last executing test programs: 8.790362914s ago: executing program 4 (id=57): socket$nl_netfilter(0x10, 0x3, 0xc) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) r0 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x4}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x20000000, 0x441, 0x6, 0x0, 0x0, 0x2004cb, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2000], 0x0, 0x200306}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 7.405946907s ago: executing program 4 (id=63): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1d, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000c4000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000006b00000095"], &(0x7f00000005c0)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (fail_nth: 1) 7.245867921s ago: executing program 0 (id=65): r0 = syz_open_dev$video4linux(&(0x7f00000000c0), 0x0, 0x12b043) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket$netlink(0x10, 0x3, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00') r6 = socket$inet6(0xa, 0x400000000001, 0x0) sendto$inet6(r6, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'team_slave_0\x00', 0x0}) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x24, 0x2a, 0x200, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x8, 0xfff1}, {0xfff3, 0x2}, {0x9, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x24044801}, 0x20000000) ioctl$VIDIOC_G_CTRL(r0, 0xc008561b, &(0x7f0000002400)={0x980001, 0x2}) 6.851256184s ago: executing program 4 (id=67): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmsg$NL80211_CMD_SET_BEACON(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0xc0, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x3, 0x42}}}}, [@NL80211_ATTR_BEACON_HEAD={0x9d, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1}, {0x125d}, @device_a, @device_b, @random="29b1dbc63a45", {0x2, 0x7}, @value=@ver_80211n={0x0, 0x6, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1}}, 0x27ed, @default, 0x8072, @void, @void, @val={0x3, 0x1, 0x4}, @val={0x4, 0x6, {0x44, 0x0, 0x6}}, @val={0x6, 0x2, 0xd71e}, @val={0x5, 0x3, {0x1, 0x65, 0xdd}}, @void, @val={0x2a, 0x1}, @val={0x3c, 0x4, {0x1, 0x2, 0x8, 0x86}}, @val={0x2d, 0x1a, {0x10, 0x1, 0x2, 0x0, {0x8000000000000000, 0xf4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1}, 0x8, 0xbc1e, 0x1}}, @val={0x72, 0x6}, @val={0x71, 0x7, {0xb2, 0x1, 0x1, 0x1, 0xffffffffffffffff, 0xdc, 0x48}}, @val={0x76, 0x6, {0x0, 0x0, 0x3, 0x4}}, [{0xdd, 0x1d, "e2f5a10b0bed29f19e1f9cb91ab72192caa69ca2b7e4bfb1de8c418208"}]}}]}, 0xc0}}, 0xc0a5) syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r1) 6.097739813s ago: executing program 0 (id=69): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() setsockopt$MRT_DONE(0xffffffffffffffff, 0x0, 0xc9, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) creat(&(0x7f0000000440)='./file0/file0\x00', 0x188) lsetxattr$security_capability(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000100), &(0x7f0000000600)=@v3={0x3000000, [{0x4, 0x3}, {0xffff, 0xc4}]}, 0x18, 0x0) chdir(&(0x7f0000000140)='./bus\x00') lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 5.75223837s ago: executing program 4 (id=75): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x28, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x40}]}, 0x28}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) (fail_nth: 1) 4.956044902s ago: executing program 4 (id=76): r0 = socket$kcm(0x10, 0x2, 0x10) r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000340)=ANY=[@ANYBLOB="120100005938d74010973077339600000001090212000100001e000904"], 0x0) syz_usb_control_io(r1, 0x0, &(0x7f0000000800)={0x84, &(0x7f00000000c0)=ANY=[@ANYBLOB="020082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0) syz_usb_control_io$uac1(r1, 0x0, 0x0) syz_usb_control_io$uac1(r1, 0x0, 0x0) syz_usb_control_io$printer(r1, 0x0, &(0x7f0000000380)={0x34, &(0x7f0000000180)={0x20, 0x5, 0x2, "b08f"}, 0x0, 0x0, 0x0, 0x0, 0x0}) epoll_create1(0x0) sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0) r2 = socket$rds(0x15, 0x5, 0x0) bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x24, 0x4, 0x8, 0x101, 0x0, 0x0, {0x7, 0x0, 0x4}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x16df561f65259823}]}, 0x24}, 0x1, 0x0, 0x0, 0x24044c05}, 0x20000000) syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="040f0700010408"], 0x7) read$msr(r3, &(0x7f0000000100)=""/126, 0x7e) sendmsg$rds(r2, &(0x7f0000000080)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000240)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, 0x0}}], 0x48}, 0x0) recvmsg$kcm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000003940)=[{&(0x7f0000001800)=""/4119, 0x1017}], 0x1}, 0x0) 4.942664872s ago: executing program 0 (id=78): socket$netlink(0x10, 0x3, 0x10) socket$netlink(0x10, 0x3, 0x10) syz_emit_ethernet(0xc3, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x28, r3, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0) 4.84228253s ago: executing program 0 (id=81): r0 = syz_open_dev$video4linux(&(0x7f00000000c0), 0x0, 0x12b043) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket$netlink(0x10, 0x3, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00') r6 = socket$inet6(0xa, 0x400000000001, 0x0) sendto$inet6(r6, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'team_slave_0\x00', 0x0}) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x24, 0x2a, 0x200, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x8, 0xfff1}, {0xfff3, 0x2}, {0x9, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x24044801}, 0x20000000) ioctl$VIDIOC_G_CTRL(r0, 0xc008561b, &(0x7f0000002400)={0x980001, 0x2}) 3.890237335s ago: executing program 0 (id=86): mkdirat(0xffffffffffffff9c, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00'}, 0x10) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@index_on}, {@metacopy_off}], [{@dont_measure}, {@smackfshat}]}) mount(&(0x7f0000000280)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)='xfs\x00', 0x8000, 0x0) r3 = syz_open_dev$vim2m(0x0, 0x8004, 0x2) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x80000001, 0x20) fcntl$dupfd(r2, 0x406, r3) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') mlock(&(0x7f0000002000/0x2000)=nil, 0x2000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) read$FUSE(r4, &(0x7f0000000640)={0x2020}, 0x2020) 3.714912066s ago: executing program 2 (id=87): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x13, r1, 0x2000) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) munlockall() 3.361188349s ago: executing program 2 (id=88): r0 = socket$inet6(0xa, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x4e21, @private=0xa010101}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@ip_retopts={{0x18, 0x0, 0x7, {[@ssrr={0x89, 0x7, 0x4, [@remote]}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}], 0x30}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) bind$802154_raw(0xffffffffffffffff, 0x0, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) sched_getattr(r1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) memfd_create(0x0, 0x0) socket$unix(0x1, 0x1, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', 0x0, 0x0, 0x101091, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) chdir(&(0x7f00000001c0)='./bus\x00') rmdir(&(0x7f0000000380)='./file0/../file0\x00') r4 = syz_open_dev$loop(&(0x7f00000005c0), 0xffff, 0x109041) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events.local\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f00000002c0)={r5, 0x1000, {0x2a00, 0x80010000, 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d09000000000000008dd4992861ac1000", "90be6c09306003d8006000", [0x0, 0x2]}}) ioctl$LOOP_SET_CAPACITY(r4, 0x4c07) gettid() pipe(&(0x7f0000000240)) r6 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) ioctl$MON_IOCG_STATS(r6, 0x80089203, 0xfffffffffffffffe) 2.698164043s ago: executing program 0 (id=89): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x13, r1, 0x2000) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) munlockall() (fail_nth: 1) 2.303528123s ago: executing program 3 (id=92): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80) 2.040229626s ago: executing program 2 (id=93): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB], 0x4c}}, 0x0) 1.760016232s ago: executing program 2 (id=94): r0 = shmget(0x2, 0x1000, 0x8, &(0x7f0000ffc000/0x1000)=nil) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000000)={{{@in, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@initdev}}, &(0x7f0000000100)=0xe8) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000140)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff, 0xffffffffffffffff}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff, 0xffffffffffffffff}}, './file0\x00'}) getgroups(0x1, &(0x7f00000001c0)=[0xee01]) read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000002240)={0x5, 0xb, {0xffffffffffffffff}, {0xee01}, 0x8, 0x2}) shmctl$IPC_SET(r0, 0x1, &(0x7f0000002280)={{0x3, r2, r4, r6, r7, 0x8, 0x8}, 0xffffffff, 0x0, 0x1, 0x8, r8, r9, 0x1}) shmctl$SHM_UNLOCK(r0, 0xc) prctl$PR_GET_TSC(0x19, &(0x7f0000002300)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000002340), 0x0, 0x0) r10 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000002380), 0x40, 0x0) write$vga_arbiter(r10, &(0x7f00000023c0)=@other={'trylock', ' ', 'mem'}, 0xc) r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002440)={&(0x7f0000002400)='afs_make_fs_call2\x00', r5, 0x0, 0x400}, 0x18) shmctl$SHM_UNLOCK(r0, 0xc) recvmsg$can_raw(r3, &(0x7f0000003a40)={&(0x7f0000002480)=@in6={0xa, 0x0, 0x0, @empty}, 0x80, &(0x7f0000003980)=[{&(0x7f0000002500)=""/60, 0x3c}, {&(0x7f0000002540)=""/42, 0x2a}, {&(0x7f0000002580)=""/151, 0x97}, {&(0x7f0000002640)=""/146, 0x92}, {&(0x7f0000002700)=""/4096, 0x1000}, {&(0x7f0000003700)=""/187, 0xbb}, {&(0x7f00000037c0)=""/85, 0x55}, {&(0x7f0000003840)=""/78, 0x4e}, {&(0x7f00000038c0)=""/191, 0xbf}], 0x9}, 0x20) r12 = socket(0x6, 0x5, 0x101) ioctl$SNDRV_PCM_IOCTL_STATUS64(r5, 0x80984120, &(0x7f0000003a80)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000003b40)={{0x1, 0x1, 0x18, r5, {r11}}, './file0\x00'}) socket$inet6_dccp(0xa, 0x6, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000003b80)={0x0, 0x1, 0xe}, &(0x7f0000003bc0)=0x8) setsockopt$inet_sctp_SCTP_AUTH_KEY(r12, 0x84, 0x17, &(0x7f0000003c00)={r15, 0x3f, 0x22, "e1b905393cece800b40543a1a400d1223d686c4fa66bf345de4d16e35c51a8cb133d"}, 0x2a) r16 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r16, &(0x7f0000003c40)={0x1d, r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x4, r9, 0x1, 0x0) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r14, 0x18, &(0x7f0000003c80)={0x3, r12, 0x0, {0xbb, 0x1}, 0x2}, 0x1) write$P9_RUNLINKAT(r3, &(0x7f0000003cc0)={0x7, 0x4d, 0x1}, 0x7) ioctl$KDGKBDIACR(r13, 0x4b4a, &(0x7f0000003d00)=""/193) dup3(r13, 0xffffffffffffffff, 0x80000) 1.759650213s ago: executing program 3 (id=95): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() socket(0x2, 0x80805, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) r2 = epoll_create1(0x0) r3 = socket$unix(0x1, 0x5, 0x0) setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f00000000c0)=0x80, 0x4) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000080)={0xa002a008}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) getsockopt$bt_hci(r3, 0x0, 0x2, &(0x7f0000000040)=""/62, &(0x7f00000001c0)=0x3e) sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x6) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000004c0)={'ip6gre0\x00', &(0x7f0000000440)={'syztnl2\x00', 0x0, 0x29, 0x2, 0x2, 0x4, 0x28, @rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7800, 0x7, 0xe, 0x2000f}}) r4 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00') preadv(r4, &(0x7f0000000500)=[{&(0x7f0000000a40)=""/55, 0x37}], 0x1, 0x0, 0x0) 1.635820699s ago: executing program 2 (id=96): r0 = syz_open_dev$video4linux(&(0x7f00000000c0), 0x0, 0x12b043) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket$netlink(0x10, 0x3, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00') r6 = socket$inet6(0xa, 0x400000000001, 0x0) sendto$inet6(r6, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'team_slave_0\x00', 0x0}) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x24, 0x2a, 0x200, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x8, 0xfff1}, {0xfff3, 0x2}, {0x9, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x24044801}, 0x20000000) ioctl$VIDIOC_G_CTRL(r0, 0xc008561b, &(0x7f0000002400)={0x980001, 0x2}) 1.485125434s ago: executing program 3 (id=97): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000780)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="01082cbd7000000000000b00000008000300", @ANYRES32=r4, @ANYBLOB="30005080110001004abee339084eeef16f162471f4000000050009000100000005000200000000000800030004ac0f000a0006000802110000010000"], 0x58}, 0x1, 0x0, 0x0, 0x40905}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0xe7330000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) getsockopt$bt_hci(r0, 0x0, 0x3, &(0x7f00000000c0)=""/7, &(0x7f0000000180)=0x7) r6 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) connect$bt_rfcomm(r6, &(0x7f0000000200)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x15}, 0xa) bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0900000007000000000001"], 0x50) r7 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x862b01) r8 = syz_open_dev$evdev(&(0x7f0000000280), 0x0, 0x0) read$hiddev(r8, &(0x7f0000002300)=""/102, 0x66) write$char_usb(r7, &(0x7f0000000040)="e2", 0x2250) 572.030347ms ago: executing program 2 (id=99): mkdirat(0xffffffffffffff9c, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00'}, 0x10) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@index_on}, {@metacopy_off}], [{@dont_measure}, {@smackfshat}]}) mount(&(0x7f0000000280)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)='xfs\x00', 0x8000, 0x0) r3 = syz_open_dev$vim2m(0x0, 0x8004, 0x2) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x80000001, 0x20) fcntl$dupfd(r2, 0x406, r3) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') mlock(&(0x7f0000002000/0x2000)=nil, 0x2000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) read$FUSE(r4, &(0x7f0000000640)={0x2020}, 0x2020) 544.041737ms ago: executing program 1 (id=100): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r1) getsockname$packet(r1, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0xf1d, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x1}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xe, 0x3}, {}, {0x5, 0xfff1}}}, 0x24}}, 0x40004) 336.087045ms ago: executing program 1 (id=101): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r1, 0x100) syz_emit_ethernet(0x5a, &(0x7f0000000c40)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff10f5", 0x24, 0x6, 0xff, @local, @local, {[], {{0xfffd, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0xc2, 0x0, 0x0, 0x4, {[@mptcp=@synack={0x1e, 0x10, 0x6, 0x2, 0x6, 0x3ff, 0x2}]}}}}}}}}, 0x0) (fail_nth: 1) 318.14492ms ago: executing program 1 (id=102): r0 = syz_open_dev$video(&(0x7f0000000580), 0x7, 0x0) ioctl$VIDIOC_TRY_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000100)={0xf00000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0xf0f027, 0x0, '\x00', @p_u8=0x0}}) (fail_nth: 1) 308.221521ms ago: executing program 3 (id=103): r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10) setsockopt$RDS_GET_MR(r0, 0x114, 0x2, &(0x7f00000001c0)={{0x0}, 0x0, 0x15}, 0x20) (fail_nth: 1) 196.024476ms ago: executing program 1 (id=104): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=ANY=[@ANYBLOB="18006b7d66b11802a36617bf926e00000ef18d7b6a5ff571aaf8a79a6a24db87d9747d21a8a5494b0795af4c5864e333314b176f08b570b1d176be381af40b0c5c40db19b0bbc2145fde1524da30ed6f4960e9988ff73763ffaa5d800bd3cbfb7d078bea4808c1a388b62cf5ab881db4f0a61c58434fbe95d4e94ad6f072a16c83ecb9b7edef141db835127a769956ae41bebfd19e52a39cb22faf794542cc294b80a268bf8eba5d4108d1b7fa3f3e8283715cb537c35b77c94d32b2653d5be2b061d5f4f0fab42e0c7c190ec20847ddfaae39ef258a14a5a84f2d119f40c1126593920626a242e6f1376f97a747678f5724201cc510"], 0x18}, 0x1, 0x0, 0x0, 0x8014}, 0x9ee9fd74460faf8e) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x2, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_PMK(r4, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r5, 0x300, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000004}, 0xc5) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000fc0)={"ce85bf2fb3cd8f0e18f44494adfd75424bf57b44e3463dfcb57b5aa2b43cd438723b695eec6b4426ea40a206b9cdbc407406838fcc7114ee6e137328f808004923eb4829d751fe67819c96419effe8f53ecc9abb1c638d0daf743cf4fc2698c10d497e714371c2c78b293c2e33df72ca75c4f998b90a473868c98f53ed8f44170db785ac72fbc40e3ca4684e282864a612c553ebd1ca1948bfea0769e283fa6ed8e2216714062bcf9059e36c3697dd010000000000000053ea45e5cf150d3442ba0e58aacdfdeb14d6a20bed8351e1f2b17abdb988f50fbf4074f815d68745a04f2e7ac4212ab17a2872ad02f0bf2cf146d0325d7b6b1cef1f7facf93ddfc3f922d69c818682368f0e59316563717a71fcf3c65c496d766a7d7fa6840377e9e93d46f322c1d36fd5275d97da2d9f5eeaee4cdd98e9d0c911ba7b21e47766397360658f8166ff477dd353f82cb463ba5e1b9fc305d21e07e657de987152fd9372f4225a5b1231c4b680c9b8918bc5b10786c1660eb829c5f1096f7c4270dcef48c9ad70a3dd9b80e32d0a2c45a6a4690900a75a064cdaae3e59099df9c3e384ee927ebf0f84df459d170008000000000000000000000000005c78a0b382aa9c2755e83834be0b88fbdeffb4841192d5c9480dfd52aaad7c928f601ebf48523775c20399fbaa5b6d83e5add38fea61e11491496e164b09fbffeab88f9329223e1660e9dcbf562e505914b6ca6d978d84162fa5895299eb8fb8eaec40808fe6eb449333f62ac02b8bece9c708971d1d1cb6dffe416c2c6fae7c906678dfe105ff10cfe1eda88c691d9984feb0711745f126d90000000000000078b127cc272033c9f3f1b0ac7e0ed4f34feb3e60b691478d9fb01b4158d22d1f64698d076aa830586aff20000000002b0d189e770ea239689638d0d935aef9ab8c167819cb17ad67a7e8fd5d658f4f929efa834be01e2644e36ab7c13930499a50ad46716274d62407635b97d6e6c19b1226451294b5e575135a8c972a739e89c92f698b043ed9b97db50c0000522d462a54c10190eecb15f7edd115356e731f0812649979de235f19552bc2826e15c9b67ed404161df925e9baabdb846b5bf66855e3f8b79d9d39ba806f179477607996a388f8e1b126f36618f685cb62065d30f6fe2b0a562a94591ee3fa981160e1481ee781c371cc7ee8c928f77b4e6d9b73fa3bfcfd21d068d50e29c84bc2af8328817bcc3293afe6c78d4ee87c835097b383169d8017ef12eabd7ff4f91701088ace6da8a31c05e729aade81adb2ac10d22795c125db94b18cf900"}) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x8400ae8e, &(0x7f0000000140)=@x86={0xff, 0x0, 0x0, 0x0, 0xfffffff7, 0x0, 0x0, 0x0, 0x8, 0x2, 0xfc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x5}) 194.238384ms ago: executing program 3 (id=105): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64"], 0x4c}}, 0x0) 167.687984ms ago: executing program 1 (id=106): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)}, 0x50) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x301000, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000380)={0x1, 0x0, 0x1}) (async, rerun: 64) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, &(0x7f00000020c0)='smaps\x00') (async, rerun: 64) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000040)={0x0, 0x7000, 0x1}) (async) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async) mkdir(&(0x7f00000004c0)='./bus\x00', 0x92) (async, rerun: 64) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]}) (rerun: 64) sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x5}, 0x0) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) 156.123091ms ago: executing program 4 (id=107): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() socket(0x2, 0x80805, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) r2 = epoll_create1(0x0) r3 = socket$unix(0x1, 0x5, 0x0) setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f00000000c0)=0x80, 0x4) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000080)={0xa002a008}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) getsockopt$bt_hci(r3, 0x0, 0x2, &(0x7f0000000040)=""/62, &(0x7f00000001c0)=0x3e) sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x6) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000004c0)={'ip6gre0\x00', &(0x7f0000000440)={'syztnl2\x00', 0x0, 0x29, 0x2, 0x2, 0x4, 0x28, @rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7800, 0x7, 0xe, 0x2000f}}) r4 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00') preadv(r4, &(0x7f0000000500)=[{&(0x7f0000000a40)=""/55, 0x37}], 0x1, 0x0, 0x0) 47.402598ms ago: executing program 3 (id=108): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x13, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x5, &(0x7f0000000000)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$inet(0x2, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4) shutdown(r2, 0x0) recvmmsg(r2, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 0s ago: executing program 1 (id=109): r0 = syz_open_dev$video4linux(&(0x7f00000000c0), 0x0, 0x12b043) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket$netlink(0x10, 0x3, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00') r6 = socket$inet6(0xa, 0x400000000001, 0x0) sendto$inet6(r6, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'team_slave_0\x00', 0x0}) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x24, 0x2a, 0x200, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x8, 0xfff1}, {0xfff3, 0x2}, {0x9, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x24044801}, 0x20000000) ioctl$VIDIOC_G_CTRL(r0, 0xc008561b, &(0x7f0000002400)={0x980001, 0x2}) kernel console output (not intermixed with test programs): pid=5670 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.849631][ T30] audit: type=1400 audit(1743611728.921:83): avc: denied { write } for pid=5673 comm="sftp-server" path="pipe:[4328]" dev="pipefs" ino=4328 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 45.005195][ T30] audit: type=1400 audit(1743611729.081:84): avc: denied { read } for pid=5178 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 45.027612][ T30] audit: type=1400 audit(1743611729.081:85): avc: denied { append } for pid=5178 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 45.051339][ T30] audit: type=1400 audit(1743611729.081:86): avc: denied { open } for pid=5178 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 45.074031][ T30] audit: type=1400 audit(1743611729.081:87): avc: denied { getattr } for pid=5178 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Warning: Permanently added '10.128.15.196' (ED25519) to the list of known hosts. [ 53.508188][ T30] audit: type=1400 audit(1743611737.581:88): avc: denied { mounton } for pid=5808 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 53.511669][ T5808] cgroup: Unknown subsys name 'net' [ 53.531070][ T30] audit: type=1400 audit(1743611737.581:89): avc: denied { mount } for pid=5808 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 53.558345][ T30] audit: type=1400 audit(1743611737.611:90): avc: denied { unmount } for pid=5808 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 53.692988][ T5808] cgroup: Unknown subsys name 'cpuset' [ 53.701028][ T5808] cgroup: Unknown subsys name 'rlimit' [ 53.844391][ T30] audit: type=1400 audit(1743611737.921:91): avc: denied { setattr } for pid=5808 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 53.867721][ T30] audit: type=1400 audit(1743611737.921:92): avc: denied { create } for pid=5808 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 53.902306][ T30] audit: type=1400 audit(1743611737.921:93): avc: denied { write } for pid=5808 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 53.923059][ T30] audit: type=1400 audit(1743611737.921:94): avc: denied { read } for pid=5808 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 53.945180][ T30] audit: type=1400 audit(1743611737.951:95): avc: denied { mounton } for pid=5808 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 53.969976][ T30] audit: type=1400 audit(1743611737.951:96): avc: denied { mount } for pid=5808 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 53.988471][ T5810] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 53.993185][ T30] audit: type=1400 audit(1743611737.971:97): avc: denied { read } for pid=5490 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 54.891161][ T5808] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 56.984175][ T5832] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 56.991057][ T5827] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 56.998631][ T5831] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 57.006738][ T5827] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 57.014960][ T5827] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 57.023215][ T5827] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 57.023280][ T5835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 57.030849][ T5827] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 57.038230][ T5835] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 57.051316][ T5827] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 57.052441][ T5835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 57.058384][ T5136] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 57.067019][ T5835] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 57.072348][ T5827] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 57.079819][ T5835] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 57.086756][ T5827] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 57.095722][ T5835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 57.100284][ T5837] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 57.115645][ T5827] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 57.123975][ T5827] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 57.130131][ T5835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 57.130969][ T5837] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 57.140306][ T5835] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 57.160483][ T5836] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 57.169165][ T5835] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 57.533636][ T5820] chnl_net:caif_netlink_parms(): no params data found [ 57.547042][ T5818] chnl_net:caif_netlink_parms(): no params data found [ 57.676278][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 57.784066][ T5818] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.791799][ T5818] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.799016][ T5818] bridge_slave_0: entered allmulticast mode [ 57.806663][ T5818] bridge_slave_0: entered promiscuous mode [ 57.817039][ T5818] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.824150][ T5818] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.831397][ T5818] bridge_slave_1: entered allmulticast mode [ 57.838291][ T5818] bridge_slave_1: entered promiscuous mode [ 57.858963][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 57.875160][ T5820] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.882569][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.889626][ T5820] bridge_slave_0: entered allmulticast mode [ 57.896994][ T5820] bridge_slave_0: entered promiscuous mode [ 57.906850][ T5820] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.913963][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.921062][ T5820] bridge_slave_1: entered allmulticast mode [ 57.927894][ T5820] bridge_slave_1: entered promiscuous mode [ 57.948906][ T5819] chnl_net:caif_netlink_parms(): no params data found [ 57.979988][ T5818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.018909][ T5818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.034342][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.076544][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.096131][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.104572][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.111682][ T5825] bridge_slave_0: entered allmulticast mode [ 58.118262][ T5825] bridge_slave_0: entered promiscuous mode [ 58.126531][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.133659][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.141152][ T5825] bridge_slave_1: entered allmulticast mode [ 58.148011][ T5825] bridge_slave_1: entered promiscuous mode [ 58.156467][ T5818] team0: Port device team_slave_0 added [ 58.187289][ T5818] team0: Port device team_slave_1 added [ 58.205401][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.212613][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.219658][ T5833] bridge_slave_0: entered allmulticast mode [ 58.227374][ T5833] bridge_slave_0: entered promiscuous mode [ 58.253538][ T5820] team0: Port device team_slave_0 added [ 58.266963][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.274084][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.281714][ T5833] bridge_slave_1: entered allmulticast mode [ 58.288273][ T5833] bridge_slave_1: entered promiscuous mode [ 58.296301][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.307904][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.325423][ T5820] team0: Port device team_slave_1 added [ 58.361556][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.368495][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.394704][ T5818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.407809][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.414778][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.441371][ T5818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.459065][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.466416][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.473567][ T5819] bridge_slave_0: entered allmulticast mode [ 58.480355][ T5819] bridge_slave_0: entered promiscuous mode [ 58.495213][ T5825] team0: Port device team_slave_0 added [ 58.503555][ T5825] team0: Port device team_slave_1 added [ 58.525068][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.532240][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.539304][ T5819] bridge_slave_1: entered allmulticast mode [ 58.546349][ T5819] bridge_slave_1: entered promiscuous mode [ 58.561708][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.588508][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.595963][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.622400][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.633734][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.640885][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.667227][ T5820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.688133][ T5819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.698443][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.717841][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.724781][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.750805][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.762972][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.769897][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.795970][ T5820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.812346][ T5819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.861230][ T5833] team0: Port device team_slave_0 added [ 58.868630][ T5819] team0: Port device team_slave_0 added [ 58.906990][ T5833] team0: Port device team_slave_1 added [ 58.915481][ T5819] team0: Port device team_slave_1 added [ 58.933115][ T5818] hsr_slave_0: entered promiscuous mode [ 58.939125][ T5818] hsr_slave_1: entered promiscuous mode [ 58.948813][ T5825] hsr_slave_0: entered promiscuous mode [ 58.955440][ T5825] hsr_slave_1: entered promiscuous mode [ 58.961541][ T5825] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.969174][ T5825] Cannot create hsr debugfs directory [ 59.005670][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.012753][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.038807][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.058060][ T5820] hsr_slave_0: entered promiscuous mode [ 59.064594][ T5820] hsr_slave_1: entered promiscuous mode [ 59.070753][ T5820] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.078286][ T5820] Cannot create hsr debugfs directory [ 59.101415][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.108339][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.134356][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.154344][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.161288][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.187165][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.193057][ T5835] Bluetooth: hci0: command tx timeout [ 59.199009][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.210069][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.236212][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.260198][ T5832] Bluetooth: hci4: command tx timeout [ 59.265764][ T5832] Bluetooth: hci2: command tx timeout [ 59.271263][ T5822] Bluetooth: hci3: command tx timeout [ 59.276982][ T5835] Bluetooth: hci1: command tx timeout [ 59.365797][ T5833] hsr_slave_0: entered promiscuous mode [ 59.373185][ T5833] hsr_slave_1: entered promiscuous mode [ 59.378989][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.386592][ T5833] Cannot create hsr debugfs directory [ 59.405198][ T5819] hsr_slave_0: entered promiscuous mode [ 59.411680][ T5819] hsr_slave_1: entered promiscuous mode [ 59.417490][ T5819] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.425151][ T5819] Cannot create hsr debugfs directory [ 59.687828][ T5825] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 59.697812][ T5825] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 59.708380][ T5825] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 59.723561][ T5825] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 59.769277][ T5818] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 59.779486][ T5818] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 59.792727][ T5818] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 59.808772][ T5818] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 59.854062][ T5820] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 59.871340][ T5820] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 59.879944][ T5820] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 59.901610][ T5820] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 59.952472][ T5819] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 59.965379][ T5819] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 59.979973][ T5819] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 59.993373][ T5819] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 60.026310][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.064513][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.073994][ T5833] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 60.095234][ T5833] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 60.108293][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.115413][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.125799][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.132891][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.161459][ T5833] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 60.172584][ T5833] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 60.257635][ T5818] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.287778][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 60.287790][ T30] audit: type=1400 audit(1743611744.361:111): avc: denied { sys_module } for pid=5825 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 60.321607][ T5818] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.341575][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.361401][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.368506][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.402238][ T5820] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.412651][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.419691][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.435593][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.461339][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.468405][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.477288][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.484369][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.523980][ T5819] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.561331][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.568372][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.582533][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.605351][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.612474][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.646262][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.713612][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.725703][ T5819] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 60.749646][ T5825] veth0_vlan: entered promiscuous mode [ 60.765503][ T1325] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.772599][ T1325] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.811928][ T5825] veth1_vlan: entered promiscuous mode [ 60.853286][ T1325] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.860405][ T1325] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.949948][ T5818] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.972703][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.989419][ T5825] veth0_macvtap: entered promiscuous mode [ 61.022669][ T5825] veth1_macvtap: entered promiscuous mode [ 61.106013][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.117483][ T5818] veth0_vlan: entered promiscuous mode [ 61.129454][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.157647][ T5818] veth1_vlan: entered promiscuous mode [ 61.172859][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.199824][ T5825] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.214544][ T5825] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.223987][ T5825] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.233751][ T5825] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.251540][ T5835] Bluetooth: hci0: command tx timeout [ 61.289732][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.319108][ T5818] veth0_macvtap: entered promiscuous mode [ 61.330578][ T5835] Bluetooth: hci1: command tx timeout [ 61.335984][ T5835] Bluetooth: hci2: command tx timeout [ 61.341790][ T5832] Bluetooth: hci3: command tx timeout [ 61.347191][ T5836] Bluetooth: hci4: command tx timeout [ 61.377996][ T5818] veth1_macvtap: entered promiscuous mode [ 61.404612][ T5820] veth0_vlan: entered promiscuous mode [ 61.412791][ T5819] veth0_vlan: entered promiscuous mode [ 61.429597][ T4185] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.439117][ T4185] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.449209][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.462485][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.473646][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.488737][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.500642][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.511250][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.522226][ T5818] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.531173][ T5818] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.539845][ T5818] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.548639][ T5818] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.572061][ T5819] veth1_vlan: entered promiscuous mode [ 61.578394][ T5820] veth1_vlan: entered promiscuous mode [ 61.599995][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.608174][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.632348][ T30] audit: type=1400 audit(1743611745.711:112): avc: denied { mounton } for pid=5825 comm="syz-executor" path="/root/syzkaller.Y7eEI5/syz-tmp" dev="sda1" ino=1944 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 61.657992][ T30] audit: type=1400 audit(1743611745.711:113): avc: denied { mount } for pid=5825 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 61.685790][ T30] audit: type=1400 audit(1743611745.711:114): avc: denied { mounton } for pid=5825 comm="syz-executor" path="/root/syzkaller.Y7eEI5/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 61.715194][ T5833] veth0_vlan: entered promiscuous mode [ 61.732385][ T30] audit: type=1400 audit(1743611745.711:115): avc: denied { mount } for pid=5825 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 61.758889][ T30] audit: type=1400 audit(1743611745.711:116): avc: denied { mounton } for pid=5825 comm="syz-executor" path="/root/syzkaller.Y7eEI5/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 61.759799][ T5825] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 61.788660][ T30] audit: type=1400 audit(1743611745.721:117): avc: denied { mounton } for pid=5825 comm="syz-executor" path="/root/syzkaller.Y7eEI5/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=6058 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 61.816886][ T5833] veth1_vlan: entered promiscuous mode [ 61.838173][ T30] audit: type=1400 audit(1743611745.721:118): avc: denied { unmount } for pid=5825 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 61.844912][ T5819] veth0_macvtap: entered promiscuous mode [ 61.860204][ T30] audit: type=1400 audit(1743611745.741:119): avc: denied { mounton } for pid=5825 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2728 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 61.882509][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.886688][ T5820] veth0_macvtap: entered promiscuous mode [ 61.904320][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.909894][ T5820] veth1_macvtap: entered promiscuous mode [ 61.932146][ T30] audit: type=1400 audit(1743611745.741:120): avc: denied { mount } for pid=5825 comm="syz-executor" name="/" dev="gadgetfs" ino=6063 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 61.960624][ T5819] veth1_macvtap: entered promiscuous mode [ 62.014141][ T5820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.026285][ T5820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.036563][ T5820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.047000][ T5820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.058731][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.069687][ T5819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.081059][ T5819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.091947][ T5819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.102611][ T5819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.112479][ T5819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.123839][ T5819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.139134][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.247906][ T5819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.263416][ T5819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.274613][ T5819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.285534][ T5819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.296943][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.306434][ T5820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.317143][ T5820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.327568][ T5820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.338551][ T5820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.348627][ T5820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.359767][ T5820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.374294][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.551815][ T5905] evm: overlay not supported [ 62.677331][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.709864][ T5820] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.720719][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.728116][ T5820] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.756228][ T5820] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.765014][ T5820] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.784841][ T5819] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.793710][ T5819] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.803203][ T5819] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.812070][ T5819] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.861144][ T5833] veth0_macvtap: entered promiscuous mode [ 62.872925][ T5833] veth1_macvtap: entered promiscuous mode [ 62.928443][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.946525][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.956387][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.967856][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.978993][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.992343][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.061440][ T5910] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2'. [ 63.067372][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.086909][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.098691][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.135463][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.173382][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.203954][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.215707][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.228383][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.239103][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.254761][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.265427][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.279773][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.330143][ T5836] Bluetooth: hci0: command tx timeout [ 63.372069][ T5833] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.389021][ T5833] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.398840][ T5833] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.408794][ T5833] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.418007][ T5835] Bluetooth: hci1: command tx timeout [ 63.423915][ T5832] Bluetooth: hci2: command tx timeout [ 63.429836][ T5822] Bluetooth: hci3: command tx timeout [ 63.470088][ T5914] overlayfs: missing 'workdir' [ 63.480925][ T5836] Bluetooth: hci4: command tx timeout [ 63.777170][ T4592] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.800493][ T4592] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.834544][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.842506][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.874412][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.887493][ T1139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.917856][ T5918] team0: No ports can be present during mode change [ 63.954708][ T4592] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.974196][ T4592] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.003585][ T4592] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.076350][ T4592] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.186173][ T5924] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.194062][ T5924] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.301956][ T5924] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 64.315543][ T5924] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 64.373379][ T5924] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.384552][ T5924] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.394076][ T5924] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.403092][ T5924] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.475891][ T5929] overlayfs: missing 'workdir' [ 64.925097][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.949612][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.017378][ T5937] netlink: 'syz.1.10': attribute type 16 has an invalid length. [ 65.060163][ T5937] netlink: 'syz.1.10': attribute type 17 has an invalid length. [ 65.104183][ T5939] fuse: Bad value for 'fd' [ 65.164600][ T5937] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 65.293989][ T30] kauditd_printk_skb: 48 callbacks suppressed [ 65.294005][ T30] audit: type=1400 audit(1743611749.371:169): avc: denied { create } for pid=5946 comm="syz.2.14" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 65.358109][ T30] audit: type=1400 audit(1743611749.381:170): avc: denied { ioctl } for pid=5946 comm="syz.2.14" path="socket:[7743]" dev="sockfs" ino=7743 ioctlcmd=0x8916 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 65.414889][ T5956] Bluetooth: MGMT ver 1.23 [ 65.423223][ T5835] Bluetooth: hci0: command tx timeout [ 65.462626][ T5957] netlink: 'syz.4.13': attribute type 16 has an invalid length. [ 65.499954][ T5957] netlink: 'syz.4.13': attribute type 17 has an invalid length. [ 65.508923][ T5835] Bluetooth: hci1: command tx timeout [ 65.519950][ T5835] Bluetooth: hci4: command tx timeout [ 65.526751][ T5835] Bluetooth: hci3: command tx timeout [ 65.532512][ T5835] Bluetooth: hci2: command tx timeout [ 65.563931][ T30] audit: type=1400 audit(1743611749.481:171): avc: denied { setopt } for pid=5951 comm="syz.3.4" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 65.585152][ T30] audit: type=1400 audit(1743611749.481:172): avc: denied { bind } for pid=5951 comm="syz.3.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 65.606020][ T30] audit: type=1400 audit(1743611749.491:173): avc: denied { write } for pid=5951 comm="syz.3.4" path="socket:[7079]" dev="sockfs" ino=7079 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 65.629933][ T30] audit: type=1400 audit(1743611749.631:174): avc: denied { getopt } for pid=5946 comm="syz.2.14" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 65.650486][ T30] audit: type=1400 audit(1743611749.701:175): avc: denied { create } for pid=5946 comm="syz.2.14" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1 [ 65.813530][ T5957] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.889599][ T5957] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.002119][ T5957] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 66.158931][ T5960] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.166949][ T5960] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.358130][ T5971] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 66.360368][ T30] audit: type=1400 audit(1743611750.421:176): avc: denied { ioctl } for pid=5968 comm="syz.2.19" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 66.371621][ T5971] netlink: 12 bytes leftover after parsing attributes in process `syz.4.20'. [ 66.419669][ T30] audit: type=1400 audit(1743611750.431:177): avc: denied { create } for pid=5967 comm="syz.4.20" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 66.444326][ T30] audit: type=1400 audit(1743611750.441:178): avc: denied { write } for pid=5967 comm="syz.4.20" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 66.562002][ T5960] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 66.577176][ T5960] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 66.600269][ T5828] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 66.664144][ T5960] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.676497][ T5960] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.685860][ T5960] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.699676][ T5960] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.758668][ T5828] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 66.776581][ T5828] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 66.798448][ T5828] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 66.830516][ T5828] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.865596][ T5828] usb 3-1: config 0 descriptor?? [ 66.906977][ T5970] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.914544][ T5970] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.024456][ T5970] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 67.058577][ T5970] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 67.119579][ T5970] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.129073][ T5970] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.138795][ T5970] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.147943][ T5970] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.268411][ T5988] netlink: 'syz.3.24': attribute type 16 has an invalid length. [ 67.279699][ T5988] netlink: 'syz.3.24': attribute type 17 has an invalid length. [ 67.332934][ T5988] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.342707][ T5988] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.361083][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 67.414481][ T6000] netlink: 32 bytes leftover after parsing attributes in process `syz.4.28'. [ 67.521214][ T5868] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 67.554752][ T5988] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 67.730482][ T5868] usb 2-1: Using ep0 maxpacket: 32 [ 67.741647][ T5868] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 67.762500][ T5868] usb 2-1: config 0 has no interface number 0 [ 67.769620][ T5868] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 67.781809][ T5868] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 67.801577][ T5868] usb 2-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 67.811347][ T5868] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.841618][ T5868] usb 2-1: config 0 descriptor?? [ 68.502675][ T6017] syz.0.31: attempt to access beyond end of device [ 68.502675][ T6017] nbd0: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 68.570312][ T5920] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 68.720132][ T5920] usb 5-1: Using ep0 maxpacket: 8 [ 68.727560][ T5920] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 68.738033][ T5920] usb 5-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 68.740210][ T5828] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 68.801123][ T6025] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 68.816282][ T6025] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 68.829719][ T5920] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.852785][ T6025] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 68.854623][ T5920] usb 5-1: config 0 descriptor?? [ 68.864397][ T5868] uclogic 0003:28BD:0094.0001: pen parameters not found [ 68.879239][ T5920] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 68.889907][ T6025] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 68.901023][ T5868] uclogic 0003:28BD:0094.0001: interface is invalid, ignoring [ 68.920276][ T5828] usb 4-1: Using ep0 maxpacket: 8 [ 68.937483][ T5828] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 68.973340][ T5828] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 69.000201][ T5828] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.013693][ T5828] usb 4-1: config 0 descriptor?? [ 69.021745][ T5828] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 69.090522][ T0] NOHZ tick-stop error: local softirq work is pending, handler #108!!! [ 69.178146][ T6031] netlink: 'syz.0.35': attribute type 16 has an invalid length. [ 69.186518][ T6031] netlink: 'syz.0.35': attribute type 17 has an invalid length. [ 69.211045][ T6031] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 69.240090][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 69.260176][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 69.270129][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 69.397465][ T5920] gspca_vc032x: reg_r err -110 [ 69.578548][ T5828] gspca_vc032x: reg_r err -110 [ 69.585730][ T5828] vc032x 4-1:0.0: probe with driver vc032x failed with error -110 [ 69.589002][ T5921] usb 3-1: USB disconnect, device number 2 [ 69.610234][ T5920] vc032x 5-1:0.0: probe with driver vc032x failed with error -110 [ 69.650473][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 69.700687][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 70.439191][ T5921] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 70.478478][ T5920] usb 2-1: USB disconnect, device number 2 [ 70.580807][ T971] usb 4-1: USB disconnect, device number 2 [ 70.614823][ T5921] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 70.641818][ T5921] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 70.652000][ T5921] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 70.652022][ T5921] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.672610][ T5921] usb 3-1: config 0 descriptor?? [ 70.743561][ T5870] usb 5-1: USB disconnect, device number 2 [ 70.801866][ T30] kauditd_printk_skb: 20 callbacks suppressed [ 70.801885][ T30] audit: type=1400 audit(1743611754.851:199): avc: denied { block_suspend } for pid=6044 comm="syz.0.39" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 70.909247][ T5920] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 71.256019][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.262713][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.460227][ T5920] usb 2-1: Using ep0 maxpacket: 8 [ 71.467741][ T5920] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 71.478053][ T5920] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 71.487216][ T5920] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.499293][ T5920] usb 2-1: config 0 descriptor?? [ 71.513360][ T5920] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 72.383708][ T5920] gspca_vc032x: reg_r err -110 [ 72.388590][ T5920] vc032x 2-1:0.0: probe with driver vc032x failed with error -110 [ 72.567238][ T6059] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pid=6059 comm=syz.4.42 [ 72.608081][ T6061] netlink: 'syz.3.43': attribute type 48 has an invalid length. [ 72.626278][ T6061] netlink: 12 bytes leftover after parsing attributes in process `syz.3.43'. [ 72.645413][ T30] audit: type=1400 audit(1743611756.721:200): avc: denied { bind } for pid=6058 comm="syz.4.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 72.844133][ T6057] Zero length message leads to an empty skb [ 73.041176][ T30] audit: type=1400 audit(1743611757.111:201): avc: denied { create } for pid=6072 comm="syz.3.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 73.071636][ T30] audit: type=1400 audit(1743611757.111:202): avc: denied { ioctl } for pid=6072 comm="syz.3.47" path="socket:[8381]" dev="sockfs" ino=8381 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 73.240634][ T30] audit: type=1400 audit(1743611757.121:203): avc: denied { sys_module } for pid=6072 comm="syz.3.47" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 73.736593][ T30] audit: type=1400 audit(1743611757.181:204): avc: denied { write } for pid=6072 comm="syz.3.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 73.766687][ T5868] usb 3-1: USB disconnect, device number 3 [ 73.848411][ T5870] usb 2-1: USB disconnect, device number 3 [ 73.997059][ T6081] fuse: Bad value for 'fd' [ 74.811862][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 75.120400][ T30] audit: type=1400 audit(1743611759.201:205): avc: denied { read } for pid=6101 comm="syz.3.56" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 75.120954][ T6099] netlink: 28 bytes leftover after parsing attributes in process `syz.1.54'. [ 75.202891][ T30] audit: type=1400 audit(1743611759.231:206): avc: denied { ioctl } for pid=6101 comm="syz.3.56" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 75.230418][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 75.238915][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 75.299009][ T6102] FAULT_INJECTION: forcing a failure. [ 75.299009][ T6102] name failslab, interval 1, probability 0, space 0, times 1 [ 75.336473][ T6108] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 75.358430][ T6108] kvm: pic: level sensitive irq not supported [ 75.358556][ T6108] kvm: pic: non byte read [ 75.369785][ T6108] kvm: pic: level sensitive irq not supported [ 75.369846][ T6108] kvm: pic: non byte read [ 75.381805][ T6108] kvm: pic: level sensitive irq not supported [ 75.381864][ T6108] kvm: pic: non byte read [ 75.393159][ T6108] kvm: pic: level sensitive irq not supported [ 75.393214][ T6108] kvm: pic: non byte read [ 75.430266][ T6102] CPU: 1 UID: 0 PID: 6102 Comm: syz.2.55 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) [ 75.430290][ T6102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 75.430299][ T6102] Call Trace: [ 75.430304][ T6102] [ 75.430311][ T6102] dump_stack_lvl+0x16c/0x1f0 [ 75.430333][ T6102] should_fail_ex+0x512/0x640 [ 75.430347][ T6102] ? fs_reclaim_acquire+0xae/0x150 [ 75.430370][ T6102] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 75.430390][ T6102] should_failslab+0xc2/0x120 [ 75.430408][ T6102] __kmalloc_noprof+0xd2/0x510 [ 75.430428][ T6102] tomoyo_realpath_from_path+0xc2/0x6e0 [ 75.430451][ T6102] ? tomoyo_profile+0x47/0x60 [ 75.430477][ T6102] tomoyo_path_number_perm+0x245/0x580 [ 75.430494][ T6102] ? tomoyo_path_number_perm+0x237/0x580 [ 75.430515][ T6102] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 75.430534][ T6102] ? find_held_lock+0x2b/0x80 [ 75.430576][ T6102] ? find_held_lock+0x2b/0x80 [ 75.430595][ T6102] ? hook_file_ioctl_common+0x145/0x410 [ 75.430625][ T6102] ? __fget_files+0x20e/0x3c0 [ 75.430644][ T6102] security_file_ioctl+0x9b/0x240 [ 75.430667][ T6102] __x64_sys_ioctl+0xb7/0x200 [ 75.430690][ T6102] do_syscall_64+0xcd/0x260 [ 75.430711][ T6102] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.430727][ T6102] RIP: 0033:0x7f6d07d8d169 [ 75.430740][ T6102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.430753][ T6102] RSP: 002b:00007f6d08c4d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 75.430768][ T6102] RAX: ffffffffffffffda RBX: 00007f6d07fa5fa0 RCX: 00007f6d07d8d169 [ 75.430779][ T6102] RDX: 0000200000000080 RSI: 000000004048aecb RDI: 000000000000000a [ 75.430788][ T6102] RBP: 00007f6d08c4d090 R08: 0000000000000000 R09: 0000000000000000 [ 75.430796][ T6102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 75.430805][ T6102] R13: 0000000000000000 R14: 00007f6d07fa5fa0 R15: 00007ffc21261d18 [ 75.430824][ T6102] [ 75.430830][ T6102] ERROR: Out of memory at tomoyo_realpath_from_path. [ 75.459799][ T30] audit: type=1400 audit(1743611759.531:207): avc: denied { getopt } for pid=6115 comm="syz.0.59" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 75.717488][ T6118] fuse: Invalid rootmode [ 75.738724][ T30] audit: type=1400 audit(1743611759.531:208): avc: denied { create } for pid=6115 comm="syz.0.59" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 75.925629][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 75.925643][ T30] audit: type=1400 audit(1743611760.001:211): avc: denied { read } for pid=6122 comm="syz.0.62" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 76.597577][ T48] cfg80211: failed to load regulatory.db [ 76.608682][ T30] audit: type=1400 audit(1743611760.001:212): avc: denied { open } for pid=6122 comm="syz.0.62" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 76.717745][ T6126] FAULT_INJECTION: forcing a failure. [ 76.717745][ T6126] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 76.734001][ T6126] CPU: 1 UID: 0 PID: 6126 Comm: syz.4.63 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) [ 76.734024][ T6126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 76.734034][ T6126] Call Trace: [ 76.734039][ T6126] [ 76.734045][ T6126] dump_stack_lvl+0x16c/0x1f0 [ 76.734069][ T6126] should_fail_ex+0x512/0x640 [ 76.734087][ T6126] _copy_from_user+0x2e/0xd0 [ 76.734103][ T6126] __sys_bpf+0x21d/0x4d80 [ 76.734124][ T6126] ? __pfx___sys_bpf+0x10/0x10 [ 76.734144][ T6126] ? ksys_write+0x190/0x240 [ 76.734162][ T6126] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 76.734191][ T6126] ? fput+0x70/0xf0 [ 76.734208][ T6126] ? ksys_write+0x1b9/0x240 [ 76.734221][ T6126] ? __pfx_ksys_write+0x10/0x10 [ 76.734237][ T6126] __x64_sys_bpf+0x78/0xc0 [ 76.734255][ T6126] ? lockdep_hardirqs_on+0x7c/0x110 [ 76.734271][ T6126] do_syscall_64+0xcd/0x260 [ 76.734290][ T6126] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.734305][ T6126] RIP: 0033:0x7f5f1f18d169 [ 76.734317][ T6126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.734330][ T6126] RSP: 002b:00007f5f1ff7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 76.734345][ T6126] RAX: ffffffffffffffda RBX: 00007f5f1f3a5fa0 RCX: 00007f5f1f18d169 [ 76.734355][ T6126] RDX: 0000000000000094 RSI: 0000200000000080 RDI: 0000000000000005 [ 76.734363][ T6126] RBP: 00007f5f1ff7b090 R08: 0000000000000000 R09: 0000000000000000 [ 76.734371][ T6126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.734380][ T6126] R13: 0000000000000001 R14: 00007f5f1f3a5fa0 R15: 00007ffd8df5c8e8 [ 76.734400][ T6126] [ 77.240003][ T6133] netlink: 24 bytes leftover after parsing attributes in process `syz.1.64'. [ 77.397042][ T30] audit: type=1400 audit(1743611761.461:213): avc: denied { setopt } for pid=6135 comm="syz.4.67" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 77.694087][ T30] audit: type=1400 audit(1743611761.461:214): avc: denied { accept } for pid=6135 comm="syz.4.67" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 77.917590][ T30] audit: type=1400 audit(1743611761.941:215): avc: denied { write } for pid=6141 comm="syz.1.68" name="mcfilter" dev="proc" ino=4026532823 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 78.682631][ T6161] FAULT_INJECTION: forcing a failure. [ 78.682631][ T6161] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 78.700261][ T6161] CPU: 0 UID: 0 PID: 6161 Comm: syz.4.75 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) [ 78.700282][ T6161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 78.700289][ T6161] Call Trace: [ 78.700294][ T6161] [ 78.700299][ T6161] dump_stack_lvl+0x16c/0x1f0 [ 78.700319][ T6161] should_fail_ex+0x512/0x640 [ 78.700336][ T6161] _copy_from_user+0x2e/0xd0 [ 78.700350][ T6161] copy_msghdr_from_user+0x98/0x160 [ 78.700365][ T6161] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 78.700389][ T6161] ___sys_sendmsg+0xfe/0x1d0 [ 78.700404][ T6161] ? __pfx____sys_sendmsg+0x10/0x10 [ 78.700442][ T6161] __sys_sendmsg+0x16d/0x220 [ 78.700457][ T6161] ? __pfx___sys_sendmsg+0x10/0x10 [ 78.700476][ T6161] ? rcu_is_watching+0x12/0xc0 [ 78.700500][ T6161] do_syscall_64+0xcd/0x260 [ 78.700517][ T6161] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.700532][ T6161] RIP: 0033:0x7f5f1f18d169 [ 78.700545][ T6161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.700558][ T6161] RSP: 002b:00007f5f1ff7b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 78.700573][ T6161] RAX: ffffffffffffffda RBX: 00007f5f1f3a5fa0 RCX: 00007f5f1f18d169 [ 78.700583][ T6161] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000007 [ 78.700592][ T6161] RBP: 00007f5f1ff7b090 R08: 0000000000000000 R09: 0000000000000000 [ 78.700601][ T6161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 78.700609][ T6161] R13: 0000000000000000 R14: 00007f5f1f3a5fa0 R15: 00007ffd8df5c8e8 [ 78.700629][ T6161] [ 78.879170][ T6162] ======================================================= [ 78.879170][ T6162] WARNING: The mand mount option has been deprecated and [ 78.879170][ T6162] and is ignored by this kernel. Remove the mand [ 78.879170][ T6162] option from the mount to silence this warning. [ 78.879170][ T6162] ======================================================= [ 78.934158][ T30] audit: type=1400 audit(1743611763.001:216): avc: denied { unmount } for pid=6156 comm="syz.2.73" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 79.290142][ T5921] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 79.944014][ T5921] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 79.989046][ T5921] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.032239][ T5921] usb 5-1: config 0 descriptor?? [ 80.362843][ T6193] syz.0.86: attempt to access beyond end of device [ 80.362843][ T6193] nbd0: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 80.619228][ T6179] netlink: 12 bytes leftover after parsing attributes in process `syz.3.79'. [ 81.435287][ T30] audit: type=1400 audit(1743611765.511:217): avc: denied { read write } for pid=6210 comm="syz.0.89" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 81.478655][ T30] audit: type=1400 audit(1743611765.541:218): avc: denied { open } for pid=6210 comm="syz.0.89" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 81.501180][ T6211] FAULT_INJECTION: forcing a failure. [ 81.501180][ T6211] name failslab, interval 1, probability 0, space 0, times 0 [ 81.536397][ T6211] CPU: 0 UID: 0 PID: 6211 Comm: syz.0.89 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) [ 81.536423][ T6211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 81.536433][ T6211] Call Trace: [ 81.536438][ T6211] [ 81.536445][ T6211] dump_stack_lvl+0x16c/0x1f0 [ 81.536467][ T6211] should_fail_ex+0x512/0x640 [ 81.536483][ T6211] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 81.536502][ T6211] should_failslab+0xc2/0x120 [ 81.536522][ T6211] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 81.536538][ T6211] ? mas_alloc_nodes+0x18b/0x8b0 [ 81.536557][ T6211] mas_alloc_nodes+0x18b/0x8b0 [ 81.536578][ T6211] mas_node_count_gfp+0x105/0x130 [ 81.536595][ T6211] mas_preallocate+0x53e/0xcd0 [ 81.536614][ T6211] ? __lock_acquire+0xaa4/0x1ba0 [ 81.536630][ T6211] ? __pfx_mas_preallocate+0x10/0x10 [ 81.536648][ T6211] ? is_bpf_text_address+0x94/0x1a0 [ 81.536673][ T6211] ? __asan_memset+0x23/0x50 [ 81.536699][ T6211] commit_merge+0x29a/0x1020 [ 81.536718][ T6211] ? __pfx_commit_merge+0x10/0x10 [ 81.536736][ T6211] ? vma_merge_existing_range+0x113e/0x1c80 [ 81.536753][ T6211] ? dup_anon_vma.constprop.0+0x74/0x320 [ 81.536771][ T6211] vma_merge_existing_range+0xc52/0x1c80 [ 81.536794][ T6211] ? __pfx_vma_merge_existing_range+0x10/0x10 [ 81.536818][ T6211] vma_modify+0x87/0x410 [ 81.536836][ T6211] vma_modify_flags+0x212/0x2d0 [ 81.536853][ T6211] ? __pfx_vma_modify_flags+0x10/0x10 [ 81.536867][ T6211] ? mtree_range_walk+0x718/0xc00 [ 81.536903][ T6211] mlock_fixup+0x27c/0xe50 [ 81.536925][ T6211] apply_mlockall_flags+0x2d4/0x470 [ 81.536943][ T6211] ? __pfx_apply_mlockall_flags+0x10/0x10 [ 81.536959][ T6211] ? __pfx___might_resched+0x10/0x10 [ 81.536989][ T6211] ? __pfx_down_write_killable+0x10/0x10 [ 81.537011][ T6211] ? __pfx_ksys_write+0x10/0x10 [ 81.537024][ T6211] ? rcu_is_watching+0x12/0xc0 [ 81.537048][ T6211] __do_sys_munlockall+0xc5/0x280 [ 81.537067][ T6211] do_syscall_64+0xcd/0x260 [ 81.537088][ T6211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.537104][ T6211] RIP: 0033:0x7fb15258d169 [ 81.537118][ T6211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.537134][ T6211] RSP: 002b:00007fb1503f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098 [ 81.537149][ T6211] RAX: ffffffffffffffda RBX: 00007fb1527a5fa0 RCX: 00007fb15258d169 [ 81.537159][ T6211] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 81.537168][ T6211] RBP: 00007fb1503f6090 R08: 0000000000000000 R09: 0000000000000000 [ 81.537176][ T6211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.537185][ T6211] R13: 0000000000000000 R14: 00007fb1527a5fa0 R15: 00007ffed22a56c8 [ 81.537206][ T6211] [ 81.537235][ T6211] vmg ffffc90005297c80 dumped because: VM_WARN_ON_VMG(prev && start <= prev->vm_start) [ 81.623436][ T30] audit: type=1400 audit(1743611765.541:219): avc: denied { map } for pid=6210 comm="syz.0.89" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 81.689834][ T6211] vmg ffffc90005297c80 state: mm ffff88807ee44600 pgoff 2 [ 81.689834][ T6211] vmi ffffc90005297e38 [200000000000,200000800000) [ 81.689834][ T6211] prev ffff8880332cb8c0 middle ffff8880332cb8c0 next 0000000000000000 target 0000000000000000 [ 81.689834][ T6211] start 200000000000 end 200000800000 flags 80000ff [ 81.689834][ T6211] file ffff888032acb500 anon_vma 0000000000000000 policy 0000000000000000 [ 81.689834][ T6211] uffd_ctx 0000000000000000 [ 81.689834][ T6211] anon_name 0000000000000000 [ 81.689834][ T6211] state 0 [ 81.689834][ T6211] just_expand 0 [ 81.689834][ T6211] __adjust_middle_start 0 __adjust_next_start 0 [ 81.689834][ T6211] __remove_middle 0 __remove_next 0 [ 81.704713][ T30] audit: type=1400 audit(1743611765.541:220): avc: denied { execute } for pid=6210 comm="syz.0.89" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 81.918621][ T6217] netlink: 44 bytes leftover after parsing attributes in process `syz.2.93'. [ 81.942431][ T6211] vmg ffffc90005297c80 mm: [ 81.947161][ T6211] mm ffff88807ee44600 task_size 140737488351232 [ 81.947161][ T6211] mmap_base 140399581577216 mmap_legacy_base 47233213591552 [ 81.947161][ T6211] pgd ffff888076fba000 mm_users 2 mm_count 1 pgtables_bytes 131072 map_count 33 [ 81.947161][ T6211] hiwater_rss 160a hiwater_vm 5fa6 total_vm 5fa6 locked_vm 800 [ 81.947161][ T6211] pinned_vm 0 data_vm 1885 exec_vm 1a4 stack_vm 21 [ 81.947161][ T6211] start_code 7fb152448000 end_code 7fb1525e9529 start_data 7fb152780000 end_data 7fb152780000 [ 81.947161][ T6211] start_brk 555569f2c000 brk 555569f60000 start_stack 7ffed22a5f30 [ 81.947161][ T6211] arg_start 7ffed22a6f6d arg_end 7ffed22a6f81 env_start 7ffed22a6f81 env_end 7ffed22a6fe9 [ 81.947161][ T6211] binfmt ffffffff8e60a660 flags 800007fd [ 81.947161][ T6211] ioctx_table 0000000000000000 [ 81.947161][ T6211] owner ffff888057288000 exe_file ffff8880233f6fc0 [ 81.947161][ T6211] notifier_subscriptions 0000000000000000 [ 81.947161][ T6211] numa_next_scan 4294945374 numa_scan_offset 0 numa_scan_seq 0 [ 81.947161][ T6211] tlb_flush_pending 0 [ 81.947161][ T6211] def_flags: 0x0() [ 81.957236][ T30] audit: type=1400 audit(1743611765.671:221): avc: denied { mount } for pid=6213 comm="syz.3.91" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1 [ 82.099001][ T6211] vmg ffffc90005297c80 prev: [ 82.101103][ T30] audit: type=1400 audit(1743611766.131:222): avc: denied { create } for pid=6166 comm="syz.4.76" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 82.117372][ T6211] vma ffff8880332cb8c0 start 0000200000000000 end 0000200000800000 mm ffff88807ee44600 [ 82.117372][ T6211] prot 25 anon_vma 0000000000000000 vm_ops ffffffff8b98f000 [ 82.117372][ T6211] pgoff 2 file ffff888032acb500 private_data 0000000000000000 [ 82.117372][ T6211] refcnt 1 [ 82.117372][ T6211] flags: 0x80020ff(read|write|exec|shared|mayread|maywrite|mayexec|mayshare|locked|softdirty) [ 82.125540][ T30] audit: type=1400 audit(1743611766.131:223): avc: denied { bind } for pid=6166 comm="syz.4.76" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 82.185759][ T30] audit: type=1400 audit(1743611766.261:224): avc: denied { write } for pid=6166 comm="syz.4.76" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 82.198526][ T6211] vmg ffffc90005297c80 middle: [ 82.212175][ T6211] vma ffff8880332cb8c0 start 0000200000000000 end 0000200000800000 mm ffff88807ee44600 [ 82.212175][ T6211] prot 25 anon_vma 0000000000000000 vm_ops ffffffff8b98f000 [ 82.212175][ T6211] pgoff 2 file ffff888032acb500 private_data 0000000000000000 [ 82.212175][ T6211] refcnt 1 [ 82.212175][ T6211] flags: 0x80020ff(read|write|exec|shared|mayread|maywrite|mayexec|mayshare|locked|softdirty) [ 82.260902][ T6211] vmg ffffc90005297c80 next: (NULL) [ 82.290198][ T30] audit: type=1400 audit(1743611766.341:225): avc: denied { create } for pid=6221 comm="syz.2.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 82.360203][ T30] audit: type=1400 audit(1743611766.341:226): avc: denied { bind } for pid=6221 comm="syz.2.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 82.379744][ T6211] vmg ffffc90005297c80 vmi: [ 82.414362][ T6211] MAS: tree=ffff88807ee44640 enode=ffff88802e98b20c [ 82.414383][ T6211] (ma_active) [ 82.445628][ T6211] Store Type: [ 82.600723][ T6211] node_store [ 82.607428][ T6211] [6/11] index=200000000000 last=2000007fffff [ 82.644660][ T6211] min=0 max=555569f4dfff alloc=0000000000000000, depth=1, flags=0 [ 82.681286][ T6211] maple_tree(ffff88807ee44640) flags 30B, height 2 root ffff88802a58c21e [ 82.693421][ T6211] 0-ffffffffffffffff: node ffff88802a58c200 depth 0 type 3 parent ffff88807ee44641 contents: 355568f2b000 2a5be6476000 ffff80012dd59000 0 0 0 0 0 0 0 | 02 02| ffff88802e98b20c 555569F4DFFF ffff888024bc840c 7FB1523FFFFF ffff88802e98a80c FFFFFFFFFFFFFFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 [ 82.695914][ T5921] usb 5-1: Cannot set autoneg [ 82.745544][ T5921] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 82.791408][ T5921] usb 5-1: USB disconnect, device number 3 [ 82.817047][ T6211] 0-555569f4dfff: node ffff88802e98b200 depth 1 type 1 parent ffff88802a58c206 contents: 0000000000000000 110C22FFFF ffff88803330bdc0 110E22FFFF 0000000000000000 1B2F11FFFF ffff8880252dc3c0 1B2F15FFFF 0000000000000000 1FFFFFFFEFFF ffff8880252dc000 1FFFFFFFFFFF ffff8880332cb8c0 2000007FFFFF ffff8880332cbb40 200000B35FFF ffff8880332cb780 200000FFFFFF ffff8880252dca00 200001000FFF 0000000000000000 555569F2BFFF ffff8880252dc780 555569F4DFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 000000000000000b [ 83.097034][ T6211] 0-110c22ffff: 0000000000000000 [ 83.215442][ T6211] 110c230000-110e22ffff: ffff88803330bdc0 [ 83.327235][ T6211] 110e230000-1b2f11ffff: 0000000000000000 [ 83.358943][ T6211] 1b2f120000-1b2f15ffff: ffff8880252dc3c0 [ 83.365126][ T6211] 1b2f160000-1fffffffefff: 0000000000000000 [ 83.374080][ T6211] 1ffffffff000-1fffffffffff: ffff8880252dc000 [ 83.380789][ T6211] 200000000000-2000007fffff: ffff8880332cb8c0 [ 83.387300][ T6211] 200000800000-200000b35fff: ffff8880332cbb40 [ 83.429916][ T6211] 200000b36000-200000ffffff: ffff8880332cb780 [ 83.447229][ T6211] 200001000000-200001000fff: ffff8880252dca00 [ 83.462299][ T6211] 200001001000-555569f2bfff: 0000000000000000 [ 83.489568][ T6211] 555569f2c000-555569f4dfff: ffff8880252dc780 [ 83.497418][ T6240] netlink: 24 bytes leftover after parsing attributes in process `syz.1.100'. [ 83.509073][ T6211] 555569f4e000-7fb1523fffff: node ffff888024bc8400 depth 1 type 1 parent ffff88802a58c20e contents: ffff8880252dc8c0 555569F5FFFF 0000000000000000 7FB1503D5FFF ffff8880232938c0 7FB1503D6FFF ffff8880252dcdc0 7FB1503F6FFF ffff888023293a00 7FB1503F7FFF ffff8880252dc280 7FB150BF7FFF ffff8880252dcb40 7FB150BF8FFF ffff8880252dc500 7FB1513F8FFF ffff8880332cba00 7FB1513FAFFF ffff8880332cb000 7FB1517FAFFF ffff8880332cb280 7FB1517FCFFF ffff8880332cb3c0 7FB151BFCFFF ffff88802552f3c0 7FB151BFEFFF ffff88802552f500 7FB151FFEFFF ffff8880777b88c0 7FB151FFFFFF ffff8880777b8a00 [ 83.615812][ T6211] 555569f4e000-555569f5ffff: ffff8880252dc8c0 [ 83.644371][ T6211] 555569f60000-7fb1503d5fff: 0000000000000000 [ 83.670396][ T6211] 7fb1503d6000-7fb1503d6fff: ffff8880232938c0 [ 83.676838][ T6211] 7fb1503d7000-7fb1503f6fff: ffff8880252dcdc0 [ 83.685121][ T6211] 7fb1503f7000-7fb1503f7fff: ffff888023293a00 [ 83.691586][ T6211] 7fb1503f8000-7fb150bf7fff: ffff8880252dc280 [ 83.698444][ T6211] 7fb150bf8000-7fb150bf8fff: ffff8880252dcb40 [ 83.708708][ T6211] 7fb150bf9000-7fb1513f8fff: ffff8880252dc500 [ 83.719383][ T6211] 7fb1513f9000-7fb1513fafff: ffff8880332cba00 [ 83.726553][ T6211] 7fb1513fb000-7fb1517fafff: ffff8880332cb000 [ 83.744976][ T6211] 7fb1517fb000-7fb1517fcfff: ffff8880332cb280 [ 83.751712][ T6211] 7fb1517fd000-7fb151bfcfff: ffff8880332cb3c0 [ 83.758147][ T6211] 7fb151bfd000-7fb151bfefff: ffff88802552f3c0 [ 83.787092][ T6211] 7fb151bff000-7fb151ffefff: ffff88802552f500 [ 83.806879][ T6251] netlink: 28 bytes leftover after parsing attributes in process `syz.3.105'. [ 83.816898][ T6211] 7fb151fff000-7fb151ffffff: ffff8880777b88c0 [ 83.825140][ T6211] 7fb152000000-7fb1523fffff: ffff8880777b8a00 [ 83.831697][ T6211] 7fb152400000-ffffffffffffffff: node ffff88802e98a800 depth 1 type 1 parent ffff88802a58c216 contents: ffff8880777b8140 7FB152447FFF ffff8880777b83c0 7FB1525E9FFF ffff8880777b8640 7FB152695FFF ffff8880777b8000 7FB152775FFF ffff8880777b8280 7FB15277EFFF 0000000000000000 7FB15277FFFF ffff8880777b8500 7FB1532DDFFF 0000000000000000 7FB1532F3FFF ffff8880232933c0 7FB1532F7FFF ffff888023293500 7FB1532F9FFF ffff888023293640 7FB1532FBFFF 0000000000000000 7FFED2285FFF ffff888023293780 7FFED22A6FFF 0000000000000000 FFFFFFFFFFFFFFFF 0000000000000000 0 000000000000000d [ 83.883520][ T6211] 7fb152400000-7fb152447fff: ffff8880777b8140 [ 83.892514][ T6211] 7fb152448000-7fb1525e9fff: ffff8880777b83c0 [ 83.911074][ T6211] 7fb1525ea000-7fb152695fff: ffff8880777b8640 [ 83.937527][ T6211] 7fb152696000-7fb152775fff: ffff8880777b8000 [ 83.957671][ T6211] 7fb152776000-7fb15277efff: ffff8880777b8280 [ 83.979054][ T6211] 7fb15277f000-7fb15277ffff: 0000000000000000 [ 83.998798][ T6211] 7fb152780000-7fb1532ddfff: ffff8880777b8500 [ 84.005511][ T6211] 7fb1532de000-7fb1532f3fff: 0000000000000000 [ 84.012003][ T6211] 7fb1532f4000-7fb1532f7fff: ffff8880232933c0 [ 84.018537][ T6211] 7fb1532f8000-7fb1532f9fff: ffff888023293500 [ 84.025297][ T6211] 7fb1532fa000-7fb1532fbfff: ffff888023293640 [ 84.032117][ T6211] 7fb1532fc000-7ffed2285fff: 0000000000000000 [ 84.038599][ T6211] 7ffed2286000-7ffed22a6fff: ffff888023293780 [ 84.045141][ T6211] 7ffed22a7000-ffffffffffffffff: 0000000000000000 [ 84.052087][ T6211] ------------[ cut here ]------------ [ 84.057583][ T6211] WARNING: CPU: 1 PID: 6211 at mm/vma.c:759 vma_merge_existing_range+0x5d3/0x1c80 [ 84.066938][ T6211] Modules linked in: [ 84.071012][ T6211] CPU: 1 UID: 0 PID: 6211 Comm: syz.0.89 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) [ 84.082498][ T6211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 84.092569][ T6211] RIP: 0010:vma_merge_existing_range+0x5d3/0x1c80 [ 84.098962][ T6211] Code: 00 00 00 48 89 d8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc e8 5d 1c aa ff 48 c7 c6 e0 d1 9b 8b 48 89 df e8 6e bc f2 ff 90 <0f> 0b 90 e9 9b fc ff ff e8 40 1c aa ff 48 8b 54 24 20 48 b8 00 00 [ 84.118643][ T6211] RSP: 0018:ffffc90005297b20 EFLAGS: 00010293 [ 84.124812][ T6211] RAX: 0000000000000000 RBX: ffffc90005297c80 RCX: ffffffff8b67d713 [ 84.132946][ T6211] RDX: ffff8880289ea440 RSI: ffffffff82112412 RDI: 0000000000000006 [ 84.141066][ T6211] RBP: ffff8880332cb8c0 R08: 0000000000000006 R09: ffffffffffffffff [ 84.149036][ T6211] R10: ffffffffffffffff R11: 0000000000000001 R12: 0000200000800000 [ 84.157232][ T6211] R13: ffffc90005297ca0 R14: ffff8880332cb8c0 R15: 0000200000000000 [ 84.165728][ T6211] FS: 00007fb1503f66c0(0000) GS:ffff888124abb000(0000) knlGS:0000000000000000 [ 84.174802][ T6211] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.181376][ T6211] CR2: 000000110c32db05 CR3: 0000000076fba000 CR4: 00000000003526f0 [ 84.189328][ T6211] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 84.197296][ T6211] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 84.205254][ T6211] Call Trace: [ 84.208508][ T6211] [ 84.211492][ T6211] ? __pfx_vma_merge_existing_range+0x10/0x10 [ 84.217554][ T6211] vma_modify+0x87/0x410 [ 84.221791][ T6211] vma_modify_flags+0x212/0x2d0 [ 84.226615][ T6211] ? __pfx_vma_modify_flags+0x10/0x10 [ 84.231978][ T6211] ? mtree_range_walk+0x718/0xc00 [ 84.237057][ T6211] ? mas_walk+0x6a6/0x910 [ 84.241455][ T6211] mlock_fixup+0x27c/0xe50 [ 84.245848][ T6211] apply_mlockall_flags+0x2d4/0x470 [ 84.251093][ T6211] ? __pfx_apply_mlockall_flags+0x10/0x10 [ 84.256787][ T6211] ? __pfx___might_resched+0x10/0x10 [ 84.262092][ T6211] ? __pfx_down_write_killable+0x10/0x10 [ 84.267719][ T6211] ? __pfx_ksys_write+0x10/0x10 [ 84.272595][ T6211] ? rcu_is_watching+0x12/0xc0 [ 84.277357][ T6211] __do_sys_munlockall+0xc5/0x280 [ 84.282387][ T6211] do_syscall_64+0xcd/0x260 [ 84.286882][ T6211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.292835][ T6211] RIP: 0033:0x7fb15258d169 [ 84.297252][ T6211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.316871][ T6211] RSP: 002b:00007fb1503f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098 [ 84.325273][ T6211] RAX: ffffffffffffffda RBX: 00007fb1527a5fa0 RCX: 00007fb15258d169 [ 84.333242][ T6211] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 84.341286][ T6211] RBP: 00007fb1503f6090 R08: 0000000000000000 R09: 0000000000000000 [ 84.349231][ T6211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.357266][ T6211] R13: 0000000000000000 R14: 00007fb1527a5fa0 R15: 00007ffed22a56c8 [ 84.365228][ T6211] [ 84.368222][ T6211] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 84.375473][ T6211] CPU: 1 UID: 0 PID: 6211 Comm: syz.0.89 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) [ 84.386900][ T6211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 84.396934][ T6211] Call Trace: [ 84.400193][ T6211] [ 84.403102][ T6211] dump_stack_lvl+0x3d/0x1f0 [ 84.407680][ T6211] panic+0x71c/0x800 [ 84.411548][ T6211] ? __pfx_panic+0x10/0x10 [ 84.415937][ T6211] ? show_trace_log_lvl+0x29b/0x3e0 [ 84.421112][ T6211] ? check_panic_on_warn+0x1f/0xb0 [ 84.426196][ T6211] ? vma_merge_existing_range+0x5d3/0x1c80 [ 84.431974][ T6211] check_panic_on_warn+0xab/0xb0 [ 84.436884][ T6211] __warn+0xf6/0x3c0 [ 84.440767][ T6211] ? vma_merge_existing_range+0x5d3/0x1c80 [ 84.446549][ T6211] report_bug+0x3c3/0x580 [ 84.450856][ T6211] ? vma_merge_existing_range+0x5d3/0x1c80 [ 84.456635][ T6211] handle_bug+0x184/0x210 [ 84.460943][ T6211] exc_invalid_op+0x17/0x50 [ 84.465426][ T6211] asm_exc_invalid_op+0x1a/0x20 [ 84.470249][ T6211] RIP: 0010:vma_merge_existing_range+0x5d3/0x1c80 [ 84.476633][ T6211] Code: 00 00 00 48 89 d8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc e8 5d 1c aa ff 48 c7 c6 e0 d1 9b 8b 48 89 df e8 6e bc f2 ff 90 <0f> 0b 90 e9 9b fc ff ff e8 40 1c aa ff 48 8b 54 24 20 48 b8 00 00 [ 84.496215][ T6211] RSP: 0018:ffffc90005297b20 EFLAGS: 00010293 [ 84.502254][ T6211] RAX: 0000000000000000 RBX: ffffc90005297c80 RCX: ffffffff8b67d713 [ 84.510197][ T6211] RDX: ffff8880289ea440 RSI: ffffffff82112412 RDI: 0000000000000006 [ 84.518147][ T6211] RBP: ffff8880332cb8c0 R08: 0000000000000006 R09: ffffffffffffffff [ 84.526092][ T6211] R10: ffffffffffffffff R11: 0000000000000001 R12: 0000200000800000 [ 84.534036][ T6211] R13: ffffc90005297ca0 R14: ffff8880332cb8c0 R15: 0000200000000000 [ 84.541987][ T6211] ? mt_dump_node+0xcd3/0x16d0 [ 84.546737][ T6211] ? vma_merge_existing_range+0x5d2/0x1c80 [ 84.552537][ T6211] ? __pfx_vma_merge_existing_range+0x10/0x10 [ 84.558578][ T6211] vma_modify+0x87/0x410 [ 84.562794][ T6211] vma_modify_flags+0x212/0x2d0 [ 84.567618][ T6211] ? __pfx_vma_modify_flags+0x10/0x10 [ 84.572976][ T6211] ? mtree_range_walk+0x718/0xc00 [ 84.577977][ T6211] ? mas_walk+0x6a6/0x910 [ 84.582282][ T6211] mlock_fixup+0x27c/0xe50 [ 84.586684][ T6211] apply_mlockall_flags+0x2d4/0x470 [ 84.591867][ T6211] ? __pfx_apply_mlockall_flags+0x10/0x10 [ 84.597560][ T6211] ? __pfx___might_resched+0x10/0x10 [ 84.602827][ T6211] ? __pfx_down_write_killable+0x10/0x10 [ 84.608435][ T6211] ? __pfx_ksys_write+0x10/0x10 [ 84.613256][ T6211] ? rcu_is_watching+0x12/0xc0 [ 84.617997][ T6211] __do_sys_munlockall+0xc5/0x280 [ 84.622995][ T6211] do_syscall_64+0xcd/0x260 [ 84.627475][ T6211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.633338][ T6211] RIP: 0033:0x7fb15258d169 [ 84.637726][ T6211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.657310][ T6211] RSP: 002b:00007fb1503f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098 [ 84.665694][ T6211] RAX: ffffffffffffffda RBX: 00007fb1527a5fa0 RCX: 00007fb15258d169 [ 84.673638][ T6211] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 84.681579][ T6211] RBP: 00007fb1503f6090 R08: 0000000000000000 R09: 0000000000000000 [ 84.689522][ T6211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.697464][ T6211] R13: 0000000000000000 R14: 00007fb1527a5fa0 R15: 00007ffed22a56c8 [ 84.705425][ T6211] [ 84.708604][ T6211] Kernel Offset: disabled [ 84.712906][ T6211] Rebooting in 86400 seconds..