last executing test programs: 4.77973689s ago: executing program 2 (id=443): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000000000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf", 0x30}], 0x1}, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="15000000ffffffff090000000100000040140000", @ANYBLOB="0100"/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="020000000000000000004000fe"], 0x50) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a80)={0x6, 0x0, 0x0, &(0x7f0000000300)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x4, 0x6, 0x4, 0xffff0001}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94) r1 = socket$alg(0x26, 0x5, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f00000001c0)={{0x14, 0x10, 0x30}, [@NFT_MSG_NEWCHAIN={0x14, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}}], {0x14}}, 0x3c}}, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5a}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x18, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0) 4.710632268s ago: executing program 2 (id=444): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[], 0x270}, 0x1, 0x0, 0x0, 0x8015}, 0x4) r0 = socket$inet(0x2, 0x3, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000005f00)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYRES16=r2, @ANYBLOB="01002dbd0600ffdbdb252100000008000300", @ANYRES32=r3, @ANYBLOB="0600eb00000800000400ec000a00060008021100000100000600f70000ff000008009e"], 0x44}, 0x1, 0x0, 0x0, 0x4048020}, 0x20000) 4.710275635s ago: executing program 2 (id=445): syz_open_dev$usbmon(&(0x7f0000000000), 0x80000001, 0x82002) syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0x7078, 0x0, 0xb, 0x284}, &(0x7f0000000100)=0x0, &(0x7f0000000140)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$kcm(0x29, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x4, 0x80100008b}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f000001b700)=""/102392, 0x18ff8) fsopen(&(0x7f0000000480)='adfs\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x10001, 0x8000, 0x82, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48) 2.369237105s ago: executing program 1 (id=478): r0 = fsopen(&(0x7f0000000100)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) mknod$loop(&(0x7f0000000300)='./file1\x00', 0x6000, 0x0) 2.119948542s ago: executing program 1 (id=479): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) write$input_event(r0, &(0x7f0000000040)={{0x77359400}, 0x5, 0x9, 0x1}, 0x18) syz_open_dev$tty20(0xc, 0x4, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r2, &(0x7f0000000000)=0xfe8e, 0x12) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000100)=r2, 0x4) r3 = openat$kvm(0xffffff9c, &(0x7f0000000300), 0x2000, 0x0) capset(0x0, &(0x7f0000000140)={0x1, 0x0, 0x0, 0x81, 0xfffffffb, 0x4000000}) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478e"]) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000001c0)={[0x3ff, 0x6, 0x5, 0x10, 0x10003, 0x41, 0x400200cc0, 0xffd, 0x8008, 0x6, 0x0, 0x0, 0x5, 0x0, 0x6f, 0x400], 0xeeee8000, 0x2011c0}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 1.679542289s ago: executing program 0 (id=483): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[], 0x270}, 0x1, 0x0, 0x0, 0x8015}, 0x4) r0 = socket$inet(0x2, 0x3, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000005f00)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00', @ANYRES16=r2, @ANYBLOB="01002dbd0600ffdbdb252100000008000300", @ANYRES32=r3, @ANYBLOB="0600eb00000800000400ec000a00060008021100000100000600f70000ff000008009e"], 0x44}, 0x1, 0x0, 0x0, 0x4048020}, 0x20000) 1.679246334s ago: executing program 0 (id=484): openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r1, &(0x7f0000000000)=0xfe8e, 0x12) openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000100)=r1, 0x4) r2 = openat$kvm(0xffffff9c, &(0x7f0000000300), 0x2000, 0x0) capset(0x0, &(0x7f0000000140)={0x1, 0x0, 0x0, 0x81, 0xfffffffb, 0x4000000}) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478e"]) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000340)={[0x3ff, 0x6, 0x5, 0x10, 0x10003, 0x41, 0x400200cc0, 0xffd, 0x8008, 0x6, 0x0, 0x0, 0xb80, 0x0, 0x6f, 0x400], 0xeeee8000, 0x2011c0}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 1.507565255s ago: executing program 0 (id=486): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f0000000140)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c0d23266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x1}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x3}, {}, {0xeda7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x3, 0xfffffffffffffffc, 0x0, 0x0, 0x2004cb, 0x3, 0x0, 0xfffffffffffffff8, 0x0, 0xfffffffffffff2a7, 0x2000000000003ff, 0x2], 0x0, 0x200306}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.250182384s ago: executing program 2 (id=491): socket$nl_generic(0x10, 0x3, 0x10) openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1494c0, 0x189) socket$key(0xf, 0x3, 0x2) syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) socket$rxrpc(0x21, 0x2, 0xa) syz_open_dev$tty1(0xc, 0x4, 0x2) socket$nl_audit(0x10, 0x3, 0x9) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) pipe(&(0x7f0000000080)) pipe(&(0x7f0000000100)) pipe2(&(0x7f0000001040), 0x0) pipe2(&(0x7f0000000240), 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$packet(0x11, 0x3, 0x300) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYRES8=r1], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r2, &(0x7f0000000000), 0xd) 1.189104094s ago: executing program 2 (id=494): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000340)={{0x1, 0x0, 0x0, 0x0, 0xfffffffe}}) 1.188338846s ago: executing program 1 (id=495): r0 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000140), 0x12) 1.120216136s ago: executing program 2 (id=498): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4800000010000304000000000400000000007400", @ANYRES32=0x0, @ANYBLOB="0000000003"], 0x48}, 0x1, 0x0, 0x0, 0x20040884}, 0x0) syz_usb_connect$uac1(0x2, 0x71, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010102000000406b"], 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8) 1.060645818s ago: executing program 1 (id=499): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='net/protocols\x00') r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d) read$FUSE(r3, &(0x7f0000000f80)={0x2020}, 0x2020) 1.060299714s ago: executing program 3 (id=501): r0 = syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f041, 0x10001}) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x6, 0x12, r0, 0x0) 997.99184ms ago: executing program 3 (id=502): syz_open_dev$evdev(&(0x7f0000000180), 0x200, 0xa2600) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x9}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1a"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r2 = getpid() syz_pidfd_open(r2, 0x0) socket$xdp(0x2c, 0x3, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) ppoll(&(0x7f0000000500)=[{r3}], 0x1, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x1, 0xfffffffffffffffd, 0xfffffffffffffffc, 0xffffffffffffffff}, 0x0, &(0x7f0000000240)={0x3ff, 0x4, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) r6 = fcntl$dupfd(r1, 0x0, r1) write$sndseq(r6, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38) pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0xc3ac}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0) 996.196506ms ago: executing program 0 (id=503): socket$nl_generic(0x10, 0x3, 0x10) openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1494c0, 0x189) socket$key(0xf, 0x3, 0x2) syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) socket$rxrpc(0x21, 0x2, 0xa) syz_open_dev$tty1(0xc, 0x4, 0x2) socket$nl_audit(0x10, 0x3, 0x9) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) pipe(&(0x7f0000000080)) pipe(&(0x7f0000000100)) pipe2(&(0x7f0000001040), 0x0) pipe2(&(0x7f0000000240), 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$packet(0x11, 0x3, 0x300) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYRES8=r1], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r2, &(0x7f0000000000), 0xd) 995.850401ms ago: executing program 0 (id=504): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) write$input_event(r0, &(0x7f0000000040)={{0x77359400}, 0x5, 0x9, 0x1}, 0x18) syz_open_dev$tty20(0xc, 0x4, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r2, &(0x7f0000000000)=0xfe8e, 0x12) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000100)=r2, 0x4) r3 = openat$kvm(0xffffff9c, &(0x7f0000000300), 0x2000, 0x0) capset(0x0, &(0x7f0000000140)={0x1, 0x0, 0x0, 0x81, 0xfffffffb, 0x4000000}) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478e"]) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000001c0)={[0x3ff, 0x6, 0x5, 0x10, 0x10003, 0x41, 0x400200cc0, 0xffd, 0x8008, 0x6, 0x0, 0x0, 0x5, 0x0, 0x6f, 0x400], 0xeeee8000, 0x2011c0}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 140.656756ms ago: executing program 1 (id=505): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000000000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf", 0x30}], 0x1}, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="15000000ffffffff090000000100000040140000", @ANYBLOB="0100"/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="020000000000000000004000fe437aa7a54bf42a747c"], 0x50) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a80)={0x6, 0x0, 0x0, &(0x7f0000000300)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x4, 0x6, 0x4, 0xffff0001}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94) r1 = socket$alg(0x26, 0x5, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f00000001c0)={{0x14, 0x10, 0x30}, [@NFT_MSG_NEWCHAIN={0x14, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}}], {0x14}}, 0x3c}}, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5a}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x18, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0) 140.394659ms ago: executing program 3 (id=506): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[], 0x270}, 0x1, 0x0, 0x0, 0x8015}, 0x4) r0 = socket$inet(0x2, 0x3, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000005f00)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00', @ANYRES16=r2, @ANYBLOB="01002dbd0600ffdbdb252100000008000300", @ANYRES32=r3, @ANYBLOB="0600eb00000800000400ec000a00060008021100000100000600f70000ff000008009e"], 0x44}, 0x1, 0x0, 0x0, 0x4048020}, 0x20000) 90.573433ms ago: executing program 1 (id=507): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x8, '\t\x00'}, @local=@item_4={0x3, 0x2, 0x0, "93bf0280"}, @main=@item_4={0x3, 0x0, 0xb, "7488dffc"}]}}, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$INCFS_IOC_PERMIT_FILL(r1, 0xc0104811, 0x0) 90.008914ms ago: executing program 3 (id=508): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000380)=0xa) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)=@delchain={0x5c, 0x64, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x9}, {0x10, 0xffff}}, [@filter_kind_options=@f_flower={{0xb}, {0xfd9b, 0x2, [@TCA_FLOWER_KEY_ENC_IPV6_DST_MASK={0x14, 0x22, [0xffff00, 0xffffffff, 0xffffff00, 0xff]}, @TCA_FLOWER_KEY_IPV4_SRC_MASK={0x0, 0xb, 0xff}]}}]}, 0x5c}}, 0x4040004) 695.546µs ago: executing program 0 (id=509): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(sm4)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10) r1 = accept4(r0, 0x0, 0x0, 0x80000) sendmsg$key(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x28}}, 0x20040818) 306.982µs ago: executing program 3 (id=510): bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x4, 0x6, 0x0, 0x0, 0x4, 0xc6, &(0x7f00000005c0)=""/198, 0x41000, 0x0, '\x00', 0x0, @fallback=0x20}, 0x94) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58) sendmmsg(r0, &(0x7f0000000ec0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000006c0)="cc5c84001214dbd9e5943aa8a315357330c56529d6b619a78687eea13ea02981afbb0fab70e8c3ab037cd82bd48f4947702a177974e7eff5f2ccdec909645f69e3dea5153157374459f6a21ba8609552d9ada54e81b0f19b55b77cf382ad229baa9decce1e", 0x65}, {&(0x7f00000007c0)="a960e57530b65741465209e7c6235055450b1ed3da8592b928d8e20971659d8e3ca392643af5fa7ae0e3455099a5f7b857afa34cbf9962bdc9db46a15e7dcf9412a2b98b6ae75ca1bd7eae82d94855e9ced2", 0x52}, {&(0x7f0000001400)="9af390e2aadb61017e08249a2485ad46a590a90910858e1ceefc66db2ed8f32bf6be0e2f94e7e4db6454393a128402ed26580c7c5ebc85db639da17c927c23dbde640ab030889e8b61f26d270bc73b21c9ac8ba542e6b4ad2cd147059128ba038e4b9ebb20537f437b23b46ec790720e1fb74cef3c677e9978662a84cf2fcf73c73a5e763358496737af6284226bad34fb9083f87d853ab78c816cf32c90bd5c40ff6446214552d29745d34e0c4bfa623d00e5cbb393972371503122a0f44135db5654ace67cddb85a12df91fcf994fc680afe5d34268b23447589ef3f5383d152bf6dd104984297180f896ec8b1ba50952c5ab76e144f5636692d7cf17922c9b447ed6d59553ec6085e07413034875c1ae0947280e1a6f0d5e7f23b32e56ead8590d3269fdcb624cc870968b2f100bf3bc3d2ab105a5f61456d4969181fbd207b6f4d6d9ca0a1920daabec06d0c5e276d18f2571e88373dd41af9080d72aa88b10f8900b48acb61a61007dd4dd0e9240af5382a26f68bd706a83d8df76a4a5d02b39d07f97c4f86dad9e14eb957cc4be52b027a462262589929e3d035188dd9f0561e3ba2de6bafe743d9ae397e9aa423644fba8b2d6425ac1cd78c76e52e04d3a29e74075625fb5e674bab02843991ce804e0d04961f2978f3749c5ad83f355ae5da936fd6e0178d2bd12aacbe0205aa9a15579fd61d738f8d36412e814ba500edaf28ea68b0e96fb1839acf8416d8f5df7fad3b663f68e2ee5784fd01c7021130a490e629b1348acf3479e0392ecabbeeb18ec421c26e76f6f5c480e7decc85a0583a56180f199d26090b10ee5057ec4c1e04be948a5960acda014d", 0x25d}], 0x3}}], 0x1, 0x11) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 0s ago: executing program 3 (id=511): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x3, 0x6576, 0xd}) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r1, 0x100000000) sendmmsg$inet6(r0, &(0x7f00000080c0)=[{{&(0x7f0000000480)={0xa, 0x4e21, 0x8, @private2, 0x6}, 0x1c, &(0x7f00000000c0)=[{&(0x7f00000004c0)="b4", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000001c80)=[{0x0}], 0x1}}], 0x2, 0x931766f6319eed40) shutdown(r0, 0x1) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:21354' (ED25519) to the list of known hosts. [ 45.280498][ T40] audit: type=1400 audit(1760647745.829:62): avc: denied { name_bind } for pid=5912 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 45.303738][ T40] audit: type=1400 audit(1760647745.859:63): avc: denied { write } for pid=5913 comm="sh" path="pipe:[7221]" dev="pipefs" ino=7221 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 45.314689][ T40] audit: type=1400 audit(1760647745.869:64): avc: denied { execute } for pid=5913 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 45.321929][ T40] audit: type=1400 audit(1760647745.869:65): avc: denied { execute_no_trans } for pid=5913 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 47.302584][ T40] audit: type=1400 audit(1760647747.859:66): avc: denied { mounton } for pid=5913 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 47.314661][ T5913] cgroup: Unknown subsys name 'net' [ 47.504859][ T5913] cgroup: Unknown subsys name 'cpuset' [ 47.508746][ T5913] cgroup: Unknown subsys name 'rlimit' [ 47.754679][ T5921] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 48.421344][ T5913] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 51.742135][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 51.742150][ T40] audit: type=1400 audit(1760647752.289:80): avc: denied { execmem } for pid=5927 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 52.002075][ T40] audit: type=1400 audit(1760647752.549:81): avc: denied { create } for pid=5931 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.008654][ T40] audit: type=1400 audit(1760647752.549:82): avc: denied { read write } for pid=5931 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 52.027715][ T5934] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 52.032259][ T5934] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 52.032476][ T40] audit: type=1400 audit(1760647752.549:83): avc: denied { open } for pid=5931 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 52.034786][ T5934] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 52.041764][ T40] audit: type=1400 audit(1760647752.559:84): avc: denied { ioctl } for pid=5931 comm="syz-executor" path="socket:[6045]" dev="sockfs" ino=6045 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.045751][ T5934] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 52.067269][ T5939] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 52.070201][ T5939] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 52.073058][ T5939] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 52.075702][ T5939] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 52.078920][ T5939] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 52.086884][ T5938] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 52.087136][ T40] audit: type=1400 audit(1760647752.639:85): avc: denied { read } for pid=5935 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.093693][ T5938] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 52.096338][ T5945] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 52.097348][ T5943] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 52.098219][ T40] audit: type=1400 audit(1760647752.639:86): avc: denied { open } for pid=5935 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.100283][ T64] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 52.101372][ T5945] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 52.102319][ T40] audit: type=1400 audit(1760647752.639:87): avc: denied { mounton } for pid=5935 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 52.104094][ T5945] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 52.104451][ T5945] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 52.111019][ T5938] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 52.128202][ T5938] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 52.130843][ T5938] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 52.277887][ T40] audit: type=1400 audit(1760647752.829:88): avc: denied { module_request } for pid=5935 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 52.332847][ T5935] chnl_net:caif_netlink_parms(): no params data found [ 52.361743][ T5931] chnl_net:caif_netlink_parms(): no params data found [ 52.461286][ T5936] chnl_net:caif_netlink_parms(): no params data found [ 52.465780][ T5944] chnl_net:caif_netlink_parms(): no params data found [ 52.562922][ T5935] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.565619][ T5935] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.568067][ T5935] bridge_slave_0: entered allmulticast mode [ 52.570692][ T5935] bridge_slave_0: entered promiscuous mode [ 52.574772][ T5931] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.577033][ T5931] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.579757][ T5931] bridge_slave_0: entered allmulticast mode [ 52.582736][ T5931] bridge_slave_0: entered promiscuous mode [ 52.602921][ T5935] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.605369][ T5935] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.607625][ T5935] bridge_slave_1: entered allmulticast mode [ 52.610181][ T5935] bridge_slave_1: entered promiscuous mode [ 52.626745][ T5931] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.629022][ T5931] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.631272][ T5931] bridge_slave_1: entered allmulticast mode [ 52.634945][ T5931] bridge_slave_1: entered promiscuous mode [ 52.705142][ T5935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.722585][ T5931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.731408][ T5935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.765203][ T5936] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.767909][ T5936] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.770235][ T5936] bridge_slave_0: entered allmulticast mode [ 52.773162][ T5936] bridge_slave_0: entered promiscuous mode [ 52.777969][ T5931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.781607][ T5936] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.784208][ T5936] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.786599][ T5936] bridge_slave_1: entered allmulticast mode [ 52.789251][ T5936] bridge_slave_1: entered promiscuous mode [ 52.825184][ T5935] team0: Port device team_slave_0 added [ 52.918720][ T5944] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.921036][ T5944] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.923815][ T5944] bridge_slave_0: entered allmulticast mode [ 52.926401][ T5944] bridge_slave_0: entered promiscuous mode [ 52.929812][ T5935] team0: Port device team_slave_1 added [ 52.932739][ T5931] team0: Port device team_slave_0 added [ 52.936114][ T5936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.939506][ T5944] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.942592][ T5944] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.945413][ T5944] bridge_slave_1: entered allmulticast mode [ 52.948524][ T5944] bridge_slave_1: entered promiscuous mode [ 52.965160][ T5931] team0: Port device team_slave_1 added [ 52.968528][ T5936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.069593][ T5944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.076361][ T5944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.080551][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.082893][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.090908][ T5935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.096079][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.098639][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.108134][ T5931] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.113283][ T5936] team0: Port device team_slave_0 added [ 53.128561][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.130991][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.139164][ T5935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.143230][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.145460][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.153478][ T5931] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.158425][ T5936] team0: Port device team_slave_1 added [ 53.177643][ T5944] team0: Port device team_slave_0 added [ 53.184356][ T5944] team0: Port device team_slave_1 added [ 53.216702][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.218889][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.227727][ T5936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.259183][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.261382][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.269436][ T5944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.273342][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.275885][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.285860][ T5936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.306245][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.308446][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.317448][ T5944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.372010][ T5935] hsr_slave_0: entered promiscuous mode [ 53.374832][ T5935] hsr_slave_1: entered promiscuous mode [ 53.437660][ T5931] hsr_slave_0: entered promiscuous mode [ 53.440356][ T5931] hsr_slave_1: entered promiscuous mode [ 53.442656][ T5931] debugfs: 'hsr0' already exists in 'hsr' [ 53.444505][ T5931] Cannot create hsr debugfs directory [ 53.461710][ T5936] hsr_slave_0: entered promiscuous mode [ 53.464852][ T5936] hsr_slave_1: entered promiscuous mode [ 53.467036][ T5936] debugfs: 'hsr0' already exists in 'hsr' [ 53.468840][ T5936] Cannot create hsr debugfs directory [ 53.532713][ T5944] hsr_slave_0: entered promiscuous mode [ 53.535012][ T5944] hsr_slave_1: entered promiscuous mode [ 53.537060][ T5944] debugfs: 'hsr0' already exists in 'hsr' [ 53.538854][ T5944] Cannot create hsr debugfs directory [ 53.834279][ T5935] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 53.840237][ T5935] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 53.845218][ T5935] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 53.855398][ T5935] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 53.885803][ T5936] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 53.891283][ T5936] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 53.896559][ T5936] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 53.902592][ T5936] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 53.947800][ T5931] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 53.952891][ T5931] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 53.957554][ T5931] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 53.961988][ T5931] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 54.017937][ T5944] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 54.023655][ T5944] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 54.027604][ T5944] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 54.032529][ T5944] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 54.043752][ T5935] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.084129][ T5935] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.092614][ T5938] Bluetooth: hci1: command tx timeout [ 54.099367][ T5936] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.104060][ T1150] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.106469][ T1150] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.110147][ T1150] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.112497][ T1150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.136348][ T5931] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.156658][ T5936] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.161818][ T5931] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.173000][ T5938] Bluetooth: hci3: command tx timeout [ 54.174120][ T5934] Bluetooth: hci0: command tx timeout [ 54.175023][ T5945] Bluetooth: hci2: command tx timeout [ 54.181366][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.183725][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.187895][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.190123][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.193794][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.196021][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.211451][ T5944] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.215431][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.217690][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.239786][ T5944] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.244608][ T40] audit: type=1400 audit(1760647754.799:89): avc: denied { sys_module } for pid=5935 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 54.264541][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.266917][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.270095][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.272367][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.336220][ T5935] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.358476][ T5935] veth0_vlan: entered promiscuous mode [ 54.366369][ T5935] veth1_vlan: entered promiscuous mode [ 54.381932][ T5936] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.391076][ T5935] veth0_macvtap: entered promiscuous mode [ 54.396545][ T5935] veth1_macvtap: entered promiscuous mode [ 54.414813][ T5931] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.418913][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.426189][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.434163][ T99] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.444398][ T99] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.447238][ T99] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.454666][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.458521][ T99] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.465139][ T5936] veth0_vlan: entered promiscuous mode [ 54.481781][ T5936] veth1_vlan: entered promiscuous mode [ 54.495209][ T5931] veth0_vlan: entered promiscuous mode [ 54.504288][ T5931] veth1_vlan: entered promiscuous mode [ 54.517923][ T5936] veth0_macvtap: entered promiscuous mode [ 54.536367][ T5936] veth1_macvtap: entered promiscuous mode [ 54.547783][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.550357][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.558877][ T5944] veth0_vlan: entered promiscuous mode [ 54.568083][ T5931] veth0_macvtap: entered promiscuous mode [ 54.571351][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.579200][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.586623][ T5931] veth1_macvtap: entered promiscuous mode [ 54.590070][ T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.593150][ T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.596848][ T99] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.599571][ T99] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.600019][ T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.605653][ T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.609201][ T5944] veth1_vlan: entered promiscuous mode [ 54.623888][ T5931] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.637202][ T5931] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.657695][ T61] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.657991][ T5935] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 54.661171][ T61] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.669749][ T61] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.673418][ T61] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.677833][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.680410][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.682264][ T5944] veth0_macvtap: entered promiscuous mode [ 54.689865][ T5944] veth1_macvtap: entered promiscuous mode [ 54.705388][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.715581][ T5945] Bluetooth: hci1: unexpected subevent 0x03 length: 232 > 9 [ 54.720533][ T1150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.721004][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.724907][ T1150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.739799][ T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.743031][ T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.749001][ T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.753576][ T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.761056][ T1150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.764610][ T1150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.787969][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.793273][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.828738][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.831712][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.850138][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.853234][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.857439][ T6025] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 54.888687][ T6027] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6'. [ 54.908608][ T6029] syzkaller0: entered promiscuous mode [ 54.910614][ T6029] syzkaller0: entered allmulticast mode [ 54.990996][ T6039] Bluetooth: MGMT ver 1.23 [ 55.117378][ T6045] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 55.152766][ T6015] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 55.202277][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 55.272423][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 55.293306][ T6052] fuse: Bad value for 'group_id' [ 55.295461][ T6052] fuse: Bad value for 'group_id' [ 55.312507][ T6015] usb 5-1: Using ep0 maxpacket: 16 [ 55.314687][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 55.316209][ T6015] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 55.321630][ T6015] usb 5-1: New USB device found, idVendor=09da, idProduct=000a, bcdDevice= 0.00 [ 55.325247][ T6015] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.330341][ T6015] usb 5-1: config 0 descriptor?? [ 55.364787][ T6054] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16'. [ 55.430512][ T6056] Zero length message leads to an empty skb [ 55.592309][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 55.594644][ T6067] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 55.621861][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 55.622153][ T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!! [ 55.641304][ T6072] fuse: Bad value for 'group_id' [ 55.643561][ T6072] fuse: Bad value for 'group_id' [ 55.752552][ T6015] a4tech 0003:09DA:000A.0002: unknown main item tag 0x0 [ 55.754810][ T6015] a4tech 0003:09DA:000A.0002: unknown main item tag 0x0 [ 55.756883][ T6015] a4tech 0003:09DA:000A.0002: unknown main item tag 0x0 [ 55.759131][ T6015] a4tech 0003:09DA:000A.0002: unknown main item tag 0x0 [ 55.772705][ T6015] a4tech 0003:09DA:000A.0002: unknown main item tag 0x0 [ 55.787434][ T6015] a4tech 0003:09DA:000A.0002: hidraw1: USB HID v0.05 Device [HID 09da:000a] on usb-dummy_hcd.0-1/input0 [ 55.813825][ T6079] netlink: 8 bytes leftover after parsing attributes in process `syz.1.27'. [ 55.953613][ T53] usb 5-1: USB disconnect, device number 2 [ 55.989870][ T6092] fuse: Bad value for 'group_id' [ 55.991558][ T6092] fuse: Bad value for 'group_id' [ 56.021997][ T6096] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 56.061896][ T6100] netlink: 8 bytes leftover after parsing attributes in process `syz.3.37'. [ 56.173240][ T5945] Bluetooth: hci1: command tx timeout [ 56.176552][ T6119] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 56.209072][ T6121] netlink: 8 bytes leftover after parsing attributes in process `syz.2.49'. [ 56.252318][ T5945] Bluetooth: hci2: command tx timeout [ 56.253070][ T5934] Bluetooth: hci0: command tx timeout [ 56.255835][ T5938] Bluetooth: hci3: command tx timeout [ 56.347446][ T6144] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 56.415733][ T6154] netlink: 8 bytes leftover after parsing attributes in process `syz.3.63'. [ 56.503271][ T6168] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 56.708315][ T6201] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 56.824523][ T6221] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 56.990322][ T6246] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 57.089532][ T6264] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 57.185847][ T6281] fuse: Unknown parameter 'grou00000000000000000000' [ 57.326131][ T6307] fuse: Unknown parameter 'grou00000000000000000000' [ 57.349304][ T6311] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 57.503048][ T6335] fuse: Unknown parameter 'grou00000000000000000000' [ 57.531459][ T6337] netlink: 40 bytes leftover after parsing attributes in process `syz.1.146'. [ 57.604408][ T6352] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 57.635359][ T6359] fuse: Unknown parameter 'group_i00000000000000000000' [ 57.703853][ T6367] netlink: 40 bytes leftover after parsing attributes in process `syz.2.159'. [ 57.857237][ T6389] netlink: 40 bytes leftover after parsing attributes in process `syz.2.170'. [ 57.863271][ T6386] fuse: Unknown parameter 'group_i00000000000000000000' [ 57.870204][ T6390] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 58.027838][ T6415] fuse: Unknown parameter 'group_i00000000000000000000' [ 58.141955][ T6428] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 58.174973][ T6437] fuse: Unknown parameter 'group_id00000000000000000000' [ 58.262547][ T5938] Bluetooth: hci1: command tx timeout [ 58.316015][ T6452] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 58.332288][ T5938] Bluetooth: hci3: command tx timeout [ 58.332409][ T5934] Bluetooth: hci2: command tx timeout [ 58.334084][ T5945] Bluetooth: hci0: command tx timeout [ 58.367763][ T6461] fuse: Unknown parameter 'group_id00000000000000000000' [ 58.444708][ T6474] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 58.534834][ T6488] fuse: Unknown parameter 'group_id00000000000000000000' [ 58.552889][ T6490] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 58.661414][ T6508] Bluetooth: hci0: invalid length 0, exp 2 for type 27 [ 58.676481][ T6511] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 58.713248][ T6516] fuse: Bad value for 'user_id' [ 58.714878][ T6516] fuse: Bad value for 'user_id' [ 58.796977][ T6528] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 58.873502][ T6539] fuse: Bad value for 'user_id' [ 58.874958][ T6539] fuse: Bad value for 'user_id' [ 58.891207][ T6541] Bluetooth: hci0: invalid length 0, exp 2 for type 27 [ 58.968178][ T6556] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 59.013957][ T6563] fuse: Bad value for 'user_id' [ 59.015568][ T6563] fuse: Bad value for 'user_id' [ 59.077800][ T6574] Bluetooth: hci0: invalid length 0, exp 2 for type 27 [ 59.179583][ T6589] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 59.182757][ T6591] fuse: Bad value for 'fd' [ 59.361210][ T6612] fuse: Bad value for 'fd' [ 59.433198][ T6624] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 59.526379][ T6638] fuse: Bad value for 'fd' [ 59.547425][ T6640] netlink: 48 bytes leftover after parsing attributes in process `syz.0.285'. [ 59.562581][ T6642] syzkaller0: entered promiscuous mode [ 59.564370][ T6642] syzkaller0: entered allmulticast mode [ 59.697184][ T40] kauditd_printk_skb: 62 callbacks suppressed [ 59.697194][ T40] audit: type=1400 audit(1760647760.249:152): avc: denied { connect } for pid=6659 comm="syz.2.295" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 59.709153][ T6666] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 59.714874][ T6663] fuse: Bad value for 'fd' [ 59.815844][ T6680] syzkaller0: entered promiscuous mode [ 59.818237][ T6680] syzkaller0: entered allmulticast mode [ 59.865148][ T6686] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 59.900994][ T6690] fuse: Bad value for 'fd' [ 59.933309][ T6692] __nla_validate_parse: 1 callbacks suppressed [ 59.933319][ T6692] netlink: 48 bytes leftover after parsing attributes in process `syz.1.310'. [ 59.984947][ T6700] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 60.062137][ T53] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 60.087824][ T6712] fuse: Bad value for 'fd' [ 60.130643][ T6716] syzkaller0: entered promiscuous mode [ 60.132856][ T6716] syzkaller0: entered allmulticast mode [ 60.151110][ T6718] netlink: 40 bytes leftover after parsing attributes in process `syz.3.322'. [ 60.224786][ T53] usb 5-1: Using ep0 maxpacket: 8 [ 60.231128][ T53] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 60.234568][ T53] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 60.237648][ T53] usb 5-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00 [ 60.240592][ T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.252191][ T53] usb 5-1: config 0 descriptor?? [ 60.269235][ T6733] fuse: Invalid rootmode [ 60.271982][ T6734] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 60.327825][ T6741] netlink: 40 bytes leftover after parsing attributes in process `syz.1.333'. [ 60.332223][ T5945] Bluetooth: hci1: command tx timeout [ 60.400637][ T6749] syzkaller0: entered promiscuous mode [ 60.402854][ T6749] syzkaller0: entered allmulticast mode [ 60.412145][ T5945] Bluetooth: hci3: command tx timeout [ 60.413899][ T5945] Bluetooth: hci2: command tx timeout [ 60.415657][ T5945] Bluetooth: hci0: command tx timeout [ 60.479675][ T6758] fuse: Invalid rootmode [ 60.506928][ T6760] netlink: 40 bytes leftover after parsing attributes in process `syz.1.342'. [ 60.541879][ T6766] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 60.664410][ T53] logitech 0003:046D:C20E.0003: rdesc size test failed for formula gp [ 60.671012][ T53] logitech 0003:046D:C20E.0003: hidraw1: USB HID v0.00 Device [HID 046d:c20e] on usb-dummy_hcd.0-1/input0 [ 60.811701][ T6783] fuse: Invalid rootmode [ 60.863067][ T53] usb 5-1: USB disconnect, device number 3 [ 60.899788][ T40] audit: type=1400 audit(1760647761.449:153): avc: denied { perfmon } for pid=6772 comm="syz.3.348" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 60.902933][ T6790] netlink: 40 bytes leftover after parsing attributes in process `syz.2.353'. [ 60.915262][ T40] audit: type=1400 audit(1760647761.449:154): avc: denied { prog_run } for pid=6772 comm="syz.3.348" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 61.036061][ T6802] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 61.055232][ T6804] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 61.173606][ T6809] fuse: Bad value for 'rootmode' [ 61.287967][ T6815] netlink: 40 bytes leftover after parsing attributes in process `syz.1.365'. [ 61.409480][ T6830] fuse: Bad value for 'rootmode' [ 61.426821][ T6827] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 61.442756][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 61.493498][ T6837] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 61.498408][ T6839] netlink: 40 bytes leftover after parsing attributes in process `syz.1.376'. [ 61.592771][ T6850] syzkaller0: entered promiscuous mode [ 61.594859][ T6850] syzkaller0: entered allmulticast mode [ 61.598475][ T6852] fuse: Bad value for 'rootmode' [ 61.678935][ T40] audit: type=1400 audit(1760647762.229:155): avc: denied { mount } for pid=6860 comm="syz.3.386" name="/" dev="hugetlbfs" ino=16783 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 61.734073][ T6866] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 61.806727][ T6883] fuse: Unknown parameter 'use00000000000000000000' [ 61.845868][ T6886] syzkaller0: entered promiscuous mode [ 61.847649][ T6886] syzkaller0: entered allmulticast mode [ 61.889012][ T6895] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 62.023841][ T6912] fuse: Unknown parameter 'use00000000000000000000' [ 62.031811][ T40] audit: type=1400 audit(1760647762.579:156): avc: denied { read write } for pid=6913 comm="syz.1.408" name="uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 62.039770][ T40] audit: type=1400 audit(1760647762.579:157): avc: denied { open } for pid=6913 comm="syz.1.408" path="/dev/uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 62.153874][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 62.273298][ T40] audit: type=1400 audit(1760647762.829:158): avc: denied { write } for pid=6913 comm="syz.1.408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 62.410821][ T40] audit: type=1400 audit(1760647762.829:159): avc: denied { create } for pid=6913 comm="syz.1.408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 62.419843][ T40] audit: type=1400 audit(1760647762.829:160): avc: denied { getopt } for pid=6913 comm="syz.1.408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 62.671376][ T6940] fuse: Unknown parameter 'use00000000000000000000' [ 62.937356][ T6962] fuse: Unknown parameter 'user_i00000000000000000000' [ 63.044623][ T6971] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 63.070693][ T40] audit: type=1400 audit(1760647763.619:161): avc: denied { ioctl } for pid=6954 comm="syz.3.426" path="/dev/input/event3" dev="devtmpfs" ino=1298 ioctlcmd=0x450a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 63.359896][ T6981] netlink: 4 bytes leftover after parsing attributes in process `syz.2.435'. [ 63.372450][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 63.548983][ T6990] fuse: Unknown parameter 'user_i00000000000000000000' [ 63.872993][ T7009] fuse: Unknown parameter 'user_i00000000000000000000' [ 63.922291][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 64.024539][ T7018] syz.3.451 uses obsolete (PF_INET,SOCK_PACKET) [ 64.207742][ T7032] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 64.230328][ T7034] fuse: Unknown parameter 'user_id00000000000000000000' [ 64.242895][ T7035] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 64.290018][ T7039] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 65.226793][ T40] kauditd_printk_skb: 22 callbacks suppressed [ 65.226804][ T40] audit: type=1400 audit(1760647765.779:184): avc: denied { map_read map_write } for pid=7052 comm="syz.0.465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 65.326297][ T7057] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 65.358306][ T40] audit: type=1400 audit(1760647765.909:185): avc: denied { read append } for pid=7058 comm="syz.0.468" name="rtc0" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 65.367655][ T40] audit: type=1400 audit(1760647765.919:186): avc: denied { open } for pid=7058 comm="syz.0.468" path="/dev/rtc0" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 65.439815][ T7060] ======================================================= [ 65.439815][ T7060] WARNING: The mand mount option has been deprecated and [ 65.439815][ T7060] and is ignored by this kernel. Remove the mand [ 65.439815][ T7060] option from the mount to silence this warning. [ 65.439815][ T7060] ======================================================= [ 65.458429][ T7060] overlayfs: missing 'lowerdir' [ 65.603357][ T7063] fuse: Unknown parameter 'user_id00000000000000000000' [ 65.761004][ T7073] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 65.962751][ T40] audit: type=1400 audit(1760647766.509:187): avc: denied { create } for pid=7078 comm="syz.3.476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 66.011149][ T7081] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 66.117837][ T40] audit: type=1400 audit(1760647766.669:188): avc: denied { create } for pid=7084 comm="syz.1.478" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=blk_file permissive=1 [ 66.326978][ T7087] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 66.609855][ T7090] fuse: Unknown parameter 'user_id00000000000000000000' [ 66.704969][ T7094] Bluetooth: hci0: invalid length 0, exp 2 for type 27 [ 66.784454][ T7098] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 66.789284][ T40] audit: type=1400 audit(1760647767.339:189): avc: denied { read write } for pid=7097 comm="syz.0.484" name="video36" dev="devtmpfs" ino=1067 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 66.799149][ T40] audit: type=1400 audit(1760647767.339:190): avc: denied { open } for pid=7097 comm="syz.0.484" path="/dev/video36" dev="devtmpfs" ino=1067 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 66.985366][ T7104] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 67.017551][ T7104] kvm: pic: non byte read [ 67.017727][ T40] audit: type=1400 audit(1760647767.569:191): avc: denied { ioctl } for pid=7108 comm="syz.3.488" path="/dev/video7" dev="devtmpfs" ino=974 ioctlcmd=0x565f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 67.020478][ T7104] kvm: pic: level sensitive irq not supported [ 67.032574][ T7104] kvm: pic: non byte read [ 67.067302][ T7104] kvm: pic: level sensitive irq not supported [ 67.072003][ T7104] kvm: pic: non byte read [ 67.086366][ T7104] kvm: pic: level sensitive irq not supported [ 67.087469][ T7104] kvm: pic: non byte read [ 67.186758][ T40] audit: type=1400 audit(1760647767.739:192): avc: denied { connect } for pid=7114 comm="syz.3.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 67.218959][ T7117] Bluetooth: hci0: invalid length 0, exp 2 for type 27 [ 67.325526][ T40] audit: type=1400 audit(1760647767.879:193): avc: denied { mount } for pid=7125 comm="syz.1.495" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 67.391293][ T7136] vivid-006: disconnect [ 67.397501][ T7135] vivid-006: reconnect [ 67.439446][ T7140] Bluetooth: hci0: invalid length 0, exp 2 for type 27 [ 67.476267][ T7142] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 67.862188][ T10] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 68.027765][ T5938] Bluetooth: hci1: Malformed LE Event: 0x0d [ 68.032140][ T10] usb 7-1: unable to get BOS descriptor or descriptor too short [ 68.036054][ T10] usb 7-1: no configurations [ 68.037746][ T10] usb 7-1: can't read configurations, error -22 [ 68.386932][ T7157] netlink: 44 bytes leftover after parsing attributes in process `syz.3.508'. [ 68.468629][ T7165] ================================================================== [ 68.471270][ T7165] BUG: KASAN: slab-out-of-bounds in __cpa_addr+0x1d3/0x220 [ 68.473884][ T7165] Read of size 8 at addr ffff88802d1b7af8 by task syz.3.511/7165 [ 68.478796][ T7165] [ 68.479840][ T7165] CPU: 1 UID: 0 PID: 7165 Comm: syz.3.511 Not tainted syzkaller #0 PREEMPT(full) [ 68.479864][ T7165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.479876][ T7165] Call Trace: [ 68.479883][ T7165] [ 68.479891][ T7165] dump_stack_lvl+0x116/0x1f0 [ 68.479926][ T7165] print_report+0xcd/0x630 [ 68.479952][ T7165] ? __virt_addr_valid+0x81/0x610 [ 68.479971][ T7165] ? __phys_addr+0xe8/0x180 [ 68.479990][ T7165] ? __cpa_addr+0x1d3/0x220 [ 68.480013][ T7165] kasan_report+0xe0/0x110 [ 68.480040][ T7165] ? __cpa_addr+0x1d3/0x220 [ 68.480065][ T7165] __cpa_addr+0x1d3/0x220 [ 68.480088][ T7165] cpa_flush+0x28b/0x8a0 [ 68.480113][ T7165] ? __pfx_cpa_flush+0x10/0x10 [ 68.480137][ T7165] ? pgprot2cachemode+0x9a/0x130 [ 68.480155][ T7165] ? __pfx_pgprot2cachemode+0x10/0x10 [ 68.480172][ T7165] ? drm_gem_get_pages+0x6a0/0xa10 [ 68.480212][ T7165] change_page_attr_set_clr+0x34e/0x4a0 [ 68.480242][ T7165] ? __pfx_change_page_attr_set_clr+0x10/0x10 [ 68.480278][ T7165] _set_pages_array+0x1ab/0x2c0 [ 68.480305][ T7165] drm_gem_shmem_get_pages_locked+0x384/0x490 [ 68.480330][ T7165] ? __pfx_drm_gem_shmem_get_pages_locked+0x10/0x10 [ 68.480353][ T7165] ? __pfx___might_resched+0x10/0x10 [ 68.480374][ T7165] drm_gem_shmem_mmap+0xc9/0x550 [ 68.480395][ T7165] ? __pfx_drm_gem_shmem_object_mmap+0x10/0x10 [ 68.480419][ T7165] drm_gem_mmap_obj+0x1b5/0x560 [ 68.480446][ T7165] drm_gem_mmap+0x40b/0x620 [ 68.480471][ T7165] ? __pfx_drm_gem_mmap+0x10/0x10 [ 68.480492][ T7165] ? vm_area_alloc+0x1f/0x160 [ 68.480511][ T7165] ? lockdep_init_map_type+0x5c/0x280 [ 68.480535][ T7165] __mmap_region+0x1309/0x27a0 [ 68.480557][ T7165] ? __pfx___mmap_region+0x10/0x10 [ 68.480578][ T7165] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 68.480608][ T7165] ? audit_log_end+0x1f/0x30 [ 68.480639][ T7165] ? audit_log_end+0x1f/0x30 [ 68.480663][ T7165] ? common_lsm_audit+0x260/0x300 [ 68.480714][ T7165] ? __lock_acquire+0xb8a/0x1c90 [ 68.480741][ T7165] mmap_region+0x1ab/0x3f0 [ 68.480762][ T7165] ? __get_unmapped_area+0x267/0x440 [ 68.480790][ T7165] do_mmap+0xa3e/0x1210 [ 68.480816][ T7165] ? __pfx_do_mmap+0x10/0x10 [ 68.480839][ T7165] ? __pfx_down_write_killable+0x10/0x10 [ 68.480867][ T7165] vm_mmap_pgoff+0x29e/0x470 [ 68.480894][ T7165] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 68.480922][ T7165] ? __fget_files+0x20e/0x3c0 [ 68.480948][ T7165] ksys_mmap_pgoff+0x32c/0x5c0 [ 68.480975][ T7165] __x64_sys_mmap+0x125/0x190 [ 68.480999][ T7165] do_syscall_64+0xcd/0xfa0 [ 68.481021][ T7165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.481040][ T7165] RIP: 0033:0x7f99d018eec9 [ 68.481055][ T7165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.481072][ T7165] RSP: 002b:00007f99d0fa4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 68.481090][ T7165] RAX: ffffffffffffffda RBX: 00007f99d03e5fa0 RCX: 00007f99d018eec9 [ 68.481101][ T7165] RDX: 0000000000000004 RSI: 0000000000004000 RDI: 0000200000001000 [ 68.481112][ T7165] RBP: 00007f99d0211f91 R08: 0000000000000004 R09: 0000000100000000 [ 68.481123][ T7165] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 68.481134][ T7165] R13: 00007f99d03e6038 R14: 00007f99d03e5fa0 R15: 00007ffcf7834b68 [ 68.481153][ T7165] [ 68.481159][ T7165] [ 68.590990][ T7165] Allocated by task 7165: [ 68.592396][ T7165] kasan_save_stack+0x33/0x60 [ 68.593925][ T7165] kasan_save_track+0x14/0x30 [ 68.595479][ T7165] __kasan_kmalloc+0xaa/0xb0 [ 68.596975][ T7165] __kvmalloc_node_noprof+0x3a3/0x9c0 [ 68.598775][ T7165] drm_gem_get_pages+0x144/0xa10 [ 68.600368][ T7165] drm_gem_shmem_get_pages_locked+0x1e6/0x490 [ 68.602334][ T7165] drm_gem_shmem_mmap+0xc9/0x550 [ 68.603973][ T7165] drm_gem_mmap_obj+0x1b5/0x560 [ 68.605591][ T7165] drm_gem_mmap+0x40b/0x620 [ 68.607050][ T7165] __mmap_region+0x1309/0x27a0 [ 68.608749][ T7165] mmap_region+0x1ab/0x3f0 [ 68.610206][ T7165] do_mmap+0xa3e/0x1210 [ 68.611547][ T7165] vm_mmap_pgoff+0x29e/0x470 [ 68.613039][ T7165] ksys_mmap_pgoff+0x32c/0x5c0 [ 68.614665][ T7165] __x64_sys_mmap+0x125/0x190 [ 68.616210][ T7165] do_syscall_64+0xcd/0xfa0 [ 68.617750][ T7165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.619859][ T7165] [ 68.620714][ T7165] The buggy address belongs to the object at ffff88802d1b7a00 [ 68.620714][ T7165] which belongs to the cache kmalloc-256 of size 256 [ 68.625264][ T7165] The buggy address is located 0 bytes to the right of [ 68.625264][ T7165] allocated 248-byte region [ffff88802d1b7a00, ffff88802d1b7af8) [ 68.629851][ T7165] [ 68.630646][ T7165] The buggy address belongs to the physical page: [ 68.632702][ T7165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2d1b6 [ 68.635529][ T7165] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 68.638257][ T7165] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 68.640776][ T7165] page_type: f5(slab) [ 68.642141][ T7165] raw: 00fff00000000040 ffff88801b442b40 dead000000000100 dead000000000122 [ 68.644965][ T7165] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 68.647742][ T7165] head: 00fff00000000040 ffff88801b442b40 dead000000000100 dead000000000122 [ 68.650515][ T7165] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 68.653287][ T7165] head: 00fff00000000001 ffffea0000b46d81 00000000ffffffff 00000000ffffffff [ 68.656066][ T7165] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 68.658888][ T7165] page dumped because: kasan: bad access detected [ 68.660941][ T7165] page_owner tracks the page as allocated [ 68.662748][ T7165] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5935, tgid 5935 (syz-executor), ts 54386407169, free_ts 54379313956 [ 68.669468][ T7165] post_alloc_hook+0x1c0/0x230 [ 68.671043][ T7165] get_page_from_freelist+0x10a3/0x3a30 [ 68.672799][ T7165] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 68.674786][ T7165] alloc_pages_mpol+0x1fb/0x550 [ 68.676364][ T7165] new_slab+0x24a/0x360 [ 68.677736][ T7165] ___slab_alloc+0xdc4/0x1ae0 [ 68.679471][ T7165] __slab_alloc.constprop.0+0x63/0x110 [ 68.681207][ T7165] __kmalloc_noprof+0x501/0x880 [ 68.682816][ T7165] fib_create_info+0x53f/0x46b0 [ 68.684400][ T7165] fib_table_insert+0x177/0x1c40 [ 68.686030][ T7165] fib_magic+0x4d4/0x5c0 [ 68.687416][ T7165] fib_add_ifaddr+0x4d2/0x580 [ 68.689047][ T7165] fib_netdev_event+0x38a/0x710 [ 68.690646][ T7165] notifier_call_chain+0xbc/0x410 [ 68.692261][ T7165] call_netdevice_notifiers_info+0xbe/0x140 [ 68.694180][ T7165] __dev_notify_flags+0x12c/0x2e0 [ 68.695857][ T7165] page last free pid 5935 tgid 5935 stack trace: [ 68.697850][ T7165] __free_frozen_pages+0x7df/0x1160 [ 68.699578][ T7165] qlist_free_all+0x4d/0x120 [ 68.701070][ T7165] kasan_quarantine_reduce+0x195/0x1e0 [ 68.702843][ T7165] __kasan_slab_alloc+0x69/0x90 [ 68.704444][ T7165] __kmalloc_cache_noprof+0x274/0x780 [ 68.706202][ T7165] netdevice_event+0x365/0x9d0 [ 68.708051][ T7165] notifier_call_chain+0xbc/0x410 [ 68.709697][ T7165] call_netdevice_notifiers_info+0xbe/0x140 [ 68.711553][ T7165] __dev_notify_flags+0x12c/0x2e0 [ 68.713124][ T7165] netif_change_flags+0x108/0x160 [ 68.714733][ T7165] do_setlink.constprop.0+0xb53/0x4380 [ 68.716568][ T7165] rtnl_newlink+0x1446/0x2000 [ 68.718104][ T7165] rtnetlink_rcv_msg+0x95e/0xe90 [ 68.719853][ T7165] netlink_rcv_skb+0x158/0x420 [ 68.721396][ T7165] netlink_unicast+0x5aa/0x870 [ 68.722892][ T7165] netlink_sendmsg+0x8c8/0xdd0 [ 68.724287][ T7165] [ 68.724992][ T7165] Memory state around the buggy address: [ 68.726605][ T7165] ffff88802d1b7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 68.728904][ T7165] ffff88802d1b7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 68.731516][ T7165] >ffff88802d1b7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 68.734042][ T7165] ^ [ 68.737008][ T7165] ffff88802d1b7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 68.740156][ T7165] ffff88802d1b7b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 68.743240][ T7165] ================================================================== [ 68.748980][ T7165] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 68.752145][ T7165] CPU: 0 UID: 0 PID: 7165 Comm: syz.3.511 Not tainted syzkaller #0 PREEMPT(full) [ 68.755870][ T7165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.760238][ T7165] Call Trace: [ 68.761613][ T7165] [ 68.762746][ T7165] dump_stack_lvl+0x3d/0x1f0 [ 68.764456][ T7165] vpanic+0x640/0x6f0 [ 68.765929][ T7165] panic+0xca/0xd0 [ 68.767369][ T7165] ? __pfx_panic+0x10/0x10 [ 68.769050][ T7165] ? __cpa_addr+0x1d3/0x220 [ 68.770760][ T7165] ? preempt_schedule_common+0x44/0xc0 [ 68.772614][ T7165] ? preempt_schedule_thunk+0x16/0x30 [ 68.774337][ T7165] check_panic_on_warn+0xab/0xb0 [ 68.775952][ T7165] end_report+0x107/0x170 [ 68.777380][ T7165] kasan_report+0xee/0x110 [ 68.778809][ T7165] ? __cpa_addr+0x1d3/0x220 [ 68.780253][ T7165] __cpa_addr+0x1d3/0x220 [ 68.781625][ T7165] cpa_flush+0x28b/0x8a0 [ 68.782987][ T7165] ? __pfx_cpa_flush+0x10/0x10 [ 68.784527][ T7165] ? pgprot2cachemode+0x9a/0x130 [ 68.786084][ T7165] ? __pfx_pgprot2cachemode+0x10/0x10 [ 68.787839][ T7165] ? drm_gem_get_pages+0x6a0/0xa10 [ 68.789483][ T7165] change_page_attr_set_clr+0x34e/0x4a0 [ 68.791670][ T7165] ? __pfx_change_page_attr_set_clr+0x10/0x10 [ 68.794165][ T7165] _set_pages_array+0x1ab/0x2c0 [ 68.796264][ T7165] drm_gem_shmem_get_pages_locked+0x384/0x490 [ 68.798866][ T7165] ? __pfx_drm_gem_shmem_get_pages_locked+0x10/0x10 [ 68.801635][ T7165] ? __pfx___might_resched+0x10/0x10 [ 68.803790][ T7165] drm_gem_shmem_mmap+0xc9/0x550 [ 68.805646][ T7165] ? __pfx_drm_gem_shmem_object_mmap+0x10/0x10 [ 68.807957][ T7165] drm_gem_mmap_obj+0x1b5/0x560 [ 68.809779][ T7165] drm_gem_mmap+0x40b/0x620 [ 68.811523][ T7165] ? __pfx_drm_gem_mmap+0x10/0x10 [ 68.813411][ T7165] ? vm_area_alloc+0x1f/0x160 [ 68.815189][ T7165] ? lockdep_init_map_type+0x5c/0x280 [ 68.817143][ T7165] __mmap_region+0x1309/0x27a0 [ 68.818656][ T7165] ? __pfx___mmap_region+0x10/0x10 [ 68.820271][ T7165] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 68.822143][ T7165] ? audit_log_end+0x1f/0x30 [ 68.823649][ T7165] ? audit_log_end+0x1f/0x30 [ 68.825117][ T7165] ? common_lsm_audit+0x260/0x300 [ 68.826836][ T7165] ? __lock_acquire+0xb8a/0x1c90 [ 68.828514][ T7165] mmap_region+0x1ab/0x3f0 [ 68.829948][ T7165] ? __get_unmapped_area+0x267/0x440 [ 68.831638][ T7165] do_mmap+0xa3e/0x1210 [ 68.832945][ T7165] ? __pfx_do_mmap+0x10/0x10 [ 68.834451][ T7165] ? __pfx_down_write_killable+0x10/0x10 [ 68.836240][ T7165] vm_mmap_pgoff+0x29e/0x470 [ 68.837898][ T7165] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 68.839661][ T7165] ? __fget_files+0x20e/0x3c0 [ 68.841171][ T7165] ksys_mmap_pgoff+0x32c/0x5c0 [ 68.842730][ T7165] __x64_sys_mmap+0x125/0x190 [ 68.844256][ T7165] do_syscall_64+0xcd/0xfa0 [ 68.845721][ T7165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.847651][ T7165] RIP: 0033:0x7f99d018eec9 [ 68.849057][ T7165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.855116][ T7165] RSP: 002b:00007f99d0fa4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 68.857776][ T7165] RAX: ffffffffffffffda RBX: 00007f99d03e5fa0 RCX: 00007f99d018eec9 [ 68.860289][ T7165] RDX: 0000000000000004 RSI: 0000000000004000 RDI: 0000200000001000 [ 68.862754][ T7165] RBP: 00007f99d0211f91 R08: 0000000000000004 R09: 0000000100000000 [ 68.865230][ T7165] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 68.867857][ T7165] R13: 00007f99d03e6038 R14: 00007f99d03e5fa0 R15: 00007ffcf7834b68 [ 68.870321][ T7165] [ 68.871988][ T7165] Kernel Offset: disabled [ 68.873631][ T7165] Rebooting in 86400 seconds.. VM DIAGNOSIS: 20:49:29 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000003 RBX=ffff88806a4332a8 RCX=ffffffff8231617d RDX=0000000000000000 RSI=ffffffff8bf1e340 RDI=ffffffff8ddafee0 RBP=0000000000000000 RSP=ffffc90023ccf518 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=ffff88801ddb5f80 R13=0000000000000001 R14=0000000000000000 R15=0000000000005798 RIP=ffffffff81a206ad RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d69d9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c36113f CR3=0000000052d66000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff3986e2b0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb105412fbe ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb105412fcb ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb105412fc5 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb105412fd9 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb10541305f ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb10541313d ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000040 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000064 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff853088d5 RDI=ffffffff9ae077e0 RBP=ffffffff9ae077a0 RSP=ffffc9000f7f6df8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552 R12=0000000000000000 R13=0000000000000064 R14=ffffffff9ae077a0 R15=ffffffff85308870 RIP=ffffffff853088ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f99d0fa46c0 ffffffff 00c00000 GS =0000 ffff8880d6ad9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f2d847d6a10 CR3=0000000035235000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fffff800 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb1035f3f70 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb105412fbe ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb105412fcb ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb105412fc5 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb105412fd9 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb10541305f ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb10541313d ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000312e63 64755f796d6d7564 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000040 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000007996d RBX=0000000000000002 RCX=ffffffff8b6632a9 RDX=0000000000000000 RSI=ffffffff8db034e6 RDI=ffffffff8bf1e3c0 RBP=ffffed1003b52920 RSP=ffffc90000187de8 R8 =0000000000000001 R9 =ffffed100d4c6655 R10=ffff88806a6332ab R11=0000000000000001 R12=0000000000000002 R13=ffff88801da94900 R14=ffffffff908329d0 R15=0000000000000000 RIP=ffffffff8b661d5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6bd9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c2fb658 CR3=0000000059173000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f14ec212fbe ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f14ec212fcb ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f14ec212fc5 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f14ec212fd9 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f14ec21305f ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f14ec21313d ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f14ecf1d100 00007f14ec3b7460 00007f14ec3b0004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f14ec3b74b8 00007f14ec3b74b0 00007f14ec3b74a8 00007f14ec3b74a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000000d 0000000000000000 0000000000000000 00000000000002e8 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000007f539 RBX=0000000000000003 RCX=ffffffff8b6632a9 RDX=0000000000000000 RSI=ffffffff8db034e6 RDI=ffffffff8bf1e3c0 RBP=ffffed1003bdc000 RSP=ffffc90000197de8 R8 =0000000000000001 R9 =ffffed100d4e6655 R10=ffff88806a7332ab R11=0000000000000001 R12=0000000000000003 R13=ffff88801dee0000 R14=ffffffff908329d0 R15=0000000000000000 RIP=ffffffff8b661d5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6cd9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f2d847a7e9c CR3=0000000051d4c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000010100 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffef4f9aba0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f74f8c12fbe ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f74f8c12fcb ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f74f8c12fc5 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f74f8c12fd9 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f74f8c1305f ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f74f8c1313d ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000070 0000000000000002 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000