last executing test programs: 5.231673342s ago: executing program 2 (id=374): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00000039c0)=ANY=[@ANYBLOB="180000000300000000000000a012544f95002b000000000093adffa82255f674412d020000000000005ab527ee3697f1ed4436dd1164b1b3f427f6ba6b34f98125f30e631d273683626e00dc254d570d4a6b78a5833488cfe410090000004aa900003d3cd62f00158e6eee8501000000520a0000151d016e6cafbe9309aba218812868a51d129e78f6ae170bf5a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b000024b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e8b701d2d17ebc406e89dcbb7677e6528b0856e31eb9474c0106fc48e1f8c1a5f6945ac24cf609068f6ff21e88b3cfc22df01d51e242443618c02e0a428da651366e4bac9d97328fa2a82b5e8741e02056d933bedf59ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e148bf56497e5d56d06c7551b870b2851c3f0a1aab7158edeeccd92e3a88dc0f432187ce92d7b17a21c8f1b3369ebfcb4cb2946601b0f04edb256c604f068773f6db9d661bd7f0e2536f00000000000000005521458b7d1e341c6f864f983d745f5865aad41d29158ae7602a2d6cd415e8351ebc283df54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121a96eb373845255012e028cb2654d493afb4b35faae176f99b745eda2967199cc93685bb444f9bc50713061385537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d0007ae4e1e347c0cff28235a6bb7aa3804b907a8f2880c5cb1cb385e6add14652003c7cdd3324f07d1ff07000000000000000009dd872ec64fa6c718bbd1aa591140cff0be4c6f8df084c5e9734ae30aa9afdc7125f01ab03a9b1074407136b4506000f0916aada035df2e0452a9b39e73aeeb6eaf14652dda689e2051d9b7eb85f3f2d5ab2c51944da8d7391d5b6b97419a3b76600cd1aa0afe5f8f46df4c5124ca425d374b371867a79b31f3f514573f1e30d1fd2d763f3ee9210b15c1d60be2168fffcd599a2cb77f124e22f87673675805494db821f39b50d5fd8c6b2a3a324c257bc97def5f07f2b77f05a4f81a9cf8110971b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c4407eca22debc99335583b00013c3130978fa069af8223b38ced735c2d90c6d84c30a0d87d42647489b39601be5c27696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f240080000534187738655d7a6240412c8f283cc0c1eba2866dc9580000000000000007fffffffff554b82d9c162f3556076b80552d961ca74d1ffdaccf0ea5f02e0163a9ccb9087e6c3b3917bb74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb01f7ada800e50000000000fdaf2f7b3b79a433e08074ea2462974ab2cbd2190780fa39c43ea647eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433d866665b98ca2002c836e89feef904c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc8d0834fb8d124638fec58faeb4c16abb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a68d2bb2dd163e863314e8449801b52bb93f6c9084659ce777dda8563c859656a357770289a61faa95a82bf1cfb7f2f97252e9322abe282c3344fc6738b4467893b9bf0000000000000001062a35376413c29f7c6f7bde29b9f4bddd5e328661f4615e627a6f608ad53a4168fe8e5d7d934aa289b4bd2b870000000000000000000000000000fc4b4ff50000009b777883a02ffd92dfc4cb4114b9f9cf4ad155110cd3ace2b322ae31bfa27847c799c8869a1ea5018e525e6383ad7fd9795170e7b11e247603000000001459c7f606d721d3979676bffb3049166ab84ac1061991bd57c2566c10c296352a5105b6164e3f2491e4793e2b70590dcc71f110da96366c40dd44a2c9882d3aa0f8a797b8fea6efcfb5276b7679f15559cdaabf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5002adef9546abb7a2d9c085b189b5ff30e4e0c13f60870fde1f88d830b11002135e8e7262f29b6d7923bfbe0bd2a8be179e56b41ff3792cee2fc37eee739c3008ce740d8804f8e705f0dc59d000021363e8df94ff175b48dc8c12def681a11647946595445bf1cb7d2778cd27a6b3b2966b08be600000020a8a711d193bae0ab2db9ed9c6cb3c3de42ab89524414cae922141f7baf17ebb790ad60bd0387837e63f9880fd70259e35590afb4843cd4e9989398eaa89cefb3aa13cab8d015cbaf1561d95362decd73b8f8cbf8269cac091cfaaa3c7e46d6e79145fc0f1d1b383752ccb40515a772356d746914540216adf4c0f44f1cff3760afa252720ec6dad3a98671ecdaff46cddffb1f05a0c0976070d603a442d014822369fa3eacbb69bd1b0a074357acd5d02161fed146ad3aa15d2b8101b7bd1e091ada78ecd50181f4b35cae1b29aff91494c916323b61f815c4e0701657087ad11eef97952921365bc898ba2c76a9b6e0052f43b1ad2dfdf3f958fc1d32e692bc8846c78a956ada453c67c1c2cdc4f8b1c94e9adc106e85b31e030d955c5578e107a6e8ca0d4dd05344c3e2af25d9a3b0f7805624016aeab271a75f0bacb101a156ef8948064569154a7de08f80e4df4c339b69431b0a5671097d89212b465b0b32275deae10a77e334c9fc074d181bdeb5be80a6249d472e78e6be57a5ccd354cf181e099605a644ecade221a2be926210b2690d09e4b7a3dea25403397439979c27d5613262de10bacecfff2d58437f012df4252c018795310c25e8fce18ed366ac2caade564ca869727a7d63c26271e17d7aba48971835530311545273d3caadeb5d2017dc816126b6f2068f68a4111ddd587b5df4b5d8f1ce00231a2092eb2e797c491a1e66f73606fd95bb01b53a2d862b6262f0259da51ff7517ace7361460a4669a97f7d0bf095c2787f00bdbfee19670d1e0ec5e6c3cb09972fa4d94986157b96d6695177c99d83716651129320924352cda7b8ead91c3301af620c1e8d7004d29ad77f54836779600bb0b247139d429df96362db3ecfbd36fa8164fabdcf2e58b720e8e1c03a74daf593f92a8ecc03f8c8e3af9ae07dc03780cc0d69da9e3528c1693fb51998731992ceb27dcc0be5be4decefe41b78bc1847bf54b087e095172f06cfa6d4bf958b1d4544947ff1230655199db4f475006047fe83caca97758dffa53cee764f85932eb20d54241b2d515c0826dfe1f0f40ae920455a4548fb35e2a345c05b1c252b7877bb3d834b0b3579a36249146f832ef258df5127318c7017ac1a996c4f902f82deb60fd113ccf812d55ffd625057bd4ff3960992b85bc8d32edfca386be16b1c549aec52e31e1405f86c7760282901750b732ec06b0db735222a56f3ebb16fad3e9269495230cd88b0ea2e3affa196a2f0adf733bc6afd37a659ecc933d636c1b27d3a16c5ea25301f9b5789e4aa8e7228e3002f146aa5e575bb74b1ebb82147edf8161d362704377058e887c608be8719ea1b6c490f79e0832e2ddd7e217c7adddd4731e032d7eb35bdc38160c676d840e2e8be9033a686cf7061f5f55e2851736aa8c2f3bad8ac05c048e20d8c03b68008a70b8f80c93ebd2ababb5c65fe9abc4642d7b58d8c93efd7b6b39c68a16d75a7852dfc37a6a50cb28a9b6f685a465d08fc603d81d8ddd5296fae97be1401a8be7748a71fcdc85ba2049e96c4e6dce59b88cd5472726bc237fbcf3ffcbf32e2aac9b2f9d6013b59780ded723b08c767fa091e2fa4d51863500fcd5041bcc98a685504835743194113ea0b97b4f9ddc395b9ac4defefadd37a8871fd91f31a56eb96ecf90000000000000000000000000000000000000000000c447ea475c236c3b7f24079fe375f3f861fc54d9d8a04a6cb8c0dbf9e9cc53a84a5795ae5ebcbd825e3572df16fbdcd395e995fa4fcbbf31583d9e1d3ff537f401a3139200a8bd2122157887199cd54075a4d5b29935dda5c6aa0f3ac6895eb73c7abbd4603abdaa8629dedb2cab0fa80f9514ad310491a9a300015c18cdfd9342cff50d849d7516134d45d1a8cf157abe0c79de543993cf689f8a7113508fbf8a610417045e6c38a5d4ff4656dbd9656ad6ce625e1674ab57944ebb834743a248a2be304ba1e037cb63a169d340be8befc1b238aa26e24"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x7}, 0x48) r2 = socket$kcm(0x29, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r0, r1}) sendmsg$rds(r2, &(0x7f0000002940)={0x0, 0x0, &(0x7f0000002800)=[{&(0x7f0000002980)=""/4112, 0xfffffe09}], 0x1}, 0x0) write(r2, 0x0, 0x0) r3 = socket(0x2, 0x3, 0x0) sendmmsg$inet(r3, &(0x7f0000000600)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0x3}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)='`', 0x1}], 0x1}}, {{&(0x7f00000006c0)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)="ed", 0x1}], 0x1, &(0x7f0000000040)=[@ip_retopts={{0x20, 0x84, 0x8, {[@noop, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{}]}]}}}], 0x20}}], 0x2, 0x0) 5.083801615s ago: executing program 2 (id=375): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/custom1\x00', 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2) syz_emit_ethernet(0x5e, &(0x7f00000002c0)={@link_local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000500", 0x28, 0x3a, 0x0, @local, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @private0, @mcast1}}}}}}, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r3 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r2, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x0, 0x0, 0x0, {[@window={0x9, 0x3, 0x2}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) ioctl$vim2m_VIDIOC_QBUF(r1, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '|^b!'}, 0x0, 0x1, {0x0}}) ioctl$vim2m_VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000340)=@mmap={0x0, 0x2, 0x4, 0xffffff7f, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "186856f3"}}) mmap$binder(&(0x7f00000a0000)=nil, 0x0, 0x4, 0x11, r0, 0x0) 3.299289334s ago: executing program 1 (id=388): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000040)=@gcm_128={{0x303}, "0400", "0d07080d7f4fcf0000e8ffffff00", '\x00', "8657e2b7e43b34e4"}, 0x28) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r0, &(0x7f0000000640)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000600)={&(0x7f0000000800)=ANY=[@ANYBLOB="04020000", @ANYRES16=0x0, @ANYBLOB="10002abd7000fedbdf250d0000003000018008000100", @ANYRES32=0x0, @ANYBLOB="144002006e657470636930000000000000000000080003000200000008000100b952c91500cbaea3be2dbbe45cab63e52fedafe1895ef16d4387ee0458027d2b42c60c34e00f16e2d02816feeb7c755ce6780c7f0d84db76031a", @ANYRES32=0x0, @ANYBLOB="0c00018008000300020000004000018008000100", @ANYRES32=0x0, @ANYBLOB="14000200697036746e6c3000000000000000000008000100", @ANYRES32, @ANYBLOB="080003000300000008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="5c0001800800030002000000140002006272696467655f736c6176655f3100001400020076657468305f6d6163767461700000001400020068737230000000000000000000000000140002006272696467655f736c6176655f310000680001801400020074756e6c30000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000300010000001400020076657468315f746f5f626f6e6400000008000100", @ANYRES32=0x0, @ANYBLOB="080003000200000014000200726f73653000000000000000000000000800030001000000180001801400020073797a6b616c6c657230000000000000540001801400020076657468305f746f5f68737200000000140002007700616e310000000000000000000000140000000000001400026514fec8a09b96a800"/152, @ANYRES32, @ANYBLOB="0800030001020000040001802c0001801400020067656e657665300000000000000000001400020064766d72703000"/56], 0x204}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) 3.210608282s ago: executing program 1 (id=390): bpf$ENABLE_STATS(0x20, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0) listen(0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffe39) setsockopt$MRT6_TABLE(0xffffffffffffffff, 0x29, 0xcf, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x2c, r4, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @remote}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e20}]}, 0x2c}}, 0x0) sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x1c, r4, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x2}]}, 0x1c}}, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) syz_io_uring_submit(0x0, 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x1020002, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r5, &(0x7f00000021c0)={0x2020}, 0xfffffffffffffd72) 3.135694298s ago: executing program 3 (id=391): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e"]) chdir(&(0x7f0000000280)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_serviced\x00', 0x275a, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0406000000000000005872133b22b9441a168f2463fce7e35d03"], 0x1a) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r1, 0x107, 0x0, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r1, 0x107, 0x5, 0x0, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYBLOB="100000002500000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0xa, 0x95, &(0x7f0000000180)=""/149}, 0x90) memfd_create(0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) symlinkat(&(0x7f00000002c0)='./file0\x00', r2, &(0x7f0000000300)='./file0\x00') r3 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10) bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10) socket$nl_rdma(0x10, 0x3, 0x14) connect$inet(r3, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r3, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r0, 0x301, 0x0, 0x25dfdbfd, {0x24}}, 0x14}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_SET_DEST(r5, &(0x7f0000001280)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x4088}, 0xc, &(0x7f0000001240)={&(0x7f00000012c0)=ANY=[@ANYBLOB="84000000", @ANYRES16=0x0, @ANYBLOB="10002bbd7000fcdbdf25060000006b050180060004004e24000008000500000000005c0001800c0007000400000004000000080006006f766600080009000a000000060002006c00000008000b007369700008000500020000000c00070004000000030000000800050001000000080009007700000008000b007369700022f7c83cd12e163701de9ccc7c0556ee4366ff8199188e90d164b7b2ccc26aefc2f3410adf8ee5ab32eb9975bf6508dd7814313cf34fef07758aff80cd0961304b56f2f17b0b82"], 0x84}}, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8) 2.838958716s ago: executing program 0 (id=392): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/4\x00') preadv(r2, &(0x7f0000001240)=[{&(0x7f0000000040)=""/18, 0x12}], 0x1, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000000000)=0x9, 0x4) io_setup(0x7, &(0x7f0000000280)=0x0) r4 = openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/power/wakeup_count', 0x42, 0x0) io_submit(r3, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0xfffffc98}]) r5 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xf}]}, @NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPIRATION={0xc}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xcc}}, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x13, r7, 0x0) r8 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r8, &(0x7f0000000040), 0x1c) ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x6, 0x74, 0x0, 0x9, 0x15, 0x10, "b9894f9ddb05d11c0683f7abc15489d9ad05777a77eb65eb52b930442ac52dcf00198965380164231d7e98994bea6ff3a0b65c68d3669d863afbaa16183580a2", "13ee0776de460c76e68260f89ba9b564b1d0138632899219e598885a38892bc71f75b54b522532914485b0fdd4a62804dbfa38d4895ff410641de7de0f3b7cfa", "8047e69cf74c5ed6a6d4349f048d741733b0d034a3c2464e9d517ac8ef64854e", [0x3, 0x8]}) sendto$inet6(r8, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0) lseek(r5, 0x7ffffc, 0x0) r9 = open(&(0x7f0000007f80)='./bus\x00', 0x143042, 0x0) ftruncate(r9, 0x2007ffb) fallocate(r0, 0x100000003, 0x80f50f, 0x28120001) r10 = open(&(0x7f0000007f80)='./bus\x00', 0x145142, 0x0) unshare(0x44020500) ftruncate(r10, 0x2007ffb) 2.600788235s ago: executing program 0 (id=393): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0) syz_io_uring_setup(0x7dca, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100)) syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040), &(0x7f0000000240)) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) 2.438846555s ago: executing program 3 (id=394): r0 = syz_open_dev$media(&(0x7f0000000080), 0x1, 0x0) ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, &(0x7f00000006c0)=0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240), 0x0, 0xc1, &(0x7f0000000280)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000002c0), &(0x7f0000000300), 0x8, 0xd7, 0x8, 0x8, &(0x7f0000000340)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYRES16=r4, @ANYRES8, @ANYRES64=r0, @ANYRESOCT=r3, @ANYRES32=r1, @ANYRES8=r3], &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r4, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r8, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=ANY=[@ANYRESDEC=r6, @ANYRES16=r9, @ANYBLOB="0500000000000000000006000000080003da57ca8edba4f25084c27cd100", @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r7], 0x24}, 0x1, 0x0, 0x0, 0x24000000}, 0x0) sendmsg$NL80211_CMD_CONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x20, r9, 0x5, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_USE_RRM={0x4}]}, 0x20}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00'}) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000780)={0x18, r7, 0x400, 0x40000, 0x2, {{}, {@void, @void}}, [@NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x48804}, 0x8014) r11 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r11, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) write(r11, &(0x7f0000000080)="09000300010001", 0x7) sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x2c, 0x39, 0x9, 0x0, 0x0, {0x1}, [@typed={0x4}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x0, 0x0, 0x0, @str='\x05G'}]}, @generic, @nested={0x8, 0x9, 0x0, 0x1, [@typed={0x4}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) r12 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r12, 0x1, r1, &(0x7f0000000700)={0x1a}) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r13, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="30006808b9592a72499e0d60777f60bff5a4fe9d766739d3bdd68b4d05c2ce350a"]) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="a8"], 0xa8) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) unshare(0x22020000) unshare(0x40020000) 2.340455683s ago: executing program 1 (id=395): r0 = fsopen(&(0x7f0000000380)='virtiofs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, 0x0, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x29, &(0x7f0000000000)={&(0x7f0000000180)={{0x14, 0x10, 0x9000, 0x6}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x605, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x14}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x64}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000039c0)=ANY=[@ANYBLOB="e01400000d0a010e0000000000000000010000000900010073797a30000000000900020073797a32"], 0x14e0}}, 0x0) ioctl$CDROM_LAST_WRITTEN(0xffffffffffffffff, 0x5395, &(0x7f0000000300)) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) write$cgroup_subtree(r5, &(0x7f0000000100)=ANY=[@ANYBLOB='-0'], 0x9) r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r6, 0xaf01, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) fanotify_init(0x10, 0x8000) socket(0x0, 0x0, 0x7) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000200000006110600000000000c6000000000000009500000000000000"], &(0x7f0000000180)='GPL\x00', 0x3f8, 0xc6, &(0x7f0000000400)=""/198, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0xb}, 0x10}, 0x90) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r7, 0x0, 0x0) r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r8, &(0x7f0000001080)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10) recvmmsg(r8, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000200)=""/225, 0xe1}], 0x1}}], 0x1, 0x0, 0x0) sendfile(r8, r7, 0x0, 0xffefffff) 2.141177555s ago: executing program 3 (id=396): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x25}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_USERDATA={0x4}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xc4}}, 0x0) (fail_nth: 14) 2.080358199s ago: executing program 1 (id=397): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@mpls_delroute={0x28, 0x19, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_MULTIPATH={0xc}]}, 0x28}}, 0x0) socket$alg(0x26, 0x5, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00'}) mkdir(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mknod$loop(0x0, 0x0, 0x1) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000005c0)={'batadv0\x00', 0x10}) mount(&(0x7f0000000340)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000280)='./file0\x00', 0x0, 0x1018000, &(0x7f0000000240)='b\xb1Fs\t\xb5\xda\xec,\xdb\xe0\xb0\xe0\xe8*\xd4\x00\x00\x00\x00\x00\x00\x00\x00F*\x0f\xdd\xe3\rb\xf9,\x196\xb2\x92\x9d\x94\xd4\x96\xbc9))\xef\xdeW\x86\xf4\xd8(\x13\x81') sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000880)=ANY=[], &(0x7f0000000080)=""/227, 0x3e, 0xe3, 0x1}, 0x20) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1}, 0x48) move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0) socket$caif_seqpacket(0x25, 0x5, 0x0) syz_io_uring_setup(0x5169, &(0x7f0000000400)={0x0, 0x0, 0x4, 0xfffffffe, 0x1b8}, &(0x7f0000000100), &(0x7f0000000680)) syz_init_net_socket$nfc_raw(0x27, 0x0, 0x0) syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mlock2(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x0) r3 = io_uring_setup(0x74cb, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) socket$inet_udplite(0x2, 0x2, 0x88) openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 2.080040278s ago: executing program 3 (id=398): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000040)=@gcm_128={{0x303}, "0400", "0d07080d7f4fcf0000e8ffffff00", '\x00', "8657e2b7e43b34e4"}, 0x28) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r0, &(0x7f0000000640)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000600)={&(0x7f0000000800)=ANY=[@ANYBLOB="04020000", @ANYRES16=0x0, @ANYBLOB="10002abd7000fedbdf250d0000003000018008000100", @ANYRES32=0x0, @ANYBLOB="144002006e657470636930000000000000000000080003000200000008000100b952c91500cbaea3be2dbbe45cab63e52fedafe1895ef16d4387ee0458027d2b42c60c34e00f16e2d02816feeb7c755ce6780c7f0d84db76031a", @ANYRES32=0x0, @ANYBLOB="0c00018008000300020000004000018008000100", @ANYRES32=0x0, @ANYBLOB="14000200697036746e6c3000000000000000000008000100", @ANYRES32, @ANYBLOB="080003000300000008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="5c0001800800030002000000140002006272696467655f736c6176655f3100001400020076657468305f6d6163767461700000001400020068737230000000000000000000000000140002006272696467655f736c6176655f310000680001801400020074756e6c30000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000300010000001400020076657468315f746f5f626f6e6400000008000100", @ANYRES32=0x0, @ANYBLOB="080003000200000014000200726f73653000000000000000000000000800030001000000180001801400020073797a6b616c6c657230000000000000540001801400020076657468305f746f5f68737200000000140002007700616e310000000000000000000000140000000000001400026514fec8a09b96a800"/152, @ANYRES32, @ANYBLOB="0800030001020000040001802c0001801400020067656e657665300000000000000000001400020064766d72703000"/56], 0x204}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) 2.079698637s ago: executing program 3 (id=399): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0xf0ffffffffffff, 0x0, 0x40010005}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x0, 0x13, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000080018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000001800000000000000000000000000000018000000000000000000000000000000bf91000000000000b7020000010000008500000000000000b7000000000000009500000000000000"], 0x0}, 0x90) syz_emit_ethernet(0x8a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaac4bc9cac968686dd6000000000541100fe8000000000000000000000000000aafe8000000000"], 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r5, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_int(r5, 0x0, 0x2a, &(0x7f00000000c0)=0x1, 0x4) sendto$inet(r5, 0x0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r5, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=""/131, 0x83}}], 0x400000000000205, 0x40002041, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000400)='net/mcfilter6\x00') r7 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSW(r7, 0x5403, &(0x7f0000000100)={0x0, 0x0, 0x40, 0xfffefffb, 0xd, "da6cd1122d1d837f65d3fe6ba6439cddec04ed"}) lseek(r6, 0x8, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) 1.996823778s ago: executing program 2 (id=400): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0) r5 = dup(r4) r6 = syz_io_uring_setup(0x7dca, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100)=0x0) syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040)=0x0, &(0x7f0000000240)) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) syz_io_uring_submit(r8, r7, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd=r5, 0x0, 0x0}) io_uring_enter(r6, 0x184c, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000002c0)={'wlan0\x00'}) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) geteuid() r9 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r9, 0xc0d05605, &(0x7f0000000cc0)={0x0, @pix={0x0, 0x0, 0x4f565559}}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, 0x0) syz_emit_ethernet(0x7a, &(0x7f0000000380)={@empty, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "7f00ef", 0x44, 0x2c, 0x0, @remote, @mcast2, {[@hopopts={0x67, 0x5, '\x00', [@calipso={0x7, 0x18, {0x0, 0x4, 0x0, 0x0, [0x8001, 0x0]}}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x8000}]}], {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) 1.718804695s ago: executing program 0 (id=401): ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x3) ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x541a, &(0x7f0000000a80)) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/attr/current\x00', 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000200)=ANY=[@ANYRES8, @ANYRES16, @ANYRESHEX=r0, @ANYRESHEX=r0], 0x0) r1 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) add_key(&(0x7f0000000340)='dns_resolver\x00', &(0x7f0000000540)={'syz', 0x1}, &(0x7f0000000580)="fb9c", 0xfffff, r1) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYRES32=r0], 0x1a) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f00000000c0)=0x2, 0x4) open(&(0x7f00000002c0)='./file0\x00', 0x1451c2, 0x0) acct(&(0x7f00000001c0)='./file0\x00') r3 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_READ_FIXED={0x4, 0x8, 0x2004, @fd_index=0x3, 0x54b1, 0x4, 0x0, 0x6, 0x1, {0x3, r6}}) io_uring_enter(r3, 0x567, 0x0, 0x0, 0x0, 0x0) openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, 0xffffffffffffffff, 0x0) r7 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mount$cgroup(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x80, &(0x7f0000000480)={[{@noprefix}, {@noprefix}, {@name}, {@cpuset_v2_mode}, {@none}, {@name={'name', 0x3d, '\x00'}}, {@none}], [{@subj_role={'subj_role', 0x3d, ':!$'}}, {@smackfsdef}, {@subj_user={'subj_user', 0x3d, '*'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@flag='ro'}, {@appraise_type}, {@smackfshat={'smackfshat', 0x3d, 'blkio.bfq.io_service_time_recursive\x00'}}]}) ioctl$CDROMREADMODE1(r7, 0x530d, &(0x7f0000001bc0)={0x0, 0x2}) socket$inet_dccp(0x2, 0x6, 0x0) r8 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDENABIO(r8, 0x4b36) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 1.142432731s ago: executing program 0 (id=402): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff) openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) fcntl$dupfd(r0, 0x0, r0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000080)={0x3ff}, 0x0, 0x0) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_netfilter(0x10, 0x3, 0xc) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x2, &(0x7f0000000000)=@raw=[@call={0x85, 0x0, 0x0, 0x75}, @exit={0x95, 0x0, 0x9fff}], &(0x7f0000000080)='syzkaller\x00'}, 0x80) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@enum={0x2, 0x0, 0x0, 0xf}]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x28}, 0x20) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x4, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, r4, 0x0, 0x1}, 0x48) close_range(r3, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={0x0}) ioctl$IOMMU_VFIO_GET_API_VERSION(r1, 0x3b64) 689.192168ms ago: executing program 3 (id=403): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff) openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) fcntl$dupfd(r0, 0x0, r0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000080)={0x3ff}, 0x0, 0x0) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_netfilter(0x10, 0x3, 0xc) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x2, &(0x7f0000000000)=@raw=[@call={0x85, 0x0, 0x0, 0x75}, @exit={0x95, 0x0, 0x9fff}], &(0x7f0000000080)='syzkaller\x00'}, 0x80) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@enum={0x2, 0x0, 0x0, 0xf}]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x28}, 0x20) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x4, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, r4, 0x0, 0x1}, 0x48) close_range(r3, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={0x0}) ioctl$IOMMU_VFIO_GET_API_VERSION(r1, 0x3b64) 261.734568ms ago: executing program 1 (id=404): r0 = syz_open_dev$media(&(0x7f0000000080), 0x1, 0x0) ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, &(0x7f00000006c0)=0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240), 0x0, 0xc1, &(0x7f0000000280)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000002c0), &(0x7f0000000300), 0x8, 0xd7, 0x8, 0x8, &(0x7f0000000340)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYRES16=r4, @ANYRES8, @ANYRES64=r0, @ANYRESOCT=r3, @ANYRES32=r1, @ANYRES8=r3], &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r4, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r8, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=ANY=[@ANYRESDEC=r6, @ANYRES16=r9, @ANYBLOB="0500000000000000000006000000080003da57ca8edba4f25084c27cd100", @ANYRESOCT, @ANYRESDEC, @ANYRESHEX=r7], 0x24}, 0x1, 0x0, 0x0, 0x24000000}, 0x0) sendmsg$NL80211_CMD_CONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x20, r9, 0x5, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_USE_RRM={0x4}]}, 0x20}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00'}) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000780)={0x18, r7, 0x400, 0x40000, 0x2, {{}, {@void, @void}}, [@NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x48804}, 0x8014) r11 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r11, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) write(r11, &(0x7f0000000080)="09000300010001", 0x7) sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x2c, 0x39, 0x9, 0x0, 0x0, {0x1}, [@typed={0x4}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x0, 0x0, 0x0, @str='\x05G'}]}, @generic, @nested={0x8, 0x9, 0x0, 0x1, [@typed={0x4}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) r12 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r12, 0x1, r1, &(0x7f0000000700)={0x1a}) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r13, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="30006808b9592a72499e0d60777f60bff5a4fe9d766739d3bdd68b4d05c2ce350a"]) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="a8"], 0xa8) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) unshare(0x22020000) unshare(0x40020000) 241.550084ms ago: executing program 2 (id=405): r0 = fsopen(&(0x7f0000000380)='virtiofs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, 0x0, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x29, &(0x7f0000000000)={&(0x7f0000000180)={{0x14, 0x10, 0x9000, 0x6}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x605, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x14}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x64}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000039c0)=ANY=[@ANYBLOB="e01400000d0a010e0000000000000000010000000900010073797a30000000000900020073797a32"], 0x14e0}}, 0x0) ioctl$CDROM_LAST_WRITTEN(0xffffffffffffffff, 0x5395, &(0x7f0000000300)) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) write$cgroup_subtree(r5, &(0x7f0000000100)=ANY=[@ANYBLOB='-0'], 0x9) r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r6, 0xaf01, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) fanotify_init(0x10, 0x8000) socket(0x0, 0x0, 0x7) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000200000006110600000000000c6000000000000009500000000000000"], &(0x7f0000000180)='GPL\x00', 0x3f8, 0xc6, &(0x7f0000000400)=""/198, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0xb}, 0x10}, 0x90) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r7, 0x0, 0x0) r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r8, &(0x7f0000001080)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10) recvmmsg(r8, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000200)=""/225, 0xe1}], 0x1}}], 0x1, 0x0, 0x0) sendfile(r8, r7, 0x0, 0xffefffff) 178.70609ms ago: executing program 0 (id=406): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x3) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000a80)) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/attr/current\x00', 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000200)=ANY=[@ANYRES8, @ANYRES16=r0, @ANYRESHEX=r1, @ANYRESHEX=r1], 0x0) r2 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) add_key(&(0x7f0000000340)='dns_resolver\x00', &(0x7f0000000540)={'syz', 0x1}, &(0x7f0000000580)="fb9c", 0xfffff, r2) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYRES32=r1], 0x1a) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r3, 0x107, 0x14, &(0x7f00000000c0)=0x2, 0x4) open(&(0x7f00000002c0)='./file0\x00', 0x1451c2, 0x0) acct(&(0x7f00000001c0)='./file0\x00') r4 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_READ_FIXED={0x4, 0x8, 0x2004, @fd_index=0x3, 0x54b1, 0x4, 0x0, 0x6, 0x1, {0x3, r7}}) io_uring_enter(r4, 0x567, 0x0, 0x0, 0x0, 0x0) openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, 0xffffffffffffffff, 0x0) r8 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mount$cgroup(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x80, &(0x7f0000000480)={[{@noprefix}, {@noprefix}, {@name}, {@cpuset_v2_mode}, {@none}, {@name={'name', 0x3d, '\x00'}}, {@none}], [{@subj_role={'subj_role', 0x3d, ':!$'}}, {@smackfsdef}, {@subj_user={'subj_user', 0x3d, '*'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@flag='ro'}, {@appraise_type}, {@smackfshat={'smackfshat', 0x3d, 'blkio.bfq.io_service_time_recursive\x00'}}]}) ioctl$CDROMREADMODE1(r8, 0x530d, &(0x7f0000001bc0)={0x0, 0x2}) socket$inet_dccp(0x2, 0x6, 0x0) r9 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDENABIO(r9, 0x4b36) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_init_net_socket$llc(0x1a, 0x801, 0x0) 110.398622ms ago: executing program 2 (id=407): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000040)=@gcm_128={{0x303}, "0400", "0d07080d7f4fcf0000e8ffffff00", '\x00', "8657e2b7e43b34e4"}, 0x28) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r0, &(0x7f0000000640)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000600)={&(0x7f0000000800)=ANY=[@ANYBLOB="04020000", @ANYRES16=0x0, @ANYBLOB="10002abd7000fedbdf250d0000003000018008000100", @ANYRES32=0x0, @ANYBLOB="144002006e657470636930000000000000000000080003000200000008000100b952c91500cbaea3be2dbbe45cab63e52fedafe1895ef16d4387ee0458027d2b42c60c34e00f16e2d02816feeb7c755ce6780c7f0d84db76031a", @ANYRES32=0x0, @ANYBLOB="0c00018008000300020000004000018008000100", @ANYRES32=0x0, @ANYBLOB="14000200697036746e6c3000000000000000000008000100", @ANYRES32, @ANYBLOB="080003000300000008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="5c0001800800030002000000140002006272696467655f736c6176655f3100001400020076657468305f6d6163767461700000001400020068737230000000000000000000000000140002006272696467655f736c6176655f310000680001801400020074756e6c30000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000300010000001400020076657468315f746f5f626f6e6400000008000100", @ANYRES32=0x0, @ANYBLOB="080003000200000014000200726f73653000000000000000000000000800030001000000180001801400020073797a6b616c6c657230000000000000540001801400020076657468305f746f5f68737200000000140002007700616e310000000000000000000000140000000000001400026514fec8a09b96a800"/152, @ANYRES32, @ANYBLOB="0800030001020000040001802c0001801400020067656e657665300000000000000000001400020064766d72703000"/56], 0x204}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) 109.847111ms ago: executing program 1 (id=408): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x3) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r3 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) syz_usb_connect$hid(0x0, 0x0, 0x0, &(0x7f0000000400)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x0, 0xc4}, 0x15, 0x0}) socket$nl_route(0x10, 0x3, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043e1f1b"], 0x22) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) fchdir(r4) close(r4) r5 = socket$unix(0x1, 0x2, 0x0) bind$unix(r5, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r6 = fanotify_init(0x200, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.kill\x00', 0x275a, 0x0) fanotify_mark(r6, 0x101, 0x8001043, r7, 0x0) r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) fanotify_mark(r6, 0x1, 0x12, r8, &(0x7f0000000040)='./file0\x00') fanotify_mark(r6, 0x1, 0x800003e, r8, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000340)=@IORING_OP_FALLOCATE={0x11, 0x50, 0x0, @fd=r3, 0x3, 0x0, 0x47b95f07}) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) setuid(0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8) syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="04350600b58e0000000000"], 0x9) 40.340696ms ago: executing program 2 (id=409): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000001c0)={'vlan0\x00', 0x1000}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)) mkdir(&(0x7f0000000100)='./control\x00', 0xa0) mount$afs(&(0x7f0000000040)=@cell={0x25, 'syz0:', 'syz0', '.readonly'}, &(0x7f00000000c0)='./control\x00', &(0x7f0000000000), 0x200000, 0x0) 0s ago: executing program 0 (id=410): r0 = fsopen(&(0x7f0000000380)='virtiofs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a300000000014000000110001"], 0x50}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x29, &(0x7f0000000000)={&(0x7f0000000180)={{0x14, 0x10, 0x9000, 0x6}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x605, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x14}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x64}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000039c0)=ANY=[@ANYBLOB="e01400000d0a010e0000000000000000010000000900010073797a30000000000900020073797a32"], 0x14e0}}, 0x0) ioctl$CDROM_LAST_WRITTEN(0xffffffffffffffff, 0x5395, &(0x7f0000000300)) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) write$cgroup_subtree(r5, &(0x7f0000000100)=ANY=[@ANYBLOB='-0'], 0x9) r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r6, 0xaf01, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) fanotify_init(0x10, 0x8000) socket(0x0, 0x0, 0x7) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000200000006110600000000000c6000000000000009500000000000000"], &(0x7f0000000180)='GPL\x00', 0x3f8, 0xc6, &(0x7f0000000400)=""/198, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0xb}, 0x10}, 0x90) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r7, 0x0, 0x0) r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r8, &(0x7f0000001080)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10) recvmmsg(r8, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000200)=""/225, 0xe1}], 0x1}}], 0x1, 0x0, 0x0) sendfile(r8, r7, 0x0, 0xffefffff) kernel console output (not intermixed with test programs): [ 45.224469][ T39] audit: type=1400 audit(1722473123.596:81): avc: denied { rlimitinh } for pid=5249 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 45.232518][ T39] audit: type=1400 audit(1722473123.596:82): avc: denied { siginh } for pid=5249 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 45.665076][ T39] audit: type=1400 audit(1722473124.056:83): avc: denied { read } for pid=4804 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 45.672342][ T39] audit: type=1400 audit(1722473124.056:84): avc: denied { append } for pid=4804 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 45.679886][ T39] audit: type=1400 audit(1722473124.056:85): avc: denied { open } for pid=4804 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 45.687719][ T39] audit: type=1400 audit(1722473124.056:86): avc: denied { getattr } for pid=4804 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Warning: Permanently added '[localhost]:56923' (ED25519) to the list of known hosts. [ 46.980567][ T39] audit: type=1400 audit(1722473125.376:87): avc: denied { name_bind } for pid=5259 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 49.298308][ T5270] cgroup: Unknown subsys name 'net' [ 49.558779][ T5270] cgroup: Unknown subsys name 'rlimit' [ 49.771219][ T5326] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 50.719257][ T5270] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 55.315621][ T39] kauditd_printk_skb: 17 callbacks suppressed [ 55.315636][ T39] audit: type=1400 audit(1722473133.706:105): avc: denied { execmem } for pid=5333 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 55.984966][ T39] audit: type=1400 audit(1722473134.376:106): avc: denied { mounton } for pid=5337 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 55.996611][ T39] audit: type=1400 audit(1722473134.376:107): avc: denied { mount } for pid=5337 comm="syz-executor" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 56.003537][ T39] audit: type=1400 audit(1722473134.376:108): avc: denied { create } for pid=5337 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 56.010691][ T39] audit: type=1400 audit(1722473134.376:109): avc: denied { read write } for pid=5337 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 56.029643][ T39] audit: type=1400 audit(1722473134.386:110): avc: denied { open } for pid=5337 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 56.039201][ T39] audit: type=1400 audit(1722473134.386:111): avc: denied { ioctl } for pid=5337 comm="syz-executor" path="socket:[4907]" dev="sockfs" ino=4907 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 56.044496][ T5339] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 56.052311][ T5339] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 56.054929][ T5339] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 56.058113][ T5339] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 56.062370][ T5348] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 56.065219][ T5342] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 56.066824][ T5348] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 56.069567][ T5342] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 56.072367][ T5348] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 56.074721][ T5342] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 56.077934][ T5348] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 56.080780][ T5342] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 56.082751][ T5349] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 56.083433][ T5348] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 56.083718][ T5348] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 56.086259][ T5342] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 56.093883][ T5339] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 56.094545][ T5342] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 56.096073][ T5353] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 56.096308][ T39] audit: type=1400 audit(1722473134.486:112): avc: denied { read } for pid=5350 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 56.096355][ T39] audit: type=1400 audit(1722473134.486:113): avc: denied { open } for pid=5350 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 56.096395][ T39] audit: type=1400 audit(1722473134.486:114): avc: denied { mounton } for pid=5350 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 56.097420][ T5353] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 56.100696][ T66] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 56.103571][ T5353] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 56.141864][ T5353] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 56.145002][ T5353] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 56.365700][ T5338] chnl_net:caif_netlink_parms(): no params data found [ 56.544919][ T5350] chnl_net:caif_netlink_parms(): no params data found [ 56.623666][ T5337] chnl_net:caif_netlink_parms(): no params data found [ 56.686981][ T5338] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.690721][ T5338] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.694006][ T5338] bridge_slave_0: entered allmulticast mode [ 56.700100][ T5338] bridge_slave_0: entered promiscuous mode [ 56.759773][ T5338] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.762846][ T5338] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.765929][ T5338] bridge_slave_1: entered allmulticast mode [ 56.770123][ T5338] bridge_slave_1: entered promiscuous mode [ 56.773777][ T5346] chnl_net:caif_netlink_parms(): no params data found [ 56.895015][ T5350] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.897892][ T5350] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.900985][ T5350] bridge_slave_0: entered allmulticast mode [ 56.904948][ T5350] bridge_slave_0: entered promiscuous mode [ 56.910779][ T5350] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.914032][ T5350] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.918000][ T5350] bridge_slave_1: entered allmulticast mode [ 56.921977][ T5350] bridge_slave_1: entered promiscuous mode [ 56.928628][ T5338] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.003137][ T5338] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.054467][ T5350] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.137636][ T5350] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.145358][ T5338] team0: Port device team_slave_0 added [ 57.151172][ T5338] team0: Port device team_slave_1 added [ 57.159955][ T5337] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.162700][ T5337] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.165159][ T5337] bridge_slave_0: entered allmulticast mode [ 57.169063][ T5337] bridge_slave_0: entered promiscuous mode [ 57.287602][ T5337] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.290716][ T5337] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.293881][ T5337] bridge_slave_1: entered allmulticast mode [ 57.297618][ T5337] bridge_slave_1: entered promiscuous mode [ 57.321103][ T5338] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.323472][ T5338] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.333867][ T5338] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.341335][ T5346] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.344646][ T5346] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.348183][ T5346] bridge_slave_0: entered allmulticast mode [ 57.351644][ T5346] bridge_slave_0: entered promiscuous mode [ 57.373737][ T5350] team0: Port device team_slave_0 added [ 57.386286][ T5338] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.388741][ T5338] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.397831][ T5338] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.402697][ T5346] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.405371][ T5346] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.408431][ T5346] bridge_slave_1: entered allmulticast mode [ 57.412141][ T5346] bridge_slave_1: entered promiscuous mode [ 57.438814][ T5350] team0: Port device team_slave_1 added [ 57.498212][ T5337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.548518][ T5350] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.551532][ T5350] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.562413][ T5350] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.568813][ T5350] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.571708][ T5350] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.583514][ T5350] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.591171][ T5346] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.597418][ T5337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.656322][ T5346] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.684951][ T5337] team0: Port device team_slave_0 added [ 57.760330][ T5337] team0: Port device team_slave_1 added [ 57.766022][ T5346] team0: Port device team_slave_0 added [ 57.827203][ T5338] hsr_slave_0: entered promiscuous mode [ 57.830109][ T5338] hsr_slave_1: entered promiscuous mode [ 57.884132][ T5346] team0: Port device team_slave_1 added [ 57.891525][ T5350] hsr_slave_0: entered promiscuous mode [ 57.895094][ T5350] hsr_slave_1: entered promiscuous mode [ 57.898699][ T5350] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.901700][ T5350] Cannot create hsr debugfs directory [ 57.906343][ T5337] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.911535][ T5337] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.921967][ T5337] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.966698][ T5337] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.970080][ T5337] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.980314][ T5337] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.033727][ T5346] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.036157][ T5346] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.047180][ T5346] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.055842][ T5346] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.058853][ T5346] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.068873][ T5346] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.128195][ T5353] Bluetooth: hci0: command tx timeout [ 58.128338][ T5342] Bluetooth: hci3: command tx timeout [ 58.131213][ T5344] Bluetooth: hci1: command tx timeout [ 58.217549][ T5344] Bluetooth: hci2: command tx timeout [ 58.221374][ T5337] hsr_slave_0: entered promiscuous mode [ 58.224782][ T5337] hsr_slave_1: entered promiscuous mode [ 58.227483][ T5337] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.230800][ T5337] Cannot create hsr debugfs directory [ 58.301128][ T5346] hsr_slave_0: entered promiscuous mode [ 58.304649][ T5346] hsr_slave_1: entered promiscuous mode [ 58.310342][ T5346] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.313600][ T5346] Cannot create hsr debugfs directory [ 58.778050][ T5350] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 58.786719][ T5350] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 58.792138][ T5350] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 58.799262][ T5350] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 58.846954][ T5338] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 58.853571][ T5338] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 58.861464][ T5338] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 58.870056][ T5338] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 58.935239][ T5346] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 58.944340][ T5346] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 58.956241][ T5346] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 58.964419][ T5346] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 59.048404][ T5337] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 59.055049][ T5337] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 59.061960][ T5337] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 59.081447][ T5337] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 59.104262][ T5350] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.161054][ T5350] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.200402][ T832] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.203763][ T832] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.221354][ T5346] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.243660][ T831] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.247778][ T831] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.298153][ T5338] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.312475][ T5346] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.332023][ T832] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.334897][ T832] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.338940][ T832] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.341956][ T832] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.359750][ T5338] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.381491][ T5337] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.389747][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.392750][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.399551][ T5350] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 59.436654][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.439950][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.452707][ T5337] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.473214][ T831] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.476614][ T831] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.496972][ T5379] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.499962][ T5379] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.579693][ T5350] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.642081][ T5346] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.662221][ T5350] veth0_vlan: entered promiscuous mode [ 59.680604][ T5350] veth1_vlan: entered promiscuous mode [ 59.721141][ T5346] veth0_vlan: entered promiscuous mode [ 59.737065][ T5346] veth1_vlan: entered promiscuous mode [ 59.758300][ T5350] veth0_macvtap: entered promiscuous mode [ 59.768360][ T5350] veth1_macvtap: entered promiscuous mode [ 59.776169][ T5338] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.806374][ T5337] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.825493][ T5346] veth0_macvtap: entered promiscuous mode [ 59.834987][ T5350] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.846094][ T5346] veth1_macvtap: entered promiscuous mode [ 59.862861][ T5350] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.881105][ T5350] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.885615][ T5350] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.889975][ T5350] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.892969][ T5350] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.929672][ T5338] veth0_vlan: entered promiscuous mode [ 59.940031][ T5338] veth1_vlan: entered promiscuous mode [ 59.951146][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.955937][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.963072][ T5346] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.022725][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.028674][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.034842][ T5346] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.044227][ T5338] veth0_macvtap: entered promiscuous mode [ 60.061284][ T5338] veth1_macvtap: entered promiscuous mode [ 60.071356][ T5346] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.075094][ T5346] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.079422][ T5346] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.083142][ T5346] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.097567][ T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.104254][ T5337] veth0_vlan: entered promiscuous mode [ 60.105116][ T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.116181][ T5337] veth1_vlan: entered promiscuous mode [ 60.120788][ T5338] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.125315][ T5338] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.129943][ T5338] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.134470][ T5338] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.142107][ T5338] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.170219][ T1138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.170699][ T5338] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.173377][ T1138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.180444][ T5338] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.184515][ T5338] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.189095][ T5338] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.194531][ T5338] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.207234][ T5344] Bluetooth: hci3: command tx timeout [ 60.209141][ T5342] Bluetooth: hci1: command tx timeout [ 60.209535][ T5353] Bluetooth: hci0: command tx timeout [ 60.216135][ T5338] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.219947][ T5338] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.223691][ T5338] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.227128][ T5338] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.272085][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.276057][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.287910][ T5353] Bluetooth: hci2: command tx timeout [ 60.288773][ T5337] veth0_macvtap: entered promiscuous mode [ 60.318668][ T5337] veth1_macvtap: entered promiscuous mode [ 60.318919][ T39] kauditd_printk_skb: 13 callbacks suppressed [ 60.318933][ T39] audit: type=1400 audit(1722473138.716:128): avc: denied { read } for pid=5402 comm="syz.0.1" dev="nsfs" ino=4026532893 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 60.339250][ T1138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.342761][ T1138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.351900][ T5337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.356310][ T5337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.361742][ T39] audit: type=1400 audit(1722473138.716:129): avc: denied { open } for pid=5402 comm="syz.0.1" path="net:[4026532893]" dev="nsfs" ino=4026532893 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 60.361864][ T5337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.373155][ T39] audit: type=1400 audit(1722473138.716:130): avc: denied { shutdown } for pid=5402 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 60.376800][ T5337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.386257][ T39] audit: type=1400 audit(1722473138.716:131): avc: denied { read } for pid=5402 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 60.395740][ T5337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.403241][ T5337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.403888][ T39] audit: type=1400 audit(1722473138.756:132): avc: denied { create } for pid=5404 comm="syz.0.5" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 60.408837][ T5337] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.430489][ T5337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.435052][ T5337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.440113][ T5337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.444541][ T5337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.449748][ T5337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.454102][ T5337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.460488][ T5337] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.489160][ T39] audit: type=1400 audit(1722473138.886:133): avc: denied { create } for pid=5406 comm="syz.0.6" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 60.499999][ T39] audit: type=1400 audit(1722473138.886:134): avc: denied { map } for pid=5406 comm="syz.0.6" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=8282 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 60.501799][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.510895][ T39] audit: type=1400 audit(1722473138.886:135): avc: denied { read write } for pid=5406 comm="syz.0.6" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=8282 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 60.518445][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.533471][ T5337] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.538133][ T5337] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.541988][ T5337] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.545817][ T5337] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.571050][ T39] audit: type=1400 audit(1722473138.966:136): avc: denied { ioctl } for pid=5406 comm="syz.0.6" path="socket:[8281]" dev="sockfs" ino=8281 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 60.630604][ T1103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.657142][ T1103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.702103][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.702973][ T39] audit: type=1400 audit(1722473139.096:137): avc: denied { read write } for pid=5410 comm="syz.2.3" name="raw-gadget" dev="devtmpfs" ino=763 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 60.705359][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.769741][ T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.773148][ T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.932728][ T5353] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 60.977162][ T10] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 61.005469][ T5422] cgroup: Bad value for 'name' [ 61.132953][ T5422] Process accounting resumed [ 61.147602][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 61.220055][ T10] usb 7-1: too many configurations: 25, using maximum allowed: 8 [ 61.228442][ T10] usb 7-1: config 0 has no interfaces? [ 61.231738][ T10] usb 7-1: config 0 has no interfaces? [ 61.234910][ T10] usb 7-1: config 0 has no interfaces? [ 61.245274][ T10] usb 7-1: config 0 has no interfaces? [ 61.249376][ T10] usb 7-1: config 0 has no interfaces? [ 61.253797][ T10] usb 7-1: config 0 has no interfaces? [ 61.258566][ T10] usb 7-1: config 0 has no interfaces? [ 61.262488][ T10] usb 7-1: config 0 has no interfaces? [ 61.264881][ T10] usb 7-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 61.272700][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.278223][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 61.284759][ T10] usb 7-1: config 0 descriptor?? [ 61.357387][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 61.430636][ T5440] ======================================================= [ 61.430636][ T5440] WARNING: The mand mount option has been deprecated and [ 61.430636][ T5440] and is ignored by this kernel. Remove the mand [ 61.430636][ T5440] option from the mount to silence this warning. [ 61.430636][ T5440] ======================================================= [ 61.503497][ T10] usb 7-1: USB disconnect, device number 2 [ 61.555229][ T5444] netlink: 44 bytes leftover after parsing attributes in process `syz.0.14'. [ 61.962789][ T5455] FAULT_INJECTION: forcing a failure. [ 61.962789][ T5455] name failslab, interval 1, probability 0, space 0, times 1 [ 61.977232][ T5455] CPU: 0 UID: 0 PID: 5455 Comm: syz.0.16 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 61.981862][ T5455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 61.986520][ T5455] Call Trace: [ 61.988163][ T5455] [ 61.989231][ T5455] dump_stack_lvl+0x16c/0x1f0 [ 61.991180][ T5455] should_fail_ex+0x497/0x5b0 [ 61.992845][ T5455] ? fs_reclaim_acquire+0xae/0x160 [ 61.995535][ T5455] should_failslab+0xc2/0x120 [ 61.998058][ T5455] kmem_cache_alloc_lru_noprof+0x72/0x2f0 [ 62.000553][ T5455] ? __d_alloc+0x31/0xaa0 [ 62.002429][ T5455] __d_alloc+0x31/0xaa0 [ 62.004175][ T5455] d_alloc_pseudo+0x1c/0xc0 [ 62.006323][ T5455] alloc_file_pseudo+0xdc/0x210 [ 62.008508][ T5455] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 62.010912][ T5455] ? security_inode_alloc+0x19e/0x240 [ 62.012962][ T5455] ? inode_init_always+0xc77/0xf80 [ 62.014913][ T5455] sock_alloc_file+0x50/0x1d0 [ 62.016867][ T5455] do_accept+0x2a8/0x540 [ 62.018673][ T5455] ? __pfx_do_accept+0x10/0x10 [ 62.021020][ T5455] __sys_accept4+0x102/0x1c0 [ 62.022917][ T5455] ? __pfx___sys_accept4+0x10/0x10 [ 62.024690][ T5455] ? __pfx_ksys_write+0x10/0x10 [ 62.026680][ T5455] __x64_sys_accept4+0x96/0x100 [ 62.028667][ T5455] ? lockdep_hardirqs_on+0x7c/0x110 [ 62.030716][ T5455] do_syscall_64+0xcd/0x250 [ 62.032306][ T5455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.034616][ T5455] RIP: 0033:0x7f474eb773b9 [ 62.036370][ T5455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.044151][ T5455] RSP: 002b:00007f474f9f4048 EFLAGS: 00000246 ORIG_RAX: 0000000000000120 [ 62.047021][ T5455] RAX: ffffffffffffffda RBX: 00007f474ed06058 RCX: 00007f474eb773b9 [ 62.050034][ T5455] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 62.053331][ T5455] RBP: 00007f474f9f40a0 R08: 0000000000000000 R09: 0000000000000000 [ 62.055912][ T5455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 62.058758][ T5455] R13: 000000000000006e R14: 00007f474ed06058 R15: 00007ffd48866688 [ 62.061518][ T5455] [ 62.063390][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 62.290369][ T5353] Bluetooth: hci3: command tx timeout [ 62.293056][ T5353] Bluetooth: hci1: command tx timeout [ 62.343094][ T5471] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 62.355031][ T5471] netlink: 248 bytes leftover after parsing attributes in process `syz.0.22'. [ 62.357551][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 62.367567][ T5353] Bluetooth: hci2: command tx timeout [ 62.383368][ T5472] random: crng reseeded on system resumption [ 62.780454][ T5479] FAULT_INJECTION: forcing a failure. [ 62.780454][ T5479] name failslab, interval 1, probability 0, space 0, times 0 [ 62.786540][ T5479] CPU: 3 UID: 0 PID: 5479 Comm: syz.0.24 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 62.791569][ T5479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 62.796517][ T5479] Call Trace: [ 62.797853][ T5479] [ 62.799134][ T5479] dump_stack_lvl+0x16c/0x1f0 [ 62.801924][ T5479] should_fail_ex+0x497/0x5b0 [ 62.804027][ T5479] should_failslab+0xc2/0x120 [ 62.806144][ T5479] __kmalloc_cache_noprof+0x6b/0x300 [ 62.808484][ T5479] ? __hw_addr_add_ex+0x3c8/0x7c0 [ 62.810640][ T5479] __hw_addr_add_ex+0x3c8/0x7c0 [ 62.812779][ T5479] ? __pfx___hw_addr_add_ex+0x10/0x10 [ 62.815169][ T5479] ? lock_sync+0x143/0x190 [ 62.817150][ T5479] __hw_addr_sync_multiple+0x12c/0x2e0 [ 62.819594][ T5479] dev_uc_sync_multiple+0x105/0x180 [ 62.821943][ T5479] team_set_rx_mode+0xb7/0x270 [ 62.824149][ T5479] ? __pfx_team_set_rx_mode+0x10/0x10 [ 62.826740][ T5479] __dev_set_rx_mode+0x1d0/0x2e0 [ 62.828665][ T5479] dev_uc_add+0xee/0x110 [ 62.830375][ T5479] packet_dev_mc+0x141/0x2c0 [ 62.832288][ T5479] packet_mc_add+0x590/0x7e0 [ 62.834092][ T5479] packet_setsockopt+0x1df5/0x2360 [ 62.835939][ T5479] ? __pfx_packet_setsockopt+0x10/0x10 [ 62.837882][ T5479] ? __pfx_sock_has_perm+0x10/0x10 [ 62.839729][ T5479] ? selinux_netlbl_socket_setsockopt+0x142/0x440 [ 62.842206][ T5479] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 62.845341][ T5479] ? find_held_lock+0x2d/0x110 [ 62.847337][ T5479] ? selinux_socket_setsockopt+0x6a/0x80 [ 62.850099][ T5479] ? security_socket_setsockopt+0x8c/0xc0 [ 62.852423][ T5479] ? __pfx_packet_setsockopt+0x10/0x10 [ 62.854755][ T5479] do_sock_setsockopt+0x222/0x480 [ 62.856918][ T5479] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 62.859162][ T5479] ? __fget_light+0x173/0x210 [ 62.861223][ T5479] __sys_setsockopt+0x1a4/0x270 [ 62.863227][ T5479] ? __pfx___sys_setsockopt+0x10/0x10 [ 62.865412][ T5479] ? fput+0x32/0x390 [ 62.867018][ T5479] ? ksys_write+0x1ab/0x260 [ 62.868866][ T5479] ? __pfx_ksys_write+0x10/0x10 [ 62.870861][ T5479] __x64_sys_setsockopt+0xbd/0x160 [ 62.872971][ T5479] ? do_syscall_64+0x91/0x250 [ 62.875054][ T5479] ? lockdep_hardirqs_on+0x7c/0x110 [ 62.877215][ T5479] do_syscall_64+0xcd/0x250 [ 62.878877][ T5479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.881277][ T5479] RIP: 0033:0x7f474eb773b9 [ 62.883070][ T5479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.890690][ T5479] RSP: 002b:00007f474fa15048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 62.894147][ T5479] RAX: ffffffffffffffda RBX: 00007f474ed05f80 RCX: 00007f474eb773b9 [ 62.897256][ T5479] RDX: 0000000000000001 RSI: 0000000000000107 RDI: 0000000000000004 [ 62.900432][ T5479] RBP: 00007f474fa150a0 R08: 0000000000000010 R09: 0000000000000000 [ 62.903868][ T5479] R10: 00000000200003c0 R11: 0000000000000246 R12: 0000000000000001 [ 62.907042][ T5479] R13: 000000000000000b R14: 00007f474ed05f80 R15: 00007ffd48866688 [ 62.910205][ T5479] [ 62.911713][ T5479] team_slave_1: entered promiscuous mode [ 62.918172][ T5478] team_slave_1: left promiscuous mode [ 63.447112][ T5391] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 63.630746][ T5391] usb 5-1: too many configurations: 25, using maximum allowed: 8 [ 63.640515][ T5391] usb 5-1: config 0 has no interfaces? [ 63.645845][ T5391] usb 5-1: config 0 has no interfaces? [ 63.657145][ T5353] Bluetooth: hci0: command tx timeout [ 63.658145][ T5391] usb 5-1: config 0 has no interfaces? [ 63.662499][ T5391] usb 5-1: config 0 has no interfaces? [ 63.677927][ T5391] usb 5-1: config 0 has no interfaces? [ 63.680889][ T5391] usb 5-1: config 0 has no interfaces? [ 63.684153][ T5391] usb 5-1: config 0 has no interfaces? [ 63.687677][ T5391] usb 5-1: config 0 has no interfaces? [ 63.690045][ T5391] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 63.693545][ T5391] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.706439][ T5391] usb 5-1: config 0 descriptor?? [ 63.934461][ T56] usb 5-1: USB disconnect, device number 2 [ 64.045747][ T5503] netlink: 248 bytes leftover after parsing attributes in process `syz.3.33'. [ 64.200398][ T5508] cgroup: Bad value for 'name' [ 64.319199][ T5507] Process accounting resumed [ 64.377715][ T5344] Bluetooth: hci3: command tx timeout [ 64.380156][ T5353] Bluetooth: hci1: command tx timeout [ 64.457665][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 64.461347][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 64.484503][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 64.586978][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 64.637502][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 65.431304][ T39] kauditd_printk_skb: 67 callbacks suppressed [ 65.431318][ T39] audit: type=1400 audit(1722473143.826:205): avc: denied { setopt } for pid=5531 comm="syz.3.39" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 65.464065][ T39] audit: type=1400 audit(1722473143.846:206): avc: denied { ioctl } for pid=5528 comm="syz.2.38" path="socket:[8374]" dev="sockfs" ino=8374 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 65.528569][ T39] audit: type=1400 audit(1722473143.916:207): avc: denied { create } for pid=5533 comm="syz.3.40" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 65.536872][ T39] audit: type=1400 audit(1722473143.916:208): avc: denied { bind } for pid=5533 comm="syz.3.40" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 65.596825][ T39] audit: type=1400 audit(1722473143.986:209): avc: denied { remove_name } for pid=5535 comm="rm" name="resolv.conf.cfptm1.link" dev="tmpfs" ino=1721 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 65.778414][ T5550] syzkaller0: entered promiscuous mode [ 65.780840][ T5550] syzkaller0: entered allmulticast mode [ 65.784858][ T39] audit: type=1400 audit(1722473144.176:210): avc: denied { read write } for pid=5548 comm="syz.2.43" name="fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 65.814972][ T39] audit: type=1400 audit(1722473144.176:211): avc: denied { open } for pid=5548 comm="syz.2.43" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 65.844103][ T39] audit: type=1400 audit(1722473144.196:212): avc: denied { write } for pid=5548 comm="syz.2.43" name="001" dev="devtmpfs" ino=728 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 65.868780][ T39] audit: type=1400 audit(1722473144.206:213): avc: denied { read } for pid=5552 comm="cmp" name="resolv.conf" dev="tmpfs" ino=6 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 65.879318][ T39] audit: type=1400 audit(1722473144.206:214): avc: denied { open } for pid=5552 comm="cmp" path="/tmp/resolv.conf" dev="tmpfs" ino=6 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 65.934636][ T5558] cgroup: Bad value for 'name' [ 65.953497][ T5561] virtio-fs: tag <(null)> not found [ 65.962296][ T5561] netlink: 5300 bytes leftover after parsing attributes in process `syz.0.45'. [ 65.964096][ T5558] Process accounting resumed [ 67.653297][ T5353] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 67.740390][ T5601] cgroup: Bad value for 'name' [ 67.883439][ T5601] Process accounting resumed [ 68.035469][ T5614] syzkaller0: entered promiscuous mode [ 68.046341][ T5614] syzkaller0: entered allmulticast mode [ 68.271158][ T5625] virtio-fs: tag <(null)> not found [ 68.277677][ T5625] netlink: 5300 bytes leftover after parsing attributes in process `syz.3.58'. [ 68.789707][ T5637] virtio-fs: tag <(null)> not found [ 68.823069][ T5637] netlink: 5300 bytes leftover after parsing attributes in process `syz.0.60'. [ 69.284209][ T5353] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 69.315901][ T5653] cgroup: Bad value for 'name' [ 69.399031][ T5653] Process accounting resumed [ 69.704869][ T5662] netlink: 'syz.3.66': attribute type 12 has an invalid length. [ 70.028355][ T5664] syzkaller0: entered promiscuous mode [ 70.031000][ T5664] syzkaller0: entered allmulticast mode [ 70.460635][ T5674] virtio-fs: tag <(null)> not found [ 70.466627][ T5674] netlink: 5300 bytes leftover after parsing attributes in process `syz.3.71'. [ 70.477302][ T5676] virtio-fs: tag <(null)> not found [ 70.498027][ T5676] netlink: 5300 bytes leftover after parsing attributes in process `syz.1.72'. [ 70.704438][ T39] kauditd_printk_skb: 17 callbacks suppressed [ 70.704448][ T39] audit: type=1400 audit(1722473149.096:232): avc: denied { write } for pid=5671 comm="syz.0.70" path="socket:[9300]" dev="sockfs" ino=9300 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 71.577331][ T5700] cgroup: Bad value for 'name' [ 71.681617][ T5699] Process accounting resumed [ 71.688868][ T5702] netlink: 'syz.3.75': attribute type 12 has an invalid length. [ 71.924784][ T5706] syzkaller0: entered promiscuous mode [ 71.926790][ T5706] syzkaller0: entered allmulticast mode [ 72.407977][ T5714] netlink: 'syz.1.79': attribute type 12 has an invalid length. [ 72.639437][ T5722] random: crng reseeded on system resumption [ 72.717147][ T830] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 72.900643][ T830] usb 7-1: too many configurations: 25, using maximum allowed: 8 [ 72.906855][ T830] usb 7-1: config 0 has no interfaces? [ 72.911190][ T830] usb 7-1: config 0 has no interfaces? [ 72.915552][ T830] usb 7-1: config 0 has no interfaces? [ 72.920542][ T830] usb 7-1: config 0 has no interfaces? [ 72.924367][ T830] usb 7-1: config 0 has no interfaces? [ 72.927557][ T830] usb 7-1: config 0 has no interfaces? [ 72.931029][ T830] usb 7-1: config 0 has no interfaces? [ 72.941395][ T830] usb 7-1: config 0 has no interfaces? [ 72.943516][ T830] usb 7-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 72.946998][ T830] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.955224][ T830] usb 7-1: config 0 descriptor?? [ 73.067365][ T5724] virtio-fs: tag <(null)> not found [ 73.073285][ T5724] netlink: 5300 bytes leftover after parsing attributes in process `syz.0.83'. [ 73.162853][ T5731] virtio-fs: tag <(null)> not found [ 73.172348][ T5731] netlink: 5300 bytes leftover after parsing attributes in process `syz.3.85'. [ 73.199572][ T830] usb 7-1: USB disconnect, device number 3 [ 73.771474][ T5743] syzkaller0: entered promiscuous mode [ 73.774058][ T5743] syzkaller0: entered allmulticast mode [ 74.585832][ T5761] netlink: 'syz.3.92': attribute type 12 has an invalid length. [ 75.444976][ T5774] syzkaller0: entered promiscuous mode [ 75.447673][ T5774] syzkaller0: entered allmulticast mode [ 75.687112][ T10] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 75.877902][ T10] usb 7-1: too many configurations: 25, using maximum allowed: 8 [ 75.887385][ T10] usb 7-1: config 0 has no interfaces? [ 75.897606][ T10] usb 7-1: config 0 has no interfaces? [ 75.903644][ T10] usb 7-1: config 0 has no interfaces? [ 75.917219][ T10] usb 7-1: config 0 has no interfaces? [ 75.921326][ T10] usb 7-1: config 0 has no interfaces? [ 75.925828][ T10] usb 7-1: config 0 has no interfaces? [ 75.940281][ T10] usb 7-1: config 0 has no interfaces? [ 75.945193][ T10] usb 7-1: config 0 has no interfaces? [ 75.948968][ T10] usb 7-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 75.957165][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 75.965289][ T10] usb 7-1: config 0 descriptor?? [ 76.008134][ T5379] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 76.190677][ T58] usb 7-1: USB disconnect, device number 4 [ 76.239361][ T5379] usb 5-1: too many configurations: 25, using maximum allowed: 8 [ 76.267244][ T5379] usb 5-1: config 0 has no interfaces? [ 76.274231][ T5379] usb 5-1: config 0 has no interfaces? [ 76.278044][ T5379] usb 5-1: config 0 has no interfaces? [ 76.281920][ T5379] usb 5-1: config 0 has no interfaces? [ 76.285602][ T5379] usb 5-1: config 0 has no interfaces? [ 76.298292][ T5379] usb 5-1: config 0 has no interfaces? [ 76.302040][ T5379] usb 5-1: config 0 has no interfaces? [ 76.306131][ T5379] usb 5-1: config 0 has no interfaces? [ 76.308694][ T5379] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 76.312597][ T5379] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 76.318930][ T5379] usb 5-1: config 0 descriptor?? [ 76.559674][ T58] usb 5-1: USB disconnect, device number 3 [ 76.745648][ T5790] netlink: 'syz.1.102': attribute type 12 has an invalid length. [ 77.013977][ T1380] ieee802154 phy0 wpan0: encryption failed: -22 [ 77.018354][ T1380] ieee802154 phy1 wpan1: encryption failed: -22 [ 77.684274][ T39] audit: type=1400 audit(1722473156.076:233): avc: denied { setopt } for pid=5802 comm="syz.0.106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 77.960808][ T39] audit: type=1400 audit(1722473156.356:234): avc: denied { accept } for pid=5813 comm="syz.2.109" lport=48363 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 78.063871][ T5353] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 78.100226][ T5823] cgroup: Bad value for 'name' [ 78.135403][ T5823] Process accounting resumed [ 78.152107][ T5829] random: crng reseeded on system resumption [ 78.384900][ T5834] syzkaller0: entered promiscuous mode [ 78.386935][ T5834] syzkaller0: entered allmulticast mode [ 78.403560][ T5832] netlink: 'syz.3.115': attribute type 12 has an invalid length. [ 79.414137][ T5846] cgroup: Bad value for 'name' [ 79.504202][ T5846] Process accounting resumed [ 79.639577][ T5856] random: crng reseeded on system resumption [ 79.833940][ T5353] Bluetooth: hci2: ISO packet for unknown connection handle 0 [ 79.882779][ T5858] cgroup: Bad value for 'name' [ 79.929419][ T5858] Process accounting resumed [ 80.094944][ T5866] syzkaller0: entered promiscuous mode [ 80.096894][ T5866] syzkaller0: entered allmulticast mode [ 80.249295][ T5867] netlink: 'syz.3.127': attribute type 12 has an invalid length. [ 80.292630][ T5869] syzkaller0: entered promiscuous mode [ 80.295381][ T5869] syzkaller0: entered allmulticast mode [ 80.640216][ T5878] cgroup: Bad value for 'name' [ 80.649421][ T5880] netlink: 'syz.1.133': attribute type 1 has an invalid length. [ 80.682376][ T5880] bond1: entered promiscuous mode [ 80.686241][ T5880] FAULT_INJECTION: forcing a failure. [ 80.686241][ T5880] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 80.691987][ T5880] CPU: 2 UID: 0 PID: 5880 Comm: syz.1.133 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 80.696467][ T5880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.700964][ T5880] Call Trace: [ 80.702414][ T5880] [ 80.703725][ T5880] dump_stack_lvl+0x16c/0x1f0 [ 80.705821][ T5880] should_fail_ex+0x497/0x5b0 [ 80.707851][ T5880] _copy_from_iter+0x2a1/0x1150 [ 80.709934][ T5880] ? __alloc_skb+0x1fe/0x380 [ 80.711280][ T5878] Process accounting resumed [ 80.711898][ T5880] ? __pfx__copy_from_iter+0x10/0x10 [ 80.715926][ T5880] ? __virt_addr_valid+0x5e/0x590 [ 80.718492][ T5880] ? __phys_addr_symbol+0x30/0x80 [ 80.720646][ T5880] ? __check_object_size+0x497/0x720 [ 80.723652][ T5880] netlink_sendmsg+0x813/0xd70 [ 80.726038][ T5880] ? __pfx_netlink_sendmsg+0x10/0x10 [ 80.728401][ T5880] ? __import_iovec+0x1fd/0x6e0 [ 80.730741][ T5880] ____sys_sendmsg+0xab5/0xc90 [ 80.733122][ T5880] ? copy_msghdr_from_user+0x10b/0x160 [ 80.735609][ T5880] ? __pfx_____sys_sendmsg+0x10/0x10 [ 80.738122][ T5880] ? find_held_lock+0x2d/0x110 [ 80.740893][ T5880] ? __pfx___lock_acquire+0x10/0x10 [ 80.743719][ T5880] ___sys_sendmsg+0x135/0x1e0 [ 80.745992][ T5880] ? __pfx____sys_sendmsg+0x10/0x10 [ 80.748391][ T5880] ? ksys_write+0x21c/0x260 [ 80.750474][ T5880] ? __fget_light+0x173/0x210 [ 80.752607][ T5880] __sys_sendmsg+0x117/0x1f0 [ 80.754570][ T5880] ? __pfx___sys_sendmsg+0x10/0x10 [ 80.756608][ T5880] do_syscall_64+0xcd/0x250 [ 80.758452][ T5880] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.761109][ T5880] RIP: 0033:0x7f5eab3773b9 [ 80.762901][ T5880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.769662][ T5880] RSP: 002b:00007f5eac0e1048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 80.772846][ T5880] RAX: ffffffffffffffda RBX: 00007f5eab505f80 RCX: 00007f5eab3773b9 [ 80.776303][ T5880] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000003 [ 80.779455][ T5880] RBP: 00007f5eac0e10a0 R08: 0000000000000000 R09: 0000000000000000 [ 80.782575][ T5880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.786034][ T5880] R13: 000000000000000b R14: 00007f5eab505f80 R15: 00007ffe438a9578 [ 80.789556][ T5880] [ 80.913908][ T5886] random: crng reseeded on system resumption [ 81.071353][ T39] audit: type=1400 audit(1722473159.466:235): avc: denied { read } for pid=5888 comm="syz.3.136" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 81.080769][ T39] audit: type=1400 audit(1722473159.466:236): avc: denied { open } for pid=5888 comm="syz.3.136" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 81.302862][ T39] audit: type=1400 audit(1722473159.696:237): avc: denied { create } for pid=5894 comm="syz.2.137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 81.311483][ T5895] FAULT_INJECTION: forcing a failure. [ 81.311483][ T5895] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 81.316897][ T5895] CPU: 3 UID: 0 PID: 5895 Comm: syz.2.137 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 81.320590][ T5895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.324118][ T5895] Call Trace: [ 81.325523][ T5895] [ 81.326569][ T5895] dump_stack_lvl+0x16c/0x1f0 [ 81.328217][ T5895] should_fail_ex+0x497/0x5b0 [ 81.329903][ T5895] _copy_from_user+0x30/0xf0 [ 81.331468][ T5895] copy_msghdr_from_user+0x99/0x160 [ 81.333383][ T5895] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 81.335956][ T5895] ? find_held_lock+0x2d/0x110 [ 81.337746][ T5895] ? __pfx___lock_acquire+0x10/0x10 [ 81.339831][ T5895] ___sys_sendmsg+0xff/0x1e0 [ 81.341892][ T5895] ? __pfx____sys_sendmsg+0x10/0x10 [ 81.344190][ T5895] ? ksys_write+0x21c/0x260 [ 81.345945][ T5895] ? __fget_light+0x173/0x210 [ 81.347533][ T5895] __sys_sendmsg+0x117/0x1f0 [ 81.349112][ T5895] ? __pfx___sys_sendmsg+0x10/0x10 [ 81.350809][ T5895] do_syscall_64+0xcd/0x250 [ 81.350824][ T5895] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.350837][ T5895] RIP: 0033:0x7fc2ae3773b9 [ 81.350846][ T5895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.363032][ T5895] RSP: 002b:00007fc2af1b8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 81.365992][ T5895] RAX: ffffffffffffffda RBX: 00007fc2ae505f80 RCX: 00007fc2ae3773b9 [ 81.369298][ T5895] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000003 [ 81.372276][ T5895] RBP: 00007fc2af1b80a0 R08: 0000000000000000 R09: 0000000000000000 [ 81.375208][ T5895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.378091][ T5895] R13: 000000000000000b R14: 00007fc2ae505f80 R15: 00007ffdca5e5d18 [ 81.380547][ T5895] [ 81.449547][ T5901] syzkaller0: entered promiscuous mode [ 81.451675][ T5901] syzkaller0: entered allmulticast mode [ 81.677910][ T39] audit: type=1326 audit(1722473160.076:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5906 comm="syz.2.142" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc2ae3773b9 code=0x0 [ 81.786899][ T5910] mmap: syz.2.142 (5910) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 81.838440][ T5909] cgroup: Bad value for 'name' [ 81.883926][ T5909] Process accounting resumed [ 82.115028][ T5917] netlink: 'syz.0.144': attribute type 12 has an invalid length. [ 82.539313][ T5922] netlink: 5300 bytes leftover after parsing attributes in process `syz.2.146'. [ 82.731413][ T5928] FAULT_INJECTION: forcing a failure. [ 82.731413][ T5928] name failslab, interval 1, probability 0, space 0, times 0 [ 82.739104][ T5928] CPU: 3 UID: 0 PID: 5928 Comm: syz.3.147 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 82.744129][ T5928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.749013][ T5928] Call Trace: [ 82.750503][ T5928] [ 82.751838][ T5928] dump_stack_lvl+0x16c/0x1f0 [ 82.753987][ T5928] should_fail_ex+0x497/0x5b0 [ 82.756116][ T5928] should_failslab+0xc2/0x120 [ 82.758224][ T5928] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 82.760616][ T5928] ? xfrm_state_alloc+0x23/0x510 [ 82.762831][ T5928] xfrm_state_alloc+0x23/0x510 [ 82.764998][ T5928] xfrm_state_find+0x1b3e/0x68f0 [ 82.767196][ T5928] ? __lock_acquire+0x1620/0x3cb0 [ 82.769429][ T5928] ? __pfx_xfrm_state_find+0x10/0x10 [ 82.771765][ T5928] ? hlock_class+0x4e/0x130 [ 82.773808][ T5928] ? lock_acquire+0x1b1/0x560 [ 82.775911][ T5928] ? hlock_class+0x4e/0x130 [ 82.777951][ T5928] ? stack_depot_save_flags+0x31b/0x8f0 [ 82.780406][ T5928] ? __pfx_mark_lock+0x10/0x10 [ 82.782535][ T5928] xfrm_tmpl_resolve+0x3cf/0xf10 [ 82.784729][ T5928] ? __pfx_xfrm_tmpl_resolve+0x10/0x10 [ 82.786878][ T5928] ? __pfx___lock_acquire+0x10/0x10 [ 82.789189][ T5928] ? hlock_class+0x4e/0x130 [ 82.791210][ T5928] xfrm_resolve_and_create_bundle+0x140/0x2570 [ 82.793910][ T5928] ? find_held_lock+0x2d/0x110 [ 82.796031][ T5928] ? xfrm_sk_policy_lookup+0x4dd/0x730 [ 82.798448][ T5928] ? __pfx_lock_release+0x10/0x10 [ 82.800659][ T5928] ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10 [ 82.803392][ T5928] ? selinux_xfrm_policy_lookup+0xe3/0x110 [ 82.806003][ T5928] ? xfrm_expand_policies.constprop.0+0x24a/0x6c0 [ 82.808848][ T5928] xfrm_lookup_with_ifid+0x259/0x1e60 [ 82.811235][ T5928] ? ip_route_output_key_hash_rcu+0xdf7/0x2770 [ 82.813951][ T5928] ? __pfx_xfrm_lookup_with_ifid+0x10/0x10 [ 82.816557][ T5928] ? ip_route_output_key_hash+0x16c/0x2e0 [ 82.818590][ T5928] ? ip_route_output_key_hash+0x16c/0x2e0 [ 82.820615][ T5928] xfrm_lookup_route+0x3b/0x200 [ 82.822491][ T5928] ip_route_output_flow+0x11e/0x150 [ 82.824261][ T5928] __ip4_datagram_connect+0x898/0x1520 [ 82.826119][ T5928] __ip6_datagram_connect+0xcfe/0x1480 [ 82.827994][ T5928] ? __pfx___ip6_datagram_connect+0x10/0x10 [ 82.830069][ T5928] ? mark_held_locks+0x9f/0xe0 [ 82.831814][ T5928] ? ip6_datagram_connect_v6_only+0x65/0xa0 [ 82.833894][ T5928] ? ip6_datagram_connect_v6_only+0x73/0xa0 [ 82.835873][ T5928] ip6_datagram_connect_v6_only+0x73/0xa0 [ 82.837929][ T5928] inet_dgram_connect+0x15b/0x2f0 [ 82.839856][ T5928] ? __pfx_inet_dgram_connect+0x10/0x10 [ 82.842049][ T5928] __sys_connect_file+0x15f/0x1a0 [ 82.844188][ T5928] __sys_connect+0x149/0x170 [ 82.846246][ T5928] ? __pfx___sys_connect+0x10/0x10 [ 82.848511][ T5928] ? __pfx_ksys_write+0x10/0x10 [ 82.850701][ T5928] __x64_sys_connect+0x72/0xb0 [ 82.852819][ T5928] ? lockdep_hardirqs_on+0x7c/0x110 [ 82.855136][ T5928] do_syscall_64+0xcd/0x250 [ 82.857107][ T5928] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.859703][ T5928] RIP: 0033:0x7fd2ea3773b9 [ 82.861682][ T5928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.870070][ T5928] RSP: 002b:00007fd2eb067048 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 82.873927][ T5928] RAX: ffffffffffffffda RBX: 00007fd2ea505f80 RCX: 00007fd2ea3773b9 [ 82.877521][ T5928] RDX: 000000000000001c RSI: 0000000020000000 RDI: 0000000000000004 [ 82.881142][ T5928] RBP: 00007fd2eb0670a0 R08: 0000000000000000 R09: 0000000000000000 [ 82.884734][ T5928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 82.888338][ T5928] R13: 000000000000000b R14: 00007fd2ea505f80 R15: 00007fff18965358 [ 82.891905][ T5928] [ 82.937589][ T5930] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 82.953958][ T39] audit: type=1400 audit(1722473161.346:239): avc: denied { name_bind } for pid=5929 comm="syz.3.148" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 82.977845][ T5932] random: crng reseeded on system resumption [ 83.032630][ T39] audit: type=1400 audit(1722473161.426:240): avc: denied { unlink } for pid=5929 comm="syz.3.148" name="#1" dev="tmpfs" ino=238 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 83.046959][ T39] audit: type=1400 audit(1722473161.436:241): avc: denied { mount } for pid=5929 comm="syz.3.148" name="/" dev="overlay" ino=233 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 83.059466][ T39] audit: type=1804 audit(1722473161.456:242): pid=5933 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.148" name="/newroot/40/bus/bus" dev="overlay" ino=240 res=1 errno=0 [ 83.065087][ T5933] evm: overlay not supported [ 83.074979][ T39] audit: type=1400 audit(1722473161.466:243): avc: denied { sys_module } for pid=5929 comm="syz.3.148" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 83.077064][ T5933] Invalid ELF header magic: != ELF [ 83.088899][ T39] audit: type=1400 audit(1722473161.466:244): avc: denied { module_load } for pid=5929 comm="syz.3.148" path="/40/bus/bus" dev="overlay" ino=240 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1 [ 83.525895][ T5943] netlink: 'syz.3.151': attribute type 12 has an invalid length. [ 84.579176][ T39] audit: type=1804 audit(1722473162.966:245): pid=5963 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.159" name="/newroot/52/bus/bus" dev="overlay" ino=308 res=1 errno=0 [ 84.584110][ T5963] Invalid ELF header magic: != ELF [ 84.659343][ T5967] netlink: 5300 bytes leftover after parsing attributes in process `syz.1.161'. [ 85.710462][ T39] audit: type=1400 audit(1722473164.106:246): avc: denied { ioctl } for pid=5994 comm="syz.2.170" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 85.834525][ T39] audit: type=1400 audit(1722473164.226:247): avc: denied { write } for pid=5994 comm="syz.2.170" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 85.988896][ T39] audit: type=1400 audit(1722473164.376:248): avc: denied { read } for pid=5994 comm="syz.2.170" name="sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 86.560081][ T6011] netlink: 'syz.0.174': attribute type 12 has an invalid length. [ 87.058728][ T6014] netlink: 5300 bytes leftover after parsing attributes in process `syz.1.175'. [ 87.258392][ T57] cfg80211: failed to load regulatory.db [ 87.757136][ T6031] netlink: 5300 bytes leftover after parsing attributes in process `syz.0.180'. [ 87.971665][ T6042] syzkaller0: entered promiscuous mode [ 87.973968][ T6042] syzkaller0: entered allmulticast mode [ 88.377599][ T6050] netlink: 'syz.1.186': attribute type 12 has an invalid length. [ 89.063468][ T6062] netlink: 5300 bytes leftover after parsing attributes in process `syz.2.190'. [ 89.357984][ T6071] netlink: 5300 bytes leftover after parsing attributes in process `syz.1.192'. [ 89.481157][ T6075] syzkaller0: entered promiscuous mode [ 89.483589][ T6075] syzkaller0: entered allmulticast mode [ 89.739716][ T6088] FAULT_INJECTION: forcing a failure. [ 89.739716][ T6088] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 89.744208][ T6088] CPU: 0 UID: 0 PID: 6088 Comm: syz.3.198 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 89.748351][ T6088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.752648][ T6088] Call Trace: [ 89.753884][ T6088] [ 89.755145][ T6088] dump_stack_lvl+0x16c/0x1f0 [ 89.757165][ T6088] should_fail_ex+0x497/0x5b0 [ 89.759056][ T6088] _copy_from_user+0x30/0xf0 [ 89.761012][ T6088] do_ipv6_setsockopt+0x97d/0x47b0 [ 89.763172][ T6088] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 89.765411][ T6088] ? avc_has_perm_noaudit+0x143/0x3a0 [ 89.767483][ T6088] ? avc_has_perm+0x11b/0x1c0 [ 89.769487][ T6088] ? __pfx_avc_has_perm+0x10/0x10 [ 89.771432][ T6088] ? __lock_acquire+0xbdd/0x3cb0 [ 89.773290][ T6088] ? sock_has_perm+0x25a/0x2f0 [ 89.775303][ T6088] ? __pfx_sock_has_perm+0x10/0x10 [ 89.777408][ T6088] ? selinux_netlbl_socket_setsockopt+0x142/0x440 [ 89.779963][ T6088] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 89.782776][ T6088] ? ipv6_setsockopt+0xe3/0x1a0 [ 89.784880][ T6088] ipv6_setsockopt+0xe3/0x1a0 [ 89.786836][ T6088] udpv6_setsockopt+0x7d/0xd0 [ 89.788431][ T6088] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 89.790456][ T6088] do_sock_setsockopt+0x222/0x480 [ 89.792143][ T6088] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 89.794032][ T6088] ? __fget_light+0x173/0x210 [ 89.795644][ T6088] __sys_setsockopt+0x1a4/0x270 [ 89.797346][ T6088] ? __pfx___sys_setsockopt+0x10/0x10 [ 89.799271][ T6088] ? fput+0x32/0x390 [ 89.800609][ T6088] ? ksys_write+0x1ab/0x260 [ 89.802281][ T6088] ? __pfx_ksys_write+0x10/0x10 [ 89.804039][ T6088] __x64_sys_setsockopt+0xbd/0x160 [ 89.805891][ T6088] ? do_syscall_64+0x91/0x250 [ 89.807483][ T6088] ? lockdep_hardirqs_on+0x7c/0x110 [ 89.809328][ T6088] do_syscall_64+0xcd/0x250 [ 89.811013][ T6088] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.813021][ T6088] RIP: 0033:0x7fd2ea3773b9 [ 89.814579][ T6088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.821254][ T6088] RSP: 002b:00007fd2eb067048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 89.824027][ T6088] RAX: ffffffffffffffda RBX: 00007fd2ea505f80 RCX: 00007fd2ea3773b9 [ 89.826793][ T6088] RDX: 000000000000002c RSI: 0000000000000029 RDI: 0000000000000003 [ 89.829917][ T6088] RBP: 00007fd2eb0670a0 R08: 0000000000000108 R09: 0000000000000000 [ 89.832682][ T6088] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000001 [ 89.835433][ T6088] R13: 000000000000000b R14: 00007fd2ea505f80 R15: 00007fff18965358 [ 89.838591][ T6088] [ 90.004405][ T39] kauditd_printk_skb: 3 callbacks suppressed [ 90.004419][ T39] audit: type=1400 audit(1722473168.396:252): avc: denied { create } for pid=6096 comm="syz.2.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 90.021595][ T39] audit: type=1400 audit(1722473168.416:253): avc: denied { connect } for pid=6096 comm="syz.2.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 90.034624][ T39] audit: type=1400 audit(1722473168.416:254): avc: denied { bind } for pid=6096 comm="syz.2.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 90.044042][ T39] audit: type=1400 audit(1722473168.426:255): avc: denied { create } for pid=6096 comm="syz.2.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 90.054203][ T39] audit: type=1400 audit(1722473168.426:256): avc: denied { write } for pid=6096 comm="syz.2.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 90.062338][ T39] audit: type=1400 audit(1722473168.426:257): avc: denied { read } for pid=6096 comm="syz.2.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 90.070380][ T39] audit: type=1400 audit(1722473168.436:258): avc: denied { read } for pid=6096 comm="syz.2.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 90.095137][ T39] audit: type=1400 audit(1722473168.486:259): avc: denied { setopt } for pid=6096 comm="syz.2.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 90.107488][ T39] audit: type=1400 audit(1722473168.506:260): avc: denied { mounton } for pid=6096 comm="syz.2.201" path="/46/file0" dev="tmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 90.124054][ T6098] netlink: 'syz.3.199': attribute type 12 has an invalid length. [ 90.261944][ T39] audit: type=1400 audit(1722473168.656:261): avc: denied { create } for pid=6096 comm="syz.2.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 90.402297][ T6106] syzkaller0: entered promiscuous mode [ 90.404631][ T6106] syzkaller0: entered allmulticast mode [ 90.829829][ T6109] netlink: 'syz.0.204': attribute type 12 has an invalid length. [ 91.091916][ T6114] FAULT_INJECTION: forcing a failure. [ 91.091916][ T6114] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 91.098992][ T6114] CPU: 3 UID: 0 PID: 6114 Comm: syz.1.206 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 91.104447][ T6114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 91.109226][ T6114] Call Trace: [ 91.110770][ T6114] [ 91.112204][ T6114] dump_stack_lvl+0x16c/0x1f0 [ 91.114525][ T6114] should_fail_ex+0x497/0x5b0 [ 91.117095][ T6114] _copy_from_user+0x30/0xf0 [ 91.119105][ T6114] br_dev_read_uargs+0x149/0x3b0 [ 91.120851][ T6114] ? __pfx_br_dev_read_uargs+0x10/0x10 [ 91.123018][ T6114] br_dev_siocdevprivate+0xe8/0x1630 [ 91.125279][ T6114] ? __pfx_br_dev_siocdevprivate+0x10/0x10 [ 91.127702][ T6114] ? lock_acquire+0x1b1/0x560 [ 91.129304][ T6114] ? __mutex_trylock_common+0xea/0x250 [ 91.131709][ T6114] ? netdev_name_node_lookup+0x127/0x180 [ 91.134439][ T6114] dev_ifsioc+0x529/0x10b0 [ 91.136538][ T6114] ? __pfx_dev_ifsioc+0x10/0x10 [ 91.138960][ T6114] ? dev_ioctl+0x1a1/0x10c0 [ 91.141148][ T6114] ? __pfx___mutex_lock+0x10/0x10 [ 91.143685][ T6114] ? __pfx_lock_release+0x10/0x10 [ 91.146369][ T6114] ? full_name_hash+0xbc/0x110 [ 91.147154][ T10] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 91.148694][ T6114] dev_ioctl+0x1b2/0x10c0 [ 91.148718][ T6114] sock_ioctl+0x5bf/0x6c0 [ 91.148737][ T6114] ? __pfx_sock_ioctl+0x10/0x10 [ 91.157703][ T6114] ? selinux_file_ioctl+0x180/0x270 [ 91.160125][ T6114] ? selinux_file_ioctl+0xb4/0x270 [ 91.162483][ T6114] ? __pfx_sock_ioctl+0x10/0x10 [ 91.164426][ T6114] __x64_sys_ioctl+0x193/0x220 [ 91.166466][ T6114] do_syscall_64+0xcd/0x250 [ 91.168208][ T6114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.170656][ T6114] RIP: 0033:0x7f5eab3773b9 [ 91.172616][ T6114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.181250][ T6114] RSP: 002b:00007f5eac0e1048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 91.184647][ T6114] RAX: ffffffffffffffda RBX: 00007f5eab505f80 RCX: 00007f5eab3773b9 [ 91.187647][ T6114] RDX: 0000000020000900 RSI: 00000000000089f0 RDI: 000000000000000f [ 91.190601][ T6114] RBP: 00007f5eac0e10a0 R08: 0000000000000000 R09: 0000000000000000 [ 91.193626][ T6114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.196070][ T6114] R13: 000000000000000b R14: 00007f5eab505f80 R15: 00007ffe438a9578 [ 91.199112][ T6114] [ 91.349457][ T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 91.353451][ T10] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 91.357235][ T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.367880][ T10] usb 8-1: config 0 descriptor?? [ 91.611093][ T6130] syzkaller0: entered promiscuous mode [ 91.613672][ T6130] syzkaller0: entered allmulticast mode [ 92.054552][ T6134] netlink: 'syz.1.213': attribute type 12 has an invalid length. [ 92.310649][ T6138] netlink: 'syz.0.214': attribute type 12 has an invalid length. [ 92.512593][ T10] usbhid 8-1:0.0: can't add hid device: -71 [ 92.515806][ T10] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 92.527265][ T10] usb 8-1: USB disconnect, device number 2 [ 92.576699][ T5353] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 92.619327][ T6141] cgroup: Bad value for 'name' [ 92.670815][ T6141] Process accounting resumed [ 92.771119][ T6146] random: crng reseeded on system resumption [ 92.859788][ T6149] FAULT_INJECTION: forcing a failure. [ 92.859788][ T6149] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 92.866324][ T6149] CPU: 1 UID: 0 PID: 6149 Comm: syz.1.218 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 92.871365][ T6149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.876306][ T6149] Call Trace: [ 92.877685][ T6149] [ 92.878872][ T6149] dump_stack_lvl+0x16c/0x1f0 [ 92.880797][ T6149] should_fail_ex+0x497/0x5b0 [ 92.883111][ T6149] _copy_to_user+0x30/0xc0 [ 92.884904][ T6149] simple_read_from_buffer+0xd0/0x160 [ 92.887115][ T6149] proc_fail_nth_read+0x1b0/0x290 [ 92.889317][ T6149] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 92.891690][ T6149] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 92.894009][ T6149] vfs_read+0x1d4/0xbd0 [ 92.895851][ T6149] ? __fdget_pos+0xeb/0x180 [ 92.897995][ T6149] ? __pfx_vfs_read+0x10/0x10 [ 92.900110][ T6149] ? __pfx___mutex_lock+0x10/0x10 [ 92.902281][ T6149] ? __fget_files+0x256/0x400 [ 92.904500][ T6149] ksys_read+0x12f/0x260 [ 92.906516][ T6149] ? __pfx_ksys_read+0x10/0x10 [ 92.908659][ T6149] do_syscall_64+0xcd/0x250 [ 92.910750][ T6149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.913333][ T6149] RIP: 0033:0x7f5eab375dfc [ 92.914912][ T6149] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 92.922847][ T6149] RSP: 002b:00007f5eac0c0040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 92.926203][ T6149] RAX: ffffffffffffffda RBX: 00007f5eab506058 RCX: 00007f5eab375dfc [ 92.929592][ T6149] RDX: 000000000000000f RSI: 00007f5eac0c00b0 RDI: 0000000000000006 [ 92.932802][ T6149] RBP: 00007f5eac0c00a0 R08: 0000000000000000 R09: 0000000000000000 [ 92.936110][ T6149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.939303][ T6149] R13: 000000000000006e R14: 00007f5eab506058 R15: 00007ffe438a9578 [ 92.942567][ T6149] [ 93.105207][ T6156] syzkaller0: entered promiscuous mode [ 93.107603][ T6156] syzkaller0: entered allmulticast mode [ 93.149455][ T6161] FAULT_INJECTION: forcing a failure. [ 93.149455][ T6161] name failslab, interval 1, probability 0, space 0, times 0 [ 93.154756][ T6161] CPU: 1 UID: 0 PID: 6161 Comm: syz.0.223 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 93.159164][ T6161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 93.163090][ T6161] Call Trace: [ 93.164231][ T6161] [ 93.165450][ T6161] dump_stack_lvl+0x16c/0x1f0 [ 93.167482][ T6161] should_fail_ex+0x497/0x5b0 [ 93.169700][ T6161] should_failslab+0xc2/0x120 [ 93.171492][ T6161] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 93.173717][ T6161] ? __build_skb+0x3f/0x90 [ 93.175235][ T6161] __build_skb+0x3f/0x90 [ 93.176684][ T6161] netlink_alloc_large_skb+0xb5/0x130 [ 93.178709][ T6161] netlink_sendmsg+0x689/0xd70 [ 93.180243][ T6161] ? __pfx_netlink_sendmsg+0x10/0x10 [ 93.182184][ T6161] ? __import_iovec+0x1fd/0x6e0 [ 93.183853][ T6161] ____sys_sendmsg+0xab5/0xc90 [ 93.185660][ T6161] ? copy_msghdr_from_user+0x10b/0x160 [ 93.187809][ T6161] ? __pfx_____sys_sendmsg+0x10/0x10 [ 93.190153][ T6161] ? find_held_lock+0x2d/0x110 [ 93.192045][ T6161] ? __pfx___lock_acquire+0x10/0x10 [ 93.194249][ T6161] ___sys_sendmsg+0x135/0x1e0 [ 93.196229][ T6161] ? __pfx____sys_sendmsg+0x10/0x10 [ 93.198385][ T6161] ? ksys_write+0x21c/0x260 [ 93.200099][ T6161] ? __fget_light+0x173/0x210 [ 93.201968][ T6161] __sys_sendmsg+0x117/0x1f0 [ 93.203934][ T6161] ? __pfx___sys_sendmsg+0x10/0x10 [ 93.206062][ T6161] do_syscall_64+0xcd/0x250 [ 93.207796][ T6161] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.210092][ T6161] RIP: 0033:0x7f474eb773b9 [ 93.211960][ T6161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 93.219563][ T6161] RSP: 002b:00007f474fa15048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 93.222650][ T6161] RAX: ffffffffffffffda RBX: 00007f474ed05f80 RCX: 00007f474eb773b9 [ 93.225491][ T6161] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 93.228765][ T6161] RBP: 00007f474fa150a0 R08: 0000000000000000 R09: 0000000000000000 [ 93.231559][ T6161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 93.234841][ T6161] R13: 000000000000000b R14: 00007f474ed05f80 R15: 00007ffd48866688 [ 93.238208][ T6161] [ 93.376109][ T6173] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_bridge, syncid = 0, id = 0 [ 93.492172][ T6172] netlink: 16 bytes leftover after parsing attributes in process `syz.0.227'. [ 93.496709][ T6172] netlink: 16 bytes leftover after parsing attributes in process `syz.0.227'. [ 93.501559][ T6172] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 93.505676][ T6172] (unnamed net_device) (uninitialized): option arp_validate: invalid value (103) [ 93.541058][ T6176] netlink: 'syz.3.226': attribute type 12 has an invalid length. [ 93.871521][ T6181] netlink: 'syz.0.228': attribute type 12 has an invalid length. [ 94.003762][ T6184] futex_wake_op: syz.1.229 tries to shift op by -1; fix this program [ 94.333964][ T6188] FAULT_INJECTION: forcing a failure. [ 94.333964][ T6188] name fail_futex, interval 1, probability 0, space 0, times 1 [ 94.339755][ T6188] CPU: 3 UID: 0 PID: 6188 Comm: syz.1.231 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 94.344440][ T6188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.348565][ T6188] Call Trace: [ 94.349732][ T6188] [ 94.350751][ T6188] dump_stack_lvl+0x16c/0x1f0 [ 94.352397][ T6188] should_fail_ex+0x497/0x5b0 [ 94.354280][ T6188] get_futex_key+0x482/0x1090 [ 94.355881][ T6188] ? __pfx_get_futex_key+0x10/0x10 [ 94.358054][ T6188] ? get_pid_task+0xfc/0x250 [ 94.360185][ T6188] futex_wake_op+0x15d/0xda0 [ 94.362311][ T6188] ? __pfx_futex_wake_op+0x10/0x10 [ 94.364766][ T6188] ? ksys_write+0x21c/0x260 [ 94.366893][ T6188] ? vfs_write+0x14d/0x1140 [ 94.369018][ T6188] do_futex+0x2eb/0x350 [ 94.370944][ T6188] ? __pfx_do_futex+0x10/0x10 [ 94.373060][ T6188] __x64_sys_futex+0x1e1/0x4c0 [ 94.375085][ T6188] ? fput+0x32/0x390 [ 94.376990][ T6188] ? __pfx___x64_sys_futex+0x10/0x10 [ 94.379183][ T6188] ? ksys_write+0x1ab/0x260 [ 94.381047][ T6188] ? __pfx_ksys_write+0x10/0x10 [ 94.383053][ T6188] do_syscall_64+0xcd/0x250 [ 94.385094][ T6188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.387743][ T6188] RIP: 0033:0x7f5eab3773b9 [ 94.389592][ T6188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.397660][ T6188] RSP: 002b:00007f5eac0e1048 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 94.401161][ T6188] RAX: ffffffffffffffda RBX: 00007f5eab505f80 RCX: 00007f5eab3773b9 [ 94.404467][ T6188] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000020000080 [ 94.407714][ T6188] RBP: 00007f5eac0e10a0 R08: 0000000020000100 R09: 000000008ffffffe [ 94.410915][ T6188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.414204][ T6188] R13: 000000000000000b R14: 00007f5eab505f80 R15: 00007ffe438a9578 [ 94.417349][ T6188] [ 94.585622][ T6165] Process accounting resumed [ 94.624009][ T6196] netlink: 5300 bytes leftover after parsing attributes in process `syz.0.234'. [ 94.698771][ T6201] cgroup: Bad value for 'name' [ 94.744949][ T6201] Process accounting resumed [ 95.224188][ T39] kauditd_printk_skb: 5 callbacks suppressed [ 95.224198][ T39] audit: type=1400 audit(1722473173.616:267): avc: denied { bind } for pid=6217 comm="syz.2.240" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 95.235640][ T39] audit: type=1400 audit(1722473173.626:268): avc: denied { setopt } for pid=6217 comm="syz.2.240" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 95.237871][ T6218] netlink: 'syz.2.240': attribute type 10 has an invalid length. [ 95.262198][ T6218] team0: Failed to send port change of device netdevsim0 via netlink (err -105) [ 95.266231][ T6218] team0: Failed to send options change via netlink (err -105) [ 95.269745][ T6218] team0: Port device netdevsim0 added [ 95.273214][ T30] team0: Failed to send port change of device netdevsim0 via netlink (err -105) [ 95.316147][ T39] audit: type=1400 audit(1722473173.706:269): avc: denied { read } for pid=6219 comm="syz.2.241" name="card2" dev="devtmpfs" ino=641 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 95.323482][ T39] audit: type=1400 audit(1722473173.706:270): avc: denied { open } for pid=6219 comm="syz.2.241" path="/dev/dri/card2" dev="devtmpfs" ino=641 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 95.412693][ T39] audit: type=1400 audit(1722473173.806:271): avc: denied { name_bind } for pid=6219 comm="syz.2.241" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 95.421205][ T39] audit: type=1400 audit(1722473173.806:272): avc: denied { create } for pid=6219 comm="syz.2.241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 95.429452][ T39] audit: type=1400 audit(1722473173.806:273): avc: denied { write } for pid=6219 comm="syz.2.241" path="socket:[9879]" dev="sockfs" ino=9879 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 95.439542][ T39] audit: type=1400 audit(1722473173.806:274): avc: denied { nlmsg_write } for pid=6219 comm="syz.2.241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 95.447993][ T39] audit: type=1400 audit(1722473173.816:275): avc: denied { map } for pid=6219 comm="syz.2.241" path="socket:[11493]" dev="sockfs" ino=11493 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 95.457284][ T39] audit: type=1400 audit(1722473173.816:276): avc: denied { read accept } for pid=6219 comm="syz.2.241" path="socket:[11493]" dev="sockfs" ino=11493 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 95.732394][ T6228] netlink: 'syz.0.242': attribute type 12 has an invalid length. [ 95.883470][ T6230] netlink: 'syz.2.243': attribute type 12 has an invalid length. [ 95.907254][ T832] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 96.087138][ T832] usb 8-1: Using ep0 maxpacket: 8 [ 96.091689][ T832] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 96.095744][ T832] usb 8-1: config 0 has no interface number 0 [ 96.098937][ T832] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 96.103998][ T832] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 96.108216][ T832] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.117092][ T832] usb 8-1: config 0 descriptor?? [ 96.128599][ T832] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 96.348187][ T5401] usb 8-1: USB disconnect, device number 3 [ 96.362996][ T5401] iowarrior 8-1:0.1: I/O-Warror #0 now disconnected [ 96.909323][ T6249] netlink: 5300 bytes leftover after parsing attributes in process `syz.3.250'. [ 97.174753][ T6261] FAULT_INJECTION: forcing a failure. [ 97.174753][ T6261] name failslab, interval 1, probability 0, space 0, times 0 [ 97.181120][ T6261] CPU: 0 UID: 0 PID: 6261 Comm: syz.0.251 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 97.185709][ T6261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.190307][ T6261] Call Trace: [ 97.191734][ T6261] [ 97.193053][ T6261] dump_stack_lvl+0x16c/0x1f0 [ 97.195168][ T6261] should_fail_ex+0x497/0x5b0 [ 97.197278][ T6261] ? fs_reclaim_acquire+0xae/0x160 [ 97.199541][ T6261] should_failslab+0xc2/0x120 [ 97.201640][ T6261] __kmalloc_noprof+0xcb/0x400 [ 97.203667][ T6261] tomoyo_encode2+0x100/0x3e0 [ 97.205749][ T6261] tomoyo_encode+0x29/0x50 [ 97.207699][ T6261] tomoyo_realpath_from_path+0x19d/0x720 [ 97.210196][ T6261] tomoyo_path_perm+0x273/0x450 [ 97.212359][ T6261] ? tomoyo_path_perm+0x25f/0x450 [ 97.214372][ T6261] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 97.216603][ T6261] ? find_held_lock+0x2d/0x110 [ 97.218638][ T6261] ? kmem_cache_free+0x12f/0x3a0 [ 97.220473][ T6261] ? putname+0x12e/0x170 [ 97.222193][ T6261] ? user_path_at+0x44/0x60 [ 97.224101][ T6261] ? __x64_sys_umount+0x10b/0x1a0 [ 97.226249][ T6261] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 97.229013][ T6261] tomoyo_sb_umount+0x8d/0xd0 [ 97.230980][ T6261] ? __pfx_tomoyo_sb_umount+0x10/0x10 [ 97.233363][ T6261] ? get_current_fs_domain+0x188/0x1f0 [ 97.235774][ T6261] security_sb_umount+0x6d/0xc0 [ 97.237954][ T6261] path_umount+0x2c5/0x10d0 [ 97.239991][ T6261] ? putname+0x12e/0x170 [ 97.241886][ T6261] ? __pfx_path_umount+0x10/0x10 [ 97.244104][ T6261] ? putname+0x12e/0x170 [ 97.246002][ T6261] __x64_sys_umount+0x16c/0x1a0 [ 97.248166][ T6261] ? __pfx___x64_sys_umount+0x10/0x10 [ 97.250514][ T6261] do_syscall_64+0xcd/0x250 [ 97.252494][ T6261] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.254995][ T6261] RIP: 0033:0x7f474eb773b9 [ 97.256989][ T6261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.265340][ T6261] RSP: 002b:00007f474f9f4048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 97.268981][ T6261] RAX: ffffffffffffffda RBX: 00007f474ed06058 RCX: 00007f474eb773b9 [ 97.272234][ T6261] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200001c0 [ 97.275678][ T6261] RBP: 00007f474f9f40a0 R08: 0000000000000000 R09: 0000000000000000 [ 97.279183][ T6261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 97.282646][ T6261] R13: 000000000000006e R14: 00007f474ed06058 R15: 00007ffd48866688 [ 97.286088][ T6261] [ 97.288995][ T6261] ERROR: Out of memory at tomoyo_realpath_from_path. [ 97.386581][ T6263] netlink: 'syz.2.253': attribute type 12 has an invalid length. [ 97.934898][ T6275] x_tables: duplicate underflow at hook 2 [ 97.940143][ T5353] Bluetooth: hci1: SCO packet for unknown connection handle 1 [ 98.207621][ T6281] Bluetooth: MGMT ver 1.23 [ 98.591324][ T6305] netlink: 'syz.0.263': attribute type 11 has an invalid length. [ 98.767966][ T6323] random: crng reseeded on system resumption [ 99.384945][ T6330] syzkaller0: entered promiscuous mode [ 99.394742][ T6330] syzkaller0: entered allmulticast mode [ 99.609244][ T6344] netlink: 4 bytes leftover after parsing attributes in process `syz.3.274'. [ 99.616994][ T6344] netlink: 12 bytes leftover after parsing attributes in process `syz.3.274'. [ 99.635846][ T6344] fuse: Unknown parameter '' [ 99.645037][ T6346] virtio-fs: tag <(null)> not found [ 99.679907][ T6346] netlink: 5300 bytes leftover after parsing attributes in process `syz.2.275'. [ 99.853636][ T6351] FAULT_INJECTION: forcing a failure. [ 99.853636][ T6351] name failslab, interval 1, probability 0, space 0, times 0 [ 99.858435][ T6351] CPU: 1 UID: 0 PID: 6351 Comm: syz.0.276 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 99.862659][ T6351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 99.867059][ T6351] Call Trace: [ 99.868495][ T6351] [ 99.869804][ T6351] dump_stack_lvl+0x16c/0x1f0 [ 99.871851][ T6351] should_fail_ex+0x497/0x5b0 [ 99.873839][ T6351] should_failslab+0xc2/0x120 [ 99.875816][ T6351] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 99.878038][ T6351] ? skb_clone+0x190/0x3f0 [ 99.879795][ T6351] skb_clone+0x190/0x3f0 [ 99.881367][ T6351] netlink_deliver_tap+0xab3/0xd90 [ 99.883527][ T6351] netlink_unicast+0x6c2/0x830 [ 99.885624][ T6351] ? __pfx_netlink_unicast+0x10/0x10 [ 99.887799][ T6351] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 99.889881][ T6351] netlink_ack+0x6a8/0xb90 [ 99.891871][ T6351] netlink_rcv_skb+0x348/0x440 [ 99.894076][ T6351] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 99.896279][ T6351] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 99.898043][ T6351] ? netlink_deliver_tap+0x1ae/0xd90 [ 99.900366][ T6351] netlink_unicast+0x544/0x830 [ 99.902288][ T6351] ? __pfx_netlink_unicast+0x10/0x10 [ 99.904087][ T6351] netlink_sendmsg+0x8b8/0xd70 [ 99.906015][ T6351] ? __pfx_netlink_sendmsg+0x10/0x10 [ 99.908234][ T6351] ? __import_iovec+0x1fd/0x6e0 [ 99.910389][ T6351] ____sys_sendmsg+0xab5/0xc90 [ 99.912461][ T6351] ? copy_msghdr_from_user+0x10b/0x160 [ 99.914649][ T6351] ? __pfx_____sys_sendmsg+0x10/0x10 [ 99.916759][ T6351] ? find_held_lock+0x2d/0x110 [ 99.918657][ T6351] ? __pfx___lock_acquire+0x10/0x10 [ 99.920599][ T6351] ___sys_sendmsg+0x135/0x1e0 [ 99.922607][ T6351] ? __pfx____sys_sendmsg+0x10/0x10 [ 99.924855][ T6351] ? ksys_write+0x21c/0x260 [ 99.926686][ T6351] ? __fget_light+0x173/0x210 [ 99.928880][ T6351] __sys_sendmsg+0x117/0x1f0 [ 99.930762][ T6351] ? __pfx___sys_sendmsg+0x10/0x10 [ 99.932876][ T6351] do_syscall_64+0xcd/0x250 [ 99.934840][ T6351] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.937262][ T6351] RIP: 0033:0x7f474eb773b9 [ 99.939047][ T6351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 99.946764][ T6351] RSP: 002b:00007f474fa15048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 99.950107][ T6351] RAX: ffffffffffffffda RBX: 00007f474ed05f80 RCX: 00007f474eb773b9 [ 99.953220][ T6351] RDX: 0000000000000000 RSI: 0000000020000900 RDI: 0000000000000003 [ 99.956360][ T6351] RBP: 00007f474fa150a0 R08: 0000000000000000 R09: 0000000000000000 [ 99.959451][ T6351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 99.962793][ T6351] R13: 000000000000000b R14: 00007f474ed05f80 R15: 00007ffd48866688 [ 99.966111][ T6351] [ 100.004287][ T6353] syzkaller0: entered promiscuous mode [ 100.007247][ T6353] syzkaller0: entered allmulticast mode [ 100.097249][ T6355] overlay: filesystem on ./file1 not supported as upperdir [ 100.310399][ T6357] random: crng reseeded on system resumption [ 100.530765][ T6363] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.535421][ T6363] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.550039][ T6363] bridge0: entered allmulticast mode [ 100.628698][ T5344] Bluetooth: hci4: sending frame failed (-49) [ 100.633178][ T5353] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 100.642176][ T6363] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.644949][ T6363] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.647993][ T6363] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.650529][ T6363] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.653626][ T6363] bridge0: entered promiscuous mode [ 100.661191][ T6365] syzkaller0: entered promiscuous mode [ 100.663814][ T6365] syzkaller0: entered allmulticast mode [ 100.986664][ T39] kauditd_printk_skb: 19 callbacks suppressed [ 100.986876][ T39] audit: type=1400 audit(1722473179.376:296): avc: denied { execute } for pid=6373 comm="syz.1.285" path="/61/cpu.stat" dev="tmpfs" ino=348 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 101.017959][ T6379] netlink: 'syz.2.284': attribute type 12 has an invalid length. [ 101.590669][ T39] audit: type=1400 audit(1722473179.986:297): avc: denied { ioctl } for pid=6383 comm="syz.3.287" path="/dev/sg0" dev="devtmpfs" ino=707 ioctlcmd=0x2288 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 101.803522][ T5353] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 101.872066][ T6400] syzkaller0: entered promiscuous mode [ 101.874107][ T6400] syzkaller0: entered allmulticast mode [ 101.909420][ T6395] cgroup: Bad value for 'name' [ 101.924592][ T39] audit: type=1400 audit(1722473180.316:298): avc: denied { mount } for pid=6401 comm="syz.1.290" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 101.956411][ T39] audit: type=1400 audit(1722473180.346:299): avc: denied { unmount } for pid=5337 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 101.969603][ T6394] Process accounting resumed [ 102.036610][ T6407] random: crng reseeded on system resumption [ 102.405787][ T39] audit: type=1400 audit(1722473180.796:300): avc: denied { setopt } for pid=6422 comm="syz.2.296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 102.432981][ T39] audit: type=1400 audit(1722473180.826:301): avc: denied { ioctl } for pid=6422 comm="syz.2.296" path="socket:[10232]" dev="sockfs" ino=10232 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 102.466068][ T6431] overlay: filesystem on ./file1 not supported as upperdir [ 102.501371][ T39] audit: type=1400 audit(1722473180.896:302): avc: denied { ioctl } for pid=6422 comm="syz.2.296" path="socket:[11655]" dev="sockfs" ino=11655 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 102.512386][ T39] audit: type=1400 audit(1722473180.906:303): avc: denied { create } for pid=6422 comm="syz.2.296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 102.521383][ T39] audit: type=1400 audit(1722473180.916:304): avc: denied { ioctl } for pid=6422 comm="syz.2.296" path="socket:[11659]" dev="sockfs" ino=11659 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 102.819900][ T6444] warning: `syz.2.301' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 102.918004][ T6446] FAULT_INJECTION: forcing a failure. [ 102.918004][ T6446] name failslab, interval 1, probability 0, space 0, times 0 [ 102.925457][ T6446] CPU: 3 UID: 0 PID: 6446 Comm: syz.2.302 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 102.930087][ T6446] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 102.934775][ T6446] Call Trace: [ 102.936266][ T6446] [ 102.937599][ T6446] dump_stack_lvl+0x16c/0x1f0 [ 102.939638][ T6446] should_fail_ex+0x497/0x5b0 [ 102.941745][ T6446] ? fs_reclaim_acquire+0xae/0x160 [ 102.944035][ T6446] should_failslab+0xc2/0x120 [ 102.946144][ T6446] __kmalloc_noprof+0xcb/0x400 [ 102.948297][ T6446] ? __pfx_lock_acquire+0x10/0x10 [ 102.950545][ T6446] tomoyo_realpath_from_path+0xb9/0x720 [ 102.953014][ T6446] ? tomoyo_profile+0x47/0x60 [ 102.955130][ T6446] tomoyo_path_number_perm+0x245/0x590 [ 102.957542][ T6446] ? tomoyo_path_number_perm+0x232/0x590 [ 102.960278][ T6446] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 102.963149][ T6446] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 102.965795][ T6446] ? __fget_files+0x256/0x400 [ 102.967483][ T6446] security_file_ioctl+0x75/0xc0 [ 102.969183][ T6446] __x64_sys_ioctl+0xbb/0x220 [ 102.971158][ T6446] do_syscall_64+0xcd/0x250 [ 102.973469][ T6446] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.976053][ T6446] RIP: 0033:0x7fc2ae3773b9 [ 102.978130][ T6446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 102.986583][ T6446] RSP: 002b:00007fc2af1b8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 102.989841][ T6446] RAX: ffffffffffffffda RBX: 00007fc2ae505f80 RCX: 00007fc2ae3773b9 [ 102.992792][ T6446] RDX: 0000000020000200 RSI: 0000000000008b07 RDI: 0000000000000003 [ 102.996358][ T6446] RBP: 00007fc2af1b80a0 R08: 0000000000000000 R09: 0000000000000000 [ 103.000588][ T6446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 103.004249][ T6446] R13: 000000000000000b R14: 00007fc2ae505f80 R15: 00007ffdca5e5d18 [ 103.007926][ T6446] [ 103.011800][ T6446] ERROR: Out of memory at tomoyo_realpath_from_path. [ 103.104811][ T6450] syzkaller0: entered promiscuous mode [ 103.107292][ T6450] syzkaller0: entered allmulticast mode [ 103.136298][ T5353] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 103.161784][ T6452] cgroup: Bad value for 'name' [ 103.258978][ T6451] Process accounting resumed [ 103.277217][ T39] audit: type=1400 audit(1722473181.666:305): avc: denied { setopt } for pid=6458 comm="syz.2.308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 103.335151][ T6464] FAULT_INJECTION: forcing a failure. [ 103.335151][ T6464] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 103.342375][ T6464] CPU: 1 UID: 0 PID: 6464 Comm: syz.3.309 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 103.346831][ T6464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 103.351335][ T6464] Call Trace: [ 103.352772][ T6464] [ 103.354065][ T6464] dump_stack_lvl+0x16c/0x1f0 [ 103.356089][ T6464] should_fail_ex+0x497/0x5b0 [ 103.358085][ T6464] _copy_from_user+0x30/0xf0 [ 103.360055][ T6464] move_addr_to_kernel+0x68/0x160 [ 103.362218][ T6464] __sys_bind+0xc4/0x220 [ 103.364039][ T6464] ? __pfx___sys_bind+0x10/0x10 [ 103.366162][ T6464] ? __pfx_ksys_write+0x10/0x10 [ 103.368179][ T6464] __x64_sys_bind+0x72/0xb0 [ 103.370130][ T6464] ? lockdep_hardirqs_on+0x7c/0x110 [ 103.372347][ T6464] do_syscall_64+0xcd/0x250 [ 103.374310][ T6464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.376822][ T6464] RIP: 0033:0x7fd2ea3773b9 [ 103.378723][ T6464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.386854][ T6464] RSP: 002b:00007fd2eb067048 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 103.390419][ T6464] RAX: ffffffffffffffda RBX: 00007fd2ea505f80 RCX: 00007fd2ea3773b9 [ 103.393774][ T6464] RDX: 0000000000000010 RSI: 00000000200001c0 RDI: 0000000000000003 [ 103.397188][ T6464] RBP: 00007fd2eb0670a0 R08: 0000000000000000 R09: 0000000000000000 [ 103.400534][ T6464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 103.403875][ T6464] R13: 000000000000000b R14: 00007fd2ea505f80 R15: 00007fff18965358 [ 103.407221][ T6464] [ 103.879256][ T6468] Zero length message leads to an empty skb [ 103.910337][ T6477] syzkaller0: entered promiscuous mode [ 103.914079][ T6477] syzkaller0: entered allmulticast mode [ 104.169211][ T6479] syzkaller0: entered promiscuous mode [ 104.171177][ T6479] syzkaller0: entered allmulticast mode [ 107.180697][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 107.180712][ T39] audit: type=1400 audit(1722473185.576:308): avc: denied { create } for pid=6482 comm="syz.0.317" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 107.198090][ T39] audit: type=1400 audit(1722473185.576:309): avc: denied { ioctl } for pid=6482 comm="syz.0.317" path="socket:[11725]" dev="sockfs" ino=11725 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 107.336863][ T39] audit: type=1400 audit(1722473185.726:310): avc: denied { block_suspend } for pid=6482 comm="syz.0.317" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 107.407460][ T5344] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 107.416444][ T5344] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 107.422419][ T5344] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 107.429311][ T5344] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 107.441240][ T5344] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 107.444583][ T5344] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 107.460891][ T39] audit: type=1400 audit(1722473185.856:311): avc: denied { mounton } for pid=6500 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 107.475303][ T39] audit: type=1400 audit(1722473185.866:312): avc: denied { append } for pid=6502 comm="syz.3.324" name="dlm_plock" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 107.485055][ T39] audit: type=1400 audit(1722473185.866:313): avc: denied { bind } for pid=6502 comm="syz.3.324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 107.495413][ T39] audit: type=1400 audit(1722473185.866:314): avc: denied { setopt } for pid=6502 comm="syz.3.324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 107.601841][ T39] audit: type=1400 audit(1722473185.996:315): avc: denied { name_bind } for pid=6502 comm="syz.3.324" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 107.627287][ T39] audit: type=1400 audit(1722473185.996:316): avc: denied { node_bind } for pid=6502 comm="syz.3.324" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 107.836749][ T6500] chnl_net:caif_netlink_parms(): no params data found [ 108.052575][ T6500] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.058347][ T6500] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.060860][ T6500] bridge_slave_0: entered allmulticast mode [ 108.065449][ T6500] bridge_slave_0: entered promiscuous mode [ 108.073922][ T6500] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.079480][ T6500] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.082299][ T6500] bridge_slave_1: entered allmulticast mode [ 108.088278][ T6500] bridge_slave_1: entered promiscuous mode [ 108.194737][ T6500] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 108.212465][ T6500] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 108.355676][ T6521] syzkaller0: entered promiscuous mode [ 108.359439][ T6521] syzkaller0: entered allmulticast mode [ 108.408011][ T6500] team0: Port device team_slave_0 added [ 108.412737][ T6500] team0: Port device team_slave_1 added [ 108.426284][ T6523] netlink: 12 bytes leftover after parsing attributes in process `syz.1.328'. [ 108.522318][ T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.625722][ T6500] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 108.631208][ T6500] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.632678][ T5353] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 108.643587][ T6500] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 108.653921][ T6500] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 108.658734][ T6500] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.668937][ T6500] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 108.679854][ T6532] cgroup: Bad value for 'name' [ 108.690772][ T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.703963][ T6531] netlink: 'syz.1.328': attribute type 12 has an invalid length. [ 108.725277][ T6532] Process accounting resumed [ 108.846470][ T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.891609][ T6500] hsr_slave_0: entered promiscuous mode [ 108.900806][ T6500] hsr_slave_1: entered promiscuous mode [ 108.907267][ T6500] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 108.910657][ T6500] Cannot create hsr debugfs directory [ 108.998306][ T13] team0: Port device netdevsim0 removed [ 109.002307][ T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.280065][ T13] bridge_slave_1: left allmulticast mode [ 109.282469][ T13] bridge_slave_1: left promiscuous mode [ 109.285616][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.294684][ T13] bridge_slave_0: left allmulticast mode [ 109.296752][ T13] bridge_slave_0: left promiscuous mode [ 109.305003][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.487292][ T5353] Bluetooth: hci4: command tx timeout [ 109.666184][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 109.673936][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 109.680787][ T13] bond0 (unregistering): Released all slaves [ 109.753838][ T6553] syzkaller0: entered promiscuous mode [ 109.756315][ T6553] syzkaller0: entered allmulticast mode [ 110.036299][ T6569] virtio-fs: tag <(null)> not found [ 110.042539][ T6569] netlink: 5300 bytes leftover after parsing attributes in process `syz.3.341'. [ 110.145753][ T39] audit: type=1400 audit(1722473188.536:317): avc: denied { sqpoll } for pid=6578 comm="syz.3.342" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 110.159515][ T6579] netlink: 'syz.3.342': attribute type 2 has an invalid length. [ 110.264234][ T13] hsr_slave_0: left promiscuous mode [ 110.268137][ T13] hsr_slave_1: left promiscuous mode [ 110.271594][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 110.274960][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 110.280154][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 110.283569][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 110.321744][ T13] veth1_macvtap: left promiscuous mode [ 110.324671][ T13] veth0_macvtap: left promiscuous mode [ 110.326867][ T13] veth1_vlan: left promiscuous mode [ 110.329310][ T13] veth0_vlan: left promiscuous mode [ 110.356242][ T5353] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 110.399317][ T6587] cgroup: Bad value for 'name' [ 110.463921][ T6587] Process accounting resumed [ 111.140847][ T13] team0 (unregistering): Port device team_slave_1 removed [ 111.213712][ T13] team0 (unregistering): Port device team_slave_0 removed [ 111.355225][ T6617] netlink: 5300 bytes leftover after parsing attributes in process `syz.3.352'. [ 111.547798][ T5353] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 111.565921][ T6626] cgroup: Bad value for 'name' [ 111.580032][ T5353] Bluetooth: hci4: command tx timeout [ 111.590548][ T6625] Process accounting resumed [ 111.618503][ T6629] virtio-fs: tag <(null)> not found [ 111.624175][ T6629] netlink: 5300 bytes leftover after parsing attributes in process `syz.3.355'. [ 111.791063][ T6636] process 'syz.3.357' launched './file0' with NULL argv: empty string added [ 111.805853][ T6609] netlink: 'syz.0.351': attribute type 2 has an invalid length. [ 111.830932][ T6500] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 111.841359][ T6500] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 111.853419][ T6500] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 111.860546][ T6500] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 111.965034][ T6500] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.012503][ T6500] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.026661][ T832] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.029806][ T832] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.044244][ T5369] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.047476][ T5369] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.106600][ T6500] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 112.352856][ T6500] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 112.379684][ T6500] veth0_vlan: entered promiscuous mode [ 112.385642][ T6500] veth1_vlan: entered promiscuous mode [ 112.401757][ T6500] veth0_macvtap: entered promiscuous mode [ 112.406199][ T6500] veth1_macvtap: entered promiscuous mode [ 112.417859][ T6500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 112.421578][ T6500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.424960][ T6500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 112.430403][ T6500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.434344][ T6500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 112.438698][ T6500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.443940][ T6500] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 112.451377][ T6500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 112.455907][ T6500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.461360][ T6500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 112.465854][ T6500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.470278][ T6500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 112.474806][ T6500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.480722][ T6500] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 112.488515][ T6500] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.493356][ T6500] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.497569][ T6500] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.500812][ T6500] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.567474][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.570743][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.592639][ T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.596028][ T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.622017][ T39] kauditd_printk_skb: 3 callbacks suppressed [ 112.622032][ T39] audit: type=1400 audit(1722473191.016:321): avc: denied { read } for pid=6649 comm="syz.1.360" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 112.858205][ T5353] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 112.887743][ T6659] cgroup: Bad value for 'name' [ 112.930245][ T6658] Process accounting resumed [ 112.993648][ T6664] virtio-fs: tag <(null)> not found [ 112.996787][ T6665] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=123 sclass=netlink_route_socket pid=6665 comm=syz.1.364 [ 113.004199][ T6664] netlink: 5300 bytes leftover after parsing attributes in process `syz.0.363'. [ 113.062634][ T39] audit: type=1400 audit(1722473191.456:322): avc: denied { write } for pid=6668 comm="syz.1.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 113.193256][ T6672] syzkaller0: entered promiscuous mode [ 113.195781][ T6672] syzkaller0: entered allmulticast mode [ 113.337173][ T39] audit: type=1400 audit(1722473191.726:323): avc: denied { read } for pid=6676 comm="syz.1.368" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 113.347539][ T39] audit: type=1400 audit(1722473191.726:324): avc: denied { open } for pid=6676 comm="syz.1.368" path="/76/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 113.358211][ T39] audit: type=1400 audit(1722473191.736:325): avc: denied { ioctl } for pid=6676 comm="syz.1.368" path="/76/file0/file0" dev="fuse" ino=0 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 113.390197][ T6682] syz.1.370 uses obsolete (PF_INET,SOCK_PACKET) [ 113.403740][ T6680] netlink: 8 bytes leftover after parsing attributes in process `syz.0.369'. [ 113.519154][ T5353] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 113.565912][ T6688] cgroup: Bad value for 'name' [ 113.609262][ T6687] Process accounting resumed [ 113.646299][ T39] audit: type=1400 audit(1722473192.036:326): avc: denied { ioctl } for pid=6692 comm="syz.2.374" path="socket:[12982]" dev="sockfs" ino=12982 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 113.649969][ T5353] Bluetooth: hci4: command tx timeout [ 113.661298][ T39] audit: type=1400 audit(1722473192.046:327): avc: denied { write } for pid=6692 comm="syz.2.374" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 114.198733][ T6703] netlink: 'syz.0.377': attribute type 12 has an invalid length. [ 114.434654][ T39] audit: type=1400 audit(1722473192.826:328): avc: denied { mounton } for pid=6709 comm="syz.1.380" path="/proc/248/task" dev="proc" ino=14342 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 114.505220][ T6712] 9pnet_fd: Insufficient options for proto=fd [ 114.509563][ T39] audit: type=1400 audit(1722473192.906:329): avc: denied { ioctl } for pid=6711 comm="syz.1.381" path="socket:[13946]" dev="sockfs" ino=13946 ioctlcmd=0xc5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 114.528096][ T39] audit: type=1400 audit(1722473192.926:330): avc: denied { ioctl } for pid=6711 comm="syz.1.381" path="socket:[13943]" dev="sockfs" ino=13943 ioctlcmd=0x9422 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 114.530080][ T6712] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2583 sclass=netlink_route_socket pid=6712 comm=syz.1.381 [ 114.608879][ T6714] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 114.627178][ T5369] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 114.812393][ T5369] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 114.820855][ T5369] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 114.824952][ T5369] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 114.828482][ T5369] usb 8-1: SerialNumber: syz [ 114.838448][ T6706] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 114.845139][ T5369] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -22 [ 115.073367][ T5369] usb 8-1: USB disconnect, device number 4 [ 115.386535][ T6725] virtio-fs: tag <(null)> not found [ 115.394139][ T6725] netlink: 5300 bytes leftover after parsing attributes in process `syz.0.386'. [ 115.727433][ T5353] Bluetooth: hci4: command tx timeout [ 115.741256][ T6733] netlink: 4 bytes leftover after parsing attributes in process `syz.3.389'. [ 115.812140][ T5353] Bluetooth: hci1: unexpected event 0x06 length: 23 > 3 [ 115.902387][ T5353] Bluetooth: hci1: Malformed LE Event: 0x0d [ 116.555887][ T6753] virtio-fs: tag <(null)> not found [ 116.585144][ T6755] FAULT_INJECTION: forcing a failure. [ 116.585144][ T6755] name failslab, interval 1, probability 0, space 0, times 0 [ 116.592638][ T6755] CPU: 2 UID: 0 PID: 6755 Comm: syz.3.396 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 116.594160][ T6753] netlink: 5300 bytes leftover after parsing attributes in process `syz.1.395'. [ 116.597158][ T6755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 116.597205][ T6755] Call Trace: [ 116.597213][ T6755] [ 116.597220][ T6755] dump_stack_lvl+0x16c/0x1f0 [ 116.609908][ T6755] should_fail_ex+0x497/0x5b0 [ 116.611641][ T6755] ? fs_reclaim_acquire+0xae/0x160 [ 116.613681][ T6755] should_failslab+0xc2/0x120 [ 116.615732][ T6755] __kmalloc_node_noprof+0xd1/0x430 [ 116.617972][ T6755] ? __kvmalloc_node_noprof+0x9d/0x1a0 [ 116.620123][ T6755] ? lockdep_init_map_type+0x16d/0x7d0 [ 116.622408][ T6755] __kvmalloc_node_noprof+0x9d/0x1a0 [ 116.624667][ T6755] bucket_table_alloc.isra.0+0x86/0x470 [ 116.627045][ T6755] rhashtable_init_noprof+0x41a/0x7e0 [ 116.629149][ T6755] nft_rhash_init+0x149/0x410 [ 116.630826][ T6755] ? __pfx_nft_rhash_init+0x10/0x10 [ 116.632878][ T6755] ? lockdep_hardirqs_on+0x7c/0x110 [ 116.634523][ T6755] ? __pfx_nft_rhash_key+0x10/0x10 [ 116.636104][ T6755] ? __pfx_nft_rhash_obj+0x10/0x10 [ 116.638119][ T6755] ? __pfx_nft_rhash_cmp+0x10/0x10 [ 116.640156][ T6755] ? kfree+0x12a/0x3b0 [ 116.642022][ T6755] ? __asan_memcpy+0x3c/0x60 [ 116.643875][ T6755] ? nf_tables_newset+0x2a70/0x40a0 [ 116.646040][ T6755] nf_tables_newset+0x3006/0x40a0 [ 116.648168][ T6755] ? __pfx_nf_tables_newset+0x10/0x10 [ 116.650453][ T6755] ? __pfx___lock_acquire+0x10/0x10 [ 116.652272][ T6755] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 116.654763][ T6755] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 116.657253][ T6755] ? __pfx___nla_validate_parse+0x10/0x10 [ 116.659742][ T6755] ? net_generic+0xea/0x2a0 [ 116.661814][ T6755] ? __pfx_lock_release+0x10/0x10 [ 116.664097][ T6755] ? __nla_parse+0x40/0x60 [ 116.666130][ T6755] nfnetlink_rcv_batch+0x1a19/0x24e0 [ 116.668511][ T6755] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 116.671027][ T6755] ? find_held_lock+0x2d/0x110 [ 116.673213][ T6755] ? avc_has_perm_noaudit+0x119/0x3a0 [ 116.675657][ T6755] ? avc_has_perm_noaudit+0x143/0x3a0 [ 116.678091][ T6755] ? __nla_parse+0x40/0x60 [ 116.680107][ T6755] nfnetlink_rcv+0x3c3/0x430 [ 116.682120][ T6755] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 116.683900][ T6755] netlink_unicast+0x544/0x830 [ 116.685590][ T6755] ? __pfx_netlink_unicast+0x10/0x10 [ 116.687435][ T6755] netlink_sendmsg+0x8b8/0xd70 [ 116.689452][ T6755] ? __pfx_netlink_sendmsg+0x10/0x10 [ 116.691838][ T6755] ? __import_iovec+0x1fd/0x6e0 [ 116.694080][ T6755] ____sys_sendmsg+0xab5/0xc90 [ 116.695906][ T6755] ? copy_msghdr_from_user+0x10b/0x160 [ 116.698091][ T6755] ? __pfx_____sys_sendmsg+0x10/0x10 [ 116.700467][ T6755] ? find_held_lock+0x2d/0x110 [ 116.702650][ T6755] ? __pfx___lock_acquire+0x10/0x10 [ 116.704997][ T6755] ___sys_sendmsg+0x135/0x1e0 [ 116.707122][ T6755] ? __pfx____sys_sendmsg+0x10/0x10 [ 116.709497][ T6755] ? ksys_write+0x21c/0x260 [ 116.711554][ T6755] ? __fget_light+0x173/0x210 [ 116.713684][ T6755] __sys_sendmsg+0x117/0x1f0 [ 116.715411][ T6755] ? __pfx___sys_sendmsg+0x10/0x10 [ 116.717570][ T6755] do_syscall_64+0xcd/0x250 [ 116.719555][ T6755] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.722212][ T6755] RIP: 0033:0x7fd2ea3773b9 [ 116.724253][ T6755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.732462][ T6755] RSP: 002b:00007fd2eb067048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 116.735818][ T6755] RAX: ffffffffffffffda RBX: 00007fd2ea505f80 RCX: 00007fd2ea3773b9 [ 116.738453][ T6755] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 116.741978][ T6755] RBP: 00007fd2eb0670a0 R08: 0000000000000000 R09: 0000000000000000 [ 116.745323][ T6755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 116.748243][ T6755] R13: 000000000000000b R14: 00007fd2ea505f80 R15: 00007fff18965358 [ 116.751465][ T6755] [ 117.289443][ T5353] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 117.447891][ T6770] cgroup: Bad value for 'name' [ 117.573454][ T6770] Process accounting resumed [ 118.658645][ T6787] virtio-fs: tag <(null)> not found [ 118.671268][ T6787] netlink: 5300 bytes leftover after parsing attributes in process `syz.2.405'. [ 118.763196][ T5353] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 118.821423][ T6792] cgroup: Bad value for 'name' [ 118.851172][ T6798] syzkaller0: entered promiscuous mode [ 118.853361][ T6798] syzkaller0: entered allmulticast mode [ 118.865804][ T6791] Process accounting resumed [ 118.908018][ T6801] virtio-fs: tag <(null)> not found [ 118.916298][ T6801] netlink: 5300 bytes leftover after parsing attributes in process `syz.0.410'. [ 118.920720][ T5353] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:585 [ 118.925205][ T5353] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5353, name: kworker/u33:8 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 118.931833][ T5353] preempt_count: 0, expected: 0 [ 118.934220][ T5353] RCU nest depth: 1, expected: 0 [ 118.936195][ T5353] 4 locks held by kworker/u33:8/5353: [ 118.938475][ T5353] #0: ffff88801ea3b948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 118.942819][ T5353] #1: ffffc90004247d80 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 118.948048][ T5353] #2: ffff888025850078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xde/0xb30 [ 118.952665][ T5353] #3: ffffffff8ddb53a0 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0x100/0xb30 [ 118.956692][ T5353] CPU: 2 UID: 0 PID: 5353 Comm: kworker/u33:8 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 118.960821][ T5353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 118.964971][ T5353] Workqueue: hci0 hci_rx_work [ 118.966697][ T5353] Call Trace: [ 118.968187][ T5353] [ 118.969522][ T5353] dump_stack_lvl+0x16c/0x1f0 [ 118.971147][ T5353] __might_resched+0x3c0/0x5e0 [ 118.972900][ T5353] ? __pfx___might_resched+0x10/0x10 [ 118.975096][ T5353] ? __pfx___lock_acquire+0x10/0x10 [ 118.977261][ T5353] ? rcu_is_watching+0x12/0xc0 [ 118.979315][ T5353] __mutex_lock+0xe2/0x9c0 [ 118.980915][ T5353] ? hci_le_create_big_complete_evt+0x387/0xb30 [ 118.983466][ T5353] ? __pfx___mutex_lock+0x10/0x10 [ 118.985274][ T5353] ? __pfx_lock_acquire+0x10/0x10 [ 118.987030][ T5353] ? find_held_lock+0x2d/0x110 [ 118.988759][ T5353] ? hci_event_packet+0x438/0x1180 [ 118.990866][ T5353] ? __pfx_lock_release+0x10/0x10 [ 118.993042][ T5353] ? hci_le_create_big_complete_evt+0x387/0xb30 [ 118.995662][ T5353] hci_le_create_big_complete_evt+0x387/0xb30 [ 118.997945][ T5353] ? __mutex_unlock_slowpath+0x164/0x650 [ 119.000308][ T5353] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 119.003143][ T5353] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 119.005488][ T5353] ? skb_pull_data+0x166/0x210 [ 119.007448][ T5353] hci_le_meta_evt+0x2e2/0x5d0 [ 119.009655][ T5353] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 119.012034][ T5353] hci_event_packet+0x666/0x1180 [ 119.013818][ T5353] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 119.015763][ T5353] ? __pfx_hci_event_packet+0x10/0x10 [ 119.017791][ T5353] ? mark_held_locks+0x9f/0xe0 [ 119.019926][ T5353] ? kcov_remote_start+0x3d1/0x6e0 [ 119.022238][ T5353] ? lockdep_hardirqs_on+0x7c/0x110 [ 119.024552][ T5353] hci_rx_work+0x2c6/0x1610 [ 119.026601][ T5353] process_one_work+0x9c5/0x1b40 [ 119.028834][ T5353] ? __pfx_lock_acquire+0x10/0x10 [ 119.030851][ T5353] ? __pfx_process_one_work+0x10/0x10 [ 119.032677][ T5353] ? assign_work+0x1a0/0x250 [ 119.034269][ T5353] worker_thread+0x6c8/0xf20 [ 119.035775][ T5353] ? __kthread_parkme+0x148/0x220 [ 119.037529][ T5353] ? __pfx_worker_thread+0x10/0x10 [ 119.039720][ T5353] kthread+0x2c1/0x3a0 [ 119.041532][ T5353] ? _raw_spin_unlock_irq+0x23/0x50 [ 119.043727][ T5353] ? __pfx_kthread+0x10/0x10 [ 119.045670][ T5353] ret_from_fork+0x45/0x80 [ 119.047518][ T5353] ? __pfx_kthread+0x10/0x10 [ 119.049560][ T5353] ret_from_fork_asm+0x1a/0x30 [ 119.051595][ T5353] [ 119.053997][ T5353] [ 119.054856][ T5353] ============================= [ 119.056567][ T5353] [ BUG: Invalid wait context ] [ 119.058634][ T5353] 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 Tainted: G W [ 119.061605][ T5353] ----------------------------- [ 119.063221][ T5353] kworker/u33:8/5353 is trying to lock: [ 119.064861][ T5353] ffffffff8fc83c68 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0x387/0xb30 [ 119.068154][ T5353] other info that might help us debug this: [ 119.070627][ T5353] context-{4:4} [ 119.072169][ T5353] 4 locks held by kworker/u33:8/5353: [ 119.074491][ T5353] #0: ffff88801ea3b948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 119.078958][ T5353] #1: ffffc90004247d80 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 119.083655][ T5353] #2: ffff888025850078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xde/0xb30 [ 119.088158][ T5353] #3: ffffffff8ddb53a0 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0x100/0xb30 [ 119.092480][ T5353] stack backtrace: [ 119.094191][ T5353] CPU: 2 UID: 0 PID: 5353 Comm: kworker/u33:8 Tainted: G W 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 119.098505][ T5353] Tainted: [W]=WARN [ 119.099845][ T5353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 119.103713][ T5353] Workqueue: hci0 hci_rx_work [ 119.105377][ T5353] Call Trace: [ 119.106523][ T5353] [ 119.107551][ T5353] dump_stack_lvl+0x116/0x1f0 [ 119.109193][ T5353] __lock_acquire+0x13cc/0x3cb0 [ 119.110881][ T5353] ? __pfx___lock_acquire+0x10/0x10 [ 119.112928][ T5353] ? irqentry_exit+0x3b/0x90 [ 119.114749][ T5353] ? lockdep_hardirqs_on+0x7c/0x110 [ 119.116564][ T5353] lock_acquire+0x1b1/0x560 [ 119.118126][ T5353] ? hci_le_create_big_complete_evt+0x387/0xb30 [ 119.120689][ T5353] ? __pfx_lock_acquire+0x10/0x10 [ 119.122685][ T5353] ? dump_stack_lvl+0x1a3/0x1f0 [ 119.124840][ T5353] ? add_taint+0x5f/0xd0 [ 119.126584][ T5353] ? __might_resched+0x3cc/0x5e0 [ 119.128699][ T5353] ? __pfx___might_resched+0x10/0x10 [ 119.130956][ T5353] ? __pfx___lock_acquire+0x10/0x10 [ 119.133061][ T5353] __mutex_lock+0x175/0x9c0 [ 119.134916][ T5353] ? hci_le_create_big_complete_evt+0x387/0xb30 [ 119.137417][ T5353] ? hci_le_create_big_complete_evt+0x387/0xb30 [ 119.140159][ T5353] ? __pfx___mutex_lock+0x10/0x10 [ 119.142180][ T5353] ? __pfx_lock_acquire+0x10/0x10 [ 119.144293][ T5353] ? find_held_lock+0x2d/0x110 [ 119.146293][ T5353] ? hci_event_packet+0x438/0x1180 [ 119.148399][ T5353] ? __pfx_lock_release+0x10/0x10 [ 119.150505][ T5353] ? hci_le_create_big_complete_evt+0x387/0xb30 [ 119.153129][ T5353] hci_le_create_big_complete_evt+0x387/0xb30 [ 119.155697][ T5353] ? __mutex_unlock_slowpath+0x164/0x650 [ 119.158059][ T5353] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 119.160838][ T5353] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 119.163266][ T5353] ? skb_pull_data+0x166/0x210 [ 119.164953][ T5353] hci_le_meta_evt+0x2e2/0x5d0 [ 119.166571][ T5353] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 119.168793][ T5353] hci_event_packet+0x666/0x1180 [ 119.170476][ T5353] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 119.172438][ T5353] ? __pfx_hci_event_packet+0x10/0x10 [ 119.174861][ T5353] ? mark_held_locks+0x9f/0xe0 [ 119.176619][ T5353] ? kcov_remote_start+0x3d1/0x6e0 [ 119.178356][ T5353] ? lockdep_hardirqs_on+0x7c/0x110 [ 119.180135][ T5353] hci_rx_work+0x2c6/0x1610 [ 119.181810][ T5353] process_one_work+0x9c5/0x1b40 [ 119.183941][ T5353] ? __pfx_lock_acquire+0x10/0x10 [ 119.186177][ T5353] ? __pfx_process_one_work+0x10/0x10 [ 119.188406][ T5353] ? assign_work+0x1a0/0x250 [ 119.190422][ T5353] worker_thread+0x6c8/0xf20 [ 119.191990][ T5353] ? __kthread_parkme+0x148/0x220 [ 119.194078][ T5353] ? __pfx_worker_thread+0x10/0x10 [ 119.196053][ T5353] kthread+0x2c1/0x3a0 [ 119.197518][ T5353] ? _raw_spin_unlock_irq+0x23/0x50 [ 119.199281][ T5353] ? __pfx_kthread+0x10/0x10 [ 119.200869][ T5353] ret_from_fork+0x45/0x80 [ 119.202441][ T5353] ? __pfx_kthread+0x10/0x10 [ 119.204008][ T5353] ret_from_fork_asm+0x1a/0x30 [ 119.205661][ T5353] [ 119.207151][ T5353] ------------[ cut here ]------------ [ 119.209031][ T5353] Voluntary context switch within RCU read-side critical section! [ 119.209079][ T5353] WARNING: CPU: 2 PID: 5353 at kernel/rcu/tree_plugin.h:330 rcu_note_context_switch+0xc5c/0x1ae0 [ 119.215975][ T5353] Modules linked in: [ 119.217325][ T5353] CPU: 2 UID: 0 PID: 5353 Comm: kworker/u33:8 Tainted: G W 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 119.221450][ T5353] Tainted: [W]=WARN [ 119.222834][ T5353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 119.226565][ T5353] Workqueue: hci0 hci_rx_work [ 119.228163][ T5353] RIP: 0010:rcu_note_context_switch+0xc5c/0x1ae0 [ 119.230307][ T5353] Code: 75 00 4c 8b 54 24 30 48 8b 44 24 28 8b 4c 24 10 e9 c6 03 00 00 c6 05 62 da 88 0e 01 90 48 c7 c7 60 95 4e 8b e8 b5 1f da ff 90 <0f> 0b 90 90 e9 a8 f4 ff ff 38 d0 7f 08 84 c0 0f 85 2b 08 00 00 80 [ 119.237793][ T5353] RSP: 0018:ffffc90004247678 EFLAGS: 00010082 [ 119.239883][ T5353] RAX: 0000000000000000 RBX: ffff88806b23fd00 RCX: ffffc900281fe000 [ 119.242684][ T5353] RDX: 0000000000100000 RSI: ffffffff814cc386 RDI: 0000000000000001 [ 119.245428][ T5353] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 119.248152][ T5353] R10: 0000000000000000 R11: 000000002d2d2d2d R12: ffff888024548000 [ 119.250901][ T5353] R13: ffff888024548000 R14: ffff888024548000 R15: ffff88806b23edc0 [ 119.254101][ T5353] FS: 0000000000000000(0000) GS:ffff88806b200000(0000) knlGS:0000000000000000 [ 119.257269][ T5353] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.259567][ T5353] CR2: 0000000020004000 CR3: 0000000020712000 CR4: 0000000000350ef0 [ 119.262274][ T5353] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 119.265006][ T5353] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 119.267791][ T5353] Call Trace: [ 119.268956][ T5353] [ 119.269987][ T5353] ? show_regs+0x8c/0xa0 [ 119.271476][ T5353] ? __warn+0xe5/0x3c0 [ 119.273103][ T5353] ? rcu_note_context_switch+0xc5c/0x1ae0 [ 119.275587][ T5353] ? report_bug+0x3c0/0x580 [ 119.277606][ T5353] ? handle_bug+0x3d/0x70 [ 119.279335][ T5353] ? exc_invalid_op+0x17/0x50 [ 119.281356][ T5353] ? asm_exc_invalid_op+0x1a/0x20 [ 119.283223][ T5353] ? __warn_printk+0x1a6/0x350 [ 119.284867][ T5353] ? rcu_note_context_switch+0xc5c/0x1ae0 [ 119.286927][ T5353] ? rcu_note_context_switch+0xc5b/0x1ae0 [ 119.289226][ T5353] ? lockdep_unlock+0x11a/0x290 [ 119.291374][ T5353] ? __lock_acquire+0x2149/0x3cb0 [ 119.293348][ T5353] ? rcu_is_watching+0x12/0xc0 [ 119.295181][ T5353] ? schedule+0xe7/0x350 [ 119.296929][ T5353] __schedule+0x291/0x5490 [ 119.298906][ T5353] ? trace_irq_enable.constprop.0+0xe4/0x130 [ 119.301546][ T5353] ? __pfx___schedule+0x10/0x10 [ 119.303696][ T5353] ? __mutex_trylock_common+0x78/0x250 [ 119.305922][ T5353] ? __pfx___mutex_trylock_common+0x10/0x10 [ 119.308128][ T5353] ? __mutex_lock+0x7ca/0x9c0 [ 119.309965][ T5353] schedule+0xe7/0x350 [ 119.311575][ T5353] schedule_preempt_disabled+0x13/0x30 [ 119.313862][ T5353] __mutex_lock+0x81e/0x9c0 [ 119.315880][ T5353] ? hci_le_create_big_complete_evt+0x387/0xb30 [ 119.318622][ T5353] ? __pfx___mutex_lock+0x10/0x10 [ 119.320830][ T5353] ? __pfx_lock_acquire+0x10/0x10 [ 119.323051][ T5353] ? find_held_lock+0x2d/0x110 [ 119.325204][ T5353] ? hci_event_packet+0x438/0x1180 [ 119.327507][ T5353] ? __pfx_lock_release+0x10/0x10 [ 119.329800][ T5353] ? hci_le_create_big_complete_evt+0x387/0xb30 [ 119.332561][ T5353] hci_le_create_big_complete_evt+0x387/0xb30 [ 119.335301][ T5353] ? __mutex_unlock_slowpath+0x164/0x650 [ 119.337670][ T5353] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 119.340716][ T5353] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 119.343400][ T5353] ? skb_pull_data+0x166/0x210 [ 119.345539][ T5353] hci_le_meta_evt+0x2e2/0x5d0 [ 119.347672][ T5353] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 119.350606][ T5353] hci_event_packet+0x666/0x1180 [ 119.352809][ T5353] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 119.355076][ T5353] ? __pfx_hci_event_packet+0x10/0x10 [ 119.357478][ T5353] ? mark_held_locks+0x9f/0xe0 [ 119.359614][ T5353] ? kcov_remote_start+0x3d1/0x6e0 [ 119.361954][ T5353] ? lockdep_hardirqs_on+0x7c/0x110 [ 119.364263][ T5353] hci_rx_work+0x2c6/0x1610 [ 119.366321][ T5353] process_one_work+0x9c5/0x1b40 [ 119.368543][ T5353] ? __pfx_lock_acquire+0x10/0x10 [ 119.370537][ T5353] ? __pfx_process_one_work+0x10/0x10 [ 119.372658][ T5353] ? assign_work+0x1a0/0x250 [ 119.374508][ T5353] worker_thread+0x6c8/0xf20 [ 119.376350][ T5353] ? __kthread_parkme+0x148/0x220 [ 119.378431][ T5353] ? __pfx_worker_thread+0x10/0x10 [ 119.380683][ T5353] kthread+0x2c1/0x3a0 [ 119.382480][ T5353] ? _raw_spin_unlock_irq+0x23/0x50 [ 119.384743][ T5353] ? __pfx_kthread+0x10/0x10 [ 119.386556][ T5353] ret_from_fork+0x45/0x80 [ 119.388307][ T5353] ? __pfx_kthread+0x10/0x10 [ 119.390250][ T5353] ret_from_fork_asm+0x1a/0x30 [ 119.392370][ T5353] [ 119.393795][ T5353] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 119.396992][ T5353] CPU: 2 UID: 0 PID: 5353 Comm: kworker/u33:8 Tainted: G W 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 119.402360][ T5353] Tainted: [W]=WARN [ 119.404076][ T5353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 119.408782][ T5353] Workqueue: hci0 hci_rx_work [ 119.410663][ T5353] Call Trace: [ 119.412134][ T5353] [ 119.413446][ T5353] dump_stack_lvl+0x3d/0x1f0 [ 119.415483][ T5353] panic+0x6f5/0x7a0 [ 119.417217][ T5353] ? __pfx_panic+0x10/0x10 [ 119.419220][ T5353] ? show_trace_log_lvl+0x363/0x500 [ 119.421561][ T5353] ? rcu_note_context_switch+0xc5c/0x1ae0 [ 119.424044][ T5353] check_panic_on_warn+0xab/0xb0 [ 119.426054][ T5353] __warn+0xf1/0x3c0 [ 119.427529][ T5353] ? rcu_note_context_switch+0xc5c/0x1ae0 [ 119.429835][ T5353] report_bug+0x3c0/0x580 [ 119.431751][ T5353] handle_bug+0x3d/0x70 [ 119.433620][ T5353] exc_invalid_op+0x17/0x50 [ 119.435662][ T5353] asm_exc_invalid_op+0x1a/0x20 [ 119.437845][ T5353] RIP: 0010:rcu_note_context_switch+0xc5c/0x1ae0 [ 119.440632][ T5353] Code: 75 00 4c 8b 54 24 30 48 8b 44 24 28 8b 4c 24 10 e9 c6 03 00 00 c6 05 62 da 88 0e 01 90 48 c7 c7 60 95 4e 8b e8 b5 1f da ff 90 <0f> 0b 90 90 e9 a8 f4 ff ff 38 d0 7f 08 84 c0 0f 85 2b 08 00 00 80 [ 119.448580][ T5353] RSP: 0018:ffffc90004247678 EFLAGS: 00010082 [ 119.451263][ T5353] RAX: 0000000000000000 RBX: ffff88806b23fd00 RCX: ffffc900281fe000 [ 119.454518][ T5353] RDX: 0000000000100000 RSI: ffffffff814cc386 RDI: 0000000000000001 [ 119.457938][ T5353] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 119.461453][ T5353] R10: 0000000000000000 R11: 000000002d2d2d2d R12: ffff888024548000 [ 119.464952][ T5353] R13: ffff888024548000 R14: ffff888024548000 R15: ffff88806b23edc0 [ 119.468293][ T5353] ? __warn_printk+0x1a6/0x350 [ 119.470227][ T5353] ? rcu_note_context_switch+0xc5b/0x1ae0 [ 119.472532][ T5353] ? lockdep_unlock+0x11a/0x290 [ 119.474685][ T5353] ? __lock_acquire+0x2149/0x3cb0 [ 119.476927][ T5353] ? rcu_is_watching+0x12/0xc0 [ 119.479058][ T5353] ? schedule+0xe7/0x350 [ 119.480940][ T5353] __schedule+0x291/0x5490 [ 119.482723][ T5353] ? trace_irq_enable.constprop.0+0xe4/0x130 [ 119.485304][ T5353] ? __pfx___schedule+0x10/0x10 [ 119.487378][ T5353] ? __mutex_trylock_common+0x78/0x250 [ 119.489703][ T5353] ? __pfx___mutex_trylock_common+0x10/0x10 [ 119.492320][ T5353] ? __mutex_lock+0x7ca/0x9c0 [ 119.494249][ T5353] schedule+0xe7/0x350 [ 119.495879][ T5353] schedule_preempt_disabled+0x13/0x30 [ 119.498265][ T5353] __mutex_lock+0x81e/0x9c0 [ 119.500309][ T5353] ? hci_le_create_big_complete_evt+0x387/0xb30 [ 119.503095][ T5353] ? __pfx___mutex_lock+0x10/0x10 [ 119.505256][ T5353] ? __pfx_lock_acquire+0x10/0x10 [ 119.507244][ T5353] ? find_held_lock+0x2d/0x110 [ 119.509356][ T5353] ? hci_event_packet+0x438/0x1180 [ 119.511612][ T5353] ? __pfx_lock_release+0x10/0x10 [ 119.513877][ T5353] ? hci_le_create_big_complete_evt+0x387/0xb30 [ 119.516645][ T5353] hci_le_create_big_complete_evt+0x387/0xb30 [ 119.519045][ T5353] ? __mutex_unlock_slowpath+0x164/0x650 [ 119.521503][ T5353] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 119.524355][ T5353] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 119.526737][ T5353] ? skb_pull_data+0x166/0x210 [ 119.528840][ T5353] hci_le_meta_evt+0x2e2/0x5d0 [ 119.530996][ T5353] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 119.533944][ T5353] hci_event_packet+0x666/0x1180 [ 119.536151][ T5353] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 119.538305][ T5353] ? __pfx_hci_event_packet+0x10/0x10 [ 119.540571][ T5353] ? mark_held_locks+0x9f/0xe0 [ 119.542681][ T5353] ? kcov_remote_start+0x3d1/0x6e0 [ 119.544954][ T5353] ? lockdep_hardirqs_on+0x7c/0x110 [ 119.547246][ T5353] hci_rx_work+0x2c6/0x1610 [ 119.549293][ T5353] process_one_work+0x9c5/0x1b40 [ 119.551506][ T5353] ? __pfx_lock_acquire+0x10/0x10 [ 119.553619][ T5353] ? __pfx_process_one_work+0x10/0x10 [ 119.555900][ T5353] ? assign_work+0x1a0/0x250 [ 119.557946][ T5353] worker_thread+0x6c8/0xf20 [ 119.560001][ T5353] ? __kthread_parkme+0x148/0x220 [ 119.562065][ T5353] ? __pfx_worker_thread+0x10/0x10 [ 119.564077][ T5353] kthread+0x2c1/0x3a0 [ 119.565819][ T5353] ? _raw_spin_unlock_irq+0x23/0x50 [ 119.568089][ T5353] ? __pfx_kthread+0x10/0x10 [ 119.569984][ T5353] ret_from_fork+0x45/0x80 [ 119.571823][ T5353] ? __pfx_kthread+0x10/0x10 [ 119.573864][ T5353] ret_from_fork_asm+0x1a/0x30 [ 119.575996][ T5353] [ 119.577951][ T5353] Kernel Offset: disabled [ 119.579881][ T5353] Rebooting in 86400 seconds.. VM DIAGNOSIS: 00:46:37 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000001 RBX=0000000000000021 RCX=ffffffff81677f0e RDX=fffffbfff28c50d9 RSI=0000000000000008 RDI=ffffffff946286c0 RBP=0000000000000000 RSP=ffffc90003377250 R8 =0000000000000000 R9 =fffffbfff28c50d8 R10=ffffffff946286c7 R11=0000000000000002 R12=0000000000000000 R13=ffff888026228b58 R14=0000000000000021 R15=ffff888026228000 RIP=ffffffff81677f16 RFL=00000047 [---Z-PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f5eac0e16c0 ffffffff 00c00000 GS =0000 ffff88806b000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000204c4000 CR3=000000003aa64000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff813075ef ffffffff8100a0af ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff8100a0af ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f474ebe56c5 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f474ebe56d2 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f474ebe56cc ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f474ebe56e0 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f474ebe5766 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f474ebe5844 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000307a7973 0001000900000001 0000000000000000 0e010a0d000014e0 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 327a797300020009 00000000307a7973 0001000900000001 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100110000001400 000000307a797300 0100090200040008 0000000f0010000c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 010a00000000280a 0000000000000000 0000000001001000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffffc90003037148 RCX=ffffffff813ce4f2 RDX=ffff88801f544880 RSI=0000000000000000 RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc900030370c0 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000002 R11=0000000000000000 R12=ffffffff90aec33a R13=ffffffff90aec33f R14=0000000000000002 R15=ffffc9000303717d RIP=ffffffff818a7b30 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ffc831bce10 CR3=000000000db7c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002020004 Opmask01=00000000000000ff Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f370fcd56a3 00007f370fcd56a3 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc831bf010 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556866e55c 000055556866e550 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556866b498 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555568675e24 00005555686755d0 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556866ce64 000055556866ce60 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556866d8c0 000055556866d890 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556866d900 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100001008060801 30ba03ffffffff04 0010000210000f80 040100001008060a ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 011ffefffffe1000 03ffffffff040100 000e080601000010 0806080130ba03ff ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffff0400100002 10000f8004010000 1008060a012fbe00 08000ff003000800 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0fe0030010000fd0 0303ffffffff040f c0030210000fb003 03c210000d900308 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 80040d80030d8004 0fa0030008000f90 0303ffffffff040f 8003201000428004 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000064 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fe2745 RDI=ffffffff9519a720 RBP=ffffffff9519a6e0 RSP=ffffc90004247418 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000064 R14=ffffffff84fe26e0 R15=0000000000000000 RIP=ffffffff84fe276f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020004000 CR3=000000004d52c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f474ebe56c5 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f474ebe56d2 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f474ebe56cc ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f474ebe56e0 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f474ebe5766 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f474ebe5844 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f474ecd5488 00007f474ecd5480 00007f474ecd5478 00007f474ecd5450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f474f83d100 00007f474ecd5440 00007f474ecd5458 00007f474ecd54a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f474ecd5498 00007f474ecd5490 00007f474ecd5488 00007f474ecd5480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000000cccd3 RBX=0000000000000003 RCX=ffffffff8b11a529 RDX=0000000000000000 RSI=ffffffff8b4cc580 RDI=ffffffff8bb08480 RBP=ffffed10030db488 RSP=ffffc900001a7e08 R8 =0000000000000001 R9 =ffffed100d666fd9 R10=ffff88806b337ecb R11=0000000000000000 R12=0000000000000003 R13=ffff8880186da440 R14=ffffffff9012b0d8 R15=0000000000000000 RIP=ffffffff8b11b91f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b31805ff8 CR3=000000002da22000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8100a093 ffffffff8100a093 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8100a093 ffffffff8100a093 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff8100a093 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2ea3e56c5 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2ea3e56d2 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2ea3e56cc ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2ea3e56e0 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2ea3e5766 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd2ea3e5844 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff82002d31 ffffffff82002cfe ffffffff82002ce1 ffffffff82002b56 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff820031bc ffffffff8200312b ffffffff00040008 0000000f0010000c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff82002db1 ffffffff82002d31 ffffffff82002cfe ffffffff82002ce1 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000