Warning: Permanently added '[localhost]:7173' (ECDSA) to the list of known hosts. 2020/11/28 05:08:13 fuzzer started 2020/11/28 05:08:14 dialing manager at 10.0.2.10:45345 2020/11/28 05:08:14 syscalls: 3440 2020/11/28 05:08:14 code coverage: enabled 2020/11/28 05:08:14 comparison tracing: enabled 2020/11/28 05:08:14 extra coverage: enabled 2020/11/28 05:08:14 setuid sandbox: enabled 2020/11/28 05:08:14 namespace sandbox: enabled 2020/11/28 05:08:14 Android sandbox: /sys/fs/selinux/policy does not exist 2020/11/28 05:08:14 fault injection: enabled 2020/11/28 05:08:14 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/11/28 05:08:14 net packet injection: enabled 2020/11/28 05:08:14 net device setup: enabled 2020/11/28 05:08:14 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/11/28 05:08:14 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/11/28 05:08:14 USB emulation: enabled 2020/11/28 05:08:14 hci packet injection: enabled 2020/11/28 05:08:14 wifi device emulation: enabled 05:09:39 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280)='ethtool\x00') sendmsg$ETHTOOL_MSG_FEATURES_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}]}]}, 0x2c}}, 0x0) 05:09:39 executing program 1: r0 = socket$unix(0x1, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000040)=0x200, 0x4) 05:09:40 executing program 2: r0 = socket$unix(0x1, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0x1, &(0x7f0000000040)=0x1, 0x4) 05:09:40 executing program 3: pselect6(0x88, &(0x7f0000000040), &(0x7f0000000100), 0x0, &(0x7f0000000180)={0x77359400}, 0x0) syzkaller login: [ 210.834882][ T9170] IPVS: ftp: loaded support on port[0] = 21 [ 211.173232][ T9170] chnl_net:caif_netlink_parms(): no params data found [ 211.229790][ T9172] IPVS: ftp: loaded support on port[0] = 21 [ 211.384563][ T9170] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.414684][ T9170] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.434749][ T9170] device bridge_slave_0 entered promiscuous mode [ 211.463696][ T9170] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.488562][ T9170] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.519780][ T9170] device bridge_slave_1 entered promiscuous mode [ 211.573889][ T9170] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 211.606946][ T9170] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 211.657893][ T9170] team0: Port device team_slave_0 added [ 211.681675][ T9170] team0: Port device team_slave_1 added [ 211.737694][ T9174] IPVS: ftp: loaded support on port[0] = 21 [ 211.764102][ T9170] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 211.784216][ T9170] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.851797][ T9170] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 211.876061][ T9170] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 211.889450][ T9170] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.938216][ T9170] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 211.967165][ T9172] chnl_net:caif_netlink_parms(): no params data found [ 212.047096][ T9170] device hsr_slave_0 entered promiscuous mode [ 212.075309][ T9170] device hsr_slave_1 entered promiscuous mode [ 212.206474][ T9172] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.220341][ T9172] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.232804][ T9172] device bridge_slave_0 entered promiscuous mode [ 212.257859][ T9172] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.269461][ T9172] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.281097][ T9172] device bridge_slave_1 entered promiscuous mode [ 212.333028][ T9172] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 212.353087][ T9172] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 212.394782][ T9172] team0: Port device team_slave_0 added [ 212.398189][ T9180] IPVS: ftp: loaded support on port[0] = 21 [ 212.410871][ T9172] team0: Port device team_slave_1 added [ 212.458116][ T9172] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 212.478090][ T9172] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.524180][ T9172] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 212.543815][ T9172] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 212.554017][ T9172] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.606344][ T9172] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 212.667270][ T9172] device hsr_slave_0 entered promiscuous mode [ 212.683896][ T9172] device hsr_slave_1 entered promiscuous mode [ 212.702490][ T9172] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 212.713629][ T9172] Cannot create hsr debugfs directory [ 212.775258][ T9174] chnl_net:caif_netlink_parms(): no params data found [ 212.812430][ T3080] Bluetooth: hci0: command 0x0409 tx timeout [ 212.823613][ T9170] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 212.854562][ T9170] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 212.887260][ T9170] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 212.906175][ T9170] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 212.962877][ T9174] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.977664][ T9174] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.988705][ T9174] device bridge_slave_0 entered promiscuous mode [ 213.004570][ T9174] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.019522][ T9174] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.030336][ T9174] device bridge_slave_1 entered promiscuous mode [ 213.062283][ T9174] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 213.113091][ T9174] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 213.159351][ T9174] team0: Port device team_slave_0 added [ 213.200261][ T9174] team0: Port device team_slave_1 added [ 213.210576][ T3342] Bluetooth: hci1: command 0x0409 tx timeout [ 213.221208][ T9180] chnl_net:caif_netlink_parms(): no params data found [ 213.250484][ T9174] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 213.267189][ T9174] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 213.306622][ T9174] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 213.340117][ T9174] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 213.356228][ T9174] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 213.396654][ T9174] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 213.435101][ T9172] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 213.459515][ T9172] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 213.505629][ T9172] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 213.529203][ T9172] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 213.559034][ T9174] device hsr_slave_0 entered promiscuous mode [ 213.574121][ T9174] device hsr_slave_1 entered promiscuous mode [ 213.589691][ T9174] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 213.609052][ T9174] Cannot create hsr debugfs directory [ 213.644470][ T9180] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.655801][ T9180] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.668594][ T9180] device bridge_slave_0 entered promiscuous mode [ 213.691195][ T9180] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.703014][ T9180] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.716777][ T9180] device bridge_slave_1 entered promiscuous mode [ 213.762622][ T3080] Bluetooth: hci2: command 0x0409 tx timeout [ 213.773694][ T9180] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 213.816426][ T9180] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 213.891064][ T9180] team0: Port device team_slave_0 added [ 213.921361][ T9180] team0: Port device team_slave_1 added [ 213.979531][ T9180] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 213.990529][ T9180] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.056604][ T9180] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 214.112711][ T9180] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 214.130274][ T9180] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.214552][ T9180] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 214.274498][ T9174] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 214.301315][ T9174] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 214.322923][ T23] Bluetooth: hci3: command 0x0409 tx timeout [ 214.334358][ T9174] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 214.388593][ T9172] 8021q: adding VLAN 0 to HW filter on device bond0 [ 214.418676][ T9180] device hsr_slave_0 entered promiscuous mode [ 214.436724][ T9180] device hsr_slave_1 entered promiscuous mode [ 214.451343][ T9180] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 214.482882][ T9180] Cannot create hsr debugfs directory [ 214.500881][ T9174] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 214.550400][ T9170] 8021q: adding VLAN 0 to HW filter on device bond0 [ 214.602757][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 214.624344][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 214.668216][ T9170] 8021q: adding VLAN 0 to HW filter on device team0 [ 214.693336][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 214.715485][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 214.736908][ T9172] 8021q: adding VLAN 0 to HW filter on device team0 [ 214.770131][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 214.792334][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 214.815137][ T23] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.833043][ T23] bridge0: port 1(bridge_slave_0) entered forwarding state [ 214.851215][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 214.885747][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 214.912882][ T23] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.936595][ T23] bridge0: port 2(bridge_slave_1) entered forwarding state [ 214.960846][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 214.980424][ T9201] Bluetooth: hci0: command 0x041b tx timeout [ 214.984098][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 215.011295][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 215.023782][ T1722] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.042692][ T1722] bridge0: port 1(bridge_slave_0) entered forwarding state [ 215.055269][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 215.114054][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 215.134940][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 215.156981][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 215.176706][ T4786] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.190918][ T4786] bridge0: port 2(bridge_slave_1) entered forwarding state [ 215.210472][ T9180] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 215.242365][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 215.266619][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 215.283565][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 215.291718][ T3342] Bluetooth: hci1: command 0x041b tx timeout [ 215.297098][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 215.321264][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 215.336992][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 215.353737][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 215.372418][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 215.391160][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 215.407680][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 215.420312][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 215.442756][ T9180] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 215.455754][ T9180] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 215.476992][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 215.493042][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 215.505877][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 215.518369][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 215.535856][ T9172] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 215.546994][ T9180] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 215.571479][ T9170] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 215.587246][ T9170] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 215.618409][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 215.636892][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 215.650647][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 215.676308][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 215.690965][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 215.703097][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 215.715470][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 215.746849][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 215.770125][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 215.793598][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 215.813495][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 215.835926][ T9170] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 215.842247][ T3080] Bluetooth: hci2: command 0x041b tx timeout [ 215.882812][ T9172] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 215.895938][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 215.912467][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 215.940168][ T9174] 8021q: adding VLAN 0 to HW filter on device bond0 [ 215.957649][ T9170] device veth0_vlan entered promiscuous mode [ 215.973700][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 215.996950][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 216.017667][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 216.029563][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 216.058979][ T9170] device veth1_vlan entered promiscuous mode [ 216.076137][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 216.094382][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 216.106578][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 216.128168][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 216.143558][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 216.168296][ T9174] 8021q: adding VLAN 0 to HW filter on device team0 [ 216.194156][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 216.209093][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 216.225150][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 216.240940][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 216.256047][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 216.284240][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 216.301380][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 216.318610][ T1722] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.332299][ T1722] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.345737][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 216.359266][ T9172] device veth0_vlan entered promiscuous mode [ 216.386661][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 216.401916][ T4786] Bluetooth: hci3: command 0x041b tx timeout [ 216.405729][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 216.432656][ T3342] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.448461][ T3342] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.478162][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 216.501046][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 216.519806][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 216.543722][ T9170] device veth0_macvtap entered promiscuous mode [ 216.572405][ T9172] device veth1_vlan entered promiscuous mode [ 216.604830][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 216.622371][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 216.639012][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 216.660066][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 216.680617][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 216.697209][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 216.710268][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 216.725518][ T9180] 8021q: adding VLAN 0 to HW filter on device bond0 [ 216.745557][ T9170] device veth1_macvtap entered promiscuous mode [ 216.766568][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 216.782795][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 216.800133][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 216.828727][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 216.843606][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 216.866643][ T9174] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 216.889775][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 216.905097][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 216.919073][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 216.934181][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 216.952776][ T9180] 8021q: adding VLAN 0 to HW filter on device team0 [ 216.965721][ T9170] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 216.978488][ T9172] device veth0_macvtap entered promiscuous mode [ 216.994441][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 217.007672][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 217.019971][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 217.036322][ T9172] device veth1_macvtap entered promiscuous mode [ 217.049346][ T4786] Bluetooth: hci0: command 0x040f tx timeout [ 217.064821][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 217.075188][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 217.101420][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 217.119756][ T3080] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.133924][ T3080] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.147528][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 217.159132][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 217.170016][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 217.193369][ T9174] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 217.208988][ T9170] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 217.235046][ T9172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 217.264185][ T9172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.285431][ T9172] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 217.301247][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 217.319587][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 217.335500][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 217.353232][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 217.362239][ T3342] Bluetooth: hci1: command 0x040f tx timeout [ 217.380507][ T18] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.434200][ T18] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.467169][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 217.498977][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 217.520234][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 217.558846][ T9170] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.583422][ T9170] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.610232][ T9170] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.629885][ T9170] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.655775][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 217.673709][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 217.694699][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 217.735883][ T9172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 217.753511][ T9172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.768967][ T9172] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 217.788634][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 217.803327][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 217.822101][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 217.837266][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 217.853734][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 217.870323][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 217.886705][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 217.913750][ T9172] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.928486][ T3342] Bluetooth: hci2: command 0x040f tx timeout [ 217.932224][ T9172] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.950998][ T9172] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.968468][ T9172] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.005578][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 218.020192][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 218.031237][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 218.043571][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 218.057853][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 218.069852][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 218.088268][ T9174] device veth0_vlan entered promiscuous mode [ 218.119268][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 218.135408][ T3080] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 218.160844][ T9180] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 218.200862][ T9174] device veth1_vlan entered promiscuous mode [ 218.229408][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 218.247929][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 218.261915][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 218.275732][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 218.322854][ T9180] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 218.358473][ T2979] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 218.371177][ T2979] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.375569][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 218.399635][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 218.420795][ T9174] device veth0_macvtap entered promiscuous mode [ 218.447366][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 218.460497][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 218.474395][ T2979] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 218.481873][ T9201] Bluetooth: hci3: command 0x040f tx timeout [ 218.485692][ T2979] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.498124][ T9174] device veth1_macvtap entered promiscuous mode [ 218.527653][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 218.538983][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 218.554818][ T9184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 218.567788][ T9174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 218.591758][ T9184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.604250][ T9174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.640459][ T9174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 218.661809][ T9174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.677653][ T9174] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 218.698039][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 218.709330][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 218.721656][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 218.733770][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 218.746063][ T9203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 218.773890][ T9174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 218.795791][ T9174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.816458][ T9174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 218.833802][ T9174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.857054][ T9174] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 218.878205][ T9184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 218.887348][ T9172] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 218.892320][ T9180] device veth0_vlan entered promiscuous mode [ 218.897791][ T9184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.897874][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 218.899708][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 218.900858][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready 05:09:49 executing program 1: io_setup(0x9, &(0x7f0000000000)=0x0) io_pgetevents(r0, 0x0, 0x0, 0x0, 0x0, 0x0) io_getevents(r0, 0x0, 0x0, 0x0, &(0x7f0000000440)) [ 218.901227][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 218.903409][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 218.904204][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 218.906903][ T9174] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.906919][ T9174] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.906934][ T9174] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.906947][ T9174] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.090332][ T9200] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 219.104642][ T9180] device veth1_vlan entered promiscuous mode [ 219.131770][ T1722] Bluetooth: hci0: command 0x0419 tx timeout [ 219.160587][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 219.183684][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 219.196642][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 219.211262][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready 05:09:49 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x19, 0x4, 0x4, 0x7, 0x2}, 0x40) [ 219.246447][ T9180] device veth0_macvtap entered promiscuous mode 05:09:49 executing program 1: bpf$BPF_BTF_LOAD(0xe, 0x0, 0x0) 05:09:49 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x3, 0x0) ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f0000000180)=""/2) [ 219.288542][ T9180] device veth1_macvtap entered promiscuous mode 05:09:49 executing program 1: bpf$BPF_BTF_LOAD(0x23, 0x0, 0x0) [ 219.313885][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 219.315177][ T9192] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.324979][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 219.347933][ T9192] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 05:09:49 executing program 1: r0 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000000), &(0x7f0000000080)=0x30) [ 219.375887][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 219.392974][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.409220][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 219.431376][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.449017][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 219.451745][ T28] Bluetooth: hci1: command 0x0419 tx timeout [ 219.466642][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.501045][ T9180] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 219.535023][ T9184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.550216][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 219.551358][ T9184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 219.565419][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 219.592877][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 219.609144][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 219.628158][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 219.658155][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.675152][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 219.696095][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.714490][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 219.729536][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.743726][ T9180] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 219.754482][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 219.767880][ T9201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 219.794330][ T9180] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.812093][ T9180] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.828451][ T9180] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.849144][ T9180] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.920874][ T9231] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 05:09:50 executing program 1: r0 = socket$unix(0x1, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040)=0x1, 0x4) [ 219.936778][ T9231] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 219.958920][ T9184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.960372][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 219.973274][ T9184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 219.999620][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 220.017364][ T3342] Bluetooth: hci2: command 0x0419 tx timeout [ 220.563991][ T23] Bluetooth: hci3: command 0x0419 tx timeout 05:09:51 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@const={0x0, 0x0, 0x0, 0x2}]}}, &(0x7f00000001c0)=""/180, 0x26, 0xb4, 0x1}, 0x20) 05:09:51 executing program 3: syz_emit_ethernet(0x3e, &(0x7f0000000240)={@broadcast, @random="719e03966bab", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "5ba19a", 0x8, 0x3a, 0xff, @empty, @mcast2, {[], @ndisc_rs}}}}}, 0x0) 05:09:51 executing program 0: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='gid_map\x00') 05:09:51 executing program 1: r0 = socket$unix(0x1, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0x19, &(0x7f0000000040)=0x1, 0x4) 05:09:51 executing program 0: clock_gettime(0x1, &(0x7f0000000480)) 05:09:51 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@const={0x0, 0x0, 0x0, 0x2}]}}, &(0x7f00000001c0)=""/180, 0x26, 0xb4, 0x1}, 0x20) 05:09:51 executing program 3: socket(0x26, 0x5, 0x2000004) 05:09:51 executing program 1: 05:09:51 executing program 2: 05:09:51 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x3c1, 0x3, 0x30c, 0x17c, 0x17c, 0x17c, 0x17c, 0x5, 0x244, 0x260, 0x260, 0x244, 0x260, 0x3, 0x0, {[{{@ipv6={@ipv4, @mcast1, [], [], 'erspan0\x00', 'veth1_virt_wifi\x00'}, 0x0, 0x114, 0x17c, 0x52020000, {}, [@common=@unspec=@time={{0x38, 'time\x00'}}, @common=@unspec=@statistic={{0x38, 'statistic\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}, {{@ipv6={@mcast2, @empty, [], [], 'ip6tnl0\x00', 'veth1_to_batadv\x00'}, 0x0, 0xa4, 0xc8}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}], {{[], 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x368) 05:09:51 executing program 1: r0 = socket$unix(0x1, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0x24, &(0x7f0000000040)=0x1, 0x4) 05:09:51 executing program 3: r0 = timerfd_create(0x9, 0x0) timerfd_gettime(r0, &(0x7f0000000340)) 05:09:51 executing program 2: 05:09:51 executing program 1: [ 221.134423][ T9276] xt_CT: You must specify a L4 protocol and not use inversions on it 05:09:51 executing program 2: 05:09:51 executing program 3: 05:09:51 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x3c1, 0x3, 0x30c, 0x17c, 0x17c, 0x17c, 0x17c, 0x5, 0x244, 0x260, 0x260, 0x244, 0x260, 0x3, 0x0, {[{{@ipv6={@ipv4, @mcast1, [], [], 'erspan0\x00', 'veth1_virt_wifi\x00'}, 0x0, 0x114, 0x17c, 0x52020000, {}, [@common=@unspec=@time={{0x38, 'time\x00'}}, @common=@unspec=@statistic={{0x38, 'statistic\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}, {{@ipv6={@mcast2, @empty, [], [], 'ip6tnl0\x00', 'veth1_to_batadv\x00'}, 0x0, 0xa4, 0xc8}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}], {{[], 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x368) 05:09:51 executing program 2: [ 221.212775][ T9286] xt_CT: You must specify a L4 protocol and not use inversions on it 05:09:51 executing program 3: 05:09:51 executing program 1: 05:09:51 executing program 2: 05:09:51 executing program 0: 05:09:51 executing program 3: 05:09:51 executing program 1: 05:09:51 executing program 0: 05:09:51 executing program 2: 05:09:51 executing program 3: 05:09:51 executing program 0: 05:09:51 executing program 1: 05:09:51 executing program 3: 05:09:51 executing program 2: 05:09:51 executing program 3: 05:09:51 executing program 0: 05:09:51 executing program 1: 05:09:51 executing program 2: 05:09:52 executing program 3: 05:09:52 executing program 1: 05:09:52 executing program 0: 05:09:52 executing program 2: 05:09:52 executing program 3: 05:09:52 executing program 2: 05:09:52 executing program 1: 05:09:52 executing program 0: 05:09:52 executing program 3: 05:09:52 executing program 2: 05:09:52 executing program 1: 05:09:52 executing program 0: 05:09:52 executing program 2: 05:09:52 executing program 3: 05:09:52 executing program 0: 05:09:52 executing program 1: 05:09:52 executing program 2: 05:09:52 executing program 0: 05:09:52 executing program 1: r0 = openat$rtc(0xffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x6, 0x0, 0x61}) 05:09:52 executing program 3: 05:09:52 executing program 2: 05:09:52 executing program 2: 05:09:52 executing program 0: 05:09:52 executing program 3: 05:09:52 executing program 1: 05:09:52 executing program 0: 05:09:52 executing program 3: 05:09:52 executing program 1: 05:09:52 executing program 2: 05:09:52 executing program 2: 05:09:52 executing program 0: 05:09:52 executing program 3: 05:09:52 executing program 1: 05:09:52 executing program 2: 05:09:52 executing program 0: 05:09:52 executing program 1: 05:09:52 executing program 3: 05:09:52 executing program 1: 05:09:52 executing program 2: 05:09:52 executing program 3: 05:09:52 executing program 0: 05:09:52 executing program 2: 05:09:52 executing program 3: 05:09:52 executing program 1: 05:09:52 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x5, 0x0, 0x0, 0x2, 0x0, 0x1}, 0x40) 05:09:52 executing program 0: rt_tgsigqueueinfo(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)={0x0, 0x0, 0xfffffffe}) 05:09:52 executing program 1: 05:09:52 executing program 3: 05:09:52 executing program 2: 05:09:52 executing program 0: 05:09:52 executing program 1: 05:09:52 executing program 3: 05:09:52 executing program 2: 05:09:52 executing program 0: 05:09:52 executing program 1: 05:09:52 executing program 2: 05:09:52 executing program 1: 05:09:52 executing program 0: 05:09:52 executing program 3: 05:09:52 executing program 3: 05:09:52 executing program 2: 05:09:52 executing program 1: 05:09:52 executing program 0: 05:09:52 executing program 0: 05:09:52 executing program 2: 05:09:52 executing program 1: 05:09:52 executing program 3: 05:09:52 executing program 1: 05:09:52 executing program 2: 05:09:52 executing program 0: 05:09:53 executing program 3: 05:09:53 executing program 0: 05:09:53 executing program 2: 05:09:53 executing program 2: 05:09:53 executing program 1: 05:09:53 executing program 0: 05:09:53 executing program 3: 05:09:53 executing program 3: 05:09:53 executing program 1: 05:09:53 executing program 2: 05:09:53 executing program 0: 05:09:53 executing program 3: 05:09:53 executing program 1: 05:09:53 executing program 0: 05:09:53 executing program 2: 05:09:53 executing program 1: 05:09:53 executing program 0: 05:09:53 executing program 1: 05:09:53 executing program 2: 05:09:53 executing program 3: 05:09:53 executing program 1: 05:09:53 executing program 2: 05:09:53 executing program 0: 05:09:53 executing program 1: 05:09:53 executing program 3: 05:09:53 executing program 1: 05:09:53 executing program 0: 05:09:53 executing program 3: 05:09:53 executing program 2: 05:09:53 executing program 1: 05:09:53 executing program 0: 05:09:53 executing program 3: 05:09:53 executing program 2: 05:09:53 executing program 1: 05:09:53 executing program 2: 05:09:53 executing program 0: 05:09:53 executing program 3: 05:09:53 executing program 1: 05:09:53 executing program 0: 05:09:53 executing program 2: 05:09:53 executing program 1: 05:09:53 executing program 3: 05:09:53 executing program 0: 05:09:53 executing program 1: 05:09:53 executing program 2: 05:09:53 executing program 3: 05:09:53 executing program 2: 05:09:53 executing program 0: 05:09:53 executing program 1: 05:09:53 executing program 3: 05:09:53 executing program 2: 05:09:53 executing program 1: 05:09:53 executing program 0: 05:09:53 executing program 3: 05:09:53 executing program 3: 05:09:53 executing program 2: 05:09:53 executing program 0: 05:09:53 executing program 1: 05:09:53 executing program 3: 05:09:53 executing program 0: 05:09:53 executing program 1: 05:09:53 executing program 2: 05:09:53 executing program 3: 05:09:53 executing program 2: 05:09:53 executing program 1: 05:09:53 executing program 0: 05:09:53 executing program 2: 05:09:53 executing program 3: 05:09:53 executing program 1: 05:09:53 executing program 0: 05:09:53 executing program 3: 05:09:53 executing program 1: 05:09:54 executing program 0: 05:09:54 executing program 2: 05:09:54 executing program 3: 05:09:54 executing program 1: 05:09:54 executing program 2: 05:09:54 executing program 1: 05:09:54 executing program 0: 05:09:54 executing program 3: 05:09:54 executing program 1: 05:09:54 executing program 2: 05:09:54 executing program 3: 05:09:54 executing program 0: 05:09:54 executing program 3: 05:09:54 executing program 1: 05:09:54 executing program 2: 05:09:54 executing program 0: 05:09:54 executing program 3: 05:09:54 executing program 1: 05:09:54 executing program 2: 05:09:54 executing program 0: 05:09:54 executing program 1: 05:09:54 executing program 3: 05:09:54 executing program 2: 05:09:54 executing program 0: 05:09:54 executing program 1: 05:09:54 executing program 0: 05:09:54 executing program 2: 05:09:54 executing program 3: 05:09:54 executing program 1: 05:09:54 executing program 2: 05:09:54 executing program 1: 05:09:54 executing program 0: 05:09:54 executing program 3: 05:09:54 executing program 2: 05:09:54 executing program 3: 05:09:54 executing program 1: 05:09:54 executing program 0: 05:09:54 executing program 3: 05:09:54 executing program 2: 05:09:54 executing program 1: 05:09:54 executing program 0: 05:09:54 executing program 2: 05:09:54 executing program 0: 05:09:54 executing program 3: 05:09:54 executing program 1: 05:09:54 executing program 3: 05:09:54 executing program 1: 05:09:54 executing program 2: 05:09:54 executing program 0: 05:09:54 executing program 3: 05:09:54 executing program 2: 05:09:54 executing program 1: 05:09:54 executing program 0: 05:09:54 executing program 0: 05:09:55 executing program 0: 05:09:55 executing program 2: 05:09:55 executing program 1: r0 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f00000003c0)='keyring\x00', &(0x7f0000000400)={'syz', 0x0}, 0x0, 0x0, r0) 05:09:55 executing program 3: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000080)='user\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000100)='#%/^\x00', r0) 05:09:55 executing program 2: syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x95, 0x3c042) 05:09:55 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x61, 0x0) 05:09:55 executing program 1: 05:09:55 executing program 3: 05:09:55 executing program 2: syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@broadcast, @random="719e03967bab", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "3c70d0", 0x8, 0x3c, 0x0, @private0, @mcast2, {[@dstopts]}}}}}, 0x0) 05:09:55 executing program 1: r0 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000240)='NLBL_UNLBL\x00') add_key$keyring(&(0x7f0000000340)='keyring\x00', 0x0, 0x0, 0x0, r0) 05:09:55 executing program 0: syz_emit_ethernet(0x6e, &(0x7f0000000540)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "5ba19a", 0x38, 0x3a, 0x0, @empty, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "de508f", 0x0, 0x3a, 0x0, @empty, @remote, [], "da8baab648a4e4a2"}}}}}}}, 0x0) 05:09:55 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x4002) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x0) 05:09:55 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x894a, 0x0) 05:09:55 executing program 0: syz_emit_ethernet(0x36, &(0x7f0000000000)={@broadcast, @random="719e03966bab", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "cd28c9", 0x0, 0x88, 0x0, @dev, @mcast2}}}}, 0x0) 05:09:55 executing program 2: setxattr$system_posix_acl(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='system.posix_acl_default\x00', 0x0, 0x8, 0x0) 05:09:55 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000a80)=@security={'security\x00', 0xe, 0x4, 0x2c4, 0xffffffff, 0x94, 0x0, 0x94, 0xffffffff, 0xffffffff, 0x230, 0x230, 0x230, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x94}, @common=@unspec=@STANDARD={0x24}}, {{@uncond, 0x0, 0x70, 0xcc}, @common=@CLUSTERIP={0x5c, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}, {{@ip={@remote, @dev, 0x0, 0x0, 'syzkaller0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00'}}], {{[], 0x0, 0x70, 0x94}, {0x24}}}}, 0x320) 05:09:55 executing program 1: mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x101842, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) 05:09:55 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000001300)={0xfffffffffffffffe, 0x0, 0x0}, 0x0) 05:09:55 executing program 3: r0 = socket(0x2, 0x1, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x20004000) 05:09:55 executing program 2: r0 = openat$autofs(0xffffff9c, &(0x7f0000000b80)='/dev/autofs\x00', 0x0, 0x0) epoll_pwait(r0, &(0x7f0000000c40)=[{}], 0x1, 0x0, 0x0, 0x0) 05:09:55 executing program 0: syz_emit_ethernet(0x86, &(0x7f0000000080)={@random="e794030d73a8", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @broadcast, @multicast1}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "24458b022db784fdccfbb0c79fe1c6ae00", "0000080000000000feffffffffffffff", {"01002e1078c7d5303669eaeb87249a85", "38ecd53437a1b73992c1989ffb8ad48a"}}}}}}}, 0x0) 05:09:55 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000300)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in=@loopback, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee00}, {}, {}, 0x92f}, [@algo_auth={0x48, 0x1, {{'sha224-ssse3\x00'}}}]}, 0xfc}}, 0x0) 05:09:55 executing program 3: r0 = socket(0x1, 0x2, 0x0) ioctl$sock_ifreq(r0, 0x8920, &(0x7f0000000000)={'veth1_to_team\x00', @ifru_hwaddr=@local}) 05:09:55 executing program 2: mknod(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x2000810) 05:09:55 executing program 3: syz_emit_ethernet(0x5e, &(0x7f0000000200)={@broadcast, @random="719e03967bab", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "3d0400", 0x28, 0x0, 0x0, @private0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', {[@hopopts={0x0, 0x3, [], [@ra, @padn={0x1, 0x1, [0x0]}, @calipso={0x7, 0x8}, @jumbo, @jumbo]}]}}}}}, 0x0) 05:09:55 executing program 0: syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @random="719e03966bab", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "cd28c9", 0x8, 0x88, 0x0, @dev, @mcast2, {[@routing]}}}}}, 0x0) 05:09:55 executing program 1: syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x101881) 05:09:55 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETFLOWTABLE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x17, 0xa, 0x401}, 0x14}}, 0x0) 05:09:55 executing program 0: socket(0x11, 0xa, 0x0) socket(0x2, 0xa, 0x0) 05:09:55 executing program 2: request_key(&(0x7f0000000140)='trusted\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000080)='logon\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000100)='}.\x00', 0x0) [ 225.191345][ T9760] syz-executor.0 uses obsolete (PF_INET,SOCK_PACKET) 05:09:55 executing program 3: r0 = openat$full(0xffffff9c, &(0x7f0000001a00)='/dev/full\x00', 0x0, 0x0) syz_emit_ethernet(0x62, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd60c38f67002c0600fe8000000000000000000000000000bbfc0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004447d5986fcad72b44b076b5d2d255d3c92e8dd3df68c4843ec770f517edde3d8006ca265ec59729f3506cad501f4188b0712d0883a723f0af78111a9f4b514ee6b58512f7264fdfef08bbaaf1864387e4e5d8e9d1bf7f85026bdbcd6a14b940570b5bccdea82afb15a2af01224c56f296590c6f510fb4170fff66c250a14f49f2f1e860f8e438ea92b0eac4b9a0899fa3a54e823ed3f2e45cd94fa562d256b530cb40cba462215626b0d086209ce357b71aab11fedc6a44ac225dd57d1a707ddd6adf44c0cc15f8291"], 0x0) eventfd(0x0) sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0)='nl80211\x00') sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="e4000000", @ANYRES16, @ANYBLOB="000825bd7000fddbdf251500000034ffff08000100080000000800010003000000080001000600000008000200200000000800025d0b6cba2feaf0b571df6732000300000024000980080001007002000008000200ff0f000008000100578e000008000100420000000c0003800800010000683a6970365f76746932000000005400028008000400a5bf0084314a0400c104000008000300ffff00000800020007e8ffff07000400ff030000080002000300000008000200060000000800040000000000000000000000000000000000437f56a857fb1512ccfa0fa54e7ad23f93d4eb35cdc0385b842a797c7057d624a4796c8ccc9e17b86075834939a2c4b3a5e54515c89ab984b24b2de76e2876bef19d9236403e2cc8668890cecfdc73ffd58ab689e3d185b1529bf4bd986ed25be96ac358c671bb80cb5bcf7146410ee9a26cc96154ab0383b18040f98313d19437de4cb0d2aa5f3fd5450b63d782051479eec0b1b6e36654a0068cb44c34ec0d0f5a947519f96ee219442743d9bd9344ada46247bd57b0dcfefdf4c0d5981713d00b8d3a33ef3589cb765ded6ff923"], 0xe4}, 0x1, 0x0, 0x0, 0x4004010}, 0x24002800) r1 = geteuid() getresuid(&(0x7f0000000140)=0x0, &(0x7f0000000680), &(0x7f00000006c0)) setxattr$system_posix_acl(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000700)={{}, {}, [{0x2, 0x5, 0xffffffffffffffff}, {0x2, 0x2, r1}, {0x2, 0x2, r2}, {0x2, 0x5, r2}, {0x2, 0x1}], {}, [{0x8, 0x0, 0xee00}]}, 0x54, 0x0) 05:09:55 executing program 1: mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x6a943, 0x0) 05:09:55 executing program 2: syz_emit_ethernet(0xbe, &(0x7f0000000000)={@broadcast, @random="719e03967bab", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "3d0400", 0x88, 0x0, 0x0, @private0, @dev={0xfe, 0x80, [], 0x3c}, {[@hopopts={0x0, 0x10, [], [@ra, @padn={0x1, 0x1, [0x0]}, @generic={0xfa, 0x77, "ac80cf4b72e4d6be1780261feb36fe2b8d07a6e253f2d42d3d86f31a70ef96e961a1caa7f9bd30add57cf1e1a62592b9bcf3c171e483a71b5dc0f7d1c973d484d22d3574d51a6fc76c2d5f9a967aac8faba5894c3a9b25fb28fda04daebe063e0fcb8d5561fae4717dbd7810b7949f3cbac446bc412633"}]}]}}}}}, 0x0) 05:09:55 executing program 0: syz_emit_ethernet(0x48, &(0x7f00000000c0)={@broadcast, @random="00eaffffff00", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "3c70d0", 0x12, 0x0, 0x0, @private0, @ipv4={[], [], @local}, {[@fragment={0x2c, 0x0, 0x0, 0x0, 0x0, 0x17}, @hopopts={0x33}], "e5a2"}}}}}, 0x0) 05:09:55 executing program 2: mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) 05:09:55 executing program 1: r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, r0) keyctl$link(0x8, r0, r1) 05:09:55 executing program 0: r0 = socket(0x2, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00'}) 05:09:55 executing program 3: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) request_key(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, r0) 05:09:55 executing program 0: clock_nanosleep(0x0, 0x1, &(0x7f0000000140), 0x0) 05:09:55 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x9, 0x3, 0x200, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x16c, 0xffffffff, 0xffffffff, 0x16c, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x94, 0xdc, 0x0, {}, [@common=@unspec=@state={{0x24, 'state\x00'}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x0, 0x0, 0x0, 'netbios-ns\x00'}}}, {{@uncond, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20, 'TRACE\x00'}}], {{[], 0x0, 0x70, 0x94}, {0x24}}}}, 0x25c) 05:09:55 executing program 1: clock_gettime(0x7, &(0x7f0000000200)) 05:09:55 executing program 0: syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @random="0000008200", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "5ba19a", 0x8, 0x3a, 0x0, @empty, @local, {[], @mlv2_report}}}}}, 0x0) [ 225.415955][ T9796] x_tables: duplicate underflow at hook 3 05:09:55 executing program 2: r0 = socket(0x1, 0x2, 0x0) ioctl$sock_ifreq(r0, 0x8922, &(0x7f0000000240)={'rose0\x00', @ifru_flags}) 05:09:55 executing program 1: r0 = socket(0x11, 0xa, 0x0) recvmmsg(r0, &(0x7f0000002380)=[{{0x0, 0x0, 0x0}}], 0x1, 0xd05bc77daa0ebc13, 0x0) 05:09:55 executing program 0: clock_nanosleep(0x0, 0x0, &(0x7f0000000280), 0x0) 05:09:55 executing program 3: mknod(&(0x7f00000000c0)='./file0\x00', 0x8, 0x0) uselib(&(0x7f0000000040)='./file0\x00') 05:09:56 executing program 3: syz_emit_ethernet(0x3e, &(0x7f0000000080)={@random="23dd2c4ad3e7", @random="7005004000ab", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "3c70d0", 0x8, 0x0, 0x0, @private0, @local, {[@routing={0x0, 0x0, 0x1, 0x5}]}}}}}, 0x0) 05:09:56 executing program 1: socketpair(0xa, 0x3, 0x6a, 0x0) 05:09:56 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r0, &(0x7f000000fa00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)={0x14, 0x0, 0x4ebc1c3785b217a5}, 0x14}}, 0x0) 05:09:56 executing program 3: mknod(&(0x7f00000000c0)='./file0\x00', 0x1000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x101840, 0x0) 05:09:56 executing program 2: syz_emit_ethernet(0x46, &(0x7f00000000c0)={@broadcast, @random="719e03967bab", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "3c70d0", 0x10, 0x0, 0x0, @private0, @mcast2, {[@dstopts={0x2b, 0x0, [], [@pad1]}]}}}}}, 0x0) 05:09:56 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x5) connect(r0, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private1}}}, 0x80) 05:09:56 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x4a}) 05:09:56 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bind(r0, &(0x7f0000000080)=@nl=@kern={0x10, 0x0, 0x0, 0x20000}, 0x80) 05:09:56 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)={0x14}, 0x75}}, 0x0) 05:09:56 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0xfffffffffffffffe, 0x0) 05:09:56 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x9, 0x3, 0x29c, 0x208, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x208, 0xffffffff, 0xffffffff, 0x208, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x130, 0x178, 0x0, {}, [@common=@unspec=@string={{0xc0, 'string\x00'}, {0x0, 0x0, 'bm\x00', "24c5dbe90b42f21e67ef49a93b4d961c3d92975f5d1905a59e7f3e84ef1318576b380ab36d730d57e9105b4e3ade9f7427f7a3cfac0ea428a83a92c617ccdf230e8af9e4f86f2d5745eeec3d2896b0d6cc0283a1e332efca881bf56916cd0b2ef2d52e8a09db98b1c8833db86ce734fdc3895b54da061319543c3c4bda28dc46", 0x62}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x0, 0x0, 0x0, 'netbios-ns\x00'}}}, {{@ip={@remote, @private, 0x0, 0x0, 'macvlan1\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20, 'TRACE\x00'}}], {{[], 0x0, 0x70, 0x94}, {0x24}}}}, 0x2f8) [ 225.683043][ T9850] x_tables: duplicate underflow at hook 3 05:09:56 executing program 3: syz_emit_ethernet(0x3e, &(0x7f0000000080)={@random="23dd2c4ad3e7", @random="7005004000ab", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "3c70d0", 0x8, 0x0, 0x0, @private0, @local, {[@routing={0x0, 0x0, 0x0, 0x5}]}}}}}, 0x0) 05:09:56 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2$9p(&(0x7f0000000080), 0x0) openat$full(0xffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x0, 0x0) openat$full(0xffffff9c, &(0x7f0000001a00)='/dev/full\x00', 0x0, 0x0) sendmsg$unix(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@rights={{0x10, 0x1, 0x1, [r0]}}, @rights={{0x10, 0x1, 0x1, [r1]}}], 0x20}, 0x0) 05:09:56 executing program 1: setxattr$system_posix_acl(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f00000004c0)={{}, {}, [], {}, [{}]}, 0x2c, 0x0) 05:09:56 executing program 3: r0 = openat$null(0xffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x401, 0x0) write$apparmor_current(r0, 0x0, 0x0) 05:09:56 executing program 2: bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000080)={0xfffffffe}, 0x8) 05:09:56 executing program 0: r0 = socket(0x2, 0x1, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)) 05:09:56 executing program 3: syz_emit_ethernet(0x6e, &(0x7f0000000540)={@broadcast, @random, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "5ba19a", 0x38, 0x3a, 0x0, @empty, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "e4508f", 0x0, 0x3a, 0x0, @mcast2, @loopback, [], "da8baab648a4e4a2"}}}}}}}, 0x0) 05:09:56 executing program 1: r0 = getpgrp(0x0) sched_rr_get_interval(r0, &(0x7f0000000100)) 05:09:56 executing program 2: r0 = socket(0x1, 0x2, 0x0) ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000200)={'ipvlan1\x00', @ifru_addrs=@xdp}) 05:09:56 executing program 3: syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @random="719e03967bab", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "3c70d0", 0x8, 0x2b, 0x0, @private0, @local, {[@fragment]}}}}}, 0x0) 05:09:56 executing program 0: add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) request_key(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0) 05:09:56 executing program 2: r0 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$restrict_keyring(0x1d, r0, &(0x7f0000000200)='.request_key_auth\x00', &(0x7f0000000240)=':\\*\x00') 05:09:56 executing program 1: mknod(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_access\x00', &(0x7f00000002c0), 0x24, 0x0) unlink(&(0x7f0000000000)='./file0\x00') 05:09:56 executing program 0: r0 = openat$autofs(0xffffff9c, &(0x7f0000000b80)='/dev/autofs\x00', 0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100}, 0xffffffffffffffff, 0x0, r0, 0x0) 05:09:56 executing program 3: r0 = socket(0x11, 0x3, 0x0) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000040)={'veth0\x00', @ifru_data=0x0}) 05:09:56 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=@flushpolicy={0xc0, 0x1d, 0x1, 0x0, 0x0, "", [@proto={0x5}, @policy={0xa8, 0x7, {{@in=@private, @in=@remote}}}]}, 0xc0}}, 0x0) 05:09:56 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x9, 0x3, 0x280, 0x134, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1ec, 0xffffffff, 0xffffffff, 0x1ec, 0xffffffff, 0x3, 0x0, {[{{@ip={@multicast1, @local, 0x0, 0x0, 'virt_wifi0\x00', 'ipvlan1\x00'}, 0x0, 0xd4, 0x134, 0x0, {}, [@common=@unspec=@connlimit={{0x40, 'connlimit\x00'}}, @inet=@rpfilter={{0x24, 'rpfilter\x00'}}]}, @common=@SET={0x60, 'SET\x00'}}, {{@uncond, 0x0, 0x94, 0xb8, 0x0, {}, [@inet=@rpfilter={{0x24, 'rpfilter\x00'}}]}, @common=@unspec=@NFQUEUE1={0x24, 'NFQUEUE\x00'}}], {{[], 0x0, 0x70, 0x94}, {0x24}}}}, 0x2dc) 05:09:56 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x5) ioctl$sock_ifreq(r0, 0x8942, &(0x7f0000000000)={'bond_slave_0\x00', @ifru_hwaddr=@local}) 05:09:56 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=@flushpolicy={0xc0, 0x1d, 0x1, 0x0, 0x0, "", [@proto={0x5}, @policy={0xa8, 0x7, {{@in=@private, @in=@remote}}}]}, 0xc0}}, 0x0) [ 225.967171][ T9906] x_tables: duplicate underflow at hook 3 05:09:56 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000380)={&(0x7f0000000200), 0xc, &(0x7f0000000340)={&(0x7f00000005c0)={0x14, r1, 0x4ebc1c3785b217a5}, 0x14}}, 0x0) 05:09:56 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=@flushpolicy={0xc0, 0x1d, 0x1, 0x0, 0x0, "", [@proto={0x5}, @policy={0xa8, 0x7, {{@in=@private, @in=@remote}}}]}, 0xc0}}, 0x0) 05:09:56 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r1 = getpgrp(0x0) r2 = getpgrp(0x0) getpgrp(0x0) sendmsg$unix(r0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@cred={{0x18, 0x1, 0x2, {r1}}}, @cred={{0x18, 0x1, 0x2, {r2}}}], 0x30}, 0x0) 05:09:56 executing program 3: open(0x0, 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000480)=@mangle={'mangle\x00', 0x1f, 0x6, 0x408, 0x94, 0x2bc, 0x94, 0x2bc, 0x2bc, 0x374, 0x374, 0x374, 0x374, 0x374, 0x6, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 'veth1_to_batadv\x00', 'gretap0\x00'}, 0x0, 0x70, 0x94}, @unspec=@CHECKSUM={0x24, 'CHECKSUM\x00'}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{}, {0x1}}}}, {{@ip={@multicast2, @rand_addr, 0x0, 0x0, 'vlan1\x00', 'macvlan0\x00'}, 0x0, 0x94, 0xc4, 0x0, {}, [@inet=@rpfilter={{0x24, 'rpfilter\x00'}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @dev}}}, {{@ip={@rand_addr, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'veth0_to_batadv\x00', 'bond0\x00'}, 0x0, 0x70, 0x94}, @unspec=@CHECKSUM={0x24, 'CHECKSUM\x00'}}, {{@uncond, 0x0, 0x94, 0xb8, 0x0, {}, [@inet=@rpfilter={{0x24, 'rpfilter\x00'}}]}, @TTL={0x24, 'TTL\x00'}}], {{[], 0x0, 0x70, 0x94}, {0x24}}}}, 0x464) 05:09:56 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=@flushpolicy={0xc0, 0x1d, 0x1, 0x0, 0x0, "", [@proto={0x5}, @policy={0xa8, 0x7, {{@in=@private, @in=@remote}}}]}, 0xc0}}, 0x0) 05:09:56 executing program 1: mknod(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) linkat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, 0x0, 0x0) 05:09:56 executing program 0: r0 = socket(0x2, 0x1, 0x0) sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x4881) [ 226.080989][ T9923] x_tables: duplicate underflow at hook 1 05:09:56 executing program 1: r0 = socket(0x11, 0x3, 0x0) accept4$alg(r0, 0x0, 0x0, 0x0) 05:09:56 executing program 2: sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=@flushpolicy={0xc0, 0x1d, 0x1, 0x0, 0x0, "", [@proto={0x5}, @policy={0xa8, 0x7, {{@in=@private, @in=@remote}}}]}, 0xc0}}, 0x0) 05:09:56 executing program 0: setxattr$system_posix_acl(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000100)={{}, {}, [{0x2, 0x0, 0xee00}, {0x2, 0x0, 0xee01}, {0x2, 0x0, 0xee01}, {}, {}, {}, {}, {}]}, 0xffffffb8, 0x0) 05:09:56 executing program 3: r0 = openat$apparmor_thread_current(0xffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0) write$apparmor_current(r0, &(0x7f0000000040)=@profile={'permprofile ', '=\x83'}, 0xe) 05:09:56 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000180)=@updpolicy={0x15c, 0x19, 0x1, 0x0, 0x0, {{@in=@loopback, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}}, [@policy={0xa8, 0x7, {{@in=@loopback, @in6=@ipv4={[], [], @broadcast}}, {}, {0x0, 0x6}}}]}, 0x15c}}, 0x0) 05:09:56 executing program 0: add_key$keyring(&(0x7f0000000180)='keyring\x00', 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffa) [ 226.154914][ T45] kauditd_printk_skb: 1 callbacks suppressed 05:09:56 executing program 3: r0 = openat$apparmor_thread_current(0xffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0) write$apparmor_current(r0, &(0x7f0000000040)=@profile={'permprofile ', '=\x83'}, 0xe) 05:09:56 executing program 2: sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=@flushpolicy={0xc0, 0x1d, 0x1, 0x0, 0x0, "", [@proto={0x5}, @policy={0xa8, 0x7, {{@in=@private, @in=@remote}}}]}, 0xc0}}, 0x0) [ 226.154975][ T45] audit: type=1400 audit(1606540196.682:31): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=3D83 pid=9940 comm="syz-executor.3" [ 226.198545][ T9951] ================================================================== [ 226.201567][ T9951] BUG: KASAN: slab-out-of-bounds in xfrm_attr_cpy32+0x15a/0x1d0 [ 226.219138][ T9951] Write of size 4 at addr ffff888010be6564 by task syz-executor.1/9951 [ 226.227794][ T45] audit: type=1400 audit(1606540196.742:32): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=3D83 pid=9952 comm="syz-executor.3" [ 226.229693][ T9951] 05:09:56 executing program 0: r0 = socket(0x26, 0x5, 0x0) getsockname$packet(r0, 0x0, 0x0) 05:09:56 executing program 3: r0 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, r0) add_key(&(0x7f0000000280)='id_legacy\x00', &(0x7f00000002c0)={'syz', 0x1}, &(0x7f00000003c0)="a6", 0x1, r0) [ 226.229693][ T9951] CPU: 3 PID: 9951 Comm: syz-executor.1 Not tainted 5.10.0-rc5-syzkaller #0 05:09:56 executing program 0: waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) 05:09:56 executing program 2: sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=@flushpolicy={0xc0, 0x1d, 0x1, 0x0, 0x0, "", [@proto={0x5}, @policy={0xa8, 0x7, {{@in=@private, @in=@remote}}}]}, 0xc0}}, 0x0) [ 226.229693][ T9951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 226.229693][ T9951] Call Trace: [ 226.229693][ T9951] dump_stack+0x107/0x163 [ 226.229693][ T9951] ? xfrm_attr_cpy32+0x15a/0x1d0 [ 226.325085][ T9951] ? xfrm_attr_cpy32+0x15a/0x1d0 [ 226.325085][ T9951] print_address_description.constprop.0.cold+0xae/0x4c8 [ 226.349496][ T9951] ? _raw_spin_lock_irqsave+0x4e/0x50 [ 226.361243][ T9951] ? vprintk_func+0x95/0x1e0 [ 226.366846][ T9951] ? xfrm_attr_cpy32+0x15a/0x1d0 [ 226.366846][ T9951] ? xfrm_attr_cpy32+0x15a/0x1d0 [ 226.366846][ T9951] kasan_report.cold+0x1f/0x37 [ 226.401900][ T9951] ? xfrm_attr_cpy32+0x15a/0x1d0 [ 226.410528][ T9951] check_memory_region+0x13d/0x180 [ 226.418995][ T9951] memset+0x20/0x40 [ 226.427533][ T9951] xfrm_attr_cpy32+0x15a/0x1d0 [ 226.439561][ T9951] xfrm_user_rcv_msg_compat+0x76b/0x1040 [ 226.452865][ T9951] ? xfrm_alloc_compat+0x10d0/0x10d0 [ 226.462559][ T9951] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 226.474838][ T9951] ? mark_lock+0xf7/0x1730 [ 226.485639][ T9951] ? security_capable+0x8f/0xc0 [ 226.493761][ T9951] ? xfrm_alloc_compat+0x10d0/0x10d0 [ 226.503289][ T9951] xfrm_user_rcv_msg+0x55b/0x8b0 [ 226.512972][ T9951] ? xfrm_do_migrate+0x800/0x800 [ 226.522960][ T9951] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 226.537528][ T9951] ? lock_release+0x710/0x710 [ 226.550497][ T9951] ? __local_bh_enable_ip+0x9c/0x110 [ 226.561780][ T9951] ? __mutex_lock+0x626/0x10e0 [ 226.572009][ T9951] netlink_rcv_skb+0x153/0x420 [ 226.581889][ T9951] ? xfrm_do_migrate+0x800/0x800 [ 226.591372][ T9951] ? netlink_ack+0xaa0/0xaa0 [ 226.600089][ T9951] xfrm_netlink_rcv+0x6b/0x90 [ 226.608623][ T9951] netlink_unicast+0x533/0x7d0 [ 226.618238][ T9951] ? netlink_attachskb+0x810/0x810 [ 226.630470][ T9951] ? __phys_addr_symbol+0x2c/0x70 [ 226.640753][ T9951] ? __check_object_size+0x171/0x3f0 [ 226.652108][ T9951] netlink_sendmsg+0x856/0xd90 [ 226.660533][ T9951] ? netlink_unicast+0x7d0/0x7d0 [ 226.669053][ T9951] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 226.677507][ T9951] ? netlink_unicast+0x7d0/0x7d0 [ 226.686090][ T9951] sock_sendmsg+0xcf/0x120 [ 226.693153][ T9951] ____sys_sendmsg+0x6e8/0x810 [ 226.700598][ T9951] ? kernel_sendmsg+0x50/0x50 [ 226.709028][ T9951] ? do_recvmmsg+0x6c0/0x6c0 [ 226.719656][ T9951] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 226.730482][ T9951] ___sys_sendmsg+0xf3/0x170 [ 226.740951][ T9951] ? sendmsg_copy_msghdr+0x160/0x160 [ 226.752628][ T9951] ? __fget_files+0x272/0x400 [ 226.765443][ T9951] ? lock_downgrade+0x6d0/0x6d0 [ 226.782046][ T9951] ? find_held_lock+0x2d/0x110 [ 226.792031][ T9951] ? __fget_files+0x294/0x400 [ 226.801772][ T9951] ? __fget_light+0xea/0x280 [ 226.810358][ T9951] __sys_sendmsg+0xe5/0x1b0 [ 226.818876][ T9951] ? __sys_sendmsg_sock+0xb0/0xb0 [ 226.828648][ T9951] ? syscall_enter_from_user_mode_prepare+0x13/0x20 [ 226.840700][ T9951] __do_fast_syscall_32+0x56/0x80 [ 226.849708][ T9951] do_fast_syscall_32+0x2f/0x70 [ 226.861139][ T9951] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 226.872155][ T9951] RIP: 0023:0xf7f5a549 [ 226.879663][ T9951] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 226.911938][ T9951] RSP: 002b:00000000f55540bc EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 226.927914][ T9951] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000580 [ 226.946696][ T9951] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 226.961195][ T9951] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 226.976216][ T9951] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 226.989080][ T9951] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 227.002267][ T9951] [ 227.007204][ T9951] Allocated by task 9951: [ 227.015727][ T9951] kasan_save_stack+0x1b/0x40 [ 227.026882][ T9951] __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 227.040547][ T9951] kvmalloc_node+0x61/0xf0 [ 227.054045][ T9951] xfrm_user_rcv_msg_compat+0x3cd/0x1040 [ 227.063676][ T9951] xfrm_user_rcv_msg+0x55b/0x8b0 [ 227.073598][ T9951] netlink_rcv_skb+0x153/0x420 [ 227.082032][ T9951] xfrm_netlink_rcv+0x6b/0x90 [ 227.090639][ T9951] netlink_unicast+0x533/0x7d0 [ 227.098966][ T9951] netlink_sendmsg+0x856/0xd90 [ 227.106199][ T9951] sock_sendmsg+0xcf/0x120 [ 227.114560][ T9951] ____sys_sendmsg+0x6e8/0x810 [ 227.123038][ T9951] ___sys_sendmsg+0xf3/0x170 [ 227.130181][ T9951] __sys_sendmsg+0xe5/0x1b0 [ 227.137373][ T9951] __do_fast_syscall_32+0x56/0x80 [ 227.145835][ T9951] do_fast_syscall_32+0x2f/0x70 [ 227.153177][ T9951] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 227.162669][ T9951] [ 227.166262][ T9951] The buggy address belongs to the object at ffff888010be6400 [ 227.166262][ T9951] which belongs to the cache kmalloc-512 of size 512 [ 227.190249][ T9951] The buggy address is located 356 bytes inside of [ 227.190249][ T9951] 512-byte region [ffff888010be6400, ffff888010be6600) [ 227.213897][ T9951] The buggy address belongs to the page: [ 227.223893][ T9951] page:00000000b84b56a3 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888010be5400 pfn:0x10be0 [ 227.243024][ T9951] head:00000000b84b56a3 order:3 compound_mapcount:0 compound_pincount:0 [ 227.259401][ T9951] flags: 0xfff00000010200(slab|head) [ 227.267761][ T9951] raw: 00fff00000010200 ffffea000196e200 0000000300000003 ffff8880100432c0 [ 227.283500][ T9951] raw: ffff888010be5400 000000008020001f 00000001ffffffff 0000000000000000 [ 227.301074][ T9951] page dumped because: kasan: bad access detected [ 227.311755][ T9951] [ 227.315355][ T9951] Memory state around the buggy address: [ 227.326003][ T9951] ffff888010be6400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 227.339193][ T9951] ffff888010be6480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 227.350894][ T9951] >ffff888010be6500: 00 00 00 00 00 00 00 00 00 00 00 00 04 fc fc fc [ 227.363692][ T9951] ^ [ 227.375636][ T9951] ffff888010be6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 227.387627][ T9951] ffff888010be6600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 227.400800][ T9951] ================================================================== [ 227.412881][ T9951] Disabling lock debugging due to kernel taint [ 227.425633][ T9951] Kernel panic - not syncing: panic_on_warn set ... [ 227.435552][ T9951] CPU: 2 PID: 9951 Comm: syz-executor.1 Tainted: G B 5.10.0-rc5-syzkaller #0 [ 227.435552][ T9951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 227.435552][ T9951] Call Trace: [ 227.435552][ T9951] dump_stack+0x107/0x163 [ 227.435552][ T9951] ? xfrm_attr_cpy32+0x80/0x1d0 [ 227.435552][ T9951] panic+0x306/0x73d [ 227.435552][ T9951] ? __warn_printk+0xf3/0xf3 [ 227.435552][ T9951] ? preempt_schedule_common+0x59/0xc0 [ 227.435552][ T9951] ? xfrm_attr_cpy32+0x15a/0x1d0 [ 227.435552][ T9951] ? preempt_schedule_thunk+0x16/0x18 [ 227.435552][ T9951] ? trace_hardirqs_on+0x51/0x1c0 [ 227.435552][ T9951] ? xfrm_attr_cpy32+0x15a/0x1d0 [ 227.435552][ T9951] ? xfrm_attr_cpy32+0x15a/0x1d0 [ 227.435552][ T9951] end_report+0x58/0x5e [ 227.435552][ T9951] kasan_report.cold+0xd/0x37 [ 227.435552][ T9951] ? xfrm_attr_cpy32+0x15a/0x1d0 [ 227.435552][ T9951] check_memory_region+0x13d/0x180 [ 227.435552][ T9951] memset+0x20/0x40 [ 227.435552][ T9951] xfrm_attr_cpy32+0x15a/0x1d0 [ 227.435552][ T9951] xfrm_user_rcv_msg_compat+0x76b/0x1040 [ 227.435552][ T9951] ? xfrm_alloc_compat+0x10d0/0x10d0 [ 227.435552][ T9951] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 227.435552][ T9951] ? mark_lock+0xf7/0x1730 [ 227.435552][ T9951] ? security_capable+0x8f/0xc0 [ 227.435552][ T9951] ? xfrm_alloc_compat+0x10d0/0x10d0 [ 227.435552][ T9951] xfrm_user_rcv_msg+0x55b/0x8b0 [ 227.435552][ T9951] ? xfrm_do_migrate+0x800/0x800 [ 227.435552][ T9951] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 227.435552][ T9951] ? lock_release+0x710/0x710 [ 227.435552][ T9951] ? __local_bh_enable_ip+0x9c/0x110 [ 227.435552][ T9951] ? __mutex_lock+0x626/0x10e0 [ 227.435552][ T9951] netlink_rcv_skb+0x153/0x420 [ 227.435552][ T9951] ? xfrm_do_migrate+0x800/0x800 [ 227.435552][ T9951] ? netlink_ack+0xaa0/0xaa0 [ 227.435552][ T9951] xfrm_netlink_rcv+0x6b/0x90 [ 227.435552][ T9951] netlink_unicast+0x533/0x7d0 [ 227.435552][ T9951] ? netlink_attachskb+0x810/0x810 [ 227.435552][ T9951] ? __phys_addr_symbol+0x2c/0x70 [ 227.435552][ T9951] ? __check_object_size+0x171/0x3f0 [ 227.435552][ T9951] netlink_sendmsg+0x856/0xd90 [ 227.435552][ T9951] ? netlink_unicast+0x7d0/0x7d0 [ 227.435552][ T9951] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 227.435552][ T9951] ? netlink_unicast+0x7d0/0x7d0 [ 227.435552][ T9951] sock_sendmsg+0xcf/0x120 [ 227.435552][ T9951] ____sys_sendmsg+0x6e8/0x810 [ 227.435552][ T9951] ? kernel_sendmsg+0x50/0x50 [ 227.435552][ T9951] ? do_recvmmsg+0x6c0/0x6c0 [ 227.435552][ T9951] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 227.435552][ T9951] ___sys_sendmsg+0xf3/0x170 [ 227.435552][ T9951] ? sendmsg_copy_msghdr+0x160/0x160 [ 227.435552][ T9951] ? __fget_files+0x272/0x400 [ 227.435552][ T9951] ? lock_downgrade+0x6d0/0x6d0 [ 227.435552][ T9951] ? find_held_lock+0x2d/0x110 [ 227.435552][ T9951] ? __fget_files+0x294/0x400 [ 227.435552][ T9951] ? __fget_light+0xea/0x280 [ 227.435552][ T9951] __sys_sendmsg+0xe5/0x1b0 [ 227.435552][ T9951] ? __sys_sendmsg_sock+0xb0/0xb0 [ 227.435552][ T9951] ? syscall_enter_from_user_mode_prepare+0x13/0x20 [ 227.435552][ T9951] __do_fast_syscall_32+0x56/0x80 [ 227.435552][ T9951] do_fast_syscall_32+0x2f/0x70 [ 227.435552][ T9951] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 227.435552][ T9951] RIP: 0023:0xf7f5a549 [ 227.435552][ T9951] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 227.435552][ T9951] RSP: 002b:00000000f55540bc EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 227.435552][ T9951] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000580 [ 227.435552][ T9951] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 227.435552][ T9951] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 227.435552][ T9951] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 227.435552][ T9951] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 227.435552][ T9951] Kernel Offset: disabled [ 227.435552][ T9951] Rebooting in 86400 seconds.. VM DIAGNOSIS: 05:09:57 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=1ffff92000000ed7 RCX=ffffffff850fbfc0 RDX=1ffffffff1b5cf67 RSI=ffffffff8dae7b06 RDI=ffffffff8d2b364c RBP=0000000000000002 RSP=ffffc90000007678 R8 =ffffffff8dae7b36 R9 =ffffffff8dae7b3a R10=0000000000082081 R11=00000000000d62d1 R12=ffffc90000007798 R13=ffffc90000007785 R14=ffffc900000077a0 R15=ffffc90000007750 RIP=ffffffff812fd897 RFL=00000a02 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f567e3fc7a0 ffffffff 00c00000 GS =0000 ffff88802cc00000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f567e402000 CR3=0000000013533000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffff00ffffffffffffffff0000000000 XMM01=ff000000000000ff00000000000000ff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=2064657a696e676f6365726e75002f40 XMM05=614d6c65766172547c2a323932362a65 XMM06=242d746e6576652d7d7265626d754e65 XMM07=312d6c65727276623a534f4942616553 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff8158ab2b RDX=0000000000000001 RSI=ffff888010c10000 RDI=0000000000000001 RBP=0000000000000200 RSP=ffffc90000637c60 R8 =0000000000000000 R9 =ffffffff8ecc0667 R10=0000000000000000 R11=0000000000000000 R12=00000000000000b5 R13=0000000000000293 R14=ffff888011fe8000 R15=0000000000000000 RIP=ffffffff816ffbcf RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cd00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe000003e000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000003c000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000031124000 CR3=00000000635d6000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000002 XMM02=00000050000000000000000100000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 2 RAX=0000000000000000 RBX=000000000000000d RCX=000000000000000d RDX=ffff8880132ac300 RSI=ffffffff837fea21 RDI=0000000000000000 RBP=ffff8880134afd00 RSP=ffffc900013e75b0 R8 =0000000000000001 R9 =ffffffff8f189b47 R10=0000000000000010 R11=0000000000000001 R12=0000000000000022 R13=000000000000006a R14=dffffc0000000000 R15=0000000000000000 RIP=ffffffff837fea30 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f567e3fc7a0 ffffffff 00c00000 GS =0000 ffff88802ce00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000079000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000077000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffd0f3cac38 CR3=000000001cb74000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=000000000000ff0000ff00ff00000000 XMM01=ffff000000000000ffff00ff00000000 XMM02=00000000000000000000000000000000 XMM03=00000000ff00000000000000ff000000 XMM04=75722f766564752f62696c2f002f2a2f XMM05=5b6d626974627c2a5d392d305b646d7c XMM06=2d305b6d626974627c2a5d392d305b64 XMM07=312d6c65727276623a534f4942616553 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 3 RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff840e8371 RDI=ffffffff8fad6ae0 RBP=ffffffff8fad6aa0 RSP=ffffc90006496ec0 R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000000 R12=0000000000000034 R13=0000000000000034 R14=ffffffff8fad6aa0 R15=dffffc0000000000 RIP=ffffffff840e83c8 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802cf00000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe00000b4000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000b2000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020000580 CR3=0000000023ff8000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000052 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000