last executing test programs: 1.308975074s ago: executing program 3 (id=108): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00'}, 0x10) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x9, 0xc, 0x42, 0x40, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000080), 0x200, r0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x3, r0}, 0x38) 1.308869824s ago: executing program 3 (id=109): r0 = syz_clone(0x0, 0x0, 0xfffffffffffffe7b, 0x0, 0x0, 0x0) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) write$tcp_congestion(r1, &(0x7f00000000c0)='illinois\x00', 0x9) ptrace(0x4206, r0) ptrace(0x8, r0) waitid(0x0, 0x0, 0x0, 0x40000004, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) r3 = socket$pppl2tp(0x18, 0x1, 0x1) r4 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev}, 0x2, 0x0, 0x4}}, 0x2e) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r6, 0x325, 0x0, 0x0, {0x8}}, 0x14}}, 0x0) ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x44, 0x800000, 0x8, 0x7, 0x2}) write$bt_hci(r2, &(0x7f0000000080)=ANY=[], 0x6) 1.211814846s ago: executing program 1 (id=111): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x8000) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r0, 0xc00864c0, &(0x7f0000000040)) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6}) 1.211584472s ago: executing program 3 (id=112): keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) set_mempolicy(0x3, &(0x7f0000000000)=0x5, 0x8) syz_open_dev$dri(0x0, 0x1ff, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3f0) 1.20830712s ago: executing program 1 (id=113): mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00') (async) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00') prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) writev(r0, &(0x7f0000000080)=[{&(0x7f00000004c0)='\n', 0x1}], 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="000200000000000007"], 0x20) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c) r2 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000560000000000000066ba2100b066eeb9e00a00000f32646467660f01000000000000007124c4a179d64a0067362e0f"], 0x56}) syz_open_procfs(0x0, &(0x7f0000000340)='fdinfo/3\x00') (async) r3 = syz_open_procfs(0x0, &(0x7f0000000340)='fdinfo/3\x00') read$FUSE(r3, &(0x7f0000001640)={0x2020}, 0x2020) (async) read$FUSE(r3, &(0x7f0000001640)={0x2020}, 0x2020) syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000003000/0x18000)=nil, &(0x7f00000001c0)=[@textreal={0x8, &(0x7f0000000140)="0f0171070f20e06635000010000f22e066b96c09000066b80000008066ba000000000f300fc72e080066b8000000000f23c80f21f866350800b0000f23f80f20c06635000000800f22c0d500baf80c66b8a632918766efbafc0cb000ee66b95302000066b80e78000066ba000000000f3066b9ee0b00000f32", 0x79}], 0x1, 0x42, &(0x7f0000000200)=[@vmwrite={0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc}], 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000440)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) (async) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000380)={0x2, 0x102000, 0x1}) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) mount(&(0x7f0000000300)=@sg0, &(0x7f0000000380)='./bus\x00', &(0x7f00000003c0)='xfs\x00', 0x0, &(0x7f0000000000)='usrquota') (async) mount(&(0x7f0000000300)=@sg0, &(0x7f0000000380)='./bus\x00', &(0x7f00000003c0)='xfs\x00', 0x0, &(0x7f0000000000)='usrquota') 1.208091931s ago: executing program 3 (id=114): r0 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000440)={'geneve0\x00', &(0x7f0000000600)=@ethtool_dump={0x40, 0x8cc, 0x4}}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r3=>0x0}) sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010002000000002595a08700000008000300", @ANYRES32=r3, @ANYBLOB="080026006c0900000a000600ffffffffffff000008003500000000000a0034000101010101010000090007005d366160170000"], 0x50}}, 0x0) 1.151385179s ago: executing program 3 (id=118): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r2=>0x0}) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000200)={0x0, 0x4b, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, r1, 0x303, 0x0, 0x0, {0x6}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}, 0x1, 0x0, 0xc00e}, 0x2000c0c0) 1.150846601s ago: executing program 3 (id=120): socket$inet_udp(0x2, 0x2, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000140)="1ba0000016", 0x5, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x3) getsockname$ax25(r1, 0x0, &(0x7f0000003840)) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r2, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10) setsockopt$sock_int(r2, 0x1, 0x21, &(0x7f0000000040), 0x4) shutdown(r2, 0x1) connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e24, @local}, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f000000d000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, &(0x7f0000000300)="0f01ca66410fe5524926f346abb9730000400f32c4a3bd5e176b440f013a660f3808dcc463a50fda02410f00d2440f2246", 0x31}], 0x1, 0x74, 0x0, 0x0) syz_usb_connect$cdc_ncm(0x2, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r6, 0x40045532, &(0x7f0000000040)=0x7) r7 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0) r8 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r8, 0xc0884113, &(0x7f0000000080)={0x1, 0xfffffffe, 0x0, 0x4, 0x8000, 0x0, 0x1, 0x0, 0x0, 0x1, 0x2, 0x2}) ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r8, 0xc0984124, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0500009ebe0c0099003adfc2ea9986ddf2c98ac9626d7600000080000000000000"], 0xfffffffffffffea4}}, 0x0) 1.041363135s ago: executing program 1 (id=126): r0 = socket$nl_route(0x10, 0x3, 0x0) (async) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(r1, 0x5202) (async) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYRES8=r1], 0x54}}, 0x0) (async) r2 = memfd_secret(0x0) close_range(r2, 0xffffffffffffffff, 0x0) (async) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x200080, 0x0) (async) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240), 0x16d001, 0x0) ioctl$SOUND_MIXER_INFO(r3, 0x805c4d65, &(0x7f00000001c0)) bind(r0, &(0x7f0000000100)=@pppoe={0x18, 0x0, {0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 'caif0\x00'}}, 0x80) 1.041219799s ago: executing program 1 (id=128): connect$inet6(0xffffffffffffffff, 0x0, 0x0) syz_emit_vhci(0x0, 0x22) socket(0x10, 0x3, 0x0) 1.040324819s ago: executing program 0 (id=129): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x700}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xb4}}, 0x0) 981.565793ms ago: executing program 1 (id=131): readv(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x2, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000004000000ffffffffc3001000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x4, 0x93, &(0x7f0000000100)=""/147, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x17, 0x10, 0x0, 0x0, 0x61e5cc96, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x22) syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="021de100"/17], 0x9) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x10, 0x0, 0x0) connect$rose(0xffffffffffffffff, 0x0, 0x0) socket(0x0, 0x1, 0x2) fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) bind$bt_l2cap(r1, &(0x7f0000000040), 0xe) setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, 0x0, 0x0) connect$pppl2tp(r0, 0x0, 0x0) connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e22, @broadcast}, 0x2, 0x9800}}, 0x2e) r2 = openat(0xffffffffffffff9c, 0x0, 0x281c2, 0x0) fcntl$setlease(r2, 0x400, 0x1) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0) truncate(&(0x7f0000000000)='./file1\x00', 0x3) r4 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) connect$bt_rfcomm(r4, &(0x7f00000001c0)={0x1f, @none, 0x1}, 0xa) pread64(r3, &(0x7f0000001440)=""/123, 0x7b, 0x841) r5 = socket$nl_generic(0x10, 0x3, 0x10) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) close_range(r6, r6, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x40200, 0x42) r7 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) dup2(r7, r6) syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_GET(r5, 0x0, 0x4800) 981.141204ms ago: executing program 0 (id=132): openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x62) chdir(0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2) openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x111, 0xa}}, 0x20) write$RDMA_USER_CM_CMD_DISCONNECT(r1, &(0x7f00000000c0)={0xa, 0x4, 0xfa00, {r2}}, 0xc) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x48240, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) socket$rds(0x15, 0x5, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) listen(r0, 0x3) 600.972127ms ago: executing program 2 (id=138): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'dummy0\x00', <r1=>0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x24, 0x25, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x1000000) 600.197554ms ago: executing program 2 (id=139): r0 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff000800034000000038580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c000380280000800800034000000002040002800c000440000010c6f7a0b5ec0c0005"], 0xec}}, 0x8890) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0}) r7 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="280000001c00010400442139d5aa2e8b2d"], 0x28}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) r8 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r9, {0x4, 0xb}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8100}, @TCA_FLOWER_KEY_VLAN_ETH_TYPE={0x6, 0x19, 0x8100}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20000800) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r10, &(0x7f0000000000)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r10, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x48c0}, 0x20001880) socket$netlink(0x10, 0x3, 0x0) (async) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) (async) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (async) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async) socket$nl_netfilter(0x10, 0x3, 0xc) (async) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff000800034000000038580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c000380280000800800034000000002040002800c000440000010c6f7a0b5ec0c0005"], 0xec}}, 0x8890) (async) socket(0x400000000010, 0x3, 0x0) (async) socket(0x400000000010, 0x3, 0x0) (async) socket$unix(0x1, 0x1, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) (async) socket(0x10, 0x3, 0x0) (async) sendmsg$nl_route(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="280000001c00010400442139d5aa2e8b2d"], 0x28}}, 0x0) (async) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) (async) socket$unix(0x1, 0x5, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) (async) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r9, {0x4, 0xb}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8100}, @TCA_FLOWER_KEY_VLAN_ETH_TYPE={0x6, 0x19, 0x8100}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20000800) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) (async) write$cgroup_subtree(r10, &(0x7f0000000000)=ANY=[], 0x32600) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r10, 0x0) (async) sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x48c0}, 0x20001880) (async) 441.875464ms ago: executing program 2 (id=140): connect$inet6(0xffffffffffffffff, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000340)=ANY=[], 0x22) socket(0x10, 0x3, 0x0) 441.701233ms ago: executing program 2 (id=141): syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a010100", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c0000009078"], 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0), 0x12) r0 = openat$vcsu(0xffffff9c, &(0x7f0000000180), 0x88080, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz0\x00', 0x1ff) r1 = add_key$user(&(0x7f00000001c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000080)="bc5d", 0x2, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r2, r1}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = dup(r4) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r4, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x80010000) 291.376028ms ago: executing program 2 (id=142): r0 = eventfd2(0x0, 0x0) io_setup(0x81, &(0x7f0000000400)=<r1=>0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000480)={0x1, 0x0, 0x0, &(0x7f0000001740)=""/97, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000400)) r3 = eventfd2(0x1, 0x1) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000001c0)={0x0, r3}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000003700)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/163, 0x0, 0x4000}) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000000)={0x0, r3}) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f00000000c0)=0x1) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) io_submit(r1, 0x2, &(0x7f0000000440)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x1fd, r0, 0x0, 0x0, 0x4, 0x0, 0x1, r0}]) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1fd6b38443af8512}, {0xffff, 0xffff}, {0x0, 0x4}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_FWMARK={0x8, 0x12, 0x205}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40001}, 0x4) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x50}}, 0x0) 120.513545ms ago: executing program 2 (id=143): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r5=>0x0}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r5, @ANYBLOB="1c005a8018000180140005000500000001000100ff8f020000000120"], 0x38}}, 0x4800) syz_usb_control_io$hid(r1, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="f85edaca830000a204a5000000e800000000000000"], 0x0}, 0x0) syz_usb_control_io(r1, 0x0, &(0x7f0000000c00)={0x84, &(0x7f00000002c0)=ANY=[@ANYBLOB="0000010000009d2b7980fc7e3b452c62da8803b239cae52d65cb6190a2cf7ec50b4b19df6e0c11d4bfc48f5d3b352ef6adc630cfeb710348e5b81393"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) readv(r6, &(0x7f0000000480)=[{&(0x7f0000001580)=""/4091, 0x18}], 0x1) ioctl$HIDIOCSFLAG(r6, 0x4004480f, &(0x7f0000000000)=0x3) ioctl$HIDIOCGUSAGE(r6, 0xc018480b, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) r8 = socket(0xb, 0x4, 0xc2d) sendmsg$nl_route_sched(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) getsockname$packet(r8, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba) sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r9, @ANYBLOB="fe000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0) r10 = socket(0x1, 0x803, 0x0) getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) r12 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r13 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r13, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) move_mount(r13, &(0x7f0000000080)='./file0/file0\x00', r13, &(0x7f0000000040)='./file0/../file0\x00', 0x0) syz_kvm_setup_cpu$x86(r12, r13, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000340)=[@text64={0x40, &(0x7f0000000300)="470f08b8010000000f01c126440f06b91e0a0000b8078becb9ba000000000f30400f22644166900f20e035000001000f22e00f01cb66b89d008ee8410fc733", 0x3f}], 0x1, 0x20, &(0x7f0000000400), 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000020002001c0012800c0001006d6163766c616e000c000280080001000800000008000500", @ANYRES32=r9, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r11], 0x4c}}, 0x4000) r14 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000700), 0x8000, 0x0) ioctl$FBIOPUT_VSCREENINFO(r14, 0x4601, &(0x7f0000000140)={0xa00, 0x960, 0xf0, 0x400, 0x7, 0x5, 0x0, 0x1, {0x3ff, 0x10001, 0x1}, {0x1c9, 0x6, 0x3}, {0xc7}, {0x3, 0x100, 0x40001}, 0x0, 0x1dd, 0x4, 0x1fab, 0x0, 0x267, 0xa, 0xff, 0x4, 0x101, 0x80000003, 0x9, 0x8, 0x100, 0x0, 0x7}) 118.371055ms ago: executing program 1 (id=144): r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_GET(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x20, 0x1, 0x7, 0x5, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x20008880}, 0x0) ioctl$NBD_SET_FLAGS(r0, 0xab0a, 0xbdf) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001d40)=@base={0xf, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r4}, &(0x7f0000000040), &(0x7f0000000140)=r3}, 0x20) ioctl$NBD_SET_SOCK(r0, 0xab00, r3) ioctl$NBD_DO_IT(r0, 0xab03) r5 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)) r6 = socket$inet_tcp(0x2, 0x1, 0x0) fcntl$getown(r6, 0x9) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x989680}}, 0x0) r7 = socket(0x28, 0x5, 0x0) r8 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r8, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r8, 0x0) connect$vsock_stream(r7, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10) r9 = accept4$unix(r8, 0x0, 0x0, 0x80800) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) r10 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r10, 0x29, 0x38, 0x0, &(0x7f0000000140)) recvfrom$unix(r9, &(0x7f0000001040)=""/259, 0x103, 0x0, 0x0, 0x0) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) shmget(0x1, 0x4000, 0x4, &(0x7f0000ffa000/0x4000)=nil) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000080)=[{}], 0x8, 0x0, 0x0, 0x0, 0x0, 0xbf, 0x8, 0x0, 0x0}}, 0x10) 71.659381ms ago: executing program 0 (id=145): r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)=@newtaction={0x6c, 0x30, 0x1, 0x3, 0x0, {}, [{0x58, 0x1, [@m_skbmod={0x54, 0x1, 0x0, 0x0, {{0xb}, {0x28, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24, 0x2, {{0x0, 0x2, 0x20000000, 0xfffffff3, 0x5}, 0xb}}]}, {0x4, 0x14}, {0xc, 0x7, {0x65580000}}, {0xc, 0x6}}}]}]}, 0x6c}}, 0x0) 71.302857ms ago: executing program 0 (id=146): r0 = socket$nl_route(0x10, 0x3, 0x0) (async) r1 = syz_open_dev$sndpcmc(&(0x7f0000000180), 0x0, 0x42000) ioctl$SNDRV_PCM_IOCTL_XRUN(r1, 0x4148, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x70bd26, 0x0, {0x0, 0x0, 0x0, 0x0, 0x940, 0x1008}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_AGEING_TIME={0x8, 0x4, 0x3}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x114}, 0x8000) 154.132µs ago: executing program 0 (id=147): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe40, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080)) ioctl$PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0, 0x0, 0x201, 0x0, 0x48, 0xa5, 0x5c}) 0s ago: executing program 0 (id=148): r0 = socket$kcm(0x21, 0x2, 0x2) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netstat\x00') write$nbd(r1, 0x0, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="1800000000000000100100000b00"], 0x10b8}, 0xff00) kernel console output (not intermixed with test programs): [ 44.087183][ T40] audit: type=1400 audit(1749027788.365:61): avc: denied { siginh } for pid=5914 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:23764' (ED25519) to the list of known hosts. [ 45.364973][ T40] audit: type=1400 audit(1749027789.665:62): avc: denied { name_bind } for pid=5926 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 45.388772][ T40] audit: type=1400 audit(1749027789.685:63): avc: denied { write } for pid=5927 comm="sh" path="pipe:[6263]" dev="pipefs" ino=6263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 45.407401][ T40] audit: type=1400 audit(1749027789.705:64): avc: denied { execute } for pid=5927 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 45.414303][ T40] audit: type=1400 audit(1749027789.705:65): avc: denied { execute_no_trans } for pid=5927 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 47.240680][ T40] audit: type=1400 audit(1749027791.535:66): avc: denied { mounton } for pid=5927 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 47.243175][ T5927] cgroup: Unknown subsys name 'net' [ 47.396085][ T5927] cgroup: Unknown subsys name 'cpuset' [ 47.401091][ T5927] cgroup: Unknown subsys name 'rlimit' [ 47.577214][ T5930] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 48.228187][ T5927] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 50.614216][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 50.614226][ T40] audit: type=1400 audit(1749027794.915:80): avc: denied { execmem } for pid=5935 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 50.867257][ T40] audit: type=1400 audit(1749027795.165:81): avc: denied { create } for pid=5938 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 50.873395][ T40] audit: type=1400 audit(1749027795.165:82): avc: denied { read write } for pid=5938 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 50.881234][ T40] audit: type=1400 audit(1749027795.165:83): avc: denied { read write } for pid=5939 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 50.888759][ T40] audit: type=1400 audit(1749027795.165:84): avc: denied { open } for pid=5939 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 50.896189][ T40] audit: type=1400 audit(1749027795.175:85): avc: denied { ioctl } for pid=5938 comm="syz-executor" path="socket:[6281]" dev="sockfs" ino=6281 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 50.915618][ T5952] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 50.916580][ T5953] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 50.918801][ T5952] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 50.921075][ T5953] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 50.923007][ T5952] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 50.923032][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 50.925724][ T5953] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 50.925754][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 50.927753][ T5952] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 50.929472][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 50.929691][ T5953] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 50.929939][ T5953] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 50.931688][ T5952] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 50.933830][ T5955] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 50.934623][ T40] audit: type=1400 audit(1749027795.235:86): avc: denied { read } for pid=5938 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 50.935906][ T5953] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 50.937820][ T63] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 50.938487][ T5955] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 50.941767][ T5952] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 50.942998][ T40] audit: type=1400 audit(1749027795.235:88): avc: denied { mounton } for pid=5940 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 50.946194][ T5955] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 50.947262][ T40] audit: type=1400 audit(1749027795.235:87): avc: denied { open } for pid=5938 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 50.955077][ T5955] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 51.172649][ T40] audit: type=1400 audit(1749027795.475:89): avc: denied { module_request } for pid=5938 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 51.196884][ T5938] chnl_net:caif_netlink_parms(): no params data found [ 51.234653][ T5939] chnl_net:caif_netlink_parms(): no params data found [ 51.398270][ T5940] chnl_net:caif_netlink_parms(): no params data found [ 51.403067][ T5938] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.405298][ T5938] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.407559][ T5938] bridge_slave_0: entered allmulticast mode [ 51.410187][ T5938] bridge_slave_0: entered promiscuous mode [ 51.416269][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.418504][ T5938] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.420772][ T5938] bridge_slave_1: entered allmulticast mode [ 51.423704][ T5938] bridge_slave_1: entered promiscuous mode [ 51.426512][ T5939] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.428729][ T5939] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.430922][ T5939] bridge_slave_0: entered allmulticast mode [ 51.434235][ T5939] bridge_slave_0: entered promiscuous mode [ 51.439573][ T5939] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.441825][ T5939] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.444371][ T5939] bridge_slave_1: entered allmulticast mode [ 51.447027][ T5939] bridge_slave_1: entered promiscuous mode [ 51.479648][ T5948] chnl_net:caif_netlink_parms(): no params data found [ 51.502273][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 51.509059][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.544942][ T5939] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 51.598121][ T5939] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.603134][ T5938] team0: Port device team_slave_0 added [ 51.629477][ T5938] team0: Port device team_slave_1 added [ 51.727759][ T5939] team0: Port device team_slave_0 added [ 51.744663][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 51.746864][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.755212][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 51.776269][ T5940] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.778539][ T5940] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.780785][ T5940] bridge_slave_0: entered allmulticast mode [ 51.783819][ T5940] bridge_slave_0: entered promiscuous mode [ 51.787306][ T5939] team0: Port device team_slave_1 added [ 51.803209][ T5948] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.805472][ T5948] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.807819][ T5948] bridge_slave_0: entered allmulticast mode [ 51.810430][ T5948] bridge_slave_0: entered promiscuous mode [ 51.813630][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 51.816385][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.826828][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 51.837528][ T5940] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.839795][ T5940] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.842012][ T5940] bridge_slave_1: entered allmulticast mode [ 51.845580][ T5940] bridge_slave_1: entered promiscuous mode [ 51.863350][ T5948] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.865574][ T5948] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.867756][ T5948] bridge_slave_1: entered allmulticast mode [ 51.870848][ T5948] bridge_slave_1: entered promiscuous mode [ 51.935617][ T5939] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 51.937776][ T5939] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.946637][ T5939] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 51.951906][ T5948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 51.956448][ T5948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.961650][ T5940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 51.966321][ T5939] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 51.969107][ T5939] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.979462][ T5939] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 52.014372][ T5940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.069057][ T5938] hsr_slave_0: entered promiscuous mode [ 52.071736][ T5938] hsr_slave_1: entered promiscuous mode [ 52.091371][ T5948] team0: Port device team_slave_0 added [ 52.097806][ T5948] team0: Port device team_slave_1 added [ 52.121192][ T5940] team0: Port device team_slave_0 added [ 52.201335][ T5940] team0: Port device team_slave_1 added [ 52.222060][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 52.224746][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.232305][ T5948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 52.250678][ T5939] hsr_slave_0: entered promiscuous mode [ 52.253981][ T5939] hsr_slave_1: entered promiscuous mode [ 52.257298][ T5939] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 52.259889][ T5939] Cannot create hsr debugfs directory [ 52.296570][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 52.298882][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.308840][ T5948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 52.341570][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 52.346230][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.355650][ T5940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 52.361539][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 52.364057][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.373157][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 52.449096][ T5948] hsr_slave_0: entered promiscuous mode [ 52.451335][ T5948] hsr_slave_1: entered promiscuous mode [ 52.453947][ T5948] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 52.457111][ T5948] Cannot create hsr debugfs directory [ 52.496398][ T5940] hsr_slave_0: entered promiscuous mode [ 52.498626][ T5940] hsr_slave_1: entered promiscuous mode [ 52.500765][ T5940] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 52.504711][ T5940] Cannot create hsr debugfs directory [ 52.774036][ T5938] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 52.790051][ T5938] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 52.795486][ T5938] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 52.805526][ T5938] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 52.838228][ T5940] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 52.844077][ T5940] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 52.848781][ T5940] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 52.852845][ T5940] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 52.896356][ T5939] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 52.906950][ T5939] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 52.912499][ T5939] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 52.919873][ T5939] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 52.967702][ T5948] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 52.976649][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.979543][ T5948] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 52.984764][ T5948] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 52.988777][ T5948] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 52.992740][ T5945] Bluetooth: hci2: command tx timeout [ 52.992745][ T5955] Bluetooth: hci3: command tx timeout [ 53.002623][ T5945] Bluetooth: hci0: command tx timeout [ 53.002862][ T5955] Bluetooth: hci1: command tx timeout [ 53.017216][ T5938] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.035296][ T1253] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.037836][ T1253] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.048657][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.051899][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.054181][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.088299][ T5940] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.117151][ T1253] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.120014][ T1253] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.127786][ T5939] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.134820][ T1253] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.137104][ T1253] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.174976][ T5948] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.185466][ T5939] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.196997][ T1253] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.200091][ T1253] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.213785][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.216182][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.221519][ T5948] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.238226][ T1253] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.241171][ T1253] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.268632][ T1253] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.270904][ T1253] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.293105][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.308538][ T5948] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 53.312154][ T5948] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 53.358825][ T5938] veth0_vlan: entered promiscuous mode [ 53.366472][ T5938] veth1_vlan: entered promiscuous mode [ 53.388797][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.401386][ T5938] veth0_macvtap: entered promiscuous mode [ 53.409761][ T5938] veth1_macvtap: entered promiscuous mode [ 53.433532][ T5939] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.445352][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 53.462419][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 53.468956][ T5948] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.482194][ T5940] veth0_vlan: entered promiscuous mode [ 53.485653][ T5938] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.489099][ T5938] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.491793][ T5938] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.495331][ T5938] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.524295][ T5940] veth1_vlan: entered promiscuous mode [ 53.561607][ T5948] veth0_vlan: entered promiscuous mode [ 53.579065][ T5939] veth0_vlan: entered promiscuous mode [ 53.587653][ T1206] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.590594][ T1206] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.613623][ T5940] veth0_macvtap: entered promiscuous mode [ 53.616805][ T5939] veth1_vlan: entered promiscuous mode [ 53.622069][ T5948] veth1_vlan: entered promiscuous mode [ 53.629078][ T5940] veth1_macvtap: entered promiscuous mode [ 53.631896][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.634716][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.650682][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 53.655935][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 53.667831][ T5940] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.671230][ T5940] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.675160][ T5940] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.678678][ T5940] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.692573][ T5948] veth0_macvtap: entered promiscuous mode [ 53.692763][ T5938] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 53.699657][ T5939] veth0_macvtap: entered promiscuous mode [ 53.704177][ T5948] veth1_macvtap: entered promiscuous mode [ 53.719168][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 53.733842][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 53.736529][ T5939] veth1_macvtap: entered promiscuous mode [ 53.746588][ T5948] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.750118][ T5948] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.756289][ T5948] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.759753][ T5948] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.806388][ T5939] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 53.810722][ T5939] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 53.816846][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.819432][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.832050][ T5939] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.835043][ T5939] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.838088][ T5939] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.840786][ T5939] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.855123][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.857628][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.858897][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.860317][ T6007] netlink: 'syz.1.5': attribute type 11 has an invalid length. [ 53.862573][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.865362][ T6007] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5'. [ 53.891600][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.894173][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.923258][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.925899][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.947152][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.949665][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.990129][ T6014] program syz.0.1 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 54.027691][ T5955] Bluetooth: hci0: unexpected event 0x09 length: 13 > 3 [ 54.040193][ T6014] program syz.0.1 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 54.158878][ T6031] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 54.161558][ T6031] IPv6: NLM_F_CREATE should be set when creating new route [ 54.165034][ T6031] lo: entered allmulticast mode [ 54.168204][ T6031] tunl0: entered allmulticast mode [ 54.170534][ T6031] gre0: entered allmulticast mode [ 54.182367][ T6031] gretap0: entered allmulticast mode [ 54.189797][ T6031] erspan0: entered allmulticast mode [ 54.193256][ T6031] ip_vti0: entered allmulticast mode [ 54.195713][ T6031] ip6_vti0: entered allmulticast mode [ 54.198505][ T6031] sit0: entered allmulticast mode [ 54.202179][ T6031] ip6tnl0: entered allmulticast mode [ 54.205449][ T6031] ip6gre0: entered allmulticast mode [ 54.206770][ T5955] Bluetooth: Unexpected continuation frame (len 4) [ 54.210648][ T6031] syz_tun: entered allmulticast mode [ 54.224382][ T6031] ip6gretap0: entered allmulticast mode [ 54.228768][ T6031] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.231489][ T6031] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.235716][ T6031] bridge0: entered allmulticast mode [ 54.238711][ T6031] vcan0: entered allmulticast mode [ 54.241479][ T6031] bond0: entered allmulticast mode [ 54.245032][ T6031] bond_slave_0: entered allmulticast mode [ 54.246837][ T6031] bond_slave_1: entered allmulticast mode [ 54.250742][ T6031] team0: entered allmulticast mode [ 54.252951][ T6031] team_slave_0: entered allmulticast mode [ 54.254661][ T6031] team_slave_1: entered allmulticast mode [ 54.258327][ T6031] dummy0: entered allmulticast mode [ 54.266049][ T6031] nlmon0: entered allmulticast mode [ 54.270352][ T6031] caif0: entered allmulticast mode [ 54.277512][ T6031] batadv0: entered allmulticast mode [ 54.282603][ T6031] vxcan0: entered allmulticast mode [ 54.284680][ T6031] vxcan1: entered allmulticast mode [ 54.287197][ T6031] veth0: entered allmulticast mode [ 54.290711][ T6031] veth1: entered allmulticast mode [ 54.295990][ T6031] wg0: entered allmulticast mode [ 54.299288][ T6031] wg1: entered allmulticast mode [ 54.304111][ T6031] wg2: entered allmulticast mode [ 54.307093][ T6031] veth0_to_bridge: entered allmulticast mode [ 54.308842][ T6033] fuse: Unknown parameter '' [ 54.312682][ T6031] veth1_to_bridge: entered allmulticast mode [ 54.317218][ T6031] veth0_to_bond: entered allmulticast mode [ 54.321234][ T6031] veth1_to_bond: entered allmulticast mode [ 54.325688][ T6031] veth0_to_team: entered allmulticast mode [ 54.327011][ T6043] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13'. [ 54.331346][ T6031] veth1_to_team: entered allmulticast mode [ 54.335873][ T6031] veth0_to_batadv: entered allmulticast mode [ 54.341399][ T6031] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 54.344788][ T6031] batadv_slave_0: entered allmulticast mode [ 54.348812][ T6031] veth1_to_batadv: entered allmulticast mode [ 54.353067][ T6031] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 54.355802][ T6031] batadv_slave_1: entered allmulticast mode [ 54.358700][ T6031] xfrm0: entered allmulticast mode [ 54.361710][ T6031] veth0_to_hsr: entered allmulticast mode [ 54.364870][ T6031] hsr_slave_0: entered allmulticast mode [ 54.367815][ T6031] veth1_to_hsr: entered allmulticast mode [ 54.370745][ T6031] hsr_slave_1: entered allmulticast mode [ 54.373792][ T6031] hsr0: entered allmulticast mode [ 54.377439][ T6031] veth1_virt_wifi: entered allmulticast mode [ 54.380792][ T6031] veth0_virt_wifi: entered allmulticast mode [ 54.383758][ T6031] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 54.386610][ T6031] veth1_vlan: entered allmulticast mode [ 54.389872][ T6031] veth0_vlan: entered allmulticast mode [ 54.395488][ T6031] vlan0: entered allmulticast mode [ 54.397200][ T6031] vlan1: entered allmulticast mode [ 54.402652][ T6031] macvlan0: entered allmulticast mode [ 54.411755][ T6031] macvlan1: entered allmulticast mode [ 54.414782][ T6031] ipvlan0: entered allmulticast mode [ 54.416580][ T6031] ipvlan1: entered allmulticast mode [ 54.419116][ T6031] veth1_macvtap: entered allmulticast mode [ 54.423504][ T6031] veth0_macvtap: entered allmulticast mode [ 54.427433][ T6031] macvtap0: entered allmulticast mode [ 54.433643][ T6031] macsec0: entered allmulticast mode [ 54.437353][ T6031] geneve0: entered allmulticast mode [ 54.440396][ T6031] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.443336][ T6031] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.446157][ T6031] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.448906][ T6031] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.452517][ T6031] geneve1: entered allmulticast mode [ 54.457237][ T6031] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 54.462891][ T6031] netdevsim netdevsim0 netdevsim1: entered allmulticast mode [ 54.466952][ T6031] netdevsim netdevsim0 netdevsim2: entered allmulticast mode [ 54.471035][ T6031] netdevsim netdevsim0 netdevsim3: entered allmulticast mode [ 54.480682][ T6031] mac80211_hwsim hwsim5 wlan0: entered allmulticast mode [ 54.490522][ T6031] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 54.634263][ T6052] loop3: detected capacity change from 0 to 1 [ 54.639649][ T6052] Dev loop3: unable to read RDB block 1 [ 54.641488][ T6052] loop3: unable to read partition table [ 54.643388][ T6052] loop3: partition table beyond EOD, truncated [ 54.645452][ T6052] loop_reread_partitions: partition scan of loop3 (�被x������ ) failed (rc=-5) [ 54.679086][ T6056] FAULT_INJECTION: forcing a failure. [ 54.679086][ T6056] name failslab, interval 1, probability 0, space 0, times 1 [ 54.679143][ T6056] CPU: 0 UID: 0 PID: 6056 Comm: syz.3.19 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) [ 54.679164][ T6056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 54.679174][ T6056] Call Trace: [ 54.679180][ T6056] <TASK> [ 54.679187][ T6056] dump_stack_lvl+0x16c/0x1f0 [ 54.679219][ T6056] should_fail_ex+0x512/0x640 [ 54.679235][ T6056] ? __kmalloc_noprof+0xbf/0x510 [ 54.679260][ T6056] ? drm_atomic_state_init+0x17b/0x320 [ 54.679281][ T6056] should_failslab+0xc2/0x120 [ 54.679307][ T6056] __kmalloc_noprof+0xd2/0x510 [ 54.679336][ T6056] drm_atomic_state_init+0x17b/0x320 [ 54.679357][ T6056] ? __kasan_kmalloc+0xaa/0xb0 [ 54.679382][ T6056] drm_atomic_state_alloc+0xd3/0x120 [ 54.679405][ T6056] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 54.679429][ T6056] ? __pfx___might_resched+0x10/0x10 [ 54.679454][ T6056] ? rcu_is_watching+0x12/0xc0 [ 54.679476][ T6056] ? trace_contention_end+0xdd/0x130 [ 54.679494][ T6056] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 54.679516][ T6056] ? __mutex_lock+0x1ca/0xb90 [ 54.679548][ T6056] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 54.679585][ T6056] drm_client_modeset_commit_locked+0x14d/0x580 [ 54.679612][ T6056] drm_fb_helper_pan_display+0x32d/0xa40 [ 54.679640][ T6056] fb_pan_display+0x47c/0x7d0 [ 54.679656][ T6056] ? __pfx_drm_fb_helper_pan_display+0x10/0x10 [ 54.679677][ T6056] bit_update_start+0x49/0x1f0 [ 54.679698][ T6056] fbcon_modechanged+0x5a8/0x700 [ 54.679720][ T6056] fbcon_set_all_vcs+0x1d6/0x450 [ 54.679741][ T6056] fbcon_update_vcs+0x2c/0x50 [ 54.679758][ T6056] do_fb_ioctl+0x787/0x7e0 [ 54.679780][ T6056] ? __pfx_do_fb_ioctl+0x10/0x10 [ 54.679808][ T6056] ? do_vfs_ioctl+0x523/0x1a60 [ 54.679894][ T6056] ? selinux_file_ioctl+0x180/0x270 [ 54.679919][ T6056] fb_ioctl+0xe5/0x150 [ 54.679938][ T6056] ? __pfx_fb_ioctl+0x10/0x10 [ 54.679960][ T6056] __x64_sys_ioctl+0x18b/0x210 [ 54.679982][ T6056] do_syscall_64+0xcd/0x4c0 [ 54.680000][ T6056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.680017][ T6056] RIP: 0033:0x7fc4def8e929 [ 54.680031][ T6056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 54.680047][ T6056] RSP: 002b:00007fc4dfe94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 54.680068][ T6056] RAX: ffffffffffffffda RBX: 00007fc4df1b5fa0 RCX: 00007fc4def8e929 [ 54.680079][ T6056] RDX: 0000200000000140 RSI: 0000000000004601 RDI: 0000000000000003 [ 54.680088][ T6056] RBP: 00007fc4dfe94090 R08: 0000000000000000 R09: 0000000000000000 [ 54.680098][ T6056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 54.680108][ T6056] R13: 0000000000000000 R14: 00007fc4df1b5fa0 R15: 00007ffdad728608 [ 54.680135][ T6056] </TASK> [ 54.741786][ T5955] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 54.741814][ T5955] CPU: 3 UID: 0 PID: 5955 Comm: kworker/u33:7 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) [ 54.741828][ T5955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 54.741835][ T5955] Workqueue: hci1 hci_rx_work [ 54.741850][ T5955] Call Trace: [ 54.741854][ T5955] <TASK> [ 54.741859][ T5955] dump_stack_lvl+0x16c/0x1f0 [ 54.741877][ T5955] sysfs_warn_dup+0x7f/0xa0 [ 54.741893][ T5955] sysfs_create_dir_ns+0x24b/0x2b0 [ 54.741908][ T5955] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 54.741922][ T5955] ? find_held_lock+0x2b/0x80 [ 54.741939][ T5955] ? do_raw_spin_unlock+0x172/0x230 [ 54.741951][ T5955] kobject_add_internal+0x2c4/0x9b0 [ 54.741964][ T5955] kobject_add+0x16e/0x240 [ 54.741975][ T5955] ? __pfx_kobject_add+0x10/0x10 [ 54.741986][ T5955] ? do_raw_spin_unlock+0x172/0x230 [ 54.741998][ T5955] ? kobject_put+0xab/0x5a0 [ 54.742011][ T5955] device_add+0x288/0x1a70 [ 54.742025][ T5955] ? __pfx_dev_set_name+0x10/0x10 [ 54.742039][ T5955] ? __pfx_device_add+0x10/0x10 [ 54.742052][ T5955] ? mgmt_send_event_skb+0x2fb/0x460 [ 54.742072][ T5955] hci_conn_add_sysfs+0x17e/0x230 [ 54.742083][ T5955] le_conn_complete_evt+0x1075/0x1d70 [ 54.742121][ T5955] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 54.742138][ T5955] ? hci_event_packet+0x459/0x11c0 [ 54.742158][ T5955] hci_le_enh_conn_complete_evt+0x23d/0x380 [ 54.742175][ T5955] ? skb_pull_data+0x166/0x210 [ 54.742192][ T5955] hci_le_meta_evt+0x354/0x5e0 [ 54.742203][ T5955] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 54.742222][ T5955] hci_event_packet+0x685/0x11c0 [ 54.742238][ T5955] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 54.742249][ T5955] ? __pfx_hci_event_packet+0x10/0x10 [ 54.742267][ T5955] ? kcov_remote_start+0x3c9/0x6d0 [ 54.742278][ T5955] ? lockdep_hardirqs_on+0x7c/0x110 [ 54.742297][ T5955] hci_rx_work+0x2c5/0x16b0 [ 54.742313][ T5955] ? rcu_is_watching+0x12/0xc0 [ 54.742328][ T5955] process_one_work+0x9cf/0x1b70 [ 54.742345][ T5955] ? __pfx_process_one_work+0x10/0x10 [ 54.742360][ T5955] ? assign_work+0x1a0/0x250 [ 54.742372][ T5955] worker_thread+0x6c8/0xf10 [ 54.742390][ T5955] ? __pfx_worker_thread+0x10/0x10 [ 54.742401][ T5955] kthread+0x3c5/0x780 [ 54.742412][ T5955] ? __pfx_kthread+0x10/0x10 [ 54.742423][ T5955] ? rcu_is_watching+0x12/0xc0 [ 54.742438][ T5955] ? __pfx_kthread+0x10/0x10 [ 54.742448][ T5955] ret_from_fork+0x5d4/0x6f0 [ 54.742463][ T5955] ? __pfx_kthread+0x10/0x10 [ 54.742472][ T5955] ret_from_fork_asm+0x1a/0x30 [ 54.742490][ T5955] </TASK> [ 54.744037][ T5955] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 54.826180][ T6071] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 54.828634][ T5955] Bluetooth: hci1: failed to register connection device [ 54.831938][ T6071] IPv6: NLM_F_CREATE should be set when creating new route [ 54.919408][ T6080] netlink: 8 bytes leftover after parsing attributes in process `syz.2.22'. [ 54.923929][ T6071] lo: entered allmulticast mode [ 54.931900][ T6071] tunl0: entered allmulticast mode [ 54.937043][ T6071] gre0: entered allmulticast mode [ 54.941596][ T6071] gretap0: entered allmulticast mode [ 54.956986][ T6071] erspan0: entered allmulticast mode [ 54.960207][ T6071] ip_vti0: entered allmulticast mode [ 54.962972][ T6071] ip6_vti0: entered allmulticast mode [ 54.965852][ T6071] sit0: entered allmulticast mode [ 54.969172][ T6071] ip6tnl0: entered allmulticast mode [ 54.982877][ T6071] ip6gre0: entered allmulticast mode [ 54.987074][ T6071] syz_tun: entered allmulticast mode [ 54.991710][ T6071] ip6gretap0: entered allmulticast mode [ 54.997739][ T6071] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.000548][ T6071] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.004659][ T6071] bridge0: entered allmulticast mode [ 55.007978][ T6071] vcan0: entered allmulticast mode [ 55.011361][ T6071] bond0: entered allmulticast mode [ 55.014591][ T6071] bond_slave_0: entered allmulticast mode [ 55.016463][ T6071] bond_slave_1: entered allmulticast mode [ 55.022507][ T6071] team0: entered allmulticast mode [ 55.024690][ T6071] team_slave_0: entered allmulticast mode [ 55.027065][ T6071] team_slave_1: entered allmulticast mode [ 55.032815][ T6071] dummy0: entered allmulticast mode [ 55.037708][ T6071] nlmon0: entered allmulticast mode [ 55.040099][ T6071] caif0: entered allmulticast mode [ 55.041961][ T6071] batadv0: entered allmulticast mode [ 55.046819][ T6071] vxcan0: entered allmulticast mode [ 55.048915][ T6071] vxcan1: entered allmulticast mode [ 55.051381][ T6071] veth0: entered allmulticast mode [ 55.063228][ T6071] veth1: entered allmulticast mode [ 55.067934][ T6071] wg0: entered allmulticast mode [ 55.070353][ T6086] capability: warning: `syz.0.28' uses deprecated v2 capabilities in a way that may be insecure [ 55.074937][ T5955] Bluetooth: hci0: command tx timeout [ 55.082697][ T5955] Bluetooth: hci1: command tx timeout [ 55.083230][ T5945] Bluetooth: hci3: command tx timeout [ 55.087629][ T6071] wg1: entered allmulticast mode [ 55.094104][ T6071] wg2: entered allmulticast mode [ 55.098613][ T6071] veth0_to_bridge: entered allmulticast mode [ 55.106209][ T6071] veth1_to_bridge: entered allmulticast mode [ 55.114384][ T6071] veth0_to_bond: entered allmulticast mode [ 55.120372][ T6071] veth1_to_bond: entered allmulticast mode [ 55.124770][ T6071] veth0_to_team: entered allmulticast mode [ 55.129338][ T6071] veth1_to_team: entered allmulticast mode [ 55.134371][ T6071] veth0_to_batadv: entered allmulticast mode [ 55.137466][ T6071] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 55.140348][ T6071] batadv_slave_0: entered allmulticast mode [ 55.143970][ T6071] veth1_to_batadv: entered allmulticast mode [ 55.147456][ T6071] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 55.150321][ T6071] batadv_slave_1: entered allmulticast mode [ 55.153956][ T6071] xfrm0: entered allmulticast mode [ 55.157169][ T6071] veth0_to_hsr: entered allmulticast mode [ 55.160283][ T6071] hsr_slave_0: entered allmulticast mode [ 55.163736][ T6071] veth1_to_hsr: entered allmulticast mode [ 55.166816][ T6071] hsr_slave_1: entered allmulticast mode [ 55.169977][ T6071] hsr0: entered allmulticast mode [ 55.174353][ T6071] veth1_virt_wifi: entered allmulticast mode [ 55.177903][ T6071] veth0_virt_wifi: entered allmulticast mode [ 55.180854][ T6071] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 55.184048][ T6071] veth1_vlan: entered allmulticast mode [ 55.187358][ T6071] veth0_vlan: entered allmulticast mode [ 55.194136][ T6071] vlan0: entered allmulticast mode [ 55.195924][ T6071] vlan1: entered allmulticast mode [ 55.197994][ T6071] macvlan0: entered allmulticast mode [ 55.201922][ T6071] macvlan1: entered allmulticast mode [ 55.205015][ T6071] ipvlan0: entered allmulticast mode [ 55.206788][ T6071] ipvlan1: entered allmulticast mode [ 55.209175][ T6071] veth1_macvtap: entered allmulticast mode [ 55.212737][ T6071] veth0_macvtap: entered allmulticast mode [ 55.216131][ T6071] macvtap0: entered allmulticast mode [ 55.220323][ T6071] macsec0: entered allmulticast mode [ 55.224243][ T6071] geneve0: entered allmulticast mode [ 55.227336][ T6071] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.230156][ T6071] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.233086][ T6071] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.235858][ T6071] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.238762][ T6071] geneve1: entered allmulticast mode [ 55.243198][ T6071] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 55.247972][ T6071] netdevsim netdevsim1 netdevsim1: entered allmulticast mode [ 55.251989][ T6071] netdevsim netdevsim1 netdevsim2: entered allmulticast mode [ 55.256467][ T6071] netdevsim netdevsim1 netdevsim3: entered allmulticast mode [ 55.265181][ T6071] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 55.271250][ T6071] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 55.275518][ T6075] netlink: 8 bytes leftover after parsing attributes in process `syz.2.22'. [ 55.382745][ T5945] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 55.437971][ T5955] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 55.932040][ T40] kauditd_printk_skb: 92 callbacks suppressed [ 55.932051][ T40] audit: type=1400 audit(1749027800.225:182): avc: denied { write } for pid=6110 comm="syz.0.39" name="ip_mr_cache" dev="proc" ino=4026533326 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 55.967349][ T40] audit: type=1400 audit(1749027800.265:183): avc: denied { create } for pid=6112 comm="syz.0.40" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 55.973743][ T6113] warning: `syz.0.40' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 55.974787][ T40] audit: type=1400 audit(1749027800.275:184): avc: denied { ioctl } for pid=6112 comm="syz.0.40" path="socket:[10446]" dev="sockfs" ino=10446 ioctlcmd=0x8b1a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 55.980842][ T6113] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6113 comm=syz.0.40 [ 55.985375][ T40] audit: type=1400 audit(1749027800.275:185): avc: denied { create } for pid=6112 comm="syz.0.40" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 55.996657][ T40] audit: type=1400 audit(1749027800.275:186): avc: denied { allowed } for pid=6112 comm="syz.0.40" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 56.044317][ T40] audit: type=1400 audit(1749027800.345:187): avc: denied { create } for pid=6122 comm="syz.1.45" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 56.058069][ T40] audit: type=1400 audit(1749027800.345:188): avc: denied { write } for pid=6122 comm="syz.1.45" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 56.065479][ T40] audit: type=1400 audit(1749027800.345:189): avc: denied { nlmsg_read } for pid=6122 comm="syz.1.45" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 56.079415][ T6127] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 56.086384][ T40] audit: type=1400 audit(1749027800.385:190): avc: denied { ioctl } for pid=6126 comm="syz.1.48" path="socket:[9688]" dev="sockfs" ino=9688 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 56.097253][ T6129] lo: entered allmulticast mode [ 56.100792][ T6129] tunl0: entered allmulticast mode [ 56.104166][ T6129] gre0: entered allmulticast mode [ 56.109062][ T6129] gretap0: entered allmulticast mode [ 56.112256][ T5955] Bluetooth: hci2: command tx timeout [ 56.115267][ T6129] erspan0: entered allmulticast mode [ 56.116958][ T40] audit: type=1400 audit(1749027800.415:191): avc: denied { bind } for pid=6132 comm="syz.1.50" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 56.119072][ T6129] ip_vti0: entered allmulticast mode [ 56.129219][ T6129] ip6_vti0: entered allmulticast mode [ 56.131276][ T6133] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=31112 sclass=netlink_route_socket pid=6133 comm=syz.1.50 [ 56.132480][ T6129] sit0: entered allmulticast mode [ 56.139573][ T6129] ip6tnl0: entered allmulticast mode [ 56.142495][ T6129] ip6gre0: entered allmulticast mode [ 56.145481][ T6129] syz_tun: entered allmulticast mode [ 56.156215][ T6129] ip6gretap0: entered allmulticast mode [ 56.160177][ T6129] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.162822][ T6129] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.165684][ T6129] bridge0: entered allmulticast mode [ 56.169097][ T6129] vcan0: entered allmulticast mode [ 56.175125][ T6129] bond0: entered allmulticast mode [ 56.176873][ T6129] bond_slave_0: entered allmulticast mode [ 56.178711][ T6129] bond_slave_1: entered allmulticast mode [ 56.183531][ T6129] team0: entered allmulticast mode [ 56.185392][ T6129] team_slave_0: entered allmulticast mode [ 56.187748][ T6129] team_slave_1: entered allmulticast mode [ 56.193172][ T6129] dummy0: entered allmulticast mode [ 56.197063][ T6129] nlmon0: entered allmulticast mode [ 56.199520][ T6129] caif0: entered allmulticast mode [ 56.201509][ T6129] batadv0: entered allmulticast mode [ 56.205143][ T6129] vxcan0: entered allmulticast mode [ 56.207548][ T6129] vxcan1: entered allmulticast mode [ 56.210144][ T6129] veth0: entered allmulticast mode [ 56.213952][ T6129] veth1: entered allmulticast mode [ 56.219003][ T6129] wg0: entered allmulticast mode [ 56.233089][ T6129] wg1: entered allmulticast mode [ 56.236682][ T6129] wg2: entered allmulticast mode [ 56.241677][ T6129] veth0_to_bridge: entered allmulticast mode [ 56.247485][ T6129] veth1_to_bridge: entered allmulticast mode [ 56.253676][ T6129] veth0_to_bond: entered allmulticast mode [ 56.257831][ T6129] veth1_to_bond: entered allmulticast mode [ 56.264337][ T6129] veth0_to_team: entered allmulticast mode [ 56.269107][ T6129] veth1_to_team: entered allmulticast mode [ 56.275926][ T6129] veth0_to_batadv: entered allmulticast mode [ 56.279198][ T6129] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 56.283868][ T6129] batadv_slave_0: entered allmulticast mode [ 56.290602][ T6129] veth1_to_batadv: entered allmulticast mode [ 56.294200][ T6129] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 56.298489][ T6129] batadv_slave_1: entered allmulticast mode [ 56.304873][ T6129] xfrm0: entered allmulticast mode [ 56.310592][ T6129] veth0_to_hsr: entered allmulticast mode [ 56.315724][ T6129] hsr_slave_0: entered allmulticast mode [ 56.320801][ T6129] veth1_to_hsr: entered allmulticast mode [ 56.326753][ T6129] hsr_slave_1: entered allmulticast mode [ 56.331532][ T6129] hsr0: entered allmulticast mode [ 56.337410][ T6129] veth1_virt_wifi: entered allmulticast mode [ 56.344618][ T6129] veth0_virt_wifi: entered allmulticast mode [ 56.348798][ T6129] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 56.352740][ T6129] veth1_vlan: entered allmulticast mode [ 56.356414][ T6129] veth0_vlan: entered allmulticast mode [ 56.363218][ T6129] vlan0: entered allmulticast mode [ 56.364956][ T6129] vlan1: entered allmulticast mode [ 56.367139][ T6129] macvlan0: entered allmulticast mode [ 56.370649][ T6129] macvlan1: entered allmulticast mode [ 56.374936][ T6129] ipvlan0: entered allmulticast mode [ 56.377884][ T6129] ipvlan1: entered allmulticast mode [ 56.381493][ T6129] veth1_macvtap: entered allmulticast mode [ 56.387941][ T6129] veth0_macvtap: entered allmulticast mode [ 56.393541][ T6129] macvtap0: entered allmulticast mode [ 56.398620][ T6129] macsec0: entered allmulticast mode [ 56.404189][ T6129] geneve0: entered allmulticast mode [ 56.409202][ T6129] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.412588][ T6129] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.415199][ T6003] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 56.417471][ T6129] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.420164][ T6129] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.424081][ T6129] geneve1: entered allmulticast mode [ 56.429507][ T6129] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 56.438385][ T6129] netdevsim netdevsim2 netdevsim1: entered allmulticast mode [ 56.444091][ T6129] netdevsim netdevsim2 netdevsim2: entered allmulticast mode [ 56.450604][ T6129] netdevsim netdevsim2 netdevsim3: entered allmulticast mode [ 56.463116][ T6129] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode [ 56.474805][ T6129] mac80211_hwsim hwsim6 wlan1: entered allmulticast mode [ 56.488632][ T6137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.52'. [ 56.562296][ T6003] usb 6-1: Using ep0 maxpacket: 8 [ 56.567096][ T6003] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 56.569779][ T6003] usb 6-1: config 179 has no interface number 0 [ 56.571856][ T6003] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 56.576017][ T6003] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 56.580602][ T6003] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 56.584147][ T6003] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 56.588220][ T6003] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 56.591406][ T6003] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.599217][ T6135] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 56.802383][ T5984] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 56.818615][ T6003] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:179.65/input/input5 [ 56.939587][ T6181] kvm: requested 7542 ns i8254 timer period limited to 200000 ns [ 56.947187][ T5949] IPVS: starting estimator thread 0... [ 56.950420][ T6184] tipc: Started in network mode [ 56.952016][ T6184] tipc: Node identity ac1414aa, cluster identity 4711 [ 56.952202][ T5984] usb 7-1: Using ep0 maxpacket: 8 [ 56.955317][ T6184] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 56.957898][ T5984] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 56.958745][ T6184] tipc: Enabled bearer <udp:s>, priority 10 [ 56.962614][ T5984] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 56.962628][ T5984] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.973021][ T5984] usb 7-1: config 0 descriptor?? [ 57.004748][ T6188] netlink: 'syz.3.70': attribute type 10 has an invalid length. [ 57.022214][ C2] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 57.027675][ C2] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 57.031071][ T6003] usb 6-1: USB disconnect, device number 2 [ 57.039843][ T6003] xpad 6-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 57.053492][ T6185] IPVS: using max 28 ests per chain, 67200 per kthread [ 57.095357][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 57.152225][ T5955] Bluetooth: hci0: command tx timeout [ 57.163208][ T5955] Bluetooth: hci3: command tx timeout [ 57.185265][ T5984] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 57.214344][ T5955] Bluetooth: Unexpected continuation frame (len 10) [ 57.232403][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 57.372228][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 57.419248][ T5955] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 57.456610][ T6209] tipc: Enabling of bearer <udp:s> rejected, already enabled [ 57.512229][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 57.552173][ T6213] FAULT_INJECTION: forcing a failure. [ 57.552173][ T6213] name failslab, interval 1, probability 0, space 0, times 0 [ 57.552878][ T5955] Bluetooth: hci1: command tx timeout [ 57.556403][ T6213] CPU: 2 UID: 0 PID: 6213 Comm: syz.1.80 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) [ 57.556421][ T6213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 57.556427][ T6213] Call Trace: [ 57.556431][ T6213] <TASK> [ 57.556435][ T6213] dump_stack_lvl+0x16c/0x1f0 [ 57.556456][ T6213] should_fail_ex+0x512/0x640 [ 57.556466][ T6213] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 57.556481][ T6213] should_failslab+0xc2/0x120 [ 57.556497][ T6213] __kmalloc_cache_noprof+0x6a/0x3e0 [ 57.556509][ T6213] ? read_tsc+0x9/0x20 [ 57.556520][ T6213] ? ktime_get_mono_fast_ns+0x1be/0x3c0 [ 57.556535][ T6213] ? init_srcu_struct_fields+0x97a/0xde0 [ 57.556546][ T6213] ? do_init_timer+0xc9/0x110 [ 57.556560][ T6213] init_srcu_struct_fields+0x97a/0xde0 [ 57.556571][ T6213] ? lockdep_init_map_type+0x5c/0x280 [ 57.556583][ T6213] kvm_dev_ioctl+0x5ac/0x1ad0 [ 57.556603][ T6213] ? hook_file_ioctl_common+0x145/0x410 [ 57.556617][ T6213] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 57.556635][ T6213] ? selinux_file_ioctl+0x180/0x270 [ 57.556645][ T6213] ? selinux_file_ioctl+0xb4/0x270 [ 57.556656][ T6213] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 57.556673][ T6213] __x64_sys_ioctl+0x18b/0x210 [ 57.556686][ T6213] do_syscall_64+0xcd/0x4c0 [ 57.556697][ T6213] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.556707][ T6213] RIP: 0033:0x7f8f1378e929 [ 57.556716][ T6213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 57.556725][ T6213] RSP: 002b:00007f8f14686038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 57.556735][ T6213] RAX: ffffffffffffffda RBX: 00007f8f139b5fa0 RCX: 00007f8f1378e929 [ 57.556741][ T6213] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 57.556747][ T6213] RBP: 00007f8f14686090 R08: 0000000000000000 R09: 0000000000000000 [ 57.556752][ T6213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 57.556758][ T6213] R13: 0000000000000000 R14: 00007f8f139b5fa0 R15: 00007ffc83586288 [ 57.556770][ T6213] </TASK> [ 57.652174][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 57.680059][ T6222] "syz.3.85" (6222) uses obsolete ecb(arc4) skcipher [ 57.703113][ T6003] usb 7-1: USB disconnect, device number 2 [ 57.703132][ C1] iowarrior 7-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19 [ 57.730569][ T6238] vlan0: left allmulticast mode [ 57.776742][ T6242] tipc: Enabling of bearer <udp:s> rejected, already enabled [ 57.789081][ T6244] netlink: 'syz.1.89': attribute type 4 has an invalid length. [ 57.792207][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 57.794612][ T6244] netlink: 'syz.1.89': attribute type 4 has an invalid length. [ 57.797849][ T6244] process 'syz.1.89' launched './file2' with NULL argv: empty string added [ 57.832502][ T6249] FAULT_INJECTION: forcing a failure. [ 57.832502][ T6249] name failslab, interval 1, probability 0, space 0, times 0 [ 57.836803][ T6249] CPU: 3 UID: 0 PID: 6249 Comm: syz.1.91 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) [ 57.836817][ T6249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 57.836824][ T6249] Call Trace: [ 57.836828][ T6249] <TASK> [ 57.836833][ T6249] dump_stack_lvl+0x16c/0x1f0 [ 57.836853][ T6249] should_fail_ex+0x512/0x640 [ 57.836863][ T6249] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 57.836877][ T6249] should_failslab+0xc2/0x120 [ 57.836893][ T6249] __kmalloc_cache_noprof+0x6a/0x3e0 [ 57.836905][ T6249] ? kvm_init_irq_routing+0x43/0xf0 [ 57.836921][ T6249] kvm_init_irq_routing+0x43/0xf0 [ 57.836934][ T6249] kvm_dev_ioctl+0x7dd/0x1ad0 [ 57.836954][ T6249] ? hook_file_ioctl_common+0x145/0x410 [ 57.836968][ T6249] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 57.836986][ T6249] ? selinux_file_ioctl+0x180/0x270 [ 57.836996][ T6249] ? selinux_file_ioctl+0xb4/0x270 [ 57.837007][ T6249] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 57.837029][ T6249] __x64_sys_ioctl+0x18b/0x210 [ 57.837043][ T6249] do_syscall_64+0xcd/0x4c0 [ 57.837054][ T6249] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.837064][ T6249] RIP: 0033:0x7f8f1378e929 [ 57.837073][ T6249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 57.837082][ T6249] RSP: 002b:00007f8f14686038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 57.837092][ T6249] RAX: ffffffffffffffda RBX: 00007f8f139b5fa0 RCX: 00007f8f1378e929 [ 57.837098][ T6249] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 57.837104][ T6249] RBP: 00007f8f14686090 R08: 0000000000000000 R09: 0000000000000000 [ 57.837110][ T6249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 57.837115][ T6249] R13: 0000000000000000 R14: 00007f8f139b5fa0 R15: 00007ffc83586288 [ 57.837131][ T6249] </TASK> [ 57.932285][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 57.976203][ T6263] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 57.981107][ T6003] IPVS: starting estimator thread 0... [ 57.983784][ T6265] tipc: Started in network mode [ 57.985808][ T6265] tipc: Node identity ac1414aa, cluster identity 4711 [ 57.989500][ T6265] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 57.992883][ T6265] tipc: Enabled bearer <udp:s>, priority 10 [ 57.998530][ T6263] netlink: 4 bytes leftover after parsing attributes in process `syz.3.98'. [ 58.001354][ T6263] netlink: 4 bytes leftover after parsing attributes in process `syz.3.98'. [ 58.030337][ T6269] FAULT_INJECTION: forcing a failure. [ 58.030337][ T6269] name failslab, interval 1, probability 0, space 0, times 0 [ 58.030366][ T6269] CPU: 0 UID: 0 PID: 6269 Comm: syz.1.100 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) [ 58.030386][ T6269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 58.030395][ T6269] Call Trace: [ 58.030400][ T6269] <TASK> [ 58.030406][ T6269] dump_stack_lvl+0x16c/0x1f0 [ 58.030436][ T6269] should_fail_ex+0x512/0x640 [ 58.030452][ T6269] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 58.030475][ T6269] should_failslab+0xc2/0x120 [ 58.030500][ T6269] __kmalloc_cache_noprof+0x6a/0x3e0 [ 58.030518][ T6269] ? ww_mutex_lock+0x37/0x160 [ 58.030533][ T6269] ? drm_atomic_helper_crtc_duplicate_state+0x70/0xd0 [ 58.030559][ T6269] drm_atomic_helper_crtc_duplicate_state+0x70/0xd0 [ 58.030581][ T6269] drm_atomic_get_crtc_state+0x171/0x450 [ 58.030603][ T6269] drm_atomic_get_plane_state+0x436/0x590 [ 58.030625][ T6269] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 58.030663][ T6269] ? __pfx___might_resched+0x10/0x10 [ 58.030690][ T6269] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 58.030711][ T6269] ? __mutex_lock+0x1ca/0xb90 [ 58.030740][ T6269] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 58.030775][ T6269] drm_client_modeset_commit_locked+0x14d/0x580 [ 58.030800][ T6269] drm_fb_helper_pan_display+0x32d/0xa40 [ 58.030819][ T6269] ? preempt_schedule_notrace_thunk+0x16/0x30 [ 58.030846][ T6269] fb_pan_display+0x47c/0x7d0 [ 58.030860][ T6269] ? __pfx_drm_fb_helper_pan_display+0x10/0x10 [ 58.030879][ T6269] bit_update_start+0x49/0x1f0 [ 58.030898][ T6269] fbcon_switch+0xbf5/0x14c0 [ 58.030922][ T6269] ? __pfx_fbcon_switch+0x10/0x10 [ 58.030949][ T6269] ? __pfx_bit_cursor+0x10/0x10 [ 58.030965][ T6269] ? fbcon_cursor+0x409/0x5f0 [ 58.030982][ T6269] ? is_console_locked+0x9/0x20 [ 58.031004][ T6269] ? con_is_visible+0x65/0x150 [ 58.031030][ T6269] redraw_screen+0x2be/0x760 [ 58.031047][ T6269] ? __pfx_redraw_screen+0x10/0x10 [ 58.031064][ T6269] ? fbcon_set_palette+0x401/0x640 [ 58.031082][ T6269] fbcon_modechanged+0x456/0x700 [ 58.031102][ T6269] fbcon_set_all_vcs+0x1d6/0x450 [ 58.031121][ T6269] fbcon_update_vcs+0x2c/0x50 [ 58.031137][ T6269] do_fb_ioctl+0x787/0x7e0 [ 58.031158][ T6269] ? __pfx_do_fb_ioctl+0x10/0x10 [ 58.031183][ T6269] ? do_vfs_ioctl+0x523/0x1a60 [ 58.031241][ T6269] ? selinux_file_ioctl+0x180/0x270 [ 58.031262][ T6269] fb_ioctl+0xe5/0x150 [ 58.031280][ T6269] ? __pfx_fb_ioctl+0x10/0x10 [ 58.031300][ T6269] __x64_sys_ioctl+0x18b/0x210 [ 58.031320][ T6269] do_syscall_64+0xcd/0x4c0 [ 58.031337][ T6269] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.031353][ T6269] RIP: 0033:0x7f8f1378e929 [ 58.031365][ T6269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 58.031379][ T6269] RSP: 002b:00007f8f14686038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 58.031393][ T6269] RAX: ffffffffffffffda RBX: 00007f8f139b5fa0 RCX: 00007f8f1378e929 [ 58.031404][ T6269] RDX: 0000200000000140 RSI: 0000000000004601 RDI: 0000000000000003 [ 58.031413][ T6269] RBP: 00007f8f14686090 R08: 0000000000000000 R09: 0000000000000000 [ 58.031422][ T6269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 58.031431][ T6269] R13: 0000000000000000 R14: 00007f8f139b5fa0 R15: 00007ffc83586288 [ 58.031456][ T6269] </TASK> [ 58.073124][ T5949] tipc: Node number set to 2886997162 [ 58.073620][ T6266] IPVS: using max 21 ests per chain, 50400 per kthread [ 58.074289][ T6270] netlink: 14504 bytes leftover after parsing attributes in process `syz.3.101'. [ 58.123362][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 58.167900][ T6279] FAULT_INJECTION: forcing a failure. [ 58.167900][ T6279] name failslab, interval 1, probability 0, space 0, times 0 [ 58.174225][ T6279] CPU: 0 UID: 0 PID: 6279 Comm: syz.0.105 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) [ 58.174252][ T6279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 58.174262][ T6279] Call Trace: [ 58.174268][ T6279] <TASK> [ 58.174273][ T6279] dump_stack_lvl+0x16c/0x1f0 [ 58.174302][ T6279] should_fail_ex+0x512/0x640 [ 58.174317][ T6279] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 58.174339][ T6279] should_failslab+0xc2/0x120 [ 58.174363][ T6279] __kmalloc_cache_noprof+0x6a/0x3e0 [ 58.174381][ T6279] ? kvm_dev_ioctl+0xa45/0x1ad0 [ 58.174411][ T6279] kvm_dev_ioctl+0xa45/0x1ad0 [ 58.174440][ T6279] ? hook_file_ioctl_common+0x145/0x410 [ 58.174460][ T6279] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 58.174484][ T6279] ? selinux_file_ioctl+0x180/0x270 [ 58.174494][ T6279] ? selinux_file_ioctl+0xb4/0x270 [ 58.174505][ T6279] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 58.174521][ T6279] __x64_sys_ioctl+0x18b/0x210 [ 58.174535][ T6279] do_syscall_64+0xcd/0x4c0 [ 58.174545][ T6279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.174555][ T6279] RIP: 0033:0x7fbcd138e929 [ 58.174564][ T6279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 58.174577][ T6279] RSP: 002b:00007fbcd22ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 58.174590][ T6279] RAX: ffffffffffffffda RBX: 00007fbcd15b5fa0 RCX: 00007fbcd138e929 [ 58.174596][ T6279] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 58.174602][ T6279] RBP: 00007fbcd22ab090 R08: 0000000000000000 R09: 0000000000000000 [ 58.174608][ T6279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 58.174613][ T6279] R13: 0000000000000000 R14: 00007fbcd15b5fa0 R15: 00007fff91ccffe8 [ 58.174626][ T6279] </TASK> [ 58.238739][ T5955] Bluetooth: hci2: command tx timeout [ 58.286953][ T6289] Bluetooth: MGMT ver 1.23 [ 58.480441][ T6328] netlink: 12 bytes leftover after parsing attributes in process `syz.2.124'. [ 58.485158][ T6328] netlink: 'syz.2.124': attribute type 2 has an invalid length. [ 58.485182][ T6328] netlink: 'syz.2.124': attribute type 1 has an invalid length. [ 58.485189][ T6328] netlink: 4 bytes leftover after parsing attributes in process `syz.2.124'. [ 58.548307][ T5945] Bluetooth: hci1: ACL packet for unknown connection handle 285 [ 58.966155][ T6371] __nla_validate_parse: 1 callbacks suppressed [ 58.966165][ T6371] netlink: 12 bytes leftover after parsing attributes in process `syz.2.139'. [ 58.980294][ T6372] Zero length message leads to an empty skb [ 59.102899][ T5949] tipc: Node number set to 2886997162 [ 59.232285][ T5945] Bluetooth: hci3: command tx timeout [ 59.232460][ T5953] Bluetooth: hci0: command tx timeout [ 59.553602][ T6386] [ 59.554550][ T6386] ====================================================== [ 59.556758][ T6386] WARNING: possible circular locking dependency detected [ 59.559414][ T6386] 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 Not tainted [ 59.563546][ T6386] ------------------------------------------------------ [ 59.565738][ T6386] syz.1.144/6386 is trying to acquire lock: [ 59.567560][ T6386] ffffffff8e7304c8 (pcpu_alloc_mutex){+.+.}-{4:4}, at: pcpu_alloc_noprof+0xb4c/0x1470 [ 59.570643][ T6386] [ 59.570643][ T6386] but task is already holding lock: [ 59.572856][ T6386] ffff8881066900a8 (&q->q_usage_counter(io)#50){++++}-{0:0}, at: blk_mq_update_nr_hw_queues+0x275/0xcb0 [ 59.576176][ T6386] [ 59.576176][ T6386] which lock already depends on the new lock. [ 59.576176][ T6386] [ 59.579253][ T6386] [ 59.579253][ T6386] the existing dependency chain (in reverse order) is: [ 59.582084][ T6386] [ 59.582084][ T6386] -> #2 (&q->q_usage_counter(io)#50){++++}-{0:0}: [ 59.584615][ T6386] blk_alloc_queue+0x619/0x760 [ 59.586215][ T6386] blk_mq_alloc_queue+0x175/0x290 [ 59.588044][ T6386] __blk_mq_alloc_disk+0x29/0x120 [ 59.590350][ T6386] nbd_dev_add+0x4a0/0xbc0 [ 59.592403][ T6386] nbd_init+0x181/0x320 [ 59.593974][ T6386] do_one_initcall+0x120/0x6e0 [ 59.595636][ T6386] kernel_init_freeable+0x5c2/0x900 [ 59.597434][ T6386] kernel_init+0x1c/0x2b0 [ 59.598993][ T6386] ret_from_fork+0x5d4/0x6f0 [ 59.600626][ T6386] ret_from_fork_asm+0x1a/0x30 [ 59.602167][ T6386] [ 59.602167][ T6386] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 59.604358][ T6386] fs_reclaim_acquire+0x102/0x150 [ 59.606040][ T6386] prepare_alloc_pages+0x162/0x610 [ 59.608067][ T6386] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 59.610658][ T6386] __alloc_pages_noprof+0xb/0x1b0 [ 59.612630][ T6386] pcpu_populate_chunk+0x110/0xb00 [ 59.614380][ T6386] pcpu_alloc_noprof+0x86a/0x1470 [ 59.616129][ T6386] iommu_dma_init_fq+0x202/0x8a0 [ 59.617834][ T6386] iommu_setup_dma_ops+0x1336/0x1700 [ 59.619571][ T6386] bus_iommu_probe+0x23e/0x530 [ 59.621203][ T6386] iommu_device_register+0x1af/0x280 [ 59.622918][ T6386] intel_iommu_init+0x25e7/0x3780 [ 59.624548][ T6386] pci_iommu_init+0x2e/0x90 [ 59.626152][ T6386] do_one_initcall+0x120/0x6e0 [ 59.627797][ T6386] kernel_init_freeable+0x5c2/0x900 [ 59.629492][ T6386] kernel_init+0x1c/0x2b0 [ 59.630937][ T6386] ret_from_fork+0x5d4/0x6f0 [ 59.632505][ T6386] ret_from_fork_asm+0x1a/0x30 [ 59.634083][ T6386] [ 59.634083][ T6386] -> #0 (pcpu_alloc_mutex){+.+.}-{4:4}: [ 59.636453][ T6386] __lock_acquire+0x126f/0x1c90 [ 59.638359][ T6386] lock_acquire+0x179/0x350 [ 59.640522][ T6386] __mutex_lock+0x199/0xb90 [ 59.642371][ T6386] pcpu_alloc_noprof+0xb4c/0x1470 [ 59.644176][ T6386] sbitmap_init_node+0x2fd/0x770 [ 59.645924][ T6386] sbitmap_queue_init_node+0x41/0x560 [ 59.647921][ T6386] blk_mq_init_tags+0x12d/0x2b0 [ 59.650060][ T6386] blk_mq_alloc_map_and_rqs+0x237/0xf60 [ 59.652177][ T836] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 59.652524][ T6386] __blk_mq_alloc_map_and_rqs+0x128/0x1f0 [ 59.657643][ T6386] blk_mq_update_nr_hw_queues+0x4ab/0xcb0 [ 59.659654][ T6386] nbd_start_device+0x172/0xcd0 [ 59.661410][ T6386] nbd_ioctl+0x219/0xda0 [ 59.662943][ T6386] blkdev_ioctl+0x277/0x6d0 [ 59.664557][ T6386] __x64_sys_ioctl+0x18b/0x210 [ 59.666251][ T6386] do_syscall_64+0xcd/0x4c0 [ 59.668007][ T6386] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 59.670089][ T6386] [ 59.670089][ T6386] other info that might help us debug this: [ 59.670089][ T6386] [ 59.673386][ T6386] Chain exists of: [ 59.673386][ T6386] pcpu_alloc_mutex --> fs_reclaim --> &q->q_usage_counter(io)#50 [ 59.673386][ T6386] [ 59.677710][ T6386] Possible unsafe locking scenario: [ 59.677710][ T6386] [ 59.680178][ T6386] CPU0 CPU1 [ 59.681910][ T6386] ---- ---- [ 59.683573][ T6386] lock(&q->q_usage_counter(io)#50); [ 59.685275][ T6386] lock(fs_reclaim); [ 59.687320][ T6386] lock(&q->q_usage_counter(io)#50); [ 59.690009][ T6386] lock(pcpu_alloc_mutex); [ 59.691505][ T6386] [ 59.691505][ T6386] *** DEADLOCK *** [ 59.691505][ T6386] [ 59.694016][ T6386] 5 locks held by syz.1.144/6386: [ 59.695626][ T6386] #0: ffff8880274a2230 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_ioctl+0x150/0xda0 [ 59.698642][ T6386] #1: ffff8880274a2188 (&set->update_nr_hwq_lock){++++}-{4:4}, at: blk_mq_update_nr_hw_queues+0x32/0xcb0 [ 59.702215][ T6386] #2: ffff8880274a20d8 (&set->tag_list_lock){+.+.}-{4:4}, at: blk_mq_update_nr_hw_queues+0x45/0xcb0 [ 59.705616][ T6386] #3: ffff8881066900a8 (&q->q_usage_counter(io)#50){++++}-{0:0}, at: blk_mq_update_nr_hw_queues+0x275/0xcb0 [ 59.709487][ T6386] #4: ffff8881066900e0 (&q->q_usage_counter(queue)#2){+.+.}-{0:0}, at: blk_mq_update_nr_hw_queues+0x275/0xcb0 [ 59.713193][ T6386] [ 59.713193][ T6386] stack backtrace: [ 59.715070][ T6386] CPU: 3 UID: 0 PID: 6386 Comm: syz.1.144 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) [ 59.715084][ T6386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.715090][ T6386] Call Trace: [ 59.715095][ T6386] <TASK> [ 59.715099][ T6386] dump_stack_lvl+0x116/0x1f0 [ 59.715119][ T6386] print_circular_bug+0x275/0x350 [ 59.715137][ T6386] check_noncircular+0x14c/0x170 [ 59.715155][ T6386] __lock_acquire+0x126f/0x1c90 [ 59.715173][ T6386] lock_acquire+0x179/0x350 [ 59.715189][ T6386] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 59.715203][ T6386] ? __pfx___might_resched+0x10/0x10 [ 59.715216][ T6386] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 59.715232][ T6386] __mutex_lock+0x199/0xb90 [ 59.715241][ T6386] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 59.715253][ T6386] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 59.715265][ T6386] ? __pfx___mutex_lock+0x10/0x10 [ 59.715274][ T6386] ? kasan_save_track+0x14/0x30 [ 59.715287][ T6386] ? __kasan_kmalloc+0xaa/0xb0 [ 59.715299][ T6386] ? blk_mq_init_tags+0x87/0x2b0 [ 59.715310][ T6386] ? blk_mq_update_nr_hw_queues+0x4ab/0xcb0 [ 59.715319][ T6386] ? nbd_start_device+0x172/0xcd0 [ 59.715335][ T6386] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 59.715347][ T6386] pcpu_alloc_noprof+0xb4c/0x1470 [ 59.715362][ T6386] sbitmap_init_node+0x2fd/0x770 [ 59.715376][ T6386] sbitmap_queue_init_node+0x41/0x560 [ 59.715390][ T6386] blk_mq_init_tags+0x12d/0x2b0 [ 59.715401][ T6386] blk_mq_alloc_map_and_rqs+0x237/0xf60 [ 59.715418][ T6386] ? lockdep_hardirqs_on+0x7c/0x110 [ 59.715436][ T6386] __blk_mq_alloc_map_and_rqs+0x128/0x1f0 [ 59.715453][ T6386] blk_mq_update_nr_hw_queues+0x4ab/0xcb0 [ 59.715462][ T6386] ? __pfx___mutex_lock+0x10/0x10 [ 59.715472][ T6386] nbd_start_device+0x172/0xcd0 [ 59.715482][ T6386] ? bpf_lsm_capable+0x9/0x10 [ 59.715496][ T6386] nbd_ioctl+0x219/0xda0 [ 59.715505][ T6386] ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540 [ 59.715517][ T6386] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 59.715528][ T6386] ? __pfx_nbd_ioctl+0x10/0x10 [ 59.715537][ T6386] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 59.715550][ T6386] ? __pfx_nbd_ioctl+0x10/0x10 [ 59.715560][ T6386] blkdev_ioctl+0x277/0x6d0 [ 59.715574][ T6386] ? __pfx_blkdev_ioctl+0x10/0x10 [ 59.715587][ T6386] ? selinux_file_ioctl+0x180/0x270 [ 59.715596][ T6386] ? selinux_file_ioctl+0xb4/0x270 [ 59.715607][ T6386] ? __pfx_blkdev_ioctl+0x10/0x10 [ 59.715621][ T6386] __x64_sys_ioctl+0x18b/0x210 [ 59.715634][ T6386] do_syscall_64+0xcd/0x4c0 [ 59.715643][ T6386] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 59.715654][ T6386] RIP: 0033:0x7f8f1378e929 [ 59.715662][ T6386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 59.715672][ T6386] RSP: 002b:00007f8f14686038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 59.715682][ T6386] RAX: ffffffffffffffda RBX: 00007f8f139b5fa0 RCX: 00007f8f1378e929 [ 59.715688][ T6386] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 59.715694][ T6386] RBP: 00007f8f13810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 59.715700][ T6386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 59.715705][ T6386] R13: 0000000000000000 R14: 00007f8f139b5fa0 R15: 00007ffc83586288 [ 59.715714][ T6386] </TASK> [ 59.813887][ T836] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 59.823604][ T836] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 59.827965][ T836] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 59.831839][ T836] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 59.837846][ T836] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 59.841456][ T836] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.845783][ T836] usb 7-1: config 0 descriptor?? [ 59.872689][ T6389] block nbd1: shutting down sockets [ 60.251512][ T6384] netlink: 12 bytes leftover after parsing attributes in process `syz.2.143'. [ 60.270472][ T836] usbhid 7-1:0.0: can't add hid device: -71 [ 60.272567][ T836] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 60.275545][ T836] usb 7-1: USB disconnect, device number 3 [ 61.322286][ T5945] Bluetooth: hci3: command 0x0405 tx timeout [ 62.112254][ C0] net_ratelimit: 15 callbacks suppressed [ 62.112271][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 62.192334][ C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 63.162219][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 63.242218][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 64.192210][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 64.282167][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 65.232202][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 65.312596][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 66.272187][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 66.352158][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 67.312280][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 67.392325][ C3] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 68.352231][ C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 68.432189][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 69.402189][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 69.472181][ C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available VM DIAGNOSIS: 09:03:24 Registers: info registers vcpu 0 CPU#0 RAX=0000000000033ef4 RBX=0000000000000000 RCX=ffffffff8b7d7c99 RDX=ffffed100d486646 RSI=ffffffff8c1548e0 RDI=ffffffff8191fd51 RBP=fffffbfff1c52ef0 RSP=ffffffff8e207e08 R8 =0000000000000000 R9 =ffffed100d486645 R10=ffff88806a43322b R11=0000000000000000 R12=0000000000000000 R13=ffffffff8e297780 R14=ffffffff90a7bb50 R15=0000000000000000 RIP=ffffffff8b7d67ff RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6765000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055557fd2f808 CR3=00000000504eb000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000040000400 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff91cd0370 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbcd1411a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbcd1411a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbcd1411a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbcd1411aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbcd1411b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbcd1411c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000040a0c RBX=0000000000000001 RCX=ffffffff8b7d7c99 RDX=ffffed100d4a6646 RSI=ffffffff8c1548e0 RDI=ffffffff8191fd51 RBP=ffffed1003bd1488 RSP=ffffc90000177df8 R8 =0000000000000000 R9 =ffffed100d4a6645 R10=ffff88806a53322b R11=0000000000000000 R12=0000000000000001 R13=ffff88801de8a440 R14=ffffffff90a7bb50 R15=0000000000000000 RIP=ffffffff8b7d67ff RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6865000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000200000002000 CR3=00000000535ad000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc4df011a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc4df011a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc4df011a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc4df011aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc4df011b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc4df011c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000008000 0000766d62c98ac9 f2dd8699eac2df3a 0099000cbe9e0000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc4dfced100 00007fc4df183440 00007fc4df180004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc4df183498 00007fc4df183490 00007fc4df183488 00007fc4df183480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=ffffed1007628488 RBX=000000110c36c000 RCX=ffffffff82085b94 RDX=ffff88803b142440 RSI=ffffffff8208580d RDI=0000000000000006 RBP=0000000000000000 RSP=ffffc90004b27608 R8 =0000000000000006 R9 =000000110c400000 R10=000000110c36c000 R11=0000000000007c7a R12=0000000000000000 R13=ffffc90004b27790 R14=dffffc0000000000 R15=000000110c400000 RIP=ffffffff8208581b RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6965000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000001a00 CR3=00000000532b1000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000020520001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbcd22aaf90 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbcd1411a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbcd1411a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbcd1411a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbcd1411aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbcd1411b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbcd1411c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2973252865746972 770073252f64252f 6b7361742f666c65 732f636f72702f00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0c56000d40514c57 520056000a41000a 4e5644510a434940 560a464a57550a00 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000000000d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85598b15 RDI=ffffffff9b077320 RBP=ffffffff9b0772e0 RSP=ffffc90005cf7198 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=732d302e35312e36 R12=0000000000000000 R13=000000000000000d R14=ffffffff9b0772e0 R15=ffffffff85598ab0 RIP=ffffffff85598b3f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f8f146866c0 ffffffff 00c00000 GS =0000 ffff8880d6a65000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fbcd13726e0 CR3=0000000056b4e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000040000400 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc83586610 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8f13811a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8f13811a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8f13811a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8f13811aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8f13811b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8f13811c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000