allmulticast mode [ 56.720534][ T6109] vlan2: left allmulticast mode [ 56.722660][ T6109] bridge0: left allmulticast mode [ 56.757609][ T5992] usb 6-1: USB disconnect, device number 2 [ 56.997402][ T6119] syz_tun: entered allmulticast mode [ 57.013523][ T6119] syz_tun: left allmulticast mode [ 57.054213][ T6121] netlink: 12 bytes leftover after parsing attributes in process `syz.3.39'. [ 57.221662][ T40] kauditd_printk_skb: 75 callbacks suppressed [ 57.221677][ T40] audit: type=1400 audit(1751986162.204:165): avc: denied { unlink } for pid=6133 comm="syz.3.46" name="#1" dev="tmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 57.223004][ T6134] overlayfs: statfs failed on './file0' [ 57.223826][ T40] audit: type=1400 audit(1751986162.204:166): avc: denied { getattr } for pid=6133 comm="syz.3.46" name="/" dev="9p" ino=17889801302421081418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 57.256031][ T40] audit: type=1400 audit(1751986162.244:167): avc: denied { unmount } for pid=5945 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 57.293889][ T40] audit: type=1400 audit(1751986162.274:168): avc: denied { create } for pid=6139 comm="syz.1.49" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 57.302163][ T40] audit: type=1400 audit(1751986162.274:169): avc: denied { ioctl } for pid=6139 comm="syz.1.49" path="socket:[8760]" dev="sockfs" ino=8760 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 57.310314][ T40] audit: type=1400 audit(1751986162.274:170): avc: denied { write } for pid=6139 comm="syz.1.49" path="socket:[8760]" dev="sockfs" ino=8760 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 57.412713][ T6155] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 57.654445][ T40] audit: type=1400 audit(1751986162.634:171): avc: denied { bind } for pid=6176 comm="syz.2.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 57.654537][ T6179] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 57.671961][ T40] audit: type=1400 audit(1751986162.654:172): avc: denied { write } for pid=6177 comm="syz.1.66" name="001" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 57.752367][ T6186] netlink: 12 bytes leftover after parsing attributes in process `syz.1.69'. [ 57.759102][ T6186] netlink: 12 bytes leftover after parsing attributes in process `syz.1.69'. [ 57.767563][ T6186] bridge0: port 3(vlan2) entered blocking state [ 57.769816][ T6186] bridge0: port 3(vlan2) entered disabled state [ 57.772298][ T6186] vlan2: entered allmulticast mode [ 57.774107][ T6186] bridge0: entered allmulticast mode [ 57.777574][ T6186] vlan2: left allmulticast mode [ 57.779644][ T6186] bridge0: left allmulticast mode [ 58.515897][ T40] audit: type=1400 audit(1751986163.504:173): avc: denied { mounton } for pid=6193 comm="syz.2.71" path="/syzcgroup/unified/syz2" dev="cgroup2" ino=67 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 58.517733][ T6194] hfsplus: unable to find HFS+ superblock [ 58.531873][ T40] audit: type=1400 audit(1751986163.514:174): avc: denied { read } for pid=6193 comm="syz.2.71" name="card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 58.616541][ T5955] Bluetooth: hci1: command tx timeout [ 58.617032][ T5952] Bluetooth: hci2: command tx timeout [ 58.624876][ T5952] Bluetooth: hci0: command tx timeout [ 58.695413][ T5952] Bluetooth: hci3: command tx timeout [ 58.763642][ T6217] syz_tun: entered allmulticast mode [ 58.787567][ T6217] syz_tun: left allmulticast mode [ 58.790657][ T6219] syz_tun: entered allmulticast mode [ 58.808277][ T6219] syz_tun: left allmulticast mode [ 59.095594][ T59] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 59.246528][ T59] usb 7-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 59.250116][ T59] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 59.254076][ T59] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 59.257035][ T59] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.260655][ T59] usb 7-1: config 0 descriptor?? [ 59.266301][ T59] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 59.344948][ T9] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 59.494710][ T838] usb 7-1: USB disconnect, device number 2 [ 59.644405][ T6262] netlink: 'syz.1.100': attribute type 1 has an invalid length. [ 59.648493][ T6262] (unnamed net_device) (uninitialized): option mode: invalid value (56) [ 59.798511][ T6276] binder: BINDER_SET_CONTEXT_MGR already set [ 59.801255][ T6276] binder: 6274:6276 ioctl 4018620d 200000000040 returned -16 [ 59.828745][ T6280] hfsplus: unable to find HFS+ superblock [ 60.127797][ T6308] netlink: 24 bytes leftover after parsing attributes in process `syz.1.117'. [ 60.163363][ T6312] netlink: 24 bytes leftover after parsing attributes in process `syz.2.120'. [ 60.301997][ T6318] syz_tun: entered allmulticast mode [ 60.317191][ T6318] syz_tun: left allmulticast mode [ 60.354995][ T10] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 60.405524][ T6325] FAULT_INJECTION: forcing a failure. [ 60.405524][ T6325] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 60.409557][ T6325] CPU: 3 UID: 0 PID: 6325 Comm: syz.2.125 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 60.409572][ T6325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 60.409578][ T6325] Call Trace: [ 60.409582][ T6325] [ 60.409587][ T6325] dump_stack_lvl+0x16c/0x1f0 [ 60.409607][ T6325] should_fail_ex+0x512/0x640 [ 60.409623][ T6325] _copy_from_user+0x2e/0xd0 [ 60.409639][ T6325] copy_msghdr_from_user+0x98/0x160 [ 60.409655][ T6325] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 60.409676][ T6325] ___sys_sendmsg+0xfe/0x1d0 [ 60.409691][ T6325] ? __pfx____sys_sendmsg+0x10/0x10 [ 60.409704][ T6325] ? __lock_acquire+0x622/0x1c90 [ 60.409731][ T6325] __sys_sendmsg+0x16d/0x220 [ 60.409745][ T6325] ? __pfx___sys_sendmsg+0x10/0x10 [ 60.409768][ T6325] do_syscall_64+0xcd/0x4c0 [ 60.409785][ T6325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.409796][ T6325] RIP: 0033:0x7fa1cdf8e929 [ 60.409804][ T6325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.409815][ T6325] RSP: 002b:00007fa1cedf8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 60.409825][ T6325] RAX: ffffffffffffffda RBX: 00007fa1ce1b6080 RCX: 00007fa1cdf8e929 [ 60.409831][ T6325] RDX: 0000000020008010 RSI: 0000200000000140 RDI: 0000000000000005 [ 60.409837][ T6325] RBP: 00007fa1cedf8090 R08: 0000000000000000 R09: 0000000000000000 [ 60.409843][ T6325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 60.409849][ T6325] R13: 0000000000000000 R14: 00007fa1ce1b6080 R15: 00007ffccbfbb6d8 [ 60.409862][ T6325] [ 60.466190][ T6327] netlink: 24 bytes leftover after parsing attributes in process `syz.1.126'. [ 60.547726][ T10] usb 8-1: Using ep0 maxpacket: 16 [ 60.551598][ T10] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 60.563639][ T10] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid maxpacket 1096, setting to 1024 [ 60.568084][ T10] usb 8-1: config 0 interface 0 has no altsetting 0 [ 60.573347][ T10] usb 8-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 60.579341][ T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 60.582616][ T10] usb 8-1: Product: syz [ 60.584347][ T10] usb 8-1: Manufacturer: syz [ 60.586524][ T10] usb 8-1: SerialNumber: syz [ 60.589389][ T6333] hfsplus: unable to find HFS+ superblock [ 60.590918][ T10] usb 8-1: config 0 descriptor?? [ 60.696101][ T5952] Bluetooth: hci0: command tx timeout [ 60.696231][ T5955] Bluetooth: hci1: command tx timeout [ 60.698094][ T5952] Bluetooth: hci2: command tx timeout [ 60.712533][ T6336] netlink: 24 bytes leftover after parsing attributes in process `syz.1.130'. [ 60.775685][ T5955] Bluetooth: hci3: command tx timeout [ 60.789931][ T6340] netlink: 'syz.0.131': attribute type 1 has an invalid length. [ 60.792568][ T6340] (unnamed net_device) (uninitialized): option mode: invalid value (56) [ 60.801850][ T10] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input5 [ 61.038030][ T6349] syz_tun: entered allmulticast mode [ 61.056750][ T6349] syz_tun: left allmulticast mode [ 61.068496][ T838] usb 8-1: USB disconnect, device number 2 [ 61.477059][ T6378] xt_connbytes: Forcing CT accounting to be enabled [ 61.479421][ T6378] Cannot find add_set index 0 as target [ 61.555352][ T6384] ======================================================= [ 61.555352][ T6384] WARNING: The mand mount option has been deprecated and [ 61.555352][ T6384] and is ignored by this kernel. Remove the mand [ 61.555352][ T6384] option from the mount to silence this warning. [ 61.555352][ T6384] ======================================================= [ 61.567403][ T6384] overlayfs: statfs failed on './file0' [ 61.631780][ T6390] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input6 [ 61.846270][ T6422] FAULT_INJECTION: forcing a failure. [ 61.846270][ T6422] name failslab, interval 1, probability 0, space 0, times 1 [ 61.851099][ T6422] CPU: 1 UID: 0 PID: 6422 Comm: syz.3.161 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 61.851121][ T6422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 61.851132][ T6422] Call Trace: [ 61.851138][ T6422] [ 61.851145][ T6422] dump_stack_lvl+0x16c/0x1f0 [ 61.851174][ T6422] should_fail_ex+0x512/0x640 [ 61.851194][ T6422] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 61.851221][ T6422] should_failslab+0xc2/0x120 [ 61.851246][ T6422] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 61.851269][ T6422] ? __alloc_skb+0x2b2/0x380 [ 61.851295][ T6422] __alloc_skb+0x2b2/0x380 [ 61.851314][ T6422] ? __pfx___alloc_skb+0x10/0x10 [ 61.851337][ T6422] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 61.851365][ T6422] netlink_alloc_large_skb+0x69/0x130 [ 61.851384][ T6422] netlink_sendmsg+0x6a1/0xdd0 [ 61.851405][ T6422] ? __pfx_netlink_sendmsg+0x10/0x10 [ 61.851431][ T6422] ____sys_sendmsg+0xa95/0xc70 [ 61.851448][ T6422] ? copy_msghdr_from_user+0x10a/0x160 [ 61.851473][ T6422] ? __pfx_____sys_sendmsg+0x10/0x10 [ 61.851504][ T6422] ___sys_sendmsg+0x134/0x1d0 [ 61.851529][ T6422] ? __pfx____sys_sendmsg+0x10/0x10 [ 61.851549][ T6422] ? __lock_acquire+0x622/0x1c90 [ 61.851596][ T6422] __sys_sendmsg+0x16d/0x220 [ 61.851620][ T6422] ? __pfx___sys_sendmsg+0x10/0x10 [ 61.851659][ T6422] do_syscall_64+0xcd/0x4c0 [ 61.851683][ T6422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.851702][ T6422] RIP: 0033:0x7fd37ed8e929 [ 61.851718][ T6422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 61.851736][ T6422] RSP: 002b:00007fd37fb89038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 61.851751][ T6422] RAX: ffffffffffffffda RBX: 00007fd37efb6080 RCX: 00007fd37ed8e929 [ 61.851762][ T6422] RDX: 0000000020008010 RSI: 0000200000000140 RDI: 0000000000000005 [ 61.851773][ T6422] RBP: 00007fd37fb89090 R08: 0000000000000000 R09: 0000000000000000 [ 61.851783][ T6422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 61.851792][ T6422] R13: 0000000000000000 R14: 00007fd37efb6080 R15: 00007ffc56c04d58 [ 61.851815][ T6422] [ 61.944500][ T6431] netlink: 24 bytes leftover after parsing attributes in process `syz.2.163'. [ 62.057599][ T6440] netlink: 4 bytes leftover after parsing attributes in process `syz.1.170'. [ 62.206682][ T6448] xt_connbytes: Forcing CT accounting to be enabled [ 62.208728][ T6448] Cannot find add_set index 0 as target [ 62.297531][ T6450] syz.2.174 (6450): /proc/6449/oom_adj is deprecated, please use /proc/6449/oom_score_adj instead. [ 62.354214][ T40] kauditd_printk_skb: 35 callbacks suppressed [ 62.354228][ T40] audit: type=1400 audit(1751986167.334:210): avc: denied { create } for pid=6461 comm="syz.2.179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 62.421947][ T40] audit: type=1400 audit(1751986167.404:211): avc: denied { write } for pid=6461 comm="syz.2.179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 62.422064][ T6462] netlink: 8 bytes leftover after parsing attributes in process `syz.2.179'. [ 62.439259][ T40] audit: type=1400 audit(1751986167.424:212): avc: denied { append } for pid=6464 comm="syz.1.180" name="v4l-subdev5" dev="devtmpfs" ino=970 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 62.581102][ T6475] netlink: 4 bytes leftover after parsing attributes in process `syz.2.184'. [ 62.693381][ T6485] hfsplus: unable to find HFS+ superblock [ 62.732378][ T6489] FAULT_INJECTION: forcing a failure. [ 62.732378][ T6489] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 62.736852][ T6489] CPU: 3 UID: 0 PID: 6489 Comm: syz.3.191 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 62.736876][ T6489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 62.736886][ T6489] Call Trace: [ 62.736894][ T6489] [ 62.736900][ T6489] dump_stack_lvl+0x16c/0x1f0 [ 62.736929][ T6489] should_fail_ex+0x512/0x640 [ 62.736957][ T6489] _copy_from_user+0x2e/0xd0 [ 62.736983][ T6489] move_addr_to_kernel+0x65/0x170 [ 62.737005][ T6489] __sys_connect+0xb1/0x160 [ 62.737034][ T6489] ? __pfx___sys_connect+0x10/0x10 [ 62.737064][ T6489] ? __pfx_ksys_write+0x10/0x10 [ 62.737092][ T6489] __x64_sys_connect+0x72/0xb0 [ 62.737110][ T6489] ? lockdep_hardirqs_on+0x7c/0x110 [ 62.737135][ T6489] do_syscall_64+0xcd/0x4c0 [ 62.737160][ T6489] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.737179][ T6489] RIP: 0033:0x7fd37ed8e929 [ 62.737194][ T6489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.737209][ T6489] RSP: 002b:00007fd37fbaa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 62.737226][ T6489] RAX: ffffffffffffffda RBX: 00007fd37efb5fa0 RCX: 00007fd37ed8e929 [ 62.737237][ T6489] RDX: 000000000000001c RSI: 0000200000000180 RDI: 0000000000000003 [ 62.737249][ T6489] RBP: 00007fd37fbaa090 R08: 0000000000000000 R09: 0000000000000000 [ 62.737259][ T6489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 62.737267][ T6489] R13: 0000000000000000 R14: 00007fd37efb5fa0 R15: 00007ffc56c04d58 [ 62.737291][ T6489] [ 62.912413][ T40] audit: type=1400 audit(1751986167.894:213): avc: denied { sys_module } for pid=6503 comm="syz.0.198" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 62.990631][ T6510] netlink: 4 bytes leftover after parsing attributes in process `syz.2.200'. [ 63.219384][ T6529] hfsplus: unable to find HFS+ superblock [ 63.335003][ T838] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 63.352425][ T40] audit: type=1400 audit(1751986168.334:214): avc: denied { listen } for pid=6530 comm="syz.2.210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 63.362342][ T40] audit: type=1400 audit(1751986168.344:215): avc: denied { search } for pid=5661 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 63.370502][ T40] audit: type=1400 audit(1751986168.344:216): avc: denied { search } for pid=5661 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 63.379609][ T40] audit: type=1400 audit(1751986168.344:217): avc: denied { search } for pid=5661 comm="dhcpcd" name="data" dev="tmpfs" ino=14 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 63.388846][ T40] audit: type=1400 audit(1751986168.344:218): avc: denied { read } for pid=5661 comm="dhcpcd" name="n104" dev="tmpfs" ino=2849 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 63.398166][ T40] audit: type=1400 audit(1751986168.344:219): avc: denied { open } for pid=5661 comm="dhcpcd" path="/run/udev/data/n104" dev="tmpfs" ino=2849 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 63.486128][ T838] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 63.489312][ T838] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 63.493630][ T838] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 63.497727][ T838] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.501972][ T838] usb 5-1: config 0 descriptor?? [ 63.781457][ T838] usb 5-1: string descriptor 0 read error: -71 [ 63.786663][ T838] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 63.791085][ T838] usb 5-1: USB disconnect, device number 2 [ 64.091281][ T6578] netlink: 24 bytes leftover after parsing attributes in process `syz.1.222'. [ 64.635317][ T6628] netlink: 24 bytes leftover after parsing attributes in process `syz.0.232'. [ 64.657783][ T6627] ip6t_srh: unknown srh invflags 7863 [ 64.736949][ T6633] misc userio: Begin command sent, but we're already running [ 64.763472][ T6638] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 64.767001][ T6638] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 64.834843][ T838] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 64.996145][ T840] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 64.997440][ T838] usb 7-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 65.002334][ T838] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 65.011345][ T838] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 65.017489][ T838] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.028113][ T838] usb 7-1: config 0 descriptor?? [ 65.192930][ T6656] xt_connbytes: Forcing CT accounting to be enabled [ 65.196170][ T6656] Cannot find add_set index 0 as target [ 65.279201][ T838] usb 7-1: string descriptor 0 read error: -71 [ 65.282044][ T838] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 65.288052][ T838] usb 7-1: USB disconnect, device number 3 [ 65.468831][ T6674] capability: warning: `syz.0.253' uses 32-bit capabilities (legacy support in use) [ 65.473817][ T6674] binder_alloc: binder_alloc_mmap_handler: 6673 200000ff9000-200000ffd000 already mapped failed -16 [ 65.688071][ T6683] netlink: 24 bytes leftover after parsing attributes in process `syz.0.256'. [ 66.172371][ T6698] hfsplus: unable to find HFS+ superblock [ 66.654955][ T10] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 66.668048][ T6721] netlink: 28 bytes leftover after parsing attributes in process `syz.0.271'. [ 66.808520][ T10] usb 8-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 66.819141][ T10] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 66.823894][ T10] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 66.826757][ T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.835470][ T10] usb 8-1: config 0 descriptor?? [ 66.841098][ T10] usbhid 8-1:0.0: couldn't find an input interrupt endpoint [ 67.049845][ T839] usb 8-1: USB disconnect, device number 4 [ 67.086406][ T60] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 67.142762][ T6754] netlink: 28 bytes leftover after parsing attributes in process `syz.2.285'. [ 67.196059][ T6756] FAULT_INJECTION: forcing a failure. [ 67.196059][ T6756] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 67.200075][ T6756] CPU: 0 UID: 0 PID: 6756 Comm: syz.2.286 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 67.200089][ T6756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 67.200095][ T6756] Call Trace: [ 67.200100][ T6756] [ 67.200104][ T6756] dump_stack_lvl+0x16c/0x1f0 [ 67.200138][ T6756] should_fail_ex+0x512/0x640 [ 67.200160][ T6756] _copy_from_user+0x2e/0xd0 [ 67.200176][ T6756] copy_from_sockptr_offset+0x15c/0x1b0 [ 67.200189][ T6756] ? __pfx_copy_from_sockptr_offset+0x10/0x10 [ 67.200206][ T6756] do_ip6t_set_ctl+0x544/0xb00 [ 67.200218][ T6756] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 67.200232][ T6756] ? __pfx_do_ip6t_set_ctl+0x10/0x10 [ 67.200249][ T6756] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 67.200272][ T6756] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 67.200284][ T6756] nf_setsockopt+0x8a/0xf0 [ 67.200296][ T6756] ipv6_setsockopt+0x135/0x170 [ 67.200309][ T6756] udpv6_setsockopt+0x7d/0xd0 [ 67.200324][ T6756] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 67.200341][ T6756] do_sock_setsockopt+0x221/0x470 [ 67.200358][ T6756] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 67.200382][ T6756] __sys_setsockopt+0x1a0/0x230 [ 67.200398][ T6756] __x64_sys_setsockopt+0xbd/0x160 [ 67.200411][ T6756] ? do_syscall_64+0x91/0x4c0 [ 67.200426][ T6756] ? lockdep_hardirqs_on+0x7c/0x110 [ 67.200440][ T6756] do_syscall_64+0xcd/0x4c0 [ 67.200456][ T6756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.200467][ T6756] RIP: 0033:0x7fa1cdf8e929 [ 67.200475][ T6756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 67.200486][ T6756] RSP: 002b:00007fa1cee19038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 67.200496][ T6756] RAX: ffffffffffffffda RBX: 00007fa1ce1b5fa0 RCX: 00007fa1cdf8e929 [ 67.200502][ T6756] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 67.200508][ T6756] RBP: 00007fa1cee19090 R08: 0000000000000620 R09: 0000000000000000 [ 67.200514][ T6756] R10: 00002000000009c0 R11: 0000000000000246 R12: 0000000000000001 [ 67.200520][ T6756] R13: 0000000000000000 R14: 00007fa1ce1b5fa0 R15: 00007ffccbfbb6d8 [ 67.200533][ T6756] [ 67.274868][ T60] usb 5-1: Using ep0 maxpacket: 32 [ 67.281737][ T60] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 67.287874][ T60] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 67.291468][ T60] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 67.295099][ T60] usb 5-1: Product: syz [ 67.296829][ T60] usb 5-1: Manufacturer: syz [ 67.298627][ T60] usb 5-1: SerialNumber: syz [ 67.302624][ T60] usb 5-1: config 0 descriptor?? [ 67.305639][ T6738] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 67.309602][ T60] hub 5-1:0.0: bad descriptor, ignoring hub [ 67.312025][ T60] hub 5-1:0.0: probe with driver hub failed with error -5 [ 67.669846][ T6778] netlink: 28 bytes leftover after parsing attributes in process `syz.3.294'. [ 67.701542][ T40] kauditd_printk_skb: 24 callbacks suppressed [ 67.701557][ T40] audit: type=1400 audit(1751986172.684:244): avc: denied { read write } for pid=6780 comm="syz.3.296" name="video0" dev="devtmpfs" ino=955 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 67.713924][ T40] audit: type=1400 audit(1751986172.694:245): avc: denied { open } for pid=6780 comm="syz.3.296" path="/dev/video0" dev="devtmpfs" ino=955 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 67.830096][ T40] audit: type=1400 audit(1751986172.814:246): avc: denied { create } for pid=6790 comm="syz.3.299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 67.838494][ T6791] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=258 sclass=netlink_route_socket pid=6791 comm=syz.3.299 [ 68.045194][ T6192] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 68.206020][ T6192] usb 6-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 68.209322][ T6192] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 68.213320][ T6192] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 68.215902][ T6738] usb 5-1: reset high-speed USB device number 3 using dummy_hcd [ 68.217331][ T6192] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.220812][ T6738] usb 5-1: device reset changed ep0 maxpacket size! [ 68.223340][ T6192] usb 6-1: config 0 descriptor?? [ 68.227351][ T59] usb 5-1: USB disconnect, device number 3 [ 68.229701][ T6192] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 68.386124][ T59] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 68.434891][ T6092] usb 6-1: USB disconnect, device number 4 [ 68.549491][ T59] usb 5-1: config 0 has no interfaces? [ 68.550183][ T6806] netlink: 'syz.2.305': attribute type 1 has an invalid length. [ 68.554907][ T59] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 68.558384][ T59] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 68.561518][ T59] usb 5-1: Product: syz [ 68.563184][ T59] usb 5-1: Manufacturer: syz [ 68.567113][ T59] usb 5-1: SerialNumber: syz [ 68.571206][ T59] usb 5-1: config 0 descriptor?? [ 68.572437][ T6806] 8021q: adding VLAN 0 to HW filter on device bond1 [ 68.593832][ T6806] 8021q: adding VLAN 0 to HW filter on device bond1 [ 68.596125][ T6806] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 68.599932][ T6806] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 68.647577][ T6808] gretap1: entered promiscuous mode [ 68.650895][ T6808] bond1: (slave gretap1): making interface the new active one [ 68.653852][ T6808] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 68.673988][ T6808] bond1: (slave vlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1 [ 68.783651][ T40] audit: type=1400 audit(1751986173.764:247): avc: denied { remove_name } for pid=6737 comm="syz.0.278" name="file0" dev="9p" ino=35913836 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 68.792186][ T40] audit: type=1400 audit(1751986173.774:248): avc: denied { rename } for pid=6737 comm="syz.0.278" name="file0" dev="9p" ino=35913836 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 68.800305][ T40] audit: type=1400 audit(1751986173.774:249): avc: denied { add_name } for pid=6737 comm="syz.0.278" name="file1" dev="9p" ino=35913838 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 68.807540][ T40] audit: type=1400 audit(1751986173.774:250): avc: denied { unlink } for pid=6737 comm="syz.0.278" name="file1" dev="9p" ino=35913838 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 68.808004][ T839] usb 5-1: USB disconnect, device number 4 [ 68.814934][ T40] audit: type=1400 audit(1751986173.784:251): avc: denied { create } for pid=6737 comm="syz.0.278" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1 [ 68.822844][ T40] audit: type=1400 audit(1751986173.794:252): avc: denied { associate } for pid=6737 comm="syz.0.278" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 68.823852][ T6812] syz_tun: entered allmulticast mode [ 68.837167][ T6811] syz_tun: left allmulticast mode [ 68.876183][ T6814] FAULT_INJECTION: forcing a failure. [ 68.876183][ T6814] name failslab, interval 1, probability 0, space 0, times 0 [ 68.880279][ T6814] CPU: 1 UID: 0 PID: 6814 Comm: syz.2.308 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 68.880294][ T6814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.880301][ T6814] Call Trace: [ 68.880305][ T6814] [ 68.880310][ T6814] dump_stack_lvl+0x16c/0x1f0 [ 68.880329][ T6814] should_fail_ex+0x512/0x640 [ 68.880346][ T6814] should_failslab+0xc2/0x120 [ 68.880363][ T6814] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 68.880378][ T6814] ? __inet_hash_connect+0x7cb/0x1e30 [ 68.880397][ T6814] __inet_hash_connect+0x7cb/0x1e30 [ 68.880416][ T6814] ? __pfx___inet_check_established+0x10/0x10 [ 68.880433][ T6814] ? __pfx___inet_hash_connect+0x10/0x10 [ 68.880451][ T6814] ? inet_hash_connect+0x125/0x260 [ 68.880467][ T6814] tcp_v4_connect+0xe1b/0x1bd0 [ 68.880485][ T6814] ? __pfx_tcp_v4_connect+0x10/0x10 [ 68.880501][ T6814] tcp_v6_connect+0x785/0x2170 [ 68.880518][ T6814] ? avc_has_perm_noaudit+0x117/0x3b0 [ 68.880532][ T6814] ? __pfx_tcp_v6_connect+0x10/0x10 [ 68.880555][ T6814] ? __pfx_avc_has_perm+0x10/0x10 [ 68.880569][ T6814] ? __lock_acquire+0xb8a/0x1c90 [ 68.880582][ T6814] ? __inet_stream_connect+0x3c5/0x1020 [ 68.880595][ T6814] __inet_stream_connect+0x3c5/0x1020 [ 68.880611][ T6814] ? __pfx___inet_stream_connect+0x10/0x10 [ 68.880624][ T6814] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 68.880638][ T6814] ? __pfx_inet_stream_connect+0x10/0x10 [ 68.880652][ T6814] ? __local_bh_enable_ip+0xa4/0x120 [ 68.880667][ T6814] ? __pfx_inet_stream_connect+0x10/0x10 [ 68.880679][ T6814] inet_stream_connect+0x57/0xa0 [ 68.880693][ T6814] __sys_connect_file+0x141/0x1a0 [ 68.880710][ T6814] __sys_connect+0x13b/0x160 [ 68.880721][ T6814] ? __pfx___sys_connect+0x10/0x10 [ 68.880738][ T6814] ? __pfx_ksys_write+0x10/0x10 [ 68.880755][ T6814] __x64_sys_connect+0x72/0xb0 [ 68.880766][ T6814] ? lockdep_hardirqs_on+0x7c/0x110 [ 68.880781][ T6814] do_syscall_64+0xcd/0x4c0 [ 68.880797][ T6814] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.880809][ T6814] RIP: 0033:0x7fa1cdf8e929 [ 68.880820][ T6814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.880830][ T6814] RSP: 002b:00007fa1cee19038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 68.880843][ T6814] RAX: ffffffffffffffda RBX: 00007fa1ce1b5fa0 RCX: 00007fa1cdf8e929 [ 68.880850][ T6814] RDX: 000000000000001c RSI: 0000200000000180 RDI: 0000000000000003 [ 68.880856][ T6814] RBP: 00007fa1cee19090 R08: 0000000000000000 R09: 0000000000000000 [ 68.880862][ T6814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.880868][ T6814] R13: 0000000000000000 R14: 00007fa1ce1b5fa0 R15: 00007ffccbfbb6d8 [ 68.880881][ T6814] [ 69.048352][ T40] audit: type=1400 audit(1751986174.034:253): avc: denied { remount } for pid=6821 comm="syz.3.312" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 69.057418][ T6823] netlink: 24 bytes leftover after parsing attributes in process `syz.1.309'. [ 69.065606][ T6820] netlink: 8 bytes leftover after parsing attributes in process `syz.2.310'. [ 69.069490][ T6820] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 69.183224][ T6830] netlink: 8 bytes leftover after parsing attributes in process `syz.3.314'. [ 69.187539][ T6830] openvswitch: netlink: nsh attribute has 65532 unknown bytes. [ 69.189835][ T6830] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 69.245580][ T6833] syz_tun: entered allmulticast mode [ 69.259147][ T6832] syz_tun: left allmulticast mode [ 69.265736][ T6835] netlink: 28 bytes leftover after parsing attributes in process `syz.3.317'. [ 69.310894][ T6842] hfsplus: unable to find HFS+ superblock [ 69.412601][ T6851] process 'syz.2.324' launched './file0' with NULL argv: empty string added [ 69.424574][ T6851] netlink: zone id is out of range [ 69.426229][ T6851] netlink: zone id is out of range [ 69.427846][ T6851] netlink: zone id is out of range [ 69.429426][ T6851] netlink: zone id is out of range [ 69.431047][ T6851] netlink: zone id is out of range [ 69.432691][ T6851] netlink: zone id is out of range [ 69.434364][ T6851] netlink: zone id is out of range [ 69.437557][ T6851] netlink: zone id is out of range [ 69.775787][ T6879] hfsplus: unable to find HFS+ superblock [ 69.898660][ T6888] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.904040][ T6888] bond0: (slave rose0): Enslaving as an active interface with an up link [ 69.908909][ T6887] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 69.992627][ T6898] syz_tun: entered allmulticast mode [ 69.998025][ T6897] syz_tun: left allmulticast mode [ 70.122768][ T6907] netlink: 8 bytes leftover after parsing attributes in process `syz.0.340'. [ 70.378314][ C2] ata1: illegal qc_active transition (00000000->00008000) [ 70.688691][ T6922] hfsplus: unable to find HFS+ superblock [ 70.697215][ T1117] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300) [ 70.700887][ T1117] ata1.00: configured for UDMA/100 [ 70.784092][ T6924] netlink: 8 bytes leftover after parsing attributes in process `syz.2.344'. [ 70.875724][ T6932] FAULT_INJECTION: forcing a failure. [ 70.875724][ T6932] name failslab, interval 1, probability 0, space 0, times 0 [ 70.881151][ T6932] CPU: 3 UID: 0 PID: 6932 Comm: syz.1.346 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 70.881173][ T6932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.881184][ T6932] Call Trace: [ 70.881190][ T6932] [ 70.881198][ T6932] dump_stack_lvl+0x16c/0x1f0 [ 70.881246][ T6932] should_fail_ex+0x512/0x640 [ 70.881280][ T6932] should_failslab+0xc2/0x120 [ 70.881308][ T6932] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 70.881333][ T6932] ? skb_clone+0x190/0x3f0 [ 70.881361][ T6932] skb_clone+0x190/0x3f0 [ 70.881386][ T6932] netlink_deliver_tap+0xabd/0xd30 [ 70.881419][ T6932] netlink_unicast+0x5df/0x7f0 [ 70.881442][ T6932] ? __pfx_netlink_unicast+0x10/0x10 [ 70.881468][ T6932] netlink_sendmsg+0x8d1/0xdd0 [ 70.881490][ T6932] ? __pfx_netlink_sendmsg+0x10/0x10 [ 70.881518][ T6932] ____sys_sendmsg+0xa95/0xc70 [ 70.881538][ T6932] ? copy_msghdr_from_user+0x10a/0x160 [ 70.881559][ T6932] ? __pfx_____sys_sendmsg+0x10/0x10 [ 70.881589][ T6932] ___sys_sendmsg+0x134/0x1d0 [ 70.881615][ T6932] ? __pfx____sys_sendmsg+0x10/0x10 [ 70.881635][ T6932] ? __lock_acquire+0x622/0x1c90 [ 70.881686][ T6932] __sys_sendmsg+0x16d/0x220 [ 70.881711][ T6932] ? __pfx___sys_sendmsg+0x10/0x10 [ 70.881751][ T6932] do_syscall_64+0xcd/0x4c0 [ 70.881779][ T6932] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.881797][ T6932] RIP: 0033:0x7f6b2d18e929 [ 70.881811][ T6932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.881842][ T6932] RSP: 002b:00007f6b2dfae038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 70.881866][ T6932] RAX: ffffffffffffffda RBX: 00007f6b2d3b6080 RCX: 00007f6b2d18e929 [ 70.881878][ T6932] RDX: 0000000020008010 RSI: 0000200000000140 RDI: 0000000000000005 [ 70.881888][ T6932] RBP: 00007f6b2dfae090 R08: 0000000000000000 R09: 0000000000000000 [ 70.881900][ T6932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 70.881915][ T6932] R13: 0000000000000000 R14: 00007f6b2d3b6080 R15: 00007ffcdeecf918 [ 70.881940][ T6932] [ 70.882091][ T6932] netlink: 24 bytes leftover after parsing attributes in process `syz.1.346'. [ 71.102615][ T1423] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.108542][ T1423] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.112280][ T6949] hfsplus: unable to find HFS+ superblock [ 71.257088][ T6959] FAULT_INJECTION: forcing a failure. [ 71.257088][ T6959] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 71.262458][ T6959] CPU: 0 UID: 0 PID: 6959 Comm: syz.3.356 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 71.262479][ T6959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 71.262488][ T6959] Call Trace: [ 71.262494][ T6959] [ 71.262501][ T6959] dump_stack_lvl+0x16c/0x1f0 [ 71.262528][ T6959] should_fail_ex+0x512/0x640 [ 71.262552][ T6959] _copy_to_user+0x32/0xd0 [ 71.262577][ T6959] simple_read_from_buffer+0xcb/0x170 [ 71.262600][ T6959] proc_fail_nth_read+0x197/0x270 [ 71.262619][ T6959] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 71.262640][ T6959] ? rw_verify_area+0xcf/0x680 [ 71.262656][ T6959] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 71.262716][ T6959] vfs_read+0x1e1/0xc60 [ 71.262741][ T6959] ? __pfx___mutex_lock+0x10/0x10 [ 71.262765][ T6959] ? __pfx_vfs_read+0x10/0x10 [ 71.262791][ T6959] ? __fget_files+0x20e/0x3c0 [ 71.262820][ T6959] ksys_read+0x12a/0x250 [ 71.262840][ T6959] ? __pfx_ksys_read+0x10/0x10 [ 71.262859][ T6959] ? fput+0x70/0xf0 [ 71.262876][ T6959] do_syscall_64+0xcd/0x4c0 [ 71.262906][ T6959] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.262922][ T6959] RIP: 0033:0x7fd37ed8d33c [ 71.262935][ T6959] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 71.262950][ T6959] RSP: 002b:00007fd37fbaa030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 71.262965][ T6959] RAX: ffffffffffffffda RBX: 00007fd37efb5fa0 RCX: 00007fd37ed8d33c [ 71.262975][ T6959] RDX: 000000000000000f RSI: 00007fd37fbaa0a0 RDI: 0000000000000004 [ 71.262984][ T6959] RBP: 00007fd37fbaa090 R08: 0000000000000000 R09: 0000000000000000 [ 71.262993][ T6959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 71.263002][ T6959] R13: 0000000000000000 R14: 00007fd37efb5fa0 R15: 00007ffc56c04d58 [ 71.263025][ T6959] [ 71.798171][ T6985] FAULT_INJECTION: forcing a failure. [ 71.798171][ T6985] name failslab, interval 1, probability 0, space 0, times 0 [ 71.802999][ T6985] CPU: 2 UID: 0 PID: 6985 Comm: syz.3.365 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 71.803024][ T6985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 71.803032][ T6985] Call Trace: [ 71.803036][ T6985] [ 71.803041][ T6985] dump_stack_lvl+0x16c/0x1f0 [ 71.803061][ T6985] should_fail_ex+0x512/0x640 [ 71.803075][ T6985] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 71.803092][ T6985] should_failslab+0xc2/0x120 [ 71.803108][ T6985] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 71.803122][ T6985] ? __alloc_skb+0x2b2/0x380 [ 71.803138][ T6985] __alloc_skb+0x2b2/0x380 [ 71.803151][ T6985] ? __pfx___alloc_skb+0x10/0x10 [ 71.803163][ T6985] ? do_raw_spin_lock+0x12c/0x2b0 [ 71.803176][ T6985] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 71.803192][ T6985] sock_wmalloc+0xd4/0x120 [ 71.803205][ T6985] l2tp_ip_sendmsg+0x1b5/0x18d0 [ 71.803220][ T6985] ? __import_iovec+0x1dd/0x650 [ 71.803237][ T6985] ? __might_fault+0xe3/0x190 [ 71.803252][ T6985] ? __pfx_l2tp_ip_sendmsg+0x10/0x10 [ 71.803267][ T6985] inet_sendmsg+0x11c/0x140 [ 71.803281][ T6985] ____sys_sendmsg+0x973/0xc70 [ 71.803292][ T6985] ? copy_msghdr_from_user+0x10a/0x160 [ 71.803306][ T6985] ? __pfx_____sys_sendmsg+0x10/0x10 [ 71.803319][ T6985] ? __pfx__kstrtoull+0x10/0x10 [ 71.803333][ T6985] ___sys_sendmsg+0x134/0x1d0 [ 71.803349][ T6985] ? __pfx____sys_sendmsg+0x10/0x10 [ 71.803370][ T6985] ? find_held_lock+0x2b/0x80 [ 71.803393][ T6985] __sys_sendmmsg+0x200/0x420 [ 71.803409][ T6985] ? __pfx___sys_sendmmsg+0x10/0x10 [ 71.803429][ T6985] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 71.803451][ T6985] ? fput+0x70/0xf0 [ 71.803460][ T6985] ? ksys_write+0x1ac/0x250 [ 71.803473][ T6985] ? __pfx_ksys_write+0x10/0x10 [ 71.803489][ T6985] __x64_sys_sendmmsg+0x9c/0x100 [ 71.803503][ T6985] ? lockdep_hardirqs_on+0x7c/0x110 [ 71.803517][ T6985] do_syscall_64+0xcd/0x4c0 [ 71.803532][ T6985] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.803544][ T6985] RIP: 0033:0x7fd37ed8e929 [ 71.803553][ T6985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.803563][ T6985] RSP: 002b:00007fd37fbaa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 71.803574][ T6985] RAX: ffffffffffffffda RBX: 00007fd37efb5fa0 RCX: 00007fd37ed8e929 [ 71.803580][ T6985] RDX: 00000000040000cf RSI: 0000200000000900 RDI: 0000000000000003 [ 71.803586][ T6985] RBP: 00007fd37fbaa090 R08: 0000000000000000 R09: 0000000000000000 [ 71.803592][ T6985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 71.803598][ T6985] R13: 0000000000000000 R14: 00007fd37efb5fa0 R15: 00007ffc56c04d58 [ 71.803612][ T6985] [ 71.948210][ T6992] __nla_validate_parse: 2 callbacks suppressed [ 71.948221][ T6992] netlink: 28 bytes leftover after parsing attributes in process `syz.1.369'. [ 71.961143][ T6996] FAULT_INJECTION: forcing a failure. [ 71.961143][ T6996] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 71.965903][ T6996] CPU: 1 UID: 0 PID: 6996 Comm: syz.3.370 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 71.965919][ T6996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 71.965926][ T6996] Call Trace: [ 71.965930][ T6996] [ 71.965934][ T6996] dump_stack_lvl+0x16c/0x1f0 [ 71.965954][ T6996] should_fail_ex+0x512/0x640 [ 71.965971][ T6996] _copy_from_iter+0x29f/0x16f0 [ 71.965989][ T6996] ? __alloc_skb+0x200/0x380 [ 71.966004][ T6996] ? __pfx__copy_from_iter+0x10/0x10 [ 71.966021][ T6996] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 71.966044][ T6996] netlink_sendmsg+0x829/0xdd0 [ 71.966057][ T6996] ? __pfx_netlink_sendmsg+0x10/0x10 [ 71.966073][ T6996] ____sys_sendmsg+0xa95/0xc70 [ 71.966084][ T6996] ? copy_msghdr_from_user+0x10a/0x160 [ 71.966099][ T6996] ? __pfx_____sys_sendmsg+0x10/0x10 [ 71.966117][ T6996] ___sys_sendmsg+0x134/0x1d0 [ 71.966133][ T6996] ? __pfx____sys_sendmsg+0x10/0x10 [ 71.966147][ T6996] ? __lock_acquire+0x622/0x1c90 [ 71.966176][ T6996] __sys_sendmsg+0x16d/0x220 [ 71.966191][ T6996] ? __pfx___sys_sendmsg+0x10/0x10 [ 71.966221][ T6996] do_syscall_64+0xcd/0x4c0 [ 71.966238][ T6996] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.966250][ T6996] RIP: 0033:0x7fd37ed8e929 [ 71.966263][ T6996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.966273][ T6996] RSP: 002b:00007fd37fbaa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 71.966284][ T6996] RAX: ffffffffffffffda RBX: 00007fd37efb5fa0 RCX: 00007fd37ed8e929 [ 71.966291][ T6996] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003 [ 71.966297][ T6996] RBP: 00007fd37fbaa090 R08: 0000000000000000 R09: 0000000000000000 [ 71.966304][ T6996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 71.966310][ T6996] R13: 0000000000000000 R14: 00007fd37efb5fa0 R15: 00007ffc56c04d58 [ 71.966324][ T6996] [ 71.966676][ T6994] syz_tun: entered allmulticast mode [ 71.997703][ T7003] F2FS-fs (nbd3): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 72.023580][ T6990] syz_tun: left allmulticast mode [ 72.033169][ T7003] F2FS-fs (nbd3): Can't find valid F2FS filesystem in 1th superblock [ 72.049658][ T7003] F2FS-fs (nbd3): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 72.052087][ T7003] F2FS-fs (nbd3): Can't find valid F2FS filesystem in 2th superblock [ 72.056920][ T7002] F2FS-fs (nbd3): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 72.059308][ T7002] F2FS-fs (nbd3): Can't find valid F2FS filesystem in 1th superblock [ 72.061855][ T7002] F2FS-fs (nbd3): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 72.064251][ T7002] F2FS-fs (nbd3): Can't find valid F2FS filesystem in 2th superblock [ 72.087785][ T6998] netlink: 28 bytes leftover after parsing attributes in process `syz.1.372'. [ 72.321735][ T7035] syz_tun: entered allmulticast mode [ 72.326559][ T7033] syz_tun: left allmulticast mode [ 72.381164][ T7037] FAULT_INJECTION: forcing a failure. [ 72.381164][ T7037] name failslab, interval 1, probability 0, space 0, times 0 [ 72.391332][ T7037] CPU: 0 UID: 0 PID: 7037 Comm: syz.1.386 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 72.391358][ T7037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.391368][ T7037] Call Trace: [ 72.391375][ T7037] [ 72.391381][ T7037] dump_stack_lvl+0x16c/0x1f0 [ 72.391412][ T7037] should_fail_ex+0x512/0x640 [ 72.391435][ T7037] ? __kvmalloc_node_noprof+0x124/0x620 [ 72.391461][ T7037] should_failslab+0xc2/0x120 [ 72.391486][ T7037] __kvmalloc_node_noprof+0x137/0x620 [ 72.391507][ T7037] ? __pfx___mutex_lock+0x10/0x10 [ 72.391533][ T7037] ? nf_hook_entries_grow+0x285/0x860 [ 72.391557][ T7037] ? trace_contention_end+0xdd/0x130 [ 72.391579][ T7037] ? nf_hook_entries_grow+0x285/0x860 [ 72.391601][ T7037] nf_hook_entries_grow+0x285/0x860 [ 72.391634][ T7037] __nf_register_net_hook+0x1cd/0x730 [ 72.391663][ T7037] nf_register_net_hook+0x109/0x160 [ 72.391689][ T7037] nf_register_net_hooks+0x5d/0xd0 [ 72.391717][ T7037] nf_defrag_ipv6_enable+0xc1/0x130 [ 72.391741][ T7037] nf_ct_netns_do_get+0x225/0x620 [ 72.391769][ T7037] ? __pfx_nf_ct_netns_do_get+0x10/0x10 [ 72.391793][ T7037] ? xt_find_match+0x1f1/0x290 [ 72.391813][ T7037] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 72.391841][ T7037] nf_ct_netns_get+0x39/0x150 [ 72.391865][ T7037] connbytes_mt_check+0x119/0x310 [ 72.391883][ T7037] ? __pfx_connbytes_mt_check+0x10/0x10 [ 72.391900][ T7037] xt_check_match+0x283/0xa50 [ 72.391921][ T7037] ? __pfx_xt_check_match+0x10/0x10 [ 72.391945][ T7037] ? xt_find_match+0x1f6/0x290 [ 72.391965][ T7037] ? xt_find_match+0x1f6/0x290 [ 72.391991][ T7037] find_check_entry.constprop.0+0x34e/0xa20 [ 72.392019][ T7037] ? __pfx_find_check_entry.constprop.0+0x10/0x10 [ 72.392048][ T7037] ? lockdep_hardirqs_on+0x7c/0x110 [ 72.392075][ T7037] ? kfree+0x2b4/0x4d0 [ 72.392093][ T7037] ? translate_table+0xc0e/0x17b0 [ 72.392117][ T7037] translate_table+0xd0b/0x17b0 [ 72.392148][ T7037] ? __pfx_translate_table+0x10/0x10 [ 72.392176][ T7037] do_ip6t_set_ctl+0x570/0xb00 [ 72.392197][ T7037] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 72.392225][ T7037] ? __pfx_do_ip6t_set_ctl+0x10/0x10 [ 72.392247][ T7037] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 72.392284][ T7037] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 72.392306][ T7037] nf_setsockopt+0x8a/0xf0 [ 72.392324][ T7037] ipv6_setsockopt+0x135/0x170 [ 72.392346][ T7037] udpv6_setsockopt+0x7d/0xd0 [ 72.392369][ T7037] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 72.392397][ T7037] do_sock_setsockopt+0x221/0x470 [ 72.392422][ T7037] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 72.392464][ T7037] __sys_setsockopt+0x1a0/0x230 [ 72.392490][ T7037] __x64_sys_setsockopt+0xbd/0x160 [ 72.392511][ T7037] ? do_syscall_64+0x91/0x4c0 [ 72.392533][ T7037] ? lockdep_hardirqs_on+0x7c/0x110 [ 72.392557][ T7037] do_syscall_64+0xcd/0x4c0 [ 72.392583][ T7037] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.392601][ T7037] RIP: 0033:0x7f6b2d18e929 [ 72.392616][ T7037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.392630][ T7037] RSP: 002b:00007f6b2dfcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 72.392648][ T7037] RAX: ffffffffffffffda RBX: 00007f6b2d3b5fa0 RCX: 00007f6b2d18e929 [ 72.392659][ T7037] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 72.392668][ T7037] RBP: 00007f6b2dfcf090 R08: 0000000000000620 R09: 0000000000000000 [ 72.392679][ T7037] R10: 00002000000009c0 R11: 0000000000000246 R12: 0000000000000001 [ 72.392689][ T7037] R13: 0000000000000000 R14: 00007f6b2d3b5fa0 R15: 00007ffcdeecf918 [ 72.392712][ T7037] [ 72.392878][ T7037] xt_connbytes: cannot load conntrack support for proto=10 [ 72.531544][ T7049] netlink: 8 bytes leftover after parsing attributes in process `syz.2.390'. [ 72.574044][ T7048] netlink: 28 bytes leftover after parsing attributes in process `syz.3.391'. [ 72.653785][ T7059] syz_tun: entered allmulticast mode [ 72.658461][ T7058] syz_tun: left allmulticast mode [ 72.704934][ T10] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0 [ 72.707356][ T10] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0 [ 72.709562][ T10] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0 [ 72.711789][ T10] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0 [ 72.714342][ T10] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0 [ 72.718173][ T10] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0 [ 72.720438][ T10] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0 [ 72.722670][ T10] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0 [ 72.725439][ T10] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0 [ 72.727711][ T10] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0 [ 72.729920][ T10] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0 [ 72.732161][ T10] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0 [ 72.734358][ T10] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0 [ 72.736939][ T10] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0 [ 72.739198][ T10] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0 [ 72.744243][ T10] hid-generic 00A0:0006:0003.0002: hidraw1: HID v0.05 Device [syz1] on syz0 [ 72.964885][ T5953] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 72.994353][ T7073] netlink: 24 bytes leftover after parsing attributes in process `syz.3.400'. [ 73.078388][ T7077] hfsplus: unable to find HFS+ superblock [ 73.113375][ T7081] syz_tun: entered allmulticast mode [ 73.118253][ T7080] syz_tun: left allmulticast mode [ 73.128589][ T5953] usb 7-1: config 0 has no interfaces? [ 73.134811][ T5953] usb 7-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00 [ 73.137772][ T5953] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.147797][ T5953] usb 7-1: config 0 descriptor?? [ 73.198278][ T7083] netlink: 28 bytes leftover after parsing attributes in process `syz.3.405'. [ 73.373920][ T60] usb 7-1: USB disconnect, device number 4 [ 73.448559][ T7095] vlan2: entered allmulticast mode [ 73.450382][ T7095] veth1: entered allmulticast mode [ 73.487069][ T7098] FAULT_INJECTION: forcing a failure. [ 73.487069][ T7098] name failslab, interval 1, probability 0, space 0, times 0 [ 73.491664][ T7098] CPU: 3 UID: 0 PID: 7098 Comm: syz.3.409 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 73.491687][ T7098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 73.491697][ T7098] Call Trace: [ 73.491703][ T7098] [ 73.491710][ T7098] dump_stack_lvl+0x16c/0x1f0 [ 73.491757][ T7098] should_fail_ex+0x512/0x640 [ 73.491784][ T7098] ? __kmalloc_noprof+0xbf/0x510 [ 73.491809][ T7098] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 73.491830][ T7098] should_failslab+0xc2/0x120 [ 73.491856][ T7098] __kmalloc_noprof+0xd2/0x510 [ 73.491879][ T7098] ? avc_has_perm_noaudit+0x149/0x3b0 [ 73.491899][ T7098] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 73.491923][ T7098] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 73.491944][ T7098] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 73.491973][ T7098] ? bpf_lsm_capable+0x9/0x10 [ 73.491991][ T7098] ? security_capable+0x7e/0x260 [ 73.492008][ T7098] ? ns_capable+0xd7/0x110 [ 73.492028][ T7098] genl_rcv_msg+0x55c/0x800 [ 73.492048][ T7098] ? __pfx_genl_rcv_msg+0x10/0x10 [ 73.492064][ T7098] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 73.492094][ T7098] netlink_rcv_skb+0x155/0x420 [ 73.492107][ T7098] ? __pfx_genl_rcv_msg+0x10/0x10 [ 73.492125][ T7098] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 73.492153][ T7098] ? netlink_deliver_tap+0x1ae/0xd30 [ 73.492178][ T7098] genl_rcv+0x28/0x40 [ 73.492191][ T7098] netlink_unicast+0x53a/0x7f0 [ 73.492207][ T7098] ? __pfx_netlink_unicast+0x10/0x10 [ 73.492227][ T7098] netlink_sendmsg+0x8d1/0xdd0 [ 73.492245][ T7098] ? __pfx_netlink_sendmsg+0x10/0x10 [ 73.492267][ T7098] ____sys_sendmsg+0xa95/0xc70 [ 73.492283][ T7098] ? copy_msghdr_from_user+0x10a/0x160 [ 73.492302][ T7098] ? __pfx_____sys_sendmsg+0x10/0x10 [ 73.492326][ T7098] ___sys_sendmsg+0x134/0x1d0 [ 73.492346][ T7098] ? __pfx____sys_sendmsg+0x10/0x10 [ 73.492364][ T7098] ? __lock_acquire+0x622/0x1c90 [ 73.492405][ T7098] __sys_sendmsg+0x16d/0x220 [ 73.492425][ T7098] ? __pfx___sys_sendmsg+0x10/0x10 [ 73.492459][ T7098] do_syscall_64+0xcd/0x4c0 [ 73.492481][ T7098] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.492496][ T7098] RIP: 0033:0x7fd37ed8e929 [ 73.492508][ T7098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 73.492522][ T7098] RSP: 002b:00007fd37fb89038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 73.492536][ T7098] RAX: ffffffffffffffda RBX: 00007fd37efb6080 RCX: 00007fd37ed8e929 [ 73.492545][ T7098] RDX: 0000000020008010 RSI: 0000200000000140 RDI: 0000000000000005 [ 73.492553][ T7098] RBP: 00007fd37fb89090 R08: 0000000000000000 R09: 0000000000000000 [ 73.492561][ T7098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 73.492569][ T7098] R13: 0000000000000000 R14: 00007fd37efb6080 R15: 00007ffc56c04d58 [ 73.492588][ T7098] [ 73.608378][ T7102] hfsplus: unable to find HFS+ superblock [ 73.709372][ T7104] netlink: 'syz.1.414': attribute type 1 has an invalid length. [ 73.721412][ T7104] bond1: entered promiscuous mode [ 73.723258][ T7104] 8021q: adding VLAN 0 to HW filter on device bond1 [ 74.075196][ T7122] netlink: 8 bytes leftover after parsing attributes in process `syz.1.421'. [ 74.097420][ T7124] hfsplus: unable to find HFS+ superblock [ 74.158329][ T7126] netlink: 'syz.1.423': attribute type 1 has an invalid length. [ 74.169936][ T7126] bond2: entered promiscuous mode [ 74.171715][ T7126] 8021q: adding VLAN 0 to HW filter on device bond2 [ 74.211443][ T40] kauditd_printk_skb: 25 callbacks suppressed [ 74.211454][ T40] audit: type=1400 audit(1751986179.194:279): avc: denied { setopt } for pid=7133 comm="syz.2.425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 74.311362][ T7136] overlay: filesystem on ./bus not supported as upperdir [ 74.368973][ T40] audit: type=1400 audit(1751986179.354:280): avc: denied { map } for pid=7133 comm="syz.2.425" path="socket:[14821]" dev="sockfs" ino=14821 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 74.379844][ T40] audit: type=1400 audit(1751986179.354:281): avc: denied { read write } for pid=7133 comm="syz.2.425" path="socket:[14821]" dev="sockfs" ino=14821 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 74.400612][ T40] audit: type=1400 audit(1751986179.384:282): avc: denied { create } for pid=7141 comm="syz.1.428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 74.406841][ T40] audit: type=1400 audit(1751986179.394:283): avc: denied { bind } for pid=7141 comm="syz.1.428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 74.475413][ T40] audit: type=1400 audit(1751986179.454:284): avc: denied { write } for pid=7147 comm="syz.1.431" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 74.512523][ T7152] hfsplus: unable to find HFS+ superblock [ 74.531856][ T7154] program syz.0.435 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 74.565815][ T40] audit: type=1400 audit(1751986179.554:285): avc: denied { create } for pid=7159 comm="syz.0.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 74.571644][ T40] audit: type=1400 audit(1751986179.554:286): avc: denied { ioctl } for pid=7159 comm="syz.0.437" path="socket:[16102]" dev="sockfs" ino=16102 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 74.579641][ T7162] syz_tun: entered allmulticast mode [ 74.583483][ T40] audit: type=1400 audit(1751986179.554:287): avc: denied { append } for pid=7159 comm="syz.0.437" name="renderD128" dev="devtmpfs" ino=634 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 74.590696][ T40] audit: type=1400 audit(1751986179.554:288): avc: denied { write } for pid=7159 comm="syz.0.437" name="card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 74.647021][ T7171] netlink: 24 bytes leftover after parsing attributes in process `syz.1.438'. [ 74.655932][ T7173] fuse: Unknown parameter 'grYEéè200000000000000000000' [ 74.718646][ T7183] hfsplus: unable to find HFS+ superblock [ 74.799639][ T7186] FAULT_INJECTION: forcing a failure. [ 74.799639][ T7186] name failslab, interval 1, probability 0, space 0, times 0 [ 74.813026][ T7186] CPU: 1 UID: 0 PID: 7186 Comm: syz.2.446 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 74.813042][ T7186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.813049][ T7186] Call Trace: [ 74.813053][ T7186] [ 74.813057][ T7186] dump_stack_lvl+0x16c/0x1f0 [ 74.813090][ T7186] should_fail_ex+0x512/0x640 [ 74.813108][ T7186] ? __kvmalloc_node_noprof+0x124/0x620 [ 74.813128][ T7186] should_failslab+0xc2/0x120 [ 74.813144][ T7186] __kvmalloc_node_noprof+0x137/0x620 [ 74.813157][ T7186] ? __pfx___mutex_lock+0x10/0x10 [ 74.813172][ T7186] ? nf_hook_entries_grow+0x285/0x860 [ 74.813192][ T7186] ? nf_hook_entries_grow+0x285/0x860 [ 74.813205][ T7186] nf_hook_entries_grow+0x285/0x860 [ 74.813220][ T7186] ? __call_rcu_common.constprop.0+0x3f0/0xa10 [ 74.813237][ T7186] __nf_register_net_hook+0x1cd/0x730 [ 74.813255][ T7186] nf_register_net_hook+0x109/0x160 [ 74.813271][ T7186] nf_register_net_hooks+0x5d/0xd0 [ 74.813288][ T7186] nf_defrag_ipv6_enable+0xc1/0x130 [ 74.813303][ T7186] nf_ct_netns_do_get+0x225/0x620 [ 74.813320][ T7186] ? __pfx_nf_ct_netns_do_get+0x10/0x10 [ 74.813335][ T7186] ? xt_find_match+0x1f1/0x290 [ 74.813348][ T7186] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 74.813365][ T7186] nf_ct_netns_get+0x39/0x150 [ 74.813380][ T7186] connbytes_mt_check+0x119/0x310 [ 74.813390][ T7186] ? __pfx_connbytes_mt_check+0x10/0x10 [ 74.813401][ T7186] xt_check_match+0x283/0xa50 [ 74.813414][ T7186] ? __pfx_xt_check_match+0x10/0x10 [ 74.813428][ T7186] ? xt_find_match+0x1f6/0x290 [ 74.813440][ T7186] ? xt_find_match+0x1f6/0x290 [ 74.813454][ T7186] find_check_entry.constprop.0+0x34e/0xa20 [ 74.813471][ T7186] ? __pfx_find_check_entry.constprop.0+0x10/0x10 [ 74.813489][ T7186] ? lockdep_hardirqs_on+0x7c/0x110 [ 74.813507][ T7186] ? kfree+0x2b4/0x4d0 [ 74.813518][ T7186] ? translate_table+0xc0e/0x17b0 [ 74.813532][ T7186] translate_table+0xd0b/0x17b0 [ 74.813550][ T7186] ? __pfx_translate_table+0x10/0x10 [ 74.813566][ T7186] do_ip6t_set_ctl+0x570/0xb00 [ 74.813578][ T7186] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 74.813591][ T7186] ? __pfx_do_ip6t_set_ctl+0x10/0x10 [ 74.813605][ T7186] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 74.813628][ T7186] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 74.813640][ T7186] nf_setsockopt+0x8a/0xf0 [ 74.813654][ T7186] ipv6_setsockopt+0x135/0x170 [ 74.813667][ T7186] udpv6_setsockopt+0x7d/0xd0 [ 74.813681][ T7186] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 74.813699][ T7186] do_sock_setsockopt+0x221/0x470 [ 74.813715][ T7186] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 74.813740][ T7186] __sys_setsockopt+0x1a0/0x230 [ 74.813756][ T7186] __x64_sys_setsockopt+0xbd/0x160 [ 74.813769][ T7186] ? do_syscall_64+0x91/0x4c0 [ 74.813784][ T7186] ? lockdep_hardirqs_on+0x7c/0x110 [ 74.813797][ T7186] do_syscall_64+0xcd/0x4c0 [ 74.813813][ T7186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.813825][ T7186] RIP: 0033:0x7fa1cdf8e929 [ 74.813834][ T7186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.813844][ T7186] RSP: 002b:00007fa1cee19038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 74.813854][ T7186] RAX: ffffffffffffffda RBX: 00007fa1ce1b5fa0 RCX: 00007fa1cdf8e929 [ 74.813861][ T7186] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 74.813868][ T7186] RBP: 00007fa1cee19090 R08: 0000000000000620 R09: 0000000000000000 [ 74.813875][ T7186] R10: 00002000000009c0 R11: 0000000000000246 R12: 0000000000000001 [ 74.813881][ T7186] R13: 0000000000000000 R14: 00007fa1ce1b5fa0 R15: 00007ffccbfbb6d8 [ 74.813894][ T7186] [ 74.813934][ T7186] xt_connbytes: cannot load conntrack support for proto=10 [ 75.031221][ T7203] FAULT_INJECTION: forcing a failure. [ 75.031221][ T7203] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 75.035325][ T7203] CPU: 0 UID: 0 PID: 7203 Comm: syz.2.453 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 75.035339][ T7203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.035346][ T7203] Call Trace: [ 75.035350][ T7203] [ 75.035354][ T7203] dump_stack_lvl+0x16c/0x1f0 [ 75.035372][ T7203] should_fail_ex+0x512/0x640 [ 75.035389][ T7203] _copy_from_user+0x2e/0xd0 [ 75.035405][ T7203] copy_msghdr_from_user+0x98/0x160 [ 75.035420][ T7203] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 75.035442][ T7203] ___sys_sendmsg+0xfe/0x1d0 [ 75.035456][ T7203] ? __pfx____sys_sendmsg+0x10/0x10 [ 75.035470][ T7203] ? __lock_acquire+0x622/0x1c90 [ 75.035496][ T7203] __sys_sendmsg+0x16d/0x220 [ 75.035511][ T7203] ? __pfx___sys_sendmsg+0x10/0x10 [ 75.035530][ T7203] ? fput+0x70/0xf0 [ 75.035542][ T7203] do_syscall_64+0xcd/0x4c0 [ 75.035558][ T7203] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.035569][ T7203] RIP: 0033:0x7fa1cdf8e929 [ 75.035578][ T7203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.035588][ T7203] RSP: 002b:00007fa1cee19038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 75.035598][ T7203] RAX: ffffffffffffffda RBX: 00007fa1ce1b5fa0 RCX: 00007fa1cdf8e929 [ 75.035605][ T7203] RDX: 0000000000044044 RSI: 0000200000000340 RDI: 0000000000000004 [ 75.035611][ T7203] RBP: 00007fa1cee19090 R08: 0000000000000000 R09: 0000000000000000 [ 75.035617][ T7203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 75.035623][ T7203] R13: 0000000000000000 R14: 00007fa1ce1b5fa0 R15: 00007ffccbfbb6d8 [ 75.035636][ T7203] [ 75.102160][ T7205] hfsplus: unable to find HFS+ superblock [ 75.215273][ T839] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 75.242575][ T7215] netlink: 'syz.2.458': attribute type 1 has an invalid length. [ 75.258856][ T7215] bond2: entered promiscuous mode [ 75.260864][ T7215] 8021q: adding VLAN 0 to HW filter on device bond2 [ 75.368999][ T839] usb 6-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 75.373098][ T839] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 75.378756][ T839] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 75.382052][ T839] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 75.388036][ T839] usb 6-1: config 0 descriptor?? [ 75.438557][ T7232] hfsplus: unable to find HFS+ superblock [ 75.597922][ T839] usb 6-1: string descriptor 0 read error: -71 [ 75.602160][ T839] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 75.608563][ T839] usb 6-1: USB disconnect, device number 5 [ 75.681848][ T7246] netlink: 'syz.0.468': attribute type 1 has an invalid length. [ 75.692830][ T7246] bond1: entered promiscuous mode [ 75.696597][ T7246] 8021q: adding VLAN 0 to HW filter on device bond1 [ 75.797936][ T7256] hfsplus: unable to find HFS+ superblock [ 76.282247][ T7285] netlink: 'syz.1.481': attribute type 1 has an invalid length. [ 76.295246][ T7285] bond3: entered promiscuous mode [ 76.297077][ T7285] 8021q: adding VLAN 0 to HW filter on device bond3 [ 76.530429][ T7292] [ 76.536108][ T7292] Cannot find add_set index 0 as target [ 76.692919][ T7300] syz_tun (unregistering): left allmulticast mode [ 76.969816][ T1056] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.046187][ T1056] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.077408][ T5953] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 77.110637][ T1056] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.183913][ T1056] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.236890][ T5953] usb 8-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 77.243482][ T5953] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 77.247727][ T5953] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 77.250589][ T5953] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.255311][ T5953] usb 8-1: config 0 descriptor?? [ 77.298827][ T5956] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 77.303024][ T5956] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 77.306114][ T5956] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 77.313680][ T5956] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 77.319518][ T5956] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 77.331429][ T7316] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 77.333815][ T7316] IPv6: NLM_F_CREATE should be set when creating new route [ 77.336215][ T7316] IPv6: NLM_F_CREATE should be set when creating new route [ 77.338475][ T7316] IPv6: NLM_F_CREATE should be set when creating new route [ 77.341806][ T1056] bridge_slave_1: left allmulticast mode [ 77.343753][ T1056] bridge_slave_1: left promiscuous mode [ 77.347018][ T1056] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.353905][ T1056] bridge_slave_0: left allmulticast mode [ 77.357020][ T1056] bridge_slave_0: left promiscuous mode [ 77.358875][ T1056] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.462900][ T1056] bond1 (unregistering): (slave gretap1): Releasing active interface [ 77.470701][ T5953] usb 8-1: string descriptor 0 read error: -71 [ 77.475964][ T5953] usbhid 8-1:0.0: couldn't find an input interrupt endpoint [ 77.483176][ T5953] usb 8-1: USB disconnect, device number 5 [ 77.564830][ T840] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 77.608593][ T1056] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 77.612698][ T1056] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 77.617165][ T1056] bond0 (unregistering): Released all slaves [ 77.663384][ T1056] bond1 (unregistering): Released all slaves [ 77.708318][ T1056] bond2 (unregistering): Released all slaves [ 77.736264][ T840] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 77.740272][ T840] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 77.745731][ T840] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 77.749382][ T840] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.755241][ T840] usb 5-1: config 0 descriptor?? [ 77.776983][ T840] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 77.788737][ T7322] FAULT_INJECTION: forcing a failure. [ 77.788737][ T7322] name failslab, interval 1, probability 0, space 0, times 0 [ 77.792936][ T7322] CPU: 1 UID: 0 PID: 7322 Comm: syz.1.494 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 77.792950][ T7322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.792957][ T7322] Call Trace: [ 77.792960][ T7322] [ 77.792964][ T7322] dump_stack_lvl+0x16c/0x1f0 [ 77.792983][ T7322] should_fail_ex+0x512/0x640 [ 77.792997][ T7322] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 77.793013][ T7322] should_failslab+0xc2/0x120 [ 77.793029][ T7322] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 77.793043][ T7322] ? __alloc_skb+0x2b2/0x380 [ 77.793059][ T7322] __alloc_skb+0x2b2/0x380 [ 77.793072][ T7322] ? __pfx___alloc_skb+0x10/0x10 [ 77.793087][ T7322] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 77.793107][ T7322] netlink_alloc_large_skb+0x69/0x130 [ 77.793118][ T7322] netlink_sendmsg+0x6a1/0xdd0 [ 77.793131][ T7322] ? __pfx_netlink_sendmsg+0x10/0x10 [ 77.793146][ T7322] ____sys_sendmsg+0xa95/0xc70 [ 77.793157][ T7322] ? copy_msghdr_from_user+0x10a/0x160 [ 77.793171][ T7322] ? __pfx_____sys_sendmsg+0x10/0x10 [ 77.793188][ T7322] ___sys_sendmsg+0x134/0x1d0 [ 77.793203][ T7322] ? __pfx____sys_sendmsg+0x10/0x10 [ 77.793215][ T7322] ? __lock_acquire+0x622/0x1c90 [ 77.793242][ T7322] __sys_sendmsg+0x16d/0x220 [ 77.793257][ T7322] ? __pfx___sys_sendmsg+0x10/0x10 [ 77.793280][ T7322] do_syscall_64+0xcd/0x4c0 [ 77.793296][ T7322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.793307][ T7322] RIP: 0033:0x7f6b2d18e929 [ 77.793316][ T7322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.793326][ T7322] RSP: 002b:00007f6b2dfcf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 77.793336][ T7322] RAX: ffffffffffffffda RBX: 00007f6b2d3b5fa0 RCX: 00007f6b2d18e929 [ 77.793342][ T7322] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000004 [ 77.793348][ T7322] RBP: 00007f6b2dfcf090 R08: 0000000000000000 R09: 0000000000000000 [ 77.793354][ T7322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 77.793360][ T7322] R13: 0000000000000000 R14: 00007f6b2d3b5fa0 R15: 00007ffcdeecf918 [ 77.793373][ T7322] [ 77.911513][ T7329] kvm: Disabled LAPIC found during irq injection [ 77.913771][ T7311] chnl_net:caif_netlink_parms(): no params data found [ 77.978154][ T839] usb 5-1: USB disconnect, device number 5 [ 78.047596][ T7311] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.050530][ T7311] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.053453][ T7311] bridge_slave_0: entered allmulticast mode [ 78.057528][ T7311] bridge_slave_0: entered promiscuous mode [ 78.082747][ T7311] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.085457][ T7311] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.087947][ T7311] bridge_slave_1: entered allmulticast mode [ 78.091353][ T7311] bridge_slave_1: entered promiscuous mode [ 78.173952][ T7311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.186691][ T1056] hsr_slave_0: left promiscuous mode [ 78.191812][ T1056] hsr_slave_1: left promiscuous mode [ 78.194080][ T1056] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 78.196730][ T1056] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 78.200273][ T1056] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 78.202551][ T1056] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 78.228225][ T1056] veth1_macvtap: left promiscuous mode [ 78.230196][ T1056] veth0_macvtap: left promiscuous mode [ 78.231964][ T1056] veth1_vlan: left promiscuous mode [ 78.233662][ T1056] veth0_vlan: left promiscuous mode [ 78.548322][ T7372] capability: warning: `syz.0.504' uses deprecated v2 capabilities in a way that may be insecure [ 78.781144][ T1056] team0 (unregistering): Port device team_slave_1 removed [ 78.832584][ T1056] team0 (unregistering): Port device team_slave_0 removed [ 79.221325][ T7311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.246067][ T7367] netlink: 24 bytes leftover after parsing attributes in process `syz.1.503'. [ 79.304486][ T7311] team0: Port device team_slave_0 added [ 79.312286][ T7311] team0: Port device team_slave_1 added [ 79.334972][ T5956] Bluetooth: hci2: command tx timeout [ 79.348958][ T7311] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.352962][ T7311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.361456][ T7311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.374450][ T7311] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.381206][ T7311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.389461][ T7311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.457397][ T7311] hsr_slave_0: entered promiscuous mode [ 79.459699][ T7311] hsr_slave_1: entered promiscuous mode [ 79.461737][ T7311] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.464123][ T7311] Cannot create hsr debugfs directory [ 79.570731][ T7399] hfsplus: unable to find HFS+ superblock [ 79.594114][ T7398] netlink: 'syz.1.511': attribute type 1 has an invalid length. [ 79.612983][ T7398] bond4: entered promiscuous mode [ 79.614918][ T7398] 8021q: adding VLAN 0 to HW filter on device bond4 [ 79.643977][ T7403] FAULT_INJECTION: forcing a failure. [ 79.643977][ T7403] name failslab, interval 1, probability 0, space 0, times 0 [ 79.660971][ T7403] CPU: 0 UID: 0 PID: 7403 Comm: syz.0.513 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 79.660988][ T7403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 79.660995][ T7403] Call Trace: [ 79.660999][ T7403] [ 79.661003][ T7403] dump_stack_lvl+0x16c/0x1f0 [ 79.661023][ T7403] should_fail_ex+0x512/0x640 [ 79.661039][ T7403] ? __kvmalloc_node_noprof+0x124/0x620 [ 79.661055][ T7403] should_failslab+0xc2/0x120 [ 79.661071][ T7403] __kvmalloc_node_noprof+0x137/0x620 [ 79.661085][ T7403] ? __pfx___mutex_lock+0x10/0x10 [ 79.661101][ T7403] ? nf_hook_entries_grow+0x285/0x860 [ 79.661119][ T7403] ? nf_hook_entries_grow+0x285/0x860 [ 79.661133][ T7403] nf_hook_entries_grow+0x285/0x860 [ 79.661147][ T7403] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 79.661167][ T7403] __nf_register_net_hook+0x1cd/0x730 [ 79.661185][ T7403] nf_register_net_hook+0x109/0x160 [ 79.661201][ T7403] nf_register_net_hooks+0x5d/0xd0 [ 79.661218][ T7403] nf_ct_netns_do_get+0x251/0x620 [ 79.661235][ T7403] ? __pfx_nf_ct_netns_do_get+0x10/0x10 [ 79.661251][ T7403] ? xt_find_match+0x1f1/0x290 [ 79.661263][ T7403] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 79.661280][ T7403] nf_ct_netns_get+0x39/0x150 [ 79.661296][ T7403] connbytes_mt_check+0x119/0x310 [ 79.661306][ T7403] ? __pfx_connbytes_mt_check+0x10/0x10 [ 79.661317][ T7403] xt_check_match+0x283/0xa50 [ 79.661330][ T7403] ? __pfx_xt_check_match+0x10/0x10 [ 79.661344][ T7403] ? xt_find_match+0x1f6/0x290 [ 79.661357][ T7403] ? xt_find_match+0x1f6/0x290 [ 79.661371][ T7403] find_check_entry.constprop.0+0x34e/0xa20 [ 79.661388][ T7403] ? __pfx_find_check_entry.constprop.0+0x10/0x10 [ 79.661405][ T7403] ? lockdep_hardirqs_on+0x7c/0x110 [ 79.661422][ T7403] ? kfree+0x2b4/0x4d0 [ 79.661433][ T7403] ? translate_table+0xc0e/0x17b0 [ 79.661447][ T7403] translate_table+0xd0b/0x17b0 [ 79.661465][ T7403] ? __pfx_translate_table+0x10/0x10 [ 79.661482][ T7403] do_ip6t_set_ctl+0x570/0xb00 [ 79.661494][ T7403] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 79.661508][ T7403] ? __pfx_do_ip6t_set_ctl+0x10/0x10 [ 79.661521][ T7403] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 79.661544][ T7403] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 79.661557][ T7403] nf_setsockopt+0x8a/0xf0 [ 79.661568][ T7403] ipv6_setsockopt+0x135/0x170 [ 79.661581][ T7403] udpv6_setsockopt+0x7d/0xd0 [ 79.661596][ T7403] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 79.661614][ T7403] do_sock_setsockopt+0x221/0x470 [ 79.661630][ T7403] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 79.661655][ T7403] __sys_setsockopt+0x1a0/0x230 [ 79.661671][ T7403] __x64_sys_setsockopt+0xbd/0x160 [ 79.661684][ T7403] ? do_syscall_64+0x91/0x4c0 [ 79.661699][ T7403] ? lockdep_hardirqs_on+0x7c/0x110 [ 79.661713][ T7403] do_syscall_64+0xcd/0x4c0 [ 79.661729][ T7403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 79.661740][ T7403] RIP: 0033:0x7f38be58e929 [ 79.661749][ T7403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 79.661760][ T7403] RSP: 002b:00007f38bf3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 79.661770][ T7403] RAX: ffffffffffffffda RBX: 00007f38be7b5fa0 RCX: 00007f38be58e929 [ 79.661777][ T7403] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 79.661783][ T7403] RBP: 00007f38bf3f6090 R08: 0000000000000620 R09: 0000000000000000 [ 79.661789][ T7403] R10: 00002000000009c0 R11: 0000000000000246 R12: 0000000000000001 [ 79.661795][ T7403] R13: 0000000000000000 R14: 00007f38be7b5fa0 R15: 00007ffdffe65dc8 [ 79.661809][ T7403] [ 79.661816][ T7403] xt_connbytes: cannot load conntrack support for proto=10 [ 79.668461][ T7311] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 79.798553][ T7311] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 79.823562][ T7311] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 79.836432][ T7311] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 79.886325][ T7311] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.910998][ T40] kauditd_printk_skb: 16 callbacks suppressed [ 79.911009][ T40] audit: type=1400 audit(1751986184.894:305): avc: denied { bind } for pid=7425 comm="syz.0.517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 79.911920][ T7311] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.912994][ T40] audit: type=1400 audit(1751986184.894:306): avc: denied { setopt } for pid=7425 comm="syz.0.517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 79.930091][ T40] audit: type=1400 audit(1751986184.914:307): avc: denied { read } for pid=7425 comm="syz.0.517" path="socket:[14302]" dev="sockfs" ino=14302 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 79.932056][ T1056] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.940909][ T1056] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.947676][ T1056] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.950248][ T1056] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.974274][ T7311] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 79.977794][ T7311] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 80.077945][ T7311] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.230223][ T7450] FAULT_INJECTION: forcing a failure. [ 80.230223][ T7450] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 80.234844][ T7450] CPU: 0 UID: 0 PID: 7450 Comm: syz.1.519 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 80.234868][ T7450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.234878][ T7450] Call Trace: [ 80.234884][ T7450] [ 80.234891][ T7450] dump_stack_lvl+0x16c/0x1f0 [ 80.234921][ T7450] should_fail_ex+0x512/0x640 [ 80.234947][ T7450] _copy_from_iter+0x29f/0x16f0 [ 80.234975][ T7450] ? __alloc_skb+0x200/0x380 [ 80.234998][ T7450] ? __pfx__copy_from_iter+0x10/0x10 [ 80.235025][ T7450] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 80.235062][ T7450] netlink_sendmsg+0x829/0xdd0 [ 80.235083][ T7450] ? __pfx_netlink_sendmsg+0x10/0x10 [ 80.235110][ T7450] ____sys_sendmsg+0xa95/0xc70 [ 80.235128][ T7450] ? copy_msghdr_from_user+0x10a/0x160 [ 80.235151][ T7450] ? __pfx_____sys_sendmsg+0x10/0x10 [ 80.235200][ T7450] ___sys_sendmsg+0x134/0x1d0 [ 80.235226][ T7450] ? __pfx____sys_sendmsg+0x10/0x10 [ 80.235247][ T7450] ? __lock_acquire+0x622/0x1c90 [ 80.235301][ T7450] __sys_sendmsg+0x16d/0x220 [ 80.235323][ T7450] ? __pfx___sys_sendmsg+0x10/0x10 [ 80.235358][ T7450] ? fput+0x70/0xf0 [ 80.235378][ T7450] do_syscall_64+0xcd/0x4c0 [ 80.235404][ T7450] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.235422][ T7450] RIP: 0033:0x7f6b2d18e929 [ 80.235436][ T7450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.235454][ T7450] RSP: 002b:00007f6b2dfcf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 80.235473][ T7450] RAX: ffffffffffffffda RBX: 00007f6b2d3b5fa0 RCX: 00007f6b2d18e929 [ 80.235484][ T7450] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003 [ 80.235495][ T7450] RBP: 00007f6b2dfcf090 R08: 0000000000000000 R09: 0000000000000000 [ 80.235505][ T7450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.235515][ T7450] R13: 0000000000000000 R14: 00007f6b2d3b5fa0 R15: 00007ffcdeecf918 [ 80.235541][ T7450] [ 80.314472][ C0] vkms_vblank_simulate: vblank timer overrun [ 80.428580][ T7311] veth0_vlan: entered promiscuous mode [ 80.441385][ T7311] veth1_vlan: entered promiscuous mode [ 80.461067][ T7311] veth0_macvtap: entered promiscuous mode [ 80.465450][ T7311] veth1_macvtap: entered promiscuous mode [ 80.473396][ T7311] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.481065][ T7311] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.489288][ T7311] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.492452][ T7311] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.497277][ T7311] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.500760][ T7311] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.533774][ T7462] loop3: detected capacity change from 0 to 1 [ 80.543861][ T5946] Dev loop3: unable to read RDB block 1 [ 80.547955][ T5946] loop3: unable to read partition table [ 80.549990][ T5946] loop3: partition table beyond EOD, truncated [ 80.559789][ T7462] Dev loop3: unable to read RDB block 1 [ 80.561626][ T7462] loop3: unable to read partition table [ 80.563467][ T7462] loop3: partition table beyond EOD, truncated [ 80.566017][ T7462] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 80.574829][ T839] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 80.587663][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.590282][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.610717][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.613311][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.622255][ T40] audit: type=1400 audit(1751986185.604:308): avc: denied { mounton } for pid=7311 comm="syz-executor" path="/syzkaller.K8mM3h/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 80.748820][ T839] usb 6-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 80.753096][ T839] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 80.758843][ T839] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 80.762364][ T839] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.770349][ T839] usb 6-1: config 0 descriptor?? [ 80.814862][ T838] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 80.891388][ T7480] netlink: 'syz.4.524': attribute type 1 has an invalid length. [ 80.975151][ T838] usb 8-1: Using ep0 maxpacket: 8 [ 80.978079][ T838] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 80.981511][ T838] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 80.983337][ T839] usb 6-1: string descriptor 0 read error: -71 [ 80.985758][ T838] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.994461][ T839] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 80.995871][ T838] usb 8-1: config 0 descriptor?? [ 80.999311][ T839] usb 6-1: USB disconnect, device number 6 [ 81.210301][ T838] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 81.347197][ T837] cfg80211: failed to load regulatory.db [ 81.424867][ T5956] Bluetooth: hci2: command tx timeout [ 81.607942][ T7523] netlink: 24 bytes leftover after parsing attributes in process `syz.1.533'. [ 81.610717][ T7523] FAULT_INJECTION: forcing a failure. [ 81.610717][ T7523] name failslab, interval 1, probability 0, space 0, times 0 [ 81.616406][ T7523] CPU: 0 UID: 0 PID: 7523 Comm: syz.1.533 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 81.616420][ T7523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.616427][ T7523] Call Trace: [ 81.616431][ T7523] [ 81.616435][ T7523] dump_stack_lvl+0x16c/0x1f0 [ 81.616454][ T7523] should_fail_ex+0x512/0x640 [ 81.616468][ T7523] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 81.616486][ T7523] should_failslab+0xc2/0x120 [ 81.616502][ T7523] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 81.616518][ T7523] ? kvasprintf_const+0x66/0x1a0 [ 81.616537][ T7523] kvasprintf+0xbc/0x160 [ 81.616552][ T7523] ? __pfx_kvasprintf+0x10/0x10 [ 81.616569][ T7523] ? rcu_read_unlock+0x17/0x60 [ 81.616588][ T7523] kvasprintf_const+0x66/0x1a0 [ 81.616605][ T7523] kobject_set_name_vargs+0x5a/0x140 [ 81.616623][ T7523] dev_set_name+0xc7/0x100 [ 81.616635][ T7523] ? __pfx_dev_set_name+0x10/0x10 [ 81.616647][ T7523] ? rcu_is_watching+0x12/0xc0 [ 81.616661][ T7523] ? trace_kmalloc+0x2b/0xd0 [ 81.616677][ T7523] ? __kmalloc_noprof.cold+0x5c/0x61 [ 81.616692][ T7523] ? irq_work_queue+0xce/0x100 [ 81.616707][ T7523] ? wiphy_new_nm+0x797/0x2160 [ 81.616726][ T7523] wiphy_new_nm+0x811/0x2160 [ 81.616743][ T7523] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 81.616755][ T7523] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 81.616765][ T7523] ieee80211_alloc_hw_nm+0x1b7a/0x2260 [ 81.616775][ T7523] ? __local_bh_enable_ip+0xa4/0x120 [ 81.616791][ T7523] mac80211_hwsim_new_radio+0x1d4/0x54d0 [ 81.616807][ T7523] ? __pfx__printk+0x10/0x10 [ 81.616820][ T7523] ? __pfx____ratelimit+0x10/0x10 [ 81.616839][ T7523] ? rcu_is_watching+0x12/0xc0 [ 81.616853][ T7523] ? do_trace_netlink_extack+0x164/0x1e0 [ 81.616869][ T7523] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 81.616888][ T7523] hwsim_new_radio_nl+0xb51/0x12c0 [ 81.616904][ T7523] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 81.616923][ T7523] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 81.616936][ T7523] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 81.616952][ T7523] genl_family_rcv_msg_doit+0x206/0x2f0 [ 81.616966][ T7523] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 81.616983][ T7523] ? bpf_lsm_capable+0x9/0x10 [ 81.616994][ T7523] ? security_capable+0x7e/0x260 [ 81.617007][ T7523] ? ns_capable+0xd7/0x110 [ 81.617021][ T7523] genl_rcv_msg+0x55c/0x800 [ 81.617034][ T7523] ? __pfx_genl_rcv_msg+0x10/0x10 [ 81.617046][ T7523] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 81.617066][ T7523] netlink_rcv_skb+0x155/0x420 [ 81.617077][ T7523] ? __pfx_genl_rcv_msg+0x10/0x10 [ 81.617089][ T7523] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 81.617105][ T7523] ? netlink_deliver_tap+0x1ae/0xd30 [ 81.617124][ T7523] genl_rcv+0x28/0x40 [ 81.617134][ T7523] netlink_unicast+0x53a/0x7f0 [ 81.617146][ T7523] ? __pfx_netlink_unicast+0x10/0x10 [ 81.617160][ T7523] netlink_sendmsg+0x8d1/0xdd0 [ 81.617173][ T7523] ? __pfx_netlink_sendmsg+0x10/0x10 [ 81.617189][ T7523] ____sys_sendmsg+0xa95/0xc70 [ 81.617200][ T7523] ? copy_msghdr_from_user+0x10a/0x160 [ 81.617215][ T7523] ? __pfx_____sys_sendmsg+0x10/0x10 [ 81.617232][ T7523] ___sys_sendmsg+0x134/0x1d0 [ 81.617247][ T7523] ? __pfx____sys_sendmsg+0x10/0x10 [ 81.617260][ T7523] ? __lock_acquire+0x622/0x1c90 [ 81.617288][ T7523] __sys_sendmsg+0x16d/0x220 [ 81.617303][ T7523] ? __pfx___sys_sendmsg+0x10/0x10 [ 81.617327][ T7523] do_syscall_64+0xcd/0x4c0 [ 81.617343][ T7523] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.617354][ T7523] RIP: 0033:0x7f6b2d18e929 [ 81.617364][ T7523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.617374][ T7523] RSP: 002b:00007f6b2dfae038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 81.617385][ T7523] RAX: ffffffffffffffda RBX: 00007f6b2d3b6080 RCX: 00007f6b2d18e929 [ 81.617391][ T7523] RDX: 0000000020008010 RSI: 0000200000000140 RDI: 0000000000000005 [ 81.617398][ T7523] RBP: 00007f6b2dfae090 R08: 0000000000000000 R09: 0000000000000000 [ 81.617404][ T7523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.617410][ T7523] R13: 0000000000000000 R14: 00007f6b2d3b6080 R15: 00007ffcdeecf918 [ 81.617424][ T7523] [ 81.618828][ T6192] usb 8-1: USB disconnect, device number 6 [ 81.910180][ T7530] FAULT_INJECTION: forcing a failure. [ 81.910180][ T7530] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 81.914520][ T7530] CPU: 2 UID: 0 PID: 7530 Comm: syz.0.536 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 81.914535][ T7530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.914542][ T7530] Call Trace: [ 81.914546][ T7530] [ 81.914550][ T7530] dump_stack_lvl+0x16c/0x1f0 [ 81.914569][ T7530] should_fail_ex+0x512/0x640 [ 81.914586][ T7530] _copy_from_user+0x2e/0xd0 [ 81.914625][ T7530] wext_handle_ioctl+0xc2/0x2a0 [ 81.914644][ T7530] ? __pfx_wext_handle_ioctl+0x10/0x10 [ 81.914674][ T7530] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 81.914693][ T7530] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 81.914711][ T7530] sock_ioctl+0x3a1/0x6b0 [ 81.914724][ T7530] ? __pfx_sock_ioctl+0x10/0x10 [ 81.914744][ T7530] ? hook_file_ioctl_common+0x145/0x410 [ 81.914767][ T7530] ? selinux_file_ioctl+0x180/0x270 [ 81.914781][ T7530] ? selinux_file_ioctl+0xb4/0x270 [ 81.914796][ T7530] ? __pfx_sock_ioctl+0x10/0x10 [ 81.914807][ T7530] __x64_sys_ioctl+0x18e/0x210 [ 81.914822][ T7530] do_syscall_64+0xcd/0x4c0 [ 81.914839][ T7530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.914850][ T7530] RIP: 0033:0x7f38be58e929 [ 81.914859][ T7530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.914871][ T7530] RSP: 002b:00007f38bf3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 81.914881][ T7530] RAX: ffffffffffffffda RBX: 00007f38be7b5fa0 RCX: 00007f38be58e929 [ 81.914888][ T7530] RDX: 0000200000000000 RSI: 0000000000008b34 RDI: 0000000000000006 [ 81.914894][ T7530] RBP: 00007f38bf3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 81.914900][ T7530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.914906][ T7530] R13: 0000000000000000 R14: 00007f38be7b5fa0 R15: 00007ffdffe65dc8 [ 81.914920][ T7530] [ 82.020073][ T7532] overlayfs: statfs failed on './file0' [ 82.172159][ T40] audit: type=1400 audit(1751986187.154:309): avc: denied { read write } for pid=7533 comm="syz.0.538" name="uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 82.174370][ T7537] input: syz1 as /devices/virtual/input/input9 [ 82.192490][ T40] audit: type=1400 audit(1751986187.154:310): avc: denied { open } for pid=7533 comm="syz.0.538" path="/dev/uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 82.202547][ T40] audit: type=1400 audit(1751986187.154:311): avc: denied { ioctl } for pid=7533 comm="syz.0.538" path="/dev/uinput" dev="devtmpfs" ino=943 ioctlcmd=0x5566 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 82.270857][ T7543] hfsplus: unable to find HFS+ superblock [ 82.486742][ T7576] hfsplus: unable to find HFS+ superblock [ 82.547289][ T7582] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 82.551009][ T7582] overlayfs: missing 'lowerdir' [ 82.554879][ T40] audit: type=1400 audit(1751986187.534:312): avc: denied { getopt } for pid=7581 comm="syz.0.553" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 82.602051][ T40] audit: type=1400 audit(1751986187.584:313): avc: denied { append } for pid=7585 comm="syz.3.555" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 82.617654][ T7584] FAULT_INJECTION: forcing a failure. [ 82.617654][ T7584] name failslab, interval 1, probability 0, space 0, times 0 [ 82.622094][ T7584] CPU: 2 UID: 0 PID: 7584 Comm: syz.0.554 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 82.622124][ T7584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.622135][ T7584] Call Trace: [ 82.622142][ T7584] [ 82.622149][ T7584] dump_stack_lvl+0x16c/0x1f0 [ 82.622181][ T7584] should_fail_ex+0x512/0x640 [ 82.622219][ T7584] ? __kvmalloc_node_noprof+0x124/0x620 [ 82.622245][ T7584] should_failslab+0xc2/0x120 [ 82.622272][ T7584] __kvmalloc_node_noprof+0x137/0x620 [ 82.622294][ T7584] ? __pfx___mutex_lock+0x10/0x10 [ 82.622319][ T7584] ? nf_hook_entries_grow+0x285/0x860 [ 82.622350][ T7584] ? nf_hook_entries_grow+0x285/0x860 [ 82.622373][ T7584] nf_hook_entries_grow+0x285/0x860 [ 82.622396][ T7584] ? __call_rcu_common.constprop.0+0x3f0/0xa10 [ 82.622424][ T7584] __nf_register_net_hook+0x1cd/0x730 [ 82.622454][ T7584] nf_register_net_hook+0x109/0x160 [ 82.622481][ T7584] nf_register_net_hooks+0x5d/0xd0 [ 82.622508][ T7584] nf_ct_netns_do_get+0x251/0x620 [ 82.622535][ T7584] ? __pfx_nf_ct_netns_do_get+0x10/0x10 [ 82.622560][ T7584] ? xt_find_match+0x1f1/0x290 [ 82.622581][ T7584] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 82.622630][ T7584] nf_ct_netns_get+0x39/0x150 [ 82.622656][ T7584] connbytes_mt_check+0x119/0x310 [ 82.622673][ T7584] ? __pfx_connbytes_mt_check+0x10/0x10 [ 82.622691][ T7584] xt_check_match+0x283/0xa50 [ 82.622714][ T7584] ? __pfx_xt_check_match+0x10/0x10 [ 82.622737][ T7584] ? xt_find_match+0x1f6/0x290 [ 82.622758][ T7584] ? xt_find_match+0x1f6/0x290 [ 82.622784][ T7584] find_check_entry.constprop.0+0x34e/0xa20 [ 82.622814][ T7584] ? __pfx_find_check_entry.constprop.0+0x10/0x10 [ 82.622843][ T7584] ? lockdep_hardirqs_on+0x7c/0x110 [ 82.622870][ T7584] ? kfree+0x2b4/0x4d0 [ 82.622888][ T7584] ? translate_table+0xc0e/0x17b0 [ 82.622912][ T7584] translate_table+0xd0b/0x17b0 [ 82.622957][ T7584] ? __pfx_translate_table+0x10/0x10 [ 82.622987][ T7584] do_ip6t_set_ctl+0x570/0xb00 [ 82.623007][ T7584] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 82.623029][ T7584] ? __pfx_do_ip6t_set_ctl+0x10/0x10 [ 82.623053][ T7584] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 82.623091][ T7584] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 82.623118][ T7584] nf_setsockopt+0x8a/0xf0 [ 82.623137][ T7584] ipv6_setsockopt+0x135/0x170 [ 82.623160][ T7584] udpv6_setsockopt+0x7d/0xd0 [ 82.623184][ T7584] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 82.623213][ T7584] do_sock_setsockopt+0x221/0x470 [ 82.623240][ T7584] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 82.623284][ T7584] __sys_setsockopt+0x1a0/0x230 [ 82.623310][ T7584] __x64_sys_setsockopt+0xbd/0x160 [ 82.623332][ T7584] ? do_syscall_64+0x91/0x4c0 [ 82.623355][ T7584] ? lockdep_hardirqs_on+0x7c/0x110 [ 82.623377][ T7584] do_syscall_64+0xcd/0x4c0 [ 82.623403][ T7584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.623421][ T7584] RIP: 0033:0x7f38be58e929 [ 82.623435][ T7584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.623452][ T7584] RSP: 002b:00007f38bf3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 82.623469][ T7584] RAX: ffffffffffffffda RBX: 00007f38be7b5fa0 RCX: 00007f38be58e929 [ 82.623481][ T7584] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 82.623491][ T7584] RBP: 00007f38bf3f6090 R08: 0000000000000620 R09: 0000000000000000 [ 82.623500][ T7584] R10: 00002000000009c0 R11: 0000000000000246 R12: 0000000000000001 [ 82.623510][ T7584] R13: 0000000000000000 R14: 00007f38be7b5fa0 R15: 00007ffdffe65dc8 [ 82.623532][ T7584] [ 82.623828][ T7584] xt_connbytes: cannot load conntrack support for proto=10 [ 82.826244][ T7593] FAULT_INJECTION: forcing a failure. [ 82.826244][ T7593] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 82.834505][ T7593] CPU: 2 UID: 0 PID: 7593 Comm: syz.0.557 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 82.834521][ T7593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.834528][ T7593] Call Trace: [ 82.834532][ T7593] [ 82.834536][ T7593] dump_stack_lvl+0x16c/0x1f0 [ 82.834556][ T7593] should_fail_ex+0x512/0x640 [ 82.834573][ T7593] _copy_from_user+0x2e/0xd0 [ 82.834606][ T7593] kstrtouint_from_user+0xd6/0x1d0 [ 82.834620][ T7593] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 82.834631][ T7593] ? __lock_acquire+0xb8a/0x1c90 [ 82.834648][ T7593] proc_fail_nth_write+0x83/0x250 [ 82.834663][ T7593] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 82.834680][ T7593] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 82.834692][ T7593] vfs_write+0x2a0/0x1150 [ 82.834709][ T7593] ? __pfx___mutex_lock+0x10/0x10 [ 82.834725][ T7593] ? __pfx_vfs_write+0x10/0x10 [ 82.834755][ T7593] ? __fget_files+0x20e/0x3c0 [ 82.834775][ T7593] ksys_write+0x12a/0x250 [ 82.834788][ T7593] ? __pfx_ksys_write+0x10/0x10 [ 82.834802][ T7593] ? fput+0x70/0xf0 [ 82.834813][ T7593] do_syscall_64+0xcd/0x4c0 [ 82.834830][ T7593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.834853][ T7593] RIP: 0033:0x7f38be58d3df [ 82.834862][ T7593] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 82.834873][ T7593] RSP: 002b:00007f38bf3f6030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 82.834884][ T7593] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f38be58d3df [ 82.834891][ T7593] RDX: 0000000000000001 RSI: 00007f38bf3f60a0 RDI: 0000000000000004 [ 82.834897][ T7593] RBP: 00007f38bf3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 82.834903][ T7593] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 82.834909][ T7593] R13: 0000000000000000 R14: 00007f38be7b5fa0 R15: 00007ffdffe65dc8 [ 82.834923][ T7593] [ 82.859161][ T7595] FAULT_INJECTION: forcing a failure. [ 82.859161][ T7595] name failslab, interval 1, probability 0, space 0, times 0 [ 82.912383][ T7595] CPU: 0 UID: 0 PID: 7595 Comm: syz.3.558 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 82.912421][ T7595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.912432][ T7595] Call Trace: [ 82.912438][ T7595] [ 82.912444][ T7595] dump_stack_lvl+0x16c/0x1f0 [ 82.912473][ T7595] should_fail_ex+0x512/0x640 [ 82.912496][ T7595] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 82.912522][ T7595] should_failslab+0xc2/0x120 [ 82.912545][ T7595] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 82.912570][ T7595] ? __alloc_skb+0x2b2/0x380 [ 82.912589][ T7595] ? __pfx_avc_has_perm+0x10/0x10 [ 82.912606][ T7595] __alloc_skb+0x2b2/0x380 [ 82.912621][ T7595] ? __pfx___alloc_skb+0x10/0x10 [ 82.912638][ T7595] ? do_raw_spin_lock+0x12c/0x2b0 [ 82.912657][ T7595] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 82.912682][ T7595] sock_wmalloc+0xd4/0x120 [ 82.912703][ T7595] pppoe_sendmsg+0x2c3/0x7b0 [ 82.912722][ T7595] ? __pfx_pppoe_sendmsg+0x10/0x10 [ 82.912737][ T7595] ? __might_fault+0x13b/0x190 [ 82.912767][ T7595] ____sys_sendmsg+0xa95/0xc70 [ 82.912785][ T7595] ? copy_msghdr_from_user+0x10a/0x160 [ 82.912809][ T7595] ? __pfx_____sys_sendmsg+0x10/0x10 [ 82.912830][ T7595] ? kfree+0x24f/0x4d0 [ 82.912846][ T7595] ? __pfx__kstrtoull+0x10/0x10 [ 82.912869][ T7595] ___sys_sendmsg+0x134/0x1d0 [ 82.912894][ T7595] ? __pfx____sys_sendmsg+0x10/0x10 [ 82.912943][ T7595] ? __pfx___might_resched+0x10/0x10 [ 82.912971][ T7595] __sys_sendmmsg+0x200/0x420 [ 82.912998][ T7595] ? __pfx___sys_sendmmsg+0x10/0x10 [ 82.913030][ T7595] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 82.913083][ T7595] ? fput+0x70/0xf0 [ 82.913106][ T7595] ? ksys_write+0x1ac/0x250 [ 82.913128][ T7595] ? __pfx_ksys_write+0x10/0x10 [ 82.913153][ T7595] __x64_sys_sendmmsg+0x9c/0x100 [ 82.913175][ T7595] ? lockdep_hardirqs_on+0x7c/0x110 [ 82.913199][ T7595] do_syscall_64+0xcd/0x4c0 [ 82.913226][ T7595] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.913243][ T7595] RIP: 0033:0x7fd37ed8e929 [ 82.913257][ T7595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.913275][ T7595] RSP: 002b:00007fd37fbaa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 82.913292][ T7595] RAX: ffffffffffffffda RBX: 00007fd37efb5fa0 RCX: 00007fd37ed8e929 [ 82.913303][ T7595] RDX: 0000000000000484 RSI: 0000200000001340 RDI: 0000000000000003 [ 82.913313][ T7595] RBP: 00007fd37fbaa090 R08: 0000000000000000 R09: 0000000000000000 [ 82.913323][ T7595] R10: 0000000024048084 R11: 0000000000000246 R12: 0000000000000001 [ 82.913333][ T7595] R13: 0000000000000000 R14: 00007fd37efb5fa0 R15: 00007ffc56c04d58 [ 82.913359][ T7595] [ 83.123095][ T7604] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=7604 comm=syz.3.563 [ 83.130301][ T7604] ------------[ cut here ]------------ [ 83.132492][ T7604] UBSAN: shift-out-of-bounds in drivers/comedi/drivers/aio_iiro_16.c:180:9 [ 83.134817][ T40] audit: type=1400 audit(1751986188.114:314): avc: denied { append } for pid=7602 comm="syz.3.563" name="comedi2" dev="devtmpfs" ino=1304 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 83.135631][ T7604] shift exponent 6779 is too large for 32-bit type 'int' [ 83.148959][ T7604] CPU: 0 UID: 0 PID: 7604 Comm: syz.3.563 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 83.148975][ T7604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.148983][ T7604] Call Trace: [ 83.148987][ T7604] [ 83.148991][ T7604] dump_stack_lvl+0x16c/0x1f0 [ 83.149011][ T7604] __ubsan_handle_shift_out_of_bounds+0x27f/0x420 [ 83.149037][ T7604] aio_iiro_16_attach.cold+0x19/0x1e [ 83.149053][ T7604] comedi_device_attach+0x3b3/0x900 [ 83.149073][ T7604] do_devconfig_ioctl+0x1a7/0x580 [ 83.149104][ T7604] ? __pfx_do_devconfig_ioctl+0x10/0x10 [ 83.149131][ T7604] ? find_held_lock+0x2b/0x80 [ 83.149148][ T7604] comedi_unlocked_ioctl+0x15bb/0x2e90 [ 83.149164][ T7604] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 83.149179][ T7604] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 83.149196][ T7604] ? do_vfs_ioctl+0x523/0x1a60 [ 83.149214][ T7604] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 83.149238][ T7604] ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540 [ 83.149256][ T7604] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 83.149273][ T7604] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 83.149294][ T7604] ? hook_file_ioctl_common+0x145/0x410 [ 83.149317][ T7604] ? selinux_file_ioctl+0x180/0x270 [ 83.149331][ T7604] ? selinux_file_ioctl+0xb4/0x270 [ 83.149347][ T7604] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 83.149360][ T7604] __x64_sys_ioctl+0x18e/0x210 [ 83.149374][ T7604] do_syscall_64+0xcd/0x4c0 [ 83.149391][ T7604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.149403][ T7604] RIP: 0033:0x7fd37ed8e929 [ 83.149413][ T7604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.149424][ T7604] RSP: 002b:00007fd37fbaa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 83.149434][ T7604] RAX: ffffffffffffffda RBX: 00007fd37efb5fa0 RCX: 00007fd37ed8e929 [ 83.149442][ T7604] RDX: 0000200000000140 RSI: 0000000040946400 RDI: 000000000000000a [ 83.149448][ T7604] RBP: 00007fd37ee10b39 R08: 0000000000000000 R09: 0000000000000000 [ 83.149455][ T7604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 83.149461][ T7604] R13: 0000000000000000 R14: 00007fd37efb5fa0 R15: 00007ffc56c04d58 [ 83.149476][ T7604] [ 83.149492][ T7604] ---[ end trace ]--- [ 83.233101][ T7604] Kernel panic - not syncing: UBSAN: panic_on_warn set ... [ 83.235372][ T7604] CPU: 0 UID: 0 PID: 7604 Comm: syz.3.563 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 83.238936][ T7604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.242290][ T7604] Call Trace: [ 83.243360][ T7604] [ 83.244293][ T7604] dump_stack_lvl+0x3d/0x1f0 [ 83.245972][ T7604] panic+0x71c/0x800 [ 83.247334][ T7604] ? __pfx_panic+0x10/0x10 [ 83.248718][ T7604] ? __pfx__printk+0x10/0x10 [ 83.250152][ T7604] check_panic_on_warn+0xab/0xb0 [ 83.251698][ T7604] __ubsan_handle_shift_out_of_bounds+0x2a6/0x420 [ 83.253676][ T7604] aio_iiro_16_attach.cold+0x19/0x1e [ 83.255304][ T7604] comedi_device_attach+0x3b3/0x900 [ 83.256908][ T7604] do_devconfig_ioctl+0x1a7/0x580 [ 83.258440][ T7604] ? __pfx_do_devconfig_ioctl+0x10/0x10 [ 83.260159][ T7604] ? find_held_lock+0x2b/0x80 [ 83.261644][ T7604] comedi_unlocked_ioctl+0x15bb/0x2e90 [ 83.263383][ T7604] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 83.265788][ T7604] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 83.267621][ T7604] ? do_vfs_ioctl+0x523/0x1a60 [ 83.269092][ T7604] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 83.270656][ T7604] ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540 [ 83.272619][ T7604] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 83.274958][ T7604] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 83.277581][ T7604] ? hook_file_ioctl_common+0x145/0x410 [ 83.279762][ T7604] ? selinux_file_ioctl+0x180/0x270 [ 83.281705][ T7604] ? selinux_file_ioctl+0xb4/0x270 [ 83.283360][ T7604] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 83.285178][ T7604] __x64_sys_ioctl+0x18e/0x210 [ 83.286693][ T7604] do_syscall_64+0xcd/0x4c0 [ 83.288128][ T7604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.290091][ T7604] RIP: 0033:0x7fd37ed8e929 [ 83.291665][ T7604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.298525][ T7604] RSP: 002b:00007fd37fbaa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 83.301139][ T7604] RAX: ffffffffffffffda RBX: 00007fd37efb5fa0 RCX: 00007fd37ed8e929 [ 83.303653][ T7604] RDX: 0000200000000140 RSI: 0000000040946400 RDI: 000000000000000a [ 83.306087][ T7604] RBP: 00007fd37ee10b39 R08: 0000000000000000 R09: 0000000000000000 [ 83.308531][ T7604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 83.310985][ T7604] R13: 0000000000000000 R14: 00007fd37efb5fa0 R15: 00007ffc56c04d58 [ 83.313477][ T7604] [ 83.315149][ T7604] Kernel Offset: disabled [ 83.316551][ T7604] Rebooting in 86400 seconds.. VM DIAGNOSIS: 14:49:48 Registers: info registers vcpu 0 CPU#0 RAX=0000000000018c8f RBX=0000000000000036 RCX=ffffc900056c1000 RDX=0000000000080000 RSI=ffffffff819b8440 RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc90003eb77f8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=1ffff920007d6f01 R13=0000000000000200 R14=ffff88801f2f2440 R15=ffffc90003eb78c0 RIP=ffffffff819b8442 RFL=00000083 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fd37fbaa6c0 ffffffff 00c00000 GS =0000 ffff8880d6718000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f38bf3f5f98 CR3=00000000536ef000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6b2d211b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6b2d211b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6b2d211b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6b2d211b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6b2d211bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6b2d211c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6b2d385488 00007f6b2d385480 00007f6b2d385478 00007f6b2d385450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6b2deed100 00007f6b2d385440 00007f6b2d380004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6b2d385498 00007f6b2d385490 00007f6b2d385488 00007f6b2d385480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9f0c1ea327d910ca f6614f72c8b4214b a4c065be101a6696 8b00f678a7e6156f ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e88d29e3e7187732 538e51343f836d69 9150af20e50066f2 4f24afdce33e2853 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 d37bae005ad06530 05e2777bf2c2b730 e1171e6fb648eb8f 611d91c736b5a9a7 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1c0779e25288e8e7 97dad1124d3889dd d6913e19a498d255 10e037f73c196585 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000029 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff855bb315 RDI=ffffffff9b0c22a0 RBP=ffffffff9b0c2260 RSP=ffffc9000078f880 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000029 R14=ffffffff9b0c2260 R15=ffffffff855bb2b0 RIP=ffffffff855bb33f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6818000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c3013b8 CR3=0000000025bbb000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff81179ec0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca9b611b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca9b611b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca9b611b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca9b611b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca9b611bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca9b611c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000050 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000086f4d RBX=0000000000000002 RCX=ffffffff8b881c69 RDX=0000000000000000 RSI=ffffffff8de31064 RDI=ffffffff8c158660 RBP=ffffed1003c53910 RSP=ffffc90000187df8 R8 =0000000000000001 R9 =ffffed100d4c6645 R10=ffff88806a63322b R11=0000000000000001 R12=0000000000000002 R13=ffff88801e29c880 R14=ffffffff90a97350 R15=0000000000000000 RIP=ffffffff8b8807cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6918000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c26731c CR3=000000004e454000 CR4=00352ef0 DR0=0000000000000006 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000010000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc56c050e0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd37ee11b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd37ee11b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd37ee11b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd37ee11b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd37ee11bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd37ee11c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000007f48f RBX=0000000000000003 RCX=ffffffff8b881c69 RDX=0000000000000000 RSI=ffffffff8de31064 RDI=ffffffff8c158660 RBP=ffffed1003c56000 RSP=ffffc90000197df8 R8 =0000000000000001 R9 =ffffed100d4e6645 R10=ffff88806a73322b R11=0000000000000001 R12=0000000000000003 R13=ffff88801e2b0000 R14=ffffffff90a97350 R15=0000000000000000 RIP=ffffffff8b8807cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6a18000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c33dec3 CR3=0000000050ca2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000010000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdffe66150 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38be611b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38be611b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38be611b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38be611b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38be611bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38be611c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000