last executing test programs: 1.378866885s ago: executing program 2 (id=5709): socket$nl_netfilter(0x10, 0x3, 0xc) unshare(0x42000000) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01080000000000000000010000000900010073797a300000000048000000030a0102000000000000000001000000080007006e6174000900030073796031000000000900010073797a3000000000140004800800024000000000080001"], 0x90}}, 0x0) 1.271101243s ago: executing program 2 (id=5714): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LIST_IFACE(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x20, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}}, 0x0) 1.180898227s ago: executing program 2 (id=5716): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_pidfd_open(0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x40, 0x0) openat$zero(0xffffffffffffff9c, 0x0, 0x1, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f}}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002600)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d162718e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a47c721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f664222000000000000000d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d808f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bff000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6197155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300000000000000000000000000002bd4b643dc57db1f6c1e8c5eb6b10d180521100b56003a45fc56fde2608305b03e5ef6218e28dad07c4b5b68ba788ff40a64c9c0dc2cfb3dbd94e80aaa6dd2616eed0f4d04a9a7d3259d4148686d356e085b4075e182f1ebda216013"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90) syz_fuse_handle_req(r2, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0) write$FUSE_INIT(r4, &(0x7f00000012c0)={0x50}, 0x50) ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000b40)) dup3(r1, r2, 0x0) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000), 0x6) openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x41, 0x0, 0x0) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) 921.89809ms ago: executing program 2 (id=5726): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, 0x0) 801.504325ms ago: executing program 2 (id=5729): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000500)={0x2, 0x3, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, @sadb_sa={0x2}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x60}, 0x1, 0x7}, 0x0) 796.693596ms ago: executing program 2 (id=5732): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000100), 0x20, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f0000000000)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r0, 0xc01064c1, &(0x7f0000000080)={r1, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, &(0x7f0000000040)={0x0, 0x0, r2}) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(r0, 0xc02064cc, &(0x7f0000000140)={r3, r1, 0x0, 0x0, 0x2}) 441.133536ms ago: executing program 1 (id=5740): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-384\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00', 0x1) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$unix(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000001c0)="1c", 0x1}], 0x1}, 0x0) 380.801986ms ago: executing program 1 (id=5743): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x4) ioctl$int_out(r0, 0x0, 0x0) 371.780244ms ago: executing program 3 (id=5744): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) r0 = memfd_create(&(0x7f0000000100)='\vem1\xc1\xf8\xa6\x8dN\xc0\xa3w\xe2\xcb\xa2\xba\xe5\xf4\x97\xac#*\xff', 0x0) landlock_create_ruleset(&(0x7f0000000000)={0x80, 0x1}, 0x10, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x28, 0x1, 0x0) getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0xab) sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003e80)=@newtfilter={0x30, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}}, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r6 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r6, 0x0, 0x16, 0x0, 0x0) openat(r5, &(0x7f0000001280)='./file0/file0\x00', 0x40, 0x0) sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000006c0)={0x198, 0x14, 0x0, 0x0, 0x0, {}, [@INET_DIAG_REQ_BYTECODE={0x183, 0x1, "0d95da3461fdf9a0bcc6946337a0ad07c7ef85b17cc94292f5fc574446c5825ba835a55ffb11210739e22650f0fa0950b609c9c582040a032608889f0d04c1bc1b1c829b4abd312d5bbc533b5c36630f4d4212eb786ec3eff7d82016a40680db920c7b73d6aab860e3906f0518681cb1573ebcf6d4f8da08bed280eee228f29effabe6563e06c42f0cb97555c905788d49efb05b8ddd11878bedd16864423bf72b9ad264bdd56e07ca5e29e3870e791702e17812f77e0ecd245dca4641cf198357d697353ecd85e45521d8f3949ce2190c2752696b7cbd56501159fe8afe0a6b87d2dee092d812a402f6caf29fb37c4bbd3d382748cc79d41c3214a222801371f51d2ecc129c23c3ea0a4776ba4aec4bc6e6012d4b9bf1e67b39f9f0a54e4f2b6fedece912cbdad6d027760dc5711cd004c0e62cd1b0f24210c5f9b78afb9ea4760936113e64e4949ddc1275e20ae441c46911eedebb9146f4efb83be7203a54b0e722f6c565c13c121104899ac929cd7db4e8de64f364f108be9bc37f338d"}]}, 0x198}}, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/keys\x00', 0x0, 0x0) r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) getsockopt$bt_BT_RCVMTU(r7, 0x112, 0xd, 0xfffffffffffffffe, &(0x7f0000000080)) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file2\x00', 0x107042, 0x0) write(r0, &(0x7f0000000040)="0600", 0x2) ioctl$NBD_SET_TIMEOUT(r1, 0xab09, 0xfffffffffffffeff) write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000180)=ANY=[], 0xe) r8 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90124fc60100c034002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) sendfile(0xffffffffffffffff, r0, &(0x7f0000001000), 0xffff) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000440)={@multicast, @random="0000f4ff00", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}}}}}}, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f000002eff0)={0x200000f5, &(0x7f0000000080)=[{}]}, 0x10) 331.409295ms ago: executing program 0 (id=5745): r0 = dup(0xffffffffffffffff) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000)=0x0) get_robust_list(r1, &(0x7f0000000180)=&(0x7f0000000140)={&(0x7f0000000080)={&(0x7f0000000040)}, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f00000001c0)=0xc) socket$nl_netfilter(0x10, 0x3, 0xc) lsetxattr$security_evm(0x0, 0x0, 0x0, 0xfffe, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x2c}}, 0x0) socket$tipc(0x1e, 0x2, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0xc0241, 0x0) socket$kcm(0x2, 0xa, 0x2) syz_emit_vhci(&(0x7f0000000b40)=ANY=[@ANYBLOB="040e05003d20"], 0x7) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) r2 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+ \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3) write$binfmt_misc(r2, 0x0, 0xff67) pwrite64(r2, 0x0, 0x0, 0x0) syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) 278.536713ms ago: executing program 1 (id=5746): r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000140)={{0x1, 0x1, 0x18}, './file1\x00'}) ioctl$VIDIOC_G_CTRL(r0, 0xc0305602, &(0x7f0000000140)) 270.875713ms ago: executing program 0 (id=5747): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r0, &(0x7f0000000340)="0b000000010000", 0x7) 243.660126ms ago: executing program 3 (id=5748): r0 = syz_open_dev$radio(&(0x7f0000000000), 0x2, 0x2) ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x101}) 232.925842ms ago: executing program 3 (id=5749): syz_emit_ethernet(0x86, &(0x7f0000000040)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x50, 0x3a, 0x0, @remote, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "5b29ab", 0x0, 0x11, 0x0, @private1, @mcast1, [@dstopts={0x0, 0x0, '\x00', [@ra={0x5, 0x33}]}], "fb36eeca6fad50b375a22a584d16ca55"}}}}}}}, 0x0) 230.376159ms ago: executing program 1 (id=5750): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_WOWLAN(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @val={0x8}, @void}}}, 0x24}}, 0x0) 167.217663ms ago: executing program 3 (id=5751): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) dup(0xffffffffffffffff) socket(0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x209, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_PRIORITY={0x8}]}]}], {0x14}}, 0x88}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x70}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003"], 0xe8}}, 0x0) 167.024738ms ago: executing program 0 (id=5752): r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x12, r0, 0x0) rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x5, 0x4, @tid=r1}, &(0x7f0000000300)) r2 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0xfffffffffffffffc]}, 0x8) timer_settime(0x0, 0x3, &(0x7f000004a000)={{0x0, 0x1}, {0x7, 0xe4c}}, 0x0) readv(r2, &(0x7f0000000540)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1) 159.307897ms ago: executing program 1 (id=5753): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_LBT_MODE(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)={0x14, 0x0, 0x4}, 0x14}}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000cc0), r0) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000012c0), r0) sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000640)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="030f0000000000000000080000001500010000000028"], 0x2c}}, 0x0) 80.14726ms ago: executing program 3 (id=5754): pipe2$9p(&(0x7f00000003c0), 0x0) r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) ioctl$UDMABUF_CREATE_LIST(r0, 0x40087543, &(0x7f0000000080)={0x0, 0x300}) 73.312653ms ago: executing program 0 (id=5755): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_FIB_DREG={0x8}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x36}]}}}]}]}], {0x14}}, 0xc8}}, 0x0) 73.059622ms ago: executing program 1 (id=5756): r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) r1 = socket(0x2b, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') 66.939155ms ago: executing program 3 (id=5757): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) r0 = memfd_create(&(0x7f0000000100)='\vem1\xc1\xf8\xa6\x8dN\xc0\xa3w\xe2\xcb\xa2\xba\xe5\xf4\x97\xac#*\xff', 0x0) landlock_create_ruleset(&(0x7f0000000000)={0x80, 0x1}, 0x10, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x28, 0x1, 0x0) getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0xab) sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003e80)=@newtfilter={0x30, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}}, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r6 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r6, 0x0, 0x16, 0x0, 0x0) openat(r5, &(0x7f0000001280)='./file0/file0\x00', 0x40, 0x0) sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000006c0)={0x198, 0x14, 0x0, 0x0, 0x0, {}, [@INET_DIAG_REQ_BYTECODE={0x183, 0x1, "0d95da3461fdf9a0bcc6946337a0ad07c7ef85b17cc94292f5fc574446c5825ba835a55ffb11210739e22650f0fa0950b609c9c582040a032608889f0d04c1bc1b1c829b4abd312d5bbc533b5c36630f4d4212eb786ec3eff7d82016a40680db920c7b73d6aab860e3906f0518681cb1573ebcf6d4f8da08bed280eee228f29effabe6563e06c42f0cb97555c905788d49efb05b8ddd11878bedd16864423bf72b9ad264bdd56e07ca5e29e3870e791702e17812f77e0ecd245dca4641cf198357d697353ecd85e45521d8f3949ce2190c2752696b7cbd56501159fe8afe0a6b87d2dee092d812a402f6caf29fb37c4bbd3d382748cc79d41c3214a222801371f51d2ecc129c23c3ea0a4776ba4aec4bc6e6012d4b9bf1e67b39f9f0a54e4f2b6fedece912cbdad6d027760dc5711cd004c0e62cd1b0f24210c5f9b78afb9ea4760936113e64e4949ddc1275e20ae441c46911eedebb9146f4efb83be7203a54b0e722f6c565c13c121104899ac929cd7db4e8de64f364f108be9bc37f338d"}]}, 0x198}}, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/keys\x00', 0x0, 0x0) r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) getsockopt$bt_BT_RCVMTU(r7, 0x112, 0xd, 0xfffffffffffffffe, &(0x7f0000000080)) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file2\x00', 0x107042, 0x0) write(r0, &(0x7f0000000040)="0600", 0x2) ioctl$NBD_SET_TIMEOUT(r1, 0xab09, 0xfffffffffffffeff) write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000180)=ANY=[], 0xe) r8 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90124fc60100c034002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) sendfile(0xffffffffffffffff, r0, &(0x7f0000001000), 0xffff) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000440)={@multicast, @random="0000f4ff00", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}}}}}}, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f000002eff0)={0x200000f5, &(0x7f0000000080)=[{}]}, 0x10) 212.157µs ago: executing program 0 (id=5758): r0 = syz_open_dev$radio(&(0x7f0000000000), 0x2, 0x2) ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x101}) 0s ago: executing program 0 (id=5759): capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr/fscreate\x00') write$binfmt_script(r0, &(0x7f0000001840)={'#! ', './file0'}, 0xb) kernel console output (not intermixed with test programs): 2 compat=0 ip=0x7fb553d75ed9 code=0x0 [ 374.638251][T15450] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3857'. [ 374.787706][T15456] netlink: 'syz.0.3859': attribute type 4 has an invalid length. [ 374.791514][T15456] netlink: 'syz.0.3859': attribute type 1 has an invalid length. [ 374.795266][T15456] netlink: 88156 bytes leftover after parsing attributes in process `syz.0.3859'. [ 374.845310][T15458] fuse: Bad value for 'fd' [ 375.099216][T15475] pim6reg: entered allmulticast mode [ 375.381751][T15484] fuse: Bad value for 'fd' [ 375.526076][T15490] Bluetooth: MGMT ver 1.22 [ 376.128230][ T39] audit: type=1400 audit(1719910477.917:1393): avc: denied { ioctl } for pid=15498 comm="syz.0.3877" path="socket:[62838]" dev="sockfs" ino=62838 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 376.158415][ T39] audit: type=1400 audit(1719910477.937:1394): avc: denied { accept } for pid=15498 comm="syz.0.3877" lport=51343 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 376.182939][ T39] audit: type=1400 audit(1719910477.937:1395): avc: denied { setopt } for pid=15498 comm="syz.0.3877" lport=51343 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 376.189447][ T5207] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 376.191202][ T39] audit: type=1400 audit(1719910477.937:1396): avc: denied { getopt } for pid=15498 comm="syz.0.3877" lport=51343 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 376.203084][ T5207] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 376.207776][ T5207] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 376.220986][ T5207] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 376.225176][ T5207] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 376.226640][ T39] audit: type=1400 audit(1719910478.017:1397): avc: denied { getopt } for pid=15498 comm="syz.0.3877" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 376.255076][ T5207] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 376.504612][ T39] audit: type=1400 audit(1719910478.297:1398): avc: denied { setopt } for pid=15535 comm="syz.1.3885" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 376.573296][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 376.635693][T15507] chnl_net:caif_netlink_parms(): no params data found [ 376.726807][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 376.794625][T15552] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3889'. [ 376.884477][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 376.896416][T15507] bridge0: port 1(bridge_slave_0) entered blocking state [ 376.900905][T15507] bridge0: port 1(bridge_slave_0) entered disabled state [ 376.904129][T15507] bridge_slave_0: entered allmulticast mode [ 376.908200][T15507] bridge_slave_0: entered promiscuous mode [ 376.922681][T15507] bridge0: port 2(bridge_slave_1) entered blocking state [ 376.926048][T15507] bridge0: port 2(bridge_slave_1) entered disabled state [ 376.929144][T15507] bridge_slave_1: entered allmulticast mode [ 376.933645][T15507] bridge_slave_1: entered promiscuous mode [ 376.950745][ T1203] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2 [ 377.024009][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 377.087292][T15507] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 377.098676][T15507] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 377.215644][T15507] team0: Port device team_slave_0 added [ 377.225469][T15507] team0: Port device team_slave_1 added [ 377.291304][T15507] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 377.294057][T15507] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 377.305340][T15507] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 377.312140][T15507] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 377.314866][T15507] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 377.326316][T15507] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 377.477541][ T39] audit: type=1326 audit(1719910479.267:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15560 comm="syz.0.3894" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1725175ed9 code=0x0 [ 377.653444][T15507] hsr_slave_0: entered promiscuous mode [ 377.657843][T15507] hsr_slave_1: entered promiscuous mode [ 377.663562][T15507] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 377.666841][T15507] Cannot create hsr debugfs directory [ 377.682648][ T11] bridge_slave_1: left allmulticast mode [ 377.686268][ T11] bridge_slave_1: left promiscuous mode [ 377.689368][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 377.699637][ T11] bridge_slave_0: left allmulticast mode [ 377.704088][ T11] bridge_slave_0: left promiscuous mode [ 377.707088][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 378.186849][ T39] audit: type=1326 audit(1719910479.977:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15588 comm="syz.0.3905" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1725175ed9 code=0x0 [ 378.337264][ T5209] Bluetooth: hci1: command tx timeout [ 378.376618][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 378.384366][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 378.391901][ T11] bond0 (unregistering): Released all slaves [ 378.556639][ T11] bond1 (unregistering): Released all slaves [ 378.574500][T15586] pim6reg: entered allmulticast mode [ 378.858410][ T39] audit: type=1326 audit(1719910480.647:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15612 comm="syz.2.3913" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb553d75ed9 code=0x7ffc0000 [ 379.140151][ T11] hsr_slave_0: left promiscuous mode [ 379.168913][ T11] hsr_slave_1: left promiscuous mode [ 379.182998][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 379.186160][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 379.189762][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 379.194264][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 379.243604][ T11] veth1_macvtap: left promiscuous mode [ 379.246248][ T11] veth0_macvtap: left promiscuous mode [ 379.248809][ T11] veth1_vlan: left promiscuous mode [ 379.251714][ T11] veth0_vlan: left promiscuous mode [ 380.420046][ T5209] Bluetooth: hci1: command tx timeout [ 380.824847][ T11] team0 (unregistering): Port device team_slave_1 removed [ 380.989102][ T11] team0 (unregistering): Port device team_slave_0 removed [ 382.170577][T15657] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3931'. [ 382.174366][T15657] netlink: 25 bytes leftover after parsing attributes in process `syz.2.3931'. [ 382.190155][T15657] netlink: 25 bytes leftover after parsing attributes in process `syz.2.3931'. [ 382.396975][T15675] fuse: Bad value for 'fd' [ 382.423377][ T39] kauditd_printk_skb: 10 callbacks suppressed [ 382.423396][ T39] audit: type=1400 audit(1719910484.217:1412): avc: denied { setopt } for pid=15676 comm="syz.2.3941" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1 [ 382.450182][T15507] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 382.458443][T15507] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 382.466470][T15507] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 382.492063][ T5209] Bluetooth: hci1: command tx timeout [ 382.493691][T15679] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3942'. [ 382.498847][T15679] netlink: 25 bytes leftover after parsing attributes in process `syz.0.3942'. [ 382.504271][T15679] netlink: 25 bytes leftover after parsing attributes in process `syz.0.3942'. [ 382.520392][T15507] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 382.641413][T15507] 8021q: adding VLAN 0 to HW filter on device bond0 [ 382.662927][T15507] 8021q: adding VLAN 0 to HW filter on device team0 [ 382.684783][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 382.688019][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 382.696438][ T11] IPVS: stop unused estimator thread 0... [ 382.702558][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 382.705694][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 382.836970][ T39] audit: type=1400 audit(1719910484.627:1413): avc: denied { write } for pid=15702 comm="syz.2.3951" name="kcm" dev="proc" ino=4026534141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 382.898484][T15507] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 382.929166][ T39] audit: type=1804 audit(1719910484.717:1414): pid=15709 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.3953" name="/syzkaller.Vw89jL/162/cgroup.controllers" dev="sda1" ino=1996 res=1 errno=0 [ 382.956247][T15507] veth0_vlan: entered promiscuous mode [ 382.968004][T15507] veth1_vlan: entered promiscuous mode [ 382.999656][T15507] veth0_macvtap: entered promiscuous mode [ 383.024281][T15507] veth1_macvtap: entered promiscuous mode [ 383.043156][T15507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 383.047841][T15507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 383.059584][T15507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 383.066145][T15507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 383.068077][ T39] audit: type=1400 audit(1719910484.857:1415): avc: denied { create } for pid=15710 comm="syz.2.3954" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 383.075596][T15507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 383.106065][ T39] audit: type=1400 audit(1719910484.897:1416): avc: denied { ioctl } for pid=15710 comm="syz.2.3954" path="socket:[63797]" dev="sockfs" ino=63797 ioctlcmd=0x89e5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 383.112965][T15507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 383.133582][T15507] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 383.142886][T15507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 383.142910][T15507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 383.142922][T15507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 383.142935][T15507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 383.142946][T15507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 383.142959][T15507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 383.144862][T15507] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 383.156814][T15507] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.156845][T15507] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.156861][T15507] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.156875][T15507] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.264394][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 383.270447][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 383.301568][ T1095] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 383.316032][ T1095] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 383.326081][ T39] audit: type=1400 audit(1719910485.117:1417): avc: denied { mount } for pid=15507 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 383.636056][ T39] audit: type=1804 audit(1719910485.427:1418): pid=15752 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.3971" name="/syzkaller.Vw89jL/169/cgroup.controllers" dev="sda1" ino=1982 res=1 errno=0 [ 384.084783][ T39] audit: type=1804 audit(1719910485.877:1419): pid=15781 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.3986" name="/syzkaller.lgeaFN/103/cgroup.controllers" dev="sda1" ino=1985 res=1 errno=0 [ 384.373490][ T39] audit: type=1326 audit(1719910486.167:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15792 comm="syz.0.3992" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1725175ed9 code=0x0 [ 384.457226][ T39] audit: type=1400 audit(1719910486.247:1421): avc: denied { bind } for pid=15809 comm="syz.2.4000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 384.570704][ T5209] Bluetooth: hci1: command tx timeout [ 384.575349][ T1357] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.581935][ T1357] ieee802154 phy1 wpan1: encryption failed: -22 [ 385.841405][T15869] fuse: Bad value for 'fd' [ 386.721369][T15906] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4042'. [ 387.236488][T15915] overlayfs: failed to resolve './file0': -2 [ 387.325867][T15915] tipc: Started in network mode [ 387.329673][T15915] tipc: Node identity 467343afb67b, cluster identity 4711 [ 387.349471][T15915] tipc: Enabled bearer , priority 0 [ 387.849511][T15936] 9p: Unknown access argument u: -22 [ 387.928045][T15946] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4058'. [ 388.279178][T15966] 9p: Unknown access argument u: -22 [ 388.307055][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 388.307071][ T39] audit: type=1326 audit(1719910490.097:1424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15960 comm="syz.3.4064" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f32c1775ed9 code=0x0 [ 388.345932][ T8764] tipc: Node number set to 4027073455 [ 388.378433][T15971] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4068'. [ 388.778669][T15948] block nbd0: shutting down sockets [ 389.500941][T15997] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4077'. [ 390.373133][T16030] vcan0 speed is unknown, defaulting to 1000 [ 390.391426][T16030] vcan0 speed is unknown, defaulting to 1000 [ 390.397879][T16030] vcan0 speed is unknown, defaulting to 1000 [ 390.573604][T16017] block nbd2: shutting down sockets [ 390.659640][T16030] infiniband syz1: set down [ 390.664174][ T8764] vcan0 speed is unknown, defaulting to 1000 [ 390.667704][T16030] infiniband syz1: added vcan0 [ 390.797488][T16030] RDS/IB: syz1: added [ 390.811640][T16030] smc: adding ib device syz1 with port count 1 [ 390.823845][T16030] smc: ib device syz1 port 1 has pnetid [ 390.833873][ T8764] vcan0 speed is unknown, defaulting to 1000 [ 390.849101][T16030] vcan0 speed is unknown, defaulting to 1000 [ 391.049872][T16030] vcan0 speed is unknown, defaulting to 1000 [ 391.127177][T16052] input: syz1 as /devices/virtual/input/input23 [ 391.239448][T16030] vcan0 speed is unknown, defaulting to 1000 [ 391.386813][T16030] vcan0 speed is unknown, defaulting to 1000 [ 391.486486][T16068] syzkaller0: entered promiscuous mode [ 391.489001][T16068] syzkaller0: entered allmulticast mode [ 391.495490][ T45] syzkaller0: tun_net_xmit 48 [ 391.513074][T16068] syzkaller0: tun_net_xmit 1280 [ 391.518279][T16068] syzkaller0: create flow: hash 3120954557 index 1 [ 391.540628][T16030] vcan0 speed is unknown, defaulting to 1000 [ 391.649278][T16067] syzkaller0: delete flow: hash 3120954557 index 1 [ 391.692565][ T39] audit: type=1326 audit(1719910493.497:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16074 comm="syz.0.4113" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1725175ed9 code=0x0 [ 393.858361][T16116] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=25678 sclass=netlink_route_socket pid=16116 comm=syz.0.4127 [ 394.637024][T16127] bridge_slave_0: left allmulticast mode [ 394.639435][T16127] bridge_slave_0: left promiscuous mode [ 394.642242][T16127] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.679466][T16127] bridge_slave_1: left allmulticast mode [ 394.682520][T16127] bridge_slave_1: left promiscuous mode [ 394.685585][T16127] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.708890][T16127] bond0: (slave bond_slave_0): Releasing backup interface [ 394.727700][T16127] bond0: (slave bond_slave_1): Releasing backup interface [ 394.806022][T16127] team0: Port device team_slave_0 removed [ 394.832872][T16127] team0: Port device team_slave_1 removed [ 394.858192][T16127] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 394.866104][T16127] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 394.877296][T16127] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 394.880657][T16147] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048) [ 394.884900][T16127] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 394.944192][T16132] bridge0: port 1(veth0) entered blocking state [ 394.947763][T16132] bridge0: port 1(veth0) entered disabled state [ 394.956706][T16132] veth0: entered allmulticast mode [ 394.963746][T16132] veth0: entered promiscuous mode [ 394.967141][T16132] bridge0: port 1(veth0) entered blocking state [ 394.970026][T16132] bridge0: port 1(veth0) entered forwarding state [ 394.977813][ T39] audit: type=1400 audit(1719910496.767:1426): avc: denied { setopt } for pid=16152 comm="syz.2.4143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 395.093395][T16164] netlink: 'syz.2.4148': attribute type 1 has an invalid length. [ 395.180041][ T39] audit: type=1326 audit(1719910496.957:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16140 comm="syz.0.4138" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1725175ed9 code=0x7ffc0000 [ 395.188804][ T39] audit: type=1326 audit(1719910496.957:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16140 comm="syz.0.4138" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1725175ed9 code=0x7ffc0000 [ 395.199840][ T39] audit: type=1326 audit(1719910496.957:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16140 comm="syz.0.4138" exe="/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f1725175ed9 code=0x7ffc0000 [ 395.214746][ T39] audit: type=1326 audit(1719910496.957:1430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16140 comm="syz.0.4138" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1725175ed9 code=0x7ffc0000 [ 395.230132][ T39] audit: type=1326 audit(1719910496.957:1431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16140 comm="syz.0.4138" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1725175ed9 code=0x7ffc0000 [ 395.239860][ T39] audit: type=1326 audit(1719910496.957:1432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16140 comm="syz.0.4138" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1725175ed9 code=0x7ffc0000 [ 395.254222][ T39] audit: type=1326 audit(1719910496.957:1433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16140 comm="syz.0.4138" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1725175ed9 code=0x7ffc0000 [ 395.270172][ T39] audit: type=1326 audit(1719910496.957:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16140 comm="syz.0.4138" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1725175ed9 code=0x7ffc0000 [ 395.280757][ T39] audit: type=1326 audit(1719910496.967:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16140 comm="syz.0.4138" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1725175ed9 code=0x7ffc0000 [ 395.316838][T16179] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=25678 sclass=netlink_route_socket pid=16179 comm=syz.3.4155 [ 395.327404][T16187] bridge_slave_0: left allmulticast mode [ 395.329818][T16187] bridge_slave_0: left promiscuous mode [ 395.333541][T16187] bridge0: port 1(bridge_slave_0) entered disabled state [ 395.339604][T16187] bridge_slave_1: left allmulticast mode [ 395.343772][T16187] bridge_slave_1: left promiscuous mode [ 395.346090][T16187] bridge0: port 2(bridge_slave_1) entered disabled state [ 395.365657][T16187] bond0: (slave bond_slave_0): Releasing backup interface [ 395.388749][T16187] bond0: (slave bond_slave_1): Releasing backup interface [ 395.416462][T16187] team0: Port device team_slave_0 removed [ 395.428794][T16187] team0: Port device team_slave_1 removed [ 395.432248][T16187] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 395.436123][T16187] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 395.452718][T16190] bridge0: port 1(veth0) entered blocking state [ 395.455570][T16190] bridge0: port 1(veth0) entered disabled state [ 395.459865][T16190] veth0: entered allmulticast mode [ 395.469260][T16190] veth0: entered promiscuous mode [ 395.766286][T16218] bridge_slave_0: left allmulticast mode [ 395.769049][T16218] bridge_slave_0: left promiscuous mode [ 395.777409][T16218] bridge0: port 1(bridge_slave_0) entered disabled state [ 395.796971][T16218] bridge_slave_1: left allmulticast mode [ 395.799203][T16218] bridge_slave_1: left promiscuous mode [ 395.802135][T16218] bridge0: port 2(bridge_slave_1) entered disabled state [ 395.817845][T16218] bond0: (slave bond_slave_0): Releasing backup interface [ 395.833131][T16218] bond0: (slave bond_slave_1): Releasing backup interface [ 395.886676][T16218] team0: Port device team_slave_0 removed [ 395.900531][T16218] team0: Port device team_slave_1 removed [ 395.903513][T16218] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 395.906084][T16218] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 395.909558][T16218] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 395.912533][T16225] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=25678 sclass=netlink_route_socket pid=16225 comm=syz.3.4169 [ 395.913009][T16218] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 395.927143][T16218] gtp0: left allmulticast mode [ 395.975602][T16229] bridge0: port 1(veth0) entered blocking state [ 395.998006][T16229] bridge0: port 1(veth0) entered disabled state [ 396.003668][T16229] veth0: entered allmulticast mode [ 396.012133][T16229] veth0: entered promiscuous mode [ 396.022016][T16229] bridge0: port 1(veth0) entered blocking state [ 396.024320][T16229] bridge0: port 1(veth0) entered forwarding state [ 396.426054][T16262] kernel profiling enabled (shift: 8) [ 396.969743][T16250] block nbd0: shutting down sockets [ 397.099463][T16305] rdma_rxe: rxe_newlink: failed to add vcan0 [ 397.476538][T16332] rdma_rxe: rxe_newlink: failed to add vcan0 [ 397.772585][T16343] bridge_slave_0: left allmulticast mode [ 397.774733][T16343] bridge_slave_0: left promiscuous mode [ 397.776973][T16343] bridge0: port 1(bridge_slave_0) entered disabled state [ 397.783073][T16343] bridge_slave_1: left allmulticast mode [ 397.787591][T16343] bridge_slave_1: left promiscuous mode [ 397.794070][T16343] bridge0: port 2(bridge_slave_1) entered disabled state [ 397.804412][T16343] bond0: (slave bond_slave_0): Releasing backup interface [ 397.823131][T16343] bond0: (slave bond_slave_1): Releasing backup interface [ 397.942828][T16343] team0: Port device team_slave_0 removed [ 397.986495][T16343] team0: Port device team_slave_1 removed [ 397.992224][T16343] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 397.996681][T16343] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 398.004653][T16343] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 398.007916][T16343] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 398.028874][T16343] gtp0: left allmulticast mode [ 398.109396][T16344] bridge0: port 1(veth0) entered blocking state [ 398.121599][T16344] bridge0: port 1(veth0) entered disabled state [ 398.130334][T16344] veth0: entered allmulticast mode [ 398.138957][T16344] veth0: entered promiscuous mode [ 398.147579][T16344] bridge0: port 1(veth0) entered blocking state [ 398.152143][T16344] bridge0: port 1(veth0) entered forwarding state [ 398.626969][T16384] ptrace attach of "/syz-executor exec"[14478] was attempted by "/syz-executor exec"[16384] [ 399.574160][T16448] vcan0 speed is unknown, defaulting to 1000 [ 399.648434][T16456] 9pnet_fd: Insufficient options for proto=fd [ 399.957387][T16472] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 400.042247][ T5258] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 400.152998][T16482] vcan0 speed is unknown, defaulting to 1000 [ 400.232288][ T5258] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 400.236757][ T5258] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0 [ 400.250144][ T5258] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 400.255855][ T5258] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 400.259704][ T5258] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 400.266623][ T5258] usb 5-1: config 0 descriptor?? [ 400.308973][T16497] fuse: Bad value for 'fd' [ 400.364717][T16500] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 400.456230][T16504] 9pnet_fd: Insufficient options for proto=fd [ 400.690186][ T5258] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving [ 400.698077][ T5258] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 401.556895][ T8764] usb 5-1: USB disconnect, device number 21 [ 402.305153][T16580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4313'. [ 402.310661][T16580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4313'. [ 402.317406][T16580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4313'. [ 402.322382][T16580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4313'. [ 402.328329][T16580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4313'. [ 402.339172][T16580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4313'. [ 402.346375][T16580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4313'. [ 402.354366][T16580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4313'. [ 402.358750][T16580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4313'. [ 402.365000][T16580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4313'. [ 402.758600][T16625] netlink: 'syz.1.4333': attribute type 6 has an invalid length. [ 403.069223][T16646] netlink: 'syz.2.4342': attribute type 6 has an invalid length. [ 403.120034][ T39] kauditd_printk_skb: 16 callbacks suppressed [ 403.120048][ T39] audit: type=1804 audit(1719910504.907:1452): pid=16648 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.4343" name="/syzkaller.qNrFYo/476/file0" dev="sda1" ino=1980 res=1 errno=0 [ 403.639754][T16678] netlink: 'syz.2.4356': attribute type 9 has an invalid length. [ 403.782682][T16689] netlink: 'syz.2.4361': attribute type 1 has an invalid length. [ 403.945751][T16701] netlink: 'syz.3.4367': attribute type 9 has an invalid length. [ 403.990187][T16699] syzkaller0: entered promiscuous mode [ 403.993726][T16699] syzkaller0: entered allmulticast mode [ 403.999643][ T63] syzkaller0: tun_net_xmit 48 [ 404.019024][T16699] syzkaller0: tun_net_xmit 1280 [ 404.021959][T16699] syzkaller0: create flow: hash 3120954557 index 1 [ 404.181820][T16698] syzkaller0: delete flow: hash 3120954557 index 1 [ 404.324511][T16711] netlink: 'syz.3.4372': attribute type 1 has an invalid length. [ 404.735956][ T39] audit: type=1400 audit(1719910506.527:1453): avc: denied { accept } for pid=16736 comm="syz.1.4383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 406.924601][T16741] netlink: 'syz.3.4385': attribute type 9 has an invalid length. [ 407.113132][T16789] block nbd0: Unsupported socket: shutdown callout must be supported. [ 408.365242][T16830] random: crng reseeded on system resumption [ 408.430072][ T39] audit: type=1400 audit(1719910510.157:1454): avc: denied { write } for pid=16827 comm="syz.3.4424" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 408.435324][T16835] overlayfs: lower data-only dirs require metacopy support. [ 408.538697][ T39] audit: type=1800 audit(1719910510.327:1455): pid=16835 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.4427" name="bus" dev="sda1" ino=2011 res=0 errno=0 [ 408.715341][T16847] __nla_validate_parse: 80 callbacks suppressed [ 408.715352][T16847] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4431'. [ 408.861291][T16860] netlink: 'syz.2.4438': attribute type 29 has an invalid length. [ 408.865112][T16860] netlink: 'syz.2.4438': attribute type 29 has an invalid length. [ 408.870953][T16860] netlink: 'syz.2.4438': attribute type 29 has an invalid length. [ 408.877353][T16860] netlink: 'syz.2.4438': attribute type 29 has an invalid length. [ 408.882561][T16860] netlink: 'syz.2.4438': attribute type 29 has an invalid length. [ 408.956497][T16870] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4442'. [ 409.035912][T16881] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4444'. [ 409.367828][T16909] syz.3.4457: attempt to access beyond end of device [ 409.367828][T16909] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0 [ 409.374346][T16909] hfs: can't find a HFS filesystem on dev nbd3 [ 410.543474][T16975] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4483'. [ 410.547607][T16975] openvswitch: netlink: VXLAN extension message has 13 unknown bytes. [ 410.598070][ T39] audit: type=1400 audit(1719910512.387:1456): avc: denied { bind } for pid=16979 comm="syz.1.4486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 410.608794][ T39] audit: type=1804 audit(1719910512.397:1457): pid=16984 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.4488" name="/syzkaller.lgeaFN/248/bus" dev="sda1" ino=2009 res=1 errno=0 [ 410.619782][ T39] audit: type=1804 audit(1719910512.397:1458): pid=16984 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.2.4488" name="/syzkaller.lgeaFN/248/bus" dev="sda1" ino=2009 res=1 errno=0 [ 410.644919][ T39] audit: type=1804 audit(1719910512.397:1459): pid=16984 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.2.4488" name="/syzkaller.lgeaFN/248/bus" dev="sda1" ino=2009 res=1 errno=0 [ 410.661002][ T39] audit: type=1804 audit(1719910512.397:1460): pid=16984 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.2.4488" name="/syzkaller.lgeaFN/248/bus" dev="sda1" ino=2009 res=1 errno=0 [ 411.090688][T17003] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4496'. [ 411.172792][T17010] netlink: 'syz.2.4498': attribute type 29 has an invalid length. [ 411.175798][T17010] netlink: 'syz.2.4498': attribute type 29 has an invalid length. [ 411.180594][T17010] netlink: 'syz.2.4498': attribute type 29 has an invalid length. [ 411.184250][T17010] netlink: 'syz.2.4498': attribute type 29 has an invalid length. [ 411.187878][T17010] netlink: 'syz.2.4498': attribute type 29 has an invalid length. [ 411.216721][ T39] audit: type=1400 audit(1719910513.007:1461): avc: denied { ioctl } for pid=17004 comm="syz.3.4497" path="socket:[67394]" dev="sockfs" ino=67394 ioctlcmd=0x8901 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 411.489493][T17031] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4507'. [ 411.493682][T17031] openvswitch: netlink: VXLAN extension message has 13 unknown bytes. [ 412.139341][ T39] audit: type=1804 audit(1719910513.927:1462): pid=17050 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.4515" name="/syzkaller.tIzYXL/121/bus" dev="sda1" ino=1990 res=1 errno=0 [ 412.149705][ T39] audit: type=1804 audit(1719910513.927:1463): pid=17050 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.3.4515" name="/syzkaller.tIzYXL/121/bus" dev="sda1" ino=1990 res=1 errno=0 [ 412.234497][T17056] input: syz1 as /devices/virtual/input/input24 [ 412.833210][T17100] syz.3.4533 (17100): attempted to duplicate a private mapping with mremap. This is not supported. [ 413.344988][T17127] input: syz1 as /devices/virtual/input/input25 [ 413.385800][T15518] udevd[15518]: setting mode of /dev/input/event4 to 020660 failed: No such file or directory [ 413.392770][T15518] udevd[15518]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 414.024248][T17157] syz.3.4560[17157] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 414.024338][T17157] syz.3.4560[17157] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 414.419545][T17144] 9pnet_fd: p9_fd_create_tcp (17144): problem connecting socket to 127.0.0.1 [ 414.802700][T17206] netlink: 596 bytes leftover after parsing attributes in process `syz.0.4579'. [ 414.882361][ T39] kauditd_printk_skb: 3 callbacks suppressed [ 414.882377][ T39] audit: type=1400 audit(1719910516.677:1467): avc: denied { connect } for pid=17209 comm="syz.0.4581" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 414.906099][ T39] audit: type=1400 audit(1719910516.677:1468): avc: denied { write } for pid=17209 comm="syz.0.4581" path="socket:[69003]" dev="sockfs" ino=69003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 414.920162][ T39] audit: type=1400 audit(1719910516.677:1469): avc: denied { read } for pid=17209 comm="syz.0.4581" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 414.935060][ T39] audit: type=1400 audit(1719910516.727:1470): avc: denied { create } for pid=17211 comm="syz.0.4582" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 415.076996][ T39] audit: type=1400 audit(1719910516.857:1471): avc: denied { bind } for pid=17211 comm="syz.0.4582" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 415.203990][ T39] audit: type=1400 audit(1719910516.997:1472): avc: denied { read } for pid=17219 comm="syz.1.4586" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 415.357829][T17228] tipc: Enabling of bearer rejected, failed to enable media [ 415.414785][ C3] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 415.603802][T17250] netlink: 596 bytes leftover after parsing attributes in process `syz.1.4597'. [ 415.782484][T17265] tmpfs: Bad value for 'mpol' [ 415.840081][ T39] audit: type=1804 audit(1719910517.627:1473): pid=17269 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.4607" name="/syzkaller.qNrFYo/563/bus" dev="sda1" ino=2005 res=1 errno=0 [ 415.859605][ T39] audit: type=1804 audit(1719910517.637:1474): pid=17269 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.1.4607" name="/syzkaller.qNrFYo/563/bus" dev="sda1" ino=2005 res=1 errno=0 [ 415.861927][T17271] syz.2.4608[17271] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 415.867706][T17271] syz.2.4608[17271] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 415.879072][ T39] audit: type=1804 audit(1719910517.647:1475): pid=17269 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.1.4607" name="/syzkaller.qNrFYo/563/bus" dev="sda1" ino=2005 res=1 errno=0 [ 415.897057][ T39] audit: type=1804 audit(1719910517.647:1476): pid=17269 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.1.4607" name="/syzkaller.qNrFYo/563/bus" dev="sda1" ino=2005 res=1 errno=0 [ 416.898200][ C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 417.125079][T17347] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 417.445442][T17369] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4644'. [ 417.600940][T17374] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 417.698326][ T5210] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 417.706213][ T5210] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 417.711358][ T5210] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 417.717248][ T5210] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 417.723696][ T5210] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 417.727349][ T5210] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 417.814066][T17379] vcan0 speed is unknown, defaulting to 1000 [ 417.977815][T17387] tmpfs: Bad value for 'mpol' [ 418.128879][T17379] chnl_net:caif_netlink_parms(): no params data found [ 418.303421][T17400] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4654'. [ 418.307885][T17379] bridge0: port 1(bridge_slave_0) entered blocking state [ 418.312921][T17379] bridge0: port 1(bridge_slave_0) entered disabled state [ 418.316039][T17379] bridge_slave_0: entered allmulticast mode [ 418.319653][T17379] bridge_slave_0: entered promiscuous mode [ 418.324645][T17379] bridge0: port 2(bridge_slave_1) entered blocking state [ 418.327332][T17379] bridge0: port 2(bridge_slave_1) entered disabled state [ 418.331196][T17379] bridge_slave_1: entered allmulticast mode [ 418.335483][T17379] bridge_slave_1: entered promiscuous mode [ 418.430217][T17379] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 418.439393][T17379] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 418.467246][T17410] netlink: 'syz.2.4655': attribute type 11 has an invalid length. [ 418.568355][T17379] team0: Port device team_slave_0 added [ 418.571412][T17402] netlink: 'syz.2.4655': attribute type 11 has an invalid length. [ 418.576122][T17379] team0: Port device team_slave_1 added [ 418.578819][ T45] veth0: left allmulticast mode [ 418.580567][ T45] veth0: left promiscuous mode [ 418.582623][ T45] bridge0: port 1(veth0) entered disabled state [ 418.674683][ T45] tipc: Disabling bearer [ 419.060135][ T5210] Bluetooth: hci1: command 0x0406 tx timeout [ 419.107735][ T45] bond0 (unregistering): Released all slaves [ 419.146996][T17416] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 419.168775][T17422] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4660'. [ 419.247211][ T45] tipc: Left network mode [ 419.253758][T17379] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 419.258592][T17379] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 419.280932][T17379] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 419.288291][T17379] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 419.293454][T17379] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 419.304393][T17379] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 419.432335][T17379] hsr_slave_0: entered promiscuous mode [ 419.448169][T17379] hsr_slave_1: entered promiscuous mode [ 419.468855][T17379] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 419.472700][T17379] Cannot create hsr debugfs directory [ 419.625421][T17437] kvm: kvm [17436]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x20000200 [ 419.770331][ T5209] Bluetooth: hci4: command tx timeout [ 419.791086][T17446] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4671'. [ 420.063988][ T45] hsr_slave_0: left promiscuous mode [ 420.079802][ T45] hsr_slave_1: left promiscuous mode [ 420.115912][ T45] pim6reg (unregistering): left allmulticast mode [ 420.186988][T17460] netlink: 'syz.3.4675': attribute type 11 has an invalid length. [ 420.257508][T17463] netlink: 'syz.3.4675': attribute type 11 has an invalid length. [ 420.283425][T17462] overlayfs: missing 'lowerdir' [ 420.369754][ T39] kauditd_printk_skb: 28 callbacks suppressed [ 420.369772][ T39] audit: type=1400 audit(1719910522.157:1505): avc: denied { write } for pid=17465 comm="syz.2.4678" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1 [ 421.076659][ T39] audit: type=1400 audit(1719910522.877:1506): avc: denied { mounton } for pid=17480 comm="syz.0.4684" path=2F73797A6B616C6C65722E567738396A4C2F3331322FE91F7189591E9233614B dev="sda1" ino=2005 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=sock_file permissive=1 [ 421.860145][ T5209] Bluetooth: hci4: command tx timeout [ 422.505175][ T5209] Bluetooth: hci0: command tx timeout [ 423.165156][ T1203] smc: removing ib device syz1 [ 423.246664][T17463] debugfs: Directory 'netdev:' with parent 'phy46' already present! [ 423.333380][T17505] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4695'. [ 423.333647][ T39] audit: type=1400 audit(1719910525.117:1507): avc: denied { nlmsg_read } for pid=17504 comm="syz.2.4695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 423.839759][T17379] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 423.898354][T17379] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 423.928251][T17379] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 423.942224][ T5209] Bluetooth: hci4: command tx timeout [ 423.951319][T17379] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 424.152884][T17379] 8021q: adding VLAN 0 to HW filter on device bond0 [ 424.173100][T17379] 8021q: adding VLAN 0 to HW filter on device team0 [ 424.192939][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 424.196239][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 424.208126][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 424.210916][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 424.508520][T17379] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 424.535639][T17544] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4709'. [ 424.617296][T17379] veth0_vlan: entered promiscuous mode [ 424.654504][T17379] veth1_vlan: entered promiscuous mode [ 424.720376][T17379] veth0_macvtap: entered promiscuous mode [ 424.727257][T17379] veth1_macvtap: entered promiscuous mode [ 424.755601][T17379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 424.765935][T17379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 424.777239][T17379] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 424.788423][T17379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 424.814370][T17379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 424.821138][T17379] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 424.835013][T17379] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.838822][T17379] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.843398][T17379] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.846660][T17379] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.983880][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 424.987489][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 425.023896][ T1095] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 425.027318][ T1095] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 425.060055][T17559] 9pnet_fd: Insufficient options for proto=fd [ 425.134127][T17561] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 425.295020][T17569] netlink: 'syz.3.4717': attribute type 11 has an invalid length. [ 425.314706][T17569] netlink: 'syz.3.4717': attribute type 11 has an invalid length. [ 425.319687][T17569] debugfs: Directory 'netdev:' with parent 'phy46' already present! [ 425.624734][T17591] netlink: 'syz.2.4727': attribute type 10 has an invalid length. [ 425.682912][T17591] team0: Port device geneve1 added [ 425.703429][T17597] tipc: Started in network mode [ 425.705755][T17597] tipc: Node identity ac1414aa, cluster identity 4711 [ 425.711166][T17597] tipc: Enabled bearer , priority 10 [ 425.715716][T17592] tipc: Disabling bearer [ 426.010238][ T5209] Bluetooth: hci4: command tx timeout [ 426.693654][ T39] audit: type=1804 audit(1719910528.487:1508): pid=17640 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.4746" name="/syzkaller.Vw89jL/332/bus" dev="sda1" ino=1997 res=1 errno=0 [ 426.704449][ T39] audit: type=1804 audit(1719910528.487:1509): pid=17640 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.0.4746" name="/syzkaller.Vw89jL/332/bus" dev="sda1" ino=1997 res=1 errno=0 [ 426.722075][ T39] audit: type=1804 audit(1719910528.497:1510): pid=17640 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.4746" name="/syzkaller.Vw89jL/332/bus" dev="sda1" ino=1997 res=1 errno=0 [ 426.724607][T17640] Invalid ELF header len 6 [ 427.328541][T17665] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4757'. [ 427.502151][T17681] input: syz0 as /devices/virtual/input/input26 [ 427.732159][ T39] audit: type=1804 audit(1719910529.517:1511): pid=17691 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.4768" name="/syzkaller.lgeaFN/306/bus" dev="sda1" ino=2011 res=1 errno=0 [ 427.746974][ T39] audit: type=1804 audit(1719910529.547:1512): pid=17691 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.2.4768" name="/syzkaller.lgeaFN/306/bus" dev="sda1" ino=2011 res=1 errno=0 [ 427.759641][ T39] audit: type=1804 audit(1719910529.557:1513): pid=17691 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.4768" name="/syzkaller.lgeaFN/306/bus" dev="sda1" ino=2011 res=1 errno=0 [ 427.768563][T17691] Invalid ELF header len 6 [ 427.858468][T17693] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4769'. [ 428.232178][ T39] audit: type=1400 audit(1719910530.017:1514): avc: denied { setattr } for pid=17711 comm="syz.1.4774" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 428.320058][ T39] audit: type=1400 audit(1719910530.087:1515): avc: denied { unmount } for pid=17379 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 428.706205][T17738] tipc: Started in network mode [ 428.708586][T17738] tipc: Node identity ac1414aa, cluster identity 4711 [ 428.714423][T17738] tipc: Enabled bearer , priority 10 [ 428.721483][T17738] tipc: Disabling bearer [ 429.766489][ T1203] nci: nci_rx_work: unknown MT 0x1 [ 429.805929][ T39] audit: type=1400 audit(1719910531.587:1516): avc: denied { execmod } for pid=17772 comm="syz.0.4795" path=2F6D656D66643A1033717D329ACEAF0386E7C0148F5ED5FDA90DAC374194EBCD09202864656C6574656429 dev="tmpfs" ino=3144 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 429.849646][ T39] audit: type=1804 audit(1719910531.637:1517): pid=17779 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.4796" name="/syzkaller.tIzYXL/197/bus" dev="sda1" ino=2004 res=1 errno=0 [ 429.870447][T17779] Invalid ELF header len 6 [ 431.689009][T17852] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4823'. [ 431.829131][ T39] kauditd_printk_skb: 4 callbacks suppressed [ 431.829150][ T39] audit: type=1400 audit(1719910533.617:1522): avc: denied { append } for pid=17863 comm="syz.1.4828" name="dlm-control" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 432.297352][ T39] audit: type=1400 audit(1719910534.087:1523): avc: denied { mounton } for pid=17882 comm="syz.3.4833" path="/proc/17882/task" dev="proc" ino=75950 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 432.401385][T17881] 9pnet_fd: Insufficient options for proto=fd [ 432.421077][ T39] audit: type=1400 audit(1719910534.217:1524): avc: denied { ioctl } for pid=17884 comm="syz.3.4834" path="cgroup:[4026532936]" dev="nsfs" ino=4026532936 ioctlcmd=0x9436 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 432.507486][T17887] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4835'. [ 432.985094][T17915] xt_policy: too many policy elements [ 432.993177][T17910] raw_sendmsg: syz.0.4845 forgot to set AF_INET. Fix it! [ 433.158423][T17922] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4848'. [ 433.975175][T17948] netlink: 3084 bytes leftover after parsing attributes in process `syz.1.4859'. [ 433.982477][T17948] netlink: 'syz.1.4859': attribute type 1 has an invalid length. [ 433.985764][T17948] netlink: 193500 bytes leftover after parsing attributes in process `syz.1.4859'. [ 433.986095][T17939] 9pnet_fd: Insufficient options for proto=fd [ 434.212777][ T39] audit: type=1400 audit(1719910536.007:1525): avc: denied { remount } for pid=17958 comm="syz.0.4864" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 434.565433][T17976] Direct I/O collision with buffered writes! File: /syzkaller.tIzYXL/217/bus Comm: syz.3.4870 [ 434.618312][ T39] audit: type=1400 audit(1719910536.407:1526): avc: denied { execute } for pid=17962 comm="syz.0.4866" path="/dev/usbmon0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 435.127224][T17991] netlink: 3084 bytes leftover after parsing attributes in process `syz.1.4876'. [ 435.131607][T17991] netlink: 'syz.1.4876': attribute type 1 has an invalid length. [ 435.135053][T17991] netlink: 193500 bytes leftover after parsing attributes in process `syz.1.4876'. [ 435.445869][ T5210] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 435.484422][ T5210] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 435.489050][ T5210] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 435.496074][ T5210] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 435.500261][ T5210] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 435.504248][ T5210] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 435.721337][T18005] chnl_net:caif_netlink_parms(): no params data found [ 435.942056][T18005] bridge0: port 1(bridge_slave_0) entered blocking state [ 435.950386][T18005] bridge0: port 1(bridge_slave_0) entered disabled state [ 435.953562][T18005] bridge_slave_0: entered allmulticast mode [ 435.970799][T18005] bridge_slave_0: entered promiscuous mode [ 436.019014][ T63] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 436.035621][T18005] bridge0: port 2(bridge_slave_1) entered blocking state [ 436.038873][T18005] bridge0: port 2(bridge_slave_1) entered disabled state [ 436.046417][T18005] bridge_slave_1: entered allmulticast mode [ 436.059838][T18005] bridge_slave_1: entered promiscuous mode [ 436.103364][T18011] 9pnet_fd: Insufficient options for proto=fd [ 436.138367][ T63] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 436.188072][T18005] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 436.196316][T18005] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 436.358208][ T63] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 436.389690][T18005] team0: Port device team_slave_0 added [ 436.398100][T18005] team0: Port device team_slave_1 added [ 436.469377][ T63] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 436.541442][T18005] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 436.544482][T18005] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 436.558337][T18005] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 436.569201][T18005] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 436.573402][T18005] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 436.588098][T18005] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 436.724804][T18005] hsr_slave_0: entered promiscuous mode [ 436.728607][T18005] hsr_slave_1: entered promiscuous mode [ 436.733610][T18005] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 436.737738][T18005] Cannot create hsr debugfs directory [ 436.908749][ T63] bridge_slave_1: left allmulticast mode [ 436.912514][ T63] bridge_slave_1: left promiscuous mode [ 436.915604][ T63] bridge0: port 2(bridge_slave_1) entered disabled state [ 436.924225][ T63] bridge_slave_0: left allmulticast mode [ 436.927031][ T63] bridge_slave_0: left promiscuous mode [ 436.929598][ T63] bridge0: port 1(bridge_slave_0) entered disabled state [ 437.530216][ T5209] Bluetooth: hci5: command tx timeout [ 437.645387][ T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 437.653718][ T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 437.672300][ T63] bond0 (unregistering): Released all slaves [ 437.809485][ T63] tipc: Left network mode [ 438.169113][ T63] hsr_slave_0: left promiscuous mode [ 438.178456][ T63] hsr_slave_1: left promiscuous mode [ 438.184077][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 438.192575][ T63] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 438.199296][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 438.203734][ T63] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 438.250328][ T5209] Bluetooth: hci0: command tx timeout [ 438.297237][ T63] veth1_macvtap: left promiscuous mode [ 438.299203][ T63] veth0_macvtap: left promiscuous mode [ 438.301739][ T63] veth1_vlan: left promiscuous mode [ 438.303804][ T63] veth0_vlan: left promiscuous mode [ 438.668237][ T39] audit: type=1400 audit(1719910540.457:1527): avc: denied { connect } for pid=18076 comm="syz.3.4904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 439.610262][ T5209] Bluetooth: hci5: command tx timeout [ 440.101532][ T63] team0 (unregistering): Port device team_slave_1 removed [ 440.154250][ T5209] Bluetooth: Unexpected start frame (len 0) [ 440.295057][ T63] team0 (unregistering): Port device team_slave_0 removed [ 441.690132][ T5209] Bluetooth: hci5: command tx timeout [ 442.057015][ T56] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 442.089696][T18005] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 442.098771][T18005] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 442.106656][T18005] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 442.121164][T18005] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 442.256279][ T56] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 442.261702][ T56] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 442.266494][ T56] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 442.271099][ T56] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 442.274058][T18005] 8021q: adding VLAN 0 to HW filter on device bond0 [ 442.282015][ T56] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 442.286016][ T56] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 442.292636][ T56] usb 5-1: Manufacturer: syz [ 442.323362][T18005] 8021q: adding VLAN 0 to HW filter on device team0 [ 442.328808][ T56] usb 5-1: config 0 descriptor?? [ 442.366375][ T8764] bridge0: port 1(bridge_slave_0) entered blocking state [ 442.369674][ T8764] bridge0: port 1(bridge_slave_0) entered forwarding state [ 442.401228][ T826] bridge0: port 2(bridge_slave_1) entered blocking state [ 442.404539][ T826] bridge0: port 2(bridge_slave_1) entered forwarding state [ 442.688954][T18005] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 442.737221][T18005] veth0_vlan: entered promiscuous mode [ 442.749669][T18005] veth1_vlan: entered promiscuous mode [ 442.780795][T18005] veth0_macvtap: entered promiscuous mode [ 442.788686][T18005] veth1_macvtap: entered promiscuous mode [ 442.807068][T18005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 442.812956][T18005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 442.819225][T18005] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 442.834134][T18005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 442.839020][T18005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 442.843260][ T56] appleir 0003:05AC:8243.000B: unknown main item tag 0x0 [ 442.849642][T18005] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 442.851497][ T56] appleir 0003:05AC:8243.000B: No inputs registered, leaving [ 442.857664][T18005] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.857700][T18005] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.873517][T18005] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.878540][T18005] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.883245][ T56] appleir 0003:05AC:8243.000B: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 442.995642][ T5209] Bluetooth: Unexpected start frame (len 0) [ 443.000020][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 443.004051][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 443.039867][ T1203] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 443.046557][ T1203] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 443.099512][ T39] audit: type=1400 audit(1719910544.887:1528): avc: denied { write } for pid=18147 comm="syz.1.4880" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 443.352234][T12419] usb 5-1: USB disconnect, device number 22 [ 443.736514][T18171] 9pnet: p9_errstr2errno: server reported unknown error [ 443.770189][ T5209] Bluetooth: hci5: command tx timeout [ 443.790039][T18173] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4936'. [ 444.223890][T18198] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=18198 comm=syz.0.4945 [ 444.232148][T18198] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4945'. [ 444.387734][ T39] audit: type=1800 audit(1719910546.177:1529): pid=18209 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.4950" name="/" dev="9p" ino=2 res=0 errno=0 [ 444.468250][T18216] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.4952'. [ 444.473361][ T39] audit: type=1400 audit(1719910546.267:1530): avc: denied { setopt } for pid=18211 comm="syz.2.4951" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 444.476586][T18216] netlink: del zone limit has 8 unknown bytes [ 444.686038][ T39] audit: type=1800 audit(1719910546.477:1531): pid=18229 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.4959" name="bus" dev="9p" ino=38273148 res=0 errno=0 [ 444.710529][ T39] audit: type=1800 audit(1719910546.497:1532): pid=18234 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.4961" name="/" dev="9p" ino=2 res=0 errno=0 [ 444.814241][T18243] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.4965'. [ 444.818630][T18243] netlink: del zone limit has 8 unknown bytes [ 445.332393][ T39] audit: type=1800 audit(1719910547.117:1533): pid=18263 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.4973" name="/" dev="9p" ino=2 res=0 errno=0 [ 446.014939][ T1357] ieee802154 phy0 wpan0: encryption failed: -22 [ 446.017476][ T1357] ieee802154 phy1 wpan1: encryption failed: -22 [ 446.542173][T18317] PKCS8: Unsupported PKCS#8 version [ 446.671891][T18324] batadv_slave_1: entered promiscuous mode [ 446.676823][T18323] batadv_slave_1: left promiscuous mode [ 446.755801][ T39] audit: type=1400 audit(1719910548.547:1534): avc: denied { write } for pid=18330 comm="syz.2.5003" name="urandom" dev="devtmpfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1 [ 446.999412][T18357] batadv_slave_1: entered promiscuous mode [ 447.003630][T18356] batadv_slave_1: left promiscuous mode [ 447.172613][T18372] xt_socket: unknown flags 0x50 [ 447.215157][T18376] PKCS8: Unsupported PKCS#8 version [ 447.247914][ T39] audit: type=1800 audit(1719910549.037:1535): pid=18374 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.5017" name="bus" dev="9p" ino=38273148 res=0 errno=0 [ 447.953781][ T5209] Bluetooth: hci0: unexpected subevent 0x1a length: 10 > 6 [ 447.988136][T18409] netlink: 'syz.0.5028': attribute type 4 has an invalid length. [ 447.994957][T18409] netlink: 17 bytes leftover after parsing attributes in process `syz.0.5028'. [ 448.089659][T18411] fuse: Bad value for 'fd' [ 448.474850][T18414] overlayfs: missing 'lowerdir' [ 448.777904][T18427] xt_socket: unknown flags 0x50 [ 448.853902][T18432] netlink: 448 bytes leftover after parsing attributes in process `syz.2.5039'. [ 448.865957][ T39] audit: type=1400 audit(1719910550.657:1536): avc: denied { bind } for pid=18433 comm="syz.1.5040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 449.042216][T18450] xt_socket: unknown flags 0x50 [ 449.222511][T18465] fscrypt_msg: 29 callbacks suppressed [ 449.222522][T18465] fscrypt (sda1, inode 2004): Mutually exclusive encryption flags (0x1b) [ 450.010181][ T5209] Bluetooth: hci0: command tx timeout [ 450.254707][T18491] fuse: Bad value for 'fd' [ 450.978703][ T39] audit: type=1400 audit(1719910552.767:1537): avc: denied { mount } for pid=18512 comm="syz.1.5074" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 451.531864][ T5210] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 451.542992][ T5210] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 451.548209][ T5210] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 451.554923][ T5210] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 451.559396][ T5210] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 451.564593][ T5210] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 451.774548][ T39] audit: type=1804 audit(1719910553.567:1538): pid=18542 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.5084" name="/syzkaller.tIzYXL/272/file0" dev="sda1" ino=2009 res=1 errno=0 [ 451.902229][ T107] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 451.932232][T18531] chnl_net:caif_netlink_parms(): no params data found [ 452.064983][ T107] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 452.179285][T18531] bridge0: port 1(bridge_slave_0) entered blocking state [ 452.197200][T18531] bridge0: port 1(bridge_slave_0) entered disabled state [ 452.203217][T18531] bridge_slave_0: entered allmulticast mode [ 452.211749][T18531] bridge_slave_0: entered promiscuous mode [ 452.223464][T18531] bridge0: port 2(bridge_slave_1) entered blocking state [ 452.227006][T18531] bridge0: port 2(bridge_slave_1) entered disabled state [ 452.230575][T18531] bridge_slave_1: entered allmulticast mode [ 452.235775][T18531] bridge_slave_1: entered promiscuous mode [ 452.313825][ T107] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 452.396070][T18531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 452.421316][T18531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 452.505638][ T107] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 452.571438][T18531] team0: Port device team_slave_0 added [ 452.578232][T18531] team0: Port device team_slave_1 added [ 452.697399][T18531] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 452.700934][T18531] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 452.716390][T18531] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 452.723669][T18531] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 452.726940][T18531] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 452.748775][T18531] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 452.887250][T18531] hsr_slave_0: entered promiscuous mode [ 452.892199][T18531] hsr_slave_1: entered promiscuous mode [ 452.901961][T18531] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 452.906011][T18531] Cannot create hsr debugfs directory [ 452.908522][ T107] veth0: left allmulticast mode [ 452.912393][ T107] veth0: left promiscuous mode [ 452.914253][ T107] bridge0: port 1(veth0) entered disabled state [ 453.311380][ T39] audit: type=1400 audit(1719910555.097:1539): avc: denied { read write } for pid=18005 comm="syz-executor" name="loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 453.324844][ T39] audit: type=1400 audit(1719910555.097:1540): avc: denied { open } for pid=18005 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 453.337097][ T39] audit: type=1400 audit(1719910555.097:1541): avc: denied { ioctl } for pid=18005 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 453.370149][ T107] team0: Port device geneve1 removed [ 453.618742][ T5210] Bluetooth: hci0: command tx timeout [ 453.635534][ T107] bond0 (unregistering): Released all slaves [ 453.664058][T18615] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5113'. [ 453.668703][T18615] netlink: 21 bytes leftover after parsing attributes in process `syz.1.5113'. [ 453.685812][T18615] netlink: 21 bytes leftover after parsing attributes in process `syz.1.5113'. [ 454.012706][ T107] hsr_slave_0: left promiscuous mode [ 454.017059][ T107] hsr_slave_1: left promiscuous mode [ 454.064130][ T107] veth1_macvtap: left promiscuous mode [ 454.068609][ T107] veth0_macvtap: left promiscuous mode [ 454.071603][ T107] veth1_vlan: left promiscuous mode [ 454.073939][ T107] veth0_vlan: left promiscuous mode [ 454.188702][ T39] audit: type=1804 audit(1719910555.977:1542): pid=18631 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.5119" name="/syzkaller.tIzYXL/286/file0" dev="sda1" ino=2003 res=1 errno=0 [ 454.222105][ T107] pim6reg (unregistering): left allmulticast mode [ 455.606690][T18651] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5126'. [ 455.691378][ T5210] Bluetooth: hci0: command tx timeout [ 457.771853][ T5210] Bluetooth: hci0: command tx timeout [ 458.078481][T18683] fuse: Bad value for 'fd' [ 458.192342][T18685] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5141'. [ 458.451253][T18531] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 458.477307][T18531] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 458.488696][T18531] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 458.496295][T18531] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 458.617843][T18531] 8021q: adding VLAN 0 to HW filter on device bond0 [ 458.644365][T18531] 8021q: adding VLAN 0 to HW filter on device team0 [ 458.655805][ T39] audit: type=1804 audit(1719910560.447:1543): pid=18703 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.5149" name="/syzkaller.tIzYXL/294/file0/bus" dev="ramfs" ino=78560 res=1 errno=0 [ 458.675271][T12419] bridge0: port 1(bridge_slave_0) entered blocking state [ 458.679162][T12419] bridge0: port 1(bridge_slave_0) entered forwarding state [ 458.689986][T12419] bridge0: port 2(bridge_slave_1) entered blocking state [ 458.693110][T12419] bridge0: port 2(bridge_slave_1) entered forwarding state [ 458.759637][T18531] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 458.766686][T18531] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 458.941103][T18531] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 458.999472][T18531] veth0_vlan: entered promiscuous mode [ 459.016450][T18531] veth1_vlan: entered promiscuous mode [ 459.044897][T18531] veth0_macvtap: entered promiscuous mode [ 459.060240][T18531] veth1_macvtap: entered promiscuous mode [ 459.077835][T18531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 459.078948][ T39] audit: type=1400 audit(1719910560.857:1544): avc: denied { map } for pid=18717 comm="syz.3.5153" path="socket:[79267]" dev="sockfs" ino=79267 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 459.083987][T18531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 459.098617][T18531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 459.106044][T18531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 459.112775][T18531] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 459.129310][T18531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 459.145739][T18531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 459.172924][T18531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 459.188740][T18531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 459.210837][T18531] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 459.235206][T18531] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 459.238631][T18531] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 459.242895][T18531] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 459.246615][T18531] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 459.357643][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 459.369944][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 459.392780][ T107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 459.396393][ T107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 459.430030][T18731] netlink: 'syz.3.5159': attribute type 7 has an invalid length. [ 459.455934][T18733] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5160'. [ 459.515913][T18739] bad cache= option: nonw [ 459.515913][T18739] [ 459.520529][T18739] CIFS: VFS: bad cache= option: nonw [ 459.525051][T18740] fuse: Bad value for 'fd' [ 459.657447][ T107] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x9b [ 459.860126][ T5210] Bluetooth: hci0: command tx timeout [ 459.979263][T18768] PKCS7: Unknown OID: [4] 0.28(bad) [ 459.982223][T18768] PKCS7: Only support pkcs7_signedData type [ 460.060373][T12419] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 460.241636][T12419] usb 7-1: Using ep0 maxpacket: 8 [ 460.246742][T12419] usb 7-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 460.253834][T12419] usb 7-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 460.258744][T12419] usb 7-1: config 1 has no interface number 1 [ 460.262600][T12419] usb 7-1: too many endpoints for config 1 interface 2 altsetting 7: 236, using maximum allowed: 30 [ 460.266795][T12419] usb 7-1: config 1 interface 2 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 236 [ 460.273742][T12419] usb 7-1: config 1 interface 2 has no altsetting 0 [ 460.279336][T12419] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 460.283567][T12419] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 460.289005][T12419] usb 7-1: Product: syz [ 460.291041][T12419] usb 7-1: Manufacturer: syz [ 460.293062][T12419] usb 7-1: SerialNumber: syz [ 462.559331][T18746] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 462.733053][T12419] usb 7-1: USB disconnect, device number 19 [ 463.010589][T18758] udevd[18758]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 463.045518][T18823] sch_tbf: burst 0 is lower than device bridge_slave_0 mtu (1514) ! [ 463.277341][T18830] fuse: Bad value for 'fd' [ 463.468867][ T11] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x9b [ 464.120249][ T5242] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 464.321514][ T5242] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 464.325580][ T5242] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.329719][ T5242] usb 7-1: config 0 descriptor?? [ 464.336877][ T5242] cp210x 7-1:0.0: cp210x converter detected [ 464.578119][ T5242] cp210x 7-1:0.0: failed to get vendor val 0x370b size 1: -71 [ 464.582116][ T5242] cp210x 7-1:0.0: querying part number failed [ 464.587574][ T5242] usb 7-1: cp210x converter now attached to ttyUSB0 [ 464.598269][ T5242] usb 7-1: USB disconnect, device number 20 [ 464.607108][ T5242] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 464.611864][ T5242] cp210x 7-1:0.0: device disconnected [ 465.828980][T18883] tap0: tun_chr_ioctl cmd 1074025675 [ 465.832241][T18883] tap0: persist disabled [ 465.939367][T18885] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 465.942045][T18885] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 465.945676][T18885] vhci_hcd vhci_hcd.0: Device attached [ 465.951334][T18886] vhci_hcd: cannot find the pending unlink 5 [ 465.956913][T18885] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=18885 comm=syz.3.5209 [ 465.962497][T18885] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=18885 comm=syz.3.5209 [ 465.968715][T18885] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=18885 comm=syz.3.5209 [ 465.998331][ T39] audit: type=1800 audit(1719910567.787:1545): pid=18885 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.5209" name="bus" dev="sda1" ino=2013 res=0 errno=0 [ 466.047341][T18886] vhci_hcd: connection closed [ 466.048075][ T11] vhci_hcd: stop threads [ 466.052415][ T11] vhci_hcd: release socket [ 466.054058][ T11] vhci_hcd: disconnect device [ 466.353039][T18832] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 466.555144][T18905] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 466.572959][T18905] bridge_slave_0: left allmulticast mode [ 466.578477][T18905] bridge_slave_0: left promiscuous mode [ 466.581297][T18905] bridge0: port 1(bridge_slave_0) entered disabled state [ 466.598486][T18905] bridge_slave_1: left allmulticast mode [ 466.603289][T18905] bridge_slave_1: left promiscuous mode [ 466.607162][T18905] bridge0: port 2(bridge_slave_1) entered disabled state [ 466.622809][T18905] bond0: (slave bond_slave_0): Releasing backup interface [ 466.641648][T18905] bond0: (slave bond_slave_1): Releasing backup interface [ 466.690448][T18905] team0: Port device team_slave_0 removed [ 466.705513][T18905] team0: Port device team_slave_1 removed [ 466.710710][T18905] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 466.715787][T18905] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 466.739854][T18905] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 466.743187][T18905] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 466.810202][ T5210] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 466.816078][ T5210] Bluetooth: hci5: Injecting HCI hardware error event [ 466.822379][ T5210] Bluetooth: hci5: hardware error 0x00 [ 467.454609][T18920] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 467.552678][ T39] audit: type=1800 audit(2000000001.030:1546): pid=18922 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.5220" name="bus" dev="sda1" ino=2013 res=0 errno=0 [ 468.779015][ T39] audit: type=1400 audit(2000000002.250:1547): avc: denied { name_bind } for pid=18951 comm="syz.0.5232" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 468.790900][ T39] audit: type=1400 audit(2000000002.250:1548): avc: denied { name_connect } for pid=18951 comm="syz.0.5232" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 468.871065][T18957] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 468.876801][ T39] audit: type=1326 audit(2000000002.350:1549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18962 comm="syz.3.5237" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f32c1775ed9 code=0x0 [ 468.890117][ T5210] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 468.946448][T18969] bond0: Error: Cannot enslave bond to itself. [ 469.204263][T18976] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5242'. [ 469.251743][T18976] nfs4: Unknown parameter 'r ’d' [ 469.700840][T18991] bond0: Error: Cannot enslave bond to itself. [ 469.928316][T19004] picdev_read: 2 callbacks suppressed [ 469.928333][T19004] kvm: pic: non byte read [ 469.935517][ T39] audit: type=1326 audit(2000000003.410:1550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19017 comm="syz.0.5260" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1725175ed9 code=0x0 [ 469.945621][T19004] kvm: pic: non byte read [ 469.950190][T19004] kvm: pic: non byte read [ 469.954195][T19004] kvm: pic: non byte read [ 471.021062][T19055] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 471.059851][T19055] bridge_slave_0: left allmulticast mode [ 471.066619][T19055] bridge_slave_0: left promiscuous mode [ 471.073166][T19055] bridge0: port 1(bridge_slave_0) entered disabled state [ 471.079061][T19055] bridge_slave_1: left allmulticast mode [ 471.081895][T19055] bridge_slave_1: left promiscuous mode [ 471.084797][T19055] bridge0: port 2(bridge_slave_1) entered disabled state [ 471.135188][T19055] bond0: (slave bond_slave_0): Releasing backup interface [ 471.147165][T19055] bond0: (slave bond_slave_1): Releasing backup interface [ 471.206977][T19055] team0: Port device team_slave_0 removed [ 471.233850][T19055] team0: Port device team_slave_1 removed [ 471.237548][T19055] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 471.241377][T19055] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 471.247548][T19055] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 471.252815][T19055] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 471.944080][T19080] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5285'. [ 471.959235][T19080] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5285'. [ 471.983934][ T39] audit: type=1804 audit(2000000005.460:1551): pid=19082 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.5286" name="/syzkaller.8jND5R/107/bus" dev="sda1" ino=2016 res=1 errno=0 [ 471.994166][ T39] audit: type=1804 audit(2000000005.460:1552): pid=19082 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.1.5286" name="/syzkaller.8jND5R/107/bus" dev="sda1" ino=2016 res=1 errno=0 [ 472.003464][ T39] audit: type=1804 audit(2000000005.460:1553): pid=19082 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.1.5286" name="/syzkaller.8jND5R/107/bus" dev="sda1" ino=2016 res=1 errno=0 [ 472.013093][ T39] audit: type=1804 audit(2000000005.460:1554): pid=19082 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.1.5286" name="/syzkaller.8jND5R/107/bus" dev="sda1" ino=2016 res=1 errno=0 [ 472.466546][T19108] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 472.500165][T19108] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5296'. [ 472.543001][T19105] kvm: pic: non byte read [ 472.546743][T19105] kvm: pic: non byte read [ 472.551489][T19105] kvm: pic: non byte read [ 472.555164][T19105] kvm: pic: non byte read [ 472.672064][T19114] fuse: Bad value for 'fd' [ 472.900240][T19122] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 473.340623][ T63] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x9b [ 473.740122][ T824] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 473.937999][ T824] usb 7-1: Using ep0 maxpacket: 8 [ 473.946928][ T824] usb 7-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 473.952273][ T824] usb 7-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 473.956324][ T824] usb 7-1: config 1 has no interface number 1 [ 473.959009][ T824] usb 7-1: too many endpoints for config 1 interface 2 altsetting 7: 236, using maximum allowed: 30 [ 473.964016][ T824] usb 7-1: config 1 interface 2 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 236 [ 473.969830][ T824] usb 7-1: config 1 interface 2 has no altsetting 0 [ 473.975699][ T824] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 473.979708][ T824] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 473.984711][ T824] usb 7-1: Product: syz [ 473.986248][ T824] usb 7-1: Manufacturer: syz [ 473.987796][ T824] usb 7-1: SerialNumber: syz [ 476.259190][T19139] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 476.379459][ T824] usb 7-1: USB disconnect, device number 21 [ 476.750199][T18758] udevd[18758]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 477.172297][ T1203] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x9b [ 477.245408][T19225] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 477.269804][T19225] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 477.590043][ T56] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 477.780020][ T56] usb 7-1: Using ep0 maxpacket: 8 [ 477.784514][ T56] usb 7-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 477.790312][ T56] usb 7-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 477.794256][ T56] usb 7-1: config 1 has no interface number 1 [ 477.796971][ T56] usb 7-1: too many endpoints for config 1 interface 2 altsetting 7: 236, using maximum allowed: 30 [ 477.802163][ T56] usb 7-1: config 1 interface 2 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 236 [ 477.808587][ T56] usb 7-1: config 1 interface 2 has no altsetting 0 [ 477.815418][ T56] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 477.826563][ T56] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 477.829866][ T56] usb 7-1: Product: syz [ 477.835630][ T56] usb 7-1: Manufacturer: syz [ 477.842725][ T56] usb 7-1: SerialNumber: syz [ 478.680749][T19267] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19267 comm=syz.0.5352 [ 478.766293][T19273] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 478.769148][T19273] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 478.774649][T19273] vhci_hcd vhci_hcd.0: Device attached [ 478.790359][T19274] vhci_hcd: cannot find the pending unlink 5 [ 478.793476][T19273] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=19273 comm=syz.1.5356 [ 478.798404][T19273] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=19273 comm=syz.1.5356 [ 478.803945][T19273] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=19273 comm=syz.1.5356 [ 478.850074][ T39] audit: type=1800 audit(2000000012.320:1555): pid=19273 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.5356" name="bus" dev="sda1" ino=2013 res=0 errno=0 [ 478.910605][T19274] vhci_hcd: connection closed [ 478.913322][ T1203] vhci_hcd: stop threads [ 478.917207][ T1203] vhci_hcd: release socket [ 478.919390][ T1203] vhci_hcd: disconnect device [ 478.970077][ T25] vhci_hcd: vhci_device speed not set [ 479.530773][ T39] audit: type=1400 audit(2000000013.000:1556): avc: denied { accept } for pid=19281 comm="syz.1.5358" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 479.649085][T19288] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5361'. [ 479.798795][T19294] ICMPv6: NA: fd:f9:a6:84:a5:1b advertised our address fe80::aa on syz_tun! [ 479.909756][T19298] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 479.912642][T19298] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 479.916604][T19298] vhci_hcd vhci_hcd.0: Device attached [ 479.924048][T19299] vhci_hcd: cannot find the pending unlink 5 [ 479.927593][T19298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=19298 comm=syz.1.5366 [ 479.933442][T19298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=19298 comm=syz.1.5366 [ 479.939287][T19298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=19298 comm=syz.1.5366 [ 479.973580][ T39] audit: type=1800 audit(2000000013.450:1557): pid=19298 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.5366" name="bus" dev="sda1" ino=2013 res=0 errno=0 [ 480.014824][T19299] vhci_hcd: connection closed [ 480.015177][ T63] vhci_hcd: stop threads [ 480.019257][ T63] vhci_hcd: release socket [ 480.021362][ T63] vhci_hcd: disconnect device [ 480.066618][T19218] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 480.145921][ T56] usb 7-1: USB disconnect, device number 22 [ 480.178566][T19307] netlink: 'syz.0.5367': attribute type 1 has an invalid length. [ 480.183389][T19307] netlink: 512 bytes leftover after parsing attributes in process `syz.0.5367'. [ 480.403034][T18758] udevd[18758]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 480.618698][T19330] binder: 19329:19330 ioctl c00c6211 0 returned -14 [ 480.764076][ T39] audit: type=1400 audit(2000000014.230:1558): avc: denied { getopt } for pid=19335 comm="syz.1.5381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 481.016675][T19348] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 481.019668][T19348] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 481.032965][T19348] vhci_hcd vhci_hcd.0: Device attached [ 481.055769][T19349] vhci_hcd: cannot find the pending unlink 5 [ 481.063073][T19348] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=19348 comm=syz.3.5386 [ 481.068678][T19348] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=19348 comm=syz.3.5386 [ 481.077185][T19348] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=19348 comm=syz.3.5386 [ 481.112812][ T39] audit: type=1800 audit(2000000014.590:1559): pid=19348 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.5386" name="bus" dev="sda1" ino=2013 res=0 errno=0 [ 481.154907][T19355] binder: 19354:19355 ioctl c00c6211 0 returned -14 [ 481.181502][T19349] vhci_hcd: connection closed [ 481.182016][ T1203] vhci_hcd: stop threads [ 481.189323][ T1203] vhci_hcd: release socket [ 481.191901][ T1203] vhci_hcd: disconnect device [ 481.214046][T19357] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 481.250055][ T824] vhci_hcd: vhci_device speed not set [ 481.358410][T19363] syz.2.5391: attempt to access beyond end of device [ 481.358410][T19363] nbd2: rw=0, sector=8, nr_sectors = 8 limit=0 [ 481.364650][T19363] qnx4: unable to read the superblock [ 481.601436][T19380] netem: incorrect gi model size [ 481.604513][T19380] netem: change failed [ 481.648624][ T39] audit: type=1804 audit(2000000015.120:1560): pid=19382 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.5399" name="/syzkaller.Vw89jL/486/cgroup.controllers" dev="sda1" ino=2015 res=1 errno=0 [ 481.840203][T19399] input: syz0 as /devices/virtual/input/input27 [ 481.908586][T19401] netem: incorrect gi model size [ 481.912045][T19401] netem: change failed [ 482.112242][T19413] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 482.186483][ T39] audit: type=1804 audit(2000000015.660:1561): pid=19418 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.5416" name="/syzkaller.iCFs9t/64/cgroup.controllers" dev="sda1" ino=2013 res=1 errno=0 [ 482.531799][T19435] futex_wake_op: syz.2.5422 tries to shift op by -1; fix this program [ 483.000718][T19450] syzkaller0: entered allmulticast mode [ 483.173214][T19455] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5431'. [ 483.257696][ T39] audit: type=1326 audit(2000000016.730:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19460 comm="syz.3.5432" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f32c1775ed9 code=0x0 [ 483.875791][ T39] audit: type=1400 audit(2000000017.350:1563): avc: denied { write } for pid=19487 comm="syz.2.5444" name="card0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 484.055973][T19492] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5445'. [ 484.124053][T19496] ICMPv6: NA: fd:f9:a6:84:a5:1b advertised our address fe80::aa on syz_tun! [ 484.206950][T19498] IPVS: Scheduler module ip_vs_sip not found [ 484.304478][ T39] audit: type=1400 audit(2000000017.780:1564): avc: denied { bind } for pid=19509 comm="syz.3.5452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 484.385400][ T1203] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x9b [ 484.391131][T19518] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5455'. [ 484.770154][ T5242] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 484.950001][ T5242] usb 5-1: Using ep0 maxpacket: 8 [ 484.954393][ T5242] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 484.958876][ T5242] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 484.962927][ T5242] usb 5-1: config 1 has no interface number 1 [ 484.965671][ T5242] usb 5-1: too many endpoints for config 1 interface 2 altsetting 7: 236, using maximum allowed: 30 [ 484.970399][ T5242] usb 5-1: config 1 interface 2 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 236 [ 484.975878][ T5242] usb 5-1: config 1 interface 2 has no altsetting 0 [ 484.980800][ T5242] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 484.984734][ T5242] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 484.987864][ T5242] usb 5-1: Product: syz [ 484.989723][ T5242] usb 5-1: Manufacturer: syz [ 484.991835][ T5242] usb 5-1: SerialNumber: syz [ 485.648056][T19542] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5464'. [ 485.799865][ T39] audit: type=1400 audit(2000000019.270:1565): avc: denied { setopt } for pid=19553 comm="syz.3.5470" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 486.076163][ T39] audit: type=1326 audit(2000000019.550:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19571 comm="syz.3.5477" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f32c1775ed9 code=0x0 [ 486.972263][ T39] audit: type=1804 audit(2000000020.450:1567): pid=19582 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.5481" name="/syzkaller.tIzYXL/376/cgroup.controllers" dev="sda1" ino=2014 res=1 errno=0 [ 487.269155][T19505] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 487.352082][ T5242] usb 5-1: USB disconnect, device number 23 [ 487.397474][T19585] team0: Port device virt_wifi0 added [ 487.512099][T19598] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5488'. [ 487.617296][T19605] EXT4-fs warning (device sda1): verify_group_input:166: Cannot read last block (281374) [ 487.632075][T18758] udevd[18758]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 487.641432][ T39] audit: type=1400 audit(2000000021.110:1568): avc: denied { read } for pid=19595 comm="syz.1.5487" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 487.771063][T19608] futex_wake_op: syz.0.5493 tries to shift op by -1; fix this program [ 487.851059][ T39] audit: type=1804 audit(2000000021.330:1569): pid=19615 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.5494" name="/syzkaller.iCFs9t/84/cgroup.controllers" dev="sda1" ino=2015 res=1 errno=0 [ 488.196995][T19632] EXT4-fs warning (device sda1): verify_group_input:166: Cannot read last block (281374) [ 488.677271][T19655] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 488.680653][T19655] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 488.690348][T19655] vhci_hcd vhci_hcd.0: Device attached [ 488.699528][T19656] vhci_hcd: cannot find the pending unlink 5 [ 488.711434][T19655] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=19655 comm=syz.0.5512 [ 488.716902][T19655] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=19655 comm=syz.0.5512 [ 488.722624][T19655] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=19655 comm=syz.0.5512 [ 488.766745][ T39] audit: type=1800 audit(2000000022.240:1570): pid=19655 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.5512" name="bus" dev="sda1" ino=2010 res=0 errno=0 [ 488.818746][T19656] vhci_hcd: connection closed [ 488.819318][ T11] vhci_hcd: stop threads [ 488.824047][ T11] vhci_hcd: release socket [ 488.826989][ T11] vhci_hcd: disconnect device [ 488.891532][ T5258] vhci_hcd: vhci_device speed not set [ 489.271961][T19685] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5523'. [ 489.480663][T19693] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5527'. [ 489.495074][ C3] vcan0: j1939_xtp_rx_dat: no rx connection found [ 489.498197][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.501610][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.505080][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.509266][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.513640][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.517528][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.521410][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.524965][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.528475][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.532315][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.535839][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.539157][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.542562][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.546081][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.549782][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.552897][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.556727][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.560388][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.563976][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.567297][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.570448][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.573728][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.577131][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.580415][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.583725][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.587479][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.592992][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.596707][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.600290][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.604978][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.608908][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.611915][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.615485][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.618999][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.622748][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.626314][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.629581][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.633281][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.636853][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.640538][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.644656][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.649123][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.654259][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.659099][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.662565][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.666672][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.670701][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.673823][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.676990][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.680551][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.684094][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.687595][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.691013][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.694368][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.697156][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.699743][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.702734][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.705872][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.709111][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.712860][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.716647][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.720151][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.723352][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.726766][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.730462][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.734323][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.738160][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.741789][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.745338][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.749574][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.753515][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.756819][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.760305][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.763668][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.767233][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.770772][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.774673][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.778777][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.782460][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.785572][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.788243][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.791322][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.795198][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.798341][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.802070][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.805505][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.808783][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.811658][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.814810][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.817958][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.821428][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.824866][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.827750][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.831224][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.834344][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.837609][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.841157][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 489.844677][ C3] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 489.876113][T19694] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5525'. [ 491.040314][ T39] audit: type=1400 audit(2000000024.520:1571): avc: denied { read } for pid=19741 comm="syz.0.5548" name="file0" dev="sda1" ino=2014 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=chr_file permissive=1 [ 491.054717][ T39] audit: type=1400 audit(2000000024.520:1572): avc: denied { open } for pid=19741 comm="syz.0.5548" path="/syzkaller.Vw89jL/517/file0" dev="sda1" ino=2014 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=chr_file permissive=1 [ 491.069447][T19744] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5549'. [ 491.619576][T19766] netlink: 'syz.1.5558': attribute type 21 has an invalid length. [ 491.623528][T19766] netlink: 'syz.1.5558': attribute type 4 has an invalid length. [ 491.855448][T19777] EXT4-fs warning (device sda1): verify_group_input:136: Cannot add at group 75 (only 8 groups) [ 491.969698][T19786] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 491.973017][T19786] IPv6: NLM_F_CREATE should be set when creating new route [ 491.976178][T19786] IPv6: NLM_F_CREATE should be set when creating new route [ 492.241115][T19801] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5573'. [ 492.320038][ T827] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 492.513579][ T827] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 492.518479][ T827] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 492.524506][ T827] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 492.530833][ T827] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 492.536482][ T827] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 492.542810][ T827] usb 7-1: config 0 descriptor?? [ 492.547786][T19790] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 492.816451][ T5209] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 492.830342][ T5209] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 492.839773][ T5209] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 492.851493][ T5209] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 492.859704][ T5209] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 492.864274][ T5209] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 493.024985][ T827] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 493.028617][ T827] plantronics 0003:047F:FFFF.000C: No inputs registered, leaving [ 493.052081][ T827] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 493.233415][ T1203] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.319226][T19818] chnl_net:caif_netlink_parms(): no params data found [ 493.465197][ T57] usb 7-1: USB disconnect, device number 23 [ 493.524642][ T1203] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.697870][ T1203] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.723196][T19818] bridge0: port 1(bridge_slave_0) entered blocking state [ 493.726339][T19818] bridge0: port 1(bridge_slave_0) entered disabled state [ 493.731644][T19818] bridge_slave_0: entered allmulticast mode [ 493.736146][T19818] bridge_slave_0: entered promiscuous mode [ 493.752698][T19818] bridge0: port 2(bridge_slave_1) entered blocking state [ 493.755852][T19818] bridge0: port 2(bridge_slave_1) entered disabled state [ 493.759017][T19818] bridge_slave_1: entered allmulticast mode [ 493.763630][T19818] bridge_slave_1: entered promiscuous mode [ 493.845610][ T1203] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.892281][T19818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 493.903025][T19818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 494.010830][T19818] team0: Port device team_slave_0 added [ 494.050215][T19818] team0: Port device team_slave_1 added [ 494.206391][T19818] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 494.209511][T19818] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 494.222001][T19818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 494.234626][T19818] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 494.237749][T19818] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 494.258356][T19818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 494.282945][ T1203] veth0: left allmulticast mode [ 494.284994][ T1203] veth0: left promiscuous mode [ 494.288114][ T1203] bridge0: port 1(veth0) entered disabled state [ 494.420076][ T5090] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 494.622479][ T5090] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11 [ 494.628167][ T5090] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 494.634321][ T5090] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 494.642058][ T5090] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 494.646912][ T5090] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.653504][ T5090] usb 7-1: config 0 descriptor?? [ 494.657440][T19850] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 494.900491][ T1203] bond0 (unregistering): Released all slaves [ 494.969305][T19818] hsr_slave_0: entered promiscuous mode [ 494.971629][ T5209] Bluetooth: hci4: command tx timeout [ 494.989213][T19818] hsr_slave_1: entered promiscuous mode [ 495.018205][ T1203] tipc: Left network mode [ 495.091680][ T5090] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 495.097696][ T5090] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving [ 495.119224][ T5090] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 495.388250][ T1203] hsr_slave_0: left promiscuous mode [ 495.412313][ T1203] hsr_slave_1: left promiscuous mode [ 495.464074][ T1203] veth1_macvtap: left promiscuous mode [ 495.466664][ T1203] veth0_macvtap: left promiscuous mode [ 495.469307][ T1203] veth1_vlan: left promiscuous mode [ 495.472328][ T1203] veth0_vlan: left promiscuous mode [ 495.480928][ T5090] usb 7-1: USB disconnect, device number 24 [ 497.064132][ T5209] Bluetooth: hci4: command tx timeout [ 497.102955][ T39] audit: type=1400 audit(2000000030.570:1573): avc: denied { ioctl } for pid=19932 comm="syz.3.5620" path="socket:[87056]" dev="sockfs" ino=87056 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 497.326189][T19946] QAT: failed to copy from user cfg_data. [ 497.941892][T19971] hub 6-0:1.0: USB hub found [ 497.961260][T19971] hub 6-0:1.0: 1 port detected [ 499.130172][ T5210] Bluetooth: hci4: command tx timeout [ 499.300768][ T5210] Bluetooth: hci1: command 0x0406 tx timeout [ 499.647553][T19936] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 499.656671][T19936] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 499.726660][ T39] audit: type=1400 audit(2000000033.200:1574): avc: denied { write } for pid=19973 comm="syz.2.5639" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 499.872100][T19982] Bluetooth: MGMT ver 1.22 [ 500.109558][T19818] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 500.119776][T19818] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 500.128618][T19818] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 500.137954][T19818] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 500.225520][T19818] 8021q: adding VLAN 0 to HW filter on device bond0 [ 500.246218][T19818] 8021q: adding VLAN 0 to HW filter on device team0 [ 500.256914][ T5090] bridge0: port 1(bridge_slave_0) entered blocking state [ 500.260181][ T5090] bridge0: port 1(bridge_slave_0) entered forwarding state [ 500.279823][ T5090] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.282697][ T5090] bridge0: port 2(bridge_slave_1) entered forwarding state [ 500.303502][ T39] audit: type=1804 audit(2000000033.780:1575): pid=20005 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.5654" name="/syzkaller.iCFs9t/136/file0" dev="sda1" ino=1996 res=1 errno=0 [ 500.304385][T20005] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5654'. [ 500.316654][T20005] netlink: 59 bytes leftover after parsing attributes in process `syz.2.5654'. [ 500.325133][ T39] audit: type=1804 audit(2000000033.800:1576): pid=20005 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.2.5654" name="/syzkaller.iCFs9t/136/file0" dev="sda1" ino=1996 res=1 errno=0 [ 500.336896][ T39] audit: type=1804 audit(2000000033.800:1577): pid=20005 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.5654" name="/syzkaller.iCFs9t/136/file0" dev="sda1" ino=1996 res=1 errno=0 [ 500.346944][ T39] audit: type=1804 audit(2000000033.800:1578): pid=20005 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.5654" name="/syzkaller.iCFs9t/136/file0" dev="sda1" ino=1996 res=1 errno=0 [ 500.356779][ T39] audit: type=1800 audit(2000000033.800:1579): pid=20005 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.5654" name="bus" dev="sda1" ino=2011 res=0 errno=0 [ 500.401804][T20012] bridge0: port 1(erspan0) entered blocking state [ 500.404015][T20012] bridge0: port 1(erspan0) entered disabled state [ 500.406418][T20012] erspan0: entered allmulticast mode [ 500.410885][T20012] erspan0: entered promiscuous mode [ 500.414282][T20012] bridge0: port 1(erspan0) entered blocking state [ 500.417340][T20012] bridge0: port 1(erspan0) entered forwarding state [ 500.461502][T19818] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 500.522281][T19818] veth0_vlan: entered promiscuous mode [ 500.531388][T20019] syz.1.5658 uses old SIOCAX25GETINFO [ 500.531458][T19818] veth1_vlan: entered promiscuous mode [ 500.559127][T19818] veth0_macvtap: entered promiscuous mode [ 500.585693][T19818] veth1_macvtap: entered promiscuous mode [ 500.603604][T19818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 500.608365][T19818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.617468][T19818] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 500.627265][T19818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 500.632543][T19818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.638032][T19818] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 500.648454][T19818] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 500.652338][T19818] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 500.655886][T19818] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 500.659352][T19818] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 500.768615][T20031] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5664'. [ 500.785291][T20031] bond2: entered promiscuous mode [ 500.796560][T20033] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5664'. [ 500.800772][T20033] bond2: entered allmulticast mode [ 500.803219][T20033] 8021q: adding VLAN 0 to HW filter on device bond2 [ 500.814101][ T107] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 500.817608][ T107] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 500.879716][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 500.884457][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 501.178358][T20059] hub 6-0:1.0: USB hub found [ 501.181005][T20059] hub 6-0:1.0: 1 port detected [ 501.210190][ T5209] Bluetooth: hci4: command tx timeout [ 501.283780][T20070] netlink: 108 bytes leftover after parsing attributes in process `syz.2.5678'. [ 501.287805][T20070] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5678'. [ 501.288859][ T39] audit: type=1400 audit(2000000034.760:1580): avc: denied { watch_reads } for pid=20071 comm="syz.3.5679" path="/syzkaller.tIzYXL/430/file0" dev="sda1" ino=2011 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 501.454214][ T39] audit: type=1804 audit(2000000034.930:1581): pid=20088 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.5686" name="/syzkaller.tIzYXL/432/file0" dev="sda1" ino=2011 res=1 errno=0 [ 501.459767][T20088] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5686'. [ 501.467954][T20088] netlink: 59 bytes leftover after parsing attributes in process `syz.3.5686'. [ 501.476133][T20089] netlink: 164 bytes leftover after parsing attributes in process `syz.1.5687'. [ 501.495964][ T39] audit: type=1804 audit(2000000034.970:1582): pid=20088 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.3.5686" name="/syzkaller.tIzYXL/432/file0" dev="sda1" ino=2011 res=1 errno=0 [ 501.520031][ T30] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 501.619613][T20098] netlink: 108 bytes leftover after parsing attributes in process `syz.2.5692'. [ 501.750156][ T30] usb 5-1: Using ep0 maxpacket: 8 [ 501.757148][ T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 501.762838][ T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 501.768744][ T30] usb 5-1: New USB device found, idVendor=056a, idProduct=0003, bcdDevice= 0.00 [ 501.773938][ T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 501.780929][ T30] usb 5-1: config 0 descriptor?? [ 502.209688][ T30] hid (null): global environment stack underflow [ 502.217823][ T30] wacom 0003:056A:0003.000E: global environment stack underflow [ 502.224098][ T30] wacom 0003:056A:0003.000E: item 0 1 1 11 parsing failed [ 502.233496][ T30] wacom 0003:056A:0003.000E: parse failed [ 502.236252][ T30] wacom 0003:056A:0003.000E: probe with driver wacom failed with error -22 [ 502.436394][ T57] usb 5-1: USB disconnect, device number 24 [ 502.553804][ T39] kauditd_printk_skb: 4 callbacks suppressed [ 502.553820][ T39] audit: type=1800 audit(2000000036.030:1587): pid=20187 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.5730" name="file1" dev="sda1" ino=2021 res=0 errno=0 [ 502.586635][ T39] audit: type=1800 audit(2000000036.060:1588): pid=20187 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.5730" name="file2" dev="sda1" ino=2022 res=0 errno=0 [ 502.588517][T20187] netlink: 'syz.1.5730': attribute type 3 has an invalid length. [ 502.985887][ T39] audit: type=1800 audit(2000000036.460:1589): pid=20216 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.5744" name="file1" dev="sda1" ino=2007 res=0 errno=0 [ 503.014911][ T39] audit: type=1800 audit(2000000036.490:1590): pid=20216 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.5744" name="file2" dev="sda1" ino=2009 res=0 errno=0 [ 503.029675][T20216] netlink: 'syz.3.5744': attribute type 3 has an invalid length. [ 503.223543][T20234] netlink: 'syz.1.5753': attribute type 1 has an invalid length. [ 503.288082][ T39] audit: type=1800 audit(2000000036.760:1591): pid=20241 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.5757" name="file1" dev="sda1" ino=2001 res=0 errno=0 [ 503.322253][ T39] audit: type=1800 audit(2000000036.800:1592): pid=20241 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.5757" name="file2" dev="sda1" ino=2020 res=0 errno=0 [ 503.327094][T20241] netlink: 'syz.3.5757': attribute type 3 has an invalid length. [ 503.399029][ T39] audit: type=1401 audit(2000000036.870:1593): op=fscreate invalid_context=2321202E2F66696C6530 [ 503.399641][T20250] [ 503.405670][T20250] ====================================================== [ 503.408813][T20250] WARNING: possible circular locking dependency detected [ 503.412648][T20250] 6.10.0-rc6-syzkaller-00051-g1dfe225e9af5 #0 Not tainted [ 503.417929][T20250] ------------------------------------------------------ [ 503.421926][T20250] syz.1.5756/20250 is trying to acquire lock: [ 503.424560][T20250] ffff888043bbf058 (sk_lock-AF_SMC){+.+.}-{0:0}, at: smc_shutdown+0x65/0x800 [ 503.428878][T20250] SYZFAIL: failed to recv rpc fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor) [ 503.428878][T20250] but task is already holding lock: [ 503.442924][T20250] ffff8880210a2970 (&nsock->tx_lock){+.+.}-{3:3}, at: sock_shutdown+0x16f/0x280 [ 503.446527][T20250] [ 503.446527][T20250] which lock already depends on the new lock. [ 503.446527][T20250] [ 503.450491][T20250] [ 503.450491][T20250] the existing dependency chain (in reverse order) is: [ 503.458170][T20250] [ 503.458170][T20250] -> #7 (&nsock->tx_lock){+.+.}-{3:3}: [ 503.461350][T20250] __mutex_lock+0x175/0x9c0 [ 503.463387][T20250] nbd_disconnect+0x321/0x540 [ 503.465496][T20250] nbd_disconnect_and_put+0x2c/0x170 [ 503.467548][T20250] nbd_genl_disconnect+0x398/0x570 [ 503.481273][T20250] genl_family_rcv_msg_doit+0x202/0x2f0 [ 503.483945][T20250] genl_rcv_msg+0x565/0x800 [ 503.486652][T20250] netlink_rcv_skb+0x16b/0x440 [ 503.488900][T20250] genl_rcv+0x28/0x40 [ 503.490969][T20250] netlink_unicast+0x542/0x820 [ 503.493586][T20250] netlink_sendmsg+0x8b8/0xd70 [ 503.496401][T20250] ____sys_sendmsg+0xab5/0xc90 [ 503.498828][T20250] ___sys_sendmsg+0x135/0x1e0 [ 503.501182][T20250] __sys_sendmsg+0x117/0x1f0 [ 503.503528][T20250] do_syscall_64+0xcd/0x250 [ 503.505715][T20250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.508403][T20250] [ 503.508403][T20250] -> #6 (&nbd->config_lock){+.+.}-{3:3}: [ 503.512029][T20250] __mutex_lock+0x175/0x9c0 [ 503.514412][T20250] refcount_dec_and_mutex_lock+0x51/0xe0 [ 503.517748][T20250] nbd_config_put+0x31/0x750 [ 503.520812][T20250] nbd_release+0xb7/0x190 [ 503.523249][T20250] blkdev_put_whole+0xad/0xf0 [ 503.526325][T20250] bdev_release+0x496/0x6f0 [ 503.528602][T20250] blkdev_release+0x15/0x20 [ 503.531049][T20250] __fput+0x408/0xbb0 [ 503.533176][T20250] __fput_sync+0x47/0x50 [ 503.535080][T20250] __x64_sys_close+0x86/0x100 [ 503.537338][T20250] do_syscall_64+0xcd/0x250 [ 503.539409][T20250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.542173][T20250] [ 503.542173][T20250] -> #5 (&disk->open_mutex){+.+.}-{3:3}: [ 503.545674][T20250] __mutex_lock+0x175/0x9c0 [ 503.547910][T20250] bdev_open+0x41a/0xe50 [ 503.550036][T20250] bdev_file_open_by_dev+0x17d/0x210 [ 503.552482][T20250] disk_scan_partitions+0x1ed/0x320 [ 503.555061][T20250] device_add_disk+0xe97/0x1250 [ 503.557517][T20250] pmem_attach_disk+0x9fe/0x1400 [ 503.559844][T20250] nd_pmem_probe+0x1a9/0x1f0 [ 503.562046][T20250] nvdimm_bus_probe+0x169/0x5d0 [ 503.564377][T20250] really_probe+0x23e/0xa90 [ 503.566633][T20250] __driver_probe_device+0x1de/0x440 [ 503.569107][T20250] driver_probe_device+0x4c/0x1b0 [ 503.571454][T20250] __driver_attach+0x283/0x580 [ 503.573717][T20250] bus_for_each_dev+0x13c/0x1d0 [ 503.576063][T20250] bus_add_driver+0x2e9/0x690 [ 503.578297][T20250] driver_register+0x15c/0x4b0 [ 503.580114][T20250] __nd_driver_register+0x103/0x1a0 [ 503.582266][T20250] do_one_initcall+0x128/0x700 [ 503.584305][T20250] kernel_init_freeable+0x69d/0xca0 [ 503.586709][T20250] kernel_init+0x1c/0x2b0 [ 503.588844][T20250] ret_from_fork+0x45/0x80 [ 503.591007][T20250] ret_from_fork_asm+0x1a/0x30 [ 503.593358][T20250] [ 503.593358][T20250] -> #4 (&nvdimm_namespace_key){+.+.}-{3:3}: [ 503.597043][T20250] __mutex_lock+0x175/0x9c0 [ 503.599208][T20250] uevent_show+0x188/0x3b0 [ 503.601436][T20250] dev_attr_show+0x53/0xe0 [ 503.603647][T20250] sysfs_kf_seq_show+0x23e/0x410 [ 503.606066][T20250] seq_read_iter+0x4fa/0x12c0 [ 503.608387][T20250] kernfs_fop_read_iter+0x41a/0x590 [ 503.610689][T20250] vfs_read+0x869/0xbd0 [ 503.612812][T20250] ksys_read+0x12f/0x260 [ 503.614995][T20250] do_syscall_64+0xcd/0x250 [ 503.617359][T20250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.620684][T20250] [ 503.620684][T20250] -> #3 (kn->active#5){++++}-{0:0}: [ 503.623926][T20250] kernfs_drain+0x48f/0x590 [ 503.626207][T20250] __kernfs_remove+0x281/0x670 [ 503.628439][T20250] kernfs_remove_by_name_ns+0xb2/0x130 [ 503.631027][T20250] device_del+0x381/0x9f0 [ 503.633224][T20250] unregister_netdevice_many_notify+0xc8a/0x19f0 [ 503.636302][T20250] unregister_netdevice_queue+0x307/0x3f0 [ 503.638960][T20250] unregister_netdev+0x1c/0x30 [ 503.641245][T20250] gprs_attach+0x4ce/0x5e0 [ 503.643523][T20250] pep_setsockopt+0x419/0x510 [ 503.645929][T20250] do_sock_setsockopt+0x222/0x480 [ 503.648162][T20250] __sys_setsockopt+0x1a4/0x270 [ 503.650430][T20250] __x64_sys_setsockopt+0xbd/0x160 [ 503.652991][T20250] do_syscall_64+0xcd/0x250 [ 503.655125][T20250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.658015][T20250] [ 503.658015][T20250] -> #2 (rtnl_mutex){+.+.}-{3:3}: [ 503.661200][T20250] __mutex_lock+0x175/0x9c0 [ 503.663376][T20250] do_ipv6_setsockopt+0x2162/0x47b0 [ 503.665816][T20250] ipv6_setsockopt+0xe3/0x1a0 [ 503.667935][T20250] tcp_setsockopt+0xa4/0x100 [ 503.669959][T20250] smc_setsockopt+0x1b4/0xa00 [ 503.672015][T20250] do_sock_setsockopt+0x222/0x480 [ 503.673910][T20250] __sys_setsockopt+0x1a4/0x270 [ 503.676449][T20250] __x64_sys_setsockopt+0xbd/0x160 [ 503.678542][T20250] do_syscall_64+0xcd/0x250 [ 503.680803][T20250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.683562][T20250] [ 503.683562][T20250] -> #1 (&smc->clcsock_release_lock){+.+.}-{3:3}: [ 503.687236][T20250] __mutex_lock+0x175/0x9c0 [ 503.689351][T20250] smc_switch_to_fallback+0x2d/0xa00 [ 503.691531][T20250] smc_sendmsg+0x13d/0x520 [ 503.693618][T20250] ____sys_sendmsg+0xab5/0xc90 [ 503.695872][T20250] ___sys_sendmsg+0x135/0x1e0 [ 503.698049][T20250] __sys_sendmmsg+0x1a1/0x450 [ 503.700240][T20250] __x64_sys_sendmmsg+0x9c/0x100 [ 503.702578][T20250] do_syscall_64+0xcd/0x250 [ 503.704775][T20250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.707387][T20250] [ 503.707387][T20250] -> #0 (sk_lock-AF_SMC){+.+.}-{0:0}: [ 503.710098][T20250] __lock_acquire+0x2478/0x3b30 [ 503.712222][T20250] lock_acquire+0x1b1/0x560 [ 503.714423][T20250] lock_sock_nested+0x3a/0xf0 [ 503.716706][T20250] smc_shutdown+0x65/0x800 [ 503.718935][T20250] nbd_mark_nsock_dead+0xae/0x5d0 [ 503.721141][T20250] sock_shutdown+0x17c/0x280 [ 503.722705][T20250] nbd_ioctl+0x49b/0xfd0 [ 503.724144][T20250] blkdev_ioctl+0x27c/0x6e0 [ 503.725966][T20250] __x64_sys_ioctl+0x193/0x220 [ 503.728002][T20250] do_syscall_64+0xcd/0x250 [ 503.729873][T20250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.732300][T20250] [ 503.732300][T20250] other info that might help us debug this: [ 503.732300][T20250] [ 503.736102][T20250] Chain exists of: [ 503.736102][T20250] sk_lock-AF_SMC --> &nbd->config_lock --> &nsock->tx_lock [ 503.736102][T20250] [ 503.740992][T20250] Possible unsafe locking scenario: [ 503.740992][T20250] [ 503.744371][T20250] CPU0 CPU1 [ 503.746770][T20250] ---- ---- [ 503.748964][T20250] lock(&nsock->tx_lock); [ 503.750701][T20250] lock(&nbd->config_lock); [ 503.753729][T20250] lock(&nsock->tx_lock); [ 503.756551][T20250] lock(sk_lock-AF_SMC); [ 503.758220][T20250] [ 503.758220][T20250] *** DEADLOCK *** [ 503.758220][T20250] [ 503.760717][T20250] 2 locks held by syz.1.5756/20250: [ 503.762836][T20250] #0: ffff888021dd2198 (&nbd->config_lock){+.+.}-{3:3}, at: nbd_ioctl+0x151/0xfd0 [ 503.766932][T20250] #1: ffff8880210a2970 (&nsock->tx_lock){+.+.}-{3:3}, at: sock_shutdown+0x16f/0x280 [ 503.770708][T20250] [ 503.770708][T20250] stack backtrace: [ 503.773048][T20250] CPU: 0 PID: 20250 Comm: syz.1.5756 Not tainted 6.10.0-rc6-syzkaller-00051-g1dfe225e9af5 #0 [ 503.777156][T20250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 503.781661][T20250] Call Trace: [ 503.783114][T20250] [ 503.784436][T20250] dump_stack_lvl+0x116/0x1f0 [ 503.786533][T20250] check_noncircular+0x31a/0x400 [ 503.788693][T20250] ? __pfx_check_noncircular+0x10/0x10 [ 503.791036][T20250] ? register_lock_class+0xb1/0x1230 [ 503.793351][T20250] ? lockdep_lock+0xc6/0x200 [ 503.795429][T20250] ? __pfx_lockdep_lock+0x10/0x10 [ 503.797666][T20250] __lock_acquire+0x2478/0x3b30 [ 503.799811][T20250] ? __pfx___lock_acquire+0x10/0x10 [ 503.801773][T20250] lock_acquire+0x1b1/0x560 [ 503.803623][T20250] ? smc_shutdown+0x65/0x800 [ 503.805583][T20250] ? __pfx_lock_acquire+0x10/0x10 [ 503.807575][T20250] ? __mutex_lock+0x1a6/0x9c0 [ 503.809349][T20250] ? sock_shutdown+0x16f/0x280 [ 503.811326][T20250] lock_sock_nested+0x3a/0xf0 [ 503.813303][T20250] ? smc_shutdown+0x65/0x800 [ 503.815266][T20250] smc_shutdown+0x65/0x800 [ 503.817131][T20250] nbd_mark_nsock_dead+0xae/0x5d0 [ 503.819120][T20250] sock_shutdown+0x17c/0x280 [ 503.821186][T20250] nbd_ioctl+0x49b/0xfd0 [ 503.822861][T20250] ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470 [ 503.825499][T20250] ? __pfx_nbd_ioctl+0x10/0x10 [ 503.827569][T20250] ? find_held_lock+0x59/0x110 [ 503.829682][T20250] ? __pfx_nbd_ioctl+0x10/0x10 [ 503.831765][T20250] blkdev_ioctl+0x27c/0x6e0 [ 503.833815][T20250] ? __pfx_blkdev_ioctl+0x10/0x10 [ 503.836029][T20250] ? selinux_file_ioctl+0xb4/0x270 [ 503.838255][T20250] ? __pfx_blkdev_ioctl+0x10/0x10 [ 503.840449][T20250] __x64_sys_ioctl+0x193/0x220 [ 503.842481][T20250] do_syscall_64+0xcd/0x250 [ 503.844452][T20250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.846704][T20250] RIP: 0033:0x7fc301975ed9 [ 503.848156][T20250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 503.854718][T20250] RSP: 002b:00007fc302792048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 503.857430][T20250] RAX: ffffffffffffffda RBX: 00007fc301b04038 RCX: 00007fc301975ed9 [ 503.860319][T20250] RDX: 0000000000000000 RSI: 000000000000ab04 RDI: 0000000000000003 [ 503.863583][T20250] RBP: 00007fc3019e49e5 R08: 0000000000000000 R09: 0000000000000000 [ 503.866961][T20250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 503.870336][T20250] R13: 000000000000006e R14: 00007fc301b04038 R15: 00007ffc819d5788 [ 503.873693][T20250] [ 503.877024][T20250] block nbd1: shutting down sockets [ 504.314537][ T107] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 504.410091][ T107] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 504.505377][ T107] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 504.625879][ T107] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 504.747271][ T107] erspan0: left allmulticast mode [ 504.749376][ T107] erspan0: left promiscuous mode [ 504.752086][ T107] bridge0: port 1(erspan0) entered disabled state [ 505.060682][ C1] vkms_vblank_simulate: vblank timer overrun [ 505.140359][ T107] bond0 (unregistering): Released all slaves [ 505.149098][ T107] bond1 (unregistering): Released all slaves [ 505.313885][ T107] bond2 (unregistering): Released all slaves [ 505.641713][ T107] hsr_slave_0: left promiscuous mode [ 505.646521][ T107] hsr_slave_1: left promiscuous mode [ 505.654549][ T107] veth1_macvtap: left promiscuous mode [ 505.657470][ T107] veth0_macvtap: left promiscuous mode [ 505.660606][ T107] veth1_vlan: left promiscuous mode [ 505.663086][ T107] veth0_vlan: left promiscuous mode [ 507.374700][ T107] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 507.441245][ T107] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 507.463354][ T1357] ieee802154 phy0 wpan0: encryption failed: -22 [ 507.466806][ T1357] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.508806][ T107] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 507.569698][ T107] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 507.685076][ T107] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 507.746791][ T107] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 507.838127][ T107] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 507.905849][ T107] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.046000][ T107] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.117505][ T107] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.195878][ T107] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.275362][ T107] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.362843][ T107] bridge_slave_1: left allmulticast mode [ 508.365100][ T107] bridge_slave_1: left promiscuous mode [ 508.367875][ T107] bridge0: port 2(bridge_slave_1) entered disabled state [ 508.372980][ T107] bridge_slave_0: left allmulticast mode [ 508.375309][ T107] bridge_slave_0: left promiscuous mode [ 508.377770][ T107] bridge0: port 1(bridge_slave_0) entered disabled state [ 508.384998][ T107] veth0: left allmulticast mode [ 508.387143][ T107] veth0: left promiscuous mode [ 508.389197][ T107] bridge0: port 1(veth0) entered disabled state [ 508.987535][ T107] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 508.993782][ T107] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 508.999578][ T107] bond0 (unregistering): Released all slaves [ 509.192434][ T107] bond0 (unregistering): Released all slaves [ 509.349772][ T107] bond0 (unregistering): Released all slaves [ 510.081434][ T107] hsr_slave_0: left promiscuous mode [ 510.084632][ T107] hsr_slave_1: left promiscuous mode [ 510.088308][ T107] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 510.092559][ T107] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 510.096790][ T107] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 510.100266][ T107] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 510.108897][ T107] hsr_slave_0: left promiscuous mode [ 510.112359][ T107] hsr_slave_1: left promiscuous mode [ 510.118878][ T107] hsr_slave_0: left promiscuous mode [ 510.122778][ T107] hsr_slave_1: left promiscuous mode [ 510.130639][ T107] veth1_macvtap: left promiscuous mode [ 510.133166][ T107] veth0_macvtap: left promiscuous mode [ 510.135763][ T107] veth1_vlan: left promiscuous mode [ 510.138245][ T107] veth0_vlan: left promiscuous mode [ 510.141927][ T107] veth1_macvtap: left promiscuous mode [ 510.144455][ T107] veth0_macvtap: left promiscuous mode [ 510.147856][ T107] veth1_vlan: left promiscuous mode [ 510.150805][ T107] veth0_vlan: left promiscuous mode [ 510.155694][ T107] veth1_macvtap: left promiscuous mode [ 510.158298][ T107] veth0_macvtap: left promiscuous mode [ 510.162537][ T107] veth1_vlan: left promiscuous mode [ 510.164977][ T107] veth0_vlan: left promiscuous mode [ 510.726097][ T107] team0 (unregistering): Port device team_slave_1 removed [ 510.837605][ T107] team0 (unregistering): Port device team_slave_0 removed [ 511.197609][ T107] team0 (unregistering): Port device virt_wifi0 removed VM DIAGNOSIS: 08:56:45 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fd28b5 RDI=ffffffff94dd91a0 RBP=ffffffff94dd9160 RSP=ffffc90003587430 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e30312e36 R12=0000000000000000 R13=0000000000000020 R14=ffffffff84fd2850 R15=0000000000000000 RIP=ffffffff84fd28df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fc3027926c0 ffffffff 00c00000 GS =0000 ffff88806b000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fc302791fa8 CR3=0000000039d38000 CR4=00350ef0 DR0=0000000000000000 DR1=000000000000000a DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3019e4269 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3019e4276 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3019e4270 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3019e4284 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3019e430a ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3019e43e8 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc301ad4488 00007fc301ad4480 00007fc301ad4478 00007fc301ad4450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc30263d100 00007fc301ad4440 00007fc301ad4458 00007fc301ad44a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc301ad4498 00007fc301ad4490 00007fc301ad4488 00007fc301ad4480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffffc900008afe60 RCX=ffffffff813cd8ff RDX=ffff88801dc78000 RSI=ffffffff813cd911 RDI=0000000000000006 RBP=0000000000000002 RSP=ffffc900008afde0 R8 =0000000000000006 R9 =ffffffff8633a379 R10=ffffffff8b200000 R11=0000000000000000 R12=ffffffff8633a379 R13=0000000000000000 R14=ffffc900008aff20 R15=ffffc900008afe95 RIP=ffffffff813cd911 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fe8456bed00 ffffffff 00c00000 GS =0000 ffff88806b100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f4c0c5fa8c8 CR3=0000000012b88000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 ZMM17=352128fb4239eed6 50bc529cb7eaac6f 352128fb4239eed6 50bc529cb7eaac6f 352128fb4239eed6 50bc529cb7eaac6f 352128fb4239eed6 50bc529cb7eaac6f ZMM18=45b672084f770086 f2bbb8948347a418 45b672084f770086 f2bbb8948347a418 45b672084f770086 f2bbb8948347a418 45b672084f770086 f2bbb8948347a418 ZMM19=9843000000000000 0000000000000204 9843000000000000 0000000000000203 9843000000000000 0000000000000202 9843000000000000 0000000000000201 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=50bc529c50bc529c 50bc529c50bc529c 50bc529c50bc529c 50bc529c50bc529c 50bc529c50bc529c 50bc529c50bc529c 50bc529c50bc529c 50bc529c50bc529c ZMM22=4239eed64239eed6 4239eed64239eed6 4239eed64239eed6 4239eed64239eed6 4239eed64239eed6 4239eed64239eed6 4239eed64239eed6 4239eed64239eed6 ZMM23=352128fb352128fb 352128fb352128fb 352128fb352128fb 352128fb352128fb 352128fb352128fb 352128fb352128fb 352128fb352128fb 352128fb352128fb ZMM24=8347a4188347a418 8347a4188347a418 8347a4188347a418 8347a4188347a418 8347a4188347a418 8347a4188347a418 8347a4188347a418 8347a4188347a418 ZMM25=f2bbb894f2bbb894 f2bbb894f2bbb894 f2bbb894f2bbb894 f2bbb894f2bbb894 f2bbb894f2bbb894 f2bbb894f2bbb894 f2bbb894f2bbb894 f2bbb894f2bbb894 ZMM26=4f7700864f770086 4f7700864f770086 4f7700864f770086 4f7700864f770086 4f7700864f770086 4f7700864f770086 4f7700864f770086 4f7700864f770086 ZMM27=45b6720845b67208 45b6720845b67208 45b6720845b67208 45b6720845b67208 45b6720845b67208 45b6720845b67208 45b6720845b67208 45b6720845b67208 ZMM28=00000200000001ff 000001fe000001fd 000001fc000001fb 000001fa000001f9 000001f8000001f7 000001f6000001f5 000001f4000001f3 000001f2000001f1 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=9843000098430000 9843000098430000 9843000098430000 9843000098430000 9843000098430000 9843000098430000 9843000098430000 9843000098430000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffffc900009778b0 RCX=ffffffff813cd746 RDX=ffff888018ecc880 RSI=ffffffff813cd76b RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc900009777d0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000003 R12=dffffc0000000000 R13=fffff5200012ef18 R14=fffff5200012ef17 R15=ffffc900009778a8 RIP=ffffffff818de443 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b2ca1fffc CR3=0000000043092000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe4b1f8000 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f32c17e4269 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f32c17e4276 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f32c17e4270 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f32c17e4284 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f32c17e430a ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f32c17e43e8 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000080000001 RBX=ffffc90003cd74e8 RCX=ffffffff813cd516 RDX=ffff888022b90000 RSI=ffffffff813cd520 RDI=0000000000000005 RBP=ffffc90003cd7d10 RSP=ffffc90003cd7418 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffc90003cd74f0 R13=ffffc90003cd74f8 R14=ffffc90003cd0000 R15=0000000000000001 RIP=ffffffff818de428 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000555594ee9500 ffffffff 00c00000 GS =0000 ffff88806b300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f45c5cce2d8 CR3=000000003f2be000 CR4=00350ef0 DR0=0000000000000000 DR1=000000000000000a DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fffe0408 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd5cb5f5d0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f45c5be4269 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f45c5be4276 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f45c5be4270 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f45c5be4284 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f45c5be430a ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f45c5be43e8 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000004f800000006 0000034000000270 000001a0000000d0 0000000000000340 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000d000000000 0000034000000270 000001a0000000d0 000000000000001f ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000