last executing test programs: 6.249565693s ago: executing program 2 (id=11): sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2) r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000180)=0x6f) read$dsp(0xffffffffffffffff, 0x0, 0x0) write$dsp(0xffffffffffffffff, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @multicast2}, 0x10) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'pcl818\x00', [0x4f27, 0x5, 0x2, 0x401, 0x1, 0xcc7, 0xfff, 0x5c952399, 0x5, 0x3ff, 0x2, 0x1, 0x1, 0x1, 0x9, 0xe1cb, 0x0, 0x1a449, 0x3, 0x40000003, 0x89, 0xfffffffd, 0x0, 0x20001e56, 0xb, 0xe69, 0x3c, 0x8, 0x5, 0x8000000, 0xdffffff8]}) 5.340126701s ago: executing program 2 (id=19): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000700)=ANY=[@ANYBLOB="1201000059d360205f0501d09288000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000000)={0x2c, &(0x7f0000000a80)=ANY=[], 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) 3.410561459s ago: executing program 2 (id=31): syz_emit_ethernet(0x4e, &(0x7f0000000180)=ANY=[], 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000280)='cdg', 0x3) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f00000010c0)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}, 0x0, 0x0, 0x1b, 0x0, "61a1ed8439cde8054f2ada6fcd5fe76b933e8bb0ac60081e33dffa150835f7519d5f73b4e1d80eb4881a5b98cb9fb96d225d602392f816d0bdcc09b5063087117502d8c24f1fe97f61fd27a06d6a38a7"}, 0xd8) socket(0x10, 0x3, 0x0) sendto$inet6(r4, 0x0, 0x0, 0x20000841, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) 2.500372123s ago: executing program 2 (id=36): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x34, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_PREV_BSSID={0xa}]}, 0x34}}, 0x0) 2.500228522s ago: executing program 2 (id=37): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e23}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000100)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28) 1.930462139s ago: executing program 1 (id=41): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xc}}, 0x5}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100)='vlan0\x00', 0x10) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$DEVLINK_CMD_RATE_DEL(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x40) sendmsg$TIPC_NL_NAME_TABLE_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x11) 1.930276162s ago: executing program 1 (id=42): socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0xffffffffffffff85, &(0x7f00000002c0)=0xe1a) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r6) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r6, &(0x7f0000002340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x28, r7, 0x60b, 0x70bd30, 0x0, {}, [@IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x52}, 0x4040040) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) syz_open_dev$tty20(0xc, 0x4, 0x1) 1.479220963s ago: executing program 2 (id=44): r0 = syz_usb_connect(0x1, 0x3d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_disconnect(r0) write(r1, &(0x7f0000000200)="eca8", 0x2) 1.100447254s ago: executing program 3 (id=50): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000180)={0x18, r1, 0x1, 0x0, &(0x7f00000001c0)=[{0x0, 0x1}]}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x4, r1, 0x0, &(0x7f0000000240)='LLL', 0x3, 0x1c}) 1.100266058s ago: executing program 3 (id=51): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1c0000000000000, 0x4, &(0x7f0000006680)) semctl$SETVAL(0x0, 0x3, 0x10, 0x0) 1.098801585s ago: executing program 3 (id=52): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @void}, 0x10) syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "010120", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4000}}}}}}, 0x0) 1.019665796s ago: executing program 3 (id=53): bind$alg(0xffffffffffffffff, 0x0, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf252100000008000300", @ANYRES32=0x0, @ANYBLOB="14002d800500040003000008"], 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000fccbdf2509000000050007000200000008000100010000"], 0x2c}, 0x1, 0x0, 0x0, 0x24084001}, 0x0) 1.019482515s ago: executing program 3 (id=54): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) mkdir(0x0, 0x92) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x25b6, 0x4) sendmmsg$inet(r0, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)="94", 0xffe3}], 0x1}}], 0x1, 0x4000800) recvfrom(r0, 0x0, 0x0, 0x2101, 0x0, 0x0) bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) 919.551867ms ago: executing program 1 (id=55): fstat(0xffffffffffffffff, &(0x7f00000000c0)) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffffffff}, [@call={0x85, 0x0, 0x0, 0x7d}, @printk={@ld}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x59, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r4}, 0x10) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 269.95203ms ago: executing program 0 (id=57): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x6}]}, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) 190.372376ms ago: executing program 0 (id=58): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060", @ANYRESOCT], 0xb8}}, 0x20040014) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfb, {{@in6=@private0, @in=@broadcast, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x80, 0x3b, 0x0, 0xee01}, {0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0xfffffffffffffffe}, 0x9, 0x0, 0x0, 0x1, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x4000) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8}, {0x0, 0x8}}}, 0xb8}}, 0x0) 190.242244ms ago: executing program 0 (id=59): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x17c, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x100000000, 0xca8}, {}, 0x0, 0x0, 0x1}, [@tmpl={0xc4, 0x5, [{{@in=@local, 0x4d5, 0x3c}, 0x0, @in=@broadcast}, {{@in6=@remote, 0x0, 0x3c}, 0xa, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x1}, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x6c}, 0x0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x80}]}]}, 0x17c}}, 0x0) 130.64658ms ago: executing program 0 (id=60): syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="0407"], 0x102) 130.44745ms ago: executing program 0 (id=61): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x2a, 0x2, 0x0) getsockname$packet(r1, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000004d40)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_matchall={{0xd}, {0x10, 0x2, [@TCA_MATCHALL_ACT={0x4}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x44}}, 0x24000000) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 80.621293ms ago: executing program 0 (id=62): ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0}) r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x3, 0x6576, 0xd}) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r0, 0x100000000) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000050000800000000000000000850000002c00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b40d00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000008200000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 80.331616ms ago: executing program 3 (id=63): sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x880}, 0x10040800) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000280)={0x7}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000002480)}, 0x0) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000880)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) r3 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_SPLIT(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000180)=ANY=[@ANYBLOB='D', @ANYRES16=r3], 0x44}, 0x1, 0x0, 0x0, 0x8040}, 0x4008000) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000000)={{0xffffffffffffffff, 0x0, 0x9}, 0x3}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f00000000c0)="af3e64f08189ef001601ba6100ec0f2264ba4100b80600ef660f38351d0f212666b94006000066b80000010066ba000000000f300f211a2e0f013c", 0x3b}], 0x1, 0xe, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000500)="b8010000000f01c10f22a10f20e035800000000f22e066ba610066b80a0066ef66b832000f00d0b8010000000f01c166ba4300b0beee0f793c1e2e643e2e3e650f79288fc878c15b0e3f", 0x4a}], 0x1, 0x21, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 80.158882ms ago: executing program 1 (id=64): r0 = socket$inet6(0xa, 0x1, 0x0) unshare(0x22020400) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0) 253.038µs ago: executing program 1 (id=65): unshare(0x22020400) r0 = socket$unix(0x1, 0x5, 0x0) connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) 0s ago: executing program 1 (id=66): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x200000, 0x1000}, 0x20) kernel console output (not intermixed with test programs): [ 44.169415][ T40] audit: type=1400 audit(1760653933.139:60): avc: denied { rlimitinh } for pid=5836 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.176914][ T40] audit: type=1400 audit(1760653933.139:61): avc: denied { siginh } for pid=5836 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:42823' (ED25519) to the list of known hosts. [ 45.330701][ T40] audit: type=1400 audit(1760653934.319:62): avc: denied { name_bind } for pid=5867 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 45.346944][ T40] audit: type=1400 audit(1760653934.329:63): avc: denied { write } for pid=5868 comm="sh" path="pipe:[6466]" dev="pipefs" ino=6466 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 45.358682][ T40] audit: type=1400 audit(1760653934.339:64): avc: denied { execute } for pid=5868 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 45.367239][ T40] audit: type=1400 audit(1760653934.339:65): avc: denied { execute_no_trans } for pid=5868 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 47.722538][ T40] audit: type=1400 audit(1760653936.709:66): avc: denied { mounton } for pid=5868 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 47.734406][ T5868] cgroup: Unknown subsys name 'net' [ 47.902407][ T5868] cgroup: Unknown subsys name 'cpuset' [ 47.906567][ T5868] cgroup: Unknown subsys name 'rlimit' [ 48.126144][ T5919] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 48.855038][ T5868] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 52.147219][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 52.147231][ T40] audit: type=1400 audit(1760653941.129:80): avc: denied { execmem } for pid=5924 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 52.383106][ T40] audit: type=1400 audit(1760653941.369:81): avc: denied { create } for pid=5928 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.401701][ T40] audit: type=1400 audit(1760653941.369:82): avc: denied { read write } for pid=5928 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 52.409443][ T40] audit: type=1400 audit(1760653941.369:83): avc: denied { open } for pid=5928 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 52.416891][ T40] audit: type=1400 audit(1760653941.369:84): avc: denied { ioctl } for pid=5928 comm="syz-executor" path="socket:[7371]" dev="sockfs" ino=7371 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.450109][ T5936] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 52.456083][ T5943] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 52.459779][ T5943] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 52.459806][ T5938] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 52.463370][ T5940] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 52.463499][ T5943] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 52.463828][ T5943] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 52.465373][ T5943] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 52.465915][ T5938] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 52.466246][ T5945] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 52.467642][ T5940] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 52.467949][ T5945] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 52.468353][ T5945] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 52.469090][ T5945] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 52.469770][ T5945] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 52.472362][ T5945] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 52.477649][ T5931] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 52.479330][ T40] audit: type=1400 audit(1760653941.459:85): avc: denied { read } for pid=5937 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.479381][ T40] audit: type=1400 audit(1760653941.459:86): avc: denied { open } for pid=5937 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.479421][ T40] audit: type=1400 audit(1760653941.459:87): avc: denied { mounton } for pid=5937 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 52.481343][ T5945] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 52.497280][ T5938] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 52.530832][ T5938] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 52.669957][ T40] audit: type=1400 audit(1760653941.659:88): avc: denied { module_request } for pid=5937 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 52.725385][ T5937] chnl_net:caif_netlink_parms(): no params data found [ 52.846339][ T5932] chnl_net:caif_netlink_parms(): no params data found [ 52.886701][ T5937] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.889082][ T5937] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.892362][ T5937] bridge_slave_0: entered allmulticast mode [ 52.895572][ T5937] bridge_slave_0: entered promiscuous mode [ 52.922687][ T5937] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.925127][ T5937] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.927494][ T5937] bridge_slave_1: entered allmulticast mode [ 52.931839][ T5937] bridge_slave_1: entered promiscuous mode [ 52.957356][ T5942] chnl_net:caif_netlink_parms(): no params data found [ 53.034452][ T5937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.044379][ T5937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.143675][ T5932] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.145966][ T5932] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.148179][ T5932] bridge_slave_0: entered allmulticast mode [ 53.150856][ T5932] bridge_slave_0: entered promiscuous mode [ 53.155419][ T5937] team0: Port device team_slave_0 added [ 53.183991][ T5932] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.186359][ T5932] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.188628][ T5932] bridge_slave_1: entered allmulticast mode [ 53.191545][ T5932] bridge_slave_1: entered promiscuous mode [ 53.211087][ T5937] team0: Port device team_slave_1 added [ 53.306468][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.308948][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.311603][ T5942] bridge_slave_0: entered allmulticast mode [ 53.314302][ T5942] bridge_slave_0: entered promiscuous mode [ 53.318041][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.322485][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.325180][ T5942] bridge_slave_1: entered allmulticast mode [ 53.327835][ T5942] bridge_slave_1: entered promiscuous mode [ 53.331854][ T5932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.342982][ T5932] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.346366][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.348575][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.357395][ T5937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.448994][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.451264][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.459376][ T5937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.465232][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.469658][ T5932] team0: Port device team_slave_0 added [ 53.475862][ T5932] team0: Port device team_slave_1 added [ 53.497894][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.535510][ T5928] chnl_net:caif_netlink_parms(): no params data found [ 53.557521][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.560019][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.568132][ T5932] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.573787][ T5942] team0: Port device team_slave_0 added [ 53.620486][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.622711][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.631925][ T5932] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.636874][ T5942] team0: Port device team_slave_1 added [ 53.673591][ T5937] hsr_slave_0: entered promiscuous mode [ 53.676777][ T5937] hsr_slave_1: entered promiscuous mode [ 53.838599][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.841789][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.852317][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.857003][ T5928] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.860066][ T5928] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.862678][ T5928] bridge_slave_0: entered allmulticast mode [ 53.865969][ T5928] bridge_slave_0: entered promiscuous mode [ 53.903051][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.905645][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.915681][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.920630][ T5928] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.923603][ T5928] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.926207][ T5928] bridge_slave_1: entered allmulticast mode [ 53.929834][ T5928] bridge_slave_1: entered promiscuous mode [ 53.938763][ T5932] hsr_slave_0: entered promiscuous mode [ 53.942146][ T5932] hsr_slave_1: entered promiscuous mode [ 53.946328][ T5932] debugfs: 'hsr0' already exists in 'hsr' [ 53.948819][ T5932] Cannot create hsr debugfs directory [ 54.007734][ T5928] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.012817][ T5928] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.053051][ T5928] team0: Port device team_slave_0 added [ 54.111735][ T5928] team0: Port device team_slave_1 added [ 54.183549][ T5942] hsr_slave_0: entered promiscuous mode [ 54.186263][ T5942] hsr_slave_1: entered promiscuous mode [ 54.189392][ T5942] debugfs: 'hsr0' already exists in 'hsr' [ 54.191769][ T5942] Cannot create hsr debugfs directory [ 54.215745][ T5928] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.218047][ T5928] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.227672][ T5928] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.270099][ T5928] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.272437][ T5928] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.281743][ T5928] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.463727][ T5928] hsr_slave_0: entered promiscuous mode [ 54.466073][ T5928] hsr_slave_1: entered promiscuous mode [ 54.468221][ T5928] debugfs: 'hsr0' already exists in 'hsr' [ 54.470131][ T5928] Cannot create hsr debugfs directory [ 54.520211][ T5938] Bluetooth: hci3: command tx timeout [ 54.530151][ T5938] Bluetooth: hci1: command tx timeout [ 54.530158][ T64] Bluetooth: hci2: command tx timeout [ 54.545809][ T5937] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 54.588118][ T5937] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 54.594354][ T5937] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 54.599618][ T5938] Bluetooth: hci0: command tx timeout [ 54.615968][ T5937] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 54.649724][ T5932] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 54.676872][ T5932] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 54.693713][ T5932] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 54.698655][ T5932] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 54.741230][ T5942] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 54.749858][ T5942] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 54.753996][ T5942] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 54.758440][ T5942] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 54.814930][ T5928] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 54.821858][ T5928] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 54.828648][ T5928] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 54.834507][ T5928] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 54.887070][ T5937] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.920209][ T5937] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.932789][ T5932] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.940926][ T85] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.943682][ T85] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.959061][ T1146] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.961476][ T1146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.968326][ T5932] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.974842][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.987462][ T1146] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.989794][ T1146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.014043][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.018437][ T1146] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.020686][ T1146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.037509][ T5928] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.047539][ T1146] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.050242][ T1146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.068429][ T1146] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.070801][ T1146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.075913][ T5928] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.086021][ T1155] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.088347][ T1155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.098371][ T40] audit: type=1400 audit(1760653944.079:89): avc: denied { sys_module } for pid=5937 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 55.108908][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.111297][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.133580][ T5942] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 55.176502][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.208808][ T5932] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.217163][ T5937] veth0_vlan: entered promiscuous mode [ 55.227404][ T5937] veth1_vlan: entered promiscuous mode [ 55.254062][ T5932] veth0_vlan: entered promiscuous mode [ 55.257260][ T5937] veth0_macvtap: entered promiscuous mode [ 55.274641][ T5937] veth1_macvtap: entered promiscuous mode [ 55.283615][ T5932] veth1_vlan: entered promiscuous mode [ 55.305462][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.310278][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.317856][ T5932] veth0_macvtap: entered promiscuous mode [ 55.322756][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.327011][ T5928] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.331513][ T5932] veth1_macvtap: entered promiscuous mode [ 55.350718][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.357529][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.362529][ T1155] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.365561][ T1155] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.372758][ T1155] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.375676][ T1155] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.383687][ T1155] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.395863][ T1155] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.398661][ T1155] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.415012][ T1155] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.455336][ T5942] veth0_vlan: entered promiscuous mode [ 55.461889][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.464453][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.467046][ T5928] veth0_vlan: entered promiscuous mode [ 55.477111][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.479847][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.480587][ T5942] veth1_vlan: entered promiscuous mode [ 55.509498][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.510467][ T5928] veth1_vlan: entered promiscuous mode [ 55.512569][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.515343][ T1050] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.519104][ T1050] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.530653][ T5942] veth0_macvtap: entered promiscuous mode [ 55.541275][ T5928] veth0_macvtap: entered promiscuous mode [ 55.544942][ T5942] veth1_macvtap: entered promiscuous mode [ 55.552142][ T5928] veth1_macvtap: entered promiscuous mode [ 55.554668][ T5937] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 55.560977][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.572451][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.579368][ T1155] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.583168][ T1155] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.588721][ T5928] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.597056][ T1155] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.603847][ T1155] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.611936][ T5928] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.627339][ T85] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.631155][ T85] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.636531][ T85] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.641933][ T85] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.699116][ T1050] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.704740][ T1050] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.727802][ T1155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.730724][ T1155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.742038][ T1155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.745233][ T1155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.758953][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.761992][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.799080][ T6029] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 55.811293][ T6029] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=6029 comm=syz.0.5 [ 55.857587][ T6029] 9pnet: Could not find request transport: virl [ 55.888420][ T6037] warning: `syz.3.4' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 56.010546][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 56.076183][ T6050] Bluetooth: MGMT ver 1.23 [ 56.199719][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 56.600285][ T64] Bluetooth: hci1: command tx timeout [ 56.600511][ T5941] Bluetooth: hci2: command tx timeout [ 56.609350][ T64] Bluetooth: hci3: command tx timeout [ 56.689510][ T64] Bluetooth: hci0: command tx timeout [ 56.951733][ T6017] IPVS: starting estimator thread 0... [ 57.049335][ T6069] IPVS: using max 45 ests per chain, 108000 per kthread [ 57.184113][ T6018] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 57.185677][ T40] kauditd_printk_skb: 75 callbacks suppressed [ 57.185691][ T40] audit: type=1400 audit(2000000001.359:165): avc: denied { getopt } for pid=6075 comm="syz.3.22" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 57.197537][ T40] audit: type=1400 audit(2000000001.359:166): avc: denied { name_connect } for pid=6075 comm="syz.3.22" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 57.205835][ T40] audit: type=1400 audit(2000000001.369:167): avc: denied { connect } for pid=6071 comm="syz.1.20" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 57.215360][ T40] audit: type=1400 audit(2000000001.389:168): avc: denied { read write } for pid=6078 comm="syz.0.23" name="video2" dev="devtmpfs" ino=957 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 57.227044][ T40] audit: type=1400 audit(2000000001.389:169): avc: denied { open } for pid=6078 comm="syz.0.23" path="/dev/video2" dev="devtmpfs" ino=957 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 57.302673][ T40] audit: type=1400 audit(2000000001.479:170): avc: denied { read } for pid=6081 comm="syz.1.24" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 57.312265][ T40] audit: type=1400 audit(2000000001.479:171): avc: denied { open } for pid=6081 comm="syz.1.24" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 57.329466][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.349430][ T6018] usb 7-1: Using ep0 maxpacket: 32 [ 57.354983][ T6018] usb 7-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 57.358815][ T6018] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.365286][ T6018] usb 7-1: config 0 descriptor?? [ 57.373921][ T6018] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 57.406249][ T40] audit: type=1400 audit(2000000001.579:172): avc: denied { ioctl } for pid=6078 comm="syz.0.23" path="/dev/video2" dev="devtmpfs" ino=957 ioctlcmd=0x5605 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 57.416609][ T40] audit: type=1400 audit(2000000001.579:173): avc: denied { create } for pid=6078 comm="syz.0.23" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 57.581223][ T40] audit: type=1400 audit(2000000001.759:174): avc: denied { allowed } for pid=6081 comm="syz.1.24" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 57.676160][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 57.676364][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 58.182942][ T6018] gspca_nw80x: reg_r err -71 [ 58.184903][ T6018] nw80x 7-1:0.0: probe with driver nw80x failed with error -71 [ 58.197407][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 58.201895][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 58.206850][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 58.211226][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 58.215240][ T6018] usb 7-1: USB disconnect, device number 2 [ 58.230238][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 58.359301][ T6099] pim6reg: entered allmulticast mode [ 58.437769][ T6102] netlink: 12 bytes leftover after parsing attributes in process `syz.1.29'. [ 58.679831][ T64] Bluetooth: hci3: command 0x040f tx timeout [ 58.679855][ T5941] Bluetooth: hci1: command tx timeout [ 58.689461][ T5938] Bluetooth: hci2: command tx timeout [ 58.759445][ T5938] Bluetooth: hci0: command tx timeout [ 59.502394][ T6120] x_tables: duplicate underflow at hook 1 [ 60.172962][ T6130] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 60.481886][ T6106] libceph: connect (1)[c::]:6789 error -101 [ 60.498061][ T6140] ceph: No mds server is up or the cluster is laggy [ 60.506319][ T6106] libceph: mon0 (1)[c::]:6789 connect error [ 60.538372][ T6146] ======================================================= [ 60.538372][ T6146] WARNING: The mand mount option has been deprecated and [ 60.538372][ T6146] and is ignored by this kernel. Remove the mand [ 60.538372][ T6146] option from the mount to silence this warning. [ 60.538372][ T6146] ======================================================= [ 60.760066][ T5938] Bluetooth: hci2: command tx timeout [ 60.770278][ T5941] Bluetooth: hci3: command 0x040f tx timeout [ 60.772689][ T5938] Bluetooth: hci1: command tx timeout [ 60.840214][ T5938] Bluetooth: hci0: command tx timeout [ 61.121073][ T841] usb 7-1: new low-speed USB device number 3 using dummy_hcd [ 61.190646][ T6169] netlink: 8 bytes leftover after parsing attributes in process `syz.3.53'. [ 61.322242][ T841] usb 7-1: config 0 has an invalid interface number: 55 but max is 0 [ 61.325654][ T841] usb 7-1: config 0 has no interface number 0 [ 61.328235][ T841] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 61.333098][ T841] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 61.337510][ T841] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 61.342362][ T841] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 61.346964][ T841] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 61.351616][ T841] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 61.356956][ T841] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 61.360873][ T841] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.599582][ T841] usb 7-1: config 0 descriptor?? [ 61.602708][ T6150] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 61.606012][ T6150] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 61.614319][ T841] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 61.814743][ T24] usb 7-1: USB disconnect, device number 3 [ 61.816921][ C2] ldusb 7-1:0.55: usb_submit_urb failed (-19) [ 61.823083][ T24] ldusb 7-1:0.55: LD USB Device #0 now disconnected [ 62.016911][ T6150] ldusb: No device or device unplugged -19 [ 62.254335][ T40] kauditd_printk_skb: 26 callbacks suppressed [ 62.254349][ T40] audit: type=1400 audit(2000000006.429:201): avc: denied { ioctl } for pid=6189 comm="syz.0.62" path="/dev/dri/card0" dev="devtmpfs" ino=635 ioctlcmd=0x64b2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 62.269059][ T40] audit: type=1400 audit(2000000006.429:202): avc: denied { map } for pid=6189 comm="syz.0.62" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 62.278194][ T40] audit: type=1400 audit(2000000006.429:203): avc: denied { execute } for pid=6189 comm="syz.0.62" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 62.294328][ T6190] ================================================================== [ 62.297569][ T6190] BUG: KASAN: slab-out-of-bounds in __cpa_addr+0x1d3/0x220 [ 62.299429][ T40] audit: type=1400 audit(2000000006.469:204): avc: denied { create } for pid=6203 comm="syz.1.67" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 62.300515][ T6190] Read of size 8 at addr ffff888047e00af8 by task syz.0.62/6190 [ 62.311981][ T40] audit: type=1400 audit(2000000006.469:205): avc: denied { bind } for pid=6203 comm="syz.1.67" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 62.313554][ T6190] [ 62.313567][ T6190] CPU: 0 UID: 0 PID: 6190 Comm: syz.0.62 Not tainted syzkaller #0 PREEMPT(full) [ 62.313586][ T6190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 62.313597][ T6190] Call Trace: [ 62.313604][ T6190] [ 62.313610][ T6190] dump_stack_lvl+0x116/0x1f0 [ 62.313633][ T6190] print_report+0xcd/0x630 [ 62.313656][ T6190] ? __virt_addr_valid+0x81/0x610 [ 62.313672][ T6190] ? __phys_addr+0xe8/0x180 [ 62.313689][ T6190] ? __cpa_addr+0x1d3/0x220 [ 62.313707][ T6190] kasan_report+0xe0/0x110 [ 62.313730][ T6190] ? __cpa_addr+0x1d3/0x220 [ 62.313752][ T6190] __cpa_addr+0x1d3/0x220 [ 62.313772][ T6190] cpa_flush+0x28b/0x8a0 [ 62.313794][ T6190] ? __pfx_cpa_flush+0x10/0x10 [ 62.313815][ T6190] ? pgprot2cachemode+0x9a/0x130 [ 62.313832][ T6190] ? __pfx_pgprot2cachemode+0x10/0x10 [ 62.313848][ T6190] ? drm_gem_get_pages+0x6a0/0xa10 [ 62.313874][ T6190] change_page_attr_set_clr+0x34e/0x4a0 [ 62.313899][ T6190] ? __pfx_change_page_attr_set_clr+0x10/0x10 [ 62.313955][ T6190] _set_pages_array+0x1ab/0x2c0 [ 62.313980][ T6190] drm_gem_shmem_get_pages_locked+0x384/0x490 [ 62.314003][ T6190] ? __pfx_drm_gem_shmem_get_pages_locked+0x10/0x10 [ 62.314023][ T6190] ? __pfx___might_resched+0x10/0x10 [ 62.314042][ T6190] drm_gem_shmem_mmap+0xc9/0x550 [ 62.314062][ T6190] ? __pfx_drm_gem_shmem_object_mmap+0x10/0x10 [ 62.314084][ T6190] drm_gem_mmap_obj+0x1b5/0x560 [ 62.314107][ T6190] drm_gem_mmap+0x40b/0x620 [ 62.314131][ T6190] ? __pfx_drm_gem_mmap+0x10/0x10 [ 62.314153][ T6190] ? vm_area_alloc+0x1f/0x160 [ 62.314171][ T6190] ? lockdep_init_map_type+0x5c/0x280 [ 62.314193][ T6190] __mmap_region+0x1309/0x27a0 [ 62.314213][ T6190] ? __pfx___mmap_region+0x10/0x10 [ 62.314230][ T6190] ? __cgroup_account_cputime+0xcc/0x120 [ 62.314250][ T6190] ? update_se+0x43f/0x710 [ 62.314267][ T6190] ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10 [ 62.314290][ T6190] ? update_curr+0x3fb/0x550 [ 62.314320][ T6190] ? trace_sched_exit_tp+0xd1/0x120 [ 62.314343][ T6190] ? __schedule+0x11a3/0x5de0 [ 62.314379][ T6190] ? irqentry_exit+0x3b/0x90 [ 62.314398][ T6190] ? lockdep_hardirqs_on+0x7c/0x110 [ 62.314419][ T6190] mmap_region+0x1ab/0x3f0 [ 62.314437][ T6190] ? __get_unmapped_area+0x267/0x440 [ 62.314461][ T6190] do_mmap+0xa3e/0x1210 [ 62.314484][ T6190] ? __pfx_do_mmap+0x10/0x10 [ 62.314507][ T6190] ? __pfx_down_write_killable+0x10/0x10 [ 62.314532][ T6190] vm_mmap_pgoff+0x29e/0x470 [ 62.314556][ T6190] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 62.314580][ T6190] ? __fget_files+0x20e/0x3c0 [ 62.314603][ T6190] ksys_mmap_pgoff+0x32c/0x5c0 [ 62.314627][ T6190] __x64_sys_mmap+0x125/0x190 [ 62.314648][ T6190] do_syscall_64+0xcd/0xfa0 [ 62.314668][ T6190] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.314685][ T6190] RIP: 0033:0x7f79eb58eec9 [ 62.314698][ T6190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.314714][ T6190] RSP: 002b:00007f79ec4cb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 62.314731][ T6190] RAX: ffffffffffffffda RBX: 00007f79eb7e5fa0 RCX: 00007f79eb58eec9 [ 62.314742][ T6190] RDX: 0000000000000004 RSI: 0000000000004000 RDI: 0000200000001000 [ 62.314752][ T6190] RBP: 00007f79eb611f91 R08: 0000000000000003 R09: 0000000100000000 [ 62.314762][ T6190] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 62.314772][ T6190] R13: 00007f79eb7e6038 R14: 00007f79eb7e5fa0 R15: 00007ffe9fd0b588 [ 62.314789][ T6190] [ 62.314794][ T6190] [ 62.321774][ T40] audit: type=1400 audit(2000000006.469:206): avc: denied { connect } for pid=6203 comm="syz.1.67" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 62.322169][ T6190] Allocated by task 6190: [ 62.326241][ T40] audit: type=1400 audit(2000000006.469:207): avc: denied { write } for pid=6203 comm="syz.1.67" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 62.330326][ T6190] kasan_save_stack+0x33/0x60 [ 62.330353][ T6190] kasan_save_track+0x14/0x30 [ 62.330377][ T6190] __kasan_kmalloc+0xaa/0xb0 [ 62.330396][ T6190] __kvmalloc_node_noprof+0x3a3/0x9c0 [ 62.330416][ T6190] drm_gem_get_pages+0x144/0xa10 [ 62.330439][ T6190] drm_gem_shmem_get_pages_locked+0x1e6/0x490 [ 62.330459][ T6190] drm_gem_shmem_mmap+0xc9/0x550 [ 62.330477][ T6190] drm_gem_mmap_obj+0x1b5/0x560 [ 62.331978][ T40] audit: type=1400 audit(2000000006.469:208): avc: denied { open } for pid=6203 comm="syz.1.67" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 62.333071][ T6190] drm_gem_mmap+0x40b/0x620 [ 62.333096][ T6190] __mmap_region+0x1309/0x27a0 [ 62.333113][ T6190] mmap_region+0x1ab/0x3f0 [ 62.335151][ T40] audit: type=1400 audit(2000000006.469:209): avc: denied { ioctl } for pid=6203 comm="syz.1.67" path="/dev/ppp" dev="devtmpfs" ino=730 ioctlcmd=0x7438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 62.336702][ T6190] do_mmap+0xa3e/0x1210 [ 62.336726][ T6190] vm_mmap_pgoff+0x29e/0x470 [ 62.518748][ T6190] ksys_mmap_pgoff+0x32c/0x5c0 [ 62.520676][ T6190] __x64_sys_mmap+0x125/0x190 [ 62.522210][ T6190] do_syscall_64+0xcd/0xfa0 [ 62.524078][ T6190] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.526433][ T6190] [ 62.527437][ T6190] The buggy address belongs to the object at ffff888047e00a00 [ 62.527437][ T6190] which belongs to the cache kmalloc-256 of size 256 [ 62.532501][ T6190] The buggy address is located 0 bytes to the right of [ 62.532501][ T6190] allocated 248-byte region [ffff888047e00a00, ffff888047e00af8) [ 62.538173][ T6190] [ 62.539097][ T6190] The buggy address belongs to the physical page: [ 62.541234][ T6190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47e00 [ 62.544706][ T6190] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 62.547945][ T6190] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 62.550778][ T6190] page_type: f5(slab) [ 62.552410][ T6190] raw: 00fff00000000040 ffff88801b442b40 ffffea0000bcac00 0000000000000005 [ 62.555928][ T6190] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 62.558727][ T6190] head: 00fff00000000040 ffff88801b442b40 ffffea0000bcac00 0000000000000005 [ 62.562168][ T6190] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 62.565027][ T6190] head: 00fff00000000001 ffffea00011f8001 00000000ffffffff 00000000ffffffff [ 62.568401][ T6190] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 62.571298][ T6190] page dumped because: kasan: bad access detected [ 62.573847][ T6190] page_owner tracks the page as allocated [ 62.575649][ T6190] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 6022, tgid 6021 (syz.2.3), ts 55633586756, free_ts 55266675489 [ 62.582318][ T6190] post_alloc_hook+0x1c0/0x230 [ 62.584270][ T6190] get_page_from_freelist+0x10a3/0x3a30 [ 62.586381][ T6190] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 62.588276][ T6190] new_slab+0xa5/0x360 [ 62.590002][ T6190] ___slab_alloc+0xdc4/0x1ae0 [ 62.591940][ T6190] __slab_alloc.constprop.0+0x63/0x110 [ 62.593758][ T6190] __kmalloc_node_noprof+0x4dd/0x8a0 [ 62.595627][ T6190] alloc_slab_obj_exts+0x3a/0xd0 [ 62.597633][ T6190] __memcg_slab_post_alloc_hook+0x251/0x940 [ 62.599717][ T6190] kmem_cache_alloc_node_noprof+0x594/0x770 [ 62.601849][ T6190] __alloc_skb+0x2b2/0x380 [ 62.603664][ T6190] alloc_skb_with_frags+0xe0/0x860 [ 62.605738][ T6190] sock_alloc_send_pskb+0x7f9/0x980 [ 62.607848][ T6190] unix_dgram_sendmsg+0x3e9/0x17f0 [ 62.609932][ T6190] unix_seqpacket_sendmsg+0x12a/0x1c0 [ 62.612113][ T6190] ____sys_sendmsg+0xa98/0xc70 [ 62.614069][ T6190] page last free pid 5937 tgid 5937 stack trace: [ 62.616333][ T6190] __free_frozen_pages+0x7df/0x1160 [ 62.618247][ T6190] qlist_free_all+0x4d/0x120 [ 62.620114][ T6190] kasan_quarantine_reduce+0x195/0x1e0 [ 62.622306][ T6190] __kasan_slab_alloc+0x69/0x90 [ 62.624305][ T6190] __kmalloc_node_noprof+0x2ff/0x8a0 [ 62.626435][ T6190] qdisc_alloc+0xbb/0xc50 [ 62.628189][ T6190] qdisc_create_dflt+0x94/0x490 [ 62.630139][ T6190] dev_activate+0x63f/0x12d0 [ 62.631608][ T6190] __dev_open+0x432/0x7c0 [ 62.633358][ T6190] __dev_change_flags+0x55d/0x720 [ 62.635404][ T6190] netif_change_flags+0x8d/0x160 [ 62.637390][ T6190] do_setlink.constprop.0+0xb53/0x4380 [ 62.639606][ T6190] rtnl_newlink+0x1446/0x2000 [ 62.641513][ T6190] rtnetlink_rcv_msg+0x95e/0xe90 [ 62.643515][ T6190] netlink_rcv_skb+0x158/0x420 [ 62.645481][ T6190] netlink_unicast+0x5aa/0x870 [ 62.647240][ T6190] [ 62.648008][ T6190] Memory state around the buggy address: [ 62.650205][ T6190] ffff888047e00980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 62.653393][ T6190] ffff888047e00a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 62.656576][ T6190] >ffff888047e00a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 62.659739][ T6190] ^ [ 62.662780][ T6190] ffff888047e00b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 62.665682][ T6190] ffff888047e00b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 62.668878][ T6190] ================================================================== [ 62.675703][ T6190] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 62.678007][ T6190] CPU: 1 UID: 0 PID: 6190 Comm: syz.0.62 Not tainted syzkaller #0 PREEMPT(full) [ 62.680893][ T6190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 62.684269][ T6190] Call Trace: [ 62.685352][ T6190] [ 62.686302][ T6190] dump_stack_lvl+0x3d/0x1f0 [ 62.687794][ T6190] vpanic+0x640/0x6f0 [ 62.689072][ T6190] panic+0xca/0xd0 [ 62.690272][ T6190] ? __pfx_panic+0x10/0x10 [ 62.691696][ T6190] ? __cpa_addr+0x1d3/0x220 [ 62.693138][ T6190] ? preempt_schedule_common+0x44/0xc0 [ 62.694898][ T6190] ? preempt_schedule_thunk+0x16/0x30 [ 62.696643][ T6190] check_panic_on_warn+0xab/0xb0 [ 62.698205][ T6190] end_report+0x107/0x170 [ 62.699584][ T6190] kasan_report+0xee/0x110 [ 62.701006][ T6190] ? __cpa_addr+0x1d3/0x220 [ 62.702451][ T6190] __cpa_addr+0x1d3/0x220 [ 62.703828][ T6190] cpa_flush+0x28b/0x8a0 [ 62.705241][ T6190] ? __pfx_cpa_flush+0x10/0x10 [ 62.706769][ T6190] ? pgprot2cachemode+0x9a/0x130 [ 62.708351][ T6190] ? __pfx_pgprot2cachemode+0x10/0x10 [ 62.710033][ T6190] ? drm_gem_get_pages+0x6a0/0xa10 [ 62.711672][ T6190] change_page_attr_set_clr+0x34e/0x4a0 [ 62.713414][ T6190] ? __pfx_change_page_attr_set_clr+0x10/0x10 [ 62.715366][ T6190] _set_pages_array+0x1ab/0x2c0 [ 62.716917][ T6190] drm_gem_shmem_get_pages_locked+0x384/0x490 [ 62.718824][ T6190] ? __pfx_drm_gem_shmem_get_pages_locked+0x10/0x10 [ 62.720918][ T6190] ? __pfx___might_resched+0x10/0x10 [ 62.722596][ T6190] drm_gem_shmem_mmap+0xc9/0x550 [ 62.724205][ T6190] ? __pfx_drm_gem_shmem_object_mmap+0x10/0x10 [ 62.726144][ T6190] drm_gem_mmap_obj+0x1b5/0x560 [ 62.727693][ T6190] drm_gem_mmap+0x40b/0x620 [ 62.729136][ T6190] ? __pfx_drm_gem_mmap+0x10/0x10 [ 62.730724][ T6190] ? vm_area_alloc+0x1f/0x160 [ 62.732220][ T6190] ? lockdep_init_map_type+0x5c/0x280 [ 62.733928][ T6190] __mmap_region+0x1309/0x27a0 [ 62.735450][ T6190] ? __pfx___mmap_region+0x10/0x10 [ 62.737061][ T6190] ? __cgroup_account_cputime+0xcc/0x120 [ 62.738823][ T6190] ? update_se+0x43f/0x710 [ 62.740247][ T6190] ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10 [ 62.742298][ T6190] ? update_curr+0x3fb/0x550 [ 62.743772][ T6190] ? trace_sched_exit_tp+0xd1/0x120 [ 62.745432][ T6190] ? __schedule+0x11a3/0x5de0 [ 62.746929][ T6190] ? irqentry_exit+0x3b/0x90 [ 62.748395][ T6190] ? lockdep_hardirqs_on+0x7c/0x110 [ 62.750027][ T6190] mmap_region+0x1ab/0x3f0 [ 62.751451][ T6190] ? __get_unmapped_area+0x267/0x440 [ 62.753122][ T6190] do_mmap+0xa3e/0x1210 [ 62.754458][ T6190] ? __pfx_do_mmap+0x10/0x10 [ 62.755942][ T6190] ? __pfx_down_write_killable+0x10/0x10 [ 62.757711][ T6190] vm_mmap_pgoff+0x29e/0x470 [ 62.759191][ T6190] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 62.760807][ T6190] ? __fget_files+0x20e/0x3c0 [ 62.762306][ T6190] ksys_mmap_pgoff+0x32c/0x5c0 [ 62.763835][ T6190] __x64_sys_mmap+0x125/0x190 [ 62.765368][ T6190] do_syscall_64+0xcd/0xfa0 [ 62.766816][ T6190] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.768683][ T6190] RIP: 0033:0x7f79eb58eec9 [ 62.770099][ T6190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.776327][ T6190] RSP: 002b:00007f79ec4cb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 62.778946][ T6190] RAX: ffffffffffffffda RBX: 00007f79eb7e5fa0 RCX: 00007f79eb58eec9 [ 62.781425][ T6190] RDX: 0000000000000004 RSI: 0000000000004000 RDI: 0000200000001000 [ 62.784010][ T6190] RBP: 00007f79eb611f91 R08: 0000000000000003 R09: 0000000100000000 [ 62.786586][ T6190] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 62.789176][ T6190] R13: 00007f79eb7e6038 R14: 00007f79eb7e5fa0 R15: 00007ffe9fd0b588 [ 62.791780][ T6190] [ 62.793494][ T6190] Kernel Offset: disabled [ 62.794839][ T6190] Rebooting in 86400 seconds.. VM DIAGNOSIS: 22:32:31 Registers: info registers vcpu 0 CPU#0 RAX=0000000000080000 RBX=000000000000003d RCX=ffffc90007762000 RDX=0000000000080000 RSI=ffffffff819c1d0f RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc900045af110 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=53414b203a475542 R12=1ffff920008b5e24 R13=0000000000000000 R14=ffff88801bfa0000 R15=ffffc900045af1d8 RIP=ffffffff819c1d11 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f79ec4cb6c0 ffffffff 00c00000 GS =0000 ffff8880d69d9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f79ec4a9f98 CR3=000000005218f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000002000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe9fd0b910 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f79eb612fbe ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f79eb612fcb ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f79eb612fc5 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f79eb612fd9 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f79eb61305f ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f79eb61313d ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff853088d5 RDI=ffffffff9ae077e0 RBP=ffffffff9ae077a0 RSP=ffffc9000078f870 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000034 R14=ffffffff9ae077a0 R15=ffffffff85308870 RIP=ffffffff853088ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6ad9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f79ec4aad58 CR3=000000004ebfb000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fec0ffd0 Opmask01=0000000000004211 Opmask02=000000007ffeffff Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 000056209243de30 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6d7f44a7f0 00007f6d7f44a7e0 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6d7edf1b20 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff00000000 ff00000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656c696620732520 6465746165726300 0a73253a47000a73 253d73253a45000a ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40494c4305560005 4140514440574600 0a56001f47000a56 001856001f45000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 0000000000000000 000056209243de30 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 003a756b733a302e 30312d3533712d63 707276633a317463 3a554d45516e7663 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a302e30312d3533 712d63707276703a 29393030322c3948 43492b3533512843 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 50647261646e6174 536e703a554d4551 6e76733a302e3072 623a343130322f31 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 302f343064623a31 2b32316f70627e32 2d332e36312e312d 6e61696265642d33 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00414132302c3841 32302c344132302c 314132302c323832 302c463532302c44 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000014100 000000000000303d 44440045525f5346 0054242044492065 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88806a63b580 RCX=ffffffff81b14373 RDX=ffff88801d6d4900 RSI=ffffffff81b1434d RDI=0000000000000005 RBP=ffffc90000157cf8 RSP=ffffc90000157ba0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=fffffbfff1c79e5e R12=1ffff9200002af7c R13=0000000000000001 R14=0000000000000001 R15=ffffed100d4c76b1 RIP=ffffffff81b14353 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] FS =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] GS =0000 ffff8880d6bd9000 ffffffff 00c09300 DPL=0 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000003a10f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 EAX=00010006 EBX=00000000 ECX=00000640 EDX=16000041 ESI=ffff0ff0 EDI=00000044 EBP=00000000 ESP=00000d54 EIP=000000d8 EFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0018 00000000 000fffff 00009300 CS =0000 00000000 000fffff 00009b00 SS =0018 00000000 000fffff 00009300 DS =0018 00000000 000fffff 00009300 FS =0018 00000000 000fffff 00009300 GS =0018 00000000 000fffff 00009300 LDT=0008 00001800 000007ff 00408200 TR =0000 00000000 0000ffff 00008b00 GDT= 00001000 000007ff IDT= 00000000 0000ffff CR0=00000030 CR2=00000000 CR3=00000000 CR4=00002d54 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000000 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000