last executing test programs: 8.582428032s ago: executing program 0 (id=106): ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x5) ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f00000001c0)={0x2, {0x2, 0x4, 0x40}}) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x40000000000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) r3 = socket(0x0, 0x2, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0xfffffffffffffd75) r5 = accept$alg(r4, 0x0, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000540)=@security={'security\x00', 0x4, 0x4, 0x4c0, 0xffffffff, 0x0, 0x0, 0x2b0, 0xffffffff, 0xffffffff, 0x3f0, 0x3f0, 0x3f0, 0xffffffff, 0x7fffffe, 0x0, {[{{@ipv6={@dev, @ipv4={'\x00', '\xff\xff', @multicast1}, [], [], 'bridge_slave_1\x00', 'geneve0\x00'}, 0x0, 0x1b0, 0x1d8, 0x0, {}, [@common=@dst={{0x48}}, @common=@unspec=@string={{0xc0}, {0xfffd, 0x0, 'kmp\x00', "a38455d67b0633c77377af818fbba939943755c0a07fac1300dd851e136c187e0ede7cd67fae8be8fa37e218176b320409724e92a42eca15a1f7477233a7974ff18e78958d575575ff706059fdde3db296fa871031b79105baeb7bc1912ef125b3cf84bec049d5d6f06c34f2e0e5a5a93f5b1e41e35a29b82424c2ac80f36689"}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@ipv6={@private1, @mcast1, [], [], 'geneve1\x00', 'macvlan0\x00'}, 0x0, 0x118, 0x140, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'syz0\x00'}}, @common=@ipv6header={{0x28}}]}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520) r7 = dup(r5) r8 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0) ftruncate(r8, 0x200004) r9 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r9, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4) sendmsg$nl_route(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x24}}, 0x0) sendfile(r7, r8, 0x0, 0x80001d00c0d1) r10 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSPTLCK(r10, 0x5423, &(0x7f0000000040)=0x1) ioctl$TCGETS(r10, 0x5401, &(0x7f00000000c0)) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x402, 0x0, 0x2}, 0x0, 0x0) 6.617078676s ago: executing program 2 (id=110): fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, &(0x7f00000001c0)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = io_uring_setup(0x48ae, &(0x7f00000000c0)={0x0, 0x0, 0x1}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) getpid() sched_setaffinity(0x0, 0x0, 0x0) ioctl$IOMMU_VFIO_IOAS$SET(0xffffffffffffffff, 0x3b88, &(0x7f00000002c0)={0xc}) ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f00000000c0)={0x28, 0x0, 0x0, 0x0, &(0x7f0000ff2000/0x1000)=nil, 0x1000}) ioctl$IOMMU_VFIO_SET_IOMMU(0xffffffffffffffff, 0x3b66, 0x3) ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(0xffffffffffffffff, 0x3b72, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0xf, &(0x7f0000000540)={0x1000, 0x0, 0x0, 0x0}, 0x20) 6.041979231s ago: executing program 0 (id=111): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x8607}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)={0x1c, 0x16, 0x0, 0x0, 0x0, {}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="c9"]}]}, 0x1c}}, 0x0) 5.989303249s ago: executing program 3 (id=112): r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000002000a20000000000a03000000000000000000010000000900010073797a000000000000010000000900030073797a30000000000900010073797a3000000000140000001000010000000000000000000000000a0000000000000000000000000000004e186949cd07c378be63ee07f286287d586187597f086a82f369922fafd1ebb576af579567aa9f78ecd25101"], 0x74}, 0x1, 0x0, 0x0, 0x40840}, 0x4000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) sched_setscheduler(0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) preadv(r0, &(0x7f0000000140)=[{&(0x7f00000008c0)=""/102386, 0xfffffd6e}], 0x8a, 0x4, 0x2) socket$alg(0x26, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x0, 0x1000, 0x3a}, 0x1c) setsockopt$packet_int(r2, 0x107, 0x13, &(0x7f0000000880), 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080), 0x0) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000180)) ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x30, r5, 0x1, 0x70bd2c, 0x0, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}]}, 0x30}}, 0x40) sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) close_range(0xffffffffffffffff, r2, 0x0) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000006480)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000034c0)=""/4095, 0xfff}, {&(0x7f0000006280)=""/108, 0x6c}, {&(0x7f00000008c0)=""/200, 0xc8}, {&(0x7f00000024c0)=""/4096, 0x1000}, {&(0x7f0000000a00)=""/97, 0x61}, {&(0x7f0000000b80)=""/80, 0x50}, {&(0x7f0000000180)=""/49, 0x31}], 0x7}, 0x0) 5.866231852s ago: executing program 0 (id=113): unshare(0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r1 = semget$private(0x0, 0x6, 0x0) semtimedop(r1, &(0x7f0000000080)=[{}], 0x1, 0x0) semctl$IPC_RMID(0x0, 0x0, 0x0) io_submit(0x0, 0x1, &(0x7f0000000180)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}]) socket$inet(0x2, 0x0, 0x1) r2 = socket$inet(0x2, 0x2, 0x0) bind$inet(r2, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00') preadv(r3, &(0x7f0000000080)=[{&(0x7f00000001c0)=""/133, 0x85}], 0x1, 0x0, 0x0) 5.832162674s ago: executing program 1 (id=114): mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket(0x840000000002, 0x3, 0x100) connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x264e33, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r5) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x38, r6, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x14, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8}]}, 0x38}}, 0x0) truncate(0x0, 0x0) r7 = socket$pppl2tp(0x18, 0x1, 0x1) r8 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r7, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r8, {0x2, 0x0, @multicast2}}}, 0x2e) r9 = socket$pppl2tp(0x18, 0x1, 0x1) setsockopt$inet6_dccp_int(r4, 0x21, 0x6, &(0x7f0000000180)=0x7, 0x4) connect$pppl2tp(r9, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x2, 0x2}}, 0x26) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r9, 0x111, 0x4, 0x20000000, 0x4) r10 = socket$inet(0x2, 0x801, 0x0) listen(r10, 0x10) pipe2(&(0x7f0000000080), 0x0) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x880, 0x0) 4.544900419s ago: executing program 1 (id=115): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000140)={0xc}) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) userfaultfd(0x801) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000200)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x34, r2, 0xb97534d5fe9704cf, 0x0, 0x0, {{0x12}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_STA_WME={0xc, 0x81, [@NL80211_STA_WME_MAX_SP={0x5}]}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x34}}, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan1\x00'}) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000001280)="b7f2288a911993f08d3aaea2bc0000de", 0x10) r6 = accept$alg(r5, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf64(r6, &(0x7f0000000000)=ANY=[], 0x100000530) recvmmsg(r6, &(0x7f00000005c0)=[{{0x0, 0xf07, &(0x7f0000000500)=[{&(0x7f0000001800)=""/4096, 0xf800}], 0x1, 0x0, 0xf, 0x7000000}}], 0x1, 0x0, 0x0) syz_emit_vhci(&(0x7f0000001d00)=ANY=[@ANYBLOB="040e04003920"], 0x7) r7 = socket$kcm(0xa, 0x3, 0x73) sendmsg$inet(r7, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x10, 0x0, 0x0, &(0x7f0000001300)=ANY=[], 0x6b}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b400000000000000631121000000000085100000020000000600"/48], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f0000000340)=""/195}, 0x90) 4.481071806s ago: executing program 3 (id=116): ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r1, &(0x7f0000004200)={0x2020}, 0x2020) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) socket$netlink(0x10, 0x3, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000300)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0xc000}}) r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) move_mount(r3, &(0x7f0000000000)='./file0/file0/file0/file0/file0\x00', 0xffffffffffffffff, 0x0, 0x0) write$FUSE_INIT(r1, &(0x7f0000000080)={0x50, 0xfffffffffffffffe, r4, {0x7, 0x28, 0x0, 0x0, 0x6}}, 0x50) 4.409230901s ago: executing program 2 (id=117): socket(0x10, 0x3, 0x0) r0 = socket(0x1e, 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r1 = socket(0x1, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f670600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1b172191d359645fae2d074ea5724ab77ea04fe507938b1213cdd4a92860e59808689382734d24b3123dd40c6d612c8a19948cd257748b1e7324adddbe61d51013f7d6b313c6df7b7b29678d70fc94dcc3e99e2472e78968ed94e7a54988656e8fff6b1d9b9993c71edd5cc10a2bea8d94d751b77fa7c48c712af35a9ffe670e8fa451942f48741119496bc30137e1202aed6bb5cd5c2d0256d049e4a335e2ea5545e5624be2391c37c0a2ae3bbb5b58778b85424bcdb84358359b2cb2782fc0e82f17b12d641ce6a72ab0ac794f878140897703bebe4420115d26675f27598841965fa91088252"], &(0x7f0000003ff6)='GPL\x00', 0x0, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r2, 0x26}, 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r1}, 0x20) bind$unix(r1, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000001680)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0) recvmmsg(r1, &(0x7f0000000d40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000500)=""/65, 0x41}], 0x1}}], 0x2, 0x0, 0x0) socket(0x1, 0x2, 0x0) setsockopt$TIPC_IMPORTANCE(r0, 0x10f, 0x7f, &(0x7f00000002c0)=0x3ff, 0x4) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000340)) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000004c0)={'syztnl2\x00', &(0x7f0000000440)={'ip6tnl0\x00', 0x0, 0x4, 0x7, 0x7, 0x0, 0x34, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @empty, 0x0, 0x80, 0x100, 0x5}}) 4.396136494s ago: executing program 4 (id=118): socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff85000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) r3 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280), 0x80400, 0x0) mmap(&(0x7f00008f3000/0x12000)=nil, 0x12000, 0x1000001, 0x810, r3, 0x97b3e000) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$int_in(r5, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000080)) close_range(r4, r5, 0x0) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r6, 0x84, 0xb, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x84, 0xe6, 0x0, 0x0, 0xc8, 0x0, 0x0, 0x4, 0x93}, 0xe) sendto$inet6(r6, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c) shutdown(r6, 0x1) 4.07426747s ago: executing program 0 (id=119): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000140)={0xc}) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) userfaultfd(0x801) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000200)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x34, r1, 0xb97534d5fe9704cf, 0x0, 0x0, {{0x12}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_STA_WME={0xc, 0x81, [@NL80211_STA_WME_MAX_SP={0x5}]}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x34}}, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan1\x00'}) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000001280)="b7f2288a911993f08d3aaea2bc0000de", 0x10) r5 = accept$alg(r4, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf64(r5, &(0x7f0000000000)=ANY=[], 0x100000530) recvmmsg(r5, &(0x7f00000005c0)=[{{0x0, 0xf07, &(0x7f0000000500)=[{&(0x7f0000001800)=""/4096, 0xf800}], 0x1, 0x0, 0xf, 0x7000000}}], 0x1, 0x0, 0x0) syz_emit_vhci(&(0x7f0000001d00)=ANY=[@ANYBLOB="040e04003920"], 0x7) r6 = socket$kcm(0xa, 0x3, 0x73) sendmsg$inet(r6, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x10, 0x0, 0x0, &(0x7f0000001300)=ANY=[], 0x6b}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b400000000000000631121000000000085100000020000000600"/48], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f0000000340)=""/195}, 0x90) 3.93031903s ago: executing program 2 (id=120): unshare(0x22020400) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="580000001000010400000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="000000000000000024001280090001007866726d0000000014000280080002000000e3b608000100"], 0x58}}, 0x0) r2 = semget$private(0x0, 0x6, 0x0) semtimedop(r2, &(0x7f00000001c0)=[{0x3, 0x74, 0x1800}], 0x1, 0x0) getrandom(&(0x7f0000000600)=""/274, 0xffffff4f, 0x0) r3 = socket$inet(0x2, 0x2, 0x0) bind$inet(r3, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00') 3.524769746s ago: executing program 1 (id=121): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) ioctl$sock_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000000140)) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ptrace$peeksig(0x4209, r0, &(0x7f00000003c0)={0x1, 0x0, 0x3}, &(0x7f0000019840)=[{}, {}, {}]) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000500)=ANY=[@ANYBLOB="88000000", @ANYRES16=r5, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="6b00330080000000ffffffffffff080211"], 0x88}}, 0x0) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)={0x90, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x72, 0x33, @beacon={{{}, {}, @broadcast}, 0x0, @default, 0x0, @val, @void, @void, @val={0x4, 0x6}, @val={0x6, 0x2}, @val={0x5, 0x7, {0xb7, 0xfa, 0x4, "9508af87"}}, @void, @void, @val={0x3c, 0x4}, @val={0x2d, 0x1a}, @void, @val={0x71, 0x7}, @val={0x76, 0x6, {0x0, 0x0, 0x12}}}}]}, 0x90}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) sched_setscheduler(r0, 0x0, &(0x7f0000000200)=0x800004) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r7, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0xfffffd6e}, {&(0x7f0000019740)=""/242}], 0x2, 0x0, 0x0) mmap(&(0x7f0000941000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000180), r7) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00'}) sendmsg$BATADV_CMD_GET_GATEWAYS(r4, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000440)={&(0x7f00000199c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES8=0x0, @ANYBLOB="000326bd7000fedbdf250a0000000a0009000180c20000030000050029000000000008002b001f02000008000300", @ANYRES32, @ANYBLOB="1c003400000808000938eedd0a38476d93eebd566adb000600", @ANYBLOB="1fa20136f3698327f631ca1cbe1b74b5b1dcd31aeeece5d5fe7388e02dd710eb07ba92b048d6cc53ca638f615fb2f7d608d14508a5dc1ba861917be5a98db28c81f56539fc696d70610baccb55e753a9b4e419385a8f29c762891c9bb147dd410cef8ee8c268b83340c9f19b37ca50141f6cc7206bb5c415fe607640a6d73fa233aab614b20815b9047f5384e49e793d9643204e7a45206e044712b6952e559d154416972656da85a1df58a5c2fce729e42e0f2d46078eaece3443236cb6fbd87c1852e210808cdb2d310aa28fa335dc18", @ANYBLOB="0800340005000000050033000000000008002b0004130000"], 0x60}, 0x1, 0x0, 0x0, 0x4080}, 0x90) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) 3.447142413s ago: executing program 3 (id=122): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x20, 0x9, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x48}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x32, 0x4, 0x0, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x0, [0x401, 0x5, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x0, [{@dev}, {@multicast2}, {@private=0xa010101}, {@broadcast}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r1, 0x0) r2 = dup(r0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 3.364597695s ago: executing program 4 (id=123): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x8607}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)={0x1c, 0x16, 0x0, 0x0, 0x0, {}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="c9"]}]}, 0x1c}}, 0x0) 2.822883321s ago: executing program 4 (id=124): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0) r4 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0x4008af12, &(0x7f0000000200)={0x1, 0x101}) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000940)={0x1, 0x0, [{0x0, 0xc3, &(0x7f0000000540)=""/195}]}) ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4) ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4}) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000680)={0x1, 0x1, &(0x7f0000000380)=""/233, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x20000) 2.610930526s ago: executing program 0 (id=125): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x50}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x27, 0x4, 0x0, 0x0, 0x9c, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x0, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r3, 0x0) r4 = dup(r2) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r5, 0xae9a) ioctl$KVM_RUN(r5, 0xae80, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r0}, 0x38) 2.609848902s ago: executing program 2 (id=126): r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000002000a20000000000a03000000000000000000010000000900010073797a000000000000010000000900030073797a30000000000900010073797a3000000000140000001000010000000000000000000000000a0000000000000000000000000000004e186949cd07c378be63ee07f286287d586187597f086a82f369922fafd1ebb576af579567aa9f78ecd25101"], 0x74}, 0x1, 0x0, 0x0, 0x40840}, 0x4000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) sched_setscheduler(0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) preadv(r0, &(0x7f0000000140)=[{&(0x7f00000008c0)=""/102386, 0xfffffd6e}], 0x8a, 0x4, 0x2) socket$alg(0x26, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x0, 0x1000, 0x3a}, 0x1c) setsockopt$packet_int(r2, 0x107, 0x13, &(0x7f0000000880), 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080), 0x0) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000180)) ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x30, r5, 0x1, 0x70bd2c, 0x0, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}]}, 0x30}}, 0x40) sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) close_range(0xffffffffffffffff, r2, 0x0) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000006480)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000034c0)=""/4095, 0xfff}, {&(0x7f0000006280)=""/108, 0x6c}, {&(0x7f00000008c0)=""/200, 0xc8}, {&(0x7f00000024c0)=""/4096, 0x1000}, {&(0x7f0000000a00)=""/97, 0x61}, {&(0x7f0000000b80)=""/80, 0x50}, {&(0x7f0000000180)=""/49, 0x31}], 0x7}, 0x0) 2.06871815s ago: executing program 3 (id=127): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) madvise(&(0x7f0000bdc000/0x13000)=nil, 0x13000, 0x16) r2 = syz_clone(0x0, 0x0, 0x0, &(0x7f0000000080), 0x0, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x22, &(0x7f00000018c0), 0x4) r3 = socket$inet(0x2, 0x6, 0x0) prlimit64(r2, 0x0, &(0x7f0000000200)={0x1}, &(0x7f0000000240)) setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) r4 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) close(r4) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r5, &(0x7f00000004c0)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x44}}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x19, &(0x7f0000000380)=0x3, 0x4) sendto(0xffffffffffffffff, &(0x7f0000000180)='%', 0x300000, 0x840, 0x0, 0x60) mount$9p_fd(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f00000003c0), 0xb68e2a9771539e86, &(0x7f0000000100)=ANY=[]) connect$inet(r3, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10) syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x0) r6 = syz_open_dev$hidraw(&(0x7f0000000140), 0x0, 0x8a00) read$hidraw(r6, 0x0, 0x0) recvmsg(r1, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=""/96, 0x60}, 0x10000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r7 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, 0x0, 0x0) accept4(r7, 0x0, 0x0, 0xa3476183b88aab85) r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) write(r8, &(0x7f0000000080)="29000000140005b7ff000000040860eb01cb02fcb2e4e6589b3e0ed7283f14b912685e684c42b9eeb9", 0x29) 1.594839395s ago: executing program 4 (id=128): socket$netlink(0x10, 0x3, 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r0, &(0x7f0000000100)=""/172, 0xac) r1 = socket(0x10, 0x3, 0x0) sendto$inet6(r1, &(0x7f0000000180)="9000000018001f2fb9409b52ffff65580200be04020c060560020b0243000f00ffffff9e00c8388827a685a168d0bf47d323456536022e8dcaaf6c26c291214549935ade4a460c20b6ec0cff3959547f500f58ba86c902000f1d012e02000280160012000a000000000000000000000000080000000eceb6b362bb944cf2e70100aba4183b003e5fa424ac4d31c4f7a1", 0x90, 0x0, 0x0, 0xf) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000080)=0x8, 0x4) socket$nl_route(0x10, 0x3, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000140)=ANY=[@ANYBLOB], 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) fanotify_init(0x0, 0x0) socket$can_j1939(0x1d, 0x2, 0x7) creat(0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x64) arch_prctl$ARCH_SHSTK_LOCK(0x5003, 0x3) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00') lseek(r3, 0x9, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10) connect$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10) socket$alg(0x26, 0x5, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0) 1.41781364s ago: executing program 3 (id=129): unshare(0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r1 = semget$private(0x0, 0x6, 0x0) semtimedop(r1, &(0x7f0000000080)=[{}], 0x1, 0x0) semctl$IPC_RMID(0x0, 0x0, 0x0) io_submit(0x0, 0x1, &(0x7f0000000180)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}]) socket$inet(0x2, 0x0, 0x1) r2 = socket$inet(0x2, 0x2, 0x0) bind$inet(r2, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00') preadv(r3, &(0x7f0000000080)=[{&(0x7f00000001c0)=""/133, 0x85}], 0x1, 0x0, 0x0) 1.347978805s ago: executing program 1 (id=130): socket(0x10, 0x3, 0x0) r0 = socket(0x1e, 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r1 = socket(0x1, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f670600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1b172191d359645fae2d074ea5724ab77ea04fe507938b1213cdd4a92860e59808689382734d24b3123dd40c6d612c8a19948cd257748b1e7324adddbe61d51013f7d6b313c6df7b7b29678d70fc94dcc3e99e2472e78968ed94e7a54988656e8fff6b1d9b9993c71edd5cc10a2bea8d94d751b77fa7c48c712af35a9ffe670e8fa451942f48741119496bc30137e1202aed6bb5cd5c2d0256d049e4a335e2ea5545e5624be2391c37c0a2ae3bbb5b58778b85424bcdb84358359b2cb2782fc0e82f17b12d641ce6a72ab0ac794f878140897703bebe4420115d26675f27598841965fa91088252"], &(0x7f0000003ff6)='GPL\x00', 0x0, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r2, 0x26}, 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r1}, 0x20) bind$unix(r1, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000001680)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0) recvmmsg(r1, &(0x7f0000000d40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000500)=""/65, 0x41}], 0x1}}], 0x2, 0x0, 0x0) socket(0x1, 0x2, 0x0) setsockopt$TIPC_IMPORTANCE(r0, 0x10f, 0x7f, &(0x7f00000002c0)=0x3ff, 0x4) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000340)) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000004c0)={'syztnl2\x00', &(0x7f0000000440)={'ip6tnl0\x00', 0x0, 0x4, 0x7, 0x7, 0x0, 0x34, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @empty, 0x0, 0x80, 0x100, 0x5}}) 1.319631093s ago: executing program 2 (id=131): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) userfaultfd(0x801) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000200)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x34, r2, 0xb97534d5fe9704cf, 0x0, 0x0, {{0x12}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_STA_WME={0xc, 0x81, [@NL80211_STA_WME_MAX_SP={0x5}]}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x34}}, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan1\x00'}) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000001280)="b7f2288a911993f08d3aaea2bc0000de", 0x10) r6 = accept$alg(r5, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf64(r6, &(0x7f0000000000)=ANY=[], 0x100000530) recvmmsg(r6, &(0x7f00000005c0)=[{{0x0, 0xf07, &(0x7f0000000500)=[{&(0x7f0000001800)=""/4096, 0xf800}], 0x1, 0x0, 0xf, 0x7000000}}], 0x1, 0x0, 0x0) syz_emit_vhci(&(0x7f0000001d00)=ANY=[@ANYBLOB="040e04003920"], 0x7) r7 = socket$kcm(0xa, 0x3, 0x73) sendmsg$inet(r7, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x10, 0x0, 0x0, &(0x7f0000001300)=ANY=[], 0x6b}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b400000000000000631121000000000085100000020000000600"/48], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f0000000340)=""/195}, 0x90) 1.10467785s ago: executing program 1 (id=132): ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r1, &(0x7f0000004200)={0x2020}, 0x2020) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) socket$netlink(0x10, 0x3, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000300)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0xc000}}) r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) move_mount(r3, &(0x7f0000000000)='./file0/file0/file0/file0/file0\x00', 0xffffffffffffffff, 0x0, 0x0) write$FUSE_INIT(r1, &(0x7f0000000080)={0x50, 0xfffffffffffffffe, r4, {0x7, 0x28, 0x0, 0x0, 0x6}}, 0x50) 812.452021ms ago: executing program 0 (id=133): syz_usb_connect$hid(0x0, 0x0, 0x0, &(0x7f0000000400)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x0, 0xc4, 0x4}, 0x15, 0x0}) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x9, &(0x7f00000002c0)={&(0x7f0000001c40)=@newtaction={0xf0, 0x30, 0x1, 0x0, 0x0, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x6c, 0x2, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf0}}, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04"], 0x22) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) setuid(0x0) syz_usb_connect$printer(0x0, 0x36, &(0x7f00000001c0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x8, 0x0, 0x8, [{{0x9, 0x4, 0x0, 0x2, 0x1, 0x7, 0x1, 0x1, 0x6, "", {{{0x9, 0x5, 0x1, 0x2, 0x3ff, 0x6, 0xb9, 0xa1}}, [{{0x9, 0x5, 0x82, 0x2, 0x0, 0x9, 0xaa, 0xfe}}]}}}]}}]}}, &(0x7f0000000340)={0x0, 0x0, 0x3d, &(0x7f0000000240)={0x5, 0xf, 0x3d, 0x5, [@wireless={0xb, 0x10, 0x1, 0x8, 0xf9b2962951440abb, 0xf9, 0xc1, 0x200, 0x6d}, @wireless={0xb, 0x10, 0x1, 0x4, 0xc4, 0x1, 0x0, 0x8000, 0x9}, @ext_cap={0x7, 0x10, 0x2, 0x4, 0xc, 0xe, 0x463b}, @ext_cap={0x7, 0x10, 0x2, 0x4, 0x2, 0xe, 0x80}, @ss_container_id={0x14, 0x10, 0x4, 0x61, "58e794d1f978813f84954a480105d025"}]}, 0x2, [{0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x41b}}, {0x43, &(0x7f0000000440)=@string={0x43, 0x3, "9c16c783d2e41627e49a3e3761e3d391f7c5076a68d077c588ea9e2394a808686231827ae5ba6a314c9dc404d0e5d49bdb19a03c62c24c98fea2dbc5a46e575574"}}]}) r1 = memfd_create(&(0x7f0000000380)='/dloop#\x00', 0x6) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_emit_vhci(&(0x7f0000000540)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc9, 0xe5}}}, 0x7) sendmsg$IPSET_CMD_FLUSH(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, 0x4, 0x6, 0x5, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x4000) ioperm(0x0, 0xf1, 0x7) setsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r3, &(0x7f0000000340)="23000000010011", 0x7) semop(0x0, 0x0, 0x0) lseek(r1, 0x0, 0x2) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000640)={{{@in6=@private1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x32}, 0x0, @in, 0x0, 0x1}}, 0xe8) r5 = semget$private(0x0, 0x2, 0x616) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) semtimedop(r5, &(0x7f00000003c0)=[{0x3, 0x7fff, 0x800}], 0x1, &(0x7f0000000500)={r6, r7+10000000}) openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @dev}, 0x1c) 522.681666ms ago: executing program 4 (id=134): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x8607}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)={0x1c, 0x16, 0x0, 0x0, 0x0, {}, [@nested={0x5, 0x0, 0x0, 0x1, [@generic="c9"]}]}, 0x1c}}, 0x0) 332.441891ms ago: executing program 3 (id=135): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x50}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x2, 0xd8, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x0, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r3, 0x0) r4 = dup(0xffffffffffffffff) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r5, 0xae9a) ioctl$KVM_RUN(r5, 0xae80, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r0}, 0x38) 242.949702ms ago: executing program 2 (id=136): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="580000001000010400000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="000000000000000024001280090001007866726d0000000014000280080002000000e3b608000100"], 0x58}}, 0x0) r2 = semget$private(0x0, 0x6, 0x0) semtimedop(r2, &(0x7f00000001c0)=[{0x3, 0x74, 0x1800}], 0x1, 0x0) getrandom(&(0x7f0000000600)=""/274, 0xffffff4f, 0x0) r3 = socket$inet(0x2, 0x2, 0x0) bind$inet(r3, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00') 242.416075ms ago: executing program 4 (id=137): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x20, 0x9, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x48}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x2f, 0x4, 0x0, 0x0, 0xbc, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x0, [0x401, 0x5, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x3c, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}]}, @timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x0, [{@dev}, {@multicast2}, {@private=0xa010101}, {@broadcast}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xb, 0xdc, [@private=0xa010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) 0s ago: executing program 1 (id=138): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0) r4 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0x4008af12, &(0x7f0000000200)={0x1, 0x101}) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000940)={0x1, 0x0, [{0x0, 0xc3, &(0x7f0000000540)=""/195}]}) ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4) ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4}) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000680)={0x1, 0x1, &(0x7f0000000380)=""/233, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x20000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.16' (ED25519) to the list of known hosts. [ 68.139208][ T29] audit: type=1400 audit(1720929679.324:87): avc: denied { mounton } for pid=5073 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 68.149256][ T5073] cgroup: Unknown subsys name 'net' [ 68.167563][ T29] audit: type=1400 audit(1720929679.334:88): avc: denied { mount } for pid=5073 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 68.190061][ T29] audit: type=1400 audit(1720929679.364:89): avc: denied { unmount } for pid=5073 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 68.350885][ T5073] cgroup: Unknown subsys name 'rlimit' [ 68.568535][ T29] audit: type=1400 audit(1720929679.754:90): avc: denied { setattr } for pid=5073 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=733 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 68.593780][ T29] audit: type=1400 audit(1720929679.754:91): avc: denied { create } for pid=5073 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 68.632012][ T29] audit: type=1400 audit(1720929679.754:92): avc: denied { write } for pid=5073 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 68.657568][ T29] audit: type=1400 audit(1720929679.754:93): avc: denied { read } for pid=5073 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 68.678691][ T29] audit: type=1400 audit(1720929679.784:94): avc: denied { mounton } for pid=5073 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 68.703700][ T29] audit: type=1400 audit(1720929679.784:95): avc: denied { mount } for pid=5073 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 68.718636][ T5074] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 68.728318][ T29] audit: type=1400 audit(1720929679.804:96): avc: denied { read } for pid=4749 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 70.109071][ T5073] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 72.123693][ T1241] ieee802154 phy0 wpan0: encryption failed: -22 [ 72.130473][ T1241] ieee802154 phy1 wpan1: encryption failed: -22 [ 73.575689][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 73.575708][ T29] audit: type=1400 audit(1720929684.764:103): avc: denied { mounton } for pid=5082 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 73.620811][ T29] audit: type=1400 audit(1720929684.794:104): avc: denied { mount } for pid=5082 comm="syz-executor" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 73.672705][ T29] audit: type=1400 audit(1720929684.794:105): avc: denied { create } for pid=5082 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 73.693915][ T29] audit: type=1400 audit(1720929684.804:106): avc: denied { read write } for pid=5082 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1077 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 73.719351][ T29] audit: type=1400 audit(1720929684.804:107): avc: denied { open } for pid=5082 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1077 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 73.743691][ T29] audit: type=1400 audit(1720929684.844:108): avc: denied { ioctl } for pid=5084 comm="syz-executor" path="socket:[3535]" dev="sockfs" ino=3535 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 73.755216][ T5099] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 73.777983][ T5099] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 73.778299][ T5100] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 73.787125][ T5099] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 73.801644][ T5099] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 73.805043][ T5100] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 73.810232][ T5099] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 73.817650][ T5100] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 73.825690][ T5099] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 73.831002][ T5100] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 73.844811][ T5100] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 73.850273][ T5102] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 73.852617][ T5100] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 73.861893][ T5099] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 73.866980][ T5100] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 73.875905][ T5102] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 73.884380][ T5099] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 73.888083][ T5102] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 73.896446][ T5099] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 73.902088][ T5102] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 73.909605][ T5099] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 73.915715][ T5102] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 73.929819][ T5101] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 73.930117][ T5102] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 73.944656][ T5099] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 73.953641][ T5103] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 73.960874][ T29] audit: type=1400 audit(1720929685.134:109): avc: denied { read } for pid=5087 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 73.975984][ T5099] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 73.982445][ T5102] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 73.999082][ T5099] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 74.017804][ T5099] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 74.079643][ T29] audit: type=1400 audit(1720929685.154:110): avc: denied { open } for pid=5085 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 74.106163][ T29] audit: type=1400 audit(1720929685.154:111): avc: denied { mounton } for pid=5085 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 74.550439][ T29] audit: type=1400 audit(1720929685.734:112): avc: denied { module_request } for pid=5085 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 74.780794][ T5085] chnl_net:caif_netlink_parms(): no params data found [ 74.846934][ T5084] chnl_net:caif_netlink_parms(): no params data found [ 74.884856][ T5083] chnl_net:caif_netlink_parms(): no params data found [ 74.960986][ T5087] chnl_net:caif_netlink_parms(): no params data found [ 75.055965][ T5082] chnl_net:caif_netlink_parms(): no params data found [ 75.082836][ T5085] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.090315][ T5085] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.098107][ T5085] bridge_slave_0: entered allmulticast mode [ 75.106028][ T5085] bridge_slave_0: entered promiscuous mode [ 75.152249][ T5085] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.161105][ T5085] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.168303][ T5085] bridge_slave_1: entered allmulticast mode [ 75.176745][ T5085] bridge_slave_1: entered promiscuous mode [ 75.297640][ T5084] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.305944][ T5084] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.313838][ T5084] bridge_slave_0: entered allmulticast mode [ 75.321101][ T5084] bridge_slave_0: entered promiscuous mode [ 75.348635][ T5083] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.356238][ T5083] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.363889][ T5083] bridge_slave_0: entered allmulticast mode [ 75.371516][ T5083] bridge_slave_0: entered promiscuous mode [ 75.387444][ T5084] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.394733][ T5084] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.402573][ T5084] bridge_slave_1: entered allmulticast mode [ 75.410591][ T5084] bridge_slave_1: entered promiscuous mode [ 75.446342][ T5085] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.461452][ T5085] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.471210][ T5083] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.478298][ T5083] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.485792][ T5083] bridge_slave_1: entered allmulticast mode [ 75.493305][ T5083] bridge_slave_1: entered promiscuous mode [ 75.586915][ T5084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.596336][ T5082] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.603968][ T5082] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.611940][ T5082] bridge_slave_0: entered allmulticast mode [ 75.618983][ T5082] bridge_slave_0: entered promiscuous mode [ 75.677569][ T5084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.689639][ T5082] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.696820][ T5082] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.707166][ T5082] bridge_slave_1: entered allmulticast mode [ 75.715019][ T5082] bridge_slave_1: entered promiscuous mode [ 75.742802][ T5085] team0: Port device team_slave_0 added [ 75.753753][ T5085] team0: Port device team_slave_1 added [ 75.763594][ T5083] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.777550][ T5083] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.786978][ T5087] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.794847][ T5087] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.802215][ T5087] bridge_slave_0: entered allmulticast mode [ 75.809590][ T5087] bridge_slave_0: entered promiscuous mode [ 75.847741][ T5082] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.895681][ T5087] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.903640][ T5087] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.911049][ T5087] bridge_slave_1: entered allmulticast mode [ 75.918064][ T5087] bridge_slave_1: entered promiscuous mode [ 75.943877][ T5082] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.960471][ T53] Bluetooth: hci4: command tx timeout [ 75.998955][ T5083] team0: Port device team_slave_0 added [ 76.023234][ T5084] team0: Port device team_slave_0 added [ 76.033892][ T5084] team0: Port device team_slave_1 added [ 76.039732][ T53] Bluetooth: hci0: command tx timeout [ 76.040054][ T53] Bluetooth: hci2: command tx timeout [ 76.040223][ T53] Bluetooth: hci3: command tx timeout [ 76.077553][ T5085] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 76.084747][ T5085] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.110854][ T5085] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.121514][ T53] Bluetooth: hci1: command tx timeout [ 76.131122][ T5083] team0: Port device team_slave_1 added [ 76.137966][ T5085] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.145876][ T5085] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.172497][ T5085] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.213757][ T5082] team0: Port device team_slave_0 added [ 76.224250][ T5082] team0: Port device team_slave_1 added [ 76.270100][ T5087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 76.330607][ T5082] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 76.337591][ T5082] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.364476][ T5082] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.376803][ T5083] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 76.384387][ T5083] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.410607][ T5083] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.424065][ T5083] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.431135][ T5083] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.457198][ T5083] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.472718][ T5087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 76.482729][ T5084] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 76.490346][ T5084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.517759][ T5084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.531148][ T5084] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.538128][ T5084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.564691][ T5084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.576556][ T5082] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.584263][ T5082] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.610410][ T5082] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.765897][ T5087] team0: Port device team_slave_0 added [ 76.776346][ T5087] team0: Port device team_slave_1 added [ 76.787377][ T5085] hsr_slave_0: entered promiscuous mode [ 76.795741][ T5085] hsr_slave_1: entered promiscuous mode [ 76.821035][ T5084] hsr_slave_0: entered promiscuous mode [ 76.827721][ T5084] hsr_slave_1: entered promiscuous mode [ 76.834479][ T5084] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 76.842895][ T5084] Cannot create hsr debugfs directory [ 76.867560][ T5083] hsr_slave_0: entered promiscuous mode [ 76.874230][ T5083] hsr_slave_1: entered promiscuous mode [ 76.880861][ T5083] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 76.888441][ T5083] Cannot create hsr debugfs directory [ 76.947399][ T5082] hsr_slave_0: entered promiscuous mode [ 76.955099][ T5082] hsr_slave_1: entered promiscuous mode [ 76.961882][ T5082] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 76.969704][ T5082] Cannot create hsr debugfs directory [ 77.009248][ T5087] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.016228][ T5087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.042542][ T5087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 77.089525][ T5087] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 77.096500][ T5087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.122980][ T5087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 77.351611][ T5087] hsr_slave_0: entered promiscuous mode [ 77.358577][ T5087] hsr_slave_1: entered promiscuous mode [ 77.365083][ T5087] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 77.372779][ T5087] Cannot create hsr debugfs directory [ 77.833425][ T5083] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 77.849943][ T5083] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 77.890957][ T5083] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 77.901808][ T5083] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 77.981176][ T5082] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 78.001084][ T5082] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 78.015542][ T5082] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 78.041809][ T53] Bluetooth: hci4: command tx timeout [ 78.048303][ T5082] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 78.120087][ T53] Bluetooth: hci2: command tx timeout [ 78.120155][ T5102] Bluetooth: hci0: command tx timeout [ 78.125753][ T53] Bluetooth: hci3: command tx timeout [ 78.164607][ T5084] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 78.197678][ T5084] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 78.209815][ T53] Bluetooth: hci1: command tx timeout [ 78.215391][ T5084] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 78.226593][ T5084] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 78.337471][ T5083] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.440634][ T5085] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 78.454620][ T5085] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 78.474949][ T5083] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.496667][ T5085] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 78.513172][ T5085] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 78.616200][ T5087] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 78.636185][ T5138] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.644215][ T5138] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.676979][ T5087] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 78.699007][ T5087] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 78.734076][ T5082] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.755874][ T5135] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.763226][ T5135] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.775938][ T5087] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 78.841228][ T5082] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.876922][ T5084] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.955316][ T5138] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.962666][ T5138] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.974409][ T5138] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.981662][ T5138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.010287][ T5083] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 79.021052][ T5083] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 79.130381][ T29] audit: type=1400 audit(1720929690.324:113): avc: denied { sys_module } for pid=5083 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 79.132059][ T5084] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.208214][ T5135] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.215511][ T5135] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.286989][ T5135] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.294317][ T5135] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.453597][ T5085] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.498572][ T5084] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 79.564667][ T5083] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.603272][ T5085] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.696569][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.703828][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.736044][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.743384][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.822470][ T5087] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.908762][ T5083] veth0_vlan: entered promiscuous mode [ 79.966892][ T5082] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.025604][ T5083] veth1_vlan: entered promiscuous mode [ 80.072040][ T5087] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.100964][ T5084] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.112610][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.119876][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.133539][ T53] Bluetooth: hci4: command tx timeout [ 80.179353][ T5143] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.186545][ T5143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.201086][ T53] Bluetooth: hci0: command tx timeout [ 80.206639][ T53] Bluetooth: hci2: command tx timeout [ 80.212054][ T5102] Bluetooth: hci3: command tx timeout [ 80.279425][ T53] Bluetooth: hci1: command tx timeout [ 80.375176][ T5083] veth0_macvtap: entered promiscuous mode [ 80.400990][ T5082] veth0_vlan: entered promiscuous mode [ 80.427951][ T5083] veth1_macvtap: entered promiscuous mode [ 80.487596][ T5082] veth1_vlan: entered promiscuous mode [ 80.512943][ T5085] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.558030][ T5083] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.608966][ T5083] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.675885][ T5083] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.698803][ T5083] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.708155][ T5083] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.717821][ T5083] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.810592][ T5085] veth0_vlan: entered promiscuous mode [ 80.893539][ T5082] veth0_macvtap: entered promiscuous mode [ 80.912284][ T5082] veth1_macvtap: entered promiscuous mode [ 80.932636][ T5085] veth1_vlan: entered promiscuous mode [ 80.997870][ T5084] veth0_vlan: entered promiscuous mode [ 81.044347][ T5087] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.058811][ T137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.066166][ T5084] veth1_vlan: entered promiscuous mode [ 81.081260][ T137] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.098152][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.111221][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.123597][ T5082] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.151855][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.164255][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.178436][ T5082] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.193598][ T5082] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.202571][ T5082] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.211356][ T5082] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.221525][ T5082] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.275007][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.305955][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.325277][ T29] audit: type=1400 audit(1720929692.514:114): avc: denied { mounton } for pid=5083 comm="syz-executor" path="/root/syzkaller.Zn2hzx/syz-tmp" dev="sda1" ino=1944 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 81.353902][ T29] audit: type=1400 audit(1720929692.514:115): avc: denied { mount } for pid=5083 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 81.388577][ T29] audit: type=1400 audit(1720929692.514:116): avc: denied { mounton } for pid=5083 comm="syz-executor" path="/root/syzkaller.Zn2hzx/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 81.418651][ T29] audit: type=1400 audit(1720929692.514:117): avc: denied { mount } for pid=5083 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 81.435340][ T5085] veth0_macvtap: entered promiscuous mode [ 81.462069][ T29] audit: type=1400 audit(1720929692.514:118): avc: denied { unmount } for pid=5083 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 81.501921][ T5085] veth1_macvtap: entered promiscuous mode [ 81.510277][ T29] audit: type=1400 audit(1720929692.554:119): avc: denied { mounton } for pid=5083 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=2323 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 81.579826][ T29] audit: type=1400 audit(1720929692.554:120): avc: denied { mount } for pid=5083 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 81.634893][ T29] audit: type=1400 audit(1720929692.794:121): avc: denied { read write } for pid=5083 comm="syz-executor" name="loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 81.692499][ T29] audit: type=1400 audit(1720929692.794:122): avc: denied { open } for pid=5083 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 81.745398][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.758290][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.770600][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.793888][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.815429][ T5085] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.834257][ T5087] veth0_vlan: entered promiscuous mode [ 81.871130][ T5084] veth0_macvtap: entered promiscuous mode [ 81.918408][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.941997][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.964332][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.972941][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.983721][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.994547][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.008662][ T5085] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.022503][ T5087] veth1_vlan: entered promiscuous mode [ 82.033061][ T5084] veth1_macvtap: entered promiscuous mode [ 82.326401][ T5174] hub 9-0:1.0: USB hub found [ 82.336170][ T5174] hub 9-0:1.0: 8 ports detected [ 82.659888][ T53] Bluetooth: hci4: command tx timeout [ 82.665441][ T53] Bluetooth: hci2: command tx timeout [ 82.671461][ T53] Bluetooth: hci3: command tx timeout [ 82.676893][ T53] Bluetooth: hci0: command tx timeout [ 82.682896][ T53] Bluetooth: hci1: command tx timeout [ 82.726130][ T5085] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.769348][ T5085] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.789202][ T5085] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.806695][ T5085] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.967535][ T3757] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.983823][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.996895][ T3757] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.997276][ T5177] netlink: 44 bytes leftover after parsing attributes in process `syz.0.6'. [ 83.010166][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.026982][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.037690][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.047581][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.067775][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.086891][ T5084] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.157454][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.190621][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.216258][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.227964][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.257477][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.269199][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.308286][ T5084] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.386207][ T5084] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.408046][ T5084] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.418029][ T5084] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.430502][ T5084] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.666017][ T5087] veth0_macvtap: entered promiscuous mode [ 83.715294][ T137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.734475][ T5087] veth1_macvtap: entered promiscuous mode [ 83.755428][ T137] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.896985][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.935787][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.958027][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.980079][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.993628][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.004302][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.019843][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.032889][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.068835][ T5087] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.097013][ T4211] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.117412][ T4211] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.160239][ T5183] 9pnet_fd: Insufficient options for proto=fd [ 84.176145][ T29] kauditd_printk_skb: 16 callbacks suppressed [ 84.176164][ T29] audit: type=1400 audit(1720929695.364:139): avc: denied { ioctl } for pid=5180 comm="syz.3.4" path="socket:[5693]" dev="sockfs" ino=5693 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 84.216462][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.233190][ T29] audit: type=1400 audit(1720929695.404:140): avc: denied { perfmon } for pid=5184 comm="syz.0.7" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 84.238812][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.261227][ T29] audit: type=1400 audit(1720929695.424:141): avc: denied { write } for pid=5180 comm="syz.3.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 84.285741][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.285775][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.285787][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.285801][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.285813][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.285828][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.301754][ T5087] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.503086][ T5087] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.521094][ T3757] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.584214][ T3757] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.599667][ T5087] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.644436][ T5087] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.699202][ T29] audit: type=1400 audit(1720929695.874:142): avc: denied { create } for pid=5184 comm="syz.0.7" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 84.719163][ T29] audit: type=1400 audit(1720929695.884:143): avc: denied { connect } for pid=5184 comm="syz.0.7" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 84.738824][ T29] audit: type=1400 audit(1720929695.884:144): avc: denied { write } for pid=5184 comm="syz.0.7" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 84.765988][ T5189] ebtables: ebtables: counters copy to user failed while replacing table [ 84.827012][ T5087] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.841298][ T29] audit: type=1400 audit(1720929696.034:145): avc: denied { unmount } for pid=5082 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 85.172683][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.190882][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.257342][ T29] audit: type=1400 audit(1720929696.444:146): avc: denied { mounton } for pid=5084 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=2323 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 85.335749][ T29] audit: type=1400 audit(1720929696.494:147): avc: denied { create } for pid=5193 comm="syz.3.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 85.385848][ T3757] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.415474][ T5194] fuse: Unknown parameter 'dont_measure' [ 85.429209][ T3757] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.448827][ T29] audit: type=1400 audit(1720929696.534:148): avc: denied { write } for pid=5188 comm="syz.2.3" name="icmp6" dev="proc" ino=4026532986 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 85.554146][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.622860][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.911435][ T5201] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 85.959950][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.959688][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 87.968088][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 88.030180][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 88.038990][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 88.049324][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 88.077745][ T785] cfg80211: failed to load regulatory.db [ 88.856199][ T5212] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5212 comm=syz.4.10 [ 88.992877][ T5218] kvm: emulating exchange as write [ 89.026794][ T5223] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5223 comm=syz.3.12 [ 89.413162][ T29] kauditd_printk_skb: 19 callbacks suppressed [ 89.413182][ T29] audit: type=1400 audit(1720929700.604:168): avc: denied { unmount } for pid=5084 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 89.715032][ T29] audit: type=1400 audit(1720929700.894:169): avc: denied { create } for pid=5228 comm="syz.4.13" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 89.828947][ T29] audit: type=1400 audit(1720929700.944:170): avc: denied { write } for pid=5228 comm="syz.4.13" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 89.903593][ T29] audit: type=1400 audit(1720929700.944:171): avc: denied { connect } for pid=5228 comm="syz.4.13" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 90.080381][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!! [ 91.341366][ T29] audit: type=1400 audit(1720929700.944:172): avc: denied { name_connect } for pid=5228 comm="syz.4.13" dest=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 91.371576][ T29] audit: type=1400 audit(1720929701.084:173): avc: denied { create } for pid=5230 comm="syz.2.15" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 91.392381][ T29] audit: type=1400 audit(1720929701.384:174): avc: denied { append } for pid=5230 comm="syz.2.15" name="nvme-fabrics" dev="devtmpfs" ino=687 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 91.424641][ T29] audit: type=1400 audit(1720929701.394:175): avc: denied { name_bind } for pid=5231 comm="syz.0.14" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 92.458245][ T5237] nvme_fabrics: unknown parameter or missing value ']' in ctrl creation request [ 92.685300][ T29] audit: type=1400 audit(1720929703.874:176): avc: denied { prog_run } for pid=5236 comm="syz.1.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 92.732845][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.744808][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 92.762208][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 93.080803][ T29] audit: type=1400 audit(1720929704.264:177): avc: denied { create } for pid=5236 comm="syz.1.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 94.181266][ T5255] fuse: Unknown parameter 'dont_measure' [ 94.509820][ T5267] hub 9-0:1.0: USB hub found [ 94.517116][ T5267] hub 9-0:1.0: 8 ports detected [ 95.231215][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 95.231233][ T29] audit: type=1400 audit(1720929706.424:179): avc: denied { create } for pid=5236 comm="syz.1.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 95.314486][ T5135] IPVS: starting estimator thread 0... [ 95.326394][ T29] audit: type=1400 audit(1720929706.464:180): avc: denied { write } for pid=5254 comm="syz.4.21" path="socket:[8477]" dev="sockfs" ino=8477 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 95.527452][ T29] audit: type=1400 audit(1720929706.474:181): avc: denied { setopt } for pid=5236 comm="syz.1.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 95.575185][ T5275] IPVS: using max 31 ests per chain, 74400 per kthread [ 95.607739][ T29] audit: type=1400 audit(1720929706.794:182): avc: denied { create } for pid=5271 comm="syz.3.25" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 95.712561][ T29] audit: type=1400 audit(1720929706.794:183): avc: denied { setopt } for pid=5271 comm="syz.3.25" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 95.766246][ T5270] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 96.736709][ T5291] ebtables: ebtables: counters copy to user failed while replacing table [ 97.763267][ T5294] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5294 comm=syz.4.29 [ 97.767032][ T29] audit: type=1400 audit(1720929708.954:184): avc: denied { create } for pid=5296 comm="syz.0.31" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 97.907703][ T29] audit: type=1400 audit(1720929709.004:185): avc: denied { setopt } for pid=5296 comm="syz.0.31" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 97.980227][ T29] audit: type=1400 audit(1720929709.044:186): avc: denied { connect } for pid=5296 comm="syz.0.31" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 98.103729][ T29] audit: type=1400 audit(1720929709.044:187): avc: denied { name_connect } for pid=5296 comm="syz.0.31" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 99.237052][ T29] audit: type=1400 audit(1720929710.414:188): avc: denied { accept } for pid=5308 comm="syz.1.34" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 99.442515][ T5319] netlink: 8 bytes leftover after parsing attributes in process `syz.1.34'. [ 100.319712][ T5331] netlink: 'syz.1.37': attribute type 15 has an invalid length. [ 100.357437][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 100.357485][ T29] audit: type=1400 audit(1720929711.544:193): avc: denied { mount } for pid=5324 comm="syz.4.36" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 100.363650][ T5331] netlink: 24 bytes leftover after parsing attributes in process `syz.1.37'. [ 100.711005][ T5325] 9pnet_fd: Insufficient options for proto=fd [ 100.899492][ T29] audit: type=1400 audit(1720929712.084:194): avc: denied { create } for pid=5307 comm="syz.0.35" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 101.168100][ T29] audit: type=1400 audit(1720929712.344:195): avc: denied { read } for pid=5307 comm="syz.0.35" name="event2" dev="devtmpfs" ino=838 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 101.192414][ T29] audit: type=1400 audit(1720929712.344:196): avc: denied { open } for pid=5307 comm="syz.0.35" path="/dev/input/event2" dev="devtmpfs" ino=838 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 102.707888][ T29] audit: type=1400 audit(1720929713.894:197): avc: denied { unmount } for pid=5084 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 104.323620][ T5352] ebtables: ebtables: counters copy to user failed while replacing table [ 104.910690][ T29] audit: type=1400 audit(1720929716.084:198): avc: denied { map_read map_write } for pid=5347 comm="syz.1.43" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 105.609338][ T5370] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 105.633594][ T25] IPVS: starting estimator thread 0... [ 105.751054][ T5371] IPVS: using max 22 ests per chain, 52800 per kthread [ 105.878565][ T5373] Zero length message leads to an empty skb [ 106.191675][ T5379] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 106.198661][ T5379] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 106.208001][ T5379] vhci_hcd vhci_hcd.0: Device attached [ 106.499928][ T785] usb 11-1: new low-speed USB device number 2 using vhci_hcd [ 107.139319][ T29] audit: type=1400 audit(1720929718.324:199): avc: denied { ioctl } for pid=5396 comm="syz.3.53" path="socket:[8786]" dev="sockfs" ino=8786 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 107.491700][ T5403] netlink: 'syz.4.54': attribute type 15 has an invalid length. [ 107.541729][ T5403] netlink: 24 bytes leftover after parsing attributes in process `syz.4.54'. [ 107.571287][ T5382] vhci_hcd: connection reset by peer [ 108.292569][ T12] vhci_hcd: stop threads [ 108.389912][ T29] audit: type=1400 audit(1720929719.574:200): avc: denied { search } for pid=4749 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 108.419585][ T12] vhci_hcd: release socket [ 108.455192][ T12] vhci_hcd: disconnect device [ 108.785842][ T5413] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 109.098792][ T29] audit: type=1400 audit(1720929720.284:201): avc: denied { bind } for pid=5416 comm="syz.3.56" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 109.243344][ T29] audit: type=1400 audit(1720929720.364:202): avc: denied { read } for pid=5422 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1410 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 109.448883][ T29] audit: type=1400 audit(1720929720.384:203): avc: denied { open } for pid=5422 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1410 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 109.636491][ T29] audit: type=1400 audit(1720929720.384:204): avc: denied { getattr } for pid=5422 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1410 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 109.733352][ T5428] 9pnet_fd: Insufficient options for proto=fd [ 109.787929][ T29] audit: type=1400 audit(1720929720.634:205): avc: denied { read } for pid=5427 comm="sed" name="eth0.dhcp" dev="tmpfs" ino=1446 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 109.940004][ T29] audit: type=1400 audit(1720929720.634:206): avc: denied { open } for pid=5427 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=1446 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 110.059077][ T29] audit: type=1400 audit(1720929720.634:207): avc: denied { getattr } for pid=5427 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=1446 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 110.115423][ T29] audit: type=1400 audit(1720929721.294:208): avc: denied { write } for pid=5417 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1409 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 110.633254][ T5458] netlink: 8 bytes leftover after parsing attributes in process `syz.1.62'. [ 111.880101][ T785] vhci_hcd: vhci_device speed not set [ 114.498323][ T5520] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5520 comm=syz.0.74 [ 114.625789][ T5517] ebtables: ebtables: counters copy to user failed while replacing table [ 114.958945][ T5524] 9pnet_fd: Insufficient options for proto=fd [ 115.140822][ T5532] syzkaller1: entered promiscuous mode [ 115.166005][ T5532] syzkaller1: entered allmulticast mode [ 115.801041][ T5099] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 115.811613][ T5099] Bluetooth: hci1: Injecting HCI hardware error event [ 115.821312][ T53] Bluetooth: hci1: hardware error 0x00 [ 116.169532][ T5546] 9pnet_fd: Insufficient options for proto=fd [ 117.809853][ T5561] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5561 comm=syz.1.85 [ 118.047724][ T53] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 118.361541][ T29] kauditd_printk_skb: 12 callbacks suppressed [ 118.361561][ T29] audit: type=1400 audit(1720929729.554:221): avc: denied { map } for pid=5570 comm="syz.0.86" path="/dev/ttyprintk" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1 [ 118.428259][ T29] audit: type=1400 audit(1720929729.604:222): avc: denied { ioctl } for pid=5570 comm="syz.0.86" path="/dev/vhost-net" dev="devtmpfs" ino=1084 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 118.483836][ T29] audit: type=1400 audit(1720929729.654:223): avc: denied { setopt } for pid=5570 comm="syz.0.86" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 118.503536][ T29] audit: type=1400 audit(1720929729.664:224): avc: denied { name_connect } for pid=5570 comm="syz.0.86" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 118.550860][ T29] audit: type=1400 audit(1720929729.714:225): avc: denied { shutdown } for pid=5570 comm="syz.0.86" lport=40893 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 118.678485][ T29] audit: type=1400 audit(1720929729.864:226): avc: denied { write } for pid=5579 comm="syz.4.88" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 118.774996][ T5582] syzkaller1: entered promiscuous mode [ 118.788695][ T5582] syzkaller1: entered allmulticast mode [ 120.617513][ T5612] fuse: Unknown parameter 'use00000000000000000000' [ 121.489682][ T5617] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5617 comm=syz.2.97 [ 122.258815][ T29] audit: type=1400 audit(1720929733.444:227): avc: denied { bind } for pid=5641 comm="syz.2.102" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 122.357426][ T29] audit: type=1400 audit(1720929733.474:228): avc: denied { setopt } for pid=5641 comm="syz.2.102" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 122.557153][ T5642] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 125.164079][ T5676] fuse: Unknown parameter 'user_i00000000000000000000' [ 130.548492][ T5751] netlink: 'syz.4.128': attribute type 15 has an invalid length. [ 130.567066][ T5751] netlink: 24 bytes leftover after parsing attributes in process `syz.4.128'. [ 131.327960][ T53] Bluetooth: hci0: unexpected event 0x06 length: 31 > 3 [ 131.609373][ T5141] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 131.871680][ T5141] usb 1-1: Using ep0 maxpacket: 16 [ 131.899557][ T5141] usb 1-1: config 1 interface 0 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 1023 [ 131.915084][ T5141] usb 1-1: config 1 interface 0 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 131.934823][ T5141] usb 1-1: config 1 interface 0 has no altsetting 0 [ 131.948884][ T5141] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 131.993209][ T5141] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 132.013949][ T5141] usb 1-1: Product: syz [ 132.018769][ T5141] usb 1-1: Manufacturer: ᚜菇✖髤㜾釓엷樇큨앷⎞ꢔ栈ㅢ窂뫥ㅪ鵌ӄ鯔᧛㲠쉢題ꋾ엛溤啗 [ 132.056657][ T5141] usb 1-1: SerialNumber: syz [ 132.118119][ T5771] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 132.199798][ T53] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 132.208629][ T53] Bluetooth: hci4: Injecting HCI hardware error event [ 132.217765][ T5099] Bluetooth: hci4: hardware error 0x00 [ 133.612010][ T53] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 133.622032][ T53] Bluetooth: hci0: Injecting HCI hardware error event [ 133.630546][ T1241] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.638594][ T53] Bluetooth: hci0: hardware error 0x00 [ 133.836897][ T1241] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.279268][ T5099] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 134.660614][ T29] audit: type=1400 audit(1720929745.854:229): avc: denied { bind } for pid=5770 comm="syz.0.133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 134.878548][ T5771] Bluetooth: MGMT ver 1.22 [ 237.829037][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 237.836119][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P5784/1:b..l [ 237.844481][ C1] rcu: (detected by 1, t=10502 jiffies, g=12021, q=595 ncpus=2) [ 237.852197][ C1] task:syz.2.136 state:R running task stack:26880 pid:5784 tgid:5778 ppid:5085 flags:0x00004006 [ 237.864792][ C1] Call Trace: [ 237.868066][ C1] [ 237.871008][ C1] __schedule+0xf15/0x5d00 [ 237.875434][ C1] ? hlock_class+0x4e/0x130 [ 237.879935][ C1] ? mark_lock+0xb5/0xc60 [ 237.884269][ C1] ? __pfx_mark_lock+0x10/0x10 [ 237.889039][ C1] ? __pfx___schedule+0x10/0x10 [ 237.893900][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 237.899117][ C1] preempt_schedule_irq+0x51/0x90 [ 237.904134][ C1] irqentry_exit+0x36/0x90 [ 237.908545][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 237.914574][ C1] RIP: 0010:lock_release+0x3ba/0x6c0 [ 237.919909][ C1] Code: 7e 83 f8 01 0f 85 f5 01 00 00 9c 58 f6 c4 02 0f 85 e0 01 00 00 48 f7 04 24 00 02 00 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c5 48 c7 45 00 00 00 00 00 c7 45 08 00 00 00 00 48 8b 84 24 [ 237.939548][ C1] RSP: 0018:ffffc900035c7798 EFLAGS: 00000206 [ 237.945630][ C1] RAX: dffffc0000000000 RBX: d5e9e978e57f2557 RCX: ffffc900035c77e8 [ 237.953618][ C1] RDX: 1ffff1100421e8da RSI: ffffffff8b2cb200 RDI: ffffffff8b9039c0 [ 237.961587][ C1] RBP: 1ffff920006b8ef5 R08: 0000000000000000 R09: fffffbfff1fc90da [ 237.969552][ C1] R10: ffffffff8fe486d7 R11: 0000000000000001 R12: 0000000000000001 [ 237.977532][ C1] R13: 0000000000000002 R14: ffff8880210f46d8 R15: ffff8880210f3c00 [ 237.985512][ C1] ? blk_cgroup_congested+0x156/0x2a0 [ 237.990887][ C1] ? __pfx_lock_release+0x10/0x10 [ 237.995916][ C1] blk_cgroup_congested+0x15b/0x2a0 [ 238.001129][ C1] __folio_throttle_swaprate+0xa8/0x2f0 [ 238.006694][ C1] __handle_mm_fault+0x2d1e/0x5410 [ 238.011840][ C1] ? __pfx_mt_find+0x10/0x10 [ 238.016448][ C1] ? __pfx___handle_mm_fault+0x10/0x10 [ 238.021927][ C1] ? find_vma+0xc0/0x140 [ 238.026185][ C1] ? __pfx_find_vma+0x10/0x10 [ 238.030859][ C1] handle_mm_fault+0x476/0xa00 [ 238.035626][ C1] ? lock_mm_and_find_vma+0xa6/0x6a0 [ 238.040901][ C1] do_user_addr_fault+0x2e5/0xe50 [ 238.045936][ C1] exc_page_fault+0x5c/0xc0 [ 238.050465][ C1] asm_exc_page_fault+0x26/0x30 [ 238.055312][ C1] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 238.061135][ C1] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 238.080753][ C1] RSP: 0018:ffffc900035c7bd0 EFLAGS: 00050246 [ 238.086811][ C1] RAX: 0000000000000001 RBX: 0000000000000040 RCX: 0000000000000040 [ 238.094773][ C1] RDX: fffff520006b8fbb RSI: ffffc900035c7d98 RDI: 00000000200f9000 [ 238.102772][ C1] RBP: 00000000200f9000 R08: 0000000000000000 R09: fffff520006b8fba [ 238.110739][ C1] R10: ffffc900035c7dd7 R11: 0000000000000000 R12: ffffc900035c7e88 [ 238.118704][ C1] R13: 00000000200f9040 R14: ffffc900035c7d98 R15: 0000000000000000 [ 238.126689][ C1] _copy_to_iter+0x37e/0x1140 [ 238.131372][ C1] ? chacha_block_generic+0x18a/0x270 [ 238.136768][ C1] ? __pfx__copy_to_iter+0x10/0x10 [ 238.141934][ C1] ? __pfx___might_resched+0x10/0x10 [ 238.147232][ C1] ? get_random_bytes_user+0x1cc/0x3c0 [ 238.152750][ C1] get_random_bytes_user+0x180/0x3c0 [ 238.158042][ C1] ? __pfx_get_random_bytes_user+0x10/0x10 [ 238.163851][ C1] ? do_futex+0x123/0x350 [ 238.168179][ C1] __x64_sys_getrandom+0x184/0x290 [ 238.173292][ C1] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 238.178952][ C1] ? xfd_validate_state+0x5d/0x180 [ 238.184064][ C1] do_syscall_64+0xcd/0x250 [ 238.188568][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.194462][ C1] RIP: 0033:0x7efc4f375bd9 [ 238.198891][ C1] RSP: 002b:00007efc50180048 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 238.207383][ C1] RAX: ffffffffffffffda RBX: 00007efc4f504038 RCX: 00007efc4f375bd9 [ 238.215462][ C1] RDX: 0000000000000000 RSI: 00000000ffffff4f RDI: 0000000020000600 [ 238.223424][ C1] RBP: 00007efc4f3e4e60 R08: 0000000000000000 R09: 0000000000000000 [ 238.231397][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.239362][ C1] R13: 000000000000006e R14: 00007efc4f504038 R15: 00007ffd9abddb78 [ 238.247327][ C1] [ 238.250359][ C1] rcu: rcu_preempt kthread starved for 10337 jiffies! g12021 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 238.261576][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 238.271536][ C1] rcu: RCU grace-period kthread stack dump: [ 238.277407][ C1] task:rcu_preempt state:R running task stack:27232 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 238.289130][ C1] Call Trace: [ 238.292426][ C1] [ 238.295351][ C1] __schedule+0xf15/0x5d00 [ 238.299776][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 238.304986][ C1] ? __pfx___schedule+0x10/0x10 [ 238.309825][ C1] ? schedule+0x298/0x350 [ 238.314146][ C1] ? __pfx_lock_release+0x10/0x10 [ 238.319164][ C1] ? __pfx___mod_timer+0x10/0x10 [ 238.324096][ C1] ? lock_acquire+0x1b1/0x560 [ 238.328765][ C1] ? lockdep_init_map_type+0x16d/0x7d0 [ 238.334229][ C1] schedule+0xe7/0x350 [ 238.338309][ C1] schedule_timeout+0x136/0x2a0 [ 238.343147][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 238.348511][ C1] ? __pfx_process_timeout+0x10/0x10 [ 238.353808][ C1] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 238.359651][ C1] ? prepare_to_swait_event+0xf0/0x470 [ 238.365127][ C1] rcu_gp_fqs_loop+0x1eb/0xb00 [ 238.369896][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 238.375179][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 238.380387][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 238.386186][ C1] rcu_gp_kthread+0x271/0x380 [ 238.390866][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 238.396075][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 238.401265][ C1] ? __kthread_parkme+0x148/0x220 [ 238.406287][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 238.411506][ C1] kthread+0x2c1/0x3a0 [ 238.415577][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 238.420785][ C1] ? __pfx_kthread+0x10/0x10 [ 238.425368][ C1] ret_from_fork+0x45/0x80 [ 238.429779][ C1] ? __pfx_kthread+0x10/0x10 [ 238.434362][ C1] ret_from_fork_asm+0x1a/0x30 [ 238.439121][ C1] [ 238.442132][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 238.448448][ C1] Sending NMI from CPU 1 to CPUs 0: [ 238.453653][ C0] NMI backtrace for cpu 0 [ 238.453677][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0 [ 238.453704][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 238.453719][ C0] RIP: 0010:kasan_save_free_info+0xb/0x60 [ 238.453756][ C0] Code: cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 63 bf c0 00 00 00 <81> ff ff ff ff 7f 74 48 48 01 f7 74 43 48 b8 00 00 00 00 00 fc ff [ 238.453779][ C0] RSP: 0018:ffffc90000007b88 EFLAGS: 00000246 [ 238.453800][ C0] RAX: ffffed100aa38390 RBX: ffff8880551c1c80 RCX: 0000000000000000 [ 238.453817][ C0] RDX: 0000000000000000 RSI: ffff8880551c1c80 RDI: 0000000000000000 [ 238.453834][ C0] RBP: ffff888019299780 R08: 0000000000000140 R09: 0000000000000000 [ 238.453850][ C0] R10: ffffed100aa38390 R11: 0000000000000001 R12: 0000000000000000 [ 238.453866][ C0] R13: ffffffff88bca49e R14: ffffea0001547040 R15: 0000000000000000 [ 238.453883][ C0] FS: 0000000000000000(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 238.453907][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.453933][ C0] CR2: 000000110c3bed4f CR3: 0000000062c8e000 CR4: 00000000003526f0 [ 238.453949][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 238.453964][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 238.453980][ C0] Call Trace: [ 238.453988][ C0] [ 238.453996][ C0] ? show_regs+0x8c/0xa0 [ 238.454033][ C0] ? nmi_cpu_backtrace+0x1d8/0x390 [ 238.454072][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 238.454107][ C0] ? nmi_handle+0x1a9/0x5c0 [ 238.454144][ C0] ? kasan_save_free_info+0xb/0x60 [ 238.454174][ C0] ? default_do_nmi+0x6a/0x160 [ 238.454200][ C0] ? exc_nmi+0x170/0x1e0 [ 238.454224][ C0] ? end_repeat_nmi+0xf/0x53 [ 238.454250][ C0] ? kfree_skbmem+0x10e/0x200 [ 238.454282][ C0] ? kasan_save_free_info+0xb/0x60 [ 238.454312][ C0] ? kasan_save_free_info+0xb/0x60 [ 238.454342][ C0] ? kasan_save_free_info+0xb/0x60 [ 238.454373][ C0] [ 238.454380][ C0] [ 238.454387][ C0] poison_slab_object+0xf7/0x160 [ 238.454425][ C0] __kasan_slab_free+0x32/0x50 [ 238.454463][ C0] kmem_cache_free+0x12f/0x3a0 [ 238.454501][ C0] ? skb_release_data+0x761/0x980 [ 238.454535][ C0] ? kfree_skbmem+0x10e/0x200 [ 238.454565][ C0] kfree_skbmem+0x10e/0x200 [ 238.454595][ C0] consume_skb+0xdd/0x170 [ 238.454633][ C0] mac80211_hwsim_tx_frame+0x1f3/0x2a0 [ 238.454670][ C0] mac80211_hwsim_beacon_tx+0x592/0xa00 [ 238.454707][ C0] ? find_held_lock+0x2d/0x110 [ 238.454738][ C0] __iterate_interfaces+0x2d2/0x580 [ 238.454767][ C0] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 238.454804][ C0] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 238.454839][ C0] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 238.454868][ C0] ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0 [ 238.454903][ C0] mac80211_hwsim_beacon+0x105/0x200 [ 238.454937][ C0] __hrtimer_run_queues+0x20c/0xcc0 [ 238.454970][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 238.455000][ C0] ? ktime_get_update_offsets_now+0x201/0x310 [ 238.455040][ C0] hrtimer_run_softirq+0x17d/0x350 [ 238.455070][ C0] handle_softirqs+0x216/0x8f0 [ 238.455101][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 238.455131][ C0] irq_exit_rcu+0xbb/0x120 [ 238.455160][ C0] sysvec_apic_timer_interrupt+0x95/0xb0 [ 238.455193][ C0] [ 238.455200][ C0] [ 238.455208][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 238.455235][ C0] RIP: 0010:acpi_safe_halt+0x1a/0x20 [ 238.455259][ C0] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 65 48 8b 05 c8 d4 1b 75 48 8b 00 a8 08 75 0c 66 90 0f 00 2d 78 72 b3 00 fb f4 c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 238.455282][ C0] RSP: 0018:ffffffff8d807d70 EFLAGS: 00000246 [ 238.455300][ C0] RAX: 0000000000004000 RBX: 0000000000000001 RCX: ffffffff8ae7e759 [ 238.455317][ C0] RDX: 0000000000000001 RSI: ffff88801a2b2000 RDI: ffff88801a2b2064 [ 238.455333][ C0] RBP: ffff88801a2b2064 R08: 0000000000000001 R09: ffffed1017246fdd [ 238.455350][ C0] R10: ffff8880b9237eeb R11: 0000000000000000 R12: ffff88801b35b000 [ 238.455366][ C0] R13: ffffffff8e745940 R14: 0000000000000000 R15: 0000000000000000 [ 238.455384][ C0] ? ct_kernel_exit+0x139/0x190 [ 238.455420][ C0] acpi_idle_enter+0xc5/0x160 [ 238.455443][ C0] cpuidle_enter_state+0x85/0x500 [ 238.455480][ C0] ? __pfx_tsc_verify_tsc_adjust+0x10/0x10 [ 238.455516][ C0] cpuidle_enter+0x4e/0xa0 [ 238.455556][ C0] do_idle+0x313/0x3f0 [ 238.455581][ C0] ? __pfx_do_idle+0x10/0x10 [ 238.455608][ C0] cpu_startup_entry+0x4f/0x60 [ 238.455634][ C0] rest_init+0x16b/0x2b0 [ 238.455657][ C0] ? acpi_subsystem_init+0x133/0x180 [ 238.455686][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 238.455718][ C0] start_kernel+0x3df/0x4c0 [ 238.455747][ C0] x86_64_start_reservations+0x18/0x30 [ 238.455777][ C0] x86_64_start_kernel+0xb2/0xc0 [ 238.455805][ C0] common_startup_64+0x13e/0x148 [ 238.455834][ C0] [ 238.945294][ C1] sched: RT throttling activated