last executing test programs: 28.246249779s ago: executing program 1 (id=1219): sendmsg$DCCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c00000012000301000000000000000000009db7000000000000010004000000000000000000000000000000000000000000000000000000691d0f76e77044d1eb94e56239e4"], 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x800) (async) r0 = socket(0x22, 0x3, 0x0) bind$inet(r0, &(0x7f0000000340)={0x22, 0x4e20, @loopback}, 0x57) (async, rerun: 32) recvmsg(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x2) (rerun: 32) 28.209516638s ago: executing program 1 (id=1220): io_setup(0x2, &(0x7f0000000200)=0x0) io_submit(r0, 0x0, 0x0) r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r2 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_G_OUTPUT(r2, 0x8004562e, &(0x7f0000000040)) r3 = socket$inet6_icmp(0xa, 0x2, 0x3a) getsockopt$inet6_int(r3, 0x29, 0x11, 0x0, &(0x7f0000000040)=0x5d) write$tcp_mem(r1, &(0x7f00000000c0)={0x40, 0x20, 0x3, 0x20, 0x6}, 0x48) 28.054581896s ago: executing program 1 (id=1222): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={0x1, 0xffffffffffffffff}, 0x4) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000280)={'syztnl0\x00', 0x0, 0x4, 0x4, 0x0, 0xb48, 0x4c, @empty, @private0={0xfc, 0x0, '\x00', 0x1}, 0x40, 0x80, 0x7, 0x33}}) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xcc, 0xcc, 0x7, [@typedef={0x10}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x5, 0x5, 0xefacaf8a}}, @enum64={0xf21, 0x2, 0x0, 0x13, 0x1, 0x8, [{0x9, 0xa, 0x9}, {0x5, 0xc, 0xfffffff0}]}, @struct={0x0, 0xa, 0x0, 0x4, 0x1, 0x2, [{0x2, 0x4, 0x15e}, {0x4, 0x1, 0x1}, {0xa, 0x1, 0xf}, {0xa, 0x1, 0x6}, {}, {0x2, 0x0, 0x3}, {0x1, 0x5, 0x9}, {0x2, 0x1, 0x10000}, {0x2, 0x0, 0xd}, {0x5, 0x3, 0x37}]}]}, {0x0, [0x30, 0x5f, 0x0, 0x0, 0x5f]}}, &(0x7f0000000540)=""/226, 0xeb, 0xe2, 0x1, 0x32}, 0x28) r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) getsockname$packet(r7, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r8, @ANYBLOB='\x00\x00'], 0x48}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc, 0x0, 0x48810}, 0x4000800) sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000003080)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000940)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r8}}, 0x24}}, 0x0) ftruncate(r3, 0x8800000) r9 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r9, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r9, 0x84, 0x15, &(0x7f0000000040)={0x3}, 0x1) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r9, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @ipv4={'\x00', '\xff\xff', @empty}}], 0x1c) sendto$inet6(r9, &(0x7f00000004c0)="b0", 0x1, 0x1, &(0x7f0000000140)={0xa, 0x4e23, 0x1000, @loopback, 0xffffffff}, 0x1c) sendfile(r9, r3, 0x0, 0x578410e9) r10 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000007c0), 0x84500, 0x0) r11 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000800), 0x38401, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0x14, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @map_idx={0x18, 0xc, 0x5, 0x0, 0x10}]}, &(0x7f0000000100)='syzkaller\x00', 0x8, 0x1000, &(0x7f0000000c80)=""/4096, 0x40f00, 0x10, '\x00', r1, 0x0, r2, 0x8, &(0x7f0000000680)={0x8, 0xb}, 0x8, 0x10, &(0x7f0000000780)={0x2, 0xe, 0xfff, 0xd}, 0x10, 0x0, 0x0, 0x9, &(0x7f0000000840)=[r3, r10, r11], &(0x7f00000009c0)=[{0x2, 0x4, 0x1, 0xc}, {0x1, 0x3, 0x2, 0x4}, {0x0, 0x5, 0x3, 0x1}, {0x5, 0x4, 0x4, 0xc}, {0x0, 0x1, 0x3, 0x4}, {0x5, 0x4, 0xc, 0x1}, {0x5, 0x5, 0xc, 0x6}, {0x4, 0x5, 0x5}, {0x2, 0x5, 0xb}], 0x10, 0x2}, 0x94) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) bpf$ENABLE_STATS(0x20, &(0x7f0000000080), 0x4) r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@base={0xf, 0x4, 0x4, 0x16, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50) r13 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="1842000080100000000000d0a7bb6e1ea2283252b8c05aa854bde918550047f7fa0004000000850000002e"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000180)=ANY=[@ANYRES32=r12, @ANYRES32=r13, @ANYBLOB="05"], 0x10) 28.041405766s ago: executing program 1 (id=1223): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x8) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) (async) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0) (async, rerun: 32) mount$bind(&(0x7f0000000140)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x1085408, 0x0) (async, rerun: 32) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (async, rerun: 64) r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) (rerun: 64) ioctl$SIOCNRDECOBS(r0, 0x89e2) (async) newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x6000) setresuid(0xee01, r1, r1) newfstatat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) chown(&(0x7f00000003c0)='./file0\x00', r2, 0xee01) (async) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff, 0xffffffffffffffff}}, './file1/file0\x00'}) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000200)={{}, {0x1, 0x4}, [{0x2, 0x4, r1}, {0x2, 0x2, r2}], {0x4, 0x6}, [{0x8, 0x4, r3}], {0x10, 0xd}, {0x20, 0x3}}, 0x3c, 0x1) chdir(&(0x7f00000000c0)='./bus\x00') (async, rerun: 64) r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000280), 0x2) (async, rerun: 64) r5 = syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = syz_pidfd_open(r5, 0x0) setns(r6, 0x20000000) (async) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, &(0x7f0000000140)) (async) r7 = memfd_create(&(0x7f0000001100)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdbU\xb1\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14O\xf8\xb5C\x1f\xb6b8b\x06A2@D\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\x88\xd1\x1eQB\x18\xc1-\xc4\x8fK\xf8\xfa\xb6\xf8\v;\xaa\x8fW\xcc\n\x17\x7f\x98\xb7\xcdqV\xd4\xf0)\xfa\x0fG\xc8\xbf\xfd\xe8>K\f\xcd+\xb0\x99Q\xba/\xa8\xb9`k\b\xd1\xcc\xfc\xeaA\"\v=\x83fC\x90%\xa1d\x91\xf8:\x16<\xad\xc2\x18\xdf\x01\xe2\x96\xfcj\xe9\xa4\x065m\x03', 0x4) ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000100)={r7, 0x0, 0x0, 0x1000}) (async) mkdir(&(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) (async) rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000040)='./file0\x00') r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="280000001200010200"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00 '], 0x28}}, 0x0) 27.974233806s ago: executing program 1 (id=1224): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x1, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x20, 0x4) setsockopt$sock_attach_bpf(r1, 0x1, 0x34, &(0x7f00000000c0)=r0, 0x4) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={0x1, 0xffffffffffffffff}, 0x4) bpf$TOKEN_CREATE(0x24, &(0x7f00000003c0)={0x0, r2}, 0x8) getpeername$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000540)=0x14) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0xd, 0x10, &(0x7f0000000440)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', r3, 0xf}, 0x94) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'}) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f00000001c0)='syzkaller\x00'}, 0x94) r8 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r7, r9, 0x25, 0x4, @val=@tcx={@void, @value=r7}}, 0x1c) syz_emit_ethernet(0x7a, &(0x7f00000007c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}, @val={@val={0x88a8, 0x4, 0x1, 0x1}, {0x8100, 0x5, 0x1, 0x4}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x3c, 0x6, 0x0, @local, @local, {[@dstopts={0x89, 0x3, '\x00', [@hao={0xc9, 0x10, @rand_addr=' \x01\x00'}, @jumbo={0xc2, 0x4, 0x6}, @ra={0x5, 0x2, 0x3ff}]}], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x5}}}}}}}, 0x0) write$UHID_CREATE2(r6, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r6, 0x0) ioctl$KVM_X86_SETUP_MCE(r6, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r10 = syz_open_dev$loop(&(0x7f0000000200), 0x4, 0x40100) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r10, 0x4c0a, &(0x7f00000005c0)={r11, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e9a1af1ea09dc2b7fb0a010000000000000000030000000000000000000000000000000000000000000000001b00", "2809e8dbe108598927875397bab22d0000b42076c1ce8ef05f819e01177d3d458dac00000000000000000000003b000000000000005bd7ed960e17288800", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}}) r12 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r12) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="280000423c704d973ad9aebdbe7fdda83951e9d6ac110466d3b415", @ANYRES16=r14, @ANYBLOB="010000000000fcdbdf253900000008000300", @ANYRES32=r13, @ANYBLOB="0c005a800800038004000100"], 0x28}, 0x1, 0x0, 0x0, 0x4000800}, 0x0) 27.694052097s ago: executing program 1 (id=1225): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000000)={0x7f7c, 0x6, 0x100}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000240)={0x2, 0x5, 0x6}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000200)={0x200, 0x1fb, 0xc38}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000001c0)={0x4, 0x1, 0xb}) close_range(r0, 0xffffffffffffffff, 0x0) 27.639759609s ago: executing program 32 (id=1225): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000000)={0x7f7c, 0x6, 0x100}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000240)={0x2, 0x5, 0x6}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000200)={0x200, 0x1fb, 0xc38}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000001c0)={0x4, 0x1, 0xb}) close_range(r0, 0xffffffffffffffff, 0x0) 2.812259474s ago: executing program 0 (id=1634): mount$9p_virtio(&(0x7f0000000040), &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB='tran,nodevmap,%\x00\x00\x00\x00\x00\x00\x00\x00']) (async, rerun: 32) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') (rerun: 32) ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000000)={0x3, 0x6c, 0x1}) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2) (async) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) r5 = eventfd2(0xe5c, 0x80000) r6 = eventfd2(0x6, 0x801) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000100)={r5, 0x7, 0x2, r6}) (async) pipe2(&(0x7f0000000080), 0x800) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2000000000000, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0xffffffffffffc537}, 0x0, &(0x7f00000002c0)={0x3ff, 0x1bb, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) (async, rerun: 32) close_range(r2, 0xffffffffffffffff, 0x0) (rerun: 32) ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f00000000c0)={0x2, @pix={0x6, 0x8, 0x31435641, 0x9, 0x5, 0x8, 0x3, 0x10000, 0x0, 0x6, 0x2, 0x74c3924ecb75b6cd}}) read$FUSE(r0, &(0x7f0000003480)={0x2020}, 0x2020) 1.90256012s ago: executing program 0 (id=1642): r0 = syz_open_dev$dri(&(0x7f0000000180), 0x2, 0x121840) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x3, 0x6}) ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000040)={0x1, r1, 0xd, 0x2, 0x27f, 0x400, 0x6}) syz_open_dev$dri(&(0x7f0000000180), 0x2, 0x121840) (async) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x3, 0x6}) (async) ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000040)={0x1, r1, 0xd, 0x2, 0x27f, 0x400, 0x6}) (async) 1.723321595s ago: executing program 0 (id=1646): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r1, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r1], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0) r3 = socket(0x10, 0x3, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x3, 0x2}}}}]}, 0x44}}, 0x800) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x48, 0x28, 0xd27, 0x1003ffd, 0x0, {0x0, 0x0, 0x0, r4, {0xffe0, 0x9}, {0x0, 0x9}, {0x2, 0xb}}, [@filter_kind_options=@f_fw={{0x7}, {0x14, 0x2, [@TCA_FW_POLICE={0x10, 0x2, [@TCA_POLICE_PEAKRATE64={0xc}]}]}}, @TCA_RATE={0x6, 0x5, {0x5, 0x5}}]}, 0x48}, 0x1, 0x0, 0x0, 0x810}, 0x20000845) socket(0x10, 0x3, 0x0) sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x400c4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2c, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000080)) r6 = socket$l2tp(0x2, 0x2, 0x73) r7 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r7, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000200), 0x4) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r8, 0x0, 0x0) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007"], 0x98}}, 0x0) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c000180140003000000f255ed6a5adacdb900000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe80000000000000fd000000000000aa14000400fe8000000000000000000000000000000c000280050001000000000008000740000000001800068014000400ff010000000000000000000000000001"], 0xac}}, 0x0) bind$inet(r6, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10) syz_emit_ethernet(0x74, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x73, 0x0, @private=0x300, @multicast1}, {0x0, 0x0, 0xfffffe9a, 0x0, @gue={{0x2}}}}}}}, 0x0) recvmsg(r6, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x10020) socket$netlink(0x10, 0x3, 0x4) 1.594418945s ago: executing program 2 (id=1648): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x4009, &(0x7f00000002c0)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}}) newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000) llistxattr(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) read$FUSE(r1, &(0x7f0000002140)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INTERRUPT(r1, &(0x7f0000000080)={0x10, 0xffffffffffffffda, r2}, 0x10) madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205649, &(0x7f0000000240)={0x0, 0x1, 0xfffffffe, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0x98f909, 0x5, '\x00', @p_u8=&(0x7f0000000040)=0x9}}) 1.522783658s ago: executing program 3 (id=1650): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) lseek(r2, 0x2, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000009c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r4, 0x1, 0x70bd2b, 0x25dfdbfc, {{}, {}, {0x81, 0x11, 0x1}}}, 0x24}}, 0xc084) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_pressure(r5, &(0x7f00000000c0)='io.pressure\x00', 0x2, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f000000b500), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TID_CONFIG(r9, &(0x7f000000d040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x34, r8, 0x8de13c6b70ae92c3, 0x41403, 0xfffffffe, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x18, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x7}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x28000800}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r7, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x24000000}, 0xc, &(0x7f0000000240)={&(0x7f00000003c0)={0x240, r8, 0x100, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r11}, @val={0xc, 0x99, {0x7, 0x6}}}}, [@NL80211_ATTR_IE={0xb, 0x2a, [@supported_rates={0x1, 0x5, [{0x5}, {0x1b, 0x1}, {0x4, 0x1}, {0x9, 0x1}, {0x961ac0c4265ea9a1, 0x1}]}]}, @NL80211_ATTR_IE={0xe, 0x2a, [@supported_rates={0x1, 0x8, [{0x4, 0x1}, {0x1}, {0x1}, {0x30, 0x1}, {0x2, 0x1}, {0x16}, {0x1b, 0x1}, {0x9}]}]}, @NL80211_ATTR_IE={0x1fc, 0x2a, [@random={0x1, 0xaf, "24fc2369b640449c3e79a6152ea45a177ec7510b3b3e082fc25c5e67706c66ed88e0b514427c36900e47e80c5b012f62424cf76b25ecc0a18db3f47eb9f3f23b74ac45e79d44abead99bf02656675f56927f8c98562c3b433f976d05939f76e5177948569e345c621a5319c02f6e00427306621da080b7a38cdbb95b97a6dcded645d389cf4bfd75941f166e15fd3c873920d79937fac07118c045653f87ee49eae9d46d0449297035fa01e65c62f1"}, @ibss={0x6, 0x2, 0x4}, @rann={0x7e, 0x15, {{0x1, 0x18}, 0x78, 0x7, @broadcast, 0x9, 0x5, 0x3}}, @cf={0x4, 0x6, {0x5, 0x9, 0x7, 0x1000}}, @erp={0x2a, 0x1, {0x1, 0x1}}, @sec_chan_ofs={0x3e, 0x1, 0x3}, @random_vendor={0xdd, 0x23, "9ba6fbacfe58b70b6c45c770bf64ff0db660905eb4fd1103e322b31f2a031058101780"}, @random={0x2, 0xf2, "30c2654f89868ad2d6e468dfa113bda3d6e23d08be8ccf5840da7a515678eee7a2e6c34ec9a25de1aa15196ae2a8c2a1661dd6c69c853f80cd3c4ebf962b290bb1539067e35904e62eec6b1d400ffccbe657f1b0208f6782dfe2ffc899b101cb9394c81e5a0280873f7b9c31654409d0db2042972d911fbe55087f1506db28a55b9fa19b134454c1c6c88998087e556e41a4124a4bfb0244867bafefa9684454cd3af7e57dc361a38d64a43a9c651cfc027b98b50fdeb704bdecfaee52d60ceb75c0f7bb0e6cddb3b9eea47e62609eb570aec2bae05fed793523135f76241ca656eba662c03188fad8e8c49f271160d0311e"}, @channel_switch={0x25, 0x3, {0x0, 0x6, 0x7d}}]}]}, 0x240}, 0x1, 0x0, 0x0, 0x8000}, 0x10) r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r14 = openat$random(0xffffffffffffff9c, &(0x7f0000000340), 0x40, 0x0) ioctl$RNDGETENTCNT(r14, 0x80045200, &(0x7f0000000380)) sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="28d655302c91546b0300", @ANYRES32=r13, @ANYBLOB="0800050008000000"], 0x24}}, 0x0) write$cgroup_pressure(r6, &(0x7f0000000340)={'some', 0x20, 0x4, 0x20, 0xffffa}, 0x2f) 1.422602428s ago: executing program 2 (id=1651): r0 = syz_open_dev$sg(&(0x7f00000000c0), 0x0, 0x54980) r1 = socket(0x10, 0x2, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, 0x0, 0x0) write(r1, &(0x7f0000000280)="1c0000001a009b8a14e5f4070009042402000000ff02000300000000", 0x1e5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x5, 0x50, r0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x8000000004) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r3) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r4, 0x6f6) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) r6 = socket(0x28, 0x801, 0x0) getsockname$packet(r6, 0x0, &(0x7f00000004c0)) connect$inet(r5, &(0x7f0000000080)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10) writev(r2, &(0x7f0000000280)=[{&(0x7f00000005c0)="580000001400192340834b80040d8c560a06ffffff7f070000000000000058000b480400945f64009400050038925a01000000800000008004000000ff0109000000fff5dd0000000300030006010000418e01400004fcff", 0x58}], 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000ab000000000000000000950000000800"/32], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) socket$inet(0x2, 0x2, 0x0) r7 = open$dir(&(0x7f0000000300)='./bus\x00', 0x8000, 0x1) mkdirat(r7, &(0x7f00000002c0)='./bus\x00', 0x1a0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r8 = syz_open_dev$vivid(&(0x7f0000000200), 0x0, 0x2) ioctl$VIDIOC_QUERYSTD(r8, 0x8008563f, &(0x7f0000000240)) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x2004000, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) chdir(&(0x7f0000000180)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x458002, 0x55) r9 = open(&(0x7f00000000c0)='./file1\x00', 0x8800, 0x112) getdents(r9, 0x0, 0x0) connect$inet(r9, &(0x7f0000000080)={0x2, 0x4e20, @rand_addr=0x64010102}, 0x10) 1.328111806s ago: executing program 3 (id=1652): r0 = syz_open_dev$tty1(0xc, 0x4, 0x2) write$UHID_INPUT(r0, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d0381e007fc6e5539b0d430a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadbac5c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 1.324773163s ago: executing program 2 (id=1653): openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x60882, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1401, 0x0) writev(r0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5bffd08307d80c79b1cb7b5f0c5b4d719c69c8513f748fbe425a7bc388c9019bef114779f7a10dc03a883d6e16a0a704f74297f381ff1db75098a9b38bb67206a7ff22e6ca46dc760bdad8a79d5951988c55a368dd1132ba7f129c2e65441eaa27492c069488df0881f123ca01ae873f5b36eb0fddb8f07420f5484d81cabde167c87ffbab6a94b24b5537bb1a08d56469f516fd4b7c66e2ac50d5ff4e52c628d0a89e53d0e78582a5ab2a2c714f66", 0xfe7c}], 0x1) ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000240)={0x2000, 0x20000000}) 1.233053705s ago: executing program 3 (id=1654): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x121040, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x40000108, 0x0, 0x9}]}) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000048000000160a01000000000000000000010000010900010073797a30000000000900020073797a30000000001c0003800800014000000000080002400000000008000240000000065c020000180a0101000b000000000000010000000900010073797a3000000000e800038008000140000000000800014000000000cc0003801400010069703665727370616e3000000000000014000100776732000000000000000000000000001400010076657468305f6d61637674617000000014000100626f6e645f736c6176655f310000000014000100626f6e645f736c6176655f300000000014000100636169663000000000000000000000001400010070296d726567300000000000000000001400010070696d726567310000000000000000001400010069705f76746930000000000000000000140001007465616d5f736c6176655f300000000008000140000000200900020073797a30"], 0x2ec}, 0x1, 0x0, 0x0, 0x20008811}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r8 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r9 = openat$selinux_policy(0xffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$AUTOFS_IOC_CATATONIC(r9, 0x9362, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r9, 0x0) write$midi(r9, &(0x7f0000000300)="17c8ebf2f85a072de0de8da51b2babe5fafedb74673f45034dcf5f80f27153fe24ac99778d2dbdb69d8e03678e201234e560dd726c9e468e9fb0bc6b53787e85cd2ee65316ac8ddb98a37a9caf454d9a86b98f1baa5bf01c9f058ebc41fc46b4899d6b1591822f04568e3daf8a7b8ecf7967d91d8215c68137a205b22babd2", 0x7f) syz_emit_ethernet(0x2a, &(0x7f0000000200)=ANY=[], 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r10 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r9, 0x84, 0x76, &(0x7f0000000140)={0x0, 0x1}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp_SCTP_AUTH_KEY(r10, 0x84, 0x17, &(0x7f0000000380)={r11, 0x4, 0x75, "f6d797f80c647460d252ce9beffd1262008d5b7525c91cf23c9c2950a826b0a9c711d8d284d023086ab7d470c524d6dc7963ecdb28c620b1db42c002b482ba58945d1aaf547f3cdeaa88c2f6906a247fb18640209e72c58134bdb362bd69dc0e8fcc72ec612c597c619f0ae9cb02d1298e117f56c1"}, 0x7d) write$selinux_load(r8, &(0x7f0000000000)=ANY=[], 0xffbd) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000200)={'wlan0\x00', 0x0}) r13 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_DEL_STATION(r13, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="03020a00006b0000004005b6b70108000300", @ANYRES32=r12], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x4008814) ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000100)={0x46, 0xa, 0x2, "cf95b02e481cf73e4c9f93caa864d1eaea988daaa9c94c713c0993aa3f51b320", 0x33424752}) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001080)=ANY=[@ANYBLOB="5800000010001fff000000000200000000000000", @ANYRES32=0x0, @ANYBLOB="0918000000000000300012800b000100697036746e6c000020000280050009000400000014000200fe8000000000000000000000000000bb080004000005"], 0x58}, 0x1, 0x0, 0x0, 0x4004040}, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, &(0x7f0000000080)={r14, r15/1000+10000}, 0x10) 1.232648666s ago: executing program 4 (id=1655): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000001840), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r1, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000001880)={0x4c, r2, 0x1, 0x0, 0x0, {0x21}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}]}, 0x4c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000700), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)={0x3c, r4, 0x1, 0x70bd29, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8001}, 0xc0) r5 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020070000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000053d11f1d8500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188) r8 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000600)={'sit0\x00', 0x0}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000640)={r6, 0xff, 0x2, 0x7f}) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000700)={0x8, 0x0}, 0x8) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000780)=@bpf_lsm={0x1d, 0x6, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xba9}, [@generic={0x9, 0x4, 0x2, 0xff86, 0xe}, @map_val={0x18, 0x9, 0x2, 0x0, r5, 0x0, 0x0, 0x0, 0x4}]}, &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x1000, &(0x7f0000001a00)=""/4096, 0x41100, 0x24, '\x00', r9, 0x1b, r10, 0x8, &(0x7f0000000680)={0x0, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x2, 0x80000001, 0x3}, 0x10, r11, 0x0, 0x2, 0x0, &(0x7f0000000740)=[{0x5, 0x1, 0xa, 0xb}, {0x1, 0x5, 0x7, 0x8}], 0x10, 0x2}, 0x94) ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000200)={0x3, r7, 0x1}) sendmsg$DEVLINK_CMD_RATE_SET(r12, &(0x7f0000000540)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000004c0)={&(0x7f00000002c0)={0x12c, r2, 0x2, 0x70bd26, 0x25dfdbfe, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xc3, 0xa8, @random="086cbdf4b299aa76a98dac9a4c509d676df46061641413911ce5edf608c80a514d7bed8872ad8f76d652289997fc9d913f76db0d8bcec21138da89140d12304af904342d8967eee9aab4b2010844cfde31bb7e57e3445343ffa9e90aaa2e5ccd2d95722d6353afb6de717bb52b93edd54a06df6cfde1649bd35f8a1c14c09e872049e1fe35ce2796d8e398956fb5c26916162b82ac8852f43c1011f382c5d7b4e4f8d0e3a49106ee732e2355d1839e06f1ae032daa6eea3e1bcc48a3d3147f"}, @DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0x2}, @DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0x1f, 0xa9, @random="37ad5f00129bf345e447c643555276d657bb2ed897e4439d6917c8"}, @DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xe}, @DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xf, 0xa9, @name2}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x12c}, 0x1, 0x0, 0x0, 0x804}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0}, &(0x7f0000000180)=0x14) setsockopt$inet_mreqn(r8, 0x0, 0x23, &(0x7f00000001c0)={@broadcast, @multicast2, r13}, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000400)='itimer_state\x00', r7}, 0x18) setitimer(0x2, 0x0, 0x0) 1.154764361s ago: executing program 4 (id=1656): openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x60882, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1401, 0x0) writev(r0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5bffd08307d80c79b1cb7b5f0c5b4d719c69c8513f748fbe425a7bc388c9019bef114779f7a10dc03a883d6e16a0a704f74297f381ff1db75098a9b38bb67206a7ff22e6ca46dc760bdad8a79d5951988c55a368dd1132ba7f129c2e65441eaa27492c069488df0881f123ca01ae873f5b36eb0fddb8f07420f5484d81cabde167c87ffbab6a94b24b5537bb1a08d56469f516fd4b7c66e2ac50d5ff4e52c628d0a89e53d0e78582a5ab2a2c714f66", 0xfe7c}], 0x1) ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000240)={0x2000, 0x1000000}) (fail_nth: 21) 1.069256722s ago: executing program 3 (id=1657): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@dellink={0x40, 0x10, 0xc03, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @remote}, @IFLA_IPTUN_6RD_RELAY_PREFIXLEN={0x6, 0xe, 0x8}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000020}, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_DEV(r1, &(0x7f00000001c0)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x44, 0x0, 0x800, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_DEVICE={0xc, 0x2e, 0x0, 0x1, [@NL802154_DEV_ATTR_SHORT_ADDR={0x6, 0x3, 0xffff}]}, @NL802154_ATTR_SEC_DEVICE={0x4}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x48000}, 0x4000c080) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0x1c, 0x0, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000000) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) socket$nl_route(0x10, 0x3, 0x0) (async) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@dellink={0x40, 0x10, 0xc03, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @remote}, @IFLA_IPTUN_6RD_RELAY_PREFIXLEN={0x6, 0xe, 0x8}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000020}, 0x0) (async) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan3\x00'}) (async) sendmsg$NL802154_CMD_NEW_SEC_DEV(r1, &(0x7f00000001c0)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x44, 0x0, 0x800, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_DEVICE={0xc, 0x2e, 0x0, 0x1, [@NL802154_DEV_ATTR_SHORT_ADDR={0x6, 0x3, 0xffff}]}, @NL802154_ATTR_SEC_DEVICE={0x4}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x48000}, 0x4000c080) (async) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) (async) sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0x1c, 0x0, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000000) (async) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async) 894.850127ms ago: executing program 3 (id=1658): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x71, &(0x7f0000001c00)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000000800450000630002000000f58f78000000000000000000004e20004f90780400000007740000fdffffffffffff9c67524ed6ed152d4f775bbc411126513b67aa2818e6f3aeb55bee6ae104a30c5705bc8bd9b1085cd41af77353267df8a1d4cecdb01908"], 0x0) readv(r0, &(0x7f0000000600)=[{0x0, 0xea}, {&(0x7f0000002c40)=""/4096, 0x1000}], 0x2) 784.495598ms ago: executing program 0 (id=1659): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x60882, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1401, 0x0) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)="109f1fb75d0fdfd26772907d93481a745bd3c07f2349ed1d1503e0595a82aeb9c1565837ba1f391d4e2204430972151d896e5f781bfc6258cfedc7dc53c3937f11b8be9a8ca6633cc9c23e91581a5525972ff3f98ddfd0d26f095ad8d55919607237", 0x62}, {&(0x7f0000000100)="ba1354064ce44e539c791f5592cf8b444e4d8372a18a0870b0e2e051ae452a1f1eb86f8af439bdd1d15045b759ea99a9062880a1e10b08cc643dbdc0cf0cbb69914b92", 0x43}], 0x1000000000000085) ioctl$IOC_PR_PREEMPT(r1, 0x401870cb, &(0x7f0000000000)={0x1ff, 0x7, 0xfffffffb, 0xfffffff8}) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2a00a9, &(0x7f0000000000)={[{@inode32}]}) ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f0000000240)={0x2000, 0x1000000}) 684.715858ms ago: executing program 2 (id=1660): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$sock_buf(r0, 0x1, 0x4a, 0x0, &(0x7f0000000280)) r1 = socket$nl_route(0x10, 0x3, 0x0) (async) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x400, 0x20000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x4}, {0x0, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_NAT={0x8}, @TCA_CAKE_WASH={0x8}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x4) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e21, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}, 0x6}, 0x1c) (async) setsockopt$inet6_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f0000000140)=@gcm_256={{0x303}, "06b72e2dde239a83", "6e0f1b84fa6caf6b5f4821e21a97e82abd6b94a49c5238fc7892dfde28ec6095", "6e3cebd7", "b9ed6dc3992aaa32"}, 0x38) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRESOCT=r2, @ANYBLOB="0000000000008000280012800a00010076786c616e", @ANYRES8=r1], 0x50}}, 0x20008844) 684.539818ms ago: executing program 4 (id=1661): ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async, rerun: 32) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff) (rerun: 32) sendmsg$SMC_PNETID_DEL(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x2c, r1, 0x1, 0x0, 0x200004, {0x2, 0x2, 0x2}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x2c}, 0x1, 0x40030000000000, 0x0, 0x800}, 0x80) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, 0x0, 0x0, 0x20, 0x0, 0x0) (async) r2 = userfaultfd(0x80801) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x54d}) (async, rerun: 64) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) (async, rerun: 64) syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil) close_range(r2, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r3 = syz_open_dev$usbfs(&(0x7f0000000040), 0x201, 0x2) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11011, r3, 0x2000) (async) read$usbfs(r3, 0x0, 0x0) (async, rerun: 32) syz_emit_ethernet(0x86, &(0x7f0000000140)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @multicast2, @multicast1}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x3, 0x0, "eea2ce15f073cfc7b867a8f1eae374992b05d96de4fee8723648ec884824c0fa", "dad10d0e000000dfffffffffff0f8000", {"bfb382e7c4f35588608b6b77d4179781", "5c1ef82da223af7e119100d169d1153d"}}}}}}}, 0x0) (async, rerun: 32) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/uevent_helper', 0x149a82, 0x24a) write$cgroup_int(r4, 0x0, 0x0) (async) sendfile(r4, r4, 0x0, 0x100000000) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r4, 0x84, 0x21, &(0x7f0000000000)=0x2, 0x4) 632.222627ms ago: executing program 2 (id=1662): r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x200002, 0x40) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000040)) r1 = syz_open_dev$sg(&(0x7f00000000c0), 0x0, 0x82) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) write$RDMA_USER_CM_CMD_QUERY(r2, &(0x7f0000000500)={0x13, 0x10, 0xfa00, {0x0}}, 0x18) mmap(&(0x7f0000000000/0x12000)=nil, 0x12000, 0x0, 0x11, r1, 0x0) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/pm_trace', 0x2, 0x0) sendmsg$RDMA_NLDEV_CMD_STAT_SET(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x28, 0x1410, 0x800, 0x70bd26, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x1}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x20048044) write$FUSE_NOTIFY_STORE(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB='-', @ANYRESDEC], 0x28) socket$inet(0x2, 0x2, 0x0) 631.56288ms ago: executing program 0 (id=1663): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/uevent_helper', 0x8aa01, 0x118) write$FUSE_NOTIFY_POLL(r0, &(0x7f0000002540)={0x18, 0x1, 0x0, {0x5}}, 0x18) r1 = syz_open_dev$video(&(0x7f0000000000), 0x2, 0x0) r2 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) syz_emit_ethernet(0x82, &(0x7f0000000140)={@broadcast, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @rand_addr, {[@lsrr={0x83, 0x3}, @rr={0x7, 0x3}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@multicast1=0xe0000006}, {@dev}, {@dev}, {@remote}, {@private}, {@dev}, {@private}]}]}}}}}}}, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000280)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r6, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000002c0)={0x1c, r7, 0x1, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x800) copy_file_range(r4, 0x0, r4, 0x0, 0x7, 0x0) shutdown(r3, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x1c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x40, @private1, 0x1}]}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000140)={r9, @in6={{0xa, 0x4e24, 0x800, @empty, 0x9}}, 0x7, 0xfe00, 0x2, 0x3, 0x54, 0x6, 0xf5}, &(0x7f0000000480)=0x9c) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x5, 0x0, 0x4, 0x2, 0xffffffffffffffff}) fcntl$setownex(r2, 0xf, &(0x7f0000000200)={0x2, r10}) ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000100)={0x9, @pix_mp={0x2, 0x10001, 0xb5315241, 0x7, 0x1, [{0xf}, {0xffffffff, 0x7}, {0x81, 0xd16}, {0xf, 0x8a56}, {0x81, 0x9}, {0x0, 0x9}, {0x5, 0x7b}, {0x6, 0x1}], 0x6, 0x81, 0x1, 0x1, 0x6}}) 631.408003ms ago: executing program 2 (id=1664): r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x2) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockname(r1, &(0x7f00000000c0)=@x25={0x9, @remote}, &(0x7f0000000140)=0x43) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r0, 0xab00, r2) r3 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r3, &(0x7f00000005c0), 0x10) r4 = socket$can_raw(0x1d, 0x3, 0x1) sendmsg$can_raw(r4, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000380)={&(0x7f000000a000)=@canfd={{0x5}, 0x2, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee494e2f9663a918fa1efd9b0b00"}, 0x48}, 0x2}, 0x24000895) ioctl$NBD_DO_IT(r0, 0xab03) r5 = getpgrp(0x0) timer_create(0x5, &(0x7f0000000080)={0x0, 0x26, 0x0, @tid=r5}, &(0x7f0000000400)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) 564.059392ms ago: executing program 4 (id=1665): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) r0 = memfd_create(&(0x7f00000025c0)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1cs1F59\xcdR\xc1\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9b\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa\xe7\xd6\xa3', 0x6) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20) syz_clone3(&(0x7f0000001240)={0x2d000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = accept4$x25(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x80800) ioctl$SIOCX25CALLACCPTAPPRV(r3, 0x89e8) ioctl$sock_bt_hci(r2, 0x400448df, &(0x7f0000000000)) 563.630364ms ago: executing program 0 (id=1666): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(aes-aesni)\x00'}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bind$bt_l2cap(r1, &(0x7f00000021c0)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0xe) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r0, 0x0, 0x0, 0x800) getpeername$packet(r2, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000e00)=@getchain={0x24, 0x66, 0x0, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0xfff1, 0x7}, {0xe, 0x9}, {0xfff2, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0xc000}, 0x20000080) recvmsg$unix(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)=""/19, 0xb}, {&(0x7f00000006c0)=""/143, 0x8f}], 0x2}, 0x40000040) r4 = fsmount(0xffffffffffffffff, 0x1, 0x0) fchdir(r4) renameat2(r4, &(0x7f0000000200)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x2) utimensat(r4, &(0x7f0000000480)='./file0\x00', &(0x7f0000000540)={{0x77359400}}, 0x100) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'}) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r6) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) r9 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece) r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r2) sendmsg$ETHTOOL_MSG_WOL_SET(r9, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="b7c800000064bc42a8073df835555cfa36dd7a2f16d4dbd6732d4c525124c89243a71b26cf64021d2187b401010000000000006ccff3507e68fa5447aa5f09845e55", @ANYRES16=r10, @ANYBLOB="200028bd7000fbdbdf250a000000b200030069ba9c31d4e1ff403dd200a7c7aba5ff87f46fa9cf6958ad36d546a9f69c94057509d012e9ef97a443df271b7e561162268e1e157ce9a00f8e11aa95dab0d0ec0a152007f8fb085590b226898ec1d0ad6ac1be294432944917edd82bcb93525c296787817cf40bc3888036fec25dfb97e7b66e02b96767f9b8b818aaeb6bf9c389bd60a05fbca679fc3539da809661737a1eaba9e2ce0d14f89b02478bc731a8bd6ac53c337978744af02f72832a0000"], 0xc8}, 0x1, 0x0, 0x0, 0x24040800}, 0x4000004) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_setup(0x1714, &(0x7f0000002040)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_submit(r13, r14, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x2c, 0x2, r11, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0}}) sendmmsg$unix(r12, &(0x7f000000f7c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8081}}], 0xf000, 0x800) sendmsg$NL80211_CMD_SET_WIPHY(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000005c0)=ANY=[@ANYBLOB="0e000000", @ANYRES8=r0, @ANYBLOB="20002dbd7000fbdbde250200980b93ed8ba5bbec9c9ac300", @ANYRES32=r3], 0x24}, 0x1, 0x0, 0x0, 0x8090}, 0x800) sendmsg$NL80211_CMD_SET_COALESCE(r6, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="280097052495cecd35b1be1417ab880000", @ANYRES16=r7, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r8, @ANYBLOB], 0x28}}, 0x0) sendmsg$NL80211_CMD_RELOAD_REGDB(r5, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r7, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [""]}, 0x14}}, 0x20000080) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='smaps_rollup\x00') close(0x3) 494.09351ms ago: executing program 4 (id=1667): r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) r3 = socket$inet(0x2, 0x80001, 0x84) r4 = syz_open_procfs(0x0, &(0x7f00000008c0)='uid_map\x00') r5 = syz_io_uring_setup(0x38, &(0x7f0000000080)={0x0, 0xadde, 0x10100, 0x0, 0xfffffffd}, &(0x7f0000000000)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0xc, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xc0000151, 0x1, {0xfffd}}) io_uring_enter(r5, 0xd81, 0x0, 0x0, 0x0, 0x0) preadv(r4, &(0x7f0000002d80)=[{&(0x7f0000000940)=""/178, 0xb2}], 0x1, 0x200, 0x3) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f00000002c0)={0x0, @raw_data="04b81869b8060671f916720b5642403967b3769183e0e20b5b6ff0e6fc33086c622bc33e2040f12466cb0b84bcb12ffdc8cc7ffb52bcd86a8205605dab8fd1d07d006236ab7cfb70b2276674fbdb99a6736e5ba32fff3ed13100d5e47042f3bb150b5554f95ac19926cf060a390a74f6abd24fdcef3d66ecf17da03ce993de7c0d41f0554e61143c149f9f0f24d4e7d8ea369c6a1bbb41e136db63d8d2a5532f1c9cfdcb19bb9b89df5b3a7370d8fa695e0b5e78a05f81dd1c44471c942d19a26173d59397e7c12a"}) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x84, &(0x7f0000000440)={r8, @in6={{0xa, 0x0, 0x6, @empty}}, 0xfffd, 0x80}, &(0x7f0000000500)=0x90) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x14, 0x3a, 0x301, 0x70bd29, 0xfffffffc, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x0) r9 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2) fcntl$setlease(r9, 0x400, 0x0) truncate(&(0x7f0000000140)='./file0\x00', 0xfffffffffffffffe) fcntl$setlease(r9, 0x400, 0x0) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000100)={r1, 0x7, 0x9, [0x0, 0xfff, 0x6, 0x6d7c, 0x3, 0x7, 0xc, 0x8000, 0x1]}, 0x1a) 444.384923ms ago: executing program 4 (id=1668): openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x60882, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1401, 0x0) writev(r0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5bffd08307d80c79b1cb7b5f0c5b4d719c69c8513f748fbe425a7bc388c9019bef114779f7a10dc03a883d6e16a0a704f74297f381ff1db75098a9b38bb67206a7ff22e6ca46dc760bdad8a79d5951988c55a368dd1132ba7f129c2e65441eaa27492c069488df0881f123ca01ae873f5b36eb0fddb8f07420f5484d81cabde167c87ffbab6a94b24b5537bb1a08d56469f516fd4b7c66e2ac50d5ff4e52c628d0a89e53d0e78582a5ab2a2c714f66", 0xfe7c}], 0x1) ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000240)={0x2000, 0x23000000}) 0s ago: executing program 3 (id=1669): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000040)={0x2, 0x40000105, 0x0, 0x0}) r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r2, 0xc1105511, &(0x7f0000000040)={0x7, 0x3, 0x40, 0x10000, 'syz1\x00', 0x4000041}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6) ioctl$KVM_SET_CPUID2(r4, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYBLOB='\a']) ioctl$KVM_RUN(r4, 0xae80, 0x0) unshare(0x3e050c80) kernel console output (not intermixed with test programs): configfs" ino=3149 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 102.115804][ T8558] netlink: 1 bytes leftover after parsing attributes in process `syz.0.716'. [ 102.123044][ T40] audit: type=1400 audit(1762522591.824:540): avc: denied { search } for pid=8554 comm="syz.3.717" name="/" dev="configfs" ino=3149 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 102.133834][ T40] audit: type=1400 audit(1762522591.824:541): avc: denied { search } for pid=8554 comm="syz.3.717" name="/" dev="configfs" ino=3149 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 102.152164][ T40] audit: type=1400 audit(1762522591.824:542): avc: denied { search } for pid=8554 comm="syz.3.717" name="/" dev="configfs" ino=3149 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 102.195749][ T8568] netlink: 68 bytes leftover after parsing attributes in process `syz.3.722'. [ 102.202942][ T8568] team0: No ports can be present during mode change [ 102.208118][ T8568] netlink: 'syz.3.722': attribute type 8 has an invalid length. [ 102.507700][ T8597] netlink: 4 bytes leftover after parsing attributes in process `syz.3.732'. [ 102.540114][ T8602] netlink: 104 bytes leftover after parsing attributes in process `syz.0.734'. [ 102.668027][ T8616] netlink: 68 bytes leftover after parsing attributes in process `syz.0.739'. [ 102.677595][ T8619] netlink: 68 bytes leftover after parsing attributes in process `syz.0.739'. [ 102.889618][ T9] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 103.045685][ T8634] netlink: 24 bytes leftover after parsing attributes in process `syz.2.744'. [ 103.053689][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 103.057427][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 103.061030][ T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 103.065059][ T9] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 103.068181][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.072499][ T9] usb 6-1: config 0 descriptor?? [ 103.231547][ T8643] btrfs: Unknown parameter 'acl%K£ÑGõþݯ‘ÚÌ#Œ [ 103.231547][ T8643] €–÷•—Êm§üózA£5ƧW}-SÆåR§¾ ƒ»1ÑÓàé.¦QeRSW4²†Óñ—€¤Ç Z6§4Œ' [ 103.268917][ T8643] veth5: entered promiscuous mode [ 103.356091][ T8646] xt_nfacct: accounting object `syz0' does not exist [ 103.414220][ T8653] ICMPv6: NDISC: Failed to initialize the control socket (err -2) [ 103.480345][ T9] plantronics 0003:047F:FFFF.0003: reserved main item tag 0xd [ 103.495298][ T9] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 103.619227][ T8672] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 103.619322][ T8676] ksmbd: Unknown IPC event: 1, ignore. [ 103.709341][ T8672] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 103.744483][ T5979] usb 6-1: USB disconnect, device number 6 [ 103.830729][ T8672] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 103.861948][ T8694] "syz.3.764" (8694) uses obsolete ecb(arc4) skcipher [ 103.880726][ T8696] ICMPv6: NDISC: Failed to initialize the control socket (err -2) [ 103.901736][ T8672] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.022965][ T1072] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.034834][ T7211] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.046392][ T1072] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.063470][ T1072] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.093326][ T8704] netlink: 'syz.0.766': attribute type 10 has an invalid length. [ 104.098338][ T8704] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.103161][ T8704] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 104.156031][ T8715] ICMPv6: NDISC: Failed to initialize the control socket (err -2) [ 104.202970][ T8716] openvswitch: netlink: nsh attribute has 65532 unknown bytes. [ 104.206015][ T8719] openvswitch: netlink: nsh attribute has 65532 unknown bytes. [ 104.206129][ T8716] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 104.208817][ T8719] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 104.707937][ T8739] team0: Mode changed to "loadbalance" [ 104.713386][ T8739] netlink: 'syz.1.778': attribute type 8 has an invalid length. [ 104.990071][ T9] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 105.129662][ T1026] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 105.161233][ T9] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 105.165368][ T9] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64 [ 105.169270][ T9] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 105.172754][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.179446][ T8745] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 105.182905][ T8745] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 105.188485][ T9] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 105.189979][ T8761] netlink: 'syz.0.786': attribute type 30 has an invalid length. [ 105.225563][ T8761] bond1: option arp_missed_max: invalid value (0) [ 105.228293][ T8761] bond1: option arp_missed_max: allowed values 1 - 255 [ 105.234141][ T8761] bond1 (unregistering): Released all slaves [ 105.243035][ T8763] kernel profiling enabled (shift: 34) [ 105.245824][ T8763] profiling shift: 34 too large [ 105.248388][ T8763] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 105.299597][ T1026] usb 7-1: Using ep0 maxpacket: 8 [ 105.303142][ T1026] usb 7-1: config 0 has no interfaces? [ 105.307154][ T1026] usb 7-1: New USB device found, idVendor=0c10, idProduct=0000, bcdDevice=95.a7 [ 105.314507][ T1026] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 105.317667][ T1026] usb 7-1: Product: syz [ 105.319315][ T1026] usb 7-1: Manufacturer: syz [ 105.321371][ T1026] usb 7-1: SerialNumber: syz [ 105.325911][ T1026] usb 7-1: config 0 descriptor?? [ 105.388324][ T1026] usb 6-1: USB disconnect, device number 7 [ 105.441772][ T8767] netlink: 'syz.0.787': attribute type 1 has an invalid length. [ 105.454536][ T8767] 8021q: adding VLAN 0 to HW filter on device bond1 [ 105.474018][ T8767] bond1: (slave veth5): Enslaving as an active interface with a down link [ 105.485852][ T8767] vlan2: entered allmulticast mode [ 105.488141][ T8767] veth1: entered allmulticast mode [ 105.491171][ T8767] bond1: (slave vlan2): Opening slave failed [ 105.741281][ T8756] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 105.744803][ T8756] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 105.747841][ T8756] random: crng reseeded on system resumption [ 106.175520][ T8784] lo: entered promiscuous mode [ 106.185906][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 106.188861][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 106.193255][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 106.195972][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 106.198587][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 106.204847][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 106.207682][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 106.210342][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 106.212787][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 106.215136][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 106.222370][ T29] hid-generic 0000:0000:0000.0004: hidraw1: HID v0.00 Device [sy] on ÿÿÿÿÿÿÿÿ [ 106.254958][ T8796] fido_id[8796]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 106.346445][ T40] kauditd_printk_skb: 22 callbacks suppressed [ 106.346462][ T40] audit: type=1326 audit(1762522597.061:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8803 comm="syz.0.798" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b9b8f6c9 code=0x7ffc0000 [ 106.358982][ T40] audit: type=1326 audit(1762522597.061:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8803 comm="syz.0.798" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b9b8f6c9 code=0x7ffc0000 [ 106.369209][ T40] audit: type=1326 audit(1762522597.081:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8803 comm="syz.0.798" exe="/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f96b9b8f6c9 code=0x7ffc0000 [ 106.369225][ T8805] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8805 comm=syz.1.797 [ 106.379949][ T40] audit: type=1326 audit(1762522597.081:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8803 comm="syz.0.798" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b9b8f6c9 code=0x7ffc0000 [ 106.392720][ T40] audit: type=1326 audit(1762522597.081:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8803 comm="syz.0.798" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b9b8f6c9 code=0x7ffc0000 [ 106.401649][ T40] audit: type=1326 audit(1762522597.081:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8803 comm="syz.0.798" exe="/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f96b9b8f6c9 code=0x7ffc0000 [ 106.411213][ T40] audit: type=1326 audit(1762522597.081:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8803 comm="syz.0.798" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b9b8f6c9 code=0x7ffc0000 [ 106.420707][ T40] audit: type=1326 audit(1762522597.081:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8803 comm="syz.0.798" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b9b8f6c9 code=0x7ffc0000 [ 106.429939][ T8809] __nla_validate_parse: 12 callbacks suppressed [ 106.429955][ T8809] netlink: 36 bytes leftover after parsing attributes in process `syz.0.799'. [ 106.431100][ T8809] netlink: 36 bytes leftover after parsing attributes in process `syz.0.799'. [ 106.432508][ T40] audit: type=1326 audit(1762522597.081:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8803 comm="syz.0.798" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f96b9b8f6c9 code=0x7ffc0000 [ 106.432534][ T40] audit: type=1326 audit(1762522597.081:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8803 comm="syz.0.798" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b9b8f6c9 code=0x7ffc0000 [ 107.173370][ T8837] netlink: zone id is out of range [ 107.176374][ T8837] netlink: zone id is out of range [ 107.179064][ T8837] netlink: set zone limit has 8 unknown bytes [ 107.261517][ T5938] udevd[5938]: inotify_add_watch(7, /dev/pmem0p13, 10) failed: No such file or directory [ 107.854028][ T34] usb 7-1: USB disconnect, device number 8 [ 107.872443][ T8862] XFS (nbd2): no-recovery mounts must be read-only. [ 108.191472][ T8883] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 108.400076][ T8904] gre0: entered allmulticast mode [ 108.406532][ T8904] dvmrp6: entered allmulticast mode [ 108.410425][ T8904] program syz.2.831 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 108.415261][ T8903] gre0: left allmulticast mode [ 108.421183][ T8906] SELinux: security_context_str_to_sid (system_u) failed with errno=-22 [ 108.450941][ T8908] netlink: 24 bytes leftover after parsing attributes in process `syz.2.833'. [ 108.454049][ T8908] netlink: 24 bytes leftover after parsing attributes in process `syz.2.833'. [ 108.693831][ T8934] loop2: detected capacity change from 0 to 7 [ 108.699612][ T8934] Dev loop2: unable to read RDB block 7 [ 108.702178][ T8934] loop2: unable to read partition table [ 108.704221][ T8934] loop2: partition table beyond EOD, truncated [ 108.706224][ T8934] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 108.752486][ T8937] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 108.755741][ T8937] block device autoloading is deprecated and will be removed. [ 108.836195][ T8936] /dev/sr0: Can't open blockdev [ 108.836295][ T8932] md: superblock version 12389 not known [ 108.841318][ T8932] md: couldn't set array info. -22 [ 108.893721][ T8932] cgroup2: Unknown parameter 'cpuacct' [ 108.898169][ T8932] netlink: 212916 bytes leftover after parsing attributes in process `syz.1.840'. [ 109.059397][ T8962] netlink: 24 bytes leftover after parsing attributes in process `syz.0.852'. [ 109.182626][ T8970] netlink: 'syz.1.854': attribute type 5 has an invalid length. [ 109.188513][ T8970] netlink: 20 bytes leftover after parsing attributes in process `syz.1.854'. [ 109.191552][ T8970] netem: invalid attributes len -22 [ 109.193272][ T8970] netem: change failed [ 109.201466][ T8973] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 109.203590][ T8973] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 109.206761][ T8973] vhci_hcd vhci_hcd.0: Device attached [ 109.337497][ T8984] binder_alloc: 8983: binder_alloc_buf, no vma [ 109.449582][ T29] usb 7-1: new low-speed USB device number 9 using dummy_hcd [ 109.459568][ T5979] usb 41-1: new low-speed USB device number 2 using vhci_hcd [ 109.471693][ T8986] usb 2-1: USB disconnect, device number 2 [ 109.601752][ T29] usb 7-1: config 0 has no interfaces? [ 109.604119][ T29] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 109.607891][ T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.613379][ T29] usb 7-1: config 0 descriptor?? [ 109.654184][ T8988] netlink: 28 bytes leftover after parsing attributes in process `syz.1.859'. [ 109.726670][ T8988] pimreg: entered allmulticast mode [ 109.819333][ T8974] usbip_core: unknown command [ 109.821664][ T8974] vhci_hcd: unknown pdu 0 [ 109.823573][ T8974] usbip_core: unknown command [ 109.825725][ T72] vhci_hcd: stop threads [ 109.827082][ T72] vhci_hcd: release socket [ 109.828937][ T72] vhci_hcd: disconnect device [ 109.878130][ T8994] netlink: 'syz.1.861': attribute type 12 has an invalid length. [ 109.889596][ T5979] vhci_hcd: vhci_device speed not set [ 109.934238][ T8999] NILFS (nbd0): device size too small [ 109.982566][ T5999] usb 7-1: USB disconnect, device number 9 [ 110.104868][ T9013] fuse: Unknown parameter '0x00000000000000040x0000000000000004' [ 110.244197][ T9019] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for erspan1 [ 110.305663][ T9021] loop5: detected capacity change from 0 to 7 [ 110.341742][ T9021] Dev loop5: unable to read RDB block 7 [ 110.344098][ T9021] loop5: unable to read partition table [ 110.346493][ T9021] loop5: partition table beyond EOD, truncated [ 110.349614][ T9021] loop_reread_partitions: partition scan of loop5 (úùƒå¡™‰üg¾CêjÌ–ã¢P=×!MX‹ºÐ œëÜ%õ«`Éæ˜Èµ4FLQkÝŠ5) failed (rc=-5) [ 110.476975][ T9037] netlink: 'syz.1.875': attribute type 1 has an invalid length. [ 110.507240][ T9041] netlink: 8 bytes leftover after parsing attributes in process `syz.0.876'. [ 110.507616][ T9037] netlink: 32 bytes leftover after parsing attributes in process `syz.1.875'. [ 110.621942][ T9056] input: syz1 as /devices/virtual/input/input12 [ 110.848174][ T9089] Unsupported ieee802154 address type: 0 [ 110.951550][ T9098] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 110.958204][ T9098] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 111.090331][ T9103] kvm: pic: non byte write [ 111.179637][ T8095] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 111.333001][ T8095] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 111.337320][ T8095] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 111.342127][ T8095] usb 7-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 111.349127][ T8095] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 111.354762][ T8095] usb 7-1: config 0 descriptor?? [ 111.515830][ T40] kauditd_printk_skb: 76 callbacks suppressed [ 111.515844][ T40] audit: type=1400 audit(1762522602.231:651): avc: denied { bind } for pid=9135 comm="syz.3.904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 111.538832][ T40] audit: type=1400 audit(1762522602.251:652): avc: denied { name_bind } for pid=9138 comm="syz.0.905" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 111.545680][ T40] audit: type=1400 audit(1762522602.251:653): avc: denied { name_bind } for pid=9138 comm="syz.0.905" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 111.561254][ T9136] __nla_validate_parse: 1 callbacks suppressed [ 111.561263][ T9136] netlink: 12 bytes leftover after parsing attributes in process `syz.3.904'. [ 111.703489][ T9153] dlm: non-version read from control device 0 [ 111.736567][ T8095] usbhid 7-1:0.0: can't add hid device: -71 [ 111.738569][ T8095] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 111.748160][ T8095] usb 7-1: USB disconnect, device number 10 [ 111.910098][ T40] audit: type=1400 audit(1762522602.631:654): avc: denied { execute } for pid=9172 comm="syz.1.914" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 112.019556][ T34] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 112.190278][ T29] usb 6-1: new low-speed USB device number 8 using dummy_hcd [ 112.191183][ T34] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 112.198110][ T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 112.202813][ T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 112.207287][ T34] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 112.212483][ T34] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 112.216010][ T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.220256][ T34] usb 5-1: config 0 descriptor?? [ 112.222382][ T9161] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 112.341193][ T29] usb 6-1: config 0 has an invalid interface number: 55 but max is 0 [ 112.344608][ T29] usb 6-1: config 0 has no interface number 0 [ 112.347167][ T29] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 112.351877][ T29] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 112.356059][ T29] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 112.360539][ T29] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 112.365083][ T29] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 112.369698][ T29] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 112.375121][ T29] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 112.378566][ T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.384365][ T29] usb 6-1: config 0 descriptor?? [ 112.389283][ T9176] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 112.392900][ T9176] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 112.398332][ T29] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 112.618202][ T5979] usb 6-1: USB disconnect, device number 8 [ 112.618387][ C2] ldusb 6-1:0.55: usb_submit_urb failed (-19) [ 112.627304][ T5979] ldusb 6-1:0.55: LD USB Device #0 now disconnected [ 112.639795][ T34] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 112.660751][ T9190] netlink: 4 bytes leftover after parsing attributes in process `syz.1.919'. [ 112.666015][ T9190] netlink: 12 bytes leftover after parsing attributes in process `syz.1.919'. [ 112.680405][ T9] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 112.829579][ T9] usb 7-1: device descriptor read/64, error -71 [ 112.912587][ T5979] usb 5-1: USB disconnect, device number 9 [ 112.968799][ T9202] IPv6: sit2: Disabled Multicast RS [ 112.972674][ T9202] sit2: entered allmulticast mode [ 113.079860][ T9] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 113.107083][ T9211] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 113.111292][ T9211] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 113.117129][ T9211] overlayfs: fs on './file0' does not support file handles, falling back to xino=off. [ 113.126867][ T9211] overlayfs: conflicting lowerdir path [ 113.154350][ T40] audit: type=1400 audit(1762522603.871:655): avc: denied { watch } for pid=9212 comm="syz.3.927" path="/239/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=1304 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 113.169211][ T9213] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 113.173196][ T40] audit: type=1400 audit(1762522603.871:656): avc: denied { watch_sb watch_reads } for pid=9212 comm="syz.3.927" path="/239/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=1304 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 113.177693][ T9213] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 113.215144][ T9218] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2573 sclass=netlink_route_socket pid=9218 comm=syz.1.928 [ 113.219531][ T9] usb 7-1: device descriptor read/64, error -71 [ 113.222221][ T40] audit: type=1400 audit(1762522603.941:657): avc: denied { write } for pid=9216 comm="syz.1.928" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 113.301578][ T9220] program syz.1.929 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 113.339996][ T9] usb usb7-port1: attempt power cycle [ 113.355018][ T40] audit: type=1400 audit(1762522604.071:658): avc: denied { create } for pid=9222 comm="syz.1.931" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 113.362881][ T40] audit: type=1400 audit(1762522604.071:659): avc: denied { ioctl } for pid=9222 comm="syz.1.931" path="socket:[27407]" dev="sockfs" ino=27407 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 113.397583][ T9226] netlink: 4 bytes leftover after parsing attributes in process `syz.3.930'. [ 113.463061][ T9234] netlink: 24 bytes leftover after parsing attributes in process `syz.1.935'. [ 113.498657][ T9236] netlink: 60 bytes leftover after parsing attributes in process `syz.0.936'. [ 113.506081][ T9236] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 113.510850][ T9236] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 113.520021][ T9236] overlayfs: failed to get uuid (206/file0, err=-13); falling back to uuid=null. [ 113.538027][ T9238] netlink: 12 bytes leftover after parsing attributes in process `syz.1.937'. [ 113.548084][ T9238] macsec2: entered promiscuous mode [ 113.550507][ T9238] macsec2: entered allmulticast mode [ 113.679972][ T9] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 113.700253][ T9] usb 7-1: device descriptor read/8, error -71 [ 113.969566][ T9] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 114.003038][ T9] usb 7-1: device descriptor read/8, error -71 [ 114.066797][ T9263] netlink: 'syz.1.944': attribute type 15 has an invalid length. [ 114.069602][ T9263] netlink: 24 bytes leftover after parsing attributes in process `syz.1.944'. [ 114.113675][ T9] usb usb7-port1: unable to enumerate USB device [ 114.221622][ T9288] /dev/sg0: Can't lookup blockdev [ 114.260804][ T9290] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 114.425723][ T9306] vlan2: entered allmulticast mode [ 114.427908][ T9306] bond0: entered allmulticast mode [ 114.430237][ T9306] bond_slave_0: entered allmulticast mode [ 114.432888][ T9306] bond_slave_1: entered allmulticast mode [ 114.485814][ T9315] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 114.500033][ T9315] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 114.504550][ T9315] overlayfs: failed to get uuid (266/file0, err=-13); falling back to uuid=null. [ 114.555365][ T40] audit: type=1400 audit(1762522605.271:660): avc: denied { remove_name } for pid=9316 comm="syz.0.960" name="binder1" dev="binder" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 114.610198][ T9325] netlink: 'syz.1.963': attribute type 1 has an invalid length. [ 114.645172][ T9327] openvswitch: netlink: nsh attr 253 is out of range max 3 [ 114.648204][ T9327] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 114.723777][ T9333] netlink: 12 bytes leftover after parsing attributes in process `syz.3.968'. [ 114.812699][ T9341] netlink: 68 bytes leftover after parsing attributes in process `syz.3.970'. [ 114.864851][ T9349] openvswitch: netlink: nsh attr 253 is out of range max 3 [ 114.867243][ T9349] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 115.165890][ T9366] bridge3: entered promiscuous mode [ 115.167566][ T9366] bridge3: entered allmulticast mode [ 115.744578][ T9396] kvm: kvm [9391]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0x200000000100 [ 115.747946][ T9396] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=32789 sclass=netlink_xfrm_socket pid=9396 comm=syz.2.987 [ 116.079662][ T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 116.239835][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 116.244148][ T9] usb 5-1: config 0 has no interfaces? [ 116.245955][ T9] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 116.249001][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.268242][ T9] usb 5-1: config 0 descriptor?? [ 116.484554][ T9] usb 5-1: USB disconnect, device number 10 [ 116.531547][ T9434] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9434 comm=syz.0.1000 [ 116.572569][ T40] kauditd_printk_skb: 4 callbacks suppressed [ 116.572580][ T40] audit: type=1400 audit(1762522607.291:665): avc: denied { execstack } for pid=9431 comm="syz.1.998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 116.635600][ T9438] __nla_validate_parse: 3 callbacks suppressed [ 116.635612][ T9438] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1001'. [ 116.837525][ T9451] FAULT_INJECTION: forcing a failure. [ 116.837525][ T9451] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 116.842300][ T9451] CPU: 2 UID: 0 PID: 9451 Comm: syz.1.1006 Not tainted syzkaller #0 PREEMPT(full) [ 116.842322][ T9451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 116.842333][ T9451] Call Trace: [ 116.842359][ T9451] [ 116.842365][ T9451] dump_stack_lvl+0x16c/0x1f0 [ 116.842399][ T9451] should_fail_ex+0x512/0x640 [ 116.842420][ T9451] _copy_from_user+0x2e/0xd0 [ 116.842434][ T9451] move_addr_to_kernel+0x65/0x170 [ 116.842447][ T9451] __sys_connect+0xb1/0x160 [ 116.842458][ T9451] ? __pfx___sys_connect+0x10/0x10 [ 116.842475][ T9451] ? __pfx_ksys_write+0x10/0x10 [ 116.842490][ T9451] __x64_sys_connect+0x72/0xb0 [ 116.842505][ T9451] ? lockdep_hardirqs_on+0x7c/0x110 [ 116.842522][ T9451] do_syscall_64+0xcd/0xfa0 [ 116.842533][ T9451] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.842544][ T9451] RIP: 0033:0x7fb38378f6c9 [ 116.842553][ T9451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.842563][ T9451] RSP: 002b:00007fb3846b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 116.842573][ T9451] RAX: ffffffffffffffda RBX: 00007fb3839e5fa0 RCX: 00007fb38378f6c9 [ 116.842580][ T9451] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000003 [ 116.842586][ T9451] RBP: 00007fb3846b4090 R08: 0000000000000000 R09: 0000000000000000 [ 116.842592][ T9451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 116.842598][ T9451] R13: 00007fb3839e6038 R14: 00007fb3839e5fa0 R15: 00007ffc796f0b98 [ 116.842613][ T9451] [ 116.936037][ T9453] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1007'. [ 116.941742][ T9453] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1007'. [ 116.980405][ T9459] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1009'. [ 116.987020][ T9459] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 116.992095][ T9459] VFS: Can't find a romfs filesystem on dev nullb0. [ 116.992095][ T9459] [ 117.012076][ T9461] netlink: 'syz.0.1011': attribute type 2 has an invalid length. [ 117.063877][ T9465] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1013'. [ 117.114534][ T40] audit: type=1400 audit(1762522607.831:666): avc: denied { getopt } for pid=9467 comm="syz.0.1014" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 117.211967][ T9479] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1017'. [ 117.273463][ T9485] netlink: 830 bytes leftover after parsing attributes in process `syz.2.1020'. [ 117.425578][ T40] audit: type=1400 audit(1762522608.141:667): avc: denied { setopt } for pid=9493 comm="syz.2.1023" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 117.447850][ T40] audit: type=1326 audit(1762522608.161:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9497 comm="syz.0.1024" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b9b8f6c9 code=0x50000 [ 117.458367][ T40] audit: type=1326 audit(1762522608.161:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9497 comm="syz.0.1024" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b9b8f6c9 code=0x50000 [ 117.467574][ T40] audit: type=1326 audit(1762522608.161:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9497 comm="syz.0.1024" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b9b8f6c9 code=0x50000 [ 117.476328][ T40] audit: type=1326 audit(1762522608.161:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9497 comm="syz.0.1024" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b9b8f6c9 code=0x50000 [ 117.484659][ T40] audit: type=1326 audit(1762522608.161:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9497 comm="syz.0.1024" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b9b8f6c9 code=0x50000 [ 117.494184][ T40] audit: type=1326 audit(1762522608.161:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9497 comm="syz.0.1024" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b9b8f6c9 code=0x50000 [ 117.502122][ T9502] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1026'. [ 117.502716][ T40] audit: type=1326 audit(1762522608.161:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9497 comm="syz.0.1024" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b9b8f6c9 code=0x50000 [ 117.505705][ T9502] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1026'. [ 117.516183][ T9502] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1026'. [ 117.687438][ T9510] MTD: Attempt to mount non-MTD device "/dev/nbd2" [ 117.695238][ T9510] cramfs: wrong magic [ 117.970841][ T9524] kvm: pic: non byte write [ 118.087056][ T9538] netlink: 'syz.3.1037': attribute type 39 has an invalid length. [ 118.161587][ T9539] netlink: 'syz.3.1037': attribute type 21 has an invalid length. [ 118.167780][ T9539] netlink: 'syz.3.1037': attribute type 21 has an invalid length. [ 118.291178][ T9544] program syz.3.1039 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 118.529521][ T29] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 118.595115][ T9548] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0 [ 118.669539][ T29] usb 6-1: device descriptor read/64, error -71 [ 118.808980][ T9552] overlayfs: workdir and upperdir must be separate subtrees [ 118.841277][ T9554] tipc: Enabling of bearer rejected, failed to enable media [ 118.880831][ T9556] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65513 sclass=netlink_route_socket pid=9556 comm=syz.2.1045 [ 118.909692][ T29] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 119.039647][ T29] usb 6-1: device descriptor read/64, error -71 [ 119.159281][ T29] usb usb6-port1: attempt power cycle [ 119.159523][ T1026] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 119.332900][ T1026] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 119.336610][ T1026] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 119.340542][ T1026] usb 7-1: Product: syz [ 119.342299][ T1026] usb 7-1: Manufacturer: syz [ 119.344227][ T1026] usb 7-1: SerialNumber: syz [ 119.362720][ T1026] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 119.419411][ T1026] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 119.424002][ T9573] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 119.429303][ T9573] sch_tbf: burst 14 is lower than device lo mtu (65550) ! [ 119.509935][ T29] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 119.530394][ T29] usb 6-1: device descriptor read/8, error -71 [ 119.789628][ T29] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 119.811363][ T29] usb 6-1: device descriptor read/8, error -71 [ 119.920223][ T29] usb usb6-port1: unable to enumerate USB device [ 119.974764][ T9576] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.979319][ T9576] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.184920][ T9576] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 120.187551][ T9576] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.373049][ T9583] sp0: Synchronizing with TNC [ 120.401786][ T9585] [U] è [ 120.479646][ T1026] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 120.483533][ T1026] ath9k_htc: Failed to initialize the device [ 120.528948][ T1026] usb 7-1: ath9k_htc: USB layer deinitialized [ 120.552051][ T9] usb 7-1: USB disconnect, device number 15 [ 120.580532][ T9593] can: request_module (can-proto-5) failed. [ 121.137536][ T9612] syzkaller1: entered promiscuous mode [ 121.140682][ T9612] syzkaller1: entered allmulticast mode [ 121.292758][ T9633] binder: 9628:9633 ioctl c0306201 200000000540 returned -22 [ 121.389261][ T9648] 9pnet: Unknown protocol version 9p2000.uØx²íBTT!— Ä&æD3+ÉVÑÆ­ïßÞ [ 121.603638][ T9673] futex_wake_op: syz.2.1078 tries to shift op by 32; fix this program [ 121.687393][ T40] kauditd_printk_skb: 27311 callbacks suppressed [ 121.687410][ T40] audit: type=1400 audit(1762522612.401:27986): avc: denied { ioctl } for pid=9685 comm="syz.2.1081" path="socket:[31231]" dev="sockfs" ino=31231 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 121.698068][ T9684] input: syz1 as /devices/virtual/input/input13 [ 121.785135][ T9698] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 121.793319][ T9698] iommufd_mock iommufd_mock1: Adding to iommu group 10 [ 121.848022][ T9705] __nla_validate_parse: 5 callbacks suppressed [ 121.848033][ T9705] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1086'. [ 121.857097][ T9705] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1086'. [ 121.863124][ T9705] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1013 sclass=netlink_route_socket pid=9705 comm=syz.2.1086 [ 121.969697][ T40] audit: type=1400 audit(1762522612.691:27987): avc: denied { setopt } for pid=9720 comm="syz.2.1089" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 122.030122][ T9733] netlink: 'syz.2.1092': attribute type 29 has an invalid length. [ 122.034279][ T9733] netlink: 'syz.2.1092': attribute type 29 has an invalid length. [ 122.037613][ T9733] netlink: 500 bytes leftover after parsing attributes in process `syz.2.1092'. [ 122.075354][ T40] audit: type=1400 audit(1762522612.791:27988): avc: denied { write } for pid=9730 comm="syz.1.1091" name="file0" dev="fuse" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 122.318388][ T9761] netlink: 'syz.0.1098': attribute type 39 has an invalid length. [ 122.485133][ T40] audit: type=1400 audit(1762522613.201:27989): avc: denied { ioctl } for pid=9775 comm="syz.0.1103" path="socket:[32104]" dev="sockfs" ino=32104 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 122.541222][ T9780] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1105'. [ 122.598139][ T40] audit: type=1400 audit(1762522613.311:27990): avc: denied { read } for pid=9782 comm="syz.0.1106" name="btrfs-control" dev="devtmpfs" ino=1342 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 122.607561][ T40] audit: type=1400 audit(1762522613.311:27991): avc: denied { open } for pid=9782 comm="syz.0.1106" path="/dev/btrfs-control" dev="devtmpfs" ino=1342 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 122.617805][ T40] audit: type=1400 audit(1762522613.311:27992): avc: denied { ioctl } for pid=9782 comm="syz.0.1106" path="/dev/btrfs-control" dev="devtmpfs" ino=1342 ioctlcmd=0x9405 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 122.988360][ T9786] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1107'. [ 123.337583][ T9792] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 123.369887][ T40] audit: type=1400 audit(1762522614.081:27993): avc: denied { setattr } for pid=9791 comm="syz.2.1109" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 123.444144][ T9803] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1114'. [ 123.470971][ T9804] 9p: Unknown access argument 18446744073709551615: -34 [ 124.286048][ T9820] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1120'. [ 124.379837][ T9824] xt_l2tp: v2 doesn't support IP mode [ 124.458907][ T9828] netlink: 'syz.0.1124': attribute type 1 has an invalid length. [ 124.467474][ T9828] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 124.489338][ T9830] Attempt to restore checkpoint with obsolete wellknown handles [ 124.493740][ T9830] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1125'. [ 124.566007][ T9830] team0 (unregistering): Port device team_slave_0 removed [ 124.572869][ T9830] team0 (unregistering): Port device team_slave_1 removed [ 124.689379][ T9842] ICMPv6: NDISC: Failed to initialize the control socket (err -2) [ 124.895368][ T9849] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR [ 124.926921][ T40] audit: type=1400 audit(1762522615.641:27994): avc: denied { connect } for pid=9855 comm="syz.2.1132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 124.956504][ T9859] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1133'. [ 124.957292][ T9860] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1133'. [ 125.239615][ T29] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 125.393640][ T29] usb 7-1: config 0 has an invalid interface number: 217 but max is 0 [ 125.396707][ T29] usb 7-1: config 0 has no interface number 0 [ 125.400993][ T29] usb 7-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69 [ 125.403002][ T9864] veth0_to_bridge: left allmulticast mode [ 125.404588][ T29] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.406562][ T9864] veth0_to_bridge: left promiscuous mode [ 125.409400][ T29] usb 7-1: Product: syz [ 125.412229][ T9864] bridge0: port 1(veth0_to_bridge) entered disabled state [ 125.413230][ T29] usb 7-1: Manufacturer: syz [ 125.417417][ T29] usb 7-1: SerialNumber: syz [ 125.427863][ T29] usb 7-1: config 0 descriptor?? [ 125.432038][ T29] hub 7-1:0.217: bad descriptor, ignoring hub [ 125.434601][ T29] hub 7-1:0.217: probe with driver hub failed with error -5 [ 125.635274][ T29] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in cold state, will try to load a firmware [ 125.647472][ T29] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 125.651829][ T29] dib0700: firmware download failed at 7 with -22 [ 125.675192][ T9875] fuse: blksize only supported for fuseblk [ 125.681163][ T29] usb 7-1: USB disconnect, device number 16 [ 125.930571][ T9897] can: request_module (can-proto-0) failed. [ 126.339644][ T8095] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 126.341213][ T9] hid_parser_main: 22 callbacks suppressed [ 126.341224][ T9] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 126.350225][ T9] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz0] on syz0 [ 126.381885][ T9922] fido_id[9922]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 126.430429][ T5999] usb 7-1: new low-speed USB device number 17 using dummy_hcd [ 126.513771][ T8095] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 126.516673][ T8095] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 126.519184][ T8095] usb 6-1: Product: syz [ 126.520709][ T8095] usb 6-1: Manufacturer: syz [ 126.522177][ T8095] usb 6-1: SerialNumber: syz [ 126.525219][ T8095] usb 6-1: config 0 descriptor?? [ 126.599565][ T5999] usb 7-1: Invalid ep0 maxpacket: 64 [ 126.629540][ T9] usb 5-1: new full-speed USB device number 11 using dummy_hcd [ 126.729523][ T5999] usb 7-1: new low-speed USB device number 18 using dummy_hcd [ 126.790770][ T9] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 126.794623][ T9] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64 [ 126.798447][ T9] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 126.802861][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.810420][ T9924] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 126.812730][ T9924] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 126.817008][ T9] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 126.899735][ T5999] usb 7-1: Invalid ep0 maxpacket: 64 [ 126.904093][ T5999] usb usb7-port1: attempt power cycle [ 127.076886][ T9933] __nla_validate_parse: 3 callbacks suppressed [ 127.076904][ T9933] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1154'. [ 127.082124][ T9933] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1154'. [ 127.239585][ T5999] usb 7-1: new low-speed USB device number 19 using dummy_hcd [ 127.259976][ T5999] usb 7-1: Invalid ep0 maxpacket: 64 [ 127.363663][ T34] usb 5-1: USB disconnect, device number 11 [ 127.389668][ T5999] usb 7-1: new low-speed USB device number 20 using dummy_hcd [ 127.410095][ T5999] usb 7-1: Invalid ep0 maxpacket: 64 [ 127.412284][ T5999] usb usb7-port1: unable to enumerate USB device [ 127.923385][ T9938] netlink: 'syz.0.1159': attribute type 9 has an invalid length. [ 127.926408][ T9938] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1159'. [ 127.936922][ T7224] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.936957][ T9938] netlink: 'syz.0.1159': attribute type 9 has an invalid length. [ 127.940115][ T7224] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.940152][ T7224] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.940179][ T7224] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.953850][ T9938] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1159'. [ 127.957849][ T9938] netlink: 'syz.0.1159': attribute type 9 has an invalid length. [ 127.961243][ T9938] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1159'. [ 127.965147][ T9938] netlink: 'syz.0.1159': attribute type 9 has an invalid length. [ 127.968452][ T9938] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1159'. [ 127.973840][ T9938] netlink: 'syz.0.1159': attribute type 9 has an invalid length. [ 127.977052][ T9938] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1159'. [ 127.980981][ T9938] netlink: 'syz.0.1159': attribute type 9 has an invalid length. [ 127.984259][ T9938] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1159'. [ 127.988132][ T9938] netlink: 'syz.0.1159': attribute type 9 has an invalid length. [ 127.991523][ T9938] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1159'. [ 127.996052][ T9938] netlink: 'syz.0.1159': attribute type 9 has an invalid length. [ 127.998734][ T9938] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1159'. [ 128.002766][ T9938] netlink: 'syz.0.1159': attribute type 9 has an invalid length. [ 128.006087][ T9938] netlink: 'syz.0.1159': attribute type 9 has an invalid length. [ 128.351049][ T40] audit: type=1400 audit(1762522619.071:27995): avc: denied { listen } for pid=9949 comm="syz.0.1164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 128.405251][ T40] audit: type=1400 audit(1762522619.121:27996): avc: denied { remount } for pid=9949 comm="syz.0.1164" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 128.809669][ T9] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 128.961184][ T9] usb 5-1: config 1 has an invalid interface number: 7 but max is 0 [ 128.963714][ T9] usb 5-1: config 1 has no interface number 0 [ 128.965763][ T9] usb 5-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B [ 128.970522][ T9] usb 5-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 128.974594][ T9] usb 5-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 128.981486][ T9] usb 5-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00 [ 128.985135][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 128.988189][ T9] usb 5-1: Product: syz [ 128.989980][ T9] usb 5-1: Manufacturer: syz [ 128.991750][ T9] usb 5-1: SerialNumber: syz [ 128.995988][ T9956] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 129.098257][ T8095] usb 6-1: USB disconnect, device number 13 [ 129.201186][ T9956] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 129.216920][ T9963] hsr0: mtu greater than device maximum [ 129.305067][ T9975] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 129.308911][ T9975] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 129.312898][ T9975] overlayfs: failed to get uuid (322/file0, err=-13); falling back to uuid=null. [ 129.331860][ T9966] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 129.375205][ T9977] ICMPv6: NDISC: Failed to initialize the control socket (err -2) [ 129.413356][ T9] sierra_net 5-1:1.7 wwan0: register 'sierra_net' at usb-dummy_hcd.0-1, Sierra Wireless USB-to-WWAN Modem, 00:00:00:00:01:07 [ 129.497747][ T9982] 8021q: VLANs not supported on tunl0 [ 129.501083][ T9985] bridge0: port 3(veth0_to_bridge) entered blocking state [ 129.504447][ T9985] bridge0: port 3(veth0_to_bridge) entered disabled state [ 129.507834][ T9985] veth0_to_bridge: entered allmulticast mode [ 129.513462][ T9985] veth0_to_bridge: entered promiscuous mode [ 129.516276][ T9985] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 129.523770][ T9985] bridge0: port 3(veth0_to_bridge) entered blocking state [ 129.526773][ T9985] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 129.530462][ T40] audit: type=1400 audit(1762522620.251:27997): avc: denied { getopt } for pid=9981 comm="syz.3.1175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 129.641801][ T9956] bond2: entered promiscuous mode [ 129.643614][ T9956] 8021q: adding VLAN 0 to HW filter on device bond2 [ 129.648204][ T9956] µŒí;“·: renamed from bond2 (while UP) [ 129.665317][ T9956] µŒí;“·: (slave bridge4): making interface the new active one [ 129.668520][ T9956] bridge4: entered promiscuous mode [ 129.674140][ T9956] µŒí;“·: (slave bridge4): Enslaving as an active interface with an up link [ 129.681692][ T9] sierra_net 5-1:1.7 wwan0: Submit SYNC failed -71 [ 129.685500][ T9] sierra_net 5-1:1.7 wwan0: Send SYNC failed, status -71 [ 129.689859][ T9] sierra_net 5-1:1.7 wwan0: Submit SYNC failed -71 [ 129.692846][ T9] sierra_net 5-1:1.7 wwan0: Send SYNC failed, status -71 [ 129.696511][ T9] usb 5-1: USB disconnect, device number 12 [ 129.699689][ T9] sierra_net 5-1:1.7 wwan0: unregister 'sierra_net' usb-dummy_hcd.0-1, Sierra Wireless USB-to-WWAN Modem [ 129.760869][ T9] sierra_net 5-1:1.7 wwan0 (unregistered): usb_control_msg failed, status -19 [ 130.221345][T10020] Bluetooth: MGMT ver 1.23 [ 130.442652][ T40] audit: type=1400 audit(1762522621.161:27998): avc: denied { bind } for pid=10033 comm="syz.0.1190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 130.481969][ T40] audit: type=1326 audit(1762522621.201:27999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10038 comm="syz.0.1191" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f96b9b8f6c9 code=0x0 [ 130.761947][ T40] audit: type=1400 audit(1762522621.481:28000): avc: denied { cmd } for pid=10063 comm="syz.2.1198" path="socket:[32578]" dev="sockfs" ino=32578 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 130.767526][T10064] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7) [ 130.773968][T10064] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 130.777100][T10064] vhci_hcd vhci_hcd.0: Device attached [ 130.781208][T10065] usbip_core: unknown command [ 130.783235][T10065] vhci_hcd: unknown pdu 0 [ 130.785015][T10065] usbip_core: unknown command [ 130.787020][ T61] vhci_hcd: stop threads [ 130.788763][ T61] vhci_hcd: release socket [ 130.790690][ T61] vhci_hcd: disconnect device [ 131.347493][T10070] bond_slave_0: Caught tx_queue_len zero misconfig [ 131.362654][T10070] team0: Caught tx_queue_len zero misconfig [ 131.445740][T10078] random: crng reseeded on system resumption [ 131.560063][T10087] input input14: cannot allocate more than FF_MAX_EFFECTS effects [ 131.564873][T10087] tmpfs: Bad value for 'mpol' [ 131.653478][ T40] audit: type=1400 audit(1762522622.371:28001): avc: denied { write } for pid=10095 comm="syz.1.1208" path="socket:[34415]" dev="sockfs" ino=34415 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 131.731881][ T40] audit: type=1400 audit(1762522622.451:28002): avc: denied { setattr } for pid=10098 comm="syz.1.1209" name="NETLINK" dev="sockfs" ino=34824 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 131.840762][ T40] audit: type=1326 audit(1762522622.561:28003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10103 comm="syz.1.1211" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb38378f6c9 code=0x7ffc0000 [ 131.853885][ T40] audit: type=1326 audit(1762522622.561:28004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10103 comm="syz.1.1211" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb38378f6c9 code=0x7ffc0000 [ 131.892442][T10107] sch_tbf: burst 1023 is lower than device lo mtu (65550) ! [ 131.950183][T10114] SELinux: policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c [ 131.953444][T10114] SELinux: failed to load policy [ 132.087837][T10124] __nla_validate_parse: 125 callbacks suppressed [ 132.087847][T10124] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1218'. [ 132.241944][T10136] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1222'. [ 132.245341][T10136] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1222'. [ 132.380233][ T34] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 132.541160][ T34] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 132.544764][ T34] usb 7-1: config 0 interface 0 has no altsetting 0 [ 132.548379][ T34] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 132.551955][ T34] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 132.555308][ T34] usb 7-1: Product: syz [ 132.557094][ T34] usb 7-1: Manufacturer: syz [ 132.559062][ T34] usb 7-1: SerialNumber: syz [ 132.566355][ T34] usb 7-1: config 0 descriptor?? [ 132.573039][ T34] usb 7-1: selecting invalid altsetting 0 [ 132.733339][T10151] 8021q: adding VLAN 0 to HW filter on device bond3 [ 132.736431][T10151] bond3: entered allmulticast mode [ 132.738578][T10151] bond0: (slave bond3): Enslaving as an active interface with an up link [ 132.777435][T10133] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled [ 132.782344][ T9] usb 7-1: USB disconnect, device number 21 [ 132.838527][ T5936] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 132.845216][ T5936] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 132.848426][ T5936] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 132.853803][ T5936] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 132.857429][ T5936] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 132.871386][ T5946] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 132.873832][ T5946] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 132.876143][ T5946] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 132.881440][ T5946] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 132.885541][ T5946] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 132.912181][T10154] ICMPv6: NDISC: Failed to initialize the control socket (err -2) [ 133.161308][ T72] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface [ 133.165130][ T72] bond0 (unregistering): Released all slaves [ 133.234530][ T72] bond2 (unregistering): Released all slaves [ 133.246649][ T72] bond1 (unregistering): Released all slaves [ 133.259951][ T72] bond3 (unregistering): Released all slaves [ 133.270611][ T72] bond4 (unregistering): Released all slaves [ 133.368617][ T40] kauditd_printk_skb: 127 callbacks suppressed [ 133.368632][ T40] audit: type=1400 audit(1762522624.081:28132): avc: denied { read open } for pid=10163 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1902 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 133.385971][ T40] audit: type=1400 audit(1762522624.081:28133): avc: denied { getattr } for pid=10163 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1902 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 133.396528][ T40] audit: type=1400 audit(1762522624.101:28134): avc: denied { add_name } for pid=10158 comm="dhcpcd-run-hook" name="resolv.conf.eth2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 133.405968][ T40] audit: type=1400 audit(1762522624.101:28135): avc: denied { create } for pid=10158 comm="dhcpcd-run-hook" name="resolv.conf.eth2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 133.416089][ T40] audit: type=1400 audit(1762522624.101:28136): avc: denied { write open } for pid=10158 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.eth2.link" dev="tmpfs" ino=5938 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 133.433835][ T40] audit: type=1400 audit(1762522624.101:28137): avc: denied { append } for pid=10158 comm="dhcpcd-run-hook" name="resolv.conf.eth2.link" dev="tmpfs" ino=5938 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 133.444471][ T40] audit: type=1400 audit(1762522624.101:28138): avc: denied { getattr } for pid=10158 comm="dhcpcd-run-hook" path="/tmp/resolv.conf" dev="tmpfs" ino=4 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 133.469714][ T40] audit: type=1400 audit(1762522624.121:28139): avc: denied { read write } for pid=10164 comm="syz.2.1230" name="video6" dev="devtmpfs" ino=963 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 133.479215][ T40] audit: type=1400 audit(1762522624.121:28140): avc: denied { open } for pid=10164 comm="syz.2.1230" path="/dev/video6" dev="devtmpfs" ino=963 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 133.492522][ T40] audit: type=1400 audit(1762522624.121:28141): avc: denied { ioctl } for pid=10164 comm="syz.2.1230" path="/dev/video6" dev="devtmpfs" ino=963 ioctlcmd=0x5602 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 133.589118][T10154] chnl_net:caif_netlink_parms(): no params data found [ 133.700021][T10185] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 133.717551][T10187] netlink: 284 bytes leftover after parsing attributes in process `syz.2.1232'. [ 133.887693][T10187] futex_wake_op: syz.2.1232 tries to shift op by -1; fix this program [ 133.914378][T10154] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.916630][T10154] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.918885][T10154] bridge_slave_0: entered allmulticast mode [ 133.924710][T10154] bridge_slave_0: entered promiscuous mode [ 133.932758][T10154] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.935110][T10154] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.937442][T10154] bridge_slave_1: entered allmulticast mode [ 133.940074][T10154] bridge_slave_1: entered promiscuous mode [ 134.023059][ T72] hsr_slave_0: left promiscuous mode [ 134.025705][ T72] hsr_slave_1: left promiscuous mode [ 134.030185][ T72] batman_adv: batadv0: Removing interface: macsec1 [ 134.051490][ T72] pimreg (unregistering): left allmulticast mode [ 134.071640][T10215] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1239'. [ 134.149230][T10222] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 134.202156][T10224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1243'. [ 134.202179][T10225] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1243'. [ 134.655693][T10233] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1245'. [ 134.660537][T10233] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1245'. [ 134.674017][T10233] netlink: 11 bytes leftover after parsing attributes in process `syz.3.1245'. [ 134.962974][ T5936] Bluetooth: hci1: command tx timeout [ 135.368947][T10154] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 135.394094][T10154] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 135.486273][T10154] team0: Port device team_slave_0 added [ 135.508024][T10154] team0: Port device team_slave_1 added [ 135.627192][T10154] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 135.629413][T10154] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 135.638611][T10154] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 135.645220][T10154] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 135.647444][T10154] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 135.655755][T10154] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 135.831576][T10154] hsr_slave_0: entered promiscuous mode [ 135.836770][T10154] hsr_slave_1: entered promiscuous mode [ 135.836905][T10281] binder: 10280:10281 unknown command 0 [ 135.844265][T10283] trusted_key: encrypted_key: insufficient parameters specified [ 135.847820][T10281] binder: 10280:10281 ioctl c0306201 200000000300 returned -22 [ 135.860976][T10283] trusted_key: encrypted_key: insufficient parameters specified [ 136.154171][T10319] RDS: rds_bind could not find a transport for ::ffff:100.1.1.2, load rds_tcp or rds_rdma? [ 136.190959][T10154] netdevsim netdevsim4 netdevsim0: renamed from eth6 [ 136.202306][T10154] netdevsim netdevsim4 netdevsim1: renamed from eth7 [ 136.208681][T10154] netdevsim netdevsim4 netdevsim2: renamed from eth8 [ 136.215080][T10154] netdevsim netdevsim4 netdevsim3: renamed from eth9 [ 136.336474][T10344] autofs4:pid:10344:validate_dev_ioctl: path string terminator missing for cmd(0xc0189371) [ 136.407503][T10154] 8021q: adding VLAN 0 to HW filter on device team0 [ 136.425642][ T7142] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.428648][ T7142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 136.455654][ T7142] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.458184][ T7142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 136.567941][T10359] SELinux: Context system_u:object_r:unconfined_execmem_exec_t:s0 is not valid (left unmapped). [ 136.645568][T10366] random: crng reseeded on system resumption [ 136.685490][T10366] syz.3.1282 (10366) used greatest stack depth: 19544 bytes left [ 136.712525][T10154] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 136.765953][T10384] SELinux: unknown common  [ 136.767537][T10384] SELinux: failed to load policy [ 136.773576][T10380] SELinux: unknown common  [ 136.775715][T10380] SELinux: failed to load policy [ 136.966497][T10154] veth0_vlan: entered promiscuous mode [ 136.972612][T10154] veth1_vlan: entered promiscuous mode [ 137.039664][ T5936] Bluetooth: hci1: command tx timeout [ 137.066771][T10154] veth0_macvtap: entered promiscuous mode [ 137.080935][T10154] veth1_macvtap: entered promiscuous mode [ 137.133327][T10154] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 137.156478][T10154] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 137.189018][ T1072] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.195744][ T1072] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.208007][T10435] __nla_validate_parse: 5 callbacks suppressed [ 137.208022][T10435] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1302'. [ 137.221115][ T1072] netdevsim netdevsim1 eth4: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.224429][ T1072] netdevsim netdevsim1 eth5: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.229064][T10436] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2576 sclass=netlink_route_socket pid=10436 comm=syz.0.1302 [ 137.229173][T10435] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2576 sclass=netlink_route_socket pid=10435 comm=syz.0.1302 [ 137.234846][T10436] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1302'. [ 137.234863][T10438] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1302'. [ 137.237657][T10154] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 137.252000][ T1072] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.259574][ T1072] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.266625][T10154] wireguard: wg0: Could not create IPv6 socket [ 137.270875][ T1072] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.273852][ T1072] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.278190][T10436] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1302'. [ 137.282034][T10154] wireguard: wg1: Could not create IPv6 socket [ 137.282783][T10436] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1302'. [ 137.289098][T10154] wireguard: wg2: Could not create IPv6 socket [ 137.331308][ T1072] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.334303][ T1072] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.362264][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.364786][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.610710][T10480] netlink: 75 bytes leftover after parsing attributes in process `syz.3.1318'. [ 137.621536][T10485] openvswitch: netlink: Key 6 has unexpected len 9 expected 2 [ 137.651210][ T29] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 137.706340][T10498] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1324'. [ 137.709897][T10498] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1324'. [ 137.742575][T10503] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10503 comm=syz.0.1326 [ 137.809912][ T29] usb 9-1: Using ep0 maxpacket: 8 [ 137.816995][ T29] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 137.820635][ T29] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 137.823628][ T29] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 137.826688][ T29] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 137.831132][ T29] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 137.834376][ T29] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.004224][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.006741][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.061639][ T29] usb 9-1: GET_CAPABILITIES returned 0 [ 138.063718][ T29] usbtmc 9-1:16.0: can't read capabilities [ 138.092053][T10531] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1331'. [ 138.613923][ T40] kauditd_printk_skb: 591 callbacks suppressed [ 138.613940][ T40] audit: type=1400 audit(1762522629.331:28733): avc: denied { ioctl } for pid=10457 comm="syz.4.1228" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 138.964804][ T40] audit: type=1400 audit(1762522629.681:28734): avc: denied { create } for pid=10457 comm="syz.4.1228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 138.971896][ T40] audit: type=1400 audit(1762522629.681:28735): avc: denied { connect } for pid=10457 comm="syz.4.1228" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 139.067465][ T40] audit: type=1400 audit(1762522629.781:28736): avc: denied { execmem } for pid=10502 comm="syz.0.1326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 139.073658][ T40] audit: type=1400 audit(1762522629.781:28737): avc: denied { execute } for pid=10502 comm="syz.0.1326" path="/308/cpuacct.usage_percpu" dev="tmpfs" ino=1675 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 139.083288][ T40] audit: type=1400 audit(1762522629.781:28738): avc: denied { create } for pid=10502 comm="syz.0.1326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 139.090160][ T40] audit: type=1400 audit(1762522629.781:28739): avc: denied { ioctl } for pid=10502 comm="syz.0.1326" path="socket:[38074]" dev="sockfs" ino=38074 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 139.098020][ T40] audit: type=1400 audit(1762522629.791:28740): avc: denied { setopt } for pid=10502 comm="syz.0.1326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 139.131767][ T5936] Bluetooth: hci1: command tx timeout [ 139.134741][ T40] audit: type=1400 audit(1762522629.851:28741): avc: denied { map_create } for pid=10582 comm="syz.2.1335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 139.140611][T10584] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1335'. [ 139.141294][ T40] audit: type=1400 audit(1762522629.851:28742): avc: denied { map_read map_write } for pid=10582 comm="syz.2.1335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 139.193627][T10594] fuse: blksize only supported for fuseblk [ 139.204382][T10598] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10598 comm=syz.2.1339 [ 139.343908][T10613] IPVS: Error during creation of socket; terminating [ 139.512631][T10626] sd 0:0:0:0: PR command failed: 1026 [ 139.514333][T10626] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 139.516445][T10626] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 140.023803][ T5649] wireguard: wg0: Could not create IPv6 socket [ 140.224757][ T5649] wireguard: wg1: Could not create IPv6 socket [ 140.397266][ T5649] wireguard: wg2: Could not create IPv6 socket [ 140.420919][ T29] usb 9-1: USB disconnect, device number 2 [ 140.442812][T10707] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 140.508985][T10720] binder: BINDER_SET_CONTEXT_MGR already set [ 140.513948][T10720] binder: 10717:10720 ioctl 4018620d 200000000100 returned -16 [ 140.518508][T10720] binder: BINDER_SET_CONTEXT_MGR already set [ 140.520683][T10720] binder: 10717:10720 ioctl 4018620d 200000004a80 returned -16 [ 140.524742][T10719] binder_alloc: 10717: binder_alloc_buf, no vma [ 140.524763][T10720] binder_alloc: 10717: binder_alloc_buf, no vma [ 140.729590][ T24] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 140.880051][ T24] usb 5-1: Using ep0 maxpacket: 8 [ 140.884044][ T24] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 140.887959][ T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 140.892146][ T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 140.895889][ T24] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 140.902403][ T24] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 140.905520][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.112423][ T24] usb 5-1: GET_CAPABILITIES returned 0 [ 141.114312][ T24] usbtmc 5-1:16.0: can't read capabilities [ 141.209541][ T5936] Bluetooth: hci1: command tx timeout [ 141.316064][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 141.324359][ T24] usb 5-1: USB disconnect, device number 13 [ 141.975818][T10802] FAULT_INJECTION: forcing a failure. [ 141.975818][T10802] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 141.983826][T10802] CPU: 0 UID: 0 PID: 10802 Comm: syz.2.1377 Not tainted syzkaller #0 PREEMPT(full) [ 141.983850][T10802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 141.983861][T10802] Call Trace: [ 141.983866][T10802] [ 141.983873][T10802] dump_stack_lvl+0x16c/0x1f0 [ 141.983905][T10802] should_fail_ex+0x512/0x640 [ 141.983930][T10802] _copy_from_user+0x2e/0xd0 [ 141.983952][T10802] move_addr_to_kernel+0x65/0x170 [ 141.983972][T10802] __sys_connect+0xb1/0x160 [ 141.983991][T10802] ? __pfx___sys_connect+0x10/0x10 [ 141.984019][T10802] ? __pfx_ksys_write+0x10/0x10 [ 141.984041][T10802] __x64_sys_connect+0x72/0xb0 [ 141.984060][T10802] ? lockdep_hardirqs_on+0x7c/0x110 [ 141.984087][T10802] do_syscall_64+0xcd/0xfa0 [ 141.984132][T10802] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.984151][T10802] RIP: 0033:0x7f4d37f8f6c9 [ 141.984165][T10802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.984182][T10802] RSP: 002b:00007f4d38d7a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 141.984199][T10802] RAX: ffffffffffffffda RBX: 00007f4d381e5fa0 RCX: 00007f4d37f8f6c9 [ 141.984210][T10802] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000004 [ 141.984220][T10802] RBP: 00007f4d38d7a090 R08: 0000000000000000 R09: 0000000000000000 [ 141.984230][T10802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 141.984241][T10802] R13: 00007f4d381e6038 R14: 00007f4d381e5fa0 R15: 00007ffc3a945d48 [ 141.984273][T10802] [ 142.044910][ C0] vkms_vblank_simulate: vblank timer overrun [ 142.082256][T10813] random: crng reseeded on system resumption [ 142.129774][T10819] trusted_key: encrypted_key: keyword 'new0default' not recognized [ 142.278774][T10826] syzkaller0: entered promiscuous mode [ 142.281123][T10826] syzkaller0: entered allmulticast mode [ 142.362572][T10843] /dev/sg0: Can't lookup blockdev [ 143.494757][T10881] FAULT_INJECTION: forcing a failure. [ 143.494757][T10881] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 143.503019][T10881] CPU: 0 UID: 0 PID: 10881 Comm: syz.4.1388 Not tainted syzkaller #0 PREEMPT(full) [ 143.503042][T10881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 143.503052][T10881] Call Trace: [ 143.503059][T10881] [ 143.503065][T10881] dump_stack_lvl+0x16c/0x1f0 [ 143.503113][T10881] should_fail_ex+0x512/0x640 [ 143.503138][T10881] _copy_to_user+0x32/0xd0 [ 143.503162][T10881] simple_read_from_buffer+0xcb/0x170 [ 143.503192][T10881] proc_fail_nth_read+0x197/0x240 [ 143.503213][T10881] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 143.503235][T10881] ? rw_verify_area+0xcf/0x6c0 [ 143.503265][T10881] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 143.503283][T10881] vfs_read+0x1e4/0xcf0 [ 143.503304][T10881] ? __pfx___mutex_lock+0x10/0x10 [ 143.503321][T10881] ? __pfx_vfs_read+0x10/0x10 [ 143.503343][T10881] ? __fget_files+0x20e/0x3c0 [ 143.503368][T10881] ksys_read+0x12a/0x250 [ 143.503383][T10881] ? __pfx_ksys_read+0x10/0x10 [ 143.503407][T10881] do_syscall_64+0xcd/0xfa0 [ 143.503425][T10881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.503442][T10881] RIP: 0033:0x7fe2b2b8e0dc [ 143.503456][T10881] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 143.503472][T10881] RSP: 002b:00007fe2b3a4f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 143.503489][T10881] RAX: ffffffffffffffda RBX: 00007fe2b2de5fa0 RCX: 00007fe2b2b8e0dc [ 143.503500][T10881] RDX: 000000000000000f RSI: 00007fe2b3a4f0a0 RDI: 0000000000000005 [ 143.503510][T10881] RBP: 00007fe2b3a4f090 R08: 0000000000000000 R09: 0000000000000000 [ 143.503519][T10881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 143.503529][T10881] R13: 00007fe2b2de6038 R14: 00007fe2b2de5fa0 R15: 00007ffe5cf51b48 [ 143.503552][T10881] [ 143.504883][T10880] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 143.578757][T10880] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 143.583035][T10880] vhci_hcd vhci_hcd.0: Device attached [ 143.593682][T10891] overlayfs: workdir and upperdir must be separate subtrees [ 143.636519][ T40] kauditd_printk_skb: 356 callbacks suppressed [ 143.636530][ T40] audit: type=1400 audit(1762522634.351:29099): avc: denied { remove_name } for pid=10893 comm="rm" name="resolv.conf.veth0_to_batadv.link" dev="tmpfs" ino=6704 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 143.648778][ T40] audit: type=1400 audit(1762522634.351:29100): avc: denied { unlink } for pid=10893 comm="rm" name="resolv.conf.veth0_to_batadv.link" dev="tmpfs" ino=6704 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 143.656593][ T40] audit: type=1400 audit(1762522634.371:29101): avc: denied { read write } for pid=10895 comm="syz.4.1392" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 143.664754][ T40] audit: type=1400 audit(1762522634.371:29102): avc: denied { open } for pid=10895 comm="syz.4.1392" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 143.673724][ T40] audit: type=1400 audit(1762522634.371:29103): avc: denied { append } for pid=10895 comm="syz.4.1392" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 143.681884][ T40] audit: type=1400 audit(1762522634.371:29104): avc: denied { ioctl } for pid=10895 comm="syz.4.1392" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x127f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 143.696023][ T40] audit: type=1400 audit(1762522634.411:29105): avc: denied { create } for pid=10898 comm="syz.2.1393" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 143.707895][ T40] audit: type=1400 audit(1762522634.411:29106): avc: denied { write } for pid=10898 comm="syz.2.1393" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 143.716995][ T40] audit: type=1400 audit(1762522634.411:29107): avc: denied { read } for pid=10898 comm="syz.2.1393" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 143.731934][ T40] audit: type=1400 audit(1762522634.451:29108): avc: denied { read open } for pid=10901 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1902 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 143.786703][T10903] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57872 sclass=netlink_route_socket pid=10903 comm=syz.4.1394 [ 143.800184][ T9] usb 5-1: new low-speed USB device number 14 using dummy_hcd [ 143.819627][ T24] usb 37-1: new low-speed USB device number 2 using vhci_hcd [ 143.826528][T10909] QAT: Stopping all acceleration devices. [ 143.831009][T10909] validate_nla: 124 callbacks suppressed [ 143.831019][T10909] netlink: 'syz.4.1395': attribute type 9 has an invalid length. [ 143.891104][T10915] __nla_validate_parse: 3 callbacks suppressed [ 143.891115][T10915] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1396'. [ 143.896266][T10915] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1396'. [ 143.899733][T10915] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1396'. [ 143.944495][T10919] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 143.962332][ T34] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 143.978342][ T9] usb 5-1: config 0 has no interfaces? [ 143.980630][ T9] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 143.984308][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.990872][ T9] usb 5-1: config 0 descriptor?? [ 144.052794][T10928] macsec1: entered promiscuous mode [ 144.055052][T10928] macsec1: entered allmulticast mode [ 144.097072][T10932] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.1399'. [ 144.125244][ T34] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 144.130582][ T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.133148][ T34] usb 7-1: Product: syz [ 144.134493][ T34] usb 7-1: Manufacturer: syz [ 144.135959][ T34] usb 7-1: SerialNumber: syz [ 144.146868][ T34] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 144.162534][ T34] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 144.173809][T10944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1403'. [ 144.201234][T10882] usbip_core: unknown command [ 144.202755][T10882] vhci_hcd: unknown pdu 0 [ 144.205439][T10882] usbip_core: unknown command [ 144.207699][ T9] usb 5-1: USB disconnect, device number 14 [ 144.213161][ T7139] vhci_hcd: stop threads [ 144.218642][ T7139] vhci_hcd: release socket [ 144.221535][ T7139] vhci_hcd: disconnect device [ 144.269656][ T24] vhci_hcd: vhci_device speed not set [ 144.860436][T10993] netlink: 'syz.4.1412': attribute type 21 has an invalid length. [ 144.873250][T10990] Bluetooth: hci0: unsupported parameter 255 [ 144.875831][T10990] Bluetooth: hci0: unsupported parameter 255 [ 145.066080][T11010] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1417'. [ 145.155948][T11022] fuse: Bad value for 'fd' [ 145.161809][T11022] IPv6: NLM_F_CREATE should be specified when creating new route [ 145.200435][ T34] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 145.202776][ T34] ath9k_htc: Failed to initialize the device [ 145.229928][ T34] usb 7-1: ath9k_htc: USB layer deinitialized [ 145.316666][T11042] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1424'. [ 145.365985][T11047] overlayfs: missing 'lowerdir' [ 145.456547][T11057] ./bus: Can't lookup blockdev [ 145.929028][T11074] netlink: 'syz.2.1393': attribute type 10 has an invalid length. [ 145.936990][T11074] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 146.587686][T11134] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1440'. [ 146.590752][T11134] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1440'. [ 146.598298][T11134] geneve2: entered promiscuous mode [ 146.601331][T11134] geneve2: entered allmulticast mode [ 146.773805][T11149] FAULT_INJECTION: forcing a failure. [ 146.773805][T11149] name failslab, interval 1, probability 0, space 0, times 1 [ 146.778029][T11149] CPU: 0 UID: 0 PID: 11149 Comm: syz.0.1443 Not tainted syzkaller #0 PREEMPT(full) [ 146.778044][T11149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 146.778050][T11149] Call Trace: [ 146.778055][T11149] [ 146.778059][T11149] dump_stack_lvl+0x16c/0x1f0 [ 146.778080][T11149] should_fail_ex+0x512/0x640 [ 146.778093][T11149] ? fs_reclaim_acquire+0xae/0x150 [ 146.778107][T11149] should_failslab+0xc2/0x120 [ 146.778120][T11149] __kmalloc_noprof+0xdd/0x880 [ 146.778135][T11149] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 146.778151][T11149] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 146.778162][T11149] tomoyo_realpath_from_path+0xc2/0x6e0 [ 146.778176][T11149] ? tomoyo_profile+0x47/0x60 [ 146.778190][T11149] tomoyo_path_number_perm+0x245/0x580 [ 146.778207][T11149] ? tomoyo_path_number_perm+0x237/0x580 [ 146.778224][T11149] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 146.778242][T11149] ? find_held_lock+0x2b/0x80 [ 146.778268][T11149] ? find_held_lock+0x2b/0x80 [ 146.778280][T11149] ? hook_file_ioctl_common+0x145/0x410 [ 146.778297][T11149] ? __fget_files+0x20e/0x3c0 [ 146.778310][T11149] security_file_ioctl+0x9b/0x240 [ 146.778323][T11149] __x64_sys_ioctl+0xb7/0x210 [ 146.778339][T11149] do_syscall_64+0xcd/0xfa0 [ 146.778350][T11149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.778360][T11149] RIP: 0033:0x7f96b9b8f6c9 [ 146.778369][T11149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.778380][T11149] RSP: 002b:00007f96ba9e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 146.778390][T11149] RAX: ffffffffffffffda RBX: 00007f96b9de5fa0 RCX: 00007f96b9b8f6c9 [ 146.778396][T11149] RDX: 0000200000000240 RSI: 000000000000127f RDI: 0000000000000004 [ 146.778402][T11149] RBP: 00007f96ba9e9090 R08: 0000000000000000 R09: 0000000000000000 [ 146.778408][T11149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 146.778414][T11149] R13: 00007f96b9de6038 R14: 00007f96b9de5fa0 R15: 00007ffcd5b81048 [ 146.778428][T11149] [ 146.778432][T11149] ERROR: Out of memory at tomoyo_realpath_from_path. [ 146.934566][ T5936] Bluetooth: unknown link type 128 [ 146.938370][ T5936] Bluetooth: unknown link type 128 [ 146.942469][ T5936] Bluetooth: unknown link type 128 [ 146.944755][ T5936] Bluetooth: unknown link type 128 [ 146.946946][ T5936] Bluetooth: unknown link type 128 [ 146.949120][ T5936] Bluetooth: unknown link type 128 [ 146.951516][ T5936] Bluetooth: unknown link type 128 [ 146.953698][ T5936] Bluetooth: unknown link type 128 [ 146.955819][ T5936] Bluetooth: unknown link type 128 [ 146.958125][ T5936] Bluetooth: unknown link type 128 [ 146.960471][ T5936] Bluetooth: unknown link type 128 [ 146.962595][ T5936] Bluetooth: unknown link type 128 [ 146.964714][ T5936] Bluetooth: unknown link type 128 [ 146.966843][ T5936] Bluetooth: unknown link type 128 [ 146.969000][ T5936] Bluetooth: unknown link type 128 [ 146.973001][ T5936] Bluetooth: unknown link type 128 [ 146.975242][ T5936] Bluetooth: unknown link type 128 [ 146.977440][ T5936] Bluetooth: unknown link type 128 [ 146.980005][ T5936] Bluetooth: unknown link type 128 [ 146.982171][ T5936] Bluetooth: unknown link type 128 [ 146.984292][ T5936] Bluetooth: unknown link type 128 [ 146.986811][T10898] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 146.988891][T10995] usb 7-1: USB disconnect, device number 22 [ 146.991700][ T5936] Bluetooth: unknown link type 128 [ 146.991785][ T5936] Bluetooth: unknown link type 128 [ 146.991855][ T5936] Bluetooth: unknown link type 128 [ 147.000990][ T5936] Bluetooth: unknown link type 128 [ 147.003244][ T5936] Bluetooth: unknown link type 128 [ 147.005472][ T5936] Bluetooth: unknown link type 128 [ 147.007891][ T5936] Bluetooth: unknown link type 128 [ 147.010128][T11171] tipc: Started in network mode [ 147.010144][T11171] tipc: Node identity 4, cluster identity 4711 [ 147.010153][T11171] tipc: Node number set to 4 [ 147.016782][ T5936] Bluetooth: unknown link type 128 [ 147.019032][ T5936] Bluetooth: unknown link type 128 [ 147.021396][ T5936] Bluetooth: unknown link type 128 [ 147.023602][ T5936] Bluetooth: unknown link type 128 [ 147.025835][ T5936] Bluetooth: unknown link type 128 [ 147.028171][ T5936] Bluetooth: unknown link type 128 [ 147.030466][ T5936] Bluetooth: unknown link type 128 [ 147.032720][ T5936] Bluetooth: unknown link type 128 [ 147.034915][ T5936] Bluetooth: unknown link type 128 [ 147.037145][ T5936] Bluetooth: unknown link type 128 [ 147.039370][ T5936] Bluetooth: unknown link type 128 [ 147.041840][ T5936] Bluetooth: unknown link type 128 [ 147.044114][ T5936] Bluetooth: unknown link type 128 [ 147.046336][ T5936] Bluetooth: unknown link type 128 [ 147.048541][ T5936] Bluetooth: unknown link type 128 [ 147.050915][ T5936] Bluetooth: unknown link type 128 [ 147.053287][ T5936] Bluetooth: unknown link type 128 [ 147.055549][ T5936] Bluetooth: unknown link type 128 [ 147.057836][ T5936] Bluetooth: unknown link type 128 [ 147.060918][ T5936] Bluetooth: unknown link type 128 [ 147.063728][ T5936] Bluetooth: unknown link type 128 [ 147.066683][ T5936] Bluetooth: unknown link type 128 [ 147.068913][ T5936] Bluetooth: unknown link type 128 [ 147.072420][ T5936] Bluetooth: unknown link type 128 [ 147.074667][ T5936] Bluetooth: unknown link type 128 [ 147.076899][ T5936] Bluetooth: unknown link type 128 [ 147.079125][ T5936] Bluetooth: unknown link type 128 [ 147.081661][ T5936] Bluetooth: unknown link type 128 [ 147.083792][ T5936] Bluetooth: unknown link type 128 [ 147.085005][T11179] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.1453'. [ 147.085963][ T5936] Bluetooth: unknown link type 128 [ 147.091571][ T5936] Bluetooth: unknown link type 128 [ 147.093853][ T5936] Bluetooth: unknown link type 128 [ 147.096185][ T5936] Bluetooth: unknown link type 128 [ 147.098115][ T5936] Bluetooth: unknown link type 128 [ 147.109002][ T5936] Bluetooth: unknown link type 128 [ 147.111366][ T5936] Bluetooth: unknown link type 128 [ 147.113551][ T5936] Bluetooth: unknown link type 128 [ 147.141839][T11184] FAULT_INJECTION: forcing a failure. [ 147.141839][T11184] name failslab, interval 1, probability 0, space 0, times 0 [ 147.147283][T11184] CPU: 1 UID: 0 PID: 11184 Comm: syz.4.1455 Not tainted syzkaller #0 PREEMPT(full) [ 147.147306][T11184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 147.147317][T11184] Call Trace: [ 147.147324][T11184] [ 147.147331][T11184] dump_stack_lvl+0x16c/0x1f0 [ 147.147362][T11184] should_fail_ex+0x512/0x640 [ 147.147384][T11184] ? fs_reclaim_acquire+0xae/0x150 [ 147.147405][T11184] should_failslab+0xc2/0x120 [ 147.147425][T11184] __kmalloc_noprof+0xdd/0x880 [ 147.147450][T11184] ? tomoyo_encode2+0x100/0x3e0 [ 147.147474][T11184] ? tomoyo_encode2+0x100/0x3e0 [ 147.147491][T11184] tomoyo_encode2+0x100/0x3e0 [ 147.147514][T11184] tomoyo_encode+0x29/0x50 [ 147.147532][T11184] tomoyo_realpath_from_path+0x18f/0x6e0 [ 147.147561][T11184] tomoyo_path_number_perm+0x245/0x580 [ 147.147587][T11184] ? tomoyo_path_number_perm+0x237/0x580 [ 147.147616][T11184] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 147.147644][T11184] ? find_held_lock+0x2b/0x80 [ 147.147687][T11184] ? find_held_lock+0x2b/0x80 [ 147.147708][T11184] ? hook_file_ioctl_common+0x145/0x410 [ 147.147737][T11184] ? __fget_files+0x20e/0x3c0 [ 147.147760][T11184] security_file_ioctl+0x9b/0x240 [ 147.147782][T11184] __x64_sys_ioctl+0xb7/0x210 [ 147.147808][T11184] do_syscall_64+0xcd/0xfa0 [ 147.147827][T11184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.147845][T11184] RIP: 0033:0x7fe2b2b8f6c9 [ 147.147860][T11184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.147877][T11184] RSP: 002b:00007fe2b3a4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 147.147893][T11184] RAX: ffffffffffffffda RBX: 00007fe2b2de5fa0 RCX: 00007fe2b2b8f6c9 [ 147.147904][T11184] RDX: 0000200000000240 RSI: 000000000000127f RDI: 0000000000000004 [ 147.147914][T11184] RBP: 00007fe2b3a4f090 R08: 0000000000000000 R09: 0000000000000000 [ 147.147924][T11184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 147.147935][T11184] R13: 00007fe2b2de6038 R14: 00007fe2b2de5fa0 R15: 00007ffe5cf51b48 [ 147.147962][T11184] [ 147.147979][T11184] ERROR: Out of memory at tomoyo_realpath_from_path. [ 147.420328][T10995] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 147.572024][T10995] usb 7-1: config 0 has no interfaces? [ 147.573791][T10995] usb 7-1: New USB device found, idVendor=1b96, idProduct=0009, bcdDevice= 0.00 [ 147.576682][T10995] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.587665][T10995] usb 7-1: config 0 descriptor?? [ 147.724794][T11244] ICMPv6: NDISC: Failed to initialize the control socket (err -2) [ 147.794152][ T10] usb 7-1: USB disconnect, device number 23 [ 148.563120][T11298] tmpfs: Bad value for 'mpol' [ 148.565362][T11298] tmpfs: Bad value for 'mpol' [ 148.567211][T11298] tmpfs: Bad value for 'mpol' [ 148.569211][T11298] tmpfs: Bad value for 'mpol' [ 148.574713][T11298] tmpfs: Bad value for 'mpol' [ 148.576883][T11298] tmpfs: Bad value for 'mpol' [ 148.579363][T11298] tmpfs: Bad value for 'mpol' [ 148.581744][T11298] tmpfs: Bad value for 'mpol' [ 148.583813][T11298] tmpfs: Bad value for 'mpol' [ 148.585894][T11298] tmpfs: Bad value for 'mpol' [ 148.588060][T11298] tmpfs: Bad value for 'mpol' [ 148.590192][T11298] tmpfs: Bad value for 'mpol' [ 148.593115][T11298] tmpfs: Bad value for 'mpol' [ 148.595235][T11298] tmpfs: Bad value for 'mpol' [ 148.597414][T11298] tmpfs: Bad value for 'mpol' [ 148.601128][T11298] tmpfs: Bad value for 'mpol' [ 148.602723][T11298] tmpfs: Bad value for 'mpol' [ 148.604294][T11298] tmpfs: Bad value for 'mpol' [ 148.605849][T11298] tmpfs: Bad value for 'mpol' [ 148.607416][T11298] tmpfs: Bad value for 'mpol' [ 148.609393][T11298] tmpfs: Bad value for 'mpol' [ 148.612073][T11298] tmpfs: Bad value for 'mpol' [ 148.614180][T11298] tmpfs: Bad value for 'mpol' [ 148.617023][T11298] tmpfs: Bad value for 'mpol' [ 148.619186][T11298] tmpfs: Bad value for 'mpol' [ 148.626151][T11298] tmpfs: Bad value for 'mpol' [ 148.628334][T11298] tmpfs: Bad value for 'mpol' [ 148.630620][T11298] tmpfs: Bad value for 'mpol' [ 148.632792][T11298] tmpfs: Bad value for 'mpol' [ 148.634897][T11298] tmpfs: Bad value for 'mpol' [ 148.637042][T11298] tmpfs: Bad value for 'mpol' [ 148.639162][T11298] tmpfs: Bad value for 'mpol' [ 148.641378][T11298] tmpfs: Bad value for 'mpol' [ 148.643686][T11298] tmpfs: Bad value for 'mpol' [ 148.645442][T11298] tmpfs: Bad value for 'mpol' [ 148.647028][T11298] tmpfs: Bad value for 'mpol' [ 148.648628][T11298] tmpfs: Bad value for 'mpol' [ 148.651184][T11298] tmpfs: Bad value for 'mpol' [ 148.652925][T11298] tmpfs: Bad value for 'mpol' [ 148.654754][T11298] tmpfs: Bad value for 'mpol' [ 148.656427][T11298] tmpfs: Bad value for 'mpol' [ 148.658256][T11298] tmpfs: Bad value for 'mpol' [ 148.660254][T11298] tmpfs: Bad value for 'mpol' [ 148.661959][T11298] tmpfs: Bad value for 'mpol' [ 148.663649][T11298] tmpfs: Bad value for 'mpol' [ 148.665405][T11298] tmpfs: Bad value for 'mpol' [ 148.667606][T11298] tmpfs: Bad value for 'mpol' [ 148.670302][T11298] tmpfs: Bad value for 'mpol' [ 148.671902][ T40] kauditd_printk_skb: 428 callbacks suppressed [ 148.671914][ T40] audit: type=1400 audit(1762522639.391:29537): avc: denied { read write } for pid=5937 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 148.673997][T11298] tmpfs: Bad value for 'mpol' [ 148.685101][T11298] tmpfs: Bad value for 'mpol' [ 148.686688][T11298] tmpfs: Bad value for 'mpol' [ 148.688343][T11298] tmpfs: Bad value for 'mpol' [ 148.689610][ T40] audit: type=1400 audit(1762522639.391:29538): avc: denied { open } for pid=5937 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 148.690317][T11298] tmpfs: Bad value for 'mpol' [ 148.699655][ T40] audit: type=1400 audit(1762522639.391:29539): avc: denied { ioctl } for pid=5937 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 148.701873][T11298] tmpfs: Bad value for 'mpol' [ 148.712417][T11298] tmpfs: Bad value for 'mpol' [ 148.713907][T11298] tmpfs: Bad value for 'mpol' [ 148.715459][T11298] tmpfs: Bad value for 'mpol' [ 148.717088][T11298] tmpfs: Bad value for 'mpol' [ 148.718667][T11298] tmpfs: Bad value for 'mpol' [ 148.721177][T11298] tmpfs: Bad value for 'mpol' [ 148.723131][T11298] tmpfs: Bad value for 'mpol' [ 148.725339][T11298] tmpfs: Bad value for 'mpol' [ 148.727551][T11298] tmpfs: Bad value for 'mpol' [ 148.730687][T11298] tmpfs: Bad value for 'mpol' [ 148.732914][T11298] tmpfs: Bad value for 'mpol' [ 148.751741][ T40] audit: type=1400 audit(1762522639.471:29540): avc: denied { map_create } for pid=11307 comm="syz.3.1480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 148.760174][ T40] audit: type=1400 audit(1762522639.481:29541): avc: denied { prog_load } for pid=11307 comm="syz.3.1480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 148.767654][ T40] audit: type=1400 audit(1762522639.481:29542): avc: denied { bpf } for pid=11307 comm="syz.3.1480" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 148.777263][ T40] audit: type=1400 audit(1762522639.481:29543): avc: denied { perfmon } for pid=11307 comm="syz.3.1480" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 148.785792][ T40] audit: type=1400 audit(1762522639.501:29544): avc: denied { allowed } for pid=11310 comm="syz.0.1481" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 148.793581][ T40] audit: type=1400 audit(1762522639.511:29545): avc: denied { map } for pid=11310 comm="syz.0.1481" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=39547 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 148.803953][ T40] audit: type=1400 audit(1762522639.511:29546): avc: denied { read write } for pid=11310 comm="syz.0.1481" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=39547 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 148.837168][T11314] ICMPv6: NDISC: Failed to initialize the control socket (err -2) [ 149.051760][T11330] vivid-001: ================= START STATUS ================= [ 149.054159][T11330] vivid-001: Radio HW Seek Mode: Bounded [ 149.056179][T11330] vivid-001: Radio Programmable HW Seek: false [ 149.058466][T11330] vivid-001: RDS Rx I/O Mode: Block I/O [ 149.061265][T11330] vivid-001: Generate RBDS Instead of RDS: false [ 149.063885][T11330] vivid-001: RDS Reception: true [ 149.065609][T11330] vivid-001: RDS Program Type: 0 inactive [ 149.067654][T11330] vivid-001: RDS PS Name: inactive [ 149.069593][T11330] vivid-001: RDS Radio Text: inactive [ 149.071414][T11330] vivid-001: RDS Traffic Announcement: false inactive [ 149.073964][T11330] vivid-001: RDS Traffic Program: false inactive [ 149.076397][T11330] vivid-001: RDS Music: false inactive [ 149.078460][T11330] vivid-001: ================== END STATUS ================== [ 149.113866][T11333] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1485'. [ 149.119615][ T5936] Bluetooth: hci1: command tx timeout [ 149.178520][T11341] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1489'. [ 149.183981][T11341] netlink: 'syz.0.1489': attribute type 1 has an invalid length. [ 149.187285][T11341] nbd: error processing sock list [ 149.281688][T11349] fuse: Unknown parameter ' ' [ 149.806416][T11372] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1497'. [ 149.810408][T11372] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1497'. [ 149.880063][T11377] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1499'. [ 149.972692][ T24] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 149.978305][ T24] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz0] on syz0 [ 150.023345][T11388] fido_id[11388]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 150.289549][ T34] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 150.459532][ T34] usb 7-1: Using ep0 maxpacket: 32 [ 150.462709][ T34] usb 7-1: config 155 has an invalid descriptor of length 180, skipping remainder of the config [ 150.466127][ T34] usb 7-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82 [ 150.470660][ T34] usb 7-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 115, changing to 10 [ 150.474473][ T34] usb 7-1: config 155 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 26012, setting to 1024 [ 150.478277][ T34] usb 7-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11 [ 150.483470][ T34] usb 7-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30 [ 150.485938][ T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.488511][ T34] usb 7-1: Product: syz [ 150.492639][ T34] usb 7-1: Manufacturer: syz [ 150.494155][ T34] usb 7-1: SerialNumber: syz [ 150.497839][T11392] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 150.503897][ C3] imon 7-1:155.0: imon usb_rx_callback_intf0: status(-71) [ 150.508854][ T34] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:155.0/input/input17 [ 150.719571][ T34] imon 7-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR [ 150.721995][ T34] (id 0x00) [ 150.779538][ T34] rc_core: IR keymap rc-imon-pad not found [ 150.781203][ T34] Registered IR keymap rc-empty [ 150.782624][ T34] imon 7-1:155.0: Looks like you're trying to use an IR protocol this device does not support [ 150.785802][ T34] imon 7-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 150.920482][ T34] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:155.0/rc/rc0 [ 150.924808][ T34] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:155.0/rc/rc0/input18 [ 150.934511][ T34] imon 7-1:155.0: iMON device (15c2:ffdc, intf0) on usb<7:24> initialized [ 151.054134][T11442] Bluetooth: hci0: unsupported parameter 255 [ 151.056493][T11442] Bluetooth: hci0: invalid length 0, exp 2 for type 0 [ 151.096815][T11446] bond2: entered allmulticast mode [ 151.098601][T11446] 8021q: adding VLAN 0 to HW filter on device bond2 [ 151.109938][T11392] imon:display_open: display port is already open [ 151.113803][ T24] usb 7-1: USB disconnect, device number 24 [ 151.207234][T11462] Bluetooth: hci2: Opcode 0x0401 failed: -22 [ 151.210182][ T5936] Bluetooth: hci1: command tx timeout [ 151.396529][T11477] netlink: 'syz.0.1517': attribute type 21 has an invalid length. [ 151.399155][T11477] netlink: 'syz.0.1517': attribute type 6 has an invalid length. [ 151.401819][T11477] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1517'. [ 151.405642][T11477] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 151.408811][T11477] overlayfs: overlapping lowerdir path [ 151.507896][T11492] ICMPv6: NDISC: Failed to initialize the control socket (err -2) [ 151.540812][T11489] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1522'. [ 151.626661][ T24] IPVS: starting estimator thread 0... [ 151.719674][T11502] IPVS: using max 42 ests per chain, 100800 per kthread [ 151.759411][T11515] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0 [ 151.766640][T11516] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0 [ 151.773118][T11515] netlink: 'syz.0.1528': attribute type 5 has an invalid length. [ 151.959742][T11533] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1532'. [ 151.965311][T11533] netlink: 'syz.2.1532': attribute type 1 has an invalid length. [ 151.984959][T11533] veth5: entered promiscuous mode [ 152.053672][T11540] netlink: 'syz.2.1533': attribute type 1 has an invalid length. [ 152.079085][T11540] 8021q: adding VLAN 0 to HW filter on device bond2 [ 152.087259][T11540] bond2: option lacp_active: mode dependency failed, not supported in mode balance-alb(6) [ 152.096340][T11540] bond2: (slave ip6gretap1): making interface the new active one [ 152.101633][T11540] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link [ 152.392465][T11575] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27 sclass=netlink_route_socket pid=11575 comm=syz.4.1542 [ 152.715148][T11621] 8021q: VLANs not supported on nr24 [ 152.720869][T11621] 8021q: VLANs not supported on nr24 [ 153.111656][T11674] ip6tnl0: Caught tx_queue_len zero misconfig [ 153.120967][T11674] wg2: Caught tx_queue_len zero misconfig [ 153.289555][ T5946] Bluetooth: hci1: command tx timeout [ 153.291312][ T5936] Bluetooth: hci2: command tx timeout [ 153.351649][T11708] netlink: 'syz.4.1566': attribute type 21 has an invalid length. [ 153.354189][T11708] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1566'. [ 153.356919][T11708] netlink: 'syz.4.1566': attribute type 4 has an invalid length. [ 153.359286][T11708] netlink: 'syz.4.1566': attribute type 5 has an invalid length. [ 153.362578][T11708] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1566'. [ 153.457662][T11722] netlink: 'syz.2.1569': attribute type 1 has an invalid length. [ 153.461682][T11722] block nbd0: not configured, cannot reconfigure [ 153.622399][T11742] random: crng reseeded on system resumption [ 153.712159][ T40] kauditd_printk_skb: 474 callbacks suppressed [ 153.712171][ T40] audit: type=1400 audit(1762522644.431:30021): avc: denied { create } for pid=11743 comm="syz.2.1577" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 153.724921][ T40] audit: type=1400 audit(1762522644.441:30022): avc: denied { create } for pid=11743 comm="syz.2.1577" anonclass=[userfaultfd] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 153.734843][ T40] audit: type=1400 audit(1762522644.441:30023): avc: denied { ioctl } for pid=11743 comm="syz.2.1577" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=42202 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 153.746577][ T40] audit: type=1400 audit(1762522644.461:30024): avc: denied { unmount } for pid=5933 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 153.754974][ T40] audit: type=1400 audit(1762522644.471:30025): avc: denied { recv } for pid=18 comm="rcu_exp_gp_kthr" saddr=127.0.0.1 src=30000 daddr=127.0.0.1 dest=36450 netif=lo scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 153.767600][ T40] audit: type=1400 audit(1762522644.471:30026): avc: denied { recv } for pid=18 comm="rcu_exp_gp_kthr" saddr=127.0.0.1 src=36450 daddr=127.0.0.1 dest=30000 netif=lo scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 153.795542][ T40] audit: type=1400 audit(1762522644.511:30027): avc: denied { create } for pid=11757 comm="syz.0.1582" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 153.806509][ T40] audit: type=1400 audit(1762522644.521:30028): avc: denied { write } for pid=11757 comm="syz.0.1582" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 153.815186][ T40] audit: type=1400 audit(1762522644.521:30029): avc: denied { read } for pid=11757 comm="syz.0.1582" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 153.828477][ T40] audit: type=1400 audit(1762522644.521:30030): avc: denied { ioctl } for pid=11757 comm="syz.0.1582" path="socket:[42276]" dev="sockfs" ino=42276 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 153.869840][ T24] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 154.024142][ T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 154.028669][ T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 154.033404][ T24] usb 9-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 154.034826][T11779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11779 comm=syz.2.1585 [ 154.036567][ T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.041180][T11779] all: renamed from lo (while UP) [ 154.048012][ T24] usb 9-1: config 0 descriptor?? [ 154.255255][ T24] usbhid 9-1:0.0: can't add hid device: -71 [ 154.257155][ T24] usbhid 9-1:0.0: probe with driver usbhid failed with error -71 [ 154.261565][ T24] usb 9-1: USB disconnect, device number 3 [ 154.365227][T11806] CIFS mount error: No usable UNC path provided in device string! [ 154.365227][T11806] [ 154.368742][T11806] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 154.967881][T11844] __nla_validate_parse: 7 callbacks suppressed [ 154.967891][T11844] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1595'. [ 155.389938][T11865] ptrace attach of "/syz-executor exec"[5933] was attempted by "/syz-executor exec"[11865] [ 155.694202][T11895] ceph: Path missing in source [ 155.760710][T11901] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1606'. [ 155.875827][T11911] kvm: kvm [11910]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0xd17159521483291 [ 155.888194][ T8095] libceph: mon0 (1)[c::]:6789 connect error [ 156.149746][ T8095] libceph: mon0 (1)[c::]:6789 connect error [ 156.413437][T11954] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1616'. [ 156.452210][T11959] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1617'. [ 156.455103][T11959] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1617'. [ 156.457931][T11959] validate_nla: 48 callbacks suppressed [ 156.457939][T11959] netlink: 'syz.3.1617': attribute type 11 has an invalid length. [ 156.462576][T11959] netlink: 'syz.3.1617': attribute type 7 has an invalid length. [ 156.571226][T11971] /dev/sg0: Can't lookup blockdev [ 156.573542][T11971] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1622'. [ 156.614363][T11971] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7) [ 156.616554][T11971] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 156.619282][T11971] vhci_hcd vhci_hcd.0: Device attached [ 156.622199][T11975] vhci_hcd: connection closed [ 156.622381][ T72] vhci_hcd: stop threads [ 156.625307][ T72] vhci_hcd: release socket [ 156.626672][ T72] vhci_hcd: disconnect device [ 156.671156][ T8095] libceph: mon0 (1)[c::]:6789 connect error [ 156.723913][T11911] ceph: No mds server is up or the cluster is laggy [ 157.039736][ T5936] Bluetooth: hci1: command tx timeout [ 157.046431][ C3] lapbether: lapb_data_request error - 4 [ 157.049951][ C3] lapbether: lapb_data_request error - 4 [ 157.052527][ C3] lapbether: lapb_data_request error - 4 [ 157.059563][ C3] lapbether: lapb_data_request error - 4 [ 157.067712][ C3] lapbether: lapb_data_request error - 4 [ 157.079581][ C3] lapbether: lapb_data_request error - 4 [ 157.082380][ C3] lapbether: lapb_data_request error - 4 [ 157.085312][ C3] lapbether: lapb_data_request error - 4 [ 157.089231][ C3] lapbether: lapb_data_request error - 4 [ 157.092348][ C3] lapbether: lapb_data_request error - 4 [ 157.095217][ C3] lapbether: lapb_data_request error - 4 [ 157.102179][ C3] lapbether: lapb_data_request error - 4 [ 157.119219][ C3] lapbether: lapb_data_request error - 4 [ 157.121732][ C3] lapbether: lapb_data_request error - 4 [ 157.124093][ C3] lapbether: lapb_data_request error - 4 [ 157.126927][ C3] lapbether: lapb_data_request error - 4 [ 157.129607][ C3] lapbether: lapb_data_request error - 4 [ 157.136968][ C3] lapbether: lapb_data_request error - 4 [ 157.139556][ C3] lapbether: lapb_data_request error - 4 [ 157.142263][ C3] lapbether: lapb_data_request error - 4 [ 157.145667][ C3] lapbether: lapb_data_request error - 4 [ 157.152962][ C3] lapbether: lapb_data_request error - 4 [ 157.155921][ C3] lapbether: lapb_data_request error - 4 [ 157.161572][ C3] lapbether: lapb_data_request error - 4 [ 157.166023][ C3] lapbether: lapb_data_request error - 4 [ 157.191446][ C3] lapbether: lapb_data_request error - 4 [ 157.271431][ C2] lapbether: lapb_data_request error - 4 [ 157.275474][ C2] lapbether: lapb_data_request error - 4 [ 157.442811][ C2] lapbether: lapb_data_request error - 4 [ 157.566839][T12046] ufs: You didn't specify the type of your ufs filesystem [ 157.566839][T12046] [ 157.566839][T12046] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 157.566839][T12046] [ 157.566839][T12046] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 157.583683][T12046] ufs: ufstype=old is supported read-only [ 157.586308][T12046] ufs: ufs_fill_super(): bad magic number [ 157.700190][T12067] overlayfs: failed to resolve './file0': -2 [ 157.728161][T12051] pim6reg1: entered promiscuous mode [ 157.731539][T12051] pim6reg1: entered allmulticast mode [ 157.766827][ C2] lapbether: lapb_data_request error - 4 [ 157.768672][ C2] lapbether: lapb_data_request error - 4 [ 157.770524][ C2] lapbether: lapb_data_request error - 4 [ 157.772357][ C2] lapbether: lapb_data_request error - 4 [ 157.774151][ C2] lapbether: lapb_data_request error - 4 [ 157.775904][ C2] lapbether: lapb_data_request error - 4 [ 157.777819][ C2] lapbether: lapb_data_request error - 4 [ 157.841518][ C3] lapbether: lapb_data_request error - 4 [ 157.844897][ C3] lapbether: lapb_data_request error - 4 [ 157.847529][ C3] lapbether: lapb_data_request error - 4 [ 157.850759][ C3] lapbether: lapb_data_request error - 4 [ 157.853786][ C3] lapbether: lapb_data_request error - 4 [ 158.220593][ C2] lapbether: lapb_data_request error - 4 [ 158.224951][ C2] lapbether: lapb_data_request error - 4 [ 158.227036][ C2] lapbether: lapb_data_request error - 4 [ 158.393638][ C2] lapbether: lapb_data_request error - 4 [ 158.400347][ C2] lapbether: lapb_data_request error - 4 [ 158.402566][ C2] lapbether: lapb_data_request error - 4 [ 158.476880][T12062] 9pnet_fd: p9_fd_create_tcp (12062): problem connecting socket to 127.0.0.1 [ 158.482692][ C2] lapbether: lapb_data_request error - 4 [ 158.485145][ C2] lapbether: lapb_data_request error - 4 [ 158.492733][T12101] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1643'. [ 158.496108][T12101] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1643'. [ 158.533721][T12101] geneve2: entered promiscuous mode [ 158.536079][T12101] geneve2: entered allmulticast mode [ 158.599022][T12116] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1646'. [ 158.748327][ T40] kauditd_printk_skb: 450 callbacks suppressed [ 158.748338][ T40] audit: type=1400 audit(1762522649.461:30481): avc: denied { read write } for pid=12124 comm="syz.2.1648" name="vbi9" dev="devtmpfs" ino=1030 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 158.768310][ T40] audit: type=1400 audit(1762522649.461:30482): avc: denied { open } for pid=12124 comm="syz.2.1648" path="/dev/vbi9" dev="devtmpfs" ino=1030 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 158.777175][ T40] audit: type=1400 audit(1762522649.481:30483): avc: denied { read write } for pid=12124 comm="syz.2.1648" name="fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 158.789403][ T40] audit: type=1400 audit(1762522649.481:30484): avc: denied { open } for pid=12124 comm="syz.2.1648" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 158.794008][T12127] loop5: detected capacity change from 0 to 7 [ 158.799755][ T40] audit: type=1400 audit(1762522649.481:30485): avc: denied { mount } for pid=12124 comm="syz.2.1648" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 158.803459][ C2] lapbether: lapb_data_request error - 4 [ 158.808486][ T40] audit: type=1400 audit(1762522649.511:30486): avc: denied { mount } for pid=12128 comm="syz.3.1650" name="/" dev="ramfs" ino=41769 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 158.817003][ T40] audit: type=1400 audit(1762522649.511:30487): avc: denied { create } for pid=12128 comm="syz.3.1650" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 158.819180][ C3] lapbether: lapb_data_request error - 4 [ 158.825255][ T40] audit: type=1400 audit(1762522649.511:30488): avc: denied { write } for pid=12128 comm="syz.3.1650" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 158.826572][T10175] Dev loop5: unable to read RDB block 7 [ 158.832935][ C3] lapbether: lapb_data_request error - 4 [ 158.836325][ C3] lapbether: lapb_data_request error - 4 [ 158.843494][ C3] lapbether: lapb_data_request error - 4 [ 158.843671][ C3] lapbether: lapb_data_request error - 4 [ 158.844038][ C3] lapbether: lapb_data_request error - 4 [ 158.844214][ C3] lapbether: lapb_data_request error - 4 [ 158.849505][ T40] audit: type=1400 audit(1762522649.511:30489): avc: denied { read } for pid=12128 comm="syz.3.1650" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 158.850512][ C3] lapbether: lapb_data_request error - 4 [ 158.851576][ T40] audit: type=1400 audit(1762522649.521:30490): avc: denied { ioctl } for pid=12128 comm="syz.3.1650" path="socket:[41774]" dev="sockfs" ino=41774 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 158.854535][ C3] lapbether: lapb_data_request error - 4 [ 158.879784][T10175] loop5: unable to read partition table [ 158.882437][T10175] loop5: partition table beyond EOD, truncated [ 158.885530][ C3] lapbether: lapb_data_request error - 4 [ 158.888117][ C3] lapbether: lapb_data_request error - 4 [ 158.891677][ C3] lapbether: lapb_data_request error - 4 [ 158.894199][ C3] lapbether: lapb_data_request error - 4 [ 158.908109][ T7211] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 158.929185][ T7211] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 158.931331][ C0] lapbether: lapb_data_request error - 4 [ 158.932961][ T7211] netdevsim netdevsim1 eth4: set [0, 0] type 1 family 0 port 8472 - 0 [ 158.934166][ C0] lapbether: lapb_data_request error - 4 [ 158.936633][ T7211] netdevsim netdevsim1 eth5: set [0, 0] type 1 family 0 port 8472 - 0 [ 158.938410][ C0] lapbether: lapb_data_request error - 4 [ 158.942594][ C0] lapbether: lapb_data_request error - 4 [ 158.944347][ C0] lapbether: lapb_data_request error - 4 [ 158.946109][ C0] lapbether: lapb_data_request error - 4 [ 158.947867][ C0] lapbether: lapb_data_request error - 4 [ 158.949803][ C0] lapbether: lapb_data_request error - 4 [ 158.950063][ T72] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 158.951580][ C0] lapbether: lapb_data_request error - 4 [ 158.956239][ C0] lapbether: lapb_data_request error - 4 [ 158.958037][ C0] lapbether: lapb_data_request error - 4 [ 158.960261][T12127] Dev loop5: unable to read RDB block 7 [ 158.962505][T12127] loop5: unable to read partition table [ 158.963076][ T72] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 158.965060][T12127] loop5: partition table beyond EOD, truncated [ 158.967735][T12127] loop_reread_partitions: partition scan of loop5 (úùƒå¡™‰üg¾CêjÌ–ã¢P=×!MX‹ºÐ œëÜ%õ«`Éæ˜Èµ4FLQkÝŠ5) failed (rc=-5) [ 158.973287][ T72] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 158.973310][ T72] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 158.980488][T12139] overlayfs: failed to resolve './bus': -2 [ 159.055500][T12148] netlink: 328 bytes leftover after parsing attributes in process `syz.3.1654'. [ 159.079007][T12148] SELinux: failed to load policy [ 159.104819][T12152] syz.4.1655 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 159.129607][ T5936] Bluetooth: hci1: command tx timeout [ 159.150580][ C2] lapbether: lapb_data_request error - 4 [ 159.152638][ C2] lapbether: lapb_data_request error - 4 [ 159.154764][ C2] lapbether: lapb_data_request error - 4 [ 159.156756][ C2] lapbether: lapb_data_request error - 4 [ 159.159841][ C2] lapbether: lapb_data_request error - 4 [ 159.164207][ C2] lapbether: lapb_data_request error - 4 [ 159.167181][ C2] lapbether: lapb_data_request error - 4 [ 159.173191][ C2] lapbether: lapb_data_request error - 4 [ 159.175609][ C2] lapbether: lapb_data_request error - 4 [ 159.311074][ T5649] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 159.315007][ T5649] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 159.422859][ C0] lapbether: lapb_data_request error - 4 [ 159.525212][ C1] lapbether: lapb_data_request error - 4 [ 159.528443][ C1] lapbether: lapb_data_request error - 4 [ 159.708448][ C3] lapbether: lapb_data_request error - 4 [ 159.715975][ C3] lapbether: lapb_data_request error - 4 [ 159.718045][ C3] lapbether: lapb_data_request error - 4 [ 159.752985][ C3] lapbether: lapb_data_request error - 4 [ 159.812281][ C3] lapbether: lapb_data_request error - 4 [ 159.814708][ C3] lapbether: lapb_data_request error - 4 [ 159.817127][ C3] lapbether: lapb_data_request error - 4 [ 159.819909][ C2] lapbether: lapb_data_request error - 4 [ 159.822754][ C3] lapbether: lapb_data_request error - 4 [ 159.826946][ C2] lapbether: lapb_data_request error - 4 [ 159.828849][ C2] lapbether: lapb_data_request error - 4 [ 159.830898][ C2] lapbether: lapb_data_request error - 4 [ 159.833418][ C3] lapbether: lapb_data_request error - 4 [ 159.835400][ C3] lapbether: lapb_data_request error - 4 [ 159.839126][ C3] lapbether: lapb_data_request error - 4 [ 159.841299][ C3] lapbether: lapb_data_request error - 4 [ 159.886896][ C2] lapbether: lapb_data_request error - 4 [ 160.052664][ C1] lapbether: lapb_data_request error - 4 [ 160.133018][ C2] lapbether: lapb_data_request error - 4 [ 160.137626][ C2] lapbether: lapb_data_request error - 4 [ 160.139666][ C2] lapbether: lapb_data_request error - 4 [ 160.145795][ C2] lapbether: lapb_data_request error - 4 [ 160.148401][ C2] lapbether: lapb_data_request error - 4 [ 160.152463][ C2] lapbether: lapb_data_request error - 4 [ 160.167021][ C3] lapbether: lapb_data_request error - 4 [ 160.177935][ C2] lapbether: lapb_data_request error - 4 [ 160.180210][ C2] lapbether: lapb_data_request error - 4 [ 160.191431][ C3] lapbether: lapb_data_request error - 4 [ 160.210311][ C2] lapbether: lapb_data_request error - 4 [ 160.212268][ C2] lapbether: lapb_data_request error - 4 [ 160.214616][ C2] lapbether: lapb_data_request error - 4 [ 160.216748][ C2] lapbether: lapb_data_request error - 4 [ 160.223715][ C2] lapbether: lapb_data_request error - 4 [ 160.225613][ C2] lapbether: lapb_data_request error - 4 [ 160.227439][ C2] lapbether: lapb_data_request error - 4 [ 160.229284][ C2] lapbether: lapb_data_request error - 4 [ 160.231182][ C2] lapbether: lapb_data_request error - 4 [ 160.233078][ C2] lapbether: lapb_data_request error - 4 [ 160.234912][ C2] lapbether: lapb_data_request error - 4 [ 160.241612][ C2] lapbether: lapb_data_request error - 4 [ 160.244156][ C2] lapbether: lapb_data_request error - 4 [ 160.258672][ C2] lapbether: lapb_data_request error - 4 [ 160.261112][ C2] lapbether: lapb_data_request error - 4 [ 160.329010][T12288] ------------[ cut here ]------------ [ 160.331043][T12288] WARNING: CPU: 0 PID: 12288 at arch/x86/kvm/../../../virt/kvm/pfncache.c:267 __kvm_gpc_refresh+0x14dd/0x1bb0 [ 160.334692][T12288] Modules linked in: [ 160.336209][T12288] CPU: 0 UID: 0 PID: 12288 Comm: syz.3.1669 Not tainted syzkaller #0 PREEMPT(full) [ 160.341194][T12288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 160.344585][T12288] RIP: 0010:__kvm_gpc_refresh+0x14dd/0x1bb0 [ 160.346501][T12288] Code: 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 65 05 00 00 48 8b ad 10 01 00 00 31 db e9 b3 f8 ff ff e8 e4 71 84 00 90 <0f> 0b 90 e9 c4 fa ff ff 48 8b 6c 24 60 e8 d1 71 84 00 31 db e9 4b [ 160.352616][T12288] RSP: 0018:ffffc900045177f0 EFLAGS: 00010283 [ 160.354544][T12288] RAX: 00000000000038a4 RBX: ffffffffffffffff RCX: ffffc9000c001000 [ 160.357091][T12288] RDX: 0000000000080000 RSI: ffffffff81389bbc RDI: 0000000000000000 [ 160.359638][T12288] RBP: ffff888024be13e0 R08: 0000000000000000 R09: 0000000000000001 [ 160.362159][T12288] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888000000000 [ 160.364685][T12288] R13: ffff888024be1401 R14: ffff888000000001 R15: ffffc90004517a00 [ 160.367215][T12288] FS: 00007fc72c8326c0(0000) GS:ffff8880d6a08000(0000) knlGS:0000000000000000 [ 160.370251][T12288] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.372343][T12288] CR2: 000000110c2f610c CR3: 00000000304e6000 CR4: 0000000000352ef0 [ 160.374850][T12288] Call Trace: [ 160.375946][T12288] [ 160.376969][T12288] ? find_held_lock+0x2b/0x80 [ 160.378698][T12288] ? __pfx___kvm_gpc_refresh+0x10/0x10 [ 160.380759][T12288] kvm_gpc_refresh+0xec/0x190 [ 160.382283][T12288] kvm_xen_set_evtchn.part.0+0x19c/0x270 [ 160.384107][T12288] ? kvm_xen_set_evtchn.part.0+0x187/0x270 [ 160.385969][T12288] kvm_xen_inject_timer_irqs+0x1e9/0x2b0 [ 160.387852][T12288] ? __pfx_kvm_xen_inject_timer_irqs+0x10/0x10 [ 160.390037][T12288] ? __vmx_complete_interrupts+0x111/0x4e0 [ 160.391907][T12288] kvm_inject_pending_timer_irqs+0xa8/0xc0 [ 160.393789][T12288] vcpu_run+0x178e/0x54d0 [ 160.395184][T12288] ? __pfx_vcpu_run+0x10/0x10 [ 160.396766][T12288] ? fpu_swap_kvm_fpstate+0x1be/0x410 [ 160.398471][T12288] ? __local_bh_enable_ip+0xa4/0x120 [ 160.400312][T12288] ? kvm_arch_vcpu_ioctl_run+0x1023/0x1970 [ 160.402166][T12288] kvm_arch_vcpu_ioctl_run+0x1023/0x1970 [ 160.403977][T12288] kvm_vcpu_ioctl+0x5eb/0x1690 [ 160.405510][T12288] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 160.407210][T12288] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 160.409088][T12288] ? do_vfs_ioctl+0x128/0x14f0 [ 160.410789][T12288] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 160.412405][T12288] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 160.414790][T12288] ? hook_file_ioctl_common+0x145/0x410 [ 160.416560][T12288] ? selinux_file_ioctl+0x180/0x270 [ 160.418227][T12288] ? selinux_file_ioctl+0xb4/0x270 [ 160.420092][T12288] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 160.421752][T12288] __x64_sys_ioctl+0x18e/0x210 [ 160.423284][T12288] do_syscall_64+0xcd/0xfa0 [ 160.424780][T12288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.426684][T12288] RIP: 0033:0x7fc72b98f6c9 [ 160.428235][T12288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.435079][T12288] RSP: 002b:00007fc72c832038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 160.438020][T12288] RAX: ffffffffffffffda RBX: 00007fc72bbe5fa0 RCX: 00007fc72b98f6c9 [ 160.440530][T12288] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 160.442984][T12288] RBP: 00007fc72ba11f91 R08: 0000000000000000 R09: 0000000000000000 [ 160.445650][T12288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 160.448085][T12288] R13: 00007fc72bbe6038 R14: 00007fc72bbe5fa0 R15: 00007ffd601e9758 [ 160.450590][T12288] [ 160.451587][T12288] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 160.454258][T12288] CPU: 0 UID: 0 PID: 12288 Comm: syz.3.1669 Not tainted syzkaller #0 PREEMPT(full) [ 160.457593][T12288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 160.460898][T12288] Call Trace: [ 160.461983][T12288] [ 160.462924][T12288] dump_stack_lvl+0x3d/0x1f0 [ 160.464408][T12288] vpanic+0x640/0x6f0 [ 160.465682][T12288] ? __kvm_gpc_refresh+0x14dd/0x1bb0 [ 160.467647][T12288] panic+0xca/0xd0 [ 160.469087][T12288] ? __pfx_panic+0x10/0x10 [ 160.470497][T12288] check_panic_on_warn+0xab/0xb0 [ 160.472062][T12288] __warn+0xf6/0x3c0 [ 160.473289][T12288] ? __kvm_gpc_refresh+0x14dd/0x1bb0 [ 160.474913][T12288] report_bug+0x3c3/0x580 [ 160.476256][T12288] ? __kvm_gpc_refresh+0x14dd/0x1bb0 [ 160.477956][T12288] handle_bug+0x184/0x210 [ 160.479302][T12288] exc_invalid_op+0x17/0x50 [ 160.480731][T12288] asm_exc_invalid_op+0x1a/0x20 [ 160.482267][T12288] RIP: 0010:__kvm_gpc_refresh+0x14dd/0x1bb0 [ 160.484106][T12288] Code: 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 65 05 00 00 48 8b ad 10 01 00 00 31 db e9 b3 f8 ff ff e8 e4 71 84 00 90 <0f> 0b 90 e9 c4 fa ff ff 48 8b 6c 24 60 e8 d1 71 84 00 31 db e9 4b [ 160.489971][T12288] RSP: 0018:ffffc900045177f0 EFLAGS: 00010283 [ 160.491864][T12288] RAX: 00000000000038a4 RBX: ffffffffffffffff RCX: ffffc9000c001000 [ 160.494378][T12288] RDX: 0000000000080000 RSI: ffffffff81389bbc RDI: 0000000000000000 [ 160.496952][T12288] RBP: ffff888024be13e0 R08: 0000000000000000 R09: 0000000000000001 [ 160.499446][T12288] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888000000000 [ 160.501969][T12288] R13: ffff888024be1401 R14: ffff888000000001 R15: ffffc90004517a00 [ 160.504489][T12288] ? __kvm_gpc_refresh+0x14dc/0x1bb0 [ 160.506175][T12288] ? find_held_lock+0x2b/0x80 [ 160.507679][T12288] ? __pfx___kvm_gpc_refresh+0x10/0x10 [ 160.509423][T12288] kvm_gpc_refresh+0xec/0x190 [ 160.510925][T12288] kvm_xen_set_evtchn.part.0+0x19c/0x270 [ 160.512738][T12288] ? kvm_xen_set_evtchn.part.0+0x187/0x270 [ 160.514621][T12288] kvm_xen_inject_timer_irqs+0x1e9/0x2b0 [ 160.516465][T12288] ? __pfx_kvm_xen_inject_timer_irqs+0x10/0x10 [ 160.518545][T12288] ? __vmx_complete_interrupts+0x111/0x4e0 [ 160.520402][T12288] kvm_inject_pending_timer_irqs+0xa8/0xc0 [ 160.522262][T12288] vcpu_run+0x178e/0x54d0 [ 160.523662][T12288] ? __pfx_vcpu_run+0x10/0x10 [ 160.525176][T12288] ? fpu_swap_kvm_fpstate+0x1be/0x410 [ 160.526877][T12288] ? __local_bh_enable_ip+0xa4/0x120 [ 160.528565][T12288] ? kvm_arch_vcpu_ioctl_run+0x1023/0x1970 [ 160.530408][T12288] kvm_arch_vcpu_ioctl_run+0x1023/0x1970 [ 160.532215][T12288] kvm_vcpu_ioctl+0x5eb/0x1690 [ 160.533764][T12288] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 160.535426][T12288] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 160.537384][T12288] ? do_vfs_ioctl+0x128/0x14f0 [ 160.538925][T12288] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 160.540553][T12288] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 160.542736][T12288] ? hook_file_ioctl_common+0x145/0x410 [ 160.544526][T12288] ? selinux_file_ioctl+0x180/0x270 [ 160.546178][T12288] ? selinux_file_ioctl+0xb4/0x270 [ 160.548242][T12288] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 160.550048][T12288] __x64_sys_ioctl+0x18e/0x210 [ 160.551580][T12288] do_syscall_64+0xcd/0xfa0 [ 160.553077][T12288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.554967][T12288] RIP: 0033:0x7fc72b98f6c9 [ 160.556423][T12288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.562463][T12288] RSP: 002b:00007fc72c832038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 160.565106][T12288] RAX: ffffffffffffffda RBX: 00007fc72bbe5fa0 RCX: 00007fc72b98f6c9 [ 160.567586][T12288] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 160.570078][T12288] RBP: 00007fc72ba11f91 R08: 0000000000000000 R09: 0000000000000000 [ 160.572586][T12288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 160.575142][T12288] R13: 00007fc72bbe6038 R14: 00007fc72bbe5fa0 R15: 00007ffd601e9758 [ 160.577890][T12288] [ 160.579573][T12288] Kernel Offset: disabled [ 160.580972][T12288] Rebooting in 86400 seconds.. VM DIAGNOSIS: 13:37:30 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000044 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85297f35 RDI=ffffffff9add8780 RBP=ffffffff9add8740 RSP=ffffc90004517160 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000044 R14=ffffffff9add8740 R15=ffffffff85297ed0 RIP=ffffffff85297f5f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fc72c8326c0 ffffffff 00c00000 GS =0000 ffff8880d6a08000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c2f610c CR3=00000000304e6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000013000000098 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000013000000098 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe2b2c13050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe2b2c1305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe2b2c13057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe2b2c1306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe2b2c130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe2b2c131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0672b68bb3a99850 b71dff81f39742f7 04a7a0166e3d883a c00da1f7794711ef ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 aa1e44652e9c127f ba3211dd68a3558c 9851599da7d80004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e1bdca814d48f520 74f0b8dd0feb365b 3f87ae01ca23f181 08df8894062c4927 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 664f712c2aaba582 85e7d0539ea8d028 c6524effd550ace2 667c4bfd16f56964 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 d5081abb37554bb2 946aabfb7fc867e1 bdca814d48f52074 f0b8dd0feb365b3f ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 87ae01ca23f18108 df8894062c4927aa 1e44652e9c127fba 3211dd68a3558c98 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 51599da7d8da0b76 dc46cae622ffa706 72b68bb3a99850b7 1dff81f39742f704 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000001 RBX=ffffffff8e3c46a0 RCX=ffffc90030560000 RDX=0000000000080000 RSI=ffffffff847f3a5a RDI=ffffffff8e3c46a0 RBP=ffff88807ffd6440 RSP=ffffc90005c87958 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=ffffffff847f3a5a R13=0000000000000008 R14=ffffea00004e95c0 R15=ffff888036043c88 RIP=ffffffff8198e4fb RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fe2b3a4f6c0 ffffffff 00c00000 GS =0000 ffff8880d6b08000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c2e8eb2 CR3=000000003ac34000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0003000800000002 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f96b9c13050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f96b9c1305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f96b9c13057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f96b9c1306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f96b9c130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f96b9c131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f96b9db74a8 00007f96b9db74a0 00007f96b9db7498 00007f96b9db7470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f96ba91d100 00007f96b9db7460 00007f96b9db0004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f96b9db74b8 00007f96b9db74b0 00007f96b9db74a8 00007f96b9db74a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00002a83722ff04a 747879333cc56abd a831c78b47029bf8 140dcee2a9ab1e7a ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 73619680da3935fc 79a6bc5fa060bd89 c3f96bebaa18b8b8 f96767b9026eb6e7 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 97fb5dc2fe368088 c30bf47c81876729 5c5293cb2bd8ed17 4994324429bec16a ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 add0c18e8926b290 5508fbf80720150a ecd0b0da95aa118e 0fa0e97c151e8e26 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000000 RBX=00007fabb70d1407 RCX=ffffc9000386f0c4 RDX=1ffff9200070de37 RSI=ffffffff8da05d92 RDI=00007fabb70d1407 RBP=ffffc9000386f1b8 RSP=ffffc9000386f128 R8 =ffffffff910f682e R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=ffffffff81a80530 R13=ffffc9000386f230 R14=0000000000000000 R15=ffff888029b00000 RIP=ffffffff812bf604 RFL=00000203 [------C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fabb7047740 ffffffff 00c00000 GS =0000 ffff8880d6c08000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000564133e32058 CR3=0000000033479000 CR4=00352ef0 DR0=0000000000000000 DR1=000000000639e11c DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000cafeff00 Opmask01=0000000000000003 Opmask02=000000002501007f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7830206570797420 656361667265746e ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005640f8c87a00 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6b20657479622d32 3320646e61707865 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 73696d6f646e6172 2073736572646461 2065726177647261 68203a7325000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 564c484a414b4457 0556564057414144 0540574452415744 4d051f5600000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 39773b3a3633211c 1a0f0c060379010e 3701013563538263 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff 0101910101740050 c465f034f50e1bb2 a030010001005d00 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000ff133ddc0302 39773b3a3633211c 1a0f0c060379010e 3701013563538263 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0061636f00380032 353d2f3d4800202c 0000000000000345 49522f2000000003 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=26f5478114d73400 RBX=ffffffff8e3c4760 RCX=ffffc900006f85d4 RDX=0000000000000007 RSI=ffffffff8da05d92 RDI=ffffffff8bf07040 RBP=0000000000000001 RSP=ffffc900006f85c8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=000000000000864d R12=ffffffff816c1914 R13=0000000000000206 R14=ffff888021aca480 R15=0000000000000008 RIP=ffffffff8198e643 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6d08000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fc72bbe7dac CR3=0000000012477000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000301 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe5cf51ed0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000013000000098 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000013000000098 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe2b2c13050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe2b2c1305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe2b2c13057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe2b2c1306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe2b2c130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe2b2c131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000200980070 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000028 00000000000071f8 0000000000000008 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000b00070 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000