last executing test programs: 20.939900268s ago: executing program 0 (id=211): r0 = inotify_init1(0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000ffff940000000000080400000000000000c4881250d5292eea7c12894c7ed3de28a844f0ca481ed7eb42de2c8e16e7f0c4f0665bb5f2b7073f6c560440ec1ccd1107eec576b38a85d08ed3493c8c2fee875b863987f57414d0a7a36731d69a552617848b863879c98a5eff6d8fd87c03b938e5513322d93351831349c268468732fe980aa904b925e0325d188f5b4e174d2b34ed61ab60f526343e3fa698011cd839b83f28c41e3dc49ca184c17ba38a5598059b2d15e52fcd9231f58e42104da507be924885b9175917bb1d736c8767c79d85c10ef6836157a9cef8199dd87609ed954022fafa22bc0743659f965be027cf000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) write$cgroup_int(r2, &(0x7f0000000700)=0x8, 0x12) r3 = openat(0xffffffffffffffff, &(0x7f0000000200)='./cgroup\x00', 0x10400, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r2}, &(0x7f0000000140), &(0x7f00000001c0)}, 0x20) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000100)={r1, r3, 0x6, 0x0, @void}, 0x10) newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) mount$bpf(0x0, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000240), 0x818892, &(0x7f0000000000)={[{@uid={'uid', 0x3d, r4}}]}) lsetxattr$security_capability(&(0x7f0000000380)='./cgroup\x00', &(0x7f00000003c0), &(0x7f0000000400)=@v3={0x3000000, [{0xb, 0x9}, {0xfffffff9, 0xa7d3}], r4}, 0x18, 0x3) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_HYPERV_EVENTFD(r6, 0x4048aec9, &(0x7f0000000080)={0x6, 0xffffffffffffffff, 0x1fffffff}) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r1, r3, 0x6, 0x0, @val=@tracing}, 0x40) close_range(r0, 0xffffffffffffffff, 0x0) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(0xffffffffffffffff, 0x7a8, 0x0) 20.811440092s ago: executing program 0 (id=212): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1700000000000000045dc1bf1400000020000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000042c0)='fdinfo/3\x00') read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020) r1 = socket$nl_route(0x10, 0x3, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043e3a0f011500810000"], 0x3d) (async) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MTU={0x8, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 20.710930196s ago: executing program 0 (id=214): syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x4, 0x2) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080c30000000e8fe55a1190015000600142603600e120900400000000401a80016000a0004400a080000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x4) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f00000000c0)={0x2, @pix_mp={0xa9, 0x9, 0x33363248, 0x2, 0x5, [{0xfffffffc, 0x3}, {0x7, 0x3}, {0x0, 0x6}, {0xbd45, 0x7}, {0xc, 0xf04}, {0x0, 0xe}, {0x7, 0x8}, {0x9, 0x9}], 0x5, 0x8, 0x2, 0x2, 0x6}}) syz_pidfd_open(0x0, 0x0) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/diskstats\x00', 0x0, 0x0) r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) sendfile(r4, r3, 0x0, 0x4000000008) getsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000280), &(0x7f0000000200)=0xe) 20.708209942s ago: executing program 0 (id=216): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002000a00000004000100080004"], 0x44}}, 0x10) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00') r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xa0800820}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x4c, r3, 0x300, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_CHANNELS_OTHER_COUNT={0x8, 0x8, 0x7424}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x73}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0xde}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x4}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0xb}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0xf772}, @ETHTOOL_A_CHANNELS_OTHER_COUNT={0x8, 0x8, 0x36a}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20004004}, 0x8091) move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) pivot_root(&(0x7f0000000500)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000080)='./file0\x00') sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="60010000100013042bbd700000000000ac1e030100000000000000000000000020010000000000000000000000000000000000004e2400000200002000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fe88000000000000000000000000000100000000320000000a0101000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff00000000000000000c00000000020000000000000000000000000000000000000800000000000000cc00000000000000000000000000000001000000000000000000000026bd7000ff3400000a00010100000000000000006f001200726663343130362867636d28616573292900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001801000060"], 0x160}}, 0x0) sendmsg$nl_generic(r2, &(0x7f00000004c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f0000000540)={0x88, 0x27, 0x10, 0x40, 0x25dfdbfc, {0x1a}, [@typed={0x4, 0x7c}, @typed={0x14, 0x7d, 0x0, 0x0, @ipv6=@mcast2}, @generic="4039cf5a4b6baa223be0fa483ca9b8c22a5e5dc04cb151d2aab449bc04771a8cc67343804528354f8ada9fdc7091bc5998225003e57edfdca5a30e75c1fb3ae7f1019f54ee8f933e5383e7f4baf3f3729f49a2d087203bf00f61"]}, 0x88}, 0x1, 0x0, 0x0, 0xc4}, 0x800) 20.530046757s ago: executing program 0 (id=221): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x8000) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r1, 0xc0a85322, &(0x7f0000000340)) r2 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'rose0\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r3], 0x20}}, 0x0) 20.229832985s ago: executing program 0 (id=224): r0 = io_uring_setup(0x14cb, &(0x7f0000000000)={0x0, 0x4000995f, 0x80, 0x1, 0xde}) io_uring_enter(r0, 0x52b1, 0x8d9b8, 0x2d, 0xfffffffffffffffd, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) (async) syz_io_uring_setup(0x204, &(0x7f0000000380)={0x0, 0xf67e, 0xd0, 0x0, 0x1df}, 0x0, 0x0) mknod$loop(&(0x7f0000000180)='./file0\x00', 0x0, 0x1) (async) r1 = openat$fb1(0xffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x3f, 0x0, 0x1, 0x3e, 0x0, 0x0, {}, {0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) (async) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) (async) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async) ioctl$TUNSETVNETLE(r4, 0x400454dc, &(0x7f0000000040)=0x1) (async) writev(r4, &(0x7f0000000080)=[{&(0x7f0000000ec0)="9c643eaf233644f55d30ad30c107", 0xe}], 0x1) r5 = dup(r3) write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18) (async) write$FUSE_DIRENTPLUS(r5, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0) (async) write$FUSE_DIRENTPLUS(r5, &(0x7f00000000c0)=ANY=[@ANYRES16=r3], 0x10) (async) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',posixacl']) (async) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x1}) 20.151972056s ago: executing program 32 (id=224): r0 = io_uring_setup(0x14cb, &(0x7f0000000000)={0x0, 0x4000995f, 0x80, 0x1, 0xde}) io_uring_enter(r0, 0x52b1, 0x8d9b8, 0x2d, 0xfffffffffffffffd, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) (async) syz_io_uring_setup(0x204, &(0x7f0000000380)={0x0, 0xf67e, 0xd0, 0x0, 0x1df}, 0x0, 0x0) mknod$loop(&(0x7f0000000180)='./file0\x00', 0x0, 0x1) (async) r1 = openat$fb1(0xffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x3f, 0x0, 0x1, 0x3e, 0x0, 0x0, {}, {0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) (async) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) (async) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async) ioctl$TUNSETVNETLE(r4, 0x400454dc, &(0x7f0000000040)=0x1) (async) writev(r4, &(0x7f0000000080)=[{&(0x7f0000000ec0)="9c643eaf233644f55d30ad30c107", 0xe}], 0x1) r5 = dup(r3) write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18) (async) write$FUSE_DIRENTPLUS(r5, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0) (async) write$FUSE_DIRENTPLUS(r5, &(0x7f00000000c0)=ANY=[@ANYRES16=r3], 0x10) (async) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',posixacl']) (async) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x1}) 3.510417839s ago: executing program 3 (id=329): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000200)) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x3, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000ff000000bfa300000000000007030000f0ffffff720af0fff8ffffff71a4f0ff000000002d040200000000001d400500000000004704000001ed00007b030000000000001d440000000000007a0a00fe00ffffffd703000040000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 3.270485082s ago: executing program 3 (id=330): bind$tipc(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r1, &(0x7f0000000000), 0xd) r2 = fcntl$getown(r1, 0x9) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x4c2, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000005700)=[@text32={0x20, 0x0}], 0x1, 0xc, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000080)=0x1) syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0xff, 0x0, 0x8, [{{0x9, 0x4, 0x0, 0xfd, 0x1, 0x7, 0x1, 0x2, 0x6, "", {{{0x9, 0x5, 0x1, 0x2, 0x3ff, 0x7, 0x0, 0xb}}}}}]}}]}}, 0x0) 2.939511558s ago: executing program 2 (id=333): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc}, 0x10) r1 = socket(0x1e, 0x4, 0x0) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000480)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_POLL(r2, &(0x7f0000000100)={0x18, 0x0, r3, {0xfffffffe}}, 0x18) r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f00005f5000)={0x1000000, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0xd8}}, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) r5 = mq_open(&(0x7f0000000200)='^-!-):(%@^+\x00', 0x40, 0x46, 0x0) mq_getsetattr(r5, 0x0, &(0x7f0000000380)) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) sendmmsg(r0, &(0x7f0000003240), 0x4000000000000e4, 0x0) 1.94040272s ago: executing program 2 (id=335): r0 = getpgid(0x0) getpriority(0x0, r0) (async) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000140)={0x8, 0x0, 0x0, 0x0, 0x0, "00000000008c572278efe78ea700"}) ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000000)={0x5688a077, 0xd4, 0x4, 0x6, 0x6, "25a279691c6a7f3648c7bb5c9745e54e142ddc", 0x8, 0xed52}) (async) ioctl$TIOCGPTPEER(r1, 0x5441, 0x0) 1.849795195s ago: executing program 2 (id=336): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000200)=0x2, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @empty}, 0x10) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCGPGRP(r1, 0x540f, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff, 0x6}) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x8, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa40000000000000704000000feffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000300)='GPL\x00', 0x8, 0x1005, &(0x7f000001b180)=""/4101, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) mkdir(&(0x7f0000000100)='./file0\x00', 0x11c) mount(&(0x7f0000000000)=@md0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040)='hpfs\x00', 0x1001413, 0x0) r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x14000, 0xa3) open_tree(r3, &(0x7f00000000c0)='./file0\x00', 0x11100) 1.782766343s ago: executing program 2 (id=337): ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x1, 0x5, 0xeeee8000, 0x2000, &(0x7f0000fa1000/0x2000)=nil}) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000080)=@framed={{}, [@ldst={0x2, 0x0, 0x3, 0x1, 0x0, 0x54}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_QUERYCTRL(r1, 0xc0445624, &(0x7f0000000100)={0x3, 0x9, "6da9ef8894a8932e885b14fa5cf25b6b605698b7e9cdcc2f1f6bfd439e8b76ba", 0x8000, 0xc4, 0x8, 0x2, 0x10}) syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) socket$netlink(0x10, 0x3, 0x4) write(r1, &(0x7f0000000080)="2700000014000707030e0000121f0a00110023d75147a2c01f52ea064d136201ff000000000000e453432a0700f5ffc9897bb3509ab2d82ed6dc13254b", 0x3d) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r3, 0xc0145b0d, &(0x7f0000000040)) 1.718732956s ago: executing program 3 (id=338): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, r1, 0x400, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x429e, 0x17}}}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x2c}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x28}]}, 0x30}, 0x1, 0x0, 0x0, 0x2400c841}, 0x4040000) r2 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x4) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'syztnl1\x00', &(0x7f0000000200)={'syztnl2\x00', 0x0, 0x2f, 0xa5, 0xa9, 0x1, 0x10, @empty, @private2={0xfc, 0x2, '\x00', 0x1}, 0x40, 0x8, 0x8, 0x9}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000340)={'ip6_vti0\x00', &(0x7f00000002c0)={'ip6tnl0\x00', 0x0, 0x29, 0xff, 0x20, 0x2, 0x40, @empty, @local, 0x700, 0x7, 0x1, 0x2}}) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000380)={@private2, 0x0}, &(0x7f00000003c0)=0x14) sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000640)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000600)={&(0x7f0000000400)={0x1c8, 0x0, 0x300, 0x70bd28, 0x25dfdbfb, {}, [{{0x8, 0x1, r3}, {0x1ac, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xd}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7f}}, {0x8, 0x6, r4}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8}}, {0x8, 0x6, r6}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}]}}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040855) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000680)={0x2, [0x0, 0x0]}, &(0x7f00000006c0)=0xc) r8 = landlock_create_ruleset(&(0x7f0000000700)={0x204, 0x3, 0x1}, 0x18, 0x0) r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000780), r2) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x24, r9, 0x300, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000800) syz_io_uring_setup(0x2bf4, &(0x7f0000000880)={0x0, 0x9f7f, 0x408, 0x1, 0x326}, &(0x7f0000000900), &(0x7f0000000940)) r10 = socket$l2tp6(0xa, 0x2, 0x73) r11 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r11, 0x84, 0x7b, &(0x7f0000000980)={r7, 0x2}, &(0x7f00000009c0)=0x8) r12 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r11, 0x84, 0x7b, &(0x7f0000000a00)={0x0, 0x8}, &(0x7f0000000a40)=0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r11, 0x84, 0x75, &(0x7f0000000a80)={r13, 0x7f}, 0x8) close(r8) sendmsg$BATADV_CMD_SET_HARDIF(r2, &(0x7f0000000bc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b00)={0x4c, r9, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8}, @BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7fffffff}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x1ff}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x804) r14 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000c00), 0x1, 0x0) ioctl$TUNSETIFF(r14, 0x400454ca, &(0x7f0000000c40)={'batadv_slave_1\x00', 0x20}) r15 = syz_socket_connect_nvme_tcp() recvmsg$inet_nvme(r15, &(0x7f0000002180)={&(0x7f0000000c80)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, 0x80, &(0x7f0000002000)=[{&(0x7f0000000d00)=""/7, 0x7}, {&(0x7f0000000d40)=""/250, 0xfa}, {&(0x7f0000000e40)=""/42, 0x2a}, {&(0x7f0000000e80)=""/21, 0x15}, {&(0x7f0000000ec0)=""/25, 0x19}, {&(0x7f0000000f00)=""/221, 0xdd}, {&(0x7f0000001000)=""/4096, 0x1000}], 0x7, &(0x7f0000002080)=""/214, 0xd6}, 0x2000) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000002200)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_SCAN(r16, &(0x7f00000022c0)={&(0x7f00000021c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000002280)={&(0x7f0000002240)={0x1c, r1, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r17}, @void}}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x0) close(r10) 1.598368355s ago: executing program 3 (id=339): r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000001280), 0x0, 0x0) ioctl$SNDCTL_DSP_GETISPACE(r0, 0xc0045002, &(0x7f0000000100)) (async) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) (async) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) (async) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@verity_on}]}) (async) r1 = creat(&(0x7f0000000340)='./file0/file0\x00', 0x0) rmdir(&(0x7f0000000100)='./file1\x00') (async) chdir(&(0x7f0000000140)='./bus\x00') (async) setxattr$security_ima(&(0x7f0000000040)='./bus\x00', &(0x7f0000000280), &(0x7f0000000380)=@sha1={0x1, "e4a3186656e05fab9468f405313ac4c83f286814"}, 0x15, 0x1) (async) sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x4, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000001}, 0x4000) 1.460939249s ago: executing program 3 (id=340): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0) r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000a00), 0x430000, 0x0) ioctl$CDROMREADTOCHDR(r1, 0x5305, &(0x7f0000000a40)={0x9, 0x40}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x5, 0x0, 0x0) ioctl$KVM_GET_NESTED_STATE(r3, 0xc080aebe, &(0x7f000000a100)={{0x0, 0x0, 0x80}}) 1.269235249s ago: executing program 4 (id=342): socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000180), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) r2 = socket$qrtr(0x2a, 0x2, 0x0) bind$qrtr(r2, &(0x7f0000000000)={0x2a, 0x1}, 0xc) bind$qrtr(r2, &(0x7f0000000100)={0x2a, 0x1}, 0xc) 1.268798848s ago: executing program 3 (id=343): rt_sigreturn() sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001780)={0x0, 0x2cc}}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000002c000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0x80}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad629b4feb9e23b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975aa7f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823afe044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e516"}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000040)="0f01cf66ba4000b858000000ef670f0fecb70f015ebbc4e21d3a51000f0090db2d0000da1c29deaa008800000f06c4c3494c6d0d6a"}], 0x1, 0x5a, 0x0, 0x30) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x1c, r4, 0x331, 0x70bd2f, 0x0, {0x8}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8814}, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.267844903s ago: executing program 1 (id=344): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000001140)="b805000000b9050000000f01d9f3450f01df66b8e0008ee0c4017c2b9b00000000f345a4c74424007c000000c74424022c000000ff1c240f015f000f01c4660f72e769de7d4d", 0x46}], 0x1, 0x40, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0xd5) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r4 = syz_io_uring_setup(0x417a, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0xfffffffb}, &(0x7f0000000540)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x20, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000005c0)={&(0x7f0000000800)=@un=@abs={0x0, 0x0, 0x4e24}, 0x80, &(0x7f0000000d40)=[{&(0x7f00000002c0)="bd88d530d66a0f10a4d8258311b56181a55bfe8402f4551e9a66eb198ab6871cde323e69cd2ef69c6505ed", 0x2b}, {&(0x7f0000000500)="f7721406e24757435380b07651bf3f042bb7015189fd40878eba332518882949", 0x20}, {&(0x7f0000001cc0)="39352ece8dd7e49e556b14e858f8781a42e6784340eb64881ad49035aec9e7041c154ffca5debd1b0d4ea2e42c696022c94ef6bae08043cab982dcd9f014e35514e3c746a197d379d2b2eb546571da9f04ce532620f785eb40581382e68fcdcf9f99d6a4036c42dc5b362985c08dabb13d1be938c2503bc7f33a5440779c4818ef4050848b1eedc5f86351d2afd1bc4c432d6aadee4ed20bcffbc52cf951b83e3a7935c6eac2b0273f7a8de8df29f02a979de4706225fe8ba225e4d6de033fb78f7089defac41888c24ed3953804432d188edc3a74d4137cdd91769b1a9f67411f003b18e28fc6e28efe99f55eedaa2c528867609a97118722c57988ca68e48938639c842a579e8cd0d4ad40f435de45fb5f3e17f7a98e2be6a10f516521849dfe9c6ac7cb71e9cd1aa272be0050678f91ebf6836c18ed15a1d449dbf88bfbe8da7c0cf15702dff1d4e8d9519bfbbe3532d8a433303fe7a7c9f0bfc4887f17796423609ce8da8cfa5ee8f894cc1694777bae6bbb51d59f2b3bcbd02433f4dcc27f261a665a2eaeb0df28c39539fb0e6b7f03f0e6c520d5c1753ea89ddd67d92bd057456233ec2fafcafb0331d7a97fb67ea841db7691380e0be5a410b04009514dfc374a452d15cf21470706d1eccb8a6ee9d8effb5dccabbeea5f8bc9d3a80c0f9345f2ea32a47745d87ad684dfb184d1527a6a92a230ffa0485dc6d58f34f5692afb218d775cf227d213f8dbf6256d5f683a07943afb76b254e662a175db39438061326c1643f417002bc6d881ffb6dc676998bd68d6eeba051a92b572646e72d84239d7ecc8646760144e06b08c4c72d7bc94801136050a5c112270eab3f76a60a7320b15de3c12ddd817bd009a595fdc66a1874d62a6cfee1ea65eb41bb08dcbaa119a0ff1ac79deaffc8d9316a61175e1fbe69ef96832bc01b3a91c50224f4749927e989aa77360930e0eb707ddf9247d665ab8d87008de7eeac0a4781f50554d4447b96e9445346b649e5cf1476d3735fa9b81f5080975877ea31905bacabf6d630de822c50e10bd0e5c861feb3979413441bc3d74720a0573273d1eecfe0618642c43c970792d303defc5b9cc934d9b5d468b03ff170ca8f2fc1badb5dde84734cbacc2bec585ea1f66e5a3f3c81fbad607809321868e9c456540c31eb6177f4c28844a64ed54fa7980609fb7f6da39ddd1e874eb29e0e9deb6eb39c4b00f5ce6eb1e9e07d9b79c06574e2faf57a8779edb9a41c5dd222e3e39419e98f5caa43212711a7c4941ad1ef7c643ac9b834e172987249281c3baa788897cf0231e6738fdc690cd500b0e9daf685182fbf47b7ad2653f639832251b8d25306b015ac06640e7b3365901724a00551bf4cdbb109f19e6e4aa5f15599e597b1e706d889d8f284931d431cd0bc079b28585bebba53283e3aa9803b7ae9a7636b1f0427fdc7520716c0870763bdc1da7f39c953fe18ff66551d5561d3ee07df91707c9ca97e18b5b5b24461f137adec7a51c9eb5d74291975881a82410b4f20ff1b2870d12a408acf7d8f90064212517c59471308111ef5983ebac4a1ad008b55508e2f2fbc6552eda9cbe3dd9c5d4dc58982dea16f021e794505bc01a3e7c3288732fb8dbe4b41e8f59c609e807c038f77aff5f63629be960d58264d462915c34b684debd2504f2ec8cf39512c05715d5eec8dfb2e74a34cc9a29622d7e876360bce2a226868fb1a25240714ae21b287f904868fb48b3a38d832577a8d0fe1b05a9bf78ccaaae0b935d890f12e7326f2130e64f84832e21b263913381b5dccad5d5cc074d24cb1d8a1df996c5bd527e13ab14c0e5362ef8e174e6ee60fc8095c643f2e283284865fa960ac182dc3d6e41853efec433628064659acd9eb794e4826fdc0b19e52bb45d679266336d3a11fa2b2bc942536146206ae3ff748c5e4303c39b8995ae55b8c9fd19dd880a95c281e8567d504152582ef2a86630d5e082913681751fe19de4a55ad546df80231f265093e98fe364473f15e7624e4d488357ad917eab8be7e54d4d297ddd54c330142a90bdbb8f0e78dd156ddc74c8ac91d986fd24c69e05e83ba652c66985cdb712b7655a410120d17680756faf8423bac0745bec9b0ebace20d6c4d2969f9642c7a12c0d8ff632d39d142143b69b70ae60444e4d87824abeee036e9fd0311d2e4cd0c9478220890a8122501eb153e283e91505d526261de22f3b75593861519c8993ff02829d0f2c105aac6360db575bdfaf0ddb8eed7d93559533a58d17691a69402b813e9cc8d54c601e4001aaa3ec013dab083e62c5cd4e90e01edb913351e098027c188c14a68e1f1a57be0504acc94bb3ed5edb9dad7d7411bbe10e9c859f30ec58b7b179f5654e7fe6fad19015d2ae5ea58e978f5c2039154c8374650e18c8de13909ae56ad1fa98434de50a1939f61d8c8410bde8159b5346a149a5052a07711314e8869a3996666c04e5b8552b416f413ff520b02a3c895e776fbc1b34bfd3be4e36f71ba3a23b993527fbcaf94c7fea3393e81e5f91aa33040eb0469d28240135d1b6165918659c1e58947dea2f72efcd11d12b5dc1939b00cd7b6214317d011edacaab6554b21d29377d5746480bccad30a8a28a9969bf4a924b798cc5fe915fbc0e2ff7e6c9b55a6ae23eef354879a609ba53f345f6e3fd5328b79716fe903e6c5ba641357e411b5c26f995d27b86a560f20e3d98e19c33fb744531074a7821c15b01131742af7376f21ef57b3c053ee365d65cf8b4b35334e38b41fe77a0f9efdeafc6033889d8e1b768d1b35274c1e653ae68ead7204ee2a88c018f736dced669ebdabd02831b81cb363cab7c90f5b1cc2bf50fdc45ed2805dea6be2bfe24a33d5fc5119fd8acc0f314c9c63e7f49351c4469cd2018edf8580ff58a0a3a79410cc634cd6d1efcb1a08acc9b4deb9f3abaf1bdacdfcf21eb10a634508ab4f1eee248abd331431f24883bd66f1e180fd8a8ea82292749bcc07a44f872569ac2e00346b7acdd205abb41abbdda138513a97bfd3266869ae677992e0fb87cca992f143b764363a836e0d711cc9cec24b75c4e8ae2b68eb7a26df9b08d94d5fd23b48d0269eafc41788b5753f43fe2d8659e55b19747bccfc7dc905c5f20fd7aa207b9b2377a38b55df620e5c8ec06b503bebc2d3fa722141b0c339801d42f6a01d68ce1ce82429626528f71d7b57dd2486b84e660ec79e492b8076b67280434416ea6317974f5d7177d3ed88c0463b996b3005e99db5d224c11ce0bdda7d9cf1a2fa0ed3f01116dfef811920612168e4b372a216288130f68a1b6ca913daf61d325d5f4882318e3b4d9413be7a391c9a9129e0d843531a9b2dc3fbcfba92d6d4f06f34c8dbdc35c70b88b7391785c8a2dabfe63d761dfe12f0b01ded4e2db4857c9c0d4169802a5f27bf4835d82a84adc6a5b72fd0ade6476b142eb434a9e0afe8107b4de94d3b8ee1fc43ff99861822ecb57189cd3a946d4c304e319f2d0429574ce4c9761fc173aa91b8091a79aa3845d5bacf72e5d360985adb8fbc67d45225e65fd62bde83d704106c96a7d5bd4cbf3e4ca7aaf1f75919a97c179212d9e93a46d97fda29bec5b85d7fde6a32e4318a745032a2e27480bfa087fd604a55da87562c761d26536040379a0be2f1c9bb56ddd08d817225f50a68413217a80e564b42205de650c2f9134d8f3760ecea4139f51ca036569060cbab8e7fa13a2b56de771641e240ddd69a5f00883392977a36b4b5c1aadd5b154c9c881fe9cb2d5cb3a7233304480db93d095cd7a21ce7b8312bb7e80f5672490032129d4e7369a38bfb207452f4dfe88feec195b6262ade3a76c8ade05de90796964bdb24f33236231110ec479f40401156fc2bd2d78e4eb117200b31efbe28fd3d72a390d7133d39899d2f05bd69416e1977955e8eb34a171e847b4f1748baa6af2945e3f7a7e8959f54eb476f19801e8ee8b005cfa933de95505deba7263c9ebe1361ee31dd04ad1597c7d63e4853e2cdfd16bddb9a91b65a2a16e83e68043389b7b74ee9a1d71424fac8b1aad49b1e0185cc89f4cc850e99b83f158499ee8989f3f1b7a430f13bad1cb3ff83c80834a9245ec5ecc39686d450b3f7c4659ee37b1ceb05d0943a643598a5e2b1bd3a9665bce94142afe0cf65bd4bb4454e97d499b270b2983a2a1590643a199d91cfed13f09cd65b1e0acd7cc373c76d800dac7bbe8c389cfb2b3d7f3f948a1624f4904ddf6350ed961cf6195e970a45b240f03f443a59976d0aeace58998b6c3ed5e845735ace1584d9e2e0b97dccfc04d4559cddbc3f3f2e9b6a925c7dc88a963ab6fa9eb2cbfc2a84ae07292225dbdc65b05cc087ed19e90080b35ed66dad2ac0ce46c73ddb887a22ea67e51aadb99ed0aebe4db97e823dc078162055f57c057c14a0106f8cfc36611560cc95cab903fe349a1927ef63ee06dbe8099258d45a424bf9585e249be5bb759bdfbf96741477a8cc9694991bb74aecb34a7dda4b34b5d68d770feccf8bfb1844c31a2818b6c7a2e797d4914f98fb32ffb3a39c773e51d553c1136d9cd9741f22409a80b9fe6d7b6b9391c701b1ec81e3cea5b495342a6cbd03e22ec00721dfe340da71d52b7181185db92e8e4a59b4195c52ef17feef4a4d16e657315fae2692a667e00da53f17fad2b1de37c910c513650c62acd484b3272283d26a0d690223403cdba1822cc102c5c3b60e325da5cef360b1661bfdbcac88a35f7b68aa17b0ce90b61bd6180e40fa5814fec5a3bc7786fac816fb0cfa26539c3831dc54df0c917f6d3e36bc1b4de5f46734e4dc007a5c1404d439128d2d5a1ee798a7bc9c3c35f5397f00e9006f5b369001a082d10d53b5edeec7f745a5d3547023bd7da516da32ac424f683f9e34c5f99ea6a010030d84b4fca3d4c928a421c95dd4a784eb2ed9283665c7ebc94588c79e9e15113bd6302e48b23306afba597e9a9848b0d297b67a2a3417a5799809b2b2fa7b576899239c3f1fb1d74e01af0bce7f19cf615500982dafc378fccdc97e915b653e9adccff581dd82530897a91cec32868d98972c69f2aa710061a35b10cd853ad841b7ca430096127a906626a15c1b2876f4560da663b71c2d00e6d23acc764378704a59fce4f1be5d819bb87d99d8a89465e543e6dceb50a9c7d282cb66cd36e72b8a59fa0378edb6b9f0a1e081c982d3299c71efd139e96f4da53738d099387ffb02a3a2544fcf2fd79d36cf1a248afac618016f8ccf66b5935f51d6adf43593d57ccfbeb1be64085ffdc1c2200fcc10eca8c83db8eae86ed2408395a764a09f9e8d87bd7288a1b144277a24ad5a13a0f0fb7ca432c06affad44437535e584fc0b407201aee00aa52c8984d94eae12c02a72b14c42f6c2997f1292ee94c9a2198304f187d67f85274a102b6658057a878f255d79f3ef48ede6aa6eaadec8b46a5c3e5bc1ae2d173e0443d22b27ef552e191c39af6e72273ad84984a4fbb5df31c3573525a542f15933f74e038a6aace61ee83a57922409b9204379e036aa9dcbf96257f0cb51ae77cc4bb4fcd8cfdf5a3768660b8c3039e07c7da6b022ef6f51d69a4de80bcef695e7e104a2918ab0e93e8bb8bf887c4e101a2fa23584bdd10271b0e0186a89b99d092f9783a2f2c3422544da0de56dd9a1ee4454f6b6fc00366cf0adac66cb6805b8f1382c3d6400dcd583b6f6be5b99011c7ac77bd5302b1104b6e96b6c2a1600c2f1b47722b38aabd64dfcb441171f98d9f273137feece25cdaf37bde017bfeb4da0dbf0b", 0x1000}, {&(0x7f0000000880)="d386c3d27edae5b4e7cd2e7ba046d26a66dbf53a62c26f5e8a84028f9431789970202b88605c5c280d61e0685259346cdc73cb868bf2059654c7745531405753096c3ff52c578cbfe16fd75df5effa937b2eeddbc2524870250d9505622bd38265325dc5a9b4c62002b276c827213981111f1bb66a1aeaada56a32f02cb4b5663a7e440b19f17ec078cca1bc128d4f331238878adb146c9dfabd2ad3c0e2d4246e7c5a7bd03bb23717f9bfb0e50d9e9fecc7f3eed76d31483a29034e6b049df39c2eee08ee6503ab5baf02a18b565e3fbef79361b468d8b60ae5349d1a0603af1390626762ad2efa96", 0xe9}, {&(0x7f0000000980)="26b5847501895fcae62b52f7f969bb4a3133c0faace95ece098c886923bd136836563dbdd1ac019afb09f5faf75e6f79504181e27a1ea6386769716a32cfbb55edec81394e774046766006aef1a5ae74533385371408878fb5f71c9d887df65ea1cc61ef845885bd5d24aa0161e3263ddd4d987286d0058d1ab7e127dbcbf743f2ed7278464a", 0x86}, {&(0x7f0000000a40)="7b27a6653fd528461d741a13d4b9119e8d8d98313db482ab8aa8d19baed09f5f490711ffecacda62bc5cb12195de01ac1bafffa1325c2d3e69bf94bb94fb6731ea232ffbd2488d3ce20341157328acb1db0c39101595057c62f9bb5c410c6ec4ddce62296bfa2bb93765f22879838be97949da5904088ce8f8162acb2292e80ffd47fe8d907988b653e9a6c94f2a3e20c3c671db3fb927b9f23726c9b7c4243bc00de3f9373fd7", 0xa7}, {&(0x7f0000000bc0)="0a160d1c6d80b49907c2a3d62ccd53f3912de9b45dfb08c97d994e172e8125973e9d2d428557e85a934d18d7e5734015e2120783669131f6d077963d029366b53576472b039743d991ce8f5fc784b0b8fe4d7b0b684f8a156babdd5a8c746a86e29972d2", 0x64}, {&(0x7f0000002cc0)="a4340746a827827b8a508ede5a4504a323e15fa693e6c202deb13edba4fdf6ec08e981d74aa2c95c4fd7df0f71a153f58cd50c3737be5911ec24c61859a51bf70b25e2729a70ae76641461302a92c69c88b1a34305c2ba32c93439a14c2560429e472ecb280cb9086a772ab0045ea05516449783d7c86fbd1c85a6269d6324c2345ef74d405e9555f2d66ebd3d01ac520c009bdf8e242b57e6d354b8bfb28a3f6b6992fbd8ca2e9db62202aa6fd0d6586ba4ecf640f132d00206228f50160b29025f7fe7d53ee3059b98c8fdf729b1a9df54fd09630819333ac2cc70d68df3199b1a8d8bfe7358d12487e177e2270c8c3dd0ef3e09b0080592321df4b372d1c1f4483b67324878f6a4d459dab849b0dab295d9b6bafb5b08b29e58166e0f3d2041ab5f550535b224f2620ac3980122a0ed6acda81428ef61ced6a8e59c8c58341c68a0047a29accb89336fb6900020429e7165b79ae18d229177e81a42c81f5334baef58c5b04c620365e30a40ab6e68549e34dba58ac916ba8c0d09b2b17a4f55b777f4b016322e52d719a28dcf4d47f2303140da7d419997074a9669efddb88c1d1530e50b87251243156126839059a294d58c2791029390df9c853558492032c4a8f48229e949face28b578601452288ff0f86f8b91cdac64e7f23c18ed771abb94b6311cfb505a04799195114d01fc9451cc633eeabddc3b94fde462dba694ff74c66bd603fb97bf1cd152af7a9b3e8e975295b36e103442029c5f0f310a6e00aeb09b2d3c70ebc5a5db7dff4134f0b9419d58999b685a69aa36c62f45fb32bcfa2c6f98d8a8601c51b44eec166ea0c745fb90ef9433ad23a542056404c477a6b70ede1d5d177320564360466c43359461833e88b32a144140870737987751d6757e7e6fe719ed999b7faa06a6072462efaeb309271f5319f07347a8c7596dd4a3ccb089f4a5aef8387428308b656a2f601bf29f3d50594ce4618687c62ea0d060fd99e09a6d0bba8fa0e4d6ae5f65ca4780bdf1e706cea1f4c6189c2249b11fdd305704e184a41a2224f4e86af977b69a22db5c74e124aebc39441f51b96a8f8f299791dca0dfdee504cebbbb464a80f5b4b79ea60601b94f6ce85dd97cfbbd756c9179b909a8fc40f9c510b9105f6c0a11b9b5617633b8367b697019dc4e7e454011b06abfef3ce08c5dd3bc82cc22fa03dd779d6adb7e11052620ad0ab7dc2e774409e5390807fd5e8bb53fb759515c71093a2610b5cc37c4539e67adef95ea67b8f0ada68d1f05d88929d885e21f7e89a66ed1b6ef967f380b033bc26fc56669d85fd4b153c2cf817368eb66cad38c3eae3dac851c96137a3c4884c0205a8726cb3f0240b53c56240df5f01bcdd4ac058862f654f918c442525f250417dcbef896ef2039dee843819566e4157ae35fb7ad989e788beeb08c14d1a1f7178de6802d63818724390fe3bdd479f34e3f1bb6bb99256c7f7b641b5d17dbed0bf37578dea1e7a0d52a6fc7ccfcb0010cebb6e4f82246656e90ee7c11b388d4cbf3223b2eb506bb7bad49cb8db77216709f4aa87ffb6d46fb843ac5ef397a508240e866d9e173352af75063b4a0bbec984f2ec32bb219197b0aa35d6dbcc0adb80802f89f45aa11d55ba8b4c494d25866313242005458070f3756cc07ce250a41dc4cee217e1632d3404bcd242271db8ab4c0f7596d9382d4f904d4e6782d630c81e16b5b0b551fa672da73c1a98bba5581ddc6af7f691782f5c45d5ca56d41f142532a756f7be4ee94976e48f8664a66078a7201bd0e7352ce5b8b2a5dbf51e91daf1041a23d4c70c462d9bc9f370c2677a8d91f6ab3dbd4099b966b840319c4ae3cb597560730270f1c48f10c7740b852733269c6a7b642c9f08764ef466221e91b0de9d9a6eb8090b5e2657cacff8a6615fe98a2972a6a38e68eebdf70dca5ffc9e13a5b9c4d25e0880880aa80c4d077f5a0047fe875ee796338c18d1db7aa0dbbc03de5bbc216bb04696d27cd1f19c219bcae01bcddca0bd71125dd7020d6ac7244f36a144844f0c4b49fc350f22c3cdf2965bfe9f1b0e44571eed12c29b7b92c04003ea69b89d1578f89253087b469f3eba5811b0bebdd372d1129567b4f40e995b65c26f63687ce4d87342b4f6170cbf99846266a7b6ecca37283bbd610cc7163d2d66f61352250cff415c38924765b5d4ded275ae3833f9f2241605766ae9e741822ab69182a2da88c5b9fd0ee70b4c5178eaa0049eb516fa717108f1c774a09228aff869e864a86ed4804c04581a1c9a5875232d9301dc9b40673c38c70e643611a2abb647a1ba36264d2bf1cc1b6857b5fc81bc989fbe6205b978cb846efd441ec20bda05d413035718f2aa260f2b4e2844b2a520438151cf5fb99123cfe4771b4bc388b14d765c897f3e1c02154f13f61b10fcc7eb6b3ee1a13d33315a2b80ad9f413e80047fa12aabec578e67d58b71a5822a62d2ec54c49d2e88fb76293315093f0669491fbc2e381bdac8283e9e90f64352e8c54d51bad3f6c2bad5eed78af78f9aac63cf1c5e35f468bd1c4cad06559435a39f636482179d00b06e1b668a30ccdcdbdf70048aefbb6d944744df481392e5fdc888a4ef99d9113419b293492729995e05a9a670e617696a6e94cc730fd5254fa1275e4ac9aeeddf491e26ce3d3c2f73c0ada68eb139a3b354906ad15f5fec4ff108727667e966e59764ddb8290ef2be6d2ecf2989b50de2b79599ae9a2628690e5a51f7bd3b014be6ddb8e896fcbba07e79d92c9f585ff283b97ea09de267071a2c344397399e18a028e4cdbaed6ef5587365d6edee44a28b5a637f34fe38c4c380987306168d334a6ba3d73dc6edeaa979cec1969ecaba8731094ed2e5dfc3ea5b6d8320458691ec67653fe57a826f241f3996c9f6ba80bd6c4ad62a028ddf0372ac3f20d1600b7d6c4087601e215b2c9805b78a82d3afef1873883aef8ab04eb092a9f294af6c2d92ba91a7870b62d2a10be7949fe02df3b34705afcee076284cc1d23e572430709bb2336923374a4ca068ba736bf643852decf933db74636db2c1bc9437949d9a96229597f0e29f2a89ce2c7376d07221e8ddc8683d9da7d557a040227b8c729359be39a6f41e9d117d3ee233b1931b5881362e0bc49fcd8d09ba4068d82f6e66b9cb114c442a08b15052717f88f5a970f7eee14f77760eb3ba792f5fb962b3afdf69358b0ef41cd7c6e7a165a04c8c5e9893e899d2e7316c0b492e7b27c28a9f0e5c55125b971d3a36d4dcc14c579be1006d8050d2327dca52f0dad3fd2804bc3e19ea275892925ea4ad481b785fd7d108dde6099a710447715ca2e6137e49c9222d7cb74158c3cffadecab5dd5cd79acc33a0e50a6fd0a0345bdfde675ab60cdb4e3e853a7b4435349b07c6a704307d1da217c7aed6d6bda1227047841c545efbb81dc610a743d3624da167f1dbdbe279de46387deebb17cf6967f584baea34b53204e1f19ba3517bd886678be5eb076fccce1edc43cfb46fb7f8811190ec298f4f736a3b38606b23987b7a1c8b740ec19b2a7138942b1123c6ca6ae66e9d1e5ea017f04235d32d82d402e45dac2a49497e035bb378027739cea4ec76ec236a07713ae5457355ab4537d886cb2a46340daeea378962a1396e8a6c165f54f7c4d5ce186dcfc79af13029eec928afb36f2fbd4ed8602d6622e727a36e98bbaa4374e00bbcf7752a8e0632f331a0ce058ad27100529705332f3d8e0f103c6f493f0ffc192b776983efe9db25d698f8082257b1684113197ec6e173bbd936a2819ccda51225f8f9f36eb368bd031b240b6cc273f30d50c0f604660c3036176e097e9d1b75cd33e0c15c23b70e07e5b2aead7bcad1d3d277b3e0135e06ed8bcc5686c9a335f1461680601d2a3b648755160a1688834ede9e96232ce02ca31eaa260a2157331b53c7cea4ef504a313b589075fc1718558dfa0b3addc2f67e60c04f73f77324f77a40897fa61bf2567f8244b4a0358cff7503006f658590b0a62981000f2efb3e619213f18beff9f51c08c5ffa3b71d9fe3ce8b457a5f79983bdc4f92d855385dcc8cf53d0a988d43ab251a32d76d79de9428d125c734ae1af43b6d03e727835be9b44f79f40a5f4b67c850499c805cfb6de523d6d0c4af130eada4464c31e8c0d3a5682374299f34391e738a6ab3beaca70d3164cb564ec07164fd3d9a4f3b34562490f0d330c20d92eef8c5b24df0703d148105a803956562abbf79fbba401c4f26acf87b1b14bde1bc397438d16ae4c81cd431829d61cf80dbb401b2345ea3f622620860de582e8eea8cafd8678fa10a0eef9e0e5755defc259d45a7f10909e1314b8703642a82545bd7af40c591f13b39f4f937aead13e75bbbd3f413afb837d56e33f7e10fbd4c1a28429b399023d29ca347c8464ad053a917249fcbb76fc5c6fc0e197d43c73466258900dbb0fbc5cef43efbaf75043fde9f21a41242bf51f9d4165dafbb79354a7f6aa2c16f1cbe9afdadf46020ae906f9d2617b4fe1cb2f8e66400bf9dd7b2c20cc3f39b0a48ee39d84f4b179837efd351f87a7660b611c18b4797be97ff8e76ffdfae9a91c2498943ce8ed2410e7cec2e08c1db7967e9b0f46ad0cdda2e5d7ace073b63fb6335cded8e6c36f45b507358f7294b0763eecb7b87aa4f908ce39c488675a531af74fc36d814a1146f9c886929bb5e34c391db6b03551c6f3b819ad3190089c4db8195115ed50a41a64ebae2914286b6d817cbaa1213730324790d65d25c87628e46ddf89b1424841e57721459a9de54f3eb913192a802878638e42f133bb8213559c0f1c9c11febb49773ea2d0c25c32b3c5f4e9a5afe05f48684833f573101c7b2526939abfe505192b64a8e999e0fd0aed29c898dee554cb7665f40ed3544d1eb3e3e50c37a47c9a40254d5193be8d6d5e376d2d7d86b335d0a062965e45504def2f7427c45d99c2aeb8ad70731f68b8688f347d8de1db8d6cd25ca891ec6d75d1d97d53f8fe0e8cbf1b10a491424cf189df161b7fb6b3d69d40dc3aae7e7ae61103036ede90011f1e0c9d2c5b0e997d405ed0a08e6aea75e854e1b67abde61d812d10306ea71c1d74114cec350a613f23e9d9c79f9c82362783f1b72bd6b7ee4ec0d3cbf853294003d0f1806bb2b68a0a8e669696c531308e411fcb1397f5f02cb3f4fe9fdd183abc639c70444c202669557f52dfb9240006f133ae29e270e65315886490801fd5042688752f6e949ad2086511aababac7bcb08e5b829b1d26d422a54dfd8beb8e5ce8aff0c94950aa8d74c57ce07418c3fd99b65b0ca37aea5da1262825cdcab11fc2bba3bb8a3a70ea31954f237bf0ed6aa562da8664eb5167426e7b8098cbe1863f34d8f773b89c03371a894cd57a3aad8c5b495536d0308e0ed3c7950335b00bbdc783a1b9e097fec67d7f585e88e98e1b0786d6783231127d46bec59e52b838c9e0ff6e113b822dc8db1d0e118cf4ca5585022bec3dbe1efbd09c37e5518a6bb7f68568a114a4a6063a77c4002162058c384cd485aa054e7810b0a8ddbef9b620dcd5ae5fd113a6dce845c4929631e7edf4a50d91043a787f43d0f6fa1d10ae30065b199763eca0f536bf94c3c7afab614c51ec5852027a5cbaa85aeba031e9014b2b40d1dad73aee4c267575ef7ad04d1c6a72dd9fedb9aa10d67b9bbe8f019f6a79b73f563fde4747d509841632f953b82eb4d70660967ecc553529951c52128efcba846ed97a2fdb4d61d46341477a4d072c45916c80e943522ec970ba60", 0x1000}, {&(0x7f0000000c40)="08e2a32e67fb3c504d483805516e5326c8f106cfc773ee41dcf12037a13c8c7aa63e309ac147fad4a0a12cbf8b957172ecdb860c5cab1bd31c1c9e4c10dbf9164478ddc79d34175053eabbefca48f2a404e28726a7aa751907c61f406ea2b9935a6d03ea641e189e1b9252a74e98d75792957d5240b70d57ece1b00a4334da2aaf6ed127235147e26c79304593a0e83232d185b1ad74c02f12be03cb809de1b704a3e35d90e0f3506d8b1b2e7209cd5ec336c2068a2eeceb048db0abde6dbe60b69304094339fdf090a09bc481344d945b2825aa5466abd756285a1a5982c8e89d4971d869fc90760feff052cde06e", 0xef}], 0x9}, 0x0, 0x40800, 0x1}) io_uring_enter(r4, 0x567, 0x0, 0x0, 0x0, 0xffffffffffffff10) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001b80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000001bc0)={'wlan0\x00', 0x0}) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001840), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000001880)={'wpan3\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r10, &(0x7f0000001980)={&(0x7f0000001800)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001940)={&(0x7f00000018c0)={0x4c, r11, 0x120, 0x70bd2b, 0xa09f, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r12}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x2}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44001}, 0x20000000) sendmsg$NL80211_CMD_SET_MCAST_RATE(r7, &(0x7f0000001c80)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x24, r8, 0x1, 0xfffffffe, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xa}]}, 0x24}}, 0x8000) r13 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r14 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, r13, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r15 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r14}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) write$tun(r3, &(0x7f00000019c0)=ANY=[@ANYBLOB="ecffff06000108000604aaaaaa00ac1e01010000000000007f000001"], 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r13, 0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000180)=r15}, 0x20) r17 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000001a00)=ANY=[@ANYBLOB="9febb2f2a627146250e6002fe177f6000c000000020000000000000000000004000000000000b7b2bdfb9c215fae092f5675c10baa51dcc4c16cea9e4fd44f1d0dd9331aa59ec41e9248c2ba947572a8a0804a2f04a9ac0ed1e5acd232e95f6f99fbad334f16ce"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r17, 0x20, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r18, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x20, 0x16, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r16}}, @jmp={0x5, 0x1, 0x7, 0x9, 0x6, 0xffffffffffffffc0}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3ff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r13}}]}, &(0x7f0000000480)='syzkaller\x00', 0x2, 0xff, &(0x7f0000000600)=""/255, 0x41100, 0x17, '\x00', 0x0, @netfilter, r13, 0x8, &(0x7f00000004c0)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000540)={0x5, 0x1, 0x5, 0x1}, 0x10, r18, r15, 0x3, 0x0, &(0x7f0000000580)=[{0x1, 0x3, 0x4, 0x8}, {0x2, 0x4, 0x2, 0x8}, {0x3, 0x2, 0xa, 0x5}], 0x10, 0xb5, @void, @value}, 0x94) 1.04184795s ago: executing program 4 (id=345): r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82) (async) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000005c0)={r1, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598904004ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dac00000000000000000000002000", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}}) (async) r2 = syz_open_dev$loop(&(0x7f0000000000), 0x1, 0x8000) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000480)={r0, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x13, 0x19, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4bce00d9683dda1af0ea80000000000000000000000349e69bc41c7f62600", "2a09e8dbe10803305500000000000097bdb22d0000b420a1a93c75403dd40600000061ac00", "90be8b1c55f96400", [0x800]}}) (async) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x1, 0x0, 0x7fff0000}]}) (async) setsockopt(r1, 0x9, 0x7, &(0x7f0000000040)="f49b78a19b6e1ee0db7bd666a615efbde58a39b28914b3f58a", 0x19) close_range(r3, 0xffffffffffffffff, 0x0) 946.779889ms ago: executing program 4 (id=346): setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000640)=[@in6={0xa, 0x4e21, 0x0, @private1, 0x7f}, @in={0x2, 0x4e20, @private=0xa010102}], 0x2c) syz_emit_ethernet(0x82, &(0x7f0000000680)=ANY=[@ANYBLOB="ffffffffffff1704b45adbde0800450000740067000000019078ac1e0001ac1414aa05009078e00000e0460000000000000000110000ac1414aa640101028303008913b5e00000010a010101ac1e0101ac1414bb442c0003ac1414bb000000000000000000000000ac14143a00000000ac1414aa00000000ac1414000000000000005f429f48b1419a2d911589"], 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x2, 0x6, 0x510, 0x350, 0x280, 0x280, 0x0, 0xd0, 0x440, 0x440, 0x440, 0x440, 0x440, 0x6, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private1={0xfc, 0x1, '\x00', 0x2}, [0xff000000, 0x0, 0xffffff00, 0xffffffff], [0x0, 0x0, 0xff], 'sit0\x00', 'veth0_vlan\x00', {0xff}, {}, 0x0, 0x0, 0x6, 0x41}, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000000000000}}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0xdb, 0xc}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [0xffffffff, 0x0, 0x0, 0xff000000], [0x0, 0xff000000, 0x0, 0xffffff00], 'syzkaller0\x00', 'team_slave_1\x00', {}, {}, 0x4, 0xdd, 0x0, 0x2}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff, 0x0, 0x7}, {0xffffffffffffffff, 0x80}, {0x0, 0x4}, 0x3}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @HL={0x28, 'HL\x00', 0x0, {0x3, 0x5}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@broadcast, @ipv4=@empty, 0x37, 0x38, 0x5}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x570) 759.530906ms ago: executing program 4 (id=347): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x240480d4}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x5c, 0x2, 0x6, 0x201, 0xe4340000, 0x0, {0x2}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0xa}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x44080}, 0x2) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="66baa000ecc744240011000000c7442402b16e0000ff2c2443f466baf80cb8f2c96789ef66bafc0c66ed0f072e0f01c248b820450000000000000f23d00f21f835000000010f23f8c46289900cabb9f9080000b8c93c0000ba000000000f30c4816857a601000000", 0x68}], 0x1, 0x0, 0x0, 0x0) (async) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="66baa000ecc744240011000000c7442402b16e0000ff2c2443f466baf80cb8f2c96789ef66bafc0c66ed0f072e0f01c248b820450000000000000f23d00f21f835000000010f23f8c46289900cabb9f9080000b8c93c0000ba000000000f30c4816857a601000000", 0x68}], 0x1, 0x0, 0x0, 0x0) sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) (async) sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r4 = accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000040)) getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000000c0)=0x14) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) 679.822325ms ago: executing program 1 (id=348): r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) (async) socket$netlink(0x10, 0x3, 0x0) (async) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r1, 0xc0a85322, &(0x7f0000000100)={{0x0, 0xfa}}) (async) tkill(0x0, 0x7) (async, rerun: 64) openat$tun(0xffffffffffffff9c, 0x0, 0x4000, 0x0) (async, rerun: 64) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) (async) socket$nl_route(0x10, 0x3, 0x0) readv(r2, &(0x7f0000000180)=[{&(0x7f00000002c0)=""/149, 0x95}], 0x1) (async) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x14, 0x3, 0x1, 0x101}, 0x14}, 0x1, 0x10000000000}, 0x0) (async) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000080)=0xf4240) (async) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) vmsplice(r3, &(0x7f00000001c0)=[{&(0x7f00000006c0)='=E', 0x2}], 0x1, 0x4) (async, rerun: 64) ioctl$AUTOFS_DEV_IOCTL_FAIL(r3, 0xc0189377, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x8, 0xfffffff9}}, './file0\x00'}) (async, rerun: 64) ioctl$IMDELTIMER(r0, 0x80044941, &(0x7f0000000280)=0x1) (async) read(r0, &(0x7f0000000040)=""/42, 0x2a) 567.391768ms ago: executing program 1 (id=349): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0xf8) lseek(r0, 0x3, 0x0) (async) getdents64(r0, 0x0, 0x22) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000440)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)={0x24, r2, 0x1, 0x0, 0x1000, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x24}, 0x1, 0x0, 0x0, 0xc0400d0}, 0x0) (async) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f00000000c0)={@dev={0xfe, 0x80, '\x00', 0x32}, 0x4e, r3}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) (async) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6}]}) (async) mkdirat(0xffffffffffffff9c, 0x0, 0x0) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) (async) r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_PEER_GET(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r8, @ANYBLOB="030b0000ffffffffffff12"], 0x20}}, 0x0) (async) r9 = socket$alg(0x26, 0x5, 0x0) bind$alg(r9, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58) (async) setsockopt$ALG_SET_KEY(r9, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) (async) r10 = accept4(r9, 0x0, 0x0, 0x0) writev(r10, &(0x7f0000000540)=[{&(0x7f0000000180)="af74", 0x2}], 0x1) (async) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r6, 0x401c2103, 0x0) (async) sendmsg$NL80211_CMD_VENDOR(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x1c, r4, 0x701, 0x0, 0x0, {{}, {@void, @val={0x8}, @void}}}, 0x1c}}, 0x0) 480.085708ms ago: executing program 4 (id=350): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000340)='./file0\x00', &(0x7f00000004c0), 0x700, 0x0) mkdir(&(0x7f0000000180)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@userxattr}]}) chdir(&(0x7f0000000140)='./bus\x00') mkdir(&(0x7f0000000080)='./bus\x00', 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000180)) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_DEL(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000200)=ANY=[@ANYBLOB="48000000020903000000000000000000020000060400020008000640000000000c0004800800014000000000100002000c0002800500010003000000090001"], 0x48}, 0x1, 0x0, 0x0, 0xa804}, 0x48000) 417.879553ms ago: executing program 1 (id=351): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x1000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x5, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x2, 0xfff0}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x8}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfff0, 0xe1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r0}, {}, {0x15, 0x0, 0x0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000980)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 299.200692ms ago: executing program 1 (id=352): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="ceb70000", @ANYRES16=r1, @ANYBLOB="010025bd7000fedbdf25010000000000000007410000001400180000ffff7564703a73797a3200000000"], 0x30}, 0x1, 0x0, 0x0, 0x240400c0}, 0x2000c004) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="13000000100158e4a1e395a300000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x60) r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="4000000010000104000000000000000000b00a2eb78f000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b0001006d61637365630000100002800c0004000000010000000000"], 0x40}}, 0x0) write$binfmt_script(r4, &(0x7f0000000780)={'#! ', './file0', [{0x20, '\t0\xe5\xb4>h$\xb0^\xc1\xab/\xb9\xf0\x13\xed\xd2\x05\xdfn{q\xac\xca\'\xef\xb0*\x11j=\xfb\x06$pY\x1cD\xd4\xf3\x98\xc6\xf1}M79?L\x98e\f\xb5\x0f\xfb\bH\xa8V\xc9ty\xdaJ9E-\xd0Z\xf4\x9b\xa0\xf5\x92\x06\x1b\x81\x03\xb7\xb0\xe3\x88\x85}G\xd9\x05\x85Jn\x00\xf0\xae\xf7\xe22\x80[\xc62\'\x8e\xafC!b\x12\x9e\xd6\x0fW\x03\xf2c\xa5\x98h\xf9H\xa2\xa8\x83\xcb\x1c\xdd\xdc\xd2}\xfezZ\xc5\xd0ua\xd7\x06\x00\xa8\xf27\x8cU\xc4\x11\x1e\"`\x06Y\xafZ\xefK\xb1\xf0\x99\xd6\x1b\xed\xf5\xb7@/\x9d\x11\x9b\xe5\x9dP\xff\x99w\x81\xca,\x9a\xfc\a\x99\f\b%\x90\xd5\xd8\xb7\xc07#\xb7\xb5\xfc!i/\x05\x865\xeawWV+\xcc\x8c\xd3\xb5\x03\xff\xe0\x00'/233}, {0x20, '\x00{aU<7*g\xa0W\x110\xba\'\xd9\xad\xe4\x87\x0f\xbd\x0f\x1d\xfd\xbf]8\x0e\x1d\t\x12\xa2L\xb6i\x03\r\bYK8\xc9c\x99S\xc9\xed\x8b|\xc8r\n\x80\x04!\x80j\x9f\xb6s\xed1\x96\xc5\x16\x0f|h\xa8\xc9]\xfc\x1c\x97\x1bQMP\xf8\xc7\xea\xcf\x90\xad\xbf\xc1:\x96\xa1\x8a\xb7)m\x9e\xc81\x85qL\x06\x81\xa0\x1d\xd2\xc7\xe9\xe8V\xc4\x88I\xdb\xdd\xb1\x98yC\v\x9d\x1e\xad\xcbQA\x83\xd2e\xfekH\xe2\x86\x01;+\xea,a\x94\xce\xb0hJ\xd6\xc4]\xca\xf1\x8f}|\xf5Z\x9c\xc9\x1f\xd9P'}, {0x20, '\xa4\xdfy\xf5Y\xbf\xd9i@8\\\x87h\xa6\xa0\xa43\x84\xe7\xd5\x98\xe8\x01\xd3\xf0\xc72\xdf\xfb\x00\xfd\xcd\xf2q\x84\xcb-\xf3\x92\x12\xef^~v\x10/X\x1e\xc3\xb1T\xf4\xd0m|\xabr\xc7L\x9b3\xbeCJ\xad!\xb2\xb5g\x7f\xe9W\a\x00\x03=q\x8a\x83|\\w\xe1\xf3\xf1\xe8\x83\xef\xe2\x8bU\xebG4<\x1b\a57<;\xefm:?\x8e\x16\tu\xd5=\xc6P5\xd7\xeci\xcaI\x15\x00]\xc6%\x94&9\xac\xa9\xe9k\x99qc2\xc6V6\x1e\x1c\xeb\x9e\xc78\xb4y+\x85\xc4\xfa.\x15\xe4\x11\xa2\x92\t\xde\xa9\xdc\xe1\xfd\x98\xd2Ja\'r4\xe3sFv\x02\xa6\x8exO\xd0D\x8ea\xc3g\xe5V|@1\x15H4(\xb8E\xa4\xa9\x8bp:\x82k/.:\xf6\x003G(\xd4\xfc\xa0\x01\xe3Q\x805?\br\xc2\x96(y\x8c\x95\xf2Rx\xca\x06\xea\xf43\xf2/8L\xd3u\x87m\x96\xfc\x9cU]\xffiN\x14\xe7-{\xea\x9f\'D\xc0\xeeqA\x1a\xed\x8d\xc8\xad\xcdZS\x1b\xb6{\xfa\xa8\x84\nd=\x0e\x8fc9\xf0\x7fK\xd7\b\x86r\xac\xaf\xd0\xb6^y\xc5\x03c\xc22\xa9R\x90\x9e\xfc\xce\x957O\x06]\xdcZ\x17\xb3\x1bb\xc9Dm\xa2\xd3\x91'}, {0x20, ':\xf8@\xa5\xd1\xf7\x89md\x1d\x92\x8b\x12\xda\xce\x17a6\xeb`\xd8\xaa\xbc\xed\xcf\xe8\xa0>\xe9I\xe4\x87\x0f8\xfc\x02\x1d\xa5\xfd\xe9\xb4\xa6F\xd8yp7\x85\x9fqj0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r5, 0x0, r4, 0x0, 0x1000, 0x0) write$binfmt_misc(r6, &(0x7f00000000c0), 0xfdef) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xe, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r9, &(0x7f0000000740), &(0x7f0000000000)=""/8, 0x2}, 0x20) sendmsg$NL80211_CMD_GET_WOWLAN(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000040)={0x1c, r7, 0x301, 0x0, 0x0, {{0x5}, {@void, @val={0x8, 0x3, r8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) syz_genetlink_get_family_id$tipc(&(0x7f00000001c0), r3) kernel console output (not intermixed with test programs): [ 37.913962][ T39] audit: type=1400 audit(1739514463.263:82): avc: denied { siginh } for pid=5900 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 38.878206][ T39] audit: type=1400 audit(1739514464.243:83): avc: denied { read } for pid=5341 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 38.884361][ T39] audit: type=1400 audit(1739514464.243:84): avc: denied { append } for pid=5341 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 38.890590][ T39] audit: type=1400 audit(1739514464.243:85): avc: denied { open } for pid=5341 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 38.896719][ T39] audit: type=1400 audit(1739514464.243:86): avc: denied { getattr } for pid=5341 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Warning: Permanently added '[localhost]:35886' (ED25519) to the list of known hosts. [ 39.841076][ T39] audit: type=1400 audit(1739514465.203:87): avc: denied { name_bind } for pid=5924 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 41.625611][ T5927] cgroup: Unknown subsys name 'net' [ 41.747661][ T5927] cgroup: Unknown subsys name 'cpuset' [ 41.750873][ T5927] cgroup: Unknown subsys name 'rlimit' [ 41.924412][ T5936] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 42.590814][ T5927] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 44.961458][ T39] kauditd_printk_skb: 17 callbacks suppressed [ 44.961469][ T39] audit: type=1400 audit(1739514470.323:105): avc: denied { execmem } for pid=5938 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 45.192297][ T39] audit: type=1400 audit(1739514470.553:106): avc: denied { create } for pid=5942 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.200904][ T39] audit: type=1400 audit(1739514470.553:107): avc: denied { read write } for pid=5942 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 45.207578][ T39] audit: type=1400 audit(1739514470.553:108): avc: denied { open } for pid=5942 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 45.214045][ T39] audit: type=1400 audit(1739514470.563:109): avc: denied { ioctl } for pid=5942 comm="syz-executor" path="socket:[3909]" dev="sockfs" ino=3909 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.224797][ T5298] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 45.228368][ T5298] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 45.230994][ T5298] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 45.234475][ T5948] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 45.237661][ T5948] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 45.239955][ T5948] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 45.242040][ T5948] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 45.244749][ T5948] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 45.246967][ T5948] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 45.250349][ T5944] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 45.252493][ T5944] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 45.255151][ T5944] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 45.260570][ T5953] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 45.262971][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 45.264063][ T5953] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 45.265315][ T5950] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 45.269917][ T5953] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 45.272791][ T65] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 45.274583][ T39] audit: type=1400 audit(1739514470.633:110): avc: denied { read } for pid=5946 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 45.277407][ T65] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 45.280803][ T39] audit: type=1400 audit(1739514470.633:111): avc: denied { open } for pid=5946 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 45.285340][ T65] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 45.289975][ T39] audit: type=1400 audit(1739514470.643:112): avc: denied { mounton } for pid=5946 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 45.292340][ T65] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 45.293099][ T5957] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 45.293323][ T5957] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 45.293425][ T5957] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 45.428304][ T39] audit: type=1400 audit(1739514470.793:113): avc: denied { module_request } for pid=5946 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 45.473925][ T5946] chnl_net:caif_netlink_parms(): no params data found [ 45.522694][ T5951] chnl_net:caif_netlink_parms(): no params data found [ 45.534760][ T5942] chnl_net:caif_netlink_parms(): no params data found [ 45.568405][ T5955] chnl_net:caif_netlink_parms(): no params data found [ 45.703751][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.707758][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.710753][ T5946] bridge_slave_0: entered allmulticast mode [ 45.714105][ T5946] bridge_slave_0: entered promiscuous mode [ 45.756516][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.759114][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.761054][ T5946] bridge_slave_1: entered allmulticast mode [ 45.763169][ T5946] bridge_slave_1: entered promiscuous mode [ 45.777613][ T5951] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.779694][ T5951] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.781669][ T5951] bridge_slave_0: entered allmulticast mode [ 45.783833][ T5951] bridge_slave_0: entered promiscuous mode [ 45.857522][ T5951] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.859504][ T5951] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.861371][ T5951] bridge_slave_1: entered allmulticast mode [ 45.863553][ T5951] bridge_slave_1: entered promiscuous mode [ 45.875035][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.876967][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.878866][ T5942] bridge_slave_0: entered allmulticast mode [ 45.880760][ T5942] bridge_slave_0: entered promiscuous mode [ 45.892901][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.895382][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.897389][ T5955] bridge_slave_0: entered allmulticast mode [ 45.899548][ T5955] bridge_slave_0: entered promiscuous mode [ 45.913551][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.936092][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.938046][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.940133][ T5942] bridge_slave_1: entered allmulticast mode [ 45.943248][ T5942] bridge_slave_1: entered promiscuous mode [ 45.962674][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.965374][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.967427][ T5955] bridge_slave_1: entered allmulticast mode [ 45.969540][ T5955] bridge_slave_1: entered promiscuous mode [ 45.981085][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.987396][ T5951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.000911][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.028046][ T5951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.032736][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.037866][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.101345][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.108434][ T5946] team0: Port device team_slave_0 added [ 46.113418][ T5951] team0: Port device team_slave_0 added [ 46.119104][ T5942] team0: Port device team_slave_0 added [ 46.131517][ T5946] team0: Port device team_slave_1 added [ 46.135014][ T5951] team0: Port device team_slave_1 added [ 46.138555][ T5942] team0: Port device team_slave_1 added [ 46.207098][ T5955] team0: Port device team_slave_0 added [ 46.210240][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.212270][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.221956][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.257152][ T5955] team0: Port device team_slave_1 added [ 46.260145][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.262712][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.273402][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.279334][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.281982][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.292245][ T5951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.296027][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.298658][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.308384][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.330592][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.332575][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.340447][ T5951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.345622][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.348210][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.357753][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.377648][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.380407][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.390255][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.417670][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.420400][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.430248][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.488621][ T5946] hsr_slave_0: entered promiscuous mode [ 46.491573][ T5946] hsr_slave_1: entered promiscuous mode [ 46.547787][ T5955] hsr_slave_0: entered promiscuous mode [ 46.550382][ T5955] hsr_slave_1: entered promiscuous mode [ 46.552184][ T5955] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.554761][ T5955] Cannot create hsr debugfs directory [ 46.586498][ T5951] hsr_slave_0: entered promiscuous mode [ 46.588526][ T5951] hsr_slave_1: entered promiscuous mode [ 46.590960][ T5951] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.593080][ T5951] Cannot create hsr debugfs directory [ 46.606290][ T5942] hsr_slave_0: entered promiscuous mode [ 46.608467][ T5942] hsr_slave_1: entered promiscuous mode [ 46.610410][ T5942] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.612586][ T5942] Cannot create hsr debugfs directory [ 46.851533][ T5946] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 46.858889][ T5946] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 46.862783][ T5946] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 46.873498][ T5946] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 46.899617][ T5955] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 46.905471][ T5955] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 46.912011][ T5955] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 46.917076][ T5955] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 46.947088][ T5951] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 46.950400][ T5951] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 46.955786][ T5951] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 46.967959][ T5951] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 46.986767][ T5942] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 46.992086][ T5942] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 46.998387][ T5942] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 47.003238][ T5942] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 47.059635][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.078055][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.096654][ T5946] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.104020][ T1260] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.106257][ T1260] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.111054][ T5951] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.120194][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.122221][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.130784][ T5955] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.138627][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.142684][ T5951] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.147617][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.149705][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.155686][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.157635][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.166924][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.168971][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.172899][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.175003][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.180587][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.192491][ T5946] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 47.195803][ T5946] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 47.201395][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.203876][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.209961][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.212703][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.243477][ T5951] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 47.245874][ T39] audit: type=1400 audit(1739514472.603:114): avc: denied { sys_module } for pid=5946 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 47.246766][ T5951] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 47.301710][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.310739][ T65] Bluetooth: hci2: command tx timeout [ 47.310743][ T5944] Bluetooth: hci0: command tx timeout [ 47.311146][ T5957] Bluetooth: hci1: command tx timeout [ 47.318208][ T5946] veth0_vlan: entered promiscuous mode [ 47.322645][ T5946] veth1_vlan: entered promiscuous mode [ 47.334428][ T5946] veth0_macvtap: entered promiscuous mode [ 47.338768][ T5946] veth1_macvtap: entered promiscuous mode [ 47.351034][ T5951] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.356811][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.363989][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.370533][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.379438][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.382911][ T5946] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.384698][ T5944] Bluetooth: hci3: command tx timeout [ 47.387088][ T5946] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.389776][ T5946] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.392195][ T5946] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.407701][ T5951] veth0_vlan: entered promiscuous mode [ 47.420527][ T5955] veth0_vlan: entered promiscuous mode [ 47.422934][ T5951] veth1_vlan: entered promiscuous mode [ 47.430610][ T5955] veth1_vlan: entered promiscuous mode [ 47.442635][ T5951] veth0_macvtap: entered promiscuous mode [ 47.459472][ T5951] veth1_macvtap: entered promiscuous mode [ 47.478658][ T5942] veth0_vlan: entered promiscuous mode [ 47.483151][ T5955] veth0_macvtap: entered promiscuous mode [ 47.488625][ T5955] veth1_macvtap: entered promiscuous mode [ 47.491086][ T1041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.494213][ T1041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.512993][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.517952][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.521296][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.524336][ T5942] veth1_vlan: entered promiscuous mode [ 47.532839][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.537107][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.539862][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.542729][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.547274][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.551254][ T1260] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.551358][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.553644][ T1260] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.557289][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.562979][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.569374][ T5955] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.571910][ T5955] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.574371][ T5955] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.577316][ T5955] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.581372][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.585597][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.588503][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.591381][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.594923][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.599489][ T5951] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.602346][ T5951] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.604958][ T5951] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.607440][ T5951] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.630626][ T5942] veth0_macvtap: entered promiscuous mode [ 47.643306][ T5942] veth1_macvtap: entered promiscuous mode [ 47.651342][ T5946] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 47.658312][ T1260] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.660563][ T1260] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.678864][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.681753][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.686249][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.690191][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.694004][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.698521][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.702716][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.706184][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.708401][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.713261][ T1041] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.713839][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.716628][ T1041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.719024][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.723806][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.726984][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.729770][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.732878][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.736700][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.748700][ T5942] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.751836][ T5942] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.754354][ T5942] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.757330][ T5942] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.775956][ T1041] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.780073][ T1041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.815088][ T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.818092][ T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.839737][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.840783][ T6013] netlink: 'syz.2.3': attribute type 1 has an invalid length. [ 47.841940][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.848402][ T6013] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3'. [ 48.026710][ T6034] process 'syz.2.7' launched '/dev/fd/3' with NULL argv: empty string added [ 48.072061][ T6039] capability: warning: `syz.3.9' uses deprecated v2 capabilities in a way that may be insecure [ 48.129302][ T6043] capability: warning: `syz.3.10' uses 32-bit capabilities (legacy support in use) [ 48.134894][ T6043] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10'. [ 48.182012][ T6049] netlink: 'syz.0.11': attribute type 11 has an invalid length. [ 48.184311][ T6049] netlink: 224 bytes leftover after parsing attributes in process `syz.0.11'. [ 48.241459][ T6058] program syz.0.13 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 48.440365][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 48.454202][ T6068] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 48.901978][ T6101] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 49.384877][ T65] Bluetooth: hci0: command tx timeout [ 49.384919][ T5957] Bluetooth: hci1: command tx timeout [ 49.385521][ T5948] Bluetooth: hci2: command tx timeout [ 49.464638][ T5957] Bluetooth: hci3: command tx timeout [ 49.497603][ T6106] netlink: 'syz.3.27': attribute type 13 has an invalid length. [ 49.509594][ T6106] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 49.514349][ T6106] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 49.517756][ T6106] gretap1: entered promiscuous mode [ 49.519647][ T6106] gretap1: entered allmulticast mode [ 49.843159][ T6136] bridge1: entered allmulticast mode [ 50.304818][ T5984] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 50.454692][ T5984] usb 6-1: Using ep0 maxpacket: 8 [ 50.459672][ T39] kauditd_printk_skb: 120 callbacks suppressed [ 50.459682][ T39] audit: type=1400 audit(1739514475.823:235): avc: denied { write } for pid=6137 comm="syz.3.36" name="raw" dev="proc" ino=4026533192 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 50.468527][ T5984] usb 6-1: config 0 has no interfaces? [ 50.477908][ T5984] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 50.480648][ T5984] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 50.482979][ T5984] usb 6-1: Product: syz [ 50.484319][ T5984] usb 6-1: Manufacturer: syz [ 50.487771][ T5984] usb 6-1: SerialNumber: syz [ 50.492641][ T6140] fuse: Bad value for 'fd' [ 50.493481][ T5984] usb 6-1: config 0 descriptor?? [ 50.504319][ T6140] fuse: Bad value for 'fd' [ 50.505358][ T5957] Bluetooth: hci4: command 0x1003 tx timeout [ 50.507025][ T5944] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 50.517470][ T39] audit: type=1400 audit(1739514475.883:236): avc: denied { unlink } for pid=6139 comm="syz.3.37" name="#1" dev="tmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 50.527156][ T39] audit: type=1400 audit(1739514475.893:237): avc: denied { mount } for pid=6139 comm="syz.3.37" name="/" dev="overlay" ino=108 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 50.599690][ T39] audit: type=1400 audit(1739514475.963:238): avc: denied { append } for pid=6141 comm="syz.3.38" name="loop7" dev="devtmpfs" ino=665 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 50.608006][ T39] audit: type=1400 audit(1739514475.963:239): avc: denied { create } for pid=6141 comm="syz.3.38" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 50.613459][ T39] audit: type=1400 audit(1739514475.963:240): avc: denied { getopt } for pid=6141 comm="syz.3.38" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 50.619621][ T39] audit: type=1400 audit(1739514475.963:241): avc: denied { write } for pid=6141 comm="syz.3.38" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 50.625292][ T39] audit: type=1400 audit(1739514475.963:242): avc: denied { mounton } for pid=6141 comm="syz.3.38" path="/syzcgroup/unified/syz3" dev="cgroup2" ino=96 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 50.639158][ T39] audit: type=1400 audit(1739514476.003:243): avc: denied { open } for pid=6148 comm="syz.0.39" path="/dev/ptyq4" dev="devtmpfs" ino=131 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 50.644456][ T6142] syz.3.38: attempt to access beyond end of device [ 50.644456][ T6142] nbd3: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 50.646058][ T39] audit: type=1400 audit(1739514476.003:244): avc: denied { ioctl } for pid=6148 comm="syz.0.39" path="/dev/ptyq4" dev="devtmpfs" ino=131 ioctlcmd=0x5438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 50.651959][ T6142] XFS (nbd3): SB validate failed with error -5. [ 50.683347][ T6151] netlink: 8 bytes leftover after parsing attributes in process `syz.0.39'. [ 50.693515][ T6151] Cannot find map_set index 0 as target [ 50.709177][ T5987] usb 6-1: USB disconnect, device number 2 [ 50.743453][ T6155] Cannot find set identified by id 0 to match [ 50.824262][ T6167] Bluetooth: MGMT ver 1.23 [ 51.036297][ T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 51.092210][ C3] vcan0: j1939_tp_rxtimer: 0xffff888031dd4800: rx timeout, send abort [ 51.184639][ T8] usb 5-1: Using ep0 maxpacket: 16 [ 51.192740][ T8] usb 5-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35 [ 51.197356][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 51.199735][ T8] usb 5-1: Product: syz [ 51.200888][ T8] usb 5-1: Manufacturer: syz [ 51.202167][ T8] usb 5-1: SerialNumber: syz [ 51.206290][ T8] usb 5-1: config 0 descriptor?? [ 51.221671][ T8] as10x_usb: device has been detected [ 51.224894][ T8] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led)) [ 51.251320][ T8] usb 5-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))... [ 51.270929][ T8] as10x_usb: error during firmware upload part1 [ 51.273697][ T8] Registered device Sky IT Digital Key (green led) [ 51.413464][ T6178] openvswitch: netlink: IP tunnel dst address not specified [ 51.432174][ T6163] random: crng reseeded on system resumption [ 51.464708][ T5944] Bluetooth: hci0: command tx timeout [ 51.474733][ T5944] Bluetooth: hci2: command tx timeout [ 51.474837][ T5957] Bluetooth: hci1: command tx timeout [ 51.555975][ T5957] Bluetooth: hci3: command tx timeout [ 51.595970][ C3] vcan0: j1939_tp_rxtimer: 0xffff888031dd4800: abort rx timeout. Force session deactivation [ 51.618645][ T8] usb 5-1: USB disconnect, device number 2 [ 51.633795][ T8] Unregistered device Sky IT Digital Key (green led) [ 51.645240][ T8] as10x_usb: device has been disconnected [ 51.799616][ T6201] netlink: 2 bytes leftover after parsing attributes in process `syz.1.54'. [ 51.963966][ T6215] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 52.153132][ T6228] dlm: no local IP address has been set [ 52.154956][ T6228] dlm: cannot start dlm midcomms -107 [ 52.283515][ T6243] xt_hashlimit: size too large, truncated to 1048576 [ 52.421610][ T73] IPVS: starting estimator thread 0... [ 52.444082][ T6264] qrtr: Invalid version 0 [ 52.471642][ T6264] kvm: vcpu 0: requested 448 ns lapic timer period limited to 200000 ns [ 52.515297][ T6265] IPVS: using max 36 ests per chain, 86400 per kthread [ 52.542986][ T6264] kvm: pic: non byte write [ 52.565534][ T6275] 9pnet_fd: p9_fd_create_unix (6275): problem connecting socket: ./file2: -2 [ 52.851608][ T6290] : entered promiscuous mode [ 52.887380][ T6289] netlink: 'syz.0.81': attribute type 3 has an invalid length. [ 52.890321][ T6289] netlink: 8 bytes leftover after parsing attributes in process `syz.0.81'. [ 52.940968][ T6305] Zero length message leads to an empty skb [ 53.361838][ T6326] netlink: 'syz.3.89': attribute type 2 has an invalid length. [ 53.364211][ T6326] netlink: 12 bytes leftover after parsing attributes in process `syz.3.89'. [ 53.458535][ T6328] netlink: 8 bytes leftover after parsing attributes in process `syz.3.90'. [ 53.544812][ T5957] Bluetooth: hci1: command tx timeout [ 53.559507][ T5957] Bluetooth: hci2: command tx timeout [ 53.559535][ T5944] Bluetooth: hci0: command tx timeout [ 53.572328][ T6342] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 53.624764][ T5944] Bluetooth: hci3: command tx timeout [ 53.724475][ T6349] netlink: 'syz.3.97': attribute type 10 has an invalid length. [ 53.736530][ T6349] team0: Port device netdevsim0 added [ 53.739718][ T6349] netlink: 'syz.3.97': attribute type 10 has an invalid length. [ 53.745918][ T6349] team0: Port device netdevsim0 removed [ 53.757181][ T6349] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 53.817050][ T6356] bond0: entered promiscuous mode [ 53.819086][ T6356] bond_slave_0: entered promiscuous mode [ 53.821926][ T6356] bond_slave_1: entered promiscuous mode [ 53.832140][ T6353] netdevsim netdevsim3: Firmware load for '/../file0' refused, path contains '..' component [ 53.897364][ T6366] ÿÿÿ: renamed from vlan0 (while UP) [ 53.918979][ T6375] netlink: 16 bytes leftover after parsing attributes in process `syz.0.105'. [ 53.929481][ T6376] netlink: 16 bytes leftover after parsing attributes in process `syz.0.105'. [ 54.053707][ T6393] netlink: 16 bytes leftover after parsing attributes in process `syz.0.111'. [ 54.062660][ T6393] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.067903][ T6393] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.078066][ T6395] netlink: 14548 bytes leftover after parsing attributes in process `syz.2.112'. [ 54.086229][ T6393] vlan2: entered allmulticast mode [ 54.101510][ T6395] netlink: 14548 bytes leftover after parsing attributes in process `syz.2.112'. [ 54.147866][ T6407] netlink: 'syz.0.111': attribute type 10 has an invalid length. [ 54.152086][ T6407] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.154604][ T6407] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.157255][ T6407] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.159858][ T6407] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.167838][ T6407] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 54.244331][ T6419] erspan0: mtu less than device minimum [ 54.338212][ T6416] block nbd2: shutting down sockets [ 54.367456][ T6426] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7 sclass=netlink_route_socket pid=6426 comm=syz.2.120 [ 54.503871][ T6437] QAT: Device 7 not found [ 54.648437][ T45] Bluetooth: hci4: Frame reassembly failed (-84) [ 54.896102][ T5982] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 55.026551][ T6478] kAFS: unparsable volume name [ 55.032186][ T6478] netlink: 256 bytes leftover after parsing attributes in process `syz.1.134'. [ 55.038208][ T6478] unsupported nlmsg_type 40 [ 55.083519][ T6484] xt_l2tp: invalid flags combination: c [ 55.122662][ T6488] netlink: 424 bytes leftover after parsing attributes in process `syz.0.136'. [ 55.126234][ T6488] openvswitch: netlink: Unexpected mask (mask=4, allowed=10048) [ 55.135651][ T6488] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6488 comm=syz.0.136 [ 55.140031][ T6488] bridge_slave_1: left allmulticast mode [ 55.141632][ T6488] bridge_slave_1: left promiscuous mode [ 55.143855][ T6488] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.150359][ T6488] bridge_slave_0: left allmulticast mode [ 55.152462][ T6488] bridge_slave_0: left promiscuous mode [ 55.154403][ T6488] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.170313][ T6488] bond0: (slave bridge0): Releasing backup interface [ 55.200861][ T6491] ntfs3(sr0): Primary boot signature is not NTFS. [ 55.203096][ T6491] ntfs3(sr0): try to read out of volume at offset 0xf800 [ 55.224794][ T6491] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=53 sclass=netlink_route_socket pid=6491 comm=syz.0.136 [ 56.664782][ T5944] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 56.665615][ T5957] Bluetooth: hci4: command 0x1003 tx timeout [ 65.228427][ T6514] : entered promiscuous mode [ 65.234660][ T5944] Bluetooth: Unexpected continuation frame (len 121) [ 65.263800][ T6524] __nla_validate_parse: 1 callbacks suppressed [ 65.263811][ T6524] netlink: 256 bytes leftover after parsing attributes in process `syz.2.142'. [ 65.269486][ T39] kauditd_printk_skb: 165 callbacks suppressed [ 65.269496][ T39] audit: type=1400 audit(1739514490.633:410): avc: denied { watch watch_reads } for pid=6522 comm="syz.2.142" path="/45/file0" dev="tmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 65.297269][ T39] audit: type=1400 audit(1739514490.653:411): avc: denied { create } for pid=6516 comm="syz.1.139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 65.303796][ T39] audit: type=1400 audit(1739514490.653:412): avc: denied { sys_admin } for pid=6516 comm="syz.1.139" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 65.367804][ T6534] ======================================================= [ 65.367804][ T6534] WARNING: The mand mount option has been deprecated and [ 65.367804][ T6534] and is ignored by this kernel. Remove the mand [ 65.367804][ T6534] option from the mount to silence this warning. [ 65.367804][ T6534] ======================================================= [ 65.370638][ T6531] netlink: 'syz.2.144': attribute type 1 has an invalid length. [ 65.379904][ T6531] netlink: 32 bytes leftover after parsing attributes in process `syz.2.144'. [ 65.388427][ T6531] ipvlan2: entered promiscuous mode [ 65.433439][ T39] audit: type=1400 audit(1739514490.793:413): avc: denied { read } for pid=6538 comm="syz.2.148" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 65.435004][ T6541] netlink: 8 bytes leftover after parsing attributes in process `syz.3.149'. [ 65.454999][ T39] audit: type=1400 audit(1739514490.793:414): avc: denied { open } for pid=6538 comm="syz.2.148" path="/dev/nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 65.462632][ T39] audit: type=1400 audit(1739514490.793:415): avc: denied { ioctl } for pid=6538 comm="syz.2.148" path="/dev/nvram" dev="devtmpfs" ino=631 ioctlcmd=0x6200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 65.474685][ T39] audit: type=1400 audit(1739514490.813:416): avc: denied { map } for pid=6540 comm="syz.3.149" path="socket:[11038]" dev="sockfs" ino=11038 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 65.488497][ T39] audit: type=1400 audit(1739514490.813:417): avc: denied { read } for pid=6540 comm="syz.3.149" path="socket:[11038]" dev="sockfs" ino=11038 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 65.542456][ T6537] bond0: up delay (5) is not a multiple of miimon (4), value rounded to 4 ms [ 65.547694][ T6537] netlink: 'syz.0.147': attribute type 10 has an invalid length. [ 65.547936][ T39] audit: type=1326 audit(1739514490.913:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6555 comm="syz.3.152" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0d3278cde9 code=0x0 [ 65.594734][ T6559] netlink: 8 bytes leftover after parsing attributes in process `syz.2.154'. [ 65.600324][ T6559] warning: `syz.2.154' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 65.603838][ T39] audit: type=1400 audit(1739514490.963:419): avc: denied { bind } for pid=6558 comm="syz.2.154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 65.625058][ T6564] overlay: Unknown parameter 'permit_directio' [ 65.875277][ T6575] PM: Enabling pm_trace changes system date and time during resume. [ 65.875277][ T6575] PM: Correct system time has to be restored manually after resume. [ 65.882338][ T6575] netlink: 4 bytes leftover after parsing attributes in process `syz.0.159'. [ 66.124107][ T6579] syz.0.160 uses obsolete (PF_INET,SOCK_PACKET) [ 66.126188][ T6580] overlayfs: conflicting lowerdir path [ 66.127346][ T6578] netlink: 'syz.0.160': attribute type 13 has an invalid length. [ 66.321341][ T6590] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=1005 sclass=netlink_tcpdiag_socket pid=6590 comm=syz.0.163 [ 66.353170][ T6592] netlink: 20 bytes leftover after parsing attributes in process `syz.0.164'. [ 66.444068][ T6603] netlink: 140 bytes leftover after parsing attributes in process `syz.2.168'. [ 66.500408][ T6606] loop8: detected capacity change from 0 to 7 [ 66.514033][ T6606] Dev loop8: unable to read RDB block 7 [ 66.516037][ T6606] loop8: AHDI p1 p3 p4 [ 66.517321][ T6606] loop8: partition table partially beyond EOD, truncated [ 66.519783][ T6606] loop8: p1 start 975770946 is beyond EOD, truncated [ 66.521674][ T6606] loop8: p3 start 6514546 is beyond EOD, truncated [ 66.656449][ T6620] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.659594][ T6620] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.662613][ T6620] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.669629][ T6620] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.673521][ T6620] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.677823][ T6620] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.679874][ T6624] netlink: 24 bytes leftover after parsing attributes in process `syz.2.175'. [ 66.680829][ T6620] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.686811][ T6620] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.715039][ T6620] can0: slcan on ttyS3. [ 66.754885][ T6628] netlink: 'syz.2.176': attribute type 9 has an invalid length. [ 66.899664][ T6644] ata1.00: invalid multi_count 1 ignored [ 66.927761][ T6647] openvswitch: netlink: nsh attr 0 has unexpected len 96 expected 0 [ 66.930112][ T6647] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 66.954748][ T6012] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 67.003535][ T6653] No control pipe specified [ 67.067089][ T6661] netlink: 4 bytes leftover after parsing attributes in process `syz.1.183'. [ 67.070867][ T6661] netlink: 12 bytes leftover after parsing attributes in process `syz.1.183'. [ 67.106671][ T6012] usb 8-1: Using ep0 maxpacket: 8 [ 67.111877][ T6012] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 67.114316][ T6012] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 67.117390][ T6012] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 67.120184][ T6012] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 67.123238][ T6012] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 67.127273][ T6012] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 67.129768][ T6012] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.149781][ T6655] netlink: 'syz.2.182': attribute type 1 has an invalid length. [ 67.155945][ T6661] can1: slcan on ptm0. [ 67.190358][ T6669] loop6: detected capacity change from 0 to 7 [ 67.193913][ T6669] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.196351][ T6669] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.198661][ T6669] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.200886][ T6669] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.203155][ T6669] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.206254][ T6669] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.208517][ T6669] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.210730][ T6669] ldm_validate_partition_table(): Disk read failed. [ 67.212628][ T6669] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.214986][ T6669] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.217344][ T6669] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.219643][ T6669] Dev loop6: unable to read RDB block 0 [ 67.221301][ T6669] loop6: unable to read partition table [ 67.222984][ T6669] loop6: partition table beyond EOD, truncated [ 67.225558][ T6660] can1 (unregistered): slcan off ptm0. [ 67.225651][ T6669] loop_reread_partitions: partition scan of loop6 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨â·û [ 67.225651][ T6669] ) failed (rc=-5) [ 67.239447][ T6669] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 67.241907][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 67.341749][ T6012] usb 8-1: usb_control_msg returned -32 [ 67.343465][ T6012] usbtmc 8-1:16.0: can't read capabilities [ 67.354063][ T6680] cgroup: Need name or subsystem set [ 67.480235][ T6692] xt_CT: You must specify a L4 protocol and not use inversions on it [ 67.529308][ T6692] ldm_validate_partition_table(): Disk read failed. [ 67.531525][ T6692] Dev loop6: unable to read RDB block 0 [ 67.533176][ T6692] loop6: unable to read partition table [ 67.535109][ T6692] loop6: partition table beyond EOD, truncated [ 67.697266][ T6713] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 67.702479][ T6713] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 67.758296][ T6715] usb usb4: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 67.995327][ T6713] can0 (unregistered): slcan off ttyS3. [ 68.728783][ T6747] tipc: Started in network mode [ 68.730282][ T6747] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 68.735100][ T6747] tipc: Enabled bearer , priority 10 [ 68.841775][ T6757] ISOFS: Unable to identify CD-ROM format. [ 68.862547][ T6755] xt_hashlimit: size too large, truncated to 1048576 [ 69.213309][ T6776] netlink: 'syz.0.214': attribute type 64 has an invalid length. [ 69.215745][ T6776] netlink: 'syz.0.214': attribute type 4 has an invalid length. [ 69.305201][ T5957] Bluetooth: hci4: command 0x1003 tx timeout [ 69.305340][ T5944] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 69.540237][ T6815] vim2m vim2m.0: vidioc_s_fmt queue busy [ 69.663895][ T6003] usb 8-1: USB disconnect, device number 2 [ 69.735602][ T1345] tipc: Node number set to 4269801488 [ 69.756367][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.809629][ T6819] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 69.821947][ T6819] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 69.839306][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.956372][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.001803][ T5957] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 70.008460][ T5957] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 70.011209][ T5957] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 70.013892][ T5957] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 70.018118][ T5957] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 70.021045][ T5957] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 70.040384][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.278949][ T39] kauditd_printk_skb: 153 callbacks suppressed [ 70.278959][ T39] audit: type=1400 audit(1739514495.643:573): avc: denied { read write } for pid=5946 comm="syz-executor" name="loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 70.307247][ T39] audit: type=1400 audit(1739514495.653:574): avc: denied { read write open } for pid=5946 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 70.328508][ T39] audit: type=1400 audit(1739514495.653:575): avc: denied { ioctl } for pid=5946 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 70.369654][ T39] audit: type=1400 audit(1739514495.733:576): avc: denied { read write } for pid=5951 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 70.377170][ T39] audit: type=1400 audit(1739514495.733:577): avc: denied { read write open } for pid=5951 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 70.383896][ T39] audit: type=1400 audit(1739514495.733:578): avc: denied { ioctl } for pid=5951 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 70.398092][ T39] audit: type=1400 audit(1739514495.743:579): avc: denied { mounton } for pid=6838 comm="syz.1.229" path="/57/file0" dev="tmpfs" ino=341 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 70.406536][ T39] audit: type=1400 audit(1739514495.743:580): avc: denied { mount } for pid=6838 comm="syz.1.229" name="/" dev="ramfs" ino=12211 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 70.420759][ T39] audit: type=1400 audit(1739514495.773:581): avc: denied { read write } for pid=6838 comm="syz.1.229" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 70.427398][ T39] audit: type=1400 audit(1739514495.773:582): avc: denied { read write open } for pid=6838 comm="syz.1.229" path="/dev/raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 70.502417][ T6848] cgroup: Unknown subsys name 'syz*' [ 70.627103][ T6855] __nla_validate_parse: 7 callbacks suppressed [ 70.627114][ T6855] netlink: 8 bytes leftover after parsing attributes in process `syz.3.232'. [ 70.678077][ T57] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 70.713586][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 70.718649][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 70.722009][ T12] bond0 (unregistering): Released all slaves [ 70.767470][ T6827] chnl_net:caif_netlink_parms(): no params data found [ 70.839781][ T12] tipc: Disabling bearer [ 70.843616][ T12] tipc: Left network mode [ 70.856735][ T57] usb 6-1: config 0 has an invalid interface number: 50 but max is 0 [ 70.859055][ T57] usb 6-1: config 0 has no interface number 0 [ 70.865945][ T57] usb 6-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 70.869034][ T57] usb 6-1: config 0 interface 50 altsetting 0 endpoint 0x82 has invalid maxpacket 1023, setting to 64 [ 70.883025][ T57] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc [ 70.886540][ T57] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 70.888783][ T57] usb 6-1: Product: syz [ 70.889974][ T57] usb 6-1: Manufacturer: syz [ 70.891290][ T57] usb 6-1: SerialNumber: syz [ 70.897715][ T57] usb 6-1: config 0 descriptor?? [ 70.903246][ T6840] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 70.919164][ T57] yurex 6-1:0.50: USB YUREX device now attached to Yurex #0 [ 71.009682][ T6827] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.011833][ T6827] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.014047][ T6827] bridge_slave_0: entered allmulticast mode [ 71.030813][ T6827] bridge_slave_0: entered promiscuous mode [ 71.036438][ T6827] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.038571][ T6827] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.041017][ T6827] bridge_slave_1: entered allmulticast mode [ 71.043698][ T6827] bridge_slave_1: entered promiscuous mode [ 71.123271][ T57] usb 6-1: USB disconnect, device number 3 [ 71.143173][ T6870] netlink: 232 bytes leftover after parsing attributes in process `syz.3.236'. [ 71.147846][ T57] yurex 6-1:0.50: USB YUREX #0 now disconnected [ 71.159114][ T6870] netlink: 16 bytes leftover after parsing attributes in process `syz.3.236'. [ 71.173221][ T6870] xt_hashlimit: size too large, truncated to 1048576 [ 71.246243][ T6827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.246684][ T6872] netlink: 'syz.3.236': attribute type 39 has an invalid length. [ 71.253842][ T6827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.468959][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.628529][ T6827] team0: Port device team_slave_0 added [ 71.669321][ T12] hsr_slave_0: left promiscuous mode [ 71.674422][ T12] hsr_slave_1: left promiscuous mode [ 71.677255][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 71.680075][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 71.696609][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 71.698834][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 71.734678][ T12] veth1_macvtap: left promiscuous mode [ 71.736856][ T12] veth0_macvtap: left promiscuous mode [ 71.780392][ T6886] netlink: 'syz.1.238': attribute type 1 has an invalid length. [ 72.106310][ T5957] Bluetooth: hci0: command tx timeout [ 72.442883][ T12] team0 (unregistering): Port device team_slave_1 removed [ 72.523198][ T12] team0 (unregistering): Port device team_slave_0 removed [ 72.906254][ T6827] team0: Port device team_slave_1 added [ 72.908114][ T6880] netlink: 204 bytes leftover after parsing attributes in process `syz.2.237'. [ 72.912395][ T6886] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR [ 73.031018][ T6827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 73.037428][ T6827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.048313][ T6827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 73.057975][ T6827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 73.060675][ T6827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.070797][ T6827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 73.159033][ T6827] hsr_slave_0: entered promiscuous mode [ 73.161428][ T6827] hsr_slave_1: entered promiscuous mode [ 73.164292][ T6827] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 73.168551][ T6827] Cannot create hsr debugfs directory [ 73.213418][ T6897] ptm ptm21: ldisc open failed (-12), clearing slot 21 [ 73.269063][ T6902] loop9: detected capacity change from 0 to 8 [ 73.278454][ T6902] loop9: [CUMANA/ADFS] p1 [ADFS] p1 [ 73.280017][ T6902] loop9: partition table partially beyond EOD, truncated [ 73.282078][ T6902] loop9: p1 size 81768186 extends beyond EOD, truncated [ 73.520196][ T6907] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 73.524278][ T6827] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 73.547758][ T6827] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 73.572627][ T6827] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 73.578644][ T6823] udevd[6823]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory [ 73.600918][ T6827] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 73.641130][ T6907] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0. [ 73.918582][ T6827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.023968][ T6827] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.067353][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.069456][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.090967][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.093065][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.144616][ T8] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 74.184924][ T5957] Bluetooth: hci0: command tx timeout [ 74.216598][ T6931] 9pnet_fd: p9_fd_create_unix (6931): problem connecting socket: ./file2: -2 [ 74.240625][ T6933] netlink: 36 bytes leftover after parsing attributes in process `syz.1.248'. [ 74.256894][ T6932] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 74.265343][ T6932] CIFS mount error: No usable UNC path provided in device string! [ 74.265343][ T6932] [ 74.268351][ T6932] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 74.314568][ T8] usb 8-1: Using ep0 maxpacket: 8 [ 74.329070][ T8] usb 8-1: config 179 has an invalid interface number: 65 but max is 0 [ 74.331425][ T8] usb 8-1: config 179 has no interface number 0 [ 74.333259][ T8] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 74.345260][ T8] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 74.348681][ T8] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 74.351639][ T8] usb 8-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 74.364575][ T8] usb 8-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 74.367221][ T8] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 74.376788][ T6922] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 74.666062][ T6943] Bluetooth: MGMT ver 1.23 [ 74.754740][ T8] usb 8-1: USB disconnect, device number 3 [ 74.954323][ T6951] 9p: Unknown uid 00000000004294967295 [ 75.287537][ T39] kauditd_printk_skb: 947 callbacks suppressed [ 75.287549][ T39] audit: type=1400 audit(1739514500.651:1530): avc: denied { read write } for pid=5951 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 75.299360][ T39] audit: type=1400 audit(1739514500.651:1531): avc: denied { read write open } for pid=5951 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 75.310976][ T39] audit: type=1400 audit(1739514500.651:1532): avc: denied { ioctl } for pid=5951 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 75.329555][ T39] audit: type=1400 audit(1739514500.661:1533): avc: denied { search } for pid=5659 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 75.341677][ T39] audit: type=1400 audit(1739514500.661:1534): avc: denied { search } for pid=5659 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 75.356519][ T39] audit: type=1400 audit(1739514500.661:1535): avc: denied { search } for pid=5659 comm="dhcpcd" name="data" dev="tmpfs" ino=13 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 75.374469][ T39] audit: type=1400 audit(1739514500.661:1536): avc: denied { read } for pid=5659 comm="dhcpcd" name="n107" dev="tmpfs" ino=2931 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 75.394604][ T39] audit: type=1400 audit(1739514500.661:1537): avc: denied { read open } for pid=5659 comm="dhcpcd" path="/run/udev/data/n107" dev="tmpfs" ino=2931 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 75.401259][ T39] audit: type=1400 audit(1739514500.661:1538): avc: denied { getattr } for pid=5659 comm="dhcpcd" path="/run/udev/data/n107" dev="tmpfs" ino=2931 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 75.410728][ T39] audit: type=1400 audit(1739514500.671:1539): avc: denied { create } for pid=6959 comm="syz.1.254" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 75.497142][ T6827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.630562][ T6973] mkiss: ax0: crc mode is auto. [ 75.997886][ T6982] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.152396][ T6988] snd_dummy snd_dummy.0: control 0:0:0:syz0:7 is already present [ 76.265377][ T5957] Bluetooth: hci0: command tx timeout [ 76.370959][ T6992] vlan0: entered allmulticast mode [ 76.372582][ T6992] vlan1: entered allmulticast mode [ 76.374160][ T6992] veth0_vlan: entered allmulticast mode [ 76.977223][ T7016] netlink: 9 bytes leftover after parsing attributes in process `syz.3.270'. [ 76.985429][ T7016] gretap0: entered promiscuous mode [ 77.000065][ T7016] netlink: 5 bytes leftover after parsing attributes in process `syz.3.270'. [ 77.003755][ T7016] 0ªX¹¦D: renamed from gretap0 [ 77.007147][ T7016] 0ªX¹¦D: left promiscuous mode [ 77.008571][ T7016] 0ªX¹¦D: entered allmulticast mode [ 77.012379][ T7016] A link change request failed with some changes committed already. Interface 30ªX¹¦D may have been left with an inconsistent configuration, please check. [ 77.234952][ T7026] hid-generic 0003:0627:0001.0001: pid 7026 passed too short report [ 77.314643][ T6827] veth0_vlan: entered promiscuous mode [ 77.341916][ T6827] veth1_vlan: entered promiscuous mode [ 77.444062][ T6827] veth0_macvtap: entered promiscuous mode [ 77.488701][ T6827] veth1_macvtap: entered promiscuous mode [ 77.543038][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.548291][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.556907][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.560581][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.564050][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.582276][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.588832][ T6827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.602540][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.606980][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.610417][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.626312][ T7046] tmpfs: Bad value for 'mpol' [ 77.643831][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.649456][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.653134][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.669249][ T6827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.685234][ T6827] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.687880][ T6827] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.690317][ T6827] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.692706][ T6827] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.782616][ T1041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.786932][ T1041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.836030][ T1041] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.838380][ T1041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.962165][ T7051] netlink: 24 bytes leftover after parsing attributes in process `syz.3.279'. [ 78.276538][ T7062] netlink: 'syz.3.282': attribute type 1 has an invalid length. [ 78.278911][ T7062] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 78.344600][ T5957] Bluetooth: hci0: command tx timeout [ 78.592035][ T7081] sctp: [Deprecated]: syz.2.287 (pid 7081) Use of int in maxseg socket option. [ 78.592035][ T7081] Use struct sctp_assoc_value instead [ 78.947631][ T7089] hfsplus: unable to find HFS+ superblock [ 79.049833][ T7101] No control pipe specified [ 79.217229][ T7107] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 79.217229][ T7107] The task syz.2.293 (7107) triggered the difference, watch for misbehavior. [ 79.484434][ T7123] afs: Unknown parameter 'din' [ 79.503638][ T7123] netlink: 372 bytes leftover after parsing attributes in process `syz.1.296'. [ 79.510472][ T7123] overlayfs: overlapping lowerdir path [ 79.835925][ T7129] netlink: 4 bytes leftover after parsing attributes in process `syz.1.299'. [ 80.078970][ T7135] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 80.080970][ T7135] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 80.104572][ T7135] vhci_hcd vhci_hcd.0: Device attached [ 80.129517][ T7137] vhci_hcd: connection closed [ 80.133056][ T11] vhci_hcd: stop threads [ 80.139338][ T11] vhci_hcd: release socket [ 80.140696][ T11] vhci_hcd: disconnect device [ 80.181463][ T7140] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 80.305052][ T7156] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 80.309124][ T39] kauditd_printk_skb: 1440 callbacks suppressed [ 80.309135][ T39] audit: type=1400 audit(1739517065.671:2980): avc: denied { ioctl } for pid=7153 comm="syz.4.305" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 80.325678][ T39] audit: type=1400 audit(1739517065.671:2981): avc: denied { ioctl } for pid=7153 comm="syz.4.305" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 80.332471][ T39] audit: type=1400 audit(1739517065.681:2982): avc: denied { read write } for pid=7157 comm="syz.1.306" name="vhost-net" dev="devtmpfs" ino=1300 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 80.345545][ T7156] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 80.355337][ T39] audit: type=1400 audit(1739517065.681:2983): avc: denied { read write open } for pid=7157 comm="syz.1.306" path="/dev/vhost-net" dev="devtmpfs" ino=1300 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 80.362493][ T39] audit: type=1400 audit(1739517065.691:2984): avc: denied { ioctl } for pid=7157 comm="syz.1.306" path="/dev/vhost-net" dev="devtmpfs" ino=1300 ioctlcmd=0xaf02 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 80.390682][ T39] audit: type=1400 audit(1739517065.691:2985): avc: denied { map_create } for pid=7157 comm="syz.1.306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 80.406305][ T39] audit: type=1400 audit(1739517065.691:2986): avc: denied { bpf } for pid=7157 comm="syz.1.306" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 80.412036][ T39] audit: type=1400 audit(1739517065.691:2987): avc: denied { map_read map_write } for pid=7157 comm="syz.1.306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 80.424730][ T39] audit: type=1400 audit(1739517065.691:2988): avc: denied { read write } for pid=5951 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 80.431387][ T39] audit: type=1400 audit(1739517065.691:2989): avc: denied { read write open } for pid=5951 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 80.519218][ T7165] netlink: 'syz.1.308': attribute type 1 has an invalid length. [ 80.528458][ T7165] netlink: 308 bytes leftover after parsing attributes in process `syz.1.308'. [ 80.544792][ T5947] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 80.675680][ T5947] usb 9-1: device descriptor read/64, error -71 [ 80.944628][ T5947] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 81.075610][ T5947] usb 9-1: device descriptor read/64, error -71 [ 81.147710][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.149886][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.151818][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.153816][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.156815][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.158841][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.160698][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.162622][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.164897][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.168237][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.170151][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.171965][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.173883][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.175876][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.178116][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.180223][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.182166][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.184117][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.187958][ T5947] usb usb9-port1: attempt power cycle [ 81.194232][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.196430][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.198410][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.200341][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.209504][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.211625][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.213826][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.220333][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.222297][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.224328][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.229467][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.231354][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.233270][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.239769][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.241673][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.243586][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.248558][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.250506][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.252422][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.254392][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.263755][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.265784][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.267623][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.271894][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.273845][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.286318][ T57] hid-generic 0000:0002:FFFFFFFE.0002: unknown main item tag 0x0 [ 81.304707][ T57] hid-generic 0000:0002:FFFFFFFE.0002: hidraw1: HID vffffff.ff Device [syz0] on syz1 [ 81.596782][ T5947] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 81.626039][ T5947] usb 9-1: device descriptor read/8, error -71 [ 81.759276][ T30] cfg80211: failed to load regulatory.db [ 81.865107][ T5947] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 81.886197][ T5947] usb 9-1: device descriptor read/8, error -71 [ 81.999855][ T5947] usb usb9-port1: unable to enumerate USB device [ 84.424703][ T5957] Bluetooth: hci1: command 0x0c1a tx timeout [ 84.424867][ T7204] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 85.246095][ T7204] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 85.257916][ T7204] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 85.264160][ T7204] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 85.266121][ T7204] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 85.271394][ T7204] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 85.277710][ T7204] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 85.279510][ T7204] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 85.284416][ T7204] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 85.294956][ T7204] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 85.297163][ T7204] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 85.306321][ T7204] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 85.351089][ T39] kauditd_printk_skb: 1194 callbacks suppressed [ 85.351100][ T39] audit: type=1400 audit(1739517070.711:4184): avc: denied { read write } for pid=5955 comm="syz-executor" name="loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 85.365784][ T39] audit: type=1400 audit(1739517070.711:4185): avc: denied { read write } for pid=5951 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 85.384571][ T39] audit: type=1400 audit(1739517070.711:4186): avc: denied { read write open } for pid=5951 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 85.391328][ T39] audit: type=1400 audit(1739517070.721:4187): avc: denied { read write open } for pid=5955 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 85.474582][ T39] audit: type=1400 audit(1739517070.721:4188): avc: denied { ioctl } for pid=5951 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 85.481327][ T39] audit: type=1400 audit(1739517070.721:4189): avc: denied { ioctl } for pid=5955 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 85.492939][ T39] audit: type=1400 audit(1739517070.781:4190): avc: denied { create } for pid=7227 comm="syz.3.317" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 85.514339][ T39] audit: type=1400 audit(1739517070.781:4191): avc: denied { write } for pid=7227 comm="syz.3.317" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 85.521386][ T39] audit: type=1400 audit(1739517070.791:4192): avc: denied { write } for pid=7227 comm="syz.3.317" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 85.531808][ T39] audit: type=1400 audit(1739517070.791:4193): avc: denied { create } for pid=7227 comm="syz.3.317" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 85.550251][ T7233] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 85.613724][ T7233] wireguard0: entered promiscuous mode [ 85.615620][ T7233] wireguard0: entered allmulticast mode [ 85.652940][ T7240] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 85.659859][ T7241] netlink: 8 bytes leftover after parsing attributes in process `syz.3.319'. [ 86.514595][ T5957] Bluetooth: hci1: command 0x0c1a tx timeout [ 87.134600][ T9] usb 8-1: new full-speed USB device number 4 using dummy_hcd [ 87.294577][ T833] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 87.304681][ T5957] Bluetooth: hci0: command 0x0c1a tx timeout [ 87.304716][ T5944] Bluetooth: hci3: command 0x0c1a tx timeout [ 87.306487][ T65] Bluetooth: hci2: command 0x0c1a tx timeout [ 87.333364][ T9] usb 8-1: config 1 interface 0 altsetting 253 endpoint 0x1 has invalid maxpacket 1023, setting to 64 [ 87.337582][ T9] usb 8-1: config 1 interface 0 has no altsetting 0 [ 87.347575][ T9] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 87.351263][ T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 87.353563][ T9] usb 8-1: Product: syz [ 87.356007][ T9] usb 8-1: Manufacturer: syz [ 87.357295][ T9] usb 8-1: SerialNumber: syz [ 87.375221][ T7281] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 87.470869][ T833] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 87.478461][ T833] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 87.484590][ T833] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 87.488382][ T833] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.507987][ T7290] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 87.522542][ T833] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 87.554286][ T7245] syz.4.320 (7245): drop_caches: 2 [ 87.613781][ T9] usb 8-1: USB disconnect, device number 4 [ 87.724185][ T833] usb 6-1: USB disconnect, device number 4 [ 88.028053][ T6525] udevd[6525]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 88.574607][ T833] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 88.584969][ T5957] Bluetooth: hci1: command 0x0c1a tx timeout [ 88.724892][ T833] usb 7-1: Using ep0 maxpacket: 8 [ 88.732493][ T833] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 88.746922][ T833] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 88.749751][ T833] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 88.752488][ T833] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 88.774621][ T833] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 88.777166][ T833] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.017833][ T833] usb 7-1: GET_CAPABILITIES returned 0 [ 89.019569][ T833] usbtmc 7-1:16.0: can't read capabilities [ 89.136690][ T7341] Cannot find map_set index 0 as target [ 89.243174][ T30] usb 7-1: USB disconnect, device number 2 [ 89.386630][ T5957] Bluetooth: hci0: command 0x0c1a tx timeout [ 89.388402][ T5957] Bluetooth: hci2: command 0x0c1a tx timeout [ 89.390309][ T5957] Bluetooth: hci3: command 0x0c1a tx timeout [ 89.652159][ T7360] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 89.717141][ T7360] netlink: 'syz.4.350': attribute type 2 has an invalid length. [ 89.758226][ T7366] netlink: 32 bytes leftover after parsing attributes in process `syz.1.352'. [ 89.865278][ T7366] uprobe: syz.1.352:7366 failed to unregister, leaking uprobe [ 89.894787][ T7371] openvswitch: netlink: IP tunnel dst address not specified [ 90.069528][ T65] ================================================================== [ 90.071823][ T65] BUG: KASAN: slab-use-after-free in l2cap_sock_ready_cb+0x16a/0x170 [ 90.074608][ T65] Read of size 8 at addr ffff8880257c1188 by task kworker/u33:0/65 [ 90.077993][ T65] [ 90.079035][ T65] CPU: 2 UID: 0 PID: 65 Comm: kworker/u33:0 Not tainted 6.14.0-rc2-syzkaller-00056-gab68d7eb7b1a #0 [ 90.079050][ T65] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.079058][ T65] Workqueue: hci3 hci_rx_work [ 90.079080][ T65] Call Trace: [ 90.079085][ T65] [ 90.079090][ T65] dump_stack_lvl+0x116/0x1f0 [ 90.079207][ T65] print_report+0xc3/0x620 [ 90.079346][ T65] ? __virt_addr_valid+0x5e/0x590 [ 90.079417][ T65] ? __phys_addr+0xc6/0x150 [ 90.079428][ T65] kasan_report+0xd9/0x110 [ 90.079439][ T65] ? l2cap_sock_ready_cb+0x16a/0x170 [ 90.079457][ T65] ? l2cap_sock_ready_cb+0x16a/0x170 [ 90.079473][ T65] l2cap_sock_ready_cb+0x16a/0x170 [ 90.079489][ T65] l2cap_le_start+0x1ec/0xe40 [ 90.079501][ T65] ? __pfx___mutex_lock+0x10/0x10 [ 90.079532][ T65] ? __pfx_l2cap_le_start+0x10/0x10 [ 90.079544][ T65] ? do_raw_read_unlock+0x44/0xe0 [ 90.079577][ T65] ? __pfx_l2cap_global_fixed_chan+0x10/0x10 [ 90.079591][ T65] ? __l2cap_chan_add+0x3db/0xa20 [ 90.079605][ T65] l2cap_connect_cfm+0x99f/0xf10 [ 90.079620][ T65] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 90.079634][ T65] ? hci_cb_lookup+0x319/0x4e0 [ 90.079650][ T65] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 90.079664][ T65] le_conn_complete_evt+0x168d/0x1da0 [ 90.079680][ T65] ? __pfx_lock_release+0x10/0x10 [ 90.079695][ T65] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 90.079711][ T65] hci_le_conn_complete_evt+0x23c/0x370 [ 90.079725][ T65] hci_le_meta_evt+0x2e2/0x5d0 [ 90.079739][ T65] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 90.079752][ T65] hci_event_packet+0x666/0x1180 [ 90.079764][ T65] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 90.079778][ T65] ? __pfx_hci_event_packet+0x10/0x10 [ 90.079790][ T65] ? mark_held_locks+0x9f/0xe0 [ 90.079803][ T65] ? kcov_remote_start+0x3cf/0x6e0 [ 90.079820][ T65] ? lockdep_hardirqs_on+0x7c/0x110 [ 90.079838][ T65] hci_rx_work+0x2c5/0x16b0 [ 90.079852][ T65] ? process_one_work+0x921/0x1ba0 [ 90.079869][ T65] process_one_work+0x9c5/0x1ba0 [ 90.079885][ T65] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 90.079901][ T65] ? __pfx_process_one_work+0x10/0x10 [ 90.079917][ T65] ? assign_work+0x1a0/0x250 [ 90.079929][ T65] worker_thread+0x6c8/0xf00 [ 90.079946][ T65] ? __pfx_worker_thread+0x10/0x10 [ 90.079959][ T65] kthread+0x3af/0x750 [ 90.079971][ T65] ? __pfx_kthread+0x10/0x10 [ 90.079982][ T65] ? lock_acquire+0x2f/0xb0 [ 90.079996][ T65] ? __pfx_kthread+0x10/0x10 [ 90.080008][ T65] ret_from_fork+0x45/0x80 [ 90.080022][ T65] ? __pfx_kthread+0x10/0x10 [ 90.080034][ T65] ret_from_fork_asm+0x1a/0x30 [ 90.080049][ T65] [ 90.080053][ T65] [ 90.154359][ T65] Allocated by task 7378: [ 90.155579][ T65] kasan_save_stack+0x33/0x60 [ 90.156909][ T65] kasan_save_track+0x14/0x30 [ 90.158234][ T65] __kasan_kmalloc+0xaa/0xb0 [ 90.159548][ T65] __kmalloc_noprof+0x21c/0x510 [ 90.160918][ T65] sk_prot_alloc+0x1a8/0x2a0 [ 90.162390][ T65] sk_alloc+0x36/0xb90 [ 90.163575][ T65] bt_sock_alloc+0x3b/0x3a0 [ 90.164862][ T65] l2cap_sock_alloc.constprop.0+0x33/0x1d0 [ 90.166527][ T65] l2cap_sock_create+0x123/0x1f0 [ 90.167925][ T65] bt_sock_create+0x182/0x350 [ 90.169270][ T65] __sock_create+0x335/0x8d0 [ 90.170578][ T65] __sys_socket+0x14f/0x260 [ 90.171854][ T65] __x64_sys_socket+0x72/0xb0 [ 90.173207][ T65] do_syscall_64+0xcd/0x250 [ 90.174495][ T65] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.176144][ T65] [ 90.176831][ T65] Freed by task 7378: [ 90.177964][ T65] kasan_save_stack+0x33/0x60 [ 90.179302][ T65] kasan_save_track+0x14/0x30 [ 90.180619][ T65] kasan_save_free_info+0x3b/0x60 [ 90.182038][ T65] __kasan_slab_free+0x51/0x70 [ 90.183421][ T65] kfree+0x2c4/0x4d0 [ 90.184538][ T65] __sk_destruct+0x5eb/0x720 [ 90.185865][ T65] sk_destruct+0xc2/0xf0 [ 90.187059][ T65] __sk_free+0xf4/0x3e0 [ 90.188231][ T65] sk_free+0x6a/0x90 [ 90.189363][ T65] l2cap_sock_kill+0x171/0x2d0 [ 90.190770][ T65] l2cap_sock_release+0x189/0x210 [ 90.192214][ T65] __sock_release+0xb0/0x270 [ 90.193594][ T65] sock_close+0x1c/0x30 [ 90.194791][ T65] __fput+0x3ff/0xb70 [ 90.195934][ T65] task_work_run+0x14e/0x250 [ 90.197252][ T65] syscall_exit_to_user_mode+0x27b/0x2a0 [ 90.198822][ T65] do_syscall_64+0xda/0x250 [ 90.200123][ T65] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.201767][ T65] [ 90.202450][ T65] The buggy address belongs to the object at ffff8880257c1000 [ 90.202450][ T65] which belongs to the cache kmalloc-2k of size 2048 [ 90.206317][ T65] The buggy address is located 392 bytes inside of [ 90.206317][ T65] freed 2048-byte region [ffff8880257c1000, ffff8880257c1800) [ 90.206676][ T7382] ptrace attach of "/syz-executor exec"[6827] was attempted by ""[7382] [ 90.210135][ T65] [ 90.210145][ T65] The buggy address belongs to the physical page: [ 90.210151][ T65] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x257c0 [ 90.210163][ T65] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 90.210172][ T65] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 90.210186][ T65] page_type: f5(slab) [ 90.210196][ T65] raw: 00fff00000000040 ffff88801b042f00 0000000000000000 dead000000000001 [ 90.210205][ T65] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000 [ 90.210214][ T65] head: 00fff00000000040 ffff88801b042f00 0000000000000000 dead000000000001 [ 90.231241][ T65] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000 [ 90.233673][ T65] head: 00fff00000000003 ffffea000095f001 ffffffffffffffff 0000000000000000 [ 90.236084][ T65] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 90.238481][ T65] page dumped because: kasan: bad access detected [ 90.240266][ T65] page_owner tracks the page as allocated [ 90.241886][ T65] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5942, tgid 5942 (syz-executor), ts 46942843790, free_ts 46942259108 [ 90.248117][ T65] post_alloc_hook+0x181/0x1b0 [ 90.249509][ T65] get_page_from_freelist+0xfce/0x2f80 [ 90.251072][ T65] __alloc_frozen_pages_noprof+0x221/0x2470 [ 90.251848][ T7382] QAT: Invalid ioctl -2110754302 [ 90.252860][ T65] alloc_pages_mpol+0x1fc/0x540 [ 90.256278][ T65] new_slab+0x23d/0x330 [ 90.257525][ T65] ___slab_alloc+0xc5d/0x1720 [ 90.258970][ T65] __slab_alloc.constprop.0+0x56/0xb0 [ 90.260570][ T65] __kmalloc_node_noprof+0x2f0/0x510 [ 90.262095][ T65] __kvmalloc_node_noprof+0xad/0x1a0 [ 90.263706][ T65] devlink_alloc_ns+0x9c/0xab0 [ 90.265110][ T65] nsim_drv_probe+0xbc/0x1490 [ 90.266598][ T65] really_probe+0x23e/0xa90 [ 90.268023][ T65] __driver_probe_device+0x1de/0x440 [ 90.269549][ T65] driver_probe_device+0x4c/0x1b0 [ 90.270974][ T65] __device_attach_driver+0x1df/0x310 [ 90.272671][ T65] bus_for_each_drv+0x157/0x1e0 [ 90.274193][ T65] page last free pid 5946 tgid 5946 stack trace: [ 90.276059][ T65] free_frozen_pages+0x6db/0xfb0 [ 90.277510][ T65] __put_partials+0x14c/0x170 [ 90.278912][ T65] qlist_free_all+0x4e/0x120 [ 90.280249][ T65] kasan_quarantine_reduce+0x195/0x1e0 [ 90.281814][ T65] __kasan_slab_alloc+0x69/0x90 [ 90.283288][ T65] __kmalloc_cache_noprof+0x243/0x410 [ 90.284844][ T65] ipv6_add_dev+0xfe/0x13f0 [ 90.286207][ T65] ipv6_find_idev+0x192/0x220 [ 90.287534][ T65] inet6_rtm_newaddr+0x560/0x19d0 [ 90.288962][ T65] rtnetlink_rcv_msg+0x95b/0xea0 [ 90.290409][ T65] netlink_rcv_skb+0x16b/0x440 [ 90.291785][ T65] netlink_unicast+0x53c/0x7f0 [ 90.293285][ T65] netlink_sendmsg+0x8b8/0xd70 [ 90.293661][ T7382] syz.4.357 uses old SIOCAX25GETINFO [ 90.294646][ T65] __sys_sendto+0x488/0x4f0 [ 90.294663][ T65] __x64_sys_sendto+0xe0/0x1c0 [ 90.294675][ T65] do_syscall_64+0xcd/0x250 [ 90.294689][ T65] [ 90.294692][ T65] Memory state around the buggy address: [ 90.294698][ T65] ffff8880257c1080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 90.294706][ T65] ffff8880257c1100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 90.294713][ T65] >ffff8880257c1180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 90.294719][ T65] ^ [ 90.294724][ T65] ffff8880257c1200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 90.314555][ T65] ffff8880257c1280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 90.316762][ T65] ================================================================== [ 90.319758][ T65] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 90.321809][ T65] CPU: 2 UID: 0 PID: 65 Comm: kworker/u33:0 Not tainted 6.14.0-rc2-syzkaller-00056-gab68d7eb7b1a #0 [ 90.324839][ T65] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.327839][ T65] Workqueue: hci3 hci_rx_work [ 90.329194][ T65] Call Trace: [ 90.330174][ T65] [ 90.331021][ T65] dump_stack_lvl+0x3d/0x1f0 [ 90.332335][ T65] panic+0x71d/0x800 [ 90.333498][ T65] ? __pfx_panic+0x10/0x10 [ 90.334773][ T65] ? irqentry_exit+0x3b/0x90 [ 90.336072][ T65] ? lockdep_hardirqs_on+0x7c/0x110 [ 90.337533][ T65] ? preempt_schedule_thunk+0x1a/0x30 [ 90.339067][ T65] ? preempt_schedule_common+0x44/0xc0 [ 90.340597][ T65] check_panic_on_warn+0xab/0xb0 [ 90.342015][ T65] end_report+0x117/0x180 [ 90.343318][ T65] kasan_report+0xe9/0x110 [ 90.344582][ T65] ? l2cap_sock_ready_cb+0x16a/0x170 [ 90.346107][ T65] ? l2cap_sock_ready_cb+0x16a/0x170 [ 90.347589][ T65] l2cap_sock_ready_cb+0x16a/0x170 [ 90.349047][ T65] l2cap_le_start+0x1ec/0xe40 [ 90.350405][ T65] ? __pfx___mutex_lock+0x10/0x10 [ 90.351830][ T65] ? __pfx_l2cap_le_start+0x10/0x10 [ 90.353468][ T65] ? do_raw_read_unlock+0x44/0xe0 [ 90.354916][ T65] ? __pfx_l2cap_global_fixed_chan+0x10/0x10 [ 90.356612][ T65] ? __l2cap_chan_add+0x3db/0xa20 [ 90.358060][ T65] l2cap_connect_cfm+0x99f/0xf10 [ 90.359486][ T65] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 90.360993][ T65] ? hci_cb_lookup+0x319/0x4e0 [ 90.362379][ T65] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 90.364503][ T65] le_conn_complete_evt+0x168d/0x1da0 [ 90.366697][ T65] ? __pfx_lock_release+0x10/0x10 [ 90.368637][ T65] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 90.370818][ T65] hci_le_conn_complete_evt+0x23c/0x370 [ 90.372397][ T65] hci_le_meta_evt+0x2e2/0x5d0 [ 90.373838][ T65] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 90.375767][ T65] hci_event_packet+0x666/0x1180 [ 90.377444][ T65] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 90.379065][ T65] ? __pfx_hci_event_packet+0x10/0x10 [ 90.380581][ T65] ? mark_held_locks+0x9f/0xe0 [ 90.381949][ T65] ? kcov_remote_start+0x3cf/0x6e0 [ 90.383523][ T65] ? lockdep_hardirqs_on+0x7c/0x110 [ 90.384998][ T65] hci_rx_work+0x2c5/0x16b0 [ 90.386821][ T65] ? process_one_work+0x921/0x1ba0 [ 90.388853][ T65] process_one_work+0x9c5/0x1ba0 [ 90.390814][ T65] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 90.392985][ T65] ? __pfx_process_one_work+0x10/0x10 [ 90.395115][ T65] ? assign_work+0x1a0/0x250 [ 90.396927][ T65] worker_thread+0x6c8/0xf00 [ 90.398754][ T65] ? __pfx_worker_thread+0x10/0x10 [ 90.400748][ T65] kthread+0x3af/0x750 [ 90.402355][ T65] ? __pfx_kthread+0x10/0x10 [ 90.404208][ T65] ? lock_acquire+0x2f/0xb0 [ 90.406108][ T65] ? __pfx_kthread+0x10/0x10 [ 90.407922][ T65] ret_from_fork+0x45/0x80 [ 90.409653][ T65] ? __pfx_kthread+0x10/0x10 [ 90.411430][ T65] ret_from_fork_asm+0x1a/0x30 [ 90.413350][ T65] [ 90.415306][ T65] Kernel Offset: disabled [ 90.416990][ T65] Rebooting in 86400 seconds.. VM DIAGNOSIS: 06:28:35 Registers: info registers vcpu 0 CPU#0 RAX=0000000080000001 RBX=0000000000000001 RCX=1ffffffff3517114 RDX=0000000000000000 RSI=ffffffff8bd35080 RDI=0000000000000001 RBP=ffffffff9aa24188 RSP=ffffc90003ed6b60 R8 =0000000000000000 R9 =fffffbfff20c4722 R10=ffffffff90623917 R11=0000000000000003 R12=000000000000014e R13=0000000000000200 R14=dffffc0000000000 R15=0000000000000202 RIP=ffffffff8188481e RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f0d335386c0 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fbfc81f5f98 CR3=00000000366cc000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca40f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca40f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca40f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca40f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca40f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca40f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca57c488 00007fbfca57c480 00007fbfca57c478 00007fbfca57c450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfcb0dd100 00007fbfca57c440 00007fbfca570004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca57c498 00007fbfca57c490 00007fbfca57c488 00007fbfca57c480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000003 RCX=0000000000000001 RDX=ffff888023bea440 RSI=ffffffff8479fdbe RDI=ffffffff8479fdc3 RBP=ffff888047871af8 RSP=ffffc90003bf7a70 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000200 R11=0000000000000001 R12=0000000000000100 R13=0000000000000200 R14=dffffc0000000000 R15=0000000000000202 RIP=ffffffff8b566283 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055555a119500 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ffefaf73f68 CR3=00000000509c8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000020081 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffefaf74720 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2644e0f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2644e0f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2644e0f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2644e0f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2644e0f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2644e0f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 2074657365720064 656c696166202973 2528746174736c00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 0551405640570041 40494c4443050c56 000d514451564900 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff85404350 RDI=ffffffff9ab7b740 RBP=ffffffff9ab7b700 RSP=ffffc90000d2f0b8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3230383838666666 R12=0000000000000000 R13=0000000000000020 R14=fffffbfff356f73a R15=dffffc0000000000 RIP=ffffffff85404377 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c360f31 CR3=0000000056ea8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca40f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca40f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca40f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca40f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca40f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca40f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca57c488 00007fbfca57c480 00007fbfca57c478 00007fbfca57c450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfcb0dd100 00007fbfca57c440 00007fbfca570004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbfca57c498 00007fbfca57c490 00007fbfca57c488 00007fbfca57c480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000001 RBX=ffffffff9aa26308 RCX=ffffffff81971d53 RDX=0000000000000000 RSI=0000000000000004 RDI=ffffffff9aa26308 RBP=ffffffff9aa26310 RSP=ffffc900298f78d8 R8 =0000000000000000 R9 =fffffbfff3544c61 R10=ffffffff9aa2630b R11=0000000000000001 R12=ffffffff9aa26318 R13=0000000000000001 R14=dffffc0000000000 R15=0000000000000206 RIP=ffffffff8b58fea0 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f9c356b9280 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ff606800d58 CR3=00000000242cc000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000004080 Opmask01=00000000000001ff Opmask02=000000000fffffff Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737373 7373737373737373 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffffffffffffff ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffffffffffffff ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000032706f6f 6c2f6b636f6c622f 6c6175747269762f 736563697665642f ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f646e756f732f00 682e6c6974752f64 65726168732f6372 732f2e2e2f2e2e00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 616c730032706f6f 6c2f6b636f6c622f 6c6175747269762f 736563697665642f ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000031 00736576616c732f 32706f6f6c2f6b63 6f6c622f6c617574 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7d0c8ef7e6fb6dc0 00000005573c229e 0000000000000021 0000000000000032 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7b27697a787c7a30 23333a3a38263342 4943213f395b2249 5a6e786b6e646b7e ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a263b383a3a263a 383a3a26493b3a3a 26483b3a3a264b3b 3a0a00307f617930 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020