last executing test programs: 23.269911672s ago: executing program 3 (id=937): socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) r2 = openat(0xffffffffffffff9c, 0x0, 0x401c2, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) sendfile(r3, r2, 0x0, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00', r4}, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000400)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000054000100010000000000000007000000", @ANYRES32=r5, @ANYBLOB="20000100", @ANYRES32=r7, @ANYBLOB="010003007f0000010000000000000000e6ff0000000000008660b5b32369db24a8a88567339eab5ddd615899f539e224d14feb7d3979788cd505f2330b04ff103631dd635a607872467d48157561d718ace30e918fc69704c1d68059e525960c6b2a112d2ba804d5"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0) 23.234576784s ago: executing program 3 (id=938): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x11a) mknodat(r0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./bus\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdir(&(0x7f0000000240)='./bus\x00', 0x0) chdir(&(0x7f00000003c0)='./bus\x00') renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./bus/file0\x00', 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r2, &(0x7f0000000f80)=""/4096, 0x1000) 23.187882734s ago: executing program 3 (id=939): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x80) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x103400, 0x0) readv(r2, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/15, 0x2}, {&(0x7f0000000180)=""/172, 0x2000022c}], 0x3) 22.243564666s ago: executing program 3 (id=956): sendmsg$NFC_CMD_LLC_SET_PARAMS(0xffffffffffffffff, 0x0, 0x40) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700000007"], 0x50) sendto$packet(0xffffffffffffffff, &(0x7f0000000000)='1', 0x1, 0x0, 0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r1, &(0x7f0000000000), 0xd) 22.157335708s ago: executing program 3 (id=957): sched_setscheduler(0x0, 0x1, 0x0) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$AUTOFS_IOC_PROTOVER(r0, 0x40049366, 0x0) 22.151768387s ago: executing program 3 (id=958): openat$adsp1(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x989, 0x0, 0x10}, 0x9c) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a00)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x403, 0x8001, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080) sendmmsg$inet6(r0, &(0x7f0000003f00)=[{{0x0, 0xf, &(0x7f0000000300)=[{&(0x7f0000000140)="a2", 0x1a058}], 0x1}}], 0x1, 0x0) 6.692719244s ago: executing program 32 (id=958): openat$adsp1(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x989, 0x0, 0x10}, 0x9c) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a00)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x403, 0x8001, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080) sendmmsg$inet6(r0, &(0x7f0000003f00)=[{{0x0, 0xf, &(0x7f0000000300)=[{&(0x7f0000000140)="a2", 0x1a058}], 0x1}}], 0x1, 0x0) 1.994502737s ago: executing program 0 (id=1082): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.852141374s ago: executing program 0 (id=1078): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000010003b0c00"/20, @ANYRES32=0x0, @ANYBLOB="00db000000400000200012800b0001006572730500162279"], 0x40}}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000140)={0x100, 0x640, &(0x7f0000000240)="02e19d2dfa8f6e35b50f080d91ef49d3d9d43c03e74949522ff7b13a19c3886aaa71445dad1d7c85287332e046c59debce995da0b96973bd013b2e749981d1e1e556e3f35b9651bc9b6229f2a989695c475f6f2e43d168d4b020eb7bd8ddac0575419d0690ce40fb43", 0x0, 0x69}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.636291061s ago: executing program 0 (id=1084): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r0, 0x7d4165c9) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000140)={0xa, 0x0, 0x3, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000400)={@in6={{0xa, 0x4e24, 0x91, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1}}, 0x0, 0x0, 0x32, 0x0, "0c9e089c1b4a04000bde79f04103c458187eb46c2d996aff287154e786455261c425a7519cc275d04e6205abd307a0c4fa3838bf399ad5bd35f21907c7988d1300"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e24, 0x0, @private1={0xfc, 0x1, '\x00', 0xfe}, 0x2}}, 0x0, 0x0, 0x4, 0x0, "a1c1dd75a6843e10951cd4b347113e55eb499519becf7542c90bc21470e441225642855b5f2faed4a18d67efd5f2fdf98328de94410300"}, 0xd8) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r5, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e21, 0x1, @mcast2, 0x4}}, 0x0, 0x0, 0x11, 0x0, "2b20a9a47cddc63b223be606d7fa19f22a369ae751de81ca4d11e10450d766feb63b382d54ba4bb57a219cad5ddfc1e4fe760a1ce2ca64196953e92a07b3937730a33b6deca160d8c2fbff48eb964283"}, 0xd8) listen(r6, 0x0) r7 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r7, &(0x7f0000000540)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a066f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0effeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1) 1.445796398s ago: executing program 0 (id=1094): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet(0x2, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0xffffffffffffff6e, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r2, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r0], 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0) r3 = socket$packet(0x11, 0x2, 0x300) sendto$packet(r3, 0x0, 0x0, 0x44010, &(0x7f0000000040)={0x11, 0x4, r2, 0x1, 0x7}, 0x14) 1.023775031s ago: executing program 1 (id=1087): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x5, &(0x7f0000000040)=@framed={{0xb6, 0xa, 0x0, 0x0, 0x0, 0x63, 0x11, 0x34}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x1, 0x0) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, &(0x7f0000000040)='rw\x00', 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r0}, 0x10) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) getsockopt$sock_buf(r1, 0x1, 0x1c, 0x0, &(0x7f00000001c0)) 1.023588198s ago: executing program 2 (id=1088): openat$kvm(0xffffffffffffff9c, &(0x7f0000000a40), 0x40400, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_udp(0xa, 0x2, 0x0) socket$netlink(0x10, 0x3, 0xa) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) syz_usb_connect(0x4, 0x210, &(0x7f0000000000)=ANY=[], 0x0) epoll_create1(0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x12, {"a2e3ad21ed0d09f91b5b090987f70906d038e7ff7fc6e5539b0d3d0e8b089b323b6d07060890e0878f0e1ac6e7049b334a959b3e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0931a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5bcd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39dd0000000039ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00b98e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d877a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8) 1.021614171s ago: executing program 0 (id=1096): socket$packet(0x11, 0x3, 0x300) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) creat(&(0x7f0000000300)='./bus\x00', 0x15d) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x0) ftruncate(0xffffffffffffffff, 0x2008002) sendfile(r3, 0xffffffffffffffff, 0x0, 0x80000001) 942.125482ms ago: executing program 1 (id=1089): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 941.917203ms ago: executing program 1 (id=1090): socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) openat$qrtrtun(0xffffff9c, &(0x7f0000000080), 0x80002) syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') socket$nl_netfilter(0x10, 0x3, 0xc) openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x40000012}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x601, 0x1, &(0x7f0000000340)=[r1], &(0x7f0000000280)=[0x1], &(0x7f0000000200), &(0x7f0000000040), 0x0, 0x7f}) 881.503488ms ago: executing program 1 (id=1091): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xc8}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000001c0)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x80020}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x34000811) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRES16=r0], 0x1000f) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x94, r2, 0x1, 0x0, 0xfffffffc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x75, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x2}, @broadcast, @device_a, @initial, {0x0, 0xff}, @value=@ver_80211n={0x0, 0x7f7f, 0x2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1}}, 0x0, @random=0x3, 0xd4, @val={0x0, 0x0, @random="5e207a3f3411e63589bace9b3b098e2972dad8c267a1b4c6daf2203e38d81472"}, @val, @void, @void, @val={0x6, 0x0, 0x9}, @val={0x5, 0x3, {0x9, 0xf0, 0x7}}, @val={0x25, 0x3, {0x1, 0x9c5fa755e4287b74, 0x9}}, @val={0x2a, 0x1, {0x1, 0x1, 0x1}}, @void, @val={0x2d, 0x1a, {0x400, 0x3, 0x3, 0x0, {0x6, 0x7, 0x0, 0x9, 0x0, 0x1, 0x0, 0x1, 0x1}, 0x1, 0xa3, 0x5c}}, @val={0x72, 0x1}, @val={0x71, 0x7, {0x1, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x3}}, @void}}]}, 0x94}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 632.342067ms ago: executing program 4 (id=1095): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000010003b0c00"/20, @ANYRES32=0x0, @ANYBLOB="00db000000400000200012800b0001006572730500162279"], 0x40}}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000140)={0x100, 0x640, &(0x7f0000000240)="02e19d2dfa8f6e35b50f080d91ef49d3d9d43c03e74949522ff7b13a19c3886aaa71445dad1d7c85287332e046c59debce995da0b96973bd013b2e749981d1e1e556e3f35b9651bc9b6229f2a989695c475f6f2e43d168d4b020eb7bd8ddac0575419d0690ce40fb43", 0x0, 0x69}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) ioctl$KVM_RUN(r3, 0xae80, 0x0) 442.432243ms ago: executing program 2 (id=1097): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet(0x2, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0xffffffffffffff6e, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r2, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r0], 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0) r3 = socket$packet(0x11, 0x2, 0x300) sendto$packet(r3, 0x0, 0x0, 0x44010, &(0x7f0000000040)={0x11, 0x4, r2, 0x1, 0x7}, 0x14) 442.25107ms ago: executing program 2 (id=1098): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4048841) r1 = socket$vsock_stream(0x28, 0x1, 0x0) ioctl$int_in(r1, 0x5421, &(0x7f0000000080)=0x2) connect$vsock_stream(r1, &(0x7f0000000440)={0x28, 0x0, 0x0, @local}, 0x10) r2 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1000, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000000)=0x1) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000040)) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_ALM_READ(r4, 0x40187013, &(0x7f0000000040)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_WRITE_ENCRYPT_MODE={{0x31}, 0x6}}}, 0x7) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) 392.451812ms ago: executing program 4 (id=1099): r0 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000004700)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000005c0)={0x60, r0, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r1}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084) 342.178931ms ago: executing program 4 (id=1100): r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1) 341.960437ms ago: executing program 2 (id=1101): socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) openat$qrtrtun(0xffffff9c, &(0x7f0000000080), 0x80002) syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') socket$nl_netfilter(0x10, 0x3, 0xc) openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x40000012}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x601, 0x1, &(0x7f0000000340)=[r1], &(0x7f0000000280)=[0x1], &(0x7f0000000200), &(0x7f0000000040), 0x0, 0x7f}) 341.76854ms ago: executing program 4 (id=1102): socket$nl_generic(0x10, 0x3, 0x10) socket$netlink(0x10, 0x3, 0x10) socket$kcm(0x10, 0x2, 0x4) socket(0x11, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$kcm(0x10, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) memfd_secret(0x0) r0 = syz_io_uring_setup(0x19f2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x14, 0x0, 0x0, 0x0, 0x2b, @empty, @empty}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[@ANYRES64=r3], 0x118) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, r4, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 242.156181ms ago: executing program 2 (id=1103): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000010003b0c00"/20, @ANYBLOB="00db000000400000200012800b0001006572"], 0x40}}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) ioctl$KVM_RUN(r3, 0xae80, 0x0) 241.725844ms ago: executing program 4 (id=1104): r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) timerfd_settime(0xffffffffffffffff, 0x3, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r1, 0xc0285628, &(0x7f0000000080)={0x3, @win={{0x2}, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0, 0x40}}) r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r2, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x0, 0x0, &(0x7f0000000040)={{0x6}}, 0x0, 0x0}}) 55.408069ms ago: executing program 0 (id=1105): openat$kvm(0xffffffffffffff9c, &(0x7f0000000a40), 0x40400, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_udp(0xa, 0x2, 0x0) socket$netlink(0x10, 0x3, 0xa) socket$nl_netfilter(0x10, 0x3, 0xc) socket(0x11, 0x2, 0x0) syz_usb_connect(0x4, 0x210, &(0x7f0000000000)=ANY=[], 0x0) epoll_create1(0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x12, {"a2e3ad21ed0d09f91b5b090987f70906d038e7ff7fc6e5539b0d3d0e8b089b323b6d07060890e0878f0e1ac6e7049b334a959b3e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0931a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5bcd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39dd0000000039ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00b98e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d877a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8) 52.733062ms ago: executing program 1 (id=1106): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r0, 0x7d4165c9) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000140)={0xa, 0x0, 0x3, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000400)={@in6={{0xa, 0x4e24, 0x91, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1}}, 0x0, 0x0, 0x32, 0x0, "0c9e089c1b4a04000bde79f04103c458187eb46c2d996aff287154e786455261c425a7519cc275d04e6205abd307a0c4fa3838bf399ad5bd35f21907c7988d1300"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e24, 0x0, @private1={0xfc, 0x1, '\x00', 0xfe}, 0x2}}, 0x0, 0x0, 0x4, 0x0, "a1c1dd75a6843e10951cd4b347113e55eb499519becf7542c90bc21470e441225642855b5f2faed4a18d67efd5f2fdf98328de94410300"}, 0xd8) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r5, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e21, 0x1, @mcast2, 0x4}}, 0x0, 0x0, 0x11, 0x0, "2b20a9a47cddc63b223be606d7fa19f22a369ae751de81ca4d11e10450d766feb63b382d54ba4bb57a219cad5ddfc1e4fe760a1ce2ca64196953e92a07b3937730a33b6deca160d8c2fbff48eb964283"}, 0xd8) listen(r6, 0x0) writev(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a066f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0effeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1) 1.070672ms ago: executing program 4 (id=1107): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='@\x00\x00', @ANYRES32=0x0, @ANYBLOB="00db00000040000020001280"], 0x40}}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x10) 275.489µs ago: executing program 2 (id=1108): r0 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000004700)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000005c0)={0x60, r0, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r1}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084) 0s ago: executing program 1 (id=1109): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4048841) r1 = socket$vsock_stream(0x28, 0x1, 0x0) ioctl$int_in(r1, 0x5421, &(0x7f0000000080)=0x2) connect$vsock_stream(r1, &(0x7f0000000440)={0x28, 0x0, 0x0, @local}, 0x10) r2 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1000, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000000)=0x1) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000040)) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_ALM_READ(r4, 0x40187013, &(0x7f0000000040)) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_WRITE_ENCRYPT_MODE={{0x31}, 0x6}}}, 0x7) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) 0s ago: executing program 2 (id=1111): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x79, 0x11, 0xc8}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8) close(r0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x15, 0x10, 0x8, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000005000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r2, 0x0, 0x0}, 0x10) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x2) r6 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r3, r5}, 0x10) bpf$ITER_CREATE(0x1d, &(0x7f0000000040)={r6, 0x7}, 0x8) kernel console output (not intermixed with test programs): e [ 45.497938][ T5951] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.499912][ T5951] bridge_slave_1: entered allmulticast mode [ 45.501954][ T5951] bridge_slave_1: entered promiscuous mode [ 45.578070][ T5937] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.580105][ T5937] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.582114][ T5937] bridge_slave_0: entered allmulticast mode [ 45.584610][ T5937] bridge_slave_0: entered promiscuous mode [ 45.608744][ T5951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.612445][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.617374][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.619899][ T5937] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.621918][ T5937] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.624426][ T5937] bridge_slave_1: entered allmulticast mode [ 45.626627][ T5937] bridge_slave_1: entered promiscuous mode [ 45.641283][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.643283][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.645509][ T5942] bridge_slave_0: entered allmulticast mode [ 45.647639][ T5942] bridge_slave_0: entered promiscuous mode [ 45.651405][ T5951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.686771][ T5937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.689233][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.691520][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.693591][ T5942] bridge_slave_1: entered allmulticast mode [ 45.696199][ T5942] bridge_slave_1: entered promiscuous mode [ 45.712126][ T5938] team0: Port device team_slave_0 added [ 45.714904][ T5937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.727774][ T5951] team0: Port device team_slave_0 added [ 45.731559][ T5938] team0: Port device team_slave_1 added [ 45.764274][ T5951] team0: Port device team_slave_1 added [ 45.786515][ T5937] team0: Port device team_slave_0 added [ 45.790175][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.805099][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.807021][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.814132][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.819788][ T5937] team0: Port device team_slave_1 added [ 45.822360][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.841125][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.843782][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.851712][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.877420][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.879982][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.888141][ T5951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.892804][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.895570][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.903124][ T5951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.927471][ T5942] team0: Port device team_slave_0 added [ 45.932526][ T5942] team0: Port device team_slave_1 added [ 45.934612][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.936538][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.943937][ T5937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.975056][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.977149][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.984857][ T5937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.994046][ T5938] hsr_slave_0: entered promiscuous mode [ 45.996039][ T5938] hsr_slave_1: entered promiscuous mode [ 46.027609][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.030261][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.038633][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.043274][ T5951] hsr_slave_0: entered promiscuous mode [ 46.046294][ T5951] hsr_slave_1: entered promiscuous mode [ 46.048829][ T5951] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.052014][ T5951] Cannot create hsr debugfs directory [ 46.070482][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.072874][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.081812][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.135133][ T5937] hsr_slave_0: entered promiscuous mode [ 46.138306][ T5937] hsr_slave_1: entered promiscuous mode [ 46.140866][ T5937] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.143999][ T5937] Cannot create hsr debugfs directory [ 46.189366][ T5942] hsr_slave_0: entered promiscuous mode [ 46.191291][ T5942] hsr_slave_1: entered promiscuous mode [ 46.193036][ T5942] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.195498][ T5942] Cannot create hsr debugfs directory [ 46.389754][ T5951] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 46.396159][ T5951] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 46.399987][ T5951] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 46.403499][ T5951] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 46.428119][ T5938] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 46.431518][ T5938] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 46.435054][ T5938] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 46.438647][ T5938] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 46.466855][ T5937] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 46.470546][ T5937] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 46.477587][ T5937] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 46.482357][ T5937] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 46.508892][ T5942] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 46.515551][ T5942] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 46.518590][ T5942] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 46.524377][ T5942] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 46.566402][ T5951] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.580038][ T5937] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.583386][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.589030][ T5951] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.606352][ T5938] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.610051][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.612104][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.618634][ T5937] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.623352][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.625876][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.630122][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.632045][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.640777][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.644112][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.646735][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.650680][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.653068][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.657299][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.659315][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.695539][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.706829][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.708947][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.719700][ T40] audit: type=1400 audit(1741720447.965:114): avc: denied { sys_module } for pid=5938 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 46.721460][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.727919][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.789517][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.809907][ T5938] veth0_vlan: entered promiscuous mode [ 46.815605][ T5951] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.819768][ T5938] veth1_vlan: entered promiscuous mode [ 46.840372][ T5938] veth0_macvtap: entered promiscuous mode [ 46.846446][ T5938] veth1_macvtap: entered promiscuous mode [ 46.850154][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.856531][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.868288][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.881978][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.887880][ T5951] veth0_vlan: entered promiscuous mode [ 46.895805][ T5938] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.898603][ T5938] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.901913][ T5938] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.905332][ T5938] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.914731][ T5951] veth1_vlan: entered promiscuous mode [ 46.949957][ T5942] veth0_vlan: entered promiscuous mode [ 46.960252][ T5937] veth0_vlan: entered promiscuous mode [ 46.974495][ T5942] veth1_vlan: entered promiscuous mode [ 46.984758][ T5951] veth0_macvtap: entered promiscuous mode [ 46.989546][ T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.989696][ T5951] veth1_macvtap: entered promiscuous mode [ 46.991943][ T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.995720][ T5937] veth1_vlan: entered promiscuous mode [ 47.018888][ T5942] veth0_macvtap: entered promiscuous mode [ 47.022578][ T5942] veth1_macvtap: entered promiscuous mode [ 47.022978][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.028607][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.028816][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.032311][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.039015][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.043917][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.046687][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.050697][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.056762][ T5951] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.059893][ T5951] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.063004][ T5951] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.066659][ T5951] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.076650][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.080027][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.082768][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.085837][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.089103][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.098013][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.101787][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.105899][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.108972][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.112387][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.114293][ T5293] Bluetooth: hci3: command tx timeout [ 47.114301][ T5945] Bluetooth: hci1: command tx timeout [ 47.124579][ T5293] Bluetooth: hci2: command tx timeout [ 47.124712][ T5937] veth0_macvtap: entered promiscuous mode [ 47.128463][ T5938] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 47.131400][ T5937] veth1_macvtap: entered promiscuous mode [ 47.138287][ T5942] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.140897][ T5942] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.145169][ T5942] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.148860][ T5942] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.186253][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.189135][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.192085][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.192987][ T6005] netlink: 'syz.2.3': attribute type 1 has an invalid length. [ 47.196747][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.202445][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.205404][ T5293] Bluetooth: hci0: command tx timeout [ 47.207745][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.213042][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.217008][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.217078][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.219825][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.222629][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.222638][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.232032][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.235169][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.238245][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.241709][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.250003][ T5937] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.252534][ T5937] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.253179][ T6005] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3'. [ 47.255097][ T5937] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.255131][ T5937] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.265658][ T90] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.268150][ T90] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.290231][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.294500][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.316285][ T1174] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.318436][ T1174] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.320570][ T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.322995][ T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.352259][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.361258][ T6011] netlink: 'syz.2.5': attribute type 4 has an invalid length. [ 47.362735][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.511272][ T64] IPVS: starting estimator thread 0... [ 47.548411][ T6034] Illegal XDP return value 4294966772 on prog (id 3) dev syz_tun, expect packet loss! [ 47.616822][ T6030] IPVS: using max 36 ests per chain, 86400 per kthread [ 47.718914][ T6044] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 47.777062][ T6050] netlink: 24 bytes leftover after parsing attributes in process `syz.3.16'. [ 47.780374][ T6050] sch_tbf: burst 88 is lower than device team0 mtu (1514) ! [ 47.842544][ T6055] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17'. [ 48.292625][ T6064] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 48.748903][ T6069] warning: `syz.1.22' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 48.831160][ T6071] syz.1.23 uses obsolete (PF_INET,SOCK_PACKET) [ 48.904855][ T6073] 9pnet_virtio: no channels available for device syz [ 48.945997][ T6073] syz.3.24 (6073) used greatest stack depth: 19872 bytes left [ 49.038588][ T6081] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 49.193914][ T5945] Bluetooth: hci2: command tx timeout [ 49.193992][ T5955] Bluetooth: hci3: command tx timeout [ 49.194008][ T5954] Bluetooth: hci1: command tx timeout [ 49.202646][ T6083] could not allocate digest TFM handle cryptd(blake2b-160) [ 49.273920][ T5955] Bluetooth: hci0: command tx timeout [ 49.449934][ T6127] netlink: 'syz.1.39': attribute type 10 has an invalid length. [ 49.469509][ T6127] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 49.520217][ T6131] netlink: 'syz.1.42': attribute type 7 has an invalid length. [ 49.524083][ T6131] netlink: 8 bytes leftover after parsing attributes in process `syz.1.42'. [ 49.670250][ T6144] evm: overlay not supported [ 49.956162][ T40] kauditd_printk_skb: 113 callbacks suppressed [ 49.956172][ T40] audit: type=1400 audit(1741720451.205:228): avc: denied { connect } for pid=6151 comm="syz.1.48" lport=7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 50.038305][ T40] audit: type=1400 audit(1741720451.285:229): avc: denied { mounton } for pid=6153 comm="syz.1.49" path="/19/file0" dev="tmpfs" ino=145 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 50.321089][ T6104] Set syz1 is full, maxelem 65536 reached [ 50.471086][ T6166] tipc: Started in network mode [ 50.472468][ T6166] tipc: Node identity aaaaaaaaaa34, cluster identity 4711 [ 50.477796][ T6166] tipc: Enabled bearer , priority 10 [ 50.485788][ T6166] tipc: Resetting bearer [ 50.488569][ T6166] tipc: Resetting bearer [ 50.573834][ T40] audit: type=1400 audit(1741720451.815:230): avc: denied { ioctl } for pid=6171 comm="syz.3.56" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=8047 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 50.580731][ T40] audit: type=1400 audit(1741720451.815:231): avc: denied { append } for pid=6171 comm="syz.3.56" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 50.831854][ T40] audit: type=1400 audit(1741720452.075:232): avc: denied { read } for pid=6177 comm="syz.3.57" name="usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 50.847636][ T40] audit: type=1400 audit(1741720452.085:233): avc: denied { open } for pid=6177 comm="syz.3.57" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 51.274407][ T5955] Bluetooth: hci3: command 0x040f tx timeout [ 51.275953][ T5945] Bluetooth: hci1: command tx timeout [ 51.275996][ T5954] Bluetooth: hci2: command tx timeout [ 51.353760][ T5293] Bluetooth: hci0: command tx timeout [ 51.358756][ T6200] process 'syz.3.61' launched './file1' with NULL argv: empty string added [ 51.363203][ T40] audit: type=1400 audit(1741720452.605:234): avc: denied { execute_no_trans } for pid=6199 comm="syz.3.61" path="/18/file1" dev="tmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 51.484888][ T833] tipc: Node number set to 10398378 [ 51.512282][ T6207] netlink: 'syz.2.64': attribute type 10 has an invalid length. [ 51.519465][ T6207] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.522314][ T6207] bond0: (slave team0): Enslaving as an active interface with an up link [ 51.543580][ T40] audit: type=1400 audit(1741720452.785:235): avc: denied { bind } for pid=6209 comm="syz.3.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 51.549167][ T40] audit: type=1400 audit(1741720452.795:236): avc: denied { listen } for pid=6209 comm="syz.3.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 51.555172][ T40] audit: type=1400 audit(1741720452.795:237): avc: denied { setopt } for pid=6209 comm="syz.3.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 51.642047][ T6218] ipvlan2: entered promiscuous mode [ 51.647276][ T6218] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 51.649938][ T6218] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 51.652179][ T6205] kvm: kvm [6204]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x3eb [ 51.670150][ T6205] kvm: kvm [6204]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x1757 [ 51.700608][ T6205] kvm: kvm [6204]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x5b0a [ 51.738606][ T6205] kvm: kvm [6204]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x8dbf [ 51.752592][ T6205] kvm: kvm [6204]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x9a7e [ 51.759997][ T6205] kvm: kvm [6204]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xa270 [ 51.945241][ T6232] netlink: 4 bytes leftover after parsing attributes in process `syz.2.73'. [ 51.992748][ T6234] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 51.996509][ T6234] IPv6: NLM_F_CREATE should be set when creating new route [ 52.009430][ T6234] lo: entered allmulticast mode [ 52.012389][ T6234] tunl0: entered allmulticast mode [ 52.015771][ T6234] gre0: entered allmulticast mode [ 52.019650][ T6234] gretap0: entered allmulticast mode [ 52.023128][ T6234] erspan0: entered allmulticast mode [ 52.026656][ T6234] ip_vti0: entered allmulticast mode [ 52.029058][ T6234] ip6_vti0: entered allmulticast mode [ 52.031570][ T6234] sit0: entered allmulticast mode [ 52.034558][ T6234] ip6tnl0: entered allmulticast mode [ 52.037659][ T6234] ip6gre0: entered allmulticast mode [ 52.041846][ T6234] syz_tun: entered allmulticast mode [ 52.045020][ T6234] ip6gretap0: entered allmulticast mode [ 52.048499][ T6234] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.051273][ T6234] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.055220][ T6234] bridge0: entered allmulticast mode [ 52.058364][ T6234] vcan0: entered allmulticast mode [ 52.061332][ T6234] bond0: entered allmulticast mode [ 52.062887][ T6234] bond_slave_0: entered allmulticast mode [ 52.066099][ T6234] bond_slave_1: entered allmulticast mode [ 52.070817][ T6234] team0: entered allmulticast mode [ 52.072427][ T6234] team_slave_0: entered allmulticast mode [ 52.074858][ T6234] team_slave_1: entered allmulticast mode [ 52.077843][ T6234] dummy0: entered allmulticast mode [ 52.080558][ T6234] nlmon0: entered allmulticast mode [ 52.082686][ T6234] caif0: entered allmulticast mode [ 52.084421][ T6234] batadv0: entered allmulticast mode [ 52.089785][ T6234] vxcan0: entered allmulticast mode [ 52.091773][ T6234] vxcan1: entered allmulticast mode [ 52.094053][ T6234] veth0: entered allmulticast mode [ 52.097006][ T6234] veth1: entered allmulticast mode [ 52.105643][ T6234] wg0: entered allmulticast mode [ 52.114099][ T6234] wg1: entered allmulticast mode [ 52.120660][ T6234] wg2: entered allmulticast mode [ 52.125361][ T6234] veth0_to_bridge: entered allmulticast mode [ 52.130219][ T6234] veth1_to_bridge: entered allmulticast mode [ 52.134502][ T6234] veth0_to_bond: entered allmulticast mode [ 52.139990][ T6234] veth1_to_bond: entered allmulticast mode [ 52.144245][ T6234] veth0_to_team: entered allmulticast mode [ 52.148215][ T6234] veth1_to_team: entered allmulticast mode [ 52.152650][ T6234] veth0_to_batadv: entered allmulticast mode [ 52.155708][ T6234] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 52.158448][ T6234] batadv_slave_0: entered allmulticast mode [ 52.161722][ T6234] veth1_to_batadv: entered allmulticast mode [ 52.164618][ T6234] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 52.167243][ T6234] batadv_slave_1: entered allmulticast mode [ 52.170096][ T6234] xfrm0: entered allmulticast mode [ 52.173102][ T6234] veth0_to_hsr: entered allmulticast mode [ 52.176332][ T6234] hsr_slave_0: entered allmulticast mode [ 52.179243][ T6234] veth1_to_hsr: entered allmulticast mode [ 52.181951][ T6234] hsr_slave_1: entered allmulticast mode [ 52.184789][ T6234] hsr0: entered allmulticast mode [ 52.189347][ T6234] veth1_virt_wifi: entered allmulticast mode [ 52.192282][ T6234] veth0_virt_wifi: entered allmulticast mode [ 52.195307][ T6234] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 52.198151][ T6234] veth1_vlan: entered allmulticast mode [ 52.201413][ T6234] veth0_vlan: entered allmulticast mode [ 52.206366][ T6234] vlan0: entered allmulticast mode [ 52.207906][ T6234] vlan1: entered allmulticast mode [ 52.209716][ T6234] macvlan0: entered allmulticast mode [ 52.212933][ T6234] macvlan1: entered allmulticast mode [ 52.215743][ T6234] ipvlan0: entered allmulticast mode [ 52.217302][ T6234] ipvlan1: entered allmulticast mode [ 52.219643][ T6234] veth1_macvtap: entered allmulticast mode [ 52.224479][ T6234] veth0_macvtap: entered allmulticast mode [ 52.228053][ T6234] macvtap0: entered allmulticast mode [ 52.231058][ T6234] macsec0: entered allmulticast mode [ 52.234423][ T6234] geneve0: entered allmulticast mode [ 52.237196][ T6234] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 52.240031][ T6234] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 52.242562][ T6234] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 52.247286][ T6234] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 52.250189][ T6234] geneve1: entered allmulticast mode [ 52.253999][ T6234] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 52.257321][ T6234] netdevsim netdevsim0 netdevsim1: entered allmulticast mode [ 52.260142][ T6234] netdevsim netdevsim0 netdevsim2: entered allmulticast mode [ 52.264860][ T6234] netdevsim netdevsim0 netdevsim3: entered allmulticast mode [ 52.285110][ T6234] mac80211_hwsim hwsim5 wlan0: entered allmulticast mode [ 52.294464][ T6234] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 52.352029][ T6246] netlink: 24 bytes leftover after parsing attributes in process `syz.2.78'. [ 52.931099][ T6264] netfs: Couldn't get user pages (rc=-14) [ 53.024387][ T6266] netlink: 'syz.0.84': attribute type 12 has an invalid length. [ 53.354241][ T5293] Bluetooth: hci1: command tx timeout [ 53.363855][ T5293] Bluetooth: hci2: command tx timeout [ 53.363903][ T5945] Bluetooth: hci3: command 0x040f tx timeout [ 53.443820][ T5945] Bluetooth: hci0: command tx timeout [ 53.650075][ T6298] xt_hashlimit: size too large, truncated to 1048576 [ 53.820671][ T6306] netlink: 48 bytes leftover after parsing attributes in process `syz.2.100'. [ 53.937256][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 53.940329][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.013989][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 54.894173][ T6340] netlink: 12 bytes leftover after parsing attributes in process `syz.2.112'. [ 54.945603][ T6342] netlink: 12 bytes leftover after parsing attributes in process `syz.0.113'. [ 54.950156][ T6342] bridge_slave_1: left promiscuous mode [ 54.953500][ T6342] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.123791][ T64] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 55.273723][ T64] usb 6-1: Using ep0 maxpacket: 8 [ 55.280191][ T64] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 55.283257][ T64] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 55.288990][ T64] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.293377][ T64] usb 6-1: config 0 descriptor?? [ 55.433873][ T5945] Bluetooth: hci3: command 0x040f tx timeout [ 55.509117][ T64] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 55.601256][ T6367] netlink: 'syz.3.120': attribute type 10 has an invalid length. [ 55.615032][ T6367] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 55.621050][ T40] kauditd_printk_skb: 44 callbacks suppressed [ 55.621087][ T40] audit: type=1400 audit(1741720456.865:282): avc: denied { mount } for pid=6368 comm="syz.2.121" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 55.644351][ T40] audit: type=1400 audit(1741720456.895:283): avc: denied { unmount } for pid=5938 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 55.681526][ T6373] netlink: 'syz.2.122': attribute type 1 has an invalid length. [ 55.691147][ T6373] 8021q: adding VLAN 0 to HW filter on device bond1 [ 55.710553][ T6373] bond1: (slave ip6gretap1): making interface the new active one [ 55.711188][ T64] usb 6-1: USB disconnect, device number 2 [ 55.713541][ T6373] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 55.728474][ T6373] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link [ 55.774267][ T40] audit: type=1400 audit(1741720457.015:284): avc: denied { mounton } for pid=6378 comm="syz.0.126" path="/31/file0" dev="tmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 55.783423][ T6379] netfs: Couldn't get user pages (rc=-14) [ 55.806496][ T6381] netlink: 4 bytes leftover after parsing attributes in process `syz.2.125'. [ 55.836632][ T40] audit: type=1400 audit(1741720457.085:285): avc: denied { rename } for pid=6370 comm="syz.3.123" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 55.876903][ T6387] netlink: 'syz.0.127': attribute type 1 has an invalid length. [ 55.896012][ T6387] 8021q: adding VLAN 0 to HW filter on device bond1 [ 55.898015][ T40] audit: type=1800 audit(1741720457.145:286): pid=6390 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.129" name="/" dev="9p" ino=2 res=0 errno=0 [ 55.902866][ T6387] vlan2: entered promiscuous mode [ 55.906822][ T6387] bond1: entered promiscuous mode [ 55.915215][ T6387] bond1: left promiscuous mode [ 56.140008][ T40] audit: type=1400 audit(1741720457.385:287): avc: denied { append } for pid=6400 comm="syz.2.133" name="iommu" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 56.148522][ T40] audit: type=1400 audit(1741720457.395:288): avc: denied { write } for pid=6400 comm="syz.2.133" path="socket:[12820]" dev="sockfs" ino=12820 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 56.159205][ T40] audit: type=1400 audit(1741720457.395:289): avc: denied { nlmsg_read } for pid=6400 comm="syz.2.133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 56.354452][ T6417] netlink: 'syz.0.139': attribute type 1 has an invalid length. [ 56.374008][ T6420] netlink: 24 bytes leftover after parsing attributes in process `syz.1.140'. [ 56.391701][ T6417] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0 [ 56.394995][ T6417] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0 [ 56.398248][ T6417] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0 [ 56.401794][ T6417] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0 [ 56.408804][ T6417] bond2: (slave geneve2): making interface the new active one [ 56.412306][ T6417] bond2: (slave geneve2): Enslaving as an active interface with an up link [ 56.424858][ T6417] netlink: 28 bytes leftover after parsing attributes in process `syz.0.139'. [ 56.430482][ T6417] 8021q: adding VLAN 0 to HW filter on device bond2 [ 56.473605][ T40] audit: type=1400 audit(1741720457.715:290): avc: denied { create } for pid=6424 comm="syz.2.141" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 56.484525][ T40] audit: type=1400 audit(1741720457.735:291): avc: denied { mounton } for pid=6424 comm="syz.2.141" path="/34/file0" dev="tmpfs" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 56.686839][ T6435] kvm: pic: non byte write [ 56.692671][ T6435] kvm: pic: single mode not supported [ 56.692748][ T6435] kvm: pic: level sensitive irq not supported [ 56.716585][ T6435] kvm: pic: level sensitive irq not supported [ 56.983605][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 57.067047][ T6446] netlink: 36 bytes leftover after parsing attributes in process `syz.2.149'. [ 57.071367][ T6446] netlink: 16 bytes leftover after parsing attributes in process `syz.2.149'. [ 57.076597][ T6446] netlink: 36 bytes leftover after parsing attributes in process `syz.2.149'. [ 57.365612][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.368321][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.370534][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.396987][ T6454] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6454 comm=syz.3.152 [ 57.444172][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.483828][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.486319][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 58.032555][ T6479] netlink: 'syz.1.161': attribute type 7 has an invalid length. [ 58.036919][ T6479] __nla_validate_parse: 1 callbacks suppressed [ 58.036927][ T6479] netlink: 8 bytes leftover after parsing attributes in process `syz.1.161'. [ 58.052821][ T6482] netlink: 'syz.2.160': attribute type 39 has an invalid length. [ 58.248796][ T6489] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 58.260162][ T6491] misc userio: Begin command sent, but we're already running [ 58.518191][ T6497] pim6reg1: entered promiscuous mode [ 58.520381][ T6497] pim6reg1: entered allmulticast mode [ 58.727912][ T6504] Failed to enqueue queue_pair DETACH event datagram for context (ID=0x0) [ 58.786411][ T6511] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 59.061197][ T6532] netlink: 8 bytes leftover after parsing attributes in process `syz.2.179'. [ 59.782025][ T6539] vlan2: entered allmulticast mode [ 59.783527][ T6539] macsec0: entered allmulticast mode [ 59.789221][ T6539] veth1_macvtap: entered allmulticast mode [ 59.793549][ T6539] bridge0: port 3(vlan2) entered blocking state [ 59.796597][ T6539] bridge0: port 3(vlan2) entered disabled state [ 59.806378][ T6539] vlan2: entered promiscuous mode [ 59.808383][ T6539] macsec0: entered promiscuous mode [ 59.820773][ T6539] bridge0: port 3(vlan2) entered blocking state [ 59.824116][ T6539] bridge0: port 3(vlan2) entered forwarding state [ 59.923267][ T6552] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 60.317750][ T6571] netlink: 4 bytes leftover after parsing attributes in process `syz.1.192'. [ 60.698211][ T6581] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6581 comm=syz.1.197 [ 60.703127][ T6581] netlink: 'syz.1.197': attribute type 1 has an invalid length. [ 60.722946][ T6581] bond1: entered promiscuous mode [ 60.725546][ T6581] bond1: entered allmulticast mode [ 60.740412][ T6581] bond2: entered allmulticast mode [ 60.744535][ T6581] 8021q: adding VLAN 0 to HW filter on device bond2 [ 60.750322][ T6581] bond1: (slave bond2): Enslaving as an active interface with a down link [ 60.773249][ T6581] netlink: 28 bytes leftover after parsing attributes in process `syz.1.197'. [ 60.778050][ T6581] bond1: left promiscuous mode [ 60.779515][ T6581] bond1: left allmulticast mode [ 60.781273][ T6581] 8021q: adding VLAN 0 to HW filter on device bond1 [ 60.786396][ T6586] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 60.790000][ T40] kauditd_printk_skb: 29 callbacks suppressed [ 60.790015][ T40] audit: type=1400 audit(1741720462.035:321): avc: denied { create } for pid=6585 comm="syz.3.198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 60.796778][ T6586] kvm: pic: non byte read [ 60.806847][ T6586] kvm: pic: non byte read [ 60.811155][ T6586] kvm: pic: non byte read [ 60.815968][ T6586] kvm: pic: non byte read [ 60.821178][ T6586] kvm: pic: non byte read [ 60.828271][ T6586] kvm: pic: non byte read [ 60.837984][ T6586] kvm: pic: non byte read [ 60.842464][ T6586] kvm: pic: non byte read [ 60.856098][ T6586] kvm: pic: level sensitive irq not supported [ 60.856379][ T6586] kvm: pic: non byte read [ 60.860883][ T6586] kvm: pic: level sensitive irq not supported [ 60.861356][ T6586] kvm: pic: non byte read [ 60.866637][ T6586] kvm: pic: level sensitive irq not supported [ 60.870174][ T6586] kvm: pic: single mode not supported [ 60.876350][ T6586] kvm: pic: single mode not supported [ 60.880664][ T6586] kvm: pic: single mode not supported [ 60.885039][ T6586] kvm: pic: single mode not supported [ 60.887973][ T6586] kvm: pic: single mode not supported [ 60.906668][ T6586] kvm: pic: level sensitive irq not supported [ 60.999811][ T40] audit: type=1400 audit(1741720462.245:322): avc: denied { map } for pid=6593 comm="syz.1.201" path="socket:[11047]" dev="sockfs" ino=11047 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 61.007749][ T6597] netlink: 4 bytes leftover after parsing attributes in process `syz.0.202'. [ 61.010511][ T40] audit: type=1400 audit(1741720462.245:323): avc: denied { read } for pid=6593 comm="syz.1.201" path="socket:[11047]" dev="sockfs" ino=11047 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 61.023770][ T40] audit: type=1400 audit(1741720462.255:324): avc: denied { bind } for pid=6596 comm="syz.0.202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 61.030385][ T40] audit: type=1400 audit(1741720462.255:325): avc: denied { setopt } for pid=6596 comm="syz.0.202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 61.080742][ T6601] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 61.088135][ T6601] kvm: pic: level sensitive irq not supported [ 61.089419][ T6601] kvm: pic: level sensitive irq not supported [ 61.143907][ T31] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 61.156079][ T5945] Bluetooth: hci3: unexpected event 0x03 length: 1 < 11 [ 61.158880][ T40] audit: type=1400 audit(1741720462.405:326): avc: denied { write } for pid=6607 comm="syz.3.206" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 61.167431][ T40] audit: type=1400 audit(1741720462.415:327): avc: denied { open } for pid=6607 comm="syz.3.206" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 61.175378][ T40] audit: type=1400 audit(1741720462.415:328): avc: denied { ioctl } for pid=6607 comm="syz.3.206" path="/dev/ppp" dev="devtmpfs" ino=730 ioctlcmd=0x7438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 61.295687][ T31] usb 7-1: too many configurations: 9, using maximum allowed: 8 [ 61.298743][ T31] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 61.301532][ T31] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 61.305509][ T31] usb 7-1: config 0 interface 0 has no altsetting 0 [ 61.308200][ T31] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 61.310725][ T31] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 61.314856][ T31] usb 7-1: config 0 interface 0 has no altsetting 0 [ 61.318530][ T31] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 61.321102][ T31] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 61.324359][ T31] usb 7-1: config 0 interface 0 has no altsetting 0 [ 61.326335][ T40] audit: type=1400 audit(1741720462.575:329): avc: denied { write } for pid=6614 comm="syz.3.209" path="socket:[13188]" dev="sockfs" ino=13188 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 61.326977][ T31] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 61.337517][ T31] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 61.340590][ T31] usb 7-1: config 0 interface 0 has no altsetting 0 [ 61.343301][ T31] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 61.347164][ T31] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 61.351163][ T31] usb 7-1: config 0 interface 0 has no altsetting 0 [ 61.355838][ T31] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 61.359096][ T31] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 61.363044][ T31] usb 7-1: config 0 interface 0 has no altsetting 0 [ 61.368029][ T31] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 61.371272][ T31] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 61.375362][ T31] usb 7-1: config 0 interface 0 has no altsetting 0 [ 61.378703][ T31] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 61.382019][ T31] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 61.386283][ T31] usb 7-1: config 0 interface 0 has no altsetting 0 [ 61.390573][ T31] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 61.394153][ T31] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 61.397233][ T31] usb 7-1: Product: syz [ 61.398798][ T31] usb 7-1: Manufacturer: syz [ 61.400558][ T31] usb 7-1: SerialNumber: syz [ 61.405381][ T31] usb 7-1: config 0 descriptor?? [ 61.412806][ T31] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0 [ 61.620641][ T5974] usb 7-1: USB disconnect, device number 2 [ 61.625257][ T5974] yurex 7-1:0.0: USB YUREX #0 now disconnected [ 61.923961][ T40] audit: type=1400 audit(1741720463.165:330): avc: denied { create } for pid=6622 comm="syz.1.212" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 62.138695][ T6625] overlayfs: failed to get inode (-116) [ 62.141065][ T6625] overlayfs: failed to get inode (-116) [ 62.143838][ T6625] overlayfs: failed to get inode (-116) [ 62.146432][ T6625] overlayfs: failed to get inode (-116) [ 62.267675][ T6633] overlayfs: failed to get inode (-116) [ 62.270830][ T6633] overlayfs: failed to get inode (-116) [ 62.310021][ T6635] netlink: 4 bytes leftover after parsing attributes in process `syz.2.217'. [ 62.313849][ T6635] netlink: 12 bytes leftover after parsing attributes in process `syz.2.217'. [ 62.718244][ T5945] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 62.720865][ T5945] Bluetooth: hci0: Injecting HCI hardware error event [ 62.724299][ T5293] Bluetooth: hci0: hardware error 0x00 [ 62.910759][ T6654] IPVS: Error connecting to the multicast addr [ 63.023760][ T31] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 63.186728][ T31] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 63.189296][ T31] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 63.191532][ T31] usb 7-1: Product: syz [ 63.192736][ T31] usb 7-1: Manufacturer: syz [ 63.194958][ T31] usb 7-1: SerialNumber: syz [ 63.208446][ T31] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 63.234492][ T6660] netlink: 'syz.3.226': attribute type 39 has an invalid length. [ 63.251764][ T63] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 63.324760][ T6666] netlink: 4 bytes leftover after parsing attributes in process `syz.1.228'. [ 63.336063][ T6666] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 63.339493][ T6666] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 63.342700][ T6666] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 63.345986][ T6666] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 63.350443][ T6666] vxlan0: entered promiscuous mode [ 63.493027][ T6644] random: crng reseeded on system resumption [ 63.644153][ T6673] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 63.646627][ T6673] IPv6: NLM_F_CREATE should be set when creating new route [ 64.140400][ T6681] netlink: 'syz.1.234': attribute type 10 has an invalid length. [ 64.143180][ T6681] bridge0: port 3(vlan2) entered disabled state [ 64.145822][ T6681] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.148018][ T6681] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.153584][ T6681] bridge0: port 3(vlan2) entered blocking state [ 64.155681][ T6681] bridge0: port 3(vlan2) entered forwarding state [ 64.158396][ T6681] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.160434][ T6681] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.162536][ T6681] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.164603][ T6681] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.172008][ T6681] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 64.183733][ T6681] netlink: 4 bytes leftover after parsing attributes in process `syz.1.234'. [ 64.186225][ T6681] vlan2: left promiscuous mode [ 64.187585][ T6681] macsec0: left promiscuous mode [ 64.189277][ T6681] bridge0: port 3(vlan2) entered disabled state [ 64.192244][ T6681] bridge_slave_1: left allmulticast mode [ 64.194231][ T6681] bridge_slave_1: left promiscuous mode [ 64.195862][ T6681] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.198868][ T6681] bridge_slave_0: left allmulticast mode [ 64.200470][ T6681] bridge_slave_0: left promiscuous mode [ 64.202068][ T6681] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.220945][ T6681] bond0: (slave bridge0): Releasing backup interface [ 64.323801][ T63] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 64.327279][ T63] ath9k_htc: Failed to initialize the device [ 64.345645][ T63] usb 7-1: ath9k_htc: USB layer deinitialized [ 64.600176][ T6690] bond0: (slave bond_slave_0): Releasing backup interface [ 64.606521][ T6690] bond0: (slave bond_slave_1): Releasing backup interface [ 64.624684][ T6690] team0: Port device team_slave_0 removed [ 64.632743][ T6690] team0: Port device team_slave_1 removed [ 64.636530][ T6690] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 64.639387][ T6690] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 64.643121][ T6690] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 64.645259][ T6690] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 64.652256][ T6690] bond0: (slave wlan1): Releasing backup interface [ 64.662972][ T6690] bond1: (slave bond2): Releasing active interface [ 64.720105][ T6690] vlan3: entered allmulticast mode [ 64.722086][ T6690] bond0: entered allmulticast mode [ 64.724739][ T6690] bridge0: port 1(vlan3) entered blocking state [ 64.727164][ T6690] bridge0: port 1(vlan3) entered disabled state [ 64.730695][ T6690] vlan3: entered promiscuous mode [ 64.732621][ T6690] bond0: entered promiscuous mode [ 64.804065][ T5293] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 65.182477][ T6706] overlayfs: failed to clone upperpath [ 65.283134][ T6710] overlayfs: failed to clone upperpath [ 65.331792][ T6712] netlink: 24 bytes leftover after parsing attributes in process `syz.1.246'. [ 65.358386][ T6712] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6712 comm=syz.1.246 [ 65.669519][ T833] usb 7-1: USB disconnect, device number 3 [ 65.768209][ T6734] netlink: 24 bytes leftover after parsing attributes in process `syz.1.255'. [ 65.795836][ T6734] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6734 comm=syz.1.255 [ 66.727809][ T6766] xt_CT: You must specify a L4 protocol and not use inversions on it [ 66.733552][ T6766] netlink: 12 bytes leftover after parsing attributes in process `syz.1.268'. [ 66.806962][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 66.806976][ T40] audit: type=1400 audit(1741720468.055:345): avc: denied { setattr } for pid=6771 comm="syz.2.271" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 66.817531][ T6772] overlayfs: failed to resolve './file0': -14 [ 66.933403][ T6783] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 66.989710][ T6788] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 66.998857][ T40] audit: type=1326 audit(1741720468.245:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6787 comm="syz.3.276" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f672c98d169 code=0x0 [ 67.044434][ T6783] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 67.683622][ T6792] kvm: pic: non byte write [ 67.733620][ T6801] netlink: 'syz.0.281': attribute type 4 has an invalid length. [ 67.807869][ T6808] trusted_key: syz.0.284 sent an empty control message without MSG_MORE. [ 68.218316][ T6835] overlayfs: failed to clone upperpath [ 68.222533][ T40] audit: type=1400 audit(1741720469.465:347): avc: denied { read write } for pid=6832 comm="syz.0.293" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 68.229208][ T40] audit: type=1400 audit(1741720469.465:348): avc: denied { open } for pid=6832 comm="syz.0.293" path="/56/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 68.286865][ T40] audit: type=1400 audit(1741720469.535:349): avc: denied { read } for pid=6839 comm="syz.0.296" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 68.293131][ T40] audit: type=1400 audit(1741720469.535:350): avc: denied { open } for pid=6839 comm="syz.0.296" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 68.299894][ T40] audit: type=1400 audit(1741720469.535:351): avc: denied { ioctl } for pid=6839 comm="syz.0.296" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x9379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 68.310085][ T40] audit: type=1400 audit(1741720469.535:352): avc: denied { write } for pid=6839 comm="syz.0.296" path="socket:[15585]" dev="sockfs" ino=15585 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 68.361809][ T40] audit: type=1400 audit(1741720469.605:353): avc: denied { mount } for pid=6841 comm="syz.1.297" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1 [ 68.387384][ T40] audit: type=1326 audit(1741720469.635:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6841 comm="syz.1.297" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fba0718d169 code=0x0 [ 69.012524][ T6861] syzkaller1: entered promiscuous mode [ 69.014388][ T6861] syzkaller1: entered allmulticast mode [ 69.074641][ T6874] Zero length message leads to an empty skb [ 69.078649][ T6874] Bluetooth: MGMT ver 1.23 [ 70.349577][ T6925] KVM: debugfs: duplicate directory 6925-5 [ 70.412437][ T6928] overlayfs: failed to clone upperpath [ 70.606478][ T6939] xt_hashlimit: size too large, truncated to 1048576 [ 71.118145][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.120721][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.165913][ T6976] netlink: 24 bytes leftover after parsing attributes in process `syz.0.352'. [ 71.193518][ T6976] netlink: 8 bytes leftover after parsing attributes in process `syz.0.352'. [ 71.668273][ T6985] netlink: 28 bytes leftover after parsing attributes in process `syz.1.356'. [ 71.670976][ T6985] netlink: 'syz.1.356': attribute type 7 has an invalid length. [ 71.675093][ T6985] netlink: 'syz.1.356': attribute type 8 has an invalid length. [ 71.677611][ T6985] netlink: 4 bytes leftover after parsing attributes in process `syz.1.356'. [ 71.682485][ T6985] syz_tun: entered promiscuous mode [ 71.686450][ T6985] erspan0: entered promiscuous mode [ 71.688579][ T6985] gretap0: entered promiscuous mode [ 72.020401][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 72.020412][ T40] audit: type=1400 audit(1741720473.265:369): avc: denied { write } for pid=6986 comm="syz.1.357" path="socket:[16869]" dev="sockfs" ino=16869 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 72.249349][ T7001] overlayfs: failed to clone upperpath [ 72.348152][ T40] audit: type=1400 audit(1741720473.595:370): avc: denied { listen } for pid=7011 comm="syz.3.366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 72.353548][ T40] audit: type=1400 audit(1741720473.595:371): avc: denied { accept } for pid=7011 comm="syz.3.366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 72.514421][ T7021] xt_hashlimit: size too large, truncated to 1048576 [ 72.534413][ T63] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 72.684154][ T63] usb 7-1: Using ep0 maxpacket: 8 [ 72.687834][ T63] usb 7-1: config index 0 descriptor too short (expected 192, got 92) [ 72.691182][ T63] usb 7-1: config 0 has too many interfaces: 95, using maximum allowed: 32 [ 72.693816][ T63] usb 7-1: config 0 has an invalid descriptor of length 199, skipping remainder of the config [ 72.697051][ T63] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 95 [ 72.699508][ T63] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 72.702258][ T63] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.712767][ T63] usb 7-1: config 0 descriptor?? [ 72.932272][ T63] usb 7-1: USB disconnect, device number 4 [ 73.373786][ T63] usb 7-1: new low-speed USB device number 5 using dummy_hcd [ 73.493101][ T7039] netlink: 24 bytes leftover after parsing attributes in process `syz.0.375'. [ 73.536572][ T63] usb 7-1: config index 0 descriptor too short (expected 192, got 92) [ 73.538865][ T7039] netlink: 4 bytes leftover after parsing attributes in process `syz.0.375'. [ 73.539032][ T63] usb 7-1: config 0 has too many interfaces: 95, using maximum allowed: 32 [ 73.545435][ T40] audit: type=1400 audit(1741720474.795:372): avc: denied { setopt } for pid=7040 comm="syz.1.377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 73.548814][ T63] usb 7-1: config 0 has an invalid descriptor of length 199, skipping remainder of the config [ 73.554487][ T63] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 95 [ 73.557168][ T63] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 73.559906][ T63] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.570275][ T63] usb 7-1: config 0 descriptor?? [ 73.652923][ T7043] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 73.908012][ T7056] netlink: 24 bytes leftover after parsing attributes in process `syz.0.382'. [ 73.980221][ T7057] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 74.142789][ T7063] netlink: 12 bytes leftover after parsing attributes in process `syz.3.385'. [ 74.706803][ T7079] netlink: 4 bytes leftover after parsing attributes in process `syz.0.391'. [ 74.776133][ T7082] netlink: 12 bytes leftover after parsing attributes in process `syz.1.392'. [ 74.877150][ T40] audit: type=1400 audit(1741720476.125:373): avc: denied { ioctl } for pid=7084 comm="syz.0.395" path="socket:[14141]" dev="sockfs" ino=14141 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 74.977007][ T40] audit: type=1800 audit(1741720476.225:374): pid=7095 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.399" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 75.223819][ T7110] tipc: Failed to remove unknown binding: 66,1,1/0:1254357803/1254357805 [ 75.226583][ T7110] tipc: Failed to remove unknown binding: 66,1,1/0:1254357803/1254357805 [ 75.234096][ T5947] usb 7-1: USB disconnect, device number 5 [ 75.267989][ T7115] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=343 sclass=netlink_route_socket pid=7115 comm=syz.1.408 [ 75.405650][ T7121] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.423036][ T7126] netlink: 'syz.2.411': attribute type 10 has an invalid length. [ 75.451736][ T7126] team0: Failed to send port change of device geneve0 via netlink (err -105) [ 75.456806][ T7126] team0: Failed to send options change via netlink (err -105) [ 75.459432][ T7126] team0: Port device geneve0 added [ 75.471071][ T7128] overlayfs: failed to clone upperpath [ 75.499486][ T7121] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.564891][ T7121] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.696674][ T7121] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.708819][ T7137] vlan2: entered promiscuous mode [ 75.710906][ T7137] vlan2: entered allmulticast mode [ 75.787394][ T7121] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.793548][ T7121] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.801674][ T7121] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.808058][ T7121] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.033813][ T40] audit: type=1400 audit(1741720477.265:375): avc: denied { nlmsg_write } for pid=7145 comm="syz.2.422" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 76.305721][ T40] audit: type=1400 audit(1741720477.555:376): avc: denied { read } for pid=7164 comm="syz.0.429" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 76.307585][ T7165] program syz.0.429 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 76.312028][ T40] audit: type=1400 audit(1741720477.555:377): avc: denied { open } for pid=7164 comm="syz.0.429" path="/104/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 76.387416][ T7169] bridge_slave_0: left promiscuous mode [ 76.389691][ T7169] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.396385][ T7169] bond0: (slave bond_slave_0): Releasing backup interface [ 76.402675][ T7169] bond0: (slave bond_slave_1): Releasing backup interface [ 76.414267][ T7169] team0: Port device team_slave_0 removed [ 76.419615][ T7169] team0: Port device team_slave_1 removed [ 76.422015][ T7169] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 76.430360][ T7169] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 76.439877][ T7169] bond2: (slave geneve2): Releasing active interface [ 76.441412][ T7173] __nla_validate_parse: 4 callbacks suppressed [ 76.441424][ T7173] netlink: 4 bytes leftover after parsing attributes in process `syz.1.432'. [ 76.448482][ T7169] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 20000 - 0 [ 76.451258][ T7169] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 20000 - 0 [ 76.454695][ T7169] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 20000 - 0 [ 76.457176][ T7169] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 20000 - 0 [ 76.461939][ T7171] netlink: 4 bytes leftover after parsing attributes in process `syz.2.431'. [ 76.479638][ T7174] team0: Mode changed to "loadbalance" [ 76.489263][ T7173] netlink: 12 bytes leftover after parsing attributes in process `syz.1.432'. [ 76.502767][ T40] audit: type=1400 audit(1741720477.745:378): avc: denied { write } for pid=7168 comm="syz.0.430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 76.503627][ T7169] vlan0: entered promiscuous mode [ 76.509673][ T7169] vlan0: left allmulticast mode [ 76.571412][ T7178] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7178 comm=syz.0.434 [ 76.575513][ T7178] netlink: 'syz.0.434': attribute type 1 has an invalid length. [ 76.594476][ T7178] 8021q: adding VLAN 0 to HW filter on device bond3 [ 76.608656][ T7178] bond3: (slave ip6gretap1): making interface the new active one [ 76.611337][ T7178] bond3: (slave ip6gretap1): Enslaving as an active interface with an up link [ 76.622990][ T7178] vlan3: entered promiscuous mode [ 76.625183][ T7178] bond3: entered promiscuous mode [ 76.626669][ T7178] ip6gretap1: entered promiscuous mode [ 76.628430][ T7178] vlan3: entered allmulticast mode [ 76.629944][ T7178] bond3: entered allmulticast mode [ 76.631407][ T7178] ip6gretap1: entered allmulticast mode [ 77.233346][ T7190] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 77.233346][ T7190] The task syz.1.437 (7190) triggered the difference, watch for misbehavior. [ 77.285718][ T40] audit: type=1400 audit(1741720478.535:379): avc: denied { name_bind } for pid=7191 comm="syz.3.438" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 77.913969][ T5293] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 77.917173][ T5293] Bluetooth: hci2: Injecting HCI hardware error event [ 77.921767][ T5945] Bluetooth: hci2: hardware error 0x00 [ 78.038618][ T7198] netlink: 'syz.1.440': attribute type 27 has an invalid length. [ 78.081326][ T7198] bond0: left allmulticast mode [ 78.082719][ T7198] bond0: left promiscuous mode [ 78.151070][ T40] audit: type=1400 audit(1741720479.395:380): avc: denied { create } for pid=7203 comm="syz.3.441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 78.156539][ T5293] Bluetooth: hci3: Unknown advertising packet type: 0x19 [ 78.158666][ T5293] Bluetooth: hci3: Unknown advertising packet type: 0x1f [ 78.161053][ T5293] Bluetooth: hci3: Unknown advertising packet type: 0x31 [ 78.163066][ T5293] Bluetooth: hci3: Malformed LE Event: 0x0d [ 78.225756][ T7198] veth1_macvtap: left allmulticast mode [ 78.237416][ T7198] macsec0: left allmulticast mode [ 78.248321][ T7198] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.250960][ T7198] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.254291][ T7198] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.257225][ T7198] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.281217][ T7198] vlan2: left allmulticast mode [ 78.287108][ T7198] bond2: left allmulticast mode [ 78.289848][ T7198] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 78.292470][ T7198] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 78.295740][ T7198] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 78.298214][ T7198] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 78.303874][ T7198] vxlan0: left promiscuous mode [ 78.336940][ T7202] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.339047][ T7202] bond0: entered allmulticast mode [ 78.340490][ T7202] bond0: entered promiscuous mode [ 78.342769][ T7202] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.350312][ T7202] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 78.544402][ T7206] kvm: kvm [7205]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x2d4 [ 78.562375][ T7206] kvm: kvm [7205]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x498 [ 78.747196][ T7214] netlink: 'syz.3.445': attribute type 4 has an invalid length. [ 78.771648][ T40] audit: type=1400 audit(1741720480.015:381): avc: denied { connect } for pid=7215 comm="syz.0.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 78.777666][ T40] audit: type=1400 audit(1741720480.015:382): avc: denied { setopt } for pid=7215 comm="syz.0.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 78.783138][ T40] audit: type=1400 audit(1741720480.015:383): avc: denied { bind } for pid=7215 comm="syz.0.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 78.833413][ T40] audit: type=1400 audit(1741720480.075:384): avc: denied { write } for pid=7215 comm="syz.0.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 78.865695][ T7221] netlink: 12 bytes leftover after parsing attributes in process `syz.0.448'. [ 78.922158][ T7223] xt_hashlimit: size too large, truncated to 1048576 [ 78.935799][ T5293] Bluetooth: hci3: unexpected event 0x03 length: 17 > 11 [ 78.943130][ T7227] bridge: RTM_NEWNEIGH with invalid ether address [ 79.189723][ T7241] netlink: 36 bytes leftover after parsing attributes in process `syz.1.456'. [ 79.192132][ T7241] netlink: 16 bytes leftover after parsing attributes in process `syz.1.456'. [ 79.195499][ T7241] netlink: 36 bytes leftover after parsing attributes in process `syz.1.456'. [ 79.198296][ T7241] netlink: 36 bytes leftover after parsing attributes in process `syz.1.456'. [ 79.230324][ T40] audit: type=1400 audit(1741720480.475:385): avc: denied { read } for pid=7242 comm="syz.0.457" name="uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 79.277028][ T7243] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 79.284588][ T7243] picdev_read: 40 callbacks suppressed [ 79.284599][ T7243] kvm: pic: non byte read [ 79.288933][ T7243] kvm: pic: level sensitive irq not supported [ 79.289197][ T7243] kvm: pic: non byte read [ 79.720496][ T40] audit: type=1400 audit(1741720480.965:386): avc: denied { write } for pid=7265 comm="syz.3.466" lport=40167 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 79.728787][ T40] audit: type=1400 audit(1741720480.965:387): avc: denied { setopt } for pid=7265 comm="syz.3.466" lport=40167 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 79.767999][ T7270] netlink: 24 bytes leftover after parsing attributes in process `syz.3.468'. [ 79.768172][ T40] audit: type=1400 audit(1741720481.015:388): avc: denied { bind } for pid=7271 comm="syz.1.469" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 79.781628][ T7272] netlink: 4 bytes leftover after parsing attributes in process `syz.1.469'. [ 79.993883][ T5945] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 80.013230][ T7274] kvm: kvm [7273]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x54 [ 80.292074][ T7285] Bluetooth: (null): Invalid header checksum [ 80.433728][ T5974] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 80.563412][ T7287] kvm: kvm [7286]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x773 [ 80.581635][ T7287] kvm: kvm [7286]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x2eca [ 80.583795][ T5974] usb 7-1: Using ep0 maxpacket: 8 [ 80.588179][ T5974] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.592279][ T5974] usb 7-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 80.598206][ T5974] usb 7-1: config 0 interface 0 has no altsetting 0 [ 80.601362][ T5974] usb 7-1: New USB device found, idVendor=0458, idProduct=4018, bcdDevice= 0.00 [ 80.604746][ T5974] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.610350][ T5974] usb 7-1: config 0 descriptor?? [ 80.680513][ T7298] team0: Mode changed to "loadbalance" [ 80.728979][ T7300] nlmon0: Master is either lo or non-ether device [ 80.953860][ T5945] Bluetooth: hci3: command 0x040f tx timeout [ 81.079429][ T5974] usbhid 7-1:0.0: can't add hid device: -71 [ 81.081297][ T5974] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 81.085635][ T5974] usb 7-1: USB disconnect, device number 6 [ 81.358552][ T1332] cfg80211: failed to load regulatory.db [ 81.689469][ T7320] [ 81.892534][ T7341] __nla_validate_parse: 1 callbacks suppressed [ 81.892551][ T7341] netlink: 36 bytes leftover after parsing attributes in process `syz.3.489'. [ 82.037124][ T7359] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 82.081986][ T5974] IPVS: starting estimator thread 0... [ 82.092955][ T7359] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 82.097615][ T7359] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 82.173839][ T7364] IPVS: using max 36 ests per chain, 86400 per kthread [ 82.205250][ T7372] netlink: 24 bytes leftover after parsing attributes in process `syz.0.500'. [ 82.231646][ T7372] sch_tbf: burst 88 is lower than device veth7 mtu (1514) ! [ 82.286921][ T7376] netlink: 8 bytes leftover after parsing attributes in process `syz.0.503'. [ 82.392991][ T40] kauditd_printk_skb: 5 callbacks suppressed [ 82.393008][ T40] audit: type=1804 audit(1741720483.635:394): pid=7382 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.0.506" name="/newroot/131/file1" dev="fuse" ino=1 res=1 errno=0 [ 82.402076][ T40] audit: type=1800 audit(1741720483.635:395): pid=7382 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.506" name="/" dev="fuse" ino=1 res=0 errno=0 [ 82.481446][ T7390] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2248643489 (17989147912 ns) > initial count (11631199424 ns). Using initial count to start timer. [ 82.636719][ T7394] netlink: 'syz.1.509': attribute type 1 has an invalid length. [ 82.658791][ T7394] 8021q: adding VLAN 0 to HW filter on device bond3 [ 82.680741][ T7394] bond3: (slave ip6erspan0): making interface the new active one [ 82.685276][ T7394] bond3: (slave ip6erspan0): Enslaving as an active interface with an up link [ 82.755186][ T7399] kvm: emulating exchange as write [ 82.917763][ T40] audit: type=1400 audit(1741720484.165:396): avc: denied { write } for pid=7408 comm="syz.3.515" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 82.953346][ T7411] mac80211_hwsim hwsim6 syzkaller0: entered promiscuous mode [ 82.957556][ T7411] mac80211_hwsim hwsim6 syzkaller0: entered allmulticast mode [ 83.033779][ T5945] Bluetooth: hci3: command 0x040f tx timeout [ 83.192311][ T7424] netlink: 'syz.0.522': attribute type 1 has an invalid length. [ 83.208824][ T7424] netlink: 8 bytes leftover after parsing attributes in process `syz.0.522'. [ 83.215834][ T7424] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 83.220358][ T7424] bond4: (slave batadv1): Enslaving as a backup interface with an up link [ 83.233011][ T7424] bond4 (unregistering): (slave batadv1): Releasing backup interface [ 83.237200][ T7424] bond4 (unregistering): Released all slaves [ 83.323274][ T7428] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.357570][ T7430] mac80211_hwsim hwsim6 syzkaller0: left allmulticast mode [ 83.370562][ T7433] netlink: 4 bytes leftover after parsing attributes in process `syz.2.523'. [ 83.373385][ T7433] team1 (uninitialized): Failed to send options change via netlink (err -105) [ 83.381705][ T7433] 8021q: adding VLAN 0 to HW filter on device team1 [ 83.398978][ T7428] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.482762][ T7428] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.489451][ T40] audit: type=1400 audit(1741720484.735:397): avc: denied { watch watch_reads } for pid=7438 comm="syz.3.529" path="/115/file0" dev="tmpfs" ino=672 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 83.553164][ T7441] netlink: 'syz.0.527': attribute type 10 has an invalid length. [ 83.556166][ T7441] mac80211_hwsim hwsim7 wlan1: left allmulticast mode [ 83.562090][ T7441] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 83.565403][ T7441] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 83.620476][ T7428] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.697906][ T7428] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.704598][ T7428] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.723035][ T7428] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.730414][ T7428] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.943406][ T7448] could not allocate digest TFM handle cryptd(blake2b-160) [ 84.085611][ T7475] netlink: 'syz.2.541': attribute type 7 has an invalid length. [ 84.088187][ T7475] netlink: 8 bytes leftover after parsing attributes in process `syz.2.541'. [ 84.819735][ T7499] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4017050179 (64272802864 ns) > initial count (43813986880 ns). Using initial count to start timer. [ 84.836761][ T40] audit: type=1400 audit(1741720486.085:398): avc: denied { read } for pid=7498 comm="syz.3.550" name="rtc0" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 84.846009][ T40] audit: type=1400 audit(1741720486.085:399): avc: denied { open } for pid=7498 comm="syz.3.550" path="/dev/rtc0" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 84.861696][ T7499] kvm: pic: single mode not supported [ 84.866259][ T7499] kvm: pic: single mode not supported [ 84.952623][ T7483] Set syz1 is full, maxelem 65536 reached [ 85.203954][ T5293] Bluetooth: hci3: command 0x040f tx timeout [ 85.703336][ T7523] netlink: 4 bytes leftover after parsing attributes in process `syz.1.559'. [ 85.738674][ T7527] overlayfs: statfs failed on './file0' [ 85.760279][ T7528] netlink: 4 bytes leftover after parsing attributes in process `syz.1.559'. [ 85.781017][ T7530] vlan2: entered allmulticast mode [ 85.878783][ T7534] capability: warning: `syz.2.564' uses deprecated v2 capabilities in a way that may be insecure [ 85.980733][ T7539] netlink: 4 bytes leftover after parsing attributes in process `syz.2.567'. [ 86.078893][ T40] audit: type=1400 audit(1741720487.325:400): avc: denied { read } for pid=7542 comm="syz.3.568" laddr=127.0.0.1 lport=33384 faddr=127.0.0.1 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 87.237685][ T7554] overlayfs: failed to clone upperpath [ 88.021957][ T7578] netlink: 4 bytes leftover after parsing attributes in process `syz.3.581'. [ 88.031284][ T7580] netlink: 4 bytes leftover after parsing attributes in process `syz.1.582'. [ 88.094529][ T7584] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 88.695226][ T40] audit: type=1400 audit(1741720489.945:401): avc: denied { bind } for pid=7607 comm="syz.2.593" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 88.993109][ T40] audit: type=1400 audit(1741720490.235:402): avc: denied { read } for pid=7617 comm="syz.2.598" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 89.148462][ T7637] netlink: 28 bytes leftover after parsing attributes in process `syz.2.606'. [ 89.649408][ T7661] overlayfs: metacopy with no lower data found - abort lookup (/bus) [ 89.797771][ T7667] orangefs_devreq_open: device cannot be opened in blocking mode [ 90.164881][ T40] audit: type=1400 audit(1741720491.415:403): avc: denied { read write } for pid=7679 comm="syz.3.624" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 90.169129][ T7680] loop6: detected capacity change from 0 to 63 [ 90.171911][ T40] audit: type=1400 audit(1741720491.415:404): avc: denied { open } for pid=7679 comm="syz.3.624" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 90.177418][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 90.181164][ T40] audit: type=1400 audit(1741720491.415:405): avc: denied { append } for pid=7679 comm="syz.3.624" name="loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 90.184141][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 90.193386][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 90.195847][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 90.199456][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 90.202016][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 90.204793][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 90.207093][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 90.209283][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 90.212351][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 90.215721][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 90.218622][ T40] audit: type=1400 audit(1741720491.465:406): avc: denied { map } for pid=7679 comm="syz.3.624" path="/dev/loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 90.218710][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 90.226424][ T40] audit: type=1400 audit(1741720491.465:407): avc: denied { execute } for pid=7679 comm="syz.3.624" path="/dev/loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 90.229492][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 90.240443][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 90.243963][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 90.246683][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 90.249867][ T7680] ldm_validate_partition_table(): Disk read failed. [ 90.250332][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 90.254920][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 90.257303][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 90.259825][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 90.264693][ T7680] Dev loop6: unable to read RDB block 0 [ 90.267676][ T7680] loop6: unable to read partition table [ 90.269347][ T7680] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾‚³˜) failed (rc=-5) [ 90.399407][ T40] audit: type=1400 audit(1741720491.645:408): avc: denied { append } for pid=7689 comm="syz.3.627" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 90.407068][ C1] vcan0: j1939_tp_rxtimer: 0xffff88803577f000: rx timeout, send abort [ 90.412282][ C1] vcan0: j1939_tp_rxtimer: 0xffff88804f6df400: rx timeout, send abort [ 90.438476][ T40] audit: type=1400 audit(1741720491.685:409): avc: denied { mount } for pid=7691 comm="syz.2.628" name="/" dev="ramfs" ino=21553 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 90.444727][ T7692] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 90.470876][ T40] audit: type=1400 audit(1741720491.715:410): avc: denied { unmount } for pid=5938 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 90.605663][ T7703] block device autoloading is deprecated and will be removed. [ 90.610642][ T7697] md: md2 stopped. [ 90.911559][ C1] vcan0: j1939_tp_rxtimer: 0xffff88803577f000: abort rx timeout. Force session deactivation [ 90.916977][ C1] vcan0: j1939_tp_rxtimer: 0xffff88804f6df400: abort rx timeout. Force session deactivation [ 91.910384][ T7742] netlink: 8 bytes leftover after parsing attributes in process `syz.1.647'. [ 92.411305][ T7754] netlink: 'syz.2.652': attribute type 39 has an invalid length. [ 92.558895][ T7770] tipc: Enabling of bearer rejected, failed to enable media [ 93.102995][ T7797] netlink: 12 bytes leftover after parsing attributes in process `syz.2.669'. [ 93.444431][ T5974] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 93.492582][ T7805] overlayfs: failed to clone upperpath [ 93.607103][ T5974] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 93.611247][ T5974] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 93.615981][ T5974] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 93.620780][ T5974] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 93.621917][ T7813] overlayfs: failed to clone lowerpath [ 93.624300][ T5974] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.626304][ T5974] usb 7-1: config 0 descriptor?? [ 93.631973][ T7801] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 93.688084][ T7815] netlink: 'syz.1.679': attribute type 10 has an invalid length. [ 93.694211][ T7815] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode [ 93.696986][ T7815] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 93.701270][ T7815] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 93.731407][ T40] kauditd_printk_skb: 6 callbacks suppressed [ 93.731421][ T40] audit: type=1800 audit(1741720494.975:417): pid=7793 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.667" name="/" dev="fuse" ino=0 res=0 errno=0 [ 93.801345][ T7821] capability: warning: `syz.3.681' uses 32-bit capabilities (legacy support in use) [ 93.908571][ T7830] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 94.049538][ T5974] plantronics 0003:047F:FFFF.0002: unknown main item tag 0xd [ 94.054887][ T5974] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 94.064007][ T5974] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 94.309217][ T5974] usb 7-1: USB disconnect, device number 7 [ 94.970647][ T7853] netlink: 4 bytes leftover after parsing attributes in process `syz.2.693'. [ 94.974176][ T7853] bridge_slave_1: left allmulticast mode [ 94.976398][ T7853] bridge_slave_1: left promiscuous mode [ 94.978649][ T7853] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.989066][ T7853] bridge_slave_0: left allmulticast mode [ 94.991192][ T7853] bridge_slave_0: left promiscuous mode [ 94.993513][ T7853] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.016820][ T7857] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7857 comm=syz.1.696 [ 95.226286][ T7865] netlink: 4 bytes leftover after parsing attributes in process `syz.2.700'. [ 95.369107][ T7873] tipc: Enabling of bearer rejected, failed to enable media [ 95.677545][ T40] audit: type=1400 audit(1741720496.925:418): avc: denied { bind } for pid=7884 comm="syz.1.710" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 95.783757][ T7889] overlayfs: failed to clone upperpath [ 96.765580][ T7910] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 96.770521][ T40] audit: type=1400 audit(1741720498.015:419): avc: denied { shutdown } for pid=7909 comm="syz.2.720" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 96.776800][ T40] audit: type=1400 audit(1741720498.015:420): avc: denied { ioctl } for pid=7909 comm="syz.2.720" path="/dev/rtc0" dev="devtmpfs" ino=944 ioctlcmd=0x7013 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 96.805004][ T40] audit: type=1400 audit(1741720498.055:421): avc: denied { search } for pid=7911 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 96.811953][ T40] audit: type=1400 audit(1741720498.055:422): avc: denied { read } for pid=7912 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1770 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 96.818444][ T40] audit: type=1400 audit(1741720498.055:423): avc: denied { open } for pid=7912 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1770 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 96.825498][ T40] audit: type=1400 audit(1741720498.055:424): avc: denied { getattr } for pid=7912 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1770 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 96.833596][ T40] audit: type=1400 audit(1741720498.065:425): avc: denied { write } for pid=7911 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1769 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 96.840610][ T40] audit: type=1400 audit(1741720498.065:426): avc: denied { add_name } for pid=7911 comm="dhcpcd-run-hook" name="resolv.conf.lapb5.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 97.213809][ T833] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 97.214416][ T7945] overlayfs: failed to clone upperpath [ 97.383860][ T833] usb 8-1: Using ep0 maxpacket: 8 [ 97.386616][ T833] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 97.388968][ T833] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 97.394772][ T833] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 97.405240][ T833] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 97.408659][ T833] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 97.418799][ T833] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 97.426445][ T833] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.590657][ T7910] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 97.592577][ T7910] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 97.596423][ T7977] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 97.599659][ T7977] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 97.604739][ T7977] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 97.616217][ T7910] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 97.620062][ T7910] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 97.657031][ T833] usb 8-1: usb_control_msg returned -32 [ 97.659440][ T833] usbtmc 8-1:16.0: can't read capabilities [ 97.796767][ T7991] netlink: 'syz.0.743': attribute type 10 has an invalid length. [ 97.800288][ T7991] veth0_vlan: left promiscuous mode [ 97.806896][ T7991] veth0_vlan: entered promiscuous mode [ 97.809479][ T7991] team0: Device veth0_vlan failed to register rx_handler [ 97.883006][ T7998] kvm: MWAIT instruction emulated as NOP! [ 97.979563][ T8004] overlayfs: failed to clone upperpath [ 98.365957][ T8023] usbtmc 8-1:16.0: INITIATE_ABORT_BULK_OUT returned 7 [ 98.756545][ T8046] overlayfs: failed to clone upperpath [ 98.783585][ T8042] kvm: pic: non byte write [ 99.201788][ T40] kauditd_printk_skb: 4 callbacks suppressed [ 99.201803][ T40] audit: type=1400 audit(1741720500.445:431): avc: denied { mounton } for pid=8054 comm="syz.0.768" path="/164/file0" dev="tmpfs" ino=934 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1 [ 99.362005][ T8062] netlink: 8 bytes leftover after parsing attributes in process `syz.0.770'. [ 99.389135][ T8064] overlayfs: failed to clone upperpath [ 99.683766][ T57] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 99.843854][ T57] usb 5-1: Using ep0 maxpacket: 16 [ 99.847736][ T57] usb 5-1: config 0 has an invalid interface number: 29 but max is 0 [ 99.851631][ T57] usb 5-1: config 0 has no interface number 0 [ 99.854137][ T57] usb 5-1: config 0 interface 29 altsetting 0 bulk endpoint 0xA has invalid maxpacket 16 [ 99.858106][ T57] usb 5-1: config 0 interface 29 altsetting 0 endpoint 0x82 has invalid maxpacket 1104, setting to 1024 [ 99.862322][ T57] usb 5-1: config 0 interface 29 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 99.863730][ T8080] netlink: 4 bytes leftover after parsing attributes in process `syz.2.778'. [ 99.868274][ T57] usb 5-1: New USB device found, idVendor=050d, idProduct=2102, bcdDevice=70.d0 [ 99.871737][ T57] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 99.872055][ T8080] netlink: 12 bytes leftover after parsing attributes in process `syz.2.778'. [ 99.874986][ T57] usb 5-1: Product: syz [ 99.878883][ T57] usb 5-1: Manufacturer: syz [ 99.880668][ T57] usb 5-1: SerialNumber: syz [ 99.886098][ T57] usb 5-1: config 0 descriptor?? [ 99.888755][ T8068] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 99.891660][ T8068] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 99.967150][ T6240] usb 8-1: USB disconnect, device number 2 [ 100.099263][ T57] usb 5-1: USB disconnect, device number 2 [ 100.102029][ T8089] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 100.245188][ T8097] netlink: 'syz.3.784': attribute type 1 has an invalid length. [ 100.258990][ T8097] bond1: entered promiscuous mode [ 100.260666][ T8097] 8021q: adding VLAN 0 to HW filter on device bond1 [ 100.280282][ T8097] 8021q: adding VLAN 0 to HW filter on device bond2 [ 100.284943][ T8097] bond1: (slave bond2): making interface the new active one [ 100.287108][ T8097] bond2: entered promiscuous mode [ 100.289009][ T8097] bond1: (slave bond2): Enslaving as an active interface with an up link [ 100.723203][ T8133] netlink: 8 bytes leftover after parsing attributes in process `syz.0.796'. [ 100.728173][ T40] audit: type=1400 audit(1741720501.975:432): avc: denied { read } for pid=8125 comm="syz.1.793" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 100.781710][ T40] audit: type=1400 audit(1741720502.025:433): avc: denied { connect } for pid=8136 comm="syz.0.798" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 100.832898][ T40] audit: type=1400 audit(1741720502.075:434): avc: denied { write } for pid=8136 comm="syz.0.798" path="socket:[20400]" dev="sockfs" ino=20400 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 100.847235][ T40] audit: type=1400 audit(1741720502.095:435): avc: denied { append } for pid=8140 comm="syz.3.799" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 100.859053][ T8126] GUP no longer grows the stack in syz.1.793 (8126): 400000004000-40000000a000 (400000002000) [ 100.862676][ T8126] CPU: 2 UID: 0 PID: 8126 Comm: syz.1.793 Not tainted 6.14.0-rc6-syzkaller-00007-g0b46b049d6ec #0 [ 100.862715][ T8126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 100.862723][ T8126] Call Trace: [ 100.862727][ T8126] [ 100.862732][ T8126] dump_stack_lvl+0x16c/0x1f0 [ 100.862766][ T8126] gup_vma_lookup+0x1d2/0x220 [ 100.862785][ T8126] __get_user_pages+0x236/0x36f0 [ 100.862796][ T8126] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 100.862814][ T8126] ? __gup_longterm_locked+0x124/0x1870 [ 100.862825][ T8126] ? __gup_longterm_locked+0x124/0x1870 [ 100.862836][ T8126] ? __pfx___get_user_pages+0x10/0x10 [ 100.862845][ T8126] ? down_read_killable+0xcc/0x380 [ 100.862862][ T8126] ? __pfx_down_read_killable+0x10/0x10 [ 100.862876][ T8126] ? mark_lock+0xb5/0xc60 [ 100.862890][ T8126] ? find_held_lock+0x2d/0x110 [ 100.862902][ T8126] __gup_longterm_locked+0x212/0x1870 [ 100.862913][ T8126] ? __pfx_lock_release+0x10/0x10 [ 100.862926][ T8126] ? trace_lock_acquire+0x14e/0x1f0 [ 100.862940][ T8126] ? __pfx___gup_longterm_locked+0x10/0x10 [ 100.862949][ T8126] ? gup_fast_fallback+0x84c/0x2690 [ 100.862959][ T8126] ? __pfx_lock_release+0x10/0x10 [ 100.862975][ T8126] ? mark_held_locks+0x9f/0xe0 [ 100.862990][ T8126] gup_fast_fallback+0x1802/0x2690 [ 100.863007][ T8126] ? __pfx_gup_fast_fallback+0x10/0x10 [ 100.863020][ T8126] ? hlock_class+0x4e/0x130 [ 100.863033][ T8126] get_user_pages_fast+0xa8/0x100 [ 100.863042][ T8126] ? __pfx_get_user_pages_fast+0x10/0x10 [ 100.863053][ T8126] ? __mutex_trylock_common+0xea/0x250 [ 100.863069][ T8126] __iov_iter_get_pages_alloc+0x8ed/0x2280 [ 100.863088][ T8126] ? trace_contention_end+0xee/0x140 [ 100.863104][ T8126] ? __mutex_lock+0x1cc/0xb10 [ 100.863118][ T8126] ? __pfx___iov_iter_get_pages_alloc+0x10/0x10 [ 100.863129][ T8126] ? pipe_lock+0x64/0x80 [ 100.863142][ T8126] ? __fget_files+0x1fc/0x3a0 [ 100.863153][ T8126] ? __pfx___mutex_lock+0x10/0x10 [ 100.863165][ T8126] ? import_ubuf+0x1b6/0x220 [ 100.863178][ T8126] iov_iter_get_pages2+0xa4/0x100 [ 100.863193][ T8126] ? __pfx_iov_iter_get_pages2+0x10/0x10 [ 100.863204][ T8126] ? wait_for_space+0x224/0x2d0 [ 100.863223][ T8126] __do_sys_vmsplice+0xa13/0xef0 [ 100.863241][ T8126] ? __pfx___do_sys_vmsplice+0x10/0x10 [ 100.863261][ T8126] ? __pfx_futex_wait+0x10/0x10 [ 100.863277][ T8126] ? restore_sigcontext+0x4d2/0x6a0 [ 100.863308][ T8126] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 100.863324][ T8126] ? do_syscall_64+0xcd/0x250 [ 100.863337][ T8126] do_syscall_64+0xcd/0x250 [ 100.863351][ T8126] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.863365][ T8126] RIP: 0033:0x7fba0718d169 [ 100.863374][ T8126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.863383][ T8126] RSP: 002b:00007fba07f7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 100.863393][ T8126] RAX: ffffffffffffffda RBX: 00007fba073a5fa0 RCX: 00007fba0718d169 [ 100.863399][ T8126] RDX: 0000000000000001 RSI: 00004000000000c0 RDI: 0000000000000005 [ 100.863405][ T8126] RBP: 00007fba0720e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 100.863410][ T8126] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 100.863416][ T8126] R13: 0000000000000000 R14: 00007fba073a5fa0 R15: 00007ffdf736eef8 [ 100.863434][ T8126] [ 101.185527][ T40] audit: type=1400 audit(1741720502.435:436): avc: denied { read } for pid=8147 comm="syz.1.802" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 101.233903][ T8150] xt_hashlimit: size too large, truncated to 1048576 [ 101.407290][ T40] audit: type=1400 audit(1741720502.655:437): avc: denied { connect } for pid=8155 comm="syz.1.805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 101.409132][ T8156] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 101.434116][ T31] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 101.512280][ T8160] syz_tun (unregistering): left promiscuous mode [ 101.544988][ T8162] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 101.612758][ T40] audit: type=1400 audit(1741720502.855:438): avc: denied { getopt } for pid=8163 comm="syz.2.809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 101.660967][ T40] audit: type=1400 audit(1741720502.905:439): avc: denied { create } for pid=8170 comm="syz.2.812" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 101.913952][ T57] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 101.964103][ T31] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 102.074613][ T57] usb 7-1: Using ep0 maxpacket: 8 [ 102.083284][ T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 102.087345][ T57] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 102.092805][ T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.099818][ T57] usb 7-1: config 0 descriptor?? [ 102.256168][ T40] audit: type=1400 audit(1741720503.505:440): avc: denied { attach_queue } for pid=8200 comm="syz.0.824" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 102.309005][ T57] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 102.414226][ T8210] overlay: ./file0 is not a directory [ 102.510993][ T6240] usb 7-1: USB disconnect, device number 8 [ 102.607644][ T8223] netlink: 'syz.1.834': attribute type 4 has an invalid length. [ 102.714706][ T8228] ref_ctr increment failed for inode: 0x6a5 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88802ab81400 [ 102.721102][ T8227] uprobe: syz.1.836:8227 failed to unregister, leaking uprobe [ 103.842152][ T8271] netlink: 'syz.1.851': attribute type 10 has an invalid length. [ 104.333795][ T8284] netlink: 24 bytes leftover after parsing attributes in process `syz.1.857'. [ 104.371908][ T8284] netlink: 8 bytes leftover after parsing attributes in process `syz.1.857'. [ 104.475520][ T8295] overlayfs: failed to clone lowerpath [ 104.711376][ T8304] netlink: 'syz.0.873': attribute type 39 has an invalid length. [ 105.199137][ T8323] xt_hashlimit: size too large, truncated to 1048576 [ 105.622274][ T8346] netlink: 'syz.1.878': attribute type 1 has an invalid length. [ 105.656024][ T8346] 8021q: adding VLAN 0 to HW filter on device bond4 [ 105.664931][ T8346] vlan4: entered promiscuous mode [ 105.667696][ T8346] bond4: entered promiscuous mode [ 105.678362][ T8346] bond4: left promiscuous mode [ 105.781883][ T8352] vlan2: entered promiscuous mode [ 105.783492][ T8352] vlan2: entered allmulticast mode [ 105.785892][ T8352] hsr_slave_1: entered allmulticast mode [ 105.964574][ T8374] overlayfs: failed to clone upperpath [ 106.243433][ T8391] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 106.249821][ T8391] kvm: pic: non byte read [ 106.252340][ T8391] kvm: pic: level sensitive irq not supported [ 106.252600][ T8391] kvm: pic: non byte read [ 106.256952][ T8391] kvm: pic: level sensitive irq not supported [ 106.257214][ T8391] kvm: pic: non byte read [ 106.373001][ T8401] xt_hashlimit: size too large, truncated to 1048576 [ 106.482799][ T8408] netlink: 4 bytes leftover after parsing attributes in process `syz.3.901'. [ 106.894793][ T8410] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 106.902652][ T8410] kvm: pic: non byte read [ 106.907500][ T8410] kvm: pic: non byte read [ 106.909858][ T8410] kvm: pic: non byte read [ 106.912039][ T8410] kvm: pic: non byte read [ 106.915096][ T8410] kvm: pic: non byte read [ 106.917548][ T8410] kvm: pic: non byte read [ 106.919897][ T8410] kvm: pic: non byte read [ 106.925591][ T8410] kvm: pic: level sensitive irq not supported [ 106.927463][ T8410] kvm: pic: level sensitive irq not supported [ 106.932124][ T8410] kvm: pic: level sensitive irq not supported [ 106.938064][ T8410] kvm: pic: single mode not supported [ 106.942251][ T8410] kvm: pic: single mode not supported [ 106.945481][ T8410] kvm: pic: single mode not supported [ 106.950007][ T8410] kvm: pic: single mode not supported [ 106.952882][ T8410] kvm: pic: single mode not supported [ 106.953923][ C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 106.974298][ T8410] kvm: pic: level sensitive irq not supported [ 107.269139][ T8418] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 107.300322][ T8425] netlink: 8 bytes leftover after parsing attributes in process `syz.1.907'. [ 107.389801][ T40] kauditd_printk_skb: 1 callbacks suppressed [ 107.389816][ T40] audit: type=1400 audit(1741720508.635:442): avc: denied { remount } for pid=8426 comm="syz.1.909" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 107.529166][ T8438] netlink: 24 bytes leftover after parsing attributes in process `syz.1.912'. [ 107.558761][ T8438] sch_tbf: burst 88 is lower than device veth11 mtu (1514) ! [ 108.131481][ T8463] tipc: Failed to remove unknown binding: 66,1,1/0:1837322230/1837322232 [ 108.134132][ T8463] tipc: Failed to remove unknown binding: 66,1,1/0:1837322230/1837322232 [ 108.660548][ T833] IPVS: starting estimator thread 0... [ 108.660627][ T8476] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8476 comm=syz.0.930 [ 108.753985][ T8477] IPVS: using max 21 ests per chain, 50400 per kthread [ 108.873189][ T8483] netlink: 'syz.1.932': attribute type 4 has an invalid length. [ 109.713546][ T8501] netlink: 48 bytes leftover after parsing attributes in process `syz.1.940'. [ 109.999656][ T8518] netlink: 12 bytes leftover after parsing attributes in process `syz.0.946'. [ 110.527341][ T8537] overlayfs: failed to clone upperpath [ 110.651050][ T40] audit: type=1400 audit(1741720511.895:443): avc: denied { mounton } for pid=8540 comm="syz.3.957" path="/189/file1/file0" dev="autofs" ino=27804 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1 [ 110.658138][ T40] audit: type=1400 audit(1741720511.895:444): avc: denied { mounton } for pid=8540 comm="syz.3.957" path="/189/file1/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 110.678221][ T40] audit: type=1400 audit(1741720511.925:445): avc: denied { unmount } for pid=5951 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 112.915468][ T40] audit: type=1400 audit(1741720514.165:446): avc: denied { map } for pid=8582 comm="syz.0.973" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 112.922292][ T40] audit: type=1400 audit(1741720514.165:447): avc: denied { execute } for pid=8582 comm="syz.0.973" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 113.934143][ T8597] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 114.467172][ T8619] netlink: 24 bytes leftover after parsing attributes in process `syz.1.985'. [ 114.491833][ T8619] netlink: 4 bytes leftover after parsing attributes in process `syz.1.985'. [ 116.399254][ T8652] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap0 [ 116.407907][ T8652] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 116.436228][ T6240] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 116.543728][ C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 116.583848][ C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 116.694012][ T6240] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 116.759032][ T8674] xt_hashlimit: size too large, truncated to 1048576 [ 117.353960][ T90] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 117.553935][ C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 118.394066][ T90] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 118.397755][ T90] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 118.503817][ C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 121.593860][ C2] ip6_tnl_xmit_ctl: 3 callbacks suppressed [ 121.593872][ C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 122.553842][ C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 122.823795][ C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 123.743943][ C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 124.823949][ C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 125.873785][ C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 126.134552][ T40] audit: type=1400 audit(1741720527.385:448): avc: denied { execute } for pid=8679 comm="syz-executor" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 126.141656][ T40] audit: type=1400 audit(1741720527.385:449): avc: denied { execute_no_trans } for pid=8679 comm="syz-executor" path="/syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 126.248425][ T5293] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 126.257451][ T5293] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 126.261028][ T5293] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 126.267623][ T5293] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 126.271910][ T5293] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 126.276373][ T5293] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 126.282438][ T5945] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 126.284963][ T5945] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 126.287609][ T5945] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 126.293873][ T5945] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 126.297104][ T5945] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 126.301090][ T5945] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 126.312520][ T40] audit: type=1400 audit(1741720527.555:450): avc: denied { mounton } for pid=8680 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 126.422614][ T8680] chnl_net:caif_netlink_parms(): no params data found [ 126.501412][ T8680] bridge0: port 1(bridge_slave_0) entered blocking state [ 126.503595][ T8680] bridge0: port 1(bridge_slave_0) entered disabled state [ 126.506160][ T8680] bridge_slave_0: entered allmulticast mode [ 126.509193][ T8680] bridge_slave_0: entered promiscuous mode [ 126.512712][ T8680] bridge0: port 2(bridge_slave_1) entered blocking state [ 126.515817][ T8680] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.518236][ T8680] bridge_slave_1: entered allmulticast mode [ 126.520442][ T8680] bridge_slave_1: entered promiscuous mode [ 126.543723][ T8680] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 126.547951][ T8680] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 126.570316][ T8680] team0: Port device team_slave_0 added [ 126.577293][ T8680] team0: Port device team_slave_1 added [ 126.595834][ T8680] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 126.598353][ T8680] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.605617][ T8680] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 126.610664][ T8680] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 126.613440][ T8680] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.622685][ T8680] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 126.659560][ T8680] hsr_slave_0: entered promiscuous mode [ 126.661501][ T8680] hsr_slave_1: entered promiscuous mode [ 126.663469][ T8680] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 126.666221][ T8680] Cannot create hsr debugfs directory [ 126.799197][ T8680] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 126.804062][ T8680] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 126.808233][ T8680] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 126.812578][ T8680] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 126.822844][ T8680] bridge0: port 2(bridge_slave_1) entered blocking state [ 126.825629][ T8680] bridge0: port 2(bridge_slave_1) entered forwarding state [ 126.828194][ T8680] bridge0: port 1(bridge_slave_0) entered blocking state [ 126.830165][ T8680] bridge0: port 1(bridge_slave_0) entered forwarding state [ 126.855026][ T8680] 8021q: adding VLAN 0 to HW filter on device bond0 [ 126.862836][ T70] bridge0: port 1(bridge_slave_0) entered disabled state [ 126.867190][ T70] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.885061][ T8711] team0: No ports can be present during mode change [ 126.888587][ T8680] 8021q: adding VLAN 0 to HW filter on device team0 [ 126.897174][ T1174] bridge0: port 1(bridge_slave_0) entered blocking state [ 126.899377][ T1174] bridge0: port 1(bridge_slave_0) entered forwarding state [ 126.903992][ C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 126.908501][ T70] bridge0: port 2(bridge_slave_1) entered blocking state [ 126.910653][ T70] bridge0: port 2(bridge_slave_1) entered forwarding state [ 127.026886][ T8680] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 127.138915][ T8680] veth0_vlan: entered promiscuous mode [ 127.142849][ T8680] veth1_vlan: entered promiscuous mode [ 127.160425][ T8680] veth0_macvtap: entered promiscuous mode [ 127.166899][ T8680] veth1_macvtap: entered promiscuous mode [ 127.178356][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 127.182337][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.186681][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 127.190632][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.195907][ T8680] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 127.208496][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 127.212520][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.216887][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 127.220429][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.225321][ T8680] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 127.232192][ T8680] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.235732][ T8680] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.239103][ T8680] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.242440][ T8680] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.281094][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.285144][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.297537][ T1166] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.299919][ T1166] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.307661][ T40] audit: type=1400 audit(1741720528.555:451): avc: denied { mounton } for pid=8680 comm="syz-executor" path="/syzkaller.O5zmPq/syz-tmp" dev="sda1" ino=1942 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 127.315401][ T40] audit: type=1400 audit(1741720528.555:452): avc: denied { mounton } for pid=8680 comm="syz-executor" path="/syzkaller.O5zmPq/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 127.325659][ T40] audit: type=1400 audit(1741720528.575:453): avc: denied { mount } for pid=8680 comm="syz-executor" name="/" dev="gadgetfs" ino=8754 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 127.492494][ T8734] kvm: pic: single mode not supported [ 127.492513][ T8734] kvm: pic: level sensitive irq not supported [ 127.496001][ T8734] kvm: pic: single mode not supported [ 127.498405][ T8734] kvm: pic: level sensitive irq not supported [ 127.502581][ T8734] kvm: pic: single mode not supported [ 127.505110][ T8734] kvm: pic: level sensitive irq not supported [ 127.508070][ T8734] kvm: pic: single mode not supported [ 127.510389][ T8734] kvm: pic: level sensitive irq not supported [ 127.513542][ T8734] kvm: pic: single mode not supported [ 127.515995][ T8734] kvm: pic: level sensitive irq not supported [ 127.520058][ T8734] kvm: pic: single mode not supported [ 127.522416][ T8734] kvm: pic: level sensitive irq not supported [ 127.525549][ T8734] kvm: pic: single mode not supported [ 127.527928][ T8734] kvm: pic: level sensitive irq not supported [ 127.530742][ T8734] kvm: pic: single mode not supported [ 127.533065][ T8734] kvm: pic: level sensitive irq not supported [ 127.536259][ T8734] kvm: pic: single mode not supported [ 127.538666][ T8734] kvm: pic: level sensitive irq not supported [ 127.541516][ T8734] kvm: pic: single mode not supported [ 127.544050][ T8734] kvm: pic: level sensitive irq not supported [ 127.693830][ T8740] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 127.893781][ C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 128.030690][ T8744] kvm: kvm [8743]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000 [ 128.037392][ T8744] kvm: kvm [8743]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000 [ 128.043750][ T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 128.047041][ T8744] kvm: kvm [8743]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000 [ 128.060013][ T8744] kvm: kvm [8743]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000 [ 128.193909][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 128.197765][ T10] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 56832, setting to 1024 [ 128.202752][ T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024 [ 128.207109][ T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 128.210280][ T10] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 128.227898][ T10] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 128.230546][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.365375][ T40] audit: type=1400 audit(1741720529.615:454): avc: denied { bind } for pid=8761 comm="syz.1.1029" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 128.366146][ T8762] netlink: 'syz.1.1029': attribute type 21 has an invalid length. [ 128.374828][ T8762] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1029'. [ 128.384627][ T8762] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=16384 sclass=netlink_route_socket pid=8762 comm=syz.1.1029 [ 128.388177][ T8762] netlink: 'syz.1.1029': attribute type 21 has an invalid length. [ 128.390379][ T8762] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1029'. [ 128.444509][ T10] usb 5-1: GET_CAPABILITIES returned 0 [ 128.446646][ T10] usbtmc 5-1:16.0: can't read capabilities [ 128.463794][ T40] audit: type=1400 audit(1741720529.705:455): avc: denied { write } for pid=8753 comm="syz.2.1025" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 128.481588][ T8754] kvm: kvm [8753]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000 [ 128.503373][ T8754] kvm: kvm [8753]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe706111 [ 128.514461][ T8770] batman_adv: batadv0: Adding interface: dummy0 [ 128.516707][ T8770] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 128.525642][ T8770] batman_adv: batadv0: Interface activated: dummy0 [ 128.535540][ T8770] batadv0: mtu less than device minimum [ 128.538892][ T8770] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 128.544272][ T8770] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 128.549192][ T8770] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 128.554201][ T8770] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 128.559227][ T8770] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 128.564300][ T8770] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 128.569240][ T8770] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 128.574223][ T8770] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 128.579170][ T8770] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 128.649141][ T64] usb 5-1: USB disconnect, device number 3 [ 128.738697][ T40] audit: type=1400 audit(1741720529.985:456): avc: denied { getopt } for pid=8773 comm="syz.1.1034" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 128.883028][ T8779] ======================================================= [ 128.883028][ T8779] WARNING: The mand mount option has been deprecated and [ 128.883028][ T8779] and is ignored by this kernel. Remove the mand [ 128.883028][ T8779] option from the mount to silence this warning. [ 128.883028][ T8779] ======================================================= [ 128.923734][ C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 129.307994][ T40] audit: type=1400 audit(1741720530.555:457): avc: denied { create } for pid=8808 comm="syz.2.1049" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 129.443883][ T5945] Bluetooth: hci4: command tx timeout [ 129.465215][ T8813] kvm: kvm [8812]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x2c [ 129.519700][ T8813] kvm: kvm [8812]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xc4e [ 129.963767][ C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 130.003888][ T8847] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 130.800526][ T8847] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 130.802569][ T8847] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 131.093822][ C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 131.098396][ T8883] kvm: kvm [8882]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x2c [ 131.172595][ T8883] kvm: kvm [8882]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xc4e [ 131.193138][ T8894] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 131.274088][ C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 131.410444][ T8900] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 132.014014][ C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 132.429744][ T8930] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 132.555486][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.557414][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.903889][ C3] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 132.907436][ C3] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 132.909945][ C3] CPU: 3 UID: 0 PID: 8959 Comm: syz.2.1111 Not tainted 6.14.0-rc6-syzkaller-00007-g0b46b049d6ec #0 [ 132.914232][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 132.918038][ C3] RIP: 0010:bpf_get_local_storage+0x17b/0x260 [ 132.920525][ C3] Code: 48 8d 7b 10 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 bb 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 5b 10 48 89 da 48 c1 ea 03 <80> 3c 02 00 0f 85 a6 00 00 00 48 8b 1b e8 13 90 73 09 83 f8 07 89 [ 132.927665][ C3] RSP: 0018:ffffc90000718628 EFLAGS: 00010246 [ 132.930027][ C3] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff81e40b82 [ 132.933090][ C3] RDX: 0000000000000000 RSI: ffffffff81e40c38 RDI: ffff88804fde0b20 [ 132.936112][ C3] RBP: ffffc90000718648 R08: 0000000000000005 R09: 0000000000000015 [ 132.938916][ C3] R10: 0000000000000015 R11: 0000000000000002 R12: ffff88802fd2a8c0 [ 132.941329][ C3] R13: ffffc90005722002 R14: 0000000000000000 R15: ffff88802fd2a8f0 [ 132.944057][ C3] FS: 00005555645ba500(0000) GS:ffff88806a900000(0000) knlGS:0000000000000000 [ 132.947555][ C3] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.950004][ C3] CR2: 000000110c397a9d CR3: 000000004f62a000 CR4: 0000000000352ef0 [ 132.953026][ C3] DR0: 0000000000000000 DR1: 00000000ffff000b DR2: 0000000000000000 [ 132.955901][ C3] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 132.958856][ C3] Call Trace: [ 132.959919][ C3] [ 132.960825][ C3] ? die_addr+0x3b/0xa0 [ 132.962042][ C3] ? exc_general_protection+0x155/0x230 [ 132.963721][ C3] ? asm_exc_general_protection+0x26/0x30 [ 132.965530][ C3] ? bpf_get_local_storage+0x42/0x260 [ 132.967051][ C3] ? bpf_get_local_storage+0xf8/0x260 [ 132.968717][ C3] ? bpf_get_local_storage+0x17b/0x260 [ 132.970723][ C3] ? bpf_get_local_storage+0xf8/0x260 [ 132.972643][ C3] bpf_prog_3647604f6c8667e9+0x2e/0x41 [ 132.974505][ C3] __bpf_prog_run_save_cb+0x11f/0x330 [ 132.975978][ C3] ? __pfx___bpf_prog_run_save_cb+0x10/0x10 [ 132.977802][ C3] ? __pfx_mark_lock+0x10/0x10 [ 132.979230][ C3] ? __cgroup_bpf_run_filter_skb+0x341/0xe60 [ 132.980947][ C3] __cgroup_bpf_run_filter_skb+0x470/0xe60 [ 132.982666][ C3] ? __pfx___cgroup_bpf_run_filter_skb+0x10/0x10 [ 132.984834][ C3] ? tcp_do_parse_auth_options+0x137/0x2e0 [ 132.986662][ C3] sk_filter_trim_cap+0x234/0xac0 [ 132.988115][ C3] ? __pfx_tcp_inbound_hash+0x10/0x10 [ 132.989677][ C3] ? __pfx_sk_filter_trim_cap+0x10/0x10 [ 132.991255][ C3] ? __pfx___inet_lookup_established+0x10/0x10 [ 132.993036][ C3] tcp_v4_rcv+0x28fd/0x4380 [ 132.994442][ C3] ? __pfx_tcp_v4_rcv+0x10/0x10 [ 132.996100][ C3] ? __pfx_raw_local_deliver+0x10/0x10 [ 132.997663][ C3] ? rcu_is_watching+0x12/0xc0 [ 132.999034][ C3] ? __pfx_tcp_v4_rcv+0x10/0x10 [ 133.000402][ C3] ip_protocol_deliver_rcu+0xba/0x4c0 [ 133.001935][ C3] ip_local_deliver_finish+0x316/0x570 [ 133.003546][ C3] ip_local_deliver+0x18e/0x1f0 [ 133.005316][ C3] ? __pfx_ip_local_deliver+0x10/0x10 [ 133.006876][ C3] ip_rcv+0x2c3/0x5d0 [ 133.008062][ C3] ? __pfx_ip_rcv+0x10/0x10 [ 133.009359][ C3] __netif_receive_skb_one_core+0x199/0x1e0 [ 133.011078][ C3] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 133.012845][ C3] ? rcu_is_watching+0x12/0xc0 [ 133.014276][ C3] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 133.015786][ C3] ? process_backlog+0x3f1/0x15f0 [ 133.017183][ C3] ? process_backlog+0x3f1/0x15f0 [ 133.018635][ C3] __netif_receive_skb+0x1d/0x160 [ 133.020067][ C3] process_backlog+0x443/0x15f0 [ 133.021553][ C3] __napi_poll.constprop.0+0xb7/0x550 [ 133.023147][ C3] net_rx_action+0xa94/0x1010 [ 133.024781][ C3] ? __pfx_net_rx_action+0x10/0x10 [ 133.026315][ C3] ? rcu_is_watching+0x12/0xc0 [ 133.027775][ C3] ? trace_rcu_utilization+0x106/0x170 [ 133.029329][ C3] ? rcu_core+0xada/0x14d0 [ 133.030609][ C3] handle_softirqs+0x213/0x8f0 [ 133.031974][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 133.033467][ C3] ? irqtime_account_irq+0x176/0x2d0 [ 133.035191][ C3] ? bpf_link_free+0x95/0x390 [ 133.036576][ C3] ? __pfx_bpf_link_release+0x10/0x10 [ 133.038148][ C3] do_softirq+0xb2/0xf0 [ 133.039369][ C3] [ 133.040210][ C3] [ 133.041056][ C3] __local_bh_enable_ip+0x100/0x120 [ 133.042569][ C3] bpf_link_free+0x95/0x390 [ 133.043827][ C3] bpf_link_release+0x5d/0x80 [ 133.045424][ C3] __fput+0x3ff/0xb70 [ 133.046592][ C3] ? _raw_spin_unlock_irq+0x23/0x50 [ 133.048138][ C3] task_work_run+0x14e/0x250 [ 133.049464][ C3] ? __pfx_task_work_run+0x10/0x10 [ 133.050926][ C3] ? __pfx___do_sys_close_range+0x10/0x10 [ 133.052547][ C3] syscall_exit_to_user_mode+0x27b/0x2a0 [ 133.054167][ C3] do_syscall_64+0xda/0x250 [ 133.055487][ C3] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.057184][ C3] RIP: 0033:0x7f87ff58d169 [ 133.058487][ C3] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.063947][ C3] RSP: 002b:00007ffc7a304ec8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 133.066521][ C3] RAX: 0000000000000000 RBX: 00000000000206b8 RCX: 00007f87ff58d169 [ 133.068760][ C3] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 133.070997][ C3] RBP: 00007f87ff7a7ba0 R08: 0000000000000001 R09: 0000000f7a3051bf [ 133.073247][ C3] R10: 00007f87ff400000 R11: 0000000000000246 R12: 00007f87ff7a5fac [ 133.075493][ C3] R13: 00007f87ff7a5fa0 R14: ffffffffffffffff R15: 00007ffc7a304fe0 [ 133.077783][ C3] [ 133.078704][ C3] Modules linked in: [ 133.079879][ C3] vkms_vblank_simulate: vblank timer overrun [ 133.079886][ C1] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#2] PREEMPT SMP KASAN NOPTI [ 133.081610][ C3] ---[ end trace 0000000000000000 ]--- [ 133.083711][ C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 133.086084][ C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 133.086106][ C1] CPU: 1 UID: 0 PID: 8962 Comm: syz.1.1112 Tainted: G D 6.14.0-rc6-syzkaller-00007-g0b46b049d6ec #0 [ 133.087696][ C3] RIP: 0010:bpf_get_local_storage+0x17b/0x260 [ 133.090514][ C1] Tainted: [D]=DIE [ 133.090523][ C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 133.090534][ C1] RIP: 0010:bpf_get_local_storage+0x17b/0x260 [ 133.092842][ C3] Code: 48 8d 7b 10 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 bb 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 5b 10 48 89 da 48 c1 ea 03 <80> 3c 02 00 0f 85 a6 00 00 00 48 8b 1b e8 13 90 73 09 83 f8 07 89 [ 133.095989][ C1] Code: 48 8d 7b 10 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 bb 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 5b 10 48 89 da 48 c1 ea 03 <80> 3c 02 00 0f 85 a6 00 00 00 48 8b 1b e8 13 90 73 09 83 f8 07 89 [ 133.096004][ C1] RSP: 0018:ffffc900006c0108 EFLAGS: 00010246 [ 133.096013][ C1] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff81e40b82 [ 133.096020][ C1] RDX: 0000000000000000 RSI: ffffffff81e40c38 RDI: ffff88804fde0b20 [ 133.097732][ C3] RSP: 0018:ffffc90000718628 EFLAGS: 00010246 [ 133.098790][ C1] RBP: ffffc900006c0128 R08: 0000000000000005 R09: 0000000000000015 [ 133.101765][ C3] [ 133.101770][ C3] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff81e40b82 [ 133.103891][ C1] R10: 0000000000000015 R11: 0000000000000000 R12: ffff8880280bf400 [ 133.103902][ C1] R13: ffffc90005722002 R14: 0000000000000000 R15: ffff8880280bf430 [ 133.103908][ C1] FS: 0000000000000000(0000) GS:ffff88806a700000(0000) knlGS:0000000000000000 [ 133.103928][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.109488][ C3] RDX: 0000000000000000 RSI: ffffffff81e40c38 RDI: ffff88804fde0b20 [ 133.116810][ C1] CR2: 00007efe227d4f98 CR3: 00000000513ba000 CR4: 0000000000352ef0 [ 133.116830][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 133.118636][ C3] RBP: ffffc90000718648 R08: 0000000000000005 R09: 0000000000000015 [ 133.121641][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 133.124050][ C3] R10: 0000000000000015 R11: 0000000000000002 R12: ffff88802fd2a8c0 [ 133.126331][ C1] Call Trace: [ 133.128581][ C3] R13: ffffc90005722002 R14: 0000000000000000 R15: ffff88802fd2a8f0 [ 133.129474][ C1] [ 133.131650][ C3] FS: 00005555645ba500(0000) GS:ffff88806a900000(0000) knlGS:0000000000000000 [ 133.134036][ C1] ? die_addr+0x3b/0xa0 [ 133.134057][ C1] ? exc_general_protection+0x155/0x230 [ 133.136359][ C3] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.138853][ C1] ? asm_exc_general_protection+0x26/0x30 [ 133.140772][ C3] CR2: 000000110c397a9d CR3: 000000004f62a000 CR4: 0000000000352ef0 [ 133.143015][ C1] ? bpf_get_local_storage+0x42/0x260 [ 133.145576][ C3] DR0: 0000000000000000 DR1: 00000000ffff000b DR2: 0000000000000000 [ 133.148141][ C1] ? bpf_get_local_storage+0xf8/0x260 [ 133.150329][ C3] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 133.152828][ C1] ? bpf_get_local_storage+0x17b/0x260 [ 133.155137][ C3] Kernel panic - not syncing: Fatal exception in interrupt [ 133.182810][ C3] Kernel Offset: disabled [ 133.184062][ C3] Rebooting in 86400 seconds.. VM DIAGNOSIS: 19:15:34 Registers: info registers vcpu 0 CPU#0 RAX=00000000000c564c RBX=0000000000000000 RCX=ffffffff8b579469 RDX=ffffed100d4c6f86 RSI=ffffffff8bd369a0 RDI=ffffffff81908469 RBP=fffffbfff1bd2ee8 RSP=ffffffff8de07e20 R8 =0000000000000000 R9 =ffffed100d4c6f85 R10=ffff88806a637c2b R11=0000000000000000 R12=0000000000000000 R13=ffffffff8de97740 R14=ffffffff90626310 R15=0000000000000000 RIP=ffffffff8b57a84f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fba07396540 CR3=000000004f62a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000001 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87ff60f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87ff60f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87ff60f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87ff60f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87ff60f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87ff60f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87ff77c488 00007f87ff77c480 00007f87ff77c478 00007f87ff77c450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f88002dd100 00007f87ff77c440 00007f87ff77c458 00007f87ff77c4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87ff77c498 00007f87ff77c490 00007f87ff77c488 00007f87ff77c480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff8168943e RDX=ffff888024fe0000 RSI=ffffffff8168945b RDI=0000000000000000 RBP=ffffffff938171cc RSP=ffffc900006bfe48 R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=0000000000000000 R12=0000000000000003 R13=0000000000000003 R14=ffff88806a73fb40 R15=fffffbfff2702e39 RIP=ffffffff8168945c RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007efe227d4f98 CR3=00000000513ba000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff75753620 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efe24a0f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efe24a0f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efe24a0f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efe24a0f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efe24a0f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efe24a0f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001c0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 0000000000000000 0000000000000000 00000000000001c0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000080000001 RBX=0000000000000001 RCX=1ffffffff3518114 RDX=0000000000000001 RSI=ffffffff8bd369a0 RDI=0000000000000001 RBP=00000051a0d8c2d0 RSP=ffffc90004f77ab8 R8 =0000000000000001 R9 =fffff91ffffae840 R10=ffffe8ffffd74207 R11=0000000000002ba2 R12=0000000000000002 R13=00000000000032c9 R14=ffffc90003b2f958 R15=0000000000000007 RIP=ffffffff81885ca9 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c2c030f CR3=000000005a698000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efe24a0f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efe24a0f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efe24a0f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efe24a0f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efe24a0f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efe24a0f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efe24b7c488 00007efe24b7c480 00007efe24b7c478 00007efe24b7c450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efe256dd100 00007efe24b7c440 00007efe24b7c458 00007efe24b7c4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efe24b7c498 00007efe24b7c490 00007efe24b7c488 00007efe24b7c480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 0000000000000000 0000000000000000 00000000000001c0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8540af35 RDI=ffffffff9ab837c0 RBP=ffffffff9ab83780 RSP=ffffc90000717fa0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=7973203a6d6d6f43 R12=0000000000000000 R13=000000000000002e R14=ffffffff9ab83780 R15=0000000000000000 RIP=ffffffff8540af5f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00005555645ba500 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c397a9d CR3=000000004f62a000 CR4=00352ef0 DR0=0000000000000000 DR1=00000000ffff000b DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87ff60f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87ff60f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87ff60f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87ff60f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87ff60f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87ff60f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000091bf 0000000000000095 0000000000010955 00000000000009bf ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9500000000000000 b700000005000000 8500000000000004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bf00000000000000 9500000000000109 5500000000000009 bf00000051000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000