last executing test programs: 2m13.773365511s ago: executing program 3 (id=117): openat$kvm(0xffffffffffffff9c, &(0x7f0000000a40), 0x40400, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_udp(0xa, 0x2, 0x0) socket$netlink(0x10, 0x3, 0xa) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) socket(0x11, 0x2, 0x0) syz_usb_connect(0x4, 0x210, &(0x7f0000000000)=ANY=[], 0x0) epoll_create1(0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x12, {"a2e3ad21ed0d09f91b5b090987f70906d038e7ff7fc6e5539b0d3d0e8b089b323b6d07060890e0878f0e1ac6e7049b334a959b3e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0931a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5bcd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39dd0000000039ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00b98e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d877a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8) 2m13.226880722s ago: executing program 3 (id=122): r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10) bind$tipc(r0, &(0x7f0000000180)=@id={0x1e, 0x3, 0x3, {0x4e24, 0x3}}, 0x10) bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x2, 0x3}}, 0x10) bind$tipc(r0, 0x0, 0x0) r1 = socket(0x10, 0x3, 0x0) connect$tipc(r1, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x1, {0x1, 0x1, 0x2}}, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f00000004c0)={0x14, 0x1e, 0xa01, 0x1, 0x0, {0x0, 0x2}}, 0x14}}, 0x0) keyctl$clear(0x3, 0xfffffffffffffffd) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0xd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl(r3, 0x8b2a, &(0x7f0000000040)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 2m13.173560593s ago: executing program 3 (id=124): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@broadcast, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x32}, 0x2, @in, 0x0, 0x4}}, 0xe8) sendmmsg$inet6(r0, &(0x7f0000000a80)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}, {{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @dev}, 0x1c, 0x0, 0x0, 0x0, 0x0, 0xe00}}], 0x2, 0x0) 2m13.109090957s ago: executing program 3 (id=126): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) chdir(&(0x7f0000000080)='./file0\x00') r0 = syz_clone(0x80002080, 0x0, 0x0, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c8) landlock_restrict_self(0xffffffffffffffff, 0x0) setpgid(r0, 0x0) setpgid(0x0, r0) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) 2m13.04555582s ago: executing program 3 (id=128): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='rdma.current\x00', 0x275a, 0x0) r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x190, 0x4) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x23, &(0x7f0000000200)=0x1, 0x4) bind$inet(r2, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x19, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10) sendmsg$inet(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000180)='/', 0x1}], 0x1}, 0x0) recvmmsg(r2, &(0x7f00000005c0), 0x40000000000026c, 0x0, 0x0) bind$can_raw(r0, &(0x7f00000001c0), 0x10) recvmmsg(r0, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000002, 0x0) sendmsg$can_raw(r0, &(0x7f0000000440)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "007a88cbb6270800"}, 0x10}, 0x1, 0x0, 0x0, 0x10}, 0x81) 2m11.799918126s ago: executing program 3 (id=144): munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) 2m11.741351905s ago: executing program 32 (id=144): munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) 42.198985928s ago: executing program 2 (id=1516): r0 = syz_clone(0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r2 = syz_open_procfs(r0, &(0x7f0000000380)='stack\x00') pread64(r2, &(0x7f0000000880)=""/4119, 0x1017, 0x0) 34.9377828s ago: executing program 2 (id=1516): r0 = syz_clone(0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r2 = syz_open_procfs(r0, &(0x7f0000000380)='stack\x00') pread64(r2, &(0x7f0000000880)=""/4119, 0x1017, 0x0) 27.408312856s ago: executing program 2 (id=1516): r0 = syz_clone(0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r2 = syz_open_procfs(r0, &(0x7f0000000380)='stack\x00') pread64(r2, &(0x7f0000000880)=""/4119, 0x1017, 0x0) 19.795777402s ago: executing program 2 (id=1516): r0 = syz_clone(0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r2 = syz_open_procfs(r0, &(0x7f0000000380)='stack\x00') pread64(r2, &(0x7f0000000880)=""/4119, 0x1017, 0x0) 15.977338243s ago: executing program 1 (id=1897): r0 = socket$kcm(0x2, 0x200000000000001, 0x106) socket$inet6_tcp(0xa, 0x1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "fc771c", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x3, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10, 0x2}}}}}}}, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001) ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) setsockopt$sock_attach_bpf(r0, 0x6, 0x25, &(0x7f0000000040), 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x34, r2, 0x7, 0x70bd25, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @local}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x8081}, 0x24000800) 15.866459247s ago: executing program 1 (id=1899): request_key(0x0, 0x0, &(0x7f0000000100)='/dev/vhost-vsock\x00', 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000001c0)={0x70003, 0x0, [0x7, 0xb, 0x2, 0x9, 0xfffffffffffffff7, 0x6, 0x3000000002, 0x35fe7901]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 15.679799371s ago: executing program 1 (id=1900): syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00') syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2) fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) socket(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f00000004c0)=ANY=[@ANYRES64=r0]) 15.53191544s ago: executing program 1 (id=1901): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"]) chdir(&(0x7f0000000280)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mount$overlay(0x0, &(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) 15.477467181s ago: executing program 1 (id=1903): mkdir(&(0x7f0000000200)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='tracefs\x00', 0x0, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0) 15.280221582s ago: executing program 1 (id=1906): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040)) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc) 13.169450227s ago: executing program 4 (id=1922): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x20) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000400)='net/dev_mcast\x00') preadv(r1, &(0x7f0000000100)=[{&(0x7f0000000000)=""/154, 0x9a}], 0x1, 0xffffffff, 0x0) fsopen(0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x20000000) openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0) 13.039769718s ago: executing program 4 (id=1923): sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x40, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r2, 0x0) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000000c0)={[0x7f, 0x0, 0x10, 0xfffffffffffffffd, 0x7, 0x0, 0x0, 0x2, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffe, 0x4c, 0x7, 0x6, 0xfffffffffffffffd], 0x2}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12.931261318s ago: executing program 4 (id=1924): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000e40)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0200000002"], 0x10) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000001180)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="0200000002"], 0x10) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@cgroup=r2, 0x2, 0x0, 0x0, &(0x7f0000000200)=[0x0, 0x0], 0x2, 0x0, 0x0, 0x0, 0x0}, 0x40) 12.830025156s ago: executing program 4 (id=1925): bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0xac) sched_setscheduler(0x0, 0x2, 0x0) syz_open_dev$usbfs(0x0, 0x205, 0x2581) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) request_key(&(0x7f0000000240)='asymmetric\x00', &(0x7f0000000780)={'syz', 0x0}, &(0x7f0000000740)='lon\x00', 0x0) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, 0x0, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) preadv2(r0, &(0x7f0000000080)=[{&(0x7f00000000c0)=""/139, 0x8b}], 0x1, 0x867, 0x0, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r0, 0x0, 0x0}, 0x10) 12.589518177s ago: executing program 4 (id=1932): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x161702, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000000)={0x6, 0x2, 0xe}) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000004c0)={0x49, 0x15d5, 0x10}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f00000002c0)={0x10001, 0x401f, 0x3}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000080)={0x100, 0x4, 0x103e4f}) close_range(r0, 0xffffffffffffffff, 0x0) 10.716118723s ago: executing program 2 (id=1516): r0 = syz_clone(0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r2 = syz_open_procfs(r0, &(0x7f0000000380)='stack\x00') pread64(r2, &(0x7f0000000880)=""/4119, 0x1017, 0x0) 4.959201052s ago: executing program 0 (id=1978): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00000039c0)=ANY=[@ANYBLOB="180000000300000000000000a012544f95002b000000000093adffa82255f674412d020000000000005ab527ee3697f1ed4436dd1164b1b3f427f6ba6b34f98125f30e631d273683626e00dc254d570d4a6b78a5833488cfe410090000004aa900003d3cd62f00158e6eee8501000000520a0000151d016e6cafbe9309aba218812868a51d129e78f6ae170bf5a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b000024b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e8b701d2d17ebc406e89dcbb7677e6528b0856e31eb9474c0106fc48e1f8c1a5f6945ac24cf609068f6ff21e88b3cfc22df01d51e242443618c02e0a428da651366e4bac9d97328fa2a82b5e8741e02056d933bedf59ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e148bf56497e5d56d06c7551b870b2851c3f0a1aab7158edeeccd92e3a88dc0f432187ce92d7b17a21c8f1b3369ebfcb4cb2946601b0f04edb256c604f068773f6db9d661bd7f0e2536f00000000000000005521458b7d1e341c6f864f983d745f5865aad41d29158ae7602a2d6cd415e8351ebc283df54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121a96eb373845255012e028cb2654d493afb4b35faae176f99b745eda2967199cc93685bb444f9bc50713061385537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d0007ae4e1e347c0cff28235a6bb7aa3804b907a8f2880c5cb1cb385e6add14652003c7cdd3324f07d1ff07000000000000000009dd872ec64fa6c718bbd1aa591140cff0be4c6f8df084c5e9734ae30aa9afdc7125f01ab03a9b1074407136b4506000f0916aada035df2e0452a9b39e73aeeb6eaf14652dda689e2051d9b7eb85f3f2d5ab2c51944da8d7391d5b6b97419a3b76600cd1aa0afe5f8f46df4c5124ca425d374b371867a79b31f3f514573f1e30d1fd2d763f3ee9210b15c1d60be2168fffcd599a2cb77f124e22f87673675805494db821f39b50d5fd8c6b2a3a324c257bc97def5f07f2b77f05a4f81a9cf8110971b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c4407eca22debc99335583b00013c3130978fa069af8223b38ced735c2d90c6d84c30a0d87d42647489b39601be5c27696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f240080000534187738655d7a6240412c8f283cc0c1eba2866dc9580000000000000007fffffffff554b82d9c162f3556076b80552d961ca74d1ffdaccf0ea5f02e0163a9ccb9087e6c3b3917bb74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb01f7ada800e50000000000fdaf2f7b3b79a433e08074ea2462974ab2cbd2190780fa39c43ea647eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433d866665b98ca2002c836e89feef904c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc8d0834fb8d124638fec58faeb4c16abb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a68d2bb2dd163e863314e8449801b52bb93f6c9084659ce777dda8563c859656a357770289a61faa95a82bf1cfb7f2f97252e9322abe282c3344fc6738b4467893b9bf0000000000000001062a35376413c29f7c6f7bde29b9f4bddd5e328661f4615e627a6f608ad53a4168fe8e5d7d934aa289b4bd2b870000000000000000000000000000fc4b4ff50000009b777883a02ffd92dfc4cb4114b9f9cf4ad155110cd3ace2b322ae31bfa27847c799c8869a1ea5018e525e6383ad7fd9795170e7b11e247603000000001459c7f606d721d3979676bffb3049166ab84ac1061991bd57c2566c10c296352a5105b6164e3f2491e4793e2b70590dcc71f110da96366c40dd44a2c9882d3aa0f8a797b8fea6efcfb5276b7679f15559cdaabf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5002adef9546abb7a2d9c085b189b5ff30e4e0c13f60870fde1f88d830b11002135e8e7262f29b6d7923bfbe0bd2a8be179e56b41ff3792cee2fc37eee739c3008ce740d8804f8e705f0dc59d000021363e8df94ff175b48dc8c12def681a11647946595445bf1cb7d2778cd27a6b3b2966b08be600000020a8a711d193bae0ab2db9ed9c6cb3c3de42ab89524414cae922141f7baf17ebb790ad60bd0387837e63f9880fd70259e35590afb4843cd4e9989398eaa89cefb3aa13cab8d015cbaf1561d95362decd73b8f8cbf8269cac091cfaaa3c7e46d6e79145fc0f1d1b383752ccb40515a772356d746914540216adf4c0f44f1cff3760afa252720ec6dad3a98671ecdaff46cddffb1f05a0c0976070d603a442d014822369fa3eacbb69bd1b0a074357acd5d02161fed146ad3aa15d2b8101b7bd1e091ada78ecd50181f4b35cae1b29aff91494c916323b61f815c4e0701657087ad11eef97952921365bc898ba2c76a9b6e0052f43b1ad2dfdf3f958fc1d32e692bc8846c78a956ada453c67c1c2cdc4f8b1c94e9adc106e85b31e030d955c5578e107a6e8ca0d4dd05344c3e2af25d9a3b0f7805624016aeab271a75f0bacb101a156ef8948064569154a7de08f80e4df4c339b69431b0a5671097d89212b465b0b32275deae10a77e334c9fc074d181bdeb5be80a6249d472e78e6be57a5ccd354cf181e099605a644ecade221a2be926210b2690d09e4b7a3dea25403397439979c27d5613262de10bacecfff2d58437f012df4252c018795310c25e8fce18ed366ac2caade564ca869727a7d63c26271e17d7aba48971835530311545273d3caadeb5d2017dc816126b6f2068f68a4111ddd587b5df4b5d8f1ce00231a2092eb2e797c491a1e66f73606fd95bb01b53a2d862b6262f0259da51ff7517ace7361460a4669a97f7d0bf095c2787f00bdbfee19670d1e0ec5e6c3cb09972fa4d94986157b96d6695177c99d83716651129320924352cda7b8ead91c3301af620c1e8d7004d29ad77f54836779600bb0b247139d429df96362db3ecfbd36fa8164fabdcf2e58b720e8e1c03a74daf593f92a8ecc03f8c8e3af9ae07dc03780cc0d69da9e3528c1693fb51998731992ceb27dcc0be5be4decefe41b78bc1847bf54b087e095172f06cfa6d4bf958b1d4544947ff1230655199db4f475006047fe83caca97758dffa53cee764f85932eb20d54241b2d515c0826dfe1f0f40ae920455a4548fb35e2a345c05b1c252b7877bb3d834b0b3579a36249146f832ef258df5127318c7017ac1a996c4f902f82deb60fd113ccf812d55ffd625057bd4ff3960992b85bc8d32edfca386be16b1c549aec52e31e1405f86c7760282901750b732ec06b0db735222a56f3ebb16fad3e9269495230cd88b0ea2e3affa196a2f0adf733bc6afd37a659ecc933d636c1b27d3a16c5ea25301f9b5789e4aa8e7228e3002f146aa5e575bb74b1ebb82147edf8161d362704377058e887c608be8719ea1b6c490f79e0832e2ddd7e217c7adddd4731e032d7eb35bdc38160c676d840e2e8be9033a686cf7061f5f55e2851736aa8c2f3bad8ac05c048e20d8c03b68008a70b8f80c93ebd2ababb5c65fe9abc4642d7b58d8c93efd7b6b39c68a16d75a7852dfc37a6a50cb28a9b6f685a465d08fc603d81d8ddd5296fae97be1401a8be7748a71fcdc85ba2049e96c4e6dce59b88cd5472726bc237fbcf3ffcbf32e2aac9b2f9d6013b59780ded723b08c767fa091e2fa4d51863500fcd5041bcc98a685504835743194113ea0b97b4f9ddc395b9ac4defefadd37a8871fd91f31a56eb96ecf90000000000000000000000000000000000000000000c447ea475c236c3b7f24079fe375f3f861fc54d9d8a04a6cb8c0dbf9e9cc53a84a5795ae5ebcbd825e3572df16fbdcd395e995fa4fcbbf31583d9e1d3ff537f401a3139200a8bd2122157887199cd54075a4d5b29935dda5c6aa0f3ac6895eb73c7abbd4603abdaa8629dedb2cab0fa80f9514ad310491a9a300015c18cdfd9342cff50d849d7516134d45d1a8cf157abe0c79de543993cf689f8a7113508fbf8a610417045e6c38a5d4ff4656dbd9656ad6ce625e1674ab57944ebb834743a248a2be304ba1e037cb63a169d340be8befc1b238aa26e24"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x7, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r2 = socket$kcm(0x29, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f00000002c0)={r0}) recvmsg$unix(r3, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x2020) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r0, r1}) sendmsg$rds(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002800)=[{&(0x7f0000002980)=""/4112, 0x1010}], 0x1}, 0xc044) write(r2, 0x0, 0x0) 4.849897452s ago: executing program 0 (id=1979): openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_udp(0xa, 0x2, 0x0) socket$netlink(0x10, 0x3, 0xa) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) socket(0x11, 0x2, 0x0) syz_usb_connect(0x4, 0x210, &(0x7f0000000000)=ANY=[], 0x0) epoll_create1(0x0) syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') socket$nl_route(0x10, 0x3, 0x0) socket(0x1, 0x803, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x12, {"a2e3ad21ed0d09f91b5b090987f70906d038e7ff7fc6e5539b0d3d0e8b089b323b6d07060890e0878f0e1ac6e7049b334a959b3e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0931a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5bcd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39dd0000000039ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00b98e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d877a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 4.206741543s ago: executing program 4 (id=1932): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x161702, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000000)={0x6, 0x2, 0xe}) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000004c0)={0x49, 0x15d5, 0x10}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f00000002c0)={0x10001, 0x401f, 0x3}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000080)={0x100, 0x4, 0x103e4f}) close_range(r0, 0xffffffffffffffff, 0x0) 2.816465338s ago: executing program 2 (id=1516): r0 = syz_clone(0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r2 = syz_open_procfs(r0, &(0x7f0000000380)='stack\x00') pread64(r2, &(0x7f0000000880)=""/4119, 0x1017, 0x0) 1.833173419s ago: executing program 0 (id=1980): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000140)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000240)={0xc}) ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000280)={0x28, 0x5, r3, 0x0, &(0x7f0000579000/0x2000)=nil, 0x2000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r3, 0x0, 0xffffffffffffffff, 0x1}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r2, 0x3ba0, &(0x7f00000005c0)={0x48, 0x7, r4, 0x0, 0x0, 0x0, 0x0, 0x5}) 1.756154093s ago: executing program 0 (id=1981): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r1, &(0x7f0000000380)={{0x6, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x2}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast]}, 0x48) r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r2, &(0x7f0000000300)={{0x6, @rose, 0xfffffffc}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) listen(r1, 0x1ad72f7) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x10}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 889.449065ms ago: executing program 0 (id=1982): socket$kcm(0xa, 0x3, 0x3a) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000100)) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r3 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810) r4 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)=ANY=[@ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x810) r5 = socket$l2tp6(0xa, 0x2, 0x73) ioctl$sock_ifreq(r5, 0x8923, &(0x7f0000000040)={'lo\x00', @ifru_hwaddr=@multicast}) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, 0x0, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000540)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_KEY(r7, 0x0, 0x0) 132.52µs ago: executing program 0 (id=1983): ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mkdirat(0xffffffffffffffff, 0x0, 0xa) copy_file_range(r0, &(0x7f0000000000)=0x3, r0, &(0x7f00000001c0)=0x8001, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) syz_open_dev$vim2m(0x0, 0x2, 0x2) r4 = syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'ipvlan0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000844}, 0x0) 0s ago: executing program 33 (id=1906): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040)) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc) kernel console output (not intermixed with test programs): 419): avc: denied { mount } for pid=9016 comm="syz.2.1147" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 105.934016][ T40] audit: type=1400 audit(2000000006.200:420): avc: denied { mounton } for pid=9016 comm="syz.2.1147" path="/237/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1 [ 105.950041][ T40] audit: type=1400 audit(2000000006.230:421): avc: denied { unmount } for pid=5951 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 106.117654][ T1023] usb 9-1: USB disconnect, device number 11 [ 106.739552][ C1] Unknown status report in ack skb [ 107.168659][ T9075] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1169'. [ 108.471572][ T9154] netlink: 'syz.0.1200': attribute type 11 has an invalid length. [ 108.688779][ T9168] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1205'. [ 108.893608][ T9178] rdma_rxe: rxe_newlink: failed to add ipvlan0 [ 108.927289][ T9182] »»»»»» speed is unknown, defaulting to 1000 [ 108.977749][ T9187] netlink: 'syz.4.1211': attribute type 4 has an invalid length. [ 109.396225][ T9210] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 109.407366][ T9213] netlink: 'syz.2.1221': attribute type 12 has an invalid length. [ 109.410382][ T9213] netlink: 'syz.2.1221': attribute type 29 has an invalid length. [ 109.412678][ T9213] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1221'. [ 109.415261][ T9213] netlink: 'syz.2.1221': attribute type 1 has an invalid length. [ 109.417803][ T9213] netlink: 'syz.2.1221': attribute type 2 has an invalid length. [ 109.420015][ T9213] netlink: 31 bytes leftover after parsing attributes in process `syz.2.1221'. [ 110.442779][ T5948] block nbd2: Receive control failed (result -32) [ 110.499899][ T9245] block nbd2: shutting down sockets [ 110.568592][ T40] audit: type=1400 audit(2000000010.850:422): avc: denied { create } for pid=9254 comm="syz.2.1238" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 110.580902][ T40] audit: type=1400 audit(2000000010.860:423): avc: denied { sys_admin } for pid=9254 comm="syz.2.1238" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 110.611403][ T40] audit: type=1400 audit(2000000010.890:424): avc: denied { sys_ptrace } for pid=9254 comm="syz.2.1238" capability=19 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 110.651907][ T5948] Bluetooth: hci3: Unknown advertising packet type: 0x14 [ 110.651924][ T5948] Bluetooth: hci3: Unknown advertising packet type: 0x20 [ 110.653959][ T5948] Bluetooth: hci3: Unknown advertising packet type: 0x32 [ 110.655889][ T5948] Bluetooth: hci3: Malformed LE Event: 0x0d [ 111.976549][ T5948] Bluetooth: hci4: command 0x1003 tx timeout [ 111.979378][ T5957] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 112.034347][ T9279] 9pnet_fd: Insufficient options for proto=fd [ 112.092422][ T9286] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1249'. [ 112.153194][ T9292] rdma_rxe: rxe_newlink: failed to add ipvlan0 [ 112.226356][ C1] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 112.244195][ T5957] Bluetooth: hci3: Malformed LE Event: 0x0d [ 112.516544][ T36] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 112.666348][ T36] usb 6-1: Using ep0 maxpacket: 8 [ 112.669112][ T36] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 112.671801][ T36] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 112.674549][ T36] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 112.677398][ T36] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 112.681342][ T36] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 112.683769][ T36] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.891743][ T36] usb 6-1: GET_CAPABILITIES returned 0 [ 112.893410][ T9321] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1265'. [ 112.893428][ T36] usbtmc 6-1:16.0: can't read capabilities [ 113.093857][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 113.100570][ T1023] usb 6-1: USB disconnect, device number 6 [ 113.376456][ T31] usb 9-1: new high-speed USB device number 12 using dummy_hcd [ 113.531837][ T31] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 113.536050][ T31] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 113.540593][ T31] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 113.544681][ T31] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 113.550551][ T31] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 113.553246][ T31] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.558169][ T31] usb 9-1: config 0 descriptor?? [ 113.562323][ T9347] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 113.972821][ T31] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 113.975251][ T31] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 113.978358][ T31] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 113.980959][ T31] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 113.983636][ T31] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 113.986231][ T31] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 113.988848][ T31] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 113.991584][ T31] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 113.994348][ T31] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 113.998363][ T31] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 114.000586][ T31] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 114.002569][ T31] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 114.004544][ T31] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 114.006770][ T31] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving [ 114.011406][ T31] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 114.228449][ T10] usb 9-1: USB disconnect, device number 12 [ 114.587229][ T9388] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1283'. [ 114.888816][ T9410] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85 [ 114.894831][ T9410] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1293'. [ 115.313168][ T9448] trusted_key: syz.4.1303 sent an empty control message without MSG_MORE. [ 115.680036][ T9474] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1312'. [ 115.789262][ T40] audit: type=1400 audit(2000000016.070:425): avc: denied { setopt } for pid=9476 comm="syz.1.1313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 116.068668][ T5957] Bluetooth: hci3: link tx timeout [ 116.070714][ T5957] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa [ 116.073504][ T5957] Bluetooth: hci3: link tx timeout [ 116.074918][ T5957] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 116.432396][ T9504] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1324'. [ 116.795544][ T9528] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1334'. [ 117.355024][ T9553] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 117.766487][ T26] usb 9-1: new high-speed USB device number 13 using dummy_hcd [ 117.918192][ T26] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 117.922374][ T26] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 117.925446][ T26] usb 9-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 117.928505][ T26] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.933152][ T26] usb 9-1: config 0 descriptor?? [ 118.096689][ T9569] netlink: 'syz.0.1352': attribute type 3 has an invalid length. [ 118.098861][ T9569] netlink: 'syz.0.1352': attribute type 3 has an invalid length. [ 118.146409][ T5957] Bluetooth: hci3: command 0x0406 tx timeout [ 118.160366][ T9574] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1354'. [ 118.231281][ T40] audit: type=1400 audit(2000000018.510:426): avc: denied { bind } for pid=9583 comm="syz.2.1357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 118.238174][ T40] audit: type=1400 audit(2000000018.510:427): avc: denied { name_bind } for pid=9583 comm="syz.2.1357" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 118.244913][ T40] audit: type=1400 audit(2000000018.510:428): avc: denied { node_bind } for pid=9583 comm="syz.2.1357" saddr=::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1 [ 118.251548][ T40] audit: type=1400 audit(2000000018.520:429): avc: denied { listen } for pid=9583 comm="syz.2.1357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 118.260153][ T40] audit: type=1400 audit(2000000018.520:430): avc: denied { connect } for pid=9583 comm="syz.2.1357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 118.265342][ T40] audit: type=1400 audit(2000000018.520:431): avc: denied { name_connect } for pid=9583 comm="syz.2.1357" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 118.272333][ T40] audit: type=1326 audit(2000000018.540:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9585 comm="syz.0.1358" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8121b8d169 code=0x0 [ 118.345616][ T26] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x0 [ 118.347920][ T26] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x0 [ 118.352025][ T26] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/0003:0D8C:0022.0007/input/input10 [ 118.361591][ T26] cm6533_jd 0003:0D8C:0022.0007: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.4-1/input0 [ 118.374126][ T40] audit: type=1400 audit(2000000018.650:433): avc: denied { read write } for pid=9599 comm="syz.2.1361" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 118.384473][ T40] audit: type=1400 audit(2000000018.650:434): avc: denied { open } for pid=9599 comm="syz.2.1361" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 118.542860][ T6003] usb 9-1: USB disconnect, device number 13 [ 118.799640][ T9647] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1370'. [ 118.806023][ T9648] rdma_rxe: rxe_newlink: failed to add ipvlan0 [ 119.609467][ T9664] netlink: 'syz.4.1376': attribute type 4 has an invalid length. [ 119.737017][ T9682] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85 [ 119.920670][ T9693] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1395'. [ 119.923657][ T9693] netlink: 'syz.1.1395': attribute type 1 has an invalid length. [ 119.925921][ T9693] netlink: 'syz.1.1395': attribute type 2 has an invalid length. [ 119.928877][ T9693] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1395'. [ 120.178579][ T9712] xt_hashlimit: size too large, truncated to 1048576 [ 120.226366][ T5948] Bluetooth: hci3: command 0x0406 tx timeout [ 120.311331][ T9721] block nbd4: shutting down sockets [ 120.425451][ T9734] overlayfs: failed to clone upperpath [ 120.575296][ T9744] syz_tun: entered allmulticast mode [ 120.581810][ T9743] syz_tun: left allmulticast mode [ 120.914521][ T9751] syzkaller1: entered promiscuous mode [ 120.920033][ T9751] syzkaller1: entered allmulticast mode [ 120.970916][ T9753] »»»»»» speed is unknown, defaulting to 1000 [ 121.215366][ T9768] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1417'. [ 121.218359][ T9736] Set syz1 is full, maxelem 65536 reached [ 122.030549][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 122.030561][ T40] audit: type=1400 audit(2000000022.310:438): avc: denied { getattr } for pid=9799 comm="syz.4.1432" name="/" dev="9p" ino=36831322 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 122.044523][ T9800] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 122.203185][ T40] audit: type=1400 audit(2000000022.480:439): avc: denied { create } for pid=9811 comm="syz.0.1439" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 122.210617][ T40] audit: type=1400 audit(2000000022.480:440): avc: denied { create } for pid=9812 comm="syz.4.1440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 122.259714][ T9816] 9pnet_fd: Insufficient options for proto=fd [ 122.406590][ T835] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 122.557675][ T835] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 122.561509][ T835] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 122.564911][ T835] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 122.569678][ T835] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 122.572857][ T835] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.577132][ T835] usb 6-1: config 0 descriptor?? [ 122.822427][ T9822] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1451'. [ 122.986951][ T835] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving [ 122.991136][ T835] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 123.248016][ T31] usb 6-1: USB disconnect, device number 7 [ 123.756459][ T9843] 9pnet_fd: Insufficient options for proto=fd [ 124.327223][ T9863] input: syz0 as /devices/virtual/input/input11 [ 124.451797][ T9874] rdma_rxe: rxe_newlink: failed to add ipvlan0 [ 125.286361][ T9884] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 125.414616][ T9889] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1471'. [ 125.488709][ T9900] 9pnet_fd: Insufficient options for proto=fd [ 125.537270][ T9902] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1477'. [ 126.349575][ T9921] 9pnet_fd: Insufficient options for proto=fd [ 126.534286][ T9930] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1488'. [ 126.819243][ T40] audit: type=1400 audit(2000000027.100:441): avc: denied { mount } for pid=9944 comm="syz.2.1495" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 126.849497][ T40] audit: type=1400 audit(2000000027.130:442): avc: denied { unmount } for pid=5951 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 126.911784][ T40] audit: type=1400 audit(2000000027.190:443): avc: denied { ioctl } for pid=9953 comm="syz.0.1499" path="socket:[28229]" dev="sockfs" ino=28229 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 127.227524][ T40] audit: type=1400 audit(2000000027.510:444): avc: denied { read } for pid=9965 comm="syz.4.1503" lport=6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 127.418089][ T9979] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1509'. [ 127.506924][ T5957] Bluetooth: hci3: command 0x0406 tx timeout [ 127.699059][ T9985] kvm: pic: non byte write [ 128.175358][ T40] audit: type=1400 audit(2000000028.450:445): avc: denied { execute } for pid=9996 comm="syz-executor" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 128.183969][ T40] audit: type=1400 audit(2000000028.450:446): avc: denied { execute_no_trans } for pid=9996 comm="syz-executor" path="/syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 128.285606][ T5957] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 128.290721][ T5957] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 128.294232][ T5957] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 128.298533][ T5957] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 128.301680][ T5957] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 128.305129][ T5957] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 128.325054][ T9999] »»»»»» speed is unknown, defaulting to 1000 [ 128.476040][ T9999] chnl_net:caif_netlink_parms(): no params data found [ 128.540029][ T9999] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.542813][ T9999] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.544997][ T9999] bridge_slave_0: entered allmulticast mode [ 128.547239][ T9999] bridge_slave_0: entered promiscuous mode [ 128.551957][ T9999] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.554763][ T9999] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.557845][ T9999] bridge_slave_1: entered allmulticast mode [ 128.560934][ T9999] bridge_slave_1: entered promiscuous mode [ 128.561156][T10008] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85 [ 128.568786][T10008] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1518'. [ 128.595544][ T9999] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 128.601818][ T9999] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 128.630628][ T9999] team0: Port device team_slave_0 added [ 128.633912][ T9999] team0: Port device team_slave_1 added [ 128.661303][ T9999] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 128.663493][ T9999] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 128.671516][ T9999] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 128.678697][T10011] syz1: rxe_newlink: already configured on ipvlan0 [ 128.681431][ T9999] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 128.683739][ T9999] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 128.696324][ T9999] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 128.724615][ T9999] hsr_slave_0: entered promiscuous mode [ 128.727178][ T9999] hsr_slave_1: entered promiscuous mode [ 128.729393][ T9999] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 128.732039][ T9999] Cannot create hsr debugfs directory [ 128.856440][ C1] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 129.193343][ T9999] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 129.198856][ T9999] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 129.202844][ T9999] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 129.206040][ T9999] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 129.254555][ T9999] 8021q: adding VLAN 0 to HW filter on device bond0 [ 129.265947][ T9999] 8021q: adding VLAN 0 to HW filter on device team0 [ 129.272505][ T84] bridge0: port 1(bridge_slave_0) entered blocking state [ 129.274552][ T84] bridge0: port 1(bridge_slave_0) entered forwarding state [ 129.284149][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state [ 129.286977][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 129.399956][ T9999] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 129.428957][ T9999] veth0_vlan: entered promiscuous mode [ 129.434926][ T9999] veth1_vlan: entered promiscuous mode [ 129.453005][ T9999] veth0_macvtap: entered promiscuous mode [ 129.457764][ T9999] veth1_macvtap: entered promiscuous mode [ 129.466824][ T9999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 129.470774][ T9999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.474511][ T9999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 129.479670][T10038] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1528'. [ 129.479858][ T9999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.489480][ T9999] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 129.494078][ T9999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 129.497399][ T9999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.500395][ T9999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 129.503259][ T9999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.507425][ T9999] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 129.515757][ T9999] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.519823][ T9999] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.523184][ T9999] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.526555][ T9999] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.564441][ T1240] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.571325][ T1240] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.581344][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 129.583715][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 129.791675][T10051] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1532'. [ 129.956387][ T40] audit: type=1400 audit(2000000030.230:447): avc: denied { sqpoll } for pid=10057 comm="syz.4.1535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 130.219173][T10067] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1538'. [ 130.389640][ T40] audit: type=1400 audit(2000000030.670:448): avc: denied { mounton } for pid=10072 comm="syz.1.1540" path="/319/file0/bus" dev="bpf" ino=28550 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=dir permissive=1 [ 130.391757][T10073] overlayfs: upper fs does not support tmpfile. [ 130.504144][T10082] »»»»»» speed is unknown, defaulting to 1000 [ 130.546581][ T836] usb 9-1: new high-speed USB device number 14 using dummy_hcd [ 130.716348][ T836] usb 9-1: Using ep0 maxpacket: 8 [ 130.719700][ T836] usb 9-1: config index 0 descriptor too short (expected 301, got 45) [ 130.722774][ T836] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 130.727088][ T836] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 130.730372][ T836] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 130.733587][ T836] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 130.736907][ T40] audit: type=1400 audit(2000000031.020:449): avc: denied { ioctl } for pid=10081 comm="syz.1.1544" path="socket:[28569]" dev="sockfs" ino=28569 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 130.738237][ T836] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 130.749968][ T836] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 130.962246][T10071] cgroup: fork rejected by pids controller in /syz4 [ 130.970397][ T836] usb 9-1: GET_CAPABILITIES returned 0 [ 130.972422][ T836] usbtmc 9-1:16.0: can't read capabilities [ 131.175318][ T836] usb 9-1: USB disconnect, device number 14 [ 131.268289][T10096] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1547'. [ 131.301891][T10098] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1548'. [ 131.544069][ T1145] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.734815][ T5948] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 131.745643][ T5948] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 131.749102][ T5948] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 131.769302][ T5948] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 131.773891][ T5948] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 131.776925][ T5948] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 131.799108][T10106] »»»»»» speed is unknown, defaulting to 1000 [ 132.221204][ T5957] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 132.221976][T10114] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 132.230287][ T5957] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 132.233474][ T5957] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 132.248402][ T5957] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 132.257265][ T5957] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 132.260238][ T5957] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 132.709666][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.712076][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.175305][T10111] »»»»»» speed is unknown, defaulting to 1000 [ 133.223337][T10124] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1557'. [ 133.252352][T10106] chnl_net:caif_netlink_parms(): no params data found [ 133.277493][ T40] audit: type=1400 audit(2000000033.550:450): avc: denied { map } for pid=10130 comm="syz.1.1560" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 133.285687][ T40] audit: type=1400 audit(2000000033.550:451): avc: denied { execute } for pid=10130 comm="syz.1.1560" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 133.345343][T10106] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.347694][T10106] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.349938][T10106] bridge_slave_0: entered allmulticast mode [ 133.352616][T10106] bridge_slave_0: entered promiscuous mode [ 133.363308][T10106] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.366542][T10106] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.369655][T10106] bridge_slave_1: entered allmulticast mode [ 133.372511][T10106] bridge_slave_1: entered promiscuous mode [ 133.409749][T10106] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.413489][T10106] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 133.464706][T10106] team0: Port device team_slave_0 added [ 133.471201][T10106] team0: Port device team_slave_1 added [ 133.477239][T10111] chnl_net:caif_netlink_parms(): no params data found [ 133.526431][T10106] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 133.528275][T10106] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.535171][T10106] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 133.540117][T10106] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 133.542131][T10106] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.549069][T10106] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 133.622343][ T1145] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.704960][T10111] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.709409][T10111] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.711559][T10111] bridge_slave_0: entered allmulticast mode [ 133.713845][T10111] bridge_slave_0: entered promiscuous mode [ 133.717667][T10106] hsr_slave_0: entered promiscuous mode [ 133.719547][T10106] hsr_slave_1: entered promiscuous mode [ 133.721334][T10106] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 133.724389][T10106] Cannot create hsr debugfs directory [ 133.741795][ T1145] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.750415][T10111] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.752342][T10111] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.754283][T10111] bridge_slave_1: entered allmulticast mode [ 133.756823][T10111] bridge_slave_1: entered promiscuous mode [ 133.813747][ T1145] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.816512][ T5948] Bluetooth: hci3: command tx timeout [ 133.833086][T10111] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.839117][T10111] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 133.883228][T10111] team0: Port device team_slave_0 added [ 133.896611][T10111] team0: Port device team_slave_1 added [ 133.915680][T10111] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 133.917742][T10111] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.925184][T10111] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 133.929679][T10111] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 133.931598][T10111] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.938631][T10111] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 133.981162][ T1145] bridge_slave_1: left allmulticast mode [ 133.982763][ T1145] bridge_slave_1: left promiscuous mode [ 133.984411][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.989542][ T1145] bridge_slave_0: left allmulticast mode [ 133.991221][ T1145] bridge_slave_0: left promiscuous mode [ 133.992945][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.241029][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 134.244832][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 134.249674][ T1145] bond0 (unregistering): Released all slaves [ 134.256791][T10111] hsr_slave_0: entered promiscuous mode [ 134.259494][T10111] hsr_slave_1: entered promiscuous mode [ 134.262068][T10111] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 134.264902][T10111] Cannot create hsr debugfs directory [ 134.296492][ T5948] Bluetooth: hci0: command tx timeout [ 134.679124][ T1145] hsr_slave_0: left promiscuous mode [ 134.681588][ T1145] hsr_slave_1: left promiscuous mode [ 134.683587][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 134.686067][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 134.694924][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 134.697712][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 134.725150][ T1145] veth1_macvtap: left promiscuous mode [ 134.727104][ T1145] veth0_macvtap: left promiscuous mode [ 134.729072][ T1145] veth1_vlan: left promiscuous mode [ 134.730814][ T1145] veth0_vlan: left promiscuous mode [ 134.883448][T10179] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1569'. [ 135.472460][ T1145] team0 (unregistering): Port device team_slave_1 removed [ 135.561737][ T1145] team0 (unregistering): Port device team_slave_0 removed [ 135.906524][ T5948] Bluetooth: hci3: command tx timeout [ 136.182812][T10111] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.297149][T10111] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.386524][ T5948] Bluetooth: hci0: command tx timeout [ 136.416099][T10111] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.487389][T10111] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.625026][T10106] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 136.630849][T10106] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 136.654724][T10106] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 136.664651][T10106] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 136.681617][T10111] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 136.686002][T10111] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 136.691072][T10111] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 136.695650][T10111] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 136.738537][ T1145] bridge_slave_1: left allmulticast mode [ 136.740684][ T1145] bridge_slave_1: left promiscuous mode [ 136.742596][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.750217][ T1145] bridge_slave_0: left allmulticast mode [ 136.751783][ T1145] bridge_slave_0: left promiscuous mode [ 136.753992][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.055453][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 137.060726][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 137.065488][ T1145] bond0 (unregistering): Released all slaves [ 137.077958][T10106] 8021q: adding VLAN 0 to HW filter on device bond0 [ 137.100350][T10106] 8021q: adding VLAN 0 to HW filter on device team0 [ 137.107251][ T1240] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.110174][ T1240] bridge0: port 1(bridge_slave_0) entered forwarding state [ 137.119054][T10111] 8021q: adding VLAN 0 to HW filter on device bond0 [ 137.123653][ T1240] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.126411][ T1240] bridge0: port 2(bridge_slave_1) entered forwarding state [ 137.137019][T10205] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1579'. [ 137.162620][T10111] 8021q: adding VLAN 0 to HW filter on device team0 [ 137.170637][ T1240] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.173338][ T1240] bridge0: port 1(bridge_slave_0) entered forwarding state [ 137.202894][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.205478][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 137.330804][T10111] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 137.334730][T10106] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 137.381282][T10106] veth0_vlan: entered promiscuous mode [ 137.386024][T10106] veth1_vlan: entered promiscuous mode [ 137.406602][T10106] veth0_macvtap: entered promiscuous mode [ 137.410457][T10106] veth1_macvtap: entered promiscuous mode [ 137.416381][T10106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 137.419627][T10106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.422735][T10106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 137.425868][T10106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.431086][T10106] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 137.466593][ T1145] hsr_slave_0: left promiscuous mode [ 137.470529][ T1145] hsr_slave_1: left promiscuous mode [ 137.474705][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 137.479715][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 137.482539][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 137.484671][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 137.514932][ T1145] veth1_macvtap: left promiscuous mode [ 137.517065][ T1145] veth0_macvtap: left promiscuous mode [ 137.519071][ T1145] veth1_vlan: left allmulticast mode [ 137.520938][ T1145] veth1_vlan: left promiscuous mode [ 137.522822][ T1145] veth0_vlan: left promiscuous mode [ 137.684636][ T1145] macvlan0 (unregistering): left allmulticast mode [ 137.978775][ T5948] Bluetooth: hci3: command tx timeout [ 138.223615][T10232] rdma_rxe: rxe_newlink: failed to add ipvlan0 [ 138.276546][ T1145] team0 (unregistering): Port device team_slave_1 removed [ 138.345544][ T1145] team0 (unregistering): Port device team_slave_0 removed [ 138.456779][ T5948] Bluetooth: hci0: command tx timeout [ 138.983879][T10106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 138.986893][T10106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 138.990217][T10106] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 138.997707][T10106] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.000886][T10106] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.003318][T10106] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.005679][T10106] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.072145][T10111] veth0_vlan: entered promiscuous mode [ 139.079324][T10111] veth1_vlan: entered promiscuous mode [ 139.107240][ T1240] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 139.109431][ T1240] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.120593][T10111] veth0_macvtap: entered promiscuous mode [ 139.126189][T10111] veth1_macvtap: entered promiscuous mode [ 139.149243][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 139.151464][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.158648][T10111] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 139.161518][T10111] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.164319][T10111] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 139.167940][T10111] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.171844][T10111] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 139.176334][T10111] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 139.179219][T10111] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.181836][T10111] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 139.184616][T10111] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.188013][T10111] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 139.197347][T10111] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.199672][T10111] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.202021][T10111] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.204341][T10111] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.281738][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 139.284316][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.304004][ T1240] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 139.306148][ T1240] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.362387][T10247] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1552'. [ 139.711853][ T1141] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.782409][ T1141] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.850822][ T5957] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 139.857247][ T5957] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 139.861103][ T5957] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 139.864642][ T5957] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 139.868638][ T5957] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 139.871743][ T5957] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 139.900161][ T1141] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.916018][T10258] »»»»»» speed is unknown, defaulting to 1000 [ 140.056419][ T1141] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.061922][T10265] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 140.145662][T10273] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1598'. [ 140.160125][T10258] chnl_net:caif_netlink_parms(): no params data found [ 140.214607][T10258] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.217770][T10258] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.219804][T10258] bridge_slave_0: entered allmulticast mode [ 140.221986][T10258] bridge_slave_0: entered promiscuous mode [ 140.225647][T10258] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.228509][T10258] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.231278][T10258] bridge_slave_1: entered allmulticast mode [ 140.234432][T10258] bridge_slave_1: entered promiscuous mode [ 140.278886][T10258] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 140.284160][T10258] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 140.333008][T10258] team0: Port device team_slave_0 added [ 140.338091][T10258] team0: Port device team_slave_1 added [ 140.387922][T10258] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 140.390590][T10258] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 140.399976][T10258] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 140.404255][T10258] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 140.406174][T10258] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 140.415864][T10258] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 140.439169][T10293] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1603'. [ 140.463248][T10258] hsr_slave_0: entered promiscuous mode [ 140.465382][T10258] hsr_slave_1: entered promiscuous mode [ 140.468416][T10258] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 140.472145][T10258] Cannot create hsr debugfs directory [ 140.516124][ T1141] bridge_slave_1: left allmulticast mode [ 140.518691][ T1141] bridge_slave_1: left promiscuous mode [ 140.520930][ T1141] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.525770][ T1141] bridge_slave_0: left allmulticast mode [ 140.528343][ T1141] bridge_slave_0: left promiscuous mode [ 140.530665][ T1141] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.537446][ T5957] Bluetooth: hci0: command tx timeout [ 140.539762][T10295] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 140.555869][ T40] audit: type=1400 audit(2000000040.830:452): avc: denied { unmount } for pid=10111 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 140.795273][ T1141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 140.799972][ T1141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 140.803143][ T1141] bond0 (unregistering): Released all slaves [ 141.234383][T10322] rdma_rxe: rxe_newlink: failed to add ipvlan0 [ 141.275029][ T1141] hsr_slave_0: left promiscuous mode [ 141.288025][ T1141] hsr_slave_1: left promiscuous mode [ 141.289818][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 141.291893][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 141.301603][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 141.303830][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 141.334125][ T1141] veth1_macvtap: left promiscuous mode [ 141.335769][ T1141] veth0_macvtap: left promiscuous mode [ 141.337618][ T1141] veth1_vlan: left promiscuous mode [ 141.339173][ T1141] veth0_vlan: left promiscuous mode [ 141.909768][ T5957] Bluetooth: hci3: command tx timeout [ 142.143520][ T1141] team0 (unregistering): Port device team_slave_1 removed [ 142.227888][T10337] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1616'. [ 142.286880][ T1141] team0 (unregistering): Port device team_slave_0 removed [ 142.905647][T10344] 9pnet_fd: Insufficient options for proto=fd [ 142.920169][T10348] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 142.950429][T10258] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 142.961347][T10258] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 142.988303][T10258] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 143.014883][T10258] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 143.036842][T10358] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1626'. [ 143.063164][T10258] 8021q: adding VLAN 0 to HW filter on device bond0 [ 143.070851][T10363] syz1: rxe_newlink: already configured on ipvlan0 [ 143.072262][T10258] 8021q: adding VLAN 0 to HW filter on device team0 [ 143.076098][T10365] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1627'. [ 143.077638][ T84] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.081180][ T84] bridge0: port 1(bridge_slave_0) entered forwarding state [ 143.110893][T10367] rdma_rxe: rxe_newlink: failed to add lo [ 143.203563][T10365] veth1_vlan (unregistering): left allmulticast mode [ 143.212175][T10365] macvlan0 (unregistering): left allmulticast mode [ 143.226843][T10367] »»»»»»: renamed from lo (while UP) [ 143.249708][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.251869][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 143.339909][T10385] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 143.371355][T10258] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 143.388809][T10258] veth0_vlan: entered promiscuous mode [ 143.394380][T10258] veth1_vlan: entered promiscuous mode [ 143.408761][T10258] veth0_macvtap: entered promiscuous mode [ 143.418096][T10258] veth1_macvtap: entered promiscuous mode [ 143.435751][T10258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 143.439854][T10258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.442611][T10258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 143.445827][T10258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.451165][T10258] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 143.456946][T10258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 143.460872][T10258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.464477][T10258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 143.468299][T10258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.471577][T10258] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 143.475713][T10258] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.479387][T10258] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.482771][T10258] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.485932][T10258] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.519349][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.522519][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.542107][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.545395][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 144.312966][T10403] 9pnet_fd: Insufficient options for proto=fd [ 145.344947][T10425] 9pnet_fd: Insufficient options for proto=fd [ 145.502096][T10435] overlayfs: failed to clone upperpath [ 145.546779][T10437] overlayfs: failed to clone upperpath [ 145.593672][T10439] netlink: 'syz.0.1648': attribute type 39 has an invalid length. [ 145.780376][ T1141] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.267161][ T12] af_packet: tpacket_rcv: packet too big, clamped from 66 to 4294967286. macoff=82 [ 146.330403][ T5948] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 146.334902][ T5948] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 146.338552][ T5948] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 146.343280][ T5948] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 146.348156][ T5948] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 146.351544][ T5948] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 146.382585][T10452] »»»»»» speed is unknown, defaulting to 1000 [ 146.504373][T10460] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1654'. [ 146.536406][ T6003] usb 9-1: new high-speed USB device number 15 using dummy_hcd [ 146.543307][T10452] chnl_net:caif_netlink_parms(): no params data found [ 146.622154][T10452] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.624234][T10452] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.627838][T10452] bridge_slave_0: entered allmulticast mode [ 146.630892][T10452] bridge_slave_0: entered promiscuous mode [ 146.634403][T10452] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.637252][T10452] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.640029][T10452] bridge_slave_1: entered allmulticast mode [ 146.643253][T10452] bridge_slave_1: entered promiscuous mode [ 146.671896][T10452] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 146.675493][T10452] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 146.686409][ T6003] usb 9-1: Using ep0 maxpacket: 8 [ 146.692521][ T6003] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 146.694901][ T6003] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 146.698518][ T6003] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 146.700967][ T6003] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 146.704201][ T6003] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 146.706786][ T6003] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 146.712406][T10452] team0: Port device team_slave_0 added [ 146.715542][T10452] team0: Port device team_slave_1 added [ 146.733597][T10452] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 146.735540][T10452] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 146.743165][T10452] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 146.746994][T10452] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 146.749169][T10452] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 146.756158][T10452] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 146.779765][T10452] hsr_slave_0: entered promiscuous mode [ 146.782006][T10452] hsr_slave_1: entered promiscuous mode [ 146.783966][T10452] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 146.786139][T10452] Cannot create hsr debugfs directory [ 146.922364][ T6003] usb 9-1: GET_CAPABILITIES returned 0 [ 146.923839][ T6003] usbtmc 9-1:16.0: can't read capabilities [ 147.115572][T10474] netlink: 'syz.1.1659': attribute type 39 has an invalid length. [ 147.130701][ C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 147.133857][ T6002] usb 9-1: USB disconnect, device number 15 [ 147.378095][T10481] syz1: rxe_newlink: already configured on ipvlan0 [ 147.500767][ T1141] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.585751][ T1141] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.665941][ T1141] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.734109][T10485] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1663'. [ 147.778210][ T1141] bridge_slave_1: left allmulticast mode [ 147.780324][ T1141] bridge_slave_1: left promiscuous mode [ 147.782458][ T1141] bridge0: port 2(bridge_slave_1) entered disabled state [ 147.786554][ T1141] bridge_slave_0: left allmulticast mode [ 147.788611][ T1141] bridge_slave_0: left promiscuous mode [ 147.792263][ T1141] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.133503][ T1141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 148.141968][ T1141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 148.146984][ T1141] bond0 (unregistering): Released all slaves [ 148.179085][ T40] audit: type=1400 audit(2000000048.460:453): avc: denied { write } for pid=10498 comm="syz.0.1669" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1 [ 148.376534][ T5957] Bluetooth: hci3: command tx timeout [ 148.723929][ T1141] hsr_slave_0: left promiscuous mode [ 148.733940][ T1141] hsr_slave_1: left promiscuous mode [ 148.736553][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 148.739943][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 148.751274][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 148.753463][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 148.770939][T10535] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1679'. [ 148.787043][ T1141] veth1_macvtap: left promiscuous mode [ 148.788830][ T1141] veth0_macvtap: left promiscuous mode [ 148.790933][ T1141] veth1_vlan: left promiscuous mode [ 148.792992][ T1141] veth0_vlan: left promiscuous mode [ 148.812541][T10538] rdma_rxe: rxe_newlink: failed to add ipvlan0 [ 149.497588][ T1141] team0 (unregistering): Port device team_slave_1 removed [ 149.586011][ T1141] team0 (unregistering): Port device team_slave_0 removed [ 150.231756][T10452] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 150.235131][T10452] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 150.254269][T10452] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 150.263933][T10452] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 150.323605][ T5957] Bluetooth: hci0: Malformed LE Event: 0x0d [ 150.334857][T10452] 8021q: adding VLAN 0 to HW filter on device bond0 [ 150.359072][T10452] 8021q: adding VLAN 0 to HW filter on device team0 [ 150.359299][ T40] audit: type=1400 audit(2000000050.640:454): avc: denied { connect } for pid=10566 comm="syz.0.1688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 150.371109][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.373125][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 150.373160][ T40] audit: type=1400 audit(2000000050.650:455): avc: denied { setopt } for pid=10566 comm="syz.0.1688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 150.379645][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.383510][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 150.396303][ T40] audit: type=1400 audit(2000000050.660:456): avc: denied { bind } for pid=10566 comm="syz.0.1688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 150.401686][ T40] audit: type=1400 audit(2000000050.660:457): avc: denied { write } for pid=10566 comm="syz.0.1688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 150.402372][T10452] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 150.410477][T10452] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 150.456369][ T5957] Bluetooth: hci3: command tx timeout [ 150.502352][T10452] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 150.520387][T10452] veth0_vlan: entered promiscuous mode [ 150.525022][T10452] veth1_vlan: entered promiscuous mode [ 150.539720][T10452] veth0_macvtap: entered promiscuous mode [ 150.542999][T10452] veth1_macvtap: entered promiscuous mode [ 150.550737][T10452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 150.553630][T10452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.556199][T10452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 150.559346][T10452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.562606][T10452] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 150.568022][T10452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 150.570878][T10452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.573564][T10452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 150.576440][T10452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.579773][T10452] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 150.583775][T10452] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.586347][T10452] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.589468][T10452] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.591827][T10452] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.635177][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 150.641054][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.641841][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 150.647321][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 151.798302][ T40] audit: type=1326 audit(2000000052.080:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10618 comm="syz.4.1702" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8906b8d169 code=0x0 [ 152.647555][ T40] audit: type=1400 audit(2000000052.930:459): avc: denied { bind } for pid=10629 comm="syz.4.1705" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 152.664114][ T40] audit: type=1400 audit(2000000052.930:460): avc: denied { listen } for pid=10629 comm="syz.4.1705" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 152.672726][ T40] audit: type=1400 audit(2000000052.950:461): avc: denied { write } for pid=5334 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 152.678664][ T40] audit: type=1400 audit(2000000052.950:462): avc: denied { remove_name } for pid=5334 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 152.711882][T10634] syz_tun: entered allmulticast mode [ 152.718209][T10633] syz_tun: left allmulticast mode [ 152.877563][T10647] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1712'. [ 152.918259][T10648] rdma_rxe: rxe_newlink: failed to add ipvlan0 [ 153.038495][ T1141] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.776853][ T5948] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 153.783349][ T5948] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 153.791483][ T5948] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 153.795255][ T5948] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 153.799540][ T5948] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 153.802140][ T5948] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 153.834924][T10660] »»»»»» speed is unknown, defaulting to 1000 [ 154.035010][T10660] chnl_net:caif_netlink_parms(): no params data found [ 154.099528][T10660] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.102518][T10660] bridge0: port 1(bridge_slave_0) entered disabled state [ 154.105334][T10660] bridge_slave_0: entered allmulticast mode [ 154.109160][T10660] bridge_slave_0: entered promiscuous mode [ 154.112746][T10660] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.115597][T10660] bridge0: port 2(bridge_slave_1) entered disabled state [ 154.119712][T10660] bridge_slave_1: entered allmulticast mode [ 154.123031][T10660] bridge_slave_1: entered promiscuous mode [ 154.149341][T10660] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 154.153128][T10660] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 154.181673][T10660] team0: Port device team_slave_0 added [ 154.185931][T10660] team0: Port device team_slave_1 added [ 154.219101][T10660] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 154.221101][T10660] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 154.229260][T10660] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 154.234682][T10660] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 154.238723][T10660] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 154.248562][T10660] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 154.284389][T10660] hsr_slave_0: entered promiscuous mode [ 154.287487][T10660] hsr_slave_1: entered promiscuous mode [ 154.289348][T10660] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 154.291488][T10660] Cannot create hsr debugfs directory [ 154.925066][T10715] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1926430720 (3852861440 ns) > initial count (2369312970 ns). Using initial count to start timer. [ 154.978314][ T1141] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.044983][ T1141] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.134315][ T1141] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.280212][ T1141] bridge_slave_1: left allmulticast mode [ 155.282109][ T1141] bridge_slave_1: left promiscuous mode [ 155.284558][ T1141] bridge0: port 2(bridge_slave_1) entered disabled state [ 155.288760][ T1141] bridge_slave_0: left allmulticast mode [ 155.290803][ T1141] bridge_slave_0: left promiscuous mode [ 155.292998][ T1141] bridge0: port 1(bridge_slave_0) entered disabled state [ 155.605295][ T1141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 155.609643][ T1141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 155.614130][ T1141] bond0 (unregistering): Released all slaves [ 155.896550][ T5948] Bluetooth: hci3: command tx timeout [ 155.977781][T10743] overlayfs: failed to clone upperpath [ 156.174224][ T1141] hsr_slave_0: left promiscuous mode [ 156.176242][ T1141] hsr_slave_1: left promiscuous mode [ 156.178489][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 156.180937][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 156.186974][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 156.189901][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 156.224011][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 156.224026][ T40] audit: type=1400 audit(2000000056.500:466): avc: denied { read } for pid=10757 comm="syz.4.1750" name="file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 156.231356][ T1141] veth1_macvtap: left promiscuous mode [ 156.235705][ T1141] veth0_macvtap: left promiscuous mode [ 156.237701][ T1141] veth1_vlan: left promiscuous mode [ 156.239758][ T1141] veth0_vlan: left promiscuous mode [ 156.243373][ T40] audit: type=1400 audit(2000000056.500:467): avc: denied { open } for pid=10757 comm="syz.4.1750" path="/54/file0/file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 156.251840][T10763] block device autoloading is deprecated and will be removed. [ 156.256060][ T40] audit: type=1400 audit(2000000056.530:468): avc: denied { ioctl } for pid=10757 comm="syz.4.1750" path="/54/file0/file0" dev="fuse" ino=64 ioctlcmd=0x923 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 156.351900][T10771] overlayfs: failed to clone upperpath [ 157.047444][ T1141] team0 (unregistering): Port device team_slave_1 removed [ 157.149123][ T1141] team0 (unregistering): Port device team_slave_0 removed [ 157.618218][ T40] audit: type=1400 audit(2000000057.899:469): avc: denied { read } for pid=10804 comm="syz.0.1771" path="socket:[36113]" dev="sockfs" ino=36113 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 157.718341][ T40] audit: type=1800 audit(2000000057.989:470): pid=10810 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.1773" name="nullb0" dev="tmpfs" ino=1153 res=0 errno=0 [ 157.754033][T10812] overlayfs: failed to clone upperpath [ 157.926369][ T40] audit: type=1400 audit(2000000058.199:471): avc: denied { block_suspend } for pid=10821 comm="syz.0.1777" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 157.937260][T10660] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 157.958291][T10824] 9pnet_fd: Insufficient options for proto=fd [ 157.976546][ T5948] Bluetooth: hci3: command tx timeout [ 157.977346][T10660] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 157.983299][T10660] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 157.990994][T10660] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 158.052616][T10660] 8021q: adding VLAN 0 to HW filter on device bond0 [ 158.073922][T10660] 8021q: adding VLAN 0 to HW filter on device team0 [ 158.086301][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.088382][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 158.091687][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.093761][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 158.216569][ T5948] Bluetooth: hci0: command tx timeout [ 158.229995][ T6002] usb 9-1: new high-speed USB device number 16 using dummy_hcd [ 158.258982][T10660] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 158.292734][T10660] veth0_vlan: entered promiscuous mode [ 158.304768][T10660] veth1_vlan: entered promiscuous mode [ 158.325184][T10660] veth0_macvtap: entered promiscuous mode [ 158.331043][T10660] veth1_macvtap: entered promiscuous mode [ 158.340832][T10660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 158.344944][T10660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.349160][T10660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 158.353282][T10660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.358133][T10660] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 158.365072][T10660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 158.369379][T10660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.373022][T10660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 158.376953][T10660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.381665][T10660] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 158.390435][T10660] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.393808][T10660] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.397612][T10660] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.400370][T10660] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.408033][ T6002] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 158.412659][ T6002] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 158.417332][ T6002] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 158.421563][ T6002] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 158.428577][ T6002] usb 9-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 158.434451][T10864] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1787'. [ 158.437796][ T6002] usb 9-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 158.442757][ T6002] usb 9-1: Manufacturer: syz [ 158.446074][ T6002] usb 9-1: config 0 descriptor?? [ 158.448319][ T84] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.450866][ T84] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.467472][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.469996][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.855581][ T6002] appleir 0003:05AC:8243.0009: unknown main item tag 0x0 [ 158.858871][ T6002] appleir 0003:05AC:8243.0009: No inputs registered, leaving [ 158.864248][ T6002] appleir 0003:05AC:8243.0009: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0 [ 159.059102][T10867] 9pnet_fd: Insufficient options for proto=fd [ 159.169146][ T36] usb 9-1: USB disconnect, device number 16 [ 159.712778][T10875] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 159.719719][ T40] audit: type=1400 audit(2000000059.999:472): avc: denied { read } for pid=10874 comm="syz.4.1791" name="file0" dev="overlay" ino=36831328 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 159.726891][ T40] audit: type=1400 audit(2000000059.999:473): avc: denied { open } for pid=10874 comm="syz.4.1791" path="/61/bus/file0" dev="overlay" ino=36831328 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 159.740423][T10875] evm: overlay not supported [ 159.740477][ T40] audit: type=1400 audit(2000000060.019:474): avc: denied { setattr } for pid=10874 comm="syz.4.1791" name="file0" dev="overlay" ino=36831328 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 159.751287][ T40] audit: type=1400 audit(2000000060.019:475): avc: denied { write } for pid=10874 comm="syz.4.1791" path=2F202864656C6574656429 dev="tmpfs" ino=349 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 160.125855][T10873] overlayfs: statfs failed on './file0' [ 160.223067][T10895] overlayfs: failed to clone upperpath [ 160.375373][T10909] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1803'. [ 160.404049][T10911] 9pnet_fd: Insufficient options for proto=fd [ 160.574275][ T1144] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.267583][T10917] xt_hashlimit: size too large, truncated to 1048576 [ 161.384629][ T5957] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 161.389554][ T5957] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 161.395551][ T5957] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 161.401000][ T5957] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 161.403795][ T5957] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 161.407313][ T5957] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 161.429617][T10925] »»»»»» speed is unknown, defaulting to 1000 [ 161.561326][T10925] chnl_net:caif_netlink_parms(): no params data found [ 161.640246][T10925] bridge0: port 1(bridge_slave_0) entered blocking state [ 161.643122][T10925] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.646050][T10925] bridge_slave_0: entered allmulticast mode [ 161.649537][T10925] bridge_slave_0: entered promiscuous mode [ 161.654176][T10925] bridge0: port 2(bridge_slave_1) entered blocking state [ 161.657353][T10925] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.660167][T10925] bridge_slave_1: entered allmulticast mode [ 161.663385][T10925] bridge_slave_1: entered promiscuous mode [ 161.691414][T10925] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 161.695391][T10925] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 161.720788][T10925] team0: Port device team_slave_0 added [ 161.724531][T10925] team0: Port device team_slave_1 added [ 161.749471][T10925] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 161.751785][T10925] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 161.759292][T10925] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 161.763135][T10925] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 161.765100][T10925] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 161.772588][T10925] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 161.800114][T10925] hsr_slave_0: entered promiscuous mode [ 161.802057][T10925] hsr_slave_1: entered promiscuous mode [ 161.803884][T10925] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 161.806040][T10925] Cannot create hsr debugfs directory [ 162.146207][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 162.146224][ T40] audit: type=1400 audit(2000000062.419:479): avc: denied { cmd } for pid=10947 comm="syz.4.1816" path="socket:[37526]" dev="sockfs" ino=37526 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 162.454341][ T1144] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.572781][ T1144] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.667533][ T1144] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.797548][ T1144] bridge_slave_1: left allmulticast mode [ 162.799163][ T1144] bridge_slave_1: left promiscuous mode [ 162.800853][ T1144] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.815164][ T1144] bridge_slave_0: left allmulticast mode [ 162.817140][ T1144] bridge_slave_0: left promiscuous mode [ 162.818930][ T1144] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.046375][ T6003] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 163.161090][ T1144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 163.166512][ T1144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 163.171777][ T1144] bond0 (unregistering): Released all slaves [ 163.208993][ T6003] usb 6-1: Using ep0 maxpacket: 8 [ 163.225491][ T6003] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 163.235659][ T6003] usb 6-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 163.242912][ T6003] usb 6-1: config 0 interface 0 has no altsetting 0 [ 163.245480][ T6003] usb 6-1: New USB device found, idVendor=0458, idProduct=4018, bcdDevice= 0.00 [ 163.256567][ T6003] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.263730][ T6003] usb 6-1: config 0 descriptor?? [ 163.287958][T10984] 9pnet_fd: Insufficient options for proto=fd [ 163.429492][ T5957] Bluetooth: hci3: command tx timeout [ 163.620685][ T1144] hsr_slave_0: left promiscuous mode [ 163.625277][ T1144] hsr_slave_1: left promiscuous mode [ 163.628533][ T1144] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 163.630943][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 163.633864][ T1144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 163.638096][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 163.693672][ T1144] veth1_macvtap: left promiscuous mode [ 163.695837][ T1144] veth0_macvtap: left promiscuous mode [ 163.698128][ T1144] veth1_vlan: left promiscuous mode [ 163.700229][ T1144] veth0_vlan: left promiscuous mode [ 163.743740][ T6003] usbhid 6-1:0.0: can't add hid device: -71 [ 163.747120][ T6003] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 163.753064][ T6003] usb 6-1: USB disconnect, device number 8 [ 164.382671][T11018] 9pnet_fd: Insufficient options for proto=fd [ 164.422171][ T40] audit: type=1400 audit(2000000064.699:480): avc: denied { associate } for pid=11019 comm="syz.4.1839" name="pids.current" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 164.463833][T11020] netfs: Couldn't get user pages (rc=-14) [ 164.537673][ T1144] team0 (unregistering): Port device team_slave_1 removed [ 164.617572][ T40] audit: type=1400 audit(2000000064.899:481): avc: denied { watch watch_reads } for pid=11027 comm="syz.4.1842" path="/80/file1" dev="autofs" ino=36504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1 [ 164.654878][ T1144] team0 (unregistering): Port device team_slave_0 removed [ 164.693186][T11030] Bluetooth: Invalid esc byte 0x03 [ 164.855780][T11033] rdma_rxe: rxe_newlink: failed to add ipvlan0 [ 165.346826][T11026] netlink: 'syz.0.1841': attribute type 12 has an invalid length. [ 165.404131][T10925] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 165.409617][T10925] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 165.413319][T10925] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 165.417847][T10925] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 165.475271][T10925] 8021q: adding VLAN 0 to HW filter on device bond0 [ 165.485556][T10925] 8021q: adding VLAN 0 to HW filter on device team0 [ 165.490323][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state [ 165.492898][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 165.496749][ T5957] Bluetooth: hci3: command tx timeout [ 165.505334][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 165.507381][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 165.673098][T10925] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 165.700288][T10925] veth0_vlan: entered promiscuous mode [ 165.705218][T10925] veth1_vlan: entered promiscuous mode [ 165.734958][T10925] veth0_macvtap: entered promiscuous mode [ 165.739626][T10925] veth1_macvtap: entered promiscuous mode [ 165.747896][T10925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 165.750812][T10925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.753505][T10925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 165.756637][T10925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.759897][T10925] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 165.765234][T10925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 165.768176][T10925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.770819][T10925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 165.773682][T10925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.776934][T10925] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 165.781157][T10925] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 165.783572][T10925] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 165.786103][T10925] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 165.788674][T10925] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 165.830635][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 165.833738][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 165.853467][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 165.856647][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 166.073942][T11066] 9pnet_fd: Insufficient options for proto=fd [ 166.592726][T11089] 9pnet_fd: Insufficient options for proto=fd [ 167.666444][ T6002] usb 9-1: new high-speed USB device number 17 using dummy_hcd [ 167.818643][ T6002] usb 9-1: config index 0 descriptor too short (expected 23569, got 27) [ 167.821755][ T6002] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 167.825312][ T6002] usb 9-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 167.828006][ T6002] usb 9-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 167.830622][ T6002] usb 9-1: Manufacturer: syz [ 167.833202][ T6002] usb 9-1: config 0 descriptor?? [ 167.876447][ T6002] rc_core: IR keymap rc-hauppauge not found [ 167.878571][ T6002] Registered IR keymap rc-empty [ 167.881370][ T6002] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0 [ 167.885826][ T6002] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0/input12 [ 168.040421][ T6002] usb 9-1: USB disconnect, device number 17 [ 168.175741][ T1141] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.968272][T11122] rdma_rxe: rxe_newlink: failed to add ipvlan0 [ 169.075751][ T5948] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 169.082798][ T5948] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 169.086429][ T5948] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 169.090182][ T5948] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 169.093379][ T5948] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 169.096082][ T5948] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 169.132078][T11133] »»»»»» speed is unknown, defaulting to 1000 [ 169.323591][T11133] chnl_net:caif_netlink_parms(): no params data found [ 169.387187][T11133] bridge0: port 1(bridge_slave_0) entered blocking state [ 169.390016][T11133] bridge0: port 1(bridge_slave_0) entered disabled state [ 169.392788][T11133] bridge_slave_0: entered allmulticast mode [ 169.395963][T11133] bridge_slave_0: entered promiscuous mode [ 169.399515][T11133] bridge0: port 2(bridge_slave_1) entered blocking state [ 169.401856][T11133] bridge0: port 2(bridge_slave_1) entered disabled state [ 169.403964][T11133] bridge_slave_1: entered allmulticast mode [ 169.406065][T11133] bridge_slave_1: entered promiscuous mode [ 169.440380][T11133] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 169.445308][T11133] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 169.485654][T11133] team0: Port device team_slave_0 added [ 169.491307][T11133] team0: Port device team_slave_1 added [ 169.519328][T11133] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 169.521938][T11133] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 169.532588][T11133] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 169.539888][T11133] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 169.542545][T11133] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 169.551718][T11133] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 169.589223][T11133] hsr_slave_0: entered promiscuous mode [ 169.591105][T11133] hsr_slave_1: entered promiscuous mode [ 169.593282][T11133] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 169.596048][T11133] Cannot create hsr debugfs directory [ 170.046863][ T40] audit: type=1326 audit(2000000070.329:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11157 comm="syz.1.1877" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b4d58d169 code=0x0 [ 170.103645][T11160] rdma_rxe: rxe_newlink: failed to add ipvlan0 [ 170.182792][ T1141] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.254902][ T1141] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.328522][ T1141] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.403529][ T40] audit: type=1804 audit(2000000070.679:483): pid=11170 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.1882" name="/newroot/100/file0/file0" dev="ramfs" ino=39489 res=1 errno=0 [ 170.434598][ T1141] bridge_slave_1: left allmulticast mode [ 170.436838][ T1141] bridge_slave_1: left promiscuous mode [ 170.438447][ T1141] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.444017][ T1141] bridge_slave_0: left allmulticast mode [ 170.447618][ T1141] bridge_slave_0: left promiscuous mode [ 170.449957][ T1141] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.498596][ T40] audit: type=1400 audit(2000000070.779:484): avc: denied { unmount } for pid=10111 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 170.512558][T11172] overlayfs: failed to clone upperpath [ 170.687585][ T40] audit: type=1326 audit(2000000070.959:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11182 comm="syz.0.1887" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8121b8d169 code=0x0 [ 170.700243][ T40] audit: type=1400 audit(2000000070.979:486): avc: denied { module_request } for pid=11173 comm="syz.4.1884" kmod="netdev-syzkaller0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 170.801319][ T1141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 170.805604][ T1141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 170.809120][ T1141] bond0 (unregistering): Released all slaves [ 170.837462][T11180] tipc: Started in network mode [ 170.839399][T11180] tipc: Node identity 2e1d9c9565b2, cluster identity 4711 [ 170.842336][T11180] tipc: Enabled bearer , priority 0 [ 170.867972][T11184] syzkaller0: entered promiscuous mode [ 170.870175][T11184] syzkaller0: entered allmulticast mode [ 170.880507][T11184] tipc: Resetting bearer [ 170.918226][T11173] tipc: Resetting bearer [ 171.186869][ T5948] Bluetooth: hci3: command tx timeout [ 171.607661][T11202] xt_hashlimit: size too large, truncated to 1048576 [ 171.899956][ T40] audit: type=1400 audit(2000000072.179:487): avc: denied { watch watch_reads } for pid=11215 comm="syz.1.1896" path="/388/bus" dev="overlay" ino=2043 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 171.930867][ T6002] tipc: Node number set to 1269800085 [ 172.138477][T11225] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1898'. [ 172.250608][ T40] audit: type=1400 audit(2000000072.519:488): avc: denied { write } for pid=11227 comm="syz.1.1900" name="anycast6" dev="proc" ino=4026533108 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 172.348330][T11173] tipc: Disabling bearer [ 172.385831][T11225] 0ªX¹¦D: renamed from gretap0 (while UP) [ 172.390939][T11225] 0ªX¹¦D: entered allmulticast mode [ 172.392688][T11225] A link change request failed with some changes committed already. Interface 30ªX¹¦D may have been left with an inconsistent configuration, please check. [ 172.415747][T11230] overlay: ./bus is not a directory [ 172.418028][ T40] audit: type=1400 audit(2000000072.689:489): avc: denied { mounton } for pid=11229 comm="syz.1.1901" path="/392/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="9p" ino=36831347 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 172.439525][T11230] overlay: ./file1 is not a directory [ 172.583931][ T40] audit: type=1400 audit(2000000072.849:490): avc: denied { mounton } for pid=11243 comm="syz.1.1903" path="/393/file1/file0" dev="autofs" ino=38716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1 [ 172.596371][ T40] audit: type=1400 audit(2000000072.869:491): avc: denied { read } for pid=11243 comm="syz.1.1903" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 172.600880][T11245] 9pnet: Could not find request transport: fd00000000000000000005 [ 172.729599][ T1141] hsr_slave_0: left promiscuous mode [ 172.741753][ T1141] hsr_slave_1: left promiscuous mode [ 172.743561][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 172.745979][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 172.751769][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 172.754000][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 172.804607][ T1141] veth1_macvtap: left promiscuous mode [ 172.806934][ T1141] veth0_macvtap: left promiscuous mode [ 172.809199][ T1141] veth1_vlan: left promiscuous mode [ 172.811139][ T1141] veth0_vlan: left promiscuous mode [ 172.961958][T11265] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1914'. [ 173.014582][T11267] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1914'. [ 173.259498][ T5948] Bluetooth: hci3: command tx timeout [ 173.644638][ T1141] team0 (unregistering): Port device team_slave_1 removed [ 173.740075][ T1141] team0 (unregistering): Port device team_slave_0 removed [ 173.805868][T11271] overlayfs: failed to clone upperpath [ 174.528631][T11133] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 174.536590][T11282] 9pnet: Could not find request transport: fd00000000000000000010 [ 174.547734][T11133] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 174.565352][T11133] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 174.577553][T11133] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 174.623398][T11133] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.653984][T11133] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.660681][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.663540][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 174.684651][ T1240] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.687443][ T1240] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.822346][T11133] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 174.842801][T11133] veth0_vlan: entered promiscuous mode [ 174.849707][T11133] veth1_vlan: entered promiscuous mode [ 174.874046][T11133] veth0_macvtap: entered promiscuous mode [ 174.880312][T11133] veth1_macvtap: entered promiscuous mode [ 174.889852][T11133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.893838][T11133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.899464][T11133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.902521][T11133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.905937][T11133] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 174.911729][T11133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.915391][T11133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.919630][T11133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.922996][T11133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.928229][T11133] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 174.933661][T11133] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.937537][T11133] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.940888][T11133] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.944168][T11133] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.985140][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 174.989582][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 174.999463][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 175.002479][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 175.211340][T11325] 9pnet: Could not find request transport: fd00000000000000000005 [ 175.380516][ T1240] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.382146][T11333] Cache volume key already in use (9p,syz,) [ 175.507796][ T1240] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.526331][ T5957] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 175.533244][ T5957] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 175.536606][ T5957] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 175.542022][ T5957] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 175.544586][ T5957] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 175.549502][ T5957] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 175.576206][T11336] »»»»»» speed is unknown, defaulting to 1000 [ 175.593816][ T1240] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.700218][ T1240] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.706207][T11348] 9pnet_fd: Insufficient options for proto=fd [ 175.834859][T11336] chnl_net:caif_netlink_parms(): no params data found [ 175.862481][ T1240] bridge_slave_1: left allmulticast mode [ 175.864314][ T1240] bridge_slave_1: left promiscuous mode [ 175.867138][ T1240] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.872299][ T1240] bridge_slave_0: left allmulticast mode [ 175.874564][ T1240] bridge_slave_0: left promiscuous mode [ 175.877159][ T1240] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.273787][ T40] kauditd_printk_skb: 1 callbacks suppressed [ 176.273802][ T40] audit: type=1400 audit(2000000076.549:493): avc: denied { read } for pid=11372 comm="syz.0.1948" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 176.340847][ T1240] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 176.346643][ T1240] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 176.352372][ T1240] bond0 (unregistering): Released all slaves [ 176.429265][ T1240] tipc: Left network mode [ 176.522489][T11389] overlayfs: failed to clone upperpath [ 176.525423][T11336] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.529433][T11336] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.532188][T11336] bridge_slave_0: entered allmulticast mode [ 176.534902][T11336] bridge_slave_0: entered promiscuous mode [ 176.538531][T11336] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.540854][T11336] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.543031][T11336] bridge_slave_1: entered allmulticast mode [ 176.545981][T11336] bridge_slave_1: entered promiscuous mode [ 176.580954][T11391] tipc: Enabled bearer , priority 0 [ 176.586978][T11336] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 176.592352][T11336] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 176.642383][T11336] team0: Port device team_slave_0 added [ 176.643841][ T40] audit: type=1400 audit(2000000076.919:494): avc: denied { accept } for pid=11397 comm="syz.0.1957" lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 176.655030][ T40] audit: type=1400 audit(2000000076.919:495): avc: denied { read } for pid=11397 comm="syz.0.1957" laddr=127.0.0.1 lport=45112 faddr=127.0.0.1 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 176.678162][T11336] team0: Port device team_slave_1 added [ 176.701155][T11336] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 176.703102][T11336] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 176.714253][T11336] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 176.718518][T11336] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 176.720438][T11336] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 176.729211][T11336] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 176.800924][T11336] hsr_slave_0: entered promiscuous mode [ 176.803303][T11336] hsr_slave_1: entered promiscuous mode [ 176.805146][T11336] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 176.808430][T11336] Cannot create hsr debugfs directory [ 176.851246][ T1240] hsr_slave_0: left promiscuous mode [ 176.854230][ T1240] hsr_slave_1: left promiscuous mode [ 176.856164][ T1240] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 176.861150][ T1240] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 176.867195][ T1240] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 176.870020][ T1240] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 176.908595][ T1240] veth1_macvtap: left promiscuous mode [ 176.910684][ T1240] veth0_macvtap: left promiscuous mode [ 176.912841][ T1240] veth1_vlan: left promiscuous mode [ 176.914705][ T1240] veth0_vlan: left promiscuous mode [ 177.592004][ T5948] Bluetooth: hci0: command tx timeout [ 177.821412][ T1240] team0 (unregistering): Port device team_slave_1 removed [ 177.925839][ T1240] team0 (unregistering): Port device team_slave_0 removed [ 178.294226][ T5957] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 178.328701][ T5957] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 178.335989][ T5957] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 178.345033][ T5957] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 178.352103][ T5957] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 178.355270][ T5957] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 178.805418][T11413] »»»»»» speed is unknown, defaulting to 1000 [ 178.862944][ T40] audit: type=1400 audit(2000000079.139:496): avc: denied { read } for pid=11417 comm="syz.0.1960" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1 [ 179.107443][T11413] chnl_net:caif_netlink_parms(): no params data found [ 179.245806][T11413] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.248502][T11413] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.251075][T11413] bridge_slave_0: entered allmulticast mode [ 179.254308][T11413] bridge_slave_0: entered promiscuous mode [ 179.259198][T11413] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.261919][T11413] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.264829][T11413] bridge_slave_1: entered allmulticast mode [ 179.268787][T11413] bridge_slave_1: entered promiscuous mode [ 179.340983][T11413] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 179.353195][T11413] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 179.391039][T11413] team0: Port device team_slave_0 added [ 179.398127][T11413] team0: Port device team_slave_1 added [ 179.432620][T11413] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 179.435224][T11413] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 179.445002][T11413] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 179.451157][T11413] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 179.453876][T11413] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 179.463838][T11413] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 179.508479][ T1240] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.542335][T11413] hsr_slave_0: entered promiscuous mode [ 179.544385][T11413] hsr_slave_1: entered promiscuous mode [ 179.546210][T11413] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 179.548537][T11413] Cannot create hsr debugfs directory [ 179.594651][ T1240] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.656452][ T5948] Bluetooth: hci0: command tx timeout [ 179.663587][ T1240] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.671051][T11336] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 179.676148][T11336] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 179.689729][T11336] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 179.694721][T11336] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 179.734662][ T1240] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.775645][T11336] 8021q: adding VLAN 0 to HW filter on device bond0 [ 179.782552][T11336] 8021q: adding VLAN 0 to HW filter on device team0 [ 179.826770][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.828946][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.831649][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.833880][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.921339][ T1240] bridge_slave_1: left allmulticast mode [ 179.923468][ T1240] bridge_slave_1: left promiscuous mode [ 179.925707][ T1240] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.938013][ T1240] bridge_slave_0: left allmulticast mode [ 179.940055][ T1240] bridge_slave_0: left promiscuous mode [ 179.941936][ T1240] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.277941][ T1240] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 180.289007][ T1240] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 180.294480][ T1240] bond0 (unregistering): Released all slaves [ 180.388219][ T5948] Bluetooth: hci3: command tx timeout [ 180.397266][ T40] audit: type=1400 audit(2000000080.679:497): avc: denied { getopt } for pid=11478 comm="syz.0.1967" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 180.455790][T11336] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 180.468418][T11490] overlayfs: failed to clone upperpath [ 180.616228][ T40] audit: type=1400 audit(2000000080.889:498): avc: denied { write } for pid=11503 comm="syz.0.1971" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 180.667015][T11336] veth0_vlan: entered promiscuous mode [ 180.677105][T11336] veth1_vlan: entered promiscuous mode [ 180.702293][T11336] veth0_macvtap: entered promiscuous mode [ 180.709094][T11336] veth1_macvtap: entered promiscuous mode [ 180.719656][T11336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.723459][T11336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.729331][T11336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.733331][T11336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.738591][T11336] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 180.744726][T11336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.750410][T11336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.753801][T11336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.757824][T11336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.768475][T11336] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 180.775517][T11336] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.778801][T11336] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.781472][T11336] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.783944][T11336] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.803271][ T1240] hsr_slave_0: left promiscuous mode [ 180.805877][ T1240] hsr_slave_1: left promiscuous mode [ 180.819043][ T1240] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 180.821841][ T1240] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 180.829912][ T1240] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 180.832891][ T1240] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 180.875032][ T1240] veth1_macvtap: left promiscuous mode [ 180.877739][ T1240] veth0_macvtap: left promiscuous mode [ 180.879982][ T1240] veth1_vlan: left promiscuous mode [ 180.881984][ T1240] veth0_vlan: left promiscuous mode [ 181.697609][ T1240] team0 (unregistering): Port device team_slave_1 removed [ 181.736815][ T5948] Bluetooth: hci0: command tx timeout [ 181.813494][ T1240] team0 (unregistering): Port device team_slave_0 removed [ 182.466550][ T5948] Bluetooth: hci3: command tx timeout [ 182.549984][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 182.552872][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 182.570686][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 182.571966][T11413] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 182.573551][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 182.580546][T11413] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 182.587175][T11413] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 182.600854][T11413] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 182.737806][T11413] 8021q: adding VLAN 0 to HW filter on device bond0 [ 182.745162][T11413] 8021q: adding VLAN 0 to HW filter on device team0 [ 182.749529][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.752340][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 182.759077][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.761767][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 182.878291][T11413] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 182.893334][T11413] veth0_vlan: entered promiscuous mode [ 182.898551][T11413] veth1_vlan: entered promiscuous mode [ 182.909669][T11413] veth0_macvtap: entered promiscuous mode [ 182.912714][T11413] veth1_macvtap: entered promiscuous mode [ 182.919514][T11413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 182.922405][T11413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.925083][T11413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 182.929592][T11413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.932920][T11413] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 182.938058][T11413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 182.940949][T11413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.943616][T11413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 182.947471][T11413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.951232][T11413] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.956150][T11413] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.958564][T11413] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.960860][T11413] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.963218][T11413] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.003467][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 183.011466][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.025650][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 183.029652][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.774138][ T1240] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.941531][ T5957] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 183.944474][ T5957] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 183.949158][ T5957] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 183.952436][ T5957] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 183.955215][ T5957] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 183.957856][ T5957] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 183.975620][T11540] »»»»»» speed is unknown, defaulting to 1000 [ 184.120967][T11540] chnl_net:caif_netlink_parms(): no params data found [ 184.178339][T11540] bridge0: port 1(bridge_slave_0) entered blocking state [ 184.180316][T11540] bridge0: port 1(bridge_slave_0) entered disabled state [ 184.182959][T11540] bridge_slave_0: entered allmulticast mode [ 184.186096][T11540] bridge_slave_0: entered promiscuous mode [ 184.190177][T11540] bridge0: port 2(bridge_slave_1) entered blocking state [ 184.192955][T11540] bridge0: port 2(bridge_slave_1) entered disabled state [ 184.195789][T11540] bridge_slave_1: entered allmulticast mode [ 184.200195][T11540] bridge_slave_1: entered promiscuous mode [ 184.229979][T11540] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 184.237369][T11540] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 184.262483][T11540] team0: Port device team_slave_0 added [ 184.266158][T11540] team0: Port device team_slave_1 added [ 184.294183][T11540] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 184.298213][T11540] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 184.307611][T11540] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 184.316114][T11540] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 184.319343][T11540] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 184.326966][T11540] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 184.358342][T11540] hsr_slave_0: entered promiscuous mode [ 184.360284][T11540] hsr_slave_1: entered promiscuous mode [ 184.362127][T11540] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 184.364234][T11540] Cannot create hsr debugfs directory [ 184.584971][ T1240] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.651897][ T1240] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.758768][ T1240] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.853603][ T1240] bridge_slave_1: left allmulticast mode [ 184.855785][ T1240] bridge_slave_1: left promiscuous mode [ 184.858050][ T1240] bridge0: port 2(bridge_slave_1) entered disabled state [ 184.861268][ T1240] bridge_slave_0: left allmulticast mode [ 184.862843][ T1240] bridge_slave_0: left promiscuous mode [ 184.864440][ T1240] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.159336][ T1240] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 185.163735][ T1240] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 185.167158][ T1240] bond0 (unregistering): Released all slaves [ 185.506471][ T1240] hsr_slave_0: left promiscuous mode [ 185.512089][ T1240] hsr_slave_1: left promiscuous mode [ 185.527568][ T1240] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 185.532097][ T1240] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 185.546994][ T1240] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 185.549774][ T1240] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 185.576910][ T1240] veth1_macvtap: left promiscuous mode [ 185.579782][ T1240] veth0_macvtap: left promiscuous mode [ 185.581509][ T1240] veth1_vlan: left promiscuous mode [ 185.583071][ T1240] veth0_vlan: left promiscuous mode [ 185.980576][ T5948] Bluetooth: hci0: command tx timeout [ 186.160536][ T40] audit: type=1326 audit(2000000086.439:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11564 comm="syz.0.1981" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8121b8d169 code=0x0 [ 186.231172][ T5957] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 186.237710][ T5957] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 186.245282][ T5957] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 186.272451][ T5957] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 186.284268][ T5957] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 186.288552][ T5957] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 186.349679][ T1240] team0 (unregistering): Port device team_slave_1 removed [ 186.440867][ T1240] team0 (unregistering): Port device team_slave_0 removed [ 187.108215][T11566] »»»»»» speed is unknown, defaulting to 1000 [ 187.277949][T11540] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 187.285956][T11540] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 187.292650][T11540] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 187.296082][T11540] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 187.408612][T11566] chnl_net:caif_netlink_parms(): no params data found [ 187.414777][T11540] 8021q: adding VLAN 0 to HW filter on device bond0 [ 187.448546][T11540] 8021q: adding VLAN 0 to HW filter on device team0 [ 187.488255][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.490841][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 187.494153][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.496145][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 187.506496][T11566] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.508455][T11566] bridge0: port 1(bridge_slave_0) entered disabled state [ 187.510436][T11566] bridge_slave_0: entered allmulticast mode [ 187.512940][T11566] bridge_slave_0: entered promiscuous mode [ 187.519749][T11566] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.521962][T11566] bridge0: port 2(bridge_slave_1) entered disabled state [ 187.524713][T11566] bridge_slave_1: entered allmulticast mode [ 187.527827][T11566] bridge_slave_1: entered promiscuous mode [ 187.551869][T11566] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 187.558215][T11566] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 187.599307][T11566] team0: Port device team_slave_0 added [ 187.603839][T11566] team0: Port device team_slave_1 added [ 187.631162][T11566] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 187.633244][T11566] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.640476][T11566] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 187.645094][T11566] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 187.647330][T11566] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.655460][T11566] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 187.677659][ T1240] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.706130][T11566] hsr_slave_0: entered promiscuous mode [ 187.708179][T11566] hsr_slave_1: entered promiscuous mode [ 187.710037][T11566] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 187.712205][T11566] Cannot create hsr debugfs directory [ 187.769965][ T1240] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.787212][T11540] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 187.861680][ T1240] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.919563][T11540] veth0_vlan: entered promiscuous mode [ 187.923646][T11540] veth1_vlan: entered promiscuous mode [ 187.935992][T11540] veth0_macvtap: entered promiscuous mode [ 187.939321][T11540] veth1_macvtap: entered promiscuous mode [ 187.959241][ T1240] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.972527][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.977407][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.980822][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.984907][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.988568][T11540] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 187.995012][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.999424][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.003078][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.007147][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.013603][T11540] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 188.024686][T11540] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.029226][T11540] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.031900][T11540] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.034341][T11540] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.056867][ T5948] Bluetooth: hci0: command tx timeout [ 188.070718][ T5957] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 188.074907][ T5957] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 188.077901][ T5957] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 188.082179][ T5957] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 188.093353][ T5957] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 188.095601][ T5957] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 188.165405][ T1240] bridge_slave_1: left allmulticast mode [ 188.169852][ T1240] bridge_slave_1: left promiscuous mode [ 188.172029][ T1240] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.177042][ T1240] bridge_slave_0: left allmulticast mode [ 188.179336][ T1240] bridge_slave_0: left promiscuous mode [ 188.181668][ T1240] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.376696][ T5957] Bluetooth: hci3: command tx timeout [ 188.458555][ T1240] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 188.462331][ T1240] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 188.465708][ T1240] bond0 (unregistering): Released all slaves [ 188.501520][ T84] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.503843][ T84] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.506660][T11610] »»»»»» speed is unknown, defaulting to 1000 [ 188.543134][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.546189][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.563326][T11540] ================================================================== [ 188.566281][T11540] BUG: KASAN: slab-use-after-free in binder_add_device+0xa4/0xb0 [ 188.569110][T11540] Write of size 8 at addr ffff8880233d3008 by task syz-executor/11540 [ 188.572579][T11540] [ 188.573860][T11540] CPU: 1 UID: 0 PID: 11540 Comm: syz-executor Not tainted 6.14.0-rc6-syzkaller-00022-gb7f94fcf5546 #0 [ 188.573873][T11540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 188.573880][T11540] Call Trace: [ 188.573884][T11540] [ 188.573888][T11540] dump_stack_lvl+0x116/0x1f0 [ 188.573906][T11540] print_report+0xc3/0x670 [ 188.573918][T11540] ? __virt_addr_valid+0x5e/0x590 [ 188.573928][T11540] ? __phys_addr+0xc6/0x150 [ 188.573938][T11540] kasan_report+0xd9/0x110 [ 188.573948][T11540] ? binder_add_device+0xa4/0xb0 [ 188.573962][T11540] ? binder_add_device+0xa4/0xb0 [ 188.573975][T11540] binder_add_device+0xa4/0xb0 [ 188.573987][T11540] binderfs_binder_device_create.isra.0+0x95f/0xb70 [ 188.574004][T11540] binderfs_fill_super+0x8d6/0x1360 [ 188.574019][T11540] ? __pfx_binderfs_fill_super+0x10/0x10 [ 188.574038][T11540] ? shrinker_register+0x1a8/0x260 [ 188.574053][T11540] ? sget_fc+0x808/0xc20 [ 188.574068][T11540] ? __pfx_set_anon_super_fc+0x10/0x10 [ 188.574083][T11540] ? __pfx_binderfs_fill_super+0x10/0x10 [ 188.574097][T11540] get_tree_nodev+0xda/0x190 [ 188.574106][T11540] vfs_get_tree+0x8b/0x340 [ 188.574119][T11540] path_mount+0x14e6/0x1f10 [ 188.574130][T11540] ? kmem_cache_free+0x2e2/0x4d0 [ 188.574140][T11540] ? __pfx_path_mount+0x10/0x10 [ 188.574151][T11540] ? putname+0x13c/0x180 [ 188.574163][T11540] __x64_sys_mount+0x28f/0x310 [ 188.574174][T11540] ? __pfx___x64_sys_mount+0x10/0x10 [ 188.574187][T11540] do_syscall_64+0xcd/0x250 [ 188.574201][T11540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.574216][T11540] RIP: 0033:0x7fce72b8e90a [ 188.574225][T11540] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.574235][T11540] RSP: 002b:00007ffd361dba88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 188.574244][T11540] RAX: ffffffffffffffda RBX: 00007fce72c0e663 RCX: 00007fce72b8e90a [ 188.574251][T11540] RDX: 00007fce72c1dda7 RSI: 00007fce72c0e663 RDI: 00007fce72c1dda7 [ 188.574257][T11540] RBP: 00007fce72c0e8ac R08: 0000000000000000 R09: 00007fce72da6738 [ 188.574263][T11540] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fce72beb1a8 [ 188.574272][T11540] R13: 00007fce72beb180 R14: 0000000000000009 R15: 0000000000000000 [ 188.574285][T11540] [ 188.574289][T11540] [ 188.651148][T11540] Allocated by task 5943: [ 188.652386][T11540] kasan_save_stack+0x33/0x60 [ 188.653748][T11540] kasan_save_track+0x14/0x30 [ 188.655068][T11540] __kasan_kmalloc+0xaa/0xb0 [ 188.656371][T11540] binderfs_binder_device_create.isra.0+0x17a/0xb70 [ 188.658108][T11540] binderfs_fill_super+0x8d6/0x1360 [ 188.659484][T11540] get_tree_nodev+0xda/0x190 [ 188.660823][T11540] vfs_get_tree+0x8b/0x340 [ 188.662071][T11540] path_mount+0x14e6/0x1f10 [ 188.663385][T11540] __x64_sys_mount+0x28f/0x310 [ 188.664750][T11540] do_syscall_64+0xcd/0x250 [ 188.666030][T11540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.667704][T11540] [ 188.668362][T11540] Freed by task 5984: [ 188.669501][T11540] kasan_save_stack+0x33/0x60 [ 188.670829][T11540] kasan_save_track+0x14/0x30 [ 188.672183][T11540] kasan_save_free_info+0x3b/0x60 [ 188.673635][T11540] __kasan_slab_free+0x51/0x70 [ 188.675029][T11540] kfree+0x2c4/0x4d0 [ 188.676155][T11540] binder_proc_dec_tmpref+0x4c3/0x590 [ 188.677676][T11540] binder_deferred_func+0xeea/0x12f0 [ 188.679160][T11540] process_one_work+0x9c5/0x1ba0 [ 188.680576][T11540] worker_thread+0x6c8/0xf00 [ 188.681884][T11540] kthread+0x3af/0x750 [ 188.683062][T11540] ret_from_fork+0x45/0x80 [ 188.684308][T11540] ret_from_fork_asm+0x1a/0x30 [ 188.685597][T11540] [ 188.686280][T11540] The buggy address belongs to the object at ffff8880233d3000 [ 188.686280][T11540] which belongs to the cache kmalloc-512 of size 512 [ 188.689979][T11540] The buggy address is located 8 bytes inside of [ 188.689979][T11540] freed 512-byte region [ffff8880233d3000, ffff8880233d3200) [ 188.693618][T11540] [ 188.694303][T11540] The buggy address belongs to the physical page: [ 188.696040][T11540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880233d3c00 pfn:0x233d0 [ 188.698734][T11540] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 188.701052][T11540] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 188.703266][T11540] page_type: f5(slab) [ 188.704396][T11540] raw: 00fff00000000040 ffff88801b042c80 0000000000000000 dead000000000001 [ 188.706759][T11540] raw: ffff8880233d3c00 000000000010000f 00000000f5000000 0000000000000000 [ 188.709140][T11540] head: 00fff00000000040 ffff88801b042c80 0000000000000000 dead000000000001 [ 188.711510][T11540] head: ffff8880233d3c00 000000000010000f 00000000f5000000 0000000000000000 [ 188.713918][T11540] head: 00fff00000000002 ffffea00008cf401 ffffffffffffffff 0000000000000000 [ 188.716264][T11540] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 188.718632][T11540] page dumped because: kasan: bad access detected [ 188.720410][T11540] page_owner tracks the page as allocated [ 188.721986][T11540] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 46, tgid 46 (kworker/u32:2), ts 48507977214, free_ts 48468432818 [ 188.727673][T11540] post_alloc_hook+0x181/0x1b0 [ 188.728970][T11540] get_page_from_freelist+0xfce/0x2f80 [ 188.730412][T11540] __alloc_frozen_pages_noprof+0x221/0x2470 [ 188.732072][T11540] alloc_pages_mpol+0x1fc/0x540 [ 188.733449][T11540] new_slab+0x23d/0x330 [ 188.734596][T11540] ___slab_alloc+0xc5d/0x1720 [ 188.735868][T11540] __slab_alloc.constprop.0+0x56/0xb0 [ 188.737362][T11540] __kmalloc_cache_noprof+0xfa/0x410 [ 188.738992][T11540] __ipv6_dev_mc_inc+0x2b9/0xc10 [ 188.740412][T11540] addrconf_dad_work+0x285/0x14e0 [ 188.741855][T11540] process_one_work+0x9c5/0x1ba0 [ 188.743251][T11540] worker_thread+0x6c8/0xf00 [ 188.744586][T11540] kthread+0x3af/0x750 [ 188.745714][T11540] ret_from_fork+0x45/0x80 [ 188.746944][T11540] ret_from_fork_asm+0x1a/0x30 [ 188.748249][T11540] page last free pid 5983 tgid 5983 stack trace: [ 188.749997][T11540] free_frozen_pages+0x6db/0xfb0 [ 188.751395][T11540] qlist_free_all+0x4e/0x120 [ 188.752721][T11540] kasan_quarantine_reduce+0x195/0x1e0 [ 188.754152][T11540] __kasan_slab_alloc+0x69/0x90 [ 188.755437][T11540] kmem_cache_alloc_node_noprof+0x223/0x3c0 [ 188.757043][T11540] __alloc_skb+0x2b1/0x380 [ 188.758301][T11540] mld_newpack.isra.0+0x18f/0xa20 [ 188.759720][T11540] add_grhead+0x299/0x340 [ 188.760878][T11540] add_grec+0x111e/0x1670 [ 188.762036][T11540] mld_ifc_work+0x41f/0xca0 [ 188.763268][T11540] process_one_work+0x9c5/0x1ba0 [ 188.764693][T11540] worker_thread+0x6c8/0xf00 [ 188.765980][T11540] kthread+0x3af/0x750 [ 188.767121][T11540] ret_from_fork+0x45/0x80 [ 188.768381][T11540] ret_from_fork_asm+0x1a/0x30 [ 188.769722][T11540] [ 188.770405][T11540] Memory state around the buggy address: [ 188.771958][T11540] ffff8880233d2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 188.774178][T11540] ffff8880233d2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 188.776391][T11540] >ffff8880233d3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 188.778824][T11540] ^ [ 188.780055][T11540] ffff8880233d3080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 188.782283][T11540] ffff8880233d3100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 188.784525][T11540] ================================================================== [ 188.796906][T11540] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 188.798970][T11540] CPU: 2 UID: 0 PID: 11540 Comm: syz-executor Not tainted 6.14.0-rc6-syzkaller-00022-gb7f94fcf5546 #0 [ 188.802305][T11540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 188.805752][T11540] Call Trace: [ 188.806899][T11540] [ 188.807777][T11540] dump_stack_lvl+0x3d/0x1f0 [ 188.809079][T11540] panic+0x71d/0x800 [ 188.810163][T11540] ? __pfx_panic+0x10/0x10 [ 188.811494][T11540] ? irqentry_exit+0x3b/0x90 [ 188.812995][T11540] ? lockdep_hardirqs_on+0x7c/0x110 [ 188.814468][T11540] ? preempt_schedule_thunk+0x1a/0x30 [ 188.815984][T11540] ? preempt_schedule_common+0x44/0xc0 [ 188.817434][T11540] ? check_panic_on_warn+0x1f/0xb0 [ 188.818830][T11540] check_panic_on_warn+0xab/0xb0 [ 188.820241][T11540] end_report+0x117/0x180 [ 188.821583][T11540] kasan_report+0xe9/0x110 [ 188.823331][T11540] ? binder_add_device+0xa4/0xb0 [ 188.825030][T11540] ? binder_add_device+0xa4/0xb0 [ 188.826400][T11540] binder_add_device+0xa4/0xb0 [ 188.827739][T11540] binderfs_binder_device_create.isra.0+0x95f/0xb70 [ 188.829572][T11540] binderfs_fill_super+0x8d6/0x1360 [ 188.830997][T11540] ? __pfx_binderfs_fill_super+0x10/0x10 [ 188.832665][T11540] ? shrinker_register+0x1a8/0x260 [ 188.834086][T11540] ? sget_fc+0x808/0xc20 [ 188.835297][T11540] ? __pfx_set_anon_super_fc+0x10/0x10 [ 188.836802][T11540] ? __pfx_binderfs_fill_super+0x10/0x10 [ 188.838343][T11540] get_tree_nodev+0xda/0x190 [ 188.839623][T11540] vfs_get_tree+0x8b/0x340 [ 188.840856][T11540] path_mount+0x14e6/0x1f10 [ 188.842283][T11540] ? kmem_cache_free+0x2e2/0x4d0 [ 188.843579][T11540] ? __pfx_path_mount+0x10/0x10 [ 188.844959][T11540] ? putname+0x13c/0x180 [ 188.846080][T11540] __x64_sys_mount+0x28f/0x310 [ 188.847407][T11540] ? __pfx___x64_sys_mount+0x10/0x10 [ 188.848832][T11540] do_syscall_64+0xcd/0x250 [ 188.850045][T11540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.851673][T11540] RIP: 0033:0x7fce72b8e90a [ 188.852914][T11540] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.858174][T11540] RSP: 002b:00007ffd361dba88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 188.860453][T11540] RAX: ffffffffffffffda RBX: 00007fce72c0e663 RCX: 00007fce72b8e90a [ 188.862655][T11540] RDX: 00007fce72c1dda7 RSI: 00007fce72c0e663 RDI: 00007fce72c1dda7 [ 188.864829][T11540] RBP: 00007fce72c0e8ac R08: 0000000000000000 R09: 00007fce72da6738 [ 188.867053][T11540] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fce72beb1a8 [ 188.869377][T11540] R13: 00007fce72beb180 R14: 0000000000000009 R15: 0000000000000000 [ 188.871758][T11540] [ 188.873147][T11540] Kernel Offset: disabled [ 188.874344][T11540] Rebooting in 86400 seconds.. VM DIAGNOSIS: 07:21:48 Registers: info registers vcpu 0 CPU#0 RAX=00000000001e7edf RBX=0000000000000000 RCX=ffffffff8b57d469 RDX=0000000000000000 RSI=ffffffff8b6cfc80 RDI=ffffffff8bd36a20 RBP=fffffbfff1bd2ee8 RSP=ffffffff8de07e20 R8 =0000000000000001 R9 =ffffed100d4c6f85 R10=ffff88806a637c2b R11=0000000000000000 R12=0000000000000000 R13=ffffffff8de97740 R14=ffffffff90626f10 R15=0000000000000000 RIP=ffffffff8b57e84f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000560a42fc17d8 CR3=000000000df80000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000c DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000e0fefffe Opmask01=0000000002000000 Opmask02=000000000000001f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0302000100008881 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff0f 0e0d0c0b0a090807 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0302000100008881 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 828183883a3d007e 7d7c605d5c5b3f3e 3d3c3b3a2d2a2928 2726242221200a09 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000560a42fb3 0000000000000091 0000000000000000 000000000000005b ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8540af35 RDI=ffffffff9ab867c0 RBP=ffffffff9ab86780 RSP=ffffc900065b7510 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3333323038387257 R12=0000000000000000 R13=0000000000000074 R14=ffffffff9ab86780 R15=0000000000000000 RIP=ffffffff8540af5f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055557ea7f500 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005651fe480000 CR3=0000000032d60000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0c0c0c0 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd361dbaa0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd361dba56 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd361dba56 00007ffd361dba5c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce72c0f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce72c0f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce72c0f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce72c0f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce72c0f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce72c0f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2029706d742d7a79 73287269646b6d00 706d742d7a79732f 2e00303030303031 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 050c554851085f5c 560d574c414e4800 554851085f5c560a 0b00151515151514 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000001acd55 RBX=0000000000000002 RCX=ffffffff8b57d469 RDX=0000000000000000 RSI=ffffffff8b6cfc80 RDI=ffffffff8bd36a20 RBP=ffffed1003b5a488 RSP=ffffc900001a7e08 R8 =0000000000000001 R9 =ffffed100d506f85 R10=ffff88806a837c2b R11=0000000000000000 R12=0000000000000002 R13=ffff88801dad2440 R14=ffffffff90626f10 R15=0000000000000000 RIP=ffffffff8b57e84f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fea2e810218 CR3=000000004e418000 CR4=00352ef0 DR0=0000000000000007 DR1=000000000000000b DR2=0000000000000002 DR3=0000000000000009 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000004080 Opmask01=0000000000000000 Opmask02=00000000ffbfef77 Opmask03=0000000000000000 Opmask04=00000000fffffffb Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd054b7ec0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656565656565 6565656565656565 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 00000000ff000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff0000000000ff ff00000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6464646464646445 6464646464646464 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 64641bb0fe1b7f64 642c302534322120 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656e696c5f706c63 73002a5d392d305b 79747400786d7470 0079747400646461 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 54003d534b4e494c 564544003d4d4554 535953425553003d 4854415056454400 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 540018534b4e494c 56454400184d4554 5359534255530018 4854415056454400 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000302d7872 2f7365756575712f 376874652f74656e 2f326d6973766564 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7261742f78756e69 6c65732f6374652f 0000000000000041 0000000036356c6c ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005578b6c52cb0 00005578b6c3c9b0 00005578b6c53310 00005578b6c3fc50 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 79263e2639263826 3b263a66676b7826 3849263b49263a49 264c48264f48264e ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4954444900494d 4449004743454857 5355504e494e4449 0049004448414442 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 004954444900494d 44000000432f482f 5355504e494e4449 0049004400412f42 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 info registers vcpu 3 CPU#3 RAX=0000000000172a7f RBX=0000000000000003 RCX=ffffffff8b57d469 RDX=0000000000000000 RSI=ffffffff8b6cfc80 RDI=ffffffff8bd36a20 RBP=ffffed1003b5a910 RSP=ffffc900001b7e08 R8 =0000000000000001 R9 =ffffed100d526f85 R10=ffff88806a937c2b R11=0000000000000000 R12=0000000000000003 R13=ffff88801dad4880 R14=ffffffff90626f10 R15=0000000000000000 RIP=ffffffff8b57e84f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fea2cdf6d00 CR3=00000000288d4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00306e616c767069 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8121c0f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8121c0f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8121c0f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8121c0f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8121c0f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8121c0f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8121d7c488 00007f8121d7c480 00007f8121d7c478 00007f8121d7c450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f81228dd100 00007f8121d7c440 00007f8121d70004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8121d7c498 00007f8121d7c490 00007f8121d7c488 00007f8121d7c480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000