last executing test programs: 1.990627591s ago: executing program 2 (id=620): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @link_local}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f00000002c0)=@newtaction={0x60, 0x30, 0x0, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_skbedit={0x48, 0x1, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x9}}}]}]}, 0x60}}, 0x0) r2 = add_key$user(&(0x7f0000000a40), &(0x7f0000000080)={'syz', 0x2}, &(0x7f0000000a80)='X', 0x1, 0xfffffffffffffffe) r3 = add_key$user(&(0x7f0000000180), &(0x7f0000000340)={'syz', 0x3}, &(0x7f0000000480)='.', 0x1, 0xfffffffffffffffd) r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xf1, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f00000000c0)={r2, r4, r3}, &(0x7f00000001c0)=""/241, 0xf1, &(0x7f0000000000)={&(0x7f0000000140)={'rmd160\x00'}}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x313) 1.584739397s ago: executing program 3 (id=624): semop(0x0, &(0x7f00000000c0)=[{0x0, 0xc63e}], 0x1) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000100)=@ethtool_channels={0x3c, 0x400, 0x8, 0x1, 0x9, 0x6, 0xfff, 0x10, 0x7}}) io_submit(0x0, 0x1, &(0x7f0000000180)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1ff, 0xffffffffffffffff, 0x0, 0x0, 0x4}]) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r1, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x7, 0x0, &(0x7f0000000040)={{0x0, 0x0, 0x2}}, 0xda14, 0x0}}) 1.500653971s ago: executing program 2 (id=625): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000080), 0x4) (async, rerun: 64) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x8000) (rerun: 64) r2 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x102) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f0000000040)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000600)={0x0, 0xfffffffffffffe57, r3, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000000200)={r4, 0x0, 0x0, 0x9, 0x0, [0x0], [0x2, 0x4], [0x0, 0x0, 0x0, 0x3], [0xffffffff7fffffff, 0x0, 0xfffffffffffffffd]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000100)={r5, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000800)={0x0, 0x0, r6}) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r0, 0x0) (async, rerun: 32) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) (async, rerun: 32) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7) (async, rerun: 32) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (rerun: 32) syz_emit_ethernet(0x2a, &(0x7f0000000040)={@random="8580f83288e1", @empty, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x1, 0x5, 0x1c, 0x67, 0x0, 0x2, 0x2, 0x0, @private=0xa010102, @broadcast}, {0x11, 0x81, 0x0, @remote}}}}}, 0x0) (async) socket$nl_route(0x10, 0x3, 0x0) 1.450680437s ago: executing program 2 (id=626): openat$cdrom(0xffffffffffffff9c, &(0x7f00000000c0), 0x285, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r1, &(0x7f000000a400)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$int_in(r3, 0x5452, &(0x7f0000000280)=0xffffffffffffffff) sendto$inet6(r3, &(0x7f0000000340)="a4", 0x1, 0x4000, &(0x7f0000000400)={0xa, 0x4e20, 0x0, @private1}, 0x1c) sendto$inet6(r3, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c) shutdown(r3, 0x1) ppoll(&(0x7f0000000040)=[{r3, 0x20}], 0x1, &(0x7f00000000c0), 0x0, 0x0) mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB="2c726f6f746d6f64653d30303015303030303030303030303030303034303030302c757365725f69643d", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=r2, @ANYBLOB=',\x00']) fsetxattr$security_ima(r0, &(0x7f0000000080), &(0x7f0000000480)=ANY=[@ANYBLOB='\a\x00'], 0x2, 0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x16, 0x16, &(0x7f00000001c0)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000150400003d0301000000000095000f00000000006926000000000000bf67000000000000450700000fff07003506000002000000170600000ee50014bf250000000000005d670000000000006507000006000000070700004c0001000f75000000000000bf54000000000000070400000400f9ff2d440100000000009500000000000000050000000000000095000700000000000172dbabb733a0e757c7c45402000000a2d23da04d1ffc187f9955911aa1a2ba7ba030c7267c2de00435fd253cc0f0d9b2c3127c46b0f4f95345de3188f0d808398d09ee4dc258d726eae098804de25df627a64ab8efde50fd7f1d58d67e684c45e506598bae66ea1a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d88ef4b2ee62652b07e8a4b6e6355cecc13a5ddf4157f2bfab7201112a30274101fceee66eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a44dd9ff4ae730ae9d0ae42d8814a8c96f101df7da839bcdd7b7c33c8cfe6fd599543ac604d8dd42fc66cdb79cd09ceeedce1e69f11967919f82b0276c90420d08897ee8514b43533f07132589a0a37110fd8571b1e69251bba35cd06c8bd430aafbecfd33757b7dc4803123e9107e5cceaec2a391f9b9b577295ac3864f6c1e30e6190a055953e18bedd1859acdd15af7209d15950f9195b401e74f8b5210e28d46dde2658b4695d9ac9ce7cbefc164a5454fc4da6104db281e18a8992b9f8c82b895da647e6ea4cb622314c5c48abfd620adf7757c23a31a619edcfb45a402c5fced05e5274e08a313d6c5fdd0a8d36b1a268056e6f7e9a6daa5632cda5ad2a9ebfac980c7db63137c226f712e522aad0f13b0e5b43d837d040f813d011538"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x253, 0x10, &(0x7f0000000000), 0x19f, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 678.114856ms ago: executing program 3 (id=628): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000000000002000bb0c00028005000100000000000800074000000000180006801400040020010000000000000000000000000001"], 0xac}}, 0x0) 677.510517ms ago: executing program 3 (id=630): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c040, 0x2) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000002480)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x5, &(0x7f0000000040)}, 0x0) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYRESOCT=r1, @ANYBLOB="33a9a637c04d165973", @ANYRES32=r2, @ANYRESDEC=r2, @ANYRESOCT=r1, @ANYRES64=0x0, @ANYRES8=r1], 0x20}, 0x1, 0x0, 0x0, 0x81}, 0x44) setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, &(0x7f0000000040), 0x4) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='nfs4\x00', 0x0, &(0x7f00000001c0)='\x01') r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$llc_int(r3, 0x10c, 0x1, &(0x7f0000000740), &(0x7f0000000000)=0x4) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r5 = memfd_secret(0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r5, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0xe) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) setsockopt$bt_hci_HCI_TIME_STAMP(r4, 0x0, 0x3, &(0x7f0000000100)=0x1, 0x4) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="580000001000030000000000fcdbdf2500000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028005000c00010000001c001a8018000a8014000700fc"], 0x58}, 0x1, 0x2, 0x0, 0x4004000}, 0x24000000) r6 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000180), 0x200, 0x0) r7 = syz_io_uring_setup(0x46ca, &(0x7f0000000340)={0x0, 0x0, 0x8, 0x2}, &(0x7f0000000100), &(0x7f00000000c0)) io_uring_enter(r7, 0xa3d, 0x79a, 0x0, 0x0, 0x0) r8 = io_uring_setup(0x6248, &(0x7f0000000280)) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r7, 0x18, 0x20000000, r9) syz_io_uring_submit(0x0, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x24, 0x10, r6, 0x0, &(0x7f0000000680)={&(0x7f0000000540)=@nfc_llcp, 0x80, &(0x7f0000000400)=[{&(0x7f0000000780)=""/4089, 0xff9}, {&(0x7f0000001780)=""/4087, 0xff7}, {&(0x7f00000003c0)=""/6, 0x6}, {&(0x7f0000002780)=""/4096, 0x1000}], 0x4, &(0x7f00000005c0)=""/192, 0xc0}, 0x0, 0x100, 0x1, {0x6, r9}}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = dup(r11) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r13, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) 620.608986ms ago: executing program 3 (id=631): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x0) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x3, [@type_tag={0x10, 0x0, 0x0, 0x12, 0x5}, @fwd={0xf}, @union={0x7, 0x3, 0x0, 0x5, 0x0, 0x6dc3, [{0xb, 0x0, 0x40000}, {0x5, 0x1, 0x8}, {0x10, 0x2, 0x9}]}]}, {0x0, [0x0]}}, &(0x7f00000003c0), 0x63, 0x0, 0x0, 0x4, 0x0, @void, @value}, 0x28) r3 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) writev(r3, &(0x7f0000000400)=[{&(0x7f0000000000)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}], 0x1) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000280)={0x53, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001d40)=@bloom_filter={0x1e, 0x3, 0x2, 0x4, 0x40221, r0, 0x8, '\x00', r1, r2, 0x2, 0x3, 0x3, 0x1, @void, @value, @void, @value}, 0x50) r5 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'ipvlan0\x00', 0x0}) r7 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000580)=ANY=[@ANYBLOB="3c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400038008000500", @ANYRES32=r6], 0x3c}}, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x2}, 0x38) syz_80211_inject_frame(&(0x7f0000000240)=@device_b, 0x0, 0xb5) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = socket$unix(0x1, 0x2, 0x0) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) r11 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r11, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x44, r10, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r12}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x44}, 0x1, 0x0, 0x0, 0x91}, 0x24044884) 620.171949ms ago: executing program 2 (id=633): r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x202280, 0x0) (async) r3 = socket(0x10, 0x803, 0x0) (async) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000280)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4309(aegis128-generic)\x00'}, 0x58) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) r8 = dup(r7) ioctl$KVM_SET_CPUID2(r8, 0x4008ae90, &(0x7f0000000540)=ANY=[@ANYBLOB="0100"]) (async, rerun: 64) ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xc0010140}]}) (async, rerun: 64) setsockopt$ALG_SET_AEAD_AUTHSIZE(r4, 0x117, 0x5, 0x0, 0x5) (async) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0xf00}, 0x0) (async) ioctl$KVM_SET_MSRS(r0, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="0700000000000000b201000000000000050000000000000500000000000000000700000000000000710a000000000000010000000700000016030000000000003442000000002000a40adeffffffffff000000000000000075020000000000000100000000000080c50b0000000000000300000000000000"]) (async, rerun: 32) setsockopt$MRT6_DONE(r3, 0x29, 0xc9, 0x0, 0x0) (rerun: 32) sendmsg$nl_route(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3800000056000100000000000000000007020000", @ANYRES32, @ANYBLOB="200001"], 0x38}}, 0x0) (async, rerun: 64) openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000240), 0x1a000, 0x0) (async, rerun: 64) r9 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CAP_X86_DISABLE_EXITS(r9, 0x4068aea3, &(0x7f0000000180)={0x8f, 0x0, 0xf}) (async, rerun: 32) ioctl$IOMMU_HWPT_INVALIDATE$TEST(r2, 0x3b8d, &(0x7f00000000c0)={0x20, 0x0, &(0x7f0000000040)=[{}], 0xdeadbeef, 0x8, 0x1}) (rerun: 32) 509.798426ms ago: executing program 1 (id=636): semop(0x0, &(0x7f00000000c0)=[{0x0, 0xc63e}], 0x1) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x270, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0203"], 0x10}}, 0x0) io_submit(0x0, 0x1, &(0x7f0000000180)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1ff, 0xffffffffffffffff, 0x0, 0x0, 0x4}]) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x7, 0x0, &(0x7f0000000040)={{0x0, 0x0, 0x2}}, 0xda14, 0x0}}) 508.695389ms ago: executing program 0 (id=637): socket$inet6(0xa, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x8840) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x12, 0x8, &(0x7f0000005640)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) listen(r0, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4) syz_emit_ethernet(0x4a, &(0x7f00000007c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600c0a3500140600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0) syz_emit_ethernet(0x36, &(0x7f0000000540)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0) 508.409236ms ago: executing program 1 (id=638): syz_emit_ethernet(0xda, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd602a1c990007110000000000000000000000000000000c00ff020000000000000000000000000001000004000000000000000000009c90780100000000000000b0575c7b4df2bddabab59df4a56afe54ba6a5d5d0d170fca692c77733846860829accf2af44c0e1aaaaf532417a91cadd9e65f82310f80cf64f46c761191fda0a250498ce1b5c603debf9e05d8de03dc3d73abde0da6c68c8d2dab5346224f905b3b904310b3bd00975f0a9f6cde9c5018586db672628c1415233979ba3df3d8a8490bce9cafc2ab6acde47761a48a70afb7d24deed6ccad1ed1458e45d9fa0d07e2dda86980a156902f64ce953039180f9801e5e0997e72c98a90526db1fd0555832b8469c3b170b3d6a8d4dcd9df4550d5988cda8307ff3b568379611280f12b945fc79c064235f93d"], 0x0) 507.91641ms ago: executing program 2 (id=639): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0500000003f01f00660000007f00000001"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000b00), &(0x7f0000000580), 0x7, r0}, 0x38) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) r3 = socket$inet6(0xa, 0x3, 0x87) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000280)={{{@in=@local, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0xfffe, 0x0, 0x0, 0x2}, {}, {0x2}, 0x0, 0x0, 0x1}, {{@in6=@loopback, 0x0, 0x6c}, 0x2, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1000000}}, 0xe4) sendmsg$nl_xfrm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@updpolicy={0xb8, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x8}, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}}}, 0xb8}}, 0x0) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000580)={r0, &(0x7f0000001600), &(0x7f0000000840)=""/227}, 0x20) 507.767767ms ago: executing program 0 (id=640): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000000)=0x5, 0x4) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="400000001e00010a0000000000000000ac1414aa0000000000050000000000000000000000000000ac1e000100000000"], 0x40}}, 0x0) r1 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x11c) mount(&(0x7f0000000000)=@sr0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040)='hpfs\x00', 0x11, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'team_slave_0\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) r6 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x5c, r6, 0x1, 0x0, 0x0, {0x1, 0x6c00000000000000}, [{{0x8, 0x1, r5}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x9}, {0x4}}, {0x8, 0x6, r3}}}]}}]}, 0x5c}, 0x1, 0xf000}, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000001, 0x12, r1, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) 450.593432ms ago: executing program 1 (id=641): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}, @func_proto]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x34, 0x13, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0) r1 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0) 449.776029ms ago: executing program 1 (id=642): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0xc0505405, &(0x7f00000000c0)={0x3}) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040)) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000500)={0x0, 0xfffffffffffffdfe, 0xfa00, {0x3, 0x0, 0x0, 0x4}}, 0x20) ioctl$SNDCTL_DSP_SYNC(r2, 0x5001, 0x0) ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r3, 0xc0844123, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f00000000c0)) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a80)=ANY=[@ANYBLOB="500000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e16000002800128009000100766c616e00000000180002800c0002000e0000000a00000013eea9eee3f4dfcf060001"], 0x50}}, 0x2) 448.888501ms ago: executing program 0 (id=643): r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x0, 0xfffffffc, {0x7, r3}, [@MDBA_SET_ENTRY={0x20, 0x1, {r3, 0x0, 0xfdeaf34cda3ab396, 0x3, {@ip4=@multicast2, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000004}, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), 0xffffffffffffffff) r6 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f0000000140)=0x200000000) write$vhost_msg_v2(r6, &(0x7f0000000980)={0x2, 0x0, {0x0, 0x4b, 0x0, 0x0, 0x2}}, 0x48) write$vhost_msg_v2(r6, &(0x7f0000002080)={0x2, 0x0, {&(0x7f0000001f80)=""/152, 0x98, 0x0, 0x0, 0x2}}, 0x48) write$vhost_msg_v2(r6, &(0x7f0000000640)={0x2, 0x0, {&(0x7f0000000440)=""/87, 0x57, 0x0, 0x3, 0x2}}, 0x48) r7 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r7, 0x0, 0x487, &(0x7f0000000b00), &(0x7f0000000b40)=0x30) write$vhost_msg_v2(r6, &(0x7f0000000200)={0x2, 0x0, {&(0x7f0000000540)=""/219, 0xdb, 0x0, 0x1, 0x2}}, 0x48) write$vhost_msg_v2(r6, &(0x7f0000000340)={0x2, 0x0, {&(0x7f00000018c0)=""/193, 0xc1, 0x0, 0x3, 0x2}}, 0x48) write$vhost_msg_v2(r6, &(0x7f00000003c0)={0x2, 0x0, {&(0x7f00000002c0)=""/119, 0xfca2, 0x0, 0x0, 0x3}}, 0x48) sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x1c, r5, 0x1, 0x70bd30, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0xc14) write$vhost_msg_v2(r0, &(0x7f00000004c0)={0x2, 0x0, {&(0x7f0000000100)=""/36, 0x24, &(0x7f0000000180)=""/30, 0x3}}, 0x48) r8 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$inet_IP_IPSEC_POLICY(r8, 0x0, 0x10, &(0x7f00000002c0)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@empty, 0x4e20, 0x4, 0x4e22, 0x7, 0xa, 0xa0, 0x80, 0x73, r3, 0xee01}, {0x0, 0x7fffffffffffffff, 0x3, 0x3, 0x7, 0x80000000, 0x6, 0x3}, {0x34f8, 0x72, 0x0, 0x3}, 0x6, 0x6e6bad, 0x0, 0x0, 0x3, 0x3}, {{@in6=@local, 0x4d2, 0x32}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x1, 0x3, 0xff, 0x7, 0x3, 0x9}}, 0xe8) ioctl$USBDEVFS_WAIT_FOR_RESUME(r0, 0x5523) r9 = socket$nl_route(0x10, 0x3, 0x0) r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x14, 0x13, 0x1, 0x40000000, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1, 0x0, 0x0, 0x88}, 0x0) ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_wolinfo={0x4e, 0x2, 0x7fff, "fc0cdefb479b"}}) set_mempolicy(0x1, &(0x7f0000000000)=0xdd, 0x8004) r11 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) ioctl$CDROMVOLCTRL(r11, 0x5392, &(0x7f0000000040)={0x7, 0x53, 0x4e}) 389.960855ms ago: executing program 2 (id=644): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c0", 0x1}], 0x1, 0x0, 0x0, 0x4000}, 0x3500000000000000) r0 = socket$kcm(0x2, 0x1, 0x84) setsockopt$sock_attach_bpf(r0, 0x84, 0x84, &(0x7f0000000000), 0x90) sendmsg$inet(r0, &(0x7f0000000c00)={&(0x7f00000005c0)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000d40)=[{&(0x7f0000000880)="995e75", 0x3}], 0x1}, 0x20004090) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r1 = socket(0x40000000015, 0x5, 0x0) connect$inet(r1, &(0x7f00000002c0)={0x2, 0x0, @loopback}, 0x10) bind$inet(r1, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57) sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) recvmmsg(r1, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0) mount(0x0, 0x0, 0x0, 0x0, 0x0) r2 = open_tree(0xffffffffffffff9c, 0x0, 0x89901) setsockopt$CAN_RAW_LOOPBACK(r2, 0x65, 0x3, &(0x7f0000000100)=0x1, 0x4) fchdir(r2) r3 = open(0x0, 0x800, 0x0) clock_gettime(0x0, &(0x7f0000000d00)={0x0, 0x0}) recvmmsg$unix(r2, &(0x7f0000001080)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000002c0)=""/124, 0x7c}, {&(0x7f0000000340)=""/250, 0xfa}, {&(0x7f0000000440)=""/148, 0x94}, {&(0x7f0000000500)=""/167, 0xa7}], 0x4}}, {{&(0x7f00000011c0)=@abs, 0x6e, &(0x7f0000000740)=[{&(0x7f0000000680)=""/190, 0xbe}], 0x1, &(0x7f0000000780)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f00000007c0)=@abs, 0x6e, &(0x7f0000000840)=[{&(0x7f00000008c0)=""/244, 0xf4}, {&(0x7f00000009c0)=""/122, 0x7a}], 0x2, &(0x7f0000000a40)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000000a80)=@abs, 0x6e, &(0x7f0000001000)=[{&(0x7f00000013c0)=""/4096, 0x1000}, {&(0x7f0000000b00)=""/232, 0xe8}, {&(0x7f00000023c0)=""/4096, 0x1000}, {&(0x7f0000000c40)=""/13, 0xd}, {&(0x7f0000000c80)=""/120, 0x78}, {&(0x7f0000001240)=""/253, 0xfd}, {&(0x7f0000000e80)=""/76, 0x4c}, {&(0x7f0000000f00)=""/225, 0xe1}], 0x8}}], 0x4, 0x2140, &(0x7f0000001180)={r4, r5+10000000}) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) unlinkat(r3, &(0x7f0000000280)='./file0\x00', 0x200) r6 = syz_open_procfs(0x0, &(0x7f0000000040)='clear_refs\x00') statx(r6, &(0x7f0000001380)='./file0\x00', 0x1000, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff0000056842bb002552d215f6", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e00000018000280140011"], 0x48}}, 0x0) r7 = socket(0x10, 0x3, 0x0) r8 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_SET(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x40, 0x1410, 0x1, 0x70bd2c, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000011}, 0x0) sendmmsg$alg(r7, &(0x7f0000000140), 0x4924b68, 0x0) 330.62809ms ago: executing program 1 (id=645): setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000280)={'security\x00', 0x4, [{}, {}, {}, {}]}, 0x68) r0 = syz_clone(0x1000080, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = getpid() kcmp(r0, r1, 0x4, 0xffffffffffffffff, 0xffffffffffffffff) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r2}, 0x10) mlockall(0x1) r3 = socket(0x1a, 0x803, 0x0) fgetxattr(r3, &(0x7f0000000500)=@known='system.sockprotoname\x00', &(0x7f0000000580)=""/3, 0x3) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x17, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x4, 0x2, 0x1, 0x2}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 330.239208ms ago: executing program 0 (id=646): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) socket$packet(0x11, 0x2, 0x300) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x5, 0x14, 0x0, &(0x7f0000000100)="259a53f271a76d2608fff74588a80a3888ca2f15", 0x0, 0xd11, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(&(0x7f0000000040)=@sr0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='vxfs\x00', 0x1f, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000005700)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0xfffffffffffffff4) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000001640)="440f20c0350b000000440f22c00f4ece0f20d835200000000f22d80f01c13e0fd92da047f050b9800000c00f3248b87a4ac9228478c3580f23d00f21f835100000070f23f80f30640f01c20f22e6d644240033000080c744240200800000ffbd24c4627d1aa069ed126f66bad104b00bee", 0x71}], 0x1, 0x40, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) bind$alg(r1, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="c99bfa0018", 0x5) r5 = fsopen(&(0x7f0000000040)='devpts\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000015000200071b1700bd030100000000009500000000000000bc26080000000000bf67000000000000070300000fff0700670200000300000016060a000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94) r6 = accept4(r1, 0x0, 0x0, 0x0) sendmmsg$alg(r6, &(0x7f0000001800)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a40)=ANY=[], 0x20c}, 0x1, 0x0, 0x0, 0x20000094}, 0x400c4) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r0, 0xc008551b, &(0x7f0000000140)={0x5d38, 0x20, [0x5, 0x5, 0x7, 0x8, 0x20000000, 0x9, 0x5, 0x4]}) recvmmsg(r6, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000003980)=""/4098, 0x1002}], 0x1}, 0xfffe}], 0x1, 0x40000022, 0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'ip_vti0\x00'}) getsockopt$IP_SET_OP_GET_BYINDEX(r7, 0x1, 0x53, &(0x7f00000000c0)={0x7, 0x7, 0x1}, &(0x7f0000000100)=0x28) 60.392564ms ago: executing program 0 (id=647): semop(0x0, &(0x7f00000000c0)=[{0x0, 0xc63e}], 0x1) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x270, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0203"], 0x10}}, 0x0) io_submit(0x0, 0x1, &(0x7f0000000180)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1ff, 0xffffffffffffffff, 0x0, 0x0, 0x4}]) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x7, 0x0, &(0x7f0000000040)={{0x0, 0x0, 0x2}}, 0xda14, 0x0}}) 60.041914ms ago: executing program 0 (id=648): r0 = socket$inet6(0xa, 0x3, 0xff) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000005080000024d564b"]) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') socket$nl_route(0x10, 0x3, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x200) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x3}, {}, {0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x8, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x4}]}}]}, 0x38}}, 0x0) ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)) r4 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r4, &(0x7f0000000080)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000240)="27050200590214000600002fb96dbcf706e10500000086ddffff1144ee1611d4b8bf4a31accbe1ba07770600000000000000f6184b8a34f9015cc99e578000102821880b000000008c30", 0xfed3}, {&(0x7f0000001240)="1c393502dda1a67d93b1ceccbe972c4fef9c33ecf2d824f3a33513f45f472bbdc8e3a2275f2587f0da0b3ae419bed996116448f90d113ce98aa985f379d729430858f5cb9a668a1800bf2354b33cdff83033de518580a3080d7f4cc2406e071138439e1566dd17983ee153ab672f362d3292e24a9952f18ec3d8b37bb3391096c1d4442a754899299321c03cbcfb98a26994b2a072c2b9d9c70d619545e5f61b050e40166d2ff57dcc008f24fd5339e7bc21e25863f80d2487c30b6bf781608a31d68e9319ab1712d8f5bdde849c040417c864cbfd3923dcb9fc6bdc2ea53334184b03efcb631dc68f0a7b6e13eea4b80d4237120e32932ca4e2b50bad0a35496d36a191d91f03b477b9587bc0ba489932e34f819fa1524ebad53a3d94b46c6aeff4f42fa067729fbb2862c09d337a75e0c8429d4bfe0dee2e1e23e8c22787178600ecca135623731e4701f35bd4e7c936a8ee274120e7662328a5aba1161b05889b045696721c79bff0547efe051f3c5de77fdd3c77afd41a1a7747a982b7efb013c9d6bac7d3ad1f9b7c3a5a1448b35696f03bca1c875e346edc55b7a271c3e5f3c0df72c8e4d7cccfa2e9b598f0ae06efbc1a5d5bd91aed6b32deccf7755cef50fab72633c802533b9d94f17f9be978f2514c47671575ee528fbdddc6194328e605e4d10e293756d20eb8a545f2bfe48df5d1d98a270458392a0a57647dcb8ee005e78877a072d12d0429b9b9957a695c3289b4a59469691115e6ba204181708b9d1ae47418ed594b8128f20c100f5485a84e60d73ab818da73fab78caf42afd1f89cdb29dfdd6676c55ea00d35321bc4878170c62b05", 0x258}], 0x2}, 0x9cdc2384056b48b8) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) accept4$rose(0xffffffffffffffff, &(0x7f0000000000)=@short={0xb, @remote, @bcast, 0x1, @null}, &(0x7f0000000040)=0x1c, 0x0) r5 = accept4$x25(0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0)=0x12, 0x0) r6 = socket$packet(0x11, 0x2, 0x300) r7 = socket(0x1e, 0x805, 0x0) sendmsg$tipc(r7, &(0x7f0000000640)={&(0x7f0000000300), 0x10, 0x0}, 0x0) r8 = getpid() bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='afs_protocol_error\x00', r1}, 0x18) socket$igmp6(0xa, 0x3, 0x2) syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @random="50a245d5cde0", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x68, 0x0, 0x0, 0x2, 0x0, @private=0xa010101, @broadcast}, @timestamp_reply={0x11, 0xe0, 0x0, 0x0, 0x0, 0x62ea0000}}}}}, 0x0) prlimit64(r8, 0xf, &(0x7f0000000300)={0x1, 0x2}, &(0x7f0000000340)) sendmmsg$sock(r6, &(0x7f0000000840)=[{{&(0x7f0000000640)=@tipc=@name={0x1e, 0x2, 0x1, {{0x41}}}, 0x80, 0x0, 0x0, &(0x7f0000000a80)=[@mark={{0x14, 0x1, 0x24, 0x4}}], 0x18}}], 0x400000000000354, 0x0) r9 = dup2(r5, r6) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16, @ANYBLOB="77ba00000000000000001f000000080001"], 0x48}}, 0x0) write$tun(r9, 0x0, 0x46) r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSETD(r10, 0x5423, &(0x7f0000000080)=0x7) 634.825µs ago: executing program 3 (id=649): r0 = open(&(0x7f00000000c0)='./file0\x00', 0x80440, 0x120) mount$9p_tcp(&(0x7f0000000500), &(0x7f0000000540)='./file0\x00', &(0x7f0000000580), 0x8, &(0x7f00000005c0)=ANY=[@ANYBLOB="7472616e733d7463702c706f723076706f72742c000000000000000000000000000000000000000f00000000"]) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x2, 0x0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYRESHEX=r0], 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) mknodat$loop(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x100, 0x0) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8042, 0x0) syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r4) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_PROBE_CLIENT(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010029bd7000fcdbdf255400000008000300", @ANYRES32=r6], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r3}, 0x10) write$P9_RSTATu(r2, &(0x7f0000000280)=ANY=[@ANYRESHEX=r3, @ANYBLOB="29d5420da36dc7e3279b7ad42915e1cbd8e1526d3c99e1303f15dae18beadb2993", @ANYRESOCT=r1, @ANYRES16=r3, @ANYRESHEX=r3, @ANYRESOCT=r2], 0x239) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x2, &(0x7f0000000500)=@raw=[@cb_func], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x9, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 350.778µs ago: executing program 1 (id=650): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, 0x0, 0x8000) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_GET(r0, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c0000b5", @ANYRES16=r1, @ANYBLOB="00032abd7000fedbdf250b000000080001007063690011000200303030303a30303a31302e300000000008000b0007000000080001007063690011000200303030303a30303a31302e300000000008000b0009000000"], 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x14) r2 = socket(0xb, 0x803, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_channels={0x3d, 0x0, 0x0, 0x8000000, 0x0, 0x1, 0x2}}) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$bt_hci(r3, 0x0, 0x2, 0x0, &(0x7f00000000c0)) r4 = socket(0x2, 0x5, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef) syz_open_dev$sg(&(0x7f0000000040), 0x10, 0x4000) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYRES16=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140), 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x48010}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000004600)=@newtfilter={0x24, 0x2c, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x9, 0x2}, {0xfff7}}}, 0x24}}, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x1901000000000000) r8 = syz_open_dev$video4linux(&(0x7f0000000000), 0x200008f, 0x0) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='pids.current\x00', 0x275a, 0x0) write$UHID_CREATE2(r9, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r9, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r8, 0xc038563b, &(0x7f00000001c0)={{0x1, 0x1, 0x18}, './file0\x00'}) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000080)=0x1) r10 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_attach_bpf(r10, 0x1, 0x34, &(0x7f00000000c0), 0x4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x1300, &(0x7f0000000580)='%', 0x0, 0xd01, 0x0, 0x0, 0x45, 0x0, 0x0, 0x2, 0x0, 0x8}, 0xfffffffffffffe72) semop(0x0, &(0x7f0000000080)=[{0x4, 0x8, 0x800}, {0x2, 0x39}, {0x4, 0xbe83, 0x800}, {0x2, 0xf40f, 0x3800}], 0x4) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}}) 0s ago: executing program 3 (id=651): sysfs$3(0x3) sysfs$3(0x3) sysfs$3(0x3) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$sock_SIOCOUTQ(r0, 0x5411, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000580)=ANY=[@ANYBLOB="a0000000210001002dbd7000fedbdf25fe880000000000000000000000000101e00000020000000000000000000000004e248001000700010a0080a03b000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="af6b6e000100000050001100ff010000000000000000000000000001fe8000000000000000000000000000bbac1414bb000000000000000000000000fc010000000000000000000000000001330000020000000002000a"], 0xa0}, 0x1, 0x0, 0x0, 0x400c000}, 0x20000000) syz_emit_vhci(&(0x7f0000003b40)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4e, 0xa}, {0x4, 0x1, 0x7, 0x9, 0x8001}}}}, 0x17) r3 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000000)={@empty, @private, 0x0}, &(0x7f0000000080)=0xc) r5 = syz_open_dev$sndpcmc(&(0x7f00000000c0), 0x0, 0x3f7700) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r5, 0xc2604110, &(0x7f0000000640)={0x0, [[0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x80000000, 0x0, 0x0, 0x0, 0x100], [0xf9]], '\x00', [{0x8, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2}, {0x0, 0xa7}, {}, {}, {}, {0xfffffffe}, {0x2}], '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) setsockopt$inet6_mreq(r3, 0x29, 0x14, &(0x7f0000000040)={@local, r4}, 0x14) kernel console output (not intermixed with test programs): [ 38.174402][ T39] audit: type=1400 audit(1736878984.137:79): avc: denied { noatsecure } for pid=5925 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 38.180000][ T39] audit: type=1400 audit(1736878984.137:80): avc: denied { write } for pid=5925 comm="sh" path="pipe:[4802]" dev="pipefs" ino=4802 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 38.186242][ T39] audit: type=1400 audit(1736878984.137:81): avc: denied { rlimitinh } for pid=5925 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 38.191503][ T39] audit: type=1400 audit(1736878984.137:82): avc: denied { siginh } for pid=5925 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 39.076042][ T39] audit: type=1400 audit(1736878985.047:83): avc: denied { read } for pid=5335 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 39.082552][ T39] audit: type=1400 audit(1736878985.047:84): avc: denied { append } for pid=5335 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 39.088781][ T39] audit: type=1400 audit(1736878985.047:85): avc: denied { open } for pid=5335 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 39.095684][ T39] audit: type=1400 audit(1736878985.047:86): avc: denied { getattr } for pid=5335 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Warning: Permanently added '[localhost]:17241' (ED25519) to the list of known hosts. [ 39.216824][ T39] audit: type=1400 audit(1736878985.187:87): avc: denied { name_bind } for pid=5929 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 40.779008][ T5931] cgroup: Unknown subsys name 'net' [ 40.880591][ T5931] cgroup: Unknown subsys name 'cpuset' [ 40.885777][ T5931] cgroup: Unknown subsys name 'rlimit' [ 41.143041][ T5936] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 41.716512][ T5931] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 43.216241][ T39] kauditd_printk_skb: 17 callbacks suppressed [ 43.216250][ T39] audit: type=1400 audit(1736878989.187:105): avc: denied { execmem } for pid=5938 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 43.362836][ T39] audit: type=1400 audit(1736878989.337:106): avc: denied { create } for pid=5942 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 43.370145][ T39] audit: type=1400 audit(1736878989.337:107): avc: denied { create } for pid=5943 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 43.376902][ T39] audit: type=1400 audit(1736878989.337:109): avc: denied { read write } for pid=5943 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 43.383625][ T39] audit: type=1400 audit(1736878989.337:108): avc: denied { read write } for pid=5944 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 43.390547][ T39] audit: type=1400 audit(1736878989.337:110): avc: denied { open } for pid=5944 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 43.396450][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 43.398081][ T39] audit: type=1400 audit(1736878989.337:111): avc: denied { open } for pid=5943 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 43.400809][ T5954] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 43.407321][ T39] audit: type=1400 audit(1736878989.347:112): avc: denied { ioctl } for pid=5943 comm="syz-executor" path="socket:[7148]" dev="sockfs" ino=7148 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 43.408301][ T5955] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 43.409655][ T5955] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 43.410405][ T5954] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 43.410676][ T5954] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 43.411017][ T5954] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 43.412481][ T5954] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 43.412608][ T5954] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 43.413986][ T5957] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 43.417291][ T39] audit: type=1400 audit(1736878989.387:113): avc: denied { read } for pid=5942 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 43.417456][ T5958] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 43.418129][ T5958] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 43.418314][ T5958] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 43.419390][ T5958] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 43.420169][ T5955] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 43.420715][ T5955] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 43.420913][ T5955] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 43.421043][ T5955] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 43.421268][ T5956] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 43.421776][ T39] audit: type=1400 audit(1736878989.387:114): avc: denied { open } for pid=5942 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 43.423638][ T5958] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 43.425767][ T5956] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 43.427479][ T5958] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 43.429489][ T5956] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 43.473083][ T5956] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 43.548593][ T5942] chnl_net:caif_netlink_parms(): no params data found [ 43.556834][ T5949] chnl_net:caif_netlink_parms(): no params data found [ 43.629573][ T5944] chnl_net:caif_netlink_parms(): no params data found [ 43.679414][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.681488][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.683656][ T5942] bridge_slave_0: entered allmulticast mode [ 43.685839][ T5942] bridge_slave_0: entered promiscuous mode [ 43.700191][ T5943] chnl_net:caif_netlink_parms(): no params data found [ 43.720949][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.723017][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.725054][ T5942] bridge_slave_1: entered allmulticast mode [ 43.727303][ T5942] bridge_slave_1: entered promiscuous mode [ 43.744403][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.746471][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.748885][ T5949] bridge_slave_0: entered allmulticast mode [ 43.751009][ T5949] bridge_slave_0: entered promiscuous mode [ 43.784130][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.786877][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.789507][ T5949] bridge_slave_1: entered allmulticast mode [ 43.791997][ T5949] bridge_slave_1: entered promiscuous mode [ 43.798352][ T5944] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.800586][ T5944] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.802673][ T5944] bridge_slave_0: entered allmulticast mode [ 43.804797][ T5944] bridge_slave_0: entered promiscuous mode [ 43.808615][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 43.829536][ T5944] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.831614][ T5944] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.833709][ T5944] bridge_slave_1: entered allmulticast mode [ 43.835837][ T5944] bridge_slave_1: entered promiscuous mode [ 43.847186][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 43.863960][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.866071][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.868391][ T5943] bridge_slave_0: entered allmulticast mode [ 43.870546][ T5943] bridge_slave_0: entered promiscuous mode [ 43.889237][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 43.893518][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 43.896200][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.898342][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.900479][ T5943] bridge_slave_1: entered allmulticast mode [ 43.902636][ T5943] bridge_slave_1: entered promiscuous mode [ 43.905560][ T5944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 43.938670][ T5944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 43.943490][ T5942] team0: Port device team_slave_0 added [ 43.946820][ T5949] team0: Port device team_slave_0 added [ 43.972696][ T5942] team0: Port device team_slave_1 added [ 43.975884][ T5949] team0: Port device team_slave_1 added [ 43.979225][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 43.983639][ T5944] team0: Port device team_slave_0 added [ 44.010188][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.013439][ T5944] team0: Port device team_slave_1 added [ 44.023428][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.025974][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.036043][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 44.054809][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.058088][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.065500][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 44.069564][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 44.071981][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.079518][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 44.093725][ T5943] team0: Port device team_slave_0 added [ 44.102336][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 44.104951][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.114508][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 44.123197][ T5943] team0: Port device team_slave_1 added [ 44.125643][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.127741][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.135007][ T5944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 44.138828][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 44.140822][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.148108][ T5944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 44.198735][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.201313][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.210737][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 44.215991][ T5942] hsr_slave_0: entered promiscuous mode [ 44.218714][ T5942] hsr_slave_1: entered promiscuous mode [ 44.223137][ T5949] hsr_slave_0: entered promiscuous mode [ 44.225154][ T5949] hsr_slave_1: entered promiscuous mode [ 44.227341][ T5949] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 44.229634][ T5949] Cannot create hsr debugfs directory [ 44.238559][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 44.240601][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.248398][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 44.268842][ T5944] hsr_slave_0: entered promiscuous mode [ 44.271776][ T5944] hsr_slave_1: entered promiscuous mode [ 44.273813][ T5944] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 44.276051][ T5944] Cannot create hsr debugfs directory [ 44.331583][ T5943] hsr_slave_0: entered promiscuous mode [ 44.334544][ T5943] hsr_slave_1: entered promiscuous mode [ 44.336509][ T5943] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 44.339193][ T5943] Cannot create hsr debugfs directory [ 44.478115][ T5949] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 44.493248][ T5949] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 44.498820][ T5949] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 44.503527][ T5949] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 44.525321][ T5942] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 44.530196][ T5942] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 44.533396][ T5942] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 44.537723][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.539859][ T5949] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.542289][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.544351][ T5949] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.549702][ T5942] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 44.569841][ T67] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.573105][ T67] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.591591][ T5944] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 44.594861][ T5944] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 44.599010][ T5944] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 44.602037][ T5944] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 44.628720][ T5943] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 44.631913][ T5943] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 44.635079][ T5943] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 44.638481][ T5943] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 44.655034][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.667232][ T5949] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.672365][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.674420][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.681551][ T67] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.683611][ T67] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.703816][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.718520][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.722554][ T5944] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.727896][ T1136] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.730036][ T1136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.742829][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.744896][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.757971][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.760563][ T5944] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.769444][ T1233] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.771514][ T1233] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.778392][ T1233] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.780477][ T1233] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.792014][ T5943] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.799306][ T1136] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.801357][ T1136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.810833][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.812939][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.835095][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.843165][ T5943] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 44.869174][ T5949] veth0_vlan: entered promiscuous mode [ 44.874174][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.878410][ T5949] veth1_vlan: entered promiscuous mode [ 44.897504][ T5942] veth0_vlan: entered promiscuous mode [ 44.900321][ T5949] veth0_macvtap: entered promiscuous mode [ 44.904456][ T5949] veth1_macvtap: entered promiscuous mode [ 44.908730][ T5942] veth1_vlan: entered promiscuous mode [ 44.917798][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.921578][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 44.927935][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 44.932014][ T5949] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.935310][ T5949] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.939028][ T5949] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.941950][ T5949] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.948400][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.960201][ T5942] veth0_macvtap: entered promiscuous mode [ 44.963293][ T5942] veth1_macvtap: entered promiscuous mode [ 44.973750][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.976851][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.980126][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 44.987378][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.990339][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.993550][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.017092][ T5944] veth0_vlan: entered promiscuous mode [ 45.019629][ T5942] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.022146][ T5942] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.024627][ T5942] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.027444][ T5942] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.031051][ T5943] veth0_vlan: entered promiscuous mode [ 45.037875][ T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.040318][ T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.046997][ T5943] veth1_vlan: entered promiscuous mode [ 45.053086][ T5944] veth1_vlan: entered promiscuous mode [ 45.063317][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.065579][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.071599][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.073842][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.088076][ T1233] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.088249][ T5943] veth0_macvtap: entered promiscuous mode [ 45.090342][ T1233] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.094573][ T5943] veth1_macvtap: entered promiscuous mode [ 45.104192][ T5949] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 45.107166][ T5944] veth0_macvtap: entered promiscuous mode [ 45.111827][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.114839][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.119589][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.122612][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.125950][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.130771][ T5944] veth1_macvtap: entered promiscuous mode [ 45.138652][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.142292][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.142403][ T6006] netlink: 'syz.0.1': attribute type 1 has an invalid length. [ 45.145045][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.148231][ T6006] netlink: 134728 bytes leftover after parsing attributes in process `syz.0.1'. [ 45.150366][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.151175][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.159556][ T5943] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.162065][ T5943] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.164844][ T5943] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.167381][ T5943] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.179930][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.183021][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.185799][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.189106][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.191987][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.194953][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.195180][ T6010] Bluetooth: MGMT ver 1.23 [ 45.198930][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.204202][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.208260][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.211408][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.214389][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.217413][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.220667][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.223953][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.232245][ T6010] netlink: 92 bytes leftover after parsing attributes in process `syz.0.5'. [ 45.235028][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.237910][ T5944] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.240412][ T5944] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.240949][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.242886][ T5944] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.247555][ T5944] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.251437][ T6010] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5'. [ 45.253947][ T6010] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5'. [ 45.260515][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.262805][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.291227][ T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.293473][ T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.314020][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.316403][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.365272][ T6022] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 45.381711][ T6022] tipc: Started in network mode [ 45.383227][ T6022] tipc: Node identity 7f000001, cluster identity 4711 [ 45.385722][ T6022] tipc: Enabled bearer , priority 10 [ 45.394030][ T6030] CUSE: zero length info key specified [ 45.415261][ T6022] tipc: Enabled bearer , priority 0 [ 45.447425][ T5956] Bluetooth: hci1: command tx timeout [ 45.447428][ T5292] Bluetooth: hci3: command tx timeout [ 45.447740][ T5292] Bluetooth: hci2: command tx timeout [ 45.503224][ T6056] netlink: 92 bytes leftover after parsing attributes in process `syz.2.13'. [ 45.509003][ T6056] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13'. [ 45.511560][ T6056] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13'. [ 45.517175][ T6058] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16'. [ 45.536794][ T5292] Bluetooth: hci0: command tx timeout [ 45.710477][ T6085] process 'syz.3.24' launched './file0' with NULL argv: empty string added [ 45.759974][ T6089] Illegal XDP return value 2675354939 on prog (id 6) dev syz_tun, expect packet loss! [ 45.934799][ T6109] random: crng reseeded on system resumption [ 45.991703][ T6118] netlink: 'syz.2.34': attribute type 62 has an invalid length. [ 46.069618][ T6113] [U] VÔ3¸ÂFÙ¾"SÇÁ/ÉÊ4:ÃXTZ“W¡T‘’LWµ«= [ 46.090482][ T6126] [U] J"—E:ÀÆ" [ 46.114606][ T6129] (syz.1.37,6129,1):ocfs2_fill_super:990 ERROR: superblock probe failed! [ 46.117299][ T6129] (syz.1.37,6129,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 46.201209][ T6137] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 46.250040][ T6142] syz.1.38 uses obsolete (PF_INET,SOCK_PACKET) [ 46.252702][ T6132] warning: `syz.1.38' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 46.263311][ T6132] Bluetooth: hci4: Frame reassembly failed (-84) [ 46.266318][ T67] Bluetooth: hci4: Frame reassembly failed (-84) [ 46.335477][ T6147] loop6: detected capacity change from 0 to 524287999 [ 46.379724][ T6149] netlink: 8 bytes leftover after parsing attributes in process `syz.2.42'. [ 46.395226][ T6149] netlink: 'syz.2.42': attribute type 3 has an invalid length. [ 46.397988][ T6149] netlink: 132 bytes leftover after parsing attributes in process `syz.2.42'. [ 46.546047][ T5984] tipc: Node number set to 2130706433 [ 46.640588][ T6171] netlink: 'syz.3.49': attribute type 21 has an invalid length. [ 46.744342][ T6180] lo speed is unknown, defaulting to 1000 [ 46.746887][ T6188] IPVS: length: 184 != 24 [ 46.748766][ T6180] lo speed is unknown, defaulting to 1000 [ 46.751401][ T6180] lo speed is unknown, defaulting to 1000 [ 46.777981][ T6192] Zero length message leads to an empty skb [ 46.795322][ T6195] lo speed is unknown, defaulting to 1000 [ 46.798793][ T6195] lo speed is unknown, defaulting to 1000 [ 46.807401][ T6195] lo speed is unknown, defaulting to 1000 [ 46.811911][ T6195] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 46.817021][ T6195] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 46.827438][ T6195] lo speed is unknown, defaulting to 1000 [ 46.829618][ T6195] lo speed is unknown, defaulting to 1000 [ 46.832142][ T6195] lo speed is unknown, defaulting to 1000 [ 46.834174][ T6195] lo speed is unknown, defaulting to 1000 [ 46.839607][ T6195] »»»»»»: renamed from lo (while UP) [ 46.840571][ T6180] infiniband sz1: set active [ 46.844317][ T6180] infiniband sz1: added »»»»»» [ 46.850882][ T6141] »»»»»» speed is unknown, defaulting to 1000 [ 46.868552][ T6180] RDS/IB: sz1: added [ 46.869994][ T6180] smc: adding ib device sz1 with port count 1 [ 46.874378][ T6180] smc: ib device sz1 port 1 has pnetid [ 46.877616][ T6180] »»»»»» speed is unknown, defaulting to 1000 [ 46.880491][ T5984] »»»»»» speed is unknown, defaulting to 1000 [ 46.926282][ T6180] »»»»»» speed is unknown, defaulting to 1000 [ 46.972160][ T6180] »»»»»» speed is unknown, defaulting to 1000 [ 47.013801][ T6180] »»»»»» speed is unknown, defaulting to 1000 [ 47.526986][ T5956] Bluetooth: hci3: command tx timeout [ 47.536928][ T5956] Bluetooth: hci2: command tx timeout [ 47.582798][ T6222] netlink: 'syz.0.62': attribute type 9 has an invalid length. [ 47.617573][ T5956] Bluetooth: hci0: command tx timeout [ 47.618447][ T6225] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 47.666360][ T6227] macvtap0: Device is already in use. [ 48.033230][ T6255] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 48.235873][ T6270] netlink: 'syz.2.77': attribute type 10 has an invalid length. [ 48.241358][ T6270] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 48.287345][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.290247][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.293575][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.296460][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.299483][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.302479][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.305346][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.308236][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.311005][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.313756][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.317001][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.319900][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.322689][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.325466][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.327372][ T5956] Bluetooth: hci4: command 0x1003 tx timeout [ 48.328738][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.328836][ T5292] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 48.334653][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.337811][ T6278] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 48.339368][ T39] kauditd_printk_skb: 163 callbacks suppressed [ 48.339376][ T39] audit: type=1400 audit(2000000000.510:278): avc: denied { write } for pid=6276 comm="syz.2.79" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 48.394032][ T39] audit: type=1400 audit(2000000000.560:279): avc: denied { create } for pid=6291 comm="syz.2.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 48.399954][ T39] audit: type=1400 audit(2000000000.560:280): avc: denied { connect } for pid=6291 comm="syz.2.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 48.405430][ T39] audit: type=1400 audit(2000000000.560:281): avc: denied { name_connect } for pid=6291 comm="syz.2.83" dest=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 48.442914][ T39] audit: type=1400 audit(2000000000.610:282): avc: denied { open } for pid=6296 comm="syz.1.85" path="/dev/ptyq6" dev="devtmpfs" ino=133 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 48.450016][ T6298] tty tty1: ldisc open failed (-12), clearing slot 0 [ 48.473865][ T39] audit: type=1400 audit(2000000000.640:283): avc: denied { read } for pid=6301 comm="syz.1.86" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 48.483519][ T39] audit: type=1400 audit(2000000000.640:284): avc: denied { open } for pid=6301 comm="syz.1.86" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 48.487038][ T6307] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 48.523818][ T39] audit: type=1400 audit(2000000000.690:285): avc: denied { read } for pid=6308 comm="syz.1.88" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 48.552013][ T39] audit: type=1400 audit(2000000000.720:286): avc: denied { create } for pid=6315 comm="syz.1.90" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 48.557770][ T39] audit: type=1400 audit(2000000000.720:287): avc: denied { setopt } for pid=6315 comm="syz.1.90" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 48.588791][ T6320] syz.0.92 (6320): /proc/6319/oom_adj is deprecated, please use /proc/6319/oom_score_adj instead. [ 48.594591][ T6320] xt_hashlimit: size too large, truncated to 1048576 [ 48.726782][ T5292] Bluetooth: hci1: command tx timeout [ 49.599760][ T6340] bridge0: entered promiscuous mode [ 49.601753][ T6340] macvlan2: entered promiscuous mode [ 49.605440][ T6340] bridge0: port 3(macvlan2) entered blocking state [ 49.607074][ T5292] Bluetooth: hci2: command tx timeout [ 49.608831][ T6340] bridge0: port 3(macvlan2) entered disabled state [ 49.610907][ T6340] macvlan2: entered allmulticast mode [ 49.612481][ T6340] bridge0: entered allmulticast mode [ 49.616976][ T6340] macvlan2: left allmulticast mode [ 49.616979][ T5292] Bluetooth: hci3: command tx timeout [ 49.621023][ T6340] bridge0: left allmulticast mode [ 49.623486][ T6340] bridge0: left promiscuous mode [ 49.697227][ T5292] Bluetooth: hci0: command tx timeout [ 49.970049][ T6377] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 50.336948][ T6395] __nla_validate_parse: 6 callbacks suppressed [ 50.336958][ T6395] netlink: 8 bytes leftover after parsing attributes in process `syz.3.114'. [ 50.341390][ T6395] netlink: 'syz.3.114': attribute type 22 has an invalid length. [ 50.343684][ T6395] netlink: 4 bytes leftover after parsing attributes in process `syz.3.114'. [ 50.392219][ T6406] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5 [ 50.424223][ T6410] xt_hashlimit: size too large, truncated to 1048576 [ 50.479676][ T6415] syzkaller1: entered promiscuous mode [ 50.481300][ T6415] syzkaller1: entered allmulticast mode [ 50.600538][ T6419] block device autoloading is deprecated and will be removed. [ 50.603574][ T6419] syz.1.121: attempt to access beyond end of device [ 50.603574][ T6419] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 50.615036][ T5956] Bluetooth: hci4: sending frame failed (-49) [ 50.618001][ T5292] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 50.806745][ T5292] Bluetooth: hci1: command tx timeout [ 51.267072][ T6463] netlink: 'syz.2.133': attribute type 15 has an invalid length. [ 51.281775][ T6463] can0: slcan on ptm0. [ 51.356986][ T6462] can0 (unregistered): slcan off ptm0. [ 51.479769][ T8] kernel write not supported for file /132/attr/exec (pid: 8 comm: kworker/0:0) [ 51.484451][ T6468] kvm: kvm [6467]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0x118 [ 51.489779][ T6468] batadv0: entered promiscuous mode [ 51.574550][ T6471] capability: warning: `syz.2.135' uses deprecated v2 capabilities in a way that may be insecure [ 51.580916][ T6471] input: syz0 as /devices/virtual/input/input6 [ 51.605883][ T6473] netlink: 20 bytes leftover after parsing attributes in process `syz.1.136'. [ 51.696577][ T5292] Bluetooth: hci3: command tx timeout [ 51.696705][ T5956] Bluetooth: hci2: command tx timeout [ 51.713623][ T6485] binder: 6484:6485 ioctl 400c620e 20000140 returned -22 [ 51.776457][ T5956] Bluetooth: hci0: command tx timeout [ 52.024068][ T6514] netlink: 56 bytes leftover after parsing attributes in process `syz.3.146'. [ 52.048350][ T45] Bluetooth: (null): Too short H5 packet [ 52.050110][ T45] Bluetooth: (null): Invalid header checksum [ 52.051894][ T45] Bluetooth: (null): Invalid header checksum [ 52.311524][ T6539] netlink: 448 bytes leftover after parsing attributes in process `syz.2.156'. [ 52.314331][ T6539] unsupported nla_type 14345 [ 52.616395][ T30] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 52.777999][ T30] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 52.782386][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.784939][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.788117][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 52.790750][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.793319][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.796686][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 52.799342][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.801874][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.804935][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 52.807732][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.810301][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.812864][ T6547] mkiss: ax0: crc mode is auto. [ 52.813360][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 52.817582][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.820197][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.823271][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 52.827242][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.829826][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.832941][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 52.833188][ T6547] IPVS: set_ctl: invalid protocol: 0 224.0.0.1:20003 [ 52.835503][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.840612][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.843755][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 52.846456][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.849744][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.852910][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 52.856644][ T30] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 52.859312][ T30] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 52.861671][ T30] usb 6-1: Product: syz [ 52.862866][ T30] usb 6-1: Manufacturer: syz [ 52.864204][ T30] usb 6-1: SerialNumber: syz [ 52.866993][ T30] usb 6-1: config 0 descriptor?? [ 52.875180][ T30] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0 [ 52.937748][ T6550] netlink: 68 bytes leftover after parsing attributes in process `syz.0.160'. [ 52.938598][ T6549] netlink: 68 bytes leftover after parsing attributes in process `syz.0.160'. [ 52.972391][ T6554] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 53.004647][ T6556] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 53.107636][ T6567] netlink: 'syz.0.166': attribute type 12 has an invalid length. [ 53.109922][ T6567] netlink: 'syz.0.166': attribute type 29 has an invalid length. [ 53.112126][ T6567] netlink: 148 bytes leftover after parsing attributes in process `syz.0.166'. [ 53.114704][ T6567] netlink: 'syz.0.166': attribute type 1 has an invalid length. [ 53.117005][ T6567] netlink: 'syz.0.166': attribute type 2 has an invalid length. [ 53.119181][ T6567] netlink: 19 bytes leftover after parsing attributes in process `syz.0.166'. [ 53.121832][ T6560] openvswitch: netlink: IP tunnel dst address not specified [ 53.150974][ T5945] usb 6-1: USB disconnect, device number 2 [ 53.155665][ T5945] yurex 6-1:0.0: USB YUREX #0 now disconnected [ 53.281451][ T6576] netlink: 20 bytes leftover after parsing attributes in process `syz.0.168'. [ 53.345176][ T6588] xt_l2tp: v2 sid > 0xffff: 150994944 [ 53.377715][ T39] kauditd_printk_skb: 209 callbacks suppressed [ 53.377723][ T39] audit: type=1400 audit(2000000005.550:497): avc: denied { shutdown } for pid=6579 comm="syz.3.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 53.380622][ T6593] ipt_REJECT: TCP_RESET invalid for non-tcp [ 53.414658][ T39] audit: type=1400 audit(2000000005.580:498): avc: denied { create } for pid=6595 comm="syz.0.176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 53.419815][ T6597] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_macvtap, syncid = 0, id = 0 [ 53.421459][ T39] audit: type=1400 audit(2000000005.580:499): avc: denied { bind } for pid=6595 comm="syz.0.176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 53.428697][ T39] audit: type=1400 audit(2000000005.580:500): avc: denied { write } for pid=6595 comm="syz.0.176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 53.443304][ T6596] sp0: Synchronizing with TNC [ 53.470860][ T39] audit: type=1400 audit(2000000005.640:501): avc: denied { create } for pid=6598 comm="syz.2.177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 53.498719][ T39] audit: type=1400 audit(2000000005.670:502): avc: denied { write } for pid=6598 comm="syz.2.177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 53.505629][ T39] audit: type=1400 audit(2000000005.670:503): avc: denied { ioctl } for pid=6598 comm="syz.2.177" path="socket:[11029]" dev="sockfs" ino=11029 ioctlcmd=0x89e6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 53.568214][ T39] audit: type=1400 audit(2000000005.740:504): avc: denied { read } for pid=6601 comm="syz.3.178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 53.605214][ T39] audit: type=1400 audit(2000000005.770:505): avc: denied { write } for pid=6614 comm="syz.0.182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 53.610912][ T39] audit: type=1400 audit(2000000005.770:506): avc: denied { setopt } for pid=6614 comm="syz.0.182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 53.694261][ T6626] fuse: Invalid rootmode [ 54.173947][ T6639] netlink: 'syz.0.190': attribute type 1 has an invalid length. [ 54.176312][ T6639] netlink: 'syz.0.190': attribute type 3 has an invalid length. [ 54.204393][ T6639] netlink: 'syz.0.190': attribute type 1 has an invalid length. [ 54.206730][ T6639] netlink: 'syz.0.190': attribute type 3 has an invalid length. [ 54.443491][ T5956] Bluetooth: hci3: unexpected event 0x01 length: 17 > 1 [ 54.444917][ T5956] Bluetooth: Wrong link type (-71) [ 54.475132][ T6659] binder: 6655:6659 ioctl c0306201 200003c0 returned -14 [ 54.480922][ T6659] loop2: detected capacity change from 0 to 7 [ 54.486719][ T5956] Bluetooth: hci2: command 0x0406 tx timeout [ 54.488679][ T6659] Dev loop2: unable to read RDB block 7 [ 54.488729][ T6659] loop2: unable to read partition table [ 54.488842][ T6659] loop2: partition table beyond EOD, truncated [ 54.496552][ T6659] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 54.499745][ T6661] binder: BINDER_SET_CONTEXT_MGR already set [ 54.502409][ T6662] binder: 6655:6662 ioctl c0306201 200003c0 returned -14 [ 54.502958][ T6661] binder: 6655:6661 ioctl 4018620d 20000100 returned -16 [ 54.595086][ T6675] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 54.601974][ T8] IPVS: starting estimator thread 0... [ 54.610842][ T6682] openvswitch: netlink: IP tunnel attribute has 7 unknown bytes. [ 54.630782][ T6684] SELinux: security_context_str_to_sid (ramfs) failed with errno=-22 [ 54.659006][ T6690] bond0: Error: Cannot enslave bond to itself. [ 54.696302][ T6679] IPVS: using max 38 ests per chain, 91200 per kthread [ 54.703603][ T6694] JFS: charset not found [ 54.846330][ T2298] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 55.006740][ T2298] usb 7-1: too many configurations: 9, using maximum allowed: 8 [ 55.009823][ T2298] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 55.012482][ T2298] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 55.015622][ T2298] usb 7-1: config 0 interface 0 has no altsetting 0 [ 55.018536][ T2298] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 55.021140][ T2298] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 55.024221][ T2298] usb 7-1: config 0 interface 0 has no altsetting 0 [ 55.028327][ T2298] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 55.030914][ T2298] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 55.033995][ T2298] usb 7-1: config 0 interface 0 has no altsetting 0 [ 55.037012][ T2298] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 55.039600][ T2298] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 55.042663][ T2298] usb 7-1: config 0 interface 0 has no altsetting 0 [ 55.045376][ T2298] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 55.048006][ T2298] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 55.051129][ T2298] usb 7-1: config 0 interface 0 has no altsetting 0 [ 55.057257][ T2298] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 55.059832][ T2298] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 55.062914][ T2298] usb 7-1: config 0 interface 0 has no altsetting 0 [ 55.065507][ T2298] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 55.068163][ T2298] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 55.071282][ T2298] usb 7-1: config 0 interface 0 has no altsetting 0 [ 55.073886][ T2298] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 55.076597][ T2298] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 55.079749][ T2298] usb 7-1: config 0 interface 0 has no altsetting 0 [ 55.083163][ T2298] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 55.085805][ T2298] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 55.088468][ T2298] usb 7-1: Product: syz [ 55.089685][ T2298] usb 7-1: Manufacturer: syz [ 55.091030][ T2298] usb 7-1: SerialNumber: syz [ 55.094160][ T2298] usb 7-1: config 0 descriptor?? [ 55.102901][ T2298] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0 [ 55.203663][ T6735] rdma_op ffff88804f2e21f0 conn xmit_rdma 0000000000000000 [ 55.355082][ T6752] __nla_validate_parse: 4 callbacks suppressed [ 55.355092][ T6752] netlink: 8 bytes leftover after parsing attributes in process `syz.1.214'. [ 55.526370][ T6602] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 55.536446][ T6761] netlink: 8 bytes leftover after parsing attributes in process `syz.0.218'. [ 55.552793][ T6760] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.558443][ T6761] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.561417][ T6761] netlink: 'syz.0.218': attribute type 1 has an invalid length. [ 55.606028][ T6773] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 55.710372][ T6792] ICMPv6: NA: aa:aa:aa:aa:aa:00 advertised our address fe80::aa on syz_tun! [ 55.778553][ T6800] infiniband sz1: set active [ 55.779410][ T2298] usb 7-1: USB disconnect, device number 2 [ 55.780328][ T63] »»»»»» speed is unknown, defaulting to 1000 [ 55.785007][ T2298] yurex 7-1:0.0: USB YUREX #0 now disconnected [ 55.883774][ T6813] netlink: 12 bytes leftover after parsing attributes in process `syz.0.232'. [ 55.886429][ T6813] netlink: 4 bytes leftover after parsing attributes in process `syz.0.232'. [ 56.011296][ T6829] Process accounting resumed [ 56.041298][ T6831] Cannot find add_set index 1 as target [ 56.093300][ T6837] ======================================================= [ 56.093300][ T6837] WARNING: The mand mount option has been deprecated and [ 56.093300][ T6837] and is ignored by this kernel. Remove the mand [ 56.093300][ T6837] option from the mount to silence this warning. [ 56.093300][ T6837] ======================================================= [ 56.106400][ T6837] XFS (nullb0): no-recovery mounts must be read-only. [ 56.206262][ T30] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 56.218911][ T6844] netlink: 8 bytes leftover after parsing attributes in process `syz.1.241'. [ 56.223070][ T8] IPVS: starting estimator thread 0... [ 56.297666][ T6847] kvm: emulating exchange as write [ 56.316571][ T6845] IPVS: using max 39 ests per chain, 93600 per kthread [ 56.367687][ T30] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 56.372305][ T30] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 56.374913][ T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 56.377342][ T30] usb 5-1: SerialNumber: syz [ 56.379456][ T6853] netlink: 8 bytes leftover after parsing attributes in process `syz.2.243'. [ 56.385935][ T6852] »»»»»» speed is unknown, defaulting to 1000 [ 56.423214][ T6852] »»»»»» speed is unknown, defaulting to 1000 [ 56.437386][ T6854] Process accounting resumed [ 56.552396][ T6861] netlink: 12 bytes leftover after parsing attributes in process `syz.1.247'. [ 57.190894][ T6821] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.195138][ T6821] bridge_slave_1: left allmulticast mode [ 57.197130][ T6821] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.205275][ T6821] netlink: 'syz.0.234': attribute type 2 has an invalid length. [ 57.208841][ T6821] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 57.217389][ T30] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71 [ 57.222582][ T30] usb 5-1: USB disconnect, device number 2 [ 57.364213][ T6899] netlink: 'syz.2.259': attribute type 5 has an invalid length. [ 57.521534][ T6920] netlink: 12 bytes leftover after parsing attributes in process `syz.1.267'. [ 57.524142][ T6920] netlink: 4 bytes leftover after parsing attributes in process `syz.1.267'. [ 57.567536][ T6920] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.626182][ T63] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 57.630010][ T6920] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.696784][ T6920] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.759382][ T6930] netlink: 20 bytes leftover after parsing attributes in process `syz.3.269'. [ 57.781106][ T6920] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.786501][ T63] usb 7-1: Using ep0 maxpacket: 8 [ 57.790290][ T63] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 57.793433][ T63] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 57.796577][ T63] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.800936][ T63] usb 7-1: config 0 descriptor?? [ 57.883298][ T6920] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.888926][ T6920] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.893966][ T6920] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.899027][ T6920] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.995821][ T6951] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 58.004859][ T63] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 58.038540][ T6955] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 58.043120][ T6955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.046687][ T6955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.049542][ T6955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.052478][ T6955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.055265][ T6955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.058799][ T6955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.061969][ T6955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.065042][ T6955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.068447][ T6955] batadv_slave_0: entered promiscuous mode [ 58.070279][ T6955] macsec0: entered allmulticast mode [ 58.071950][ T6955] batadv_slave_0: entered allmulticast mode [ 58.075728][ T6955] batadv_slave_0: left allmulticast mode [ 58.078317][ T6955] batadv_slave_0: left promiscuous mode [ 58.223991][ T6904] syzkaller0: entered promiscuous mode [ 58.225607][ T6904] syzkaller0: entered allmulticast mode [ 58.228479][ T11] syzkaller0: tun_net_xmit 48 [ 58.386096][ T6141] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 58.447219][ T56] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 58.536123][ T6141] usb 8-1: Using ep0 maxpacket: 32 [ 58.539014][ T6141] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 58.543670][ T6141] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 58.546827][ T6141] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 58.549188][ T6141] usb 8-1: Product: syz [ 58.550461][ T6141] usb 8-1: Manufacturer: syz [ 58.551837][ T6141] usb 8-1: SerialNumber: syz [ 58.567750][ T6141] usb 8-1: config 0 descriptor?? [ 58.570988][ T6967] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 58.605283][ T56] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 58.608101][ T56] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 58.610454][ T56] usb 5-1: Product: syz [ 58.611707][ T56] usb 5-1: Manufacturer: syz [ 58.613069][ T56] usb 5-1: SerialNumber: syz [ 58.618535][ T56] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 58.735186][ T6141] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 58.779521][ T8] usb 8-1: USB disconnect, device number 2 [ 58.966616][ T5956] Bluetooth: hci3: command 0x0405 tx timeout [ 59.062378][ T56] usb 5-1: USB disconnect, device number 3 [ 59.173776][ T39] kauditd_printk_skb: 51 callbacks suppressed [ 59.173787][ T39] audit: type=1400 audit(2000000011.340:558): avc: denied { read } for pid=6998 comm="syz.1.287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 59.181839][ T2298] usb 7-1: USB disconnect, device number 3 [ 59.204385][ T39] audit: type=1400 audit(2000000011.370:559): avc: denied { accept } for pid=6981 comm="syz.0.284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 59.265896][ T7007] netlink: 'syz.2.289': attribute type 1 has an invalid length. [ 59.326762][ T39] audit: type=1400 audit(2000000011.490:560): avc: denied { audit_write } for pid=7015 comm="syz.1.291" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 59.377713][ T39] audit: type=1400 audit(2000000011.550:561): avc: denied { map } for pid=7020 comm="syz.1.292" path="/dev/swradio2" dev="devtmpfs" ino=1005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 59.768472][ T6141] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 59.775647][ T6141] ath9k_htc: Failed to initialize the device [ 59.786403][ T56] usb 5-1: ath9k_htc: USB layer deinitialized [ 60.132985][ T39] audit: type=1400 audit(2000000012.300:562): avc: denied { append } for pid=7043 comm="syz.0.299" name="ptp1" dev="devtmpfs" ino=1288 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 60.144470][ T7044] ISOFS: Unable to identify CD-ROM format. [ 60.181933][ T7044] hpfs: hpfs_map_sector(): read error [ 60.212799][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.216293][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.219062][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.221976][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.224926][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.229269][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.232521][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.235233][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.238280][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.240993][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.243679][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.245554][ T39] audit: type=1400 audit(2000000012.410:563): avc: denied { ioctl } for pid=7048 comm="syz.2.301" path="/dev/ppp" dev="devtmpfs" ino=730 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 60.253424][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.256156][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.258926][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.261585][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.264427][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.267257][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.270000][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.272733][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.275450][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.278208][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.280942][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.284253][ T39] audit: type=1400 audit(2000000012.450:564): avc: denied { setattr } for pid=7057 comm="syz.1.304" name="clear_refs" dev="proc" ino=13971 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 60.291956][ T39] audit: type=1400 audit(2000000012.450:565): avc: denied { name_bind } for pid=7057 comm="syz.1.304" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 60.291997][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.302784][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.305473][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.308992][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.312084][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.314773][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.317796][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.320723][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.323606][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.327315][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.330016][ T7052] program syz.0.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.335147][ T39] audit: type=1400 audit(2000000012.500:566): avc: denied { accept } for pid=7064 comm="syz.1.305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 60.336948][ T7065] x_tables: ip_tables: icmp.0 match: invalid size 8 (kernel) != (user) 56 [ 60.340864][ T39] audit: type=1400 audit(2000000012.510:567): avc: denied { read } for pid=7064 comm="syz.1.305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 60.388604][ T7065] nbd: socks must be embedded in a SOCK_ITEM attr [ 60.462197][ T7082] syz.3.310: attempt to access beyond end of device [ 60.462197][ T7082] nbd3: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 60.467142][ T7082] gfs2: error -5 reading superblock [ 60.513700][ T7093] netlink: 'syz.0.314': attribute type 10 has an invalid length. [ 60.529550][ T7093] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 60.541190][ T7089] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 60.632859][ T7101] __nla_validate_parse: 7 callbacks suppressed [ 60.632869][ T7101] netlink: 16 bytes leftover after parsing attributes in process `syz.1.315'. [ 60.821028][ T7118] netlink: 'syz.1.317': attribute type 2 has an invalid length. [ 60.823274][ T7118] netlink: 'syz.1.317': attribute type 11 has an invalid length. [ 60.825466][ T7118] netlink: 132 bytes leftover after parsing attributes in process `syz.1.317'. [ 60.898391][ T7118] netlink: 'syz.1.317': attribute type 10 has an invalid length. [ 60.905139][ T7118] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 61.122483][ T7138] netlink: 'syz.1.324': attribute type 1 has an invalid length. [ 61.125138][ T7138] netlink: 'syz.1.324': attribute type 2 has an invalid length. [ 61.158697][ T7141] »»»»»» speed is unknown, defaulting to 1000 [ 61.226134][ T7141] »»»»»» speed is unknown, defaulting to 1000 [ 61.374639][ T7162] netlink: 40 bytes leftover after parsing attributes in process `syz.0.330'. [ 61.529057][ T7183] ubi0: attaching mtd0 [ 61.532115][ T7183] ubi0: scanning is finished [ 61.533574][ T7183] ubi0: empty MTD device detected [ 61.645350][ T7183] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 61.648022][ T7183] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 61.650119][ T7183] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 61.652118][ T7183] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 61.654257][ T7183] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 61.657041][ T7183] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 61.659950][ T7183] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3881708606 [ 61.662852][ T7183] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 61.666320][ T7191] ubi0: background thread "ubi_bgt0d" started, PID 7191 [ 61.818745][ T7210] netlink: 8 bytes leftover after parsing attributes in process `syz.3.343'. [ 61.874285][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 61.888471][ T7212] netlink: 8 bytes leftover after parsing attributes in process `syz.0.344'. [ 61.891045][ T7212] netlink: 'syz.0.344': attribute type 30 has an invalid length. [ 61.893948][ T7212] netlink: 12 bytes leftover after parsing attributes in process `syz.0.344'. [ 61.905960][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 61.911005][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 61.916302][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 61.918955][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 62.295902][ T56] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 62.445883][ T56] usb 5-1: Using ep0 maxpacket: 8 [ 62.449634][ T56] usb 5-1: config 0 has an invalid interface number: 223 but max is 1 [ 62.452063][ T56] usb 5-1: config 0 has an invalid descriptor of length 254, skipping remainder of the config [ 62.454985][ T56] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 62.457660][ T56] usb 5-1: config 0 has no interface number 0 [ 62.459480][ T56] usb 5-1: config 0 interface 223 altsetting 1 endpoint 0x7 has invalid maxpacket 1023, setting to 64 [ 62.462626][ T56] usb 5-1: config 0 interface 223 altsetting 1 has an invalid descriptor for endpoint zero, skipping [ 62.465742][ T56] usb 5-1: config 0 interface 223 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 32 [ 62.468636][ T56] usb 5-1: config 0 interface 223 altsetting 1 has an invalid descriptor for endpoint zero, skipping [ 62.471694][ T56] usb 5-1: config 0 interface 223 has no altsetting 0 [ 62.475189][ T56] usb 5-1: New USB device found, idVendor=1410, idProduct=a011, bcdDevice=e0.41 [ 62.477902][ T56] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 62.480181][ T56] usb 5-1: Product: syz [ 62.481387][ T56] usb 5-1: Manufacturer: syz [ 62.482718][ T56] usb 5-1: SerialNumber: syz [ 62.485367][ T56] usb 5-1: config 0 descriptor?? [ 62.487562][ T7236] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 62.698897][ T56] usb 5-1: USB disconnect, device number 4 [ 62.769410][ T7247] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 63.115901][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 63.168453][ T7296] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 63.180646][ T5956] Bluetooth: hci4: sending frame failed (-49) [ 63.183113][ T5292] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 63.332689][ T7323] netlink: 'syz.0.373': attribute type 1 has an invalid length. [ 63.597075][ T7331] netlink: 8 bytes leftover after parsing attributes in process `syz.3.376'. [ 63.622367][ T7333] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 63.625234][ T7333] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 63.628571][ T7333] overlayfs: failed to get uuid (73/file1, err=-13); falling back to uuid=null. [ 64.007726][ T7303] netlink: 'syz.2.370': attribute type 1 has an invalid length. [ 64.044476][ T7346] xt_CT: You must specify a L4 protocol and not use inversions on it [ 64.046189][ T7346] program syz.0.383 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 64.054879][ T7350] program syz.3.381 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 64.101465][ T7356] ipvlan2: entered promiscuous mode [ 64.139175][ T7360] sp0: Synchronizing with TNC [ 64.139902][ T7362] netlink: 'syz.2.387': attribute type 2 has an invalid length. [ 64.148707][ T7360] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 64.150323][ T7362] : entered promiscuous mode [ 64.168662][ T7364] SET target dimension over the limit! [ 64.176847][ T39] kauditd_printk_skb: 41 callbacks suppressed [ 64.176855][ T39] audit: type=1400 audit(2000000016.350:609): avc: denied { name_bind } for pid=7365 comm="syz.2.389" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 64.196786][ T39] audit: type=1400 audit(2000000016.370:610): avc: denied { read } for pid=7365 comm="syz.2.389" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 64.268813][ T39] audit: type=1400 audit(2000000016.440:611): avc: denied { create } for pid=7370 comm="syz.3.390" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 64.275835][ T39] audit: type=1400 audit(2000000016.450:612): avc: denied { bind } for pid=7370 comm="syz.3.390" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 64.308558][ T39] audit: type=1400 audit(2000000016.480:613): avc: denied { accept } for pid=7370 comm="syz.3.390" lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 64.319398][ T39] audit: type=1400 audit(2000000016.490:614): avc: denied { read } for pid=7370 comm="syz.3.390" laddr=::ffff:127.0.0.1 lport=20000 faddr=::ffff:127.0.0.1 fport=33980 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 64.382255][ T7381] mkiss: ax0: crc mode is auto. [ 64.453461][ T7386] dccp_close: ABORT with 32 bytes unread [ 64.552773][ T39] audit: type=1400 audit(2000000016.720:615): avc: denied { read } for pid=7390 comm="syz.0.395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 65.009261][ T7366] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 65.012071][ T7366] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 65.019892][ T7366] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 65.022775][ T7366] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 65.024574][ T7366] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 65.029158][ T7366] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 65.030982][ T7366] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 65.033680][ T7366] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 65.120854][ T39] audit: type=1400 audit(2000000017.290:616): avc: denied { nlmsg_read } for pid=7423 comm="syz.1.402" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 65.126209][ T7426] netlink: 4 bytes leftover after parsing attributes in process `syz.3.405'. [ 65.135017][ T5956] Bluetooth: hci3: Malformed Event: 0x2f [ 65.169884][ T39] audit: type=1400 audit(2000000017.340:617): avc: denied { nlmsg_read } for pid=7431 comm="syz.3.407" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 65.213370][ T39] audit: type=1400 audit(2000000017.380:618): avc: denied { bind } for pid=7427 comm="syz.1.406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 65.515866][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.518817][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.538940][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.541089][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.543219][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.545322][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.566109][ T7472] IPv4: Oversized IP packet from 127.202.26.0 [ 65.585930][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.593608][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.606313][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.608479][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.610601][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.612733][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.614883][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.636758][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.651216][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.653388][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.655518][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.668906][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.671090][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.673218][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.675345][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.687999][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.690171][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.692315][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.694454][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.709635][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.711797][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.713919][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.726672][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.729401][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.731671][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.733892][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.748194][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.750430][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.766430][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.768608][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.770740][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.772866][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.775000][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.796391][ T5985] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.803941][ T5985] hid-generic 0000:0000:0000.0002: hidraw1: HID v0.03 Device [syz0] on syz0 [ 66.235690][ T8] usb 8-1: new full-speed USB device number 3 using dummy_hcd [ 66.257519][ T7491] netlink: 'syz.2.422': attribute type 21 has an invalid length. [ 66.259917][ T7491] netlink: 8 bytes leftover after parsing attributes in process `syz.2.422'. [ 66.296489][ T7493] program syz.2.423 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 66.326094][ T5956] Bluetooth: hci1: command 0x0c1a tx timeout [ 66.357053][ T7497] vivid-000: disconnect [ 66.363135][ T7496] vivid-000: reconnect [ 66.398239][ T8] usb 8-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 66.401122][ T8] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 66.403468][ T8] usb 8-1: Product: syz [ 66.415628][ T8] usb 8-1: Manufacturer: syz [ 66.417104][ T8] usb 8-1: SerialNumber: syz [ 66.419774][ T8] usb 8-1: config 0 descriptor?? [ 66.422614][ T8] gspca_main: se401-2.14.0 probing 047d:5003 [ 66.428092][ T7502] netlink: 4 bytes leftover after parsing attributes in process `syz.2.427'. [ 66.583769][ T5956] Bluetooth: hci1: unexpected event for opcode 0x202f [ 66.805499][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880334fb400: rx timeout, send abort [ 66.809452][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880334fb800: rx timeout, send abort [ 66.812577][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880334fb400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 66.818106][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880334fb800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 66.824178][ T8] gspca_se401: ExtraFeatures: 7 [ 66.827358][ T7509] netlink: 32 bytes leftover after parsing attributes in process `syz.0.429'. [ 67.028401][ T8] input: se401 as /devices/platform/dummy_hcd.3/usb8/8-1/input/input7 [ 67.040284][ T8] usb 8-1: USB disconnect, device number 3 [ 67.054734][ T5937] udevd[5937]: setting mode of /dev/bus/usb/008/003 to 020664 failed: No such file or directory [ 67.055720][ T5956] Bluetooth: hci3: command 0x0405 tx timeout [ 67.055738][ T5292] Bluetooth: hci2: command 0x0406 tx timeout [ 67.061985][ T5937] udevd[5937]: setting owner of /dev/bus/usb/008/003 to uid=0, gid=0 failed: No such file or directory [ 67.339028][ T7533] netlink: 'syz.2.438': attribute type 9 has an invalid length. [ 67.341957][ T7533] netlink: 8 bytes leftover after parsing attributes in process `syz.2.438'. [ 67.375268][ T7538] xt_hashlimit: size too large, truncated to 1048576 [ 67.599606][ T7508] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 67.601957][ T7508] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 67.605503][ T7508] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 67.677418][ T7548] syz.0.442: attempt to access beyond end of device [ 67.677418][ T7548] loop0: rw=0, sector=2, nr_sectors = 2 limit=0 [ 67.681150][ T7548] MINIX-fs: unable to read superblock [ 67.758610][ T7557] netlink: 132 bytes leftover after parsing attributes in process `syz.3.443'. [ 67.854322][ T7568] usb usb4: usbfs: process 7568 (syz.3.445) did not claim interface 0 before use [ 67.890588][ T7574] netlink: 12 bytes leftover after parsing attributes in process `syz.3.447'. [ 67.973863][ T7590] misc userio: Begin command sent, but we're already running [ 67.976578][ T7587] misc userio: Can't change port type on an already running userio instance [ 67.995630][ T7594] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 67.998121][ T7594] overlayfs: missing 'lowerdir' [ 68.216646][ T7609] xt_HMARK: spi-set and port-set can't be combined [ 68.278671][ T7613] capability: warning: `syz.0.459' uses 32-bit capabilities (legacy support in use) [ 68.314270][ T7615] overlay: ./file0 is not a directory [ 68.393189][ T7622] sp0: Synchronizing with TNC [ 68.887485][ T5956] Bluetooth: hci1: command 0x0c1a tx timeout [ 68.928653][ T7647] IPv6: NLM_F_CREATE should be specified when creating new route [ 68.932392][ T7647] Cannot find add_set index 1 as target [ 69.055811][ T63] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 69.217858][ T63] usb 7-1: Using ep0 maxpacket: 8 [ 69.220854][ T63] usb 7-1: config 0 has no interfaces? [ 69.224419][ T63] usb 7-1: New USB device found, idVendor=0cdd, idProduct=00b3, bcdDevice=2d.ee [ 69.227874][ T63] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 69.230786][ T63] usb 7-1: Product: syz [ 69.232331][ T63] usb 7-1: Manufacturer: syz [ 69.234368][ T63] usb 7-1: SerialNumber: syz [ 69.235671][ T8] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 69.239085][ T63] usb 7-1: config 0 descriptor?? [ 69.378586][ T7657] netlink: 44 bytes leftover after parsing attributes in process `syz.0.475'. [ 69.381151][ T7657] netlink: 40 bytes leftover after parsing attributes in process `syz.0.475'. [ 69.381252][ T7659] netlink: 16 bytes leftover after parsing attributes in process `syz.0.475'. [ 69.387559][ T8] usb 6-1: config index 0 descriptor too short (expected 72, got 41) [ 69.389848][ T8] usb 6-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 69.392822][ T8] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 69.397971][ T8] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 69.400719][ T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 69.403046][ T8] usb 6-1: Product: syz [ 69.404250][ T8] usb 6-1: Manufacturer: syz [ 69.405627][ T8] usb 6-1: SerialNumber: syz [ 69.408942][ T8] usb 6-1: ath9k_htc: Device endpoint numbers are not the expected ones [ 69.443460][ T7663] netlink: 20 bytes leftover after parsing attributes in process `syz.0.476'. [ 69.606711][ T5956] Bluetooth: hci3: command 0x0405 tx timeout [ 69.606762][ T5292] Bluetooth: hci2: command 0x0406 tx timeout [ 69.735647][ T2298] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 69.753383][ T39] kauditd_printk_skb: 35 callbacks suppressed [ 69.753392][ T39] audit: type=1400 audit(2000002581.918:654): avc: denied { create } for pid=7665 comm="syz.3.477" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 69.761485][ T39] audit: type=1400 audit(2000002581.918:655): avc: denied { ioctl } for pid=7665 comm="syz.3.477" path="socket:[16987]" dev="sockfs" ino=16987 ioctlcmd=0x8915 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 69.905665][ T2298] usb 5-1: Using ep0 maxpacket: 8 [ 69.908526][ T2298] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 69.911062][ T2298] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 69.914831][ T2298] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 69.918255][ T2298] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 69.921724][ T2298] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 69.925777][ T2298] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 69.927944][ T2298] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 69.931835][ T2298] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 69.935415][ T2298] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 69.938642][ T2298] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 69.942843][ T2298] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 69.944968][ T2298] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 69.948212][ T2298] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 69.952659][ T2298] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 69.955853][ T2298] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 69.961375][ T2298] usb 5-1: string descriptor 0 read error: -22 [ 69.963289][ T2298] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 69.965922][ T2298] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 69.977987][ T2298] adutux 5-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 70.612804][ T7669] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 70.614679][ T7669] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 70.616737][ T7669] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 71.208487][ T1416] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.210501][ T1416] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.614922][ T5945] usb 7-1: USB disconnect, device number 4 [ 71.654654][ T39] audit: type=1400 audit(2000002583.818:656): avc: denied { getopt } for pid=7684 comm="syz.2.483" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 71.667323][ T39] audit: type=1400 audit(2000002583.838:657): avc: denied { create } for pid=7682 comm="syz.3.482" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 71.707614][ T5292] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 71.709420][ T7691] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 71.747301][ T39] audit: type=1326 audit(2000002583.918:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7694 comm="syz.2.488" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f84f7185d29 code=0x0 [ 71.780683][ T39] audit: type=1400 audit(2000002583.948:659): avc: denied { write } for pid=7696 comm="syz.3.489" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 71.839365][ T39] audit: type=1800 audit(2000002584.008:660): pid=7697 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.489" name="/" dev="9p" ino=2 res=0 errno=0 [ 71.845815][ T5292] Bluetooth: hci1: command 0x0c1a tx timeout [ 71.918595][ T7705] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=7705 comm=syz.3.490 [ 71.946297][ T39] audit: type=1400 audit(2000002584.118:661): avc: denied { shutdown } for pid=7707 comm="syz.3.491" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 71.990123][ T5945] usb 6-1: USB disconnect, device number 3 [ 72.011154][ T7711] netlink: 'syz.1.492': attribute type 11 has an invalid length. [ 72.118356][ T7715] ptrace attach of "/syz-executor exec"[5942] was attempted by "/syz-executor exec"[7715] [ 72.143760][ T7718] openvswitch: netlink: ct_state flags 010000e0 unsupported [ 72.146789][ T7718] __nla_validate_parse: 1 callbacks suppressed [ 72.146796][ T7718] netlink: 12 bytes leftover after parsing attributes in process `syz.1.494'. [ 72.155075][ T7718] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7) [ 72.157601][ T7718] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 72.162030][ T7718] vhci_hcd vhci_hcd.0: Device attached [ 72.164762][ T7719] vhci_hcd: connection closed [ 72.167045][ T11] vhci_hcd: stop threads [ 72.170049][ T11] vhci_hcd: release socket [ 72.171375][ T11] vhci_hcd: disconnect device [ 72.598092][ T7722] binder: Binderfs stats mode cannot be changed during a remount [ 72.601902][ T39] audit: type=1400 audit(2000002584.768:662): avc: denied { remount } for pid=7721 comm="syz.2.495" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 72.646949][ T5292] Bluetooth: hci3: command 0x0405 tx timeout [ 72.646969][ T5956] Bluetooth: hci2: command 0x0406 tx timeout [ 72.690773][ T39] audit: type=1400 audit(2000002584.858:663): avc: denied { write } for pid=7729 comm="syz.1.498" path="socket:[18798]" dev="sockfs" ino=18798 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 72.852004][ T7746] netlink: 24 bytes leftover after parsing attributes in process `syz.2.502'. [ 72.980735][ T7778] macvlan0: entered allmulticast mode [ 72.982310][ T7778] veth1_vlan: entered allmulticast mode [ 72.984259][ T7778] macvlan0: left allmulticast mode [ 72.985879][ T7778] veth1_vlan: left allmulticast mode [ 73.004307][ T7781] netlink: 4 bytes leftover after parsing attributes in process `syz.3.512'. [ 73.016435][ T7778] netlink: 'syz.1.511': attribute type 4 has an invalid length. [ 73.022275][ T7778] netlink: 'syz.1.511': attribute type 4 has an invalid length. [ 73.029808][ T7778] syzkaller1: entered promiscuous mode [ 73.031596][ T7778] syzkaller1: entered allmulticast mode [ 73.059274][ T7786] trusted_key: syz.3.514 sent an empty control message without MSG_MORE. [ 73.295084][ T7778] syz.1.511 (7778) used greatest stack depth: 21040 bytes left [ 73.690983][ T7806] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 73.695453][ T7806] (unnamed net_device) (uninitialized): (slave geneve0): Device is not bonding slave [ 73.699162][ T7806] (unnamed net_device) (uninitialized): option active_slave: invalid value (geneve0) [ 73.869656][ T7824] binder: 7822:7824 ioctl 4008ae89 20000040 returned -22 [ 73.958410][ T7828] ipt_REJECT: ECHOREPLY no longer supported. [ 73.961177][ T7828] netlink: 12 bytes leftover after parsing attributes in process `syz.2.526'. [ 73.969186][ T7828] binder: BINDER_SET_CONTEXT_MGR already set [ 73.970944][ T7828] binder: 7827:7828 ioctl 4018620d 20004a80 returned -16 [ 73.973081][ T7828] binder: 7827:7828 ioctl c0306201 200004c0 returned -22 [ 73.975195][ T7829] binder: 7827:7829 ioctl c0306201 200004c0 returned -22 [ 74.016125][ T7835] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7835 comm=syz.3.529 [ 74.022330][ T7835] ip6gre1: entered allmulticast mode [ 74.100996][ T7837] netlink: 16 bytes leftover after parsing attributes in process `syz.3.530'. [ 74.323643][ T7848] openvswitch: netlink: IP tunnel dst address not specified [ 74.339765][ T63] usb 5-1: USB disconnect, device number 5 [ 74.369535][ T7852] ebt_among: dst integrity fail: 101 [ 74.418393][ T7859] tipc: Started in network mode [ 74.419865][ T7859] tipc: Node identity aaaaaaaaaa41, cluster identity 4711 [ 74.422037][ T7859] tipc: Enabled bearer , priority 10 [ 74.425001][ T7864] netlink: 80 bytes leftover after parsing attributes in process `syz.1.541'. [ 74.429406][ T7864] netlink: 80 bytes leftover after parsing attributes in process `syz.1.541'. [ 74.805648][ T39] kauditd_printk_skb: 18 callbacks suppressed [ 74.805658][ T39] audit: type=1400 audit(2000002586.968:682): avc: denied { unlink } for pid=5949 comm="syz-executor" name="file0" dev="tmpfs" ino=688 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 74.947839][ T7901] netlink: 8 bytes leftover after parsing attributes in process `syz.2.551'. [ 74.950561][ T7901] bond0: option ad_select: unable to set because the bond device is up [ 75.255663][ T2298] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 75.406930][ T2298] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 75.410207][ T2298] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 75.412812][ T2298] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 75.415677][ T56] tipc: Node number set to 15444650 [ 75.420480][ T2298] usb 5-1: config 0 descriptor?? [ 75.515116][ T7930] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 75.628342][ T2298] usbhid 5-1:0.0: can't add hid device: -71 [ 75.630593][ T2298] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 75.638609][ T2298] usb 5-1: USB disconnect, device number 6 [ 75.951745][ T7922] overlayfs: statfs failed on './file0' [ 76.065637][ T63] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 76.220154][ T63] usb 5-1: Using ep0 maxpacket: 32 [ 76.223283][ T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 76.227447][ T63] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 76.230859][ T63] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 76.236365][ T63] usb 5-1: config 0 descriptor?? [ 76.240068][ T63] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 76.244647][ T63] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 76.328265][ T9] cfg80211: failed to load regulatory.db [ 76.726475][ T67] wlan1: Trigger new scan to find an IBSS to join [ 76.830441][ T8000] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=8000 comm=syz.2.574 [ 77.275226][ T39] audit: type=1400 audit(2000002589.438:683): avc: denied { mount } for pid=8028 comm="syz.2.582" name="/" dev="configfs" ino=3098 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 77.282352][ T39] audit: type=1400 audit(2000002589.448:684): avc: denied { unmount } for pid=5944 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 77.380181][ T8046] tmpfs: Unknown parameter 'usrquota0' [ 77.439546][ T8054] netlink: 12 bytes leftover after parsing attributes in process `syz.1.590'. [ 77.785619][ T8] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 77.935607][ T8] usb 7-1: Using ep0 maxpacket: 8 [ 77.938291][ T8] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 77.940439][ T8] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 77.943610][ T8] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 77.947014][ T8] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 77.950123][ T8] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 77.954044][ T8] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 77.956249][ T8] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 77.959449][ T8] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 77.962736][ T8] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 77.966008][ T8] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 77.970131][ T8] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 77.972298][ T8] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 77.975473][ T8] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 77.978841][ T8] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 77.981928][ T8] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 77.987229][ T8] usb 7-1: string descriptor 0 read error: -22 [ 77.989064][ T8] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 77.991651][ T8] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.996987][ T8] adutux 7-1:168.0: ADU100 now attached to /dev/usb/adutux1 [ 78.039912][ T8] usb 5-1: USB disconnect, device number 7 [ 78.042987][ T8] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 78.108239][ T8070] tipc: Started in network mode [ 78.109717][ T8070] tipc: Node identity ac14140f, cluster identity 4711 [ 78.112586][ T8070] tipc: New replicast peer: 255.255.255.255 [ 78.114970][ T8070] tipc: Enabled bearer , priority 10 [ 78.164432][ T8079] x_tables: duplicate underflow at hook 1 [ 78.259340][ T8091] binder: BINDER_SET_CONTEXT_MGR already set [ 78.261167][ T8091] binder: 8089:8091 ioctl 4018620d 20000040 returned -16 [ 78.274944][ T39] audit: type=1400 audit(2000002590.442:685): avc: denied { listen } for pid=8089 comm="syz.3.600" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 78.338489][ T8090] ALSA: mixer_oss: invalid OSS volume '' [ 78.382951][ T8062] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.471715][ T8062] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.527395][ T8062] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.603408][ T8062] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.665777][ T8062] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.671455][ T8062] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.676935][ T8062] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.682479][ T8062] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.728015][ T39] audit: type=1400 audit(2000002590.902:686): avc: denied { read } for pid=8061 comm="syz.2.592" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 79.032008][ T39] audit: type=1400 audit(2000002591.202:687): avc: denied { mounton } for pid=8111 comm="syz.0.607" path="/138/bus" dev="9p" ino=38666454 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 79.032064][ T8112] overlay: Unknown parameter 'smackfstransmute' [ 79.107159][ T2298] tipc: Node number set to 2886997007 [ 79.113000][ T8114] infiniband sz1: set active [ 79.114479][ T9] »»»»»» speed is unknown, defaulting to 1000 [ 79.115686][ T8114] netlink: 20 bytes leftover after parsing attributes in process `syz.0.608'. [ 79.197638][ T8123] netlink: 8 bytes leftover after parsing attributes in process `syz.0.612'. [ 79.235236][ T39] audit: type=1400 audit(2000002591.402:688): avc: denied { create } for pid=8124 comm="syz.0.613" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 79.283928][ T39] audit: type=1326 audit(2000002591.452:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8128 comm="syz.0.615" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0b1a185d29 code=0x0 [ 79.415697][ T56] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 79.576951][ T56] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 79.580185][ T56] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 79.583026][ T56] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 79.585664][ T56] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.590386][ T8121] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 79.594538][ T56] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 79.695654][ T11] wlan1: Trigger new scan to find an IBSS to join [ 79.737865][ T39] audit: type=1400 audit(2000002591.912:690): avc: denied { listen } for pid=8133 comm="syz.3.616" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 79.751846][ T8134] syzkaller0: entered promiscuous mode [ 79.753516][ T8134] syzkaller0: entered allmulticast mode [ 79.761483][ T39] audit: type=1400 audit(2000002591.932:691): avc: denied { connect } for pid=8133 comm="syz.3.616" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 79.904240][ T8121] fuse: root generation should be zero [ 79.911901][ T2298] usb 6-1: USB disconnect, device number 4 [ 80.176918][ T39] audit: type=1400 audit(2000002592.352:692): avc: denied { create } for pid=8139 comm="syz.0.618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 80.182814][ T39] audit: type=1400 audit(2000002592.352:693): avc: denied { ioctl } for pid=8139 comm="syz.0.618" path="socket:[21682]" dev="sockfs" ino=21682 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 80.559016][ T2298] usb 7-1: USB disconnect, device number 5 [ 80.970610][ T39] audit: type=1400 audit(2000002593.142:694): avc: denied { ioctl } for pid=8152 comm="syz.1.622" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x1269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 81.069769][ T39] audit: type=1400 audit(2000002593.242:695): avc: denied { getopt } for pid=8151 comm="syz.0.621" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 81.287882][ T39] audit: type=1400 audit(2000002593.462:696): avc: denied { setattr } for pid=8167 comm="syz.2.626" name="fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 81.834767][ T39] audit: type=1326 audit(2000002594.002:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8171 comm="syz.1.627" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa1d3d85d29 code=0x0 [ 81.841128][ T39] audit: type=1326 audit(2000002594.002:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8171 comm="syz.1.627" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa1d3d85d29 code=0x0 [ 81.908175][ T39] audit: type=1400 audit(2000002594.082:699): avc: denied { map } for pid=8151 comm="syz.0.621" path="socket:[22581]" dev="sockfs" ino=22581 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 81.914660][ T39] audit: type=1400 audit(2000002594.082:700): avc: denied { read } for pid=8151 comm="syz.0.621" path="socket:[22581]" dev="sockfs" ino=22581 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 81.931178][ T39] audit: type=1400 audit(2000002594.092:701): avc: denied { bind } for pid=8151 comm="syz.0.621" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 81.931218][ T8160] netlink: 28 bytes leftover after parsing attributes in process `syz.0.621'. [ 81.939814][ T8160] netlink: 28 bytes leftover after parsing attributes in process `syz.0.621'. [ 81.945149][ T8180] netlink: 703 bytes leftover after parsing attributes in process `syz.1.629'. [ 82.022256][ T8197] netlink: 'syz.3.631': attribute type 10 has an invalid length. [ 82.036907][ T8192] block nbd1: NBD_DISCONNECT [ 82.038198][ T8197] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 82.038735][ T8192] block nbd1: Send disconnect failed -89 [ 82.043351][ T8190] block nbd1: Disconnected due to user request. [ 82.045304][ T8190] block nbd1: shutting down sockets [ 82.053006][ T8185] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 82.122322][ T8210] netlink: 36 bytes leftover after parsing attributes in process `syz.0.640'. [ 82.137497][ T8210] hpfs: hpfs_map_sector(): read error [ 82.141112][ T8210] netlink: 'syz.0.640': attribute type 3 has an invalid length. [ 82.145836][ T8210] netlink: 'syz.0.640': attribute type 3 has an invalid length. [ 82.223642][ T8214] netlink: 8 bytes leftover after parsing attributes in process `syz.1.642'. [ 82.289518][ T8224] vxfs: WRONG superblock magic 00000000 at 1 [ 82.294870][ T8224] vxfs: WRONG superblock magic 00000000 at 8 [ 82.296718][ T8224] vxfs: can't find superblock. [ 82.553498][ T8234] sp0: Synchronizing with TNC [ 82.588848][ T8236] 9pnet_fd: p9_fd_create_tcp (8236): problem connecting socket to 127.0.0.1 [ 82.625136][ T8241] ------------[ cut here ]------------ [ 82.626818][ T8241] WARNING: CPU: 2 PID: 8241 at net/xfrm/xfrm_state.c:727 __xfrm_state_destroy+0x178/0x1c0 [ 82.629683][ T8241] Modules linked in: [ 82.631316][ T8241] CPU: 2 UID: 0 PID: 8241 Comm: syz.3.651 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0 [ 82.635714][ T8241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.638783][ T8241] RIP: 0010:__xfrm_state_destroy+0x178/0x1c0 [ 82.640885][ T8241] Code: 48 48 8b 35 4a 5f dc 03 48 c7 c2 e0 f8 09 90 bf 08 00 00 00 e8 39 0b 98 f7 5b 5d 41 5c 41 5d e9 fe fe ce f7 e8 f9 fe ce f7 90 <0f> 0b 90 e9 dc fe ff ff e8 3b ab 31 f8 e9 b3 fe ff ff 4c 89 e7 e8 [ 82.647247][ T8241] RSP: 0018:ffffc9000752ef58 EFLAGS: 00010287 [ 82.649079][ T8241] RAX: 00000000000005bd RBX: ffff888029cd8440 RCX: ffffc90007602000 [ 82.651530][ T8241] RDX: 0000000000080000 RSI: ffffffff89cb25a7 RDI: 0000000000000001 [ 82.653783][ T8241] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000005 [ 82.656095][ T8241] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001 [ 82.658445][ T8241] R13: 0000000000000000 R14: ffff888029cd84f4 R15: ffff888029cd8440 [ 82.661124][ T8241] FS: 00007fb8552256c0(0000) GS:ffff88806a800000(0000) knlGS:0000000000000000 [ 82.664300][ T8241] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.666238][ T8241] CR2: 0000000020000096 CR3: 000000004e246000 CR4: 0000000000352ef0 [ 82.668517][ T8241] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 82.670829][ T8241] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 82.673068][ T8241] Call Trace: [ 82.674029][ T8241] [ 82.674931][ T8241] ? __warn+0xea/0x3c0 [ 82.676172][ T8241] ? __xfrm_state_destroy+0x178/0x1c0 [ 82.677726][ T8241] ? report_bug+0x3c0/0x580 [ 82.679051][ T8241] ? handle_bug+0x54/0xa0 [ 82.680559][ T8241] ? exc_invalid_op+0x17/0x50 [ 82.682466][ T8241] ? asm_exc_invalid_op+0x1a/0x20 [ 82.684177][ T8241] ? __xfrm_state_destroy+0x177/0x1c0 [ 82.685767][ T8241] ? __xfrm_state_destroy+0x178/0x1c0 [ 82.687318][ T8241] ? __xfrm_state_destroy+0x177/0x1c0 [ 82.688864][ T8241] xfrm_state_migrate+0x43e/0x1d70 [ 82.690489][ T8241] ? xfrm_migrate_state_find+0x796/0x1600 [ 82.692128][ T8241] xfrm_migrate+0x763/0x1820 [ 82.693469][ T8241] ? __pfx_xfrm_migrate+0x10/0x10 [ 82.694927][ T8241] ? is_bpf_text_address+0x30/0x1a0 [ 82.696497][ T8241] xfrm_do_migrate+0xc0c/0xf10 [ 82.697883][ T8241] ? __pfx___lock_acquire+0x10/0x10 [ 82.699408][ T8241] ? __pfx_xfrm_do_migrate+0x10/0x10 [ 82.701456][ T8241] ? avc_has_perm_noaudit+0x119/0x3a0 [ 82.703561][ T8241] ? __nla_parse+0x40/0x60 [ 82.704843][ T8241] ? __pfx_xfrm_do_migrate+0x10/0x10 [ 82.706405][ T8241] ? xfrm_user_rcv_msg+0x585/0xbf0 [ 82.707877][ T8241] xfrm_user_rcv_msg+0x585/0xbf0 [ 82.709311][ T8241] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 82.711123][ T8241] ? __lock_acquire+0x15a9/0x3c40 [ 82.712579][ T8241] ? __mutex_trylock_common+0xea/0x250 [ 82.714131][ T8241] ? __pfx___mutex_trylock_common+0x10/0x10 [ 82.715913][ T8241] ? xfrm_netlink_rcv+0x62/0x90 [ 82.717436][ T8241] netlink_rcv_skb+0x16b/0x440 [ 82.718858][ T8241] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 82.720746][ T8241] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 82.722907][ T8241] ? xfrm_netlink_rcv+0x62/0x90 [ 82.724490][ T8241] xfrm_netlink_rcv+0x71/0x90 [ 82.725990][ T8241] netlink_unicast+0x53c/0x7f0 [ 82.727395][ T8241] ? __pfx_netlink_unicast+0x10/0x10 [ 82.728912][ T8241] netlink_sendmsg+0x8b8/0xd70 [ 82.730350][ T8241] ? __pfx_netlink_sendmsg+0x10/0x10 [ 82.731890][ T8241] ____sys_sendmsg+0xaaf/0xc90 [ 82.733272][ T8241] ? copy_msghdr_from_user+0x10b/0x160 [ 82.734837][ T8241] ? __pfx_____sys_sendmsg+0x10/0x10 [ 82.736404][ T1136] wlan1: Trigger new scan to find an IBSS to join [ 82.738262][ T8241] ___sys_sendmsg+0x135/0x1e0 [ 82.739627][ T8241] ? __pfx____sys_sendmsg+0x10/0x10 [ 82.741730][ T8241] ? __pfx_lock_release+0x10/0x10 [ 82.743713][ T8241] ? trace_lock_acquire+0x14e/0x1f0 [ 82.745204][ T8241] ? __fget_files+0x206/0x3a0 [ 82.746650][ T8241] __sys_sendmsg+0x16e/0x220 [ 82.747984][ T8241] ? __pfx___sys_sendmsg+0x10/0x10 [ 82.749555][ T8241] ? __x64_sys_futex+0x1e1/0x4c0 [ 82.751075][ T8241] do_syscall_64+0xcd/0x250 [ 82.752401][ T8241] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.754104][ T8241] RIP: 0033:0x7fb854385d29 [ 82.755409][ T8241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.761562][ T8241] RSP: 002b:00007fb855225038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 82.764471][ T8241] RAX: ffffffffffffffda RBX: 00007fb854575fa0 RCX: 00007fb854385d29 [ 82.766847][ T8241] RDX: 0000000020000000 RSI: 00000000200004c0 RDI: 0000000000000005 [ 82.769126][ T8241] RBP: 00007fb854401b08 R08: 0000000000000000 R09: 0000000000000000 [ 82.771404][ T8241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 82.773679][ T8241] R13: 0000000000000000 R14: 00007fb854575fa0 R15: 00007ffe34dcdec8 [ 82.776031][ T8241] [ 82.776949][ T8241] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 82.779058][ T8241] CPU: 2 UID: 0 PID: 8241 Comm: syz.3.651 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0 [ 82.782053][ T8241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.785220][ T8241] Call Trace: [ 82.786221][ T8241] [ 82.787139][ T8241] dump_stack_lvl+0x3d/0x1f0 [ 82.788613][ T8241] panic+0x71d/0x800 [ 82.789770][ T8241] ? __pfx_panic+0x10/0x10 [ 82.791078][ T8241] ? show_trace_log_lvl+0x29d/0x3d0 [ 82.792628][ T8241] ? __xfrm_state_destroy+0x178/0x1c0 [ 82.794304][ T8241] check_panic_on_warn+0xab/0xb0 [ 82.795827][ T8241] __warn+0xf6/0x3c0 [ 82.796957][ T8241] ? __xfrm_state_destroy+0x178/0x1c0 [ 82.798587][ T8241] report_bug+0x3c0/0x580 [ 82.799848][ T8241] handle_bug+0x54/0xa0 [ 82.801054][ T8241] exc_invalid_op+0x17/0x50 [ 82.802369][ T8241] asm_exc_invalid_op+0x1a/0x20 [ 82.803789][ T8241] RIP: 0010:__xfrm_state_destroy+0x178/0x1c0 [ 82.805519][ T8241] Code: 48 48 8b 35 4a 5f dc 03 48 c7 c2 e0 f8 09 90 bf 08 00 00 00 e8 39 0b 98 f7 5b 5d 41 5c 41 5d e9 fe fe ce f7 e8 f9 fe ce f7 90 <0f> 0b 90 e9 dc fe ff ff e8 3b ab 31 f8 e9 b3 fe ff ff 4c 89 e7 e8 [ 82.810963][ T8241] RSP: 0018:ffffc9000752ef58 EFLAGS: 00010287 [ 82.812706][ T8241] RAX: 00000000000005bd RBX: ffff888029cd8440 RCX: ffffc90007602000 [ 82.814964][ T8241] RDX: 0000000000080000 RSI: ffffffff89cb25a7 RDI: 0000000000000001 [ 82.817224][ T8241] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000005 [ 82.819483][ T8241] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001 [ 82.821732][ T8241] R13: 0000000000000000 R14: ffff888029cd84f4 R15: ffff888029cd8440 [ 82.823986][ T8241] ? __xfrm_state_destroy+0x177/0x1c0 [ 82.825541][ T8241] ? __xfrm_state_destroy+0x177/0x1c0 [ 82.827086][ T8241] xfrm_state_migrate+0x43e/0x1d70 [ 82.828661][ T8241] ? xfrm_migrate_state_find+0x796/0x1600 [ 82.830318][ T8241] xfrm_migrate+0x763/0x1820 [ 82.831711][ T8241] ? __pfx_xfrm_migrate+0x10/0x10 [ 82.833166][ T8241] ? is_bpf_text_address+0x30/0x1a0 [ 82.834694][ T8241] xfrm_do_migrate+0xc0c/0xf10 [ 82.836073][ T8241] ? __pfx___lock_acquire+0x10/0x10 [ 82.837580][ T8241] ? __pfx_xfrm_do_migrate+0x10/0x10 [ 82.839105][ T8241] ? avc_has_perm_noaudit+0x119/0x3a0 [ 82.840661][ T8241] ? __nla_parse+0x40/0x60 [ 82.841945][ T8241] ? __pfx_xfrm_do_migrate+0x10/0x10 [ 82.843468][ T8241] ? xfrm_user_rcv_msg+0x585/0xbf0 [ 82.844951][ T8241] xfrm_user_rcv_msg+0x585/0xbf0 [ 82.846380][ T8241] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 82.847956][ T8241] ? __lock_acquire+0x15a9/0x3c40 [ 82.849440][ T8241] ? __mutex_trylock_common+0xea/0x250 [ 82.851011][ T8241] ? __pfx___mutex_trylock_common+0x10/0x10 [ 82.852703][ T8241] ? xfrm_netlink_rcv+0x62/0x90 [ 82.854104][ T8241] netlink_rcv_skb+0x16b/0x440 [ 82.855508][ T8241] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 82.857074][ T8241] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 82.858614][ T8241] ? xfrm_netlink_rcv+0x62/0x90 [ 82.860042][ T8241] xfrm_netlink_rcv+0x71/0x90 [ 82.861398][ T8241] netlink_unicast+0x53c/0x7f0 [ 82.862783][ T8241] ? __pfx_netlink_unicast+0x10/0x10 [ 82.864324][ T8241] netlink_sendmsg+0x8b8/0xd70 [ 82.865709][ T8241] ? __pfx_netlink_sendmsg+0x10/0x10 [ 82.867249][ T8241] ____sys_sendmsg+0xaaf/0xc90 [ 82.868635][ T8241] ? copy_msghdr_from_user+0x10b/0x160 [ 82.870187][ T8241] ? __pfx_____sys_sendmsg+0x10/0x10 [ 82.871714][ T8241] ___sys_sendmsg+0x135/0x1e0 [ 82.873051][ T8241] ? __pfx____sys_sendmsg+0x10/0x10 [ 82.874559][ T8241] ? __pfx_lock_release+0x10/0x10 [ 82.876020][ T8241] ? trace_lock_acquire+0x14e/0x1f0 [ 82.877530][ T8241] ? __fget_files+0x206/0x3a0 [ 82.878900][ T8241] __sys_sendmsg+0x16e/0x220 [ 82.880232][ T8241] ? __pfx___sys_sendmsg+0x10/0x10 [ 82.881696][ T8241] ? __x64_sys_futex+0x1e1/0x4c0 [ 82.883127][ T8241] do_syscall_64+0xcd/0x250 [ 82.884458][ T8241] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.886207][ T8241] RIP: 0033:0x7fb854385d29 [ 82.887499][ T8241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.892949][ T8241] RSP: 002b:00007fb855225038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 82.895342][ T8241] RAX: ffffffffffffffda RBX: 00007fb854575fa0 RCX: 00007fb854385d29 [ 82.897599][ T8241] RDX: 0000000020000000 RSI: 00000000200004c0 RDI: 0000000000000005 [ 82.899846][ T8241] RBP: 00007fb854401b08 R08: 0000000000000000 R09: 0000000000000000 [ 82.902095][ T8241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 82.904367][ T8241] R13: 0000000000000000 R14: 00007fb854575fa0 R15: 00007ffe34dcdec8 [ 82.906609][ T8241] [ 82.908111][ T8241] Kernel Offset: disabled [ 82.909432][ T8241] Rebooting in 86400 seconds.. VM DIAGNOSIS: 18:23:48 Registers: info registers vcpu 0 CPU#0 RAX=0000000000101439 RBX=0000000000000000 RCX=ffffffff8b2a17c9 RDX=0000000000000000 RSI=ffffffff8b6cd9e0 RDI=ffffffff8bd1ef20 RBP=fffffbfff1bd2ef8 RSP=ffffffff8de07e20 R8 =0000000000000001 R9 =ffffed100d4c6fed R10=ffff88806a637f6b R11=0000000000000000 R12=0000000000000000 R13=ffffffff8de977c0 R14=ffffffff905f4990 R15=0000000000000000 RIP=ffffffff8b2a2baf RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fb854577bac CR3=000000004e246000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb854402a9a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb854402aa7 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb854402aa1 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb854402ab5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb854402b3b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb854402c19 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb85454b488 00007fb85454b480 00007fb85454b478 00007fb85454b450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb8550ad100 00007fb85454b440 00007fb85454b458 00007fb85454b4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb85454b498 00007fb85454b490 00007fb85454b488 00007fb85454b480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000000e0845 RBX=0000000000000001 RCX=ffffffff8b2a17c9 RDX=0000000000000000 RSI=ffffffff8b6cd9e0 RDI=ffffffff8bd1ef20 RBP=ffffed10039df910 RSP=ffffc90000187e08 R8 =0000000000000001 R9 =ffffed100d4e6fed R10=ffff88806a737f6b R11=0000000000000000 R12=0000000000000001 R13=ffff88801cefc880 R14=ffffffff905f4990 R15=0000000000000000 RIP=ffffffff8b2a2baf RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005559e62be908 CR3=000000002311e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c1fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000015 000000000001df8a ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555577874096 0000555577873f20 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555577870684 0000555577870680 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555778e7b07 00005555778e6ba0 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0020100006025bd2 03ffffffff0402d0 a208000100000008 0606012db6001000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0303ffffffff0411 c00300080011b803 0c080011b0030072 00080007000c0008 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ffffffffffffffff df0811e003000800 11d80300080011d0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9803010000020806 1290034a08001288 0300080012800300 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0102a81000118004 0a1000060102aa00 080013a003000800 1398032008001390 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0303ffffffff0413 800303ffffffff04 12f00300080012e8 0300080012e00300 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 080012d803000800 12d00303ffffffff 0412c00320080012 b80310080012b003 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0008000803000800 0003000412a00312 0800129803010000 0208061290034a08 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000055 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff851c0d65 RDI=ffffffff9ab11b20 RBP=ffffffff9ab11ae0 RSP=ffffc9000752e8b8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000005 R12=0000000000000000 R13=0000000000000055 R14=ffffffff851c0d00 R15=0000000000000000 RIP=ffffffff851c0d8f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fb8552256c0 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020000096 CR3=000000004e246000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb854402a9a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb854402aa7 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb854402aa1 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb854402ab5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb854402b3b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb854402c19 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb85454b488 00007fb85454b480 00007fb85454b478 00007fb85454b450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb8550ad100 00007fb85454b440 00007fb85454b458 00007fb85454b4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb85454b498 00007fb85454b490 00007fb85454b488 00007fb85454b480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000000ab6b1 RBX=0000000000000003 RCX=ffffffff8b2a17c9 RDX=0000000000000000 RSI=ffffffff8b6cd9e0 RDI=ffffffff8bd1ef20 RBP=ffffed1003ad9488 RSP=ffffc900001a7e08 R8 =0000000000000001 R9 =ffffed100d526fed R10=ffff88806a937f6b R11=0000000000000000 R12=0000000000000003 R13=ffff88801d6ca440 R14=ffffffff905f4990 R15=0000000000000000 RIP=ffffffff8b2a2baf RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020000080 CR3=000000005321a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1100148002001800 00006e616c787600 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f84f7202a9a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f84f7202aa7 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f84f7202aa1 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f84f7202ab5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f84f7202b3b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f84f7202c19 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f84f734b488 00007f84f734b480 00007f84f734b478 00007f84f734b450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f84f7ead100 00007f84f734b440 00007f84f7340004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f84f734b498 00007f84f734b490 00007f84f734b488 00007f84f734b480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000