last executing test programs: 19.657599682s ago: executing program 3 (id=313): r0 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0) write$binfmt_elf32(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c466000002ed8e4f97765ce27b90300060000000000000000b738000000000035f4c38422a3bc8220000500000004020300b300000000002a002400b3d7c52ebf31a8d5c8c3c6cb00000009e500d5ffffff05ffffff03000000110000000d60390170f74f9ef4"], 0xd8) r1 = open$dir(&(0x7f0000000040)='./file1\x00', 0x20100, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001c40), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000001dc0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_LEAVE_IBSS(r2, &(0x7f0000001e80)={0x0, 0x0, &(0x7f0000001e40)={&(0x7f0000001e00)={0x1c, r3, 0x1, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x48804) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@newlink={0x40, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x40000, 0x80000}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_LIMIT={0x5, 0xb, 0x40}]}}}]}, 0x40}}, 0x0) r6 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r6, 0x0, 0x48f, &(0x7f0000004ec0)={0x1, @empty, 0x4e22, 0x2, 'wlc\x00', 0x11, 0xfffff800, 0x2e}, 0x2c) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r8 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) r10 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x38, r7, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r9}, @val={0xc, 0x99, {0xf4, 0x2a}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x177f}], @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}]]}, 0x38}, 0x1, 0x0, 0x0, 0xd37697ff280d3c0e}, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000080)={r6, 0xfffffffffffff3b2, 0x1, 0xb000000000000000}) execveat(r1, &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x100) 19.086034434s ago: executing program 3 (id=320): keyctl$get_persistent(0x16, 0x0, 0x0) (async) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new user:syz 000000000000000020'], 0x2a, 0xfffffffffffffffc) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) (async) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) (async) add_key(&(0x7f0000000440)='asymmetric\x00', 0x0, &(0x7f0000000000)="30840201", 0x4, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="600000000206010200000600000000000000000014000780050014000700000008001240000500000900020073797a3200000000050001000700000011000300686173683a6e65742c6e6574000000000500050002000000050004"], 0x60}}, 0x0) (async, rerun: 64) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c832, 0xffffffffffffffff, 0x0) (async, rerun: 64) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x8840, 0x0) fcntl$setownex(r1, 0xf, &(0x7f0000000280)={0x2, 0xffffffffffffffff}) fcntl$lock(r1, 0x11, &(0x7f0000003c80)={0x0, 0x0, 0x380000000000, 0x8}) r2 = socket$rxrpc(0x21, 0x2, 0x2) setsockopt$RXRPC_SECURITY_KEY(r2, 0x110, 0x1, &(0x7f0000000000)='\'!]\\\x00', 0x5) add_key(&(0x7f00000001c0)='keyring\x00', &(0x7f0000001000), &(0x7f0000001000)="2e98", 0x2, 0x0) (async, rerun: 32) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/meminfo\x00', 0x0, 0x0) (rerun: 32) 18.659042798s ago: executing program 3 (id=324): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') read$FUSE(r0, &(0x7f0000000640)={0x2020}, 0x2020) ioctl$KVM_RUN(r0, 0xae80, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="740000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="0001040080a001005400128008000100736974004800028008000300ac1414bb08000c000008000014000b00fe800000000000001a000000000000aa060011004e210000060008002f000000060011004e22000006000d"], 0x74}}, 0x50) 18.160791724s ago: executing program 3 (id=329): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_REJECT(r0, &(0x7f00000003c0)={0x9, 0x108, 0xfa00, {0xffffffffffffffff, 0x4, "7eacf9", "a6019ccf9a9b12f2c31e720cf2115f3556ca8ce80b64ca96dab8dc936514bb05dd41a1708c77bdd35c220137b06f867d2975f92632bdacc8556d3b4ab290a50716252d6c99ae579a01d7eacf933a189806dbb43f9f1501a24e49d0c4c1c8277ad9a0fb35956ad521ce44dc62f344616bef775d4a4bca54e59a46d514579b08aa19ce1373d07d65f0eeccef5b060d95ef361c44d9e3e31d5592050e3c3f8ed217f422818819ebe4b24a49967a8f71dcf5f8f0b478d6d66eafcbaf25824a0518d9d5f19017fa5c558114d7b6cdb202d55508ddb777ea3fac3549c77ca403c7f9f2fe064e8e3157d68a11aeb0268544d1d837bdd367bd0bad164997add3089b4d91"}}, 0x110) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) unshare(0x22020400) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') unshare(0x0) read$FUSE(r1, &(0x7f000000ac40)={0x2020}, 0x2020) r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x4058534c, &(0x7f0000000000)={0x80, 0x9, 0x2, 0xe05, 0x20000, 0x28e7}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0) read(r5, 0x0, 0x0) sendmsg$TIPC_CMD_SET_LINK_PRI(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='h\x00^0', @ANYRES16=r4, @ANYBLOB="0100000000000000000001000000000000000c410000004c0014fffffff062726f6164636173742d6c696e6b00"/98], 0x68}, 0x1, 0x0, 0x0, 0x800}, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[0x0], 0x0, 0x0, 0x0, 0x1}) fcntl$getflags(r2, 0xb) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, &(0x7f00000003c0)={0x0, 0x0, 0x0, r6}) 17.471074479s ago: executing program 3 (id=332): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000100)={'batadv0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000000)=@newlink={0x4c, 0x10, 0x503, 0xfffffffc, 0x0, {}, [@IFLA_MAP={0x24, 0xe, {0xe, 0x3, 0x8000000000000001, 0x7, 0x8, 0x3}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8090}, 0x2400c040) 16.637173074s ago: executing program 3 (id=333): ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901}) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000280)={0x3}, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, 0x12, 0xa01, 0x0, 0x0, {0x80}}, 0x26}}, 0x0) 16.406397352s ago: executing program 32 (id=333): ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901}) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000280)={0x3}, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, 0x12, 0xa01, 0x0, 0x0, {0x80}}, 0x26}}, 0x0) 11.314561789s ago: executing program 1 (id=349): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x2}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000100)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001040)={0x4c, 0x0, &(0x7f0000000ec0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x44, 0x0, &(0x7f0000000740)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, 0x2ff8, 0x0, &(0x7f0000000300)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0}) syz_clone(0x42100080, 0x0, 0xffffffbf, 0x0, 0x0, 0x0) 2.942104832s ago: executing program 2 (id=365): bpf$BPF_PROG_ATTACH(0x9, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f00000002c0)=""/185, &(0x7f00000000c0)=0xb9) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f00000001c0), 0x1) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c) sendto$inet6(r0, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r1 = openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x2082, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r2, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty, 0x2}, 0x1c) r3 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x1, 0x100, 0x1, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r1, 0xc00464b4, &(0x7f0000000080)={r4}) r5 = socket$kcm(0x21, 0x2, 0x2) sendmsg$inet(r5, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@ip_pktinfo={{0x1c, 0x110, 0xd, {0x0, @loopback=0x7f000300, @dev}}}], 0x20}, 0x0) connect$pppl2tp(r3, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x0, @multicast2}, 0x4, 0x0, 0x3}}, 0x2e) syz_emit_ethernet(0x4c, &(0x7f0000000140)=ANY=[@ANYBLOB="0180c200000086dd6001010000161100fe8000000000000000000000000000bbfe8000000000001e00000000000000aa00000e2200169078c20300000000000030b00afe4e70e8019a6a3ba94b2e5ad63329428455805fd6cc88dafa4c269664b2fa67a20c53dea04092ccbbd7aad72407b5c865430eed82d01ef5b299b01878865e3088afc66fdf6350114f5714e90d310aefaacd6f82877bc5f0d73df059d2dc780fb679804f621e276da41357e2be576613eed9f3e9561cfc63e6626841e15b6f270d1bf9c9e56f2081d896f46517aa7ee419cdb64fb34663aeb833c649b1c8cbaa171815ba0f65bcd9381d161473b8ac394b1cb88c79640f2c6d7715a46d544d5577d63cf7e7b3be719c3f6755c26202b4f58c3336110cc201640592a87d"], 0x0) 2.645384679s ago: executing program 0 (id=366): socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x5d) r1 = socket$kcm(0x2d, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800"/12], &(0x7f0000000000)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e24, @multicast2}, 0x10) sendmmsg$inet(r2, &(0x7f0000000480)=[{{&(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x39}}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000080)="e6", 0x1}], 0x1}}], 0x1, 0x24048090) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee9, 0x4028031, 0xffffffffffffffff, 0x65364000) read$msr(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_int(r2, 0x1, 0x4a, &(0x7f0000000140)=0xffff0000, 0x4) 2.580097669s ago: executing program 2 (id=367): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_GET(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x30, 0x0, 0x8, 0x70bd2d, 0x25dfdbfe, {}, [@pci={{0x8}, {0x11}}]}, 0x30}, 0x1, 0x0, 0x0, 0x40840}, 0xa1724bcb5586c397) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b0400000000000000000200000024000480200001800700010063740000140002800800024000cf83753e9300000f08000140000000020900010073797a30000000000900020073797a32000000001400000011000100000000000000003d0281070286b0cfb7677ccac7785591826106e6af3099a9dcb8b45fe329ec1a328e0822fbdafbe020ccf0f664a4b537d8861805fce564f4f143d63dcdbcf63f61cf0ac2c3746486d2d14b93d02d51b4399424611521"], 0x78}}, 0x0) 2.249292816s ago: executing program 1 (id=368): r0 = landlock_create_ruleset(&(0x7f0000000000)={0x10, 0x0, 0x3}, 0x18, 0x0) syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301) (async) close(0x3) (async) rename(&(0x7f0000000040)='./control\x00', &(0x7f0000000080)='./control\x00') (async) landlock_restrict_self(r0, 0x6) (async) landlock_restrict_self(r0, 0x0) (async) r1 = open(&(0x7f0000000280)='.\x00', 0x141080, 0x0) fcntl$notify(r1, 0x402, 0x8000003d) landlock_restrict_self(r0, 0x0) (async) mkdir(&(0x7f0000000140)='./control\x00', 0x0) 2.249039581s ago: executing program 2 (id=369): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = dup(r0) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="5800000002060300"], 0x58}}, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), r1) r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000002c0)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x70bd26, 0x0, {}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r2}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x2}]}, @IFLA_GROUP={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048050}, 0x0) 2.041071447s ago: executing program 0 (id=370): r0 = socket$nl_route(0x10, 0x3, 0x0) mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x8) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0x1002, 0x8243}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gre={{0x8}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0) socket(0x1a, 0x80000, 0x1) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x44241, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_VERDICT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)={0x14, 0x3, 0x3, 0x101}, 0x14}, 0x1, 0x0, 0x0, 0x20004000}, 0x4) open_by_handle_at(r2, &(0x7f00000002c0)=@OVL_FILEID_V1={0x81, 0xf8, {'\x00', {0x0, 0xfb, 0x7e, 0x7, 0x3, "fe121221f1c083c7151135d6fa31e026", "53607ad6b96555d8a1b65a061f56e48d11ab8fc1ffc64f5044029f0f788ab0062ad94d8d42933b43d114bfb77e4d8f1c4d9d3a1a4c03f27e6336351b0d648e0e5cb9dc23a99ead2ebcd9bd6b09f0a831dfc5d5efab83511214b2ab03961808dc6534ff639a8edd771b"}}}, 0x200000) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@ipv4_newrule={0x1c, 0x20, 0x301, 0x0, 0x0, {0x2, 0x20, 0x0, 0x0, 0x3, 0x0, 0x0, 0x3}}, 0x1c}}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r6, &(0x7f0000000400)={0x0, 0xa7, &(0x7f00000003c0)={&(0x7f0000000300)={0x4c, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x8, 0x8e, 0x1}}]}, 0x4c}}, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000000000000000000000001850000002c00000095000000000000004495e980d4ab43a654dbda1289491fde9751ca443daaa97c18e213"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x801, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x42004}, [@IFLA_XDP={0x1c, 0x2b, 0x0, 0x1, [@IFLA_XDP_EXPECTED_FD={0x8}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x19}, @IFLA_XDP_FD={0x8, 0x1, r7}]}, @IFLA_GROUP={0x8}]}, 0x44}}, 0x0) 2.040735466s ago: executing program 1 (id=371): mknod(&(0x7f0000000040)='./file0\x00', 0x100, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) fchmodat(r0, &(0x7f0000000280)='./file0\x00', 0xfffffe9b) chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0) 1.774613247s ago: executing program 1 (id=372): socket$packet(0x11, 0x2, 0x300) syz_emit_ethernet(0x5a, &(0x7f00000010c0)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0xb, 0x0, 0x0, @broadcast=0x1000000, {0xc, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x11, 0x0, @private, @multicast2, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@remote, 0x4e210000}]}, @lsrr={0x83, 0xf, 0xaa, [@dev={0xac, 0x14, 0x14, 0x30}, @broadcast, @broadcast]}]}}}}}}}, 0x0) timer_create(0x8, &(0x7f00000002c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)=0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x77359400}}, &(0x7f0000000080)) bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffffea) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2a8, 0x1b0, 0xc8, 0x8, 0x1b0, 0x5803, 0x310, 0x2e8, 0x2e8, 0x310, 0x2e8, 0x3, 0x0, {[{{@ipv6={@loopback, @mcast1, [], [], 'erspan0\x00', 'geneve1\x00'}, 0x0, 0xa8, 0xc8, 0x0, {0x0, 0x2000000000000}}, @unspec=@TRACE={0x20}}, {{@ipv6={@remote, @mcast2, [], [], 'macvtap0\x00', 'syzkaller1\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x308) preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r6, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0) ioctl$KVM_SET_FPU(r5, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0x99, 0x0, 0x0, 0x10000, 0x2, '\x00', 0xc94}) ioctl$KVM_RUN(r6, 0xae80, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r2, 0x20, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r7, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xd, 0x0, 0x0, 0x0, 0x2000004, 0x0, 0x0, 0x41100, 0x39, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x2, 0x200008, 0x5, 0x20000}, 0x10, r7, r5}, 0x94) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r1], 0x4c}}, 0x0) r8 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0) socket$nl_route(0x10, 0x3, 0x0) 1.682616326s ago: executing program 2 (id=373): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0902000000000000000001000000050002000a00000014000700ff00000000000000000000000000000108000b00", @ANYRESHEX=r0, @ANYRES16=r1, @ANYRESOCT=r1, @ANYRES8=r1, @ANYRESHEX=r0], 0x38}}, 0x4000000) 1.52458389s ago: executing program 0 (id=374): bpf$BPF_PROG_ATTACH(0x9, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x2082, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty, 0x2}, 0x1c) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4, 0x0, 0x3}}, 0x2e) syz_emit_ethernet(0x4c, &(0x7f0000000380)={@link_local, @random="ece65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x16, 0x11, 0x0, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x3, 0x3, 0x20}, "30b00afe4e70"}}}}}}}, 0x0) 1.328694361s ago: executing program 2 (id=375): socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x5d) r1 = socket$kcm(0x2d, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800"/12], &(0x7f0000000000)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e24, @multicast2}, 0x10) sendmmsg$inet(r2, &(0x7f0000000480)=[{{&(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x39}}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000080)="e6", 0x1}], 0x1}}], 0x1, 0x24048090) syz_emit_ethernet(0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="29bfee"], 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee9, 0x4028031, 0xffffffffffffffff, 0x65364000) epoll_create(0x4) read$msr(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000140)=0xffff0000, 0x4) 1.328329977s ago: executing program 0 (id=376): ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000000180)={0x1, 0x14, 0x4, 0xfffd, 0x0, 0x40, 0x0}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r0 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000380)={0x0, 0x13, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a010200000000000000000100fffe0900010073797a30000000000900030073797a3213000000dc000000060a010400000000000000000100000508000b4000000000b4000480200001800d00010073796e70726f7879000000000c000280060001400000000034000180080001006c6f670028000280080006400000000d110002402b24292d2d2a5d24402c2d400000000006000440000700003c0001800900010068617368000000002c0002800800074000000000080003400000001608000140000000120800024000000000080004400000000020000180080001006e61740014000280080003400000000008000540000000000900010073797a30"], 0x150}}, 0x0) r2 = add_key$user(&(0x7f00000001c0), &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000080)="bc", 0x1, r0) r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f0000000200)="509aa1095913848975b5607157a828421193834b8dffab65713fbc2afcd94891611a5dd73e48ceffddc8492e1c48a180a64ed799b26f001b782f2349ad6ff8dbd340449b22dfb2a3e67b54e2b3e8d6a46a56f17fe720fd9fccacea51a72881bc6b41db4dfe504b76c1fcf8e1b4cd3135", 0x70, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r2, r3, r2}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) 888.239128ms ago: executing program 0 (id=377): io_setup(0x10000, &(0x7f0000000000)) (async) io_setup(0x10000, &(0x7f0000000000)) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) (async) r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) fcntl$setlease(r0, 0x400, 0x1) fremovexattr(r0, &(0x7f0000000040)=@known='system.posix_acl_default\x00') syz_emit_vhci(&(0x7f0000000c40)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_WRITE_CLASS_OF_DEV={{0x8}, 0x1}}}, 0x7) io_setup(0x8, &(0x7f00000002c0)) socket$netlink(0x10, 0x3, 0x0) (async) r1 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001d00010000000000ffdbdf2507000000", @ANYRES32=r3, @ANYBLOB="080006000a000200aaaaaaaaaa0c0000060005"], 0x30}}, 0x0) sendto$inet(r0, &(0x7f0000000100)="9c95792fa294062a52b8f1ec7e4296a1590cf9b9d099308a8b294d791a5d1521b3234b488daa2edf822695dbb26eba0f633ec9b6d5a76ece05857135a78291ba9a577fce3b7fd79116ae343e97c9", 0x4e, 0xc0, &(0x7f0000000080)={0x2, 0x4e22, @rand_addr=0x64010102}, 0x10) (async) sendto$inet(r0, &(0x7f0000000100)="9c95792fa294062a52b8f1ec7e4296a1590cf9b9d099308a8b294d791a5d1521b3234b488daa2edf822695dbb26eba0f633ec9b6d5a76ece05857135a78291ba9a577fce3b7fd79116ae343e97c9", 0x4e, 0xc0, &(0x7f0000000080)={0x2, 0x4e22, @rand_addr=0x64010102}, 0x10) inotify_init() 886.477135ms ago: executing program 1 (id=378): socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x5d) r1 = socket$kcm(0x2d, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800"/12], &(0x7f0000000000)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e24, @multicast2}, 0x10) sendmmsg$inet(r2, &(0x7f0000000480)=[{{&(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x39}}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000080)="e6", 0x1}], 0x1}}], 0x1, 0x24048090) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee9, 0x4028031, 0xffffffffffffffff, 0x65364000) read$msr(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_int(r2, 0x1, 0x50, &(0x7f0000000140)=0xffff0000, 0x4) 490.6145ms ago: executing program 0 (id=379): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c00000009ffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000008c0)="8154ea64372038cda937fc461add409ee237c7040de4d7801d0f3cc421cf2c6f321cbdf4624d25280d2a54497e3db6dffdb099821c5feff4a8cd6e62430a38d50253ad5872127c9dd64d6408757dcd310b49ac6e079dd2a43deba56ae373ddc99afc4ca71f261bf501caa3a8594c01f39de4f10335ee57aa12502d9e67cf6d2fa8d9fb4ebcab54f3e3d7ade959339d4891d056df60bb63e3d73162a122580413995dd914cf277a2ed39c6893fbbaf78e3146502484b2c84e8852c3e4d38f61c1fbb269d9264aa4b0c6f30d0548fcb36b1ed49335e7407a301ca38dd2a866207d8edf2a48f616f0df9146078554c78c2d0849a68080783b57883e69e1664373322e9d9c658b46cca626c2ec804a3032e2ad2ae6bafe0ab47f0db37960bd4bbfe8e752fe52fc30f372bc60908a471fbc86e6cd5dc94c59ee9fd19226f4b0217cff946bcbaa0c2471688c3353cc521ad2375a8d71a0f383264081497b9f6da5525eedf161164402f48e7d0199e970b691e70aa3d505357476f179306e0c12902df9cba0850ad49a919489728477b3b7da5abb3941f41d450e375e4e03b1e9", 0x5, r0}, 0x38) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000240), 0x1a380, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3}) ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(0xffffffffffffffff, 0x7ac, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000380)={0x101, 0x3, 0xd83f}) close_range(r2, 0xffffffffffffffff, 0x0) r5 = socket$inet6(0xa, 0x6, 0xffffffff) setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4) listen(r5, 0x50) r6 = socket(0x10, 0x2, 0xfffffffc) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="4800000010001fff0000056800080000faff0000", @ANYRES32=0x0, @ANYBLOB="c30c424700000000280012800a00010076786c616e00000018000280140010", @ANYRES8=0x0, @ANYRES8], 0x48}}, 0x0) sendmmsg$alg(r6, &(0x7f00000000c0), 0x492492492492627, 0x0) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r7, 0xffffffffffffffff, 0x0) r8 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) socket$nl_generic(0x10, 0x3, 0x10) ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"]) ioctl$KVM_RUN(r9, 0xae80, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008bd6000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r10}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 158.487844ms ago: executing program 2 (id=380): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 64) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (rerun: 64) bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6) (async, rerun: 64) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, 0x0, 0xe5) (async, rerun: 64) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt(r3, 0xff, 0x1, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000036000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x49, &(0x7f00000000c0)=[@efer={0x2, 0x800}], 0x1) (async, rerun: 32) mkdir(&(0x7f0000000300)='./bus\x00', 0x90) (async, rerun: 32) mount$9p_virtio(&(0x7f0000000440), &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=virtio,mmap,cache=none,cache=loose,posixacl']) open$dir(&(0x7f0000000000)='./bus/file0\x00', 0x0, 0x105) (async, rerun: 32) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async, rerun: 32) r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x20a00) ioctl$SNDRV_TIMER_IOCTL_CREATE(r5, 0xc02054a5, &(0x7f0000000100)={0x38, r0, 'id1\x00'}) (async, rerun: 32) setsockopt(r2, 0x4, 0x5, &(0x7f00000001c0)="0a2c505a116346098307aa66ba529dbbbdcd16063fed691536336eb505b601d475ec5bd952b2f177cc1f75d7cbc76ca0c4fe483d04fbeaa9fa85a46f3a8fabc86c22b583f3e4332e28982771ba38cbc3577032b8bc707f88a288106e5625c000b75c6b90d861d57fc7dd89580e1d71f06ca671f9edc1eb2c83b69978cbd3d66e9bd6db46a1df16895553e12f3ba5de8023f470ad", 0x94) (rerun: 32) 0s ago: executing program 1 (id=381): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)=ANY=[@ANYBLOB="2c0000002e0001002abd70000000000008000000", @ANYRES32, @ANYBLOB="0b00e880976b6408686030000500018099"], 0x2c}], 0x1}, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x1, 0x141000) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r1, 0xc1105511, &(0x7f0000000140)={0x4c, 0x6, 0x1, 0x0, 'syz1\x00'}) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d6673"]) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r3, 0x40085112, &(0x7f0000000100)=@e={0xff, 0xc, 0x0, 0x0, @generic, 0x0, 0x0, 0x1}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000780)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_STATION(r2, &(0x7f0000001e80)={0x0, 0x0, &(0x7f0000001e40)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="a17c2bbd7000ffdbdf251400000008000300376a0196636ba40a85600017169195483a7c4253ba7804869c1be63fc214e075166a57b87748dd5ddafa1dea78cad59aaaa19d963b769192fdb2540c66411e57f42cef994976e56bc23ed0adf461d5197aba1046253a556efc5e983f494de89232e56c0bd1a9c86e9ff568ff6776a1d69db8a5d2fd270d1261e0a2ad61c0898c7af65e4d9de998075bc82271ec9ff5c1bb07f60839b6ef94cfe6e6fb0db2eecf363bcba2aff7b6035fb4a26e4149ac594d980e965c52d54d70c0cdf5785d4db7070000000000000082402d649bee928524004fbc00008a5f", @ANYRES32=r5, @ANYBLOB="0a0006000802110000010000"], 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x40) kernel console output (not intermixed with test programs): [ 101.744101][ T40] audit: type=1400 audit(1753788102.902:57): avc: denied { transition } for pid=5910 comm="sshd-session" path="/bin/sh" dev="sda1" ino=90 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 101.797748][ T40] audit: type=1400 audit(1753788102.902:58): avc: denied { noatsecure } for pid=5910 comm="sshd-session" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 101.806185][ T40] audit: type=1400 audit(1753788102.912:59): avc: denied { write } for pid=5910 comm="sh" path="pipe:[3866]" dev="pipefs" ino=3866 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 101.860502][ T40] audit: type=1400 audit(1753788102.912:60): avc: denied { rlimitinh } for pid=5910 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 101.873112][ T40] audit: type=1400 audit(1753788102.912:61): avc: denied { siginh } for pid=5910 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:44082' (ED25519) to the list of known hosts. [ 106.665459][ T40] audit: type=1400 audit(1753788107.822:62): avc: denied { name_bind } for pid=5948 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 106.704715][ T40] audit: type=1400 audit(1753788107.862:63): avc: denied { write } for pid=5949 comm="sh" path="pipe:[3897]" dev="pipefs" ino=3897 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 106.740886][ T40] audit: type=1400 audit(1753788107.872:64): avc: denied { execute } for pid=5949 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 106.767042][ T40] audit: type=1400 audit(1753788107.872:65): avc: denied { execute_no_trans } for pid=5949 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 111.842142][ T40] audit: type=1400 audit(1753788112.992:66): avc: denied { mounton } for pid=5949 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 111.857671][ T5949] cgroup: Unknown subsys name 'net' [ 111.860430][ T40] audit: type=1400 audit(1753788113.022:67): avc: denied { mount } for pid=5949 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 111.892653][ T40] audit: type=1400 audit(1753788113.052:68): avc: denied { unmount } for pid=5949 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 112.027443][ T5949] cgroup: Unknown subsys name 'cpuset' [ 112.038903][ T5949] cgroup: Unknown subsys name 'rlimit' [ 112.273252][ T40] audit: type=1400 audit(1753788113.422:69): avc: denied { setattr } for pid=5949 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 112.282759][ T40] audit: type=1400 audit(1753788113.442:70): avc: denied { create } for pid=5949 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 112.315359][ T40] audit: type=1400 audit(1753788113.442:71): avc: denied { write } for pid=5949 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 112.347567][ T40] audit: type=1400 audit(1753788113.442:72): avc: denied { read } for pid=5949 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 112.373472][ T40] audit: type=1400 audit(1753788113.452:73): avc: denied { mounton } for pid=5949 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 112.404459][ T40] audit: type=1400 audit(1753788113.452:74): avc: denied { mount } for pid=5949 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 112.443746][ T40] audit: type=1400 audit(1753788113.472:75): avc: denied { read } for pid=5665 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 112.450581][ T5953] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 114.212619][ T5949] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 115.410589][ T24] cfg80211: failed to load regulatory.db [ 126.347490][ T40] kauditd_printk_skb: 4 callbacks suppressed [ 126.347509][ T40] audit: type=1400 audit(1753788127.502:80): avc: denied { execmem } for pid=5966 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 127.239475][ T40] audit: type=1400 audit(1753788128.402:81): avc: denied { create } for pid=5971 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 127.272407][ T40] audit: type=1400 audit(1753788128.402:82): avc: denied { read write } for pid=5971 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 127.296222][ T40] audit: type=1400 audit(1753788128.402:83): avc: denied { open } for pid=5971 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 127.310300][ T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 127.323111][ T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 127.326107][ T40] audit: type=1400 audit(1753788128.412:84): avc: denied { ioctl } for pid=5971 comm="syz-executor" path="socket:[5722]" dev="sockfs" ino=5722 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 127.328249][ T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 127.347835][ T5977] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 127.351352][ T5977] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 127.359153][ T5977] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 127.364057][ T5977] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 127.374921][ T5981] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 127.388386][ T5977] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 127.389882][ T5977] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 127.390849][ T5977] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 127.404485][ T40] audit: type=1400 audit(1753788128.562:85): avc: denied { read } for pid=5971 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 127.483287][ T5981] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 127.499401][ T5981] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 127.503735][ T5981] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 127.528517][ T5983] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 127.529619][ T5981] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 127.534015][ T63] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 127.534219][ T40] audit: type=1400 audit(1753788128.562:86): avc: denied { open } for pid=5971 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 127.534714][ T40] audit: type=1400 audit(1753788128.562:87): avc: denied { mounton } for pid=5971 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 127.562087][ T5981] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 127.669088][ T5981] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 127.691365][ T5981] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 127.974947][ T40] audit: type=1400 audit(1753788129.132:88): avc: denied { module_request } for pid=5971 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 128.124985][ T5971] chnl_net:caif_netlink_parms(): no params data found [ 128.473223][ T5979] chnl_net:caif_netlink_parms(): no params data found [ 128.540248][ T5971] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.544777][ T5971] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.550095][ T5971] bridge_slave_0: entered allmulticast mode [ 128.555335][ T5971] bridge_slave_0: entered promiscuous mode [ 128.748578][ T5971] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.750915][ T5971] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.753382][ T5971] bridge_slave_1: entered allmulticast mode [ 128.759624][ T5971] bridge_slave_1: entered promiscuous mode [ 128.910018][ T5971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 128.932728][ T5971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 129.154425][ T5978] chnl_net:caif_netlink_parms(): no params data found [ 129.240687][ T5971] team0: Port device team_slave_0 added [ 129.244495][ T5979] bridge0: port 1(bridge_slave_0) entered blocking state [ 129.248459][ T5979] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.251199][ T5979] bridge_slave_0: entered allmulticast mode [ 129.254588][ T5979] bridge_slave_0: entered promiscuous mode [ 129.259255][ T5979] bridge0: port 2(bridge_slave_1) entered blocking state [ 129.263527][ T5979] bridge0: port 2(bridge_slave_1) entered disabled state [ 129.278562][ T5979] bridge_slave_1: entered allmulticast mode [ 129.283149][ T5979] bridge_slave_1: entered promiscuous mode [ 129.366095][ T5971] team0: Port device team_slave_1 added [ 129.418253][ T5975] Bluetooth: hci0: command tx timeout [ 129.600320][ T5975] Bluetooth: hci3: command tx timeout [ 129.608370][ T5974] chnl_net:caif_netlink_parms(): no params data found [ 129.631345][ T5971] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 129.634661][ T5971] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.647333][ T5971] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 129.660274][ T5975] Bluetooth: hci1: command tx timeout [ 129.683956][ T5971] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 129.688457][ T5971] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.722800][ T5971] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 129.753047][ T5975] Bluetooth: hci2: command tx timeout [ 129.805083][ T5979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 129.819689][ T5979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 130.221329][ T5979] team0: Port device team_slave_0 added [ 130.444758][ T5979] team0: Port device team_slave_1 added [ 130.617119][ T5978] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.620523][ T5978] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.624036][ T5978] bridge_slave_0: entered allmulticast mode [ 130.650569][ T5978] bridge_slave_0: entered promiscuous mode [ 130.664056][ T5971] hsr_slave_0: entered promiscuous mode [ 130.671379][ T5971] hsr_slave_1: entered promiscuous mode [ 130.745753][ T5974] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.749193][ T5974] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.751998][ T5974] bridge_slave_0: entered allmulticast mode [ 130.755852][ T5974] bridge_slave_0: entered promiscuous mode [ 130.760868][ T5978] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.764734][ T5978] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.780646][ T5978] bridge_slave_1: entered allmulticast mode [ 130.785042][ T5978] bridge_slave_1: entered promiscuous mode [ 130.861389][ T5979] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 130.864437][ T5979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.878415][ T5979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 130.901840][ T5979] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 130.905002][ T5979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.952768][ T5979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 131.001157][ T5974] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.004331][ T5974] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.010481][ T5974] bridge_slave_1: entered allmulticast mode [ 131.016078][ T5974] bridge_slave_1: entered promiscuous mode [ 131.142368][ T5978] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 131.364182][ T5978] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 131.487436][ T5975] Bluetooth: hci0: command tx timeout [ 131.608578][ T5974] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 131.669728][ T5975] Bluetooth: hci3: command tx timeout [ 131.737807][ T5975] Bluetooth: hci1: command tx timeout [ 131.788499][ T5979] hsr_slave_0: entered promiscuous mode [ 131.793150][ T5979] hsr_slave_1: entered promiscuous mode [ 131.803216][ T5979] debugfs: 'hsr0' already exists in 'hsr' [ 131.807872][ T5979] Cannot create hsr debugfs directory [ 131.809699][ T5975] Bluetooth: hci2: command tx timeout [ 131.819433][ T5974] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 131.876722][ T5978] team0: Port device team_slave_0 added [ 131.939578][ T5978] team0: Port device team_slave_1 added [ 132.237062][ T5974] team0: Port device team_slave_0 added [ 132.296847][ T5974] team0: Port device team_slave_1 added [ 132.450427][ T5978] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 132.452892][ T5978] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.505935][ T5978] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 132.730937][ T5978] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 132.733911][ T5978] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.810246][ T5978] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 132.856815][ T5974] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 132.863962][ T5974] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.883518][ T5974] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 132.896745][ T5974] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 132.902306][ T5974] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.921268][ T5974] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 133.349981][ T5974] hsr_slave_0: entered promiscuous mode [ 133.372847][ T5974] hsr_slave_1: entered promiscuous mode [ 133.390009][ T5974] debugfs: 'hsr0' already exists in 'hsr' [ 133.392750][ T5974] Cannot create hsr debugfs directory [ 133.417831][ T5978] hsr_slave_0: entered promiscuous mode [ 133.420845][ T5978] hsr_slave_1: entered promiscuous mode [ 133.439807][ T5978] debugfs: 'hsr0' already exists in 'hsr' [ 133.442640][ T5978] Cannot create hsr debugfs directory [ 133.567943][ T5975] Bluetooth: hci0: command tx timeout [ 133.733966][ T5975] Bluetooth: hci3: command tx timeout [ 133.807531][ T5975] Bluetooth: hci1: command tx timeout [ 133.887500][ T5975] Bluetooth: hci2: command tx timeout [ 134.081821][ T5971] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 134.107550][ T5971] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 134.164241][ T5971] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 134.235698][ T5971] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 134.318973][ T5979] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 134.355514][ T5979] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 134.373416][ T5979] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 134.384665][ T5979] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 134.670697][ T5974] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 134.679919][ T5974] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 134.715028][ T5974] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 134.736262][ T5974] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 134.920175][ T5979] 8021q: adding VLAN 0 to HW filter on device bond0 [ 135.069198][ T5979] 8021q: adding VLAN 0 to HW filter on device team0 [ 135.155849][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.160512][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state [ 135.170497][ T1147] bridge0: port 2(bridge_slave_1) entered blocking state [ 135.188259][ T1147] bridge0: port 2(bridge_slave_1) entered forwarding state [ 135.197833][ T5978] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 135.225880][ T5971] 8021q: adding VLAN 0 to HW filter on device bond0 [ 135.239447][ T5978] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 135.245899][ T5978] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 135.364028][ T5978] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 135.405679][ T5971] 8021q: adding VLAN 0 to HW filter on device team0 [ 135.488640][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.491996][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 135.497107][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 135.500137][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 135.595426][ T5974] 8021q: adding VLAN 0 to HW filter on device bond0 [ 135.656303][ T5975] Bluetooth: hci0: command tx timeout [ 135.740158][ T40] audit: type=1400 audit(1753788136.902:89): avc: denied { sys_module } for pid=5979 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 135.769366][ T5974] 8021q: adding VLAN 0 to HW filter on device team0 [ 135.822891][ T5975] Bluetooth: hci3: command tx timeout [ 135.908461][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.918200][ T5975] Bluetooth: hci1: command tx timeout [ 135.942466][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 135.969774][ T5975] Bluetooth: hci2: command tx timeout [ 136.023409][ T5974] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 136.028486][ T5974] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 136.039847][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.042670][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 136.109120][ T5979] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 136.186634][ T5978] 8021q: adding VLAN 0 to HW filter on device bond0 [ 136.232383][ T5978] 8021q: adding VLAN 0 to HW filter on device team0 [ 136.261206][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.280341][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 136.292052][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.294854][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 136.431920][ T5979] veth0_vlan: entered promiscuous mode [ 136.443722][ T5971] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 136.518362][ T5979] veth1_vlan: entered promiscuous mode [ 136.543115][ T5974] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 136.599043][ T5979] veth0_macvtap: entered promiscuous mode [ 136.615366][ T5971] veth0_vlan: entered promiscuous mode [ 136.635277][ T5971] veth1_vlan: entered promiscuous mode [ 136.701588][ T5979] veth1_macvtap: entered promiscuous mode [ 136.764426][ T5979] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 136.775719][ T5974] veth0_vlan: entered promiscuous mode [ 136.806798][ T5979] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 136.817995][ T5979] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.831252][ T5979] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.841769][ T5979] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.853056][ T5979] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.890406][ T5974] veth1_vlan: entered promiscuous mode [ 136.910702][ T5971] veth0_macvtap: entered promiscuous mode [ 136.956363][ T5978] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 136.981281][ T5971] veth1_macvtap: entered promiscuous mode [ 137.072255][ T5971] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 137.092016][ T5974] veth0_macvtap: entered promiscuous mode [ 137.127904][ T5971] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 137.160409][ T5974] veth1_macvtap: entered promiscuous mode [ 137.174448][ T5971] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.182580][ T5971] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.199654][ T5971] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.203734][ T5971] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.284296][ T5974] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 137.341736][ T5974] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 137.350683][ T5978] veth0_vlan: entered promiscuous mode [ 137.363322][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.366517][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.391944][ T5974] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.419511][ T5974] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.435956][ T5974] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.440213][ T5974] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.496520][ T5978] veth1_vlan: entered promiscuous mode [ 137.571414][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.575685][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.673992][ T40] audit: type=1400 audit(1753788138.832:90): avc: denied { mount } for pid=5979 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 137.708671][ T40] audit: type=1400 audit(1753788138.862:91): avc: denied { mounton } for pid=5979 comm="syz-executor" path="/syzkaller.ALN6W9/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 137.748149][ T40] audit: type=1400 audit(1753788138.892:92): avc: denied { mount } for pid=5979 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 137.770450][ T40] audit: type=1400 audit(1753788138.892:93): avc: denied { mounton } for pid=5979 comm="syz-executor" path="/syzkaller.ALN6W9/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 137.817621][ T40] audit: type=1400 audit(1753788138.922:94): avc: denied { mounton } for pid=5979 comm="syz-executor" path="/syzkaller.ALN6W9/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=7093 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 137.840441][ T40] audit: type=1400 audit(1753788138.922:95): avc: denied { unmount } for pid=5979 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 137.850637][ T40] audit: type=1400 audit(1753788138.972:96): avc: denied { mounton } for pid=5979 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2840 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 137.853435][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.890524][ T40] audit: type=1400 audit(1753788138.972:97): avc: denied { mount } for pid=5979 comm="syz-executor" name="/" dev="gadgetfs" ino=9544 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 137.890580][ T40] audit: type=1400 audit(1753788138.982:98): avc: denied { mount } for pid=5979 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 137.942676][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.983069][ T5979] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 138.050932][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.054476][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.216168][ T5978] veth0_macvtap: entered promiscuous mode [ 138.223038][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.297912][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.310693][ T5978] veth1_macvtap: entered promiscuous mode [ 138.311381][ T571] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.330908][ T571] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.394058][ T5978] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 138.418430][ T6059] capability: warning: `syz.0.1' uses 32-bit capabilities (legacy support in use) [ 138.420730][ T5978] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 138.463268][ T5978] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.463739][ T5978] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.463761][ T5978] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.463782][ T5978] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.568086][ T6064] process 'syz.0.1' launched '/dev/fd/5' with NULL argv: empty string added [ 138.699723][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.702664][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.819374][ T29] usb 8-1: new low-speed USB device number 2 using dummy_hcd [ 138.944262][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.953414][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.021504][ T29] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 139.025008][ T29] usb 8-1: config 0 has no interface number 0 [ 139.040029][ T29] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 139.070722][ T29] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 139.077504][ T29] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 139.102480][ T29] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.132057][ T29] usb 8-1: config 0 descriptor?? [ 139.201669][ C0] vkms_vblank_simulate: vblank timer overrun [ 139.269944][ T29] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 139.294379][ T6080] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 139.452629][ C0] vkms_vblank_simulate: vblank timer overrun [ 139.531315][ T6080] netlink: 'syz.0.7': attribute type 1 has an invalid length. [ 139.534638][ T6080] netlink: 'syz.0.7': attribute type 4 has an invalid length. [ 139.562850][ T6086] iowarrior 8-1:0.1: Error -90 while submitting URB [ 139.596780][ T6080] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.7'. [ 140.055522][ T6109] random: crng reseeded on system resumption [ 140.084786][ T6112] netlink: 196 bytes leftover after parsing attributes in process `syz.2.15'. [ 140.104510][ T6109] warning: `syz.0.13' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 140.337302][ C0] vkms_vblank_simulate: vblank timer overrun [ 140.629786][ T6128] openvswitch: netlink: Key type 96 is out of range max 32 [ 140.785945][ T40] kauditd_printk_skb: 71 callbacks suppressed [ 140.785966][ T40] audit: type=1400 audit(1753788141.932:170): avc: denied { create } for pid=6131 comm="syz.0.20" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 140.798735][ T40] audit: type=1400 audit(1753788141.932:171): avc: denied { getopt } for pid=6131 comm="syz.0.20" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 140.869778][ T6134] evm: overlay not supported [ 141.333668][ C0] vkms_vblank_simulate: vblank timer overrun [ 141.487945][ T40] audit: type=1400 audit(1753788142.642:172): avc: denied { create } for pid=6140 comm="syz.3.24" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 141.506674][ T40] audit: type=1400 audit(1753788142.652:173): avc: denied { accept } for pid=6140 comm="syz.3.24" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 141.538579][ T6141] binder: BINDER_SET_CONTEXT_MGR already set [ 141.555506][ T40] audit: type=1400 audit(1753788142.692:174): avc: denied { ioctl } for pid=6140 comm="syz.3.24" path="/dev/binderfs/binder0" dev="binder" ino=7 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 141.574867][ T6141] binder: 6140:6141 ioctl 4018620d 200000000040 returned -16 [ 141.630074][ T40] audit: type=1400 audit(1753788142.692:175): avc: denied { set_context_mgr } for pid=6140 comm="syz.3.24" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 141.663974][ T40] audit: type=1400 audit(1753788142.692:176): avc: denied { write } for pid=6140 comm="syz.3.24" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 141.674631][ T40] audit: type=1400 audit(1753788142.692:177): avc: denied { map } for pid=6140 comm="syz.3.24" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 141.710264][ T40] audit: type=1400 audit(1753788142.692:178): avc: denied { create } for pid=6142 comm="syz.0.23" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 141.735104][ T40] audit: type=1400 audit(1753788142.722:179): avc: denied { setopt } for pid=6142 comm="syz.0.23" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 141.794419][ T6149] netlink: 44 bytes leftover after parsing attributes in process `syz.0.26'. [ 141.821231][ T6145] netlink: 12 bytes leftover after parsing attributes in process `syz.1.25'. [ 141.905635][ C0] vkms_vblank_simulate: vblank timer overrun [ 141.922258][ T6155] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 141.955811][ T6149] netlink: 44 bytes leftover after parsing attributes in process `syz.0.26'. [ 142.083300][ T6149] netlink: 44 bytes leftover after parsing attributes in process `syz.0.26'. [ 142.112933][ T6162] netlink: 'syz.1.28': attribute type 1 has an invalid length. [ 142.198465][ T6149] netlink: 44 bytes leftover after parsing attributes in process `syz.0.26'. [ 142.316933][ T6149] netlink: 44 bytes leftover after parsing attributes in process `syz.0.26'. [ 142.358610][ T6169] netlink: 'syz.3.30': attribute type 11 has an invalid length. [ 142.364190][ T6169] netlink: 149476 bytes leftover after parsing attributes in process `syz.3.30'. [ 142.403678][ T6149] netlink: 44 bytes leftover after parsing attributes in process `syz.0.26'. [ 142.457855][ T6170] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 142.568742][ T6180] Zero length message leads to an empty skb [ 142.866661][ T6185] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 142.960442][ C0] vkms_vblank_simulate: vblank timer overrun [ 143.085856][ T6188] : Can't lookup blockdev [ 143.171518][ T6193] cgroup: No subsys list or none specified [ 143.691621][ C0] vkms_vblank_simulate: vblank timer overrun [ 143.737614][ T6216] netlink: 'syz.1.44': attribute type 11 has an invalid length. [ 143.749576][ C0] vkms_vblank_simulate: vblank timer overrun [ 143.921469][ T6225] netlink: 'syz.1.45': attribute type 1 has an invalid length. [ 144.300618][ C0] vkms_vblank_simulate: vblank timer overrun [ 144.468024][ C0] vkms_vblank_simulate: vblank timer overrun [ 144.637191][ C0] vkms_vblank_simulate: vblank timer overrun [ 144.711198][ T6249] Cannot find add_set index 0 as target [ 144.716115][ T6249] __nla_validate_parse: 5 callbacks suppressed [ 144.716130][ T6249] netlink: 28 bytes leftover after parsing attributes in process `syz.0.52'. [ 144.748481][ T6251] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 144.758398][ T6251] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 144.832523][ T6253] netlink: 32 bytes leftover after parsing attributes in process `syz.1.55'. [ 144.838624][ T6253] bridge_slave_0: default FDB implementation only supports local addresses [ 144.915694][ T6258] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6258 comm=syz.1.55 [ 145.041721][ C0] vkms_vblank_simulate: vblank timer overrun [ 145.052011][ T6031] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 145.188010][ T6031] usb 5-1: device descriptor read/64, error -71 [ 145.447320][ T6031] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 145.619104][ T6031] usb 5-1: device descriptor read/64, error -71 [ 145.659555][ T6266] netlink: 96 bytes leftover after parsing attributes in process `syz.1.59'. [ 145.739365][ T6031] usb usb5-port1: attempt power cycle [ 145.788551][ T40] kauditd_printk_skb: 25 callbacks suppressed [ 145.788566][ T40] audit: type=1400 audit(1753788146.952:205): avc: denied { ioctl } for pid=6269 comm="syz.1.60" path="socket:[8463]" dev="sockfs" ino=8463 ioctlcmd=0x89f5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 146.069087][ T40] audit: type=1400 audit(1753788147.232:206): avc: denied { create } for pid=6281 comm="syz.1.63" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 146.137339][ T6031] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 146.168232][ T6031] usb 5-1: device descriptor read/8, error -71 [ 146.188547][ T6287] can: request_module (can-proto-3) failed. [ 146.392707][ T6293] tipc: Started in network mode [ 146.394927][ T6293] tipc: Node identity 4, cluster identity 4711 [ 146.439889][ T6293] tipc: Node number set to 4 [ 146.458197][ T6031] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 146.499534][ T6031] usb 5-1: device descriptor read/8, error -71 [ 146.509606][ T40] audit: type=1400 audit(1753788147.672:207): avc: denied { create } for pid=6300 comm="syz.1.68" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 146.536338][ T40] audit: type=1400 audit(1753788147.672:208): avc: denied { getopt } for pid=6300 comm="syz.1.68" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 146.546408][ T40] audit: type=1400 audit(1753788147.672:209): avc: denied { ioctl } for pid=6300 comm="syz.1.68" path="/dev/fuse" dev="devtmpfs" ino=105 ioctlcmd=0xf509 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 146.557494][ T40] audit: type=1400 audit(1753788147.672:210): avc: denied { ioctl } for pid=6300 comm="syz.1.68" path="socket:[7936]" dev="sockfs" ino=7936 ioctlcmd=0x9420 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 146.569292][ T40] audit: type=1400 audit(1753788147.682:211): avc: denied { remount } for pid=6300 comm="syz.1.68" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 146.627662][ T6031] usb usb5-port1: unable to enumerate USB device [ 146.785892][ T6303] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6303 comm=syz.1.69 [ 146.821282][ T6304] netlink: 'syz.1.69': attribute type 1 has an invalid length. [ 146.822899][ T40] audit: type=1400 audit(1753788147.972:212): avc: denied { read write } for pid=6302 comm="syz.1.69" name="uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 146.851770][ T40] audit: type=1400 audit(1753788147.972:213): avc: denied { open } for pid=6302 comm="syz.1.69" path="/dev/uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 146.898635][ T40] audit: type=1400 audit(1753788147.972:214): avc: denied { ioctl } for pid=6302 comm="syz.1.69" path="/dev/uinput" dev="devtmpfs" ino=943 ioctlcmd=0x55cb scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 146.999325][ T6313] tap0: tun_chr_ioctl cmd 1074025672 [ 147.001433][ T6313] tap0: ignored: set checksum enabled [ 147.007832][ T6307] netlink: 'syz.3.70': attribute type 1 has an invalid length. [ 147.235744][ T6307] veth3: entered promiscuous mode [ 147.540427][ T6327] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 147.551895][ T6327] netlink: 4 bytes leftover after parsing attributes in process `syz.1.76'. [ 147.569737][ T6327] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 147.872612][ T6337] PKCS7: Unknown OID: [4] 5.25.43204.122 [ 147.875064][ T6337] PKCS7: Only support pkcs7_signedData type [ 147.949934][ T6327] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 147.996335][ T6348] netlink: 9 bytes leftover after parsing attributes in process `syz.2.79'. [ 148.040870][ T6351] netlink: 16 bytes leftover after parsing attributes in process `syz.3.81'. [ 148.143558][ T6355] syz.0.80: attempt to access beyond end of device [ 148.143558][ T6355] nbd0: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 148.165710][ T6355] EXT4-fs (nbd0): unable to read superblock [ 148.816542][ T6348] gretap0: entered promiscuous mode [ 148.934017][ T6393] netlink: 172 bytes leftover after parsing attributes in process `syz.1.84'. [ 148.993886][ T6392] netlink: 172 bytes leftover after parsing attributes in process `syz.1.84'. [ 149.127103][ T6403] netlink: 8 bytes leftover after parsing attributes in process `syz.1.87'. [ 149.132020][ T6403] netlink: 12 bytes leftover after parsing attributes in process `syz.1.87'. [ 149.418945][ T6411] ======================================================= [ 149.418945][ T6411] WARNING: The mand mount option has been deprecated and [ 149.418945][ T6411] and is ignored by this kernel. Remove the mand [ 149.418945][ T6411] option from the mount to silence this warning. [ 149.418945][ T6411] ======================================================= [ 150.150481][ T6057] hid-generic 0792:10000:0097.0002: item fetching failed at offset 5/6 [ 150.176077][ T6057] hid-generic 0792:10000:0097.0002: probe with driver hid-generic failed with error -22 [ 150.299111][ T6450] netlink: 156 bytes leftover after parsing attributes in process `syz.0.98'. [ 150.371360][ T6451] delete_channel: no stack [ 150.503197][ T6455] netlink: 'syz.0.100': attribute type 64 has an invalid length. [ 150.515021][ T6455] netlink: 'syz.0.100': attribute type 4 has an invalid length. [ 150.528133][ T6455] netlink: 152 bytes leftover after parsing attributes in process `syz.0.100'. [ 150.799517][ T40] kauditd_printk_skb: 48 callbacks suppressed [ 150.799533][ T40] audit: type=1400 audit(1753788151.962:263): avc: denied { ioctl } for pid=6464 comm="syz.2.104" path="/dev/ptp0" dev="devtmpfs" ino=729 ioctlcmd=0x3d01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 150.885535][ T6466] syz.2.104 uses obsolete (PF_INET,SOCK_PACKET) [ 150.893424][ T6466] gretap0: left promiscuous mode [ 150.951238][ T6477] netlink: 'syz.3.106': attribute type 1 has an invalid length. [ 151.038240][ T6480] netlink: 12 bytes leftover after parsing attributes in process `syz.3.106'. [ 151.253583][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 151.256399][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 151.398476][ T40] audit: type=1400 audit(1753788152.562:264): avc: denied { append } for pid=6484 comm="syz.2.109" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 151.398615][ T6485] netlink: 28 bytes leftover after parsing attributes in process `syz.2.109'. [ 151.406024][ T6489] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 151.406101][ T6489] IPv6: NLM_F_CREATE should be set when creating new route [ 151.406141][ T6489] IPv6: NLM_F_CREATE should be set when creating new route [ 151.406166][ T6489] IPv6: NLM_F_CREATE should be set when creating new route [ 151.411146][ T6489] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 151.441171][ T40] audit: type=1400 audit(1753788152.562:265): avc: denied { write } for pid=6488 comm="syz.3.111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 151.466506][ T6494] netlink: 28 bytes leftover after parsing attributes in process `syz.2.109'. [ 151.606288][ T40] audit: type=1400 audit(1753788152.762:266): avc: denied { write } for pid=6500 comm="syz.0.114" name="rtc0" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 151.677486][ T40] audit: type=1400 audit(1753788152.832:267): avc: denied { create } for pid=6500 comm="syz.0.114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 151.712439][ T40] audit: type=1400 audit(1753788152.832:268): avc: denied { bind } for pid=6500 comm="syz.0.114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 151.741757][ T40] audit: type=1400 audit(1753788152.832:269): avc: denied { write } for pid=6500 comm="syz.0.114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 151.766080][ T40] audit: type=1400 audit(1753788152.872:270): avc: denied { ioctl } for pid=6500 comm="syz.0.114" path="user:[4026531837]" dev="nsfs" ino=4026531837 ioctlcmd=0xb703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 151.825823][ T40] audit: type=1400 audit(1753788152.972:271): avc: denied { execute } for pid=6510 comm="syz.1.116" path="/31/cpu.stat" dev="tmpfs" ino=184 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 151.838022][ T6492] netlink: 'syz.3.112': attribute type 1 has an invalid length. [ 151.989756][ T6492] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 152.024262][ T40] audit: type=1400 audit(1753788153.192:272): avc: denied { mount } for pid=6513 comm="syz.0.117" name="/" dev="configfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 152.165733][ T6531] netlink: 8 bytes leftover after parsing attributes in process `syz.0.122'. [ 152.377011][ T6539] netlink: 604 bytes leftover after parsing attributes in process `syz.1.124'. [ 152.714979][ T6552] policy can only be matched on NF_INET_PRE_ROUTING [ 152.714998][ T6552] unable to load match [ 152.737480][ T6553] policy can only be matched on NF_INET_PRE_ROUTING [ 152.737497][ T6553] unable to load match [ 153.027255][ T6057] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 153.166028][ T6568] netlink: 16 bytes leftover after parsing attributes in process `syz.3.131'. [ 153.259372][ T6057] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 153.276299][ T6057] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 153.307548][ T6057] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 153.337898][ T6057] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 153.341668][ T6057] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.395532][ T6578] binder: 6575:6578 unknown command 0 [ 153.415478][ T6578] binder: 6575:6578 ioctl c0306201 2000000003c0 returned -22 [ 153.421679][ T6057] usb 7-1: config 0 descriptor?? [ 153.478726][ T6580] netlink: 8 bytes leftover after parsing attributes in process `syz.3.134'. [ 153.481442][ T6580] netlink: 12 bytes leftover after parsing attributes in process `syz.3.134'. [ 153.910492][ T6057] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 153.916116][ T6057] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 153.958250][ T6057] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 153.962204][ T6057] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 153.978511][ T34] Process accounting resumed [ 153.983640][ T6057] plantronics 0003:047F:FFFF.0003: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 154.070037][ T6556] syz.2.128: attempt to access beyond end of device [ 154.070037][ T6556] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 154.094710][ T6556] FAT-fs (nbd2): unable to read boot sector [ 154.107877][ T6599] Driver unsupported XDP return value 0 on prog (id 16) dev N/A, expect packet loss! [ 154.144304][ T6031] usb 7-1: USB disconnect, device number 2 [ 154.414974][ T6617] binder: 6614:6617 ioctl c018937d 200000000080 returned -22 [ 154.601178][ C1] vkms_vblank_simulate: vblank timer overrun [ 154.817430][ C1] vkms_vblank_simulate: vblank timer overrun [ 154.910447][ T6627] 9pnet: Could not find request transport: vir4io [ 155.021446][ C1] vkms_vblank_simulate: vblank timer overrun [ 155.121762][ T6631] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8) [ 155.127227][ T6631] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 155.161824][ T6631] vhci_hcd vhci_hcd.0: Device attached [ 155.181410][ C1] vkms_vblank_simulate: vblank timer overrun [ 155.184677][ T6638] vhci_hcd: connection closed [ 155.194626][ T6376] vhci_hcd: stop threads [ 155.223822][ T6376] vhci_hcd: release socket [ 155.225838][ T6376] vhci_hcd: disconnect device [ 155.763902][ T6644] overlay: ./bus is not a directory [ 155.788744][ T6644] __nla_validate_parse: 2 callbacks suppressed [ 155.788758][ T6644] netlink: 28 bytes leftover after parsing attributes in process `syz.3.154'. [ 156.151228][ T6655] netlink: 24 bytes leftover after parsing attributes in process `syz.1.158'. [ 156.189249][ T40] kauditd_printk_skb: 40 callbacks suppressed [ 156.189264][ T40] audit: type=1400 audit(1753788157.322:313): avc: denied { bind } for pid=6651 comm="syz.3.157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 156.216508][ C1] vkms_vblank_simulate: vblank timer overrun [ 156.229497][ T40] audit: type=1400 audit(1753788157.372:314): avc: denied { name_bind } for pid=6651 comm="syz.3.157" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 156.269348][ T40] audit: type=1400 audit(1753788157.392:315): avc: denied { node_bind } for pid=6651 comm="syz.3.157" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 156.346477][ T40] audit: type=1400 audit(1753788157.402:316): avc: denied { connect } for pid=6651 comm="syz.3.157" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 156.496635][ T40] audit: type=1400 audit(1753788157.652:317): avc: denied { read append } for pid=6663 comm="syz.3.161" name="cec3" dev="devtmpfs" ino=988 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 156.521049][ T40] audit: type=1400 audit(1753788157.652:318): avc: denied { open } for pid=6663 comm="syz.3.161" path="/dev/cec3" dev="devtmpfs" ino=988 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 156.530508][ T40] audit: type=1400 audit(1753788157.652:319): avc: denied { ioctl } for pid=6663 comm="syz.3.161" path="/dev/cec3" dev="devtmpfs" ino=988 ioctlcmd=0x6106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 156.550248][ T40] audit: type=1400 audit(1753788157.712:320): avc: denied { create } for pid=6663 comm="syz.3.161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 156.565675][ T40] audit: type=1400 audit(1753788157.712:321): avc: denied { write } for pid=6663 comm="syz.3.161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 156.665512][ C1] vkms_vblank_simulate: vblank timer overrun [ 156.870597][ T40] audit: type=1400 audit(1753788158.022:322): avc: granted { setsecparam } for pid=6667 comm="syz.0.162" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security [ 157.047321][ T6670] xt_CT: You must specify a L4 protocol and not use inversions on it [ 157.369751][ T6676] syzkaller0: entered promiscuous mode [ 157.387823][ T6676] syzkaller0: entered allmulticast mode [ 157.466279][ C1] vkms_vblank_simulate: vblank timer overrun [ 157.470199][ T6676] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 157.632784][ T6687] nfs: Unknown parameter 'euid>00000000000000060929' [ 157.654343][ C1] vkms_vblank_simulate: vblank timer overrun [ 157.659782][ T6687] netlink: 'syz.1.168': attribute type 11 has an invalid length. [ 157.684799][ T6687] netlink: 132 bytes leftover after parsing attributes in process `syz.1.168'. [ 157.738978][ T6690] netlink: 37 bytes leftover after parsing attributes in process `syz.1.168'. [ 157.781446][ C1] vkms_vblank_simulate: vblank timer overrun [ 157.820293][ T6693] netlink: 37 bytes leftover after parsing attributes in process `syz.1.168'. [ 158.070459][ C1] vkms_vblank_simulate: vblank timer overrun [ 158.215421][ C1] vkms_vblank_simulate: vblank timer overrun [ 161.273526][ T40] kauditd_printk_skb: 31 callbacks suppressed [ 161.273544][ T40] audit: type=1400 audit(1753788162.422:354): avc: denied { create } for pid=6698 comm="syz.2.171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 161.293735][ T40] audit: type=1400 audit(1753788162.442:355): avc: denied { write } for pid=6698 comm="syz.2.171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 161.298554][ T6699] netlink: 12 bytes leftover after parsing attributes in process `syz.2.171'. [ 161.336709][ T40] audit: type=1400 audit(1753788162.462:356): avc: denied { nlmsg_write } for pid=6698 comm="syz.2.171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 161.336746][ T40] audit: type=1400 audit(1753788162.472:357): avc: denied { create } for pid=6695 comm="syz.1.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 161.336775][ T40] audit: type=1400 audit(1753788162.472:358): avc: denied { getopt } for pid=6695 comm="syz.1.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 161.336803][ T40] audit: type=1400 audit(1753788162.472:359): avc: denied { setopt } for pid=6695 comm="syz.1.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 161.435184][ T40] audit: type=1400 audit(1753788162.582:360): avc: denied { write } for pid=6695 comm="syz.1.170" name="raw" dev="proc" ino=4026533352 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 161.610283][ T40] audit: type=1400 audit(1753788162.582:361): avc: denied { map } for pid=6695 comm="syz.1.170" path="socket:[12487]" dev="sockfs" ino=12487 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 161.638348][ T40] audit: type=1400 audit(1753788162.582:362): avc: denied { read } for pid=6695 comm="syz.1.170" path="socket:[12487]" dev="sockfs" ino=12487 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 161.695852][ T40] audit: type=1400 audit(1753788162.722:363): avc: denied { read } for pid=6707 comm="syz.0.174" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 161.696021][ T6710] netlink: 8 bytes leftover after parsing attributes in process `syz.3.175'. [ 161.718896][ T6714] netlink: 'syz.2.177': attribute type 10 has an invalid length. [ 161.779884][ T6710] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 161.794854][ T6710] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 161.846933][ T6719] netlink: 8 bytes leftover after parsing attributes in process `syz.0.178'. [ 161.864964][ T6714] 8021q: adding VLAN 0 to HW filter on device bond0 [ 161.889796][ T6714] team0: Failed to send port change of device bond0 via netlink (err -105) [ 161.910530][ T6714] team0: Failed to send options change via netlink (err -105) [ 161.914474][ T6714] team0: Port device bond0 added [ 162.118942][ T6031] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 162.269798][ T6735] netlink: 'syz.2.183': attribute type 11 has an invalid length. [ 162.310739][ T6731] ISOFS: Unable to identify CD-ROM format. [ 162.325789][ T6031] usb 5-1: Using ep0 maxpacket: 16 [ 162.381678][ T6031] usb 5-1: config 4 has an invalid interface number: 207 but max is 0 [ 162.385767][ T6031] usb 5-1: config 4 has no interface number 0 [ 162.479537][ T6031] usb 5-1: New USB device found, idVendor=12d1, idProduct=9bd0, bcdDevice=7e.5a [ 162.484333][ T6031] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 162.515402][ T6031] usb 5-1: Product: syz [ 162.519441][ T6031] usb 5-1: Manufacturer: syz [ 162.522898][ T6031] usb 5-1: SerialNumber: syz [ 162.830158][ T6031] hub 5-1:4.207: bad descriptor, ignoring hub [ 162.832492][ T6031] hub 5-1:4.207: probe with driver hub failed with error -5 [ 162.836018][ T6031] option 5-1:4.207: GSM modem (1-port) converter detected [ 162.840586][ T6745] syz.1.184 (6745): attempted to duplicate a private mapping with mremap. This is not supported. [ 162.996805][ T6696] udevd[6696]: failed to send result of seq 14181 to main daemon: Connection refused [ 163.028587][ T6031] usb 5-1: USB disconnect, device number 6 [ 163.035109][ T6031] option 5-1:4.207: device disconnected [ 163.632415][ T6757] Bluetooth: MGMT ver 1.23 [ 163.637530][ T6757] netlink: 8 bytes leftover after parsing attributes in process `syz.3.187'. [ 163.684963][ T6762] netlink: 60 bytes leftover after parsing attributes in process `syz.1.191'. [ 163.818661][ T6773] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 163.822554][ T6773] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 163.882561][ T6773] vhci_hcd vhci_hcd.0: Device attached [ 163.996941][ T6774] vhci_hcd: connection closed [ 164.002292][ T6373] vhci_hcd: stop threads [ 164.017811][ T6373] vhci_hcd: release socket [ 164.021814][ T6373] vhci_hcd: disconnect device [ 164.166228][ T6107] vhci_hcd: vhci_device speed not set [ 164.368045][ T6790] netlink: 132 bytes leftover after parsing attributes in process `syz.3.197'. [ 164.921810][ T6798] capability: warning: `syz.0.201' uses deprecated v2 capabilities in a way that may be insecure [ 165.126627][ T6801] netlink: 4 bytes leftover after parsing attributes in process `syz.2.203'. [ 165.242096][ T6806] RDS: rds_bind could not find a transport for fc02::1, load rds_tcp or rds_rdma? [ 165.463534][ T6813] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 165.468713][ T6813] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 165.523663][ T6815] netlink: 'syz.0.208': attribute type 2 has an invalid length. [ 165.638216][ T5680] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 165.754222][ T6819] syz.3.206: attempt to access beyond end of device [ 165.754222][ T6819] loop3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 165.762628][ T6819] efs: cannot read volume header [ 165.786485][ T6813] netlink: 8 bytes leftover after parsing attributes in process `syz.3.206'. [ 165.856564][ T6803] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048) [ 166.282495][ T40] kauditd_printk_skb: 303 callbacks suppressed [ 166.282515][ T40] audit: type=1400 audit(1753788167.442:667): avc: denied { map_create } for pid=6830 comm="syz.0.213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 166.353461][ T40] audit: type=1400 audit(1753788167.442:668): avc: denied { module_request } for pid=6830 comm="syz.0.213" kmod="netdev-" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 166.365274][ T40] audit: type=1400 audit(1753788167.492:669): avc: denied { create } for pid=6832 comm="syz.2.214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 166.415802][ T40] audit: type=1400 audit(1753788167.522:670): avc: denied { read } for pid=6832 comm="syz.2.214" dev="nsfs" ino=4026533027 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 166.474078][ T40] audit: type=1400 audit(1753788167.532:671): avc: denied { read open } for pid=6832 comm="syz.2.214" path="net:[4026533027]" dev="nsfs" ino=4026533027 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 166.483295][ T40] audit: type=1400 audit(1753788167.532:672): avc: denied { create } for pid=6832 comm="syz.2.214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 166.501965][ T40] audit: type=1400 audit(1753788167.532:673): avc: denied { create } for pid=6832 comm="syz.2.214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 166.528894][ T40] audit: type=1400 audit(1753788167.532:674): avc: denied { write } for pid=6832 comm="syz.2.214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 166.569634][ T40] audit: type=1400 audit(1753788167.562:675): avc: denied { map_create } for pid=6830 comm="syz.0.213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 166.590355][ T40] audit: type=1400 audit(1753788167.562:676): avc: denied { map_create } for pid=6830 comm="syz.0.213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 166.873317][ T6841] netlink: 'syz.3.216': attribute type 9 has an invalid length. [ 167.729118][ T6868] netlink: 'syz.1.224': attribute type 5 has an invalid length. [ 168.228966][ T6877] netlink: 8 bytes leftover after parsing attributes in process `syz.1.228'. [ 168.310191][ T6881] netlink: 80 bytes leftover after parsing attributes in process `syz.2.230'. [ 168.315143][ T6876] mac80211_hwsim hwsim5 cëÿÿ: renamed from wlan1 (while UP) [ 168.348000][ T6879] 9pnet_virtio: no channels available for device syz [ 168.841812][ T6899] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6899 comm=syz.1.234 [ 168.844884][ T6901] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6901 comm=syz.1.234 [ 169.734772][ T6915] can0: slcan on ttyS3. [ 169.897860][ T6919] can0 (unregistered): slcan off ttyS3. [ 170.003011][ T5975] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 170.009297][ T5975] CPU: 0 UID: 0 PID: 5975 Comm: kworker/u33:3 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 170.009323][ T5975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 170.009336][ T5975] Workqueue: hci2 hci_rx_work [ 170.009364][ T5975] Call Trace: [ 170.009374][ T5975] [ 170.009381][ T5975] dump_stack_lvl+0x16c/0x1f0 [ 170.009407][ T5975] sysfs_warn_dup+0x7f/0xa0 [ 170.009428][ T5975] sysfs_create_dir_ns+0x24b/0x2b0 [ 170.009447][ T5975] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 170.009466][ T5975] ? find_held_lock+0x2b/0x80 [ 170.009490][ T5975] ? do_raw_spin_unlock+0x172/0x230 [ 170.009510][ T5975] kobject_add_internal+0x2c4/0x9b0 [ 170.009536][ T5975] kobject_add+0x16e/0x240 [ 170.009556][ T5975] ? __pfx_kobject_add+0x10/0x10 [ 170.009580][ T5975] ? do_raw_spin_unlock+0x172/0x230 [ 170.009599][ T5975] ? kobject_put+0xab/0x5a0 [ 170.009626][ T5975] device_add+0x288/0x1a70 [ 170.009650][ T5975] ? __pfx_dev_set_name+0x10/0x10 [ 170.009666][ T5975] ? __pfx_device_add+0x10/0x10 [ 170.009690][ T5975] ? mgmt_send_event_skb+0x2fb/0x460 [ 170.009725][ T5975] hci_conn_add_sysfs+0x17e/0x230 [ 170.009750][ T5975] le_conn_complete_evt+0x1075/0x1d70 [ 170.009778][ T5975] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 170.009798][ T5975] ? hci_event_packet+0x459/0x11c0 [ 170.009826][ T5975] hci_le_enh_conn_complete_evt+0x23d/0x380 [ 170.009848][ T5975] ? skb_pull_data+0x166/0x210 [ 170.009871][ T5975] hci_le_meta_evt+0x354/0x5e0 [ 170.009892][ T5975] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 170.009916][ T5975] hci_event_packet+0x682/0x11c0 [ 170.009937][ T5975] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 170.009961][ T5975] ? __pfx_hci_event_packet+0x10/0x10 [ 170.009982][ T5975] ? kcov_remote_start+0x3c9/0x6d0 [ 170.010000][ T5975] ? lockdep_hardirqs_on+0x7c/0x110 [ 170.010027][ T5975] hci_rx_work+0x2c5/0x16b0 [ 170.010050][ T5975] ? rcu_is_watching+0x12/0xc0 [ 170.010076][ T5975] process_one_work+0x9cc/0x1b70 [ 170.010106][ T5975] ? __pfx_process_one_work+0x10/0x10 [ 170.010134][ T5975] ? assign_work+0x1a0/0x250 [ 170.010154][ T5975] worker_thread+0x6c8/0xf10 [ 170.010186][ T5975] ? __pfx_worker_thread+0x10/0x10 [ 170.010205][ T5975] kthread+0x3c5/0x780 [ 170.010223][ T5975] ? __pfx_kthread+0x10/0x10 [ 170.010242][ T5975] ? rcu_is_watching+0x12/0xc0 [ 170.010264][ T5975] ? __pfx_kthread+0x10/0x10 [ 170.010282][ T5975] ret_from_fork+0x5d4/0x6f0 [ 170.010297][ T5975] ? __pfx_kthread+0x10/0x10 [ 170.010315][ T5975] ret_from_fork_asm+0x1a/0x30 [ 170.010348][ T5975] [ 170.010373][ T5975] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 170.357276][ T5975] Bluetooth: hci2: failed to register connection device [ 170.726448][ T6940] netlink: 'syz.1.246': attribute type 4 has an invalid length. [ 170.748827][ T6940] netlink: 'syz.1.246': attribute type 4 has an invalid length. [ 171.252252][ T6955] netlink: 24 bytes leftover after parsing attributes in process `syz.3.250'. [ 171.303773][ T40] kauditd_printk_skb: 407 callbacks suppressed [ 171.303791][ T40] audit: type=1400 audit(1753788172.462:1084): avc: denied { read write } for pid=5971 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 171.371982][ T40] audit: type=1400 audit(1753788172.462:1085): avc: denied { read write open } for pid=5971 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 171.384123][ T40] audit: type=1400 audit(1753788172.462:1086): avc: denied { ioctl } for pid=5971 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 171.411461][ T40] audit: type=1400 audit(1753788172.472:1087): avc: denied { create } for pid=6952 comm="syz.2.249" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 171.446967][ T40] audit: type=1400 audit(1753788172.522:1088): avc: denied { read write } for pid=6952 comm="syz.2.249" name="swradio5" dev="devtmpfs" ino=1044 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 171.504333][ T40] audit: type=1400 audit(1753788172.522:1089): avc: denied { read write open } for pid=6952 comm="syz.2.249" path="/dev/swradio5" dev="devtmpfs" ino=1044 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 171.532360][ T40] audit: type=1400 audit(1753788172.552:1090): avc: denied { read write } for pid=5979 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 171.560821][ T40] audit: type=1400 audit(1753788172.582:1091): avc: denied { read write open } for pid=5979 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 171.603145][ T40] audit: type=1400 audit(1753788172.582:1092): avc: denied { ioctl } for pid=5979 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 171.618003][ T40] audit: type=1400 audit(1753788172.642:1093): avc: denied { read write } for pid=5974 comm="syz-executor" name="loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 171.701057][ T6967] netlink: 'syz.0.252': attribute type 1 has an invalid length. [ 171.713528][ T6967] netlink: 56 bytes leftover after parsing attributes in process `syz.0.252'. [ 172.039775][ T6973] autofs4:pid:6973:validate_dev_ioctl: path string terminator missing for cmd(0xc0189371) [ 172.377277][ C0] vkms_vblank_simulate: vblank timer overrun [ 172.521751][ T6988] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=6988 comm=syz.2.259 [ 173.129309][ T7002] tmpfs: Unknown parameter 'nosÃ' [ 173.229325][ C0] vkms_vblank_simulate: vblank timer overrun [ 173.264640][ C0] vkms_vblank_simulate: vblank timer overrun [ 173.373896][ T7002] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 173.376941][ T7002] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 173.445426][ C0] vkms_vblank_simulate: vblank timer overrun [ 173.472679][ T5981] Bluetooth: hci0: unexpected event for opcode 0x0c0d [ 173.477995][ T7002] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 173.543613][ T7002] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 173.550047][ T7007] syz.1.266: attempt to access beyond end of device [ 173.550047][ T7007] nbd1: rw=0, sector=64, nr_sectors = 1 limit=0 [ 173.557574][ T7002] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 173.580779][ T7007] syz.1.266: attempt to access beyond end of device [ 173.580779][ T7007] nbd1: rw=0, sector=256, nr_sectors = 1 limit=0 [ 173.586975][ T7007] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 173.591233][ T7007] syz.1.266: attempt to access beyond end of device [ 173.591233][ T7007] nbd1: rw=0, sector=512, nr_sectors = 1 limit=0 [ 173.615179][ T7007] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 173.616851][ T7002] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 173.622332][ T7007] syz.1.266: attempt to access beyond end of device [ 173.622332][ T7007] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0 [ 173.641961][ T7007] syz.1.266: attempt to access beyond end of device [ 173.641961][ T7007] nbd1: rw=0, sector=512, nr_sectors = 2 limit=0 [ 173.666189][ T7007] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 173.670475][ T7007] syz.1.266: attempt to access beyond end of device [ 173.670475][ T7007] nbd1: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 173.700610][ T7007] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 173.701720][ T7002] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 173.705232][ T7007] syz.1.266: attempt to access beyond end of device [ 173.705232][ T7007] nbd1: rw=0, sector=64, nr_sectors = 4 limit=0 [ 173.713894][ T7002] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 173.732687][ T7007] syz.1.266: attempt to access beyond end of device [ 173.732687][ T7007] nbd1: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 173.766238][ T7007] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 173.770871][ T7007] syz.1.266: attempt to access beyond end of device [ 173.770871][ T7007] nbd1: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 173.810714][ T7007] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 173.816769][ T7007] syz.1.266: attempt to access beyond end of device [ 173.816769][ T7007] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0 [ 173.816894][ T7002] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 173.838534][ T7007] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 173.847374][ T7007] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 173.851440][ T7007] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1) [ 173.894013][ T7002] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 173.898205][ T7002] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 173.928201][ T7002] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 173.940831][ T7002] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 173.981376][ C0] vkms_vblank_simulate: vblank timer overrun [ 174.288616][ T34] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 174.449249][ C0] vkms_vblank_simulate: vblank timer overrun [ 174.529719][ T34] usb 7-1: Using ep0 maxpacket: 32 [ 174.600347][ T34] usb 7-1: config 0 has no interfaces? [ 174.673600][ T7040] netlink: 14 bytes leftover after parsing attributes in process `syz.1.274'. [ 174.711899][ T34] usb 7-1: New USB device found, idVendor=093a, idProduct=2603, bcdDevice=cc.40 [ 174.715647][ T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 174.733507][ T34] usb 7-1: Product: syz [ 174.735386][ T34] usb 7-1: Manufacturer: syz [ 174.785518][ T34] usb 7-1: SerialNumber: syz [ 174.818876][ T34] usb 7-1: config 0 descriptor?? [ 175.081307][ C0] vkms_vblank_simulate: vblank timer overrun [ 175.109294][ C0] vkms_vblank_simulate: vblank timer overrun [ 175.185271][ C0] vkms_vblank_simulate: vblank timer overrun [ 175.300250][ T7043] (syz.0.275,7043,3):ocfs2_get_sector:1714 ERROR: status = -5 [ 175.310294][ C0] vkms_vblank_simulate: vblank timer overrun [ 175.320840][ T7043] (syz.0.275,7043,3):ocfs2_sb_probe:753 ERROR: status = -5 [ 175.320888][ T7043] (syz.0.275,7043,3):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 175.320909][ T7043] (syz.0.275,7043,3):ocfs2_fill_super:1177 ERROR: status = -5 [ 175.353105][ C0] vkms_vblank_simulate: vblank timer overrun [ 175.509671][ T5981] Bluetooth: hci0: command 0x0c1a tx timeout [ 175.585479][ T5981] Bluetooth: hci1: command 0x0c1a tx timeout [ 175.653977][ T7048] kthread_run failed with err -4 [ 175.737352][ T5981] Bluetooth: hci3: command 0x0c1a tx timeout [ 175.789352][ T7052] netlink: 12 bytes leftover after parsing attributes in process `syz.3.278'. [ 175.794628][ T7052] netlink: 48 bytes leftover after parsing attributes in process `syz.3.278'. [ 175.893322][ C0] vkms_vblank_simulate: vblank timer overrun [ 175.918069][ T7058] bridge1: entered allmulticast mode [ 175.968319][ T5981] Bluetooth: hci2: command 0x0c1a tx timeout [ 176.025245][ C0] vkms_vblank_simulate: vblank timer overrun [ 176.115429][ T7062] vivid-002: ================= START STATUS ================= [ 176.121843][ T7062] vivid-002: Radio HW Seek Mode: Bounded [ 176.125696][ T7062] vivid-002: Radio Programmable HW Seek: false [ 176.140203][ T7062] vivid-002: RDS Rx I/O Mode: Block I/O [ 176.144233][ T7062] vivid-002: Generate RBDS Instead of RDS: false [ 176.157800][ T7062] vivid-002: RDS Reception: true [ 176.160394][ T7062] vivid-002: RDS Program Type: 0 inactive [ 176.164196][ T7062] vivid-002: RDS PS Name: inactive [ 176.174498][ T7062] vivid-002: RDS Radio Text: inactive [ 176.187257][ T7062] vivid-002: RDS Traffic Announcement: false inactive [ 176.190293][ T7062] vivid-002: RDS Traffic Program: false inactive [ 176.193534][ T7062] vivid-002: RDS Music: false inactive [ 176.196199][ T7062] vivid-002: ================== END STATUS ================== [ 176.285917][ T6065] usb 7-1: USB disconnect, device number 3 [ 176.386045][ T40] kauditd_printk_skb: 607 callbacks suppressed [ 176.386063][ T40] audit: type=1400 audit(1753788177.542:1701): avc: denied { read write } for pid=5979 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 176.426585][ T40] audit: type=1400 audit(1753788177.542:1702): avc: denied { read write open } for pid=5979 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 176.458596][ T40] audit: type=1400 audit(1753788177.542:1703): avc: denied { ioctl } for pid=5979 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 176.518774][ T40] audit: type=1400 audit(1753788177.612:1704): avc: denied { read write } for pid=5978 comm="syz-executor" name="loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 176.540116][ T40] audit: type=1400 audit(1753788177.672:1705): avc: denied { read write open } for pid=5978 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 176.556942][ T40] audit: type=1400 audit(1753788177.672:1706): avc: denied { ioctl } for pid=5978 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 176.571543][ T40] audit: type=1400 audit(1753788177.722:1707): avc: denied { create } for pid=7066 comm="syz.0.283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 176.604436][ T40] audit: type=1400 audit(1753788177.722:1708): avc: denied { create } for pid=7066 comm="syz.0.283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 176.639347][ T40] audit: type=1400 audit(1753788177.722:1709): avc: denied { create } for pid=7066 comm="syz.0.283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 176.649119][ T40] audit: type=1400 audit(1753788177.742:1710): avc: denied { create } for pid=7066 comm="syz.0.283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 176.793266][ C0] vkms_vblank_simulate: vblank timer overrun [ 177.030097][ T7081] netlink: 'syz.3.287': attribute type 10 has an invalid length. [ 177.049287][ T7081] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 177.062345][ T7081] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 177.097580][ T7082] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 177.101391][ T7082] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 177.106807][ T7082] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 177.114872][ T7082] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 177.197647][ T7082] bond0: (slave batadv0): Releasing backup interface [ 177.605320][ T5975] Bluetooth: hci0: command 0x0c1a tx timeout [ 177.705657][ T5975] Bluetooth: hci1: command 0x0c1a tx timeout [ 177.809413][ T5975] Bluetooth: hci3: command 0x0c1a tx timeout [ 177.899275][ T7100] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=7100 comm=syz.2.293 [ 177.904905][ T7100] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=7100 comm=syz.2.293 [ 178.050761][ T5975] Bluetooth: hci2: command 0x0c1a tx timeout [ 178.132457][ T7102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.294'. [ 178.145261][ C0] vkms_vblank_simulate: vblank timer overrun [ 178.295198][ C0] vkms_vblank_simulate: vblank timer overrun [ 178.310955][ T7102] raw_sendmsg: syz.1.294 forgot to set AF_INET. Fix it! [ 178.520407][ T7114] sp0: Synchronizing with TNC [ 178.551496][ T7118] netlink: 'syz.3.300': attribute type 5 has an invalid length. [ 178.554218][ T7118] netlink: 'syz.3.300': attribute type 7 has an invalid length. [ 178.630292][ T7118] : entered promiscuous mode [ 178.693252][ C0] vkms_vblank_simulate: vblank timer overrun [ 179.068585][ T7129] binder: 7127:7129 unknown command 0 [ 179.086801][ T7129] binder: 7127:7129 ioctl c0306201 2000000003c0 returned -22 [ 179.101278][ C0] vkms_vblank_simulate: vblank timer overrun [ 179.269294][ C0] vkms_vblank_simulate: vblank timer overrun [ 179.361479][ C0] vkms_vblank_simulate: vblank timer overrun [ 179.402120][ T7135] sctp: [Deprecated]: syz.0.305 (pid 7135) Use of struct sctp_assoc_value in delayed_ack socket option. [ 179.402120][ T7135] Use struct sctp_sack_info instead [ 179.436426][ C0] vkms_vblank_simulate: vblank timer overrun [ 179.633244][ C0] vkms_vblank_simulate: vblank timer overrun [ 179.727477][ T5975] Bluetooth: hci1: command 0x0c1a tx timeout [ 179.775394][ C0] vkms_vblank_simulate: vblank timer overrun [ 179.908652][ T5975] Bluetooth: hci3: command 0x0c1a tx timeout [ 180.149515][ T5975] Bluetooth: hci2: command 0x0c1a tx timeout [ 180.359769][ T7156] FAULT_INJECTION: forcing a failure. [ 180.359769][ T7156] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 180.366591][ T7156] CPU: 0 UID: 0 PID: 7156 Comm: syz.1.310 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 180.366618][ T7156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 180.366634][ T7156] Call Trace: [ 180.366642][ T7156] [ 180.366649][ T7156] dump_stack_lvl+0x16c/0x1f0 [ 180.366677][ T7156] should_fail_ex+0x512/0x640 [ 180.366702][ T7156] _copy_from_iter+0x29f/0x16f0 [ 180.366730][ T7156] ? __pfx__copy_from_iter+0x10/0x10 [ 180.366751][ T7156] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 180.366780][ T7156] copy_page_from_iter+0xde/0x180 [ 180.366805][ T7156] tun_build_skb.constprop.0+0x2e8/0x14f0 [ 180.366838][ T7156] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 180.366877][ T7156] ? __pfx__kstrtoull+0x10/0x10 [ 180.366899][ T7156] tun_get_user+0x165f/0x3b80 [ 180.366932][ T7156] ? __pfx_tun_get_user+0x10/0x10 [ 180.366955][ T7156] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 180.366984][ T7156] ? find_held_lock+0x2b/0x80 [ 180.367008][ T7156] ? tun_get+0x191/0x370 [ 180.367035][ T7156] tun_chr_write_iter+0xdc/0x210 [ 180.367060][ T7156] vfs_write+0x6c7/0x1150 [ 180.367077][ T7156] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 180.367103][ T7156] ? __pfx_vfs_write+0x10/0x10 [ 180.367116][ T7156] ? find_held_lock+0x2b/0x80 [ 180.367170][ T7156] ksys_write+0x12a/0x250 [ 180.367188][ T7156] ? __pfx_ksys_write+0x10/0x10 [ 180.367211][ T7156] do_syscall_64+0xcd/0x4c0 [ 180.367237][ T7156] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.367254][ T7156] RIP: 0033:0x7fd38cb8d45f [ 180.367270][ T7156] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 180.367284][ T7156] RSP: 002b:00007fd38d914000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 180.367301][ T7156] RAX: ffffffffffffffda RBX: 00007fd38cdb5fa0 RCX: 00007fd38cb8d45f [ 180.367312][ T7156] RDX: 000000000000004c RSI: 0000200000000380 RDI: 00000000000000c8 [ 180.367322][ T7156] RBP: 00007fd38d914090 R08: 0000000000000000 R09: 0000000000000000 [ 180.367331][ T7156] R10: 000000000000004c R11: 0000000000000293 R12: 0000000000000001 [ 180.367341][ T7156] R13: 0000000000000000 R14: 00007fd38cdb5fa0 R15: 00007fffec9b6a58 [ 180.367365][ T7156] [ 180.650836][ T7161] iowarrior 8-1:0.1: Error -90 while submitting URB [ 180.667052][ C0] vkms_vblank_simulate: vblank timer overrun [ 180.735829][ T7161] iowarrior 8-1:0.1: Error -90 while submitting URB [ 180.881227][ C0] vkms_vblank_simulate: vblank timer overrun [ 181.095695][ T7171] IPVS: set_ctl: invalid protocol: 1 0.0.0.0:20002 [ 181.216501][ T7179] netlink: 'syz.1.317': attribute type 1 has an invalid length. [ 181.220128][ T7179] netlink: 24 bytes leftover after parsing attributes in process `syz.1.317'. [ 181.274351][ T7169] netlink: 144 bytes leftover after parsing attributes in process `syz.0.314'. [ 181.390033][ T40] kauditd_printk_skb: 492 callbacks suppressed [ 181.390051][ T40] audit: type=1400 audit(1753788182.552:2203): avc: denied { name_bind } for pid=7182 comm="syz.1.319" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 181.466180][ T40] audit: type=1400 audit(1753788182.552:2204): avc: denied { create } for pid=7182 comm="syz.1.319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 181.477588][ C0] vkms_vblank_simulate: vblank timer overrun [ 181.510847][ T40] audit: type=1400 audit(1753788182.552:2205): avc: denied { connect } for pid=7182 comm="syz.1.319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 181.548421][ T40] audit: type=1400 audit(1753788182.552:2206): avc: denied { read write } for pid=5979 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 181.573798][ T40] audit: type=1400 audit(1753788182.552:2207): avc: denied { read write open } for pid=5979 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 181.616690][ T40] audit: type=1400 audit(1753788182.552:2208): avc: denied { ioctl } for pid=5979 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 181.643637][ T40] audit: type=1400 audit(1753788182.602:2209): avc: denied { setopt } for pid=7180 comm="syz.2.318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 181.655655][ T40] audit: type=1400 audit(1753788182.602:2210): avc: denied { getopt } for pid=7180 comm="syz.2.318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 181.704885][ T40] audit: type=1400 audit(1753788182.602:2211): avc: denied { setopt } for pid=7180 comm="syz.2.318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 181.742511][ T40] audit: type=1400 audit(1753788182.602:2212): avc: denied { getopt } for pid=7180 comm="syz.2.318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 181.901770][ T7198] IPv6: sit1: Disabled Multicast RS [ 181.926267][ T7207] x_tables: ip_tables: MASQUERADE target: used from hooks INPUT, but only usable from POSTROUTING [ 182.029265][ C0] vkms_vblank_simulate: vblank timer overrun [ 182.060117][ C0] vkms_vblank_simulate: vblank timer overrun [ 182.227870][ T5975] Bluetooth: hci2: command 0x0c1a tx timeout [ 182.247568][ T6095] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 182.414346][ T6095] usb 6-1: Using ep0 maxpacket: 16 [ 182.475500][ T7218] netlink: 'syz.0.328': attribute type 12 has an invalid length. [ 182.525608][ T6095] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 182.541232][ T6095] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 182.546682][ T6095] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 182.568749][ T7218] JFS: charset not found [ 182.577485][ T6095] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 182.580716][ T6095] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 182.583062][ T7218] netlink: 40 bytes leftover after parsing attributes in process `syz.0.328'. [ 182.643708][ T6095] usb 6-1: config 0 descriptor?? [ 183.062521][ C0] vkms_vblank_simulate: vblank timer overrun [ 183.164255][ T6095] HID 045e:07da: Invalid code 65791 type 1 [ 183.189652][ T6095] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:045E:07DA.0004/input/input7 [ 183.293249][ C0] vkms_vblank_simulate: vblank timer overrun [ 183.297574][ T6095] microsoft 0003:045E:07DA.0004: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 183.376826][ C0] vkms_vblank_simulate: vblank timer overrun [ 183.406154][ T6107] usb 6-1: USB disconnect, device number 3 [ 183.441985][ C0] vkms_vblank_simulate: vblank timer overrun [ 183.630645][ T6057] usb 8-1: USB disconnect, device number 2 [ 183.741246][ C0] vkms_vblank_simulate: vblank timer overrun [ 183.775155][ C0] vkms_vblank_simulate: vblank timer overrun [ 183.893198][ C0] vkms_vblank_simulate: vblank timer overrun [ 183.945195][ C0] vkms_vblank_simulate: vblank timer overrun [ 183.977710][ T6107] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 184.200537][ T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.286055][ C0] vkms_vblank_simulate: vblank timer overrun [ 184.296091][ T6107] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 184.309186][ T6107] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 184.315483][ T6107] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 184.339819][ T6107] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 184.350988][ T6107] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.365640][ T6107] usb 6-1: config 0 descriptor?? [ 184.458895][ C0] vkms_vblank_simulate: vblank timer overrun [ 184.554432][ T5981] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 184.590125][ T5981] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 184.603755][ T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.617556][ T5981] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 184.625649][ T5981] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 184.674747][ T5981] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 184.683542][ T6107] usbhid 6-1:0.0: can't add hid device: -71 [ 184.726280][ T6107] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 184.734736][ T6107] usb 6-1: USB disconnect, device number 4 [ 184.845032][ T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.042233][ T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.378095][ C0] vkms_vblank_simulate: vblank timer overrun [ 185.503137][ T13] bridge_slave_1: left allmulticast mode [ 185.506593][ T13] bridge_slave_1: left promiscuous mode [ 185.510475][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.550128][ T7230] comedi comedi3: comedi_test: 20263 microvolt, 5 microsecond waveform attached [ 185.550188][ T13] bridge_slave_0: left allmulticast mode [ 185.585864][ T13] bridge_slave_0: left promiscuous mode [ 185.596455][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.776559][ T7235] netlink: 'syz.0.336': attribute type 2 has an invalid length. [ 185.797531][ C0] vkms_vblank_simulate: vblank timer overrun [ 185.894506][ C0] vkms_vblank_simulate: vblank timer overrun [ 186.271281][ T7243] Bluetooth: hci0: Frame reassembly failed (-84) [ 186.347298][ T7244] Bluetooth: hci0: Frame reassembly failed (-84) [ 186.376002][ C0] vkms_vblank_simulate: vblank timer overrun [ 186.399466][ T6376] Bluetooth: hci0: Frame reassembly failed (-84) [ 186.409228][ C0] vkms_vblank_simulate: vblank timer overrun [ 186.439235][ T40] kauditd_printk_skb: 1301 callbacks suppressed [ 186.439255][ T40] audit: type=1400 audit(1753788187.592:3514): avc: denied { create } for pid=7242 comm="syz.2.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 186.481187][ C0] vkms_vblank_simulate: vblank timer overrun [ 186.525313][ T40] audit: type=1400 audit(1753788187.592:3515): avc: denied { write } for pid=7242 comm="syz.2.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 186.569253][ C0] vkms_vblank_simulate: vblank timer overrun [ 186.572387][ T40] audit: type=1400 audit(1753788187.592:3516): avc: denied { read } for pid=7242 comm="syz.2.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 186.607663][ C0] vkms_vblank_simulate: vblank timer overrun [ 186.623304][ T40] audit: type=1400 audit(1753788187.592:3517): avc: denied { read open } for pid=7242 comm="syz.2.338" path="net:[4026533027]" dev="nsfs" ino=4026533027 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 186.630562][ T7246] netlink: 44 bytes leftover after parsing attributes in process `syz.0.340'. [ 186.678000][ C0] vkms_vblank_simulate: vblank timer overrun [ 186.683546][ T40] audit: type=1400 audit(1753788187.592:3518): avc: denied { create } for pid=7242 comm="syz.2.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 186.683594][ T40] audit: type=1400 audit(1753788187.592:3519): avc: denied { write } for pid=7242 comm="syz.2.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 186.683630][ T40] audit: type=1400 audit(1753788187.592:3520): avc: denied { write } for pid=7242 comm="syz.2.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 186.683666][ T40] audit: type=1400 audit(1753788187.592:3521): avc: denied { write } for pid=7242 comm="syz.2.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 186.683703][ T40] audit: type=1400 audit(1753788187.792:3522): avc: denied { create } for pid=7245 comm="syz.0.340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 186.693962][ T40] audit: type=1400 audit(1753788187.852:3523): avc: denied { read write } for pid=7245 comm="syz.0.340" name="video37" dev="devtmpfs" ino=1073 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 186.729985][ C0] vkms_vblank_simulate: vblank timer overrun [ 186.777479][ T5975] Bluetooth: hci4: command tx timeout [ 186.806151][ T7247] XFS (nullb0): Invalid superblock magic number [ 187.223403][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 187.272974][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 187.293111][ C0] vkms_vblank_simulate: vblank timer overrun [ 187.328206][ T13] bond0 (unregistering): Released all slaves [ 187.352779][ T7224] chnl_net:caif_netlink_parms(): no params data found [ 187.544724][ T13] : left promiscuous mode [ 187.723351][ T7258] netlink: 7 bytes leftover after parsing attributes in process `syz.0.343'. [ 188.060636][ T7259] netlink: 'syz.1.342': attribute type 1 has an invalid length. [ 188.067911][ T7224] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.101473][ T7224] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.104826][ T7224] bridge_slave_0: entered allmulticast mode [ 188.128457][ T7224] bridge_slave_0: entered promiscuous mode [ 188.171363][ T7261] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.181892][ T7261] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.232938][ C0] vkms_vblank_simulate: vblank timer overrun [ 188.291979][ T7224] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.293436][ T5975] Bluetooth: hci0: command 0x1003 tx timeout [ 188.297241][ T5981] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 188.325437][ C0] vkms_vblank_simulate: vblank timer overrun [ 188.331377][ T7224] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.349489][ T7224] bridge_slave_1: entered allmulticast mode [ 188.366751][ T7224] bridge_slave_1: entered promiscuous mode [ 188.666546][ T34] IPVS: starting estimator thread 0... [ 188.709581][ C0] vkms_vblank_simulate: vblank timer overrun [ 188.740938][ C0] vkms_vblank_simulate: vblank timer overrun [ 188.807357][ T7272] IPVS: using max 26 ests per chain, 62400 per kthread [ 188.825192][ C0] vkms_vblank_simulate: vblank timer overrun [ 188.857965][ T5981] Bluetooth: hci4: command tx timeout [ 189.000133][ T7224] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 189.055387][ T7278] tmpfs: Bad value for 'mpol' [ 189.076362][ T13] hsr_slave_0: left promiscuous mode [ 189.107576][ T13] hsr_slave_1: left promiscuous mode [ 189.230423][ T13] veth1_macvtap: left promiscuous mode [ 189.258758][ T13] veth0_macvtap: left promiscuous mode [ 189.264468][ T13] veth1_vlan: left promiscuous mode [ 189.273773][ T7284] binder_alloc: 7283: binder_alloc_buf size 12304 failed, no address space [ 189.284264][ T13] veth0_vlan: left promiscuous mode [ 189.296048][ T7284] binder_alloc: allocated: 8 (num: 1 largest: 8), free: 12280 (num: 1 largest: 12280) [ 189.977169][ C0] vkms_vblank_simulate: vblank timer overrun [ 190.041225][ C0] vkms_vblank_simulate: vblank timer overrun [ 190.927451][ T5981] Bluetooth: hci4: command tx timeout [ 191.216947][ C0] vkms_vblank_simulate: vblank timer overrun [ 191.587362][ C0] vkms_vblank_simulate: vblank timer overrun [ 191.617119][ C0] vkms_vblank_simulate: vblank timer overrun [ 191.663366][ C0] vkms_vblank_simulate: vblank timer overrun [ 191.805350][ T40] kauditd_printk_skb: 221 callbacks suppressed [ 191.805366][ T40] audit: type=1400 audit(1753788192.972:3745): avc: denied { read write } for pid=5974 comm="syz-executor" name="loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 191.840797][ T40] audit: type=1400 audit(1753788192.982:3746): avc: denied { read write open } for pid=5974 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 191.867991][ T40] audit: type=1400 audit(1753788192.982:3747): avc: denied { ioctl } for pid=5974 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 192.015443][ T40] audit: type=1400 audit(1753788193.172:3748): avc: denied { name_bind } for pid=7302 comm="syz.2.355" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 192.036453][ T40] audit: type=1400 audit(1753788193.182:3749): avc: denied { create } for pid=7302 comm="syz.2.355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 192.060959][ C0] vkms_vblank_simulate: vblank timer overrun [ 192.064502][ T40] audit: type=1400 audit(1753788193.182:3750): avc: denied { connect } for pid=7302 comm="syz.2.355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 192.115971][ C0] vkms_vblank_simulate: vblank timer overrun [ 192.119539][ T40] audit: type=1400 audit(1753788193.262:3751): avc: denied { read write } for pid=5974 comm="syz-executor" name="loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 192.140909][ T40] audit: type=1400 audit(1753788193.262:3752): avc: denied { read write open } for pid=5974 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 192.187749][ C0] vkms_vblank_simulate: vblank timer overrun [ 192.202439][ T40] audit: type=1400 audit(1753788193.272:3753): avc: denied { ioctl } for pid=5974 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 192.232942][ C0] vkms_vblank_simulate: vblank timer overrun [ 192.267958][ T40] audit: type=1400 audit(1753788193.422:3754): avc: denied { create } for pid=7304 comm="syz.2.356" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 192.701590][ T7306] FAULT_INJECTION: forcing a failure. [ 192.701590][ T7306] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 192.713375][ T7306] CPU: 0 UID: 0 PID: 7306 Comm: syz.2.356 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 192.713399][ T7306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 192.713409][ T7306] Call Trace: [ 192.713417][ T7306] [ 192.713425][ T7306] dump_stack_lvl+0x16c/0x1f0 [ 192.713450][ T7306] should_fail_ex+0x512/0x640 [ 192.713473][ T7306] _copy_from_user+0x2e/0xd0 [ 192.713494][ T7306] copy_from_sockptr_offset.constprop.0+0x136/0x170 [ 192.713513][ T7306] ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10 [ 192.713531][ T7306] ? __pfx_avc_perm_nonode+0x10/0x10 [ 192.713556][ T7306] sk_setsockopt+0x170/0x3e40 [ 192.713578][ T7306] ? avc_has_perm_noaudit+0x2bd/0x3b0 [ 192.713602][ T7306] ? __pfx_sk_setsockopt+0x10/0x10 [ 192.713623][ T7306] ? avc_has_perm_noaudit+0x149/0x3b0 [ 192.713648][ T7306] ? __pfx_avc_has_perm+0x10/0x10 [ 192.713668][ T7306] ? get_pid_task+0x106/0x250 [ 192.713684][ T7306] ? proc_fail_nth_write+0x9f/0x250 [ 192.713708][ T7306] mptcp_setsockopt+0xf6b/0x30e0 [ 192.713729][ T7306] ? selinux_netlbl_socket_setsockopt+0x183/0x470 [ 192.713750][ T7306] ? __pfx_mptcp_setsockopt+0x10/0x10 [ 192.713774][ T7306] ? find_held_lock+0x2b/0x80 [ 192.713796][ T7306] ? selinux_socket_setsockopt+0x6a/0x80 [ 192.713818][ T7306] ? sock_common_setsockopt+0x2e/0xf0 [ 192.713841][ T7306] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 192.713865][ T7306] do_sock_setsockopt+0xf3/0x1d0 [ 192.713891][ T7306] __sys_setsockopt+0x1a0/0x230 [ 192.713913][ T7306] __x64_sys_setsockopt+0xbd/0x160 [ 192.713930][ T7306] ? do_syscall_64+0x91/0x4c0 [ 192.713949][ T7306] ? lockdep_hardirqs_on+0x7c/0x110 [ 192.713966][ T7306] do_syscall_64+0xcd/0x4c0 [ 192.713988][ T7306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.714004][ T7306] RIP: 0033:0x7ffbe298e9a9 [ 192.714018][ T7306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 192.714061][ T7306] RSP: 002b:00007ffbe383c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 192.714078][ T7306] RAX: ffffffffffffffda RBX: 00007ffbe2bb6080 RCX: 00007ffbe298e9a9 [ 192.714089][ T7306] RDX: 0000000000000012 RSI: 0000000000000001 RDI: 0000000000000007 [ 192.714284][ T7306] RBP: 00007ffbe383c090 R08: 0000000000000004 R09: 0000000000000000 [ 192.714293][ T7306] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001 [ 192.714303][ T7306] R13: 0000000000000000 R14: 00007ffbe2bb6080 R15: 00007ffeedae6618 [ 192.714326][ T7306] [ 192.945915][ C0] vkms_vblank_simulate: vblank timer overrun [ 193.007386][ T5981] Bluetooth: hci4: command tx timeout [ 193.172079][ T13] team0 (unregistering): Port device team_slave_1 removed [ 193.481770][ T13] team0 (unregistering): Port device team_slave_0 removed [ 193.643711][ C0] vkms_vblank_simulate: vblank timer overrun [ 193.709147][ C0] vkms_vblank_simulate: vblank timer overrun [ 194.347504][ T6057] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 194.447435][ C0] vkms_vblank_simulate: vblank timer overrun [ 194.537348][ T6057] usb 7-1: Using ep0 maxpacket: 32 [ 194.554754][ T6057] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 194.555851][ C0] vkms_vblank_simulate: vblank timer overrun [ 194.595542][ C0] vkms_vblank_simulate: vblank timer overrun [ 194.631030][ T6057] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 194.636689][ T6057] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 194.648836][ T6057] usb 7-1: Product: syz [ 194.650703][ T6057] usb 7-1: Manufacturer: syz [ 194.652938][ T6057] usb 7-1: SerialNumber: syz [ 194.672477][ T6057] usb 7-1: config 0 descriptor?? [ 194.681252][ T7316] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 194.700281][ T6057] hub 7-1:0.0: bad descriptor, ignoring hub [ 194.703435][ T6057] hub 7-1:0.0: probe with driver hub failed with error -5 [ 195.049937][ T6095] usb 7-1: USB disconnect, device number 4 [ 195.437646][ T6095] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 195.619059][ T6095] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 1024, setting to 64 [ 195.696985][ T6095] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 195.701779][ T6095] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 195.732925][ T6095] usb 7-1: Product: syz [ 195.734967][ T6095] usb 7-1: Manufacturer: syz [ 195.757130][ C0] vkms_vblank_simulate: vblank timer overrun [ 195.758816][ T6095] usb 7-1: SerialNumber: syz [ 195.770956][ T6095] usb 7-1: config 0 descriptor?? [ 195.806554][ T7316] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 195.859724][ T6095] hub 7-1:0.0: bad descriptor, ignoring hub [ 195.863282][ T6095] hub 7-1:0.0: probe with driver hub failed with error -5 [ 195.995512][ T7224] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 196.065383][ T7295] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 196.066186][ T7294] netlink: 'syz.0.353': attribute type 10 has an invalid length. [ 196.077420][ T7294] netlink: 32 bytes leftover after parsing attributes in process `syz.0.353'. [ 196.265838][ T7322] overlayfs: failed to resolve './file0': -2 [ 196.287869][ T6107] usb 7-1: USB disconnect, device number 5 [ 196.394973][ T7224] team0: Port device team_slave_0 added [ 196.419342][ C0] vkms_vblank_simulate: vblank timer overrun [ 196.488826][ T7224] team0: Port device team_slave_1 added [ 196.711829][ T7224] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 196.714106][ T7224] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.743026][ T7224] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 196.766512][ T7224] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 196.769506][ T7224] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.782869][ T7224] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 196.813172][ T40] kauditd_printk_skb: 160 callbacks suppressed [ 196.813191][ T40] audit: type=1400 audit(1753788197.952:3915): avc: denied { read write } for pid=5974 comm="syz-executor" name="loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 196.859785][ T40] audit: type=1400 audit(1753788197.952:3916): avc: denied { read write open } for pid=5974 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 196.902466][ T40] audit: type=1400 audit(1753788197.982:3917): avc: denied { ioctl } for pid=5974 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 196.958703][ T40] audit: type=1400 audit(1753788198.122:3918): avc: denied { create } for pid=7326 comm="syz.0.362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 196.988407][ T40] audit: type=1400 audit(1753788198.122:3919): avc: denied { create } for pid=7326 comm="syz.0.362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 197.037435][ T40] audit: type=1400 audit(1753788198.182:3920): avc: denied { read } for pid=7327 comm="syz.2.363" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 197.057344][ T40] audit: type=1400 audit(1753788198.182:3921): avc: denied { read open } for pid=7327 comm="syz.2.363" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 197.073097][ T40] audit: type=1400 audit(1753788198.182:3922): avc: denied { ioctl } for pid=7327 comm="syz.2.363" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 197.233622][ T40] audit: type=1400 audit(1753788198.402:3923): avc: denied { read write } for pid=5979 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 197.250051][ T40] audit: type=1400 audit(1753788198.412:3924): avc: denied { read write open } for pid=5979 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 197.493147][ C0] vkms_vblank_simulate: vblank timer overrun [ 197.548820][ T7224] hsr_slave_0: entered promiscuous mode [ 197.551784][ T7224] hsr_slave_1: entered promiscuous mode [ 197.777159][ C0] vkms_vblank_simulate: vblank timer overrun [ 198.004108][ T7341] netlink: 24 bytes leftover after parsing attributes in process `syz.2.367'. [ 198.209116][ C0] vkms_vblank_simulate: vblank timer overrun [ 198.377831][ T7349] netlink: 68 bytes leftover after parsing attributes in process `syz.2.369'. [ 198.407476][ T7224] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 198.527378][ T7224] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 198.542626][ T7224] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 198.581002][ C0] vkms_vblank_simulate: vblank timer overrun [ 198.619176][ T7224] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 198.668253][ T7355] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 198.707450][ C0] vkms_vblank_simulate: vblank timer overrun [ 199.028990][ C0] vkms_vblank_simulate: vblank timer overrun [ 199.045182][ T7224] 8021q: adding VLAN 0 to HW filter on device bond0 [ 199.216433][ T7224] 8021q: adding VLAN 0 to HW filter on device team0 [ 199.267238][ T6369] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.270802][ T6369] bridge0: port 1(bridge_slave_0) entered forwarding state [ 199.340177][ C0] vkms_vblank_simulate: vblank timer overrun [ 199.410408][ T6369] bridge0: port 2(bridge_slave_1) entered blocking state [ 199.417128][ T6369] bridge0: port 2(bridge_slave_1) entered forwarding state [ 199.909791][ C0] vkms_vblank_simulate: vblank timer overrun [ 200.586346][ T7224] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 200.632333][ T7400] 9p: Unknown Cache mode or invalid value fs [ 200.635994][ T7400] 9pnet: Tag 65535 still in use [ 200.639570][ C3] ------------[ cut here ]------------ [ 200.642371][ C3] refcount_t: underflow; use-after-free. [ 200.645044][ C3] WARNING: CPU: 3 PID: 7393 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210 SYZFAIL: failed to recv rpc [ 200.649331][ C3] Modules linked in: [ 200.668401][ C3] CPU: 3 UID: 0 PID: 7393 Comm: syz.2.380 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 200.673320][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 200.678451][ C3] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 200.695259][ C3] Code: ff 89 de e8 d8 7f da fc 84 db 0f 85 66 ff ff ff e8 eb 84 da fc c6 05 19 50 b0 0b 01 90 48 c7 c7 e0 6a 15 8c e8 d7 8b 99 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 c8 84 da fc 0f b6 1d f4 4f b0 0b 31 [ 200.705159][ C3] RSP: 0018:ffffc900006f8d90 EFLAGS: 00010082 [ 200.712489][ T7401] netlink: 12 bytes leftover after parsing attributes in process `syz.1.381'. [ 200.717884][ C3] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817b01b8 [ 200.717926][ C3] RDX: ffff88804501c880 RSI: ffffffff817b01c5 RDI: 0000000000000001 [ 200.717939][ C3] RBP: ffff88802d23e998 R08: 0000000000000001 R09: 0000000000000000 [ 200.717949][ C3] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88802d23e998 [ 200.717961][ C3] R13: ffff888043e0bc00 R14: 0000000000000015 R15: 1ffff110044df00c [ 200.717972][ C3] FS: 0000000000000000(0000) GS:ffff8880d69f9000(0000) knlGS:0000000000000000 [ 200.718005][ C3] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.718019][ C3] CR2: 0000000000000000 CR3: 0000000034be5000 CR4: 0000000000352ef0 [ 200.718031][ C3] Call Trace: [ 200.718040][ C3] [ 200.718048][ C3] p9_req_put+0x1ec/0x250 [ 200.718077][ C3] req_done+0x1dc/0x2e0 [ 200.718100][ C3] ? __pfx_req_done+0x10/0x10 [ 200.718122][ C3] ? __pfx_req_done+0x10/0x10 [ 200.718146][ C3] vring_interrupt+0x31e/0x400 [ 200.718165][ C3] ? __pfx_vring_interrupt+0x10/0x10 [ 200.718184][ C3] __handle_irq_event_percpu+0x229/0x7d0 [ 200.718218][ C3] handle_irq_event+0xab/0x1e0 [ 200.718242][ C3] handle_edge_irq+0x28e/0xab0 [ 200.718270][ C3] __common_interrupt+0xdf/0x250 [ 200.718294][ C3] common_interrupt+0xba/0xe0 [ 200.718320][ C3] [ 200.718326][ C3] [ 200.718334][ C3] asm_common_interrupt+0x26/0x40 [ 200.718353][ C3] RIP: 0010:smp_call_function_single+0x1fb/0x6b0 [ 200.718378][ C3] Code: 24 ce 00 00 00 48 89 de e8 82 fa ff ff 41 89 c5 0f 1f 44 00 00 e8 25 00 0c 00 eb 07 e8 1e 00 0c 00 f3 90 8b 9c 24 c8 00 00 00 <31> ff 83 e3 01 89 de e8 49 fb 0b 00 85 db 75 e2 e8 00 00 0c 00 e8 [ 200.718393][ C3] RSP: 0018:ffffc90004bf7800 EFLAGS: 00000293 [ 200.718408][ C3] RAX: 0000000000000000 RBX: 0000000000000011 RCX: ffffffff81aff917 [ 200.718418][ C3] RDX: ffff88804501c880 RSI: ffffffff81aff902 RDI: 0000000000000005 [ 200.718429][ C3] RBP: ffffc90004bf7960 R08: 0000000000000005 R09: 0000000000000000 [ 200.718440][ C3] R10: 0000000000000001 R11: 0000000000000001 R12: 1ffff9200097ef08 [ 200.718451][ C3] R13: 0000000000000000 R14: 0000000000000001 R15: dffffc0000000000 [ 200.718470][ C3] ? smp_call_function_single+0x207/0x6b0 [ 200.718490][ C3] ? smp_call_function_single+0x1f2/0x6b0 [ 200.718517][ C3] ? __lock_acquire+0xb8a/0x1c90 [ 200.718535][ C3] ? __pfx_rcu_barrier_handler+0x10/0x10 [ 200.718560][ C3] ? __pfx_smp_call_function_single+0x10/0x10 [ 200.718824][ C3] ? __pfx___mutex_lock+0x10/0x10 [ 200.719011][ C3] ? do_raw_spin_lock+0x12c/0x2b0 [ 200.719031][ C3] ? __pfx_rcu_barrier_handler+0x10/0x10 [ 200.719054][ C3] ? mark_held_locks+0x49/0x80 [ 200.719068][ C3] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 200.719090][ C3] rcu_barrier+0x28d/0x6e0 [ 200.719114][ C3] kvm_mmu_uninit_vm+0x5b/0x60 [ 200.719135][ C3] kvm_arch_destroy_vm+0x207/0x2f0 [ 200.719170][ C3] kvm_put_kvm+0x4f2/0xb40 [ 200.719188][ C3] ? __pfx_kvm_vm_release+0x10/0x10 [ 200.719201][ C3] kvm_vm_release+0x3c/0x50 [ 200.719213][ C3] __fput+0x402/0xb70 [ 200.719231][ C3] ? _raw_spin_unlock_irq+0x23/0x50 [ 200.719247][ C3] task_work_run+0x14d/0x240 [ 200.719263][ C3] ? __pfx_task_work_run+0x10/0x10 [ 200.719278][ C3] ? do_raw_spin_unlock+0x172/0x230 [ 200.719297][ C3] do_exit+0x86c/0x2bd0 [ 200.719307][ C3] ? __pfx___might_resched+0x10/0x10 [ 200.719329][ C3] ? __pfx_do_exit+0x10/0x10 [ 200.719340][ C3] ? do_raw_spin_lock+0x12c/0x2b0 [ 200.719354][ C3] ? find_held_lock+0x2b/0x80 [ 200.719378][ C3] do_group_exit+0xd3/0x2a0 [ 200.719395][ C3] get_signal+0x2673/0x26d0 [ 200.719420][ C3] ? find_held_lock+0x2b/0x80 [ 200.719441][ C3] ? kvm_dev_ioctl+0xd52/0x1ad0 [ 200.719460][ C3] ? __pfx_get_signal+0x10/0x10 [ 200.719481][ C3] ? _raw_spin_unlock+0x28/0x50 [ 200.719497][ C3] ? kvm_dev_ioctl+0x613/0x1ad0 [ 200.719519][ C3] arch_do_signal_or_restart+0x8f/0x7d0 [ 200.719540][ C3] ? hook_file_ioctl_common+0x145/0x410 [ 200.719561][ C3] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 200.719578][ C3] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 200.719601][ C3] ? selinux_file_ioctl+0xb4/0x270 [ 200.719625][ C3] exit_to_user_mode_loop+0x84/0x110 [ 200.719648][ C3] do_syscall_64+0x3f6/0x4c0 [ 200.719671][ C3] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.719686][ C3] RIP: 0033:0x7ffbe298e9a9 [ 200.719699][ C3] Code: Unable to access opcode bytes at 0x7ffbe298e97f. [ 200.719707][ C3] RSP: 002b:00007ffbe385d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 200.719725][ C3] RAX: fffffffffffffffc RBX: 00007ffbe2bb5fa0 RCX: 00007ffbe298e9a9 [ 200.719735][ C3] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 200.719745][ C3] RBP: 00007ffbe2a10d69 R08: 0000000000000000 R09: 0000000000000000 [ 200.719754][ C3] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 200.719763][ C3] R13: 0000000000000000 R14: 00007ffbe2bb5fa0 R15: 00007ffeedae6618 [ 200.719786][ C3] [ 200.719795][ C3] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 200.719807][ C3] CPU: 3 UID: 0 PID: 7393 Comm: syz.2.380 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 200.719827][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 200.719838][ C3] Call Trace: [ 200.719844][ C3] [ 200.719851][ C3] dump_stack_lvl+0x3d/0x1f0 [ 200.719871][ C3] panic+0x71c/0x800 [ 200.719886][ C3] ? __pfx_panic+0x10/0x10 [ 200.719902][ C3] ? show_trace_log_lvl+0x29b/0x3e0 [ 200.719933][ C3] ? check_panic_on_warn+0x1f/0xb0 [ 200.719950][ C3] ? refcount_warn_saturate+0x14a/0x210 [ 200.719971][ C3] check_panic_on_warn+0xab/0xb0 [ 200.719988][ C3] __warn+0xf6/0x3c0 [ 200.720002][ C3] ? __pfx_vprintk_emit+0x10/0x10 [ 200.720024][ C3] ? refcount_warn_saturate+0x14a/0x210 [ 200.720046][ C3] report_bug+0x3c3/0x580 [ 200.720064][ C3] ? refcount_warn_saturate+0x14a/0x210 [ 200.720086][ C3] handle_bug+0x184/0x210 [ 200.720109][ C3] exc_invalid_op+0x17/0x50 [ 200.720132][ C3] asm_exc_invalid_op+0x1a/0x20 [ 200.720156][ C3] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 200.720177][ C3] Code: ff 89 de e8 d8 7f da fc 84 db 0f 85 66 ff ff ff e8 eb 84 da fc c6 05 19 50 b0 0b 01 90 48 c7 c7 e0 6a 15 8c e8 d7 8b 99 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 c8 84 da fc 0f b6 1d f4 4f b0 0b 31 [ 200.720194][ C3] RSP: 0018:ffffc900006f8d90 EFLAGS: 00010082 [ 200.720208][ C3] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817b01b8 [ 200.720219][ C3] RDX: ffff88804501c880 RSI: ffffffff817b01c5 RDI: 0000000000000001 [ 200.720230][ C3] RBP: ffff88802d23e998 R08: 0000000000000001 R09: 0000000000000000 [ 200.720240][ C3] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88802d23e998 [ 200.720251][ C3] R13: ffff888043e0bc00 R14: 0000000000000015 R15: 1ffff110044df00c [ 200.720270][ C3] ? __warn_printk+0x198/0x350 [ 200.720285][ C3] ? __warn_printk+0x1a5/0x350 [ 200.720305][ C3] p9_req_put+0x1ec/0x250 [ 200.720330][ C3] req_done+0x1dc/0x2e0 [ 200.720352][ C3] ? __pfx_req_done+0x10/0x10 [ 200.720375][ C3] ? __pfx_req_done+0x10/0x10 [ 200.720392][ C3] vring_interrupt+0x31e/0x400 [ 200.720410][ C3] ? __pfx_vring_interrupt+0x10/0x10 [ 200.720429][ C3] __handle_irq_event_percpu+0x229/0x7d0 [ 200.720461][ C3] handle_irq_event+0xab/0x1e0 [ 200.720484][ C3] handle_edge_irq+0x28e/0xab0 [ 200.720513][ C3] __common_interrupt+0xdf/0x250 [ 200.720535][ C3] common_interrupt+0xba/0xe0 [ 200.720556][ C3] [ 200.720561][ C3] [ 200.720569][ C3] asm_common_interrupt+0x26/0x40 [ 200.720582][ C3] RIP: 0010:smp_call_function_single+0x1fb/0x6b0 [ 200.720603][ C3] Code: 24 ce 00 00 00 48 89 de e8 82 fa ff ff 41 89 c5 0f 1f 44 00 00 e8 25 00 0c 00 eb 07 e8 1e 00 0c 00 f3 90 8b 9c 24 c8 00 00 00 <31> ff 83 e3 01 89 de e8 49 fb 0b 00 85 db 75 e2 e8 00 00 0c 00 e8 [ 200.720621][ C3] RSP: 0018:ffffc90004bf7800 EFLAGS: 00000293 [ 200.720634][ C3] RAX: 0000000000000000 RBX: 0000000000000011 RCX: ffffffff81aff917 [ 200.720645][ C3] RDX: ffff88804501c880 RSI: ffffffff81aff902 RDI: 0000000000000005 [ 200.720657][ C3] RBP: ffffc90004bf7960 R08: 0000000000000005 R09: 0000000000000000 [ 200.720669][ C3] R10: 0000000000000001 R11: 0000000000000001 R12: 1ffff9200097ef08 [ 200.720680][ C3] R13: 0000000000000000 R14: 0000000000000001 R15: dffffc0000000000 [ 200.720701][ C3] ? smp_call_function_single+0x207/0x6b0 [ 200.720725][ C3] ? smp_call_function_single+0x1f2/0x6b0 [ 200.720756][ C3] ? __lock_acquire+0xb8a/0x1c90 [ 200.720775][ C3] ? __pfx_rcu_barrier_handler+0x10/0x10 [ 200.720803][ C3] ? __pfx_smp_call_function_single+0x10/0x10 [ 200.720829][ C3] ? __pfx___mutex_lock+0x10/0x10 [ 200.720854][ C3] ? do_raw_spin_lock+0x12c/0x2b0 [ 200.720876][ C3] ? __pfx_rcu_barrier_handler+0x10/0x10 [ 200.720934][ C3] ? mark_held_locks+0x49/0x80 [ 200.720954][ C3] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 200.720979][ C3] rcu_barrier+0x28d/0x6e0 [ 200.721007][ C3] kvm_mmu_uninit_vm+0x5b/0x60 [ 200.721033][ C3] kvm_arch_destroy_vm+0x207/0x2f0 [ 200.721062][ C3] kvm_put_kvm+0x4f2/0xb40 [ 200.721085][ C3] ? __pfx_kvm_vm_release+0x10/0x10 [ 200.721103][ C3] kvm_vm_release+0x3c/0x50 [ 200.721120][ C3] __fput+0x402/0xb70 [ 200.721151][ C3] ? _raw_spin_unlock_irq+0x23/0x50 [ 200.721174][ C3] task_work_run+0x14d/0x240 [ 200.721197][ C3] ? __pfx_task_work_run+0x10/0x10 [ 200.721219][ C3] ? do_raw_spin_unlock+0x172/0x230 [ 200.721246][ C3] do_exit+0x86c/0x2bd0 [ 200.721262][ C3] ? __pfx___might_resched+0x10/0x10 [ 200.721291][ C3] ? __pfx_do_exit+0x10/0x10 [ 200.721307][ C3] ? do_raw_spin_lock+0x12c/0x2b0 [ 200.721328][ C3] ? find_held_lock+0x2b/0x80 [ 200.721356][ C3] do_group_exit+0xd3/0x2a0 [ 200.721376][ C3] get_signal+0x2673/0x26d0 [ 200.721403][ C3] ? find_held_lock+0x2b/0x80 [ 200.721427][ C3] ? kvm_dev_ioctl+0xd52/0x1ad0 [ 200.721448][ C3] ? __pfx_get_signal+0x10/0x10 [ 200.721472][ C3] ? _raw_spin_unlock+0x28/0x50 [ 200.721490][ C3] ? kvm_dev_ioctl+0x613/0x1ad0 [ 200.721515][ C3] arch_do_signal_or_restart+0x8f/0x7d0 [ 200.721537][ C3] ? hook_file_ioctl_common+0x145/0x410 [ 200.721563][ C3] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 200.721590][ C3] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 200.721620][ C3] ? selinux_file_ioctl+0xb4/0x270 [ 200.721652][ C3] exit_to_user_mode_loop+0x84/0x110 [ 200.721679][ C3] do_syscall_64+0x3f6/0x4c0 [ 200.721709][ C3] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.721730][ C3] RIP: 0033:0x7ffbe298e9a9 [ 200.721747][ C3] Code: Unable to access opcode bytes at 0x7ffbe298e97f. [ 200.721757][ C3] RSP: 002b:00007ffbe385d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 200.721778][ C3] RAX: fffffffffffffffc RBX: 00007ffbe2bb5fa0 RCX: 00007ffbe298e9a9 [ 200.721792][ C3] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 200.721805][ C3] RBP: 00007ffbe2a10d69 R08: 0000000000000000 R09: 0000000000000000 [ 200.721819][ C3] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 200.721832][ C3] R13: 0000000000000000 R14: 00007ffbe2bb5fa0 R15: 00007ffeedae6618 [ 200.721864][ C3] [ 200.736432][ C3] Kernel Offset: disabled VM DIAGNOSIS: 11:23:23 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffff88806a63fe20 RCX=ffffffff81afe47d RDX=ffff88801d352440 RSI=ffffffff81afe459 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc9000590f8a0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=dffffc0000000000 R13=0000000000000003 R14=ffffed100d4c7fc5 R15=ffff88806a43b580 RIP=ffffffff81afe45b RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d66f9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd38cb72760 CR3=000000000e382000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000ffffc000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2dac11d42 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2dac11d4f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2dac11d49 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2dac11d5d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2dac11de3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2dac11ec1 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000031647261632f 6972642f7665642f ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000012475142400c 4a51470c5546470c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000000000000 0000000000000000 00000000000000d0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffffea0000d4ee80 RCX=ffffffff81f6ae3f RDX=ffff888027cf8000 RSI=0000000000000000 RDI=0000000000000001 RBP=0000000000000018 RSP=ffffc900036577d0 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=ffffc90003657970 R13=dffffc0000000000 R14=ffffc900036579b0 R15=0000000000000000 RIP=ffffffff81bbf920 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d67f9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fb71ece7d60 CR3=000000000e382000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb71e1866a3 00007fb71e1866a3 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd77c8e7b0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555561e530da 0000555561e50560 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555561e44582 0000555561e442f0 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8200000000000000 07b74d5d78f5cdc0 704dd5525c960e98 4d59ac49416ea2b4 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 01018010007a8004 0100000408060601 5d8e208008007ae0 030010007ad00300 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 10007ac003021000 7ab0035010007990 0300000100001102 080006000a180803 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e8030100000a0806 03e0035f8a0000bc 4f00248592ee9b64 2d40820000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000007b74d5d78f5 cdc0704dd5525c96 0e984d59ac49416e a2b45f03b6f7afa2 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000001 RBX=0000000000000002 RCX=ffffffff81c3ca8f RDX=fffffbfff2152c2b RSI=0000000000000008 RDI=ffffffff90a96150 RBP=0000000000000000 RSP=ffffc9000583f4a0 R8 =0000000000000000 R9 =fffffbfff2152c2a R10=ffffffff90a96157 R11=0000000000000001 R12=000000000000003b R13=000000000000007b R14=0000000000000077 R15=0000000000000200 RIP=ffffffff81c3ca97 RFL=00000047 [---Z-PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d68f9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007feb853c80a0 CR3=000000003af0e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000c10 000000000000d3f0 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffffffffffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001da0 0000000000033260 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8560d865 RDI=ffffffff9b0e1160 RBP=ffffffff9b0e1120 RSP=ffffc900006f86f8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000030 R14=ffffffff9b0e1120 R15=ffffffff8560d800 RIP=ffffffff8560d88f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d69f9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=0000000034be5000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=000000007ffec400 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe72b70690 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f43f6811d17 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f43f6811d0f ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f43f6811d42 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f43f6811d4f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f43f6811d49 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f43f6811d5d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f43f6811de3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f43f6811ec1 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100007f234e0002 0000000000000000 0100007f224e0002 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000000000000 00000000000000fc 00007ffe7200346d 697376656474656e ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000