last executing test programs: 1m57.321055484s ago: executing program 0 (id=473): socket$netlink(0x10, 0x3, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$key(0xf, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000140)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'}) r1 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x44}}, 0x0) 1m56.794162976s ago: executing program 0 (id=479): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x3, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001500)=ANY=[], 0x10) write(r0, &(0x7f0000000280)="8f2a0ab3ff010000000000000580a7b6070d63e286a5cefe", 0x18) 1m36.64139496s ago: executing program 0 (id=479): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x3, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001500)=ANY=[], 0x10) write(r0, &(0x7f0000000280)="8f2a0ab3ff010000000000000580a7b6070d63e286a5cefe", 0x18) 1m18.56127318s ago: executing program 0 (id=479): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x3, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001500)=ANY=[], 0x10) write(r0, &(0x7f0000000280)="8f2a0ab3ff010000000000000580a7b6070d63e286a5cefe", 0x18) 1m1.26342335s ago: executing program 0 (id=479): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x3, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001500)=ANY=[], 0x10) write(r0, &(0x7f0000000280)="8f2a0ab3ff010000000000000580a7b6070d63e286a5cefe", 0x18) 28.620259932s ago: executing program 0 (id=479): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x3, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001500)=ANY=[], 0x10) write(r0, &(0x7f0000000280)="8f2a0ab3ff010000000000000580a7b6070d63e286a5cefe", 0x18) 12.870668625s ago: executing program 1 (id=860): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000013000100000000000000000007000000", @ANYBLOB="00000000000000001c001a80180004"], 0x3c}}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)=""/156, 0x9c}], 0x1}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) 12.870392368s ago: executing program 2 (id=861): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)={0x1c, 0x4, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000080}, 0x80) (fail_nth: 9) 12.78260868s ago: executing program 1 (id=862): socket$kcm(0x10, 0x2, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{0xffffffffffffffff, 0xffffffffffffffff}, 0x0, &(0x7f0000000140)=r0}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000240), &(0x7f0000000280)=r0}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000300)=[@in={0x2, 0x4e20, @private=0xa010101}, @in={0x2, 0x4e23, @empty}, @in6={0xa, 0x4e20, 0x6, @dev={0xfe, 0x80, '\x00', 0x23}}], 0x3c) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' '], 0x20}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x78}}, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r4 = accept4(r3, 0x0, 0x0, 0x80800) sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 12.226283596s ago: executing program 2 (id=864): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYBLOB="00000000000000001c001a801800058014000680080001"], 0x3c}}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="00000132ae57f60014001a80100005800c0003"], 0x34}, 0x1, 0x0, 0x0, 0x4000801}, 0x0) 6.772870186s ago: executing program 1 (id=865): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f0000000200)=0x8001100) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="cc0000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400fc0000000000faffffff0000000000000c00028005000100000000003c0002800c00028005000100000000002c000180140003000000000000000000000000000000000114000400fe8000000000000000000000000000aa08000740000000003800068014000500f10200000000000000000000000000010c000380060001000000000014000400"], 0xcc}}, 0x0) r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7f, 0x2) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockname(r5, 0x0, 0x0) sendmsg$IPSET_CMD_SAVE(r3, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, 0x8, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004004}, 0x4050) ioctl$vim2m_VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f0000000140)={0x0, 0x40, 0x4, {0x1, @raw_data="3d924b8271394fa4ec01eb92492ff84715d1a004d08b012a7cafe27a5f313d31bbdae5b411ca5be6bfe92437ed0d21b5180e375be56b3b9306d7dbb26bf9f22de7ac7681cca450055250217bdf1113b4258293ba4efed32147bda8454dd115bd5ba066ba06f2854cc96db9a98055cbde9fd084a1223ada91ed2e832907a01ab5ee65f997b617f73d1aa5a6dfc47acdc5eb834f8e448469d235e4380cbcc3314c94970349a3c1374ffec96177b67caa0656f9664277cadb8597e7d911ad1da457ef9744b0993c57a7"}}) r6 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$selinux_user(r6, &(0x7f00000000c0)={'system_u:object_r:crack_db_t:s0', 0x20, 'staff_u\x00'}, 0x28) write$selinux_user(r6, &(0x7f0000000040)=ANY=[@ANYBLOB='system_u:object_r:auth_cache_t r'], 0x27) r7 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f0000000100)={0x0, 0x13, r8, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r7, 0xc06864ce, &(0x7f00000001c0)={r9, 0x2, 0x22540000, 0x0, 0x0, [0x0], [], [0x0, 0x0, 0x100, 0xd], [0x0, 0x0, 0xfffffffffffffffd]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r7, 0xc00c642d, &(0x7f0000000080)={r10, 0x0, 0xffffffffffffffff}) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x1000004, 0x12, r11, 0x0) r12 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r12, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000040406050085cf086c56cb52232d4b0abf3de6532d00004f64e26500000000ecff0000d39681ce"], 0x1c}, 0x1, 0x0, 0x0, 0x20000080}, 0x80) ioctl$SNAPSHOT_ATOMIC_RESTORE(r2, 0x3304) 6.310455671s ago: executing program 1 (id=866): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="12000000020000000400000002"], 0x48) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_ro(r3, &(0x7f00000002c0)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0) preadv2(r4, &(0x7f0000000280)=[{&(0x7f00000008c0)=""/211, 0xd3}], 0x1, 0x0, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r4}, &(0x7f00000001c0)=0x2, &(0x7f0000000200)=r4}, 0xfffffe0b) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r2, &(0x7f0000000040)}, 0x20) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) open_by_handle_at(0xffffffffffffff9c, 0x0, 0x0) r6 = syz_open_dev$vim2m(&(0x7f0000000e40), 0x8, 0x2) r7 = socket$phonet_pipe(0x23, 0x5, 0x2) connect$phonet_pipe(r7, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x1}, 0x10) r8 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x802, 0x0) ioctl$UI_ABS_SETUP(r8, 0x401c5504, &(0x7f0000000640)={0x2, {0x11, 0x0, 0xfffffffc, 0x21}}) ioctl$vim2m_VIDIOC_ENUM_FMT(r6, 0xc0405602, &(0x7f0000000040)={0x23, 0x2, 0x1, "a677c17a5a000000009e7379d557d1ea22000000000200000000004000", 0xb5315258}) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r5, 0x0) r9 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r9, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r10 = accept(r5, 0x0, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(r10, &(0x7f0000000080)={0x0, 0x50, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0x80}, 0x0) getsockopt$inet6_tcp_int(r5, 0x6, 0x6, &(0x7f00000000c0), &(0x7f0000000140)=0x4) connect$unix(r10, &(0x7f0000000240)=@file={0x0, './file0\x00'}, 0x6e) ioctl$F2FS_IOC_COMPRESS_FILE(r1, 0xf518, 0x0) 6.175937124s ago: executing program 2 (id=867): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x606100, 0x0) close(r1) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) writev(r0, &(0x7f0000000280)=[{&(0x7f0000000300)="89b1ee2c7cf3d9b4b47381c988a8", 0xe}, {0x0}], 0x2) 5.933848637s ago: executing program 3 (id=869): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20) connect$l2tp6(r1, &(0x7f0000000100)={0xa, 0x0, 0x4, @local, 0x5, 0x1}, 0x20) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x5c, r2, 0x917, 0x0, 0x100000, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @multicast1}}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @empty}]}, 0x5c}, 0x1, 0x620b}, 0x0) 5.83374184s ago: executing program 3 (id=870): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000013000100000000000000000007000000", @ANYBLOB="00000000000000001c001a80180004"], 0x3c}}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)=""/156, 0x9c}], 0x1}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) 5.373207406s ago: executing program 1 (id=871): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x44044) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd09032800050030000000600000004028290081e949b93897bc3b0000000000007d01ff020000000000000000000000000001"], 0xfdef) 634.500735ms ago: executing program 3 (id=872): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) (async) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) (async) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000001480)) (async) sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x40}]}, 0x28}}, 0x0) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) (async) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r7 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82) (async) syz_open_dev$sg(&(0x7f0000000280), 0x0, 0x0) r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x181942, 0x0) ioctl$F2FS_IOC_COMPRESS_FILE(r7, 0xf518, 0x0) (async) ioctl$FS_IOC_SETFLAGS(r8, 0x40086602, &(0x7f0000000040)=0x20) (async) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$sock_inet6_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000000)) (async) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) futex(&(0x7f0000004000), 0x5, 0x0, 0x0, 0x0, 0x93020007) 633.939434ms ago: executing program 2 (id=873): socket$kcm(0x10, 0x2, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{0xffffffffffffffff, 0xffffffffffffffff}, 0x0, &(0x7f0000000140)=r0}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000240), &(0x7f0000000280)=r0}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000300)=[@in={0x2, 0x4e20, @private=0xa010101}, @in={0x2, 0x4e23, @empty}, @in6={0xa, 0x4e20, 0x6, @dev={0xfe, 0x80, '\x00', 0x23}}], 0x3c) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' '], 0x20}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x78}}, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r4 = accept4(r3, 0x0, 0x0, 0x80800) sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 523.801287ms ago: executing program 3 (id=874): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000001300)={0x0, 0x0, &(0x7f00000012c0)={&(0x7f0000001200)={0x44, r1, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_LEVEL={0x24, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x7}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x9}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}, 0x1, 0x1000000, 0x0, 0x4000}, 0x44810) 318.529116ms ago: executing program 3 (id=875): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYBLOB="00000000000000001c001a801800058014000680080001"], 0x3c}}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="00000132ae57f60014001a80100005800c0003"], 0x34}, 0x1, 0x0, 0x0, 0x4000801}, 0x0) 258.49007ms ago: executing program 2 (id=876): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000001300)={0x0, 0x0, &(0x7f00000012c0)={&(0x7f0000001200)={0x44, r1, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_LEVEL={0x24, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x7}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x9}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x44810) (fail_nth: 4) 200.339434ms ago: executing program 1 (id=877): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000100)={0x2, &(0x7f0000000380)=[{0x80, 0x7, 0x0, 0x2}, {0x16}]}) r4 = accept4(0xffffffffffffffff, &(0x7f0000000280)=@nl=@proc, &(0x7f0000000080)=0x80, 0x100800) ioctl$sock_ifreq(r4, 0x891d, &(0x7f0000000300)={'\x00', @ifru_data=&(0x7f0000000140)="a8b0cfc7854756a8694fb83c86c7d6dff72d7569e3173868723cfdeabfbb77ab"}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS32(r5, 0xc0245720, &(0x7f0000000000)={0x1}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fdf000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000200)="0fc7bc6000000000440f01cf66fea07b00000f01c8c74424006c000000c74424020c90ffffc7442406000000000f0114240f0091b0f2eb6fb9b80a0000b865000000ba000000000f300f32350040000030b8d6000f00d048b800980000000000000f23d00f21f835000000070f23f866b83a000f00d0", 0x76}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r3, 0x4068aea3, &(0x7f0000000180)={0xc7, 0x0, 0x1}) ioctl$KVM_RUN(r3, 0xae80, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 108.254215ms ago: executing program 3 (id=878): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x1c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x64}}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x48, 0x10, 0x40d, 0x70bd28, 0x25ffdbfc, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x84}, @IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x1e, 0x3ff}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) (fail_nth: 16) 0s ago: executing program 2 (id=879): r0 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000bc0)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffe0}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x2}]}}]}, 0x38}}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (fail_nth: 23) kernel console output (not intermixed with test programs): _acquire+0xae/0x150 [ 120.706443][ T7479] should_failslab+0xc2/0x120 [ 120.706464][ T7479] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 120.706485][ T7479] ? __alloc_skb+0x2b1/0x380 [ 120.706513][ T7479] __alloc_skb+0x2b1/0x380 [ 120.706531][ T7479] ? __pfx___alloc_skb+0x10/0x10 [ 120.706554][ T7479] ? genl_rcv_msg+0x4bd/0x800 [ 120.706583][ T7479] netlink_ack+0x15f/0xb80 [ 120.706612][ T7479] netlink_rcv_skb+0x348/0x440 [ 120.706632][ T7479] ? __pfx_genl_rcv_msg+0x10/0x10 [ 120.706654][ T7479] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 120.706687][ T7479] ? down_read+0xc9/0x330 [ 120.706706][ T7479] ? __pfx_down_read+0x10/0x10 [ 120.706726][ T7479] ? netlink_deliver_tap+0x1ae/0xd30 [ 120.706749][ T7479] genl_rcv+0x28/0x40 [ 120.706769][ T7479] netlink_unicast+0x53c/0x7f0 [ 120.706791][ T7479] ? __pfx_netlink_unicast+0x10/0x10 [ 120.706820][ T7479] netlink_sendmsg+0x8b8/0xd70 [ 120.706843][ T7479] ? __pfx_netlink_sendmsg+0x10/0x10 [ 120.706873][ T7479] ____sys_sendmsg+0xaaf/0xc90 [ 120.706900][ T7479] ? copy_msghdr_from_user+0x10b/0x160 [ 120.706921][ T7479] ? __pfx_____sys_sendmsg+0x10/0x10 [ 120.706961][ T7479] ___sys_sendmsg+0x135/0x1e0 [ 120.706983][ T7479] ? __pfx____sys_sendmsg+0x10/0x10 [ 120.707017][ T7479] ? __pfx_lock_release+0x10/0x10 [ 120.707042][ T7479] ? trace_lock_acquire+0x14e/0x1f0 [ 120.707079][ T7479] ? __fget_files+0x206/0x3a0 [ 120.707105][ T7479] __sys_sendmsg+0x16e/0x220 [ 120.707127][ T7479] ? __pfx___sys_sendmsg+0x10/0x10 [ 120.707168][ T7479] do_syscall_64+0xcd/0x250 [ 120.707189][ T7479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.707215][ T7479] RIP: 0033:0x7f810798cde9 [ 120.707232][ T7479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.707248][ T7479] RSP: 002b:00007f810871a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 120.707266][ T7479] RAX: ffffffffffffffda RBX: 00007f8107ba5fa0 RCX: 00007f810798cde9 [ 120.707279][ T7479] RDX: 0000000000004844 RSI: 0000400000000200 RDI: 0000000000000003 [ 120.707290][ T7479] RBP: 00007f810871a090 R08: 0000000000000000 R09: 0000000000000000 [ 120.707300][ T7479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 120.707309][ T7479] R13: 0000000000000000 R14: 00007f8107ba5fa0 R15: 00007ffc7295f2b8 [ 120.707332][ T7479] [ 121.052749][ T39] kauditd_printk_skb: 6 callbacks suppressed [ 121.052768][ T39] audit: type=1400 audit(1739160504.483:391): avc: denied { write } for pid=7481 comm="syz.3.542" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 121.057134][ T7491] netlink: 'syz.2.545': attribute type 1 has an invalid length. [ 121.331538][ T7264] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 121.481073][ T7264] veth0_vlan: entered promiscuous mode [ 121.500399][ T7264] veth1_vlan: entered promiscuous mode [ 121.570349][ T7264] veth0_macvtap: entered promiscuous mode [ 121.591996][ T7264] veth1_macvtap: entered promiscuous mode [ 121.594729][ T39] audit: type=1400 audit(1739160505.033:392): avc: denied { search } for pid=5333 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 121.602322][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 121.617042][ T7516] SET target dimension over the limit! [ 121.633150][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 121.662206][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 121.666378][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 121.671349][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 121.675663][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 121.680274][ T7264] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 121.686726][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 121.731404][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 121.735364][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 121.748959][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 121.753119][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 121.784528][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 121.803806][ T7264] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 121.815072][ T7264] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 121.861523][ T7264] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 121.875533][ T7264] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 121.884693][ T7264] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 121.996663][ T1232] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.999648][ T1232] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.075940][ T1167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.080915][ T1167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.128678][ T39] audit: type=1400 audit(1739160505.563:393): avc: denied { mounton } for pid=7264 comm="syz-executor" path="/syzkaller.Na12lZ/syz-tmp" dev="sda1" ino=1942 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 122.160112][ T39] audit: type=1400 audit(1739160505.563:394): avc: denied { mount } for pid=7264 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 122.195683][ T39] audit: type=1400 audit(1739160505.583:395): avc: denied { mounton } for pid=7264 comm="syz-executor" path="/syzkaller.Na12lZ/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 122.224789][ T39] audit: type=1400 audit(1739160505.623:396): avc: denied { mount } for pid=7264 comm="syz-executor" name="/" dev="gadgetfs" ino=8447 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 122.299515][ T7533] netlink: 'syz.1.554': attribute type 30 has an invalid length. [ 122.907012][ T7550] netlink: 'syz.3.559': attribute type 1 has an invalid length. [ 122.919099][ T39] audit: type=1400 audit(1739160506.333:397): avc: denied { connect } for pid=7544 comm="syz.3.559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 122.935724][ T39] audit: type=1400 audit(1739160506.333:398): avc: denied { ioctl } for pid=7544 comm="syz.3.559" path="socket:[15952]" dev="sockfs" ino=15952 ioctlcmd=0x89ed scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 122.940029][ T7550] bond1: entered promiscuous mode [ 122.948788][ T7550] bond1: entered allmulticast mode [ 122.989471][ T7550] bond1: (slave geneve2): making interface the new active one [ 122.992464][ T7550] geneve2: entered promiscuous mode [ 123.012201][ T7550] geneve2: entered allmulticast mode [ 123.015756][ T7550] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 123.080362][ T7558] netlink: 24 bytes leftover after parsing attributes in process `syz.1.561'. [ 123.203777][ T7564] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7564 comm=syz.1.561 [ 123.598277][ T7571] FAULT_INJECTION: forcing a failure. [ 123.598277][ T7571] name failslab, interval 1, probability 0, space 0, times 0 [ 123.636234][ T7571] CPU: 0 UID: 0 PID: 7571 Comm: syz.1.564 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 123.636268][ T7571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 123.636279][ T7571] Call Trace: [ 123.636287][ T7571] [ 123.636295][ T7571] dump_stack_lvl+0x16c/0x1f0 [ 123.636326][ T7571] should_fail_ex+0x50a/0x650 [ 123.636352][ T7571] ? fs_reclaim_acquire+0xae/0x150 [ 123.636380][ T7571] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 123.636409][ T7571] should_failslab+0xc2/0x120 [ 123.636430][ T7571] __kmalloc_noprof+0xcb/0x510 [ 123.636455][ T7571] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 123.636486][ T7571] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 123.636511][ T7571] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 123.636542][ T7571] ? bpf_lsm_capable+0x9/0x10 [ 123.636560][ T7571] ? security_capable+0x7e/0x260 [ 123.636582][ T7571] ? ns_capable+0xd7/0x110 [ 123.636609][ T7571] genl_rcv_msg+0x565/0x800 [ 123.636631][ T7571] ? __pfx_genl_rcv_msg+0x10/0x10 [ 123.636649][ T7571] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 123.636673][ T7571] ? __pfx_nl80211_trigger_scan+0x10/0x10 [ 123.636690][ T7571] ? __pfx_nl80211_post_doit+0x10/0x10 [ 123.636717][ T7571] netlink_rcv_skb+0x16b/0x440 [ 123.636734][ T7571] ? __pfx_genl_rcv_msg+0x10/0x10 [ 123.636765][ T7571] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 123.636793][ T7571] ? down_read+0xc9/0x330 [ 123.636814][ T7571] ? __pfx_down_read+0x10/0x10 [ 123.636832][ T7571] ? netlink_deliver_tap+0x1ae/0xd30 [ 123.636854][ T7571] genl_rcv+0x28/0x40 [ 123.636870][ T7571] netlink_unicast+0x53c/0x7f0 [ 123.636889][ T7571] ? __pfx_netlink_unicast+0x10/0x10 [ 123.636912][ T7571] netlink_sendmsg+0x8b8/0xd70 [ 123.636933][ T7571] ? __pfx_netlink_sendmsg+0x10/0x10 [ 123.636959][ T7571] ____sys_sendmsg+0xaaf/0xc90 [ 123.636986][ T7571] ? copy_msghdr_from_user+0x10b/0x160 [ 123.637004][ T7571] ? __pfx_____sys_sendmsg+0x10/0x10 [ 123.637037][ T7571] ___sys_sendmsg+0x135/0x1e0 [ 123.637058][ T7571] ? __pfx____sys_sendmsg+0x10/0x10 [ 123.637086][ T7571] ? __pfx_lock_release+0x10/0x10 [ 123.637107][ T7571] ? trace_lock_acquire+0x14e/0x1f0 [ 123.637137][ T7571] ? __fget_files+0x206/0x3a0 [ 123.637158][ T7571] __sys_sendmsg+0x16e/0x220 [ 123.637176][ T7571] ? __pfx___sys_sendmsg+0x10/0x10 [ 123.637208][ T7571] do_syscall_64+0xcd/0x250 [ 123.637227][ T7571] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.637249][ T7571] RIP: 0033:0x7fecef58cde9 [ 123.637264][ T7571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.637279][ T7571] RSP: 002b:00007feced3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 123.637297][ T7571] RAX: ffffffffffffffda RBX: 00007fecef7a5fa0 RCX: 00007fecef58cde9 [ 123.637307][ T7571] RDX: 9590f6cc3ea35512 RSI: 0000400000000000 RDI: 0000000000000003 [ 123.637316][ T7571] RBP: 00007feced3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 123.637325][ T7571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 123.637334][ T7571] R13: 0000000000000000 R14: 00007fecef7a5fa0 R15: 00007ffd44c85b28 [ 123.637355][ T7571] [ 124.094052][ T39] audit: type=1400 audit(1739160507.513:399): avc: denied { create } for pid=7582 comm="syz.1.568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 124.222093][ T7590] netlink: 24 bytes leftover after parsing attributes in process `syz.1.571'. [ 124.311886][ T7594] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7594 comm=syz.1.571 [ 124.396999][ T7598] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 124.873772][ C0] vkms_vblank_simulate: vblank timer overrun [ 124.903718][ C0] vkms_vblank_simulate: vblank timer overrun [ 125.007002][ T7625] netlink: 24 bytes leftover after parsing attributes in process `syz.2.583'. [ 125.046859][ T7625] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7625 comm=syz.2.583 [ 125.283073][ C0] vkms_vblank_simulate: vblank timer overrun [ 125.364158][ T1232] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.489567][ C0] vkms_vblank_simulate: vblank timer overrun [ 125.926830][ T7648] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 125.956289][ T66] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 125.988638][ T66] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 126.004194][ T66] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 126.035603][ T66] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 126.051094][ T66] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 126.059330][ T66] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 126.137863][ C0] vkms_vblank_simulate: vblank timer overrun [ 126.299068][ T7640] Set syz1 is full, maxelem 65536 reached [ 126.367156][ T7658] netlink: 24 bytes leftover after parsing attributes in process `syz.1.593'. [ 126.433620][ T39] audit: type=1400 audit(1739160509.863:400): avc: denied { mount } for pid=7662 comm="syz.3.595" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 126.465751][ T1232] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.489412][ T39] audit: type=1400 audit(1739160509.923:401): avc: denied { mounton } for pid=7664 comm="syz.2.596" path="/154/file0" dev="tmpfs" ino=794 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 126.511204][ T7649] chnl_net:caif_netlink_parms(): no params data found [ 126.531821][ T7667] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7667 comm=syz.1.593 [ 126.536320][ T39] audit: type=1400 audit(1739160509.943:402): avc: denied { setattr } for pid=7664 comm="syz.2.596" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 [ 126.752254][ T1232] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.835423][ C0] vkms_vblank_simulate: vblank timer overrun [ 126.963520][ T1232] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.104229][ T7649] bridge0: port 1(bridge_slave_0) entered blocking state [ 127.109273][ T7649] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.156453][ T7649] bridge_slave_0: entered allmulticast mode [ 127.167105][ T7649] bridge_slave_0: entered promiscuous mode [ 127.270614][ T7649] bridge0: port 2(bridge_slave_1) entered blocking state [ 127.285644][ T7649] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.301746][ T7649] bridge_slave_1: entered allmulticast mode [ 127.306323][ T7649] bridge_slave_1: entered promiscuous mode [ 127.333947][ C0] vkms_vblank_simulate: vblank timer overrun [ 127.472203][ T7697] FAULT_INJECTION: forcing a failure. [ 127.472203][ T7697] name failslab, interval 1, probability 0, space 0, times 0 [ 127.495781][ T7697] CPU: 2 UID: 0 PID: 7697 Comm: syz.1.606 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 127.495811][ T7697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 127.495822][ T7697] Call Trace: [ 127.495828][ T7697] [ 127.495836][ T7697] dump_stack_lvl+0x16c/0x1f0 [ 127.495864][ T7697] should_fail_ex+0x50a/0x650 [ 127.495892][ T7697] should_failslab+0xc2/0x120 [ 127.495913][ T7697] __kmalloc_node_track_caller_noprof+0xcf/0x510 [ 127.495932][ T7697] ? trace_lock_acquire+0x14e/0x1f0 [ 127.495952][ T7697] ? security_netlbl_sid_to_secattr+0x1d8/0x4d0 [ 127.495975][ T7697] kstrdup+0x53/0x100 [ 127.495999][ T7697] security_netlbl_sid_to_secattr+0x1d8/0x4d0 [ 127.496018][ T7697] selinux_netlbl_sock_genattr+0x129/0x4f0 [ 127.496039][ T7697] selinux_netlbl_socket_post_create+0xb0/0x1b0 [ 127.496061][ T7697] selinux_socket_post_create+0x2fa/0x7f0 [ 127.496082][ T7697] ? __pfx_selinux_socket_post_create+0x10/0x10 [ 127.496101][ T7697] ? l2tp_ip6_open+0x48/0x60 [ 127.496117][ T7697] ? __pfx_l2tp_ip6_open+0x10/0x10 [ 127.496132][ T7697] ? inet6_create+0xb8a/0x1320 [ 127.496160][ T7697] security_socket_post_create+0x247/0x260 [ 127.496182][ T7697] __sock_create+0x738/0x8d0 [ 127.496205][ T7697] l2tp_tunnel_sock_create+0x4a2/0xaa0 [ 127.496226][ T7697] ? __pfx_l2tp_tunnel_sock_create+0x10/0x10 [ 127.496246][ T7697] ? find_held_lock+0x2d/0x110 [ 127.496273][ T7697] ? mark_held_locks+0x9f/0xe0 [ 127.496296][ T7697] ? __local_bh_enable_ip+0xa4/0x120 [ 127.496323][ T7697] l2tp_tunnel_register+0x495/0xbe0 [ 127.496348][ T7697] ? __pfx___debug_object_init+0x10/0x10 [ 127.496367][ T7697] ? sprintf+0xcd/0x110 [ 127.496383][ T7697] ? __pfx_l2tp_tunnel_register+0x10/0x10 [ 127.496409][ T7697] ? lockdep_init_map_type+0x16d/0x7d0 [ 127.496431][ T7697] ? lockdep_init_map_type+0x16d/0x7d0 [ 127.496455][ T7697] ? l2tp_tunnel_create+0x2c8/0x460 [ 127.496472][ T7697] ? l2tp_tunnel_create+0x37d/0x460 [ 127.496493][ T7697] l2tp_nl_cmd_tunnel_create+0x450/0x990 [ 127.496513][ T7697] ? __pfx_l2tp_nl_cmd_tunnel_create+0x10/0x10 [ 127.496539][ T7697] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 127.496562][ T7697] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 127.496589][ T7697] genl_family_rcv_msg_doit+0x202/0x2f0 [ 127.496612][ T7697] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 127.496641][ T7697] ? bpf_lsm_capable+0x9/0x10 [ 127.496661][ T7697] ? security_capable+0x7e/0x260 [ 127.496681][ T7697] ? ns_capable+0xd7/0x110 [ 127.496706][ T7697] genl_rcv_msg+0x565/0x800 [ 127.496732][ T7697] ? __pfx_genl_rcv_msg+0x10/0x10 [ 127.496763][ T7697] ? __pfx_l2tp_nl_cmd_tunnel_create+0x10/0x10 [ 127.496789][ T7697] netlink_rcv_skb+0x16b/0x440 [ 127.496807][ T7697] ? __pfx_genl_rcv_msg+0x10/0x10 [ 127.496827][ T7697] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 127.496855][ T7697] ? down_read+0xc9/0x330 [ 127.496873][ T7697] ? __pfx_down_read+0x10/0x10 [ 127.496891][ T7697] ? netlink_deliver_tap+0x1ae/0xd30 [ 127.496913][ T7697] genl_rcv+0x28/0x40 [ 127.496930][ T7697] netlink_unicast+0x53c/0x7f0 [ 127.496951][ T7697] ? __pfx_netlink_unicast+0x10/0x10 [ 127.496976][ T7697] netlink_sendmsg+0x8b8/0xd70 [ 127.496998][ T7697] ? __pfx_netlink_sendmsg+0x10/0x10 [ 127.497025][ T7697] ____sys_sendmsg+0xaaf/0xc90 [ 127.497048][ T7697] ? copy_msghdr_from_user+0x10b/0x160 [ 127.497068][ T7697] ? __pfx_____sys_sendmsg+0x10/0x10 [ 127.497101][ T7697] ___sys_sendmsg+0x135/0x1e0 [ 127.497120][ T7697] ? __pfx____sys_sendmsg+0x10/0x10 [ 127.497149][ T7697] ? __pfx_lock_release+0x10/0x10 [ 127.497167][ T7697] ? trace_lock_acquire+0x14e/0x1f0 [ 127.497193][ T7697] ? __fget_files+0x206/0x3a0 [ 127.497217][ T7697] __sys_sendmsg+0x16e/0x220 [ 127.497236][ T7697] ? __pfx___sys_sendmsg+0x10/0x10 [ 127.497274][ T7697] do_syscall_64+0xcd/0x250 [ 127.497295][ T7697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.497317][ T7697] RIP: 0033:0x7fecef58cde9 [ 127.497335][ T7697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.497351][ T7697] RSP: 002b:00007feced3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 127.497368][ T7697] RAX: ffffffffffffffda RBX: 00007fecef7a5fa0 RCX: 00007fecef58cde9 [ 127.497379][ T7697] RDX: 0000000000000000 RSI: 0000400000000180 RDI: 0000000000000003 [ 127.497388][ T7697] RBP: 00007feced3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 127.497398][ T7697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 127.497407][ T7697] R13: 0000000000000000 R14: 00007fecef7a5fa0 R15: 00007ffd44c85b28 [ 127.497430][ T7697] [ 127.730960][ T7699] netlink: 24 bytes leftover after parsing attributes in process `syz.3.607'. [ 127.742265][ T7649] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 127.862136][ T7704] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7704 comm=syz.3.607 [ 127.867612][ T7649] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 127.915316][ C0] vkms_vblank_simulate: vblank timer overrun [ 127.989996][ T1232] bridge_slave_1: left allmulticast mode [ 127.992390][ T1232] bridge_slave_1: left promiscuous mode [ 127.995036][ T1232] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.021578][ T1232] bridge_slave_0: left allmulticast mode [ 128.025512][ T1232] bridge_slave_0: left promiscuous mode [ 128.043935][ T1232] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.151252][ T66] Bluetooth: hci2: command tx timeout [ 128.973860][ C0] vkms_vblank_simulate: vblank timer overrun [ 128.998049][ T1232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 129.042440][ T1232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 129.055038][ T1232] bond0 (unregistering): Released all slaves [ 129.399335][ T7649] team0: Port device team_slave_0 added [ 129.480973][ T39] audit: type=1400 audit(1739160512.913:403): avc: denied { setopt } for pid=7716 comm="syz.2.613" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 129.522959][ T7649] team0: Port device team_slave_1 added [ 129.559963][ T7724] FAULT_INJECTION: forcing a failure. [ 129.559963][ T7724] name failslab, interval 1, probability 0, space 0, times 0 [ 129.578099][ T7724] CPU: 2 UID: 0 PID: 7724 Comm: syz.1.616 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 129.578121][ T7724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 129.578131][ T7724] Call Trace: [ 129.578135][ T7724] [ 129.578142][ T7724] dump_stack_lvl+0x16c/0x1f0 [ 129.578167][ T7724] should_fail_ex+0x50a/0x650 [ 129.578189][ T7724] ? fs_reclaim_acquire+0xae/0x150 [ 129.578213][ T7724] ? nl80211_trigger_scan+0x4f1/0x1fe0 [ 129.578231][ T7724] should_failslab+0xc2/0x120 [ 129.578248][ T7724] __kmalloc_noprof+0xcb/0x510 [ 129.578265][ T7724] ? ieee80211_get_num_supported_channels+0xa8/0x100 [ 129.578287][ T7724] nl80211_trigger_scan+0x4f1/0x1fe0 [ 129.578304][ T7724] ? nl80211_pre_doit+0x1b0/0xb10 [ 129.578329][ T7724] genl_family_rcv_msg_doit+0x202/0x2f0 [ 129.578350][ T7724] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 129.578373][ T7724] ? bpf_lsm_capable+0x9/0x10 [ 129.578392][ T7724] ? security_capable+0x7e/0x260 [ 129.578409][ T7724] ? ns_capable+0xd7/0x110 [ 129.578433][ T7724] genl_rcv_msg+0x565/0x800 [ 129.578453][ T7724] ? __pfx_genl_rcv_msg+0x10/0x10 [ 129.578472][ T7724] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 129.578493][ T7724] ? __pfx_nl80211_trigger_scan+0x10/0x10 [ 129.578507][ T7724] ? __pfx_nl80211_post_doit+0x10/0x10 [ 129.578532][ T7724] netlink_rcv_skb+0x16b/0x440 [ 129.578550][ T7724] ? __pfx_genl_rcv_msg+0x10/0x10 [ 129.578569][ T7724] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 129.578591][ T7724] ? down_read+0xc9/0x330 [ 129.578608][ T7724] ? __pfx_down_read+0x10/0x10 [ 129.578624][ T7724] ? netlink_deliver_tap+0x1ae/0xd30 [ 129.578642][ T7724] genl_rcv+0x28/0x40 [ 129.578657][ T7724] netlink_unicast+0x53c/0x7f0 [ 129.578674][ T7724] ? __pfx_netlink_unicast+0x10/0x10 [ 129.578694][ T7724] netlink_sendmsg+0x8b8/0xd70 [ 129.578713][ T7724] ? __pfx_netlink_sendmsg+0x10/0x10 [ 129.578737][ T7724] ____sys_sendmsg+0xaaf/0xc90 [ 129.578763][ T7724] ? copy_msghdr_from_user+0x10b/0x160 [ 129.578781][ T7724] ? __pfx_____sys_sendmsg+0x10/0x10 [ 129.578812][ T7724] ___sys_sendmsg+0x135/0x1e0 [ 129.578830][ T7724] ? __pfx____sys_sendmsg+0x10/0x10 [ 129.578855][ T7724] ? __pfx_lock_release+0x10/0x10 [ 129.578874][ T7724] ? trace_lock_acquire+0x14e/0x1f0 [ 129.578898][ T7724] ? __fget_files+0x206/0x3a0 [ 129.578922][ T7724] __sys_sendmsg+0x16e/0x220 [ 129.578938][ T7724] ? __pfx___sys_sendmsg+0x10/0x10 [ 129.578964][ T7724] do_syscall_64+0xcd/0x250 [ 129.578982][ T7724] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.579003][ T7724] RIP: 0033:0x7fecef58cde9 [ 129.579016][ T7724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.579028][ T7724] RSP: 002b:00007feced3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 129.579044][ T7724] RAX: ffffffffffffffda RBX: 00007fecef7a5fa0 RCX: 00007fecef58cde9 [ 129.579052][ T7724] RDX: 9590f6cc3ea35512 RSI: 0000400000000000 RDI: 0000000000000003 [ 129.579060][ T7724] RBP: 00007feced3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 129.579068][ T7724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 129.579076][ T7724] R13: 0000000000000000 R14: 00007fecef7a5fa0 R15: 00007ffd44c85b28 [ 129.579094][ T7724] [ 129.681270][ T7728] netlink: 16 bytes leftover after parsing attributes in process `syz.1.619'. [ 129.813899][ T7731] fuse: Bad value for 'fd' [ 129.891064][ T7734] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 129.985335][ T7649] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 130.010036][ T7649] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.044436][ T7649] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 130.149399][ T7649] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 130.152025][ T7649] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.169229][ T7649] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 130.176151][ T57] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 130.215997][ T66] Bluetooth: hci2: command tx timeout [ 130.303060][ T7649] hsr_slave_0: entered promiscuous mode [ 130.315499][ T7649] hsr_slave_1: entered promiscuous mode [ 130.319334][ T7649] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 130.330135][ T7649] Cannot create hsr debugfs directory [ 130.334419][ T57] usb 7-1: Using ep0 maxpacket: 8 [ 130.342409][ T57] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 130.347618][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 130.351785][ T57] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 130.385829][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 130.390739][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 130.402756][ T1232] hsr_slave_0: left promiscuous mode [ 130.431271][ T1232] hsr_slave_1: left promiscuous mode [ 130.435593][ T1232] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 130.444935][ T1232] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 130.454414][ T39] audit: type=1400 audit(1739160513.873:404): avc: denied { create } for pid=7739 comm="syz.3.622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 130.465624][ T57] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 130.470588][ T39] audit: type=1400 audit(1739160513.873:405): avc: denied { setopt } for pid=7739 comm="syz.3.622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 130.471382][ T1232] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 130.471409][ T1232] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 130.472818][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 130.472849][ T57] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 130.539101][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 130.546447][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 130.563426][ T57] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 130.566770][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 130.570880][ T57] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 130.608132][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 130.611725][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 130.633745][ T57] usb 7-1: string descriptor 0 read error: -22 [ 130.636952][ T57] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 130.643181][ T57] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 130.713797][ T57] adutux 7-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 130.761890][ T1232] veth1_macvtap: left promiscuous mode [ 130.764517][ T1232] veth0_macvtap: left promiscuous mode [ 130.780681][ T1232] veth1_vlan: left promiscuous mode [ 130.783514][ T1232] veth0_vlan: left promiscuous mode [ 130.893769][ T1325] usb 7-1: USB disconnect, device number 4 [ 131.204763][ T7737] adutux: No device or device unplugged -19 [ 132.305635][ T66] Bluetooth: hci2: command tx timeout [ 132.860182][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.865004][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.954825][ T1232] team0 (unregistering): Port device team_slave_1 removed [ 134.314264][ T1232] team0 (unregistering): Port device team_slave_0 removed [ 134.375749][ T66] Bluetooth: hci2: command tx timeout [ 137.009788][ T7766] netlink: 'syz.2.626': attribute type 3 has an invalid length. [ 137.013068][ T7766] netlink: 104 bytes leftover after parsing attributes in process `syz.2.626'. [ 137.262046][ T7778] fuse: Unknown parameter 'fd¯0x0000000000000004' [ 137.384438][ T7784] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_macvtap, syncid = 4, id = 0 [ 137.405953][ T7772] IPVS: stopping master sync thread 7784 ... [ 137.529990][ T7789] FAULT_INJECTION: forcing a failure. [ 137.529990][ T7789] name failslab, interval 1, probability 0, space 0, times 0 [ 137.561926][ T7789] CPU: 0 UID: 0 PID: 7789 Comm: syz.2.632 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 137.561956][ T7789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 137.561967][ T7789] Call Trace: [ 137.561972][ T7789] [ 137.561979][ T7789] dump_stack_lvl+0x16c/0x1f0 [ 137.562009][ T7789] should_fail_ex+0x50a/0x650 [ 137.562038][ T7789] should_failslab+0xc2/0x120 [ 137.562059][ T7789] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 137.562079][ T7789] ? skb_clone+0x190/0x3f0 [ 137.562105][ T7789] skb_clone+0x190/0x3f0 [ 137.562126][ T7789] netlink_deliver_tap+0xabd/0xd30 [ 137.562151][ T7789] netlink_unicast+0x5e1/0x7f0 [ 137.562173][ T7789] ? __pfx_netlink_unicast+0x10/0x10 [ 137.562199][ T7789] netlink_sendmsg+0x8b8/0xd70 [ 137.562222][ T7789] ? __pfx_netlink_sendmsg+0x10/0x10 [ 137.562252][ T7789] ____sys_sendmsg+0xaaf/0xc90 [ 137.562277][ T7789] ? copy_msghdr_from_user+0x10b/0x160 [ 137.562298][ T7789] ? __pfx_____sys_sendmsg+0x10/0x10 [ 137.562336][ T7789] ___sys_sendmsg+0x135/0x1e0 [ 137.562357][ T7789] ? __pfx____sys_sendmsg+0x10/0x10 [ 137.562389][ T7789] ? __pfx_lock_release+0x10/0x10 [ 137.562412][ T7789] ? trace_lock_acquire+0x14e/0x1f0 [ 137.562441][ T7789] ? __fget_files+0x206/0x3a0 [ 137.562464][ T7789] __sys_sendmsg+0x16e/0x220 [ 137.562485][ T7789] ? __pfx___sys_sendmsg+0x10/0x10 [ 137.562520][ T7789] do_syscall_64+0xcd/0x250 [ 137.562540][ T7789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.562562][ T7789] RIP: 0033:0x7f810798cde9 [ 137.562577][ T7789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.562593][ T7789] RSP: 002b:00007f810871a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 137.562611][ T7789] RAX: ffffffffffffffda RBX: 00007f8107ba5fa0 RCX: 00007f810798cde9 [ 137.562623][ T7789] RDX: 0000000000000000 RSI: 0000400000000180 RDI: 0000000000000003 [ 137.562633][ T7789] RBP: 00007f810871a090 R08: 0000000000000000 R09: 0000000000000000 [ 137.562642][ T7789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 137.562652][ T7789] R13: 0000000000000000 R14: 00007f8107ba5fa0 R15: 00007ffc7295f2b8 [ 137.562675][ T7789] [ 138.136679][ T7772] syz.3.629 (7772): drop_caches: 2 [ 138.905355][ T7810] loop6: detected capacity change from 0 to 524287999 [ 139.453924][ T39] audit: type=1400 audit(1739160522.883:406): avc: denied { mount } for pid=7834 comm="syz.2.651" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 139.468529][ T7835] fuse: Bad value for 'fd' [ 139.473901][ T39] audit: type=1326 audit(1739160522.903:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7834 comm="syz.2.651" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f810798cde9 code=0x0 [ 139.506279][ T57] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 139.541125][ T7839] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 139.634484][ T7649] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 139.704596][ T7649] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 139.772239][ T57] usb 6-1: Using ep0 maxpacket: 8 [ 139.777559][ T57] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 139.782386][ T7649] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 139.797269][ T57] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 139.797320][ T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 139.797341][ T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 139.797372][ T57] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 139.797390][ T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.823461][ T57] hub 6-1:1.0: bad descriptor, ignoring hub [ 139.912716][ T57] hub 6-1:1.0: probe with driver hub failed with error -5 [ 139.917820][ T57] cdc_wdm 6-1:1.0: skipping garbage [ 139.920732][ T57] cdc_wdm 6-1:1.0: skipping garbage [ 139.927572][ T57] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 139.931614][ T57] cdc_wdm 6-1:1.0: Unknown control protocol [ 139.969674][ T7649] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 140.041112][ T57] usb 6-1: USB disconnect, device number 5 [ 140.141761][ C3] vkms_vblank_simulate: vblank timer overrun [ 140.159721][ T7649] 8021q: adding VLAN 0 to HW filter on device bond0 [ 140.177836][ T7649] 8021q: adding VLAN 0 to HW filter on device team0 [ 140.191155][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.197333][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 140.238813][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.243431][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 140.290648][ T7649] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 140.345726][ C3] vkms_vblank_simulate: vblank timer overrun [ 140.366383][ T7649] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 140.551169][ T39] audit: type=1400 audit(1739160523.983:408): avc: denied { unmount } for pid=5941 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 140.585314][ T39] audit: type=1400 audit(1739160524.003:409): avc: denied { unmount } for pid=5941 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 140.619862][ C3] vkms_vblank_simulate: vblank timer overrun [ 140.736670][ T7649] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 140.764788][ C3] vkms_vblank_simulate: vblank timer overrun [ 140.821136][ C3] vkms_vblank_simulate: vblank timer overrun [ 140.910522][ T7649] veth0_vlan: entered promiscuous mode [ 140.942805][ T7649] veth1_vlan: entered promiscuous mode [ 141.025956][ T7649] veth0_macvtap: entered promiscuous mode [ 141.034822][ T7649] veth1_macvtap: entered promiscuous mode [ 141.069226][ T7649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.076454][ T7649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.087449][ T7649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.099035][ T7649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.105944][ T7649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.111480][ T7649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.119310][ T7649] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 141.126440][ T7649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.132971][ T7649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.138761][ T7649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.143706][ T7649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.149962][ T7649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.156871][ T7649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.163610][ T7649] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 141.196233][ T7649] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.206360][ T7649] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.220117][ T7649] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.226412][ T7649] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.422744][ T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.434788][ T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 141.492445][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.495236][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 142.406650][ C3] vkms_vblank_simulate: vblank timer overrun [ 142.444943][ T7890] x_tables: duplicate underflow at hook 2 [ 142.613726][ C3] vkms_vblank_simulate: vblank timer overrun [ 142.837881][ C3] vkms_vblank_simulate: vblank timer overrun [ 142.981657][ C3] vkms_vblank_simulate: vblank timer overrun [ 143.317714][ C3] vkms_vblank_simulate: vblank timer overrun [ 143.433750][ C3] vkms_vblank_simulate: vblank timer overrun [ 143.462897][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.546811][ T39] audit: type=1400 audit(1739160526.983:410): avc: denied { execute } for pid=7926 comm="syz-executor" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 143.585752][ T39] audit: type=1400 audit(1739160526.983:411): avc: denied { execute_no_trans } for pid=7926 comm="syz-executor" path="/syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 143.937729][ T5950] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 143.946150][ T5950] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 143.957607][ T5950] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 143.985820][ T5950] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 143.996472][ T5950] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 143.999129][ T5950] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 144.027702][ T7907] Set syz1 is full, maxelem 65536 reached [ 144.281759][ C3] vkms_vblank_simulate: vblank timer overrun [ 144.391911][ T7942] FAULT_INJECTION: forcing a failure. [ 144.391911][ T7942] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 144.411970][ T7942] CPU: 2 UID: 0 PID: 7942 Comm: syz.3.673 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 144.411993][ T7942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 144.412002][ T7942] Call Trace: [ 144.412007][ T7942] [ 144.412013][ T7942] dump_stack_lvl+0x16c/0x1f0 [ 144.412039][ T7942] should_fail_ex+0x50a/0x650 [ 144.412067][ T7942] _copy_from_user+0x2e/0xd0 [ 144.412083][ T7942] move_addr_to_kernel+0x68/0x160 [ 144.412102][ T7942] __sys_sendto+0x1ba/0x4f0 [ 144.412120][ T7942] ? __pfx___sys_sendto+0x10/0x10 [ 144.412154][ T7942] ? ksys_write+0x1ba/0x250 [ 144.412179][ T7942] ? __pfx_ksys_write+0x10/0x10 [ 144.412203][ T7942] __x64_sys_sendto+0xe0/0x1c0 [ 144.412220][ T7942] ? do_syscall_64+0x91/0x250 [ 144.412236][ T7942] ? lockdep_hardirqs_on+0x7c/0x110 [ 144.412251][ T7942] do_syscall_64+0xcd/0x250 [ 144.412269][ T7942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.412291][ T7942] RIP: 0033:0x7f032d38cde9 [ 144.412304][ T7942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.412319][ T7942] RSP: 002b:00007f032e20b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 144.412334][ T7942] RAX: ffffffffffffffda RBX: 00007f032d5a5fa0 RCX: 00007f032d38cde9 [ 144.412343][ T7942] RDX: 0000000000000001 RSI: 0000400000000500 RDI: 0000000000000003 [ 144.412352][ T7942] RBP: 00007f032e20b090 R08: 0000400000000140 R09: 000000000000001c [ 144.412361][ T7942] R10: 0000000020048051 R11: 0000000000000246 R12: 0000000000000001 [ 144.412369][ T7942] R13: 0000000000000000 R14: 00007f032d5a5fa0 R15: 00007ffde96ffad8 [ 144.412389][ T7942] [ 144.483234][ T7931] chnl_net:caif_netlink_parms(): no params data found [ 144.519272][ C3] vkms_vblank_simulate: vblank timer overrun [ 144.634310][ C3] vkms_vblank_simulate: vblank timer overrun [ 144.664195][ C3] vkms_vblank_simulate: vblank timer overrun [ 144.713687][ C3] vkms_vblank_simulate: vblank timer overrun [ 144.931741][ C3] vkms_vblank_simulate: vblank timer overrun [ 145.021017][ T39] audit: type=1400 audit(1739160528.453:412): avc: denied { append } for pid=7959 comm="syz.3.678" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 145.145791][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.166586][ C3] vkms_vblank_simulate: vblank timer overrun [ 145.180531][ T7931] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.196474][ T7931] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.201178][ T7931] bridge_slave_0: entered allmulticast mode [ 145.210026][ T7931] bridge_slave_0: entered promiscuous mode [ 145.218041][ T7931] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.232777][ T7931] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.238943][ T7931] bridge_slave_1: entered allmulticast mode [ 145.243725][ T7931] bridge_slave_1: entered promiscuous mode [ 145.448336][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.507988][ T7931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 145.531530][ T7931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 145.561848][ T39] audit: type=1400 audit(1739160528.993:413): avc: denied { setopt } for pid=7974 comm="syz.3.684" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 145.698484][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.803597][ T7982] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 145.830623][ T7931] team0: Port device team_slave_0 added [ 146.009258][ C3] vkms_vblank_simulate: vblank timer overrun [ 146.019712][ T7931] team0: Port device team_slave_1 added [ 146.126706][ T7992] netlink: 'syz.2.692': attribute type 30 has an invalid length. [ 146.132215][ T7990] FAULT_INJECTION: forcing a failure. [ 146.132215][ T7990] name failslab, interval 1, probability 0, space 0, times 0 [ 146.170171][ T66] Bluetooth: hci2: command tx timeout [ 146.173806][ T7990] CPU: 0 UID: 0 PID: 7990 Comm: syz.1.691 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 146.173841][ T7990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 146.173851][ T7990] Call Trace: [ 146.173856][ T7990] [ 146.173864][ T7990] dump_stack_lvl+0x16c/0x1f0 [ 146.173891][ T7990] should_fail_ex+0x50a/0x650 [ 146.173915][ T7990] ? fs_reclaim_acquire+0xae/0x150 [ 146.173940][ T7990] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 146.173962][ T7990] should_failslab+0xc2/0x120 [ 146.173980][ T7990] __kmalloc_noprof+0xcb/0x510 [ 146.174001][ T7990] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 146.174027][ T7990] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 146.174048][ T7990] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 146.174075][ T7990] ? bpf_lsm_capable+0x9/0x10 [ 146.174094][ T7990] ? security_capable+0x7e/0x260 [ 146.174113][ T7990] ? ns_capable+0xd7/0x110 [ 146.174138][ T7990] genl_rcv_msg+0x565/0x800 [ 146.174160][ T7990] ? __pfx_genl_rcv_msg+0x10/0x10 [ 146.174181][ T7990] ? __pfx_l2tp_nl_cmd_tunnel_create+0x10/0x10 [ 146.174210][ T7990] netlink_rcv_skb+0x16b/0x440 [ 146.174228][ T7990] ? __pfx_genl_rcv_msg+0x10/0x10 [ 146.174247][ T7990] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 146.174273][ T7990] ? down_read+0xc9/0x330 [ 146.174290][ T7990] ? __pfx_down_read+0x10/0x10 [ 146.174306][ T7990] ? netlink_deliver_tap+0x1ae/0xd30 [ 146.174326][ T7990] genl_rcv+0x28/0x40 [ 146.174342][ T7990] netlink_unicast+0x53c/0x7f0 [ 146.174360][ T7990] ? __pfx_netlink_unicast+0x10/0x10 [ 146.174383][ T7990] netlink_sendmsg+0x8b8/0xd70 [ 146.174404][ T7990] ? __pfx_netlink_sendmsg+0x10/0x10 [ 146.174428][ T7990] ____sys_sendmsg+0xaaf/0xc90 [ 146.174453][ T7990] ? copy_msghdr_from_user+0x10b/0x160 [ 146.174472][ T7990] ? __pfx_____sys_sendmsg+0x10/0x10 [ 146.174507][ T7990] ___sys_sendmsg+0x135/0x1e0 [ 146.174527][ T7990] ? __pfx____sys_sendmsg+0x10/0x10 [ 146.174556][ T7990] ? __pfx_lock_release+0x10/0x10 [ 146.174578][ T7990] ? trace_lock_acquire+0x14e/0x1f0 [ 146.174602][ T7990] ? __fget_files+0x206/0x3a0 [ 146.174625][ T7990] __sys_sendmsg+0x16e/0x220 [ 146.174645][ T7990] ? __pfx___sys_sendmsg+0x10/0x10 [ 146.174677][ T7990] do_syscall_64+0xcd/0x250 [ 146.174695][ T7990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.174714][ T7990] RIP: 0033:0x7fecef58cde9 [ 146.174729][ T7990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.174745][ T7990] RSP: 002b:00007feced3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 146.174762][ T7990] RAX: ffffffffffffffda RBX: 00007fecef7a5fa0 RCX: 00007fecef58cde9 [ 146.174772][ T7990] RDX: 0000000000000000 RSI: 0000400000000180 RDI: 0000000000000003 [ 146.174781][ T7990] RBP: 00007feced3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 146.174789][ T7990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 146.174797][ T7990] R13: 0000000000000000 R14: 00007fecef7a5fa0 R15: 00007ffd44c85b28 [ 146.174817][ T7990] [ 146.418770][ T7992] FAULT_INJECTION: forcing a failure. [ 146.418770][ T7992] name failslab, interval 1, probability 0, space 0, times 0 [ 146.426118][ T7992] CPU: 2 UID: 0 PID: 7992 Comm: syz.2.692 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 146.426143][ T7992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 146.426154][ T7992] Call Trace: [ 146.426159][ T7992] [ 146.426165][ T7992] dump_stack_lvl+0x16c/0x1f0 [ 146.426193][ T7992] should_fail_ex+0x50a/0x650 [ 146.426217][ T7992] ? fs_reclaim_acquire+0xae/0x150 [ 146.426244][ T7992] should_failslab+0xc2/0x120 [ 146.426263][ T7992] __kmalloc_node_noprof+0xd1/0x510 [ 146.426282][ T7992] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 146.426337][ T7992] __kvmalloc_node_noprof+0xad/0x1a0 [ 146.426360][ T7992] alloc_netdev_mqs+0xd57/0x15d0 [ 146.426388][ T7992] rtnl_create_link+0xc10/0xfa0 [ 146.426413][ T7992] rtnl_newlink+0x14c6/0x1d60 [ 146.426438][ T7992] ? __pfx_rtnl_newlink+0x10/0x10 [ 146.426463][ T7992] ? __pfx___lock_acquire+0x10/0x10 [ 146.426488][ T7992] ? cred_has_capability.isra.0+0x192/0x2f0 [ 146.426536][ T7992] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 146.426564][ T7992] ? find_held_lock+0x2d/0x110 [ 146.426591][ T7992] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 146.426611][ T7992] ? __pfx_lock_release+0x10/0x10 [ 146.426631][ T7992] ? trace_lock_acquire+0x14e/0x1f0 [ 146.426654][ T7992] ? __pfx_rtnl_newlink+0x10/0x10 [ 146.426673][ T7992] rtnetlink_rcv_msg+0x95b/0xea0 [ 146.426715][ T7992] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 146.426743][ T7992] netlink_rcv_skb+0x16b/0x440 [ 146.426761][ T7992] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 146.426781][ T7992] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 146.426811][ T7992] ? netlink_deliver_tap+0x1ae/0xd30 [ 146.426833][ T7992] netlink_unicast+0x53c/0x7f0 [ 146.426854][ T7992] ? __pfx_netlink_unicast+0x10/0x10 [ 146.426877][ T7992] netlink_sendmsg+0x8b8/0xd70 [ 146.426898][ T7992] ? __pfx_netlink_sendmsg+0x10/0x10 [ 146.426928][ T7992] ____sys_sendmsg+0xaaf/0xc90 [ 146.426952][ T7992] ? copy_msghdr_from_user+0x10b/0x160 [ 146.426972][ T7992] ? __pfx_____sys_sendmsg+0x10/0x10 [ 146.427005][ T7992] ___sys_sendmsg+0x135/0x1e0 [ 146.427026][ T7992] ? __pfx____sys_sendmsg+0x10/0x10 [ 146.427054][ T7992] ? __pfx_lock_release+0x10/0x10 [ 146.427075][ T7992] ? trace_lock_acquire+0x14e/0x1f0 [ 146.427100][ T7992] ? __fget_files+0x206/0x3a0 [ 146.427123][ T7992] __sys_sendmsg+0x16e/0x220 [ 146.427142][ T7992] ? __pfx___sys_sendmsg+0x10/0x10 [ 146.427177][ T7992] do_syscall_64+0xcd/0x250 [ 146.427199][ T7992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.427222][ T7992] RIP: 0033:0x7f810798cde9 [ 146.427236][ T7992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.427252][ T7992] RSP: 002b:00007f810871a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 146.427270][ T7992] RAX: ffffffffffffffda RBX: 00007f8107ba5fa0 RCX: 00007f810798cde9 [ 146.427281][ T7992] RDX: 0000000004008840 RSI: 0000400000000000 RDI: 0000000000000003 [ 146.427291][ T7992] RBP: 00007f810871a090 R08: 0000000000000000 R09: 0000000000000000 [ 146.427300][ T7992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 146.427310][ T7992] R13: 0000000000000000 R14: 00007f8107ba5fa0 R15: 00007ffc7295f2b8 [ 146.427333][ T7992] [ 146.464834][ C3] vkms_vblank_simulate: vblank timer overrun [ 146.516015][ T7931] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 146.517949][ C3] vkms_vblank_simulate: vblank timer overrun [ 146.519901][ T7931] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 146.565896][ C3] vkms_vblank_simulate: vblank timer overrun [ 146.572683][ T7931] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 146.741714][ T7931] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 146.751207][ T7931] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 146.764299][ T7931] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 146.793226][ T11] bridge_slave_1: left allmulticast mode [ 146.797399][ T11] bridge_slave_1: left promiscuous mode [ 146.801945][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.833847][ T11] bridge_slave_0: left allmulticast mode [ 146.845961][ T11] bridge_slave_0: left promiscuous mode [ 146.854969][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 147.775295][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 147.793773][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 147.801728][ T11] bond0 (unregistering): Released all slaves [ 147.969662][ C3] vkms_vblank_simulate: vblank timer overrun [ 148.149654][ C3] vkms_vblank_simulate: vblank timer overrun [ 148.181410][ T7931] hsr_slave_0: entered promiscuous mode [ 148.189257][ T7931] hsr_slave_1: entered promiscuous mode [ 148.193275][ T7931] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 148.224627][ T66] Bluetooth: hci2: command tx timeout [ 148.224659][ T39] audit: type=1400 audit(1739160531.633:414): avc: granted { setsecparam } for pid=8020 comm="syz.2.702" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security [ 148.250558][ T8021] random: crng reseeded on system resumption [ 148.301033][ T7931] Cannot create hsr debugfs directory [ 148.761561][ T8037] FAULT_INJECTION: forcing a failure. [ 148.761561][ T8037] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 148.813933][ T8037] CPU: 0 UID: 0 PID: 8037 Comm: syz.3.706 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 148.813962][ T8037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 148.813974][ T8037] Call Trace: [ 148.813979][ T8037] [ 148.813986][ T8037] dump_stack_lvl+0x16c/0x1f0 [ 148.814014][ T8037] should_fail_ex+0x50a/0x650 [ 148.814046][ T8037] _copy_from_iter+0x2a1/0x1560 [ 148.814077][ T8037] ? trace_lock_acquire+0x14e/0x1f0 [ 148.814099][ T8037] ? __alloc_skb+0x1fe/0x380 [ 148.814122][ T8037] ? __pfx__copy_from_iter+0x10/0x10 [ 148.814147][ T8037] ? __virt_addr_valid+0x1a4/0x590 [ 148.814173][ T8037] ? __virt_addr_valid+0x5e/0x590 [ 148.814191][ T8037] ? __phys_addr_symbol+0x30/0x80 [ 148.814208][ T8037] ? __check_object_size+0x488/0x710 [ 148.814235][ T8037] netlink_sendmsg+0x813/0xd70 [ 148.814262][ T8037] ? __pfx_netlink_sendmsg+0x10/0x10 [ 148.814292][ T8037] ____sys_sendmsg+0xaaf/0xc90 [ 148.814320][ T8037] ? copy_msghdr_from_user+0x10b/0x160 [ 148.814343][ T8037] ? __pfx_____sys_sendmsg+0x10/0x10 [ 148.814368][ T8037] ? __lock_acquire+0xcc5/0x3c40 [ 148.814395][ T8037] ? hlock_class+0x4e/0x130 [ 148.814414][ T8037] ? __lock_acquire+0x15a9/0x3c40 [ 148.814444][ T8037] ___sys_sendmsg+0x135/0x1e0 [ 148.814468][ T8037] ? __pfx____sys_sendmsg+0x10/0x10 [ 148.814488][ T8037] ? __pfx___lock_acquire+0x10/0x10 [ 148.814541][ T8037] ? __pfx___might_resched+0x10/0x10 [ 148.814569][ T8037] ? __might_fault+0xe3/0x190 [ 148.814596][ T8037] __sys_sendmmsg+0x201/0x420 [ 148.814622][ T8037] ? __pfx___sys_sendmmsg+0x10/0x10 [ 148.814652][ T8037] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 148.814682][ T8037] ? fput+0x67/0x440 [ 148.814702][ T8037] ? ksys_write+0x1ba/0x250 [ 148.814724][ T8037] ? __pfx_ksys_write+0x10/0x10 [ 148.814749][ T8037] __x64_sys_sendmmsg+0x9c/0x100 [ 148.814768][ T8037] ? lockdep_hardirqs_on+0x7c/0x110 [ 148.814784][ T8037] do_syscall_64+0xcd/0x250 [ 148.814803][ T8037] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.814826][ T8037] RIP: 0033:0x7f032d38cde9 [ 148.814840][ T8037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.814855][ T8037] RSP: 002b:00007f032e20b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 148.814874][ T8037] RAX: ffffffffffffffda RBX: 00007f032d5a5fa0 RCX: 00007f032d38cde9 [ 148.814885][ T8037] RDX: 040000000000009f RSI: 00004000000002c0 RDI: 0000000000000005 [ 148.814896][ T8037] RBP: 00007f032e20b090 R08: 0000000000000000 R09: 0000000000000000 [ 148.814905][ T8037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 148.814915][ T8037] R13: 0000000000000000 R14: 00007f032d5a5fa0 R15: 00007ffde96ffad8 [ 148.814937][ T8037] [ 148.965621][ C3] vkms_vblank_simulate: vblank timer overrun [ 149.011414][ C3] vkms_vblank_simulate: vblank timer overrun [ 149.158504][ T8021] ieee802154 phy0 wpan0: encryption failed: -22 [ 149.281594][ C3] vkms_vblank_simulate: vblank timer overrun [ 149.399045][ T8044] kvm: kvm [8042]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x8000000000000003 [ 149.442035][ T8047] random: crng reseeded on system resumption [ 149.458900][ T39] audit: type=1400 audit(1739160532.873:415): avc: denied { write } for pid=8042 comm="syz.1.708" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 149.481325][ C3] vkms_vblank_simulate: vblank timer overrun [ 149.602108][ T11] hsr_slave_0: left promiscuous mode [ 149.605043][ T11] hsr_slave_1: left promiscuous mode [ 149.620970][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 149.624757][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 149.655597][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 149.660123][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 149.821623][ T11] veth1_macvtap: left promiscuous mode [ 149.837858][ T11] veth0_macvtap: left promiscuous mode [ 149.840117][ T11] veth1_vlan: left promiscuous mode [ 149.842164][ T11] veth0_vlan: left promiscuous mode [ 149.843977][ T39] audit: type=1400 audit(1739160533.273:416): avc: denied { shutdown } for pid=8050 comm="syz.3.710" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 150.306240][ T66] Bluetooth: hci2: command tx timeout [ 150.770773][ C3] vkms_vblank_simulate: vblank timer overrun [ 152.375647][ T66] Bluetooth: hci2: command tx timeout [ 152.670399][ C3] vkms_vblank_simulate: vblank timer overrun [ 152.978189][ T11] team0 (unregistering): Port device team_slave_1 removed [ 153.189865][ T11] team0 (unregistering): Port device team_slave_0 removed [ 153.730623][ C3] vkms_vblank_simulate: vblank timer overrun [ 155.174118][ C3] vkms_vblank_simulate: vblank timer overrun [ 155.205511][ C3] vkms_vblank_simulate: vblank timer overrun [ 155.855546][ C3] vkms_vblank_simulate: vblank timer overrun [ 155.905845][ T39] audit: type=1400 audit(1739160539.293:417): avc: denied { watch } for pid=8069 comm="syz.1.715" path="/" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 155.918453][ T39] audit: type=1400 audit(1739160539.293:418): avc: denied { watch_sb watch_reads } for pid=8069 comm="syz.1.715" path="/" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 155.949376][ T39] audit: type=1400 audit(1739160539.303:419): avc: denied { watch_mount } for pid=8069 comm="syz.1.715" path="/" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 156.464463][ C3] vkms_vblank_simulate: vblank timer overrun [ 156.744892][ T8106] netlink: 8 bytes leftover after parsing attributes in process `syz.2.725'. [ 156.817181][ T7931] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 156.870368][ T7931] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 156.926165][ T7931] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 156.936541][ T7931] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 157.099459][ T7931] 8021q: adding VLAN 0 to HW filter on device bond0 [ 157.118579][ T7931] 8021q: adding VLAN 0 to HW filter on device team0 [ 157.152237][ T103] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.159652][ T103] bridge0: port 1(bridge_slave_0) entered forwarding state [ 157.169121][ T103] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.172104][ T103] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.572869][ T7931] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 157.646027][ T8147] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 157.713116][ T7931] veth0_vlan: entered promiscuous mode [ 157.719935][ T7931] veth1_vlan: entered promiscuous mode [ 157.746440][ T7931] veth0_macvtap: entered promiscuous mode [ 157.751831][ T7931] veth1_macvtap: entered promiscuous mode [ 157.764079][ T7931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.769764][ T7931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.773927][ T7931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.779754][ T7931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.780322][ C3] vkms_vblank_simulate: vblank timer overrun [ 157.786259][ T7931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.786281][ T7931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.787605][ T7931] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 157.803736][ T7931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 157.803764][ T7931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.803773][ T7931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 157.803784][ T7931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.803792][ T7931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 157.803802][ T7931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.804687][ T7931] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 157.820194][ T7931] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.834307][ C3] vkms_vblank_simulate: vblank timer overrun [ 157.898683][ T7931] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.903582][ T7931] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.915808][ T7931] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.187905][ T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.191485][ T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.222221][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.230586][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.333545][ C3] vkms_vblank_simulate: vblank timer overrun [ 158.718657][ T8174] FAULT_INJECTION: forcing a failure. [ 158.718657][ T8174] name failslab, interval 1, probability 0, space 0, times 0 [ 158.724217][ T8174] CPU: 3 UID: 0 PID: 8174 Comm: syz.3.740 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 158.724240][ T8174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 158.724249][ T8174] Call Trace: [ 158.724256][ T8174] [ 158.724266][ T8174] dump_stack_lvl+0x16c/0x1f0 [ 158.724292][ T8174] should_fail_ex+0x50a/0x650 [ 158.724316][ T8174] ? fs_reclaim_acquire+0xae/0x150 [ 158.724340][ T8174] ? sctp_association_new+0x97/0x2ab0 [ 158.724358][ T8174] should_failslab+0xc2/0x120 [ 158.724377][ T8174] __kmalloc_cache_noprof+0x68/0x410 [ 158.724406][ T8174] ? lock_acquire+0x2f/0xb0 [ 158.724427][ T8174] ? sctp_has_association+0x44/0x270 [ 158.724453][ T8174] sctp_association_new+0x97/0x2ab0 [ 158.724469][ T8174] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 158.724499][ T8174] sctp_connect_new_asoc+0x1b7/0x790 [ 158.724520][ T8174] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 158.724540][ T8174] ? selinux_sctp_bind_connect+0x112/0x2c0 [ 158.724563][ T8174] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 158.724583][ T8174] sctp_sendmsg+0x1610/0x1eb0 [ 158.724601][ T8174] ? avc_has_perm+0x11b/0x1c0 [ 158.724621][ T8174] ? __pfx_sctp_sendmsg+0x10/0x10 [ 158.724643][ T8174] ? __pfx_sock_has_perm+0x10/0x10 [ 158.724671][ T8174] ? __pfx_sctp_sendmsg+0x10/0x10 [ 158.724690][ T8174] inet_sendmsg+0x119/0x140 [ 158.724712][ T8174] __sys_sendto+0x42a/0x4f0 [ 158.724733][ T8174] ? __pfx___sys_sendto+0x10/0x10 [ 158.724767][ T8174] ? ksys_write+0x1ba/0x250 [ 158.724790][ T8174] ? __pfx_ksys_write+0x10/0x10 [ 158.724814][ T8174] __x64_sys_sendto+0xe0/0x1c0 [ 158.724830][ T8174] ? do_syscall_64+0x91/0x250 [ 158.724847][ T8174] ? lockdep_hardirqs_on+0x7c/0x110 [ 158.724862][ T8174] do_syscall_64+0xcd/0x250 [ 158.724879][ T8174] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.724900][ T8174] RIP: 0033:0x7f032d38cde9 [ 158.724913][ T8174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.724927][ T8174] RSP: 002b:00007f032e20b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 158.724942][ T8174] RAX: ffffffffffffffda RBX: 00007f032d5a5fa0 RCX: 00007f032d38cde9 [ 158.724952][ T8174] RDX: 0000000000000001 RSI: 0000400000000500 RDI: 0000000000000003 [ 158.724961][ T8174] RBP: 00007f032e20b090 R08: 0000400000000140 R09: 000000000000001c [ 158.724969][ T8174] R10: 0000000020048051 R11: 0000000000000246 R12: 0000000000000001 [ 158.724978][ T8174] R13: 0000000000000000 R14: 00007f032d5a5fa0 R15: 00007ffde96ffad8 [ 158.724998][ T8174] [ 159.002270][ C3] vkms_vblank_simulate: vblank timer overrun [ 159.165502][ C3] vkms_vblank_simulate: vblank timer overrun [ 159.558923][ T39] audit: type=1400 audit(1739160542.983:420): avc: denied { accept } for pid=8190 comm="syz.1.749" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 159.580868][ T8191] netlink: 8 bytes leftover after parsing attributes in process `syz.1.749'. [ 159.584684][ T8191] netlink: 16 bytes leftover after parsing attributes in process `syz.1.749'. [ 159.608476][ T8191] erspan0: entered promiscuous mode [ 159.613434][ T8191] macvlan2: entered promiscuous mode [ 159.618702][ T8191] macvlan2: entered allmulticast mode [ 159.637333][ T8191] erspan0: entered allmulticast mode [ 159.653760][ T8194] netlink: 'syz.1.749': attribute type 21 has an invalid length. [ 159.878793][ T8202] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 159.901525][ C3] vkms_vblank_simulate: vblank timer overrun [ 159.965507][ C3] vkms_vblank_simulate: vblank timer overrun [ 160.057489][ T39] audit: type=1400 audit(1739160543.483:421): avc: denied { setrlimit } for pid=8206 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1 [ 160.178214][ T8212] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=19 sclass=netlink_audit_socket pid=8212 comm=syz.2.754 [ 160.737542][ T8232] FAULT_INJECTION: forcing a failure. [ 160.737542][ T8232] name failslab, interval 1, probability 0, space 0, times 0 [ 160.746950][ T8232] CPU: 1 UID: 0 PID: 8232 Comm: syz.2.759 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 160.746975][ T8232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 160.746987][ T8232] Call Trace: [ 160.746993][ T8232] [ 160.747000][ T8232] dump_stack_lvl+0x16c/0x1f0 [ 160.747029][ T8232] should_fail_ex+0x50a/0x650 [ 160.747058][ T8232] ? fs_reclaim_acquire+0xae/0x150 [ 160.747087][ T8232] ? l2tp_tunnel_create+0x96/0x460 [ 160.747109][ T8232] should_failslab+0xc2/0x120 [ 160.747131][ T8232] __kmalloc_cache_noprof+0x68/0x410 [ 160.747158][ T8232] ? __nla_validate_parse+0x601/0x2880 [ 160.747183][ T8232] l2tp_tunnel_create+0x96/0x460 [ 160.747209][ T8232] l2tp_nl_cmd_tunnel_create+0x3b0/0x990 [ 160.747233][ T8232] ? __pfx_l2tp_nl_cmd_tunnel_create+0x10/0x10 [ 160.747263][ T8232] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 160.747291][ T8232] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 160.747324][ T8232] genl_family_rcv_msg_doit+0x202/0x2f0 [ 160.747352][ T8232] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 160.747387][ T8232] ? bpf_lsm_capable+0x9/0x10 [ 160.747409][ T8232] ? security_capable+0x7e/0x260 [ 160.747433][ T8232] ? ns_capable+0xd7/0x110 [ 160.747471][ T8232] genl_rcv_msg+0x565/0x800 [ 160.747501][ T8232] ? __pfx_genl_rcv_msg+0x10/0x10 [ 160.747527][ T8232] ? __pfx_l2tp_nl_cmd_tunnel_create+0x10/0x10 [ 160.747557][ T8232] netlink_rcv_skb+0x16b/0x440 [ 160.747579][ T8232] ? __pfx_genl_rcv_msg+0x10/0x10 [ 160.747605][ T8232] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 160.747639][ T8232] ? down_read+0xc9/0x330 [ 160.747661][ T8232] ? __pfx_down_read+0x10/0x10 [ 160.747684][ T8232] ? netlink_deliver_tap+0x1ae/0xd30 [ 160.747708][ T8232] genl_rcv+0x28/0x40 [ 160.747729][ T8232] netlink_unicast+0x53c/0x7f0 [ 160.747755][ T8232] ? __pfx_netlink_unicast+0x10/0x10 [ 160.747785][ T8232] netlink_sendmsg+0x8b8/0xd70 [ 160.747813][ T8232] ? __pfx_netlink_sendmsg+0x10/0x10 [ 160.747846][ T8232] ____sys_sendmsg+0xaaf/0xc90 [ 160.747875][ T8232] ? copy_msghdr_from_user+0x10b/0x160 [ 160.747900][ T8232] ? __pfx_____sys_sendmsg+0x10/0x10 [ 160.747943][ T8232] ___sys_sendmsg+0x135/0x1e0 [ 160.747969][ T8232] ? __pfx____sys_sendmsg+0x10/0x10 [ 160.748005][ T8232] ? __pfx_lock_release+0x10/0x10 [ 160.748031][ T8232] ? trace_lock_acquire+0x14e/0x1f0 [ 160.748063][ T8232] ? __fget_files+0x206/0x3a0 [ 160.748090][ T8232] __sys_sendmsg+0x16e/0x220 [ 160.748115][ T8232] ? __pfx___sys_sendmsg+0x10/0x10 [ 160.748159][ T8232] do_syscall_64+0xcd/0x250 [ 160.748182][ T8232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.748210][ T8232] RIP: 0033:0x7f810798cde9 [ 160.748227][ T8232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.748245][ T8232] RSP: 002b:00007f810871a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 160.748265][ T8232] RAX: ffffffffffffffda RBX: 00007f8107ba5fa0 RCX: 00007f810798cde9 [ 160.748277][ T8232] RDX: 0000000000000000 RSI: 0000400000000180 RDI: 0000000000000003 [ 160.748289][ T8232] RBP: 00007f810871a090 R08: 0000000000000000 R09: 0000000000000000 [ 160.748299][ T8232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 160.748310][ T8232] R13: 0000000000000000 R14: 00007f8107ba5fa0 R15: 00007ffc7295f2b8 [ 160.748336][ T8232] [ 161.043143][ T39] audit: type=1400 audit(1739160544.453:422): avc: denied { write } for pid=5333 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 161.079419][ T39] audit: type=1400 audit(1739160544.453:423): avc: denied { remove_name } for pid=5333 comm="syslogd" name="messages" dev="tmpfs" ino=8 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 161.087839][ T39] audit: type=1400 audit(1739160544.453:424): avc: denied { add_name } for pid=5333 comm="syslogd" name="messages.0" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 161.110521][ T76] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.315757][ T8235] netlink: 'syz.1.760': attribute type 30 has an invalid length. [ 161.339974][ T8235] FAULT_INJECTION: forcing a failure. [ 161.339974][ T8235] name failslab, interval 1, probability 0, space 0, times 0 [ 161.349658][ T8235] CPU: 3 UID: 0 PID: 8235 Comm: syz.1.760 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 161.349688][ T8235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 161.349698][ T8235] Call Trace: [ 161.349704][ T8235] [ 161.349711][ T8235] dump_stack_lvl+0x16c/0x1f0 [ 161.349739][ T8235] should_fail_ex+0x50a/0x650 [ 161.349766][ T8235] ? fs_reclaim_acquire+0xae/0x150 [ 161.349794][ T8235] ? alloc_netdev_mqs+0xf25/0x15d0 [ 161.349817][ T8235] should_failslab+0xc2/0x120 [ 161.349836][ T8235] __kmalloc_cache_noprof+0x68/0x410 [ 161.349862][ T8235] ? __asan_memset+0x23/0x50 [ 161.349887][ T8235] ? __xdp_rxq_info_reg+0x14e/0x2d0 [ 161.349910][ T8235] alloc_netdev_mqs+0xf25/0x15d0 [ 161.349935][ T8235] rtnl_create_link+0xc10/0xfa0 [ 161.349958][ T8235] rtnl_newlink+0x14c6/0x1d60 [ 161.349982][ T8235] ? __pfx_rtnl_newlink+0x10/0x10 [ 161.350009][ T8235] ? __pfx___lock_acquire+0x10/0x10 [ 161.350032][ T8235] ? cred_has_capability.isra.0+0x192/0x2f0 [ 161.350055][ T8235] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 161.350083][ T8235] ? find_held_lock+0x2d/0x110 [ 161.350106][ T8235] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 161.350127][ T8235] ? __pfx_lock_release+0x10/0x10 [ 161.350148][ T8235] ? trace_lock_acquire+0x14e/0x1f0 [ 161.350173][ T8235] ? __pfx_rtnl_newlink+0x10/0x10 [ 161.350194][ T8235] rtnetlink_rcv_msg+0x95b/0xea0 [ 161.350217][ T8235] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 161.350251][ T8235] netlink_rcv_skb+0x16b/0x440 [ 161.350272][ T8235] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 161.350295][ T8235] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 161.350331][ T8235] ? netlink_deliver_tap+0x1ae/0xd30 [ 161.350357][ T8235] netlink_unicast+0x53c/0x7f0 [ 161.350379][ T8235] ? __pfx_netlink_unicast+0x10/0x10 [ 161.350403][ T8235] netlink_sendmsg+0x8b8/0xd70 [ 161.350436][ T8235] ? __pfx_netlink_sendmsg+0x10/0x10 [ 161.350466][ T8235] ____sys_sendmsg+0xaaf/0xc90 [ 161.350494][ T8235] ? copy_msghdr_from_user+0x10b/0x160 [ 161.350517][ T8235] ? __pfx_____sys_sendmsg+0x10/0x10 [ 161.350554][ T8235] ___sys_sendmsg+0x135/0x1e0 [ 161.350573][ T8235] ? __pfx____sys_sendmsg+0x10/0x10 [ 161.350603][ T8235] ? __pfx_lock_release+0x10/0x10 [ 161.350625][ T8235] ? trace_lock_acquire+0x14e/0x1f0 [ 161.350650][ T8235] ? __fget_files+0x206/0x3a0 [ 161.350672][ T8235] __sys_sendmsg+0x16e/0x220 [ 161.350692][ T8235] ? __pfx___sys_sendmsg+0x10/0x10 [ 161.350731][ T8235] do_syscall_64+0xcd/0x250 [ 161.350750][ T8235] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.350770][ T8235] RIP: 0033:0x7fecef58cde9 [ 161.350786][ T8235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.350801][ T8235] RSP: 002b:00007feced3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 161.350819][ T8235] RAX: ffffffffffffffda RBX: 00007fecef7a5fa0 RCX: 00007fecef58cde9 [ 161.350831][ T8235] RDX: 0000000004008840 RSI: 0000400000000000 RDI: 0000000000000003 [ 161.350840][ T8235] RBP: 00007feced3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 161.350850][ T8235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 161.350859][ T8235] R13: 0000000000000000 R14: 00007fecef7a5fa0 R15: 00007ffd44c85b28 [ 161.350883][ T8235] [ 161.703430][ C3] vkms_vblank_simulate: vblank timer overrun [ 161.736034][ T5950] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 161.741937][ T5950] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 161.748042][ T5950] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 161.759949][ T5950] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 161.763696][ T5950] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 161.767194][ T5950] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 161.998874][ T8260] FAULT_INJECTION: forcing a failure. [ 161.998874][ T8260] name failslab, interval 1, probability 0, space 0, times 0 [ 162.012484][ T8260] CPU: 3 UID: 0 PID: 8260 Comm: syz.3.770 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 162.012514][ T8260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 162.012523][ T8260] Call Trace: [ 162.012528][ T8260] [ 162.012535][ T8260] dump_stack_lvl+0x16c/0x1f0 [ 162.012560][ T8260] should_fail_ex+0x50a/0x650 [ 162.012586][ T8260] should_failslab+0xc2/0x120 [ 162.012605][ T8260] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 162.012629][ T8260] ? skb_clone+0x190/0x3f0 [ 162.012653][ T8260] skb_clone+0x190/0x3f0 [ 162.012671][ T8260] netlink_deliver_tap+0xabd/0xd30 [ 162.012692][ T8260] netlink_unicast+0x5e1/0x7f0 [ 162.012712][ T8260] ? __pfx_netlink_unicast+0x10/0x10 [ 162.012735][ T8260] netlink_sendmsg+0x8b8/0xd70 [ 162.012755][ T8260] ? __pfx_netlink_sendmsg+0x10/0x10 [ 162.012780][ T8260] ____sys_sendmsg+0xaaf/0xc90 [ 162.012803][ T8260] ? copy_msghdr_from_user+0x10b/0x160 [ 162.012820][ T8260] ? __pfx_____sys_sendmsg+0x10/0x10 [ 162.012840][ T8260] ? __lock_acquire+0xcc5/0x3c40 [ 162.012864][ T8260] ? hlock_class+0x4e/0x130 [ 162.012878][ T8260] ? __lock_acquire+0x15a9/0x3c40 [ 162.012902][ T8260] ___sys_sendmsg+0x135/0x1e0 [ 162.012921][ T8260] ? __pfx____sys_sendmsg+0x10/0x10 [ 162.012937][ T8260] ? __pfx___lock_acquire+0x10/0x10 [ 162.012975][ T8260] ? __pfx___might_resched+0x10/0x10 [ 162.012999][ T8260] ? __might_fault+0xe3/0x190 [ 162.013020][ T8260] __sys_sendmmsg+0x201/0x420 [ 162.013037][ T8260] ? __pfx___sys_sendmmsg+0x10/0x10 [ 162.013060][ T8260] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 162.013085][ T8260] ? fput+0x67/0x440 [ 162.013102][ T8260] ? ksys_write+0x1ba/0x250 [ 162.013121][ T8260] ? __pfx_ksys_write+0x10/0x10 [ 162.013143][ T8260] __x64_sys_sendmmsg+0x9c/0x100 [ 162.013159][ T8260] ? lockdep_hardirqs_on+0x7c/0x110 [ 162.013172][ T8260] do_syscall_64+0xcd/0x250 [ 162.013559][ T8260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.013581][ T8260] RIP: 0033:0x7f032d38cde9 [ 162.013596][ T8260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.013610][ T8260] RSP: 002b:00007f032e20b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 162.013633][ T8260] RAX: ffffffffffffffda RBX: 00007f032d5a5fa0 RCX: 00007f032d38cde9 [ 162.013642][ T8260] RDX: 040000000000009f RSI: 00004000000002c0 RDI: 0000000000000005 [ 162.013650][ T8260] RBP: 00007f032e20b090 R08: 0000000000000000 R09: 0000000000000000 [ 162.013658][ T8260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 162.013665][ T8260] R13: 0000000000000000 R14: 00007f032d5a5fa0 R15: 00007ffde96ffad8 [ 162.013683][ T8260] [ 162.209702][ C3] vkms_vblank_simulate: vblank timer overrun [ 162.237040][ T8244] chnl_net:caif_netlink_parms(): no params data found [ 162.335565][ C3] vkms_vblank_simulate: vblank timer overrun [ 162.543355][ T8244] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.555879][ T8244] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.570030][ T8244] bridge_slave_0: entered allmulticast mode [ 162.574355][ T8244] bridge_slave_0: entered promiscuous mode [ 162.608370][ T8244] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.628801][ T8244] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.653913][ C3] vkms_vblank_simulate: vblank timer overrun [ 162.656933][ T8244] bridge_slave_1: entered allmulticast mode [ 162.660270][ T8244] bridge_slave_1: entered promiscuous mode [ 162.703058][ T8274] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 162.738319][ T8274] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 162.838867][ T8274] netlink: 'syz.1.774': attribute type 21 has an invalid length. [ 162.842454][ T8274] netlink: 128 bytes leftover after parsing attributes in process `syz.1.774'. [ 162.846800][ T8274] netlink: 'syz.1.774': attribute type 5 has an invalid length. [ 162.849952][ T8274] netlink: 'syz.1.774': attribute type 6 has an invalid length. [ 162.854665][ T8274] netlink: 3 bytes leftover after parsing attributes in process `syz.1.774'. [ 162.862892][ T8277] netlink: 'syz.1.774': attribute type 21 has an invalid length. [ 162.868702][ T8277] netlink: 128 bytes leftover after parsing attributes in process `syz.1.774'. [ 162.872974][ T8277] netlink: 'syz.1.774': attribute type 5 has an invalid length. [ 162.880317][ T8277] netlink: 'syz.1.774': attribute type 6 has an invalid length. [ 162.884172][ T8277] netlink: 3 bytes leftover after parsing attributes in process `syz.1.774'. [ 162.897252][ T8244] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 162.905739][ T6222] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 162.919543][ T8244] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 163.001728][ T8282] netlink: 8 bytes leftover after parsing attributes in process `syz.3.776'. [ 163.012471][ T8282] netlink: 24 bytes leftover after parsing attributes in process `syz.3.776'. [ 163.110223][ T8287] netlink: 24 bytes leftover after parsing attributes in process `syz.3.779'. [ 163.220254][ T8292] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8292 comm=syz.3.779 [ 163.419717][ T76] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.502762][ T8244] team0: Port device team_slave_0 added [ 163.530502][ T8244] team0: Port device team_slave_1 added [ 163.531211][ C3] vkms_vblank_simulate: vblank timer overrun [ 163.651274][ T8296] loop6: detected capacity change from 0 to 7 [ 163.672897][ T8296] Buffer I/O error on dev loop6, logical block 0, async page read [ 163.677992][ T8296] Buffer I/O error on dev loop6, logical block 0, async page read [ 163.700063][ T8296] Buffer I/O error on dev loop6, logical block 0, async page read [ 163.704839][ T8296] Buffer I/O error on dev loop6, logical block 0, async page read [ 163.710848][ T8296] Buffer I/O error on dev loop6, logical block 0, async page read [ 163.716683][ T8296] Buffer I/O error on dev loop6, logical block 0, async page read [ 163.721143][ T8296] Buffer I/O error on dev loop6, logical block 0, async page read [ 163.726931][ T8296] ldm_validate_partition_table(): Disk read failed. [ 163.731235][ T8296] Buffer I/O error on dev loop6, logical block 0, async page read [ 163.736742][ T8296] Buffer I/O error on dev loop6, logical block 0, async page read [ 163.749645][ T8296] Buffer I/O error on dev loop6, logical block 0, async page read [ 163.754457][ T8296] Dev loop6: unable to read RDB block 0 [ 163.759834][ T8296] loop6: unable to read partition table [ 163.762789][ T8296] loop6: partition table beyond EOD, truncated [ 163.793400][ T8296] loop_reread_partitions: partition scan of loop6 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨â·û [ 163.793400][ T8296] ) failed (rc=-5) [ 163.816036][ T76] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.829531][ T5950] Bluetooth: hci2: command tx timeout [ 163.893408][ T8304] netlink: 24 bytes leftover after parsing attributes in process `syz.2.784'. [ 163.929734][ T8244] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 163.932582][ T8244] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 163.981156][ T8244] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 163.998008][ T8308] netlink: 24 bytes leftover after parsing attributes in process `syz.1.785'. [ 164.047715][ T8304] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8304 comm=syz.2.784 [ 164.090358][ T76] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.116857][ T8244] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 164.120210][ T8244] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 164.127782][ T8312] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8312 comm=syz.1.785 [ 164.135546][ T8244] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 164.309487][ T8316] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 164.316645][ T8316] Error validating options; rc = [-22] [ 164.378284][ T8244] hsr_slave_0: entered promiscuous mode [ 164.385064][ T8244] hsr_slave_1: entered promiscuous mode [ 164.403576][ T8244] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 164.409303][ T8244] Cannot create hsr debugfs directory [ 165.461562][ T76] bridge_slave_1: left allmulticast mode [ 165.465232][ T76] bridge_slave_1: left promiscuous mode [ 165.489867][ T76] bridge0: port 2(bridge_slave_1) entered disabled state [ 165.590366][ T76] bridge_slave_0: left allmulticast mode [ 165.626261][ T76] bridge_slave_0: left promiscuous mode [ 165.637389][ T76] bridge0: port 1(bridge_slave_0) entered disabled state [ 165.905514][ T5950] Bluetooth: hci2: command tx timeout [ 166.164937][ C3] vkms_vblank_simulate: vblank timer overrun [ 166.262032][ T8330] Set syz1 is full, maxelem 65536 reached [ 166.353489][ C3] vkms_vblank_simulate: vblank timer overrun [ 166.674212][ C3] vkms_vblank_simulate: vblank timer overrun [ 166.798853][ T76] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 166.813406][ T76] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 166.824984][ T76] bond0 (unregistering): Released all slaves [ 167.045086][ C3] vkms_vblank_simulate: vblank timer overrun [ 167.178934][ C3] vkms_vblank_simulate: vblank timer overrun [ 167.445850][ C3] vkms_vblank_simulate: vblank timer overrun [ 167.503132][ C3] vkms_vblank_simulate: vblank timer overrun [ 167.541348][ C3] vkms_vblank_simulate: vblank timer overrun [ 167.975713][ T5950] Bluetooth: hci2: command tx timeout [ 169.845898][ C3] vkms_vblank_simulate: vblank timer overrun [ 169.933395][ C3] vkms_vblank_simulate: vblank timer overrun [ 169.998142][ C3] vkms_vblank_simulate: vblank timer overrun [ 170.070421][ T5950] Bluetooth: hci2: command tx timeout [ 170.214149][ C3] vkms_vblank_simulate: vblank timer overrun [ 170.428726][ C3] vkms_vblank_simulate: vblank timer overrun [ 170.799832][ C3] vkms_vblank_simulate: vblank timer overrun [ 170.885077][ C3] vkms_vblank_simulate: vblank timer overrun [ 171.080695][ C3] vkms_vblank_simulate: vblank timer overrun [ 171.313398][ C3] vkms_vblank_simulate: vblank timer overrun [ 171.349509][ C3] vkms_vblank_simulate: vblank timer overrun [ 171.393385][ C3] vkms_vblank_simulate: vblank timer overrun [ 172.173735][ C3] vkms_vblank_simulate: vblank timer overrun [ 172.419476][ T39] audit: type=1400 audit(1739160555.853:425): avc: denied { bind } for pid=8344 comm="syz.2.795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 172.986498][ T39] audit: type=1400 audit(1739160556.413:426): avc: denied { map } for pid=8355 comm="syz.3.801" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 173.182260][ C3] vkms_vblank_simulate: vblank timer overrun [ 173.287728][ T8373] netlink: 24 bytes leftover after parsing attributes in process `syz.3.806'. [ 173.381373][ C3] vkms_vblank_simulate: vblank timer overrun [ 173.399850][ T76] hsr_slave_0: left promiscuous mode [ 173.405114][ T76] hsr_slave_1: left promiscuous mode [ 173.409832][ T8382] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8382 comm=syz.3.806 [ 173.416221][ T76] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 173.418287][ T8382] FAULT_INJECTION: forcing a failure. [ 173.418287][ T8382] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 173.419588][ T76] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 173.435352][ T8382] CPU: 2 UID: 0 PID: 8382 Comm: syz.3.806 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 173.435377][ T8382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 173.435569][ T8382] Call Trace: [ 173.435576][ T8382] [ 173.435584][ T8382] dump_stack_lvl+0x16c/0x1f0 [ 173.435609][ T8382] should_fail_ex+0x50a/0x650 [ 173.435636][ T8382] _copy_from_iter+0x2a1/0x1560 [ 173.435661][ T8382] ? trace_lock_acquire+0x14e/0x1f0 [ 173.435680][ T8382] ? __alloc_skb+0x1fe/0x380 [ 173.435699][ T8382] ? __pfx__copy_from_iter+0x10/0x10 [ 173.435721][ T8382] ? __virt_addr_valid+0x1a4/0x590 [ 173.435741][ T8382] ? __virt_addr_valid+0x5e/0x590 [ 173.435756][ T8382] ? __phys_addr_symbol+0x30/0x80 [ 173.435771][ T8382] ? __check_object_size+0x488/0x710 [ 173.435795][ T8382] netlink_sendmsg+0x813/0xd70 [ 173.435819][ T8382] ? __pfx_netlink_sendmsg+0x10/0x10 [ 173.435844][ T8382] ____sys_sendmsg+0xaaf/0xc90 [ 173.435867][ T8382] ? copy_msghdr_from_user+0x10b/0x160 [ 173.435887][ T8382] ? __pfx_____sys_sendmsg+0x10/0x10 [ 173.435920][ T8382] ___sys_sendmsg+0x135/0x1e0 [ 173.435941][ T8382] ? __pfx____sys_sendmsg+0x10/0x10 [ 173.435967][ T76] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 173.435966][ T8382] ? __pfx_lock_release+0x10/0x10 [ 173.435984][ T8382] ? trace_lock_acquire+0x14e/0x1f0 [ 173.436004][ T8382] ? __fget_files+0x206/0x3a0 [ 173.436024][ T8382] __sys_sendmsg+0x16e/0x220 [ 173.436043][ T8382] ? __pfx___sys_sendmsg+0x10/0x10 [ 173.436074][ T8382] do_syscall_64+0xcd/0x250 [ 173.436093][ T8382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.436113][ T8382] RIP: 0033:0x7f032d38cde9 [ 173.436129][ T8382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.436603][ T8382] RSP: 002b:00007f032e1c9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 173.436763][ T8382] RAX: ffffffffffffffda RBX: 00007f032d5a6160 RCX: 00007f032d38cde9 [ 173.437132][ T8382] RDX: 0000000000004010 RSI: 0000400000000280 RDI: 0000000000000005 [ 173.437199][ T8382] RBP: 00007f032e1c9090 R08: 0000000000000000 R09: 0000000000000000 [ 173.437963][ T8382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 173.438104][ T8382] R13: 0000000000000000 R14: 00007f032d5a6160 R15: 00007ffde96ffad8 [ 173.438281][ T8382] [ 173.623539][ T76] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 173.632336][ C3] vkms_vblank_simulate: vblank timer overrun [ 173.725118][ T76] veth1_macvtap: left promiscuous mode [ 173.738698][ T76] veth0_macvtap: left promiscuous mode [ 173.743877][ T76] veth1_vlan: left promiscuous mode [ 173.751262][ T76] veth0_vlan: left promiscuous mode [ 173.788939][ C3] vkms_vblank_simulate: vblank timer overrun [ 175.217301][ C3] vkms_vblank_simulate: vblank timer overrun [ 175.258559][ C3] vkms_vblank_simulate: vblank timer overrun [ 175.800879][ C3] vkms_vblank_simulate: vblank timer overrun [ 176.179966][ C3] vkms_vblank_simulate: vblank timer overrun [ 176.245476][ C3] vkms_vblank_simulate: vblank timer overrun [ 176.745707][ C3] vkms_vblank_simulate: vblank timer overrun [ 176.780045][ C3] vkms_vblank_simulate: vblank timer overrun [ 176.946891][ T76] team0 (unregistering): Port device team_slave_1 removed [ 177.097347][ C3] vkms_vblank_simulate: vblank timer overrun [ 177.325544][ T76] team0 (unregistering): Port device team_slave_0 removed [ 177.844275][ C3] vkms_vblank_simulate: vblank timer overrun [ 178.095416][ C3] vkms_vblank_simulate: vblank timer overrun [ 178.597378][ C3] vkms_vblank_simulate: vblank timer overrun [ 178.830475][ C3] vkms_vblank_simulate: vblank timer overrun [ 179.641962][ C3] vkms_vblank_simulate: vblank timer overrun [ 179.965449][ C3] vkms_vblank_simulate: vblank timer overrun [ 180.331078][ T8389] netlink: 24 bytes leftover after parsing attributes in process `syz.3.807'. [ 180.334438][ T8244] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 180.431392][ T8389] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8389 comm=syz.3.807 [ 180.435923][ T8244] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 180.456818][ T8244] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 180.478656][ T8244] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 180.687844][ T8244] 8021q: adding VLAN 0 to HW filter on device bond0 [ 180.733278][ T8244] 8021q: adding VLAN 0 to HW filter on device team0 [ 180.753545][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 180.756907][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 180.786968][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state [ 180.790673][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 180.862788][ C3] vkms_vblank_simulate: vblank timer overrun [ 180.865932][ T8244] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 181.025611][ T5956] Bluetooth: hci3: command 0x0406 tx timeout [ 181.028649][ T5956] Bluetooth: hci0: command 0x0406 tx timeout [ 181.031248][ T5956] Bluetooth: hci1: command 0x0406 tx timeout [ 181.352174][ C3] vkms_vblank_simulate: vblank timer overrun [ 181.592193][ T8431] netlink: 8 bytes leftover after parsing attributes in process `syz.3.818'. [ 181.598169][ T8431] netlink: 'syz.3.818': attribute type 30 has an invalid length. [ 183.195368][ C3] vkms_vblank_simulate: vblank timer overrun [ 184.104016][ C3] vkms_vblank_simulate: vblank timer overrun [ 184.311413][ C3] vkms_vblank_simulate: vblank timer overrun [ 185.217827][ C3] vkms_vblank_simulate: vblank timer overrun [ 185.512047][ C3] vkms_vblank_simulate: vblank timer overrun [ 185.815203][ C3] vkms_vblank_simulate: vblank timer overrun [ 185.845855][ C3] vkms_vblank_simulate: vblank timer overrun [ 185.848142][ C3] hrtimer: interrupt took 55492533 ns [ 185.905746][ C3] vkms_vblank_simulate: vblank timer overrun [ 186.064012][ C3] vkms_vblank_simulate: vblank timer overrun [ 186.095242][ C3] vkms_vblank_simulate: vblank timer overrun [ 186.653903][ C3] vkms_vblank_simulate: vblank timer overrun [ 186.939035][ T8244] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 187.032024][ C3] vkms_vblank_simulate: vblank timer overrun [ 187.088928][ T8244] veth0_vlan: entered promiscuous mode [ 187.107177][ T8244] veth1_vlan: entered promiscuous mode [ 187.126426][ T8244] veth0_macvtap: entered promiscuous mode [ 187.131639][ T8244] veth1_macvtap: entered promiscuous mode [ 187.143368][ T8244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.164612][ T8244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.184916][ T8244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.189522][ T8244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.196795][ T8244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.201192][ T8244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.223896][ T8244] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 187.228807][ T8244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.232702][ T8244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.264302][ T8244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.276058][ T8244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.288127][ T8244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.292308][ T8244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.307389][ T8244] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 187.339745][ T8244] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.344662][ T8244] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.410203][ T8244] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.414996][ T8244] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.425403][ C3] vkms_vblank_simulate: vblank timer overrun [ 187.446893][ T8445] x_tables: duplicate underflow at hook 2 [ 187.632630][ T103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.654371][ T103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.724682][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.736765][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.977772][ T1465] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 188.126349][ T1465] usb 8-1: device descriptor read/64, error -71 [ 188.395574][ T1465] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 188.526261][ T1465] usb 8-1: device descriptor read/64, error -71 [ 188.636024][ T1465] usb usb8-port1: attempt power cycle [ 188.749691][ C3] vkms_vblank_simulate: vblank timer overrun [ 188.925268][ C3] vkms_vblank_simulate: vblank timer overrun [ 189.035654][ T1465] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 189.066441][ T1465] usb 8-1: device descriptor read/8, error -71 [ 189.329656][ T1465] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 189.346346][ T1465] usb 8-1: device descriptor read/8, error -71 [ 189.467063][ T1465] usb usb8-port1: unable to enumerate USB device [ 190.329403][ C3] vkms_vblank_simulate: vblank timer overrun [ 190.377370][ C3] vkms_vblank_simulate: vblank timer overrun [ 190.478804][ C3] vkms_vblank_simulate: vblank timer overrun [ 190.594418][ C3] vkms_vblank_simulate: vblank timer overrun [ 190.796823][ C3] vkms_vblank_simulate: vblank timer overrun [ 190.889785][ C3] vkms_vblank_simulate: vblank timer overrun [ 192.177194][ C3] vkms_vblank_simulate: vblank timer overrun [ 192.549814][ C3] vkms_vblank_simulate: vblank timer overrun [ 193.489844][ T76] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.139818][ T8483] tmpfs: Unknown parameter 'usrquotaòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿ' [ 194.184075][ T76] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.320246][ T8487] FAULT_INJECTION: forcing a failure. [ 194.320246][ T8487] name failslab, interval 1, probability 0, space 0, times 0 [ 194.325919][ T8487] CPU: 1 UID: 0 PID: 8487 Comm: syz.3.839 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 194.325943][ T8487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 194.325954][ T8487] Call Trace: [ 194.325959][ T8487] [ 194.325967][ T8487] dump_stack_lvl+0x16c/0x1f0 [ 194.325995][ T8487] should_fail_ex+0x50a/0x650 [ 194.326020][ T8487] ? fs_reclaim_acquire+0xae/0x150 [ 194.326048][ T8487] should_failslab+0xc2/0x120 [ 194.326069][ T8487] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 194.326088][ T8487] ? sk_prot_alloc+0x60/0x2a0 [ 194.326118][ T8487] sk_prot_alloc+0x60/0x2a0 [ 194.326144][ T8487] sk_alloc+0x36/0xb90 [ 194.326171][ T8487] inet6_create+0x380/0x1320 [ 194.326200][ T8487] ? inet6_create+0x5d/0x1320 [ 194.326228][ T8487] __sock_create+0x335/0x8d0 [ 194.326250][ T8487] l2tp_tunnel_sock_create+0x4a2/0xaa0 [ 194.326274][ T8487] ? __pfx_l2tp_tunnel_sock_create+0x10/0x10 [ 194.326297][ T8487] ? find_held_lock+0x2d/0x110 [ 194.326327][ T8487] ? mark_held_locks+0x9f/0xe0 [ 194.326351][ T8487] ? __local_bh_enable_ip+0xa4/0x120 [ 194.326382][ T8487] l2tp_tunnel_register+0x495/0xbe0 [ 194.326407][ T8487] ? __pfx___debug_object_init+0x10/0x10 [ 194.326426][ T8487] ? sprintf+0xcd/0x110 [ 194.326442][ T8487] ? __pfx_l2tp_tunnel_register+0x10/0x10 [ 194.326468][ T8487] ? lockdep_init_map_type+0x16d/0x7d0 [ 194.326494][ T8487] ? lockdep_init_map_type+0x16d/0x7d0 [ 194.326521][ T8487] ? l2tp_tunnel_create+0x2c8/0x460 [ 194.326540][ T8487] ? l2tp_tunnel_create+0x37d/0x460 [ 194.326563][ T8487] l2tp_nl_cmd_tunnel_create+0x450/0x990 [ 194.326586][ T8487] ? __pfx_l2tp_nl_cmd_tunnel_create+0x10/0x10 [ 194.326613][ T8487] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 194.326638][ T8487] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 194.326665][ T8487] genl_family_rcv_msg_doit+0x202/0x2f0 [ 194.326692][ T8487] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 194.326722][ T8487] ? bpf_lsm_capable+0x9/0x10 [ 194.326743][ T8487] ? security_capable+0x7e/0x260 [ 194.326763][ T8487] ? ns_capable+0xd7/0x110 [ 194.326788][ T8487] genl_rcv_msg+0x565/0x800 [ 194.326813][ T8487] ? __pfx_genl_rcv_msg+0x10/0x10 [ 194.326836][ T8487] ? __pfx_l2tp_nl_cmd_tunnel_create+0x10/0x10 [ 194.326864][ T8487] netlink_rcv_skb+0x16b/0x440 [ 194.326883][ T8487] ? __pfx_genl_rcv_msg+0x10/0x10 [ 194.326907][ T8487] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 194.326937][ T8487] ? down_read+0xc9/0x330 [ 194.326956][ T8487] ? __pfx_down_read+0x10/0x10 [ 194.326976][ T8487] ? netlink_deliver_tap+0x1ae/0xd30 [ 194.326999][ T8487] genl_rcv+0x28/0x40 [ 194.327017][ T8487] netlink_unicast+0x53c/0x7f0 [ 194.327039][ T8487] ? __pfx_netlink_unicast+0x10/0x10 [ 194.327064][ T8487] netlink_sendmsg+0x8b8/0xd70 [ 194.327088][ T8487] ? __pfx_netlink_sendmsg+0x10/0x10 [ 194.327116][ T8487] ____sys_sendmsg+0xaaf/0xc90 [ 194.327141][ T8487] ? copy_msghdr_from_user+0x10b/0x160 [ 194.327166][ T8487] ? __pfx_____sys_sendmsg+0x10/0x10 [ 194.327198][ T8487] ___sys_sendmsg+0x135/0x1e0 [ 194.327217][ T8487] ? __pfx____sys_sendmsg+0x10/0x10 [ 194.327242][ T8487] ? __pfx_lock_release+0x10/0x10 [ 194.327261][ T8487] ? trace_lock_acquire+0x14e/0x1f0 [ 194.327285][ T8487] ? __fget_files+0x206/0x3a0 [ 194.327308][ T8487] __sys_sendmsg+0x16e/0x220 [ 194.327328][ T8487] ? __pfx___sys_sendmsg+0x10/0x10 [ 194.327366][ T8487] do_syscall_64+0xcd/0x250 [ 194.327386][ T8487] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.327409][ T8487] RIP: 0033:0x7f032d38cde9 [ 194.327423][ T8487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 194.327437][ T8487] RSP: 002b:00007f032e20b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 194.327454][ T8487] RAX: ffffffffffffffda RBX: 00007f032d5a5fa0 RCX: 00007f032d38cde9 [ 194.327464][ T8487] RDX: 0000000000000000 RSI: 0000400000000180 RDI: 0000000000000003 [ 194.327473][ T8487] RBP: 00007f032e20b090 R08: 0000000000000000 R09: 0000000000000000 [ 194.327482][ T8487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 194.327492][ T8487] R13: 0000000000000000 R14: 00007f032d5a5fa0 R15: 00007ffde96ffad8 [ 194.327514][ T8487] [ 194.335056][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.506468][ T5295] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 194.512127][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.539153][ T5295] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 194.542502][ T76] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.545228][ T5295] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 194.714536][ T5295] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 194.765230][ T5295] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 194.826442][ T5295] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 196.136299][ T5950] Bluetooth: hci0: command 0x0406 tx timeout [ 196.570296][ C3] vkms_vblank_simulate: vblank timer overrun [ 196.593800][ C3] vkms_vblank_simulate: vblank timer overrun [ 196.936020][ T5950] Bluetooth: hci2: command tx timeout [ 197.351675][ C3] vkms_vblank_simulate: vblank timer overrun [ 197.419131][ C3] vkms_vblank_simulate: vblank timer overrun [ 198.249182][ C3] vkms_vblank_simulate: vblank timer overrun [ 199.046987][ T5950] Bluetooth: hci2: command tx timeout [ 199.545174][ C3] vkms_vblank_simulate: vblank timer overrun [ 200.271019][ T76] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.441710][ T8512] netlink: 'syz.1.846': attribute type 30 has an invalid length. [ 200.468470][ T39] audit: type=1400 audit(1739160583.893:427): avc: denied { create } for pid=8511 comm="syz.2.847" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 200.491110][ T8512] FAULT_INJECTION: forcing a failure. [ 200.491110][ T8512] name failslab, interval 1, probability 0, space 0, times 0 [ 200.503007][ T8512] CPU: 1 UID: 0 PID: 8512 Comm: syz.1.846 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 200.503044][ T8512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 200.503080][ T8512] Call Trace: [ 200.503085][ T8512] [ 200.503091][ T8512] dump_stack_lvl+0x16c/0x1f0 [ 200.503118][ T8512] should_fail_ex+0x50a/0x650 [ 200.503144][ T8512] ? fs_reclaim_acquire+0xae/0x150 [ 200.503169][ T8512] ? register_netdevice+0x504/0x1eb0 [ 200.505082][ T8512] should_failslab+0xc2/0x120 [ 200.505105][ T8512] __kmalloc_cache_noprof+0x68/0x410 [ 200.505137][ T8512] register_netdevice+0x504/0x1eb0 [ 200.505159][ T8512] ? trace_lock_acquire+0x14e/0x1f0 [ 200.505177][ T8512] ? __asan_memset+0x23/0x50 [ 200.505201][ T8512] ? __pfx_register_netdevice+0x10/0x10 [ 200.505221][ T8512] ? __asan_memcpy+0x3c/0x60 [ 200.505243][ T8512] ? vxlan_config_apply+0x652/0x7e0 [ 200.505270][ T8512] __vxlan_dev_create+0x7c6/0xa30 [ 200.505297][ T8512] ? __pfx___vxlan_dev_create+0x10/0x10 [ 200.505324][ T8512] ? rcu_is_watching+0x12/0xc0 [ 200.505346][ T8512] vxlan_newlink+0xd1/0x130 [ 200.505370][ T8512] ? __pfx_vxlan_newlink+0x10/0x10 [ 200.505416][ T8512] ? rtnl_create_link+0xa51/0xfa0 [ 200.505436][ T8512] ? __pfx_vxlan_newlink+0x10/0x10 [ 200.505460][ T8512] rtnl_newlink+0xb95/0x1d60 [ 200.505484][ T8512] ? __pfx_rtnl_newlink+0x10/0x10 [ 200.505507][ T8512] ? __pfx___lock_acquire+0x10/0x10 [ 200.505528][ T8512] ? cred_has_capability.isra.0+0x192/0x2f0 [ 200.505552][ T8512] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 200.505578][ T8512] ? find_held_lock+0x2d/0x110 [ 200.505597][ T8512] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 200.505615][ T8512] ? __pfx_lock_release+0x10/0x10 [ 200.505635][ T8512] ? trace_lock_acquire+0x14e/0x1f0 [ 200.505656][ T8512] ? __pfx_rtnl_newlink+0x10/0x10 [ 200.505675][ T8512] rtnetlink_rcv_msg+0x95b/0xea0 [ 200.505696][ T8512] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 200.505727][ T8512] netlink_rcv_skb+0x16b/0x440 [ 200.505746][ T8512] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 200.505766][ T8512] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 200.505794][ T8512] ? netlink_deliver_tap+0x1ae/0xd30 [ 200.505815][ T8512] netlink_unicast+0x53c/0x7f0 [ 200.505835][ T8512] ? __pfx_netlink_unicast+0x10/0x10 [ 200.505860][ T8512] netlink_sendmsg+0x8b8/0xd70 [ 200.505881][ T8512] ? __pfx_netlink_sendmsg+0x10/0x10 [ 200.505908][ T8512] ____sys_sendmsg+0xaaf/0xc90 [ 200.505933][ T8512] ? copy_msghdr_from_user+0x10b/0x160 [ 200.505952][ T8512] ? __pfx_____sys_sendmsg+0x10/0x10 [ 200.505987][ T8512] ___sys_sendmsg+0x135/0x1e0 [ 200.506008][ T8512] ? __pfx____sys_sendmsg+0x10/0x10 [ 200.506043][ T8512] ? __pfx_lock_release+0x10/0x10 [ 200.506064][ T8512] ? trace_lock_acquire+0x14e/0x1f0 [ 200.506089][ T8512] ? __fget_files+0x206/0x3a0 [ 200.506110][ T8512] __sys_sendmsg+0x16e/0x220 [ 200.506130][ T8512] ? __pfx___sys_sendmsg+0x10/0x10 [ 200.506164][ T8512] do_syscall_64+0xcd/0x250 [ 200.506185][ T8512] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.506207][ T8512] RIP: 0033:0x7fecef58cde9 [ 200.506223][ T8512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 200.506239][ T8512] RSP: 002b:00007feced3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 200.506255][ T8512] RAX: ffffffffffffffda RBX: 00007fecef7a5fa0 RCX: 00007fecef58cde9 [ 200.506265][ T8512] RDX: 0000000004008840 RSI: 0000400000000000 RDI: 0000000000000003 [ 200.506274][ T8512] RBP: 00007feced3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 200.506283][ T8512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 200.506293][ T8512] R13: 0000000000000000 R14: 00007fecef7a5fa0 R15: 00007ffd44c85b28 [ 200.506314][ T8512] [ 200.891140][ T8516] FAULT_INJECTION: forcing a failure. [ 200.891140][ T8516] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 200.910006][ C3] vkms_vblank_simulate: vblank timer overrun [ 200.959659][ T8516] CPU: 1 UID: 0 PID: 8516 Comm: syz.3.848 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 200.959687][ T8516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 200.959696][ T8516] Call Trace: [ 200.959702][ T8516] [ 200.959709][ T8516] dump_stack_lvl+0x16c/0x1f0 [ 200.959732][ T8516] should_fail_ex+0x50a/0x650 [ 200.959756][ T8516] _copy_from_user+0x2e/0xd0 [ 200.959770][ T8516] copy_msghdr_from_user+0x99/0x160 [ 200.959789][ T8516] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 200.959804][ T8516] ? __lock_acquire+0xcc5/0x3c40 [ 200.959827][ T8516] ? hlock_class+0x4e/0x130 [ 200.959840][ T8516] ? __lock_acquire+0x15a9/0x3c40 [ 200.959862][ T8516] ___sys_sendmsg+0xff/0x1e0 [ 200.959879][ T8516] ? __pfx____sys_sendmsg+0x10/0x10 [ 200.959895][ T8516] ? __pfx___lock_acquire+0x10/0x10 [ 200.959929][ T8516] ? __pfx___might_resched+0x10/0x10 [ 200.959952][ T8516] ? __might_fault+0xe3/0x190 [ 200.959973][ T8516] __sys_sendmmsg+0x201/0x420 [ 200.959994][ T8516] ? __pfx___sys_sendmmsg+0x10/0x10 [ 200.960025][ T8516] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 200.960048][ T8516] ? fput+0x67/0x440 [ 200.960063][ T8516] ? ksys_write+0x1ba/0x250 [ 200.960082][ T8516] ? __pfx_ksys_write+0x10/0x10 [ 200.960103][ T8516] __x64_sys_sendmmsg+0x9c/0x100 [ 200.960118][ T8516] ? lockdep_hardirqs_on+0x7c/0x110 [ 200.960132][ T8516] do_syscall_64+0xcd/0x250 [ 200.960147][ T8516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.960165][ T8516] RIP: 0033:0x7f032d38cde9 [ 200.960176][ T8516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 200.960189][ T8516] RSP: 002b:00007f032e20b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 200.960205][ T8516] RAX: ffffffffffffffda RBX: 00007f032d5a5fa0 RCX: 00007f032d38cde9 [ 200.960214][ T8516] RDX: 040000000000009f RSI: 00004000000002c0 RDI: 0000000000000005 [ 200.960222][ T8516] RBP: 00007f032e20b090 R08: 0000000000000000 R09: 0000000000000000 [ 200.960229][ T8516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 200.960236][ T8516] R13: 0000000000000000 R14: 00007f032d5a5fa0 R15: 00007ffde96ffad8 [ 200.960252][ T8516] [ 201.100216][ T5950] Bluetooth: hci2: command tx timeout [ 201.313546][ C3] vkms_vblank_simulate: vblank timer overrun [ 201.333639][ T76] bridge_slave_1: left allmulticast mode [ 201.352559][ T76] bridge_slave_1: left promiscuous mode [ 201.355048][ T76] bridge0: port 2(bridge_slave_1) entered disabled state [ 201.361404][ T76] bridge_slave_0: left allmulticast mode [ 201.363994][ T76] bridge_slave_0: left promiscuous mode [ 201.366584][ T76] bridge0: port 1(bridge_slave_0) entered disabled state [ 201.426010][ C3] vkms_vblank_simulate: vblank timer overrun [ 201.561640][ C3] vkms_vblank_simulate: vblank timer overrun [ 202.277121][ T76] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 202.288269][ T76] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 202.301557][ T76] bond0 (unregistering): Released all slaves [ 202.461169][ C3] vkms_vblank_simulate: vblank timer overrun [ 202.895144][ T8490] chnl_net:caif_netlink_parms(): no params data found [ 203.258455][ T5950] Bluetooth: hci2: command tx timeout [ 203.896337][ C3] vkms_vblank_simulate: vblank timer overrun [ 206.272832][ C3] vkms_vblank_simulate: vblank timer overrun [ 207.012545][ C3] vkms_vblank_simulate: vblank timer overrun [ 207.894147][ C3] vkms_vblank_simulate: vblank timer overrun [ 207.961150][ C3] vkms_vblank_simulate: vblank timer overrun [ 207.993045][ C3] vkms_vblank_simulate: vblank timer overrun [ 208.339605][ C3] vkms_vblank_simulate: vblank timer overrun [ 208.396665][ C3] vkms_vblank_simulate: vblank timer overrun [ 208.611092][ C3] vkms_vblank_simulate: vblank timer overrun [ 209.157397][ T8580] netlink: 'syz.3.863': attribute type 2 has an invalid length. [ 209.162674][ T8580] netlink: 'syz.3.863': attribute type 1 has an invalid length. [ 209.172356][ T8580] netlink: 'syz.3.863': attribute type 1 has an invalid length. [ 209.212170][ T8580] netlink: 12 bytes leftover after parsing attributes in process `syz.3.863'. [ 209.348763][ T76] hsr_slave_0: left promiscuous mode [ 209.353933][ T76] hsr_slave_1: left promiscuous mode [ 209.359476][ T76] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 209.363452][ T76] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 209.397214][ T76] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 209.401355][ T76] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 209.480246][ T76] veth1_macvtap: left promiscuous mode [ 209.484341][ T76] veth0_macvtap: left promiscuous mode [ 209.490427][ T8584] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=8584 comm=syz.3.863 [ 209.499365][ T76] veth1_vlan: left promiscuous mode [ 209.504533][ T76] veth0_vlan: left promiscuous mode [ 210.443068][ C3] vkms_vblank_simulate: vblank timer overrun [ 210.993751][ C3] vkms_vblank_simulate: vblank timer overrun [ 211.684327][ C3] vkms_vblank_simulate: vblank timer overrun [ 211.799068][ C3] vkms_vblank_simulate: vblank timer overrun [ 211.847470][ C3] vkms_vblank_simulate: vblank timer overrun [ 212.060571][ C3] vkms_vblank_simulate: vblank timer overrun [ 212.477778][ T76] team0 (unregistering): Port device team_slave_1 removed [ 212.755210][ T76] team0 (unregistering): Port device team_slave_0 removed [ 213.005027][ C3] vkms_vblank_simulate: vblank timer overrun [ 213.573112][ C3] vkms_vblank_simulate: vblank timer overrun [ 213.895371][ C3] vkms_vblank_simulate: vblank timer overrun [ 214.139149][ C3] vkms_vblank_simulate: vblank timer overrun [ 214.845673][ C3] vkms_vblank_simulate: vblank timer overrun [ 214.913753][ T8490] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.925303][ T8490] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.930487][ T8490] bridge_slave_0: entered allmulticast mode [ 214.934663][ T8490] bridge_slave_0: entered promiscuous mode [ 214.949693][ T8490] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.952875][ T8490] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.959540][ T8490] bridge_slave_1: entered allmulticast mode [ 214.979472][ T8490] bridge_slave_1: entered promiscuous mode [ 215.109057][ C3] vkms_vblank_simulate: vblank timer overrun [ 215.223002][ T8589] SELinux: syz.1.865 (8589) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 215.375624][ C3] vkms_vblank_simulate: vblank timer overrun [ 215.522138][ T8584] team0 (unregistering): Port device team_slave_0 removed [ 215.537381][ T8584] team0 (unregistering): Port device team_slave_1 removed [ 215.632975][ C3] vkms_vblank_simulate: vblank timer overrun [ 215.769419][ T8599] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 215.774667][ T8490] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 215.790639][ T8490] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 215.933287][ C3] vkms_vblank_simulate: vblank timer overrun [ 215.966932][ C3] vkms_vblank_simulate: vblank timer overrun [ 216.013251][ T8490] team0: Port device team_slave_0 added [ 216.345077][ C3] vkms_vblank_simulate: vblank timer overrun [ 217.560295][ C3] vkms_vblank_simulate: vblank timer overrun [ 217.764472][ C3] vkms_vblank_simulate: vblank timer overrun [ 218.729061][ C3] vkms_vblank_simulate: vblank timer overrun [ 218.764983][ C3] vkms_vblank_simulate: vblank timer overrun [ 218.809002][ C3] vkms_vblank_simulate: vblank timer overrun [ 219.193086][ C3] vkms_vblank_simulate: vblank timer overrun [ 219.430265][ C3] vkms_vblank_simulate: vblank timer overrun [ 221.068938][ T8490] team0: Port device team_slave_1 added [ 221.280873][ C3] vkms_vblank_simulate: vblank timer overrun [ 221.465046][ C3] vkms_vblank_simulate: vblank timer overrun [ 221.471198][ T8490] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 221.474050][ T8490] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 221.509171][ T8490] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 221.613192][ T8490] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 221.618379][ T8490] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 221.634837][ T8490] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 221.647101][ T8638] FAULT_INJECTION: forcing a failure. [ 221.647101][ T8638] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 221.656235][ T8638] CPU: 0 UID: 0 PID: 8638 Comm: syz.2.876 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 221.656266][ T8638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 221.656277][ T8638] Call Trace: [ 221.656283][ T8638] [ 221.656289][ T8638] dump_stack_lvl+0x16c/0x1f0 [ 221.656318][ T8638] should_fail_ex+0x50a/0x650 [ 221.656348][ T8638] _copy_from_iter+0x2a1/0x1560 [ 221.656376][ T8638] ? trace_lock_acquire+0x14e/0x1f0 [ 221.656397][ T8638] ? __alloc_skb+0x1fe/0x380 [ 221.656420][ T8638] ? __pfx__copy_from_iter+0x10/0x10 [ 221.656444][ T8638] ? __virt_addr_valid+0x1a4/0x590 [ 221.656466][ T8638] ? __virt_addr_valid+0x5e/0x590 [ 221.656483][ T8638] ? __phys_addr_symbol+0x30/0x80 [ 221.656499][ T8638] ? __check_object_size+0x488/0x710 [ 221.656524][ T8638] netlink_sendmsg+0x813/0xd70 [ 221.656550][ T8638] ? __pfx_netlink_sendmsg+0x10/0x10 [ 221.656578][ T8638] ____sys_sendmsg+0xaaf/0xc90 [ 221.656605][ T8638] ? copy_msghdr_from_user+0x10b/0x160 [ 221.656627][ T8638] ? __pfx_____sys_sendmsg+0x10/0x10 [ 221.656682][ T8638] ___sys_sendmsg+0x135/0x1e0 [ 221.656706][ T8638] ? __pfx____sys_sendmsg+0x10/0x10 [ 221.656738][ T8638] ? __pfx_lock_release+0x10/0x10 [ 221.656761][ T8638] ? trace_lock_acquire+0x14e/0x1f0 [ 221.656788][ T8638] ? __fget_files+0x206/0x3a0 [ 221.656811][ T8638] __sys_sendmsg+0x16e/0x220 [ 221.656864][ T8638] ? __pfx___sys_sendmsg+0x10/0x10 [ 221.656902][ T8638] do_syscall_64+0xcd/0x250 [ 221.656924][ T8638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.656947][ T8638] RIP: 0033:0x7f810798cde9 [ 221.656962][ T8638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.656979][ T8638] RSP: 002b:00007f810871a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 221.656998][ T8638] RAX: ffffffffffffffda RBX: 00007f8107ba5fa0 RCX: 00007f810798cde9 [ 221.657009][ T8638] RDX: 0000000000044810 RSI: 0000400000001300 RDI: 0000000000000004 [ 221.657019][ T8638] RBP: 00007f810871a090 R08: 0000000000000000 R09: 0000000000000000 [ 221.657029][ T8638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 221.657039][ T8638] R13: 0000000000000000 R14: 00007f8107ba5fa0 R15: 00007ffc7295f2b8 [ 221.657062][ T8638] [ 221.702656][ T8642] netlink: 'syz.3.878': attribute type 30 has an invalid length. [ 221.755579][ T39] audit: type=1326 audit(1739160605.163:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8639 comm="syz.1.877" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fecef58cde9 code=0x0 [ 221.894049][ T8642] FAULT_INJECTION: forcing a failure. [ 221.894049][ T8642] name failslab, interval 1, probability 0, space 0, times 0 [ 221.898330][ T8642] CPU: 3 UID: 0 PID: 8642 Comm: syz.3.878 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 221.898350][ T8642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 221.898359][ T8642] Call Trace: [ 221.898366][ T8642] [ 221.898372][ T8642] dump_stack_lvl+0x16c/0x1f0 [ 221.898395][ T8642] should_fail_ex+0x50a/0x650 [ 221.898417][ T8642] ? fs_reclaim_acquire+0xae/0x150 [ 221.898438][ T8642] ? vxlan_vnigroup_init+0x47/0x160 [ 221.898453][ T8642] should_failslab+0xc2/0x120 [ 221.898468][ T8642] __kmalloc_cache_noprof+0x68/0x410 [ 221.898492][ T8642] vxlan_vnigroup_init+0x47/0x160 [ 221.898506][ T8642] vxlan_init+0x38a/0x460 [ 221.898522][ T8642] ? kasan_save_track+0x14/0x30 [ 221.898533][ T8642] ? __pfx_vxlan_init+0x10/0x10 [ 221.898548][ T8642] register_netdevice+0x672/0x1eb0 [ 221.898567][ T8642] ? trace_lock_acquire+0x14e/0x1f0 [ 221.898582][ T8642] ? __asan_memset+0x23/0x50 [ 221.898601][ T8642] ? __pfx_register_netdevice+0x10/0x10 [ 221.898617][ T8642] ? __asan_memcpy+0x3c/0x60 [ 221.898633][ T8642] ? vxlan_config_apply+0x652/0x7e0 [ 221.898650][ T8642] __vxlan_dev_create+0x7c6/0xa30 [ 221.898670][ T8642] ? __pfx___vxlan_dev_create+0x10/0x10 [ 221.898690][ T8642] ? rcu_is_watching+0x12/0xc0 [ 221.898707][ T8642] vxlan_newlink+0xd1/0x130 [ 221.898725][ T8642] ? __pfx_vxlan_newlink+0x10/0x10 [ 221.898750][ T8642] ? rtnl_create_link+0xa51/0xfa0 [ 221.898765][ T8642] ? __pfx_vxlan_newlink+0x10/0x10 [ 221.898784][ T8642] rtnl_newlink+0xb95/0x1d60 [ 221.898803][ T8642] ? __pfx_rtnl_newlink+0x10/0x10 [ 221.898821][ T8642] ? __pfx___lock_acquire+0x10/0x10 [ 221.898838][ T8642] ? cred_has_capability.isra.0+0x192/0x2f0 [ 221.898858][ T8642] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 221.898878][ T8642] ? find_held_lock+0x2d/0x110 [ 221.898893][ T8642] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 221.898907][ T8642] ? __pfx_lock_release+0x10/0x10 [ 221.898922][ T8642] ? trace_lock_acquire+0x14e/0x1f0 [ 221.898940][ T8642] ? __pfx_rtnl_newlink+0x10/0x10 [ 221.898955][ T8642] rtnetlink_rcv_msg+0x95b/0xea0 [ 221.898972][ T8642] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 221.898995][ T8642] netlink_rcv_skb+0x16b/0x440 [ 221.899010][ T8642] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 221.899026][ T8642] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 221.899050][ T8642] ? netlink_deliver_tap+0x1ae/0xd30 [ 221.899067][ T8642] netlink_unicast+0x53c/0x7f0 [ 221.899084][ T8642] ? __pfx_netlink_unicast+0x10/0x10 [ 221.899111][ T8642] netlink_sendmsg+0x8b8/0xd70 [ 221.899128][ T8642] ? __pfx_netlink_sendmsg+0x10/0x10 [ 221.899149][ T8642] ____sys_sendmsg+0xaaf/0xc90 [ 221.899169][ T8642] ? copy_msghdr_from_user+0x10b/0x160 [ 221.899185][ T8642] ? __pfx_____sys_sendmsg+0x10/0x10 [ 221.899211][ T8642] ___sys_sendmsg+0x135/0x1e0 [ 221.899228][ T8642] ? __pfx____sys_sendmsg+0x10/0x10 [ 221.899251][ T8642] ? __pfx_lock_release+0x10/0x10 [ 221.899266][ T8642] ? trace_lock_acquire+0x14e/0x1f0 [ 221.899286][ T8642] ? __fget_files+0x206/0x3a0 [ 221.899303][ T8642] __sys_sendmsg+0x16e/0x220 [ 221.899319][ T8642] ? __pfx___sys_sendmsg+0x10/0x10 [ 221.899369][ T8642] do_syscall_64+0xcd/0x250 [ 221.899388][ T8642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.899407][ T8642] RIP: 0033:0x7f032d38cde9 [ 221.899419][ T8642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.899431][ T8642] RSP: 002b:00007f032e20b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 221.899446][ T8642] RAX: ffffffffffffffda RBX: 00007f032d5a5fa0 RCX: 00007f032d38cde9 [ 221.899454][ T8642] RDX: 0000000004008840 RSI: 0000400000000000 RDI: 0000000000000003 [ 221.899462][ T8642] RBP: 00007f032e20b090 R08: 0000000000000000 R09: 0000000000000000 [ 221.899469][ T8642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 221.899476][ T8642] R13: 0000000000000000 R14: 00007f032d5a5fa0 R15: 00007ffde96ffad8 [ 221.899494][ T8642] [ 222.146129][ C3] vkms_vblank_simulate: vblank timer overrun [ 222.158063][ T8642] Oops: general protection fault, probably for non-canonical address 0xdffffc000000002c: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 222.175233][ T8642] KASAN: null-ptr-deref in range [0x0000000000000160-0x0000000000000167] [ 222.200442][ T8642] CPU: 2 UID: 0 PID: 8642 Comm: syz.3.878 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0 [ 222.204352][ T8642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 222.211441][ T8642] RIP: 0010:vxlan_vnigroup_uninit+0x89/0x500 [ 222.219234][ T8642] Code: 00 48 8b 44 24 08 4c 8b b0 98 41 00 00 49 8d 86 60 01 00 00 48 89 c2 48 89 44 24 10 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 4d 04 00 00 49 8b 86 60 01 00 00 48 ba 00 00 00 [ 222.237833][ T8642] RSP: 0018:ffffc90003e27218 EFLAGS: 00010202 [ 222.241323][ T8642] RAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffffff8672effb [ 222.245649][ T8642] RDX: 000000000000002c RSI: ffffffff8672ecb9 RDI: ffff888051c34f18 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 222.250785][ T8642] RBP: ffff888051c34ef4 R08: 0000000000000001 R09: 0000000000000000 [ 222.255977][ T8642] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000020000 [ 222.259198][ T8642] R13: ffff888051c30d80 R14: 0000000000000000 R15: dffffc0000000000 [ 222.262592][ T8642] FS: 00007f032e20b6c0(0000) GS:ffff88806a800000(0000) knlGS:0000000000000000 [ 222.282364][ T8642] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.285358][ T8642] CR2: 000055b9f66eaa28 CR3: 000000004f514000 CR4: 0000000000352ef0 [ 222.288416][ T8642] DR0: 0000000000000008 DR1: 00000000000000ff DR2: fffffffffffffffb [ 222.291246][ T8642] DR3: 3e00000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 222.294899][ T8642] Call Trace: [ 222.296498][ T8642] [ 222.297684][ T8642] ? die_addr+0x3b/0xa0 [ 222.300253][ T8642] ? exc_general_protection+0x155/0x230 [ 222.303474][ T8642] ? asm_exc_general_protection+0x26/0x30 [ 222.310129][ T8642] ? vxlan_vnigroup_uninit+0x37b/0x500 [ 222.312604][ T8642] ? vxlan_vnigroup_uninit+0x39/0x500 [ 222.314703][ T8642] ? vxlan_vnigroup_uninit+0x89/0x500 [ 222.316633][ T8642] ? vxlan_vnigroup_uninit+0x39/0x500 [ 222.322893][ T8642] ? notifier_call_chain+0x36c/0x410 [ 222.325500][ T8642] ? __pfx_ip6_route_dev_notify+0x10/0x10 [ 222.329627][ T8642] vxlan_uninit+0x1ab/0x200 [ 222.331581][ T8642] ? __pfx_vxlan_uninit+0x10/0x10 [ 222.334203][ T8642] unregister_netdevice_many_notify+0x12d6/0x1f30 [ 222.337261][ T8642] ? __local_bh_enable_ip+0xa4/0x120 [ 222.340068][ T8642] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 222.343735][ T8642] ? mutex_is_locked+0x17/0x60 [ 222.346192][ T8642] ? __dev_get_by_index+0x102/0x140 [ 222.348165][ T8642] rtnl_newlink+0x1459/0x1d60 [ 222.350980][ T8642] ? __pfx_rtnl_newlink+0x10/0x10 [ 222.353131][ T8642] ? __pfx___lock_acquire+0x10/0x10 [ 222.368364][ T8642] ? cred_has_capability.isra.0+0x192/0x2f0 [ 222.370669][ T8642] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 222.373278][ T8642] ? find_held_lock+0x2d/0x110 [ 222.375291][ T8642] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 222.377315][ T8642] ? __pfx_lock_release+0x10/0x10 [ 222.379470][ T8642] ? trace_lock_acquire+0x14e/0x1f0 [ 222.381580][ T8642] ? __pfx_rtnl_newlink+0x10/0x10 [ 222.383639][ T8642] rtnetlink_rcv_msg+0x95b/0xea0 [ 222.400528][ T8642] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 222.402978][ T8642] netlink_rcv_skb+0x16b/0x440 [ 222.405230][ T8642] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 222.408959][ T8642] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 222.413050][ T8642] ? netlink_deliver_tap+0x1ae/0xd30 [ 222.415467][ T8642] netlink_unicast+0x53c/0x7f0 [ 222.418164][ T8642] ? __pfx_netlink_unicast+0x10/0x10 [ 222.420489][ T8642] netlink_sendmsg+0x8b8/0xd70 [ 222.422462][ T8642] ? __pfx_netlink_sendmsg+0x10/0x10 [ 222.426336][ T8642] ____sys_sendmsg+0xaaf/0xc90 [ 222.428432][ T8642] ? copy_msghdr_from_user+0x10b/0x160 [ 222.431003][ T8642] ? __pfx_____sys_sendmsg+0x10/0x10 [ 222.433496][ T8642] ___sys_sendmsg+0x135/0x1e0 [ 222.458258][ T8642] ? __pfx____sys_sendmsg+0x10/0x10 [ 222.460885][ T8642] ? __pfx_lock_release+0x10/0x10 [ 222.463289][ T8642] ? trace_lock_acquire+0x14e/0x1f0 [ 222.465531][ T8642] ? __fget_files+0x206/0x3a0 [ 222.474597][ T8642] __sys_sendmsg+0x16e/0x220 [ 222.481130][ T8642] ? __pfx___sys_sendmsg+0x10/0x10 [ 222.483650][ T8642] do_syscall_64+0xcd/0x250 [ 222.492316][ T8642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.498622][ T8642] RIP: 0033:0x7f032d38cde9 [ 222.500281][ T8642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 222.561839][ T8642] RSP: 002b:00007f032e20b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 222.577429][ T8642] RAX: ffffffffffffffda RBX: 00007f032d5a5fa0 RCX: 00007f032d38cde9 [ 222.581076][ T8642] RDX: 0000000004008840 RSI: 0000400000000000 RDI: 0000000000000003 [ 222.597508][ T8642] RBP: 00007f032e20b090 R08: 0000000000000000 R09: 0000000000000000 [ 222.601265][ T8642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 222.604119][ T8642] R13: 0000000000000000 R14: 00007f032d5a5fa0 R15: 00007ffde96ffad8 [ 222.606660][ T8642] [ 222.607629][ T8642] Modules linked in: [ 222.609757][ T8642] ---[ end trace 0000000000000000 ]--- [ 222.618850][ T8642] RIP: 0010:vxlan_vnigroup_uninit+0x89/0x500 [ 222.621260][ T8642] Code: 00 48 8b 44 24 08 4c 8b b0 98 41 00 00 49 8d 86 60 01 00 00 48 89 c2 48 89 44 24 10 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 4d 04 00 00 49 8b 86 60 01 00 00 48 ba 00 00 00 [ 222.631313][ T8642] RSP: 0018:ffffc90003e27218 EFLAGS: 00010202 [ 222.634389][ T8642] RAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffffff8672effb [ 222.638774][ T8642] RDX: 000000000000002c RSI: ffffffff8672ecb9 RDI: ffff888051c34f18 [ 222.645849][ T8642] RBP: ffff888051c34ef4 R08: 0000000000000001 R09: 0000000000000000 [ 222.650075][ T8642] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000020000 [ 222.654078][ T8642] R13: ffff888051c30d80 R14: 0000000000000000 R15: dffffc0000000000 [ 222.657390][ T8642] FS: 00007f032e20b6c0(0000) GS:ffff88806a900000(0000) knlGS:0000000000000000 [ 222.661324][ T8642] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.664399][ T8642] CR2: 000000110c3d47d5 CR3: 000000004f514000 CR4: 0000000000352ef0 [ 222.668959][ T8642] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 222.672259][ T8642] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 222.675756][ T8642] Kernel panic - not syncing: Fatal exception [ 222.679073][ T8642] Kernel Offset: disabled [ 222.680970][ T8642] Rebooting in 86400 seconds.. VM DIAGNOSIS: 04:10:05 Registers: info registers vcpu 0 CPU#0 RAX=000000000008ec34 RBX=0000000000000000 RCX=ffffffff8b567469 RDX=ffffed100d4c6f86 RSI=ffffffff8bd34d80 RDI=ffffffff81907109 RBP=fffffbfff1bd2ee8 RSP=ffffffff8de07e20 R8 =0000000000000000 R9 =ffffed100d4c6f85 R10=ffff88806a637c2b R11=0000000000000000 R12=0000000000000000 R13=ffffffff8de97740 R14=ffffffff90623610 R15=0000000000000000 RIP=ffffffff8b56884f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f8108719f98 CR3=0000000031890000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000005000001 Opmask01=0000000000000000 Opmask02=0000000080000000 Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc1b24d2e0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c5f5f0045544156 4952505f4342494c ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000042494c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e6f63007325 203a726f72726520 64656e7275746572 2072657672657300 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40514b4a46005600 051f574a57574005 41404b5750514057 0557405357405600 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3030302030303030 3030203030302039 3635362e31323220 2036343230003030 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0020302030303030 3020203030302030 3630312e31323020 2030342030003000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 003a723a376f6e65 692a336f6e69323f 6c6f696f6c3d723a 377a632a3a377e6b ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a3a3a3a3a3a3a3a 3a3a3a3a3a3a2a30 524b58554d435845 2a3c3e383a3a3a3a ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000001 RBX=ffff88806a8468a0 RCX=ffffffff81adcf0a RDX=ffff888027a48000 RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000003 RSP=ffffc900065a7920 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000006 R12=ffffed100d508d15 R13=0000000000000001 R14=ffff88806a73fe80 R15=ffff88806a8468a8 RIP=ffffffff81b9cee8 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055b9f64aafb8 CR3=000000000df80000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffde96ffe60 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f032d40f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f032d40f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f032d40f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f032d40f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f032d40f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f032d40f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000050 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85403ed5 RDI=ffffffff9ab7b740 RBP=ffffffff9ab7b700 RSP=ffffc90003e26c10 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000004153414b R12=0000000000000000 R13=0000000000000074 R14=ffffffff9ab7b700 R15=0000000000000000 RIP=ffffffff85403eff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f032e20b6c0 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055b9f66eaa28 CR3=000000004f514000 CR4=00352ef0 DR0=0000000000000008 DR1=00000000000000ff DR2=fffffffffffffffb DR3=3e00000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000014 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 006e616c78760001 000a801200280080 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f032d40f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f032d40f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f032d40f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f032d40f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f032d40f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f032d40f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f032d57c488 00007f032d57c480 00007f032d57c478 00007f032d57c450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f032e0dd100 00007f032d57c440 00007f032d57c458 00040009000a0008 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f032d57c498 00007f032d57c490 00007f032d57c488 00007f032d57c480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000006db84 RBX=0000000000000003 RCX=ffffffff8b567469 RDX=ffffed100d526f86 RSI=ffffffff8bd34d80 RDI=ffffffff81907109 RBP=ffffed1003b55488 RSP=ffffc900001a7e08 R8 =0000000000000000 R9 =ffffed100d526f85 R10=ffff88806a937c2b R11=0000000000000000 R12=0000000000000003 R13=ffff88801daaa440 R14=ffffffff90623610 R15=0000000000000000 RIP=ffffffff8b56884f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00000000 FS =0000 0000000000000000 ffffffff 00000000 GS =0000 ffff88806a900000 ffffffff 00000000 LDT=0000 0000000000000000 ffffffff 00000000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c3d47d5 CR3=000000004c28e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd44c85eb0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecef60f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecef60f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecef60f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecef60f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecef60f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecef60f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000007 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000230 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000007 0000000000000000 0000000000000000 0000000000000230 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000