last executing test programs: 2.910548982s ago: executing program 3 (id=683): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha384\x00'}, 0x58) r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301) ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000040)=@usbdevfs_disconnect={0x6}) read$FUSE(0xffffffffffffffff, 0x0, 0x0) fcntl$lock(0xffffffffffffffff, 0x24, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x90) read$FUSE(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) syz_emit_ethernet(0xc3, &(0x7f0000000800)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa1e8847000000000000000014110742077aa6f448f15011e9cd7630b89db1e90ed593f2cead6db57543a63ec246508daa8d5dc15c9871908688d8c67ab9b1b8259a0d22e316ca31fd16de4dcf6342932130eb8a6776ca4322bd40a235386daf55c977c74b1f16765aa48ffccc47edc4b0795fe157bee05a5e5af2c4076a260fd9dea903f6e5cd1b47156b04f5c634e279aa52ff9864c2b9339d6363be61171886afd65a594edc61dc1c5106daeffab3ad53b1a8a57eb4209c58e89c2921e276bed3eaac8803f0fffe9077"], 0x0) ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef43c000000e3bd6efb440009000e000a0010000000ba8000001201", 0x2e}], 0x1}, 0x80) 2.748362637s ago: executing program 3 (id=687): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000000000000100000008000600e00000010500040001"], 0x2c}, 0x1, 0x0, 0x0, 0x20048091}, 0x0) (fail_nth: 4) 2.690591104s ago: executing program 3 (id=689): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xfffffffffffffc5d, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x5b5d}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}]}, @IFLA_ALT_IFNAME={0x14, 0x35, 'wg1\x00'}]}, 0x50}, 0x1, 0x700000000000000}, 0x0) 2.690460673s ago: executing program 3 (id=690): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="d8000000180081064e81f782db4cb904021d0800fe067c05e8fe55a10a0005000140020003600e41b0000900ac0006fc1100000016000500014002000000035c3b61c1d67f6f94007174cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001b14d6d930dfe1d9d322fe7c4650b5b9bd6ee6f63f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b4ff010000000000000dd6e4edef3d93452a09004b43370e9703920723f97e46bb5c07540d3b", 0xd8}], 0x1}, 0x34000) 2.639922207s ago: executing program 3 (id=692): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r0, 0x942e, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000180)={'vcan0\x00', &(0x7f00000001c0)=@ethtool_rxfh={0x46, 0x4, 0x7, 0x5, 0xda, "37e4eb", 0x5, [0x1, 0x4, 0x5, 0x5, 0x8, 0x2, 0x3, 0x1, 0x1]}}) listen(r0, 0x3) syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @empty, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0x2}}}}}}}, 0x0) shutdown(r0, 0x1) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 2.587449288s ago: executing program 3 (id=695): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000640)={'filter\x00', 0xb001, 0x4, 0x3f0, 0x0, 0x0, 0x1f8, 0x308, 0x308, 0x308, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1f8}}, {{@uncond, 0xc0, 0x110, 0x0, {0x0, 0x1e03}}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr=0x64010100, @private=0xa010101, 0xf, 0xffffffff}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x28}, 0xf, 0xffffffff}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4000000010004b04000000000000", @ANYRES32=0x0, @ANYBLOB="0000800b0001006272135b"], 0x40}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000580)=@ipv4_newroute={0x38, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8}}}}]}, 0x38}}, 0x0) syz_usb_connect$uac1(0x6, 0x71, &(0x7f00000000c0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x9, 0x9936c5154318bee0, 0x8, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x5, 0x9}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0x0, 0x0, 0x80, {0x7, 0x25, 0x1, 0x81, 0x7, 0x5}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x9, 0x3, 0x3, {0x7, 0x25, 0x1, 0x80, 0x3, 0x2}}}}}}}]}}, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8) r2 = syz_io_uring_setup(0x832, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0, 0x0, 0x1}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1) r5 = socket$rds(0x15, 0x5, 0x0) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r5, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0, 0x0, 0x1}) memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc00x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) ioctl$PPPIOCGDEBUG(0xffffffffffffffff, 0x80047441, &(0x7f0000000240)) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x2}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c00020008000100"], 0x3c}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x44}, 0x1, 0x0, 0x300, 0x20000804}, 0x8000) 2.350324815s ago: executing program 2 (id=702): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x20048091}, 0x0) 2.349566082s ago: executing program 2 (id=704): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$llc_int(r0, 0x10c, 0x6, &(0x7f0000000000), &(0x7f0000000200)=0x4) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffe0}, {0xfff9, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0x1ff}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40085}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="00000000a8888000280012800a00010076786c616e00"], 0x50}}, 0x20008844) 2.34092609s ago: executing program 2 (id=705): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x1f, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000000000000100000008000600e00000010500040001"], 0x2c}, 0x1, 0x0, 0x0, 0x20048091}, 0x0) 2.26031534s ago: executing program 2 (id=706): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x10, 0x2, 0xb6, '\x00', 0x2}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000040)=0x3) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.649579456s ago: executing program 1 (id=718): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef43c000000e3bd6efb440009000e000a0010000000ba8000001201", 0x2e}], 0x1}, 0x80) 1.59002556s ago: executing program 1 (id=719): ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(0xffffffffffffffff, 0x3b72, &(0x7f0000000000)={0x52, 0x1, 0xffff, 0x7fffffff, "e694bc030bc73f5a4506ab025f55244bd07d034677453f0fd66afa73b716a7d58dd2e009b8e07d1482d576165e93d1f7e7c552a391f657701df3"}) (async, rerun: 64) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/dev\x00') (rerun: 64) close(r0) (async, rerun: 32) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f00000000c0)={0x48, 0x2, 0x0, 0x0, 0x0}) (async, rerun: 32) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000140)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r0, 0x3ba0, &(0x7f0000000180)={0x48, 0xa, r1, 0x0, r2}) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000200)={{{@in=@broadcast, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@local}}, &(0x7f0000000300)=0xe8) (async) r5 = socket$xdp(0x2c, 0x3, 0x0) mmap$xdp(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x4, 0x10, r5, 0x80000000) (async) r6 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000340), 0x54241, 0x0) ioctl$IOMMU_IOAS_UNMAP$ALL(r6, 0x3b86, &(0x7f0000000380)={0x18, r2}) (async) ioctl$SNDCTL_DSP_GETBLKSIZE(r0, 0xc0045004, &(0x7f00000003c0)) (async) fcntl$F_GET_RW_HINT(0xffffffffffffffff, 0x40b, &(0x7f0000000400)) (async) syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc9, 0x48}}}, 0x8) syz_emit_vhci(&(0x7f0000000480)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{0x18, 0x17}, {@none, "9f9a375bcddc8481662ef4850b56d991", 0x5}}}, 0x1a) (async) syz_emit_vhci(&(0x7f00000004c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x33}, @l2cap_cid_signaling={{0x2f}, [@l2cap_conf_rsp={{0x5, 0x58, 0x2b}, {0x8000, 0x0, 0x6, [@l2cap_conf_ews={0x7, 0x2, 0x4}, @l2cap_conf_efs={0x6, 0x10, {0x0, 0x2, 0x5, 0x800, 0x1, 0xffff}}, @l2cap_conf_ews={0x7, 0x2, 0xfffb}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_mtu={0x1, 0x2}, @l2cap_conf_flushto={0x2, 0x2, 0x8}]}}]}}, 0x38) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000009, 0x8000000000000000, 0x1000) (async) execveat(r0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000640)={[&(0x7f0000000540)='net/dev\x00', &(0x7f0000000580)='\x00', &(0x7f00000005c0)='\x00', &(0x7f0000000600)='/dev/cachefiles\x00']}, &(0x7f0000000780)={[&(0x7f0000000680)='/dev/cachefiles\x00', &(0x7f00000006c0)=']#\x00', &(0x7f0000000700)='\'\xab\x00', &(0x7f0000000740)='\xff\xff\xff\xff\xff\xff']}, 0x1000) (async, rerun: 32) splice(r6, &(0x7f00000007c0)=0x7, r0, &(0x7f0000000800)=0x4, 0xe28, 0x0) (async, rerun: 32) splice(r5, &(0x7f0000000840)=0x8, r6, &(0x7f0000000880)=0xffffffffffffff80, 0x2, 0x2) (async, rerun: 32) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f00000008c0)={0x1, 0x2, 0x5000, 0x1000, &(0x7f0000ffa000/0x1000)=nil}) (rerun: 32) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r6, 0x3ba0, &(0x7f0000000900)={0x48}) ioctl$SIOCGETVIFCNT(r0, 0x89e0, &(0x7f0000000980)) (async) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000009c0)={{{@in=@multicast2, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4e24, 0x388, 0x4e24, 0x4, 0xa, 0x20, 0xa0, 0x87, r3, r4}, {0x79, 0x0, 0x8db, 0x8, 0xfffffffffffffff8, 0xfffffffffffff697, 0xffffffffffff7fff, 0x100}, {0x9, 0xc, 0xf3, 0xd8aa}, 0x1, 0x6e6bb7, 0x2, 0x1, 0x1, 0x3}, {{@in=@multicast1, 0x4d2, 0x2b}, 0x2, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x3504, 0x1, 0x3, 0x1, 0xe, 0x2f954001, 0x9}}, 0xe8) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000b40)=@IORING_OP_SYMLINKAT={0x26, 0x8, 0x0, r6, &(0x7f0000000ac0)='./file1\x00', &(0x7f0000000b00)='./file0\x00', 0x0, 0x0, 0x0, {0x0, r7}}) (async) lseek(r0, 0x9, 0x0) (async) write(0xffffffffffffffff, &(0x7f0000000b80)="6505db7fe4091b51f9600bb65e80e0eed589e679c619ce1cb1b12162022ca0e10c01c738c8b8e721e80a108a69b7c6627b7cfe6cee734b558dd836294ea5730679bc47bc34479117205e54e5cf66c9d333df039387bca470bfb34edbcdbea9a60fac42a58aeb91a7b31061e778a1ad52f5231118c94060d83a00f4ec5e6ac97cfbf39d", 0x83) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000c40)={{&(0x7f0000ff9000/0x1000)=nil, 0x1000}, 0x6}) (async) getsockname$packet(r0, &(0x7f0000000c80), &(0x7f0000000cc0)=0x14) 1.537937922s ago: executing program 1 (id=721): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket(0x15, 0x5, 0x0) getsockopt(r1, 0x200000000114, 0x2711, 0x0, &(0x7f0000000000)) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e20, 0x4, @loopback, 0x2}}, 0xfffffff8, 0x3, 0xf279, 0x3ff, 0x20, 0x7, 0x2}, &(0x7f0000000200)=0x9c) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x24, 0x1, 0x4, 0x5, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x6}, @NFULA_CFG_CMD={0x5, 0x1, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x8040}, 0x800) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) read$alg(r2, &(0x7f0000000240)=""/4096, 0xfffffdef) sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x4c, 0x1, 0x4, 0x201, 0x0, 0x0, {0xa, 0x0, 0x8}, [@NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0xf}, @NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0x963}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x1}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x5}, @NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x9}, @NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0x9}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000054}, 0x80) 1.329384507s ago: executing program 2 (id=722): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x21, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r1}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) open$dir(&(0x7f00000042c0)='./file1\x00', 0x4240, 0x0) fchownat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r3, 0xfffffffffffffffd, 0x0}, 0x29) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', 0x0, 0x0, 0x7, 0x6, 0xfffffff4, 0x2, @mcast1, @local, 0x7, 0x20, 0x1ff, 0x8}}) r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440)=0xffffffffffffffff, 0x4) r6 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000640), &(0x7f0000000680)=r1}, 0x20) r8 = openat$null(0xffffffffffffff9c, &(0x7f0000000700), 0x10080, 0x0) r9 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000800)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x4e43, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x5, 0x0, @void, @value, @void, @value}, 0x50) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000880)=@o_path={&(0x7f0000000740)='./file0\x00', 0x0, 0x6018}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x8, 0xf, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2218, 0x0, 0x0, 0x0, 0x7}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x1}, @alu={0x4, 0x1, 0xa, 0x8, 0x5, 0x100, 0x8}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0xd7, &(0x7f0000000280)=""/215, 0x40f00, 0xd, '\x00', r4, @cgroup_skb=0x1, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000540)={0x3, 0x7, 0x7, 0x1ff}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000008c0)=[r6, r7, r8, r9, r2, r10], 0x0, 0x10, 0x5, @void, @value}, 0x94) socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) r11 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r11, 0x0, 0x0) syz_usb_control_io$hid(r11, 0x0, 0x0) r12 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r12, 0xc0105b08, &(0x7f0000000040)) 1.260471425s ago: executing program 1 (id=723): r0 = syz_open_dev$usbmon(&(0x7f0000001b80), 0x4, 0x400) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) (async) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$igmp(0x2, 0x3, 0x2) (async) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000080)={'team0\x00', 0x0}) setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f0000000540)={0x11, 0x8, 0xc, 0x4, @vifc_lcl_ifindex=r3, @loopback}, 0x10) 1.260271136s ago: executing program 1 (id=724): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1], 0x2c}, 0x1, 0x0, 0x0, 0x20048091}, 0x0) 1.200162865s ago: executing program 1 (id=725): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0) r1 = socket$unix(0x1, 0x1, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) r3 = landlock_create_ruleset(&(0x7f0000000040)={0x1001, 0x0, 0x2}, 0xd, 0x0) landlock_restrict_self(r3, 0x0) r4 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xfff3}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_ECN_PROB={0x8, 0x9, 0x2a}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)=@ipv6_newrule={0x1c, 0x20, 0x1, 0x0, 0x0, {0xa, 0x80, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x10018}}, 0x1c}}, 0x0) bind$unix(r2, &(0x7f0000003000)=@file={0x1}, 0x6e) listen(r2, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) connect$unix(r1, &(0x7f0000000640)=@file={0x1}, 0x6e) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000100)={0x2c, &(0x7f0000000280)=ANY=[@ANYBLOB="200617"], 0x0, 0x0, 0x0, 0x0}, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0xc003f, 0x0) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0xd, 0x0, 0xffffffffffffffff, 0x9, '\x00', r5, 0xffffffffffffffff, 0x0, 0x2, 0x4, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r8, &(0x7f00000002c0)="d9e5f675fe003b76ac48e4cb1be1e07b1df3f6631df705c00cad431736ef3db2ab4229e443f879bc6ead031128171da227004ba24c0373f35aba4a78b9e21b858b7b271d28e249ec79dd6b3793336cec76a4227e9526c0d47cb364b124d69bd479741c61a981664a4c35a549d268990666df51aae0731ac2df5d6b73f2df818928f00e1d970f7888ad482ad85db8cc4802fd4251bb546495204fc942b8c98b4b50a6cf9b9e7cf71697cdf23f2da1aa840e19ba82ba91fa3304921f8a36c14f84b677936c895c14cb8f7feda10af06e20012423e7400014f5c0", &(0x7f00000001c0)=@tcp6=r4, 0x1}, 0x20) r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) socket$inet_sctp(0x2, 0x1, 0x84) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r9, 0xc0502100, &(0x7f0000000940)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r9, 0x40182103, &(0x7f0000000080)={r10, 0x3, r9, 0x120000}) close_range(r7, 0xffffffffffffffff, 0x0) 445.094891ms ago: executing program 0 (id=730): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=@newtaction={0x64, 0x30, 0x9e54f29ff072a93b, 0x0, 0x25dfdbfc, {}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x4}, 0x2}}]}, {0xffffffffffffffb9}, {0xc, 0x7, {0x700}}, {0xc}}}]}]}, 0x64}}, 0x0) 444.514046ms ago: executing program 0 (id=731): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000140), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000080)={0x5, 0x802, 0x0, {0x0, 0x2710}, {0x0, 0xea60}, {0x0, 0x0, 0x1}, 0x1, @canfd={{}, 0x27, 0x0, 0x0, 0x0, "f33d8e7b847ec8b36f1107e036dd98fc469107485e371bcf5c6b77db54f3d984795c49eca9b92241dc9fc39f976ad52e581942d9fc2178681e6866aa6ef10d06"}}, 0x80}, 0x1, 0x0, 0x0, 0x40084}, 0x20000000) sendmsg$can_bcm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r6, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_IPV4_DST={0x8, 0x1d, @multicast2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x800) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r7 = userfaultfd(0x801) r8 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x1a1102, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000181000/0x4000)=nil, 0x4000, 0x2, 0x50, r8, 0x0) ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000280)={0xaa, 0x28}) ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3}) close(0x3) r9 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01002dbd7000000000000100000008000600e00000010500040001"], 0x2c}, 0x1, 0x0, 0x0, 0x20048091}, 0x0) 160.283813ms ago: executing program 0 (id=732): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000000000000100000008000600e0000001050004000100000008000b00", @ANYRESDEC], 0x2c}, 0x1, 0x0, 0x0, 0x20048091}, 0x0) (fail_nth: 3) 160.014793ms ago: executing program 0 (id=733): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004804800018008000100666962003c000280080003400000000c08"], 0x122}}, 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x57eb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x1, 0x0, &(0x7f0000000000)='%', 0x0, 0x2, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="42000000030000000000000000000000000000000000000021"], 0x42) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) getsockopt$kcm_KCM_RECV_DISABLE(r2, 0x6, 0x1a, 0x0, 0x20000000) setsockopt$inet_tcp_int(r2, 0x6, 0x5, &(0x7f00000000c0)=0x3ff, 0x4) r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_CREATE(r3, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x0, 0x20000000, 0x1, 0x80000001}}, 0x120) write$UHID_DESTROY(r3, &(0x7f0000000080), 0x4) r4 = socket$igmp(0x2, 0x3, 0x2) getsockopt$inet_mtu(r4, 0x0, 0xa, &(0x7f0000000080), &(0x7f00000000c0)=0x1) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="60000000020601020000740000000000000000000900020073797a31000000000500010007000000050005000a000000140007800800134000e4000008001240ffffffff11000300686173683a69702c706f727400000000050004"], 0x60}}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r6}, &(0x7f0000000000), &(0x7f0000000040)='%ps \x00'}, 0x20) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0xea, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r7, 0x0, 0x2000}, 0x18) r8 = socket$kcm(0xa, 0x3, 0x3a) sendmsg$kcm(r8, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xff00000000000000, 0xac14140c}, 0xff000000}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)="8bcd", 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffff99a7c18cf4b16300000000000086dd60008000008200fffe8000000000000000000000000000bbff02000000000000000000000000ff00000000"], 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xa001, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r10, 0x4068aea3, &(0x7f0000000300)={0xdf, 0x0, 0x100000}) syz_kvm_setup_syzos_vm$x86(r10, &(0x7f0000bff000/0x400000)=nil) 198.987µs ago: executing program 0 (id=734): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1], 0x2c}, 0x1, 0x0, 0x0, 0x20048091}, 0x0) 0s ago: executing program 0 (id=735): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000001580), 0x138a09f12d160b2d, 0x0) r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000)=0x2, 0x4) r2 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(r2, 0x107, 0xb, &(0x7f0000000000), &(0x7f0000000040)=0x4) ioctl$SW_SYNC_IOC_INC(r1, 0x40045701, &(0x7f0000000040)=0xffffffff) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000200)=0x12) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f0000000000)) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) kernel console output (not intermixed with test programs): etdevsim2: renamed from eth2 [ 64.867600][ T5946] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 64.923125][ T5942] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 64.932969][ T5942] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 64.943394][ T5942] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 64.959359][ T5942] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 65.005235][ T5951] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 65.013352][ T5951] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 65.018246][ T5951] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 65.029875][ T5951] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 65.107316][ T5952] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 65.121791][ T5952] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 65.130620][ T5952] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 65.137570][ T5952] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 65.201982][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.235784][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.244149][ T5946] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.265406][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.267797][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.274874][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.284402][ T169] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.286803][ T169] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.298754][ T5951] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.304882][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.307943][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.321645][ T169] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.324451][ T169] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.344250][ T5951] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.357707][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.360254][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.374568][ T5952] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.385015][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.388009][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.422505][ T5952] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.440623][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.443112][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.452876][ T98] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.455805][ T98] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.470195][ T40] audit: type=1400 audit(1750344544.016:89): avc: denied { sys_module } for pid=5946 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 65.478465][ T5951] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 65.482284][ T5951] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.602878][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.628726][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.662220][ T5951] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.701134][ T5942] veth0_vlan: entered promiscuous mode [ 65.716675][ T5946] veth0_vlan: entered promiscuous mode [ 65.721851][ T5942] veth1_vlan: entered promiscuous mode [ 65.745496][ T5952] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.758971][ T5946] veth1_vlan: entered promiscuous mode [ 65.766145][ T5951] veth0_vlan: entered promiscuous mode [ 65.779095][ T5951] veth1_vlan: entered promiscuous mode [ 65.784864][ T5942] veth0_macvtap: entered promiscuous mode [ 65.790459][ T5942] veth1_macvtap: entered promiscuous mode [ 65.807471][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.825779][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.831626][ T5942] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.835723][ T5942] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.839383][ T5942] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.842694][ T5942] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.865229][ T5946] veth0_macvtap: entered promiscuous mode [ 65.873161][ T5946] veth1_macvtap: entered promiscuous mode [ 65.885808][ T5952] veth0_vlan: entered promiscuous mode [ 65.890262][ T5951] veth0_macvtap: entered promiscuous mode [ 65.908534][ T5951] veth1_macvtap: entered promiscuous mode [ 65.915074][ T5952] veth1_vlan: entered promiscuous mode [ 65.946306][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.951506][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.966591][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.972023][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.979903][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.985217][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.993796][ T5946] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.997716][ T5946] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.001525][ T5946] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.005757][ T5946] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.024130][ T5951] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.026990][ T5951] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.030098][ T5951] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.033048][ T5951] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.050172][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.054512][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.076260][ T5952] veth0_macvtap: entered promiscuous mode [ 66.118173][ T5942] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 66.124967][ T5952] veth1_macvtap: entered promiscuous mode [ 66.138140][ T98] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.140930][ T98] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.170582][ T98] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.174817][ T98] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.193274][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.203277][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.206513][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.217491][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.232437][ T6029] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 66.233144][ T5952] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.240029][ T5952] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.240981][ T54] IPVS: starting estimator thread 0... [ 66.242934][ T5952] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.248071][ T6029] capability: warning: `syz.2.3' uses 32-bit capabilities (legacy support in use) [ 66.248091][ T5952] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.258427][ T5944] Bluetooth: hci0: adv larger than maximum supported [ 66.258453][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x18 [ 66.260734][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x40 [ 66.263036][ T5944] Bluetooth: hci0: Malformed LE Event: 0x0d [ 66.269282][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.272863][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.324476][ T6033] netlink: 14212 bytes leftover after parsing attributes in process `syz.3.4'. [ 66.331246][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.336985][ T6031] IPVS: using max 42 ests per chain, 100800 per kthread [ 66.337921][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.391358][ T6036] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1'. [ 66.403215][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.404319][ T6033] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4'. [ 66.406679][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.410061][ T6033] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4'. [ 66.410465][ T6033] netlink: 'syz.3.4': attribute type 11 has an invalid length. [ 66.497563][ T6041] overlayfs: maximum fs stacking depth exceeded [ 66.506025][ T6042] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2'. [ 66.518219][ T6042] xt_hashlimit: size too large, truncated to 1048576 [ 66.554166][ T6044] wg2: entered promiscuous mode [ 66.560060][ T6044] team0: Device wg2 is of different type [ 66.621688][ T6051] xfrm0 speed is unknown, defaulting to 1000 [ 66.627471][ T6051] xfrm0 speed is unknown, defaulting to 1000 [ 66.631182][ T6051] xfrm0 speed is unknown, defaulting to 1000 [ 66.664833][ T5944] Bluetooth: hci0: command tx timeout [ 66.667703][ T5944] Bluetooth: hci3: command tx timeout [ 66.670097][ T5944] Bluetooth: hci1: command tx timeout [ 66.677415][ T6054] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9'. [ 66.681166][ T6054] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9'. [ 66.720055][ T6053] syz.3.10 uses obsolete (PF_INET,SOCK_PACKET) [ 66.724729][ T6057] lo: entered allmulticast mode [ 66.730016][ T6057] tunl0: entered allmulticast mode [ 66.734521][ T6057] gre0: entered allmulticast mode [ 66.742998][ T6057] gretap0: entered allmulticast mode [ 66.749910][ T6057] erspan0: entered allmulticast mode [ 66.753708][ T5944] Bluetooth: hci2: command tx timeout [ 66.755078][ T6057] ip_vti0: entered allmulticast mode [ 66.760246][ T6057] ip6_vti0: entered allmulticast mode [ 66.765444][ T6057] sit0: entered allmulticast mode [ 66.770942][ T6057] ip6tnl0: entered allmulticast mode [ 66.775178][ T6057] ip6gre0: entered allmulticast mode [ 66.777590][ T6058] tmpfs: Bad value for 'mpol' [ 66.780665][ T6057] syz_tun: entered allmulticast mode [ 66.785138][ T6057] ip6gretap0: entered allmulticast mode [ 66.789737][ T6057] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.793014][ T6057] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.804813][ T6057] bridge0: entered allmulticast mode [ 66.810364][ T6057] vcan0: entered allmulticast mode [ 66.816043][ T6057] bond0: entered allmulticast mode [ 66.818288][ T6057] bond_slave_0: entered allmulticast mode [ 66.820707][ T6057] bond_slave_1: entered allmulticast mode [ 66.827334][ T6057] team0: entered allmulticast mode [ 66.830831][ T6057] team_slave_0: entered allmulticast mode [ 66.832717][ T6051] infiniband syz1: set active [ 66.833317][ T6057] team_slave_1: entered allmulticast mode [ 66.840071][ T6051] infiniband syz1: added xfrm0 [ 66.840077][ T6057] dummy0: entered allmulticast mode [ 66.850634][ T6057] nlmon0: entered allmulticast mode [ 66.855381][ T6057] caif0: entered allmulticast mode [ 66.858393][ T6057] batadv0: entered allmulticast mode [ 66.863289][ T6057] vxcan0: entered allmulticast mode [ 66.866752][ T6057] vxcan1: entered allmulticast mode [ 66.870433][ T6057] veth0: entered allmulticast mode [ 66.876264][ T6057] veth1: entered allmulticast mode [ 66.879292][ T6051] RDS/IB: syz1: added [ 66.881402][ T6051] smc: adding ib device syz1 with port count 1 [ 66.883592][ T6051] smc: ib device syz1 port 1 has pnetid [ 66.886213][ T6057] wg0: entered allmulticast mode [ 66.891455][ T6057] wg1: entered allmulticast mode [ 66.896704][ T6057] wg2: entered allmulticast mode [ 66.901200][ T6057] veth0_to_bridge: entered allmulticast mode [ 66.909636][ T6057] veth1_to_bridge: entered allmulticast mode [ 66.918517][ T6057] veth0_to_bond: entered allmulticast mode [ 66.924835][ T6057] veth1_to_bond: entered allmulticast mode [ 66.932975][ T6057] veth0_to_team: entered allmulticast mode [ 66.941487][ T6057] veth1_to_team: entered allmulticast mode [ 66.947056][ T6065] fuse: Bad value for 'user_id' [ 66.949262][ T6065] fuse: Bad value for 'user_id' [ 66.950844][ T6057] veth0_to_batadv: entered allmulticast mode [ 66.955638][ T6057] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 66.958508][ T6057] batadv_slave_0: entered allmulticast mode [ 66.961833][ T6057] veth1_to_batadv: entered allmulticast mode [ 66.965142][ T6057] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 66.968251][ T6057] batadv_slave_1: entered allmulticast mode [ 66.971965][ T6057] xfrm0: entered allmulticast mode [ 66.977338][ T6057] veth0_to_hsr: entered allmulticast mode [ 66.981744][ T6057] hsr_slave_0: entered allmulticast mode [ 66.986297][ T6057] veth1_to_hsr: entered allmulticast mode [ 66.989564][ T6057] hsr_slave_1: entered allmulticast mode [ 66.993173][ T6057] hsr0: entered allmulticast mode [ 66.996972][ T6057] veth1_virt_wifi: entered allmulticast mode [ 67.001094][ T6057] veth0_virt_wifi: entered allmulticast mode [ 67.004606][ T6057] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 67.007589][ T6057] veth1_vlan: entered allmulticast mode [ 67.011630][ T6057] veth0_vlan: entered allmulticast mode [ 67.018750][ T6057] vlan0: entered allmulticast mode [ 67.020585][ T6057] vlan1: entered allmulticast mode [ 67.022727][ T6057] macvlan0: entered allmulticast mode [ 67.027195][ T6057] macvlan1: entered allmulticast mode [ 67.030675][ T6057] ipvlan0: entered allmulticast mode [ 67.033705][ T6057] ipvlan1: entered allmulticast mode [ 67.037079][ T6057] veth1_macvtap: entered allmulticast mode [ 67.042441][ T6057] veth0_macvtap: entered allmulticast mode [ 67.049189][ T6057] macvtap0: entered allmulticast mode [ 67.054891][ T6057] macsec0: entered allmulticast mode [ 67.059927][ T6057] geneve0: entered allmulticast mode [ 67.065408][ T6057] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.069166][ T6057] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.072898][ T6057] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.078353][ T6057] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.082199][ T6057] geneve1: entered allmulticast mode [ 67.087938][ T6057] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 67.096154][ T6057] netdevsim netdevsim1 netdevsim1: entered allmulticast mode [ 67.103007][ T6057] netdevsim netdevsim1 netdevsim2: entered allmulticast mode [ 67.108394][ T6057] netdevsim netdevsim1 netdevsim3: entered allmulticast mode [ 67.125199][ T6057] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode [ 67.134174][ T6057] mac80211_hwsim hwsim10 wlan1: entered allmulticast mode [ 67.141391][ T55] xfrm0 speed is unknown, defaulting to 1000 [ 67.144672][ T838] xfrm0 speed is unknown, defaulting to 1000 [ 67.148945][ T6051] xfrm0 speed is unknown, defaulting to 1000 [ 67.188701][ T6069] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13'. [ 67.191658][ T6069] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13'. [ 67.242630][ T6073] wg1: entered promiscuous mode [ 67.286914][ T6077] netlink: 'syz.1.16': attribute type 5 has an invalid length. [ 67.314604][ T6051] xfrm0 speed is unknown, defaulting to 1000 [ 67.322441][ T6079] netlink: 'syz.1.17': attribute type 5 has an invalid length. [ 67.329497][ T6081] FAULT_INJECTION: forcing a failure. [ 67.329497][ T6081] name failslab, interval 1, probability 0, space 0, times 1 [ 67.334094][ T6081] CPU: 2 UID: 0 PID: 6081 Comm: syz.3.18 Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0 PREEMPT(full) [ 67.334118][ T6081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 67.334128][ T6081] Call Trace: [ 67.334134][ T6081] [ 67.334140][ T6081] dump_stack_lvl+0x16c/0x1f0 [ 67.334169][ T6081] should_fail_ex+0x512/0x640 [ 67.334190][ T6081] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 67.334213][ T6081] should_failslab+0xc2/0x120 [ 67.334238][ T6081] __kmalloc_cache_noprof+0x6a/0x3e0 [ 67.334259][ T6081] ? rtnl_newlink+0x11b/0x2000 [ 67.334288][ T6081] ? __pfx_rtnl_newlink+0x10/0x10 [ 67.334311][ T6081] rtnl_newlink+0x11b/0x2000 [ 67.334343][ T6081] ? __pfx_rtnl_newlink+0x10/0x10 [ 67.334365][ T6081] ? find_held_lock+0x2b/0x80 [ 67.334386][ T6081] ? avc_has_perm_noaudit+0x117/0x3b0 [ 67.334407][ T6081] ? avc_has_perm_noaudit+0x149/0x3b0 [ 67.334425][ T6081] ? cred_has_capability.isra.0+0x193/0x2f0 [ 67.334451][ T6081] ? __lock_acquire+0x622/0x1c90 [ 67.334488][ T6081] ? find_held_lock+0x2b/0x80 [ 67.334507][ T6081] ? __pfx_rtnl_newlink+0x10/0x10 [ 67.334530][ T6081] ? __pfx_rtnl_newlink+0x10/0x10 [ 67.334553][ T6081] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 67.334579][ T6081] ? __pfx_rtnl_newlink+0x10/0x10 [ 67.334605][ T6081] rtnetlink_rcv_msg+0x95b/0xe90 [ 67.334633][ T6081] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 67.334666][ T6081] ? ref_tracker_free+0x37c/0x830 [ 67.334692][ T6081] netlink_rcv_skb+0x155/0x420 [ 67.334709][ T6081] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 67.334743][ T6081] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 67.334769][ T6081] ? netlink_deliver_tap+0x1ae/0xd30 [ 67.334790][ T6081] netlink_unicast+0x53d/0x7f0 [ 67.334810][ T6081] ? __pfx_netlink_unicast+0x10/0x10 [ 67.334835][ T6081] netlink_sendmsg+0x8d1/0xdd0 [ 67.334857][ T6081] ? __pfx_netlink_sendmsg+0x10/0x10 [ 67.334882][ T6081] ____sys_sendmsg+0xa95/0xc70 [ 67.334902][ T6081] ? copy_msghdr_from_user+0x10a/0x160 [ 67.334926][ T6081] ? __pfx_____sys_sendmsg+0x10/0x10 [ 67.334955][ T6081] ___sys_sendmsg+0x134/0x1d0 [ 67.334981][ T6081] ? __pfx____sys_sendmsg+0x10/0x10 [ 67.335003][ T6081] ? __lock_acquire+0x622/0x1c90 [ 67.335056][ T6081] __sys_sendmsg+0x16d/0x220 [ 67.335080][ T6081] ? __pfx___sys_sendmsg+0x10/0x10 [ 67.335119][ T6081] do_syscall_64+0xcd/0x4c0 [ 67.335146][ T6081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.335163][ T6081] RIP: 0033:0x7f734218e929 [ 67.335177][ T6081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 67.335193][ T6081] RSP: 002b:00007f7342f4e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 67.335209][ T6081] RAX: ffffffffffffffda RBX: 00007f73423b5fa0 RCX: 00007f734218e929 [ 67.335221][ T6081] RDX: 0000000000008000 RSI: 0000200000000280 RDI: 0000000000000007 [ 67.335231][ T6081] RBP: 00007f7342f4e090 R08: 0000000000000000 R09: 0000000000000000 [ 67.335240][ T6081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 67.335250][ T6081] R13: 0000000000000000 R14: 00007f73423b5fa0 R15: 00007ffeb86a6908 [ 67.335272][ T6081] [ 67.381148][ T6083] netlink: 4 bytes leftover after parsing attributes in process `syz.1.19'. [ 67.445134][ T6086] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.526766][ T6051] xfrm0 speed is unknown, defaulting to 1000 [ 67.570475][ T6092] wg2: entered promiscuous mode [ 67.572655][ T6092] wg2: left allmulticast mode [ 67.577668][ T6092] team0: Device wg2 is of different type [ 67.665671][ T6096] netlink: 'syz.1.25': attribute type 11 has an invalid length. [ 67.699019][ T40] kauditd_printk_skb: 67 callbacks suppressed [ 67.699038][ T40] audit: type=1400 audit(1750344546.246:157): avc: denied { unmount } for pid=5942 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 67.774531][ T6105] lo: entered allmulticast mode [ 67.779543][ T6105] tunl0: entered allmulticast mode [ 67.784569][ T6105] gre0: entered allmulticast mode [ 67.798651][ T6105] gretap0: entered allmulticast mode [ 67.802746][ T6105] erspan0: entered allmulticast mode [ 67.808677][ T6105] ip_vti0: entered allmulticast mode [ 67.813801][ T6105] ip6_vti0: entered allmulticast mode [ 67.818350][ T6105] sit0: entered allmulticast mode [ 67.824125][ T6105] ip6tnl0: entered allmulticast mode [ 67.828951][ T6105] ip6gre0: entered allmulticast mode [ 67.834311][ T6105] syz_tun: entered allmulticast mode [ 67.839380][ T6105] ip6gretap0: entered allmulticast mode [ 67.844242][ T6105] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.846032][ T40] audit: type=1400 audit(1750344546.396:158): avc: denied { override_creds } for pid=6102 comm="syz.3.29" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 67.847923][ T6105] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.856344][ T40] audit: type=1400 audit(1750344546.406:159): avc: denied { read } for pid=6102 comm="iou-wrk-6108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 67.859177][ T6105] bridge0: entered allmulticast mode [ 67.869036][ T6105] vcan0: entered allmulticast mode [ 67.871815][ T6105] bond0: entered allmulticast mode [ 67.873940][ T6105] bond_slave_0: entered allmulticast mode [ 67.876404][ T6105] bond_slave_1: entered allmulticast mode [ 67.880978][ T6105] team0: entered allmulticast mode [ 67.882906][ T6105] team_slave_0: entered allmulticast mode [ 67.885865][ T6105] team_slave_1: entered allmulticast mode [ 67.890934][ T6105] dummy0: entered allmulticast mode [ 67.896172][ T6105] nlmon0: entered allmulticast mode [ 67.899786][ T6105] caif0: entered allmulticast mode [ 67.902118][ T6105] batadv0: entered allmulticast mode [ 67.907538][ T6105] vxcan0: entered allmulticast mode [ 67.910624][ T6105] vxcan1: entered allmulticast mode [ 67.915047][ T6105] veth0: entered allmulticast mode [ 67.918885][ T6105] veth1: entered allmulticast mode [ 67.925198][ T6105] wg0: entered allmulticast mode [ 67.929967][ T6105] wg1: entered allmulticast mode [ 67.935362][ T6105] wg2: entered allmulticast mode [ 67.940785][ T6105] veth0_to_bridge: entered allmulticast mode [ 67.950019][ T6105] veth1_to_bridge: entered allmulticast mode [ 67.958109][ T6105] veth0_to_bond: entered allmulticast mode [ 67.964725][ T6105] veth1_to_bond: entered allmulticast mode [ 67.971639][ T6105] veth0_to_team: entered allmulticast mode [ 67.980821][ T6105] veth1_to_team: entered allmulticast mode [ 67.989157][ T6105] veth0_to_batadv: entered allmulticast mode [ 67.994917][ T6105] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 67.998848][ T6105] batadv_slave_0: entered allmulticast mode [ 68.005892][ T6105] veth1_to_batadv: entered allmulticast mode [ 68.011430][ T6105] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 68.015616][ T6105] batadv_slave_1: entered allmulticast mode [ 68.020850][ T6105] xfrm0: entered allmulticast mode [ 68.025083][ T6105] veth0_to_hsr: entered allmulticast mode [ 68.029891][ T6105] hsr_slave_0: entered allmulticast mode [ 68.034053][ T6105] veth1_to_hsr: entered allmulticast mode [ 68.037507][ T6105] hsr_slave_1: entered allmulticast mode [ 68.041925][ T6105] hsr0: entered allmulticast mode [ 68.046712][ T6105] veth1_virt_wifi: entered allmulticast mode [ 68.052686][ T6105] veth0_virt_wifi: entered allmulticast mode [ 68.055993][ T6105] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 68.059661][ T6105] veth1_vlan: entered allmulticast mode [ 68.065265][ T6105] veth0_vlan: entered allmulticast mode [ 68.076466][ T6105] vlan0: entered allmulticast mode [ 68.078803][ T6105] vlan1: entered allmulticast mode [ 68.082183][ T6105] macvlan0: entered allmulticast mode [ 68.088689][ T6105] macvlan1: entered allmulticast mode [ 68.093002][ T6105] ipvlan0: entered allmulticast mode [ 68.095471][ T6105] ipvlan1: entered allmulticast mode [ 68.098965][ T6105] veth1_macvtap: entered allmulticast mode [ 68.105540][ T6105] veth0_macvtap: entered allmulticast mode [ 68.111316][ T6105] macvtap0: entered allmulticast mode [ 68.117394][ T6105] macsec0: entered allmulticast mode [ 68.123631][ T6105] geneve0: entered allmulticast mode [ 68.128376][ T6105] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.132082][ T6105] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.138287][ T6105] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.141980][ T6105] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.146090][ T6105] geneve1: entered allmulticast mode [ 68.150817][ T6105] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 68.157026][ T6105] netdevsim netdevsim2 netdevsim1: entered allmulticast mode [ 68.161119][ T6105] netdevsim netdevsim2 netdevsim2: entered allmulticast mode [ 68.166636][ T6105] netdevsim netdevsim2 netdevsim3: entered allmulticast mode [ 68.177316][ T6105] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 68.189003][ T6105] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 68.197150][ T6051] xfrm0 speed is unknown, defaulting to 1000 [ 68.235150][ T6112] netlink: 'syz.1.31': attribute type 10 has an invalid length. [ 68.238177][ T6112] bridge0: left allmulticast mode [ 68.247031][ T6112] bridge0: entered allmulticast mode [ 68.249391][ T6112] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 68.263076][ T6114] wg1: entered promiscuous mode [ 68.268774][ T6112] bridge_slave_1: left promiscuous mode [ 68.271371][ T6112] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.285978][ T6112] bridge_slave_0: left promiscuous mode [ 68.287831][ T6112] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.300164][ T6117] netlink: 'syz.2.34': attribute type 5 has an invalid length. [ 68.322777][ T6112] bond0: (slave bridge0): Releasing backup interface [ 68.328582][ T6112] bridge0 (unregistering): left allmulticast mode [ 68.365657][ T6121] xt_hashlimit: size too large, truncated to 1048576 [ 68.432447][ T40] audit: type=1400 audit(1750344546.976:160): avc: denied { create } for pid=6125 comm="syz.2.36" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 68.440796][ T40] audit: type=1400 audit(1750344546.986:161): avc: denied { bind } for pid=6125 comm="syz.2.36" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 68.449121][ T40] audit: type=1400 audit(1750344546.986:162): avc: denied { write } for pid=6125 comm="syz.2.36" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 68.488483][ T6129] FAULT_INJECTION: forcing a failure. [ 68.488483][ T6129] name failslab, interval 1, probability 0, space 0, times 0 [ 68.492757][ T6129] CPU: 3 UID: 0 PID: 6129 Comm: syz.0.37 Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0 PREEMPT(full) [ 68.492772][ T6129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.492779][ T6129] Call Trace: [ 68.492783][ T6129] [ 68.492788][ T6129] dump_stack_lvl+0x16c/0x1f0 [ 68.492809][ T6129] should_fail_ex+0x512/0x640 [ 68.492823][ T6129] ? __kvmalloc_node_noprof+0x124/0x620 [ 68.492840][ T6129] should_failslab+0xc2/0x120 [ 68.492857][ T6129] __kvmalloc_node_noprof+0x137/0x620 [ 68.492871][ T6129] ? alloc_netdev_mqs+0xd2/0x1570 [ 68.492890][ T6129] ? __pfx_ip6erspan_tap_setup+0x10/0x10 [ 68.492903][ T6129] ? alloc_netdev_mqs+0xd2/0x1570 [ 68.492918][ T6129] alloc_netdev_mqs+0xd2/0x1570 [ 68.492945][ T6129] rtnl_create_link+0xc08/0xf90 [ 68.492974][ T6129] rtnl_newlink+0xb69/0x2000 [ 68.493007][ T6129] ? __pfx_rtnl_newlink+0x10/0x10 [ 68.493031][ T6129] ? find_held_lock+0x2b/0x80 [ 68.493054][ T6129] ? avc_has_perm_noaudit+0x117/0x3b0 [ 68.493067][ T6129] ? avc_has_perm_noaudit+0x149/0x3b0 [ 68.493084][ T6129] ? cred_has_capability.isra.0+0x193/0x2f0 [ 68.493108][ T6129] ? find_held_lock+0x2b/0x80 [ 68.493120][ T6129] ? __pfx_rtnl_newlink+0x10/0x10 [ 68.493135][ T6129] ? __pfx_rtnl_newlink+0x10/0x10 [ 68.493151][ T6129] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 68.493167][ T6129] ? __pfx_rtnl_newlink+0x10/0x10 [ 68.493184][ T6129] rtnetlink_rcv_msg+0x95b/0xe90 [ 68.493202][ T6129] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 68.493222][ T6129] ? ref_tracker_free+0x37c/0x830 [ 68.493239][ T6129] netlink_rcv_skb+0x155/0x420 [ 68.493251][ T6129] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 68.493269][ T6129] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 68.493285][ T6129] ? netlink_deliver_tap+0x1ae/0xd30 [ 68.493298][ T6129] netlink_unicast+0x53d/0x7f0 [ 68.493316][ T6129] ? __pfx_netlink_unicast+0x10/0x10 [ 68.493343][ T6129] netlink_sendmsg+0x8d1/0xdd0 [ 68.493367][ T6129] ? __pfx_netlink_sendmsg+0x10/0x10 [ 68.493398][ T6129] ____sys_sendmsg+0xa95/0xc70 [ 68.493420][ T6129] ? copy_msghdr_from_user+0x10a/0x160 [ 68.493451][ T6129] ? __pfx_____sys_sendmsg+0x10/0x10 [ 68.493469][ T6129] ___sys_sendmsg+0x134/0x1d0 [ 68.493486][ T6129] ? __pfx____sys_sendmsg+0x10/0x10 [ 68.493500][ T6129] ? __lock_acquire+0x622/0x1c90 [ 68.493533][ T6129] __sys_sendmsg+0x16d/0x220 [ 68.493549][ T6129] ? __pfx___sys_sendmsg+0x10/0x10 [ 68.493574][ T6129] do_syscall_64+0xcd/0x4c0 [ 68.493592][ T6129] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.493603][ T6129] RIP: 0033:0x7f6a82d8e929 [ 68.493612][ T6129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.493622][ T6129] RSP: 002b:00007f6a83bf7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 68.493632][ T6129] RAX: ffffffffffffffda RBX: 00007f6a82fb5fa0 RCX: 00007f6a82d8e929 [ 68.493639][ T6129] RDX: 0000000000008000 RSI: 0000200000000280 RDI: 0000000000000007 [ 68.493645][ T6129] RBP: 00007f6a83bf7090 R08: 0000000000000000 R09: 0000000000000000 [ 68.493651][ T6129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.493657][ T6129] R13: 0000000000000000 R14: 00007f6a82fb5fa0 R15: 00007ffcf48842a8 [ 68.493670][ T6129] [ 68.531096][ T40] audit: type=1400 audit(1750344547.076:163): avc: denied { read } for pid=6125 comm="syz.2.36" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 68.578136][ T6132] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pid=6132 comm=syz.3.38 [ 68.691466][ T40] audit: type=1400 audit(1750344547.236:164): avc: denied { name_bind } for pid=6150 comm="syz.0.40" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 68.701029][ T40] audit: type=1400 audit(1750344547.236:165): avc: denied { node_bind } for pid=6150 comm="syz.0.40" saddr=172.20.20.170 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 68.729234][ T6151] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 68.743589][ T5299] Bluetooth: hci0: command tx timeout [ 68.746086][ T5944] Bluetooth: hci3: command tx timeout [ 68.757676][ T5944] Bluetooth: hci1: command tx timeout [ 68.809956][ T836] IPVS: starting estimator thread 0... [ 68.816799][ T5944] Bluetooth: hci2: adv larger than maximum supported [ 68.816831][ T5944] Bluetooth: hci2: Unknown advertising packet type: 0x18 [ 68.819545][ T5944] Bluetooth: hci2: Unknown advertising packet type: 0x40 [ 68.822533][ T5944] Bluetooth: hci2: Malformed LE Event: 0x0d [ 68.828275][ T5944] Bluetooth: hci2: command tx timeout [ 68.893682][ T6155] IPVS: using max 42 ests per chain, 100800 per kthread [ 69.023902][ T6009] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 69.176904][ T6009] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 69.180669][ T6009] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 69.188024][ T6009] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 69.191329][ T6009] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.225399][ T6161] rdma_rxe: rxe_newlink: failed to add xfrm0 [ 69.382541][ T6168] wg2: entered promiscuous mode [ 69.384368][ T6170] netlink: 'syz.2.48': attribute type 5 has an invalid length. [ 69.386594][ T6168] team0: Device wg2 is of different type [ 69.413570][ T6009] usb 5-1: usb_control_msg returned -32 [ 69.416048][ T6009] usbtmc 5-1:16.0: can't read capabilities [ 69.438388][ T40] audit: type=1400 audit(1750344547.986:166): avc: denied { create } for pid=6173 comm="syz.3.50" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 69.470677][ T6178] netlink: 'syz.1.52': attribute type 6 has an invalid length. [ 69.508738][ T6181] : renamed from vlan0 [ 69.637801][ T6195] rdma_rxe: rxe_newlink: failed to add xfrm0 [ 69.695412][ T6202] batman_adv: batadv0: Adding interface: dummy0 [ 69.697983][ T6202] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.708232][ T6202] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active [ 69.737420][ T6206] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pid=6206 comm=syz.3.63 [ 69.751888][ T6206] ip6erspan0: entered promiscuous mode [ 69.794996][ T6225] netlink: 'syz.2.65': attribute type 5 has an invalid length. [ 69.942728][ T6236] rdma_rxe: rxe_newlink: failed to add xfrm0 [ 69.943094][ T6237] netlink: 'syz.2.71': attribute type 5 has an invalid length. [ 70.252220][ T6251] ip6erspan0: entered promiscuous mode [ 70.799177][ T6273] usb usb8: usbfs: process 6273 (syz.1.86) did not claim interface 0 before use [ 70.834168][ T5299] Bluetooth: hci3: command tx timeout [ 70.834302][ T5958] Bluetooth: hci0: command tx timeout [ 70.836431][ T5944] Bluetooth: hci1: command tx timeout [ 70.905234][ T5944] Bluetooth: hci2: command tx timeout [ 70.958203][ T5944] Bluetooth: hci2: adv larger than maximum supported [ 70.958228][ T5944] Bluetooth: hci2: Unknown advertising packet type: 0x18 [ 70.960996][ T5944] Bluetooth: hci2: Unknown advertising packet type: 0x40 [ 70.961773][ T6285] devtmpfs: Unknown parameter 'nr_inod(ջ[s' [ 70.963881][ T5944] Bluetooth: hci2: Malformed LE Event: 0x0d [ 71.711248][ T24] usb 5-1: USB disconnect, device number 2 [ 71.716469][ T6312] __nla_validate_parse: 35 callbacks suppressed [ 71.716480][ T6312] netlink: 4 bytes leftover after parsing attributes in process `syz.3.94'. [ 71.722317][ T6312] netlink: 12 bytes leftover after parsing attributes in process `syz.3.94'. [ 71.778991][ T6317] validate_nla: 2 callbacks suppressed [ 71.779003][ T6317] netlink: 'syz.3.96': attribute type 5 has an invalid length. [ 71.853104][ T5944] Bluetooth: hci2: adv larger than maximum supported [ 71.853142][ T5944] Bluetooth: hci2: Unknown advertising packet type: 0x18 [ 71.856845][ T5944] Bluetooth: hci2: Unknown advertising packet type: 0x40 [ 71.859711][ T5944] Bluetooth: hci2: Malformed LE Event: 0x0d [ 71.869476][ T6297] mmap: syz.1.93 (6297) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 72.007766][ T6331] input: syz1 as /devices/virtual/input/input5 [ 72.111403][ T6338] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 72.383555][ T24] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 72.403006][ T6342] ip6erspan0: entered promiscuous mode [ 72.409641][ T6344] ======================================================= [ 72.409641][ T6344] WARNING: The mand mount option has been deprecated and [ 72.409641][ T6344] and is ignored by this kernel. Remove the mand [ 72.409641][ T6344] option from the mount to silence this warning. [ 72.409641][ T6344] ======================================================= [ 72.546419][ T24] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 72.549337][ T24] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 72.554686][ T24] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 72.557355][ T6348] netlink: 'syz.0.110': attribute type 5 has an invalid length. [ 72.558335][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.589039][ T6350] lo: entered allmulticast mode [ 72.595314][ T6350] tunl0: entered allmulticast mode [ 72.599481][ T6350] gre0: entered allmulticast mode [ 72.609481][ T6352] netlink: 14212 bytes leftover after parsing attributes in process `syz.0.114'. [ 72.615905][ T6350] gretap0: entered allmulticast mode [ 72.622072][ T6350] erspan0: entered allmulticast mode [ 72.625793][ T6350] ip_vti0: entered allmulticast mode [ 72.628875][ T6350] ip6_vti0: entered allmulticast mode [ 72.632296][ T6350] sit0: entered allmulticast mode [ 72.638103][ T6350] ip6tnl0: entered allmulticast mode [ 72.641594][ T6350] ip6gre0: entered allmulticast mode [ 72.645634][ T6350] syz_tun: entered allmulticast mode [ 72.652944][ T6350] ip6gretap0: entered allmulticast mode [ 72.659748][ T6350] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.663866][ T6350] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.668942][ T6350] bridge0: entered allmulticast mode [ 72.674446][ T6350] vcan0: entered allmulticast mode [ 72.679618][ T6350] bond0: entered allmulticast mode [ 72.681784][ T6350] bond_slave_0: entered allmulticast mode [ 72.685116][ T6350] bond_slave_1: entered allmulticast mode [ 72.692577][ T6350] team0: entered allmulticast mode [ 72.694951][ T6350] team_slave_0: entered allmulticast mode [ 72.697449][ T6350] team_slave_1: entered allmulticast mode [ 72.702956][ T6350] dummy0: entered allmulticast mode [ 72.709751][ T6350] nlmon0: entered allmulticast mode [ 72.713664][ T6350] caif0: entered allmulticast mode [ 72.716372][ T6350] batadv0: entered allmulticast mode [ 72.717175][ T6354] netlink: 8 bytes leftover after parsing attributes in process `syz.0.114'. [ 72.721588][ T6350] vxcan0: entered allmulticast mode [ 72.722021][ T6354] netlink: 24 bytes leftover after parsing attributes in process `syz.0.114'. [ 72.725831][ T6350] vxcan1: entered allmulticast mode [ 72.731974][ T6350] veth0: entered allmulticast mode [ 72.738049][ T6350] veth1: entered allmulticast mode [ 72.751209][ T6350] wg0: entered allmulticast mode [ 72.759238][ T6350] wg1: entered allmulticast mode [ 72.761762][ T6350] wg2: left promiscuous mode [ 72.763356][ T6350] wg2: entered allmulticast mode [ 72.767196][ T6350] veth0_to_bridge: entered allmulticast mode [ 72.772876][ T6350] veth1_to_bridge: entered allmulticast mode [ 72.778648][ T6350] veth0_to_bond: entered allmulticast mode [ 72.781840][ T24] usb 6-1: usb_control_msg returned -32 [ 72.782761][ T6350] veth1_to_bond: entered allmulticast mode [ 72.783740][ T24] usbtmc 6-1:16.0: can't read capabilities [ 72.790221][ T6350] veth0_to_team: entered allmulticast mode [ 72.797411][ T6350] veth1_to_team: entered allmulticast mode [ 72.806897][ T6350] veth0_to_batadv: entered allmulticast mode [ 72.810653][ T6350] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 72.814510][ T6350] batadv_slave_0: entered allmulticast mode [ 72.819170][ T6350] veth1_to_batadv: entered allmulticast mode [ 72.822573][ T6350] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 72.826737][ T6350] batadv_slave_1: entered allmulticast mode [ 72.830221][ T6350] xfrm0: entered allmulticast mode [ 72.833789][ T6350] veth0_to_hsr: entered allmulticast mode [ 72.837515][ T6350] hsr_slave_0: entered allmulticast mode [ 72.840976][ T6350] veth1_to_hsr: entered allmulticast mode [ 72.844385][ T6350] hsr_slave_1: entered allmulticast mode [ 72.848753][ T6350] hsr0: entered allmulticast mode [ 72.853856][ T6350] veth1_virt_wifi: entered allmulticast mode [ 72.858168][ T6350] veth0_virt_wifi: entered allmulticast mode [ 72.861571][ T6350] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 72.865183][ T6350] veth1_vlan: entered allmulticast mode [ 72.870323][ T6350] veth0_vlan: entered allmulticast mode [ 72.881823][ T6350] vlan0: entered allmulticast mode [ 72.884036][ T6350] vlan1: entered allmulticast mode [ 72.887086][ T6350] macvlan0: entered allmulticast mode [ 72.892329][ T6350] macvlan1: entered allmulticast mode [ 72.897577][ T6350] ipvlan0: entered allmulticast mode [ 72.899727][ T6350] ipvlan1: entered allmulticast mode [ 72.903250][ T6350] veth1_macvtap: entered allmulticast mode [ 72.910047][ T6350] veth0_macvtap: entered allmulticast mode [ 72.917150][ T6350] macvtap0: entered allmulticast mode [ 72.922367][ T6350] macsec0: entered allmulticast mode [ 72.930269][ T6350] geneve0: entered allmulticast mode [ 72.938117][ T6350] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.940998][ T6350] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.944846][ T6350] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.947824][ T6350] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.952654][ T6350] geneve1: entered allmulticast mode [ 72.956597][ T6350] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 72.962844][ T6350] netdevsim netdevsim3 netdevsim1: entered allmulticast mode [ 72.969225][ T6350] netdevsim netdevsim3 netdevsim2: entered allmulticast mode [ 72.975495][ T6350] netdevsim netdevsim3 netdevsim3: entered allmulticast mode [ 72.989746][ T6350] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode [ 73.004375][ T6350] mac80211_hwsim hwsim6 wlan1: entered allmulticast mode [ 73.009222][ T6350] mac80211_hwsim hwsim9 wlan2: entered allmulticast mode [ 73.012429][ T6350] vxlan0: entered allmulticast mode [ 73.015053][ T6350] mac80211_hwsim hwsim12 wlan3: entered allmulticast mode [ 73.020033][ T6350] bridge1: entered allmulticast mode [ 73.074400][ T6356] netlink: 28 bytes leftover after parsing attributes in process `syz.3.115'. [ 73.077998][ T6356] netlink: 28 bytes leftover after parsing attributes in process `syz.3.115'. [ 73.098690][ T6359] netlink: 4 bytes leftover after parsing attributes in process `syz.0.116'. [ 73.116939][ T6359] netlink: 12 bytes leftover after parsing attributes in process `syz.0.116'. [ 73.147806][ T5944] Bluetooth: hci2: adv larger than maximum supported [ 73.147828][ T5944] Bluetooth: hci2: Unknown advertising packet type: 0x18 [ 73.153980][ T5944] Bluetooth: hci2: Unknown advertising packet type: 0x40 [ 73.156857][ T5944] Bluetooth: hci2: Malformed LE Event: 0x0d [ 73.208920][ T6367] netlink: 'syz.0.119': attribute type 5 has an invalid length. [ 73.250440][ T6369] wg1: entered promiscuous mode [ 73.252442][ T6369] wg1: entered allmulticast mode [ 73.288479][ T6371] team0: Device wg2 is of different type [ 73.300432][ T6268] syz.2.83 (6268) used greatest stack depth: 19960 bytes left [ 73.366216][ T40] kauditd_printk_skb: 61 callbacks suppressed [ 73.366233][ T40] audit: type=1400 audit(1750344551.916:228): avc: denied { create } for pid=6374 comm="syz.0.123" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 73.379145][ T40] audit: type=1400 audit(1750344551.916:229): avc: denied { connect } for pid=6374 comm="syz.0.123" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 73.418796][ T40] audit: type=1400 audit(1750344551.966:230): avc: denied { setopt } for pid=6374 comm="syz.0.123" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 73.454410][ T6382] netlink: 14212 bytes leftover after parsing attributes in process `syz.0.125'. [ 73.528952][ T6386] syz.2.127: attempt to access beyond end of device [ 73.528952][ T6386] nbd2: rw=0, sector=6, nr_sectors = 2 limit=0 [ 73.535122][ T6386] ADFS-fs (nbd2): error: unable to read block 3, try 0 [ 73.541585][ T40] audit: type=1400 audit(1750344552.086:231): avc: denied { ioctl } for pid=6385 comm="syz.2.127" path="socket:[13323]" dev="sockfs" ino=13323 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 73.604919][ T6392] netlink: 'syz.0.130': attribute type 5 has an invalid length. [ 73.618778][ T6394] FAULT_INJECTION: forcing a failure. [ 73.618778][ T6394] name failslab, interval 1, probability 0, space 0, times 0 [ 73.625222][ T6394] CPU: 1 UID: 0 PID: 6394 Comm: syz.2.131 Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0 PREEMPT(full) [ 73.625247][ T6394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 73.625257][ T6394] Call Trace: [ 73.625263][ T6394] [ 73.625269][ T6394] dump_stack_lvl+0x16c/0x1f0 [ 73.625297][ T6394] should_fail_ex+0x512/0x640 [ 73.625317][ T6394] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 73.625342][ T6394] should_failslab+0xc2/0x120 [ 73.625364][ T6394] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 73.625384][ T6394] ? __alloc_skb+0x2b2/0x380 [ 73.625410][ T6394] __alloc_skb+0x2b2/0x380 [ 73.625430][ T6394] ? __pfx___alloc_skb+0x10/0x10 [ 73.625449][ T6394] ? __pfx_rtnl_newlink+0x10/0x10 [ 73.625482][ T6394] netlink_ack+0x15d/0xb80 [ 73.625499][ T6394] ? __lock_acquire+0x622/0x1c90 [ 73.625528][ T6394] netlink_rcv_skb+0x332/0x420 [ 73.625552][ T6394] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 73.625578][ T6394] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 73.625606][ T6394] ? netlink_deliver_tap+0x1ae/0xd30 [ 73.625622][ T6394] ? is_vmalloc_addr+0x86/0xa0 [ 73.625647][ T6394] netlink_unicast+0x53d/0x7f0 [ 73.625668][ T6394] ? __pfx_netlink_unicast+0x10/0x10 [ 73.625693][ T6394] netlink_sendmsg+0x8d1/0xdd0 [ 73.625715][ T6394] ? __pfx_netlink_sendmsg+0x10/0x10 [ 73.625744][ T6394] ____sys_sendmsg+0xa95/0xc70 [ 73.625763][ T6394] ? copy_msghdr_from_user+0x10a/0x160 [ 73.625785][ T6394] ? __pfx_____sys_sendmsg+0x10/0x10 [ 73.625817][ T6394] ___sys_sendmsg+0x134/0x1d0 [ 73.625841][ T6394] ? __pfx____sys_sendmsg+0x10/0x10 [ 73.625862][ T6394] ? __lock_acquire+0x622/0x1c90 [ 73.625921][ T6394] __sys_sendmsg+0x16d/0x220 [ 73.625945][ T6394] ? __pfx___sys_sendmsg+0x10/0x10 [ 73.625991][ T6394] do_syscall_64+0xcd/0x4c0 [ 73.626016][ T6394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.626033][ T6394] RIP: 0033:0x7fd01878e929 [ 73.626046][ T6394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 73.626061][ T6394] RSP: 002b:00007fd0196d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 73.626076][ T6394] RAX: ffffffffffffffda RBX: 00007fd0189b5fa0 RCX: 00007fd01878e929 [ 73.626086][ T6394] RDX: 0000000000008000 RSI: 0000200000000280 RDI: 0000000000000007 [ 73.626096][ T6394] RBP: 00007fd0196d5090 R08: 0000000000000000 R09: 0000000000000000 [ 73.626105][ T6394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 73.626114][ T6394] R13: 0000000000000000 R14: 00007fd0189b5fa0 R15: 00007ffdde6eb818 [ 73.626153][ T6394] [ 73.633538][ T40] audit: type=1400 audit(1750344552.176:232): avc: denied { create } for pid=6395 comm="syz.0.132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 73.695131][ T6400] netlink: 'syz.2.134': attribute type 6 has an invalid length. [ 73.696619][ T40] audit: type=1400 audit(1750344552.186:233): avc: denied { write } for pid=6395 comm="syz.0.132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 73.743418][ T40] audit: type=1400 audit(1750344552.226:234): avc: denied { watch watch_reads } for pid=6399 comm="syz.0.133" path="/29" dev="tmpfs" ino=164 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 73.761043][ T40] audit: type=1400 audit(1750344552.246:235): avc: denied { ioctl } for pid=6402 comm="syz.3.135" path="socket:[12493]" dev="sockfs" ino=12493 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 73.771952][ T40] audit: type=1400 audit(1750344552.246:236): avc: denied { read } for pid=6402 comm="syz.3.135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 73.778884][ T6401] ip6erspan0: entered promiscuous mode [ 73.788970][ T6409] wg1: left promiscuous mode [ 73.792185][ T6409] mac80211_hwsim hwsim14 wlan2: entered allmulticast mode [ 73.795465][ T6409] mac80211_hwsim hwsim15 wlan3: entered allmulticast mode [ 73.798950][ T6409] ip6erspan0: left promiscuous mode [ 73.801313][ T6409] ip6erspan0: entered allmulticast mode [ 73.803907][ T6409] vxlan0: entered allmulticast mode [ 73.811064][ T6409] bridge1: entered allmulticast mode [ 73.869056][ T6415] xfrm0 speed is unknown, defaulting to 1000 [ 73.887814][ T6417] netlink: 'syz.2.141': attribute type 5 has an invalid length. [ 73.904238][ T40] audit: type=1400 audit(1750344552.456:237): avc: denied { create } for pid=6413 comm="syz.3.139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 73.964824][ T5944] Bluetooth: hci0: adv larger than maximum supported [ 73.964848][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x18 [ 73.967741][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x40 [ 73.970702][ T5944] Bluetooth: hci0: Malformed LE Event: 0x0d [ 74.415157][ T6437] pimreg3: entered allmulticast mode [ 74.459250][ T6444] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 74.552416][ T6458] netlink: 'syz.0.155': attribute type 5 has an invalid length. [ 74.581859][ T6460] ip6erspan0: entered promiscuous mode [ 74.589496][ T6462] FAULT_INJECTION: forcing a failure. [ 74.589496][ T6462] name failslab, interval 1, probability 0, space 0, times 0 [ 74.594866][ T6462] CPU: 2 UID: 0 PID: 6462 Comm: syz.2.157 Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0 PREEMPT(full) [ 74.594890][ T6462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.594901][ T6462] Call Trace: [ 74.594908][ T6462] [ 74.594915][ T6462] dump_stack_lvl+0x16c/0x1f0 [ 74.594946][ T6462] should_fail_ex+0x512/0x640 [ 74.594969][ T6462] ? fs_reclaim_acquire+0xae/0x150 [ 74.594989][ T6462] ? tomoyo_encode2+0x100/0x3e0 [ 74.595012][ T6462] should_failslab+0xc2/0x120 [ 74.595037][ T6462] __kmalloc_noprof+0xd2/0x510 [ 74.595059][ T6462] ? d_absolute_path+0x136/0x1a0 [ 74.595082][ T6462] tomoyo_encode2+0x100/0x3e0 [ 74.595110][ T6462] tomoyo_encode+0x29/0x50 [ 74.595133][ T6462] tomoyo_realpath_from_path+0x18f/0x6e0 [ 74.595166][ T6462] tomoyo_path_number_perm+0x245/0x580 [ 74.595186][ T6462] ? tomoyo_path_number_perm+0x237/0x580 [ 74.595209][ T6462] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 74.595231][ T6462] ? find_held_lock+0x2b/0x80 [ 74.595276][ T6462] ? find_held_lock+0x2b/0x80 [ 74.595297][ T6462] ? hook_file_ioctl_common+0x145/0x410 [ 74.595320][ T6462] ? __fget_files+0x20e/0x3c0 [ 74.595349][ T6462] security_file_ioctl+0x9b/0x240 [ 74.595375][ T6462] __x64_sys_ioctl+0xb7/0x210 [ 74.595398][ T6462] do_syscall_64+0xcd/0x4c0 [ 74.595427][ T6462] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.595444][ T6462] RIP: 0033:0x7fd01878e929 [ 74.595459][ T6462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.595475][ T6462] RSP: 002b:00007fd0196d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 74.595491][ T6462] RAX: ffffffffffffffda RBX: 00007fd0189b5fa0 RCX: 00007fd01878e929 [ 74.595502][ T6462] RDX: 0000200000000040 RSI: 00000000c0105512 RDI: 0000000000000003 [ 74.595513][ T6462] RBP: 00007fd0196d5090 R08: 0000000000000000 R09: 0000000000000000 [ 74.595522][ T6462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 74.595532][ T6462] R13: 0000000000000000 R14: 00007fd0189b5fa0 R15: 00007ffdde6eb818 [ 74.595556][ T6462] [ 74.595574][ T6462] ERROR: Out of memory at tomoyo_realpath_from_path. [ 74.822612][ T6483] ip6erspan0: entered promiscuous mode [ 74.873554][ T6489] netlink: 'syz.3.169': attribute type 5 has an invalid length. [ 74.920802][ T6493] netlink: 'syz.3.170': attribute type 6 has an invalid length. [ 75.121948][ T6067] usb 6-1: USB disconnect, device number 2 [ 75.161670][ T6510] netlink: 'syz.0.178': attribute type 5 has an invalid length. [ 75.389062][ T6530] ip6erspan0: entered promiscuous mode [ 75.393926][ T6061] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 75.444837][ T6537] wg1: left promiscuous mode [ 75.446879][ T6537] wg2: left promiscuous mode [ 75.448374][ T6537] wg2: entered allmulticast mode [ 75.450286][ T6537] vxlan0: entered allmulticast mode [ 75.452151][ T6537] mac80211_hwsim hwsim11 wlan2: entered allmulticast mode [ 75.455924][ T6537] mac80211_hwsim hwsim13 wlan3: entered allmulticast mode [ 75.459157][ T6537] bridge0: entered allmulticast mode [ 75.461744][ T6537] mac80211_hwsim hwsim20 wlan4: entered allmulticast mode [ 75.528443][ T6545] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 75.555030][ T6061] usb 7-1: Using ep0 maxpacket: 16 [ 75.560032][ T6061] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 75.566272][ T6061] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 90, changing to 10 [ 75.570815][ T6061] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49728, setting to 1024 [ 75.575857][ T6061] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 75.580904][ T6549] wg2: entered promiscuous mode [ 75.583034][ T6061] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 75.586035][ T6549] wg2: left allmulticast mode [ 75.586852][ T6061] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 75.587960][ T6549] team0: Device wg2 is of different type [ 75.590757][ T6061] usb 7-1: SerialNumber: syz [ 75.601309][ T6061] hub 7-1:1.0: bad descriptor, ignoring hub [ 75.603869][ T6061] hub 7-1:1.0: probe with driver hub failed with error -5 [ 75.615368][ T6061] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22 [ 75.705051][ T6067] IPVS: starting estimator thread 0... [ 75.793791][ T6566] IPVS: using max 42 ests per chain, 100800 per kthread [ 75.800497][ T6486] MTD: Attempt to mount non-MTD device "/dev/nbd2" [ 75.805807][ T6486] cramfs: wrong magic [ 75.852444][ T6574] FAULT_INJECTION: forcing a failure. [ 75.852444][ T6574] name failslab, interval 1, probability 0, space 0, times 0 [ 75.856774][ T6574] CPU: 2 UID: 0 PID: 6574 Comm: syz.3.204 Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0 PREEMPT(full) [ 75.856789][ T6574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.856796][ T6574] Call Trace: [ 75.856800][ T6574] [ 75.856804][ T6574] dump_stack_lvl+0x16c/0x1f0 [ 75.856825][ T6574] should_fail_ex+0x512/0x640 [ 75.856839][ T6574] ? __kmalloc_noprof+0xbf/0x510 [ 75.856854][ T6574] ? proc_ioctl+0x175/0x6c0 [ 75.856868][ T6574] should_failslab+0xc2/0x120 [ 75.856885][ T6574] __kmalloc_noprof+0xd2/0x510 [ 75.856897][ T6574] ? __might_fault+0xe3/0x190 [ 75.856910][ T6574] ? __might_fault+0x13b/0x190 [ 75.856925][ T6574] proc_ioctl+0x175/0x6c0 [ 75.856942][ T6574] usbdev_ioctl+0x1773/0x4070 [ 75.856960][ T6574] ? __pfx_usbdev_ioctl+0x10/0x10 [ 75.856976][ T6574] ? do_vfs_ioctl+0x523/0x1a60 [ 75.856988][ T6574] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 75.857003][ T6574] ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540 [ 75.857019][ T6574] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 75.857035][ T6574] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 75.857055][ T6574] ? hook_file_ioctl_common+0x145/0x410 [ 75.857069][ T6574] ? selinux_file_ioctl+0x180/0x270 [ 75.857083][ T6574] ? selinux_file_ioctl+0xb4/0x270 [ 75.857098][ T6574] ? __pfx_usbdev_ioctl+0x10/0x10 [ 75.857115][ T6574] __x64_sys_ioctl+0x18b/0x210 [ 75.857127][ T6574] do_syscall_64+0xcd/0x4c0 [ 75.857145][ T6574] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.857156][ T6574] RIP: 0033:0x7f734218e929 [ 75.857165][ T6574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.857175][ T6574] RSP: 002b:00007f7342f4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 75.857185][ T6574] RAX: ffffffffffffffda RBX: 00007f73423b5fa0 RCX: 00007f734218e929 [ 75.857191][ T6574] RDX: 0000200000000040 RSI: 00000000c0105512 RDI: 0000000000000003 [ 75.857198][ T6574] RBP: 00007f7342f4e090 R08: 0000000000000000 R09: 0000000000000000 [ 75.857203][ T6574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 75.857209][ T6574] R13: 0000000000000000 R14: 00007f73423b5fa0 R15: 00007ffeb86a6908 [ 75.857223][ T6574] [ 75.950949][ T24] usb 7-1: USB disconnect, device number 2 [ 76.267610][ T1424] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.270557][ T1424] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.331736][ T6600] ip6erspan0: entered promiscuous mode [ 76.352719][ T6602] lo: entered allmulticast mode [ 76.356593][ T6602] tunl0: entered allmulticast mode [ 76.359596][ T6602] gre0: entered allmulticast mode [ 76.365765][ T6602] gretap0: entered allmulticast mode [ 76.369551][ T6602] erspan0: entered allmulticast mode [ 76.373246][ T6602] ip_vti0: entered allmulticast mode [ 76.379218][ T6602] ip6_vti0: entered allmulticast mode [ 76.382565][ T6602] sit0: entered allmulticast mode [ 76.389913][ T6602] ip6tnl0: entered allmulticast mode [ 76.395432][ T6602] ip6gre0: entered allmulticast mode [ 76.400130][ T6602] syz_tun: entered allmulticast mode [ 76.403959][ T6602] ip6gretap0: entered allmulticast mode [ 76.409422][ T6602] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.413005][ T6602] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.417431][ T6602] bridge0: entered allmulticast mode [ 76.422880][ T6602] vcan0: entered allmulticast mode [ 76.428724][ T6602] bond0: entered allmulticast mode [ 76.430903][ T6602] bond_slave_0: entered allmulticast mode [ 76.433391][ T6602] bond_slave_1: entered allmulticast mode [ 76.443160][ T6602] team0: entered allmulticast mode [ 76.445659][ T6602] team_slave_0: entered allmulticast mode [ 76.448171][ T6602] team_slave_1: entered allmulticast mode [ 76.454571][ T6602] dummy0: entered allmulticast mode [ 76.462254][ T6602] nlmon0: entered allmulticast mode [ 76.468188][ T6602] caif0: entered allmulticast mode [ 76.470903][ T6602] batadv0: entered allmulticast mode [ 76.476783][ T6602] vxcan0: entered allmulticast mode [ 76.479902][ T6602] vxcan1: entered allmulticast mode [ 76.484733][ T6602] veth0: entered allmulticast mode [ 76.495671][ T6602] veth1: entered allmulticast mode [ 76.504587][ T6602] wg0: entered allmulticast mode [ 76.511296][ T6602] wg1: left promiscuous mode [ 76.516535][ T6602] wg2: left promiscuous mode [ 76.518666][ T6602] wg2: entered allmulticast mode [ 76.523086][ T6602] veth0_to_bridge: entered allmulticast mode [ 76.533040][ T6602] veth1_to_bridge: entered allmulticast mode [ 76.539248][ T6602] veth0_to_bond: entered allmulticast mode [ 76.544507][ T6602] veth1_to_bond: entered allmulticast mode [ 76.549092][ T6602] veth0_to_team: entered allmulticast mode [ 76.554669][ T6602] veth1_to_team: entered allmulticast mode [ 76.560614][ T6602] veth0_to_batadv: entered allmulticast mode [ 76.565362][ T6602] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 76.568688][ T6602] batadv_slave_0: entered allmulticast mode [ 76.573207][ T6602] veth1_to_batadv: entered allmulticast mode [ 76.577281][ T6602] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 76.580749][ T6602] batadv_slave_1: entered allmulticast mode [ 76.586033][ T6602] xfrm0: entered allmulticast mode [ 76.591069][ T6602] veth0_to_hsr: entered allmulticast mode [ 76.592790][ T6609] syz.3.218: attempt to access beyond end of device [ 76.592790][ T6609] nbd3: rw=0, sector=6, nr_sectors = 2 limit=0 [ 76.596638][ T6602] hsr_slave_0: entered allmulticast mode [ 76.598856][ T6609] ADFS-fs (nbd3): error: unable to read block 3, try 0 [ 76.602289][ T6602] veth1_to_hsr: entered allmulticast mode [ 76.608310][ T6602] hsr_slave_1: entered allmulticast mode [ 76.611603][ T6602] hsr0: entered allmulticast mode [ 76.615350][ T6602] veth1_virt_wifi: entered allmulticast mode [ 76.619283][ T6602] veth0_virt_wifi: entered allmulticast mode [ 76.622456][ T6602] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 76.625819][ T6602] veth1_vlan: entered allmulticast mode [ 76.629769][ T6602] veth0_vlan: entered allmulticast mode [ 76.636905][ T6602] vlan0: entered allmulticast mode [ 76.638569][ T6602] vlan1: entered allmulticast mode [ 76.640595][ T6602] macvlan0: entered allmulticast mode [ 76.644423][ T6602] macvlan1: entered allmulticast mode [ 76.647276][ T6602] ipvlan0: entered allmulticast mode [ 76.649068][ T6602] ipvlan1: entered allmulticast mode [ 76.651621][ T6602] veth1_macvtap: entered allmulticast mode [ 76.655618][ T6602] veth0_macvtap: entered allmulticast mode [ 76.658942][ T6602] macvtap0: entered allmulticast mode [ 76.662079][ T6602] macsec0: entered allmulticast mode [ 76.667305][ T6602] geneve0: entered allmulticast mode [ 76.671216][ T6602] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.674184][ T6602] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.677066][ T6602] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.679861][ T6602] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.683181][ T6602] geneve1: entered allmulticast mode [ 76.687147][ T6602] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 76.691097][ T6602] netdevsim netdevsim0 netdevsim1: entered allmulticast mode [ 76.695331][ T6602] netdevsim netdevsim0 netdevsim2: entered allmulticast mode [ 76.699191][ T6602] netdevsim netdevsim0 netdevsim3: entered allmulticast mode [ 76.709273][ T6602] mac80211_hwsim hwsim5 wlan0: entered allmulticast mode [ 76.717764][ T6602] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 76.722792][ T6602] mac80211_hwsim hwsim16 wlan2: entered allmulticast mode [ 76.726502][ T6602] mac80211_hwsim hwsim17 wlan3: entered allmulticast mode [ 76.729580][ T6602] mac80211_hwsim hwsim19 wlan4: entered allmulticast mode [ 76.733541][ T6602] vxlan0: entered allmulticast mode [ 76.736190][ T6602] bridge1: entered allmulticast mode [ 76.739042][ T6602] mac80211_hwsim hwsim21 wlan5: entered allmulticast mode [ 76.741364][ T6602] mac80211_hwsim hwsim23 wlan6: entered allmulticast mode [ 76.749473][ T6608] wg2: entered promiscuous mode [ 76.751247][ T6608] wg2: left allmulticast mode [ 76.753268][ T6608] team0: Device wg2 is of different type [ 76.757827][ T9] xfrm0 speed is unknown, defaulting to 1000 [ 76.760365][ T9] syz1: Port: 1 Link DOWN [ 76.769464][ T9] xfrm0 speed is unknown, defaulting to 1000 [ 76.782696][ T6618] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 76.823219][ T6622] __nla_validate_parse: 44 callbacks suppressed [ 76.823230][ T6622] netlink: 8 bytes leftover after parsing attributes in process `syz.1.224'. [ 76.830236][ T6622] netlink: 12 bytes leftover after parsing attributes in process `syz.1.224'. [ 76.870496][ T6624] netlink: 14212 bytes leftover after parsing attributes in process `syz.1.225'. [ 76.902262][ T6624] netlink: 8 bytes leftover after parsing attributes in process `syz.1.225'. [ 76.905566][ T6624] netlink: 12 bytes leftover after parsing attributes in process `syz.1.225'. [ 76.909165][ T6624] validate_nla: 6 callbacks suppressed [ 76.909173][ T6624] netlink: 'syz.1.225': attribute type 11 has an invalid length. [ 76.926947][ T6626] bond0: left allmulticast mode [ 77.044424][ T24] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 77.059986][ T6638] netlink: 8 bytes leftover after parsing attributes in process `syz.2.231'. [ 77.064080][ T6638] netlink: 12 bytes leftover after parsing attributes in process `syz.2.231'. [ 77.067563][ T6638] netlink: 'syz.2.231': attribute type 6 has an invalid length. [ 77.106542][ T6640] ip6erspan0: entered promiscuous mode [ 77.176584][ T6644] wg1: entered promiscuous mode [ 77.196782][ T24] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 77.201055][ T24] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 77.216292][ T24] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 77.220147][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.228040][ T6648] Zero length message leads to an empty skb [ 77.250497][ T6654] netlink: 28 bytes leftover after parsing attributes in process `syz.2.238'. [ 77.254566][ T6654] netlink: 28 bytes leftover after parsing attributes in process `syz.2.238'. [ 77.286328][ T5944] Bluetooth: hci2: adv larger than maximum supported [ 77.286353][ T5944] Bluetooth: hci2: Unknown advertising packet type: 0x40 [ 77.289362][ T5944] Bluetooth: hci2: Malformed LE Event: 0x0d [ 77.322063][ T6659] warning: `syz.1.242' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 77.326616][ T6659] netlink: 'syz.1.242': attribute type 10 has an invalid length. [ 77.329200][ T6659] mac80211_hwsim hwsim10 wlan1: left allmulticast mode [ 77.332879][ T6659] mac80211_hwsim hwsim10 wlan1: entered allmulticast mode [ 77.356205][ T6665] netlink: 14212 bytes leftover after parsing attributes in process `syz.2.244'. [ 77.392576][ T6665] netlink: 'syz.2.244': attribute type 11 has an invalid length. [ 77.405752][ T6667] FAULT_INJECTION: forcing a failure. [ 77.405752][ T6667] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 77.411277][ T6667] CPU: 1 UID: 0 PID: 6667 Comm: syz.1.245 Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0 PREEMPT(full) [ 77.411292][ T6667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.411298][ T6667] Call Trace: [ 77.411303][ T6667] [ 77.411308][ T6667] dump_stack_lvl+0x16c/0x1f0 [ 77.411329][ T6667] should_fail_ex+0x512/0x640 [ 77.411347][ T6667] _copy_to_user+0x32/0xd0 [ 77.411364][ T6667] simple_read_from_buffer+0xcb/0x170 [ 77.411380][ T6667] proc_fail_nth_read+0x197/0x270 [ 77.411394][ T6667] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 77.411408][ T6667] ? rw_verify_area+0xcf/0x680 [ 77.411420][ T6667] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 77.411433][ T6667] vfs_read+0x1e1/0xc60 [ 77.411449][ T6667] ? __pfx___mutex_lock+0x10/0x10 [ 77.411466][ T6667] ? __pfx_vfs_read+0x10/0x10 [ 77.411483][ T6667] ? __fget_files+0x20e/0x3c0 [ 77.411502][ T6667] ksys_read+0x12a/0x250 [ 77.411514][ T6667] ? __pfx_ksys_read+0x10/0x10 [ 77.411528][ T6667] ? fput+0x70/0xf0 [ 77.411546][ T6667] do_syscall_64+0xcd/0x4c0 [ 77.411571][ T6667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.411588][ T6667] RIP: 0033:0x7fed4d38d33c [ 77.411602][ T6667] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 77.411618][ T6667] RSP: 002b:00007fed4b1f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 77.411636][ T6667] RAX: ffffffffffffffda RBX: 00007fed4d5b5fa0 RCX: 00007fed4d38d33c [ 77.411644][ T6667] RDX: 000000000000000f RSI: 00007fed4b1f60a0 RDI: 0000000000000004 [ 77.411650][ T6667] RBP: 00007fed4b1f6090 R08: 0000000000000000 R09: 0000000000000000 [ 77.411656][ T6667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 77.411662][ T6667] R13: 0000000000000000 R14: 00007fed4d5b5fa0 R15: 00007ffe0cddbbb8 [ 77.411677][ T6667] [ 77.439404][ T24] usb 5-1: usb_control_msg returned -32 [ 77.480641][ T24] usbtmc 5-1:16.0: can't read capabilities [ 77.580387][ T6684] netlink: 'syz.3.251': attribute type 6 has an invalid length. [ 77.681875][ T6688] netlink: 'syz.3.254': attribute type 11 has an invalid length. [ 77.733825][ T6061] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 77.752703][ T6009] IPVS: starting estimator thread 0... [ 77.756563][ T5944] Bluetooth: hci3: adv larger than maximum supported [ 77.756600][ T5944] Bluetooth: hci3: Unknown advertising packet type: 0x40 [ 77.762693][ T5944] Bluetooth: hci3: Malformed LE Event: 0x0d [ 77.782946][ T6696] netlink: 'syz.3.256': attribute type 5 has an invalid length. [ 77.853585][ T6694] IPVS: using max 42 ests per chain, 100800 per kthread [ 77.903552][ T6061] usb 7-1: Using ep0 maxpacket: 32 [ 77.908836][ T6061] usb 7-1: config index 0 descriptor too short (expected 156, got 27) [ 77.912061][ T6061] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 77.915945][ T6061] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 77.919357][ T6061] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 77.924598][ T6061] usb 7-1: config 0 interface 0 has no altsetting 0 [ 77.928220][ T6061] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 77.931020][ T6061] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 77.934804][ T6061] usb 7-1: Product: syz [ 77.936617][ T6061] usb 7-1: Manufacturer: syz [ 77.938579][ T6061] usb 7-1: SerialNumber: syz [ 77.942328][ T6061] usb 7-1: config 0 descriptor?? [ 77.955795][ T6061] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 77.961113][ T6061] ldusb 7-1:0.0: LD USB Device #1 now attached to major 180 minor 1 [ 77.982518][ T6712] netlink: 'syz.1.263': attribute type 11 has an invalid length. [ 78.041259][ T5944] Bluetooth: hci3: adv larger than maximum supported [ 78.041288][ T5944] Bluetooth: hci3: Unknown advertising packet type: 0x40 [ 78.044435][ T5944] Bluetooth: hci3: Malformed LE Event: 0x0d [ 78.180312][ T6061] usb 7-1: USB disconnect, device number 3 [ 78.199930][ T6061] ldusb 7-1:0.0: LD USB Device #1 now disconnected [ 78.325403][ T6739] vlan7: entered allmulticast mode [ 78.327266][ T6739] mac80211_hwsim hwsim25 wlan4: entered allmulticast mode [ 78.403637][ T836] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 78.446374][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 78.446402][ T5944] Bluetooth: hci0: adv larger than maximum supported [ 78.450038][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 78.452900][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 78.455971][ T5944] Bluetooth: hci0: Malformed LE Event: 0x0d [ 78.478669][ T6746] netlink: 'syz.3.275': attribute type 11 has an invalid length. [ 78.533557][ T836] usb 6-1: device descriptor read/64, error -71 [ 78.572764][ T6751] team0: Device wg2 is of different type [ 78.773618][ T836] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 78.903526][ T836] usb 6-1: device descriptor read/64, error -71 [ 79.014432][ T836] usb usb6-port1: attempt power cycle [ 79.046650][ T6768] netlink: 'syz.2.284': attribute type 11 has an invalid length. [ 79.275504][ T5944] Bluetooth: hci2: Malformed LE Event: 0x0d [ 79.353885][ T836] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 79.374197][ T836] usb 6-1: device descriptor read/8, error -71 [ 79.613798][ T836] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 79.634196][ T836] usb 6-1: device descriptor read/8, error -71 [ 79.743925][ T836] usb usb6-port1: unable to enumerate USB device [ 79.789579][ T24] usb 5-1: USB disconnect, device number 3 [ 79.819908][ T6793] wg1: entered promiscuous mode [ 79.904816][ T40] kauditd_printk_skb: 41 callbacks suppressed [ 79.904832][ T40] audit: type=1400 audit(1750344558.456:279): avc: denied { search } for pid=5651 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 79.918130][ T40] audit: type=1400 audit(1750344558.456:280): avc: denied { search } for pid=5651 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 79.933548][ T40] audit: type=1400 audit(1750344558.456:281): avc: denied { search } for pid=5651 comm="dhcpcd" name="data" dev="tmpfs" ino=14 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 79.953657][ T40] audit: type=1400 audit(1750344558.456:282): avc: denied { read } for pid=5651 comm="dhcpcd" name="n103" dev="tmpfs" ino=2973 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 79.968918][ T40] audit: type=1400 audit(1750344558.456:283): avc: denied { open } for pid=5651 comm="dhcpcd" path="/run/udev/data/n103" dev="tmpfs" ino=2973 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 79.979833][ T40] audit: type=1400 audit(1750344558.456:284): avc: denied { getattr } for pid=5651 comm="dhcpcd" path="/run/udev/data/n103" dev="tmpfs" ino=2973 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 79.993318][ T6806] bond0: entered allmulticast mode [ 79.996419][ T6806] wg1: left promiscuous mode [ 79.999056][ T6806] wg2: left promiscuous mode [ 79.999815][ T40] audit: type=1400 audit(1750344558.546:285): avc: denied { read open } for pid=6807 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1904 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 80.001002][ T6806] wg2: entered allmulticast mode [ 80.014438][ T40] audit: type=1400 audit(1750344558.546:286): avc: denied { getattr } for pid=6807 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1904 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 80.014794][ T6806] mac80211_hwsim hwsim18 wlan4: entered allmulticast mode [ 80.026513][ T40] audit: type=1400 audit(1750344558.566:287): avc: denied { add_name } for pid=6802 comm="dhcpcd-run-hook" name="resolv.conf.cfttyS3.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 80.037246][ T6806] bridge2: entered allmulticast mode [ 80.038205][ T40] audit: type=1400 audit(1750344558.566:288): avc: denied { create } for pid=6802 comm="dhcpcd-run-hook" name="resolv.conf.cfttyS3.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 80.040586][ T6806] mac80211_hwsim hwsim22 wlan5: entered allmulticast mode [ 80.050371][ T6806] mac80211_hwsim hwsim26 wlan6: entered allmulticast mode [ 80.052863][ T6806] mac80211_hwsim hwsim28 wlan7: entered allmulticast mode [ 80.056069][ T6806] mac80211_hwsim hwsim30 wlan8: entered allmulticast mode [ 80.063405][ T6804] ip6erspan0: entered promiscuous mode [ 80.169845][ T5944] Bluetooth: hci2: Malformed LE Event: 0x0d [ 80.269006][ T6826] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 80.317473][ T6830] wg2: entered promiscuous mode [ 80.319708][ T6830] wg2: left allmulticast mode [ 80.321998][ T6830] team0: Device wg2 is of different type [ 80.543623][ T6067] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 80.715327][ T6067] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 80.718373][ T6067] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 80.722464][ T6067] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 80.725533][ T6067] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.729372][ T6850] syz.2.312: attempt to access beyond end of device [ 80.729372][ T6850] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 80.733961][ T6850] (syz.2.312,6850,0):ocfs2_get_sector:1714 ERROR: status = -5 [ 80.736994][ T6850] (syz.2.312,6850,0):ocfs2_sb_probe:753 ERROR: status = -5 [ 80.739826][ T6850] (syz.2.312,6850,0):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 80.743183][ T6850] (syz.2.312,6850,0):ocfs2_fill_super:1177 ERROR: status = -5 [ 80.932637][ T6067] usb 5-1: usb_control_msg returned -32 [ 80.934611][ T6067] usbtmc 5-1:16.0: can't read capabilities [ 80.940094][ T6067] usb 5-1: USB disconnect, device number 4 [ 81.255705][ T6857] hub 2-0:1.0: USB hub found [ 81.258070][ T6857] hub 2-0:1.0: 2 ports detected [ 81.498820][ T5944] Bluetooth: hci1: Malformed LE Event: 0x0d [ 81.614184][ T6884] wg1: left promiscuous mode [ 81.617585][ T6884] wg2: left promiscuous mode [ 81.619630][ T6884] wg2: entered allmulticast mode [ 81.622197][ T6884] mac80211_hwsim hwsim24 wlan5: entered allmulticast mode [ 81.628238][ T6884] erspan1: entered allmulticast mode [ 81.630679][ T6884] mac80211_hwsim hwsim27 wlan6: entered allmulticast mode [ 81.633338][ T6884] mac80211_hwsim hwsim32 wlan7: entered allmulticast mode [ 81.671049][ T6888] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 81.772456][ T6900] wg2: entered promiscuous mode [ 81.775715][ T6900] wg2: left allmulticast mode [ 81.777519][ T6900] team0: Device wg2 is of different type [ 81.851456][ T6904] __nla_validate_parse: 41 callbacks suppressed [ 81.851475][ T6904] netlink: 8 bytes leftover after parsing attributes in process `syz.1.337'. [ 81.858007][ T6904] netlink: 12 bytes leftover after parsing attributes in process `syz.1.337'. [ 81.933646][ T9] usb 8-1: new full-speed USB device number 2 using dummy_hcd [ 81.962058][ T6913] ip6erspan0: entered promiscuous mode [ 82.065095][ T6918] netlink: 8 bytes leftover after parsing attributes in process `syz.1.342'. [ 82.067981][ T6918] netlink: 12 bytes leftover after parsing attributes in process `syz.1.342'. [ 82.070830][ T6918] validate_nla: 9 callbacks suppressed [ 82.070838][ T6918] netlink: 'syz.1.342': attribute type 6 has an invalid length. [ 82.085287][ T9] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 82.089396][ T9] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 82.090208][ T6921] netlink: 4 bytes leftover after parsing attributes in process `syz.0.344'. [ 82.095021][ T9] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 82.101496][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 82.137300][ T6923] QAT: Invalid ioctl -2144835806 [ 82.141385][ T6923] netlink: 'syz.1.345': attribute type 11 has an invalid length. [ 82.198299][ T6928] netlink: 'syz.0.346': attribute type 5 has an invalid length. [ 82.230100][ T6930] netlink: 14212 bytes leftover after parsing attributes in process `syz.0.347'. [ 82.264150][ T6930] netlink: 8 bytes leftover after parsing attributes in process `syz.0.347'. [ 82.267885][ T6930] netlink: 12 bytes leftover after parsing attributes in process `syz.0.347'. [ 82.271600][ T6930] netlink: 'syz.0.347': attribute type 11 has an invalid length. [ 82.312362][ T9] usb 8-1: usb_control_msg returned -32 [ 82.317205][ T9] usbtmc 8-1:16.0: can't read capabilities [ 82.322821][ T5944] bt_err_ratelimited: 16 callbacks suppressed [ 82.322832][ T5944] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 82.324667][ T9] usb 8-1: USB disconnect, device number 2 [ 82.326898][ T5944] Bluetooth: hci1: adv larger than maximum supported [ 82.330689][ T5944] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 82.333185][ T5944] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 82.336669][ T5944] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 82.339719][ T5944] Bluetooth: hci1: Malformed LE Event: 0x0d [ 82.367315][ T6937] wg1: entered promiscuous mode [ 82.666868][ T6949] wg1: left promiscuous mode [ 82.670218][ T6949] wg2: left promiscuous mode [ 82.672196][ T6949] wg2: entered allmulticast mode [ 82.674690][ T6949] mac80211_hwsim hwsim34 wlan8: entered allmulticast mode [ 82.756779][ T6953] netlink: 14212 bytes leftover after parsing attributes in process `syz.2.357'. [ 82.786689][ T6953] netlink: 8 bytes leftover after parsing attributes in process `syz.2.357'. [ 82.789452][ T6953] netlink: 'syz.2.357': attribute type 11 has an invalid length. [ 82.850150][ T6957] team0: Device wg2 is of different type [ 82.877850][ T6961] netlink: 'syz.3.361': attribute type 1 has an invalid length. [ 82.975684][ T6981] netlink: 'syz.0.368': attribute type 6 has an invalid length. [ 83.032382][ T6986] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 83.157665][ T6988] netlink: 'syz.3.371': attribute type 11 has an invalid length. [ 83.200248][ T5944] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 83.200278][ T5944] Bluetooth: hci2: adv larger than maximum supported [ 83.203383][ T5944] Bluetooth: hci2: Malformed LE Event: 0x0d [ 83.283570][ T836] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 83.370180][ T6995] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 83.455286][ T836] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 83.458604][ T836] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 83.463129][ T836] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 83.467434][ T836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 83.561409][ T7009] wg1: entered promiscuous mode [ 83.676101][ T836] usb 5-1: usb_control_msg returned -32 [ 83.678878][ T836] usbtmc 5-1:16.0: can't read capabilities [ 83.691449][ T836] usb 5-1: USB disconnect, device number 5 [ 83.757404][ T7023] mac80211_hwsim hwsim37 wlan9: entered allmulticast mode [ 83.779898][ T7021] netlink: 'syz.2.380': attribute type 11 has an invalid length. [ 83.847905][ T7033] wg2: entered promiscuous mode [ 83.850068][ T7033] wg2: left allmulticast mode [ 83.853177][ T7033] team0: Device wg2 is of different type [ 83.936623][ T5944] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 83.936653][ T5944] Bluetooth: hci3: adv larger than maximum supported [ 83.939682][ T5944] Bluetooth: hci3: Malformed LE Event: 0x0d [ 83.964256][ T7046] netlink: 'syz.3.391': attribute type 11 has an invalid length. [ 83.999754][ T7052] netlink: 'syz.2.393': attribute type 6 has an invalid length. [ 84.124648][ T7060] loop6: detected capacity change from 0 to 524287999 [ 84.196041][ T7061] xt_TPROXY: Can be used only with -p tcp or -p udp [ 84.271564][ T7066] ip6erspan0: entered promiscuous mode [ 84.485142][ T7070] capability: warning: `syz.1.401' uses deprecated v2 capabilities in a way that may be insecure [ 84.489913][ T7070] evm: overlay not supported [ 84.512470][ T7069] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 84.539056][ T7069] xfrm0 speed is unknown, defaulting to 1000 [ 84.630048][ T7074] wg1: entered promiscuous mode [ 84.833932][ T9] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 84.862270][ T7084] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 84.983943][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 84.987723][ T9] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 84.990991][ T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 84.995739][ T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 84.999703][ T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 85.004131][ T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 85.009803][ T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 85.013661][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.022021][ T7090] wg2: left promiscuous mode [ 85.023615][ T7090] wg2: entered allmulticast mode [ 85.025388][ T7090] mac80211_hwsim hwsim39 wlan10: entered allmulticast mode [ 85.082646][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 85.082680][ T5944] Bluetooth: hci0: Malformed LE Event: 0x0d [ 85.113573][ T24] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 85.228457][ T9] usb 5-1: GET_CAPABILITIES returned 0 [ 85.231007][ T9] usbtmc 5-1:16.0: can't read capabilities [ 85.266770][ T24] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 85.270561][ T24] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 85.275760][ T24] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 85.279343][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.433763][ T9] usb 5-1: USB disconnect, device number 6 [ 85.486736][ T24] usb 6-1: usb_control_msg returned -32 [ 85.489014][ T24] usbtmc 6-1:16.0: can't read capabilities [ 85.498161][ T24] usb 6-1: USB disconnect, device number 7 [ 85.610280][ T7106] team0: Device wg2 is of different type [ 86.511109][ T837] cfg80211: failed to load regulatory.db [ 86.558630][ T40] kauditd_printk_skb: 38 callbacks suppressed [ 86.558648][ T40] audit: type=1400 audit(1750344565.106:327): avc: denied { unmount } for pid=5946 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 86.606639][ T5944] Bluetooth: hci0: Malformed LE Event: 0x0d [ 86.670937][ T40] audit: type=1400 audit(1750344565.216:328): avc: denied { remount } for pid=7133 comm="syz.1.427" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 86.677062][ T7134] ip6erspan0: entered promiscuous mode [ 86.693263][ T7136] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 86.750279][ T7140] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 86.753901][ T40] audit: type=1400 audit(1750344565.296:329): avc: denied { mounton } for pid=7139 comm="syz.3.430" path="/bus" dev="ramfs" ino=15063 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1 [ 86.754998][ T7140] overlayfs: failed to set xattr on upper [ 86.764945][ T7140] overlayfs: ...falling back to redirect_dir=nofollow. [ 86.767090][ T7140] overlayfs: ...falling back to index=off. [ 86.768920][ T7140] overlayfs: ...falling back to uuid=null. [ 86.779885][ T7140] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 86.899264][ T7149] __nla_validate_parse: 46 callbacks suppressed [ 86.899281][ T7149] netlink: 14212 bytes leftover after parsing attributes in process `syz.1.434'. [ 86.929831][ T7151] netlink: 8 bytes leftover after parsing attributes in process `syz.3.435'. [ 86.939472][ T7149] netlink: 8 bytes leftover after parsing attributes in process `syz.1.434'. [ 86.942332][ T7149] netlink: 12 bytes leftover after parsing attributes in process `syz.1.434'. [ 86.963545][ T6009] usb 5-1: new full-speed USB device number 7 using dummy_hcd [ 86.982376][ T7155] wg1: left promiscuous mode [ 86.986768][ T7155] mac80211_hwsim hwsim40 wlan9: entered allmulticast mode [ 86.989812][ T7155] mac80211_hwsim hwsim42 wlan10: entered allmulticast mode [ 86.992969][ T7155] mac80211_hwsim hwsim43 wlan11: entered allmulticast mode [ 87.032708][ T7157] netlink: 8 bytes leftover after parsing attributes in process `syz.1.438'. [ 87.115480][ T6009] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 87.117055][ T7165] wg2: entered promiscuous mode [ 87.119456][ T6009] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 87.121508][ T7165] wg2: left allmulticast mode [ 87.128950][ T6009] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 87.129086][ T7165] team0: Device wg2 is of different type [ 87.132547][ T6009] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.137985][ T7164] netlink: 28 bytes leftover after parsing attributes in process `syz.1.442'. [ 87.141831][ T7164] netlink: 28 bytes leftover after parsing attributes in process `syz.1.442'. [ 87.160288][ T7167] netlink: 256 bytes leftover after parsing attributes in process `syz.2.443'. [ 87.164721][ T7167] unsupported nlmsg_type 40 [ 87.168945][ T7169] netlink: 8 bytes leftover after parsing attributes in process `syz.3.444'. [ 87.170652][ T40] audit: type=1400 audit(1750344565.716:330): avc: denied { create } for pid=7166 comm="syz.2.443" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 87.222816][ T7173] netlink: 14212 bytes leftover after parsing attributes in process `syz.2.446'. [ 87.228266][ T7175] validate_nla: 7 callbacks suppressed [ 87.228280][ T7175] netlink: 'syz.3.447': attribute type 6 has an invalid length. [ 87.258368][ T7173] netlink: 'syz.2.446': attribute type 11 has an invalid length. [ 87.296204][ T7182] netlink: 'syz.1.450': attribute type 5 has an invalid length. [ 87.304842][ T40] audit: type=1400 audit(1750344565.856:331): avc: denied { mounton } for pid=7181 comm="syz.2.451" path="/105/bus" dev="tmpfs" ino=574 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 87.337494][ T7188] wg1: entered promiscuous mode [ 87.361610][ T6009] usb 5-1: usb_control_msg returned -32 [ 87.367120][ T6009] usbtmc 5-1:16.0: can't read capabilities [ 87.376879][ T6009] usb 5-1: USB disconnect, device number 7 [ 87.382810][ T7196] wg1: left promiscuous mode [ 87.401720][ T7192] nvme_fabrics: missing parameter 'transport=%s' [ 87.405779][ T7192] nvme_fabrics: missing parameter 'nqn=%s' [ 87.409083][ T7192] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 87.441072][ T7200] team0: Device wg2 is of different type [ 87.551122][ T7207] netlink: 'syz.2.460': attribute type 11 has an invalid length. [ 87.607776][ T40] audit: type=1400 audit(1750344566.156:332): avc: denied { append } for pid=7214 comm="syz.1.463" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 87.612161][ T7215] random: crng reseeded on system resumption [ 87.617351][ T40] audit: type=1400 audit(1750344566.156:333): avc: denied { open } for pid=7214 comm="syz.1.463" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 87.633961][ T7218] netlink: 'syz.3.465': attribute type 6 has an invalid length. [ 87.638820][ T40] audit: type=1400 audit(1750344566.186:334): avc: denied { ioctl } for pid=7214 comm="syz.1.463" path="/dev/snapshot" dev="devtmpfs" ino=98 ioctlcmd=0x3313 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 87.649728][ T40] audit: type=1400 audit(1750344566.196:335): avc: denied { bind } for pid=7220 comm="syz.2.466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 87.659313][ T40] audit: type=1400 audit(1750344566.206:336): avc: denied { write } for pid=7220 comm="syz.2.466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 87.764596][ T7232] netlink: 'syz.1.471': attribute type 11 has an invalid length. [ 87.876292][ T7244] wg2: entered promiscuous mode [ 87.877875][ T7244] wg2: left allmulticast mode [ 87.879619][ T7244] team0: Device wg2 is of different type [ 88.032987][ T7265] netlink: 'syz.3.485': attribute type 6 has an invalid length. [ 88.034281][ T7264] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 88.063315][ T5944] bt_err_ratelimited: 6 callbacks suppressed [ 88.063327][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 88.067414][ T5944] Bluetooth: hci0: adv larger than maximum supported [ 88.069784][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 88.071941][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 88.074519][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 88.076729][ T5944] Bluetooth: hci0: Malformed LE Event: 0x0d [ 88.107043][ T7277] netlink: 'syz.0.490': attribute type 5 has an invalid length. [ 88.147658][ T7281] netlink: 'syz.0.492': attribute type 5 has an invalid length. [ 88.183310][ T7285] wg2: entered promiscuous mode [ 88.185063][ T7285] wg2: left allmulticast mode [ 88.186670][ T7285] team0: Device wg2 is of different type [ 88.217804][ T7287] ip6erspan0: entered promiscuous mode [ 88.225353][ T7289] wg1: entered promiscuous mode [ 88.303594][ T9] usb 6-1: new full-speed USB device number 8 using dummy_hcd [ 88.304881][ T7295] wg2: left promiscuous mode [ 88.307795][ T7295] wg2: entered allmulticast mode [ 88.309665][ T7295] mac80211_hwsim hwsim41 wlan11: entered allmulticast mode [ 88.312439][ T7295] bridge3: entered allmulticast mode [ 88.465692][ T7308] netlink: 'syz.3.505': attribute type 6 has an invalid length. [ 88.475323][ T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 88.480414][ T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 88.485969][ T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 88.489625][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 88.608637][ T7319] team0: Device wg2 is of different type [ 88.698437][ T9] usb 6-1: usb_control_msg returned -32 [ 88.700992][ T9] usbtmc 6-1:16.0: can't read capabilities [ 88.721903][ T9] usb 6-1: USB disconnect, device number 8 [ 88.855709][ T7333] wg1: left promiscuous mode [ 88.858825][ T7333] wg2: left promiscuous mode [ 88.860934][ T7333] wg2: entered allmulticast mode [ 88.863581][ T7333] mac80211_hwsim hwsim29 wlan5: entered allmulticast mode [ 88.866851][ T7333] mac80211_hwsim hwsim31 wlan6: entered allmulticast mode [ 88.869983][ T7333] mac80211_hwsim hwsim33 wlan7: entered allmulticast mode [ 88.873187][ T7333] mac80211_hwsim hwsim36 wlan8: entered allmulticast mode [ 88.879490][ T7333] bridge2: entered allmulticast mode [ 88.884455][ T7333] mac80211_hwsim hwsim38 wlan9: entered allmulticast mode [ 88.887559][ T7333] mac80211_hwsim hwsim44 wlan10: entered allmulticast mode [ 88.890900][ T7333] mac80211_hwsim hwsim45 wlan11: entered allmulticast mode [ 88.894662][ T7333] mac80211_hwsim hwsim47 wlan12: entered allmulticast mode [ 89.130203][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 89.130231][ T5944] Bluetooth: hci0: adv larger than maximum supported [ 89.132825][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 89.135668][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 89.138503][ T5944] Bluetooth: hci0: Unknown advertising packet type: 0x20 [ 89.140685][ T5944] Bluetooth: hci0: Malformed LE Event: 0x0d [ 89.173571][ T6067] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 89.334465][ T6067] usb 8-1: Using ep0 maxpacket: 32 [ 89.338958][ T6067] usb 8-1: config 1 interface 0 altsetting 6 bulk endpoint 0x1 has invalid maxpacket 1023 [ 89.342146][ T6067] usb 8-1: config 1 interface 0 has no altsetting 0 [ 89.347335][ T6067] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 89.350484][ T6067] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 89.353740][ T6067] usb 8-1: Product: 竇ԋ㔥큥靉鎘륌ᬥ垃盥툈◥橯孁䑴踗띁謌桞ⴈ盍뿋㝌嫸䡚諳颼괐摳᫺궔ퟄⵔ똋≀냛R鳚 [ 89.359344][ T6067] usb 8-1: Manufacturer: 䰊 [ 89.360909][ T6067] usb 8-1: SerialNumber: Ћ [ 89.365174][ T7335] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 89.428584][ T7355] wg1: entered promiscuous mode [ 89.466790][ T7357] tmpfs: Cannot enable quota on remount [ 89.591414][ T6067] usb 8-1: USB disconnect, device number 3 [ 89.687525][ T7378] syz.1.536: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 89.694681][ T7378] CPU: 1 UID: 0 PID: 7378 Comm: syz.1.536 Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0 PREEMPT(full) [ 89.694712][ T7378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.694725][ T7378] Call Trace: [ 89.694732][ T7378] [ 89.694740][ T7378] dump_stack_lvl+0x16c/0x1f0 [ 89.694802][ T7378] warn_alloc+0x248/0x3a0 [ 89.694832][ T7378] ? __pfx_warn_alloc+0x10/0x10 [ 89.694855][ T7378] ? __pfx_stack_trace_save+0x10/0x10 [ 89.694879][ T7378] ? stack_depot_save_flags+0x28/0xa40 [ 89.694919][ T7378] ? kasan_save_stack+0x42/0x60 [ 89.694943][ T7378] ? kasan_save_stack+0x33/0x60 [ 89.694965][ T7378] ? kasan_save_track+0x14/0x30 [ 89.694988][ T7378] ? xskq_create+0x52/0x1d0 [ 89.695009][ T7378] ? xsk_setsockopt+0x640/0x840 [ 89.695029][ T7378] ? do_sock_setsockopt+0x221/0x470 [ 89.695049][ T7378] ? xskq_create+0xfb/0x1d0 [ 89.695075][ T7378] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 89.695105][ T7378] ? xskq_create+0xfb/0x1d0 [ 89.695139][ T7378] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 89.695170][ T7378] ? xskq_create+0xfb/0x1d0 [ 89.695196][ T7378] vmalloc_user_noprof+0x9e/0xe0 [ 89.695216][ T7378] ? xskq_create+0xfb/0x1d0 [ 89.695240][ T7378] xskq_create+0xfb/0x1d0 [ 89.695267][ T7378] xsk_setsockopt+0x640/0x840 [ 89.695294][ T7378] ? __pfx_xsk_setsockopt+0x10/0x10 [ 89.695316][ T7378] ? __lock_acquire+0x622/0x1c90 [ 89.695353][ T7378] ? selinux_socket_setsockopt+0x6a/0x80 [ 89.695379][ T7378] ? __pfx_xsk_setsockopt+0x10/0x10 [ 89.695402][ T7378] do_sock_setsockopt+0x221/0x470 [ 89.695421][ T7378] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 89.695460][ T7378] __sys_setsockopt+0x1a0/0x230 [ 89.695491][ T7378] __x64_sys_setsockopt+0xbd/0x160 [ 89.695516][ T7378] ? do_syscall_64+0x91/0x4c0 [ 89.695544][ T7378] ? lockdep_hardirqs_on+0x7c/0x110 [ 89.695571][ T7378] do_syscall_64+0xcd/0x4c0 [ 89.695601][ T7378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.695629][ T7378] RIP: 0033:0x7fed4d38e929 [ 89.695646][ T7378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.695665][ T7378] RSP: 002b:00007fed4b1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 89.695683][ T7378] RAX: ffffffffffffffda RBX: 00007fed4d5b5fa0 RCX: 00007fed4d38e929 [ 89.695695][ T7378] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006 [ 89.695707][ T7378] RBP: 00007fed4d410b39 R08: 0000000000000004 R09: 0000000000000000 [ 89.695720][ T7378] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 89.695733][ T7378] R13: 0000000000000000 R14: 00007fed4d5b5fa0 R15: 00007ffe0cddbbb8 [ 89.695762][ T7378] [ 89.695770][ T7378] Mem-Info: [ 89.817537][ T7378] active_anon:8456 inactive_anon:0 isolated_anon:0 [ 89.817537][ T7378] active_file:10998 inactive_file:40589 isolated_file:0 [ 89.817537][ T7378] unevictable:1768 dirty:348 writeback:0 [ 89.817537][ T7378] slab_reclaimable:12830 slab_unreclaimable:78404 [ 89.817537][ T7378] mapped:25522 shmem:2397 pagetables:1216 [ 89.817537][ T7378] sec_pagetables:305 bounce:0 [ 89.817537][ T7378] kernel_misc_reclaimable:0 [ 89.817537][ T7378] free:441799 free_pcp:22088 free_cma:0 [ 89.835880][ T7378] Node 0 active_anon:33824kB inactive_anon:0kB active_file:43992kB inactive_file:162152kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:98988kB dirty:1380kB writeback:0kB shmem:6052kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12848kB pagetables:4640kB sec_pagetables:1220kB all_unreclaimable? no Balloon:0kB [ 89.848022][ T7378] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:12kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:112kB pagetables:224kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 89.860538][ T7378] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 89.871927][ T7378] lowmem_reserve[]: 0 1235 1235 1235 1235 [ 89.874548][ T7378] Node 0 DMA32 free:140488kB boost:0kB min:27516kB low:34392kB high:41268kB reserved_highatomic:0KB free_highatomic:0KB active_anon:33700kB inactive_anon:0kB active_file:43992kB inactive_file:162152kB unevictable:3536kB writepending:1380kB present:2080628kB managed:1264720kB mlocked:0kB bounce:0kB free_pcp:77912kB local_pcp:27704kB free_cma:0kB [ 89.885123][ T7378] lowmem_reserve[]: 0 0 0 0 0 [ 89.886960][ T7378] Node 1 Normal free:1611348kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:3536kB writepending:12kB present:2097152kB managed:1781948kB mlocked:0kB bounce:0kB free_pcp:11100kB local_pcp:3188kB free_cma:0kB [ 89.897827][ T7378] lowmem_reserve[]: 0 0 0 0 0 [ 89.899748][ T7378] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 89.904744][ T7378] Node 0 DMA32: 1440*4kB (UME) 605*8kB (UME) 377*16kB (UME) 292*32kB (UME) 274*64kB (ME) 50*128kB (UM) 54*256kB (M) 23*512kB (M) 18*1024kB (M) 10*2048kB (M) 8*4096kB (UM) = 147192kB [ 89.911578][ T7378] Node 1 Normal: 5*4kB (UME) 14*8kB (UE) 19*16kB (UME) 33*32kB (UME) 32*64kB (UME) 9*128kB (UME) 2*256kB (U) 5*512kB (UME) 2*1024kB (UE) 2*2048kB (UM) 390*4096kB (M) = 1611348kB [ 89.918767][ T7378] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 89.922622][ T7378] Node 0 hugepages_total=6 hugepages_free=6 hugepages_surp=4 hugepages_size=2048kB [ 89.926443][ T7378] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 89.930327][ T7378] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 89.934284][ T7378] 53980 total pagecache pages [ 89.936506][ T7378] 0 pages in swap cache [ 89.937852][ T7378] Free swap = 124996kB [ 89.939578][ T7378] Total swap = 124996kB [ 89.941310][ T7378] 1048443 pages RAM [ 89.942878][ T7378] 0 pages HighMem/MovableOnly [ 89.944733][ T7378] 282936 pages reserved [ 89.946507][ T7378] 0 pages cma reserved [ 89.959048][ T7389] wg1: left promiscuous mode [ 89.962146][ T7389] wg2: left promiscuous mode [ 89.964443][ T7389] wg2: entered allmulticast mode [ 89.966776][ T7389] mac80211_hwsim hwsim35 wlan7: entered allmulticast mode [ 89.970750][ T7389] bridge2: entered allmulticast mode [ 89.976405][ T7389] bridge3: entered allmulticast mode [ 89.980898][ T7389] bridge4: entered allmulticast mode [ 89.988564][ T7391] team0: Device wg2 is of different type [ 90.050652][ T5944] Bluetooth: hci1: Malformed LE Event: 0x0d [ 90.164450][ T7403] wg1: entered promiscuous mode [ 90.285057][ T7413] wg1: left promiscuous mode [ 90.288150][ T7413] wg2: left promiscuous mode [ 90.289917][ T7413] wg2: entered allmulticast mode [ 90.292011][ T7413] mac80211_hwsim hwsim46 wlan12: entered allmulticast mode [ 90.295322][ T7413] mac80211_hwsim hwsim48 wlan13: entered allmulticast mode [ 90.431889][ T7425] fuse: Unknown parameter 'f [ 94.192618][ T7721] dump_stack_lvl+0x16c/0x1f0 [ 94.192650][ T7721] should_fail_ex+0x512/0x640 [ 94.192676][ T7721] _copy_from_iter+0x29f/0x16f0 [ 94.192705][ T7721] ? __alloc_skb+0x200/0x380 [ 94.192755][ T7721] ? __pfx__copy_from_iter+0x10/0x10 [ 94.192804][ T7721] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 94.192837][ T7721] netlink_sendmsg+0x829/0xdd0 [ 94.192861][ T7721] ? __pfx_netlink_sendmsg+0x10/0x10 [ 94.192888][ T7721] ____sys_sendmsg+0xa95/0xc70 [ 94.192909][ T7721] ? copy_msghdr_from_user+0x10a/0x160 [ 94.192932][ T7721] ? __pfx_____sys_sendmsg+0x10/0x10 [ 94.192964][ T7721] ___sys_sendmsg+0x134/0x1d0 [ 94.192991][ T7721] ? __pfx____sys_sendmsg+0x10/0x10 [ 94.193014][ T7721] ? __lock_acquire+0x622/0x1c90 [ 94.193069][ T7721] __sys_sendmsg+0x16d/0x220 [ 94.193096][ T7721] ? __pfx___sys_sendmsg+0x10/0x10 [ 94.193137][ T7721] do_syscall_64+0xcd/0x4c0 [ 94.193165][ T7721] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.193183][ T7721] RIP: 0033:0x7f734218e929 [ 94.193199][ T7721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.193215][ T7721] RSP: 002b:00007f7342f4e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 94.193233][ T7721] RAX: ffffffffffffffda RBX: 00007f73423b5fa0 RCX: 00007f734218e929 [ 94.193244][ T7721] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003 [ 94.193254][ T7721] RBP: 00007f7342f4e090 R08: 0000000000000000 R09: 0000000000000000 [ 94.193264][ T7721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.193274][ T7721] R13: 0000000000000000 R14: 00007f73423b5fa0 R15: 00007ffeb86a6908 [ 94.193299][ T7721] [ 94.340446][ T7731] netlink: 'syz.3.690': attribute type 5 has an invalid length. [ 94.409383][ T7739] FAULT_INJECTION: forcing a failure. [ 94.409383][ T7739] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 94.414662][ T7739] CPU: 2 UID: 0 PID: 7739 Comm: syz.2.694 Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0 PREEMPT(full) [ 94.414677][ T7739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.414684][ T7739] Call Trace: [ 94.414687][ T7739] [ 94.414692][ T7739] dump_stack_lvl+0x16c/0x1f0 [ 94.414712][ T7739] should_fail_ex+0x512/0x640 [ 94.414729][ T7739] _copy_from_user+0x2e/0xd0 [ 94.414745][ T7739] copy_msghdr_from_user+0x98/0x160 [ 94.414762][ T7739] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 94.414785][ T7739] ___sys_sendmsg+0xfe/0x1d0 [ 94.414801][ T7739] ? __pfx____sys_sendmsg+0x10/0x10 [ 94.414816][ T7739] ? __lock_acquire+0x622/0x1c90 [ 94.414850][ T7739] __sys_sendmsg+0x16d/0x220 [ 94.414866][ T7739] ? __pfx___sys_sendmsg+0x10/0x10 [ 94.414891][ T7739] do_syscall_64+0xcd/0x4c0 [ 94.414908][ T7739] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.414920][ T7739] RIP: 0033:0x7fd01878e929 [ 94.414929][ T7739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.414939][ T7739] RSP: 002b:00007fd0196d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 94.414950][ T7739] RAX: ffffffffffffffda RBX: 00007fd0189b5fa0 RCX: 00007fd01878e929 [ 94.414956][ T7739] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003 [ 94.414963][ T7739] RBP: 00007fd0196d5090 R08: 0000000000000000 R09: 0000000000000000 [ 94.414969][ T7739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.414975][ T7739] R13: 0000000000000000 R14: 00007fd0189b5fa0 R15: 00007ffdde6eb818 [ 94.414989][ T7739] [ 94.420853][ T5944] bt_err_ratelimited: 5 callbacks suppressed [ 94.420864][ T5944] Bluetooth: hci2: adv larger than maximum supported [ 94.440172][ T6067] hid-generic 0000:0006:0000.0002: unknown main item tag 0x0 [ 94.440218][ T6067] hid-generic 0000:0006:0000.0002: unknown main item tag 0x0 [ 94.440236][ T6067] hid-generic 0000:0006:0000.0002: unknown main item tag 0x0 [ 94.445609][ T6067] hid-generic 0000:0006:0000.0002: hidraw1: HID v4.00 Device [syz0] on syz1 [ 94.446880][ T5944] Bluetooth: hci2: Malformed LE Event: 0x0d [ 94.597758][ T7753] CUSE: DEVNAME unspecified [ 94.604119][ T7753] netem: invalid attributes len -17 [ 94.605848][ T7753] netem: change failed [ 94.773640][ T9] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 94.829577][ T7770] overlayfs: invalid origin (0000) [ 94.935106][ T7772] netlink: 'syz.0.708': attribute type 6 has an invalid length. [ 94.956331][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 94.960705][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 94.964373][ T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 94.968434][ T9] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 94.971473][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.972832][ T7774] team0: Device wg2 is of different type [ 94.975590][ T9] usb 8-1: config 0 descriptor?? [ 95.132709][ T7780] FAULT_INJECTION: forcing a failure. [ 95.132709][ T7780] name failslab, interval 1, probability 0, space 0, times 0 [ 95.136829][ T7780] CPU: 2 UID: 0 PID: 7780 Comm: syz.0.712 Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0 PREEMPT(full) [ 95.136844][ T7780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.136851][ T7780] Call Trace: [ 95.136856][ T7780] [ 95.136861][ T7780] dump_stack_lvl+0x16c/0x1f0 [ 95.136881][ T7780] should_fail_ex+0x512/0x640 [ 95.136895][ T7780] ? __kmalloc_noprof+0xbf/0x510 [ 95.136911][ T7780] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 95.136926][ T7780] should_failslab+0xc2/0x120 [ 95.136942][ T7780] __kmalloc_noprof+0xd2/0x510 [ 95.136960][ T7780] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 95.136975][ T7780] ? cred_has_capability.isra.0+0x193/0x2f0 [ 95.136992][ T7780] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 95.137007][ T7780] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 95.137030][ T7780] ? bpf_lsm_capable+0x9/0x10 [ 95.137041][ T7780] ? security_capable+0x7e/0x260 [ 95.137056][ T7780] genl_rcv_msg+0x55c/0x800 [ 95.137072][ T7780] ? __pfx_genl_rcv_msg+0x10/0x10 [ 95.137085][ T7780] ? __pfx_fou_nl_add_doit+0x10/0x10 [ 95.137104][ T7780] ? __lock_acquire+0x622/0x1c90 [ 95.137123][ T7780] netlink_rcv_skb+0x155/0x420 [ 95.137135][ T7780] ? __pfx_genl_rcv_msg+0x10/0x10 [ 95.137149][ T7780] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 95.137167][ T7780] ? netlink_deliver_tap+0x1ae/0xd30 [ 95.137177][ T7780] ? is_vmalloc_addr+0x86/0xa0 [ 95.137192][ T7780] genl_rcv+0x28/0x40 [ 95.137203][ T7780] netlink_unicast+0x53d/0x7f0 [ 95.137217][ T7780] ? __pfx_netlink_unicast+0x10/0x10 [ 95.137232][ T7780] netlink_sendmsg+0x8d1/0xdd0 [ 95.137246][ T7780] ? __pfx_netlink_sendmsg+0x10/0x10 [ 95.137264][ T7780] ____sys_sendmsg+0xa95/0xc70 [ 95.137279][ T7780] ? copy_msghdr_from_user+0x10a/0x160 [ 95.137300][ T7780] ? __pfx_____sys_sendmsg+0x10/0x10 [ 95.137325][ T7780] ___sys_sendmsg+0x134/0x1d0 [ 95.137349][ T7780] ? __pfx____sys_sendmsg+0x10/0x10 [ 95.137364][ T7780] ? __lock_acquire+0x622/0x1c90 [ 95.137398][ T7780] __sys_sendmsg+0x16d/0x220 [ 95.137414][ T7780] ? __pfx___sys_sendmsg+0x10/0x10 [ 95.137440][ T7780] do_syscall_64+0xcd/0x4c0 [ 95.137458][ T7780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.137469][ T7780] RIP: 0033:0x7f6a82d8e929 [ 95.137478][ T7780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 95.137489][ T7780] RSP: 002b:00007f6a83bf7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 95.137499][ T7780] RAX: ffffffffffffffda RBX: 00007f6a82fb5fa0 RCX: 00007f6a82d8e929 [ 95.137506][ T7780] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003 [ 95.137512][ T7780] RBP: 00007f6a83bf7090 R08: 0000000000000000 R09: 0000000000000000 [ 95.137518][ T7780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 95.137524][ T7780] R13: 0000000000000000 R14: 00007f6a82fb5fa0 R15: 00007ffcf48842a8 [ 95.137538][ T7780] [ 95.250333][ T6009] usb 6-1: USB disconnect, device number 9 [ 95.388434][ T9] plantronics 0003:047F:FFFF.0003: reserved main item tag 0xd [ 95.393338][ T9] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 95.404398][ T9] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw2: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 95.679104][ T7807] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 95.933688][ T6009] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 96.063611][ T9] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 96.095226][ T6009] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 96.099258][ T6009] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 96.104364][ T6009] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 96.108104][ T6009] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.223558][ T9] usb 6-1: Using ep0 maxpacket: 16 [ 96.228081][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 96.232454][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 96.236136][ T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 96.241223][ T9] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 96.245054][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.250534][ T9] usb 6-1: config 0 descriptor?? [ 96.316401][ T6009] usb 7-1: usb_control_msg returned -32 [ 96.318868][ T6009] usbtmc 7-1:16.0: can't read capabilities [ 96.517572][ T7822] team0: Device wg2 is of different type [ 96.676058][ T9] shield 0003:0955:7214.0004: unknown main item tag 0x0 [ 96.679032][ T9] shield 0003:0955:7214.0004: unknown main item tag 0x0 [ 96.681597][ T9] shield 0003:0955:7214.0004: unknown main item tag 0x0 [ 96.685544][ T9] shield 0003:0955:7214.0004: unknown main item tag 0x0 [ 96.687798][ T9] shield 0003:0955:7214.0004: unknown main item tag 0x0 [ 96.694496][ T9] input: HID 0955:7214 Haptics as /devices/virtual/input/input8 [ 96.713800][ T836] usb 8-1: reset high-speed USB device number 4 using dummy_hcd [ 96.718433][ T9] shield 0003:0955:7214.0004: Registered Thunderstrike controller [ 96.725656][ T9] shield 0003:0955:7214.0004: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0 [ 96.864958][ T6009] hid-generic 0000:0000:20000000.0005: unexpected long global item [ 96.868636][ T6009] hid-generic 0000:0000:20000000.0005: probe with driver hid-generic failed with error -22 [ 96.876174][ T40] kauditd_printk_skb: 11 callbacks suppressed [ 96.876188][ T40] audit: type=1400 audit(1750344575.426:378): avc: denied { read write } for pid=7813 comm="syz.1.725" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 96.876261][ T7814] random: crng reseeded on system resumption [ 97.011994][ T7830] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 97.012057][ T837] usb 6-1: USB disconnect, device number 10 [ 97.016154][ T837] ------------[ cut here ]------------ [ 97.020402][ T837] workqueue: work disable count underflowed [ 97.022329][ T837] WARNING: CPU: 1 PID: 837 at kernel/workqueue.c:4328 enable_work+0x2f8/0x340 [ 97.022726][ T7830] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 97.025526][ T837] Modules linked in: [ 97.025550][ T837] CPU: 1 UID: 0 PID: 837 Comm: kworker/1:2 Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0 PREEMPT(full) [ 97.025573][ T837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.025585][ T837] Workqueue: usb_hub_wq hub_event [ 97.025626][ T837] RIP: 0010:enable_work+0x2f8/0x340 [ 97.025644][ T837] Code: 89 ee e8 0b 29 38 00 45 84 ed 0f 85 29 fe ff ff e8 1d 2e 38 00 c6 05 e2 7f 0c 0f 01 90 48 c7 c7 00 00 ac 8b e8 89 f2 f6 ff 90 <0f> 0b 90 90 e9 06 fe ff ff 48 89 ef e8 07 07 9f 00 e9 aa fe ff ff [ 97.025656][ T837] RSP: 0018:ffffc9000565f3c0 EFLAGS: 00010086 [ 97.032526][ T7830] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 97.033380][ T837] [ 97.033386][ T837] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248 [ 97.033395][ T837] RDX: ffff8880268dc880 RSI: ffffffff817ae255 RDI: 0000000000000001 [ 97.033401][ T837] RBP: ffff88802681c730 R08: 0000000000000001 R09: 0000000000000000 [ 97.033408][ T837] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92000acbe79 [ 97.033415][ T837] R13: 0000000000000000 R14: ffff88802681c728 R15: ffffffff8fe68920 [ 97.033422][ T837] FS: 0000000000000000(0000) GS:ffff8880d6853000(0000) knlGS:0000000000000000 [ 97.033444][ T837] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.033453][ T837] CR2: 00007fed4b1d4f98 CR3: 000000002c84f000 CR4: 0000000000352ef0 [ 97.033460][ T837] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 97.037978][ T7830] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 97.041137][ T837] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 97.041148][ T837] Call Trace: [ 97.041153][ T837] [ 97.041159][ T837] ? __pfx_enable_work+0x10/0x10 [ 97.041178][ T837] ? __thermal_zone_cdev_unbind+0x6c/0x6a0 [ 97.049388][ T40] audit: type=1400 audit(1750344575.596:379): avc: denied { getopt } for pid=7838 comm="syz.0.735" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 97.050665][ T837] __cancel_work_sync+0xe7/0x130 [ 97.099556][ T837] thermal_zone_device_unregister+0x239/0x450 [ 97.101529][ T837] ? __pfx_shield_remove+0x10/0x10 [ 97.103177][ T837] power_supply_unregister+0x10a/0x150 [ 97.104900][ T837] shield_remove+0x75/0x130 [ 97.106347][ T837] ? __pfx_shield_remove+0x10/0x10 [ 97.107963][ T837] hid_device_remove+0xd1/0x260 [ 97.109522][ T837] ? __pfx_hid_device_remove+0x10/0x10 [ 97.111235][ T837] device_remove+0xcb/0x170 [ 97.112734][ T837] device_release_driver_internal+0x44b/0x620 [ 97.114644][ T837] bus_remove_device+0x22f/0x420 [ 97.116199][ T837] device_del+0x396/0x9f0 [ 97.117593][ T837] ? __pfx_device_del+0x10/0x10 [ 97.119131][ T837] ? do_raw_spin_lock+0x12c/0x2b0 [ 97.120741][ T837] ? find_held_lock+0x2b/0x80 [ 97.122270][ T837] hid_destroy_device+0x19c/0x240 [ 97.123852][ T837] usbhid_disconnect+0xa0/0xe0 [ 97.125392][ T837] usb_unbind_interface+0x1da/0x9a0 [ 97.127037][ T837] ? kernfs_remove_by_name_ns+0xbe/0x110 [ 97.128807][ T837] ? __pfx_usb_unbind_interface+0x10/0x10 [ 97.130607][ T837] device_remove+0x122/0x170 [ 97.132104][ T837] device_release_driver_internal+0x44b/0x620 [ 97.134021][ T837] bus_remove_device+0x22f/0x420 [ 97.135584][ T837] device_del+0x396/0x9f0 [ 97.136964][ T837] ? __pfx_device_del+0x10/0x10 [ 97.138505][ T837] ? kobject_put+0x210/0x5a0 [ 97.139995][ T837] usb_disable_device+0x355/0x7d0 [ 97.141593][ T837] usb_disconnect+0x2e1/0x920 [ 97.143085][ T837] hub_event+0x1c57/0x4fa0 [ 97.144523][ T837] ? __lock_acquire+0xb8a/0x1c90 [ 97.146132][ T837] ? __pfx_hub_event+0x10/0x10 [ 97.147653][ T837] ? interval_tree_span_iter_first+0xe0/0x3c0 [ 97.149590][ T837] ? finish_task_switch.isra.0+0x221/0xc10 [ 97.151433][ T837] ? rcu_is_watching+0x12/0xc0 [ 97.153032][ T837] process_one_work+0x9cc/0x1b70 [ 97.154664][ T837] ? __pfx_process_one_work+0x10/0x10 [ 97.156393][ T837] ? assign_work+0x1a0/0x250 [ 97.157872][ T837] worker_thread+0x6c8/0xf10 [ 97.159349][ T837] ? __kthread_parkme+0x19e/0x250 [ 97.160953][ T837] ? __pfx_worker_thread+0x10/0x10 [ 97.162588][ T837] kthread+0x3c2/0x780 [ 97.163873][ T837] ? __pfx_kthread+0x10/0x10 [ 97.165362][ T837] ? rcu_is_watching+0x12/0xc0 [ 97.166878][ T837] ? __pfx_kthread+0x10/0x10 [ 97.168348][ T837] ret_from_fork+0x5d4/0x6f0 [ 97.169854][ T837] ? __pfx_kthread+0x10/0x10 [ 97.171491][ T837] ret_from_fork_asm+0x1a/0x30 [ 97.173349][ T837] [ 97.174446][ T837] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 97.177035][ T837] CPU: 1 UID: 0 PID: 837 Comm: kworker/1:2 Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0 PREEMPT(full) [ 97.180893][ T837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.184257][ T837] Workqueue: usb_hub_wq hub_event [ 97.185901][ T837] Call Trace: [ 97.186962][ T837] [ 97.187879][ T837] dump_stack_lvl+0x3d/0x1f0 [ 97.189338][ T837] panic+0x71c/0x800 [ 97.190607][ T837] ? __pfx_panic+0x10/0x10 [ 97.192064][ T837] ? show_trace_log_lvl+0x29b/0x3e0 [ 97.193740][ T837] ? check_panic_on_warn+0x1f/0xb0 [ 97.195425][ T837] ? enable_work+0x2f8/0x340 [ 97.197010][ T837] check_panic_on_warn+0xab/0xb0 [ 97.198670][ T837] __warn+0xf6/0x3c0 [ 97.200059][ T837] ? __pfx_vprintk_emit+0x10/0x10 [ 97.201687][ T837] ? enable_work+0x2f8/0x340 [ 97.203150][ T837] report_bug+0x3c3/0x580 [ 97.204532][ T837] ? enable_work+0x2f8/0x340 [ 97.206153][ T837] handle_bug+0x184/0x210 [ 97.207940][ T837] exc_invalid_op+0x17/0x50 [ 97.209852][ T837] asm_exc_invalid_op+0x1a/0x20 [ 97.211883][ T837] RIP: 0010:enable_work+0x2f8/0x340 [ 97.214013][ T837] Code: 89 ee e8 0b 29 38 00 45 84 ed 0f 85 29 fe ff ff e8 1d 2e 38 00 c6 05 e2 7f 0c 0f 01 90 48 c7 c7 00 00 ac 8b e8 89 f2 f6 ff 90 <0f> 0b 90 90 e9 06 fe ff ff 48 89 ef e8 07 07 9f 00 e9 aa fe ff ff [ 97.221856][ T837] RSP: 0018:ffffc9000565f3c0 EFLAGS: 00010086 [ 97.224434][ T837] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248 [ 97.227594][ T837] RDX: ffff8880268dc880 RSI: ffffffff817ae255 RDI: 0000000000000001 [ 97.230052][ T837] RBP: ffff88802681c730 R08: 0000000000000001 R09: 0000000000000000 [ 97.232632][ T837] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92000acbe79 [ 97.235088][ T837] R13: 0000000000000000 R14: ffff88802681c728 R15: ffffffff8fe68920 [ 97.237547][ T837] ? __warn_printk+0x198/0x350 [ 97.239061][ T837] ? __warn_printk+0x1a5/0x350 [ 97.240570][ T837] ? __pfx_enable_work+0x10/0x10 [ 97.242286][ T837] ? __thermal_zone_cdev_unbind+0x6c/0x6a0 [ 97.244124][ T837] __cancel_work_sync+0xe7/0x130 [ 97.245732][ T837] thermal_zone_device_unregister+0x239/0x450 [ 97.247627][ T837] ? __pfx_shield_remove+0x10/0x10 [ 97.249247][ T837] power_supply_unregister+0x10a/0x150 [ 97.250960][ T837] shield_remove+0x75/0x130 [ 97.252472][ T837] ? __pfx_shield_remove+0x10/0x10 [ 97.254296][ T837] hid_device_remove+0xd1/0x260 [ 97.255845][ T837] ? __pfx_hid_device_remove+0x10/0x10 [ 97.257569][ T837] device_remove+0xcb/0x170 [ 97.259102][ T837] device_release_driver_internal+0x44b/0x620 [ 97.261520][ T837] bus_remove_device+0x22f/0x420 [ 97.263110][ T837] device_del+0x396/0x9f0 [ 97.264498][ T837] ? __pfx_device_del+0x10/0x10 [ 97.266055][ T837] ? do_raw_spin_lock+0x12c/0x2b0 [ 97.267648][ T837] ? find_held_lock+0x2b/0x80 [ 97.269153][ T837] hid_destroy_device+0x19c/0x240 [ 97.270742][ T837] usbhid_disconnect+0xa0/0xe0 [ 97.272341][ T837] usb_unbind_interface+0x1da/0x9a0 [ 97.273989][ T837] ? kernfs_remove_by_name_ns+0xbe/0x110 [ 97.275758][ T837] ? __pfx_usb_unbind_interface+0x10/0x10 [ 97.277584][ T837] device_remove+0x122/0x170 [ 97.279060][ T837] device_release_driver_internal+0x44b/0x620 [ 97.281027][ T837] bus_remove_device+0x22f/0x420 [ 97.282673][ T837] device_del+0x396/0x9f0 [ 97.284011][ T837] ? __pfx_device_del+0x10/0x10 [ 97.285542][ T837] ? kobject_put+0x210/0x5a0 [ 97.286984][ T837] usb_disable_device+0x355/0x7d0 [ 97.288555][ T837] usb_disconnect+0x2e1/0x920 [ 97.290023][ T837] hub_event+0x1c57/0x4fa0 [ 97.291447][ T837] ? __lock_acquire+0xb8a/0x1c90 [ 97.293062][ T837] ? __pfx_hub_event+0x10/0x10 [ 97.294575][ T837] ? interval_tree_span_iter_first+0xe0/0x3c0 [ 97.296489][ T837] ? finish_task_switch.isra.0+0x221/0xc10 [ 97.298329][ T837] ? rcu_is_watching+0x12/0xc0 [ 97.299851][ T837] process_one_work+0x9cc/0x1b70 [ 97.301447][ T837] ? __pfx_process_one_work+0x10/0x10 [ 97.303158][ T837] ? assign_work+0x1a0/0x250 [ 97.304636][ T837] worker_thread+0x6c8/0xf10 [ 97.306105][ T837] ? __kthread_parkme+0x19e/0x250 [ 97.307702][ T837] ? __pfx_worker_thread+0x10/0x10 [ 97.309323][ T837] kthread+0x3c2/0x780 [ 97.310627][ T837] ? __pfx_kthread+0x10/0x10 [ 97.312144][ T837] ? rcu_is_watching+0x12/0xc0 [ 97.313672][ T837] ? __pfx_kthread+0x10/0x10 [ 97.315131][ T837] ret_from_fork+0x5d4/0x6f0 [ 97.316608][ T837] ? __pfx_kthread+0x10/0x10 [ 97.318067][ T837] ret_from_fork_asm+0x1a/0x30 [ 97.319602][ T837] [ 97.321334][ T837] Kernel Offset: disabled [ 97.322842][ T837] Rebooting in 86400 seconds.. VM DIAGNOSIS: 14:49:35 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff855b8a55 RDI=ffffffff9b089360 RBP=ffffffff9b089320 RSP=ffffc900036375e0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000020 R14=ffffffff9b089320 R15=ffffffff855b89f0 RIP=ffffffff855b8a7f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6753000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b2f4fdff8 CR3=000000004f9ed000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000010000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdde6ebba0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd018811b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd018811b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd018811b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd018811b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd018811bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd018811c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=000000000000002b RCX=ffffffff819b8272 RDX=ffff8880268dc880 RSI=ffffffff819b8260 RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc9000565f058 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=1ffff92000acbe0d R13=0000000000000000 R14=ffff88802259a440 R15=ffffc9000565f120 RIP=ffffffff819b8262 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6853000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fed4b1d4f98 CR3=000000002c84f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000f0000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000561fb82be600 0000561fb82be600 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff33a0cb60 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 203a312d36206273 75205d3733385420 205b5d3735303231 302e37392020205b ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f544f5250452d20 6f74206575642074 726f706572204449 4820747365757165 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7220444d4354534f 4820656b69727473 7265646e75685420 74757074756f206f ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 742064656c696146 203a343030302e34 3132373a35353930 3a3330303020646c ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65696873205d3033 383754205b5d3439 393131302e373920 20205b203a6c656e ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000000 RBX=0000000000000008 RCX=ffffffff82081a4d RDX=1ffff1100757382c RSI=ffffffff82081a6b RDI=ffff88803ab9c160 RBP=0000000000000028 RSP=ffffc90003bff530 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000008 R11=0000000000000001 R12=ffff88803ab9c150 R13=00007f6a819aa000 R14=ffff8880342e4ca0 R15=0000000000000000 RIP=ffffffff82081a89 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055557cffb500 ffffffff 00c00000 GS =0000 ffff8880d6953000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f6a83ae56c0 CR3=00000000512d1000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd018811b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd018811b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd018811b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd018811b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd018811bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd018811c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd018984488 00007fd018984480 00007fd018984478 00007fd018984450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd0194ed100 00007fd018984440 00007fd018980004 0008000f0010000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd018984498 00007fd018984490 00007fd018984488 00007fd018984480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000046 RBX=ffffc90003677f58 RCX=ffffffff81c3ebdf RDX=0000000000000000 RSI=ffffffff8c157960 RDI=ffffffff8df26db8 RBP=ffffc90003677f48 RSP=ffffc90003677f10 R8 =0000000000000000 R9 =0000000000000001 R10=ffffffff90a81557 R11=0000000000000000 R12=00000000000000ca R13=00000000000000ca R14=0000000000000000 R15=0000000000000000 RIP=ffffffff819855c3 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fed4b1f66c0 ffffffff 00c00000 GS =0000 ffff8880d6a53000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f6a82f7e2d8 CR3=0000000059e5f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fffff800 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fed4b1f3f70 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fed4d411b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fed4d411b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fed4d411b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fed4d411b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fed4d411bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fed4d411c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000312e63 64755f796d6d7564 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000