last executing test programs: 5.933791332s ago: executing program 3 (id=192): r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000640), 0xaa80, 0x0) ioctl$CAPI_MANUFACTURER_CMD(r0, 0xc0404309, &(0x7f0000000040)={0x43, 0x0}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x10, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000b40), 0x2b842ac, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$UI_DEV_CREATE(r5, 0x541b) sendto$inet6(r4, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$sock_int(r6, 0x1, 0x1, &(0x7f0000000180)=0x8001, 0x4) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x58}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r7, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000700)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001880)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @queue={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_QUEUE_NUM={0x6}]}}}]}]}], {0x14}}, 0xbc}}, 0x0) r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/fscaps', 0x10001, 0x90) syz_genetlink_get_family_id$nl80211(0x0, r10) setsockopt$packet_int(r10, 0x107, 0xb, &(0x7f00000000c0), 0x4) r11 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0xc22b01) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r10, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x4c, 0x0, 0x8, 0xc00, 0x0, 0x0, {0x0, 0x0, 0x7}, [@CTA_TIMEOUT_DATA={0x2c, 0x4, 0x0, 0x1, @icmp=[@CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x69}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xd4}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x80000001}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xcaf7}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x4}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x440c4}, 0x48000) write$evdev(r11, &(0x7f0000000540)=[{{0x77359400}, 0x11, 0xf}], 0x18) 4.984907043s ago: executing program 3 (id=197): syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r0, 0x0, 0x0) 2.381854911s ago: executing program 1 (id=225): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000040)={0x4001b, "5660359c3245d1c42317f8f7ffffffffffff0000100000078000", 0xffffffffffffffff}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000180)={0x0, "340b7832ceefd131b8e6498c25f58f00000000e93bbabd1ccfde974a2700", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000000)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00", r2, 0xffffffffffffffff}) ppoll(&(0x7f00000001c0)=[{r3}, {r1}], 0x2, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 2.293371908s ago: executing program 1 (id=226): r0 = socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="91f8efed3733a5cf71b1", 0xa}, {&(0x7f0000000100)="2042cee5952b3423c4b23d98eca1bc728f1dca3734b13cafdf65b25a0a9a268d85f7eed63dea4d6859e4d25916a5b34b2d9d889930b54cd930b911735e7e46e8f0bcb7429b66de726b029cc71edd34ba7cbe314a2dd0908e0a1a16ca050b6569777076112200296f105f222c20f0bb68c0e0920fe0d3e9298d302f4f8d07c14bf01373d1ab387a67123a4d33912b41229131682a17796dcfe179796e0d995ada1e9e53ecefcead1c676c538a5047f1f8af129dd22484e3709c81b6c87cdbfd7c0fe87a593cf98b01659081ad798a710340197faf791469e103679626b9ae6c4d7f16b31be5157df10489f7e7475c1354d9b7", 0xf2}, {&(0x7f0000000300)="f64d7787d84cd6217fe745b741dda12fbc8ec312ad9e4ddd48b847aa6df0f8f054d417e88d74973bac862bbde5dbdf7240aefbc12921ea6848a7994a047b381e1ce0c71e20cada485feadb3fa69f874ec854b74983f7eb09d8b323e9877134cf7d5be8ff3e7087f41b2b9c7d7a6196037e8137240705c73808a2e844f5bf9e7b9bcf888554b4c11d9d3395a9d30ded4621b92a15b13a07c96658aaf01e6371", 0x9f}, {&(0x7f00000003c0)="bae93a99bd21422b5c564e2248ca717b484ca54d63d6c1af9b3f5fc347158578fcc144d5e814934bcc4887142584f48809551add121d1ec2844cd7d17507c9f9681c78c4128563c7840eda25d55e0a15a99f6f88d8d36a3d2af2a0a4c97e7d95b7432a0b35af56e4931d7ff0a6b3b8324130e48586f9caf1434d6ecab8b94719886078febe3d7407ba9ce5fee8e8de8b07bcb8ff25aaa16e7137a52f28b7d83229f8739fff412d145e0655305acdfc1ece0a477b0ac74e6ac94bdb10978d005e4efc22c2f1b081ca", 0xc8}], 0x4}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x20000000ec071, 0xffffffffffffffff, 0x4000) mmap(&(0x7f00000fc000/0x1000)=nil, 0x1000, 0x2000002, 0x4000932, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000540), 0x3c) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f00000003c0)=@gcm_128={{0x303}, "4307c2c205f4393b", "d9f8f21949c7013c36c985047cbc08e9", 'x\x00', "968509000000fff7"}, 0x28) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4) writev(r1, &(0x7f0000002fc0)=[{&(0x7f00000000c0)}, {&(0x7f0000002a80)="15fbac2083d2d244707fa98eef16d52c70d4e3e7090947500d7aeb945a029f42878e07262476362de177ebe986b5883566382161ad97869845d8da037e7409f9df9aec", 0x43}, {&(0x7f0000002b00)="e6ff80fbfbab9c2c9f3d8d7c3efe5e219a8487b411f91cdbb0c6ab538837e4b12b94c0a4c75c988e101a57350116e74c823f2304e8db49ed2bbeefaa412c61f02321e1f571343f39cc", 0x49}, {&(0x7f0000002b80)="d83b60dd671544595fb418a7cd076dae020018", 0x13}], 0x4) 2.29303438s ago: executing program 1 (id=227): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001b00)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a300000000014000480080002400000000008000140000000000900010073797a300000000054000000060a010400000000000000000100000008000b40000000000900010073797a30000000002c00048028000180080001006e6174001c000280080005400000000908000140001d000008000240000000021400000011517d"], 0xdc}}, 0x0) 2.211518463s ago: executing program 1 (id=228): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0, 0xffffffffffffff25}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x42, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x18, 0x0, 0x0) 1.918555951s ago: executing program 3 (id=229): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffff7a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast}) close(r2) 1.616926625s ago: executing program 3 (id=232): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x202, 0x0) ioctl$SNDCTL_TMR_START(0xffffffffffffffff, 0x5402) write$sequencer(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="9403029403ff"], 0x10) 1.542025122s ago: executing program 3 (id=234): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000040)={0x4001b, "5660359c3245d1c42317f8f7ffffffffffff0000100000078000", 0xffffffffffffffff}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000180)={0x0, "340b7832ceefd131b8e6498c25f58f00000000e93bbabd1ccfde974a2700", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000000)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00", r2, 0xffffffffffffffff}) ppoll(&(0x7f00000001c0)=[{r3}, {r1}], 0x2, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 1.470012824s ago: executing program 3 (id=236): syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d1d7a440041601801f44010203010902120001000000000904"], 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xdc3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x4a202) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1, 0x0, 0x4, 0x800}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2) getpgid(0xffffffffffffffff) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r3 = openat$6lowpan_control(0xffffff9c, &(0x7f0000000000), 0x22, 0x0) write$6lowpan_control(r3, &(0x7f0000000080)='connect aa:aa:aa:aa:aa:11 0', 0x1b) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15) syz_emit_vhci(0x0, 0x22) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000003e40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a44000000060a090400000000000000000200000018000480140001800a0001006c696d697400000004000280080009400000000208000b403f305067050007409c0000003c000000180a01010000000000000000010000091c0003800800014000000000080002400000fb4108000140000000000c000540000000000000000340000000060a010100000020000000000000000108000b400000000508000b40000000ed08000b4000000d6208000a40000000020900010073797a3100000000140000001100010000000000000000000000000a"], 0xe8}}, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r0, 0x80dc5521, &(0x7f0000000080)=""/7) 1.291799775s ago: executing program 1 (id=244): socket$nl_generic(0x10, 0x3, 0x10) inotify_init1(0x0) socket(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xf, &(0x7f0000000d80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket(0x10, 0x3, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000019000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, 0x0}], 0x1, 0xa, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.021651241s ago: executing program 0 (id=248): socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000dc0)={{0x14}, [@NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x201, 0x0, 0x0, {0x3}, [@NFTA_TABLE_HANDLE={0xc}]}], {0x14}}, 0x48}}, 0x0) 1.021506959s ago: executing program 0 (id=249): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)={0x20, r0, 0x1, 0x0, 0x0, {{0x2}, {@void, @val={0xc}}}}, 0x20}}, 0x0) 963.353995ms ago: executing program 0 (id=250): socket$inet6_tcp(0xa, 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.parent_freezing\x00', 0x275a, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) socket$inet6_sctp(0xa, 0x5, 0x84) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x6, 0xc}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x5}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10) syz_open_procfs$namespace(0x0, &(0x7f0000001a80)='ns/pid_for_children\x00') bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0), 0x34) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r3, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70) 911.531919ms ago: executing program 0 (id=251): fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, 0x0) syz_emit_ethernet(0x29a, &(0x7f00000001c0)={@dev, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x264, 0x3a, 0x0, @dev, @dev, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xd, "7db4265c9f6aa3b46521199ea778d105c24ab977edb940e63f49a7129f45462e5eecc39f468544e3c13aa9017ccd638e784912ef2c2589d0d45cf0ed4bbe909218459bcbeaf63697aef1702b895af582b2e3b5cd435f497d415f29c5d941df10c1ca58197441e0e9b3400d98"}, {0x0, 0x8, "1598a4a8a719ffe0621615f6d04dcae3360546cf06f2665bae2296931fd1d71c1f7e8f222b9ddc4e0bfb5e5c9a484353b785e79b4d8181cf146261723484c54803466e8b"}, {0x0, 0x34, "130c3818a2eaac43f1a6efc4f7772852ea05bff405aa28758ba53e0f2060e4e027f24bb723a5571d0da2ebeb3fe47f34e606cb3987e3681841f511126b773758e143f6be25d6965fcca35155fec3f970e2067f5db8a5de787eaf96b5957e6b988c02ae9fe26ec3118d9fdcca129d1269b290f687cde5b4eaba737c806335ca0d1e43697d144c6df4dc0d31e84004bc22e87b6e2daab5674479c76a1be360d309e7e7e5fa089032b331a3ceea18d92124681c0b78a0f1665ffcba0bee11950f6b4912bb302b3e648fad7ff4862ccc823e720fdb20af8ab0a6a09dfcdacf69923d60a0efeacf81e1e7e17db9547a4962bdec794c013af7210e54d43f3fe7da2f88c674f4cfd818f6a7461368bf62f1d5f98fd9394eb74bf0559f1c6b1ebec57dba007f143108ca4be3fa330cc21a411b0b7af23ebd9282be17fb702a5ca61650b283eec78e0280e4f2713b42bd4e3615c48c55c1abe5827601038109736f9c6b7242e7c9c917309397b864eedf5ca71db1debb609b6381b54955706017731319e0cc41083f99bd11da748b47d8715080899eb15caf19df36632b73bb22596b"}]}}}}}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00'}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$NL80211_CMD_FRAME(r0, 0x0, 0x0) 911.327434ms ago: executing program 1 (id=252): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0, 0xffffffffffffff25}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x42, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x18, 0x0, 0x0) 911.267749ms ago: executing program 0 (id=253): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x202, 0x0) ioctl$SNDCTL_TMR_START(r0, 0x5402) write$sequencer(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="9403029403ff"], 0x10) 841.524218ms ago: executing program 0 (id=254): syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x23f, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0) r0 = socket(0x400000000010, 0x3, 0x0) write(r0, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02802000030004000500e1000c0400070080000300", 0x33a) 181.595097ms ago: executing program 2 (id=261): openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300), 0x2, 0x0) 131.620305ms ago: executing program 2 (id=262): fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, 0x0) syz_emit_ethernet(0x29a, &(0x7f00000001c0)={@dev, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x264, 0x3a, 0x0, @dev, @dev, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xd, "7db4265c9f6aa3b46521199ea778d105c24ab977edb940e63f49a7129f45462e5eecc39f468544e3c13aa9017ccd638e784912ef2c2589d0d45cf0ed4bbe909218459bcbeaf63697aef1702b895af582b2e3b5cd435f497d415f29c5d941df10c1ca58197441e0e9b3400d98"}, {0x0, 0x8, "1598a4a8a719ffe0621615f6d04dcae3360546cf06f2665bae2296931fd1d71c1f7e8f222b9ddc4e0bfb5e5c9a484353b785e79b4d8181cf146261723484c54803466e8b"}, {0x0, 0x34, "130c3818a2eaac43f1a6efc4f7772852ea05bff405aa28758ba53e0f2060e4e027f24bb723a5571d0da2ebeb3fe47f34e606cb3987e3681841f511126b773758e143f6be25d6965fcca35155fec3f970e2067f5db8a5de787eaf96b5957e6b988c02ae9fe26ec3118d9fdcca129d1269b290f687cde5b4eaba737c806335ca0d1e43697d144c6df4dc0d31e84004bc22e87b6e2daab5674479c76a1be360d309e7e7e5fa089032b331a3ceea18d92124681c0b78a0f1665ffcba0bee11950f6b4912bb302b3e648fad7ff4862ccc823e720fdb20af8ab0a6a09dfcdacf69923d60a0efeacf81e1e7e17db9547a4962bdec794c013af7210e54d43f3fe7da2f88c674f4cfd818f6a7461368bf62f1d5f98fd9394eb74bf0559f1c6b1ebec57dba007f143108ca4be3fa330cc21a411b0b7af23ebd9282be17fb702a5ca61650b283eec78e0280e4f2713b42bd4e3615c48c55c1abe5827601038109736f9c6b7242e7c9c917309397b864eedf5ca71db1debb609b6381b54955706017731319e0cc41083f99bd11da748b47d8715080899eb15caf19df36632b73bb22596b"}]}}}}}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00'}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$NL80211_CMD_FRAME(r0, 0x0, 0x0) 131.475485ms ago: executing program 2 (id=263): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x202, 0x0) ioctl$SNDCTL_TMR_START(r0, 0x5402) write$sequencer(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="9403029403ff"], 0x10) 60.415075ms ago: executing program 2 (id=264): r0 = socket$inet6(0xa, 0x40000080806, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000180)={0x0, @can, @isdn, @llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}}) 60.25791ms ago: executing program 2 (id=265): socket$inet6_tcp(0xa, 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.parent_freezing\x00', 0x275a, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}}, 0x0) 0s ago: executing program 2 (id=266): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000180)='syzkaller\x00'}, 0x90) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x40) syz_emit_ethernet(0xe80, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd602a843500148600fe8000000000000000000000000000bbfe800000000000000000000099d5000000aa000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48) socket$nl_route(0x10, 0x3, 0x0) syz_emit_ethernet(0x1f, &(0x7f00000001c0)=ANY=[], 0x0) creat(0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) gettid() pipe(0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0) kernel console output (not intermixed with test programs): [ 45.603968][ T39] audit: type=1400 audit(1721830350.254:82): avc: denied { siginh } for pid=5154 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 45.972866][ T39] audit: type=1400 audit(1721830350.644:83): avc: denied { write } for pid=5169 comm="sftp-server" path="pipe:[5794]" dev="pipefs" ino=5794 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 46.526539][ T39] audit: type=1400 audit(1721830351.204:84): avc: denied { read } for pid=4678 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 46.534722][ T39] audit: type=1400 audit(1721830351.204:85): avc: denied { append } for pid=4678 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 46.543888][ T39] audit: type=1400 audit(1721830351.204:86): avc: denied { open } for pid=4678 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 46.553200][ T39] audit: type=1400 audit(1721830351.204:87): avc: denied { getattr } for pid=4678 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Warning: Permanently added '[localhost]:57505' (ED25519) to the list of known hosts. [ 49.716517][ T5192] cgroup: Unknown subsys name 'net' [ 49.866630][ T5192] cgroup: Unknown subsys name 'rlimit' [ 50.116966][ T5200] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 51.340707][ T5192] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 54.860837][ T39] kauditd_printk_skb: 17 callbacks suppressed [ 54.860851][ T39] audit: type=1400 audit(1721830359.534:105): avc: denied { execmem } for pid=5202 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 55.414905][ T39] audit: type=1400 audit(1721830360.084:106): avc: denied { mounton } for pid=5206 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 55.427152][ T39] audit: type=1400 audit(1721830360.084:107): avc: denied { mount } for pid=5206 comm="syz-executor" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 55.436496][ T39] audit: type=1400 audit(1721830360.084:108): avc: denied { create } for pid=5206 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 55.444423][ T39] audit: type=1400 audit(1721830360.084:109): avc: denied { read write } for pid=5206 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 55.453662][ T39] audit: type=1400 audit(1721830360.084:110): avc: denied { open } for pid=5206 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 55.463173][ T39] audit: type=1400 audit(1721830360.094:111): avc: denied { ioctl } for pid=5206 comm="syz-executor" path="socket:[4841]" dev="sockfs" ino=4841 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 55.465933][ T5213] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 55.476573][ T5214] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 55.479737][ T5214] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 55.479859][ T5219] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 55.483077][ T5214] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 55.486344][ T5219] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 55.490391][ T5214] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 55.492219][ T5219] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 55.495161][ T5214] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 55.498842][ T5219] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 55.500812][ T5214] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 55.504275][ T5219] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 55.507589][ T5222] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 55.509671][ T5219] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 55.513023][ T5222] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 55.518628][ T5222] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 55.521349][ T39] audit: type=1400 audit(1721830360.194:112): avc: denied { read } for pid=5206 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 55.527219][ T5223] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 55.530047][ T39] audit: type=1400 audit(1721830360.194:113): avc: denied { open } for pid=5206 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 55.533525][ T5223] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 55.541716][ T5214] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 55.546395][ T39] audit: type=1400 audit(1721830360.194:114): avc: denied { mounton } for pid=5206 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 55.547231][ T66] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 55.557436][ T5223] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 55.558450][ T66] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 55.559983][ T5223] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 55.563182][ T66] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 55.845873][ T5207] chnl_net:caif_netlink_parms(): no params data found [ 55.942341][ T5206] chnl_net:caif_netlink_parms(): no params data found [ 56.073703][ T5207] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.076897][ T5207] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.079434][ T5207] bridge_slave_0: entered allmulticast mode [ 56.082292][ T5207] bridge_slave_0: entered promiscuous mode [ 56.109469][ T5218] chnl_net:caif_netlink_parms(): no params data found [ 56.114903][ T5207] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.117357][ T5207] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.119770][ T5207] bridge_slave_1: entered allmulticast mode [ 56.122606][ T5207] bridge_slave_1: entered promiscuous mode [ 56.154546][ T5215] chnl_net:caif_netlink_parms(): no params data found [ 56.239928][ T5207] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.246676][ T5207] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.250625][ T5206] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.253656][ T5206] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.257035][ T5206] bridge_slave_0: entered allmulticast mode [ 56.260616][ T5206] bridge_slave_0: entered promiscuous mode [ 56.320665][ T5206] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.323941][ T5206] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.327338][ T5206] bridge_slave_1: entered allmulticast mode [ 56.331357][ T5206] bridge_slave_1: entered promiscuous mode [ 56.419305][ T5207] team0: Port device team_slave_0 added [ 56.474594][ T5218] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.477385][ T5218] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.479955][ T5218] bridge_slave_0: entered allmulticast mode [ 56.482840][ T5218] bridge_slave_0: entered promiscuous mode [ 56.489135][ T5207] team0: Port device team_slave_1 added [ 56.493326][ T5206] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.518543][ T5218] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.520955][ T5218] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.523369][ T5218] bridge_slave_1: entered allmulticast mode [ 56.526825][ T5218] bridge_slave_1: entered promiscuous mode [ 56.570418][ T5206] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.640332][ T5207] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.643395][ T5207] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.654942][ T5207] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.717839][ T5215] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.720573][ T5215] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.723465][ T5215] bridge_slave_0: entered allmulticast mode [ 56.726839][ T5215] bridge_slave_0: entered promiscuous mode [ 56.731890][ T5218] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.735052][ T5207] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.737419][ T5207] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.747842][ T5207] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.754187][ T5206] team0: Port device team_slave_0 added [ 56.758311][ T5215] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.760862][ T5215] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.763847][ T5215] bridge_slave_1: entered allmulticast mode [ 56.766962][ T5215] bridge_slave_1: entered promiscuous mode [ 56.771255][ T5218] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.779498][ T5206] team0: Port device team_slave_1 added [ 56.903511][ T5218] team0: Port device team_slave_0 added [ 56.907947][ T5206] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.910279][ T5206] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.920439][ T5206] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.926882][ T5215] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.953866][ T5218] team0: Port device team_slave_1 added [ 56.957188][ T5206] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.960321][ T5206] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.971730][ T5206] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.978581][ T5215] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.101691][ T5207] hsr_slave_0: entered promiscuous mode [ 57.106141][ T5207] hsr_slave_1: entered promiscuous mode [ 57.112367][ T5218] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.115333][ T5218] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.123853][ T5218] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.161288][ T5215] team0: Port device team_slave_0 added [ 57.166996][ T5215] team0: Port device team_slave_1 added [ 57.202213][ T5218] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.205470][ T5218] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.216685][ T5218] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.329518][ T5215] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.332297][ T5215] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.341951][ T5215] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.348779][ T5215] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.351692][ T5215] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.364189][ T5215] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.371901][ T5206] hsr_slave_0: entered promiscuous mode [ 57.374495][ T5206] hsr_slave_1: entered promiscuous mode [ 57.377152][ T5206] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.379938][ T5206] Cannot create hsr debugfs directory [ 57.440818][ T5218] hsr_slave_0: entered promiscuous mode [ 57.444965][ T5218] hsr_slave_1: entered promiscuous mode [ 57.448243][ T5218] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.451255][ T5218] Cannot create hsr debugfs directory [ 57.575402][ T66] Bluetooth: hci2: command tx timeout [ 57.575590][ T5223] Bluetooth: hci1: command tx timeout [ 57.575619][ T5216] Bluetooth: hci3: command tx timeout [ 57.575886][ T5216] Bluetooth: hci0: command tx timeout [ 57.634168][ T5215] hsr_slave_0: entered promiscuous mode [ 57.636659][ T5215] hsr_slave_1: entered promiscuous mode [ 57.638927][ T5215] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.641484][ T5215] Cannot create hsr debugfs directory [ 57.954843][ T5207] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 57.960510][ T5207] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 57.965198][ T5207] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 57.970537][ T5207] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 58.019288][ T5218] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 58.026457][ T5218] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 58.033355][ T5218] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 58.042063][ T5218] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 58.098508][ T5206] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 58.106604][ T5206] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 58.114717][ T5206] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 58.120860][ T5206] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 58.196782][ T5215] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 58.203628][ T5215] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 58.224211][ T5215] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 58.229210][ T5215] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 58.241171][ T5207] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.297299][ T5207] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.305697][ T5218] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.320625][ T5206] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.325083][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.328072][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.348704][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.351389][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.376065][ T5218] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.382750][ T5206] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.392258][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.394641][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.414817][ T1267] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.418053][ T1267] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.423545][ T1267] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.426853][ T1267] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.435559][ T1267] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.438771][ T1267] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.481002][ T5207] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 58.485858][ T5207] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 58.531495][ T5215] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.567905][ T5218] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 58.572539][ T5218] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 58.588946][ T5215] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.598950][ T823] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.601441][ T823] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.619192][ T5252] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.622215][ T5252] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.660565][ T5207] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.708873][ T5218] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.717108][ T5207] veth0_vlan: entered promiscuous mode [ 58.732038][ T5207] veth1_vlan: entered promiscuous mode [ 58.748222][ T5206] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.795776][ T5215] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.807230][ T5207] veth0_macvtap: entered promiscuous mode [ 58.827385][ T5218] veth0_vlan: entered promiscuous mode [ 58.830841][ T5207] veth1_macvtap: entered promiscuous mode [ 58.848775][ T5206] veth0_vlan: entered promiscuous mode [ 58.854531][ T5218] veth1_vlan: entered promiscuous mode [ 58.869097][ T5207] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.876674][ T5206] veth1_vlan: entered promiscuous mode [ 58.888584][ T5207] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 58.900075][ T5207] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.903861][ T5207] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.908914][ T5207] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.912586][ T5207] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.954296][ T5215] veth0_vlan: entered promiscuous mode [ 58.961417][ T5206] veth0_macvtap: entered promiscuous mode [ 58.978143][ T5215] veth1_vlan: entered promiscuous mode [ 58.987941][ T5218] veth0_macvtap: entered promiscuous mode [ 58.993149][ T5206] veth1_macvtap: entered promiscuous mode [ 59.008472][ T5218] veth1_macvtap: entered promiscuous mode [ 59.055712][ T5206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.060475][ T5206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.065376][ T5206] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.068646][ T1097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.069813][ T5218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.071872][ T1097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.076459][ T5218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.083531][ T5218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.088127][ T5218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.093974][ T5218] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.110229][ T5206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.114663][ T5206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.121969][ T5206] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.131503][ T5218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.136619][ T5218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.140483][ T5218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.144813][ T5218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.150605][ T5218] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.159261][ T5215] veth0_macvtap: entered promiscuous mode [ 59.168861][ T5206] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.172436][ T5206] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.176884][ T5206] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.180556][ T5206] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.189183][ T5218] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.192892][ T5218] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.197441][ T5218] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.201218][ T5218] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.215040][ T5215] veth1_macvtap: entered promiscuous mode [ 59.215154][ T1097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.220411][ T1097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.257282][ T5215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.262563][ T5215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.267248][ T5215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.271521][ T5215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.275569][ T5215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.279846][ T5215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.285410][ T5215] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.304035][ T5215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.308381][ T5215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.312344][ T5215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.317887][ T5215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.321950][ T5215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.326445][ T5215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.332395][ T5215] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.351921][ T5215] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.356799][ T5215] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.360472][ T5215] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.363984][ T5215] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.393811][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.397781][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.405160][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.408394][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.454202][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.466902][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.478017][ T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.481201][ T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.522311][ T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.528688][ T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.569103][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.572336][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.656912][ T5223] Bluetooth: hci1: command tx timeout [ 59.659124][ T5223] Bluetooth: hci0: command tx timeout [ 59.661401][ T5223] Bluetooth: hci3: command tx timeout [ 59.663661][ T5223] Bluetooth: hci2: command tx timeout [ 59.792079][ T5297] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 60.036162][ T5300] fuse: Unknown parameter '0x0000000000000006' [ 60.039192][ T39] kauditd_printk_skb: 26 callbacks suppressed [ 60.039257][ T39] audit: type=1400 audit(1721830364.714:141): avc: denied { mounton } for pid=5298 comm="syz.0.11" path="/2/file0" dev="tmpfs" ino=28 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 60.079786][ T39] audit: type=1400 audit(1721830364.754:142): avc: denied { mounton } for pid=5298 comm="syz.0.11" path="/proc/7/task" dev="proc" ino=7487 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 60.136509][ T5300] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 61.034807][ T39] audit: type=1400 audit(1721830365.714:143): avc: denied { create } for pid=5304 comm="syz.0.12" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 61.054860][ T39] audit: type=1400 audit(1721830365.714:144): avc: denied { write } for pid=5304 comm="syz.0.12" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 61.426987][ T39] audit: type=1400 audit(1721830366.094:145): avc: denied { create } for pid=5312 comm="syz.0.14" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 61.436248][ T39] audit: type=1400 audit(1721830366.104:146): avc: denied { write } for pid=5312 comm="syz.0.14" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 61.455400][ T39] audit: type=1400 audit(1721830366.104:147): avc: denied { read } for pid=5312 comm="syz.0.14" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 61.632578][ T5324] syz.3.19 uses obsolete (PF_INET,SOCK_PACKET) [ 61.638574][ T39] audit: type=1400 audit(1721830366.314:148): avc: denied { create } for pid=5323 comm="syz.3.19" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 61.646624][ T39] audit: type=1400 audit(1721830366.314:149): avc: denied { ioctl } for pid=5323 comm="syz.3.19" path="socket:[8390]" dev="sockfs" ino=8390 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 61.725113][ T39] audit: type=1400 audit(1721830366.394:150): avc: denied { name_bind } for pid=5326 comm="syz.0.20" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 61.735134][ T5213] Bluetooth: hci2: command tx timeout [ 61.736987][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 61.737459][ T5213] Bluetooth: hci3: command tx timeout [ 61.738953][ T5223] Bluetooth: hci0: command tx timeout [ 61.738986][ T5223] Bluetooth: hci1: command tx timeout [ 61.910452][ T5336] fuse: Unknown parameter '0x0000000000000006' [ 61.976256][ T5336] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 62.035376][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 62.313424][ T5358] netlink: 'syz.3.32': attribute type 3 has an invalid length. [ 62.316866][ T5358] netlink: 8 bytes leftover after parsing attributes in process `syz.3.32'. [ 62.379079][ C3] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 62.602851][ T5368] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 62.611682][ T5368] fuse: Bad value for 'fd' [ 62.676112][ T5370] netlink: 24 bytes leftover after parsing attributes in process `syz.1.37'. [ 62.854851][ T5251] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 63.034844][ T5251] usb 8-1: Using ep0 maxpacket: 32 [ 63.040304][ T5251] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 63.045616][ T5251] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 63.049870][ T5251] usb 8-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 63.053816][ T5251] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.060893][ T5251] usb 8-1: config 0 descriptor?? [ 63.068205][ T5251] hub 8-1:0.0: USB hub found [ 63.131490][ T5379] team_slave_0: entered promiscuous mode [ 63.134140][ T5379] team_slave_1: entered promiscuous mode [ 63.136291][ T5379] macsec1: entered promiscuous mode [ 63.138074][ T5379] team0: entered promiscuous mode [ 63.140248][ T5379] macsec1: entered allmulticast mode [ 63.142056][ T5379] team0: entered allmulticast mode [ 63.143829][ T5379] team_slave_0: entered allmulticast mode [ 63.146146][ T5379] team_slave_1: entered allmulticast mode [ 63.151765][ T5379] team0: left allmulticast mode [ 63.153876][ T5379] team_slave_0: left allmulticast mode [ 63.157588][ T5379] team_slave_1: left allmulticast mode [ 63.161428][ T5379] team0: left promiscuous mode [ 63.164042][ T5379] team_slave_0: left promiscuous mode [ 63.166024][ T5379] team_slave_1: left promiscuous mode [ 63.306159][ T5251] hub 8-1:0.0: config failed, can't read hub descriptor (err -22) [ 63.402615][ T66] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 63.415162][ T66] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 63.422371][ T66] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 63.427822][ T66] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 63.431645][ T66] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 63.436817][ T66] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 63.524045][ T5251] hid-generic 0003:046D:C31C.0002: item fetching failed at offset 0/1 [ 63.528602][ T5251] hid-generic 0003:046D:C31C.0002: probe with driver hid-generic failed with error -22 [ 63.537547][ T5393] fuse: Unknown parameter '0x0000000000000006' [ 63.579689][ T5393] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 63.605161][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 63.670108][ T5387] chnl_net:caif_netlink_parms(): no params data found [ 63.801965][ T5387] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.806681][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 63.810638][ T5387] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.814153][ T5387] bridge_slave_0: entered allmulticast mode [ 63.815285][ T5213] Bluetooth: hci1: command tx timeout [ 63.815315][ T66] Bluetooth: hci0: command tx timeout [ 63.815353][ T66] Bluetooth: hci2: command tx timeout [ 63.819100][ T5387] bridge_slave_0: entered promiscuous mode [ 63.833619][ T5387] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.840843][ T5387] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.845040][ T5387] bridge_slave_1: entered allmulticast mode [ 63.845881][ T8] usb 8-1: USB disconnect, device number 2 [ 63.848159][ T5387] bridge_slave_1: entered promiscuous mode [ 63.915055][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 63.918335][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 63.935757][ T5387] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.943534][ T5387] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 64.009143][ T5387] team0: Port device team_slave_0 added [ 64.018594][ T5387] team0: Port device team_slave_1 added [ 64.082005][ T5387] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.085123][ T5387] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.096607][ T5387] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.103048][ T5387] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.106703][ T5387] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.119873][ T5387] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.191218][ T5387] hsr_slave_0: entered promiscuous mode [ 64.196700][ T5387] hsr_slave_1: entered promiscuous mode [ 64.200031][ T5387] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.203413][ T5387] Cannot create hsr debugfs directory [ 64.428514][ T5387] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.610789][ T5387] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.678903][ T1267] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 64.679300][ T5387] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.706287][ T58] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 64.739912][ T5387] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.831990][ T1097] bridge_slave_1: left allmulticast mode [ 64.836272][ T1097] bridge_slave_1: left promiscuous mode [ 64.838997][ T1097] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.848121][ T1097] bridge_slave_0: left allmulticast mode [ 64.850612][ T1097] bridge_slave_0: left promiscuous mode [ 64.852795][ T1097] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.874943][ T1267] usb 8-1: Using ep0 maxpacket: 32 [ 64.879473][ T1267] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 64.888459][ T1267] usb 8-1: New USB device found, idVendor=0572, idProduct=0320, bcdDevice= 1.85 [ 64.891716][ T1267] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 64.895480][ T1267] usb 8-1: Product: syz [ 64.897024][ T1267] usb 8-1: Manufacturer: syz [ 64.898935][ T1267] usb 8-1: SerialNumber: syz [ 64.900735][ T58] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 64.901870][ T1267] usb 8-1: config 0 descriptor?? [ 64.906781][ T58] usb 6-1: New USB device found, idVendor=0572, idProduct=0320, bcdDevice= 1.85 [ 64.908231][ T1267] usb 8-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 64.909808][ T58] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 64.909820][ T58] usb 6-1: Product: syz [ 64.917815][ T58] usb 6-1: Manufacturer: syz [ 64.919869][ T58] usb 6-1: SerialNumber: syz [ 64.925322][ T58] usb 6-1: config 0 descriptor?? [ 64.930730][ T58] usb 6-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 64.944876][ T1267] usb 8-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 64.947078][ T1267] usb 8-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 64.964889][ T58] usb 6-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 64.968185][ T58] usb 6-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 65.064955][ T1267] usb 8-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 65.067842][ T1267] usb 8-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 65.095023][ T58] usb 6-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 65.097753][ T58] usb 6-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 65.134906][ T1267] usb 8-1: dvb_usb_v2: found a 'DVBSky T330' in warm state [ 65.143483][ T1267] usb 8-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 65.148780][ T1267] dvbdev: DVB: registering new adapter (DVBSky T330) [ 65.154862][ T1267] usb 8-1: media controller created [ 65.157804][ T1267] usb 8-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 65.160814][ T1267] usb 8-1: dvb_usb_v2: MAC address: 00:00:00:00:00:00 [ 65.175130][ T58] usb 6-1: dvb_usb_v2: found a 'DVBSky T330' in warm state [ 65.185671][ T58] usb 6-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 65.189341][ T1267] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 65.193002][ T58] usb 6-1: USB disconnect, device number 2 [ 65.228383][ T1097] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 65.235642][ T1097] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 65.243224][ T1097] bond0 (unregistering): Released all slaves [ 65.275073][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 65.278692][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 65.315232][ T5387] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 65.327990][ T5387] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 65.338398][ T1267] usb 8-1: USB disconnect, device number 3 [ 65.342386][ T5387] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 65.363455][ T5387] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 65.495837][ T5213] Bluetooth: hci3: command tx timeout [ 65.497249][ T5387] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.514209][ T5387] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.528281][ T39] kauditd_printk_skb: 35 callbacks suppressed [ 65.528294][ T39] audit: type=1400 audit(1721830370.204:186): avc: denied { getopt } for pid=5425 comm="syz.0.58" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 65.530441][ T5253] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.531010][ T39] audit: type=1400 audit(1721830370.204:187): avc: denied { write } for pid=5425 comm="syz.0.58" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 65.537944][ T5253] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.548780][ T823] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.548837][ T823] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.626895][ T39] audit: type=1400 audit(1721830370.304:188): avc: denied { sys_module } for pid=5387 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 65.701236][ T1097] hsr_slave_0: left promiscuous mode [ 65.710741][ T1097] hsr_slave_1: left promiscuous mode [ 65.719207][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 65.722556][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 65.727921][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 65.730602][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 65.754937][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 65.758802][ T1097] veth1_macvtap: left promiscuous mode [ 65.760972][ T1097] veth0_macvtap: left promiscuous mode [ 65.763038][ T1097] veth1_vlan: left promiscuous mode [ 65.766062][ T1097] veth0_vlan: left promiscuous mode [ 65.779328][ T5443] fuse: Unknown parameter '0x0000000000000006' [ 65.803087][ T5443] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 66.076134][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 66.199292][ T5446] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 66.201766][ T5446] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 66.212980][ T5446] vhci_hcd vhci_hcd.0: Device attached [ 66.215844][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 66.222085][ T5447] usbip_core: unknown command [ 66.224127][ T5447] vhci_hcd: unknown pdu 251658240 [ 66.227440][ T5447] usbip_core: unknown command [ 66.231327][ T83] vhci_hcd: stop threads [ 66.234633][ T83] vhci_hcd: release socket [ 66.239851][ T83] vhci_hcd: disconnect device [ 66.415161][ T1097] team0 (unregistering): Port device team_slave_1 removed [ 66.460139][ T1097] team0 (unregistering): Port device team_slave_0 removed [ 66.700107][ T39] audit: type=1400 audit(1721830371.374:189): avc: denied { read } for pid=5455 comm="syz.1.64" name="nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 66.709988][ T39] audit: type=1400 audit(1721830371.374:190): avc: denied { open } for pid=5455 comm="syz.1.64" path="/dev/nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 66.718105][ T39] audit: type=1400 audit(1721830371.374:191): avc: denied { map } for pid=5455 comm="syz.1.64" path="/dev/nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 66.726506][ T39] audit: type=1400 audit(1721830371.374:192): avc: denied { execute } for pid=5455 comm="syz.1.64" path="/dev/nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 66.734969][ T39] audit: type=1400 audit(1721830371.374:193): avc: denied { create } for pid=5455 comm="syz.1.64" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 66.750955][ T39] audit: type=1400 audit(1721830371.384:194): avc: denied { getopt } for pid=5455 comm="syz.1.64" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 66.775923][ T39] audit: type=1400 audit(1721830371.384:195): avc: denied { create } for pid=5455 comm="syz.1.64" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 67.206597][ T5387] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.243709][ T5387] veth0_vlan: entered promiscuous mode [ 67.251347][ T5387] veth1_vlan: entered promiscuous mode [ 67.276428][ T5387] veth0_macvtap: entered promiscuous mode [ 67.283714][ T5387] veth1_macvtap: entered promiscuous mode [ 67.297774][ T5387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.301984][ T5387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.306507][ T5387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.310152][ T5387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.313503][ T5387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.318468][ T5387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.323268][ T5387] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.340489][ T5387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.353871][ T5387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.358944][ T5387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.362629][ T5387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.366983][ T5387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.371770][ T5387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.378554][ T5387] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.387327][ T5387] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.391162][ T5387] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.395194][ T5387] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.398161][ T5387] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.460708][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.463897][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.484151][ T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.487210][ T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.575084][ T5213] Bluetooth: hci3: command tx timeout [ 67.868040][ T5483] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 67.871019][ T5483] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 67.876289][ T5483] vhci_hcd vhci_hcd.0: Device attached [ 67.882569][ T5484] usbip_core: unknown command [ 67.884925][ T5484] vhci_hcd: unknown pdu 251658240 [ 67.887159][ T5484] usbip_core: unknown command [ 67.889599][ T45] vhci_hcd: stop threads [ 67.891342][ T45] vhci_hcd: release socket [ 67.893097][ T45] vhci_hcd: disconnect device [ 68.471355][ T5496] sctp: [Deprecated]: syz.1.78 (pid 5496) Use of struct sctp_assoc_value in delayed_ack socket option. [ 68.471355][ T5496] Use struct sctp_sack_info instead [ 68.479122][ T5496] sctp: [Deprecated]: syz.1.78 (pid 5496) Use of struct sctp_assoc_value in delayed_ack socket option. [ 68.479122][ T5496] Use struct sctp_sack_info instead [ 68.686846][ T1267] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 68.884951][ T1267] usb 5-1: Using ep0 maxpacket: 32 [ 68.892879][ T1267] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 68.900419][ T1267] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 68.908745][ T1267] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 68.913014][ T1267] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.923446][ T1267] usb 5-1: config 0 descriptor?? [ 68.928798][ T1267] hub 5-1:0.0: USB hub found [ 69.134960][ T1267] hub 5-1:0.0: 1 port detected [ 69.654989][ T5213] Bluetooth: hci3: command tx timeout [ 69.738183][ T5517] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 69.740975][ T5517] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 69.742312][ T1267] hub 5-1:0.0: activate --> -90 [ 69.744929][ T5517] vhci_hcd vhci_hcd.0: Device attached [ 69.758992][ T5518] usbip_core: unknown command [ 69.761137][ T5518] vhci_hcd: unknown pdu 251658240 [ 69.763381][ T5518] usbip_core: unknown command [ 69.767396][ T45] vhci_hcd: stop threads [ 69.769325][ T45] vhci_hcd: release socket [ 69.771345][ T45] vhci_hcd: disconnect device [ 71.095657][ T1267] hub 5-1:0.0: hub_ext_port_status failed (err = -32) [ 71.359744][ T58] usb 5-1: USB disconnect, device number 2 [ 71.734904][ T5213] Bluetooth: hci3: command tx timeout [ 71.789423][ T5552] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 71.792277][ T5552] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 71.797530][ T5552] vhci_hcd vhci_hcd.0: Device attached [ 71.803935][ T5553] usbip_core: unknown command [ 71.808259][ T5553] vhci_hcd: unknown pdu 251658240 [ 71.810639][ T5553] usbip_core: unknown command [ 71.814890][ T1087] vhci_hcd: stop threads [ 71.816420][ T1087] vhci_hcd: release socket [ 71.817986][ T1087] vhci_hcd: disconnect device [ 71.835330][ T39] kauditd_printk_skb: 7 callbacks suppressed [ 71.835344][ T39] audit: type=1400 audit(1721830376.514:203): avc: denied { create } for pid=5556 comm="syz.3.99" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 71.848241][ T39] audit: type=1400 audit(1721830376.524:204): avc: denied { write } for pid=5556 comm="syz.3.99" name="file0" dev="tmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 71.857558][ T39] audit: type=1400 audit(1721830376.524:205): avc: denied { open } for pid=5556 comm="syz.3.99" path="/27/file0" dev="tmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 71.870732][ T39] audit: type=1400 audit(1721830376.524:206): avc: denied { ioctl } for pid=5556 comm="syz.3.99" path="/27/file0" dev="tmpfs" ino=155 ioctlcmd=0x1274 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 71.881231][ T39] audit: type=1400 audit(1721830376.534:207): avc: denied { unlink } for pid=5206 comm="syz-executor" name="file0" dev="tmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 71.910565][ T1357] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.912995][ T1357] ieee802154 phy1 wpan1: encryption failed: -22 [ 73.047945][ T5251] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 73.224901][ T5251] usb 5-1: Using ep0 maxpacket: 8 [ 73.231352][ T5251] usb 5-1: New USB device found, idVendor=046d, idProduct=0896, bcdDevice=3a.11 [ 73.234410][ T5251] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.237900][ T5251] usb 5-1: Product: syz [ 73.239331][ T5251] usb 5-1: Manufacturer: syz [ 73.240930][ T5251] usb 5-1: SerialNumber: syz [ 73.256032][ T5251] usb 5-1: config 0 descriptor?? [ 73.261537][ T5251] gspca_main: vc032x-2.14.0 probing 046d:0896 [ 73.474971][ T5592] pimreg: entered allmulticast mode [ 73.479617][ T5592] pimreg: left allmulticast mode [ 74.280338][ T5251] gspca_vc032x: reg_r err -71 [ 74.284214][ T5251] vc032x 5-1:0.0: probe with driver vc032x failed with error -71 [ 74.288673][ T5251] usb 5-1: USB disconnect, device number 3 [ 74.601554][ T39] audit: type=1400 audit(1721830379.274:208): avc: denied { create } for pid=5610 comm="syz.1.120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 74.844113][ T5617] netlink: 25 bytes leftover after parsing attributes in process `syz.0.123'. [ 74.850198][ T5617] gretap0: entered promiscuous mode [ 74.861452][ T5617] netlink: 5 bytes leftover after parsing attributes in process `syz.0.123'. [ 74.865418][ T5617] 0ªX¹¦Dö»: renamed from gretap0 [ 74.869271][ T5617] 0ªX¹¦Dö»: left promiscuous mode [ 74.871054][ T5617] 0ªX¹¦Dö»: entered allmulticast mode [ 74.958950][ T39] audit: type=1400 audit(1721830379.634:209): avc: denied { create } for pid=5612 comm="syz.1.121" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 74.973405][ T39] audit: type=1400 audit(1721830379.634:210): avc: denied { connect } for pid=5612 comm="syz.1.121" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 75.009094][ T39] audit: type=1400 audit(1721830379.684:211): avc: denied { name_bind } for pid=5626 comm="syz.0.126" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 75.804903][ T5636] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2816 sclass=netlink_route_socket pid=5636 comm=syz.3.129 [ 75.891305][ T5643] TCP: request_sock_TCP: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 76.055026][ T39] audit: type=1400 audit(1721830380.674:212): avc: denied { read } for pid=5642 comm="syz.3.132" name="uinput" dev="devtmpfs" ino=864 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 76.906638][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 76.906649][ T39] audit: type=1400 audit(1721830381.574:215): avc: denied { read } for pid=5668 comm="syz.1.142" name="card1" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 76.933798][ T39] audit: type=1400 audit(1721830381.574:216): avc: denied { open } for pid=5668 comm="syz.1.142" path="/dev/dri/card1" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 76.948177][ T39] audit: type=1400 audit(1721830381.594:217): avc: denied { ioctl } for pid=5668 comm="syz.1.142" path="/dev/dri/card1" dev="devtmpfs" ino=638 ioctlcmd=0x64c8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 77.356202][ T39] audit: type=1400 audit(1721830382.034:218): avc: denied { unmount } for pid=5215 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 78.627301][ T39] audit: type=1400 audit(1721830383.294:219): avc: denied { read write } for pid=5712 comm="syz.3.157" name="uhid" dev="devtmpfs" ino=1111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 78.645114][ T39] audit: type=1400 audit(1721830383.294:220): avc: denied { open } for pid=5712 comm="syz.3.157" path="/dev/uhid" dev="devtmpfs" ino=1111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 78.831540][ T39] audit: type=1400 audit(1721830383.504:221): avc: denied { watch } for pid=5714 comm="syz.0.158" path="/47/control" dev="tmpfs" ino=266 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 79.198790][ T39] audit: type=1400 audit(1721830383.874:222): avc: denied { bind } for pid=5726 comm="syz.3.162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 79.208259][ T5727] Bluetooth: MGMT ver 1.23 [ 79.208371][ T39] audit: type=1400 audit(1721830383.894:223): avc: denied { write } for pid=5726 comm="syz.3.162" path="socket:[10526]" dev="sockfs" ino=10526 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 79.758484][ T39] audit: type=1400 audit(1721830384.434:224): avc: denied { create } for pid=5741 comm="syz.0.168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 79.840726][ T5746] capability: warning: `syz.0.170' uses deprecated v2 capabilities in a way that may be insecure [ 80.135766][ C2] TCP: request_sock_TCPv6: Possible SYN flooding on port [::1]:20002. Sending cookies. [ 80.316955][ T5768] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 81.237416][ T5792] block device autoloading is deprecated and will be removed. [ 81.254942][ T5223] Bluetooth: hci0: command 0x0401 tx timeout [ 81.257594][ T5213] Bluetooth: hci0: Opcode 0x0401 failed: -110 [ 81.298374][ T5798] netlink: 24 bytes leftover after parsing attributes in process `syz.0.189'. [ 82.263651][ T25] cfg80211: failed to load regulatory.db [ 82.654840][ T30] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 82.834986][ T30] usb 8-1: Using ep0 maxpacket: 8 [ 82.842561][ T30] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 82.846389][ T30] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 82.849718][ T30] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 82.853847][ T30] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 82.859932][ T30] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 82.863689][ T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 82.883820][ T30] hub 8-1:1.0: bad descriptor, ignoring hub [ 82.885788][ T30] hub 8-1:1.0: probe with driver hub failed with error -5 [ 82.891183][ T30] cdc_wdm 8-1:1.0: skipping garbage [ 82.892942][ T30] cdc_wdm 8-1:1.0: skipping garbage [ 82.911541][ T30] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 82.914117][ T30] cdc_wdm 8-1:1.0: Unknown control protocol [ 83.257343][ T5843] pim6reg1: entered promiscuous mode [ 83.260045][ T5843] pim6reg1: entered allmulticast mode [ 83.511863][ T39] kauditd_printk_skb: 10 callbacks suppressed [ 83.511879][ T39] audit: type=1400 audit(1721830388.184:235): avc: denied { name_bind } for pid=5846 comm="syz.0.205" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 83.653248][ T39] audit: type=1400 audit(1721830388.324:236): avc: denied { create } for pid=5852 comm="syz.1.207" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 83.678875][ T39] audit: type=1400 audit(1721830388.354:237): avc: denied { write } for pid=5852 comm="syz.1.207" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 83.876751][ C3] TCP: request_sock_TCPv6: Possible SYN flooding on port [::1]:20002. Sending cookies. [ 85.347074][ T822] usb 8-1: USB disconnect, device number 4 [ 85.519092][ T5916] pim6reg1: entered promiscuous mode [ 85.521056][ T5916] pim6reg1: entered allmulticast mode [ 86.064914][ T822] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 86.253152][ T822] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 86.257212][ T822] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 86.260661][ T822] usb 8-1: Product: syz [ 86.262471][ T822] usb 8-1: Manufacturer: syz [ 86.264483][ T822] usb 8-1: SerialNumber: syz [ 86.268773][ T822] usb 8-1: config 0 descriptor?? [ 86.477420][ T39] audit: type=1400 audit(1721830391.154:238): avc: denied { read } for pid=5935 comm="syz.3.236" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 86.487186][ T39] audit: type=1400 audit(1721830391.154:239): avc: denied { open } for pid=5935 comm="syz.3.236" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 86.675763][ T5253] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 86.736931][ T39] audit: type=1400 audit(1721830391.414:240): avc: denied { read } for pid=5981 comm="syz.2.255" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 86.746529][ T39] audit: type=1400 audit(1721830391.414:241): avc: denied { open } for pid=5981 comm="syz.2.255" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 86.754436][ T39] audit: type=1400 audit(1721830391.414:242): avc: denied { ioctl } for pid=5981 comm="syz.2.255" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 86.763019][ T39] audit: type=1400 audit(1721830391.414:243): avc: denied { set_context_mgr } for pid=5981 comm="syz.2.255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 86.864881][ T5253] usb 5-1: Using ep0 maxpacket: 16 [ 86.873419][ T5253] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 86.882443][ T5253] usb 5-1: New USB device found, idVendor=05ac, idProduct=023f, bcdDevice= 0.40 [ 86.886702][ T5253] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 86.890294][ T5253] usb 5-1: Product: syz [ 86.892199][ T5253] usb 5-1: Manufacturer: syz [ 86.894347][ T5253] usb 5-1: SerialNumber: syz [ 86.906634][ T5253] usbhid 5-1:1.0: couldn't find an input interrupt endpoint [ 87.111276][ T5978] netlink: 'syz.0.254': attribute type 3 has an invalid length. [ 87.115069][ T5978] netlink: 666 bytes leftover after parsing attributes in process `syz.0.254'. [ 87.120882][ T2683] usb 5-1: USB disconnect, device number 4 [ 87.197227][ T39] audit: type=1400 audit(1721830391.874:244): avc: denied { create } for pid=6000 comm="syz.2.264" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 87.285638][ C2] ================================================================== [ 87.289436][ C2] BUG: KASAN: stack-out-of-bounds in xdp_do_check_flushed+0x41c/0x4e0 [ 87.290481][ T822] usb 8-1: USB disconnect, device number 5 [ 87.293087][ C2] Read of size 4 at addr ffffc900033f7a50 by task syz.2.266/6005 [ 87.293104][ C2] [ 87.293111][ C2] CPU: 2 UID: 0 PID: 6005 Comm: syz.2.266 Not tainted 6.10.0-syzkaller-12246-g786c8248dbd3 #0 [ 87.293128][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.293137][ C2] Call Trace: [ 87.293145][ C2] [ 87.293152][ C2] dump_stack_lvl+0x116/0x1f0 [ 87.316459][ C2] print_report+0xc3/0x620 [ 87.318491][ C2] ? __virt_addr_valid+0x5e/0x590 [ 87.320722][ C2] kasan_report+0xd9/0x110 [ 87.322723][ C2] ? xdp_do_check_flushed+0x41c/0x4e0 [ 87.325120][ C2] ? xdp_do_check_flushed+0x41c/0x4e0 [ 87.327588][ C2] xdp_do_check_flushed+0x41c/0x4e0 [ 87.329934][ C2] __napi_poll.constprop.0+0xd1/0x550 [ 87.332410][ C2] net_rx_action+0xa92/0x1010 [ 87.334542][ C2] ? __pfx_net_rx_action+0x10/0x10 [ 87.336919][ C2] ? __pfx_mark_lock+0x10/0x10 [ 87.338939][ C2] ? __pfx_rcu_is_watching+0x10/0x10 [ 87.341140][ C2] ? trace_rcu_utilization+0x100/0x160 [ 87.343366][ C2] ? mark_held_locks+0x9f/0xe0 [ 87.345218][ C2] handle_softirqs+0x216/0x8f0 [ 87.347060][ C2] ? __pfx_handle_softirqs+0x10/0x10 [ 87.349048][ C2] irq_exit_rcu+0xbb/0x120 [ 87.351025][ C2] sysvec_apic_timer_interrupt+0x95/0xb0 [ 87.353436][ C2] [ 87.354741][ C2] [ 87.356022][ C2] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 87.358593][ C2] RIP: 0010:__sanitizer_cov_trace_switch+0x12/0x90 [ 87.361384][ C2] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 41 56 41 55 41 54 49 89 fc 55 48 89 f5 53 <48> 8b 46 08 48 83 f8 20 74 6b 77 48 48 83 f8 08 74 5b 48 83 f8 10 [ 87.369520][ C2] RSP: 0018:ffffc900033f73c0 EFLAGS: 00000202 [ 87.372095][ C2] RAX: 0000000000000000 RBX: ffffc900033f7470 RCX: 0000000000000001 [ 87.375402][ C2] RDX: ffff888046960000 RSI: ffffffff8b29d6e0 RDI: 0000000000000002 [ 87.378732][ C2] RBP: ffffffff8b29d6e0 R08: 0000000000000001 R09: 0000000000000009 [ 87.382067][ C2] R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000000002 [ 87.385145][ C2] R13: ffffc900033f7bf8 R14: ffffffff90760318 R15: 0000000000000002 [ 87.388508][ C2] unwind_next_frame+0x789/0x23a0 [ 87.390677][ C2] ? mmput+0x62/0x70 [ 87.392376][ C2] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 87.394994][ C2] arch_stack_walk+0x100/0x170 [ 87.397029][ C2] ? mmput+0x62/0x70 [ 87.398550][ C2] ? unlink_anon_vmas+0x458/0x820 [ 87.400686][ C2] stack_trace_save+0x95/0xd0 [ 87.402806][ C2] ? __pfx_stack_trace_save+0x10/0x10 [ 87.405181][ C2] ? __pfx_mark_lock+0x10/0x10 [ 87.407261][ C2] ? __lock_acquire+0xbdd/0x3cb0 [ 87.409424][ C2] kasan_save_stack+0x33/0x60 [ 87.411521][ C2] ? kasan_save_stack+0x33/0x60 [ 87.413711][ C2] ? kasan_save_track+0x14/0x30 [ 87.415877][ C2] ? kasan_save_free_info+0x3b/0x60 [ 87.418195][ C2] ? poison_slab_object+0xf7/0x160 [ 87.420453][ C2] ? __kasan_slab_free+0x32/0x50 [ 87.422645][ C2] ? kmem_cache_free+0x12f/0x3a0 [ 87.424791][ C2] ? unlink_anon_vmas+0x458/0x820 [ 87.426974][ C2] ? free_pgtables+0x12c/0x950 [ 87.429045][ C2] ? exit_mmap+0x3c9/0xb20 [ 87.431031][ C2] ? __mmput+0x12a/0x480 [ 87.432789][ C2] ? mmput+0x62/0x70 [ 87.434394][ C2] kasan_save_track+0x14/0x30 [ 87.436465][ C2] kasan_save_free_info+0x3b/0x60 [ 87.438587][ C2] poison_slab_object+0xf7/0x160 [ 87.440762][ C2] __kasan_slab_free+0x32/0x50 [ 87.442905][ C2] kmem_cache_free+0x12f/0x3a0 [ 87.445030][ C2] ? unlink_anon_vmas+0x458/0x820 [ 87.447232][ C2] unlink_anon_vmas+0x458/0x820 [ 87.449364][ C2] free_pgtables+0x12c/0x950 [ 87.451004][ C2] ? __pfx_free_pgtables+0x10/0x10 [ 87.452812][ C2] ? __pfx_down_write+0x10/0x10 [ 87.454849][ C2] exit_mmap+0x3c9/0xb20 [ 87.456556][ C2] ? __pfx_exit_mmap+0x10/0x10 [ 87.458402][ C2] __mmput+0x12a/0x480 [ 87.459850][ C2] mmput+0x62/0x70 [ 87.461144][ C2] do_exit+0x9bf/0x2bb0 [ 87.462593][ C2] ? get_signal+0x8f2/0x2770 [ 87.464211][ C2] ? __pfx_do_exit+0x10/0x10 [ 87.465997][ C2] ? do_raw_spin_lock+0x12d/0x2c0 [ 87.468236][ C2] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 87.470621][ C2] do_group_exit+0xd3/0x2a0 [ 87.472661][ C2] get_signal+0x25fd/0x2770 [ 87.474701][ C2] ? __pfx_get_signal+0x10/0x10 [ 87.476869][ C2] ? __pfx_do_futex+0x10/0x10 [ 87.478964][ C2] arch_do_signal_or_restart+0x90/0x7e0 [ 87.481428][ C2] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 87.484165][ C2] syscall_exit_to_user_mode+0x150/0x2a0 [ 87.486607][ C2] do_syscall_64+0xda/0x250 [ 87.488627][ C2] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.491165][ C2] RIP: 0033:0x7fd976375f19 [ 87.492665][ C2] Code: Unable to access opcode bytes at 0x7fd976375eef. [ 87.495705][ C2] RSP: 002b:00007fd975dff0f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 87.499380][ C2] RAX: fffffffffffffe00 RBX: 00007fd976505f68 RCX: 00007fd976375f19 [ 87.502860][ C2] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd976505f68 [ 87.506325][ C2] RBP: 00007fd976505f60 R08: 00007fd975dff6c0 R09: 00007fd975dff6c0 [ 87.509791][ C2] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd976505f6c [ 87.513269][ C2] R13: 000000000000000b R14: 00007ffde5e09030 R15: 00007ffde5e09118 [ 87.516599][ C2] [ 87.517887][ C2] [ 87.518980][ C2] The buggy address belongs to stack of task syz.2.266/6005 [ 87.522169][ C2] and is located at offset 24 in frame: [ 87.524621][ C2] exit_mmap+0x0/0xb20 [ 87.526177][ C2] [ 87.526980][ C2] This frame has 2 objects: [ 87.528949][ C2] [32, 96) 'vmi' [ 87.528960][ C2] [128, 256) 'tlb' [ 87.530590][ C2] [ 87.533375][ C2] The buggy address belongs to the virtual mapping at [ 87.533375][ C2] [ffffc900033f0000, ffffc900033f9000) created by: [ 87.533375][ C2] kernel_clone+0xfd/0x980 [ 87.540827][ C2] [ 87.541915][ C2] The buggy address belongs to the physical page: [ 87.544718][ C2] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888028842fc0 pfn:0x28842 [ 87.548973][ C2] memcg:ffff888044607f02 [ 87.550708][ C2] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 87.553657][ C2] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 87.557312][ C2] raw: ffff888028842fc0 0000000000000000 00000001ffffffff ffff888044607f02 [ 87.561023][ C2] page dumped because: kasan: bad access detected [ 87.563689][ C2] page_owner tracks the page as allocated [ 87.565693][ C2] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 5387, tgid 5387 (syz-executor), ts 87148269598, free_ts 86775279280 [ 87.573242][ C2] post_alloc_hook+0x2d1/0x350 [ 87.575308][ C2] get_page_from_freelist+0x1351/0x2e50 [ 87.577186][ C2] __alloc_pages_noprof+0x22b/0x2460 [ 87.579507][ C2] alloc_pages_mpol_noprof+0x275/0x610 [ 87.581913][ C2] __vmalloc_node_range_noprof+0xa6a/0x1520 [ 87.584513][ C2] copy_process+0x2f3b/0x8de0 [ 87.586597][ C2] kernel_clone+0xfd/0x980 [ 87.588308][ C2] __do_sys_clone+0xba/0x100 [ 87.589979][ C2] do_syscall_64+0xcd/0x250 [ 87.591542][ C2] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.593592][ C2] page last free pid 0 tgid 0 stack trace: [ 87.595609][ C2] free_unref_page+0x64a/0xe40 [ 87.597495][ C2] __folio_put+0x31c/0x3e0 [ 87.599459][ C2] free_page_and_swap_cache+0x249/0x2c0 [ 87.601870][ C2] tlb_remove_table_rcu+0x89/0xe0 [ 87.604043][ C2] rcu_core+0x828/0x16b0 [ 87.605900][ C2] handle_softirqs+0x216/0x8f0 [ 87.607966][ C2] irq_exit_rcu+0xbb/0x120 [ 87.609930][ C2] sysvec_apic_timer_interrupt+0x95/0xb0 [ 87.612333][ C2] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 87.614891][ C2] [ 87.615954][ C2] Memory state around the buggy address: [ 87.618385][ C2] ffffc900033f7900: 00 00 00 f1 f1 f1 f1 f1 f1 00 00 00 00 00 00 00 [ 87.621803][ C2] ffffc900033f7980: 00 00 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 [ 87.625219][ C2] >ffffc900033f7a00: 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00 [ 87.628657][ C2] ^ [ 87.631571][ C2] ffffc900033f7a80: 00 00 00 f2 f2 f2 f2 00 00 00 00 00 00 00 00 00 [ 87.635051][ C2] ffffc900033f7b00: 00 00 00 00 00 00 00 f3 f3 f3 f3 00 00 00 00 00 [ 87.638094][ C2] ================================================================== [ 87.641714][ C2] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 87.644986][ C2] CPU: 2 UID: 0 PID: 6005 Comm: syz.2.266 Not tainted 6.10.0-syzkaller-12246-g786c8248dbd3 #0 [ 87.649432][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.654155][ C2] Call Trace: [ 87.655621][ C2] [ 87.656904][ C2] dump_stack_lvl+0x3d/0x1f0 [ 87.658970][ C2] panic+0x6f5/0x7a0 [ 87.660707][ C2] ? __pfx_panic+0x10/0x10 [ 87.662693][ C2] ? check_panic_on_warn+0x1f/0xb0 [ 87.665127][ C2] check_panic_on_warn+0xab/0xb0 [ 87.668011][ C2] end_report+0x117/0x180 [ 87.670547][ C2] kasan_report+0xe9/0x110 [ 87.672496][ C2] ? xdp_do_check_flushed+0x41c/0x4e0 [ 87.674856][ C2] ? xdp_do_check_flushed+0x41c/0x4e0 [ 87.677199][ C2] xdp_do_check_flushed+0x41c/0x4e0 [ 87.679484][ C2] __napi_poll.constprop.0+0xd1/0x550 [ 87.681845][ C2] net_rx_action+0xa92/0x1010 [ 87.683929][ C2] ? __pfx_net_rx_action+0x10/0x10 [ 87.685859][ C2] ? __pfx_mark_lock+0x10/0x10 [ 87.687719][ C2] ? __pfx_rcu_is_watching+0x10/0x10 [ 87.690058][ C2] ? trace_rcu_utilization+0x100/0x160 [ 87.692495][ C2] ? mark_held_locks+0x9f/0xe0 [ 87.694612][ C2] handle_softirqs+0x216/0x8f0 [ 87.696667][ C2] ? __pfx_handle_softirqs+0x10/0x10 [ 87.699002][ C2] irq_exit_rcu+0xbb/0x120 [ 87.700953][ C2] sysvec_apic_timer_interrupt+0x95/0xb0 [ 87.703365][ C2] [ 87.704673][ C2] [ 87.706014][ C2] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 87.708632][ C2] RIP: 0010:__sanitizer_cov_trace_switch+0x12/0x90 [ 87.711500][ C2] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 41 56 41 55 41 54 49 89 fc 55 48 89 f5 53 <48> 8b 46 08 48 83 f8 20 74 6b 77 48 48 83 f8 08 74 5b 48 83 f8 10 [ 87.719771][ C2] RSP: 0018:ffffc900033f73c0 EFLAGS: 00000202 [ 87.722451][ C2] RAX: 0000000000000000 RBX: ffffc900033f7470 RCX: 0000000000000001 [ 87.725910][ C2] RDX: ffff888046960000 RSI: ffffffff8b29d6e0 RDI: 0000000000000002 [ 87.729360][ C2] RBP: ffffffff8b29d6e0 R08: 0000000000000001 R09: 0000000000000009 [ 87.732834][ C2] R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000000002 [ 87.736284][ C2] R13: ffffc900033f7bf8 R14: ffffffff90760318 R15: 0000000000000002 [ 87.739720][ C2] unwind_next_frame+0x789/0x23a0 [ 87.741943][ C2] ? mmput+0x62/0x70 [ 87.743679][ C2] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 87.746433][ C2] arch_stack_walk+0x100/0x170 [ 87.748543][ C2] ? mmput+0x62/0x70 [ 87.750272][ C2] ? unlink_anon_vmas+0x458/0x820 [ 87.752310][ C2] stack_trace_save+0x95/0xd0 [ 87.754427][ C2] ? __pfx_stack_trace_save+0x10/0x10 [ 87.756456][ C2] ? __pfx_mark_lock+0x10/0x10 [ 87.758552][ C2] ? __lock_acquire+0xbdd/0x3cb0 [ 87.760742][ C2] kasan_save_stack+0x33/0x60 [ 87.762842][ C2] ? kasan_save_stack+0x33/0x60 [ 87.764988][ C2] ? kasan_save_track+0x14/0x30 [ 87.767102][ C2] ? kasan_save_free_info+0x3b/0x60 [ 87.769392][ C2] ? poison_slab_object+0xf7/0x160 [ 87.771678][ C2] ? __kasan_slab_free+0x32/0x50 [ 87.773884][ C2] ? kmem_cache_free+0x12f/0x3a0 [ 87.776066][ C2] ? unlink_anon_vmas+0x458/0x820 [ 87.778306][ C2] ? free_pgtables+0x12c/0x950 [ 87.780422][ C2] ? exit_mmap+0x3c9/0xb20 [ 87.782400][ C2] ? __mmput+0x12a/0x480 [ 87.784276][ C2] ? mmput+0x62/0x70 [ 87.786033][ C2] kasan_save_track+0x14/0x30 [ 87.788269][ C2] kasan_save_free_info+0x3b/0x60 [ 87.790542][ C2] poison_slab_object+0xf7/0x160 [ 87.792768][ C2] __kasan_slab_free+0x32/0x50 [ 87.794924][ C2] kmem_cache_free+0x12f/0x3a0 [ 87.797065][ C2] ? unlink_anon_vmas+0x458/0x820 [ 87.799341][ C2] unlink_anon_vmas+0x458/0x820 [ 87.801542][ C2] free_pgtables+0x12c/0x950 [ 87.803457][ C2] ? __pfx_free_pgtables+0x10/0x10 [ 87.805754][ C2] ? __pfx_down_write+0x10/0x10 [ 87.807944][ C2] exit_mmap+0x3c9/0xb20 [ 87.809853][ C2] ? __pfx_exit_mmap+0x10/0x10 [ 87.812011][ C2] __mmput+0x12a/0x480 [ 87.813858][ C2] mmput+0x62/0x70 [ 87.815546][ C2] do_exit+0x9bf/0x2bb0 [ 87.817407][ C2] ? get_signal+0x8f2/0x2770 [ 87.819488][ C2] ? __pfx_do_exit+0x10/0x10 [ 87.821563][ C2] ? do_raw_spin_lock+0x12d/0x2c0 [ 87.823809][ C2] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 87.826204][ C2] do_group_exit+0xd3/0x2a0 [ 87.828238][ C2] get_signal+0x25fd/0x2770 [ 87.830283][ C2] ? __pfx_get_signal+0x10/0x10 [ 87.832478][ C2] ? __pfx_do_futex+0x10/0x10 [ 87.834596][ C2] arch_do_signal_or_restart+0x90/0x7e0 [ 87.837053][ C2] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 87.839786][ C2] syscall_exit_to_user_mode+0x150/0x2a0 [ 87.842288][ C2] do_syscall_64+0xda/0x250 [ 87.844235][ C2] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.846842][ C2] RIP: 0033:0x7fd976375f19 [ 87.848772][ C2] Code: Unable to access opcode bytes at 0x7fd976375eef. [ 87.851810][ C2] RSP: 002b:00007fd975dff0f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 87.855400][ C2] RAX: fffffffffffffe00 RBX: 00007fd976505f68 RCX: 00007fd976375f19 [ 87.858832][ C2] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd976505f68 [ 87.862299][ C2] RBP: 00007fd976505f60 R08: 00007fd975dff6c0 R09: 00007fd975dff6c0 [ 87.865690][ C2] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd976505f6c [ 87.869093][ C2] R13: 000000000000000b R14: 00007ffde5e09030 R15: 00007ffde5e09118 [ 87.872593][ C2] [ 87.874605][ C2] Kernel Offset: disabled [ 87.876541][ C2] Rebooting in 86400 seconds.. VM DIAGNOSIS: 14:13:12 Registers: info registers vcpu 0 CPU#0 RAX=000000000000005d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fd4455 RDI=ffffffff94e3e4a0 RBP=ffffffff94e3e460 RSP=ffffc90004ba7440 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=000000000000005d R14=ffffffff84fd43f0 R15=0000000000000000 RIP=ffffffff84fd447f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=0000000041966000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc68c1d950 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efc213e4337 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efc213e4344 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efc213e433e ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efc213e4352 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efc213e43d8 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efc213e44b6 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000050 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88801547c078 RCX=ffffffff813e8c8f RDX=0000000000000000 RSI=0000000000000004 RDI=ffff88801547c078 RBP=ffff88802afe6880 RSP=ffffc900034c7a28 R8 =0000000000000000 R9 =ffffed1002a8f80f R10=ffff88801547c07b R11=ffff88806b128a40 R12=ffff88801547b900 R13=0000000000000000 R14=000000000003dc68 R15=0000000000000375 RIP=ffffffff813e8cc1 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 000055556d862500 ffffffff 00c00000 GS =0000 ffff88806b100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055558f3da5c8 CR3=0000000025624000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffde5e09420 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9763e4337 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9763e4344 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9763e433e ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9763e4352 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9763e43d8 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9763e44b6 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff816b5a4e RDX=ffff888046960000 RSI=ffffffff816b5a3c RDI=0000000000000001 RBP=000000000000001b RSP=ffffc90000858970 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=206e692073645542 R12=0000000000000000 R13=ffff888020302440 R14=ffffffff8d3ddc73 R15=ffffc900008589f0 RIP=ffffffff816b5a45 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c2b4ede CR3=000000000d97c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9763e4337 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9763e4344 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9763e433e ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9763e4352 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9763e43d8 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9763e44b6 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000aa000000d5 9900000000000000 00000080febb0000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd97703d100 00007fd9764d4440 00007fd9764d0004 0008000f0010000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9764d4498 00007fd9764d4490 00007fd9764d4488 00007fd9764d4480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000009cabf RBX=0000000000000003 RCX=ffffffff8aef3859 RDX=0000000000000000 RSI=ffffffff8b2cc580 RDI=ffffffff8b90c300 RBP=ffffed1003059488 RSP=ffffc900001a7e08 R8 =0000000000000001 R9 =ffffed100d666fe1 R10=ffff88806b337f0b R11=0000000000000000 R12=0000000000000003 R13=ffff8880182ca440 R14=ffffffff8fe74958 R15=0000000000000000 RIP=ffffffff8aef4c4f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fd976507a6c CR3=000000002925c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 302031313a61613a 61613a61613a6161 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2cc6fe4337 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2cc6fe4344 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2cc6fe433e ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2cc6fe4352 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2cc6fe43d8 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2cc6fe44b6 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8002000400000074 696d696c0001000a 8001001480040018 0000000200000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 01010a180000003c 0000009c40070005 6750303f400b0004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 41fb000040020008 0000000040010008 8003001c09000001 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a00000000000000 0000000000010011 0000001400000000 317a797300010009 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 02000000400a0008 620d0000400b0008 ed000000400b0008 05000000400b0008 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000000000000 2000000001010a06 0000004003000000 000000004005000c ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000040010008 41fb000040020008 0000000040010008 8003001c09000001 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000